diff options
author | Gibheer <gibheer+git@zero-knowledge.org> | 2021-12-02 17:54:14 +0100 |
---|---|---|
committer | Gibheer <gibheer+git@zero-knowledge.org> | 2021-12-02 17:54:14 +0100 |
commit | fa05045d31c05c8928020f05f1d281901d983b2b (patch) | |
tree | 2ed3bac60302bfb14535a169f4b3e10d18fc6120 /cmd/monfront | |
parent | 41d4805d584161ca16b8187194385e47c36422a6 (diff) |
cmd/monfront - import monfront from separate repository
This is the import from the separate monfront repository. The history
could not be imported, but this should suffice.
Diffstat (limited to 'cmd/monfront')
-rw-r--r-- | cmd/monfront/README.md | 72 | ||||
-rw-r--r-- | cmd/monfront/authenticater.go | 183 | ||||
-rw-r--r-- | cmd/monfront/authorizer.go | 35 | ||||
-rw-r--r-- | cmd/monfront/checks.go | 226 | ||||
-rw-r--r-- | cmd/monfront/filter.go | 96 | ||||
-rw-r--r-- | cmd/monfront/groups.go | 85 | ||||
-rw-r--r-- | cmd/monfront/main.go | 426 | ||||
-rw-r--r-- | cmd/monfront/pw.go | 99 | ||||
-rw-r--r-- | cmd/monfront/server.go | 153 | ||||
-rw-r--r-- | cmd/monfront/templates/check.html | 51 | ||||
-rw-r--r-- | cmd/monfront/templates/checkfilter.html | 49 | ||||
-rw-r--r-- | cmd/monfront/templates/checkformfooter.html | 1 | ||||
-rw-r--r-- | cmd/monfront/templates/checkformheader.html | 43 | ||||
-rw-r--r-- | cmd/monfront/templates/checklist.html | 29 | ||||
-rw-r--r-- | cmd/monfront/templates/error.html | 1 | ||||
-rw-r--r-- | cmd/monfront/templates/footer.html | 76 | ||||
-rw-r--r-- | cmd/monfront/templates/grouplist.html | 21 | ||||
-rw-r--r-- | cmd/monfront/templates/header.html | 101 |
18 files changed, 1747 insertions, 0 deletions
diff --git a/cmd/monfront/README.md b/cmd/monfront/README.md new file mode 100644 index 0000000..ad64845 --- /dev/null +++ b/cmd/monfront/README.md @@ -0,0 +1,72 @@ +monfront +======== + +Monfront is the frontend to manage monzero. Monzero consists of the other two +components moncheck and monwork too. + +requirements +------------ + +runtime requirements: +* PostgreSQL >= 10.0 + +build requirements: +* Go >= 1.11 + +components +---------- + +The following components exist: + +### monfront + +Monfront is a webfrontend to view the current state of all checks, configure +hosts, groups, checks and view current notifications. +It is possible to run multiple instances. + +configuration +------------- + +To get the system working, first install the database. After that, create an +alarm mapping: + +``` +insert into mappings(name, description) values ('default', 'The default mapping'); +insert into mapping_level values (1, 0, 0, 'okay', 'green'); +insert into mapping_level values (1, 1, 1, 'okay', 'orange'); +insert into mapping_level values (1, 2, 2, 'okay', 'red'); +insert into mapping_level values (1, 3, 3, 'okay', 'gray'); +``` + +Next is to create a notifier. This feature doesn't work 100% yet and needs some +work and may look different later: + +``` +insert into notifier(name) values ('default'); +``` + +After that create a check command: + +``` +insert into commands(name, command, message) values ('ping', 'ping -n -c 1 {{ .ip }}', 'Ping a target'); +``` + +This command can contain variables that are set in the check. It will be executed by moncheck and the result stored. + +After that, create a node which will get the checks attached: + +``` +insert into nodes(name, message) values ('localhost', 'My localhost is my castle'); +``` + +With that prepared, create the first check: + +``` +insert into checks(node_id, command_id, notifier_id, message, options) +values (1, 1, 1, 'This is my localhost ping check!', '{"ip": "127.0.0.1"}'); +``` + +Now start the daemons moncheck, monfront and monwork. + +monwork will transform the configured check into an active check, while moncheck +will run the actual checks. Through monfront one can view the current status. diff --git a/cmd/monfront/authenticater.go b/cmd/monfront/authenticater.go new file mode 100644 index 0000000..8453264 --- /dev/null +++ b/cmd/monfront/authenticater.go @@ -0,0 +1,183 @@ +package main + +import ( + "crypto/hmac" + "crypto/rand" + "crypto/sha256" + "database/sql" + "encoding/base64" + "fmt" + "log" + "net/http" + "strings" + "time" +) + +const ( + BasicAuthPrompt = `Basic realm="auth for monfront"` + SessionCookie = `session` + UserAnonymous = `anonymous` +) + +type ( + // Authenticator is a middleware taking a context and authenticating + // the user. + Authenticator struct { + db *sql.DB + Mode string + Token []byte + AllowAnonymous bool + Header string + List [][]string + ClientCA string + + sessions map[string]*session // maps a session key to a user + } + + session struct { + user string + t time.Time + } +) + +// Handler returns the handler for the authentication configuration. +func (a *Authenticator) Handler() (func(*Context) error, error) { + switch a.Mode { + case "none": + return func(_ *Context) error { return nil }, nil + case "header": + if a.Header == "" { + return nil, fmt.Errorf("authentication mode is 'header' but no header was provided") + } + return func(c *Context) error { + if user := c.r.Header.Get(a.Header); user == "" { + if a.AllowAnonymous { + c.User = UserAnonymous + return nil + } + return a.Unauthorized(c) + } else { + c.User = user + } + return nil + }, nil + case "list": + return func(c *Context) error { + user, pass, ok := c.r.BasicAuth() + if !ok || user == "" || pass == "" { + if a.AllowAnonymous { + c.User = UserAnonymous + return nil + } + c.w.Header().Set("WWW-Authenticate", BasicAuthPrompt) + return a.Unauthorized(c) + } + var found string + for _, entry := range a.List { + if entry[0] == user { + found = entry[1] + } + } + if found == "" { + c.w.Header().Set("WWW-Authenticate", BasicAuthPrompt) + return a.Unauthorized(c) + } + p := pwHash{} + if err := p.Parse(found); err != nil { + log.Printf("could not parse hash for user '%s': %s", user, err) + return a.Unauthorized(c) + } + if ok, err := p.compare(pass); err != nil { + c.w.Header().Set("WWW-Authenticate", BasicAuthPrompt) + return a.Unauthorized(c) + } else if !ok { + c.w.Header().Set("WWW-Authenticate", BasicAuthPrompt) + return a.Unauthorized(c) + } + c.User = user + return nil + }, nil + case "db": + return func(c *Context) error { + sessCookie := c.GetCookieVal(SessionCookie) + if sessCookie != "" { + ses := a.getSession(sessCookie) + if ses != "" { + // TODO fix time limit to make it variable + c.SetCookie(SessionCookie, sessCookie, time.Now().Add(2*time.Hour)) + c.User = ses + return nil + } + } + return fmt.Errorf("NOT YET IMPLEMENTED") + }, fmt.Errorf("NOT YET IMPLEMENTED") + case "cert": + return func(c *Context) error { + return fmt.Errorf("NOT YET IMPLEMENTED") + }, fmt.Errorf("NOT YET IMPLEMENTED") + default: + return nil, fmt.Errorf("unknown mode '%s' for authentication", a.Mode) + } + return nil, fmt.Errorf("could not create authenticator") +} + +func (a *Authenticator) Unauthorized(c *Context) error { + c.w.WriteHeader(http.StatusUnauthorized) + fmt.Fprintf(c.w, "unauthorized\n") + return fmt.Errorf("no authentication") +} + +// creates a session for a user +func (a *Authenticator) createSession(user string) (string, error) { + raw := make([]byte, 32) + if _, err := rand.Read(raw); err != nil { + return "", fmt.Errorf("could not generate new session key") + } + res := a.mac(raw) + ses := fmt.Sprintf( + "%s-%s", + base64.StdEncoding.EncodeToString(raw), + base64.StdEncoding.EncodeToString(res), + ) + a.sessions[ses] = &session{user: user, t: time.Now()} + return ses, nil +} + +func (a *Authenticator) mac(input []byte) []byte { + mac := hmac.New(sha256.New, a.Token) + mac.Write(input) + return mac.Sum(nil) +} + +// getSession returns the username of the current session. +func (a *Authenticator) getSession(session string) string { + if session == "" { + return "" + } + parts := strings.Split(session, "-") + if len(parts) != 2 { + return "" + } + msg, err := base64.StdEncoding.DecodeString(parts[0]) + if err != nil { + return "" + } + mac, err := base64.StdEncoding.DecodeString(parts[1]) + if err != nil { + return "" + } + verify := a.mac(msg) + if !hmac.Equal(mac, verify) { + return "" + } + if ses, found := a.sessions[session]; found { + // TODO make timeout a config option + if time.Now().Sub(ses.t) < 8*time.Hour { + delete(a.sessions, session) + return "" + } + ses.t = time.Now() + return ses.user + } + return "" +} diff --git a/cmd/monfront/authorizer.go b/cmd/monfront/authorizer.go new file mode 100644 index 0000000..7880cd0 --- /dev/null +++ b/cmd/monfront/authorizer.go @@ -0,0 +1,35 @@ +package main + +import ( + "database/sql" + "fmt" +) + +type ( + Authorizer struct { + db *sql.DB + Mode string + List []string + } +) + +func (a *Authorizer) Handler() (func(c *Context) error, error) { + switch a.Mode { + case "none": + return func(_ *Context) error { return nil }, nil + case "list": + return func(c *Context) error { + for _, user := range a.List { + if user == c.User { + c.CanEdit = true + return nil + } + } + return nil + }, nil + case "all": + return func(c *Context) error { c.CanEdit = true; return nil }, nil + default: + return func(_ *Context) error { return nil }, fmt.Errorf("authorization mode '%s' is unsupported", a.Mode) + } +} diff --git a/cmd/monfront/checks.go b/cmd/monfront/checks.go new file mode 100644 index 0000000..d61d337 --- /dev/null +++ b/cmd/monfront/checks.go @@ -0,0 +1,226 @@ +package main + +import ( + "database/sql" + "log" + "net/http" + "time" + + "github.com/lib/pq" +) + +type ( + check struct { + NodeId int + NodeName string + CommandName string + CheckID int64 + CheckName string + MappingId int + State int + Enabled bool + Notify bool + Notice sql.NullString + NextTime time.Time + Msg string + StateSince time.Time + } + + checkDetails struct { + Id int64 + Name string + Message string + Enabled bool + Updated time.Time + LastRefresh time.Time + NextTime time.Time + MappingId int + MappingName string + NodeId int + NodeName string + NodeMessage string + CommandId int + CommandName string + CommandLine []string + CommandMessage string + States []int64 + Notice sql.NullString + Notifiers []notifier + Notifications []notification + CheckerID int + CheckerName string + CheckerMsg string + } + + notifier struct { + Id int + Name string + Enabled bool + } + + notification struct { + Id int64 + State int + Output string + Inserted time.Time + Sent pq.NullTime + NotifierName string + MappingId int + } +) + +// showCheck loads shows the notifications for a specific check. +func showCheck(con *Context) { + cd := checkDetails{} + con.CheckDetails = &cd + id, found := con.r.URL.Query()["check_id"] + if !found { + con.Error = "no check given to view" + returnError(http.StatusNotFound, con, con.w) + return + } + query := `select c.id, c.name, c.message, c.enabled, c.updated, c.last_refresh, + m.id, m.name, n.id, n.name, n.message, co.id, co.Name, co.message, + ac.cmdline, ac.states, ac.msg, ac.next_time, ch.id, ch.name, ch.description + from checks c + join active_checks ac on c.id = ac.check_id + join nodes n on c.node_id = n.id + join commands co on c.command_id = co.id + join mappings m on ac.mapping_id = m.id + join checkers ch on c.checker_id = ch.id + where c.id = $1::bigint` + err := DB.QueryRow(query, id[0]).Scan(&cd.Id, &cd.Name, &cd.Message, &cd.Enabled, + &cd.Updated, &cd.LastRefresh, &cd.MappingId, &cd.MappingName, &cd.NodeId, + &cd.NodeName, &cd.NodeMessage, &cd.CommandId, &cd.CommandName, &cd.CommandMessage, + pq.Array(&cd.CommandLine), pq.Array(&cd.States), &cd.Notice, &cd.NextTime, + &cd.CheckerID, &cd.CheckerName, &cd.CheckerMsg) + if err != nil && err == sql.ErrNoRows { + con.w.Header()["Location"] = []string{"/"} + con.w.WriteHeader(http.StatusSeeOther) + return + } else if err != nil { + con.w.WriteHeader(http.StatusInternalServerError) + con.w.Write([]byte("problems with the database")) + log.Printf("could not get check details for check id %s: %s", id[0], err) + return + } + + query = `select n.id, states[1], output, inserted, sent, no.name, n.mapping_id + from notifications n + join notifier no on n.notifier_id = no.id + where check_id = $1::bigint + order by inserted desc + limit 500` + rows, err := DB.Query(query, cd.Id) + defer rows.Close() + if err != nil { + log.Printf("could not load notifications: %s", err) + con.Error = "could not load notification information" + returnError(http.StatusInternalServerError, con, con.w) + return + } + cd.Notifications = []notification{} + for rows.Next() { + if err := rows.Err(); err != nil { + log.Printf("could not load notifications: %s", err) + con.Error = "could not load notification information" + returnError(http.StatusInternalServerError, con, con.w) + return + } + no := notification{} + if err := rows.Scan(&no.Id, &no.State, &no.Output, &no.Inserted, + &no.Sent, &no.NotifierName, &no.MappingId); err != nil { + log.Printf("could not scan notifications: %s", err) + con.Error = "could not load notification information" + returnError(http.StatusInternalServerError, con, con.w) + return + } + cd.Notifications = append(cd.Notifications, no) + } + + if err := con.loadMappings(); err != nil { + con.w.WriteHeader(http.StatusInternalServerError) + con.w.Write([]byte("problem with the mappings")) + log.Printf("could not load mappings: %s", err) + return + } + + con.w.Header()["Content-Type"] = []string{"text/html"} + con.Render("check") +} + +func showChecks(con *Context) { + query := `select c.id, c.name, n.id, n.name, co.name, ac.mapping_id, ac.states[1] as state, + ac.enabled, ac.notice, ac.next_time, ac.msg, + case when cn.check_id is null then false else true end as notify_enabled, + state_since + from active_checks ac + join checks c on ac.check_id = c.id + join nodes n on c.node_id = n.id + join commands co on c.command_id = co.id + left join ( select distinct check_id from checks_notify where enabled = true) cn on c.id = cn.check_id` + filter := newFilter() + con.Filter = filter + if id, found := con.r.URL.Query()["group_id"]; found { + query += ` join nodes_groups ng on n.id = ng.node_id` + filter.Add("ng.group_id", "=", id[0], "int") + } + filter.filterChecks(con) + if search, found := con.r.URL.Query()["search"]; found { + filter.AddSpecial( + `to_tsvector('english', regexp_replace(n.name, '[.-/]', ' ', 'g'))`, + `@@`, + `to_tsquery('english', regexp_replace($%d, '[.-/]', ' & ', 'g') || ':*')`, + search[0]) + } + if id, found := con.r.URL.Query()["node_id"]; found { + filter.Add("n.id", "=", id[0], "int") + } + if id, found := con.r.URL.Query()["check_id"]; found { + filter.Add("c.id", "=", id[0], "int") + } + where, params := filter.Join() + if len(where) > 0 { + query += " where " + where + } + query += ` order by n.name, c.name, co.name` + rows, err := DB.Query(query, params...) + if err != nil { + con.w.WriteHeader(http.StatusInternalServerError) + con.w.Write([]byte("problems with the database")) + log.Printf("could not get check list: %s", err) + return + } + defer rows.Close() + + checks := []check{} + for rows.Next() { + c := check{} + err := rows.Scan(&c.CheckID, &c.CheckName, &c.NodeId, &c.NodeName, &c.CommandName, &c.MappingId, + &c.State, &c.Enabled, &c.Notice, &c.NextTime, &c.Msg, &c.Notify, &c.StateSince) + if err != nil { + con.w.WriteHeader(http.StatusInternalServerError) + returnError(http.StatusInternalServerError, con, con.w) + log.Printf("could not get check list: %s", err) + return + } + checks = append(checks, c) + } + con.Checks = checks + if err := con.loadCommands(); err != nil { + con.Error = "could not load commands" + returnError(http.StatusInternalServerError, con, con.w) + log.Printf("could not get commands: %s", err) + return + } + if err := con.loadMappings(); err != nil { + con.Error = "could not load mapping data" + con.w.WriteHeader(http.StatusInternalServerError) + con.w.Write([]byte("problem with the mappings")) + log.Printf("could not load mappings: %s", err) + return + } + con.w.Header()["Content-Type"] = []string{"text/html"} + con.Render("checklist") + return +} diff --git a/cmd/monfront/filter.go b/cmd/monfront/filter.go new file mode 100644 index 0000000..bd82c91 --- /dev/null +++ b/cmd/monfront/filter.go @@ -0,0 +1,96 @@ +package main + +import ( + "fmt" + "strings" +) + +type ( + filter struct { + idx int + where []string + params []interface{} + Vals map[string]string + } +) + +func newFilter() *filter { + return &filter{ + idx: 0, + where: []string{}, + params: []interface{}{}, + Vals: map[string]string{}, + } +} + +func (f *filter) filterChecks(c *Context) { + args := c.r.URL.Query() + for name, val := range args { + if !strings.HasPrefix(name, "filter-") { + continue + } + arg := strings.TrimPrefix(name, "filter-") + switch arg { + case "command": + if val[0] == "" { + continue + } + f.Add("co.id", "=", val[0], "int") + f.Vals[arg] = val[0] + case "search": + if val[0] == "" { + continue + } + f.Add(`n.name`, `like`, strings.ReplaceAll(val[0], "*", "%"), "text") + f.Vals[arg] = val[0] + case "state": + if val[0] == "" { + continue + } + f.Add("states[1]", ">=", val[0], "int") + f.Vals[arg] = val[0] + case "ack": + if val[0] == "" { + continue + } + if val[0] != "true" && val[0] != "false" { + continue + } + f.Add("acknowledged", "=", val[0], "boolean") + f.Vals[arg] = val[0] + case "mapping": + if val[0] == "" { + continue + } + f.Add("ac.mapping_id", "=", val[0], "int") + f.Vals[arg] = val[0] + } + } +} + +// Add a new where clause element which will be joined at the end. +func (f *filter) Add(field, op string, arg interface{}, castTo string) { + f.idx += 1 + f.where = append(f.where, fmt.Sprintf("%s %s $%d::%s", field, op, f.idx, castTo)) + f.params = append(f.params, arg) +} + +// AddSpecial lets you add a special where clause comparison where you can +// wrap the argument in whatevery you like. +// +// Your string has to contain %d. This will place the index of the variable +// in the query string. +// +// Example: +// AddSpecial("foo", "=", "to_tsvector('english', $%d), search) +func (f *filter) AddSpecial(field, op, special string, arg interface{}) { + f.idx += 1 + f.where = append(f.where, fmt.Sprintf("%s %s "+special, field, op, f.idx)) + f.params = append(f.params, arg) +} + +// Join takes all where clauses and joins them together with the AND operator. +// The result and all collected parameters are then returned. +func (f *filter) Join() (string, []interface{}) { + return strings.Join(f.where, " and "), f.params +} diff --git a/cmd/monfront/groups.go b/cmd/monfront/groups.go new file mode 100644 index 0000000..0dfa40c --- /dev/null +++ b/cmd/monfront/groups.go @@ -0,0 +1,85 @@ +package main + +import ( + "fmt" + "log" + "net/http" + "strings" +) + +type ( + group struct { + GroupId int + Name string + NodeId int + NodeName string + State int + MappingId int + } +) + +func showGroups(con *Context) { + query := `select + group_id, + group_name, + node_id, + node_name, + mapping_id, + state +from ( + select + g.id group_id, + g.name group_name, + n.id node_id, + n.name node_name, + ac.states[1] state, + ac.mapping_id, + ac.acknowledged, + row_number() over (partition by c.node_id order by ac.states[1] desc) maxstate + from groups g + join nodes_groups ng on g.id = ng.group_id + join nodes n on ng.node_id = n.id + join checks c on n.id = c.node_id + join active_checks ac on c.id = ac.check_id + %s + order by g.name, n.name +) groups +where maxstate = 1` + if strings.HasPrefix(con.r.URL.Path, "/unhandled") { + query = fmt.Sprintf(query, `where ac.states[1] != 0 and acknowledged = false`) + con.Unhandled = true + } else { + query = fmt.Sprintf(query, "") + } + + rows, err := DB.Query(query) + if err != nil { + con.w.WriteHeader(http.StatusInternalServerError) + con.w.Write([]byte("problems with the database")) + log.Printf("could not get check list: %s", err) + return + } + + groups := []group{} + for rows.Next() { + g := group{} + err := rows.Scan(&g.GroupId, &g.Name, &g.NodeId, &g.NodeName, &g.MappingId, &g.State) + if err != nil { + con.w.WriteHeader(http.StatusInternalServerError) + con.w.Write([]byte("problems with the database")) + log.Printf("could not get check list: %s", err) + return + } + groups = append(groups, g) + } + con.Groups = groups + if err := con.loadMappings(); err != nil { + con.w.WriteHeader(http.StatusInternalServerError) + con.w.Write([]byte("problem with the mappings")) + log.Printf("could not load mappings: %s", err) + return + } + con.w.Header()["Content-Type"] = []string{"text/html"} + con.Render("grouplist") + return +} diff --git a/cmd/monfront/main.go b/cmd/monfront/main.go new file mode 100644 index 0000000..6275b34 --- /dev/null +++ b/cmd/monfront/main.go @@ -0,0 +1,426 @@ +package main + +import ( + "crypto/tls" + "database/sql" + "flag" + "fmt" + "html/template" + "io/ioutil" + "log" + "net" + "net/http" + "os" + "path" + "strconv" + "strings" + "time" + + "github.com/BurntSushi/toml" + "github.com/lib/pq" + "golang.org/x/crypto/ssh/terminal" +) + +var ( + configPath = flag.String("config", "monfront.conf", "path to the config file") + DB *sql.DB + Tmpl *template.Template +) + +type ( + Config struct { + DB string `toml:"db"` + Listen string `toml:"listen"` + TemplatePath string `toml:"template_path"` + SSL struct { + Enable bool `toml:"enable"` + Priv string `toml:"private_key"` + Cert string `toml:"certificate"` + } `toml:"ssl"` + Authentication struct { + Mode string `toml:"mode"` + Token string `toml:"session_token"` + AllowAnonymous bool `toml:"allow_anonymous"` + Header string `toml:"header"` + List [][]string `toml:"list"` + ClientCA string `toml:"cert"` + } `toml:"authentication"` + Authorization struct { + Mode string `toml:"mode"` + List []string `toml:"list"` + } + } + + MapEntry struct { + Name string + Title string + Color string + } +) + +func main() { + flag.Parse() + + if len(flag.Args()) > 0 { + switch flag.Arg(0) { + case "pwgen": + fmt.Printf("enter password: ") + pw, err := terminal.ReadPassword(0) + fmt.Println() + if err != nil { + log.Fatalf("could not read password: %s", err) + } + hash, err := newHash(string(pw)) + if err != nil { + log.Fatalf("could not generate password hash: %s", err) + } + fmt.Printf("generated password hash: %s\n", hash) + os.Exit(0) + default: + log.Fatalf("unknown command '%s'", flag.Arg(0)) + } + } + + if info, err := os.Stat(*configPath); err != nil { + log.Fatalf("could not find config '%s': %s", *configPath, err) + } else if info.Mode() != 0600 && info.Mode() != 0400 { + log.Fatalf("config '%s' is world readable!", *configPath) + } + + raw, err := ioutil.ReadFile(*configPath) + if err != nil { + log.Fatalf("could not read config: %s", err) + } + config := Config{ + Listen: "127.0.0.1:8080", + TemplatePath: "templates", + } + if err := toml.Unmarshal(raw, &config); err != nil { + log.Fatalf("could not parse config: %s", err) + } + + db, err := sql.Open("postgres", config.DB) + if err != nil { + log.Fatalf("could not open database connection: %s", err) + } + DB = db + + authenticator := Authenticator{ + db: db, + Mode: config.Authentication.Mode, + Token: []byte(config.Authentication.Token), + AllowAnonymous: config.Authentication.AllowAnonymous, + Header: config.Authentication.Header, + List: config.Authentication.List, + ClientCA: config.Authentication.ClientCA, + } + auth, err := authenticator.Handler() + if err != nil { + log.Fatalf("could not start authenticator") + } + authorizer := Authorizer{ + db: db, + Mode: config.Authorization.Mode, + List: config.Authorization.List, + } + autho, err := authorizer.Handler() + if err != nil { + log.Fatalf("could not start authorizer") + } + + tmpl := template.New("main") + tmpl.Funcs(Funcs) + files, err := ioutil.ReadDir(config.TemplatePath) + if err != nil { + log.Fatalf("could not read directory '%s': %s", config.TemplatePath, err) + } + for _, file := range files { + if !file.Mode().IsRegular() { + continue + } + if !strings.HasSuffix(file.Name(), ".html") { + continue + } + raw, err := ioutil.ReadFile(path.Join(config.TemplatePath, file.Name())) + if err != nil { + log.Fatalf("could not read file '%s': %s", path.Join(config.TemplatePath, file.Name()), err) + } + template.Must(tmpl.New(strings.TrimSuffix(file.Name(), ".html")).Parse(string(raw))) + } + Tmpl = tmpl + + if config.Listen == "" { + config.Listen = "127.0.0.1:8080" + } + l, err := net.Listen("tcp", config.Listen) + if err != nil { + log.Fatalf("could not create listener: %s", err) + } + if config.SSL.Enable { + cert, err := tls.LoadX509KeyPair(config.SSL.Cert, config.SSL.Priv) + if err != nil { + log.Fatalf("could not load certificate: %s", err) + } + tlsConf := &tls.Config{ + Certificates: []tls.Certificate{cert}, + NextProtos: []string{"h2", "1.1"}, + } + l = tls.NewListener(l, tlsConf) + } + + s := newServer(l, db, tmpl, auth, autho) + s.Handle("/", showChecks) + s.Handle("/check", showCheck) + s.Handle("/checks", showChecks) + s.Handle("/groups", showGroups) + s.Handle("/action", checkAction) + s.HandleStatic("/static/", showStatic) + log.Fatalf("http server stopped: %s", s.ListenAndServe()) +} + +func checkAction(con *Context) { + if con.r.Method != "POST" { + con.w.WriteHeader(http.StatusMethodNotAllowed) + con.w.Write([]byte("method is not supported")) + return + } + if !con.CanEdit { + con.w.WriteHeader(http.StatusForbidden) + con.w.Write([]byte("no permission to change data")) + return + } + if err := con.r.ParseForm(); err != nil { + con.w.WriteHeader(http.StatusBadRequest) + fmt.Fprintf(con.w, "could not parse parameters: %s", err) + return + } + ref, found := con.r.Header["Referer"] + if found { + con.w.Header()["Location"] = ref + } else { + con.w.Header()["Location"] = []string{"/"} + } + checks := con.r.PostForm["checks"] + action := con.r.PostForm.Get("action") + if action == "" || len(checks) == 0 { + con.w.WriteHeader(http.StatusSeeOther) + return + } + setTable := "checks" + setClause := "" + + comment := con.r.PostForm.Get("comment") + run_in := con.r.PostForm.Get("run_in") + if action == "comment" && comment == "" && run_in != "" { + action = "reschedule" + } + + switch action { + case "mute": + setTable = "checks_notify" + setClause = "enabled = false" + case "unmute": + setTable = "checks_notify" + setClause = "enabled = true" + case "enable": + setClause = "enabled = true, updated = now()" + case "disable": + setClause = "enabled = false, updated = now()" + case "delete_check": + if _, err := DB.Exec(`delete from checks where id = any ($1::bigint[])`, pq.Array(checks)); err != nil { + log.Printf("could not delete checks '%s': %s", checks, err) + con.Error = "could not delete checks" + returnError(http.StatusInternalServerError, con, con.w) + return + } + con.w.WriteHeader(http.StatusSeeOther) + return + case "create_check": + + case "reschedule": + setClause = "next_time = now()" + if run_in != "" { + runNum, err := strconv.Atoi(run_in) + if err != nil { + con.Error = "run_in is not a valid number" + returnError(http.StatusBadRequest, con, con.w) + return + } + setClause = fmt.Sprintf("next_time = now() + '%dmin'::interval", runNum) + } + setTable = "active_checks" + case "deack": + setClause = "acknowledged = false" + setTable = "active_checks" + case "ack": + setClause = "acknowledged = true" + setTable = "active_checks" + + hostname, err := os.Hostname() + if err != nil { + log.Printf("could not resolve hostname: %s", err) + con.Error = "could not resolve hostname" + returnError(http.StatusInternalServerError, con, con.w) + return + } + if _, err := DB.Exec(`insert into notifications(check_id, states, output, mapping_id, notifier_id, check_host) + select ac.check_id, 0 || states[1:4], 'check acknowledged', ac.mapping_id, + cn.notifier_id, $2 + from checks_notify cn + join active_checks ac on cn.check_id = ac.check_id + where cn.check_id = any ($1::bigint[])`, pq.Array(&checks), &hostname); err != nil { + log.Printf("could not acknowledge check: %s", err) + con.Error = "could not acknowledge check" + returnError(http.StatusInternalServerError, con, con.w) + return + } + case "comment": + if comment == "" { + con.w.WriteHeader(http.StatusSeeOther) + return + } + _, err := DB.Exec( + "update active_checks set notice = $2 where check_id = any ($1::bigint[]);", + pq.Array(&checks), + comment) + if err != nil { + con.w.WriteHeader(http.StatusInternalServerError) + fmt.Fprintf(con.w, "could not store changes") + log.Printf("could not adjust checks %#v: %s", checks, err) + return + } + con.w.WriteHeader(http.StatusSeeOther) + return + case "uncomment": + _, err := DB.Exec(`update active_checks set notice = null where check_id = any($1::bigint[]);`, + pq.Array(&checks)) + if err != nil { + con.Error = "could not uncomment checks" + returnError(http.StatusInternalServerError, con, con.w) + log.Printf("could not uncomment checks: %s", err) + return + } + con.w.WriteHeader(http.StatusSeeOther) + return + default: + con.Error = fmt.Sprintf("requested action '%s' does not exist", action[0]) + returnError(http.StatusNotFound, con, con.w) + return + } + whereColumn := "id" + if setTable == "active_checks" || setTable == "checks_notify" { + whereColumn = "check_id" + } + + _, err := DB.Exec("update "+setTable+" set "+setClause+" where "+whereColumn+" = any ($1::bigint[]);", pq.Array(&checks)) + if err != nil { + con.w.WriteHeader(http.StatusInternalServerError) + fmt.Fprintf(con.w, "could not store changes") + log.Printf("could not adjust checks %#v: %s", checks, err) + return + } + con.w.WriteHeader(http.StatusSeeOther) + return +} + +func returnError(status int, con interface{}, w http.ResponseWriter) { + w.Header()["Content-Type"] = []string{"text/html"} + w.WriteHeader(status) + if err := Tmpl.ExecuteTemplate(w, "error", con); err != nil { + w.WriteHeader(http.StatusInternalServerError) + w.Write([]byte("problem with a template")) + log.Printf("could not execute template: %s", err) + } +} + +func (c *Context) loadCommands() error { + c.Commands = map[string]int{} + rows, err := DB.Query(`select id, name from commands order by name`) + if err != nil { + return err + } + for rows.Next() { + if rows.Err() != nil { + return rows.Err() + } + var ( + id int + name string + ) + if err := rows.Scan(&id, &name); err != nil { + return err + } + c.Commands[name] = id + } + return nil +} + +func (c *Context) loadMappings() error { + c.Mappings = map[int]map[int]MapEntry{} + rows, err := DB.Query(SQLShowMappings) + if err != nil { + return err + } + + for rows.Next() { + if rows.Err() != nil { + return rows.Err() + } + var ( + mapId int + name string + target int + title string + color string + ) + if err := rows.Scan(&mapId, &name, &target, &title, &color); err != nil { + return err + } + ma, found := c.Mappings[mapId] + if !found { + ma = map[int]MapEntry{} + c.Mappings[mapId] = ma + } + ma[target] = MapEntry{Title: title, Color: color, Name: name} + } + return nil +} + +func showStatic(w http.ResponseWriter, r *http.Request) { + file := strings.TrimPrefix(r.URL.Path, "/static/") + raw, found := Static[file] + if !found { + w.WriteHeader(http.StatusNotFound) + w.Write([]byte("file does not exist")) + return + } + w.Header()["Content-Type"] = []string{"image/svg+xml"} + w.WriteHeader(http.StatusOK) + w.Write([]byte(raw)) + return +} + +var ( + SQLShowMappings = `select mapping_id, name, target, title, color + from mappings m join mapping_level ml on m.id = ml.mapping_id` +) + +var ( + Templates = map[string]string{} + Static = map[string]string{ + "icon-mute": `<?xml version="1.0" encoding="UTF-8"?><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 35.3 35.3" version="1.1"><title>Check is muted</title><style>.s0{fill:#191919;}</style><g transform="translate(0,-261.72223)"><path d="m17.6 261.7v35.3L5.3 284.7H0v-10.6l5.3 0zM30.2 273.1l-3.7 3.7-3.7-3.7-2.5 2.5 3.7 3.7-3.7 3.7 2.5 2.5 3.7-3.7 3.7 3.7 2.5-2.5-3.7-3.7 3.7-3.7z" fill="#191919"/></g></svg>`, + "icon-notice": `<?xml version="1.0" encoding="UTF-8"?><svg xmlns="http://www.w3.org/2000/svg" width="36" height="36"><path d="M2.572.19h30.857c1.319 0 2.38 1.356 2.38 3.041v19.98c0 1.685-1.061 3.04-2.38 3.04H15.941L4 35.81v-9.56H2.572C1.252 26.252.19 24.897.19 23.212V3.232C.19 1.545 1.252.19 2.57.19z" stroke="#000" stroke-width=".38" stroke-linejoin="round"/></svg>`, + "error": `{{ template "header" . }}{{ template "footer" . }}`, + } + TmplUnhandledGroups = `TODO` + Funcs = template.FuncMap{ + "int": func(in int64) int { return int(in) }, + "sub": func(base, amount int) int { return base - amount }, + "in": func(t time.Time) time.Duration { return t.Sub(time.Now()).Round(1 * time.Second) }, + "since": func(t time.Time) time.Duration { return time.Now().Sub(t).Round(1 * time.Second) }, + "now": func() time.Time { return time.Now() }, + "join": func(args []string, c string) string { return strings.Join(args, c) }, + "mapString": func(mapId, target int) string { return fmt.Sprintf("%d-%d", mapId, target) }, + "itoa": func(i int) string { return strconv.Itoa(i) }, + } +) diff --git a/cmd/monfront/pw.go b/cmd/monfront/pw.go new file mode 100644 index 0000000..d06e9f2 --- /dev/null +++ b/cmd/monfront/pw.go @@ -0,0 +1,99 @@ +package main + +import ( + "bytes" + "crypto/rand" + "encoding/base64" + "fmt" + "strings" + + "golang.org/x/crypto/scrypt" +) + +type ( + pwHash struct { + salt []byte + hash []byte + } +) + +// Create a new password hash. +func newHash(pw string) (*pwHash, error) { + hash := pwHash{} + if err := hash.genSalt(); err != nil { + return nil, err + } + h, err := hash.Hash(pw) + if err != nil { + return nil, err + } + hash.hash = h + return &hash, nil +} + +// generate a hash for the given salt and password +func (p *pwHash) Hash(pw string) ([]byte, error) { + if len(p.salt) == 0 { + return []byte{}, fmt.Errorf("salt not initialized") + } + // constants taken from https://godoc.org/golang.org/x/crypto/scrypt + hash, err := scrypt.Key([]byte(pw), p.salt, 32768, 8, 1, 32) + if err != nil { + return []byte{}, fmt.Errorf("could not compute hash: %s", err) + } + return hash, nil +} + +// genSalt generates 8 bytes of salt. +func (p *pwHash) genSalt() error { + salt := make([]byte, 8) + _, err := rand.Read(salt) + p.salt = salt + return err +} + +// compare a hash to a password and return true, when it matches. +func (p *pwHash) compare(pw string) (bool, error) { + hash, err := p.Hash(pw) + if err != nil { + return false, fmt.Errorf("could not check password") + } + if bytes.Compare(p.hash, hash) == 0 { + return true, nil + } + return false, nil +} + +// Encode a hash and salt to a string. +func (p *pwHash) String() string { + return fmt.Sprintf( + "1$%s$%s", + base64.StdEncoding.EncodeToString(p.salt), + base64.StdEncoding.EncodeToString(p.hash), + ) +} + +// Parse a hash from a file or anywhere. +func (p *pwHash) Parse(raw string) error { + if len(raw) == 0 { + return fmt.Errorf("no hash found") + } + parts := strings.Split(raw, "$") + if len(parts) != 3 { + return fmt.Errorf("format error") + } + if parts[0] != "1" { + return fmt.Errorf("unknown hash version") + } + salt, err := base64.StdEncoding.DecodeString(parts[1]) + if err != nil { + return fmt.Errorf("could not parse salt: %s", err) + } + hash, err := base64.StdEncoding.DecodeString(parts[2]) + if err != nil { + return fmt.Errorf("could not parse salt: %s", err) + } + p.salt = salt + p.hash = hash + return nil +} diff --git a/cmd/monfront/server.go b/cmd/monfront/server.go new file mode 100644 index 0000000..2ada1d0 --- /dev/null +++ b/cmd/monfront/server.go @@ -0,0 +1,153 @@ +package main + +import ( + "compress/gzip" + "database/sql" + "encoding/json" + "fmt" + "html/template" + "io" + "log" + "net" + "net/http" + "strings" + "time" +) + +type ( + server struct { + listen net.Listener + db *sql.DB + h *http.ServeMux + tmpl *template.Template + auth func(c *Context) error // authentication + autho func(c *Context) error // authorization + } + + handleFunc func(c *Context) + + Context struct { + // internal maintenance stuff + w http.ResponseWriter + r *http.Request + tmpl *template.Template + db *sql.DB + + User string `json:"-"` + Filter *filter `json:"-"` + CanEdit bool `json:"-"` // has user permission to edit stuff? + + Title string `json:"title,omitempty"` + CurrentPath string `json:"-"` + Error string `json:"error,omitempty"` + Mappings map[int]map[int]MapEntry `json:"mappings,omitempty"` + Commands map[string]int `json:"commands,omitempty"` + Checks []check `json:"checks,omitempty"` + CheckDetails *checkDetails `json:"check_details,omitempty"` + Groups []group `json:"groups,omitempty"` + Unhandled bool `json:"-"` // set this flag when unhandled was called + } +) + +func newServer(l net.Listener, db *sql.DB, tmpl *template.Template, auth func(c *Context) error, autho func(c *Context) error) *server { + s := &server{ + listen: l, + db: db, + tmpl: tmpl, + h: http.NewServeMux(), + auth: auth, + autho: autho, + } + return s +} + +func (s *server) ListenAndServe() error { + server := http.Server{Handler: s.h} + return server.Serve(s.listen) +} + +func (s *server) Handle(path string, fun handleFunc) { + s.h.HandleFunc(path, func(w http.ResponseWriter, r *http.Request) { + c := &Context{ + w: w, + r: r, + tmpl: s.tmpl, + db: s.db, + } + if err := s.auth(c); err != nil { + return + } + if err := s.autho(c); err != nil { + return + } + fun(c) + return + }) +} + +func (s *server) HandleStatic(path string, h func(w http.ResponseWriter, r *http.Request)) { + s.h.HandleFunc(path, h) +} + +// Render calls the template with the given name to +// render the appropiate content. +// In case of an error, a error message is automatically pushed +// to the client. +func (c *Context) Render(t string) error { + var w io.Writer = c.w + if strings.Contains(c.r.Header.Get("Accept-Encoding"), "gzip") { + gz, err := gzip.NewWriterLevel(w, 5) + if err != nil { + log.Printf("could not create gzip writer: %s", err) + return fmt.Errorf("could not create gzip writer: %s", err) + } + defer gz.Close() + w = gz + c.w.Header().Set("Content-Encoding", "gzip") + } + + if c.r.Header.Get("Accept") == "application/json" { + c.w.Header().Set("Content-Type", "application/json") + enc := json.NewEncoder(w) + enc.SetIndent("", "") // disable indentation to save traffic + if err := enc.Encode(c); err != nil { + c.w.WriteHeader(http.StatusInternalServerError) + c.w.Write([]byte("could not write json output")) + log.Printf("could not write json output: %s", err) + return err + } + return nil + } + + if err := c.tmpl.ExecuteTemplate(w, t, c); err != nil { + c.w.WriteHeader(http.StatusInternalServerError) + c.w.Write([]byte("problem with a template")) + log.Printf("could not execute template: %s", err) + return err + } + return nil +} + +// Get a cookie value. +func (c *Context) GetCookieVal(name string) string { + cook, err := c.r.Cookie(name) + if err == http.ErrNoCookie { + return "" + } + return cook.Value +} + +// Set a new key value cookie with a deadline. +func (c *Context) SetCookie(name, val string, expire time.Time) { + cook := http.Cookie{ + Name: name, + Value: val, + Expires: expire, + Secure: true, + SameSite: http.SameSiteStrictMode, + HttpOnly: true, + Path: "/", + } + http.SetCookie(c.w, &cook) + return +} diff --git a/cmd/monfront/templates/check.html b/cmd/monfront/templates/check.html new file mode 100644 index 0000000..e30f62a --- /dev/null +++ b/cmd/monfront/templates/check.html @@ -0,0 +1,51 @@ + {{ template "header" . }} + <section id="content"> + {{ template "checkformheader" . }} + {{ $mapping := .Mappings }} + {{ with .CheckDetails }} + <input type="hidden" name="checks" value="{{ .Id }}" /> + <article class="detail"> + <h1>check for service {{ .Name }}</h1> + <div><span class="label">current state</span><span class="value state-{{ index .States 0 }}"></span></div> + <div><span class="label">current notice</span><span class="value">{{ if .Notice }}{{ .Notice.String }}{{ end }}</span></div> + <div><span class="label">Message</span><span class="value">{{ .Message }}</span></div> + <div><span class="label">enabled</span><span class="value">{{ .Enabled }}</span></div> + <div><span class="label">updated</span><span class="value">{{ .Updated.Format "2006.01.02 15:04:05" }}</span></div> + <div><span class="label">next check</span><span class="value">{{ .NextTime.Format "2006.01.02 15:04:05" }}</span></div> + <div><span class="label">last refresh</span><span class="value">{{ .LastRefresh.Format "2006.01.02 15:04:05" }}</span></div> + <div><span class="label">mapping</span><span class="value">{{ .MappingId }}</span></div> + </article> + <article class="detail"> + <h1>node <a href="/checks?node_id={{ .NodeId }}">{{ .NodeName }}</a></h1> + <div><span class="label">Message</span><span class="value">{{ .NodeMessage }}</span></div> + </article> + <article class="detail"> + <h1>command {{ .CommandName }}</h1> + <div><span class="label">Message</span><span class="value">{{ .CommandMessage }}</span></div> + <div><span class="label">command line</span><span class="value"><code>{{ join .CommandLine " " }}</code></span></div> + </article> + <article class="detail"> + <h1>checker {{ .CheckerName }}</h1> + <div><span class="label">Description</span><span class="value">{{ .CheckerMsg }}</span></div> + </article> + <article> + <h1>notifications</h1> + <table> + <thead><tr><th>notifier</th><th>state</th><th>created</th><th>sent</th><th>output</th></thead> + <tbody> + {{ range .Notifications -}} + <tr> + <td>{{ .NotifierName }}</td> + <td class="state-{{ .MappingId }}-{{ .State }}">{{ (index $mapping .MappingId .State).Title }}</td> + <td>{{ .Inserted.Format "2006.01.02 15:04:05" }}</td> + <td>{{ if .Sent.Valid }}{{ .Sent.Time.Format "2006.01.02 15:04:05" }}{{ end }}</td> + <td>{{ .Output }}</td> + </tr> + {{ end -}} + </tbody> + </table> + </article> + {{ end }} + {{ template "checkformfooter" . }} + </section> + {{ template "footer" . }} diff --git a/cmd/monfront/templates/checkfilter.html b/cmd/monfront/templates/checkfilter.html new file mode 100644 index 0000000..f86ce3c --- /dev/null +++ b/cmd/monfront/templates/checkfilter.html @@ -0,0 +1,49 @@ + <form action="/checks" method="get"> + <aside id="edit"> + <div class="option"> + <select id="filter-state" name="filter-state" class="states"> + <option value="">filter state</option> + {{ $FilterValsState := "" }} + {{ if .Filter.Vals.state }}{{$FilterValsState = .Filter.Vals.state }}{{ end }} + <option value="0" {{ if eq (itoa 0) $FilterValsState }}selected{{ end }}>>= OK</option> + <option value="1" {{ if eq (itoa 1) $FilterValsState }}selected{{ end }}>>= Warning</option> + <option value="2" {{ if eq (itoa 2) $FilterValsState }}selected{{ end }}>>= Error</option> + <option value="3" {{ if eq (itoa 3) $FilterValsState }}selected{{ end }}>>= Unknown</option> + </select> + </div> + <div class="option"> + <select id="filter-ack" name="filter-ack"> + <option value="">filter acknowledged</option> + <option value="false" {{ if eq "false" (index .Filter.Vals "ack") }}selected{{ end }}>unacknowledged</option> + <option value="true" {{ if eq "true" (index .Filter.Vals "ack") }}selected{{ end }}>acknowledged</option> + </select> + </div> + <div class="option"> + <select id="filter-mapping" name="filter-mapping"> + <option value="">filter mapping</option> + {{ $FilterValsMapping := "" }} + {{ if .Filter.Vals.mapping }}{{ $FilterValsMapping = .Filter.Vals.mapping }}{{ end }} + {{ range $mapId, $mapping := .Mappings -}} + <option value="{{ $mapId }}" {{ if eq (itoa $mapId) $FilterValsMapping }}selected{{ end }}>{{ (index $mapping 0).Name }}</option> + {{ end }} + </select> + </div> + <div class="option"> + <select id="filter-command" name="filter-command"> + <option value="">filter command</option> + {{ $FilterValsCommands := "" }} + {{ if .Filter.Vals.command }}{{ $FilterValsCommands = .Filter.Vals.command }}{{ end }} + {{ range $command, $comId := .Commands -}} + <option value="{{ $comId }}" {{ if eq (itoa $comId) $FilterValsCommands }}selected{{ end }}>{{ $command }}</option> + {{ end }} + </select> + </div> + <div class="option"> + <input name="filter-search" placeholder="hostname" value="{{ .Filter.Vals.search }}" /> + </div> + <div class="option"> + <button name="filter" value="1">filter</button> + <button name="reset" value="1">reset</button> + </div> + </aside> + </form> diff --git a/cmd/monfront/templates/checkformfooter.html b/cmd/monfront/templates/checkformfooter.html new file mode 100644 index 0000000..5582354 --- /dev/null +++ b/cmd/monfront/templates/checkformfooter.html @@ -0,0 +1 @@ +</form> diff --git a/cmd/monfront/templates/checkformheader.html b/cmd/monfront/templates/checkformheader.html new file mode 100644 index 0000000..7662670 --- /dev/null +++ b/cmd/monfront/templates/checkformheader.html @@ -0,0 +1,43 @@ + {{ if .CanEdit }} + <form action="/action" method="post"> + <aside id="edit"> + <button class="default_button" name="action" value="comment"></button> + <div class="option input"> + <input type="number" name="run_in" placeholder="run in" title="define the number of minutes after which the check should be run again" /> + <button name="action" value="reschedule">run now</button> + </div> + <div class="option"> + <button name="action" value="deack">deack</button> + <button name="action" value="ack">ack</button> + </div> + <div class="option"> + <button name="action" value="enable">enable</button> + <button name="action" value="disable">disable</button> + </div> + <div class="option"> + <button name="action" value="mute">mute</button> + <button name="action" value="unmute">unmute</button> + </div> + <div class="option input"> + <input size="" name="comment" placeholder="enter comment ..." /> + </div> + <div class="option"> + <button name="action" value="comment">comment</button> + <button name="action" value="uncomment">uncomment</button> + </div> + <div class="option"> + <button type="button" name="create_check">create</button> + <button name="action" value="delete_check">delete</button> + </div> + </aside> + <aside id="create_check" class="hidden"> + <div class="option"> + <label for="host">host</label> + <input name="host" placeholder="hostname" /> + </div> + <div class="option"> + <label for="command">command</label> + <input name="command" placeholder="command" /> + </div> + </aside> + {{ end }} diff --git a/cmd/monfront/templates/checklist.html b/cmd/monfront/templates/checklist.html new file mode 100644 index 0000000..17830ef --- /dev/null +++ b/cmd/monfront/templates/checklist.html @@ -0,0 +1,29 @@ + {{ template "header" . }} + <section id="content"> + {{ template "checkfilter" . }} + {{ template "checkformheader" . }} + <table> + <thead><tr><th><input type="checkbox" title="select all" /></th><th>host</th><th>service</th><th>status</th><th title="shows how long the check is already in that state">for</th><th>next check in</th><th>message</th></tr></thead> + <tbody> + {{ $current := "" }} + {{ $mapping := .Mappings }} + {{ range .Checks }} + <tr> + <td><input type="checkbox" name="checks" value="{{ .CheckID }}" /></td> + <td>{{ if ne $current .NodeName }}{{ $current = .NodeName }}<a href="/checks?node_id={{ .NodeId }}">{{ .NodeName }}</a>{{ end }}</td> + <td>{{ .CheckName }}</td> + <td class="state-{{ .State }}"> + {{- if ne .Notify true }}<span class="icon mute"></span>{{ end -}} + {{- if .Notice.Valid }}<span class="icon notice" title="{{ .Notice.String }}"></span>{{ end -}} + <a href="/check?check_id={{ .CheckID }}">{{ .CommandName }}</a> + </td> + <td>{{ since .StateSince }}</td> + <td>{{ in .NextTime }}</td> + <td><code>{{ .Msg }}</code></td> + </tr> + {{ end }} + </tbody> + </table> + {{ template "checkformfooter" . }} + </section> + {{ template "footer" . }} diff --git a/cmd/monfront/templates/error.html b/cmd/monfront/templates/error.html new file mode 100644 index 0000000..efffc4c --- /dev/null +++ b/cmd/monfront/templates/error.html @@ -0,0 +1 @@ +{{ .Error }} diff --git a/cmd/monfront/templates/footer.html b/cmd/monfront/templates/footer.html new file mode 100644 index 0000000..124b585 --- /dev/null +++ b/cmd/monfront/templates/footer.html @@ -0,0 +1,76 @@ + <script type="text/javascript"> + function row_head_click_event(event) { + check = false; + current = event.target; + while (current != null) { + if (current.nodeName == 'TABLE') { + break; + } + if (current.nodeName == 'TR') { + check = !current.children[0].children[0].checked; + current.children[0].children[0].checked = check; + } + current = current.parentNode; + } + lines = current.children[1].children + for (i = 0; i < lines.length; i++) { + select_row(event, lines[i], lines[i].children[0].children[0], check); + } + } + function row_click_event(event) { + if (event.target.nodeName == 'INPUT') { + return; + } + current = event.target; + while (current = current.parentNode) { + if (current.nodeName == 'BODY') { + break; + } + if (current.nodeName != 'TR') { + continue; + } + e = current.children[0].children[0]; + check = !e.checked; + select_row(event, current, e, check); + break; + } + } + function select_row(event, row, input, check) { + if (input != event.target) { + input.checked = check; + } + if (input.checked) { + row.classList.add("selected"); + } else { + row.classList.remove("selected"); + } + input.focus(); + } + + for (selector of ['thead > tr', 'thead input']) { + els = document.querySelectorAll(selector); + for (i = 0; i < els.length; i++) { + els[i].addEventListener('click', {handleEvent: row_head_click_event}); + } + } + for (selector of ['tbody > tr', 'tbody input']) { + els = document.querySelectorAll(selector); + for (i = 0; i < els.length; i++) { + els[i].addEventListener('click', {handleEvent: row_click_event}); + } + } + butt = document.querySelectorAll('button[type=button][name=create_check]'); + for (i = 0; i < butt.length; i++) { + butt[i].addEventListener('click', {handleEvent: function(event){ + cur = document.querySelector('#create_check').style.display; + console.log("meh: " + cur); + if (cur == 'block') { + document.querySelector('#create_check').style.display = 'none'; + } else { + document.querySelector('#create_check').style.display = 'block'; + } + }}); + } + </script> + </body> +</html> diff --git a/cmd/monfront/templates/grouplist.html b/cmd/monfront/templates/grouplist.html new file mode 100644 index 0000000..fa0554c --- /dev/null +++ b/cmd/monfront/templates/grouplist.html @@ -0,0 +1,21 @@ + {{ template "header" . }} + {{ template "checkformheader" . }} + <content> + <table> + <thead><tr><th></th><th>group</th><th>host</th><th>worst state</th></tr></thead> + <tbody> + {{ $current := "" }} + {{ $mapping := .Mappings }} + {{ range .Groups }} + <tr> + <td><input type="checkbox" name="nodes" value="{{ .NodeId }}" /></td> + <td>{{ if ne $current .Name }}{{ $current = .Name }}<a href="{{ if $.Unhandled }}/unhandled{{ end }}/checks?group_id={{ .GroupId }}">{{ .Name }}</a>{{ end }}</td> + <td><a href="/checks?node_id={{ .NodeId }}">{{ .NodeName }}</a></td> + <td class="state-{{ .MappingId }}-{{ .State }}">{{ (index $mapping .MappingId .State).Title }}</td> + </tr> + {{ end }} + </tbody> + </table> + </content> + {{ template "checkformfooter" . }} + {{ template "footer" . }} diff --git a/cmd/monfront/templates/header.html b/cmd/monfront/templates/header.html new file mode 100644 index 0000000..1f9040d --- /dev/null +++ b/cmd/monfront/templates/header.html @@ -0,0 +1,101 @@ +<!doctype html> +<html> + <head> + <title>{{ .Title }}</title> + <meta name="referrer" content="same-origin"> + <link rel="shortcut icon" href="/static/favicon" /> + <style type="text/css"> + :root { + --main-bg-color: #3a4149; + --dark-bg-color: #2f353a; + --light-bg-color: #626971; + --main-fg-color: #eeeeee; + + --bg-okay: hsla(125, 50%, 40%, 1); + --bg-warn: hsla(40, 100%, 50%, 1); + --bg-crit: hsla(0, 75%, 50%, 1); + --bg-unkn: gray; + } + * { font-size: 100%; } + body { background: var(--dark-bg-color); padding: 0; margin: 0; color: var(--main-fg-color); } + section#content { padding: 1em; background: var(--main-bg-color); border: 1px solid black; margin: 0.5em; } + #mainmenu, aside { background: var(--main-bg-color); border-bottom: 1px solid black; } + #mainmenu ul, aside { + display: flex; + flex-direction: row; + align-items: center; + margin: 0; + padding: 0; + align-content: center; } + aside { padding: 0.5em; border: 1px solid black; border-bottom: none; } + #mainmenu li { list-style-type: none; } + #mainmenu a, #mainmenu a:visited, #mainmenu a:active, #mainmenu a:hover, #mainmenu span { + text-decoration: none; + color: #e4e7ea; + padding: 0.5em 0.75em; + display: block; } + aside .option { display: grid; grid-template-columns: auto auto; margin: 0em 0.25em; } + input[type="number"] { width: 4em; } + button, select { background: var(--dark-bg-color); color: var(--main-fg-color); border: 1px solid black; padding: 0.25em 0.5em; } + a { color: var(--main-fg-color); } + form article { border: 1px solid black; border-bottom: none; padding: 0.5em; } + table { border-collapse: collapse; border-spacing: 0; width: 100%; } + table tr:nth-child(odd) { background: rgba(0, 0, 0, 0.15); } + table tr:nth-child(even) { background: var(--main-bg-color); } + table tr.selected:nth-child(odd) { background: var(--light-bg-color); } + table tr.selected:nth-child(even) { background: rgba(255, 255, 255, 0.45); } + table tr:hover, table tr:hover a { background: #dfdfdf; color: black; } + table th { background: var(--main-bg-color); color: var(--main-fg-color); font-weigth: 700; } + table td, table th { text-align: center; border: 1px solid black; padding: 0.35em 0.15em; } + table code { font-size: 75%; } + table td.disabled { text-decoration: line-through; } + .icon { + display: inline-block; + height: 1em; + margin: 0; + width: 1em; + vertical-align: bottom; + margin-right: 0.5em; + background-size: contain; + } + .hidden { display: none; } + .default_button { margin: 0; padding: 0; border: 0; height: 0; width: 0; } + .mute { background-image: url(/static/icon-mute); } + .notice { background-image: url(/static/icon-notice); } + .detail > div { display: grid; grid-template-columns: 25% auto; } + .detail > div:hover { background: #dfdfdf; color: black; } + .error { padding: 0.5em; background: #ffc6c6; border: 1px solid red; } + select.states option[value="0"], .state-0 { background-color: var(--bg-okay); } + select.states option[value="1"], .state-1 { background-color: var(--bg-warn); } + select.states option[value="2"], .state-2 { background-color: var(--bg-crit); } + select.states option[value="3"], .state-3 { background-color: var(--bg-unkn); } + .state-0:after { content: 'okay' } + .state-1:after { content: 'warning' } + .state-2:after { content: 'critical' } + .state-3:after { content: 'unknown' } + /* state background colors */ + {{ range $mapId, $mapping := .Mappings -}} + {{ range $target, $val := $mapping -}} + .state-{{ $mapId }}-{{ $target }} { background: {{ $val.Color }}; color: black; } + {{ end -}} + {{ end -}} + </style> + <script> + setTimeout(function() { if (document.activeElement.tagName == "BODY") { location.reload(true) } }, 30000) + </script> + </head> + <body> + <nav id="mainmenu"> + <ul> + <li><span>{{ now.Format "2006.01.02" }}</span></li> + <li><span>{{ now.Format "15:04:05" }}</span></li> + <li><a href="/">home</a></li> + <li><a href="/checks?filter-state=1&filter-ack=false">checks</a></li> + <li><a href="/groups">groups</a></li> + <li class="submenu"> + <form action="/checks" method="get"> + </form> + </li> + </ul> + </nav> + {{ if .Error }}<div class="error">{{ .Error }}</div>{{ end }} |