opensourcemirror
/
LibreNMS
mirror of https://github.com/librenms/librenms.git
1
0
Fork 0
Code Releases Activity

Remove DB credentials from config.php 

Better validation when config.php does not exist

Update docs and quote password

only populate legacy vars in config_to_json
drop .travis.yml config copy
remove credentials from config.php.default

Check for existance of .env instead of config.php in python scripts

legacy credential cleanup

tiny cleanups

consistent env for artisan server and artisan dusk
This commit is contained in:
Tony Murray 2019-05-22 13:31:24 -05:00
parent b9bd2b3d08
commit 5f0388f0e3
20 changed files with 67 additions and 211 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.env.dusk.testing
View File

@ -1,4 +1,3 @@
APP_URL=http://localhost:8000
APP_KEY=base64:FSjpEaK3F9HnO40orj7FlbRI0loi1vtB3dVBcB9XaDk=
APP_ENV=testing
APP_DEBUG=true

1
.travis.yml
View File

@ -27,7 +27,6 @@ before_install:
- sudo apt-get -qq update
- sudo apt-get install -y snmp fping python3-pip python3-setuptools
- mysql -e 'CREATE DATABASE librenms_phpunit_78hunjuybybh CHARACTER SET utf8 COLLATE utf8_unicode_ci;'
- cp tests/config/config.test.php config.php
install:
- travis_retry composer install --no-interaction --prefer-dist --no-suggest

51
LibreNMS/Config.php
View File

@ -450,6 +450,9 @@ class Config
}
self::populateTime();
// populate legacy DB credentials, just in case something external uses them. Maybe remove this later
self::populateLegacyDbCredentials();
}
/**
@ -488,42 +491,6 @@ class Config
}
}
/**
* Get just the database connection settings from config.php
*
* @return array (keys: db_host, db_port, db_name, db_user, db_pass, db_socket)
*/
public static function getDatabaseSettings()
{
// Do not access global $config in this function!
$keys = $config = [
'db_host' => '',
'db_port' => '',
'db_name' => '',
'db_user' => '',
'db_pass' => '',
'db_socket' => '',
];
if (is_file(__DIR__ . '/../config.php')) {
include __DIR__ . '/../config.php';
}
// Check for testing database
if (isset($config['test_db_name'])) {
putenv('DB_TEST_DATABASE=' . $config['test_db_name']);
}
if (isset($config['test_db_user'])) {
putenv('DB_TEST_USERNAME=' . $config['test_db_user']);
}
if (isset($config['test_db_pass'])) {
putenv('DB_TEST_PASSWORD=' . $config['test_db_pass']);
}
return array_intersect_key($config, $keys); // return only the db settings
}
/**
* Locate the actual path of a binary
*
@ -565,4 +532,16 @@ class Config
self::set('time.year', $now - 31536000); // time() - (365 * 24 * 60 * 60);
self::set('time.twoyear', $now - 63072000); // time() - (2 * 365 * 24 * 60 * 60);
}
public static function populateLegacyDbCredentials()
{
$db = config('database.default');
self::set('db_host', config("database.connections.$db.host", 'localhost'));
self::set('db_name', config("database.connections.$db.database", 'librenms'));
self::set('db_user', config("database.connections.$db.username", 'librenms'));
self::set('db_pass', config("database.connections.$db.password"));
self::set('db_port', config("database.connections.$db.port", 3306));
self::set('db_socket', config("database.connections.$db.unix_socket"));
}
}

2
LibreNMS/Util/OS.php
View File

@ -100,7 +100,7 @@ class OS
// remove previously cached os settings and replace with user settings
$config = ['os' => []]; // local $config variable, not global
include "$install_dir/config.php"; // FIXME load db settings too or don't load config.php
@include "$install_dir/config.php"; // FIXME load db settings too or don't load config.php
Config::set('os', $config['os']);
// load the os defs fresh from cache (merges with existing OS settings)

2
LibreNMS/Validations/Database.php
View File

@ -107,7 +107,7 @@ class Database extends BaseValidation
private function checkMysqlEngine(Validator $validator)
{
$db = Config::get('db_name', 'librenms');
$db = \config('database.connections.'.\config('database.default').'.database');
$query = "SELECT `TABLE_NAME` FROM information_schema.tables WHERE `TABLE_SCHEMA` = '$db' && `ENGINE` != 'InnoDB'";
$tables = dbFetchRows($query);
if (!empty($tables)) {

7
LibreNMS/Validations/User.php
View File

@ -44,13 +44,12 @@ class User extends BaseValidation
{
// Check we are running this as the root user
$username = $validator->getUsername();
$lnms_username = Config::get('user');
$lnms_username = Config::get('user', 'librenms');
$lnms_groupname = Config::get('group', $lnms_username); // if group isn't set, fall back to user
if (!($username === 'root' || $username === $lnms_username)) {
if (isCli()) {
$validator->fail('You need to run this script as root' .
(Config::has('user') ? ' or ' . $lnms_username : ''));
$validator->fail("You need to run this script as $lnms_username or root");
} elseif (function_exists('posix_getgrnam')) {
$lnms_group = posix_getgrnam($lnms_groupname);
if (!in_array($username, $lnms_group['members'])) {
@ -73,7 +72,7 @@ class User extends BaseValidation
}
// Let's test the user configured if we have it
if (Config::has('user')) {
if ($lnms_username) {
$dir = Config::get('install_dir');
$log_dir = Config::get('log_dir', "$dir/logs");
$rrd_dir = Config::get('rrd_dir', "$dir/rrd");

4
app/Http/Middleware/CheckInstalled.php
View File

@ -39,12 +39,12 @@ class CheckInstalled
*/
public function handle($request, Closure $next)
{
$installed = !config('librenms.install') && file_exists(base_path('config.php'));
$installed = !config('librenms.install') && file_exists(base_path('.env'));
$is_install_route = $request->is('install*');
if (!$installed && !$is_install_route) {
// no config.php does so let's redirect to the install
return redirect(route('install'));
return redirect()->route('install');
} elseif ($installed && $is_install_route) {
throw new AuthorizationException('This should only be called during install');
}

8
config.php.default
View File

@ -2,19 +2,13 @@
## Have a look in misc/config_definitions.json for examples of settings you can set here. DO NOT EDIT misc/config_definitions.json!
### Database config
$config['db_host'] = 'localhost';
$config['db_user'] = 'USERNAME';
$config['db_pass'] = 'PASSWORD';
$config['db_name'] = 'librenms';
// This is the user LibreNMS will run as
//Please ensure this user is created and has the correct permissions to your install
$config['user'] = 'librenms';
### This should *only* be set if you want to *force* a particular hostname/port
### It will prevent the web interface being usable form any other hostname
$config['base_url'] = "/";
#$config['base_url'] = "/";
### Enable this to use rrdcached. Be sure rrd_dir is within the rrdcached dir
### and that your web server has permission to talk to rrdcached.

18
config/database.php
View File

@ -9,9 +9,6 @@
*/
use Illuminate\Support\Str;
use LibreNMS\Config;
$fallback_db_config = Config::getDatabaseSettings();
return [
@ -26,7 +23,7 @@ return [
|
*/
'default' => env('DB_CONNECTION', env('DBTEST') ? 'testing' : 'mysql'),
'default' => env('DB_CONNECTION', env('APP_ENV') == 'testing' ? 'testing' : 'mysql'),
/*
|--------------------------------------------------------------------------
@ -56,13 +53,12 @@ return [
'mysql' => [
'driver' => 'mysql',
'url' => env('DATABASE_URL'),
'host' => env('DB_HOST', $fallback_db_config['db_host']),
'port' => env('DB_PORT', $fallback_db_config['db_port']),
'database' => env('DB_DATABASE', $fallback_db_config['db_name']),
'username' => env('DB_USERNAME', $fallback_db_config['db_user']),
'password' => env('DB_PASSWORD', $fallback_db_config['db_pass']),
'unix_socket' => env('DB_SOCKET', $fallback_db_config['db_socket']),
'host' => env('DB_HOST', 'localhost'),
'port' => env('DB_PORT', ''),
'database' => env('DB_DATABASE', 'librenms'),
'username' => env('DB_USERNAME', 'librenms'),
'password' => env('DB_PASSWORD', ''),
'unix_socket' => env('DB_SOCKET', ''),
'charset' => 'utf8',
'collation' => 'utf8_unicode_ci',
'prefix' => '',

3
config_to_json.php
View File

@ -13,5 +13,8 @@ $init_modules = ['nodb'];
require __DIR__ . '/includes/init.php';
if (isCli()) {
// fill in db variables for legacy external scripts
Config::populateLegacyDbCredentials();
echo Config::toJson();
}

2
discovery-wrapper.py
View File

@ -185,7 +185,7 @@ if __name__ == '__main__':
logger = LNMS.logger_get_logger(LOG_FILE, debug=_DEBUG)
install_dir = os.path.dirname(os.path.realpath(__file__))
LNMS.check_for_file(install_dir + '/config.php')
LNMS.check_for_file(install_dir + '/.env')
config = json.loads(LNMS.get_config_data(install_dir))
discovery_path = config['install_dir'] + '/discovery.php'

14
doc/Extensions/Authentication.md
View File

@ -76,14 +76,14 @@ Enable debug output to troubleshoot issues
Config option: `mysql`
This is default option with LibreNMS so you should have already have
the configuration setup.
This is default option with LibreNMS so you should have already have the configuration setup in your
environment file (.env).
```php
$config['db_host'] = "HOSTNAME";
$config['db_user'] = "DBUSER";
$config['db_pass'] = "DBPASS";
$config['db_name'] = "DBNAME";
```dotenv
DB_HOST=HOSTNAME
DB_DATABASE=DBNAME
DB_USERNAME=DBUSER
DB_PASSWORD="DBPASS"
```
# Active Directory Authentication

27
doc/Support/Configuration.md
View File

@ -28,22 +28,25 @@ Log files created by LibreNMS will be stored within this directory.
# Database config
These are the configuration options you will need to use to specify to get started.
Set these variables either in .env or in the environment.
```php
$config['db_host'] = '127.0.0.1';
$config['db_port'] = 3306;
$config['db_user'] = '';
$config['db_pass'] = '';
$config['db_name'] = '';
```dotenv
DB_HOST=127.0.0.1
DB_DATABASE=librenms
DB_USERNAME=DBUSER
DB_PASSWORD="DBPASS"
```
If you use a unix socket, you can specify it with these options:
Use non-standard port:
```php
$config['db_host'] = NULL;
$config['db_port'] = NULL;
$config['db_socket'] = '/run/mysqld/mysqld.sock';
```dotenv
DB_PORT=3306
```
Use a unix socket:
```dotenv
DB_SOCKET=/run/mysqld/mysqld.sock
```
# Core

13
doc/Support/FAQ.md
View File

@ -531,20 +531,11 @@ menu similarly to device types.
If you've changed your database credentials then you will need to
update LibreNMS with those new details.
Please edit both `config.php` and `.env`
config.php:
```php
$config['db_host'] = '';
$config['db_user'] = '';
$config['db_pass'] = '';
$config['db_name'] = '';
```
Please edit `.env`
[.env](../Support/Environment-Variables.md#database):
```bash
```dotenv
DB_HOST=
DB_DATABASE=
DB_USERNAME=

64
includes/html/output/db-update.inc.php
View File

@ -1,64 +0,0 @@
<?php
/**
* db-update.inc.php
*
* Run database update/deploy for installer
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
* @package LibreNMS
* @link http://librenms.org
* @copyright 2017 Tony Murray
* @author Tony Murray <murraytony@gmail.com>
*/
$init_modules = ['web', 'nodb'];
require \LibreNMS\Config::get('install_dir') . '/includes/init.php';
var_dump(session()->all()); exit;
if (file_exists(\LibreNMS\Config::get('install_dir') . '/config.php')) {
echo("This should only be called during install");
exit;
}
header("Content-type: text/plain");
header('X-Accel-Buffering: no');
\LibreNMS\DB\Eloquent::setConnection(
'setup',
session('dbhost'),
session('dbuser'),
session('dbpass'),
session('dbname'),
session('dbport')
);
echo "Starting Update...\n";
try {
$ret = \Artisan::call('migrate', ['--seed' => true, '--force' => true, '--database' => 'setup']);
echo \Artisan::output();
if ($ret == 0 && \LibreNMS\DB\Schema::isCurrent()) {
echo "\n\nSuccess!";
} else {
echo "\n\nError!";
http_response_code(500);
}
} catch (Exception $e) {
echo $e->getMessage() . "\n\nError!";
http_response_code(500);
}

2
poller-wrapper.py
View File

@ -177,7 +177,7 @@ if __name__ == '__main__':
logger = LNMS.logger_get_logger(LOG_FILE, debug=_DEBUG)
install_dir = os.path.dirname(os.path.realpath(__file__))
LNMS.check_for_file(install_dir + '/config.php')
LNMS.check_for_file(install_dir + '/.env')
config = json.loads(LNMS.get_config_data(install_dir))
poller_path = config['install_dir'] + '/poller.php'

2
services-wrapper.py
View File

@ -192,7 +192,7 @@ if __name__ == '__main__':
logger = LNMS.logger_get_logger(LOG_FILE, debug=_DEBUG)
install_dir = os.path.dirname(os.path.realpath(__file__))
LNMS.check_for_file(install_dir + '/config.php')
LNMS.check_for_file(install_dir + '/.env')
config = json.loads(LNMS.get_config_data(install_dir))
service_path = config['install_dir'] + '/check-services.php'

7
tests/bootstrap.php
View File

@ -58,7 +58,12 @@ if (getenv('DBTEST')) {
// create testing table if needed
$db_config = \config("database.connections.testing");
$connection = new PDO("mysql:host={$db_config['host']}", $db_config['username'], $db_config['password']);
$connection->query("CREATE DATABASE IF NOT EXISTS {$db_config['database']} CHARACTER SET utf8 COLLATE utf8_unicode_ci");
$result = $connection->query("CREATE DATABASE IF NOT EXISTS {$db_config['database']} CHARACTER SET utf8 COLLATE utf8_unicode_ci");
if ($connection->errorCode() == '42000') {
echo implode(' ', $connection->errorInfo()) . PHP_EOL;
echo "Either create database {$db_config['database']} or populate DB_TEST_USERNAME and DB_TEST_PASSWORD in your .env with credentials that can" . PHP_EOL;
exit(1);
}
unset($connection); // close connection
// sqlite db file

48
tests/config/config.test.php
View File

@ -1,48 +0,0 @@
<?php
## Have a look in misc/config_definitions.json for examples of settings you can set here. DO NOT EDIT misc/config_definitions.json!
### Database config
$config['db_host'] = '127.0.0.1';
$config['db_user'] = 'root';
$config['db_pass'] = '';
$config['db_name'] = 'librenms_phpunit_78hunjuybybh';
// This is the user LibreNMS will run as
//Please ensure this user is created and has the correct permissions to your install
$config['user'] = 'librenms';
### This should *only* be set if you want to *force* a particular hostname/port
### It will prevent the web interface being usable form any other hostname
$config['base_url'] = "/";
### Enable this to use rrdcached. Be sure rrd_dir is within the rrdcached dir
### and that your web server has permission to talk to rrdcached.
#$config['rrdcached'] = "unix:/var/run/rrdcached.sock";
### Default community
$config['snmp']['community'] = array("public");
### Authentication Model
$config['auth_mechanism'] = "mysql"; # default, other options: ldap, http-auth
#$config['http_auth_guest'] = "guest"; # remember to configure this user if you use http-auth
### List of RFC1918 networks to allow scanning-based discovery
#$config['nets'][] = "10.0.0.0/8";
#$config['nets'][] = "172.16.0.0/12";
#$config['nets'][] = "192.168.0.0/16";
# Uncomment the next line to disable daily updates
#$config['update'] = 0;
# Number in days of how long to keep old rrd files. 0 disables this feature
$config['rrd_purge'] = 0;
# Uncomment to submit callback stats via proxy
#$config['callback_proxy'] = "hostname:port";
# Enable the in-built billing extension
$config['enable_billing'] = 1;
# Enable the in-built services support (Nagios plugins)
$config['show_services'] = 1;

2
validate.php
View File

@ -75,7 +75,7 @@ register_shutdown_function(function () {
if (!$precheck_complete) {
// use this in case composer autoloader isn't available
spl_autoload_register(function ($class) {
include str_replace('\\', '/', $class) . '.php';
@include str_replace('\\', '/', $class) . '.php';
});
print_header(version_info());
}