From 583d7e5629a0af114811f5be98d4498a82ad1edd Mon Sep 17 00:00:00 2001 From: Martin Berghaus Date: Wed, 9 Jul 2025 19:54:25 +0200 Subject: [PATCH] Handling of overwritten domain improved incl. monitoring and its documentation. --- script/monitor/README.md | 135 +++--------------- script/monitor/SETUP_DASHBOARD.md | 126 ++++++++++++++++ script/monitor/checks/EXAMPLE_CHECK.off | 9 ++ .../generic/OVERRIDDEN_DOMAIN_CHECK.sh | 46 ++++++ script/monitor/setupMonitoringHost.sh | 15 ++ 5 files changed, 216 insertions(+), 115 deletions(-) create mode 100644 script/monitor/SETUP_DASHBOARD.md create mode 100644 script/monitor/checks/EXAMPLE_CHECK.off create mode 100755 script/monitor/generic/OVERRIDDEN_DOMAIN_CHECK.sh diff --git a/script/monitor/README.md b/script/monitor/README.md index 55a46d4..446fe48 100644 --- a/script/monitor/README.md +++ b/script/monitor/README.md @@ -1,126 +1,31 @@ -How to setup a monitoring dashboard -=================================== +Monitoring - How it works +========================= -Inspired by: https://pimylifeup.com/ubuntu-chromium-kiosk/ +Basics +------ -Steps ------ +You have to set up the monitoring host first. That host will monitor your other machines. +Execute `/cis/script/monitor/setupMonitoringHost.sh` to start the process. - - -### 1.) Install Ubuntu Server (no desktop) on your computer than set hostname and timezone. - -```sh -hostnamectl set-hostname check.local -timedatectl set-timezone Europe/Berlin +As usual you can configure this feature via definitions. +``` +# Path of this feature's scripts : '/cis/script /monitor' +# Path of the corresponding definitions: '/cis/definitions/YOUR.DOMAIN/monitor' +ls -lha '/cis/script/monitor' +ls -lha '/cis/definitions/YOUR.DOMAIN/monitor' ``` +You can modify the appearance and place your own `check.css` or `logo.png` into the definitions folder: + - /cis/definitions/YOUR.DOMAIN/monitor/check.css +This feature will use these files with a higher priority. - -### 2.) Install minimal GUI and Tools. - -```sh -apt install ubuntu-desktop-minimal -apt install language-pack-gnome-de -apt install xdotool -apt install dbus-x11 -``` +After the change, you must call `/cis/script/monitor/setupMonitoringHost.sh` again, +because it creates links in '/var/www/html/' and gives the definitions priority over the script. -### 3.) Create a kiosk user with home-directory. +Dashboard +--------- -```sh -useradd -m kiosk -``` - -and disable Welocme-Screen -```sh -echo "yes" > /home/kiosk/.config/gnome-initial-setup-done -``` - - - -### 4.) Edit following file `nano /etc/gdm3/custom.conf` to turn of wayland and turn on autologin for user 'kiosk'. - -``` -[daemon] -# Uncomment the line below to force the login screen to use Xorg -#WaylandEnable=false - -WaylandEnable=false - -# Enabling automatic login -# AutomaticLoginEnable = true -# AutomaticLogin = user1 - -AutomaticLoginEnable = true -AutomaticLogin = kiosk -``` - - - -### 5.) Configure GUI of user kiosk to prevent monitor from sleeping - -```sh -#gsettings list-recursively - -# Does not work -#sudo -u kiosk gsettings set org.gnome.desktop.session idle-delay 0 - -# Set idle-delay from "uint32 300" to "uint32 0", needs 'apt install dbus-x11' -# You can check the value in "GUI-Session of kiosk -> Settings -> Power" -sudo -u kiosk dbus-launch dconf write /org/gnome/desktop/session/idle-delay "uint32 0" -``` - - - -### 6.) Create custom service to start firefox loading the page. - -Therefore create a file `/etc/systemd/system/kiosk.service` with this content: - -``` -[Unit] -Description=Firefox Kiosk -Wants=graphical.target -After=graphical.target - -[Service] -Environment=DISPLAY=:0 -# Set firefox language, needs 'apt install language-pack-gnome-de' -Environment=LANG=de_DE.UTF-8 -Type=simple -# Always a fresh firefox ('-' allow error if common does not exist) -ExecStartPre=-/usr/bin/rm -r /home/kiosk/snap/firefox/common -# Move Mouse (should also work on small screens), needs 'apt install dbus-x11' -ExecStartPre=/usr/bin/xdotool mousemove 4096 2160 -# See: https://wiki.mozilla.org/Firefox/CommandLineOptions (just -kiosk URL => Start-Assistant, so use -url too) -ExecStart=/usr/bin/firefox -fullscreen -kiosk -url http://monitor.example.net/check.html -Restart=always -RestartSec=30 -User=kiosk -Group=kiosk - -[Install] -WantedBy=graphical.target -``` - - - -### 7.) Enable the service and reboot - -```sh -systemctl enable kiosk -reboot -``` - - - -Troubleshouting ---------------- - -``` -systemctl disable pd-mapper.service -apt purge cloud-init -y && apt autoremove --purge -y -``` +You can set up an dashboard following this manual [SETUP_DASHBOARD.md](SETUP_DASHBOARD.md) diff --git a/script/monitor/SETUP_DASHBOARD.md b/script/monitor/SETUP_DASHBOARD.md new file mode 100644 index 0000000..55a46d4 --- /dev/null +++ b/script/monitor/SETUP_DASHBOARD.md @@ -0,0 +1,126 @@ + +How to setup a monitoring dashboard +=================================== + +Inspired by: https://pimylifeup.com/ubuntu-chromium-kiosk/ + +Steps +----- + + + +### 1.) Install Ubuntu Server (no desktop) on your computer than set hostname and timezone. + +```sh +hostnamectl set-hostname check.local +timedatectl set-timezone Europe/Berlin +``` + + + +### 2.) Install minimal GUI and Tools. + +```sh +apt install ubuntu-desktop-minimal +apt install language-pack-gnome-de +apt install xdotool +apt install dbus-x11 +``` + + + +### 3.) Create a kiosk user with home-directory. + +```sh +useradd -m kiosk +``` + +and disable Welocme-Screen +```sh +echo "yes" > /home/kiosk/.config/gnome-initial-setup-done +``` + + + +### 4.) Edit following file `nano /etc/gdm3/custom.conf` to turn of wayland and turn on autologin for user 'kiosk'. + +``` +[daemon] +# Uncomment the line below to force the login screen to use Xorg +#WaylandEnable=false + +WaylandEnable=false + +# Enabling automatic login +# AutomaticLoginEnable = true +# AutomaticLogin = user1 + +AutomaticLoginEnable = true +AutomaticLogin = kiosk +``` + + + +### 5.) Configure GUI of user kiosk to prevent monitor from sleeping + +```sh +#gsettings list-recursively + +# Does not work +#sudo -u kiosk gsettings set org.gnome.desktop.session idle-delay 0 + +# Set idle-delay from "uint32 300" to "uint32 0", needs 'apt install dbus-x11' +# You can check the value in "GUI-Session of kiosk -> Settings -> Power" +sudo -u kiosk dbus-launch dconf write /org/gnome/desktop/session/idle-delay "uint32 0" +``` + + + +### 6.) Create custom service to start firefox loading the page. + +Therefore create a file `/etc/systemd/system/kiosk.service` with this content: + +``` +[Unit] +Description=Firefox Kiosk +Wants=graphical.target +After=graphical.target + +[Service] +Environment=DISPLAY=:0 +# Set firefox language, needs 'apt install language-pack-gnome-de' +Environment=LANG=de_DE.UTF-8 +Type=simple +# Always a fresh firefox ('-' allow error if common does not exist) +ExecStartPre=-/usr/bin/rm -r /home/kiosk/snap/firefox/common +# Move Mouse (should also work on small screens), needs 'apt install dbus-x11' +ExecStartPre=/usr/bin/xdotool mousemove 4096 2160 +# See: https://wiki.mozilla.org/Firefox/CommandLineOptions (just -kiosk URL => Start-Assistant, so use -url too) +ExecStart=/usr/bin/firefox -fullscreen -kiosk -url http://monitor.example.net/check.html +Restart=always +RestartSec=30 +User=kiosk +Group=kiosk + +[Install] +WantedBy=graphical.target +``` + + + +### 7.) Enable the service and reboot + +```sh +systemctl enable kiosk +reboot +``` + + + +Troubleshouting +--------------- + +``` +systemctl disable pd-mapper.service +apt purge cloud-init -y && apt autoremove --purge -y +``` diff --git a/script/monitor/checks/EXAMPLE_CHECK.off b/script/monitor/checks/EXAMPLE_CHECK.off new file mode 100644 index 0000000..527c3a2 --- /dev/null +++ b/script/monitor/checks/EXAMPLE_CHECK.off @@ -0,0 +1,9 @@ +#!/bin/bash + +_CHECK="$(readlink -f "${0}" 2> /dev/null)" + +# Folders always ends with an tailing '/' +_CIS_ROOT="${_CHECK%%/definitions/*}/" #Removes longest matching pattern '/definitions/*' from the end +_GENERIC_CHECKS="${_CIS_ROOT:?"Missing CIS_ROOT"}script/monitor/generic/" + +${_GENERIC_CHECKS:?"Missing GENERIC_CHECKS"}OVERRIDDEN_DOMAIN_CHECK.sh "your-host.your-domain.net" diff --git a/script/monitor/generic/OVERRIDDEN_DOMAIN_CHECK.sh b/script/monitor/generic/OVERRIDDEN_DOMAIN_CHECK.sh new file mode 100755 index 0000000..5d88de7 --- /dev/null +++ b/script/monitor/generic/OVERRIDDEN_DOMAIN_CHECK.sh @@ -0,0 +1,46 @@ +#!/bin/bash + +_REMOTE_HOST="${1:?"FQDN of server missing: e.g. host.example.net[:port]"}" +_REMOTE_HOSTNAME_FQDN="${_REMOTE_HOST%%:*}" #Removes longest matching pattern ':*' from the end +_REMOTE_HOSTNAME_SHORT="${_REMOTE_HOSTNAME_FQDN%%.*}" #Removes longest matching pattern '.*' from the end +_REMOTE_PORT="${_REMOTE_HOST}:" +_REMOTE_PORT="${_REMOTE_PORT#*:}" #Removes shortest matching pattern '*:' from the begin +_REMOTE_PORT="${_REMOTE_PORT%%:*}" #Removes longest matching pattern ':*' from the end +_REMOTE_PORT="${_REMOTE_PORT:-"22"}" +_REMOTE_USER="monitoring" +_SOCKET='~/.ssh/%r@%h:%p' + + + +function checkOrStartSSHMaster() { + timeout --preserve-status 1 "ssh -O check -S ${_SOCKET} -p ${_REMOTE_PORT} ${_REMOTE_USER}@${_REMOTE_HOSTNAME_FQDN}" &> /dev/null \ + && echo "master checked" \ + && return 0 + + ssh -O stop -S ${_SOCKET} -p ${_REMOTE_PORT} ${_REMOTE_USER}@${_REMOTE_HOSTNAME_FQDN} &> /dev/null + ssh -o ControlMaster=auto \ + -o ControlPath=${_SOCKET} \ + -o ControlPersist=65 \ + -p ${_REMOTE_PORT} \ + -f ${_REMOTE_USER}@${_REMOTE_HOSTNAME_FQDN} exit &> /dev/null \ + && return 0 + + echo "FAIL#SSH connection (setup ok?)" + return 1 +} + +function testDomain(){ + checkOrStartSSHMaster \ + || return 1 + + local _RESULT="$(ssh -S ${_SOCKET} -p ${_REMOTE_PORT} ${_REMOTE_USER}@${_REMOTE_HOSTNAME_FQDN} 'bash /cis/core/printOwnDomain.sh' 2>&1 1>/dev/null)" + + [ -z "${_RESULT}" ] \ + && echo "OK" \ + && return 0 + + echo "WARNING#Check hosts '/cis/core/printOwnDomain'" + return 0 +} + +testDomain && exit 0 diff --git a/script/monitor/setupMonitoringHost.sh b/script/monitor/setupMonitoringHost.sh index 2540fdf..de1bfa4 100755 --- a/script/monitor/setupMonitoringHost.sh +++ b/script/monitor/setupMonitoringHost.sh @@ -15,6 +15,20 @@ _DEFINITIONS="${_CIS_ROOT:?"Missing CIS_ROOT"}definitions/${_DOMAIN:?"Missing DO +function checkPreconditions() { + [ -d "${_DEFINITIONS:?"Missing DEFINITIONS"}monitor/checks" ] \ + && return 0 + + echo "No folder for your defined checks found: ${_DEFINITIONS:?"Missing DEFINITIONS"}monitor/checks" + echo "Please create it and add all your custom monitoring checks there, following this convention: 'NAME_OF_THE_CHECK.on'" + echo "A check has to be switched 'on' to be executed, so you can rename a check to 'NAME_OF_THE_CHECK.off' and it will be ignored." + echo + echo "You can copy the file '/cis/script/monitor/checks/EXAMPLE_CHECK.off' to your check definitions folder and modify it." + return 1 +} + + + function printSelectedDefinition() { local _FILE_DEFINED_DOMAIN _FILE_DEFINED_DEFAULT _FILE_DEFINED_DOMAIN="${_DEFINITIONS:?"Missing DEFINITIONS"}monitor/${1:?"Missing CURRENT_FULLFILE"}" @@ -50,6 +64,7 @@ function setupPublicFile() { } echo "Setup the monitoring host that monitors the others ... " \ + && checkPreconditions \ && setupPublicFile "check.html" \ && setupPublicFile "check.css" \ && setupPublicFile "logo.png" \