Mail-in-a-Box: monitor your files with Monit

A Mail-in-a-Box install isn’t necessarily meant to be modified, but if you do, then monitor your files to track changes.


Monit’s watchdog

Monit is a useful process supervision tool for Linux. Mail-in-a-Box doesn’t recommend customizing your box much, if at all, because it’s meant to be easy to deploy and maintain. It focuses on this ease, which is one of its positives.

Files that are core to Mail-in-a-Box aren’t meant to be touched because they’ll eventually be overwritten. If you prefer to customize your MiaB installation, then using a monitoring tool is a must if you don’t want to manually track changes after every update.

Using Monit in this case is a great solution — it’s lightweight and quick to set up. With Monit, you’ll be able to Monitor a lot of aspects of your box, but in this particular case I’ll walk you through using it to check for file changes. Based on the last timestamp of the file, Monit will send an email alert if the timestamp changes.

Install and set up Monit on Ubuntu

Since Mail-in-a-Box uses Ubuntu 18.04, that’s what we’ll be assuming here. This will work on any Linux-based distribution, but just be aware that the commands may slightly differ. Any version of Ubuntu can follow this.

Step 1. Update & upgrade your current packages

user@box:~$ sudo apt-get update && sudo apt-get upgrade

Step 2. Install from the Ubuntu repository

user@box:~$ sudo apt install monit

Step 3. Check that the daemon is running

user@box:~$ sudo systemctl status monit

If it isn’t, start it with sudo monit.

Step 4. Initial setup of Monit

user@box:~$ sudo nano /etc/monit/monitrc

Editing the monitrc file

The monitrc file is where the magic starts. I generally use nano if I’m in a shell session, but a lot of the time I like to use SFTP via something like FileZilla, so I can use my usual editor on Windows (Atom).

Global configuration settings to uncomment and modify

Global section

In the global section, I recommend uncommenting with start delay so that Monit doesn’t fire off every time it’s restarted, or after your server restarts. Since it will load up pretty quickly due to its light weight, other services may not be up after a reboot, making it send emails to you about those services being down.

###############################################################################
## Global section
###############################################################################
##
## Start Monit in the background (run as a daemon):
#
  set daemon 180            # check services at 3-minute intervals
  with start delay 240      # optional: delay the first check by 4-minutes (by
# 

I also changed the interval for checks to every 3 minutes. Monit sleeps, then wakes itself up every 3 minutes to check the services you’ve set it up to check (which we’ll get to in a bit).

Email (mail server) section

Make sure Monit can send emails to you:

## Set the list of mail servers for alert delivery. Multiple servers may be
## specified using a comma separator. If the first mail server fails, Monit
# will use the second mail server in the list and so on. By default Monit uses
# port 25 - it is possible to override this with the PORT option.
#
# set mailserver mail.bar.baz,               # primary mailserver
#                backup.bar.baz port 10025,  # backup mailserver on port 10025
#                localhost                   # fallback relay
#
#

Uncomment the set mailserver line and enter whichever mail server you want to use. Since this is a Mail-in-a-Box installation, you might as well just use that. I personally send through Amazon SES, however, since I have Monit set up on several servers (not that MiaB couldn’t be used for all of them, but I have particular reasons for it, which is out of the scope of this guide).

For example, here’s how it might look using MiaB:

## Set the list of mail servers for alert delivery. Multiple servers may be
## specified using a comma separator. If the first mail server fails, Monit
# will use the second mail server in the list and so on. By default Monit uses
# port 25 - it is possible to override this with the PORT option.
#
set mailserver box.example.com port 587                    # primary mailserver
               username "user@example.com" password "your-miab-user's-password-here"
               using tls
HTTP section

Now head further down the file and find port 2812. Uncomment the three lines below.

## Monit has an embedded HTTP interface which can be used to view status of
## services monitored and manage services from a web interface. The HTTP
## interface is also required if you want to issue Monit commands from the
## command line, such as 'monit status' or 'monit restart service' The reason
## for this is that the Monit client uses the HTTP interface to send these
## commands to a running Monit daemon. See the Monit Wiki if you want to
## enable SSL for the HTTP interface.
#
set httpd port 2812 and
    use address localhost  # only accept connection from localhost
    allow localhost        # allow localhost to connect to the server and
    allow admin:monit      # require user 'admin' with password 'monit'
#

Look at the allow admin:monit and change those to whatever username:password values you want. Even if you’re not using the web interface that Monit offers, uncommenting the HTTP section is important if you want to be able to use a command like sudo monit status.

Go through the entire file if you’d like. It’s well-commented and fairly straightforward to modify. I would take a look at the set mail-format section to change the wording of the emails that get sent.

Step 5. Reload Monit

user@box:~$ sudo monit reload

Creating your monitoring rules

Step 6. Creating the monitoring rules

Now head into /etc/monit/conf.d and create a file, and name it anything; mine is named mail-server.conf in my MiaB installation. For example, this is partially what I have in that file:

#####
### Check files based on the timestamp
#####

##### Nginx Munin conf
check file nginx_munin_conf with path /etc/nginx/conf.d/munin-subdomain.conf
    if changed timestamp then alert

##### Nginx Nextcloud Conf
check file nginx_nextcloud_conf with path /etc/nginx/conf.d/nextcloud-subdomain.conf
    if changed timestamp then alert

##### Custom config.php for Nextcloud
check file nextcloud_custom_config with path /home/user-data/owncloud/custom.config.php
    if changed timestamp then alert

##### Roundcube config
check file roundcube_config with path /usr/local/lib/roundcubemail/config/config.inc.php
    if changed timestamp then alert

The first three files in there are actually custom files that I created in the server. Those are not part of MiaB by default, so because of that, there’s less worry that they’ll be overwritten. I monitor them either way, just in case. The Roundcube config, however, is a file that’s maintained by Mail-in-a-Box. That file will eventually be overwritten. I needed to modify this file to add more plugins to Roundcube, so this is an important one to monitor.

Note: Monit does not make backups of your files, it simply monitors them and alerts you when they change. Be sure to back up your files when you’re done modifying them, so after they do change, you can use an editor to see the differences and reapply your changes.

Think about all the files you want to monitor: your custom files and any core Mail-in-a-Box files that you’ve altered will be important to add into your Monit configuration.

Reload Monit and make sure it’s enabled on reboot

Step 7. Reload and enable.

user@box:~$ sudo monit reload
user@box:~$ sudo systemctl enable monit

You’ll now have Monit set up fully, and it’ll be ready to email you when files on your server have changed. Test it by touching or modifying a file.

No comments yet.

Post a comment

  • (will not be published)


This site uses Akismet to reduce spam. Learn how your comment data is processed.

XHTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>