Compare commits

...

4 commits

Author SHA1 Message Date
Patrick Wagstrom
c69899f518
Merge f65453e50c into 8a432ac937 2024-11-12 18:00:25 +00:00
Ionys
8a432ac937
fix(status page): Make sure the group deletion is correctly handled when groupIDList is empty (#5340)
Some checks failed
Auto Test / check-linters (push) Has been cancelled
Auto Test / armv7-simple-test (18, ARMv7) (push) Has been cancelled
Auto Test / armv7-simple-test (20, ARMv7) (push) Has been cancelled
Auto Test / e2e-test (push) Has been cancelled
CodeQL / Analyze (push) Has been cancelled
Merge Conflict Labeler / Labeling (push) Has been cancelled
validate / json-yaml-validate (push) Has been cancelled
validate / validate (push) Has been cancelled
Auto Test / auto-test (18, ARM64) (push) Has been cancelled
Auto Test / auto-test (18, macos-latest) (push) Has been cancelled
Auto Test / auto-test (18, ubuntu-latest) (push) Has been cancelled
Auto Test / auto-test (18, windows-latest) (push) Has been cancelled
Auto Test / auto-test (20, ARM64) (push) Has been cancelled
Auto Test / auto-test (20, macos-latest) (push) Has been cancelled
Auto Test / auto-test (20, ubuntu-latest) (push) Has been cancelled
Auto Test / auto-test (20, windows-latest) (push) Has been cancelled
2024-11-12 19:00:09 +01:00
Patrick Wagstrom
f65453e50c
fix: correct linter errors
I missed some of the `let` definitions for the ca, cert, and key when
establishing the docker TLS connection.

DCO-1.1 Signed-off-by: Patrick Wagstrom <160672+pridkett@users.noreply.github.com>
2024-09-21 18:22:37 -04:00
Patrick Wagstrom
495bf51ac8
fix: allow TLS with remote docker when using public CA
This provides a small fix that allows you to define docker hosts that
you can connect with in three different ways:

1. Mutual TLS, docker host uses non-standard CA
2. Mutual TLS, docker host uses standard CA
3. No Authentication, docker host uses non-standard CA
4. No authentication, docker host uses standard CA

In the previous implementation only condition 1 and 4 were allowed. This
makes condition 2 and 3 possible. The logic is a little messy, but it
works.

DCO-1.1 Signed-off-by: Patrick Wagstrom <160672+pridkett@users.noreply.github.com>
2024-09-21 18:01:42 -04:00
2 changed files with 42 additions and 15 deletions

View file

@ -156,15 +156,38 @@ class DockerHost {
let certPath = path.join(Database.dockerTLSDir, dirName, DockerHost.CertificateFileNameCert); let certPath = path.join(Database.dockerTLSDir, dirName, DockerHost.CertificateFileNameCert);
let keyPath = path.join(Database.dockerTLSDir, dirName, DockerHost.CertificateFileNameKey); let keyPath = path.join(Database.dockerTLSDir, dirName, DockerHost.CertificateFileNameKey);
if (dockerType === "tcp" && fs.existsSync(caPath) && fs.existsSync(certPath) && fs.existsSync(keyPath)) { let key;
let ca = fs.readFileSync(caPath); let cert;
let key = fs.readFileSync(keyPath); let ca;
let cert = fs.readFileSync(certPath);
if (dockerType === "tcp") {
if (fs.existsSync(keyPath) && fs.existsSync(certPath)) {
// Load the key and cert
key = fs.readFileSync(keyPath);
cert = fs.readFileSync(certPath);
if (fs.existsSync(caPath)) {
// Condition 1: Mutual TLS with self-signed certificate
ca = fs.readFileSync(caPath);
certOptions = { certOptions = {
ca, ca,
key, key,
cert cert
}; };
} else {
// Condition 2: Mutual TLS with certificate in the standard trust store
certOptions = {
key,
cert
};
}
} else if (fs.existsSync(caPath)) {
// Condition 3: TLS using self-signed certificate (without mutual TLS)
ca = fs.readFileSync(caPath);
certOptions = {
ca
};
}
} }
return { return {

View file

@ -220,6 +220,9 @@ module.exports.statusPageSocketHandler = (socket) => {
// Delete groups that are not in the list // Delete groups that are not in the list
log.debug("socket", "Delete groups that are not in the list"); log.debug("socket", "Delete groups that are not in the list");
if (groupIDList.length === 0) {
await R.exec("DELETE FROM `group` WHERE status_page_id = ?", [ statusPage.id ]);
} else {
const slots = groupIDList.map(() => "?").join(","); const slots = groupIDList.map(() => "?").join(",");
const data = [ const data = [
@ -227,6 +230,7 @@ module.exports.statusPageSocketHandler = (socket) => {
statusPage.id statusPage.id
]; ];
await R.exec(`DELETE FROM \`group\` WHERE id NOT IN (${slots}) AND status_page_id = ?`, data); await R.exec(`DELETE FROM \`group\` WHERE id NOT IN (${slots}) AND status_page_id = ?`, data);
}
const server = UptimeKumaServer.getInstance(); const server = UptimeKumaServer.getInstance();