vh/NetAlertX
1
0
Fork 0
mirror of https://github.com/jokob-sk/NetAlertX.git synced 2025-12-07 09:36:05 -08:00
Code Issues Actions Packages Projects Releases Wiki Activity

Scanning Operational with monitoring

Browse Source
This commit is contained in:
Adam Outler
2025-09-30 22:01:03 -04:00
parent 044035ef62
commit 0cd1dc8987
15 changed files with 739 additions and 116 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
install/production-filesystem/build/init-nginx.sh
View File

@@ -1,4 +1,4 @@
#!/bin/bash
echo "Initializing nginx..."
#Future crond initializations can go here.
install -d -o netalertx -g netalertx -m 700 /app/run/tmp/client_body;
echo "nginx initialized."

102
install/production-filesystem/entrypoint.sh
View File

@@ -1,28 +1,88 @@
#!/bin/bash
#!/bin/sh
set -u
# verify container capabilities at startup
/services/capcheck.sh
# Function to clean up background processes
cleanup() {
echo "Caught signal, shutting down services..."
# Kill all background jobs
kill $(jobs -p)
wait
echo "All services stopped."
exit 0
SERVICES=""
FAILED_NAME=""
FAILED_STATUS=0
add_service() {
script="$1"
name="$2"
"$script" &
pid=$!
SERVICES="${SERVICES} ${pid}:${name}"
}
# Trap SIGINT (Ctrl+C) and SIGTERM (docker stop)
trap cleanup SIGINT SIGTERM
remove_service() {
target_pid="$1"
updated=""
for entry in ${SERVICES}; do
pid="${entry%%:*}"
[ -z "${pid}" ] && continue
[ "${pid}" = "${target_pid}" ] && continue
updated="${updated} ${entry}"
done
SERVICES="${updated}"
}
# Start all necessary services for NetAlertX in the background
/services/start-crond.sh &
/services/start-php-fpm.sh &
/services/start-nginx.sh &
/services/start-backend.sh &
shutdown_services() {
for entry in ${SERVICES}; do
pid="${entry%%:*}"
[ -z "${pid}" ] && continue
if kill -0 "${pid}" 2>/dev/null; then
kill "${pid}" 2>/dev/null || true
fi
done
for entry in ${SERVICES}; do
pid="${entry%%:*}"
[ -z "${pid}" ] && continue
wait "${pid}" 2>/dev/null || true
done
echo "All services stopped."
}
# Wait for any background process to exit
wait -n
# Trigger cleanup if any process exits
cleanup
handle_exit() {
if [ -n "${FAILED_NAME}" ]; then
echo "Service ${FAILED_NAME} exited with status ${FAILED_STATUS}."
fi
shutdown_services
exit "${FAILED_STATUS}"
}
on_signal() {
echo "Caught signal, shutting down services..."
FAILED_NAME="signal"
FAILED_STATUS=143
handle_exit
}
trap on_signal INT TERM
[ ! -d "${NETALERTX_PLUGINS_LOG}" ] && mkdir -p "${NETALERTX_PLUGINS_LOG}"
[ ! -f "${LOG_DB_IS_LOCKED}" ] && touch "${LOG_DB_IS_LOCKED}"
[ ! -f "${LOG_EXECUTION_QUEUE}" ] && touch "${LOG_EXECUTION_QUEUE}"
add_service "/services/start-crond.sh" "crond"
add_service "/services/start-php-fpm.sh" "php-fpm"
add_service "/services/start-nginx.sh" "nginx"
add_service "/services/start-backend.sh" "backend"
while [ -n "${SERVICES}" ]; do
for entry in ${SERVICES}; do
pid="${entry%%:*}"
name="${entry#*:}"
[ -z "${pid}" ] && continue
if ! kill -0 "${pid}" 2>/dev/null; then
wait "${pid}" 2>/dev/null
status=$?
FAILED_STATUS=$status
FAILED_NAME="${name}"
remove_service "${pid}"
handle_exit
fi
done
sleep 1
done

98
install/production-filesystem/services/config/nginx/mime.types Normal file
View File

@@ -0,0 +1,98 @@
types {
text/html html htm shtml;
text/css css;
text/xml xml;
image/gif gif;
image/jpeg jpeg jpg;
application/javascript js;
application/atom+xml atom;
application/rss+xml rss;
text/mathml mml;
text/plain txt;
text/vnd.sun.j2me.app-descriptor jad;
text/vnd.wap.wml wml;
text/x-component htc;
image/avif avif;
image/png png;
image/svg+xml svg svgz;
image/tiff tif tiff;
image/vnd.wap.wbmp wbmp;
image/webp webp;
image/x-icon ico;
image/x-jng jng;
image/x-ms-bmp bmp;
font/woff woff;
font/woff2 woff2;
application/java-archive jar war ear;
application/json json;
application/mac-binhex40 hqx;
application/msword doc;
application/pdf pdf;
application/postscript ps eps ai;
application/rtf rtf;
application/vnd.apple.mpegurl m3u8;
application/vnd.google-earth.kml+xml kml;
application/vnd.google-earth.kmz kmz;
application/vnd.ms-excel xls;
application/vnd.ms-fontobject eot;
application/vnd.ms-powerpoint ppt;
application/vnd.oasis.opendocument.graphics odg;
application/vnd.oasis.opendocument.presentation odp;
application/vnd.oasis.opendocument.spreadsheet ods;
application/vnd.oasis.opendocument.text odt;
application/vnd.openxmlformats-officedocument.presentationml.presentation
pptx;
application/vnd.openxmlformats-officedocument.spreadsheetml.sheet
xlsx;
application/vnd.openxmlformats-officedocument.wordprocessingml.document
docx;
application/vnd.wap.wmlc wmlc;
application/wasm wasm;
application/x-7z-compressed 7z;
application/x-cocoa cco;
application/x-java-archive-diff jardiff;
application/x-java-jnlp-file jnlp;
application/x-makeself run;
application/x-perl pl pm;
application/x-pilot prc pdb;
application/x-rar-compressed rar;
application/x-redhat-package-manager rpm;
application/x-sea sea;
application/x-shockwave-flash swf;
application/x-stuffit sit;
application/x-tcl tcl tk;
application/x-x509-ca-cert der pem crt;
application/x-xpinstall xpi;
application/xhtml+xml xhtml;
application/xspf+xml xspf;
application/zip zip;
application/octet-stream bin exe dll;
application/octet-stream deb;
application/octet-stream dmg;
application/octet-stream iso img;
application/octet-stream msi msp msm;
audio/midi mid midi kar;
audio/mpeg mp3;
audio/ogg ogg;
audio/x-m4a m4a;
audio/x-realaudio ra;
video/3gpp 3gpp 3gp;
video/mp2t ts;
video/mp4 mp4;
video/mpeg mpeg mpg;
video/quicktime mov;
video/webm webm;
video/x-flv flv;
video/x-m4v m4v;
video/x-mng mng;
video/x-ms-asf asx asf;
video/x-ms-wmv wmv;
video/x-msvideo avi;
}

13
install/production-filesystem/services/config/nginx/nginx.conf
View File

@@ -1,5 +1,3 @@
pid /services/run/nginx.pid;
# Set number of worker processes automatically based on number of CPU cores.
worker_processes auto;
@@ -9,9 +7,6 @@ pcre_jit on;
# Configures default error logger.
error_log /app/log/nginx-error.log warn;
# Includes files with directives to load dynamic modules.
include /etc/nginx/modules/*.conf;
events {
# The maximum number of simultaneous connections that can be opened by
# a worker process.
@@ -19,9 +14,15 @@ events {
}
http {
client_body_temp_path /services/run/tmp/client_body;
proxy_temp_path /services/run/tmp/proxy;
fastcgi_temp_path /services/run/tmp/fastcgi;
uwsgi_temp_path /services/run/tmp/uwsgi;
scgi_temp_path /services/run/tmp/scgi;
# Includes mapping of file name extensions to MIME types of responses
# and defines the default type.
include /etc/nginx/mime.types;
include /services/config/nginx/mime.types;
default_type application/octet-stream;
# Name servers used to resolve names of upstream servers into addresses.

26
install/production-filesystem/services/start-backend.sh
View File

@@ -1,6 +1,8 @@
#!/bin/bash
set -euo pipefail
echo "Starting backend..."
cd "${NETALERTX_APP}" || exit
cd "${NETALERTX_APP}" || exit 1
# Change user to netalertx
export PYTHONPATH="${NETALERTX_SERVER}:${NETALERTX_APP}"
@@ -9,5 +11,25 @@ if [ -f /services/config/python/backend-extra-launch-parameters ]; then
EXTRA_PARAMS=$(cat /services/config/python/backend-extra-launch-parameters)
fi
backend_pid=""
cleanup() {
status=$?
echo "Backend stopped! (exit ${status})"
}
forward_signal() {
if [[ -n "${backend_pid}" ]]; then
kill -TERM "${backend_pid}" 2>/dev/null || true
fi
}
trap cleanup EXIT
trap forward_signal INT TERM
# Start the backend, teeing stdout and stderr to log files and the container's console
python3 ${EXTRA_PARAMS} -m server > >(tee /app/log/stdout.log) 2> >(tee /app/log/stderr.log >&2)
python3 ${EXTRA_PARAMS} -m server > >(tee /app/log/stdout.log) 2> >(tee /app/log/stderr.log >&2) &
backend_pid=$!
wait "${backend_pid}"
exit $?

25
install/production-filesystem/services/start-crond.sh
View File

@@ -1,3 +1,26 @@
#!/bin/bash
set -euo pipefail
echo "Starting crond..."
exec /usr/sbin/crond -c ${SYSTEM_SERVICES_CROND} -f -L "${LOG_CROND}"
crond_pid=""
cleanup() {
status=$?
echo "Crond stopped! (exit ${status})"
}
forward_signal() {
if [[ -n "${crond_pid}" ]]; then
kill -TERM "${crond_pid}" 2>/dev/null || true
fi
}
trap cleanup EXIT
trap forward_signal INT TERM
/usr/sbin/crond -c "${SYSTEM_SERVICES_CROND}" -f -L "${LOG_CROND}" >> "${LOG_CROND}" 2>&1 &
crond_pid=$!
wait "${crond_pid}"
exit $?

31
install/production-filesystem/services/start-nginx.sh
View File

@@ -1,14 +1,37 @@
#!/bin/bash
set -euo pipefail
LOG_DIR=${NETALERTX_APP}
RUN_DIR=${SYSTEM_SERVICES_RUN}
TMP_DIR=${SYSTEM_SERVICES_RUN_TMP}
NGINX_CONFIG_FILE=${NGINX_CONFIG_FILE}
# Create directories if they don't exist
mkdir -p "${LOG_DIR}" "${RUN_DIR}" "${TMP_DIR}"
echo "Starting nginx..."
nginx_pid=""
cleanup() {
status=$?
echo "nginx stopped! (exit ${status})"
}
forward_signal() {
if [[ -n "${nginx_pid}" ]]; then
kill -TERM "${nginx_pid}" 2>/dev/null || true
fi
}
trap cleanup EXIT
trap forward_signal INT TERM
# Execute nginx with overrides
exec nginx \
nginx \
-p "${RUN_DIR}/" \
-c "${NGINX_CONFIG_FILE}" \
-g "error_log ${LOG_DIR}/nginx.error.log; pid ${RUN_DIR}/nginx.pid; daemon off;"
-c "${SYSTEM_NGINX_CONFIG_FILE}" \
-g "error_log ${NETALERTX_LOG}/nginx-error.log; pid ${RUN_DIR}/nginx.pid; daemon off;" &
nginx_pid=$!
wait "${nginx_pid}"
exit $?

25
install/production-filesystem/services/start-php-fpm.sh
View File

@@ -1,3 +1,26 @@
#!/bin/bash
set -euo pipefail
echo "Starting php-fpm..."
exec /usr/sbin/php-fpm83 -y ${PHP_FPM_CONFIG_FILE} -F >> "${LOG_APP_PHP_ERRORS}" 2>&1
php_fpm_pid=""
cleanup() {
status=$?
echo "php-fpm stopped! (exit ${status})"
}
forward_signal() {
if [[ -n "${php_fpm_pid}" ]]; then
kill -TERM "${php_fpm_pid}" 2>/dev/null || true
fi
}
trap cleanup EXIT
trap forward_signal INT TERM
/usr/sbin/php-fpm83 -y "${PHP_FPM_CONFIG_FILE}" -F >> "${LOG_APP_PHP_ERRORS}" 2>&1 &
php_fpm_pid=$!
wait "${php_fpm_pid}"
exit $?