Merge pull request #951 from silversword411/develop

Adding all services to troubleshooting_server.sh and docs additions
2022-01-21 15:53:40 -08:00 · 2022-01-21 15:53:40 -08:00 · b8653e6601
parent cb4b1971e6 63c60ba716
commit b8653e6601
9 changed files with 82 additions and 25 deletions
--- a/docs/docs/faq.md
+++ b/docs/docs/faq.md
@ -86,9 +86,9 @@ Copy the username then ssh into the server and run:

 ```bash
 cd /meshcentral/
-sudo systemctl stop meshcentral
+sudo systemctl stop meshcentral.service
 node node_modules/meshcentral --resetaccount <username> --pass <newpassword>
-sudo systemctl start meshcentral
+sudo systemctl start meshcentral.service
 ```

 ## Help! I've been hacked there are weird agents appearing in my Tactical RMM
--- a/docs/docs/functions/api.md
+++ b/docs/docs/functions/api.md
@ -33,7 +33,7 @@ Open `/rmm/api/tacticalrmm/tacticalrmm/local_settings.py` and add
 SWAGGER_ENABLED = True
 ```

-Restart django: `sudo systemctl restart rmm`
+Restart django: `sudo systemctl restart rmm.service`

 Then visit `https://api.example.com/api/schema/swagger-ui/` to see it in action.

--- a/docs/docs/functions/django_admin.md
+++ b/docs/docs/functions/django_admin.md
@ -7,7 +7,7 @@ The django admin is basically a web interface for the postgres database.

 As of Tactical RMM v0.4.19, the django admin is disabled by default.

-To enable it, edit `/rmm/api/tacticalrmm/tacticalrmm/local_settings.py` and change `ADMIN_ENABLED` from `False` to `True` then `sudo systemctl restart rmm`
+To enable it, edit `/rmm/api/tacticalrmm/tacticalrmm/local_settings.py` and change `ADMIN_ENABLED` from `False` to `True` then `sudo systemctl restart rmm.service`

 Login to the django admin using the same credentials as your normal web ui login.

--- a/docs/docs/functions/settings_override.md
+++ b/docs/docs/functions/settings_override.md
@ -16,4 +16,4 @@ REST_KNOX = {
 }
 ```

-Change `(days=30)` to whatever you prefer. Then run `sudo systemctl restart rmm` for changes to take effect.
+Change `(days=30)` to whatever you prefer. Then run `sudo systemctl restart rmm.service` for changes to take effect.
--- a/docs/docs/howitallworks.md
+++ b/docs/docs/howitallworks.md
@ -130,7 +130,7 @@ Nginx is the web server for the `rmm`, `api`, and `mesh` domains. All sites redi

 #### Tactical RMM (Django uWSGI) service

-Built on the Django framework, the Tactical RMM service is the heart of system by serving the API for the frontend and agents.
+Built on the Django framework, the Tactical RMM service is the heart of the system by serving the API for the frontend and agents.

 ???+ note "systemd config"

--- a/docs/docs/tipsntricks.md
+++ b/docs/docs/tipsntricks.md
@ -66,3 +66,7 @@ Use the (i) at the end of the script name to:
 - Left Click: Opens the script source in Github

 ![Script Parameter Syntax](images/tipsntricks_script_syntaxhelp.png)
+
+## Running a command on Tactical with Tactical
+
+Use the agent recovery "shell command" feature that will run in detached process so it won't kill itself or create a script that runs detached to call it.
--- a/docs/docs/troubleshooting.md
+++ b/docs/docs/troubleshooting.md
@ -78,25 +78,25 @@ Reload NATS:

 ```bash
 /rmm/api/env/bin/python /rmm/api/tacticalrmm/manage.py reload_nats
-sudo systemctl restart nats
+sudo systemctl restart nats.service
 ```

 Look at nats service errors (make sure it's running)

 ```bash
-sudo systemctl status nats
+sudo systemctl status nats.service
 ```

 If nats isn't running see detailed reason why it isn't:

 ```bash
-sudo systemctl stop nats
+sudo systemctl stop nats.service
 nats-server -DVV -c /rmm/api/tacticalrmm/nats-rmm.conf
 ```

 Fix the problem, then restart nats.
 ```
-sudo systemctl restart nats
+sudo systemctl restart nats.service
 ```

 ### From Agent Install
@ -143,19 +143,21 @@ Open your browser's dev tools (++ctrl+shift+j++ on chrome) and check the Console
 Check all the systemd services that the rmm uses to function and check to make sure they're all active/running and enabled:

 ```bash
-sudo systemctl status rmm
-sudo systemctl status daphne
-sudo systemctl status celery
-sudo systemctl status celerybeat
-sudo systemctl status nginx
-sudo systemctl status nats
-sudo systemctl status nats-api
-sudo systemctl status meshcentral
-sudo systemctl status mongod
-sudo systemctl status postgresql
-sudo systemctl status redis
+sudo systemctl status rmm.service
+sudo systemctl status daphne.service
+sudo systemctl status celery.service
+sudo systemctl status celerybeat.service
+sudo systemctl status nginx.service
+sudo systemctl status nats.service
+sudo systemctl status nats-api.service
+sudo systemctl status meshcentral.service
+sudo systemctl status mongod.service
+sudo systemctl status postgresql.service
+sudo systemctl status redis-server.service
 ```

+or you can use `systemctl --failed` to see any failed services on your machine.
+
 Read through the log files in the following folders and check for errors:

 ```bash
@ -171,6 +173,8 @@ Read through the log files in the following folders and check for errors:

 - mesh.example.com can be proxied with the caveat that Mesh checks the cert presented to the agent is the same one on the server. I.e. no MITM. You'll need to copy Cloudflare's edge cert to your server if you want to proxy this domain.

+If you're getting `Invalid group id` at the end of the install you're probably doing something wrong/wrong IP for api.
+
 ## Testing Network Connectivity between agent and server

 Use powershell, make sure you can connect to 443 and 4222 from agent to server:
--- a/docs/docs/unsupported_scripts.md
+++ b/docs/docs/unsupported_scripts.md
@ -365,7 +365,7 @@ sudo echo "${tacticalfail2banjail}" > /etc/fail2ban/jail.d/tacticalrmm.local
 ### Restart fail2ban

 ```bash
-sudo systemctl restart fail2ban
+sudo systemctl restart fail2ban.service
 ```

 ## Using purchased SSL certs instead of LetsEncrypt wildcards
@ -430,7 +430,7 @@ You need to add the certificate private key and public keys to the following fil

 7. Restart services
   
-        sudo systemctl restart rmm celery celerybeat nginx nats nats-api
+        sudo systemctl restart rmm.service celery.service celerybeat.service nginx.service nats.service nats-api.service

 ## Use certbot to do acme challenge over http

@ -668,7 +668,7 @@ sudo ln -s /etc/nginx/sites-available/frontend.conf /etc/nginx/sites-enabled/fro

 ### Restart nginx

-sudo systemctl restart nginx
+sudo systemctl restart nginx.service


 ### Get letsencrypt Certs
@ -886,7 +886,7 @@ add the lines from 'real_ip' module inside server tag:

 restart nginx

-    systemctl restart nginx
+    systemctl restart nginx.service

 ### APACHE
 enable ssl proxy, rewriteEngine. 
--- a/troubleshoot_server.sh
+++ b/troubleshoot_server.sh
@ -2,6 +2,7 @@

 # Tactical RMM install troubleshooting script
 # Contributed by https://github.com/dinger1986
+# v1.1 1/21/2022 update to include all services

 # This script asks for the 3 subdomains, checks they exist, checks they resolve locally and remotely (using google dns for remote), 
 # checks services are running, checks ports are opened. The only part that will make the script stop is if the sub domains dont exist, theres literally no point in going further if thats the case
@ -134,6 +135,10 @@ celerybeatstatus=$(systemctl is-active celerybeat)
 nginxstatus=$(systemctl is-active nginx)
 natsstatus=$(systemctl is-active nats)
 natsapistatus=$(systemctl is-active nats-api)
+meshcentralstatus=$(systemctl is-active meshcentral)
+mongodstatus=$(systemctl is-active mongod)
+postgresqlstatus=$(systemctl is-active postgresql)
+redisserverstatus=$(systemctl is-active redis-server)

 # RMM Service
 if [ $rmmstatus = active ]; then
@ -210,6 +215,50 @@ else
    echo -ne ${RED}  'nats-api Service isnt running (Tactical wont work without this)' | tee -a checklog.log
 	printf >&2 "\n\n"

+fi
+
+# meshcentral Service
+if [ $meshcentralstatus = active ]; then
+    echo -ne ${GREEN} Success meshcentral Service is running | tee -a checklog.log
+	printf >&2 "\n\n"
+else
+	printf >&2 "\n\n" | tee -a checklog.log
+    echo -ne ${RED}  'meshcentral Service isnt running (Tactical wont work without this)' | tee -a checklog.log
+	printf >&2 "\n\n"
+
+fi
+
+# mongod Service
+if [ $mongodstatus = active ]; then
+    echo -ne ${GREEN} Success mongod Service is running | tee -a checklog.log
+	printf >&2 "\n\n"
+else
+	printf >&2 "\n\n" | tee -a checklog.log
+    echo -ne ${RED}  'mongod Service isnt running (Tactical wont work without this)' | tee -a checklog.log
+	printf >&2 "\n\n"
+
+fi
+
+# postgresql Service
+if [ $postgresqlstatus = active ]; then
+    echo -ne ${GREEN} Success postgresql Service is running | tee -a checklog.log
+	printf >&2 "\n\n"
+else
+	printf >&2 "\n\n" | tee -a checklog.log
+    echo -ne ${RED}  'postgresql Service isnt running (Tactical wont work without this)' | tee -a checklog.log
+	printf >&2 "\n\n"
+
+fi
+
+# redis-server Service
+if [ $redisserverstatus = active ]; then
+    echo -ne ${GREEN} Success redis-server Service is running | tee -a checklog.log
+	printf >&2 "\n\n"
+else
+	printf >&2 "\n\n" | tee -a checklog.log
+    echo -ne ${RED}  'redis-server Service isnt running (Tactical wont work without this)' | tee -a checklog.log
+	printf >&2 "\n\n"
+
 fi

 	echo -ne ${YELLOW} Checking Open Ports | tee -a checklog.log