diff --git a/api/tacticalrmm/core/management/commands/get_config.py b/api/tacticalrmm/core/management/commands/get_config.py index b83f894e..0a76344f 100644 --- a/api/tacticalrmm/core/management/commands/get_config.py +++ b/api/tacticalrmm/core/management/commands/get_config.py @@ -3,7 +3,7 @@ from urllib.parse import urlparse from django.conf import settings from django.core.management.base import BaseCommand -from tacticalrmm.helpers import get_webdomain +from tacticalrmm.helpers import get_root_domain, get_webdomain from tacticalrmm.utils import get_certs @@ -18,11 +18,7 @@ class Command(BaseCommand): case "api": self.stdout.write(settings.ALLOWED_HOSTS[0]) case "rootdomain": - import tldextract - - no_fetch_extract = tldextract.TLDExtract(suffix_list_urls=()) - extracted = no_fetch_extract(settings.ALLOWED_HOSTS[0]) - self.stdout.write(f"{extracted.domain}.{extracted.suffix}") + self.stdout.write(get_root_domain(settings.ALLOWED_HOSTS[0])) case "version": self.stdout.write(settings.TRMM_VERSION) case "webversion": diff --git a/api/tacticalrmm/core/management/commands/post_update_tasks.py b/api/tacticalrmm/core/management/commands/post_update_tasks.py index 03b0be62..ea8f0409 100644 --- a/api/tacticalrmm/core/management/commands/post_update_tasks.py +++ b/api/tacticalrmm/core/management/commands/post_update_tasks.py @@ -1,9 +1,5 @@ import base64 -import os -import shutil -from pathlib import Path -from django.conf import settings from django.core.management.base import BaseCommand from accounts.models import User @@ -14,7 +10,6 @@ from core.models import CoreSettings from core.tasks import remove_orphaned_history_results, sync_mesh_perms_task from scripts.models import Script from tacticalrmm.constants import AGENT_DEFER, ScriptType -from tacticalrmm.helpers import get_webdomain class Command(BaseCommand): @@ -23,37 +18,6 @@ class Command(BaseCommand): def handle(self, *args, **kwargs) -> None: self.stdout.write("Running post update tasks") - # for 0.20.0 release - if not settings.DOCKER_BUILD: - needs_frontend = False - frontend_domain = get_webdomain().split(":")[0] - - local_settings = os.path.join( - settings.BASE_DIR, "tacticalrmm", "local_settings.py" - ) - - with open(local_settings) as f: - lines = f.readlines() - - modified_lines = [] - for line in lines: - if line.strip().startswith("ALLOWED_HOSTS"): - exec(line, globals()) - - if frontend_domain not in settings.ALLOWED_HOSTS: - needs_frontend = True - settings.ALLOWED_HOSTS.append(frontend_domain) - - line = f"ALLOWED_HOSTS = {settings.ALLOWED_HOSTS}\n" - - modified_lines.append(line) - - if needs_frontend: - backup = Path.home() / (Path("local_settings_0.20.0.bak")) - shutil.copy2(local_settings, backup) - with open(local_settings, "w") as f: - f.writelines(modified_lines) - # load community scripts into the db Script.load_community_scripts() diff --git a/api/tacticalrmm/tacticalrmm/helpers.py b/api/tacticalrmm/tacticalrmm/helpers.py index fedb96b1..fbd9f796 100644 --- a/api/tacticalrmm/tacticalrmm/helpers.py +++ b/api/tacticalrmm/tacticalrmm/helpers.py @@ -9,6 +9,7 @@ from typing import TYPE_CHECKING, Any, Literal from urllib.parse import urlparse from zoneinfo import ZoneInfo +import tldextract from cryptography import x509 from django.conf import settings from django.utils import timezone as djangotime @@ -107,6 +108,12 @@ def get_webdomain() -> str: return urlparse(settings.CORS_ORIGIN_WHITELIST[0]).netloc +def get_root_domain(subdomain) -> str: + no_fetch_extract = tldextract.TLDExtract(suffix_list_urls=()) + extracted = no_fetch_extract(subdomain) + return f"{extracted.domain}.{extracted.suffix}" + + def rand_range(min: int, max: int) -> float: """ Input is milliseconds. diff --git a/api/tacticalrmm/tacticalrmm/settings.py b/api/tacticalrmm/tacticalrmm/settings.py index fd9a2fdb..c85a6863 100644 --- a/api/tacticalrmm/tacticalrmm/settings.py +++ b/api/tacticalrmm/tacticalrmm/settings.py @@ -3,6 +3,7 @@ import sys from contextlib import suppress from datetime import timedelta from pathlib import Path +from tacticalrmm.helpers import get_root_domain BASE_DIR = Path(__file__).resolve().parent.parent @@ -117,12 +118,38 @@ REDIS_HOST = "127.0.0.1" TRMM_LOG_LEVEL = "ERROR" TRMM_LOG_TO = "file" +if not DOCKER_BUILD: + ALLOWED_HOSTS = [] + CORS_ORIGIN_WHITELIST = [] + TRMM_PROTO = "https" + TRMM_BACKEND_PORT = None + with suppress(ImportError): from ee.sso.sso_settings import * # noqa with suppress(ImportError): from .local_settings import * # noqa +if not DOCKER_BUILD: + + TRMM_ROOT_DOMAIN = get_root_domain(ALLOWED_HOSTS[0]) + + ALLOWED_HOSTS.append(TRMM_ROOT_DOMAIN) + + if DEBUG: + ALLOWED_HOSTS.append("*") + + backend_url = f"{TRMM_PROTO}://{ALLOWED_HOSTS[0]}" + if TRMM_BACKEND_PORT: + backend_url = f"{backend_url}:{TRMM_BACKEND_PORT}" + + SESSION_COOKIE_DOMAIN = TRMM_ROOT_DOMAIN + CSRF_COOKIE_DOMAIN = TRMM_ROOT_DOMAIN + CSRF_TRUSTED_ORIGINS = [CORS_ORIGIN_WHITELIST[0], backend_url] + HEADLESS_FRONTEND_URLS = { + "socialaccount_login_error": f"{CORS_ORIGIN_WHITELIST[0]}/account/provider/callback" + } + CHECK_TOKEN_URL = f"{AGENT_BASE_URL}/api/v2/checktoken" AGENTS_URL = f"{AGENT_BASE_URL}/api/v2/agents/?" EXE_GEN_URL = f"{AGENT_BASE_URL}/api/v2/exe" diff --git a/install.sh b/install.sh index d096a69e..a311a1fd 100644 --- a/install.sh +++ b/install.sh @@ -570,7 +570,6 @@ python manage.py load_chocos python manage.py load_community_scripts WEB_VERSION=$(python manage.py get_config webversion) WEBTAR_URL=$(python manage.py get_webtar_url) -ROOT_DOMAIN=$(python manage.py get_config rootdomain) printf >&2 "${YELLOW}%0.s*${NC}" {1..80} printf >&2 "\n" printf >&2 "${YELLOW}Please create your login for the RMM website${NC}\n" @@ -586,16 +585,6 @@ python manage.py generate_barcode ${RANDBASE} ${djangousername} ${frontenddomain deactivate read -n 1 -s -r -p "Press any key to continue..." -allauth="$( - cat </dev/null - rmmservice="$( cat </dev/null -fi - print_green 'Restoring hosts file' if grep -q manage_etc_hosts /etc/hosts; then diff --git a/update.sh b/update.sh index 8f129e77..81566484 100644 --- a/update.sh +++ b/update.sh @@ -452,23 +452,6 @@ CERT_PUB_KEY=$(python manage.py get_config certfile) CERT_PRIV_KEY=$(python manage.py get_config keyfile) deactivate -HAS_ALLAUTH=$(grep HEADLESS_FRONTEND_URLS $local_settings) -if ! [[ $HAS_ALLAUTH ]]; then - source /rmm/api/env/bin/activate - cd /rmm/api/tacticalrmm - ROOT_DOMAIN=$(python manage.py get_config rootdomain) - deactivate - allauth="$( - cat </dev/null -fi - if grep -q manage_etc_hosts /etc/hosts; then sudo sed -i '/manage_etc_hosts: true/d' /etc/cloud/cloud.cfg >/dev/null if ! grep -q "manage_etc_hosts: false" /etc/cloud/cloud.cfg; then