# MALP - Monitor A Linux Platform
A lightweight Ruby CGI status page for home server monitoring.
## Install
Copy this repository directory to `/var/www`, so `/var/www/malp/cgi-bin` exists.
As root:
```
mkdir /var/www/malp/data
chown apache:apache /var/www/malp/data
```
### Install ruby
As root:
```
dnf install ruby
```
### If using SELinux (e.g. AlmaLinux)
As root:
```
chcon -R -t httpd_sys_script_exec_t /var/www/malp/cgi-bin
chcon -R -t httpd_sys_rw_content_t /var/www/malp/data
chcon -t bin_t /var/www/malp/bin/malpd
semodule -i /var/www/malp/selinux/malp_to_malpd.pp
```
### Example Apache HTTPD Setup
Here is my example setup.
My server's name is `anubis`.
Replace as desired.
#### Create self-signed TLS certificate
As root:
```
mkdir /etc/httpd/tls
cd /etc/httpd/tls
openssl ecparam -name secp384r1 -genkey -noout -out anubis.key
openssl req -new -x509 -key anubis.key -out anubis.crt -days 3650 -sha384
```
#### /etc/httpd/conf.d/anubis.conf
```
ServerName anubis
ServerAlias anubis
# Permanent redirect to the same URI on HTTPS
Redirect permanent / https://anubis/
ServerName anubis
DocumentRoot /var/www/html
SSLEngine on
SSLCertificateFile /etc/httpd/tls/anubis.crt
SSLCertificateKeyFile /etc/httpd/tls/anubis.key
# Modern TLS Security (Recommended for ECDSA)
SSLProtocol all -SSLv3 -TLSv1 -TLSv1.1
SSLCipherSuite ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384
SSLHonorCipherOrder off
SSLSessionTickets off
ErrorLog /var/log/httpd/anubis-error.log
CustomLog /var/log/httpd/anubis-access.log combined
Options Indexes FollowSymLinks
AllowOverride All
Require all granted
ScriptAlias / /var/www/malp/cgi-bin/malp.rb
```
### Set user name and password
As root:
```
/var/www/malp/bin/setpasswd
```
### Install systemd units
As root:
```
cp /var/www/malp/systemd/* /usr/lib/systemd/system
systemctl enable --now malpd.socket
systemctl enable --now malpd.service
```