diff --git a/bin/scripts/oitc3to4.sh b/bin/scripts/oitc3to4.sh index ad70ec5f0e..6889c262f7 100755 --- a/bin/scripts/oitc3to4.sh +++ b/bin/scripts/oitc3to4.sh @@ -345,9 +345,10 @@ echo "" if [ "$VERSION_CODENAME" == "stretch" ]; then - openitcockpit_upd=$(apt-mark showmanual | grep openitcockpit | grep -v -e openitcockpit-message -e openitcockpit-statusengine-naemon -e openitcockpit-module-nrpe -e openitcockpit-module-mk | xargs echo) - openitcockpit_rem=$(while read pkg; do echo "$pkg-"; done< <(dpkg -l | awk '$2 ~ /openitcockpit-/ {print $2} $2 ~ /phpnsta/ {print $2}' | grep -e 'openitcockpit-wkhtmltopdf' -e 'phpnsta') | xargs echo) - php_upd=$(while read pkg; do echo "$pkg-"; if [ "$pkg" != "php7.0-mcrypt" ]; then echo "$pkg"|sed 's/php7.0/php7.3/'; fi; done< <(dpkg -l | awk '$2 ~ /php7.0/ {print $2}') | xargs echo) + openitcockpit_upd=$(apt-mark showmanual | grep openitcockpit | grep -v -e openitcockpit-message -e openitcockpit-statusengine-naemon -e openitcockpit-module-nrpe -e openitcockpit-module-mk -e openitcockpit-release -e openitcockpit-mysql -e openitcockpit-npcd | xargs echo) + openitcockpit_rem=$(while read pkg; do echo "$pkg-"; done< <(dpkg -l | awk '$1 ~ /ii/ && $2 ~ /openitcockpit-/ {print $2} $1 ~ /ii/ && $2 ~ /phpnsta/ {print $2}' | grep -e 'openitcockpit-wkhtmltopdf' -e 'phpnsta' -e openitcockpit-release -e openitcockpit-mysql -e openitcockpit-npcd) | xargs echo) + php_upd=$(while read pkg; do echo "$pkg-"; if [ "$pkg" != "php7.0-mcrypt" ]; then echo "$pkg"|sed 's/php7.0/php7.3/'; fi; done< <(dpkg -l | awk '$1 ~ /ii/ && $2 ~ /php7.0/ {print $2}') | xargs echo) + php5_rm=$(while read pkg; do echo "$pkg-"; done< <(dpkg -l | awk '$1 ~ /ii/ && $2 ~ /php5/ {print $2}') | xargs echo) always="openitcockpit openitcockpit-graphing wkhtmltox" if [ ! -z "$(dpkg -l | awk '$2 ~ /openitcockpit-module-distribute/')" ]; then @@ -382,7 +383,7 @@ if [ "$VERSION_CODENAME" == "stretch" ]; then echo "" echo "# Upgrade the distribution and openITCOCKPIT" echo "apt-get update" - echo "apt-get dist-upgrade $php_upd $openitcockpit_upd $openitcockpit_rem $always" + echo "apt-get dist-upgrade $php_upd $openitcockpit_upd $openitcockpit_rem $php5_rm $always" echo "!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!" echo "###############################################################################" echo "${Reset}" @@ -390,9 +391,10 @@ fi if [ "$VERSION_CODENAME" == "xenial" ]; then - openitcockpit_upd=$(apt-mark showmanual | grep openitcockpit | grep -v -e openitcockpit-message -e openitcockpit-statusengine-naemon -e openitcockpit-module-nrpe -e openitcockpit-module-mk | xargs echo) - openitcockpit_rem=$(while read pkg; do echo "$pkg-"; done< <(dpkg -l | awk '$2 ~ /openitcockpit-/ {print $2} $2 ~ /phpnsta/ {print $2}' | grep -e 'openitcockpit-wkhtmltopdf' -e 'phpnsta') | xargs echo) - php_upd=$(while read pkg; do echo "$pkg-"; if [ "$pkg" != "php7.0-mcrypt" ]; then echo "$pkg"|sed 's/php7.0/php7.2/'; fi; done< <(dpkg -l | awk '$2 ~ /php7.0/ {print $2}') | xargs echo) + openitcockpit_upd=$(apt-mark showmanual | grep openitcockpit | grep -v -e openitcockpit-message -e openitcockpit-statusengine-naemon -e openitcockpit-module-nrpe -e openitcockpit-module-mk -e openitcockpit-release -e openitcockpit-mysql -e openitcockpit-npcd | xargs echo) + openitcockpit_rem=$(while read pkg; do echo "$pkg-"; done< <(dpkg -l | awk '$1 ~ /ii/ && $2 ~ /openitcockpit-/ {print $2} $1 ~ /ii/ && $2 ~ /phpnsta/ {print $2}' | grep -e 'openitcockpit-wkhtmltopdf' -e 'phpnsta' -e openitcockpit-release -e openitcockpit-mysql -e openitcockpit-npcd) | xargs echo) + php_upd=$(while read pkg; do echo "$pkg-"; if [ "$pkg" != "php7.0-mcrypt" ]; then echo "$pkg"|sed 's/php7.0/php7.2/'; fi; done< <(dpkg -l | awk '$1 ~ /ii/ && $2 ~ /php7.0/ {print $2}') | xargs echo) + php5_rm=$(while read pkg; do echo "$pkg-"; done< <(dpkg -l | awk '$1 ~ /ii/ && $2 ~ /php5/' {print $2}) | xargs echo) always="openitcockpit openitcockpit-graphing wkhtmltox" if [ ! -z "$(dpkg -l | awk '$2 ~ /openitcockpit-module-distribute/')" ]; then @@ -423,7 +425,7 @@ if [ "$VERSION_CODENAME" == "xenial" ]; then echo "" echo "# Upgrade the distribution and openITCOCKPIT" echo "apt-get update" - echo "apt-get dist-upgrade $php_upd $openitcockpit_upd $openitcockpit_rem $always" + echo "apt-get dist-upgrade $php_upd $openitcockpit_upd $openitcockpit_rem $php5_rm $always" echo "!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!" echo "###############################################################################" echo "${Reset}" @@ -431,8 +433,9 @@ fi if [ "$VERSION_CODENAME" == "bionic" ]; then - openitcockpit_upd=$(apt-mark showmanual | grep openitcockpit | grep -v -e openitcockpit-message -e openitcockpit-statusengine-naemon -e openitcockpit-module-nrpe -e openitcockpit-module-mk | xargs echo) - openitcockpit_rem=$(while read pkg; do echo "$pkg-"; done< <(dpkg -l | awk '$2 ~ /openitcockpit-/ {print $2} $2 ~ /phpnsta/ {print $2}' | grep -e 'openitcockpit-wkhtmltopdf' -e 'phpnsta') | xargs echo) + openitcockpit_upd=$(apt-mark showmanual | grep openitcockpit | grep -v -e openitcockpit-message -e openitcockpit-statusengine-naemon -e openitcockpit-module-nrpe -e openitcockpit-module-mk -e openitcockpit-release -e openitcockpit-mysql -e openitcockpit-npcd | xargs echo) + openitcockpit_rem=$(while read pkg; do echo "$pkg-"; done< <(dpkg -l | awk '$1 ~ /ii/ && $2 ~ /openitcockpit-/ {print $2} $1 ~ /ii/ && $2 ~ /phpnsta/ {print $2}' | grep -e 'openitcockpit-wkhtmltopdf' -e 'phpnsta' -e openitcockpit-release -e openitcockpit-mysql -e openitcockpit-npcd) | xargs echo) + php5_rm=$(while read pkg; do echo "$pkg-"; done< <(dpkg -l | awk '$1 ~ /ii/ && $2 ~ /php5/' {print $2}) | xargs echo) always="openitcockpit openitcockpit-graphing wkhtmltox" if [ ! -z "$(dpkg -l | awk '$2 ~ /openitcockpit-module-distribute/')" ]; then @@ -459,7 +462,7 @@ if [ "$VERSION_CODENAME" == "bionic" ]; then echo "" echo "# Upgrade the distribution and openITCOCKPIT" echo "apt-get update" - echo "apt-get dist-upgrade $openitcockpit_upd $openitcockpit_rem $always" + echo "apt-get dist-upgrade $openitcockpit_upd $openitcockpit_rem $php5_rm $always" echo "!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!" echo "###############################################################################" echo "${Reset}" diff --git a/bin/scripts/oitcSat3to4.sh b/bin/scripts/oitcSat3to4.sh index 547d4a022b..2c5697b999 100644 --- a/bin/scripts/oitcSat3to4.sh +++ b/bin/scripts/oitcSat3to4.sh @@ -219,19 +219,20 @@ fi if [ "$VERSION_CODENAME" == "stretch" ]; then openitcockpit_upd=$(apt-mark showmanual | grep openitcockpit | grep -v -e 'openitcockpit-statusengine3-oitc-mysql' -e 'openitcockpit-nagios-sat' -e 'openitcockpit-naemon-sat' -e 'openitcockpit-checkmk-sat' -e 'openitcockpit-statusengine3-broker-sat-nagios' -e 'openitcockpit-statusengine3-broker-sat-naemon' -e 'openitcockpit-statusengine-broker-sat-nagios' -e 'openitcockpit-statusengine-broker-sat-naemon' | xargs echo) - openitcockpit_rem=$(while read pkg; do echo "$pkg-"; done< <(dpkg -l | awk '$2 ~ /openitcockpit-/ {print $2}' | grep -e 'openitcockpit-statusengine3-oitc-mysql' -e 'openitcockpit-nagios-sat' -e 'openitcockpit-naemon-sat' -e 'openitcockpit-checkmk-sat' -e 'openitcockpit-statusengine3-broker-sat-nagios' -e 'openitcockpit-statusengine3-broker-sat-naemon' -e 'openitcockpit-statusengine-broker-sat-nagios' -e 'openitcockpit-statusengine-broker-sat-naemon') | xargs echo) - php_upd=$(while read pkg; do echo "$pkg-"; if [ "$pkg" != "php7.0-mcrypt" ]; then echo "$pkg"|sed 's/php7.0/php7.3/'; fi; done< <(dpkg -l | awk '$2 ~ /php7.0/ {print $2}') | xargs echo) + openitcockpit_rem=$(while read pkg; do echo "$pkg-"; done< <(dpkg -l | awk '$1 ~ /ii/ && $2 ~ /openitcockpit-/ {print $2}' | grep -e 'openitcockpit-statusengine3-oitc-mysql' -e 'openitcockpit-nagios-sat' -e 'openitcockpit-naemon-sat' -e 'openitcockpit-checkmk-sat' -e 'openitcockpit-statusengine3-broker-sat-nagios' -e 'openitcockpit-statusengine3-broker-sat-naemon' -e 'openitcockpit-statusengine-broker-sat-nagios' -e 'openitcockpit-statusengine-broker-sat-naemon') | xargs echo) + php_upd=$(while read pkg; do echo "$pkg-"; if [ "$pkg" != "php7.0-mcrypt" ]; then echo "$pkg"|sed 's/php7.0/php7.3/'; fi; done< <(dpkg -l | awk '$1 ~ /ii/ && $2 ~ /php7.0/ {print $2}') | xargs echo) + php5_rm=$(while read pkg; do echo "$pkg-"; done< <(dpkg -l | awk '$1 ~ /ii/ && $2 ~ /php5/ {print $2}') | xargs echo) always="openitcockpit-satellite" - if [ ! -z "$(dpkg -l | awk '$2 ~ /openitcockpit-checkmk-sat/')" ]; then + if [ ! -z "$(dpkg -l | awk '$1 ~ /ii/ && $2 ~ /openitcockpit-checkmk-sat/')" ]; then always="$always openitcockpit-checkmk" fi - if [ ! -z "$(dpkg -l | awk '$2 ~ /openitcockpit-nagios-sat/')" ]; then + if [ ! -z "$(dpkg -l | awk '$1 ~ /ii/ && $2 ~ /openitcockpit-nagios-sat/')" ]; then always="$always openitcockpit-naemon" fi - if [ ! -z "$(dpkg -l | awk '$2 ~ /openitcockpit-naemon-sat/')" ]; then + if [ ! -z "$(dpkg -l | awk '$1 ~ /ii/ && $2 ~ /openitcockpit-naemon-sat/')" ]; then always="$always openitcockpit-naemon" fi @@ -258,7 +259,7 @@ if [ "$VERSION_CODENAME" == "stretch" ]; then if dpkg -s "openitcockpit-satellite-frontend" >/dev/null 2>&1; then echo "mkdir -p /opt/openitc/etc/frontend && touch /opt/openitc/etc/frontend/enable_web_interface" fi - echo "apt-get dist-upgrade $php_upd $openitcockpit_upd $openitcockpit_rem $always" + echo "apt-get dist-upgrade $php_upd $openitcockpit_upd $openitcockpit_rem $php5_rm $always" echo "" check_package_installed_sat_frontend @@ -271,19 +272,20 @@ fi if [ "$VERSION_CODENAME" == "xenial" ]; then openitcockpit_upd=$(apt-mark showmanual | grep openitcockpit | grep -v -e 'openitcockpit-statusengine3-oitc-mysql' -e 'openitcockpit-nagios-sat' -e 'openitcockpit-naemon-sat' -e 'openitcockpit-checkmk-sat' -e 'openitcockpit-statusengine3-broker-sat-nagios' -e 'openitcockpit-statusengine3-broker-sat-naemon' -e 'openitcockpit-statusengine-broker-sat-nagios' -e 'openitcockpit-statusengine-broker-sat-naemon' | xargs echo) - openitcockpit_rem=$(while read pkg; do echo "$pkg-"; done< <(dpkg -l | awk '$2 ~ /openitcockpit-/ {print $2}' | grep -e 'openitcockpit-statusengine3-oitc-mysql' -e 'openitcockpit-nagios-sat' -e 'openitcockpit-naemon-sat' -e 'openitcockpit-checkmk-sat' -e 'openitcockpit-statusengine3-broker-sat-nagios' -e 'openitcockpit-statusengine3-broker-sat-naemon' -e 'openitcockpit-statusengine-broker-sat-nagios' -e 'openitcockpit-statusengine-broker-sat-naemon') | xargs echo) - php_upd=$(while read pkg; do echo "$pkg-"; if [ "$pkg" != "php7.0-mcrypt" ]; then echo "$pkg"|sed 's/php7.0/php7.2/'; fi; done< <(dpkg -l | awk '$2 ~ /php7.0/ {print $2}') | xargs echo) + openitcockpit_rem=$(while read pkg; do echo "$pkg-"; done< <(dpkg -l | awk '$1 ~ /ii/ && $2 ~ /openitcockpit-/ {print $2}' | grep -e 'openitcockpit-statusengine3-oitc-mysql' -e 'openitcockpit-nagios-sat' -e 'openitcockpit-naemon-sat' -e 'openitcockpit-checkmk-sat' -e 'openitcockpit-statusengine3-broker-sat-nagios' -e 'openitcockpit-statusengine3-broker-sat-naemon' -e 'openitcockpit-statusengine-broker-sat-nagios' -e 'openitcockpit-statusengine-broker-sat-naemon') | xargs echo) + php_upd=$(while read pkg; do echo "$pkg-"; if [ "$pkg" != "php7.0-mcrypt" ]; then echo "$pkg"|sed 's/php7.0/php7.2/'; fi; done< <(dpkg -l | awk '$1 ~ /ii/ && $2 ~ /php7.0/ {print $2}') | xargs echo) + php5_rm=$(while read pkg; do echo "$pkg-"; done< <(dpkg -l | awk '$1 ~ /ii/ && $2 ~ /php5/ {print $2}') | xargs echo) always="openitcockpit-satellite" - if [ ! -z "$(dpkg -l | awk '$2 ~ /openitcockpit-checkmk-sat/')" ]; then + if [ ! -z "$(dpkg -l | awk '$1 ~ /ii/ && $2 ~ /openitcockpit-checkmk-sat/')" ]; then always="$always openitcockpit-checkmk" fi - if [ ! -z "$(dpkg -l | awk '$2 ~ /openitcockpit-nagios-sat/')" ]; then + if [ ! -z "$(dpkg -l | awk '$1 ~ /ii/ && $2 ~ /openitcockpit-nagios-sat/')" ]; then always="$always openitcockpit-naemon" fi - if [ ! -z "$(dpkg -l | awk '$2 ~ /openitcockpit-naemon-sat/')" ]; then + if [ ! -z "$(dpkg -l | awk '$1 ~ /ii/ && $2 ~ /openitcockpit-naemon-sat/')" ]; then always="$always openitcockpit-naemon" fi @@ -306,7 +308,7 @@ if [ "$VERSION_CODENAME" == "xenial" ]; then if dpkg -s "openitcockpit-satellite-frontend" >/dev/null 2>&1; then echo "mkdir -p /opt/openitc/etc/frontend && touch /opt/openitc/etc/frontend/enable_web_interface" fi - echo "apt-get dist-upgrade $php_upd $openitcockpit_upd $openitcockpit_rem $always" + echo "apt-get dist-upgrade $php_upd $openitcockpit_upd $openitcockpit_rem $php5_rm $always" echo "" check_package_installed_sat_frontend @@ -319,18 +321,19 @@ fi if [ "$VERSION_CODENAME" == "bionic" ]; then openitcockpit_upd=$(apt-mark showmanual | grep openitcockpit | grep -v -e 'openitcockpit-statusengine3-oitc-mysql' -e 'openitcockpit-nagios-sat' -e 'openitcockpit-naemon-sat' -e 'openitcockpit-checkmk-sat' -e 'openitcockpit-statusengine3-broker-sat-nagios' -e 'openitcockpit-statusengine3-broker-sat-naemon' -e 'openitcockpit-statusengine-broker-sat-nagios' -e 'openitcockpit-statusengine-broker-sat-naemon' | xargs echo) - openitcockpit_rem=$(while read pkg; do echo "$pkg-"; done< <(dpkg -l | awk '$2 ~ /openitcockpit-/ {print $2}' | grep -e 'openitcockpit-statusengine3-oitc-mysql' -e 'openitcockpit-nagios-sat' -e 'openitcockpit-naemon-sat' -e 'openitcockpit-checkmk-sat' -e 'openitcockpit-statusengine3-broker-sat-nagios' -e 'openitcockpit-statusengine3-broker-sat-naemon' -e 'openitcockpit-statusengine-broker-sat-nagios' -e 'openitcockpit-statusengine-broker-sat-naemon') | xargs echo) + openitcockpit_rem=$(while read pkg; do echo "$pkg-"; done< <(dpkg -l | awk '$1 ~ /ii/ && $2 ~ /openitcockpit-/ {print $2}' | grep -e 'openitcockpit-statusengine3-oitc-mysql' -e 'openitcockpit-nagios-sat' -e 'openitcockpit-naemon-sat' -e 'openitcockpit-checkmk-sat' -e 'openitcockpit-statusengine3-broker-sat-nagios' -e 'openitcockpit-statusengine3-broker-sat-naemon' -e 'openitcockpit-statusengine-broker-sat-nagios' -e 'openitcockpit-statusengine-broker-sat-naemon') | xargs echo) + php5_rm=$(while read pkg; do echo "$pkg-"; done< <(dpkg -l | awk '$1 ~ /ii/ && $2 ~ /php5/ {print $2}') | xargs echo) always="openitcockpit-satellite" - if [ ! -z "$(dpkg -l | awk '$2 ~ /openitcockpit-checkmk-sat/')" ]; then + if [ ! -z "$(dpkg -l | awk '$1 ~ /ii/ && $2 ~ /openitcockpit-checkmk-sat/')" ]; then always="$always openitcockpit-checkmk" fi - if [ ! -z "$(dpkg -l | awk '$2 ~ /openitcockpit-nagios-sat/')" ]; then + if [ ! -z "$(dpkg -l | awk '$1 ~ /ii/ && $2 ~ /openitcockpit-nagios-sat/')" ]; then always="$always openitcockpit-naemon" fi - if [ ! -z "$(dpkg -l | awk '$2 ~ /openitcockpit-naemon-sat/')" ]; then + if [ ! -z "$(dpkg -l | awk '$1 ~ /ii/ && $2 ~ /openitcockpit-naemon-sat/')" ]; then always="$always openitcockpit-naemon" fi @@ -349,7 +352,7 @@ if [ "$VERSION_CODENAME" == "bionic" ]; then if dpkg -s "openitcockpit-satellite-frontend" >/dev/null 2>&1; then echo "mkdir -p /opt/openitc/etc/frontend && touch /opt/openitc/etc/frontend/enable_web_interface" fi - echo "apt-get dist-upgrade $openitcockpit_upd $openitcockpit_rem $always" + echo "apt-get dist-upgrade $openitcockpit_upd $openitcockpit_rem $php5_rm $always" echo "" check_package_installed_sat_frontend diff --git a/config/Migrations/20201013093523_DisableAgentProxy.php b/config/Migrations/20201013093523_DisableAgentProxy.php new file mode 100644 index 0000000000..1342cbbd5a --- /dev/null +++ b/config/Migrations/20201013093523_DisableAgentProxy.php @@ -0,0 +1,54 @@ + +// +// This file is dual licensed +// +// 1. +// This program is free software: you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation, version 3 of the License. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License +// along with this program. If not, see . +// +// 2. +// If you purchased an openITCOCKPIT Enterprise Edition you can use this file +// under the terms of the openITCOCKPIT Enterprise Edition license agreement. +// License agreement and license key will be shipped with the order +// confirmation. + +declare(strict_types=1); + +use Migrations\AbstractMigration; + +/** + * Class OAuth + * + * Created: + * oitc migrations create DisableAgentProxy + * + * Usage: + * openitcockpit-update + */ +class DisableAgentProxy extends AbstractMigration { + + /** + * Change Method. + * + * More information on this method is available here: + * https://book.cakephp.org/phinx/0/en/migrations.html#the-change-method + * @return void + */ + public function change() { + $this->table('agentconfigs') + ->changeColumn('proxy', 'boolean', [ + 'default' => false + ]) + ->update(); + } +} diff --git a/src/Controller/AgentconnectorController.php b/src/Controller/AgentconnectorController.php index b500a91a95..fdc336c1b5 100644 --- a/src/Controller/AgentconnectorController.php +++ b/src/Controller/AgentconnectorController.php @@ -36,6 +36,7 @@ use App\Model\Table\ChangelogsTable; use App\Model\Table\HostsTable; use App\Model\Table\HosttemplatesTable; +use App\Model\Table\ProxiesTable; use App\Model\Table\ServicesTable; use App\Model\Table\ServicetemplatesTable; use Cake\Datasource\Exception\RecordNotFoundException; @@ -49,6 +50,7 @@ use itnovum\openITCOCKPIT\Agent\HttpLoader; use itnovum\openITCOCKPIT\ApiShell\Exceptions\MissingParameterExceptions; use itnovum\openITCOCKPIT\Core\Comparison\ServiceComparisonForSave; +use itnovum\openITCOCKPIT\Core\FileDebugger; use itnovum\openITCOCKPIT\Core\System\Gearman; use itnovum\openITCOCKPIT\Core\UUID; use itnovum\openITCOCKPIT\Core\ValueObjects\User; @@ -190,6 +192,8 @@ public function pullConfigurations($action = null, $id = null) { if ($AgentconfigsTable->existsById($id)) { if ($action == 'edit') { $Agentconfig = $AgentconfigsTable->get($id); + $Agentconfig->setAccess('id', false); + $Agentconfig->setAccess('push_noticed', false); $Agentconfig = $AgentconfigsTable->patchEntity($Agentconfig, $this->request->getData('Agentconfig')); $AgentconfigsTable->save($Agentconfig); if (!$Agentconfig->hasErrors()) { @@ -350,7 +354,7 @@ public function updateCheckdata() { if (!empty($this->request->getData('checkdata')) && !empty($this->request->getData('hostuuid'))) { $AgentconfigsTable->updatePushNoticedForHostIfConfigExists($this->request->getData('hostuuid'), true); - if ($AgentconnectorTable->isTrustedFromUser($this->request->getData('hostuuid'))) { + if ($AgentconnectorTable->isTrustedFromUserAndSaveAgentconnectorIfMissing($this->request->getData())) { if (!$AgentconnectorTable->certificateNotYetGenerated($this->request->getData('hostuuid')) && !empty($this->request->getData('checksum'))) { //should have a certificate! if ($AgentconnectorTable->trustIsValid($this->request->getData('checksum'), $this->request->getData('hostuuid'))) { $receivedChecks = $this->processUpdateCheckdata($this->request->getData('hostuuid'), $this->request->getData('checkdata', '{}')); @@ -359,10 +363,10 @@ public function updateCheckdata() { //maybe frontend hint, that the agent certificate has changed (and if it should be trusted) } } else { //does not have a certificate or autossl option was disabled after creation - $receivedChecks = $this->processUpdateCheckdata($this->request->getData('hostuuid'), $this->request->getData('checkdata', '{}')); + $receivedChecks = $this->processUpdateCheckdata($this->request->getData('hostuuid'), $this->request->getData('checkdata', '{}', false)); } } else { - $receivedChecks = $this->processUpdateCheckdata($this->request->getData('hostuuid'), $this->request->getData('checkdata', '{}')); + $receivedChecks = $this->processUpdateCheckdata($this->request->getData('hostuuid'), $this->request->getData('checkdata', '{}', false)); } } @@ -373,9 +377,10 @@ public function updateCheckdata() { /** * @param $hostuuid * @param $checkdata + * @param bool $passDataToNagios * @return int */ - private function processUpdateCheckdata($hostuuid, $checkdata) { + private function processUpdateCheckdata($hostuuid, $checkdata, $passDataToNagios = true) { /** @var AgenthostscacheTable $AgenthostscacheTable */ $AgenthostscacheTable = TableRegistry::getTableLocator()->get('Agenthostscache'); $AgenthostscacheTable->saveCacheData($hostuuid, $checkdata); @@ -389,7 +394,7 @@ private function processUpdateCheckdata($hostuuid, $checkdata) { $GearmanClient = new Gearman(); $receivedChecks = 0; - if (isset($config['checks']) && is_array($config['checks']) && isset($config['mode']) && $config['mode'] === 'push') { + if (isset($config['checks']) && is_array($config['checks']) && isset($config['mode']) && $config['mode'] === 'push' && $passDataToNagios === true) { foreach ($config['checks'] as $pluginConfig) { $pluginName = $pluginConfig['plugin']; diff --git a/src/Model/Entity/Agentconfig.php b/src/Model/Entity/Agentconfig.php index 96dd724bdd..e9571c7b74 100644 --- a/src/Model/Entity/Agentconfig.php +++ b/src/Model/Entity/Agentconfig.php @@ -13,6 +13,7 @@ * @property bool $insecure * @property bool $basic_auth * @property string $password + * @property bool $proxy * @property bool $push_noticed * @property \Cake\I18n\FrozenTime $created * @property \Cake\I18n\FrozenTime $modified @@ -37,6 +38,7 @@ class Agentconfig extends Entity { 'basic_auth' => true, 'username' => true, 'password' => true, + 'proxy' => true, 'push_noticed' => true, 'created' => true, 'modified' => true, diff --git a/src/Model/Table/AgentconfigsTable.php b/src/Model/Table/AgentconfigsTable.php index 509d64845c..f3ac807f52 100644 --- a/src/Model/Table/AgentconfigsTable.php +++ b/src/Model/Table/AgentconfigsTable.php @@ -9,6 +9,7 @@ use Cake\ORM\Table; use Cake\ORM\TableRegistry; use Cake\Validation\Validator; +use itnovum\openITCOCKPIT\Core\FileDebugger; use itnovum\openITCOCKPIT\Database\PaginateOMat; use itnovum\openITCOCKPIT\Filter\AgentconfigsFilter; @@ -164,12 +165,21 @@ public function existsByHostId($host_id) { * @return array|\Cake\Datasource\EntityInterface|null */ public function getConfigByHostId($hostId, $defaultIfNoConfig = true) { + /** @var ProxiesTable $ProxiesTable */ + $ProxiesTable = TableRegistry::getTableLocator()->get('Proxies'); + $proxySettings = $ProxiesTable->getSettings(); + + $isSystemsettingsProxyEnabled = false; + if ($proxySettings['enabled']) { + $isSystemsettingsProxyEnabled = true; + } + $default = [ 'port' => 3333, 'use_https' => 0, 'insecure' => 1, 'basic_auth' => 0, - 'proxy' => 1, + 'proxy' => $isSystemsettingsProxyEnabled, 'username' => '', 'password' => '', 'push_noticed' => 0 @@ -189,7 +199,7 @@ public function getConfigByHostId($hostId, $defaultIfNoConfig = true) { 'use_https' => (int)$record->get('use_https'), 'insecure' => (int)$record->get('insecure'), 'basic_auth' => (int)$record->get('basic_auth'), - 'proxy' => (int)$record->get('proxy'), + 'proxy' => $record->get('proxy'), 'username' => $record->get('username'), 'password' => $record->get('password'), 'push_noticed' => (int)$record->get('push_noticed'), @@ -247,15 +257,14 @@ public function updatePushNoticedForHostIfConfigExists($hostUuid, $pushNoticed = $hostId = $HostsTable->getHostIdByUuid($hostUuid); $query = $this->find() - ->enableAutoFields() ->where([ 'host_id' => $hostId, ]) - ->first(); + ->firstOrFail(); + + $query->set('push_noticed', (int)$pushNoticed); + $this->save($query); - if (!empty($query)) { - $this->_update($query, ['push_noticed' => $pushNoticed]); - } } catch (\Exception $e) { //do nothing } diff --git a/src/Model/Table/AgentconnectorTable.php b/src/Model/Table/AgentconnectorTable.php index f7e716a98e..e8c50edc4e 100644 --- a/src/Model/Table/AgentconnectorTable.php +++ b/src/Model/Table/AgentconnectorTable.php @@ -6,8 +6,12 @@ use App\Lib\Traits\Cake2ResultTableTrait; use App\Lib\Traits\CustomValidationTrait; use App\Lib\Traits\PaginationAndScrollIndexTrait; +use Cake\Datasource\Exception\RecordNotFoundException; +use Cake\I18n\FrozenTime; use Cake\ORM\Table; use Cake\Validation\Validator; +use itnovum\openITCOCKPIT\Agent\AgentCertificateData; +use itnovum\openITCOCKPIT\Core\FileDebugger; use itnovum\openITCOCKPIT\Database\PaginateOMat; use itnovum\openITCOCKPIT\Filter\AgentconnectorAgentsFilter; @@ -175,6 +179,52 @@ public function isTrustedFromUser(string $hostuuid) { return (!empty($query)); } + /** + * @param array $hostuuid + * @return bool + */ + public function isTrustedFromUserAndSaveAgentconnectorIfMissing(array $request) { + $hostUuid = $request['hostuuid']; + $checksum = $request['checksum']; + + try { + $query = $this->find() + ->where([ + 'hostuuid' => $hostUuid, + 'trusted' => 1 + ])->firstOrFail(); + return (!empty($query)); + } catch (RecordNotFoundException $e) { + //No agent connector config found. Store the checksum of the agent cert into the database + + $AgentCertificateData = new AgentCertificateData(); + + $record = $this->newEntity([ + //'hostuuid' => $hostUuid, + //'checksum' => $checksum, + //'ca_checksum' => $AgentCertificateData->getCaChecksum(), + //'generation_date' => FrozenTime::now(), + //'remote_addr' => $_SERVER['REMOTE_ADDR'] ?? null, + //'http_x_forwarded_for' => $_SERVER['HTTP_X_FORWARDED_FOR'] ?? null, + //'trusted' => 0, + + 'hostuuid' => $hostUuid, + 'checksum' => null, + 'ca_checksum' => null, + 'generation_date' => null, + 'remote_addr' => $_SERVER['REMOTE_ADDR'] ?? null, + 'http_x_forwarded_for' => $_SERVER['HTTP_X_FORWARDED_FOR'] ?? null, + 'trusted' => 0 + ]); + + $this->save($record); + + //Agent is not trusted yet + return false; + } + } + + /** * @param string $hostuuid * @return bool diff --git a/src/Model/Table/HostsTable.php b/src/Model/Table/HostsTable.php index 95cafb2c0a..82433c67fa 100644 --- a/src/Model/Table/HostsTable.php +++ b/src/Model/Table/HostsTable.php @@ -2404,7 +2404,7 @@ public function getHostsThatUseOitcAgentForExport() { }) ->contain([ 'Agentconfigs' => function (Query $query) { - return $query->enableAutoFields()->select('push_noticed'); + return $query->enableAutoFields(); }, 'Agenthostscache' => function (Query $query) { return $query->enableAutoFields(); diff --git a/src/Template/Agentconnector/config.php b/src/Template/Agentconnector/config.php index e2250da5fb..0e96c5261f 100755 --- a/src/Template/Agentconnector/config.php +++ b/src/Template/Agentconnector/config.php @@ -566,6 +566,30 @@ class="form-control" + +
+
+ + +
+ Acl->hasPermission('index', 'proxy', '')): + echo __('Determine if the configured proxy should be used.'); + else: + echo __('Determine if the configured proxy should be used.'); + endif; + ?> +
+
+
+ diff --git a/src/Template/Agentconnector/pull_configurations.php b/src/Template/Agentconnector/pull_configurations.php index 6b14961dc9..82bf85e975 100644 --- a/src/Template/Agentconnector/pull_configurations.php +++ b/src/Template/Agentconnector/pull_configurations.php @@ -306,6 +306,15 @@ class="dropdown-item txt-color-red" + + Acl->hasPermission('index', 'proxy', '')): + echo __('Determine if the configured proxy should be used.'); + else: + echo __('Determine if the configured proxy should be used.'); + endif; + ?> +
@@ -331,6 +340,7 @@ class="dropdown-item txt-color-red"
diff --git a/src/itnovum/openITCOCKPIT/Agent/AgentCertificateData.php b/src/itnovum/openITCOCKPIT/Agent/AgentCertificateData.php index 16a69be913..bb8b2da3c3 100644 --- a/src/itnovum/openITCOCKPIT/Agent/AgentCertificateData.php +++ b/src/itnovum/openITCOCKPIT/Agent/AgentCertificateData.php @@ -106,6 +106,14 @@ public function signAgentCsr($csr, $updateDatabaseUsingHostUuid = '') { return ["signed" => $signedPublic, "ca" => $ca]; } + /** + * @return string + */ + public function getCaChecksum(){ + $ca = file_get_contents($this->getCaCertPath()); + return strtoupper(hash('sha512', $ca)); + } + public function generateServerCA() { // Generate initial agent server ca certificate $SystemId = new SystemId(); diff --git a/src/itnovum/openITCOCKPIT/Agent/HttpLoader.php b/src/itnovum/openITCOCKPIT/Agent/HttpLoader.php index 22f19f0f36..6d20207004 100644 --- a/src/itnovum/openITCOCKPIT/Agent/HttpLoader.php +++ b/src/itnovum/openITCOCKPIT/Agent/HttpLoader.php @@ -54,7 +54,7 @@ class HttpLoader { */ public function __construct($config, $hostaddress) { if (!isset($config['proxy'])) { - $config['proxy'] = 1; + $config['proxy'] = false; } $this->config = $config; $this->hostaddress = $hostaddress; @@ -77,7 +77,7 @@ private function buildConnectionOptions($config) { 'timeout' => 4 ]; - if ($proxySettings['enabled'] === 1 && $config['proxy'] === 1) { + if ($proxySettings['enabled'] && $config['proxy']) { $this->guzzleOptions['proxy'] = [ 'http' => sprintf('%s:%s', $proxySettings['ipaddress'], $proxySettings['port']), 'https' => sprintf('%s:%s', $proxySettings['ipaddress'], $proxySettings['port']) diff --git a/src/itnovum/openITCOCKPIT/Core/MonitoringEngine/NagiosConfigGenerator.php b/src/itnovum/openITCOCKPIT/Core/MonitoringEngine/NagiosConfigGenerator.php index a28d44ad55..99316a7fac 100644 --- a/src/itnovum/openITCOCKPIT/Core/MonitoringEngine/NagiosConfigGenerator.php +++ b/src/itnovum/openITCOCKPIT/Core/MonitoringEngine/NagiosConfigGenerator.php @@ -2785,6 +2785,11 @@ private function createOitcAgentJsonConfig() { $ProxiesTable = TableRegistry::getTableLocator()->get('Proxies'); $proxySettings = $ProxiesTable->getSettings(); + $isSystemsettingsProxyEnabled = false; + if ($proxySettings['enabled']) { + $isSystemsettingsProxyEnabled = true; + } + $hosts = $HostsTable->getHostsThatUseOitcAgentForExport(); if (empty($hosts)) { return; @@ -2801,12 +2806,18 @@ private function createOitcAgentJsonConfig() { if (!empty($services)) { if (!empty($host['agentconfig']) && $host['agentconfig']['push_noticed'] == 0) { + $proxy = false; + if ($isSystemsettingsProxyEnabled === true && $host['agentconfig']['proxy'] === true) { + //Proxy is enabled in systemsettings and enabled for this host. + $proxy = $proxySettings['ipaddress'] . ':' . $proxySettings['port']; + } + $config[$hostUuid] = [ 'name' => $host['name'], 'address' => $host['address'], 'uuid' => $hostUuid, 'port' => $host['agentconfig'] && $host['agentconfig']['port'] ? $host['agentconfig']['port'] : '', - 'proxy' => $host['agentconfig'] && $host['agentconfig']['proxy'] && $host['agentconfig']['proxy'] == 1 && $proxySettings['ipaddress'] != '' ? $proxySettings['ipaddress'] . ':' . $proxySettings['port'] : '', + 'proxy' => $proxy, 'use_https' => $host['agentconfig'] && $host['agentconfig']['use_https'] ? $host['agentconfig']['use_https'] : '', 'insecure' => $host['agentconfig'] && $host['agentconfig']['insecure'] ? $host['agentconfig']['insecure'] : '', 'basic_auth' => $host['agentconfig'] && $host['agentconfig']['basic_auth'] ? $host['agentconfig']['basic_auth'] : '', diff --git a/webroot/js/scripts/controllers/Agentconnector/AgentconnectorsConfigController.js b/webroot/js/scripts/controllers/Agentconnector/AgentconnectorsConfigController.js index be7115e5c5..4e6b6e34d3 100644 --- a/webroot/js/scripts/controllers/Agentconnector/AgentconnectorsConfigController.js +++ b/webroot/js/scripts/controllers/Agentconnector/AgentconnectorsConfigController.js @@ -34,7 +34,8 @@ angular.module('openITCOCKPIT') address: '0.0.0.0', port: 3333, interval: 30, - 'try-autossl': false, + 'try-autossl': true, + proxy: false, verbose: false, stacktrace: false, 'config-update-mode': false, @@ -166,6 +167,10 @@ angular.module('openITCOCKPIT') var tmpDefaultTemplate = '[default]\n'; var tmpOitcTemplate = '\n[oitc]\n'; for(var option in $scope.agentconfig){ + if(option === 'proxy'){ + continue; + } + var value = $scope.agentconfig[option]; if(option.includes('oitc-')){ @@ -210,6 +215,8 @@ angular.module('openITCOCKPIT') if(result.data.config.id){ $scope.agentconfigId = result.data.config.id; } + + $scope.agentconfig.proxy = result.data.config.proxy; } }, function errorCallback(result){ if(result.status === 403){ @@ -240,6 +247,7 @@ angular.module('openITCOCKPIT') basic_auth: basicAuth, username: basicAuthUsername, password: basicAuthPassword, + proxy: $scope.agentconfig.proxy, push_noticed: $scope.pushMode ? 1 : 0 } } @@ -252,6 +260,7 @@ angular.module('openITCOCKPIT') port: $scope.agentconfig.port, use_https: $scope.agentconfig['try-autossl'], basic_auth: basicAuth, + proxy: $scope.agentconfig.proxy, username: basicAuthUsername, password: basicAuthPassword }