matt/echo6-docs
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
echo6-docs/runbooks/meshmonitor-password-reset.md
Matt Johnson 880ff09c90 Initial commit: infrastructure documentation 
Includes:
- Hardware environment reference (Proxmox cluster, VMs, LXCs)
- Services inventory with current deployments
- Caddy & DNS configuration reference
- Runbooks for common deployment procedures

Recent additions:
- SearXNG deployment (utility CT 102, search.echo6.co)
- TOC conversion to Proxmox with cortex VM
- Syncthing sync between Contabo and cortex

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-02-06 21:27:29 +01:00

127 lines
3.3 KiB
Markdown
Raw Blame History

# MeshMonitor Admin Password Reset
## Overview
Reset the admin password for MeshMonitor web interface.
| Item | Value |
|------|-------|
| Service | MeshMonitor |
| Location | utility CT 100 (192.168.1.100:8080) |
| Database | SQLite at `/data/meshmonitor.db` |
## Prerequisites
- SSH access to Proxmox utility node (192.168.1.241) as root
- `sshpass` installed on local machine
- `python3` with `bcrypt` module (for generating password hash)
## Quick Reset (One-liner)
Reset to a specific password (generates hash inside container to avoid escaping issues):
```bash
sshpass -p '7redditGold' ssh -o StrictHostKeyChecking=no root@192.168.1.241 'pct exec 100 -- docker exec meshmonitor node -e "
const Database = require(\"better-sqlite3\");
const bcrypt = require(\"bcrypt\");
const db = new Database(\"/data/meshmonitor.db\");
const hash = bcrypt.hashSync(\"7redditGold\", 10);
db.prepare(\"UPDATE users SET password_hash = ? WHERE username = ?\").run(hash, \"admin\");
console.log(\"Password updated to 7redditGold\");
db.close();
"'
```
To use a different password, replace both instances of `7redditGold` (SSH password and new MeshMonitor password).
## Step-by-Step Process
### 1. SSH to Proxmox Host
```bash
ssh root@192.168.1.241
```
### 2. Enter the Container
```bash
pct exec 100 -- bash
```
### 3. Option A: Use Built-in Reset Script (Random Password)
```bash
docker exec meshmonitor node /app/reset-admin.mjs
```
This generates a random password - save the output.
### 3. Option B: Set Specific Password via Node.js
Generate a bcrypt hash first (run on any machine with Node.js):
```bash
node -e "const bcrypt = require('bcrypt'); \
bcrypt.hash('YOUR_PASSWORD_HERE', 10).then(h => console.log(h));"
```
Then update the database:
```bash
docker exec meshmonitor node -e "
const Database = require('better-sqlite3');
const db = new Database('/data/meshmonitor.db');
db.prepare(\"UPDATE users SET password_hash = ? WHERE username = 'admin'\")
.run('\$2b\$10\$YOUR_HASH_HERE');
db.close();
"
```
### 4. Verify Login
Open http://192.168.1.100:8080 and log in with:
- Username: `admin`
- Password: (your new password)
## Troubleshooting
### Check Current Admin User
```bash
docker exec meshmonitor node -e "
const Database = require('better-sqlite3');
const db = new Database('/data/meshmonitor.db');
console.log(db.prepare(\"SELECT * FROM users WHERE username='admin'\").get());
db.close();
"
```
### List All Users
```bash
docker exec meshmonitor node -e "
const Database = require('better-sqlite3');
const db = new Database('/data/meshmonitor.db');
console.log(db.prepare('SELECT id, username, is_admin, is_active FROM users').all());
db.close();
"
```
### Container Not Running
```bash
# On Proxmox host
pct exec 100 -- docker ps -a
pct exec 100 -- docker start meshmonitor
```
## Notes
- The `reset-admin.mjs` script generates random passwords; use direct DB update for specific passwords
- SQLite3 CLI is not installed in the container; use Node.js with `better-sqlite3`
- Password column is `password_hash` in the `users` table (lowercase)
- **Shell escaping gotcha:** Bcrypt hashes contain `$` characters (e.g., `$2b$10$...`) which get interpreted by the shell. Always use single quotes around the outer SSH command to preserve them, or generate the hash inside the container using `bcrypt.hashSync()` directly
---
*Created: 2026-02-04*
Reference in a new issue View git blame Copy permalink