Dockerfile.debian building and running

install/debian12/install_dependencies.debian12.sh

@@ -14,7 +14,7 @@ fi
 
 # Install dependencies
 apt-get install -y \
-    tini snmp ca-certificates curl libwww-perl arp-scan perl apt-utils cron sudo \
+    tini snmp ca-certificates curl libwww-perl arp-scan perl apt-utils cron sudo gettext-base \
     nginx-light php php-cgi php-fpm php-sqlite3 php-curl sqlite3 dnsutils net-tools \
     python3 python3-dev iproute2 nmap python3-pip zip usbutils traceroute nbtscan avahi-daemon avahi-utils openrc build-essential git
 
@@ -24,8 +24,8 @@ sudo phpenmod -v 8.2 sqlite3
 
 # setup virtual python environment so we can use pip3 to install packages
 apt-get install python3-venv -y
-python3 -m venv myenv
-source myenv/bin/activate
+python3 -m venv /opt/venv
+source /opt/venv/bin/activate
 
 update-alternatives --install /usr/bin/python python /usr/bin/python3 10
 

install/debian12/start.debian12.sh

@@ -102,10 +102,10 @@ else
   echo "The file ieee-oui.txt does not exist. Running update_vendors..."
 
   # Run the update_vendors.sh script
-  if [ -f "${INSTALL_PATH}/back/update_vendors.sh" ]; then
-    "${INSTALL_PATH}/back/update_vendors.sh"
+  if [ -f "${SYSTEM_SERVICES}/update_vendors.sh" ]; then
+    "${SYSTEM_SERVICES}/update_vendors.sh"
   else
-    echo "update_vendors.sh script not found in $INSTALL_DIR."    
+    echo "update_vendors.sh script not found in $SYSTEM_SERVICES."    
   fi
 fi
 
@@ -175,7 +175,7 @@ nginx -t || { echo "[INSTALL] nginx config test failed"; exit 1; }
 # sudo systemctl restart nginx
 
 #  Activate the virtual python environment
-source myenv/bin/activate
+source /opt/venv/bin/activate
 
 echo "[INSTALL] 🚀 Starting app - navigate to your <server IP>:${PORT}"
 

install/production-filesystem/entrypoint.sh

@@ -2,7 +2,7 @@
 
 set -u
 
-/services/capcheck.sh
+bash /services/capcheck.sh
 
 SERVICES=""
 FAILED_NAME=""
@@ -59,13 +59,17 @@ on_signal() {
     handle_exit
 }
 
+/services/update_vendors.sh &
+
 trap on_signal INT TERM
 
 [ ! -d "${NETALERTX_PLUGINS_LOG}" ] && mkdir -p "${NETALERTX_PLUGINS_LOG}"
 [ ! -f "${LOG_DB_IS_LOCKED}" ] && touch "${LOG_DB_IS_LOCKED}"
 [ ! -f "${LOG_EXECUTION_QUEUE}" ] && touch "${LOG_EXECUTION_QUEUE}"
 
-add_service "/services/start-crond.sh" "crond"
+if [ "${ENVIRONMENT:-}" ] && [ "${ENVIRONMENT:-}" != "debian" ]; then
+    add_service "/services/start-crond.sh" "crond"
+fi
 add_service "/services/start-php-fpm.sh" "php-fpm"
 add_service "/services/start-nginx.sh" "nginx"
 add_service "/services/start-backend.sh" "backend"
@@ -79,7 +83,8 @@ if [ "${NETALERTX_DEBUG:-0}" -eq 1 ]; then
 fi
 
 
-# This is the default action
+# If any service fails, we will shut down all others and exit with the same status.
+# This improves reliability in production environments by reinitializing the entire stack if one service fails.
 while [ -n "${SERVICES}" ]; do
     for entry in ${SERVICES}; do
         pid="${entry%%:*}"

install/production-filesystem/services/config/crond/netalertx

@@ -1,2 +1,4 @@
-# Schedule cron jobs
-* * * * * /app/back/cron_script.sh
+# Every minute check for cron jobs
+* * * * * /services/cron_script.sh
+# Update vendors 4x/d
+0 */6 * * * /services/update_vendors.sh

install/production-filesystem/services/cron_script.sh

@@ -0,0 +1,15 @@
+#!/bin/bash
+export INSTALL_DIR=/app
+
+
+
+# Check if there are any entries with cron_restart_backend
+if grep -q "cron_restart_backend" "${LOG_EXECUTION_QUEUE}"; then
+  # Restart python application using s6
+  killall python3
+  /services/start-backend.sh &
+  echo 'done'
+
+  # Remove all lines containing cron_restart_backend from the log file
+  sed -i '/cron_restart_backend/d' "${LOG_EXECUTION_QUEUE}"
+fi

install/production-filesystem/services/start-nginx.sh

@@ -32,8 +32,12 @@ while $(ps ax | grep -v -e "grep" -e "nginx.sh" | grep nginx >/dev/null); do
 	sleep 0.2
 done
 
-if ! envsubst '${LISTEN_ADDR} ${PORT}'< "${SYSTEM_NGINX_CONFIG_TEMPLATE}" > "${SYSTEM_NGINX_CONFIG_FILE}" 2>/dev/null; then
-    echo "Note: Unable to write to ${SYSTEM_NGINX_CONFIG_FILE}. Using default configuration."
+TEMP_CONFIG_FILE=$(mktemp "${TMP_DIR}/netalertx.conf.XXXXXX")
+if envsubst '${LISTEN_ADDR} ${PORT}' < "${SYSTEM_NGINX_CONFIG_TEMPLATE}" > "${TEMP_CONFIG_FILE}" 2>/dev/null; then
+	mv "${TEMP_CONFIG_FILE}" "${SYSTEM_NGINX_CONFIG_FILE}"
+else
+	echo "Note: Unable to write to ${SYSTEM_NGINX_CONFIG_FILE}. Using default configuration."
+	rm -f "${TEMP_CONFIG_FILE}"
 fi
 
 trap cleanup EXIT

install/production-filesystem/services/update_vendors.sh

@@ -0,0 +1,26 @@
+#!/usr/bin/env bash
+
+# ------------------------------------------------------------------------------
+#  NetAlertX
+#  Open Source Network Guard / WIFI & LAN intrusion detector 
+#
+#  update_vendors.sh - Back module. IEEE Vendors db update
+# ------------------------------------------------------------------------------
+#  Puche 2021 / 2022+ jokob             jokob@duck.com                GNU GPLv3
+# ------------------------------------------------------------------------------
+
+# ----------------------------------------------------------------------
+#  Main directories to update:
+#    /usr/share/arp-scan
+# ----------------------------------------------------------------------
+
+# Download the file using wget to stdout and process it
+wget -q "http://standards-oui.ieee.org/oui/oui.txt" -O /dev/stdout | \
+    sed -E 's/ *\(base 16\)//' | \
+    awk -F' ' '{printf "%s\t%s\n", $1, substr($0, index($0, $2))}' | \
+    sort | \
+    awk '{$1=$1; print}' | \
+    sort -u | \
+    awk -F' ' '{printf "%s\t%s\n", $1, substr($0, index($0, $2))}' \
+    > /services/run/tmp/ieee-oui.txt
+

install/ubuntu24/install.sh

@@ -243,10 +243,10 @@ else
   echo "[INSTALL] The file ieee-oui.txt does not exist. Running update_vendors..."
 
   # Run the update_vendors.sh script
-  if [ -f "${INSTALL_DIR}/back/update_vendors.sh" ]; then
-    "${INSTALL_DIR}/back/update_vendors.sh"
+  if [ -f "${SYSTEM_SERVICES}/update_vendors.sh" ]; then
+    "${SYSTEM_SERVICES}/update_vendors.sh"
   else
-    echo "[INSTALL] update_vendors.sh script not found in ${INSTALL_DIR}."    
+    echo "[INSTALL] update_vendors.sh script not found in ${SYSTEM_SERVICES}."    
   fi
 fi