Skip to content

01. Installation and update

Jump to bottom
Ludo edited this page Dec 10, 2024 · 8 revisions

Requirements

  • docker (service must be up and running)
  • A fully qualified domain name (FQDN) and a valid SSL certificate for this FQDN if you want to access the web interface through a secure connection (https://)
  • A least a SPF record configured for your FQDN, to be able to send emails from motion-UI

Run the docker image

  1. You will have to pass the following environment variables to the container:
  • FQDN Fully Qualified Domain Name of the motion-UI server.
  1. Run the container with the env variables, the exposed port and some persistent volumes:
docker run -d --restart always --name motionui \
       -e FQDN=motionui.example.com \
       -p 8080:8080 \
       -v /etc/localtime:/etc/localtime:ro \
       -v /var/lib/docker/volumes/motionui-data:/var/lib/motionui \
       -v /var/lib/docker/volumes/motionui-captures:/var/lib/motion \
       lbr38/motionui:latest

Two persistent volumes will be created on the local host:

  • motionui-data (default path: /var/lib/docker/volumes/motionui-data/): contains database and log files
  • motionui-captures (default path: /var/lib/docker/volumes/motionui-captures/): contains event media files recorded by motion, this directory might grow large depending on your usage
  1. Check that the container is running:
docker ps

CONTAINER ID   IMAGE                   COMMAND            CREATED       STATUS          PORTS                    NAMES
18a274c32a8c   lbr38/motionui:latest   "/entrypoint.sh"   12 days ago   Up 11 minutes   0.0.0.0:8080->8080/tcp   motionui

Reverse proxy

Once the container is up and running, motion-UI will be accessible through a web browser on http://localhost:8080

It is recommended to configure a reverse proxy to access the web interface through a dedicated FQDN and port 443 (you will need to have a valid SSL certificate).

Here is an example of a nginx reverse proxy. Replace the following values:

  • <SERVER-IP>
  • <FQDN>
  • <PATH_TO_CERTIFICATE> (fullchain)
  • <PATH_TO_PRIVATE_KEY>
upstream motionui_docker {
    server 127.0.0.1:8080;
}

# Disable some logging
map $request_uri $loggable {
    /ajax/controller.php 0;
    default 1;
}

server {
    listen <SERVER-IP>:80;
    server_name <FQDN>;

    access_log /var/log/nginx/<FQDN>_access.log combined if=$loggable;
    error_log /var/log/nginx/<FQDN>_error.log;

    return 301 https://$server_name$request_uri;
}
 
server {
    listen <SERVER-IP>:443 ssl;
    server_name <FQDN>;

    # Path to SSL certificate/key files
    ssl_certificate <PATH_TO_CERTIFICATE>;
    ssl_certificate_key <PATH_TO_PRIVATE_KEY>;

    # Path to log files
    access_log /var/log/nginx/<FQDN>_ssl_access.log combined if=$loggable;
    error_log /var/log/nginx/<FQDN>_ssl_error.log;
 
    # Security headers
    add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;" always;
    add_header Referrer-Policy "no-referrer" always;
    add_header X-Content-Type-Options "nosniff" always;
    add_header X-Download-Options "noopen" always;
    add_header X-Frame-Options "SAMEORIGIN" always;
    add_header X-Permitted-Cross-Domain-Policies "none" always;
    add_header X-Robots-Tag "none" always;
    add_header X-XSS-Protection "1; mode=block" always;

    # Remove X-Powered-By, which is an information leak
    fastcgi_hide_header X-Powered-By;
 
    location / {
        proxy_http_version 1.1;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
        proxy_read_timeout 86400;
        proxy_pass http://motionui_docker;
    }
}

Restart nginx to apply.

Open your web browser and connect to https://<FQDN> using the default credentials to complete the installation:

  • Username: admin
  • Password: motionui

Update motion-UI

When a new version of motion-UI is released, you can update your installation by following these steps:

  1. Stop and delete the current container:
docker stop motionui
docker rm -f motionui
  1. Clean up:
docker system prune -a -f

3.Pull and run the latest image available (or specify a version). You will have to pass the following environment variables to the container:

  • FQDN Fully Qualified Domain Name of the motion-UI server.
docker run -d --restart always --name motionui \
       -e FQDN=motionui.example.com \
       -p 8080:8080 \
       -v /etc/localtime:/etc/localtime:ro \
       -v /var/lib/docker/volumes/motionui-data:/var/lib/motionui \
       -v /var/lib/docker/volumes/motionui-captures:/var/lib/motion \
       lbr38/motionui:latest
  1. Connect to https://<FQDN> through a web browser and clear your browser cache with Ctrl+F5.
Clone this wiki locally