vh/NetAlertX
1
0
Fork 0
mirror of https://github.com/jokob-sk/NetAlertX.git synced 2025-12-06 17:15:38 -08:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

Merge branch 'main' into hadolint-fixes

Browse Source
This commit is contained in:
Adam Outler
2025-11-23 19:25:45 -05:00
committed by GitHub
parent b0bd3c8191 c753da9e15
commit 30071c6848
27 changed files with 110 additions and 79 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
.devcontainer/Dockerfile
View File

@@ -64,7 +64,6 @@ ENV LOG_IP_CHANGES=${NETALERTX_LOG}/IP_changes.log
ENV LOG_APP=${NETALERTX_LOG}/app.log ENV LOG_APP=${NETALERTX_LOG}/app.log
ENV LOG_APP_FRONT=${NETALERTX_LOG}/app_front.log ENV LOG_APP_FRONT=${NETALERTX_LOG}/app_front.log
ENV LOG_REPORT_OUTPUT_TXT=${NETALERTX_LOG}/report_output.txt ENV LOG_REPORT_OUTPUT_TXT=${NETALERTX_LOG}/report_output.txt
ENV LOG_CRON=${NETALERTX_LOG}/supercronic
ENV LOG_DB_IS_LOCKED=${NETALERTX_LOG}/db_is_locked.log ENV LOG_DB_IS_LOCKED=${NETALERTX_LOG}/db_is_locked.log
ENV LOG_REPORT_OUTPUT_HTML=${NETALERTX_LOG}/report_output.html ENV LOG_REPORT_OUTPUT_HTML=${NETALERTX_LOG}/report_output.html
ENV LOG_STDERR=${NETALERTX_LOG}/stderr.log ENV LOG_STDERR=${NETALERTX_LOG}/stderr.log
@@ -250,7 +249,7 @@ USER root
RUN apk add --no-cache git nano vim jq php83-pecl-xdebug py3-pip nodejs sudo gpgconf pytest \ RUN apk add --no-cache git nano vim jq php83-pecl-xdebug py3-pip nodejs sudo gpgconf pytest \
pytest-cov zsh alpine-zsh-config shfmt github-cli py3-yaml py3-docker-py docker-cli docker-cli-buildx \ pytest-cov zsh alpine-zsh-config shfmt github-cli py3-yaml py3-docker-py docker-cli docker-cli-buildx \
docker-cli-compose docker-cli-compose shellcheck
# Install hadolint (Dockerfile linter) # Install hadolint (Dockerfile linter)
RUN curl -L https://github.com/hadolint/hadolint/releases/latest/download/hadolint-Linux-x86_64 -o /usr/local/bin/hadolint && \ RUN curl -L https://github.com/hadolint/hadolint/releases/latest/download/hadolint-Linux-x86_64 -o /usr/local/bin/hadolint && \

3
.devcontainer/devcontainer.json
View File

@@ -76,7 +76,8 @@
"mkhl.shfmt", "mkhl.shfmt",
"charliermarsh.ruff", "charliermarsh.ruff",
"ms-python.flake8", "ms-python.flake8",
"exiasr.hadolint" "exiasr.hadolint",
"timonwong.shellcheck"
], ],
"settings": { "settings": {
"terminal.integrated.cwd": "${containerWorkspaceFolder}", "terminal.integrated.cwd": "${containerWorkspaceFolder}",

2
.devcontainer/resources/devcontainer-Dockerfile
View File

@@ -24,7 +24,7 @@ USER root
RUN apk add --no-cache git nano vim jq php83-pecl-xdebug py3-pip nodejs sudo gpgconf pytest \ RUN apk add --no-cache git nano vim jq php83-pecl-xdebug py3-pip nodejs sudo gpgconf pytest \
pytest-cov zsh alpine-zsh-config shfmt github-cli py3-yaml py3-docker-py docker-cli docker-cli-buildx \ pytest-cov zsh alpine-zsh-config shfmt github-cli py3-yaml py3-docker-py docker-cli docker-cli-buildx \
docker-cli-compose docker-cli-compose shellcheck
# Install hadolint (Dockerfile linter) # Install hadolint (Dockerfile linter)
RUN curl -L https://github.com/hadolint/hadolint/releases/latest/download/hadolint-Linux-x86_64 -o /usr/local/bin/hadolint && \ RUN curl -L https://github.com/hadolint/hadolint/releases/latest/download/hadolint-Linux-x86_64 -o /usr/local/bin/hadolint && \

27
.devcontainer/scripts/generate-configs.sh
View File

@@ -7,27 +7,28 @@
# the final .devcontainer/Dockerfile used by the devcontainer. # the final .devcontainer/Dockerfile used by the devcontainer.
echo "Generating .devcontainer/Dockerfile" echo "Generating .devcontainer/Dockerfile"
SCRIPT_DIR="$(CDPATH= cd -- "$(dirname -- "$0")" && pwd)" SCRIPT_PATH=$(set -- "$0"; dirname -- "$1")
SCRIPT_DIR=$(cd "$SCRIPT_PATH" && pwd -P)
DEVCONTAINER_DIR="${SCRIPT_DIR%/scripts}" DEVCONTAINER_DIR="${SCRIPT_DIR%/scripts}"
ROOT_DIR="${DEVCONTAINER_DIR%/.devcontainer}" ROOT_DIR="${DEVCONTAINER_DIR%/.devcontainer}"
OUT_FILE="${DEVCONTAINER_DIR}/Dockerfile" OUT_FILE="${DEVCONTAINER_DIR}/Dockerfile"
echo "Adding base Dockerfile from $ROOT_DIR..." echo "Adding base Dockerfile from $ROOT_DIR and merging to devcontainer-Dockerfile"
{
echo "# DO NOT MODIFY THIS FILE DIRECTLY. IT IS AUTO-GENERATED BY .devcontainer/scripts/generate-configs.sh" > "$OUT_FILE" echo "# DO NOT MODIFY THIS FILE DIRECTLY. IT IS AUTO-GENERATED BY .devcontainer/scripts/generate-configs.sh"
echo "" >> "$OUT_FILE" echo ""
echo "# ---/Dockerfile---" >> "$OUT_FILE" echo "# ---/Dockerfile---"
cat "${ROOT_DIR}/Dockerfile" >> "$OUT_FILE" cat "${ROOT_DIR}/Dockerfile"
echo "" >> "$OUT_FILE" echo ""
echo "# ---/resources/devcontainer-Dockerfile---" >> "$OUT_FILE" echo "# ---/resources/devcontainer-Dockerfile---"
echo "" >> "$OUT_FILE" echo ""
cat "${DEVCONTAINER_DIR}/resources/devcontainer-Dockerfile"
} > "$OUT_FILE"
echo "Adding devcontainer-Dockerfile from $DEVCONTAINER_DIR/resources..." echo "Generated $OUT_FILE using root dir $ROOT_DIR"
cat "${DEVCONTAINER_DIR}/resources/devcontainer-Dockerfile" >> "$OUT_FILE"
echo "Generated $OUT_FILE using root dir $ROOT_DIR" >&2
echo "Done." echo "Done."

1
.devcontainer/scripts/setup.sh
View File

@@ -16,7 +16,6 @@
SOURCE_DIR=${SOURCE_DIR:-/workspaces/NetAlertX} SOURCE_DIR=${SOURCE_DIR:-/workspaces/NetAlertX}
PY_SITE_PACKAGES="${VIRTUAL_ENV:-/opt/venv}/lib/python3.12/site-packages" PY_SITE_PACKAGES="${VIRTUAL_ENV:-/opt/venv}/lib/python3.12/site-packages"
SOURCE_SERVICES_DIR="${SOURCE_DIR}/install/production-filesystem/services"
LOG_FILES=( LOG_FILES=(
LOG_APP LOG_APP

2
back/cron_script.sh
View File

@@ -1,8 +1,6 @@
#!/bin/bash #!/bin/bash
export INSTALL_DIR=/app export INSTALL_DIR=/app
LOG_FILE="${INSTALL_DIR}/log/execution_queue.log"
if [ -f "${LOG_EXECUTION_QUEUE}" ] && grep -q "cron_restart_backend" "${LOG_EXECUTION_QUEUE}"; then if [ -f "${LOG_EXECUTION_QUEUE}" ] && grep -q "cron_restart_backend" "${LOG_EXECUTION_QUEUE}"; then
echo "$(date): Restarting backend triggered by cron_restart_backend" echo "$(date): Restarting backend triggered by cron_restart_backend"
killall python3 || echo "killall python3 failed or no process found" killall python3 || echo "killall python3 failed or no process found"

2
install/debian12/install.debian12.sh
View File

@@ -24,7 +24,7 @@ apt-get install sudo -y
apt-get install -y git apt-get install -y git
# Clean the directory # Clean the directory
rm -R $INSTALL_DIR/ rm -R ${INSTALL_DIR:?}/
# Clone the application repository # Clone the application repository
git clone https://github.com/jokob-sk/NetAlertX "$INSTALL_DIR/" git clone https://github.com/jokob-sk/NetAlertX "$INSTALL_DIR/"

2
install/debian12/install_dependencies.debian12.sh
View File

@@ -34,6 +34,8 @@ sudo phpenmod -v 8.2 sqlite3
# setup virtual python environment so we can use pip3 to install packages # setup virtual python environment so we can use pip3 to install packages
apt-get install python3-venv -y apt-get install python3-venv -y
python3 -m venv /opt/venv python3 -m venv /opt/venv
# Shell check doesn't recognize source command because it's not in the repo, it is in the system at runtime
# shellcheck disable=SC1091
source /opt/venv/bin/activate source /opt/venv/bin/activate
update-alternatives --install /usr/bin/python python /usr/bin/python3 10 update-alternatives --install /usr/bin/python python /usr/bin/python3 10

2
install/debian12/start.debian12.sh
View File

@@ -175,6 +175,8 @@ nginx -t || { echo "[INSTALL] nginx config test failed"; exit 1; }
# sudo systemctl restart nginx # sudo systemctl restart nginx
# Activate the virtual python environment # Activate the virtual python environment
# Shell check doesn't recognize source command because it's not in the repo, it is in the system at runtime
# shellcheck disable=SC1091
source /opt/venv/bin/activate source /opt/venv/bin/activate
echo "[INSTALL] 🚀 Starting app - navigate to your <server IP>:${PORT}" echo "[INSTALL] 🚀 Starting app - navigate to your <server IP>:${PORT}"

2
install/production-filesystem/build/init-cron.sh
View File

@@ -1,5 +1,5 @@
#!/bin/bash #!/bin/bash
echo "Initializing cron..." echo "Initializing cron..."
# Placeholder for cron initialization commands # Placeholder for cron initialization commands
echo "cron initialized." echo "cron initialized."

2
install/production-filesystem/build/init-nginx.sh
View File

@@ -1,4 +1,4 @@
#!/bin/bash #!/bin/bash
echo "Initializing nginx..." echo "Initializing nginx..."
install -d -o netalertx -g netalertx -m 700 ${SYSTEM_SERVICES_RUN_TMP}/client_body; install -d -o netalertx -g netalertx -m 700 "${SYSTEM_SERVICES_RUN_TMP}/client_body";
echo "nginx initialized." echo "nginx initialized."

13
install/production-filesystem/entrypoint.d/0-storage-permission.sh
View File

@@ -51,12 +51,13 @@ if [ "$(id -u)" -eq 0 ]; then
EOF EOF
>&2 printf "%s" "${RESET}" >&2 printf "%s" "${RESET}"
# Set ownership to netalertx user for all read-write paths # Set ownership and permissions for each read-write path individually
chown -R netalertx ${READ_WRITE_PATHS} 2>/dev/null || true printf '%s\n' "${READ_WRITE_PATHS}" | while IFS= read -r path; do
[ -n "${path}" ] || continue
# Set directory and file permissions for all read-write paths chown -R netalertx "${path}" 2>/dev/null || true
find ${READ_WRITE_PATHS} -type d -exec chmod u+rwx {} \; find "${path}" -type d -exec chmod u+rwx {} \;
find ${READ_WRITE_PATHS} -type f -exec chmod u+rw {} \; find "${path}" -type f -exec chmod u+rw {} \;
done
echo Permissions fixed for read-write paths. Please restart the container as user 20211. echo Permissions fixed for read-write paths. Please restart the container as user 20211.
sleep infinity & wait $! sleep infinity & wait $!
fi fi

6
install/production-filesystem/entrypoint.d/01-data-migration.sh
View File

@@ -16,11 +16,11 @@ LEGACY_DB=/app/db
MARKER_NAME=.migration MARKER_NAME=.migration
is_mounted() { is_mounted() {
local path="$1" my_path="$1"
if [ ! -d "${path}" ]; then if [ ! -d "${my_path}" ]; then
return 1 return 1
fi fi
mountpoint -q "${path}" 2>/dev/null mountpoint -q "${my_path}" 2>/dev/null
} }
warn_unmount_legacy() { warn_unmount_legacy() {

2
install/production-filesystem/entrypoint.d/15-first-run-config.sh
View File

@@ -2,7 +2,7 @@
# first-run-check.sh - Checks and initializes configuration files on first run # first-run-check.sh - Checks and initializes configuration files on first run
# Check for app.conf and deploy if required # Check for app.conf and deploy if required
if [ ! -f ${NETALERTX_CONFIG}/app.conf ]; then if [ ! -f "${NETALERTX_CONFIG}/app.conf" ]; then
mkdir -p "${NETALERTX_CONFIG}" || { mkdir -p "${NETALERTX_CONFIG}" || {
>&2 echo "ERROR: Failed to create config directory ${NETALERTX_CONFIG}" >&2 echo "ERROR: Failed to create config directory ${NETALERTX_CONFIG}"
exit 1 exit 1

4
install/production-filesystem/entrypoint.d/20-first-run-db.sh
View File

@@ -441,7 +441,9 @@ CREATE TRIGGER "trg_delete_devices"
END; END;
end-of-database-schema end-of-database-schema
if [ $? -ne 0 ]; then database_creation_status=$?
if [ $database_creation_status -ne 0 ]; then
RED=$(printf '\033[1;31m') RED=$(printf '\033[1;31m')
RESET=$(printf '\033[0m') RESET=$(printf '\033[0m')
>&2 printf "%s" "${RED}" >&2 printf "%s" "${RED}"

10
install/production-filesystem/entrypoint.sh
View File

@@ -50,7 +50,7 @@ fi
RED='\033[1;31m' RED='\033[1;31m'
GREY='\033[90m' GREY='\033[90m'
RESET='\033[0m' RESET='\033[0m'
printf "${RED}" printf "%s" "${RED}"
echo ' echo '
_ _ _ ___ _ _ __ __ _ _ _ ___ _ _ __ __
| \ | | | | / _ \| | | | \ \ / / | \ | | | | / _ \| | | | \ \ / /
@@ -60,7 +60,7 @@ echo '
\_| \_/\___|\__\_| |_/_|\___|_| \__\/ \/ \_| \_/\___|\__\_| |_/_|\___|_| \__\/ \/
' '
printf "\033[0m" printf "%s" "${RESET}"
echo ' Network intruder and presence detector. echo ' Network intruder and presence detector.
https://netalertx.com https://netalertx.com
@@ -69,7 +69,7 @@ set -u
FAILED_STATUS="" FAILED_STATUS=""
echo "Startup pre-checks" echo "Startup pre-checks"
for script in ${ENTRYPOINT_CHECKS}/*; do for script in "${ENTRYPOINT_CHECKS}"/*; do
if [ -n "${SKIP_TESTS:-}" ]; then if [ -n "${SKIP_TESTS:-}" ]; then
echo "Skipping startup checks as SKIP_TESTS is set." echo "Skipping startup checks as SKIP_TESTS is set."
break break
@@ -77,7 +77,7 @@ for script in ${ENTRYPOINT_CHECKS}/*; do
script_name=$(basename "$script" | sed 's/^[0-9]*-//;s/\.(sh|py)$//;s/-/ /g') script_name=$(basename "$script" | sed 's/^[0-9]*-//;s/\.(sh|py)$//;s/-/ /g')
echo "--> ${script_name} " echo "--> ${script_name} "
if [ -n "${SKIP_STARTUP_CHECKS:-}" ] && echo "${SKIP_STARTUP_CHECKS}" | grep -q "\b${script_name}\b"; then if [ -n "${SKIP_STARTUP_CHECKS:-}" ] && echo "${SKIP_STARTUP_CHECKS}" | grep -q "\b${script_name}\b"; then
printf "${GREY}skip${RESET}\n" printf "%sskip%s\n" "${GREY}" "${RESET}"
continue continue
fi fi
@@ -134,7 +134,7 @@ fi
# Update vendor data (MAC address OUI database) in the background # Update vendor data (MAC address OUI database) in the background
# This happens concurrently with service startup to avoid blocking container readiness # This happens concurrently with service startup to avoid blocking container readiness
bash ${SYSTEM_SERVICES_SCRIPTS}/update_vendors.sh & bash "${SYSTEM_SERVICES_SCRIPTS}/update_vendors.sh" &

5
install/production-filesystem/services/start-backend.sh
View File

@@ -3,7 +3,7 @@
cd "${NETALERTX_APP}" || exit 1 cd "${NETALERTX_APP}" || exit 1
max_attempts=50 # 10 seconds total (50 * 0.2s) max_attempts=50 # 10 seconds total (50 * 0.2s)
attempt=0 attempt=0
while ps ax | grep -v grep | grep -q python3 && [ $attempt -lt $max_attempts ]; do while pgrep -x python3 >/dev/null && [ $attempt -lt $max_attempts ]; do
killall -TERM python3 &>/dev/null killall -TERM python3 &>/dev/null
sleep 0.2 sleep 0.2
((attempt++)) ((attempt++))
@@ -12,4 +12,5 @@ done
killall -KILL python3 &>/dev/null killall -KILL python3 &>/dev/null
echo "Starting python3 $(cat /services/config/python/backend-extra-launch-parameters 2>/dev/null) -m server > ${NETALERTX_LOG}/stdout.log 2> >(tee ${NETALERTX_LOG}/stderr.log >&2)" echo "Starting python3 $(cat /services/config/python/backend-extra-launch-parameters 2>/dev/null) -m server > ${NETALERTX_LOG}/stdout.log 2> >(tee ${NETALERTX_LOG}/stderr.log >&2)"
exec python3 $(cat /services/config/python/backend-extra-launch-parameters 2>/dev/null) -m server > ${NETALERTX_LOG}/stdout.log 2> >(tee ${NETALERTX_LOG}/stderr.log >&2) read -ra EXTRA_PARAMS < <(cat /services/config/python/backend-extra-launch-parameters 2>/dev/null)
exec python3 "${EXTRA_PARAMS[@]}" -m server > "${NETALERTX_LOG}/stdout.log" 2> >(tee "${NETALERTX_LOG}/stderr.log" >&2)

6
install/production-filesystem/services/start-cron.sh
View File

@@ -4,18 +4,22 @@ set -euo pipefail
crond_pid="" crond_pid=""
# Called externally, but shellcheck does not see that and claims it is unused.
# shellcheck disable=SC2329,SC2317
cleanup() { cleanup() {
status=$? status=$?
echo "Supercronic stopped! (exit ${status})" echo "Supercronic stopped! (exit ${status})"
} }
# Called externally, but shellcheck does not see that and claims it is unused.
# shellcheck disable=SC2329,SC2317
forward_signal() { forward_signal() {
if [[ -n "${crond_pid}" ]]; then if [[ -n "${crond_pid}" ]]; then
kill -TERM "${crond_pid}" 2>/dev/null || true kill -TERM "${crond_pid}" 2>/dev/null || true
fi fi
} }
while ps ax | grep -v -e grep -e '.sh' | grep crond >/dev/null 2>&1; do while pgrep -x crond >/dev/null 2>&1; do
killall crond &>/dev/null killall crond &>/dev/null
sleep 0.2 sleep 0.2
done done

9
install/production-filesystem/services/start-nginx.sh
View File

@@ -11,11 +11,15 @@ mkdir -p "${LOG_DIR}" "${RUN_DIR}" "${TMP_DIR}"
nginx_pid="" nginx_pid=""
# Called externally, but shellcheck does not see that and claims it is unused.
# shellcheck disable=SC2329,SC2317
cleanup() { cleanup() {
status=$? status=$?
echo "nginx stopped! (exit ${status})" echo "nginx stopped! (exit ${status})"
} }
# Called externally, but shellcheck does not see that and claims it is unused.
# shellcheck disable=SC2329,SC2317
forward_signal() { forward_signal() {
if [[ -n "${nginx_pid}" ]]; then if [[ -n "${nginx_pid}" ]]; then
kill -TERM "${nginx_pid}" 2>/dev/null || true kill -TERM "${nginx_pid}" 2>/dev/null || true
@@ -24,12 +28,15 @@ forward_signal() {
# When in devcontainer we must kill any existing nginx processes # When in devcontainer we must kill any existing nginx processes
while ps ax | grep -v -e "grep" -e "nginx.sh" | grep nginx >/dev/null 2>&1; do while pgrep -x nginx >/dev/null 2>&1; do
killall nginx &>/dev/null || true killall nginx &>/dev/null || true
sleep 0.2 sleep 0.2
done done
TEMP_CONFIG_FILE=$(mktemp "${TMP_DIR}/netalertx.conf.XXXXXX") TEMP_CONFIG_FILE=$(mktemp "${TMP_DIR}/netalertx.conf.XXXXXX")
# Shell check doesn't recognize envsubst variables
# shellcheck disable=SC2016
if envsubst '${LISTEN_ADDR} ${PORT}' < "${SYSTEM_NGINX_CONFIG_TEMPLATE}" > "${TEMP_CONFIG_FILE}" 2>/dev/null; then if envsubst '${LISTEN_ADDR} ${PORT}' < "${SYSTEM_NGINX_CONFIG_TEMPLATE}" > "${TEMP_CONFIG_FILE}" 2>/dev/null; then
mv "${TEMP_CONFIG_FILE}" "${SYSTEM_SERVICES_ACTIVE_CONFIG_FILE}" mv "${TEMP_CONFIG_FILE}" "${SYSTEM_SERVICES_ACTIVE_CONFIG_FILE}"
else else

9
install/production-filesystem/services/start-php-fpm.sh
View File

@@ -3,18 +3,22 @@ set -euo pipefail
php_fpm_pid="" php_fpm_pid=""
# Called externally, but shellcheck does not see that and claims it is unused.
# shellcheck disable=SC2329,SC2317
cleanup() { cleanup() {
status=$? status=$?
echo "php-fpm stopped! (exit ${status})" echo "php-fpm stopped! (exit ${status})"
} }
# Called externally, but shellcheck does not see that and claims it is unused.
# shellcheck disable=SC2329,SC2317
forward_signal() { forward_signal() {
if [[ -n "${php_fpm_pid}" ]]; then if [[ -n "${php_fpm_pid}" ]]; then
kill -TERM "${php_fpm_pid}" 2>/dev/null || true kill -TERM "${php_fpm_pid}" 2>/dev/null || true
fi fi
} }
while ps ax | grep -v grep | grep php-fpm83 >/dev/null; do while pgrep -x php-fpm83 >/dev/null; do
killall php-fpm83 &>/dev/null killall php-fpm83 &>/dev/null
sleep 0.2 sleep 0.2
done done
@@ -27,5 +31,6 @@ echo "Starting /usr/sbin/php-fpm83 -y \"${PHP_FPM_CONFIG_FILE}\" -F >>\"${LOG_AP
php_fpm_pid=$! php_fpm_pid=$!
wait "${php_fpm_pid}" wait "${php_fpm_pid}"
exit_status=$?
echo -ne " done" echo -ne " done"
exit $? exit $exit_status

4
install/proxmox/proxmox-install-netalertx.sh
View File

@@ -127,6 +127,8 @@ apt-get install -y --no-install-recommends \
ca-certificates lsb-release curl gnupg ca-certificates lsb-release curl gnupg
# Detect OS # Detect OS
# Shell check doesn't recognize source command because it's not in the repo, it is in the system at runtime
# shellcheck disable=SC1091
. /etc/os-release . /etc/os-release
OS_ID="${ID:-}" OS_ID="${ID:-}"
OS_VER="${VERSION_ID:-}" OS_VER="${VERSION_ID:-}"
@@ -203,6 +205,8 @@ printf "%b\n" "-----------------------------------------------------------------
printf "%b\n" "${GREEN}[INSTALLING] ${RESET}Setting up Python environment" printf "%b\n" "${GREEN}[INSTALLING] ${RESET}Setting up Python environment"
printf "%b\n" "--------------------------------------------------------------------------" printf "%b\n" "--------------------------------------------------------------------------"
python3 -m venv /opt/myenv python3 -m venv /opt/myenv
# Shell check doesn't recognize source command because it's not in the repo, it is in the system at runtime
# shellcheck disable=SC1091
source /opt/myenv/bin/activate source /opt/myenv/bin/activate
python -m pip install --upgrade pip python -m pip install --upgrade pip
python -m pip install -r "${INSTALLER_DIR}/requirements.txt" python -m pip install -r "${INSTALLER_DIR}/requirements.txt"

7
install/ubuntu24/install.sh
View File

@@ -22,7 +22,6 @@ NGINX_CONF_FILE=netalertx.conf
WEB_UI_DIR=/var/www/html/netalertx WEB_UI_DIR=/var/www/html/netalertx
NGINX_CONFIG_FILE=/etc/nginx/conf.d/$NGINX_CONF_FILE NGINX_CONFIG_FILE=/etc/nginx/conf.d/$NGINX_CONF_FILE
OUI_FILE="/usr/share/arp-scan/ieee-oui.txt" # Define the path to ieee-oui.txt and ieee-iab.txt OUI_FILE="/usr/share/arp-scan/ieee-oui.txt" # Define the path to ieee-oui.txt and ieee-iab.txt
SCRIPT_DIR="$(cd -- "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
FILEDB=${INSTALL_DIR}/db/${DB_FILE} FILEDB=${INSTALL_DIR}/db/${DB_FILE}
PHPVERSION="8.3" PHPVERSION="8.3"
VENV_DIR="/opt/netalertx-python" VENV_DIR="/opt/netalertx-python"
@@ -106,7 +105,7 @@ if [ -d "${INSTALL_DIR}" ]; then
if [ "$1" == "install" ] || [ "$1" == "update" ] || [ "$1" == "start" ]; then if [ "$1" == "install" ] || [ "$1" == "update" ] || [ "$1" == "start" ]; then
confirmation=$1 confirmation=$1
else else
read -p "Enter your choice: " confirmation read -rp "Enter your choice: " confirmation
fi fi
if [ "$confirmation" == "install" ]; then if [ "$confirmation" == "install" ]; then
# Ensure INSTALL_DIR is safe to wipe # Ensure INSTALL_DIR is safe to wipe
@@ -118,7 +117,7 @@ if [ -d "${INSTALL_DIR}" ]; then
mountpoint -q "${INSTALL_DIR}/front" && umount "${INSTALL_DIR}/front" 2>/dev/null mountpoint -q "${INSTALL_DIR}/front" && umount "${INSTALL_DIR}/front" 2>/dev/null
# Remove all contents safely # Remove all contents safely
rm -rf -- "${INSTALL_DIR}"/* "${INSTALL_DIR}"/.[!.]* "${INSTALL_DIR}"/..?* 2>/dev/null rm -rf -- "${INSTALL_DIR:?}"/* "${INSTALL_DIR}"/.[!.]* "${INSTALL_DIR}"/..?* 2>/dev/null
# Re-clone repository # Re-clone repository
git clone "${GITHUB_REPO}" "${INSTALL_DIR}/" git clone "${GITHUB_REPO}" "${INSTALL_DIR}/"
@@ -152,6 +151,8 @@ echo "---------------------------------------------------------"
echo echo
# update-alternatives --install /usr/bin/python python /usr/bin/python3 10 # update-alternatives --install /usr/bin/python python /usr/bin/python3 10
python3 -m venv "${VENV_DIR}" python3 -m venv "${VENV_DIR}"
# Shell check doesn't recognize source command because it's not in the repo, it is in the system at runtime
# shellcheck disable=SC1091
source "${VENV_DIR}/bin/activate" source "${VENV_DIR}/bin/activate"
if [[ ! -f "${REQUIREMENTS_FILE}" ]]; then if [[ ! -f "${REQUIREMENTS_FILE}" ]]; then

6
scripts/db_cleanup/regenerate-database.sh
View File

@@ -4,10 +4,10 @@
NETALERTX_DB_FILE=${NETALERTX_DB:-/data/db}/app.db NETALERTX_DB_FILE=${NETALERTX_DB:-/data/db}/app.db
#remove the old database #remove the old database
rm ${NETALERTX_DB_FILE} rm "${NETALERTX_DB_FILE}"
# Write schema to text to app.db file until we see "end-of-database-schema" # Write schema to text to app.db file until we see "end-of-database-schema"
cat << end-of-database-schema > ${NETALERTX_DB_FILE}.sql cat << end-of-database-schema > "${NETALERTX_DB_FILE}.sql"
CREATE TABLE sqlite_stat1(tbl,idx,stat); CREATE TABLE sqlite_stat1(tbl,idx,stat);
CREATE TABLE Events (eve_MAC STRING (50) NOT NULL COLLATE NOCASE, eve_IP STRING (50) NOT NULL COLLATE NOCASE, eve_DateTime DATETIME NOT NULL, eve_EventType STRING (30) NOT NULL COLLATE NOCASE, eve_AdditionalInfo STRING (250) DEFAULT (''), eve_PendingAlertEmail BOOLEAN NOT NULL CHECK (eve_PendingAlertEmail IN (0, 1)) DEFAULT (1), eve_PairEventRowid INTEGER); CREATE TABLE Events (eve_MAC STRING (50) NOT NULL COLLATE NOCASE, eve_IP STRING (50) NOT NULL COLLATE NOCASE, eve_DateTime DATETIME NOT NULL, eve_EventType STRING (30) NOT NULL COLLATE NOCASE, eve_AdditionalInfo STRING (250) DEFAULT (''), eve_PendingAlertEmail BOOLEAN NOT NULL CHECK (eve_PendingAlertEmail IN (0, 1)) DEFAULT (1), eve_PairEventRowid INTEGER);
CREATE TABLE Sessions (ses_MAC STRING (50) COLLATE NOCASE, ses_IP STRING (50) COLLATE NOCASE, ses_EventTypeConnection STRING (30) COLLATE NOCASE, ses_DateTimeConnection DATETIME, ses_EventTypeDisconnection STRING (30) COLLATE NOCASE, ses_DateTimeDisconnection DATETIME, ses_StillConnected BOOLEAN, ses_AdditionalInfo STRING (250)); CREATE TABLE Sessions (ses_MAC STRING (50) COLLATE NOCASE, ses_IP STRING (50) COLLATE NOCASE, ses_EventTypeConnection STRING (30) COLLATE NOCASE, ses_DateTimeConnection DATETIME, ses_EventTypeDisconnection STRING (30) COLLATE NOCASE, ses_DateTimeDisconnection DATETIME, ses_StillConnected BOOLEAN, ses_AdditionalInfo STRING (250));
@@ -421,4 +421,4 @@ CREATE TRIGGER "trg_delete_devices"
end-of-database-schema end-of-database-schema
# Import the database schema into the new database file # Import the database schema into the new database file
sqlite3 ${NETALERTX_DB_FILE} < ${NETALERTX_DB_FILE}.sql sqlite3 "${NETALERTX_DB_FILE}" < "${NETALERTX_DB_FILE}.sql"

2
scripts/list-ports.sh
View File

@@ -16,4 +16,4 @@ for p in $PORTS; do
done done
# Show any other NetAlertX-related listeners (nginx, php-fpm, python backend) # Show any other NetAlertX-related listeners (nginx, php-fpm, python backend)
ss -ltnp 2>/dev/null | egrep 'nginx|php-fpm|python' || true ss -ltnp 2>/dev/null | grep -e 'nginx\|php-fpm\|python' || true

26
test/docker_tests/configurations/test_all_docker_composes.sh
View File

@@ -11,8 +11,10 @@ echo "==========================================" >> "$LOG_FILE"
# Function to extract comments from docker-compose file # Function to extract comments from docker-compose file
extract_comments() { extract_comments() {
local file="$1" local file="$1"
echo "File: $(basename "$file")" >> "$LOG_FILE" {
echo "----------------------------------------" >> "$LOG_FILE"
echo "File: $(basename "$file")"
echo "----------------------------------------"
# Extract lines starting with # until we hit a non-comment line # Extract lines starting with # until we hit a non-comment line
awk ' awk '
@@ -28,9 +30,10 @@ extract_comments() {
/^[^#]/ && !/^$/ { /^[^#]/ && !/^$/ {
exit exit
} }
' "$file" >> "$LOG_FILE" ' "$file"
echo "" >> "$LOG_FILE" echo ""
} >> "$LOG_FILE"
} }
# Function to run docker-compose test # Function to run docker-compose test
@@ -40,16 +43,17 @@ run_test() {
dirname=$(dirname "$file") dirname=$(dirname "$file")
local basename local basename
basename=$(basename "$file") basename=$(basename "$file")
{
echo "Testing: $basename" >> "$LOG_FILE" echo "Testing: $basename"
echo "Directory: $dirname" >> "$LOG_FILE" echo "Directory: $dirname"
echo "" >> "$LOG_FILE" echo ""
echo "Running docker-compose up..." >> "$LOG_FILE" echo "Running docker-compose up..."
timeout 10s docker-compose -f "$file" up 2>&1 >> "$LOG_FILE" timeout 10s docker-compose -f "$file" up 2>&1
} >> "$LOG_FILE"
# Clean up # Clean up
docker-compose -f "$file" down -v 2>/dev/null || true docker-compose -f "$file" down -v 2>/dev/null || true
docker volume prune -f 2>/dev/null || true docker volume prune -f 2>/dev/null || true
}
find "$SCRIPT_DIR" -name "docker-compose*.yml" -type f -print0 | sort -z | while IFS= read -r -d '' file; do find "$SCRIPT_DIR" -name "docker-compose*.yml" -type f -print0 | sort -z | while IFS= read -r -d '' file; do
extract_comments "$file" extract_comments "$file"

2
test/docker_tests/run_docker_tests.sh
View File

@@ -57,7 +57,7 @@ for i in $(seq 1 $WAIT_SECONDS); do
echo "--- Services are healthy! ---" echo "--- Services are healthy! ---"
break break
fi fi
if [ $i -eq $WAIT_SECONDS ]; then if [ "$i" -eq "$WAIT_SECONDS" ]; then
echo "--- Timeout: Services did not become healthy after $WAIT_SECONDS seconds. ---" echo "--- Timeout: Services did not become healthy after $WAIT_SECONDS seconds. ---"
docker logs netalertx-test-container docker logs netalertx-test-container
exit 1 exit 1

2
test/docker_tests/test_mount_diagnostics_pytest.py
View File

@@ -271,7 +271,7 @@ def create_test_scenarios() -> List[TestScenario]:
compose_file = f"docker-compose.mount-test.{path_name}_{scenario_name}.yml" compose_file = f"docker-compose.mount-test.{path_name}_{scenario_name}.yml"
# Determine expected exit code # Determine expected exit code
expected_exit_code = 1 if expected_issues and not (path_name == "active_config" and scenario_name == "unwritable") else 0 expected_exit_code = 1 if expected_issues else 0
scenarios.append( scenarios.append(
TestScenario( TestScenario(