359 lines
10 KiB
Bash
359 lines
10 KiB
Bash
#!/bin/bash
|
|
|
|
# ZitiNexus Router Enrollment UI Troubleshooting Script
|
|
# This script helps diagnose common issues with the UI installation
|
|
|
|
set -euo pipefail
|
|
|
|
# Colors for output
|
|
RED='\033[0;31m'
|
|
GREEN='\033[0;32m'
|
|
YELLOW='\033[1;33m'
|
|
BLUE='\033[0;34m'
|
|
NC='\033[0m' # No Color
|
|
|
|
# Configuration
|
|
WEB_DIR="/var/www/ziti-enrollment"
|
|
DOMAIN="ziti-enrollment.local"
|
|
|
|
# Logging function
|
|
log() {
|
|
local level=$1
|
|
shift
|
|
local message="$*"
|
|
|
|
case $level in
|
|
"ERROR")
|
|
echo -e "${RED}[ERROR]${NC} $message" >&2
|
|
;;
|
|
"SUCCESS")
|
|
echo -e "${GREEN}[SUCCESS]${NC} $message"
|
|
;;
|
|
"WARNING")
|
|
echo -e "${YELLOW}[WARNING]${NC} $message"
|
|
;;
|
|
"INFO")
|
|
echo -e "${BLUE}[INFO]${NC} $message"
|
|
;;
|
|
*)
|
|
echo "$message"
|
|
;;
|
|
esac
|
|
}
|
|
|
|
# Check web server status
|
|
check_web_server() {
|
|
log "INFO" "Checking web server status..."
|
|
|
|
if systemctl is-active --quiet apache2; then
|
|
log "SUCCESS" "Apache is running"
|
|
WEB_SERVER="apache"
|
|
elif systemctl is-active --quiet nginx; then
|
|
log "SUCCESS" "Nginx is running"
|
|
WEB_SERVER="nginx"
|
|
else
|
|
log "ERROR" "No web server is running"
|
|
return 1
|
|
fi
|
|
}
|
|
|
|
# Check PHP status
|
|
check_php() {
|
|
log "INFO" "Checking PHP status..."
|
|
|
|
if command -v php >/dev/null 2>&1; then
|
|
PHP_VERSION=$(php -r "echo PHP_MAJOR_VERSION.'.'.PHP_MINOR_VERSION;")
|
|
log "SUCCESS" "PHP $PHP_VERSION is installed"
|
|
|
|
# Check if PHP-FPM is running (for Nginx)
|
|
if [[ "$WEB_SERVER" == "nginx" ]]; then
|
|
if systemctl is-active --quiet php${PHP_VERSION}-fpm; then
|
|
log "SUCCESS" "PHP-FPM is running"
|
|
else
|
|
log "ERROR" "PHP-FPM is not running"
|
|
log "INFO" "Try: sudo systemctl start php${PHP_VERSION}-fpm"
|
|
fi
|
|
fi
|
|
else
|
|
log "ERROR" "PHP is not installed or not in PATH"
|
|
return 1
|
|
fi
|
|
}
|
|
|
|
# Check file permissions
|
|
check_permissions() {
|
|
log "INFO" "Checking file permissions..."
|
|
|
|
if [[ -d "$WEB_DIR" ]]; then
|
|
log "SUCCESS" "Web directory exists: $WEB_DIR"
|
|
|
|
# Check ownership
|
|
OWNER=$(stat -c '%U:%G' "$WEB_DIR")
|
|
if [[ "$OWNER" == "www-data:www-data" ]]; then
|
|
log "SUCCESS" "Correct ownership: $OWNER"
|
|
else
|
|
log "WARNING" "Incorrect ownership: $OWNER (should be www-data:www-data)"
|
|
fi
|
|
|
|
# Check key files
|
|
local files=("public/index.php" "public/dashboard.php" "assets/css/style.css" "assets/js/app.js")
|
|
for file in "${files[@]}"; do
|
|
if [[ -f "$WEB_DIR/$file" ]]; then
|
|
log "SUCCESS" "File exists: $file"
|
|
else
|
|
log "ERROR" "File missing: $file"
|
|
fi
|
|
done
|
|
|
|
# Check log directories
|
|
if [[ -d "$WEB_DIR/logs" && -w "$WEB_DIR/logs" ]]; then
|
|
log "SUCCESS" "Log directory is writable"
|
|
else
|
|
log "ERROR" "Log directory is not writable"
|
|
fi
|
|
|
|
else
|
|
log "ERROR" "Web directory does not exist: $WEB_DIR"
|
|
return 1
|
|
fi
|
|
}
|
|
|
|
# Check web server configuration
|
|
check_web_config() {
|
|
log "INFO" "Checking web server configuration..."
|
|
|
|
if [[ "$WEB_SERVER" == "apache" ]]; then
|
|
# Check Apache configuration
|
|
if [[ -f "/etc/apache2/sites-available/ziti-enrollment.conf" ]]; then
|
|
log "SUCCESS" "Apache site configuration exists"
|
|
|
|
if a2ensite -q ziti-enrollment 2>/dev/null; then
|
|
log "SUCCESS" "Apache site is enabled"
|
|
else
|
|
log "ERROR" "Apache site is not enabled"
|
|
fi
|
|
else
|
|
log "ERROR" "Apache site configuration missing"
|
|
fi
|
|
|
|
# Check if rewrite module is enabled
|
|
if a2enmod -q rewrite 2>/dev/null; then
|
|
log "SUCCESS" "Apache rewrite module is enabled"
|
|
else
|
|
log "WARNING" "Apache rewrite module is not enabled"
|
|
fi
|
|
|
|
elif [[ "$WEB_SERVER" == "nginx" ]]; then
|
|
# Check Nginx configuration
|
|
if [[ -f "/etc/nginx/sites-available/ziti-enrollment" ]]; then
|
|
log "SUCCESS" "Nginx site configuration exists"
|
|
|
|
if [[ -L "/etc/nginx/sites-enabled/ziti-enrollment" ]]; then
|
|
log "SUCCESS" "Nginx site is enabled"
|
|
else
|
|
log "ERROR" "Nginx site is not enabled"
|
|
fi
|
|
else
|
|
log "ERROR" "Nginx site configuration missing"
|
|
fi
|
|
|
|
# Test Nginx configuration
|
|
if nginx -t >/dev/null 2>&1; then
|
|
log "SUCCESS" "Nginx configuration is valid"
|
|
else
|
|
log "ERROR" "Nginx configuration has errors"
|
|
fi
|
|
fi
|
|
}
|
|
|
|
# Check PHP configuration
|
|
check_php_config() {
|
|
log "INFO" "Checking PHP configuration..."
|
|
|
|
# Check for required extensions
|
|
local extensions=("curl" "json")
|
|
for ext in "${extensions[@]}"; do
|
|
if php -m | grep -q "^$ext$"; then
|
|
log "SUCCESS" "PHP extension loaded: $ext"
|
|
else
|
|
log "ERROR" "PHP extension missing: $ext"
|
|
fi
|
|
done
|
|
|
|
# Check if exec functions are enabled
|
|
DISABLED_FUNCTIONS=$(php -r "echo ini_get('disable_functions');")
|
|
if [[ -n "$DISABLED_FUNCTIONS" ]]; then
|
|
if echo "$DISABLED_FUNCTIONS" | grep -q -E "(exec|shell_exec|proc_open)"; then
|
|
log "ERROR" "Required PHP functions are disabled: $DISABLED_FUNCTIONS"
|
|
else
|
|
log "SUCCESS" "Required PHP functions are enabled"
|
|
fi
|
|
else
|
|
log "SUCCESS" "No PHP functions are disabled"
|
|
fi
|
|
}
|
|
|
|
# Check sudo access
|
|
check_sudo() {
|
|
log "INFO" "Checking sudo access..."
|
|
|
|
if [[ -f "/etc/sudoers.d/ziti-enrollment" ]]; then
|
|
log "SUCCESS" "Sudoers file exists"
|
|
|
|
# Test sudo access
|
|
if sudo -u www-data sudo -n systemctl --version >/dev/null 2>&1; then
|
|
log "SUCCESS" "Sudo access is working"
|
|
else
|
|
log "ERROR" "Sudo access is not working"
|
|
fi
|
|
else
|
|
log "ERROR" "Sudoers file missing: /etc/sudoers.d/ziti-enrollment"
|
|
fi
|
|
}
|
|
|
|
# Check network connectivity
|
|
check_network() {
|
|
log "INFO" "Checking network connectivity..."
|
|
|
|
# Test DNS resolution
|
|
if nslookup google.com >/dev/null 2>&1; then
|
|
log "SUCCESS" "DNS resolution is working"
|
|
else
|
|
log "ERROR" "DNS resolution failed"
|
|
fi
|
|
|
|
# Test HTTPS connectivity
|
|
if curl -s --connect-timeout 5 https://google.com >/dev/null 2>&1; then
|
|
log "SUCCESS" "HTTPS connectivity is working"
|
|
else
|
|
log "ERROR" "HTTPS connectivity failed"
|
|
fi
|
|
}
|
|
|
|
# Check system resources
|
|
check_resources() {
|
|
log "INFO" "Checking system resources..."
|
|
|
|
# Check disk space
|
|
DISK_USAGE=$(df / | awk 'NR==2 {print $5}' | sed 's/%//')
|
|
if [[ $DISK_USAGE -lt 90 ]]; then
|
|
log "SUCCESS" "Disk usage is acceptable: ${DISK_USAGE}%"
|
|
else
|
|
log "WARNING" "Disk usage is high: ${DISK_USAGE}%"
|
|
fi
|
|
|
|
# Check memory
|
|
MEMORY_USAGE=$(free | awk 'NR==2{printf "%.0f", $3*100/$2}')
|
|
if [[ $MEMORY_USAGE -lt 90 ]]; then
|
|
log "SUCCESS" "Memory usage is acceptable: ${MEMORY_USAGE}%"
|
|
else
|
|
log "WARNING" "Memory usage is high: ${MEMORY_USAGE}%"
|
|
fi
|
|
}
|
|
|
|
# Test web access
|
|
test_web_access() {
|
|
log "INFO" "Testing web access..."
|
|
|
|
# Test local access
|
|
if curl -s -o /dev/null -w "%{http_code}" "http://localhost" | grep -q "200\|302\|301"; then
|
|
log "SUCCESS" "Local web access is working"
|
|
else
|
|
log "ERROR" "Local web access failed"
|
|
fi
|
|
|
|
# Test domain access
|
|
if curl -s -o /dev/null -w "%{http_code}" "http://$DOMAIN" | grep -q "200\|302\|301"; then
|
|
log "SUCCESS" "Domain access is working"
|
|
else
|
|
log "WARNING" "Domain access failed (check hosts file)"
|
|
fi
|
|
}
|
|
|
|
# Show log files
|
|
show_logs() {
|
|
log "INFO" "Recent log entries..."
|
|
|
|
echo
|
|
echo "=== Web Server Error Logs ==="
|
|
if [[ "$WEB_SERVER" == "apache" ]]; then
|
|
if [[ -f "/var/log/apache2/ziti-enrollment_error.log" ]]; then
|
|
tail -n 10 /var/log/apache2/ziti-enrollment_error.log
|
|
else
|
|
tail -n 10 /var/log/apache2/error.log 2>/dev/null || echo "No Apache error logs found"
|
|
fi
|
|
elif [[ "$WEB_SERVER" == "nginx" ]]; then
|
|
tail -n 10 /var/log/nginx/error.log 2>/dev/null || echo "No Nginx error logs found"
|
|
fi
|
|
|
|
echo
|
|
echo "=== PHP Error Logs ==="
|
|
if [[ -f "/var/log/php_errors.log" ]]; then
|
|
tail -n 10 /var/log/php_errors.log
|
|
else
|
|
echo "No PHP error logs found"
|
|
fi
|
|
|
|
echo
|
|
echo "=== UI Logs ==="
|
|
if [[ -f "$WEB_DIR/logs/ui-enrollment.log" ]]; then
|
|
tail -n 10 "$WEB_DIR/logs/ui-enrollment.log"
|
|
else
|
|
echo "No UI logs found"
|
|
fi
|
|
}
|
|
|
|
# Main troubleshooting function
|
|
main() {
|
|
echo "=============================================="
|
|
echo " ZitiNexus Router Enrollment UI Troubleshoot"
|
|
echo "=============================================="
|
|
echo
|
|
|
|
# Run all checks
|
|
check_web_server || exit 1
|
|
check_php || exit 1
|
|
check_permissions
|
|
check_web_config
|
|
check_php_config
|
|
check_sudo
|
|
check_network
|
|
check_resources
|
|
test_web_access
|
|
|
|
echo
|
|
log "INFO" "Troubleshooting complete!"
|
|
echo
|
|
|
|
# Show logs
|
|
show_logs
|
|
|
|
echo
|
|
echo "=============================================="
|
|
echo " Common Solutions"
|
|
echo "=============================================="
|
|
echo
|
|
echo "1. Fix file permissions:"
|
|
echo " sudo chown -R www-data:www-data $WEB_DIR"
|
|
echo " sudo chmod -R 755 $WEB_DIR"
|
|
echo " sudo chmod -R 777 $WEB_DIR/logs $WEB_DIR/temp"
|
|
echo
|
|
echo "2. Restart web services:"
|
|
if [[ "$WEB_SERVER" == "apache" ]]; then
|
|
echo " sudo systemctl restart apache2"
|
|
else
|
|
echo " sudo systemctl restart nginx php${PHP_VERSION}-fpm"
|
|
fi
|
|
echo
|
|
echo "3. Check configuration files:"
|
|
echo " sudo nano $WEB_DIR/includes/config.php"
|
|
echo
|
|
echo "4. View detailed logs:"
|
|
echo " sudo tail -f /var/log/apache2/error.log" # or nginx
|
|
echo " sudo tail -f $WEB_DIR/logs/ui-enrollment.log"
|
|
echo
|
|
}
|
|
|
|
# Run main function
|
|
main "$@"
|