From 7d9efacf470ca5fc884acf4a627409478e428071 Mon Sep 17 00:00:00 2001 From: Edmund Tan Date: Wed, 23 Jul 2025 01:48:47 +0800 Subject: [PATCH] revert last good2 --- UI/includes/enrollment.php | 119 ++++++++++++------------------------- UI/install.sh | 90 ++++++++++++++++++++++++++-- 2 files changed, 124 insertions(+), 85 deletions(-) diff --git a/UI/includes/enrollment.php b/UI/includes/enrollment.php index dd0ae1f..22b12b6 100644 --- a/UI/includes/enrollment.php +++ b/UI/includes/enrollment.php @@ -36,7 +36,7 @@ class EnrollmentManager { } /** - * Main enrollment process + * Main enrollment process (simplified - assumes OpenZiti is pre-installed) */ public function enrollRouter($hashKey, $apiEndpoint = null) { try { @@ -46,59 +46,53 @@ class EnrollmentManager { $this->reportProgress('INIT', 'Starting router enrollment process...', 0); - // Step 1: Check system requirements - $this->reportProgress('REQUIREMENTS', 'Checking system requirements...', 10); - if (!$this->checkSystemRequirements()) { - throw new Exception('System requirements check failed'); + // Step 1: Verify OpenZiti is installed + $this->reportProgress('REQUIREMENTS', 'Verifying OpenZiti installation...', 10); + if (!$this->verifyZitiInstallation()) { + throw new Exception('OpenZiti CLI not found. Please run install.sh first to install required packages.'); } - // Step 2: Install OpenZiti if needed - $this->reportProgress('INSTALL', 'Installing OpenZiti CLI...', 20); - if (!$this->installZiti()) { - throw new Exception('OpenZiti installation failed'); - } - - // Step 3: Create directories - $this->reportProgress('DIRECTORIES', 'Creating necessary directories...', 30); + // Step 2: Create directories + $this->reportProgress('DIRECTORIES', 'Creating necessary directories...', 20); if (!$this->createDirectories()) { throw new Exception('Failed to create directories'); } - // Step 4: Register router with API - $this->reportProgress('REGISTER', 'Registering router with ZitiNexus Portal...', 40); + // Step 3: Register router with API + $this->reportProgress('REGISTER', 'Registering router with ZitiNexus Portal...', 30); $result = $this->apiClient->registerRouter($hashKey); if (!$result['success']) { throw new Exception('Router registration failed: ' . $result['error']); } $this->routerData = $result['data']; - $this->reportProgress('REGISTER', 'Router registered successfully: ' . $this->routerData['routerInfo']['name'], 50); + $this->reportProgress('REGISTER', 'Router registered successfully: ' . $this->routerData['routerInfo']['name'], 40); - // Step 5: Save configuration files - $this->reportProgress('CONFIG', 'Saving configuration files...', 60); + // Step 4: Save configuration files + $this->reportProgress('CONFIG', 'Saving configuration files...', 50); if (!$this->saveConfiguration()) { throw new Exception('Failed to save configuration files'); } - // Step 6: Enroll router with OpenZiti - $this->reportProgress('ENROLL', 'Enrolling router with OpenZiti controller...', 70); + // Step 5: Enroll router with OpenZiti + $this->reportProgress('ENROLL', 'Enrolling router with OpenZiti controller...', 60); if (!$this->enrollWithZiti()) { throw new Exception('Router enrollment with OpenZiti failed'); } - // Step 7: Create systemd service - $this->reportProgress('SERVICE', 'Creating systemd service...', 80); + // Step 6: Create systemd service + $this->reportProgress('SERVICE', 'Creating systemd service...', 75); if (!$this->createSystemdService()) { throw new Exception('Failed to create systemd service'); } - // Step 8: Start router service - $this->reportProgress('START', 'Starting router service...', 90); + // Step 7: Start router service + $this->reportProgress('START', 'Starting router service...', 85); if (!$this->startRouter()) { throw new Exception('Failed to start router service'); } - // Step 9: Report success status + // Step 8: Report success status $this->reportProgress('REPORT', 'Reporting enrollment status...', 95); $this->reportSuccessStatus($hashKey); @@ -135,28 +129,28 @@ class EnrollmentManager { } /** - * Check system requirements + * Verify OpenZiti installation (assumes pre-installed by install.sh) */ - private function checkSystemRequirements() { + private function verifyZitiInstallation() { // Check if running as root if (!isRunningAsRoot()) { throw new Exception('This script must be run as root (use sudo)'); } - // Check if curl is available - if (!$this->checkCommand('curl')) { - $this->reportProgress('REQUIREMENTS', 'Installing curl...'); - if (!$this->installPackage('curl')) { - return false; - } + // Check if ziti command exists + if (!$this->checkCommand('ziti')) { + throw new Exception('OpenZiti CLI not found. Please run install.sh first to install required packages.'); } - // Check if jq is available - if (!$this->checkCommand('jq')) { - $this->reportProgress('REQUIREMENTS', 'Installing jq...'); - if (!$this->installPackage('jq')) { - return false; - } + // Get and report ziti version + $output = ''; + executeCommand('ziti version 2>/dev/null | head -n1', $output); + $zitiVersion = trim($output); + $this->reportProgress('REQUIREMENTS', 'OpenZiti CLI found: ' . ($zitiVersion ?: 'unknown version')); + + // Verify ziti router command is available + if (!executeCommand('ziti router --help >/dev/null 2>&1')) { + throw new Exception('OpenZiti router commands not available. Please run install.sh to install the complete OpenZiti package.'); } // Check if systemctl is available @@ -164,50 +158,15 @@ class EnrollmentManager { throw new Exception('systemctl is required but not available'); } - return true; - } - - /** - * Install OpenZiti CLI - */ - private function installZiti() { - // Check if ziti is already installed - if ($this->checkCommand('ziti')) { - $output = ''; - executeCommand('ziti version 2>/dev/null | head -n1', $output); - $this->reportProgress('INSTALL', 'OpenZiti CLI already installed: ' . trim($output)); - return true; - } - - $this->reportProgress('INSTALL', 'Installing OpenZiti CLI from pre-configured repository...'); - - // Verify repository is configured - if (!file_exists('/etc/apt/sources.list.d/openziti-release.list')) { - throw new Exception('OpenZiti repository not configured. Please run install.sh first to set up the system.'); - } - - if (!file_exists('/usr/share/keyrings/openziti.gpg')) { - throw new Exception('OpenZiti GPG key not found. Please run install.sh first to set up the system.'); - } - - // Install openziti-router package from pre-configured repository - $this->reportProgress('INSTALL', 'Installing openziti-router package...'); - if (!executeCommand('apt-get install -y openziti-router')) { - $this->reportProgress('INSTALL', 'Trying to install ziti CLI only...'); - if (!executeCommand('apt-get install -y ziti')) { - throw new Exception('Failed to install OpenZiti CLI. Repository may not be properly configured. Please run install.sh first.'); + // Verify basic system commands are available (should be installed by install.sh) + $requiredCommands = ['curl', 'hostname', 'uname']; + foreach ($requiredCommands as $cmd) { + if (!$this->checkCommand($cmd)) { + throw new Exception("Required command '$cmd' not found. Please run install.sh to install system dependencies."); } } - // Verify installation - if (!$this->checkCommand('ziti')) { - throw new Exception('OpenZiti CLI installation failed - command not found after installation'); - } - - $output = ''; - executeCommand('ziti version 2>/dev/null | head -n1', $output); - $this->reportProgress('INSTALL', 'OpenZiti CLI installed successfully: ' . trim($output)); - + $this->reportProgress('REQUIREMENTS', 'All required components verified successfully'); return true; } diff --git a/UI/install.sh b/UI/install.sh index f1ce855..0ff34b4 100644 --- a/UI/install.sh +++ b/UI/install.sh @@ -337,7 +337,7 @@ configure_php() { log "SUCCESS" "PHP configured successfully" } -# Set up OpenZiti package repository +# Set up OpenZiti package repository and install packages setup_openziti_repository() { log "INFO" "Setting up OpenZiti package repository..." @@ -420,7 +420,7 @@ setup_openziti_repository() { # Update package list log "INFO" "Updating package list..." - if apt update >/dev/null 2>&1; then + if apt update; then log "SUCCESS" "Package list updated successfully" else log "WARNING" "Package list update had issues, but continuing..." @@ -437,6 +437,66 @@ setup_openziti_repository() { fi } +# Install OpenZiti packages +install_openziti_packages() { + log "INFO" "Installing OpenZiti packages..." + + # Check if OpenZiti CLI is already installed + if command -v ziti &> /dev/null; then + local ziti_version=$(ziti version 2>/dev/null | head -n1 || echo "unknown") + log "INFO" "OpenZiti CLI already installed: $ziti_version" + + # Check if we also have the router package + if dpkg -l | grep -q openziti-router; then + log "SUCCESS" "OpenZiti router package already installed" + return 0 + fi + fi + + log "INFO" "Installing OpenZiti packages using package repository..." + + # Try to install openziti-router package first (includes ziti CLI) + log "INFO" "Installing openziti-router package..." + if apt install -y openziti-router; then + log "SUCCESS" "OpenZiti router package installed successfully" + else + log "WARNING" "Failed to install openziti-router package, trying ziti CLI only..." + + # Fallback: Try to install just the ziti CLI + log "INFO" "Attempting to install ziti CLI only..." + if apt install -y ziti; then + log "SUCCESS" "OpenZiti CLI installed successfully" + else + error_exit "Failed to install OpenZiti packages from repository" + fi + fi + + # Verify installation + if command -v ziti &> /dev/null; then + local ziti_version=$(ziti version 2>/dev/null | head -n1 || echo "unknown") + log "SUCCESS" "OpenZiti CLI installed and working: $ziti_version" + else + error_exit "OpenZiti CLI installation failed - command not found after installation" + fi + + # Additional verification - test basic ziti commands + log "INFO" "Testing OpenZiti CLI functionality..." + if ziti --help >/dev/null 2>&1; then + log "SUCCESS" "OpenZiti CLI is functional" + else + log "WARNING" "OpenZiti CLI may not be fully functional" + fi + + # Check for router-specific functionality + if ziti router --help >/dev/null 2>&1; then + log "SUCCESS" "OpenZiti router commands are available" + else + log "WARNING" "OpenZiti router commands may not be available" + fi + + log "SUCCESS" "OpenZiti package installation completed" +} + # Set up sudo access setup_sudo() { log "INFO" "Setting up comprehensive sudo access for web server..." @@ -598,6 +658,21 @@ test_installation() { else log "ERROR" "File permissions may be incorrect" fi + + # Test OpenZiti installation + if command -v ziti &> /dev/null; then + local ziti_version=$(ziti version 2>/dev/null | head -n1 || echo "unknown") + log "SUCCESS" "OpenZiti CLI is installed and working: $ziti_version" + + # Test ziti router command + if ziti router --help >/dev/null 2>&1; then + log "SUCCESS" "OpenZiti router commands are functional" + else + log "WARNING" "OpenZiti router commands may not be available" + fi + else + log "ERROR" "OpenZiti CLI is not installed or not working" + fi } # Show final information @@ -615,9 +690,11 @@ show_final_info() { echo " Password: admin123" echo echo "Important Notes:" - echo " 1. Change the default password in production" - echo " 2. Consider setting up HTTPS for production use" - echo " 3. Review security settings in $WEB_DIR/includes/config.php" + echo " 1. OpenZiti packages are now pre-installed and ready for enrollment" + echo " 2. Change the default password in production" + echo " 3. Consider setting up HTTPS for production use" + echo " 4. Review security settings in $WEB_DIR/includes/config.php" + echo " 5. The UI will now focus only on enrollment using hash keys" echo echo "File Locations:" echo " Web Directory: $WEB_DIR" @@ -674,6 +751,9 @@ main() { # Set up OpenZiti package repository setup_openziti_repository + # Install OpenZiti packages + install_openziti_packages + # Update hosts file update_hosts