librenms-librenms/app/Checks.php

<?php
/**
 * Checks.php
 *
 * Pre-flight checks at various stages of booting
 *
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program.  If not, see <http://www.gnu.org/licenses/>.
 *
 * @package    LibreNMS
 * @link       http://librenms.org
 * @copyright  2018 Tony Murray
 * @author     Tony Murray <murraytony@gmail.com>
 */

namespace App;

use App\Models\Device;
use App\Models\Notification;
use Auth;
use Carbon\Carbon;
use Dotenv\Dotenv;
use Kamaln7\Toastr\Facades\Toastr;
use LibreNMS\Config;

class Checks
{
    public static function preBoot()
    {
        // check file/folder permissions
        $check_folders = [
            self::basePath('bootstrap/cache'),
            self::basePath('storage'),
            self::basePath('logs'),
        ];

        $check_files = [
            self::basePath('logs/librenms.log'), // This file is important because Laravel needs to be able to write to it
        ];

        // check that each is writable
        $check_folders = array_filter($check_folders, function ($path) {
            return !is_writable($path);
        });

        $check_files = array_filter($check_files, function ($path) {
            return file_exists($path) xor is_writable($path);
        });

        if (!empty($check_folders) || !empty($check_files)) {
            // only operate on parent directories, not files
            $check = array_unique(array_merge($check_folders, array_map('dirname', $check_files)));

            // load .env, it isn't loaded
            $dotenv = new Dotenv(__DIR__ . '/../');
            $dotenv->load();

            $user = env('LIBRENMS_USER', 'librenms');
            $group = env('LIBRENMS_GROUP', $user);

            // build chown message
            $dirs = implode(' ', $check);
            $chown_commands =                 [
                "chown -R $user:$group $dirs",
                "setfacl -R -m g::rwx $dirs",
                "setfacl -d -m g::rwx $dirs",
            ];

            //check for missing directories
            $missing = array_filter($check, 'file_exists');
            if (!empty($missing)) {
                array_unshift($chown_commands, 'mkdir -p ' . implode(' ', $missing));
            }

            self::printMessage(
                "Error: $dirs not writable! Run these commands as root to fix:",
                $chown_commands
            );

            // build SELinux output
            $selinux_commands = [];
            foreach ($check as $dir) {
                $selinux_commands[] = "semanage fcontext -a -t httpd_sys_content_t '$dir(/.*)?'";
                $selinux_commands[] = "semanage fcontext -a -t httpd_sys_rw_content_t '$dir(/.*)?'";
                $selinux_commands[] = "restorecon -RFvv $dir";
            }

            self::printMessage(
                "If using SELinux you may also need:",
                $selinux_commands,
                true
            );
        }
    }

    /**
     * Pre-boot dependency check
     */
    public static function postAutoload()
    {
        if (!class_exists(\Illuminate\Foundation\Application::class)) {
            self::printMessage(
                'Error: Missing dependencies! Run the following command to fix:',
                './scripts/composer_wrapper.php install --no-dev',
                true
            );
        }
    }

    /**
     * Post boot Toast messages
     */
    public static function postAuth()
    {
        $notifications = Notification::isUnread(Auth::user())->where('severity', '>', 1)->get();
        foreach ($notifications as $notification) {
            Toastr::error("<a href='notifications/'>$notification->body</a>", $notification->title);
        }

        if (Device::isUp()->whereTime('last_polled', '<=', Carbon::now()->subMinutes(15))->count() > 0) {
            Toastr::warning('<a href="poll-log/filter=unpolled/">It appears as though you have some devices that haven\'t completed polling within the last 15 minutes, you may want to check that out :)</a>', 'Devices unpolled');
        }

        // Directory access checks
        $rrd_dir = Config::get('rrd_dir');
        if (!is_dir($rrd_dir)) {
            Toastr::error("RRD Directory is missing ($rrd_dir).  Graphing may fail.");
        }

        $temp_dir = Config::get('temp_dir');
        if (!is_dir($temp_dir)) {
            Toastr::error("Temp Directory is missing ($temp_dir).  Graphing may fail.");
        } elseif (!is_writable($temp_dir)) {
            Toastr::error("Temp Directory is not writable ($temp_dir).  Graphing may fail.");
        }
    }

    private static function printMessage($title, $content, $exit = false)
    {
        $content = (array)$content;

        if (PHP_SAPI == 'cli') {
            $format = "%s\n\n%s\n\n";
            $message = implode(PHP_EOL, $content);
        } else {
            $format = "<h3 style='color: firebrick;'>%s</h3><p>%s</p>";
            $message = implode('<br />', $content);
        }

        printf($format, $title, $message);

        if ($exit) {
            exit(1);
        }
    }

    private static function basePath($path = '')
    {
        $base_dir = realpath(__DIR__ . '/..');
        return "$base_dir/$path";
    }
}
Add Laravel to LibreNMS (#8318) * Add Laravel to LibreNMS. * Try to set permissions during initial install and first composer update to Laravel. * Fix composer.lock Fix missing db config keys * Start building v1 layout Port ajax_setresolution, inject csrf into jquery ajax calls Layout works, building menu Partially done. * Fix device group list remove stupid count relationships * Print messages for common boot errors. Don't log to laravel.log file. Log to error_log until booted, then librenms.log * Fix up some issues with Config loading Start of custom directives * Custom blade directives: config, notconfig, admin * Preflight checks Only load config files once. * Update the composer.lock for php 5.6 * Menu through routing * Start of alert menu * Better alert scopes * reduce cruft in models * Alerting menu more or less working :D * Fix style * Improved preflight * Fix chicken-eggs! * Remove examples * Better alert_rule status queries Debugbar * fix app.env check * User Menu * Settings bar (dropped refresh) Search JS * Toastr messages * Rename preflight * Use hasAccess(User) on most models. Add port counts * Missed a Preflight -> Checks rename * Fix some formatting * Boot Eloquent outside of Laravel Use Eloquent for Config and Plugins so we don't have to connect with dbFacile inside Laravel. Move locate_binary() into Config class * Config WIP * Try to fix a lot of config loading issues. * Improve menu for non-admins removing unneeded menus url() for all in menu * Only use eloquent if it exists * Include APP_URL in initial .env settings * Implement Legacy User Provider * Helper class for using Eloquent outside of Laravel. Allows access to DB style queries too and checking the connection status. * Fix up tests * Fix device groups query * Checking Travis * copy config.test.php earlier * dbFacile check config before connecting Don't use exception to check if eloquent is connected, it gets grabbed by the exception handler. Ignore missing config.php error. * Fix config load with database is not migrated yet. * Remove Config::load() from early boot. * Use laravel config settings to init db (this prefers .env settings) Fix bgp vars not set in menu add _ide_helper.php to .gitignore * Restrict dependencies to versions that support php 5.6 * Update ConfigTest * Fix a couple of installation issues * Add unique NODE_ID to .env * Correct handling of title image * Fix database config not loading. Thanks @laf * Don't prepend / * add class_exists checks for development service providers * Fix config value casting * Don't use functions that may not exist * Update dbFacile.php * d_echo may not be defined when Config used called. * Add SELinux configuration steps More detailed permissions check. Check all and give complete corrective commands in one step. * Ignore node_modules directory * Re-add accidetal removal 2018-05-09 08:05:17 -05:00			`<?php`
			`/**`
			`* Checks.php`
			`*`
			`* Pre-flight checks at various stages of booting`
			`*`
			`* This program is free software: you can redistribute it and/or modify`
			`* it under the terms of the GNU General Public License as published by`
			`* the Free Software Foundation, either version 3 of the License, or`
			`* (at your option) any later version.`
			`*`
			`* This program is distributed in the hope that it will be useful,`
			`* but WITHOUT ANY WARRANTY; without even the implied warranty of`
			`* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.See the`
			`* GNU General Public License for more details.`
			`*`
			`* You should have received a copy of the GNU General Public License`
			`* along with this program. If not, see <http://www.gnu.org/licenses/>.`
			`*`
			`* @package LibreNMS`
			`* @link http://librenms.org`
			`* @copyright 2018 Tony Murray`
			`* @author Tony Murray <murraytony@gmail.com>`
			`*/`

			`namespace App;`

			`use App\Models\Device;`
			`use App\Models\Notification;`
			`use Auth;`
			`use Carbon\Carbon;`
			`use Dotenv\Dotenv;`
			`use Kamaln7\Toastr\Facades\Toastr;`
			`use LibreNMS\Config;`

			`class Checks`
			`{`
			`public static function preBoot()`
			`{`
			`// check file/folder permissions`
			`$check_folders = [`
			`self::basePath('bootstrap/cache'),`
			`self::basePath('storage'),`
			`self::basePath('logs'),`
			`];`

			`$check_files = [`
			`self::basePath('logs/librenms.log'), // This file is important because Laravel needs to be able to write to it`
			`];`

			`// check that each is writable`
			`$check_folders = array_filter($check_folders, function ($path) {`
			`return !is_writable($path);`
			`});`

			`$check_files = array_filter($check_files, function ($path) {`
			`return file_exists($path) xor is_writable($path);`
			`});`

			`if (!empty($check_folders) \|\| !empty($check_files)) {`
			`// only operate on parent directories, not files`
			`$check = array_unique(array_merge($check_folders, array_map('dirname', $check_files)));`

			`// load .env, it isn't loaded`
			`$dotenv = new Dotenv(__DIR__ . '/../');`
			`$dotenv->load();`

			`$user = env('LIBRENMS_USER', 'librenms');`
			`$group = env('LIBRENMS_GROUP', $user);`

			`// build chown message`
			`$dirs = implode(' ', $check);`
			`$chown_commands = [`
			`"chown -R $user:$group $dirs",`
			`"setfacl -R -m g::rwx $dirs",`
			`"setfacl -d -m g::rwx $dirs",`
			`];`

			`//check for missing directories`
			`$missing = array_filter($check, 'file_exists');`
			`if (!empty($missing)) {`
			`array_unshift($chown_commands, 'mkdir -p ' . implode(' ', $missing));`
			`}`

			`self::printMessage(`
			`"Error: $dirs not writable! Run these commands as root to fix:",`
			`$chown_commands`
			`);`

			`// build SELinux output`
			`$selinux_commands = [];`
			`foreach ($check as $dir) {`
			`$selinux_commands[] = "semanage fcontext -a -t httpd_sys_content_t '$dir(/.*)?'";`
			`$selinux_commands[] = "semanage fcontext -a -t httpd_sys_rw_content_t '$dir(/.*)?'";`
			`$selinux_commands[] = "restorecon -RFvv $dir";`
			`}`

			`self::printMessage(`
			`"If using SELinux you may also need:",`
			`$selinux_commands,`
			`true`
			`);`
			`}`
			`}`

			`/**`
			`* Pre-boot dependency check`
			`*/`
			`public static function postAutoload()`
			`{`
			`if (!class_exists(\Illuminate\Foundation\Application::class)) {`
			`self::printMessage(`
			`'Error: Missing dependencies! Run the following command to fix:',`
			`'./scripts/composer_wrapper.php install --no-dev',`
			`true`
			`);`
			`}`
			`}`

			`/**`
			`* Post boot Toast messages`
			`*/`
			`public static function postAuth()`
			`{`
			`$notifications = Notification::isUnread(Auth::user())->where('severity', '>', 1)->get();`
			`foreach ($notifications as $notification) {`
			`Toastr::error("<a href='notifications/'>$notification->body</a>", $notification->title);`
			`}`

			`if (Device::isUp()->whereTime('last_polled', '<=', Carbon::now()->subMinutes(15))->count() > 0) {`
			`Toastr::warning('<a href="poll-log/filter=unpolled/">It appears as though you have some devices that haven\'t completed polling within the last 15 minutes, you may want to check that out :)</a>', 'Devices unpolled');`
			`}`

			`// Directory access checks`
			`$rrd_dir = Config::get('rrd_dir');`
			`if (!is_dir($rrd_dir)) {`
			`Toastr::error("RRD Directory is missing ($rrd_dir). Graphing may fail.");`
			`}`

			`$temp_dir = Config::get('temp_dir');`
			`if (!is_dir($temp_dir)) {`
			`Toastr::error("Temp Directory is missing ($temp_dir). Graphing may fail.");`
			`} elseif (!is_writable($temp_dir)) {`
			`Toastr::error("Temp Directory is not writable ($temp_dir). Graphing may fail.");`
			`}`
			`}`

			`private static function printMessage($title, $content, $exit = false)`
			`{`
			`$content = (array)$content;`

			`if (PHP_SAPI == 'cli') {`
			`$format = "%s\n\n%s\n\n";`
			`$message = implode(PHP_EOL, $content);`
			`} else {`
			`$format = "<h3 style='color: firebrick;'>%s</h3><p>%s</p>";`
			`$message = implode('<br />', $content);`
			`}`

			`printf($format, $title, $message);`

			`if ($exit) {`
			`exit(1);`
			`}`
			`}`

			`private static function basePath($path = '')`
			`{`
			`$base_dir = realpath(__DIR__ . '/..');`
			`return "$base_dir/$path";`
			`}`
			`}`