Scrutiny is under active development again

TrueNAS General
, ,
1

For all who missed the memo in that longer thread - Scrutiny has been forked and this time this particular fork seems to have become the new “official” version. Features are added at a nice pace including (not exhaustive):

  • ZFS Pool Monitoring
  • Prometheus Metrics
  • S.M.A.R.T Attribute Overrides
  • Scheduled Reports (yay!)

The repo is here.

And this is my custom app YAML as I run it on my TrueNAS. I have switched from Dockge to Dockhand for custom apps, which seems to be the best of Dockge and Portainer combined and then some.

services:
  scrutiny:
    cap_add:
      - AUDIT_WRITE
      - CHOWN
      - DAC_OVERRIDE
      - FOWNER
      - FSETID
      - KILL
      - MKNOD
      - NET_BIND_SERVICE
      - NET_RAW
      - SETFCAP
      - SETGID
      - SETPCAP
      - SETUID
      - SYS_CHROOT
    cap_drop:
      - ALL
    deploy:
      resources:
        limits:
          cpus: "2"
          memory: 4096M
    environment:
      COLLECTOR_API_ENDPOINT: http://127.0.0.1:8080
      NVIDIA_VISIBLE_DEVICES: void
      SCRUTINY_WEB_DATABASE_LOCATION: /opt/scrutiny/config/scrutiny.db
      SCRUTINY_WEB_INFLUXDB_HOST: 127.0.0.1
      SCRUTINY_WEB_INFLUXDB_PORT: "8086"
      SCRUTINY_WEB_LISTEN_HOST: 0.0.0.0
      SCRUTINY_WEB_LISTEN_PORT: "8080"
      TZ: Europe/Berlin
      UMASK: "002"
      UMASK_SET: "002"
      COLLECTOR_ZFS_CRON_SCHEDULE: 0 0 * * *
      COLLECTOR_ZFS_RUN_STARTUP: "true"
    group_add:
      - 568
    healthcheck:
      interval: 30s
      retries: 5
      start_interval: 2s
      start_period: 15s
      test:
        - CMD
        - curl
        - --request
        - GET
        - --silent
        - --output
        - /dev/null
        - --show-error
        - --fail
        - http://127.0.0.1:8080/api/health
      timeout: 5s
    image: ghcr.io/starosdev/scrutiny:latest-omnibus
    platform: linux/amd64
    ports:
      - mode: ingress
        protocol: tcp
        published: 31054
        target: 8080
      - mode: ingress
        protocol: tcp
        published: 31055
        target: 8086
    privileged: true
    restart: unless-stopped
    security_opt:
      - no-new-privileges=true
    stdin_open: false
    tty: false
    user: 0:0
    volumes:
      - bind:
          create_host_path: false
          propagation: rprivate
        read_only: true
        source: /dev
        target: /dev
        type: bind
      - bind:
          create_host_path: false
          propagation: rprivate
        read_only: false
        source: /mnt/nvme/apps/scrutiny/config
        target: /opt/scrutiny/config
        type: bind
      - bind:
          create_host_path: false
          propagation: rprivate
        read_only: false
        source: /mnt/nvme/apps/scrutiny/influxdb
        target: /opt/scrutiny/influxdb
        type: bind
      - bind:
          create_host_path: false
          propagation: rprivate
        read_only: true
        source: /run/udev
        target: /run/udev
        type: bind

You need to adjust the volume paths to your pool and dataset layout, and probably your timezone.

Enjoy,
Patrick

6 Likes
We’re bringing some SMART options back
2

Does Dockhand keep the .yaml, .env, etc., in plain text files on your pool? That’s an important feature of Dockge for me.

3 
root@truenas:/mnt/nvme/apps/dockhand# ls -l stacks/Production/*
stacks/Production/dh-lldpd:
total 5
-rwxrwx--- 1 apps root 317 Feb 20 23:26 compose.yaml

stacks/Production/dh-scrutiny:
total 5
-rwxrwx--- 1 apps root 2429 Feb 20 23:26 compose.yaml

stacks/Production/dh-sws:
total 5
-rwxrwx--- 1 apps root 423 Feb 20 23:26 compose.yaml
1 Like
4

the zfs healthcheck is a nice addition