Merge branch 'jokob-sk:main' into db-caching

install/ubuntu/install.ubuntu.sh

@@ -0,0 +1,105 @@
+#!/usr/bin/env bash
+
+# 🛑 Important: This is only used for the bare-metal install 🛑 
+# Update /install/start.ubuntu.sh in most cases is preferred 
+
+echo "---------------------------------------------------------"
+echo "[INSTALL] Starting NetAlertX installation for Ubuntu"
+echo "---------------------------------------------------------"
+echo
+echo "This script will install NetAlertX on your Ubuntu system."
+echo "It will clone the repository, set up necessary files, and start the application."
+echo "Please ensure you have a stable internet connection."
+echo "---------------------------------------------------------"
+
+# Set environment variables
+INSTALL_DIR=/app  # Specify the installation directory here
+
+# Check if script is run as root
+if [[ $EUID -ne 0 ]]; then
+    echo "This script must be run as root. Please use 'sudo'." 
+    exit 1
+fi
+
+# Prepare the environment
+echo "Updating packages"
+echo "-----------------"
+apt-get update
+echo "Making sure sudo is installed"
+apt-get install sudo -y
+
+# Install Git
+echo "Installing Git"
+apt-get install -y git
+
+# Clean the directory, ask for confirmation
+if [ -d "$INSTALL_DIR" ]; then
+  echo "The installation directory exists. Removing it to ensure a clean install."
+  echo "Are you sure you want to continue? This will delete all existing files in $INSTALL_DIR."
+  echo "Type:"
+  echo " - 'install' to continue"
+  echo " - 'update' to just update from GIT"
+  echo " - 'start' to do nothing, leave install as-is"
+  if [ "$1" == "install" ] || [ "$1" == "update" ] || [ "$1" == "start" ]; then
+    confirmation=$1
+  else
+    read -p "Enter your choice: " confirmation
+  fi
+  if [ "$confirmation" == "install" ]; then
+    # Ensure INSTALL_DIR is safe to wipe
+    if [ -n "$INSTALL_DIR" ] && [ "$INSTALL_DIR" != "" ] && [ "$INSTALL_DIR" != "/" ] && [ "$INSTALL_DIR" != "." ] && [ -d "$INSTALL_DIR" ]; then
+      echo "Removing existing installation..."
+
+      # Stop nginx if running
+      if command -v systemctl >/dev/null 2>&1 && systemctl list-units --type=service | grep -q nginx; then
+      systemctl stop nginx 2>/dev/null
+      elif command -v service >/dev/null 2>&1; then
+      service nginx stop 2>/dev/null
+      fi
+
+      # Kill running NetAlertX server processes in this INSTALL_DIR
+      pkill -f "python.*${INSTALL_DIR}/server" 2>/dev/null
+
+      # Unmount only if mountpoints exist
+      mountpoint -q "$INSTALL_DIR/api" && umount "$INSTALL_DIR/api" 2>/dev/null
+      mountpoint -q "$INSTALL_DIR/front" && umount "$INSTALL_DIR/front" 2>/dev/null
+
+      # Remove all contents safely
+      rm -rf -- "$INSTALL_DIR"/* "$INSTALL_DIR"/.[!.]* "$INSTALL_DIR"/..?* 2>/dev/null
+
+      # Re-clone repository
+      git clone https://github.com/jokob-sk/NetAlertX "$INSTALL_DIR/"
+    else
+      echo "INSTALL_DIR is not set, is root, or is invalid. Aborting for safety."
+      exit 1
+    fi
+    else
+      echo "INSTALL_DIR is not set or is root. Aborting for safety."
+      exit 1
+    fi
+  elif [ "$confirmation" == "update" ]; then
+    echo "Updating the existing installation..."
+    service nginx stop 2>/dev/null
+   pkill -f "python ${INSTALL_DIR}/server" 2>/dev/null
+    cd "$INSTALL_DIR" || { echo "Failed to change directory to $INSTALL_DIR"; exit 1; }
+    git pull
+  elif [ "$confirmation" == "start" ]; then
+    echo "Continuing without changes."
+  else
+    echo "Installation aborted."
+    exit 1
+  fi
+else
+  git clone https://github.com/jokob-sk/NetAlertX "$INSTALL_DIR/"
+fi
+
+# Check for buildtimestamp.txt existence, otherwise create it
+if [ ! -f "$INSTALL_DIR/front/buildtimestamp.txt" ]; then
+  date +%s > "$INSTALL_DIR/front/buildtimestamp.txt"
+fi
+
+# Start NetAlertX
+
+# This is where we setup the virtual environment and install dependencies
+cd "$INSTALL_DIR/install/ubuntu" || { echo "Failed to change directory to $INSTALL_DIR/install/ubuntu"; exit 1; }
+"$INSTALL_DIR/install/ubuntu/start.ubuntu.sh"

install/ubuntu/netalertx.ubuntu.conf

@@ -0,0 +1,21 @@
+server {
+    listen 20211 default_server;
+    root /var/www/html/netalertx;
+    index index.php;
+    #rewrite /app/(.*) / permanent;
+    add_header X-Forwarded-Prefix "/netalertx" always;
+    proxy_set_header X-Forwarded-Prefix "/netalertx";
+
+  location ~* \.php$ {
+    # Set Cache-Control header to prevent caching on the first load
+    add_header Cache-Control "no-store";
+    fastcgi_pass unix:/run/php/php8.3-fpm.sock;
+    include         fastcgi_params;
+    try_files $uri =404;
+    fastcgi_param   SCRIPT_FILENAME    $document_root$fastcgi_script_name;
+    fastcgi_param   SCRIPT_NAME        $fastcgi_script_name;
+    fastcgi_connect_timeout 75;
+    fastcgi_send_timeout 600;
+    fastcgi_read_timeout 600;
+  }
+}

install/ubuntu/start.ubuntu.sh

@@ -0,0 +1,215 @@
+#!/usr/bin/env bash
+
+echo "---------------------------------------------------------"
+echo "[INSTALL]"
+echo "---------------------------------------------------------"
+echo
+echo "This script will set up and start NetAlertX on your Ubuntu system."
+
+# Specify the installation directory here
+INSTALL_DIR=/app
+
+# DO NOT CHANGE ANYTHING BELOW THIS LINE!
+CONF_FILE=app.conf
+DB_FILE=app.db
+NGINX_CONF_FILE=netalertx.ubuntu.conf
+WEB_UI_DIR=/var/www/html/netalertx
+NGINX_CONFIG_FILE=/etc/nginx/conf.d/$NGINX_CONF_FILE
+OUI_FILE="/usr/share/arp-scan/ieee-oui.txt" # Define the path to ieee-oui.txt and ieee-iab.txt
+INSTALL_PATH=$INSTALL_DIR
+FILEDB=$INSTALL_PATH/db/$DB_FILE
+PHPVERSION="8.3"
+# DO NOT CHANGE ANYTHING ABOVE THIS LINE!
+
+# if custom variables not set we do not need to do anything
+if [ -n "${TZ}" ]; then    
+  FILECONF=$INSTALL_PATH/config/$CONF_FILE 
+  if [ -f "$FILECONF" ]; then
+    sed -i -e "s|Europe/Berlin|${TZ}|g" "$INSTALL_PATH/config/$CONF_FILE"
+  else 
+    sed -i -e "s|Europe/Berlin|${TZ}|g" "$INSTALL_PATH/back/$CONF_FILE.bak"
+  fi
+fi
+
+
+# Check if script is run as root
+if [[ $EUID -ne 0 ]]; then
+    echo "This script must be run as root. Please use 'sudo'." 
+    exit 1
+fi
+
+
+
+echo "---------------------------------------------------------"
+echo "[INSTALL] Installing dependencies"
+echo "---------------------------------------------------------"
+echo
+
+
+# Install dependencies
+apt-get install -y \
+    tini snmp ca-certificates curl libwww-perl arp-scan perl apt-utils cron \
+    nginx-light php php-cgi php-fpm php-sqlite3 php-curl sqlite3 dnsutils net-tools \
+    python3 python3-dev iproute2 nmap python3-pip zip usbutils traceroute nbtscan avahi-daemon avahi-utils build-essential
+
+# alternate dependencies
+apt-get install nginx nginx-core mtr php-fpm php${PHPVERSION}-fpm php-cli php${PHPVERSION} php${PHPVERSION}-sqlite3 -y
+phpenmod -v ${PHPVERSION} sqlite3
+
+update-alternatives --install /usr/bin/python python /usr/bin/python3 10
+
+cd $INSTALL_DIR/install/ubuntu || { echo "Failed to change directory to $INSTALL_DIR/install/ubuntu"; exit 1; }
+
+# setup virtual python environment so we can use pip3 to install packages
+apt-get install python3-venv -y
+python3 -m venv myenv
+source myenv/bin/activate
+
+#  install packages thru pip3
+pip3 install openwrt-luci-rpc asusrouter asyncio aiohttp graphene flask flask-cors unifi-sm-api tplink-omada-client wakeonlan pycryptodome requests paho-mqtt scapy cron-converter pytz json2table dhcp-leases pyunifi speedtest-cli chardet python-nmap dnspython librouteros yattag git+https://github.com/foreign-sub/aiofreepybox.git 
+
+
+
+
+echo "---------------------------------------------------------"
+echo "[INSTALL] Installing NGINX and setting up the web server"
+echo "---------------------------------------------------------"
+echo
+echo "[INSTALL] Stopping any NGINX web server"
+
+service nginx stop 2>/dev/null
+pkill -f "python ${INSTALL_DIR}/server" 2>/dev/null
+echo "[INSTALL] Updating the existing installation..."
+
+# Remove default NGINX site if it is symlinked, or backup it otherwise
+if [ -L /etc/nginx/sites-enabled/default ] ; then
+  echo "[INSTALL] Disabling default NGINX site, removing sym-link in /etc/nginx/sites-enabled"
+  rm /etc/nginx/sites-enabled/default
+elif [ -f /etc/nginx/sites-enabled/default ]; then
+  echo "[INSTALL] Disabling default NGINX site, moving config to /etc/nginx/sites-available"
+  mv /etc/nginx/sites-enabled/default /etc/nginx/sites-available/default.bkp_netalertx
+fi
+
+# Clear existing directories and files
+if [ -d $WEB_UI_DIR ]; then
+  echo "[INSTALL] Removing existing NetAlertX web-UI"
+  rm -R $WEB_UI_DIR
+fi
+
+echo "[INSTALL] Removing existing NetAlertX NGINX config"
+rm "$NGINX_CONFIG_FILE" 2>/dev/null || true
+
+# create symbolic link to the  install directory
+ln -s $INSTALL_PATH/front $WEB_UI_DIR
+# create symbolic link to NGINX configuration coming with NetAlertX
+ln -s "${INSTALL_PATH}/install/ubuntu/$NGINX_CONF_FILE" $NGINX_CONFIG_FILE
+
+# Use user-supplied port if set
+if [ -n "${PORT}" ]; then
+  echo "[INSTALL] Setting webserver to user-supplied port ($PORT)"
+  sed -i 's/listen 20211/listen '"$PORT"'/g' "$NGINX_CONFIG_FILE"
+fi
+
+# Change web interface address if set
+if [ -n "${LISTEN_ADDR}" ]; then
+  echo "[INSTALL] Setting webserver to user-supplied address (${LISTEN_ADDR})"
+  sed -i -e 's/listen /listen '"${LISTEN_ADDR}":'/g' "$NGINX_CONFIG_FILE"
+fi
+
+# Change php version
+echo "[INSTALL] Setting PHP version to ${PHPVERSION}"
+sed -i 's#unix:/run/php/php8.3-fpm.sock#unix:/run/php/php'"${PHPVERSION}"'-fpm.sock#ig' $NGINX_CONFIG_FILE
+
+# Run the hardware vendors update at least once
+echo "[INSTALL] Run the hardware vendors update"
+
+# Check if ieee-oui.txt or ieee-iab.txt exist
+if [ -f "$OUI_FILE" ]; then
+  echo "[INSTALL] The file ieee-oui.txt exists. Skipping update_vendors.sh..."
+else
+  echo "[INSTALL] The file ieee-oui.txt does not exist. Running update_vendors..."
+
+  # Run the update_vendors.sh script
+  if [ -f "${INSTALL_PATH}/back/update_vendors.sh" ]; then
+    "${INSTALL_PATH}/back/update_vendors.sh"
+  else
+    echo "[INSTALL] update_vendors.sh script not found in $INSTALL_DIR."    
+  fi
+fi
+
+# create log and api mounts
+
+echo "[INSTALL] Create log and api mounts"
+mkdir -p "${INSTALL_DIR}/log" "${INSTALL_DIR}/api"
+umount "${INSTALL_DIR}/log" 2>/dev/null || true
+umount "${INSTALL_DIR}/api" 2>/dev/null || true
+mount -t tmpfs -o size=32m,noexec,nosuid,nodev tmpfs "${INSTALL_DIR}/log"
+mount -t tmpfs -o size=16m,noexec,nosuid,nodev tmpfs "${INSTALL_DIR}/api"
+# Create an empty log files
+
+# Create the execution_queue.log file if it doesn't exist
+touch "${INSTALL_DIR}"/log/{app.log,execution_queue.log,app_front.log,app.php_errors.log,stderr.log,stdout.log,db_is_locked.log}
+touch "${INSTALL_DIR}"/api/user_notifications.json
+# Create plugins sub-directory if it doesn't exist in case a custom log folder is used
+mkdir -p "${INSTALL_DIR}"/log/plugins
+
+# Fixing file permissions
+echo "[INSTALL] Fixing file permissions"
+chown root:www-data "${INSTALL_DIR}"/api/user_notifications.json
+
+echo "[INSTALL] Fixing WEB_UI_DIR: ${WEB_UI_DIR}"
+
+chmod -R a+rwx $WEB_UI_DIR
+
+echo "[INSTALL] Fixing INSTALL_DIR: ${INSTALL_DIR}"
+
+chmod -R a+rw $INSTALL_PATH/log
+chmod -R a+rwx $INSTALL_DIR
+
+echo "[INSTALL] Copy starter $DB_FILE and $CONF_FILE if they don't exist"
+
+
+# DANGER ZONE: ALWAYS_FRESH_INSTALL 
+if [ "$ALWAYS_FRESH_INSTALL" = true ]; then
+  echo "[INSTALL] ❗ ALERT /db and /config folders are cleared because the ALWAYS_FRESH_INSTALL is set to: ${ALWAYS_FRESH_INSTALL}❗"
+  # Delete content of "/config/"
+  rm -rf "${INSTALL_PATH}/config/"*
+  
+  # Delete content of "/db/"
+  rm -rf "${INSTALL_PATH}/db/"*
+fi
+
+
+# Copy starter $DB_FILE and $CONF_FILE if they don't exist
+cp --update=none "${INSTALL_PATH}/back/$CONF_FILE" "${INSTALL_PATH}/config/$CONF_FILE" 
+cp --update=none "${INSTALL_PATH}/back/$DB_FILE"  "$FILEDB"
+
+echo "[INSTALL] Fixing permissions after copied starter config & DB"
+
+if [ -f "$FILEDB" ]; then
+    chown -R www-data:www-data $FILEDB
+fi
+
+chmod -R a+rwx $INSTALL_DIR # second time after we copied the files
+chmod -R a+rw $INSTALL_PATH/config
+chgrp -R www-data  $INSTALL_PATH
+
+# Check if buildtimestamp.txt doesn't exist
+if [ ! -f "${INSTALL_PATH}/front/buildtimestamp.txt" ]; then
+    # Create buildtimestamp.txt
+    date +%s > "${INSTALL_PATH}/front/buildtimestamp.txt"
+fi
+
+# start PHP
+/etc/init.d/php${PHPVERSION}-fpm start
+nginx -t || { echo "[INSTALL] nginx config test failed"; exit 1; }
+/etc/init.d/nginx start
+#  Activate the virtual python environment
+source myenv/bin/activate
+
+echo "[INSTALL] 🚀 Starting app - navigate to your <server IP>:${PORT}"
+
+# Start the NetAlertX python script
+# All error and console output being diverted to null,
+# otherwise we can get critical errors re I/O
+python "$INSTALL_PATH/server/" 2>/dev/null 1>/dev/null &