diff --git a/.devcontainer/docker-compose.yml b/.devcontainer/docker-compose.yml index 893d17ef..dddb1bde 100644 --- a/.devcontainer/docker-compose.yml +++ b/.devcontainer/docker-compose.yml @@ -32,21 +32,6 @@ services: aliases: - tactical-frontend - # salt master and api - salt-dev: - image: ${IMAGE_REPO}tactical-salt:${VERSION} - restart: always - volumes: - - tactical-data-dev:/opt/tactical - - salt-data-dev:/etc/salt - ports: - - "4505:4505" - - "4506:4506" - networks: - dev: - aliases: - - tactical-salt - # nats nats-dev: image: ${IMAGE_REPO}tactical-nats:${VERSION} @@ -231,7 +216,6 @@ volumes: postgres-data-dev: mongo-dev-data: mesh-data-dev: - salt-data-dev: networks: dev: diff --git a/.devcontainer/entrypoint.sh b/.devcontainer/entrypoint.sh index 94f20d99..19180e25 100644 --- a/.devcontainer/entrypoint.sh +++ b/.devcontainer/entrypoint.sh @@ -9,8 +9,6 @@ set -e : "${POSTGRES_USER:=tactical}" : "${POSTGRES_PASS:=tactical}" : "${POSTGRES_DB:=tacticalrmm}" -: "${SALT_HOST:=tactical-salt}" -: "${SALT_USER:=saltapi}" : "${MESH_CONTAINER:=tactical-meshcentral}" : "${MESH_USER:=meshcentral}" : "${MESH_PASS:=meshcentralpass}" @@ -50,14 +48,6 @@ function django_setup { MESH_TOKEN=$(cat ${TACTICAL_DIR}/tmp/mesh_token) DJANGO_SEKRET=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 80 | head -n 1) - - # write salt pass to tmp dir - if [ ! -f "${TACTICAL__DIR}/tmp/salt_pass" ]; then - SALT_PASS=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 20 | head -n 1) - echo "${SALT_PASS}" > ${TACTICAL_DIR}/tmp/salt_pass - else - SALT_PASS=$(cat ${TACTICAL_DIR}/tmp/salt_pass) - fi localvars="$(cat << EOF SECRET_KEY = '${DJANGO_SEKRET}' @@ -106,9 +96,6 @@ if not DEBUG: ) }) -SALT_USERNAME = '${SALT_USER}' -SALT_PASSWORD = '${SALT_PASS}' -SALT_HOST = '${SALT_HOST}' MESH_USERNAME = '${MESH_USER}' MESH_SITE = 'https://${MESH_HOST}' MESH_TOKEN_KEY = '${MESH_TOKEN}' diff --git a/.github/workflows/docker-build-push.yml b/.github/workflows/docker-build-push.yml index 64cf7390..027028df 100644 --- a/.github/workflows/docker-build-push.yml +++ b/.github/workflows/docker-build-push.yml @@ -57,16 +57,6 @@ jobs: platforms: linux/amd64 tags: tacticalrmm/tactical-nats:${{ steps.prep.outputs.version }},tacticalrmm/tactical-nats:latest - - name: Build and Push Tactical Salt Image - uses: docker/build-push-action@v2 - with: - context: . - push: true - pull: true - file: ./docker/containers/tactical-salt/dockerfile - platforms: linux/amd64 - tags: tacticalrmm/tactical-salt:${{ steps.prep.outputs.version }},tacticalrmm/tactical-salt:latest - - name: Build and Push Tactical Frontend Image uses: docker/build-push-action@v2 with: diff --git a/docker/containers/tactical-nginx/entrypoint.sh b/docker/containers/tactical-nginx/entrypoint.sh index 144765cb..7a53854d 100644 --- a/docker/containers/tactical-nginx/entrypoint.sh +++ b/docker/containers/tactical-nginx/entrypoint.sh @@ -63,18 +63,6 @@ server { alias ${TACTICAL_DIR}/api/tacticalrmm/private/; } - location /saltscripts/ { - internal; - add_header "Access-Control-Allow-Origin" "https://${APP_HOST}"; - alias ${TACTICAL_DIR}/scripts/userdefined/; - } - - location /builtin/ { - internal; - add_header "Access-Control-Allow-Origin" "https://${APP_HOST}"; - alias ${TACTICAL_DIR}/scripts/; - } - location ~ ^/(natsapi) { deny all; } diff --git a/docker/containers/tactical-salt/dockerfile b/docker/containers/tactical-salt/dockerfile deleted file mode 100644 index ca3dbe24..00000000 --- a/docker/containers/tactical-salt/dockerfile +++ /dev/null @@ -1,24 +0,0 @@ -FROM ubuntu:20.04 - -ENV TACTICAL_DIR /opt/tactical -ENV TACTICAL_READY_FILE ${TACTICAL_DIR}/tmp/tactical.ready -ENV SALT_USER saltapi - -SHELL ["/bin/bash", "-e", "-o", "pipefail", "-c"] - -RUN apt-get update && \ - apt-get install -y ca-certificates wget gnupg2 tzdata supervisor && \ - wget -O - https://repo.saltstack.com/py3/ubuntu/20.04/amd64/latest/SALTSTACK-GPG-KEY.pub | apt-key add - && \ - echo 'deb http://repo.saltstack.com/py3/ubuntu/20.04/amd64/latest focal main' | tee /etc/apt/sources.list.d/saltstack.list && \ - apt-get update && \ - apt-get install -y salt-master salt-api && \ - mkdir -p /var/log/supervisor && \ - sed -i 's/msgpack_kwargs = {"raw": six.PY2}/msgpack_kwargs = {"raw": six.PY2, "max_buffer_size": 2147483647}/g' /usr/lib/python3/dist-packages/salt/transport/ipc.py && \ - adduser --no-create-home --disabled-password --gecos "" ${SALT_USER} - -EXPOSE 8123 4505 4506 - -COPY docker/containers/tactical-salt/entrypoint.sh / -RUN chmod +x /entrypoint.sh - -ENTRYPOINT [ "/entrypoint.sh" ] diff --git a/docker/containers/tactical-salt/entrypoint.sh b/docker/containers/tactical-salt/entrypoint.sh deleted file mode 100644 index 253be7af..00000000 --- a/docker/containers/tactical-salt/entrypoint.sh +++ /dev/null @@ -1,64 +0,0 @@ -#!/usr/bin/env bash - -set -e - -: "${SALT_USER:='saltapi'}" - -sleep 15 -until [ -f "${TACTICAL_READY_FILE}" ]; do - echo "waiting for init container to finish install or update..." - sleep 10 -done - -SALT_PASS=$(cat ${TACTICAL_DIR}/tmp/salt_pass) - -echo "${SALT_USER}:${SALT_PASS}" | chpasswd - -cherrypy_config="$(cat << EOF -file_roots: - base: - - /srv/salt - - ${TACTICAL_DIR} -timeout: 20 -gather_job_timeout: 25 -max_event_size: 30485760 -external_auth: - pam: - ${SALT_USER}: - - .* - - '@runner' - - '@wheel' - - '@jobs' -rest_cherrypy: - port: 8123 - disable_ssl: True - max_request_body_size: 30485760 -EOF -)" - -echo "${cherrypy_config}" > /etc/salt/master.d/rmm-salt.conf - -supervisor_config="$(cat << EOF -[supervisord] -nodaemon=true -[include] -files = /etc/supervisor/conf.d/*.conf - -[program:salt-master] -command=/bin/bash -c "salt-master -l info" -stdout_logfile=/dev/fd/1 -stdout_logfile_maxbytes=0 -redirect_stderr=true - -[program:salt-api] -command=/bin/bash -c "salt-api -l info" -stdout_logfile=/dev/fd/1 -stdout_logfile_maxbytes=0 -redirect_stderr=true -EOF -)" - -echo "${supervisor_config}" > /etc/supervisor/conf.d/supervisor.conf - -# run salt and salt master -/usr/bin/supervisord \ No newline at end of file diff --git a/docker/containers/tactical/dockerfile b/docker/containers/tactical/dockerfile index 883703c6..fa709e81 100644 --- a/docker/containers/tactical/dockerfile +++ b/docker/containers/tactical/dockerfile @@ -38,7 +38,6 @@ ENV PATH "${VIRTUAL_ENV}/bin:${TACTICAL_GO_DIR}/go/bin:$PATH" # copy files from repo COPY api/tacticalrmm ${TACTICAL_TMP_DIR}/api COPY scripts ${TACTICAL_TMP_DIR}/scripts -COPY _modules ${TACTICAL_TMP_DIR}/_modules # copy go install from build stage COPY --from=golang:1.15 /usr/local/go ${TACTICAL_GO_DIR}/go diff --git a/docker/containers/tactical/entrypoint.sh b/docker/containers/tactical/entrypoint.sh index 098bd943..f81bf6cd 100644 --- a/docker/containers/tactical/entrypoint.sh +++ b/docker/containers/tactical/entrypoint.sh @@ -9,8 +9,6 @@ set -e : "${POSTGRES_USER:=tactical}" : "${POSTGRES_PASS:=tactical}" : "${POSTGRES_DB:=tacticalrmm}" -: "${SALT_HOST:=tactical-salt}" -: "${SALT_USER:=saltapi}" : "${MESH_CONTAINER:=tactical-meshcentral}" : "${MESH_USER:=meshcentral}" : "${MESH_PASS:=meshcentralpass}" @@ -53,14 +51,6 @@ if [ "$1" = 'tactical-init' ]; then MESH_TOKEN=$(cat ${TACTICAL_DIR}/tmp/mesh_token) ADMINURL=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 70 | head -n 1) DJANGO_SEKRET=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 80 | head -n 1) - - # write salt pass to tmp dir - if [ ! -f "${TACTICAL__DIR}/tmp/salt_pass" ]; then - SALT_PASS=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 20 | head -n 1) - echo "${SALT_PASS}" > ${TACTICAL_DIR}/tmp/salt_pass - else - SALT_PASS=$(cat ${TACTICAL_DIR}/tmp/salt_pass) - fi localvars="$(cat << EOF SECRET_KEY = '${DJANGO_SEKRET}' @@ -111,9 +101,6 @@ if not DEBUG: ) }) -SALT_USERNAME = '${SALT_USER}' -SALT_PASSWORD = '${SALT_PASS}' -SALT_HOST = '${SALT_HOST}' MESH_USERNAME = '${MESH_USER}' MESH_SITE = 'https://${MESH_HOST}' MESH_TOKEN_KEY = '${MESH_TOKEN}' @@ -176,8 +163,3 @@ if [ "$1" = 'tactical-celerybeat' ]; then test -f "${TACTICAL_DIR}/api/celerybeat.pid" && rm "${TACTICAL_DIR}/api/celerybeat.pid" celery -A tacticalrmm beat -l info fi - -if [ "$1" = 'tactical-celerywinupdate' ]; then - check_tactical_ready - celery -A tacticalrmm worker -Q wupdate -l info -fi diff --git a/docker/docker-compose.yml b/docker/docker-compose.yml index bd23d9c0..1b49cd78 100644 --- a/docker/docker-compose.yml +++ b/docker/docker-compose.yml @@ -15,7 +15,6 @@ networks: # docker managed persistent volumes volumes: tactical_data: - salt_data: postgres_data: mongo_data: mesh_data: @@ -63,19 +62,6 @@ services: - proxy volumes: - tactical_data:/opt/tactical - - # salt master and api - tactical-salt: - image: ${IMAGE_REPO}tactical-salt:${VERSION} - restart: always - ports: - - "4505:4505" - - "4506:4506" - volumes: - - tactical_data:/opt/tactical - - salt_data:/etc/salt - networks: - - proxy # nats tactical-nats: @@ -141,11 +127,9 @@ services: command: ["tactical-backend"] restart: always networks: - proxy: - aliases: - - tactical-backend - api-db: - redis: + - proxy + - api-db + - redis volumes: - tactical_data:/opt/tactical depends_on: @@ -199,18 +183,3 @@ services: depends_on: - tactical-postgres - tactical-redis - - # container for celery winupdate tasks - tactical-celerywinupdate: - image: ${IMAGE_REPO}tactical:${VERSION} - command: ["tactical-celerywinupdate"] - restart: always - networks: - - redis - - proxy - - api-db - volumes: - - tactical_data:/opt/tactical - depends_on: - - tactical-postgres - - tactical-redis diff --git a/docker/image-build.sh b/docker/image-build.sh index c02a97f9..9bb4b5d7 100755 --- a/docker/image-build.sh +++ b/docker/image-build.sh @@ -3,7 +3,7 @@ set -o errexit set -o pipefail -DOCKER_IMAGES="tactical-nginx" +DOCKER_IMAGES="tactical-frontend tactical-nats tactical-nginx tactical-meshcentral" cd ..