Text only | Text with Images

OPNsense Forum

English Forums => General Discussion => Topic started by: PaulePils on June 14, 2023, 06:19:16 PM

Title: Zenarmor and community repo (elasticsearch database)
Post by: PaulePils on June 14, 2023, 06:19:16 PM
Hello,

when I started using OPNsense I went through a lot of tutorials and videos for a basic setup which works quite well. Recently I started to think about IDS/IPS. Many sites recommend Suricata for WAN and Zenarmor for LAN. The WAN site is working (or at least there is no error  :) )
But Zenarmor says that I already have an elasticsearch database installed (which I haven't). I checked and found out that there is an incompability between the mimugmail-repo and a Zenarmor installation. The community repo is solely used for the Adguard plugin.

Is there a way to use both? Like change Adguard from plugin to "bare metal" installation?
Title: Re: Zenarmor and community repo (elasticsearch database)
Post by: mimugmail on June 14, 2023, 10:07:14 PM
You can lock the package and then disable the repo
Title: Re: Zenarmor and community repo (elasticsearch database)
Post by: cookiemonster on June 14, 2023, 10:27:43 PM
Also if your number of clients don't require elasticsearch, you can opt out of using it in Zenarmor and get Zenarmor to use sqlite.
Title: Re: Zenarmor and community repo (elasticsearch database)
Post by: PaulePils on June 14, 2023, 11:00:20 PM
Quote from: mimugmail on June 14, 2023, 10:07:14 PM
You can lock the package and then disable the repo
What does "locking" do? If I understand it correctly, I can't update Adguard anymore. Or is the plugin just for the first installation because updates are handled by the GUI?

Quote from: cookiemonster on June 14, 2023, 10:27:43 PM
Also if your number of clients don't require elasticsearch, you can opt out of using it in Zenarmor and get Zenarmor to use sqlite.
It is just for home usage (and out of curiosity  ::) ), so sqlite should suffice, buuut I read that the log is only persistent for 2 days. Is this correct?
Title: Re: Zenarmor and community repo (elasticsearch database)
Post by: cookiemonster on June 14, 2023, 11:06:02 PM

It is just for home usage (and out of curiosity  ::) ), so sqlite should suffice, buuut I read that the log is only persistent for 2 days. Is this correct?
[/quote]
I am using it at a home installation yes. I get the options of 1 hr, 1 day and 1 week with sqlite. Up to 50 devices.
I have limited storage and don't want to run an elasticsearch db on it for this.
Title: Re: Zenarmor and community repo (elasticsearch database)
Post by: PaulePils on June 15, 2023, 07:17:52 PM
One week should be fine for my use case. Thanks for the info  :)
Title: Re: Zenarmor and community repo (elasticsearch database)
Post by: Tismofied on August 20, 2023, 03:09:29 AM
Quote from: PaulePils on June 14, 2023, 11:00:20 PM
Quote from: mimugmail on June 14, 2023, 10:07:14 PM
You can lock the package and then disable the repo
QuoteWhat does "locking" do? If I understand it correctly, I can't update Adguard anymore. Or is the plugin just for the first installation because updates are handled by the GUI?


What did you end up doing? Did you lock the package? Are you able to update still?
I am in the same boat.
Title: Re: Zenarmor and community repo (elasticsearch database)
Post by: PaulePils on August 29, 2023, 10:59:51 PM
I just used sqlite which worked quite well.
But in the meantime a did a complete fresh install of opnsense to better fit my needs
Text only | Text with Images