diff --git a/backend/internal/storage/migrations.go b/backend/internal/storage/migrations.go index 29fc584..38c8cf7 100644 --- a/backend/internal/storage/migrations.go +++ b/backend/internal/storage/migrations.go @@ -81,3 +81,292 @@ ORDER BY (timestamp, level, service, agent) TTL timestamp + INTERVAL 30 DAY SETTINGS index_granularity = 8192 ` + +// SeedDefaultScripts inserts default diagnostic scripts into the scripts table. +// Uses INSERT OR IGNORE to avoid duplicates on subsequent runs. +const SeedDefaultScripts = ` +INSERT OR IGNORE INTO scripts (path, content, interpreter_id) VALUES +('default/system_info.sh', '#!/bin/bash +# Скрипт сбора базовой информации о системе: hostname, IP-адреса, сетевые интерфейсы, версия ОС + +echo "=== SYSTEM INFORMATION ===" +echo "" + +# Hostname +echo "--- Hostname ---" +hostname 2>/dev/null || echo "hostname command failed" +echo "" + +# OS Version +echo "--- OS Version ---" +if [ -f /etc/os-release ]; then + cat /etc/os-release +elif [ -f /etc/redhat-release ]; then + cat /etc/redhat-release +elif command -v uname >/dev/null 2>&1; then + uname -a +else + echo "Unable to determine OS version" +fi +echo "" + +# Network Interfaces +echo "--- Network Interfaces ---" +if command -v ip >/dev/null 2>&1; then + ip addr show 2>/dev/null +elif command -v ifconfig >/dev/null 2>&1; then + ifconfig -a 2>/dev/null +else + echo "Neither ip nor ifconfig available" +fi +echo "" + +# IP Addresses (summary) +echo "--- IP Addresses Summary ---" +if command -v ip >/dev/null 2>&1; then + ip -brief addr show 2>/dev/null || ip addr show | grep "inet " | awk ''{print $2, $4}'' +elif command -v ifconfig >/dev/null 2>&1; then + ifconfig | grep "inet " | awk ''{print $2}'' +else + echo "Unable to retrieve IP addresses" +fi +echo "" + +# Default Gateway +echo "--- Default Gateway ---" +if command -v ip >/dev/null 2>&1; then + ip route show default 2>/dev/null | head -5 +elif command -v route >/dev/null 2>&1; then + route -n | grep "^0.0.0.0" +else + echo "Unable to determine default gateway" +fi +echo "" + +# DNS Configuration +echo "--- DNS Configuration ---" +if [ -f /etc/resolv.conf ]; then + cat /etc/resolv.conf +else + echo "/etc/resolv.conf not found" +fi +echo "" + +echo "=== END SYSTEM INFORMATION ==="', 0), + +('default/services_scan.sh', '#!/bin/bash +# Скрипт сканирования доступных сервисов и портов на машине + +echo "=== SERVICES AND PORTS SCAN ===" +echo "" + +# Listening ports +echo "--- Listening Ports ---" +if command -v ss >/dev/null 2>&1; then + echo "Using ss:" + ss -tulnp 2>/dev/null +elif command -v netstat >/dev/null 2>&1; then + echo "Using netstat:" + netstat -tulnp 2>/dev/null +else + echo "Neither ss nor netstat available" +fi +echo "" + +# Common services check +echo "--- Common Services Check ---" +COMMON_PORTS="22 80 443 3306 5432 6379 8080 8443 27017 9200" +for port in $COMMON_PORTS; do + if command -v ss >/dev/null 2>&1; then + if ss -tuln | grep -q ":${port} "; then + echo "Port ${port}: LISTENING" + fi + elif command -v netstat >/dev/null 2>&1; then + if netstat -tuln | grep -q ":${port} "; then + echo "Port ${port}: LISTENING" + fi + fi +done +echo "" + +# Running services +echo "--- Running Services (systemd) ---" +if command -v systemctl >/dev/null 2>&1; then + systemctl list-units --type=service --state=running --no-pager 2>/dev/null | head -30 +else + echo "systemctl not available" + echo "--- Running processes (top 20) ---" + ps aux --sort=-%mem 2>/dev/null | head -20 || ps aux | head -20 +fi +echo "" + +# Docker containers (if available) +echo "--- Docker Containers ---" +if command -v docker >/dev/null 2>&1; then + docker ps --format "table {{.Names}}\t{{.Status}}\t{{.Ports}}" 2>/dev/null || echo "Docker command failed" +else + echo "Docker not installed" +fi +echo "" + +echo "=== END SERVICES AND PORTS SCAN ==="', 0), + +('default/diagnostics.sh', '#!/bin/bash +# Скрипт выполнения базовых диагностических команд + +echo "=== DIAGNOSTIC COMMANDS ===" +echo "" + +# Uptime +echo "--- Uptime ---" +uptime 2>/dev/null || echo "uptime command failed" +echo "" + +# Load average +echo "--- Load Average ---" +cat /proc/loadavg 2>/dev/null || echo "/proc/loadavg not available" +echo "" + +# Memory usage +echo "--- Memory Usage ---" +if command -v free >/dev/null 2>&1; then + free -h 2>/dev/null +elif [ -f /proc/meminfo ]; then + head -10 /proc/meminfo +else + echo "Unable to retrieve memory info" +fi +echo "" + +# Disk usage +echo "--- Disk Usage ---" +df -h 2>/dev/null || echo "df command failed" +echo "" + +# CPU info +echo "--- CPU Info ---" +if [ -f /proc/cpuinfo ]; then + echo "CPU cores: $(grep -c ^processor /proc/cpuinfo 2>/dev/null || echo ''unknown'')" + grep "model name" /proc/cpuinfo 2>/dev/null | head -1 || echo "CPU model unknown" +else + echo "/proc/cpuinfo not available" +fi +echo "" + +# Top processes by CPU +echo "--- Top 10 Processes by CPU ---" +ps aux --sort=-%cpu 2>/dev/null | head -11 || ps aux | head -11 +echo "" + +# Network connectivity check +echo "--- Network Connectivity ---" +echo "Pinging 8.8.8.8..." +ping -c 2 -W 2 8.8.8.8 2>/dev/null || echo "Ping to 8.8.8.8 failed" +echo "" + +echo "Pinging 1.1.1.1..." +ping -c 2 -W 2 1.1.1.1 2>/dev/null || echo "Ping to 1.1.1.1 failed" +echo "" + +# Last reboots +echo "--- Last Reboots (last 5) ---" +last reboot 2>/dev/null | head -5 || echo "Unable to get reboot history" +echo "" + +# Systemd failed services +echo "--- Failed Systemd Services ---" +if command -v systemctl >/dev/null 2>&1; then + systemctl list-units --state=failed --no-pager 2>/dev/null | head -10 || echo "No failed services or systemctl unavailable" +else + echo "systemctl not available" +fi +echo "" + +echo "=== END DIAGNOSTIC COMMANDS ==="', 0), + +('default/network_info.sh', '#!/bin/bash +# Скрипт сбора базовой сетевой информации + +echo "=== NETWORK INFORMATION ===" +echo "" + +# Network interfaces with IPs +echo "--- Network Interfaces ---" +if command -v ip >/dev/null 2>&1; then + ip addr show 2>/dev/null +elif command -v ifconfig >/dev/null 2>&1; then + ifconfig -a 2>/dev/null +else + echo "Unable to retrieve network interface info" +fi +echo "" + +# Routing table +echo "--- Routing Table ---" +if command -v ip >/dev/null 2>&1; then + ip route show 2>/dev/null +elif command -v route >/dev/null 2>&1; then + route -n 2>/dev/null +else + echo "Unable to retrieve routing table" +fi +echo "" + +# ARP table +echo "--- ARP Table ---" +if command -v ip >/dev/null 2>&1; then + ip neigh show 2>/dev/null +elif command -v arp >/dev/null 2>&1; then + arp -an 2>/dev/null +else + echo "Unable to retrieve ARP table" +fi +echo "" + +# DNS resolution test +echo "--- DNS Resolution Test ---" +echo "Resolving google.com..." +if command -v nslookup >/dev/null 2>&1; then + nslookup google.com 2>/dev/null | head -10 +elif command -v dig >/dev/null 2>&1; then + dig google.com +short 2>/dev/null +elif command -v host >/dev/null 2>&1; then + host google.com 2>/dev/null | head -5 +elif command -v getent >/dev/null 2>&1; then + getent hosts google.com 2>/dev/null +else + echo "No DNS tools available" +fi +echo "" + +# Active connections +echo "--- Active Connections (ESTABLISHED) ---" +if command -v ss >/dev/null 2>&1; then + ss -tnp state established 2>/dev/null | head -20 +elif command -v netstat >/dev/null 2>&1; then + netstat -tnp 2>/dev/null | grep ESTABLISHED | head -20 +else + echo "Unable to retrieve active connections" +fi +echo "" + +# Firewall rules (if accessible) +echo "--- Firewall Rules ---" +if command -v iptables >/dev/null 2>&1; then + iptables -L -n 2>/dev/null | head -30 || echo "iptables: permission denied or error" +else + echo "iptables not available" +fi +echo "" + +# Network namespaces (if applicable) +echo "--- Network Namespaces ---" +if command -v ip >/dev/null 2>&1; then + ip netns list 2>/dev/null || echo "No network namespaces or permission denied" +else + echo "ip command not available" +fi +echo "" + +echo "=== END NETWORK INFORMATION ==="', 0); +` diff --git a/backend/internal/storage/sqlite.go b/backend/internal/storage/sqlite.go index 6c4dd2c..f20a311 100644 --- a/backend/internal/storage/sqlite.go +++ b/backend/internal/storage/sqlite.go @@ -49,5 +49,12 @@ func Open(path string) (*sql.DB, error) { return nil, fmt.Errorf("migrate scripts: %w", err) } + // Seed default diagnostic scripts + if _, err := db.Exec(SeedDefaultScripts); err != nil { + log.Printf("[sqlite] WARNING: failed to seed default scripts: %v", err) + } else { + log.Println("[sqlite] default scripts seeded successfully") + } + return db, nil }