zitinexus-public
/
zitinexus-router-script
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

revert last good2

This commit is contained in:
Edmund Tan 2025-07-23 01:48:47 +08:00
parent 19f6f2d6ce
commit 7d9efacf47
2 changed files with 124 additions and 85 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

119
UI/includes/enrollment.php
View File

@ -36,7 +36,7 @@ class EnrollmentManager {
} }
/** /**
* Main enrollment process * Main enrollment process (simplified - assumes OpenZiti is pre-installed)
*/ */
public function enrollRouter($hashKey, $apiEndpoint = null) { public function enrollRouter($hashKey, $apiEndpoint = null) {
try { try {
@ -46,59 +46,53 @@ class EnrollmentManager {
$this->reportProgress('INIT', 'Starting router enrollment process...', 0); $this->reportProgress('INIT', 'Starting router enrollment process...', 0);
// Step 1: Check system requirements // Step 1: Verify OpenZiti is installed
$this->reportProgress('REQUIREMENTS', 'Checking system requirements...', 10); $this->reportProgress('REQUIREMENTS', 'Verifying OpenZiti installation...', 10);
if (!$this->checkSystemRequirements()) { if (!$this->verifyZitiInstallation()) {
throw new Exception('System requirements check failed'); throw new Exception('OpenZiti CLI not found. Please run install.sh first to install required packages.');
} }
// Step 2: Install OpenZiti if needed // Step 2: Create directories
$this->reportProgress('INSTALL', 'Installing OpenZiti CLI...', 20); $this->reportProgress('DIRECTORIES', 'Creating necessary directories...', 20);
if (!$this->installZiti()) {
throw new Exception('OpenZiti installation failed');
}
// Step 3: Create directories
$this->reportProgress('DIRECTORIES', 'Creating necessary directories...', 30);
if (!$this->createDirectories()) { if (!$this->createDirectories()) {
throw new Exception('Failed to create directories'); throw new Exception('Failed to create directories');
} }
// Step 4: Register router with API // Step 3: Register router with API
$this->reportProgress('REGISTER', 'Registering router with ZitiNexus Portal...', 40); $this->reportProgress('REGISTER', 'Registering router with ZitiNexus Portal...', 30);
$result = $this->apiClient->registerRouter($hashKey); $result = $this->apiClient->registerRouter($hashKey);
if (!$result['success']) { if (!$result['success']) {
throw new Exception('Router registration failed: ' . $result['error']); throw new Exception('Router registration failed: ' . $result['error']);
} }
$this->routerData = $result['data']; $this->routerData = $result['data'];
$this->reportProgress('REGISTER', 'Router registered successfully: ' . $this->routerData['routerInfo']['name'], 50); $this->reportProgress('REGISTER', 'Router registered successfully: ' . $this->routerData['routerInfo']['name'], 40);
// Step 5: Save configuration files // Step 4: Save configuration files
$this->reportProgress('CONFIG', 'Saving configuration files...', 60); $this->reportProgress('CONFIG', 'Saving configuration files...', 50);
if (!$this->saveConfiguration()) { if (!$this->saveConfiguration()) {
throw new Exception('Failed to save configuration files'); throw new Exception('Failed to save configuration files');
} }
// Step 6: Enroll router with OpenZiti // Step 5: Enroll router with OpenZiti
$this->reportProgress('ENROLL', 'Enrolling router with OpenZiti controller...', 70); $this->reportProgress('ENROLL', 'Enrolling router with OpenZiti controller...', 60);
if (!$this->enrollWithZiti()) { if (!$this->enrollWithZiti()) {
throw new Exception('Router enrollment with OpenZiti failed'); throw new Exception('Router enrollment with OpenZiti failed');
} }
// Step 7: Create systemd service // Step 6: Create systemd service
$this->reportProgress('SERVICE', 'Creating systemd service...', 80); $this->reportProgress('SERVICE', 'Creating systemd service...', 75);
if (!$this->createSystemdService()) { if (!$this->createSystemdService()) {
throw new Exception('Failed to create systemd service'); throw new Exception('Failed to create systemd service');
} }
// Step 8: Start router service // Step 7: Start router service
$this->reportProgress('START', 'Starting router service...', 90); $this->reportProgress('START', 'Starting router service...', 85);
if (!$this->startRouter()) { if (!$this->startRouter()) {
throw new Exception('Failed to start router service'); throw new Exception('Failed to start router service');
} }
// Step 9: Report success status // Step 8: Report success status
$this->reportProgress('REPORT', 'Reporting enrollment status...', 95); $this->reportProgress('REPORT', 'Reporting enrollment status...', 95);
$this->reportSuccessStatus($hashKey); $this->reportSuccessStatus($hashKey);
@ -135,28 +129,28 @@ class EnrollmentManager {
} }
/** /**
* Check system requirements * Verify OpenZiti installation (assumes pre-installed by install.sh)
*/ */
private function checkSystemRequirements() { private function verifyZitiInstallation() {
// Check if running as root // Check if running as root
if (!isRunningAsRoot()) { if (!isRunningAsRoot()) {
throw new Exception('This script must be run as root (use sudo)'); throw new Exception('This script must be run as root (use sudo)');
} }
// Check if curl is available // Check if ziti command exists
if (!$this->checkCommand('curl')) { if (!$this->checkCommand('ziti')) {
$this->reportProgress('REQUIREMENTS', 'Installing curl...'); throw new Exception('OpenZiti CLI not found. Please run install.sh first to install required packages.');
if (!$this->installPackage('curl')) {
return false;
}
} }
// Check if jq is available // Get and report ziti version
if (!$this->checkCommand('jq')) { $output = '';
$this->reportProgress('REQUIREMENTS', 'Installing jq...'); executeCommand('ziti version 2>/dev/null | head -n1', $output);
if (!$this->installPackage('jq')) { $zitiVersion = trim($output);
return false; $this->reportProgress('REQUIREMENTS', 'OpenZiti CLI found: ' . ($zitiVersion ?: 'unknown version'));
}
// Verify ziti router command is available
if (!executeCommand('ziti router --help >/dev/null 2>&1')) {
throw new Exception('OpenZiti router commands not available. Please run install.sh to install the complete OpenZiti package.');
} }
// Check if systemctl is available // Check if systemctl is available
@ -164,50 +158,15 @@ class EnrollmentManager {
throw new Exception('systemctl is required but not available'); throw new Exception('systemctl is required but not available');
} }
return true; // Verify basic system commands are available (should be installed by install.sh)
} $requiredCommands = ['curl', 'hostname', 'uname'];
foreach ($requiredCommands as $cmd) {
/** if (!$this->checkCommand($cmd)) {
* Install OpenZiti CLI throw new Exception("Required command '$cmd' not found. Please run install.sh to install system dependencies.");
*/
private function installZiti() {
// Check if ziti is already installed
if ($this->checkCommand('ziti')) {
$output = '';
executeCommand('ziti version 2>/dev/null | head -n1', $output);
$this->reportProgress('INSTALL', 'OpenZiti CLI already installed: ' . trim($output));
return true;
}
$this->reportProgress('INSTALL', 'Installing OpenZiti CLI from pre-configured repository...');
// Verify repository is configured
if (!file_exists('/etc/apt/sources.list.d/openziti-release.list')) {
throw new Exception('OpenZiti repository not configured. Please run install.sh first to set up the system.');
}
if (!file_exists('/usr/share/keyrings/openziti.gpg')) {
throw new Exception('OpenZiti GPG key not found. Please run install.sh first to set up the system.');
}
// Install openziti-router package from pre-configured repository
$this->reportProgress('INSTALL', 'Installing openziti-router package...');
if (!executeCommand('apt-get install -y openziti-router')) {
$this->reportProgress('INSTALL', 'Trying to install ziti CLI only...');
if (!executeCommand('apt-get install -y ziti')) {
throw new Exception('Failed to install OpenZiti CLI. Repository may not be properly configured. Please run install.sh first.');
} }
} }
// Verify installation $this->reportProgress('REQUIREMENTS', 'All required components verified successfully');
if (!$this->checkCommand('ziti')) {
throw new Exception('OpenZiti CLI installation failed - command not found after installation');
}
$output = '';
executeCommand('ziti version 2>/dev/null | head -n1', $output);
$this->reportProgress('INSTALL', 'OpenZiti CLI installed successfully: ' . trim($output));
return true; return true;
} }

90
UI/install.sh
View File

@ -337,7 +337,7 @@ configure_php() {
log "SUCCESS" "PHP configured successfully" log "SUCCESS" "PHP configured successfully"
} }
# Set up OpenZiti package repository # Set up OpenZiti package repository and install packages
setup_openziti_repository() { setup_openziti_repository() {
log "INFO" "Setting up OpenZiti package repository..." log "INFO" "Setting up OpenZiti package repository..."
@ -420,7 +420,7 @@ setup_openziti_repository() {
# Update package list # Update package list
log "INFO" "Updating package list..." log "INFO" "Updating package list..."
if apt update >/dev/null 2>&1; then if apt update; then
log "SUCCESS" "Package list updated successfully" log "SUCCESS" "Package list updated successfully"
else else
log "WARNING" "Package list update had issues, but continuing..." log "WARNING" "Package list update had issues, but continuing..."
@ -437,6 +437,66 @@ setup_openziti_repository() {
fi fi
} }
# Install OpenZiti packages
install_openziti_packages() {
log "INFO" "Installing OpenZiti packages..."
# Check if OpenZiti CLI is already installed
if command -v ziti &> /dev/null; then
local ziti_version=$(ziti version 2>/dev/null | head -n1 || echo "unknown")
log "INFO" "OpenZiti CLI already installed: $ziti_version"
# Check if we also have the router package
if dpkg -l | grep -q openziti-router; then
log "SUCCESS" "OpenZiti router package already installed"
return 0
fi
fi
log "INFO" "Installing OpenZiti packages using package repository..."
# Try to install openziti-router package first (includes ziti CLI)
log "INFO" "Installing openziti-router package..."
if apt install -y openziti-router; then
log "SUCCESS" "OpenZiti router package installed successfully"
else
log "WARNING" "Failed to install openziti-router package, trying ziti CLI only..."
# Fallback: Try to install just the ziti CLI
log "INFO" "Attempting to install ziti CLI only..."
if apt install -y ziti; then
log "SUCCESS" "OpenZiti CLI installed successfully"
else
error_exit "Failed to install OpenZiti packages from repository"
fi
fi
# Verify installation
if command -v ziti &> /dev/null; then
local ziti_version=$(ziti version 2>/dev/null | head -n1 || echo "unknown")
log "SUCCESS" "OpenZiti CLI installed and working: $ziti_version"
else
error_exit "OpenZiti CLI installation failed - command not found after installation"
fi
# Additional verification - test basic ziti commands
log "INFO" "Testing OpenZiti CLI functionality..."
if ziti --help >/dev/null 2>&1; then
log "SUCCESS" "OpenZiti CLI is functional"
else
log "WARNING" "OpenZiti CLI may not be fully functional"
fi
# Check for router-specific functionality
if ziti router --help >/dev/null 2>&1; then
log "SUCCESS" "OpenZiti router commands are available"
else
log "WARNING" "OpenZiti router commands may not be available"
fi
log "SUCCESS" "OpenZiti package installation completed"
}
# Set up sudo access # Set up sudo access
setup_sudo() { setup_sudo() {
log "INFO" "Setting up comprehensive sudo access for web server..." log "INFO" "Setting up comprehensive sudo access for web server..."
@ -598,6 +658,21 @@ test_installation() {
else else
log "ERROR" "File permissions may be incorrect" log "ERROR" "File permissions may be incorrect"
fi fi
# Test OpenZiti installation
if command -v ziti &> /dev/null; then
local ziti_version=$(ziti version 2>/dev/null | head -n1 || echo "unknown")
log "SUCCESS" "OpenZiti CLI is installed and working: $ziti_version"
# Test ziti router command
if ziti router --help >/dev/null 2>&1; then
log "SUCCESS" "OpenZiti router commands are functional"
else
log "WARNING" "OpenZiti router commands may not be available"
fi
else
log "ERROR" "OpenZiti CLI is not installed or not working"
fi
} }
# Show final information # Show final information
@ -615,9 +690,11 @@ show_final_info() {
echo " Password: admin123" echo " Password: admin123"
echo echo
echo "Important Notes:" echo "Important Notes:"
echo " 1. Change the default password in production" echo " 1. OpenZiti packages are now pre-installed and ready for enrollment"
echo " 2. Consider setting up HTTPS for production use" echo " 2. Change the default password in production"
echo " 3. Review security settings in $WEB_DIR/includes/config.php" echo " 3. Consider setting up HTTPS for production use"
echo " 4. Review security settings in $WEB_DIR/includes/config.php"
echo " 5. The UI will now focus only on enrollment using hash keys"
echo echo
echo "File Locations:" echo "File Locations:"
echo " Web Directory: $WEB_DIR" echo " Web Directory: $WEB_DIR"
@ -674,6 +751,9 @@ main() {
# Set up OpenZiti package repository # Set up OpenZiti package repository
setup_openziti_repository setup_openziti_repository
# Install OpenZiti packages
install_openziti_packages
# Update hosts file # Update hosts file
update_hosts update_hosts