Rooba
/
tacticalrmm
mirror of https://github.com/amidaware/tacticalrmm.git
1
1
Fork 0
Code Issues Packages Projects Releases Wiki Activity

modify settings instead of local_settings

This commit is contained in:
wh1te909 2024-11-03 06:17:04 +00:00
parent cc1f640a50
commit 3851b0943a
7 changed files with 36 additions and 87 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
api/tacticalrmm/core/management/commands/get_config.py
View File

@ -3,7 +3,7 @@ from urllib.parse import urlparse
from django.conf import settings from django.conf import settings
from django.core.management.base import BaseCommand from django.core.management.base import BaseCommand
from tacticalrmm.helpers import get_webdomain from tacticalrmm.helpers import get_root_domain, get_webdomain
from tacticalrmm.utils import get_certs from tacticalrmm.utils import get_certs
@ -18,11 +18,7 @@ class Command(BaseCommand):
case "api": case "api":
self.stdout.write(settings.ALLOWED_HOSTS[0]) self.stdout.write(settings.ALLOWED_HOSTS[0])
case "rootdomain": case "rootdomain":
import tldextract self.stdout.write(get_root_domain(settings.ALLOWED_HOSTS[0]))
no_fetch_extract = tldextract.TLDExtract(suffix_list_urls=())
extracted = no_fetch_extract(settings.ALLOWED_HOSTS[0])
self.stdout.write(f"{extracted.domain}.{extracted.suffix}")
case "version": case "version":
self.stdout.write(settings.TRMM_VERSION) self.stdout.write(settings.TRMM_VERSION)
case "webversion": case "webversion":

36
api/tacticalrmm/core/management/commands/post_update_tasks.py
View File

@ -1,9 +1,5 @@
import base64 import base64
import os
import shutil
from pathlib import Path
from django.conf import settings
from django.core.management.base import BaseCommand from django.core.management.base import BaseCommand
from accounts.models import User from accounts.models import User
@ -14,7 +10,6 @@ from core.models import CoreSettings
from core.tasks import remove_orphaned_history_results, sync_mesh_perms_task from core.tasks import remove_orphaned_history_results, sync_mesh_perms_task
from scripts.models import Script from scripts.models import Script
from tacticalrmm.constants import AGENT_DEFER, ScriptType from tacticalrmm.constants import AGENT_DEFER, ScriptType
from tacticalrmm.helpers import get_webdomain
class Command(BaseCommand): class Command(BaseCommand):
@ -23,37 +18,6 @@ class Command(BaseCommand):
def handle(self, *args, **kwargs) -> None: def handle(self, *args, **kwargs) -> None:
self.stdout.write("Running post update tasks") self.stdout.write("Running post update tasks")
# for 0.20.0 release
if not settings.DOCKER_BUILD:
needs_frontend = False
frontend_domain = get_webdomain().split(":")[0]
local_settings = os.path.join(
settings.BASE_DIR, "tacticalrmm", "local_settings.py"
)
with open(local_settings) as f:
lines = f.readlines()
modified_lines = []
for line in lines:
if line.strip().startswith("ALLOWED_HOSTS"):
exec(line, globals())
if frontend_domain not in settings.ALLOWED_HOSTS:
needs_frontend = True
settings.ALLOWED_HOSTS.append(frontend_domain)
line = f"ALLOWED_HOSTS = {settings.ALLOWED_HOSTS}\n"
modified_lines.append(line)
if needs_frontend:
backup = Path.home() / (Path("local_settings_0.20.0.bak"))
shutil.copy2(local_settings, backup)
with open(local_settings, "w") as f:
f.writelines(modified_lines)
# load community scripts into the db # load community scripts into the db
Script.load_community_scripts() Script.load_community_scripts()

7
api/tacticalrmm/tacticalrmm/helpers.py
View File

@ -9,6 +9,7 @@ from typing import TYPE_CHECKING, Any, Literal
from urllib.parse import urlparse from urllib.parse import urlparse
from zoneinfo import ZoneInfo from zoneinfo import ZoneInfo
import tldextract
from cryptography import x509 from cryptography import x509
from django.conf import settings from django.conf import settings
from django.utils import timezone as djangotime from django.utils import timezone as djangotime
@ -107,6 +108,12 @@ def get_webdomain() -> str:
return urlparse(settings.CORS_ORIGIN_WHITELIST[0]).netloc return urlparse(settings.CORS_ORIGIN_WHITELIST[0]).netloc
def get_root_domain(subdomain) -> str:
no_fetch_extract = tldextract.TLDExtract(suffix_list_urls=())
extracted = no_fetch_extract(subdomain)
return f"{extracted.domain}.{extracted.suffix}"
def rand_range(min: int, max: int) -> float: def rand_range(min: int, max: int) -> float:
""" """
Input is milliseconds. Input is milliseconds.

27
api/tacticalrmm/tacticalrmm/settings.py
View File

@ -3,6 +3,7 @@ import sys
from contextlib import suppress from contextlib import suppress
from datetime import timedelta from datetime import timedelta
from pathlib import Path from pathlib import Path
from tacticalrmm.helpers import get_root_domain
BASE_DIR = Path(__file__).resolve().parent.parent BASE_DIR = Path(__file__).resolve().parent.parent
@ -117,12 +118,38 @@ REDIS_HOST = "127.0.0.1"
TRMM_LOG_LEVEL = "ERROR" TRMM_LOG_LEVEL = "ERROR"
TRMM_LOG_TO = "file" TRMM_LOG_TO = "file"
if not DOCKER_BUILD:
ALLOWED_HOSTS = []
CORS_ORIGIN_WHITELIST = []
TRMM_PROTO = "https"
TRMM_BACKEND_PORT = None
with suppress(ImportError): with suppress(ImportError):
from ee.sso.sso_settings import * # noqa from ee.sso.sso_settings import * # noqa
with suppress(ImportError): with suppress(ImportError):
from .local_settings import * # noqa from .local_settings import * # noqa
if not DOCKER_BUILD:
TRMM_ROOT_DOMAIN = get_root_domain(ALLOWED_HOSTS[0])
ALLOWED_HOSTS.append(TRMM_ROOT_DOMAIN)
if DEBUG:
ALLOWED_HOSTS.append("*")
backend_url = f"{TRMM_PROTO}://{ALLOWED_HOSTS[0]}"
if TRMM_BACKEND_PORT:
backend_url = f"{backend_url}:{TRMM_BACKEND_PORT}"
SESSION_COOKIE_DOMAIN = TRMM_ROOT_DOMAIN
CSRF_COOKIE_DOMAIN = TRMM_ROOT_DOMAIN
CSRF_TRUSTED_ORIGINS = [CORS_ORIGIN_WHITELIST[0], backend_url]
HEADLESS_FRONTEND_URLS = {
"socialaccount_login_error": f"{CORS_ORIGIN_WHITELIST[0]}/account/provider/callback"
}
CHECK_TOKEN_URL = f"{AGENT_BASE_URL}/api/v2/checktoken" CHECK_TOKEN_URL = f"{AGENT_BASE_URL}/api/v2/checktoken"
AGENTS_URL = f"{AGENT_BASE_URL}/api/v2/agents/?" AGENTS_URL = f"{AGENT_BASE_URL}/api/v2/agents/?"
EXE_GEN_URL = f"{AGENT_BASE_URL}/api/v2/exe" EXE_GEN_URL = f"{AGENT_BASE_URL}/api/v2/exe"

11
install.sh
View File

@ -570,7 +570,6 @@ python manage.py load_chocos
python manage.py load_community_scripts python manage.py load_community_scripts
WEB_VERSION=$(python manage.py get_config webversion) WEB_VERSION=$(python manage.py get_config webversion)
WEBTAR_URL=$(python manage.py get_webtar_url) WEBTAR_URL=$(python manage.py get_webtar_url)
ROOT_DOMAIN=$(python manage.py get_config rootdomain)
printf >&2 "${YELLOW}%0.s*${NC}" {1..80} printf >&2 "${YELLOW}%0.s*${NC}" {1..80}
printf >&2 "\n" printf >&2 "\n"
printf >&2 "${YELLOW}Please create your login for the RMM website${NC}\n" printf >&2 "${YELLOW}Please create your login for the RMM website${NC}\n"
@ -586,16 +585,6 @@ python manage.py generate_barcode ${RANDBASE} ${djangousername} ${frontenddomain
deactivate deactivate
read -n 1 -s -r -p "Press any key to continue..." read -n 1 -s -r -p "Press any key to continue..."
allauth="$(
cat <<EOF
SESSION_COOKIE_DOMAIN = '${ROOT_DOMAIN}'
CSRF_COOKIE_DOMAIN = '${ROOT_DOMAIN}'
CSRF_TRUSTED_ORIGINS = ["https://${frontenddomain}", "https://${rmmdomain}"]
HEADLESS_FRONTEND_URLS = {"socialaccount_login_error": "https://${frontenddomain}/account/provider/callback"}
EOF
)"
echo "${allauth}" | tee --append $local_settings >/dev/null
rmmservice="$( rmmservice="$(
cat <<EOF cat <<EOF
[Unit] [Unit]

17
restore.sh
View File

@ -501,23 +501,6 @@ CERT_PUB_KEY=$(python manage.py get_config certfile)
CERT_PRIV_KEY=$(python manage.py get_config keyfile) CERT_PRIV_KEY=$(python manage.py get_config keyfile)
deactivate deactivate
HAS_ALLAUTH=$(grep HEADLESS_FRONTEND_URLS $local_settings)
if ! [[ $HAS_ALLAUTH ]]; then
source /rmm/api/env/bin/activate
cd /rmm/api/tacticalrmm
ROOT_DOMAIN=$(python manage.py get_config rootdomain)
deactivate
allauth="$(
cat <<EOF
SESSION_COOKIE_DOMAIN = '${ROOT_DOMAIN}'
CSRF_COOKIE_DOMAIN = '${ROOT_DOMAIN}'
CSRF_TRUSTED_ORIGINS = ["https://${FRONTEND}", "https://${API}"]
HEADLESS_FRONTEND_URLS = {"socialaccount_login_error": "https://${FRONTEND}/account/provider/callback"}
EOF
)"
echo "${allauth}" | tee --append $local_settings >/dev/null
fi
print_green 'Restoring hosts file' print_green 'Restoring hosts file'
if grep -q manage_etc_hosts /etc/hosts; then if grep -q manage_etc_hosts /etc/hosts; then

17
update.sh
View File

@ -452,23 +452,6 @@ CERT_PUB_KEY=$(python manage.py get_config certfile)
CERT_PRIV_KEY=$(python manage.py get_config keyfile) CERT_PRIV_KEY=$(python manage.py get_config keyfile)
deactivate deactivate
HAS_ALLAUTH=$(grep HEADLESS_FRONTEND_URLS $local_settings)
if ! [[ $HAS_ALLAUTH ]]; then
source /rmm/api/env/bin/activate
cd /rmm/api/tacticalrmm
ROOT_DOMAIN=$(python manage.py get_config rootdomain)
deactivate
allauth="$(
cat <<EOF
SESSION_COOKIE_DOMAIN = '${ROOT_DOMAIN}'
CSRF_COOKIE_DOMAIN = '${ROOT_DOMAIN}'
CSRF_TRUSTED_ORIGINS = ["https://${FRONTEND}", "https://${API}"]
HEADLESS_FRONTEND_URLS = {"socialaccount_login_error": "https://${FRONTEND}/account/provider/callback"}
EOF
)"
echo "${allauth}" | tee --append $local_settings >/dev/null
fi
if grep -q manage_etc_hosts /etc/hosts; then if grep -q manage_etc_hosts /etc/hosts; then
sudo sed -i '/manage_etc_hosts: true/d' /etc/cloud/cloud.cfg >/dev/null sudo sed -i '/manage_etc_hosts: true/d' /etc/cloud/cloud.cfg >/dev/null
if ! grep -q "manage_etc_hosts: false" /etc/cloud/cloud.cfg; then if ! grep -q "manage_etc_hosts: false" /etc/cloud/cloud.cfg; then