remove reporting user and configuration
This commit is contained in:
sadnub
parent
f78a787adb
commit
cd25a9568b
|
|
@ -114,7 +114,6 @@ EOF
|
|||
"${VIRTUAL_ENV}"/bin/python manage.py load_community_scripts
|
||||
"${VIRTUAL_ENV}"/bin/python manage.py reload_nats
|
||||
"${VIRTUAL_ENV}"/bin/python manage.py create_natsapi_conf
|
||||
"${VIRTUAL_ENV}"/bin/python manage.py setup_reporting_permissions
|
||||
"${VIRTUAL_ENV}"/bin/python manage.py create_installer_user
|
||||
"${VIRTUAL_ENV}"/bin/python manage.py post_update_tasks
|
||||
|
||||
|
|
|
|||
|
|
@ -1,53 +0,0 @@
|
|||
"""
|
||||
Copyright (c) 2023-present Amidaware Inc.
|
||||
This file is subject to the EE License Agreement.
|
||||
For details, see: https://license.tacticalrmm.com/ee
|
||||
"""
|
||||
|
||||
from django.conf import settings as djangosettings
|
||||
from django.core.management.base import BaseCommand
|
||||
from psycopg import connect
|
||||
|
||||
from ...constants import REPORTING_MODELS
|
||||
|
||||
|
||||
class Command(BaseCommand):
|
||||
help = "Setup reporting user and permissions"
|
||||
|
||||
def handle(self, *args, **kwargs) -> None:
|
||||
try:
|
||||
trmm_db_conn = djangosettings.DATABASES["default"]
|
||||
trmm_reporting_conn = djangosettings.DATABASES["reporting"]
|
||||
conn = connect(
|
||||
dbname=trmm_db_conn["NAME"], # type: ignore
|
||||
user=trmm_db_conn["USER"], # type: ignore
|
||||
host=trmm_db_conn["HOST"], # type: ignore
|
||||
password=trmm_db_conn["PASSWORD"], # type: ignore
|
||||
port=trmm_db_conn["PORT"], # type: ignore
|
||||
)
|
||||
cursor = conn.cursor()
|
||||
sql_commands = """"""
|
||||
|
||||
# need to create reporting user
|
||||
if djangosettings.DOCKER_BUILD:
|
||||
try:
|
||||
cursor.execute(
|
||||
f"""CREATE USER {trmm_reporting_conn["USER"]} WITH PASSWORD '{trmm_reporting_conn["PASSWORD"]}';"""
|
||||
)
|
||||
conn.commit()
|
||||
except Exception as error:
|
||||
cursor.execute("ROLLBACK")
|
||||
conn.commit()
|
||||
self.stderr.write(str(error))
|
||||
|
||||
sql_commands += f"""GRANT CONNECT ON DATABASE {trmm_db_conn["NAME"]} TO {trmm_reporting_conn["USER"]};
|
||||
GRANT USAGE ON SCHEMA public TO {trmm_reporting_conn["USER"]};"""
|
||||
for model, app in REPORTING_MODELS:
|
||||
sql_commands += f"""GRANT SELECT ON {app}_{model.lower()} TO {trmm_reporting_conn["USER"]};\n""" # type: ignore
|
||||
|
||||
cursor.execute(sql_commands)
|
||||
cursor.execute("COMMIT")
|
||||
cursor.close()
|
||||
conn.close()
|
||||
except Exception as error:
|
||||
self.stderr.write(str(error))
|
||||
19
install.sh
19
install.sh
|
|
@ -114,8 +114,6 @@ ADMINURL=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 70 | head -n 1)
|
|||
MESHPASSWD=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 25 | head -n 1)
|
||||
pgusername=$(cat /dev/urandom | tr -dc 'a-z' | fold -w 8 | head -n 1)
|
||||
pgpw=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 20 | head -n 1)
|
||||
pgreportingusername=$(cat /dev/urandom | tr -dc 'a-z' | fold -w 8 | head -n 1)
|
||||
pgreportingpw=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 20 | head -n 1)
|
||||
meshusername=$(cat /dev/urandom | tr -dc 'a-z' | fold -w 8 | head -n 1)
|
||||
MESHPGUSER=$(cat /dev/urandom | tr -dc 'a-z' | fold -w 8 | head -n 1)
|
||||
MESHPGPWD=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 20 | head -n 1)
|
||||
|
|
@ -334,11 +332,6 @@ sudo -u postgres psql -c "GRANT ALL PRIVILEGES ON DATABASE meshcentral TO ${MESH
|
|||
sudo -u postgres psql -c "ALTER DATABASE meshcentral OWNER TO ${MESHPGUSER}"
|
||||
sudo -u postgres psql -c "GRANT USAGE, CREATE ON SCHEMA PUBLIC TO ${MESHPGUSER}"
|
||||
|
||||
print_green 'Creating reporting user'
|
||||
sudo -u postgres psql -c "CREATE USER ${pgreportingusername} WITH PASSWORD '${pgreportingpw}'"
|
||||
sudo -u postgres psql -c "GRANT CONNECT ON DATABASE tacticalrmm TO ${pgreportingusername}"
|
||||
sudo -u postgres psql -c "GRANT USAGE ON SCHEMA public TO ${pgreportingusername}"
|
||||
|
||||
print_green 'Cloning repos'
|
||||
|
||||
sudo mkdir /rmm
|
||||
|
|
@ -467,17 +460,6 @@ DATABASES = {
|
|||
'PASSWORD': '${pgpw}',
|
||||
'HOST': 'localhost',
|
||||
'PORT': '5432',
|
||||
},
|
||||
'reporting': {
|
||||
'ENGINE': 'django.db.backends.postgresql',
|
||||
'NAME': 'tacticalrmm',
|
||||
'USER': '${pgreportingusername}',
|
||||
'PASSWORD': '${pgreportingpw}',
|
||||
'HOST': 'localhost',
|
||||
'PORT': '5432',
|
||||
'OPTIONS': {
|
||||
'options': '-c default_transaction_read_only=on'
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
|
@ -526,7 +508,6 @@ python manage.py create_natsapi_conf
|
|||
python manage.py create_uwsgi_conf
|
||||
python manage.py load_chocos
|
||||
python manage.py load_community_scripts
|
||||
python manage.py setup_reporting_permissions
|
||||
WEB_VERSION=$(python manage.py get_config webversion)
|
||||
printf >&2 "${YELLOW}%0.s*${NC}" {1..80}
|
||||
printf >&2 "\n"
|
||||
|
|
|
|||
30
update.sh
30
update.sh
|
|
@ -347,35 +347,6 @@ nats_api='/usr/local/bin/nats-api'
|
|||
sudo cp /rmm/natsapi/bin/${natsapi} $nats_api
|
||||
sudo chown ${USER}:${USER} $nats_api
|
||||
sudo chmod +x $nats_api
|
||||
echo 'Checking for reporting connection'
|
||||
CHECK_REPORTING_DB_CONNECTION=$(grep 'reporting' /rmm/api/tacticalrmm/tacticalrmm/local_settings.py)
|
||||
if ! [[ $CHECK_REPORTING_DB_CONNECTION ]]; then
|
||||
pgreportingusername=$(cat /dev/urandom | tr -dc 'a-z' | fold -w 8 | head -n 1)
|
||||
pgreportingpw=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 20 | head -n 1)
|
||||
|
||||
echo 'Creating reporting user'
|
||||
sudo -u postgres psql -c "CREATE USER ${pgreportingusername} WITH PASSWORD '${pgreportingpw}'"
|
||||
sudo -u postgres psql -c "GRANT CONNECT ON DATABASE tacticalrmm TO ${pgreportingusername}"
|
||||
sudo -u postgres psql -c "GRANT USAGE ON SCHEMA public TO ${pgreportingusername}"
|
||||
|
||||
echo 'Creating reporting connection'
|
||||
reportingconnection="$(
|
||||
cat <<EOF
|
||||
DATABASES['reporting'] = {
|
||||
'ENGINE': 'django.db.backends.postgresql',
|
||||
'NAME': 'tacticalrmm',
|
||||
'USER': '${pgreportingusername}',
|
||||
'PASSWORD': '${pgreportingpw}',
|
||||
'HOST': 'localhost',
|
||||
'PORT': '5432',
|
||||
'OPTIONS': {
|
||||
'options': '-c default_transaction_read_only=on'
|
||||
}
|
||||
}
|
||||
EOF
|
||||
)"
|
||||
echo "${reportingconnection}" | tee --append /rmm/api/tacticalrmm/tacticalrmm/local_settings.py >/dev/null
|
||||
fi
|
||||
|
||||
if [[ "${CURRENT_PIP_VER}" != "${LATEST_PIP_VER}" ]] || [[ "$force" = true ]]; then
|
||||
rm -rf /rmm/api/env
|
||||
|
|
@ -414,7 +385,6 @@ python manage.py create_installer_user
|
|||
python manage.py create_natsapi_conf
|
||||
python manage.py create_uwsgi_conf
|
||||
python manage.py clear_redis_celery_locks
|
||||
python manage.py setup_reporting_permissions
|
||||
python manage.py post_update_tasks
|
||||
API=$(python manage.py get_config api)
|
||||
WEB_VERSION=$(python manage.py get_config webversion)
|
||||
|
|
|
|||
Loading…
Reference in New Issue