diff --git a/containers/monitoring/Makefile b/containers/monitoring/Makefile
index be243a3..0c51c76 100644
--- a/containers/monitoring/Makefile
+++ b/containers/monitoring/Makefile
@@ -1,5 +1,8 @@
#!/usr/bin/env make
+composition-go-brrr: ${shell which 'docker-compose'}
+ @docker-compose up -d
+
firewalld-open-node-exporter: override service_name ?= prometheus-node-exporter
firewalld-open-node-exporter: override port ?= 9100
firewalld-open-node-exporter: ${shell which 'firewall-cmd'}
@@ -20,5 +23,16 @@ firewalld-open-grafana: ${shell which 'firewall-cmd'}
firewalld-open: firewalld-open-node-exporter firewalld-open-prometheus firewalld-open-grafana
-composition-go-brrr: ${shell which 'docker-compose'}
- @docker-compose up -d
+grafana-fix-files-permissions: ${shell which 'docker-compose'}
+ @docker compose run --rm --user 'root' --entrypoint chown 'grafana' -Rv 'grafana' '/etc/grafana' '/var/lib/grafana'
+
+prometheus-fix-files-permissions: ${shell which 'docker-compose'}
+ @docker compose run --rm --user 'root' --entrypoint chown 'prometheus' -Rv 'nobody:nobody' '/etc/prometheus'
+
+me-fix-grafana-files-permissions:
+ @sudo chown -R '472:0' 'grafana'
+
+me-fix-prometheus-files-permissions:
+ @sudo chown -R '65534:65534' 'prometheus'
+
+pre-flight: grafana-fix-files-permissions prometheus-fix-files-permissions
diff --git a/containers/monitoring/README.md b/containers/monitoring/README.md
index ad08aa2..7c0e810 100644
--- a/containers/monitoring/README.md
+++ b/containers/monitoring/README.md
@@ -3,12 +3,32 @@
Leverages Prometheus and Grafana.
1. [Pre-flight operations](#pre-flight-operations)
+1. [Runtime operations](#runtime-operations)
1. [Further readings](#further-readings)
## Pre-flight operations
For example purposes, the host running them will also run the Node Exporter to provide data.
-Since the Node Exporter container runs in host mode, the host's IP or FQDN must be set in [Prometheus' configuration file] for this to work.
+Since the Node Exporter container runs in host mode, the host's IP or FQDN must be set in
+[Prometheus' configuration file] for this to work.
+
+The configuration provided needs to be readable from the processes using it.
+Fix files' permissions:
+
+```sh
+# From the containers.
+docker compose run --rm --user 'root' --entrypoint chown 'grafana' -Rv 'grafana' '/etc/grafana' '/var/lib/grafana'
+docker compose run --rm --user 'root' --entrypoint chown 'prometheus' -Rv 'nobody:nobody' '/etc/prometheus'
+
+# Locally.
+sudo chown -R '472:0' 'grafana'
+sudo chown -R '65534:65534' 'prometheus'
+```
+
+## Runtime operations
+
+Default credentials for Grafana: `admin` - `admin`.
+Will be requested to change them upon first login.
## Further readings
diff --git a/knowledge base/docker.md b/knowledge base/docker.md
index f971c26..3716825 100644
--- a/knowledge base/docker.md
+++ b/knowledge base/docker.md
@@ -124,6 +124,13 @@ docker image prune -a
docker system prune -a
+# List networks.
+docker network ls
+
+# Inspect networks.
+docker network inspect 'monitoring_default'
+
+
# Display a summary of the vulnerabilities in images.
# If not given any input, it targets the most recently built image.
docker scout qv