From 907fd2c1c35b902391803eca4c28a505428dedc7 Mon Sep 17 00:00:00 2001 From: RRashmit Date: Mon, 17 Feb 2025 15:21:53 +0000 Subject: [PATCH 1/3] chore: remove unsupported from agent v3 install --- scripts/packages/postinstall.sh | 61 ++++++------------------ scripts/packages/preinstall.sh | 82 +-------------------------------- 2 files changed, 16 insertions(+), 127 deletions(-) diff --git a/scripts/packages/postinstall.sh b/scripts/packages/postinstall.sh index 95dcb3854..7e495b1d0 100755 --- a/scripts/packages/postinstall.sh +++ b/scripts/packages/postinstall.sh @@ -4,13 +4,8 @@ # shellcheck source=/dev/null . /etc/os-release -if [ "$ID" = "freebsd" ]; then - BSD_HIER="/usr/local" - AGENT_EXE="${BSD_HIER}/bin/nginx-agent" -else - AGENT_EXE="/usr/bin/nginx-agent" - BSD_HIER="" -fi + +AGENT_EXE="/usr/bin/nginx-agent" AGENT_RUN_DIR="/var/run/nginx-agent" AGENT_LOG_DIR="/var/log/nginx-agent" AGENT_UNIT_LOCATION="/etc/systemd/system" @@ -107,18 +102,6 @@ create_agent_group() { fi fi - if [ "$ID" = "freebsd" ]; then - printf "PostInstall: Adding nginx-agent group %s\n" "${AGENT_GROUP}" - pw groupadd "${AGENT_GROUP}" - - printf "PostInstall: Adding NGINX / agent user %s to group %s\n" "${AGENT_USER}" "${AGENT_GROUP}" - pw groupmod "${AGENT_GROUP}" -M "${AGENT_USER}" - if [ "${WORKER_USER}" ]; then - printf "PostInstall: Adding NGINX Worker user %s to group %s\n" "${WORKER_USER}" "${AGENT_GROUP}" - pw groupmod "${AGENT_GROUP}" -M "${WORKER_USER}" - fi - fi - if [ "$ID" = "alpine" ]; then printf "PostInstall: Adding nginx-agent group %s\n" "${AGENT_GROUP}" addgroup "${AGENT_GROUP}" @@ -168,17 +151,12 @@ update_unit_file() { printf "PostInstall: Set the enabled flag for the service unit\n" systemctl enable "${AGENT_UNIT_FILE}" fi - - if [ "$ID" = "freebsd" ]; then - printf "PostInstall: Enabling NGINX Agent Service\n" - sysrc nginx_agent_enable=YES - fi } add_default_config_file() { - if [ ! -f "${BSD_HIER}"/etc/nginx-agent/nginx-agent.conf ]; then + if [ ! -f /etc/nginx-agent/nginx-agent.conf ]; then printf "PostInstall: Creating default nginx-agent.conf file\n" - cat < "${BSD_HIER}"/etc/nginx-agent/nginx-agent.conf + cat < /etc/nginx-agent/nginx-agent.conf # # /etc/nginx-agent/nginx-agent.conf # @@ -249,37 +227,33 @@ api: port: 8081 EOF printf "PostInstall: Updating file permissions for nginx-agent.conf to 0640\n" - chmod 0640 "${BSD_HIER}"/etc/nginx-agent/nginx-agent.conf + chmod 0640 /etc/nginx-agent/nginx-agent.conf fi } upgrade_config_file() { - if [ -f "${BSD_HIER}"/etc/nginx-agent/nginx-agent.conf ]; then + if [ -f /etc/nginx-agent/nginx-agent.conf ]; then extensions="" - if grep -q "advanced_metrics:" "${BSD_HIER}"/etc/nginx-agent/nginx-agent.conf; then + if grep -q "advanced_metrics:" /etc/nginx-agent/nginx-agent.conf; then extensions="${extensions} advanced-metrics" fi - if grep -q "nginx_app_protect:" "${BSD_HIER}"/etc/nginx-agent/nginx-agent.conf; then + if grep -q "nginx_app_protect:" /etc/nginx-agent/nginx-agent.conf; then extensions="${extensions} nginx-app-protect" fi - if grep -q "nap_monitoring:" "${BSD_HIER}"/etc/nginx-agent/nginx-agent.conf; then + if grep -q "nap_monitoring:" /etc/nginx-agent/nginx-agent.conf; then extensions="${extensions} nap-monitoring" fi - if ! grep -q "extensions:" "${BSD_HIER}"/etc/nginx-agent/nginx-agent.conf && [ "${#extensions}" -ne "0" ]; then + if ! grep -q "extensions:" /etc/nginx-agent/nginx-agent.conf && [ "${#extensions}" -ne "0" ]; then printf "PostInstall: Updating nginx-agent.conf to include extensions array\n" - printf "\nextensions:\n" >> "${BSD_HIER}"/etc/nginx-agent/nginx-agent.conf + printf "\nextensions:\n" >> /etc/nginx-agent/nginx-agent.conf for extension in ${extensions}; do - echo " - $extension" >> "${BSD_HIER}"/etc/nginx-agent/nginx-agent.conf + echo " - $extension" >> /etc/nginx-agent/nginx-agent.conf done fi fi } restart_agent_if_required() { - if [ "${ID}" = "freebsd" ]; then - # https://github.com/freebsd/pkg/pull/2128 - return - fi if service nginx-agent status >/dev/null 2>&1; then printf "PostInstall: Restarting nginx agent\n" service nginx-agent restart || true @@ -291,15 +265,10 @@ summary() { echo " NGINX Agent package has been successfully installed." echo "" echo " Please follow the next steps to start the software:" - if [ "$ID" = "freebsd" ]; then - echo " sudo service nginx-agent start" - echo "" - else - echo " sudo systemctl start nginx-agent" - echo "" - fi + echo " sudo systemctl start nginx-agent" + echo "" echo " Configuration settings can be adjusted here:" - echo " ${BSD_HIER}/etc/nginx-agent/nginx-agent.conf" + echo " /etc/nginx-agent/nginx-agent.conf" echo "" echo "----------------------------------------------------------------------" } diff --git a/scripts/packages/preinstall.sh b/scripts/packages/preinstall.sh index 972a2507a..db1a5da40 100644 --- a/scripts/packages/preinstall.sh +++ b/scripts/packages/preinstall.sh @@ -11,7 +11,6 @@ set -e ################################ LOG_LEVEL="" -INSTANCE_GROUP="" ################################ ###### Default variables @@ -22,38 +21,7 @@ export AGENT_GROUP="${AGENT_GROUP:-$(id -ng)}" # shellcheck source=/dev/null . /etc/os-release -if [ "$ID" = "freebsd" ]; then - AGENT_CONFIG_FILE=${AGENT_CONFIG_FILE:-"/usr/local/etc/nginx-agent/nginx-agent.conf"} - AGENT_DYNAMIC_CONFIG_DIR="/var/db/nginx-agent" - # Old location of agent-dynamic.conf - OLD_DYNAMIC_CONFIG_DIR="/etc/nginx-agent" - mkdir -p /var/log/nginx-agent/ -else - AGENT_CONFIG_FILE=${AGENT_CONFIG_FILE:-"/etc/nginx-agent/nginx-agent.conf"} - AGENT_DYNAMIC_CONFIG_DIR="/var/lib/nginx-agent" - # Old location of agent-dynamic.conf - OLD_DYNAMIC_CONFIG_DIR="/etc/nginx-agent" -fi - -AGENT_DYNAMIC_CONFIG_FILE="${AGENT_DYNAMIC_CONFIG_DIR}/agent-dynamic.conf" -OLD_DYNAMIC_CONFIG_FILE="${OLD_DYNAMIC_CONFIG_DIR}/agent-dynamic.conf" -AGENT_DYNAMIC_CONFIG_COMMENT="# -# agent-dynamic.conf -# -# Dynamic configuration file for NGINX Agent. -# -# The purpose of this file is to track NGINX Agent configuration -# values that can be dynamically changed via the API and the NGINX Agent install script. -# You may edit this file, but API calls that modify the tags on this system will -# overwrite the tag values in this file. -# -# The NGINX Agent configuration values that API calls can modify are as follows: -# - tags -# -# The NGINX Agent configuration value(s) that the NGINX Agent install script can modify are as follows: -# - instance_group - -" +AGENT_CONFIG_FILE=${AGENT_CONFIG_FILE:-"/etc/nginx-agent/nginx-agent.conf"} # # Functions @@ -77,50 +45,14 @@ ensure_sudo() { fi } -create_config_file() { - mkdir -p ${AGENT_DYNAMIC_CONFIG_DIR} - printf "%s" "${AGENT_DYNAMIC_CONFIG_COMMENT}" | tee ${AGENT_DYNAMIC_CONFIG_FILE} > /dev/null - chmod 0640 ${AGENT_DYNAMIC_CONFIG_FILE} - printf "Successfully created %s\n" "${AGENT_DYNAMIC_CONFIG_FILE}" -} - -load_config_values() { - if [ ! -f "$AGENT_DYNAMIC_CONFIG_FILE" ]; then - if [ -f "$OLD_DYNAMIC_CONFIG_FILE" ]; then - printf "Moving %s to %s\n" "$OLD_DYNAMIC_CONFIG_FILE" "$AGENT_DYNAMIC_CONFIG_FILE" - mkdir -p ${AGENT_DYNAMIC_CONFIG_DIR} - mv "$OLD_DYNAMIC_CONFIG_FILE" "$AGENT_DYNAMIC_CONFIG_FILE" - printf "Creating symlink %s at %s\n" "$AGENT_DYNAMIC_CONFIG_FILE" "$OLD_DYNAMIC_CONFIG_FILE" - ln -s "$AGENT_DYNAMIC_CONFIG_FILE" "$OLD_DYNAMIC_CONFIG_FILE" - else - printf "Could not find %s ... Creating file\n" ${AGENT_DYNAMIC_CONFIG_FILE} - create_config_file - fi - - fi - - # Check if there are existing values - _instance_group="$(grep "^instance_group:" "${AGENT_DYNAMIC_CONFIG_FILE}" | head -n 1 | cut -d : -f 2 | sed "s/^[[:space:]]//")" - - if [ "$_instance_group" ] && [ ! "${INSTANCE_GROUP}" ]; then - INSTANCE_GROUP=$_instance_group - fi -} - update_config_file() { sed_cmd="sed -i.bak " - printf "Updating %s ...\n" "${AGENT_DYNAMIC_CONFIG_FILE}" - if [ ! -f "$AGENT_CONFIG_FILE" ]; then printf "NGINX Agent config file %s does not exist. Could not be updated\n" "$AGENT_CONFIG_FILE" exit 0 fi - if [ ! -f "$AGENT_DYNAMIC_CONFIG_FILE" ]; then - err_exit "$AGENT_DYNAMIC_CONFIG_FILE does not exist" - fi - if [ "${PACKAGE_HOST}" ]; then printf "Updating %s ...\n" "${AGENT_CONFIG_FILE}" @@ -128,17 +60,6 @@ update_config_file() { ${sed_cmd} "s/host:.*$/host: ${PACKAGE_HOST}/" "${AGENT_CONFIG_FILE}" fi - # Check the instance group and set accordingly - if [ "${INSTANCE_GROUP}" ]; then - if [ "$(grep -cP '^(?=[\s]*+[^#])[^#]*(instance_group)' "${AGENT_DYNAMIC_CONFIG_FILE}")" -ge 1 ]; then - printf "Setting existing instance_group: %s\n" "${INSTANCE_GROUP}" - ${sed_cmd} "/^[[:space:]]*#/!s/\(instance_group:.*\)/instance_group: ${INSTANCE_GROUP}/g" "${AGENT_DYNAMIC_CONFIG_FILE}" - else - printf "Setting instance_group: %s\n" "${INSTANCE_GROUP}" - printf "instance_group: %s\n" "${INSTANCE_GROUP}" >> "${AGENT_DYNAMIC_CONFIG_FILE}" - fi - printf "Successfully updated %s\n" "${AGENT_DYNAMIC_CONFIG_FILE}" - fi # Check the log-level and set accordingly if [ "${LOG_LEVEL}" ]; then if [ "$(grep -cP '^(?=[\s]*+[^#])[^#]*(level:)' "${AGENT_CONFIG_FILE}")" -ge 1 ]; then @@ -162,6 +83,5 @@ update_config_file() { { title ensure_sudo - load_config_values update_config_file } From a2004adc737eae7206d73973ea18146d19a3f029 Mon Sep 17 00:00:00 2001 From: RRashmit Date: Wed, 19 Feb 2025 14:43:46 +0000 Subject: [PATCH 2/3] chore: update postremove --- scripts/packages/postremove.sh | 15 --------------- scripts/packages/preinstall.sh | 1 - 2 files changed, 16 deletions(-) diff --git a/scripts/packages/postremove.sh b/scripts/packages/postremove.sh index 6b2c739f2..39409e45f 100755 --- a/scripts/packages/postremove.sh +++ b/scripts/packages/postremove.sh @@ -4,16 +4,6 @@ # shellcheck source=/dev/null . /etc/os-release -stop_agent_freebsd() { - echo "Stopping nginx-agent service" - service nginx-agent onestop >/dev/null 2>&1 || true -} - -disable_agent_freebsd() { - echo "Disabling nginx-agent service" - sysrc -x nginx_agent_enable >/dev/null 2>&1 || true -} - stop_agent_systemd() { echo "Stopping nginx-agent service" systemctl stop nginx-agent >/dev/null 2>&1 || true @@ -35,11 +25,6 @@ cleanup() { } case "$ID" in - freebsd) - stop_agent_freebsd - disable_agent_freebsd - cleanup - ;; debian|ubuntu) if [ "$1" = "remove" ]; then stop_agent_systemd diff --git a/scripts/packages/preinstall.sh b/scripts/packages/preinstall.sh index db1a5da40..c3a68239f 100644 --- a/scripts/packages/preinstall.sh +++ b/scripts/packages/preinstall.sh @@ -26,7 +26,6 @@ AGENT_CONFIG_FILE=${AGENT_CONFIG_FILE:-"/etc/nginx-agent/nginx-agent.conf"} # # Functions # - err_exit() { printf "\n%b" "$1" printf " exiting.\n" From 2b401799d06028aaad551b0f810fe52cf17b6e1c Mon Sep 17 00:00:00 2001 From: RRashmit Date: Thu, 20 Feb 2025 10:02:15 +0000 Subject: [PATCH 3/3] chore: updated postinstall --- scripts/packages/postinstall.sh | 102 -------------------------------- 1 file changed, 102 deletions(-) diff --git a/scripts/packages/postinstall.sh b/scripts/packages/postinstall.sh index 7e495b1d0..b39019fa9 100755 --- a/scripts/packages/postinstall.sh +++ b/scripts/packages/postinstall.sh @@ -153,106 +153,6 @@ update_unit_file() { fi } -add_default_config_file() { - if [ ! -f /etc/nginx-agent/nginx-agent.conf ]; then - printf "PostInstall: Creating default nginx-agent.conf file\n" - cat < /etc/nginx-agent/nginx-agent.conf -# -# /etc/nginx-agent/nginx-agent.conf -# -# Configuration file for NGINX Agent. -# -# This file is to track NGINX Agent configuration values that are meant to be statically set. There -# are additional NGINX Agent configuration values that are set via the API and NGINX Agent install script -# which can be found in /var/lib/nginx-agent/agent-dynamic.conf. - -# specify the server grpc port to connect to -server: - # host of the control plane - host: 127.0.0.1 - grpcPort: 54789 - # provide servername overrides if using SNI - # metrics: "" - # command: "" -# tls options -tls: - # enable tls in the nginx-agent setup for grpcs - # default to enable to connect with tls connection but without client cert for mtls - enable: false - # specify the absolute path to the CA certificate file to use for verifying - # the server certificate (also requires 'skip_verify: false' below) - # by default, this will be the trusted root CAs found in the OS CA store - # ca: /etc/nginx-agent/ca.pem - # specify the absolute path to the client cert, when mtls is enabled - # cert: /etc/nginx-agent/client.crt - # specify the absolute path to the client cert key, when mtls is enabled - # key: /etc/nginx-agent/client.key - # controls whether the server certificate chain and host name are verified. - # for production use, see instructions for configuring TLS - skip_verify: true -log: - # set log level (panic, fatal, error, info, debug, trace; default "info") - level: info - # set log path. if empty, don't log to file. - path: /var/log/nginx-agent/ -# data plane status message / 'heartbeat' -nginx: - # path of NGINX logs to exclude - exclude_logs: "" - socket: "unix:/var/run/nginx-agent/nginx.sock" - -dataplane: - status: - # poll interval for data plane status - the frequency the NGINX Agent will query the dataplane for changes - poll_interval: 30s - # report interval for data plane status - the maximum duration to wait before syncing dataplane information if no updates have being observed - report_interval: 24h -metrics: - # specify the size of a buffer to build before sending metrics - bulk_size: 20 - # specify metrics poll interval - report_interval: 1m - collection_interval: 15s - mode: aggregated - -# OSS NGINX default config path -# path to aux file dirs can also be added -allowed_directories: - - /etc/nginx - - /usr/local/etc/nginx - - /usr/share/nginx/modules - - /etc/nms -api: - # default port for NGINX Agent API, this is for the server configuration of the REST API - port: 8081 -EOF - printf "PostInstall: Updating file permissions for nginx-agent.conf to 0640\n" - chmod 0640 /etc/nginx-agent/nginx-agent.conf - fi -} - -upgrade_config_file() { - if [ -f /etc/nginx-agent/nginx-agent.conf ]; then - extensions="" - if grep -q "advanced_metrics:" /etc/nginx-agent/nginx-agent.conf; then - extensions="${extensions} advanced-metrics" - fi - if grep -q "nginx_app_protect:" /etc/nginx-agent/nginx-agent.conf; then - extensions="${extensions} nginx-app-protect" - fi - if grep -q "nap_monitoring:" /etc/nginx-agent/nginx-agent.conf; then - extensions="${extensions} nap-monitoring" - fi - if ! grep -q "extensions:" /etc/nginx-agent/nginx-agent.conf && [ "${#extensions}" -ne "0" ]; then - printf "PostInstall: Updating nginx-agent.conf to include extensions array\n" - printf "\nextensions:\n" >> /etc/nginx-agent/nginx-agent.conf - for extension in ${extensions}; do - echo " - $extension" >> /etc/nginx-agent/nginx-agent.conf - done - fi - fi -} - restart_agent_if_required() { if service nginx-agent status >/dev/null 2>&1; then printf "PostInstall: Restarting nginx agent\n" @@ -283,8 +183,6 @@ summary() { create_agent_group create_run_dir update_unit_file - add_default_config_file - upgrade_config_file restart_agent_if_required summary }