zitinexus-public
/
zitinexus-router-script
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

revert last good2

This commit is contained in:
Edmund Tan 2025-07-23 01:48:47 +08:00
parent 19f6f2d6ce
commit 7d9efacf47
2 changed files with 124 additions and 85 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

119
UI/includes/enrollment.php
View File

@ -36,7 +36,7 @@ class EnrollmentManager {
}
/**
* Main enrollment process
* Main enrollment process (simplified - assumes OpenZiti is pre-installed)
*/
public function enrollRouter($hashKey, $apiEndpoint = null) {
try {
@ -46,59 +46,53 @@ class EnrollmentManager {
$this->reportProgress('INIT', 'Starting router enrollment process...', 0);
// Step 1: Check system requirements
$this->reportProgress('REQUIREMENTS', 'Checking system requirements...', 10);
if (!$this->checkSystemRequirements()) {
throw new Exception('System requirements check failed');
// Step 1: Verify OpenZiti is installed
$this->reportProgress('REQUIREMENTS', 'Verifying OpenZiti installation...', 10);
if (!$this->verifyZitiInstallation()) {
throw new Exception('OpenZiti CLI not found. Please run install.sh first to install required packages.');
}
// Step 2: Install OpenZiti if needed
$this->reportProgress('INSTALL', 'Installing OpenZiti CLI...', 20);
if (!$this->installZiti()) {
throw new Exception('OpenZiti installation failed');
}
// Step 3: Create directories
$this->reportProgress('DIRECTORIES', 'Creating necessary directories...', 30);
// Step 2: Create directories
$this->reportProgress('DIRECTORIES', 'Creating necessary directories...', 20);
if (!$this->createDirectories()) {
throw new Exception('Failed to create directories');
}
// Step 4: Register router with API
$this->reportProgress('REGISTER', 'Registering router with ZitiNexus Portal...', 40);
// Step 3: Register router with API
$this->reportProgress('REGISTER', 'Registering router with ZitiNexus Portal...', 30);
$result = $this->apiClient->registerRouter($hashKey);
if (!$result['success']) {
throw new Exception('Router registration failed: ' . $result['error']);
}
$this->routerData = $result['data'];
$this->reportProgress('REGISTER', 'Router registered successfully: ' . $this->routerData['routerInfo']['name'], 50);
$this->reportProgress('REGISTER', 'Router registered successfully: ' . $this->routerData['routerInfo']['name'], 40);
// Step 5: Save configuration files
$this->reportProgress('CONFIG', 'Saving configuration files...', 60);
// Step 4: Save configuration files
$this->reportProgress('CONFIG', 'Saving configuration files...', 50);
if (!$this->saveConfiguration()) {
throw new Exception('Failed to save configuration files');
}
// Step 6: Enroll router with OpenZiti
$this->reportProgress('ENROLL', 'Enrolling router with OpenZiti controller...', 70);
// Step 5: Enroll router with OpenZiti
$this->reportProgress('ENROLL', 'Enrolling router with OpenZiti controller...', 60);
if (!$this->enrollWithZiti()) {
throw new Exception('Router enrollment with OpenZiti failed');
}
// Step 7: Create systemd service
$this->reportProgress('SERVICE', 'Creating systemd service...', 80);
// Step 6: Create systemd service
$this->reportProgress('SERVICE', 'Creating systemd service...', 75);
if (!$this->createSystemdService()) {
throw new Exception('Failed to create systemd service');
}
// Step 8: Start router service
$this->reportProgress('START', 'Starting router service...', 90);
// Step 7: Start router service
$this->reportProgress('START', 'Starting router service...', 85);
if (!$this->startRouter()) {
throw new Exception('Failed to start router service');
}
// Step 9: Report success status
// Step 8: Report success status
$this->reportProgress('REPORT', 'Reporting enrollment status...', 95);
$this->reportSuccessStatus($hashKey);
@ -135,28 +129,28 @@ class EnrollmentManager {
}
/**
* Check system requirements
* Verify OpenZiti installation (assumes pre-installed by install.sh)
*/
private function checkSystemRequirements() {
private function verifyZitiInstallation() {
// Check if running as root
if (!isRunningAsRoot()) {
throw new Exception('This script must be run as root (use sudo)');
}
// Check if curl is available
if (!$this->checkCommand('curl')) {
$this->reportProgress('REQUIREMENTS', 'Installing curl...');
if (!$this->installPackage('curl')) {
return false;
}
// Check if ziti command exists
if (!$this->checkCommand('ziti')) {
throw new Exception('OpenZiti CLI not found. Please run install.sh first to install required packages.');
}
// Check if jq is available
if (!$this->checkCommand('jq')) {
$this->reportProgress('REQUIREMENTS', 'Installing jq...');
if (!$this->installPackage('jq')) {
return false;
}
// Get and report ziti version
$output = '';
executeCommand('ziti version 2>/dev/null | head -n1', $output);
$zitiVersion = trim($output);
$this->reportProgress('REQUIREMENTS', 'OpenZiti CLI found: ' . ($zitiVersion ?: 'unknown version'));
// Verify ziti router command is available
if (!executeCommand('ziti router --help >/dev/null 2>&1')) {
throw new Exception('OpenZiti router commands not available. Please run install.sh to install the complete OpenZiti package.');
}
// Check if systemctl is available
@ -164,50 +158,15 @@ class EnrollmentManager {
throw new Exception('systemctl is required but not available');
}
return true;
}
/**
* Install OpenZiti CLI
*/
private function installZiti() {
// Check if ziti is already installed
if ($this->checkCommand('ziti')) {
$output = '';
executeCommand('ziti version 2>/dev/null | head -n1', $output);
$this->reportProgress('INSTALL', 'OpenZiti CLI already installed: ' . trim($output));
return true;
}
$this->reportProgress('INSTALL', 'Installing OpenZiti CLI from pre-configured repository...');
// Verify repository is configured
if (!file_exists('/etc/apt/sources.list.d/openziti-release.list')) {
throw new Exception('OpenZiti repository not configured. Please run install.sh first to set up the system.');
}
if (!file_exists('/usr/share/keyrings/openziti.gpg')) {
throw new Exception('OpenZiti GPG key not found. Please run install.sh first to set up the system.');
}
// Install openziti-router package from pre-configured repository
$this->reportProgress('INSTALL', 'Installing openziti-router package...');
if (!executeCommand('apt-get install -y openziti-router')) {
$this->reportProgress('INSTALL', 'Trying to install ziti CLI only...');
if (!executeCommand('apt-get install -y ziti')) {
throw new Exception('Failed to install OpenZiti CLI. Repository may not be properly configured. Please run install.sh first.');
// Verify basic system commands are available (should be installed by install.sh)
$requiredCommands = ['curl', 'hostname', 'uname'];
foreach ($requiredCommands as $cmd) {
if (!$this->checkCommand($cmd)) {
throw new Exception("Required command '$cmd' not found. Please run install.sh to install system dependencies.");
}
}
// Verify installation
if (!$this->checkCommand('ziti')) {
throw new Exception('OpenZiti CLI installation failed - command not found after installation');
}
$output = '';
executeCommand('ziti version 2>/dev/null | head -n1', $output);
$this->reportProgress('INSTALL', 'OpenZiti CLI installed successfully: ' . trim($output));
$this->reportProgress('REQUIREMENTS', 'All required components verified successfully');
return true;
}

90
UI/install.sh
View File

@ -337,7 +337,7 @@ configure_php() {
log "SUCCESS" "PHP configured successfully"
}
# Set up OpenZiti package repository
# Set up OpenZiti package repository and install packages
setup_openziti_repository() {
log "INFO" "Setting up OpenZiti package repository..."
@ -420,7 +420,7 @@ setup_openziti_repository() {
# Update package list
log "INFO" "Updating package list..."
if apt update >/dev/null 2>&1; then
if apt update; then
log "SUCCESS" "Package list updated successfully"
else
log "WARNING" "Package list update had issues, but continuing..."
@ -437,6 +437,66 @@ setup_openziti_repository() {
fi
}
# Install OpenZiti packages
install_openziti_packages() {
log "INFO" "Installing OpenZiti packages..."
# Check if OpenZiti CLI is already installed
if command -v ziti &> /dev/null; then
local ziti_version=$(ziti version 2>/dev/null | head -n1 || echo "unknown")
log "INFO" "OpenZiti CLI already installed: $ziti_version"
# Check if we also have the router package
if dpkg -l | grep -q openziti-router; then
log "SUCCESS" "OpenZiti router package already installed"
return 0
fi
fi
log "INFO" "Installing OpenZiti packages using package repository..."
# Try to install openziti-router package first (includes ziti CLI)
log "INFO" "Installing openziti-router package..."
if apt install -y openziti-router; then
log "SUCCESS" "OpenZiti router package installed successfully"
else
log "WARNING" "Failed to install openziti-router package, trying ziti CLI only..."
# Fallback: Try to install just the ziti CLI
log "INFO" "Attempting to install ziti CLI only..."
if apt install -y ziti; then
log "SUCCESS" "OpenZiti CLI installed successfully"
else
error_exit "Failed to install OpenZiti packages from repository"
fi
fi
# Verify installation
if command -v ziti &> /dev/null; then
local ziti_version=$(ziti version 2>/dev/null | head -n1 || echo "unknown")
log "SUCCESS" "OpenZiti CLI installed and working: $ziti_version"
else
error_exit "OpenZiti CLI installation failed - command not found after installation"
fi
# Additional verification - test basic ziti commands
log "INFO" "Testing OpenZiti CLI functionality..."
if ziti --help >/dev/null 2>&1; then
log "SUCCESS" "OpenZiti CLI is functional"
else
log "WARNING" "OpenZiti CLI may not be fully functional"
fi
# Check for router-specific functionality
if ziti router --help >/dev/null 2>&1; then
log "SUCCESS" "OpenZiti router commands are available"
else
log "WARNING" "OpenZiti router commands may not be available"
fi
log "SUCCESS" "OpenZiti package installation completed"
}
# Set up sudo access
setup_sudo() {
log "INFO" "Setting up comprehensive sudo access for web server..."
@ -598,6 +658,21 @@ test_installation() {
else
log "ERROR" "File permissions may be incorrect"
fi
# Test OpenZiti installation
if command -v ziti &> /dev/null; then
local ziti_version=$(ziti version 2>/dev/null | head -n1 || echo "unknown")
log "SUCCESS" "OpenZiti CLI is installed and working: $ziti_version"
# Test ziti router command
if ziti router --help >/dev/null 2>&1; then
log "SUCCESS" "OpenZiti router commands are functional"
else
log "WARNING" "OpenZiti router commands may not be available"
fi
else
log "ERROR" "OpenZiti CLI is not installed or not working"
fi
}
# Show final information
@ -615,9 +690,11 @@ show_final_info() {
echo " Password: admin123"
echo
echo "Important Notes:"
echo " 1. Change the default password in production"
echo " 2. Consider setting up HTTPS for production use"
echo " 3. Review security settings in $WEB_DIR/includes/config.php"
echo " 1. OpenZiti packages are now pre-installed and ready for enrollment"
echo " 2. Change the default password in production"
echo " 3. Consider setting up HTTPS for production use"
echo " 4. Review security settings in $WEB_DIR/includes/config.php"
echo " 5. The UI will now focus only on enrollment using hash keys"
echo
echo "File Locations:"
echo " Web Directory: $WEB_DIR"
@ -674,6 +751,9 @@ main() {
# Set up OpenZiti package repository
setup_openziti_repository
# Install OpenZiti packages
install_openziti_packages
# Update hosts file
update_hosts