d3m0k1d
995 lines
23 KiB
YAML
995 lines
23 KiB
YAML
definitions:
|
|
handlers.AgentInfo:
|
|
properties:
|
|
label:
|
|
type: string
|
|
services:
|
|
items:
|
|
type: string
|
|
type: array
|
|
token:
|
|
type: string
|
|
type: object
|
|
handlers.InsertLogRequest:
|
|
properties:
|
|
agent:
|
|
type: string
|
|
level:
|
|
type: string
|
|
message:
|
|
type: string
|
|
service:
|
|
type: string
|
|
timestamp:
|
|
type: string
|
|
required:
|
|
- agent
|
|
- level
|
|
- message
|
|
- service
|
|
type: object
|
|
handlers.InsertLogsRequest:
|
|
properties:
|
|
logs:
|
|
items:
|
|
$ref: '#/definitions/handlers.InsertLogRequest'
|
|
type: array
|
|
required:
|
|
- logs
|
|
type: object
|
|
handlers.RegisterRequest:
|
|
properties:
|
|
csr:
|
|
type: string
|
|
token:
|
|
type: string
|
|
required:
|
|
- csr
|
|
- token
|
|
type: object
|
|
handlers.RegisterResponse:
|
|
properties:
|
|
ca_cert:
|
|
type: string
|
|
client_cert:
|
|
type: string
|
|
type: object
|
|
repository.AgentDeployConfig:
|
|
description: Configuration for deploying HellreigN agent to a single server
|
|
properties:
|
|
agentLabel:
|
|
example: production-server-1
|
|
type: string
|
|
authMethod:
|
|
allOf:
|
|
- $ref: '#/definitions/repository.AuthMethod'
|
|
example: key
|
|
deployType:
|
|
allOf:
|
|
- $ref: '#/definitions/repository.DeployType'
|
|
example: docker
|
|
ip:
|
|
example: 192.168.1.100
|
|
type: string
|
|
password:
|
|
example: secret
|
|
type: string
|
|
port:
|
|
example: 22
|
|
type: integer
|
|
sshKey:
|
|
example: '-----BEGIN OPENSSH PRIVATE KEY-----'
|
|
type: string
|
|
user:
|
|
example: admin
|
|
type: string
|
|
required:
|
|
- agentLabel
|
|
- authMethod
|
|
- deployType
|
|
- ip
|
|
- user
|
|
type: object
|
|
repository.AuthMethod:
|
|
description: 'SSH authentication method: key or password'
|
|
enum:
|
|
- key
|
|
- password
|
|
type: string
|
|
x-enum-varnames:
|
|
- AuthMethodKey
|
|
- AuthMethodPassword
|
|
repository.DeployAgentsRequest:
|
|
description: Request to deploy HellreigN agents to multiple servers
|
|
properties:
|
|
servers:
|
|
items:
|
|
$ref: '#/definitions/repository.AgentDeployConfig'
|
|
minItems: 1
|
|
type: array
|
|
required:
|
|
- servers
|
|
type: object
|
|
repository.DeployResponse:
|
|
description: Response containing deployment results and registration tokens
|
|
properties:
|
|
message:
|
|
example: Deployment completed
|
|
type: string
|
|
results:
|
|
items:
|
|
$ref: '#/definitions/repository.DeployResult'
|
|
type: array
|
|
type: object
|
|
repository.DeployResult:
|
|
description: Result of deploying to a single server
|
|
properties:
|
|
agent_label:
|
|
example: production-server-1
|
|
type: string
|
|
error:
|
|
example: ""
|
|
type: string
|
|
ip:
|
|
example: 192.168.1.100
|
|
type: string
|
|
success:
|
|
example: true
|
|
type: boolean
|
|
token:
|
|
example: abc123...
|
|
type: string
|
|
type: object
|
|
repository.DeployType:
|
|
description: 'Type of deployment: docker or binary'
|
|
enum:
|
|
- docker
|
|
- binary
|
|
type: string
|
|
x-enum-varnames:
|
|
- DeployTypeDocker
|
|
- DeployTypeBinary
|
|
repository.LoginRequest:
|
|
properties:
|
|
login:
|
|
type: string
|
|
password:
|
|
type: string
|
|
required:
|
|
- login
|
|
- password
|
|
type: object
|
|
repository.LoginResponse:
|
|
properties:
|
|
is_active:
|
|
type: boolean
|
|
last_name:
|
|
type: string
|
|
login:
|
|
type: string
|
|
name:
|
|
type: string
|
|
permission_admin:
|
|
type: boolean
|
|
permission_manage_agent:
|
|
type: boolean
|
|
permission_view:
|
|
type: boolean
|
|
token:
|
|
type: string
|
|
type: object
|
|
repository.RegistrationRequest:
|
|
properties:
|
|
label:
|
|
type: string
|
|
required:
|
|
- label
|
|
type: object
|
|
repository.TokenCreate:
|
|
properties:
|
|
is_active:
|
|
type: boolean
|
|
last_name:
|
|
type: string
|
|
login:
|
|
type: string
|
|
name:
|
|
type: string
|
|
password:
|
|
type: string
|
|
permission_admin:
|
|
type: boolean
|
|
permission_manage_agent:
|
|
type: boolean
|
|
permission_view:
|
|
type: boolean
|
|
required:
|
|
- last_name
|
|
- login
|
|
- name
|
|
- password
|
|
type: object
|
|
repository.TokenPasswordReset:
|
|
properties:
|
|
new_password:
|
|
type: string
|
|
required:
|
|
- new_password
|
|
type: object
|
|
repository.TokenUpdate:
|
|
properties:
|
|
last_name:
|
|
type: string
|
|
name:
|
|
type: string
|
|
type: object
|
|
repository.TokenUpdatePermissions:
|
|
properties:
|
|
is_active:
|
|
type: boolean
|
|
permission_admin:
|
|
type: boolean
|
|
permission_manage_agent:
|
|
type: boolean
|
|
permission_view:
|
|
type: boolean
|
|
type: object
|
|
repository.Tokens:
|
|
properties:
|
|
id:
|
|
type: integer
|
|
is_active:
|
|
type: boolean
|
|
last_name:
|
|
type: string
|
|
login:
|
|
type: string
|
|
name:
|
|
type: string
|
|
permission_admin:
|
|
type: boolean
|
|
permission_manage_agent:
|
|
type: boolean
|
|
permission_view:
|
|
type: boolean
|
|
token:
|
|
type: string
|
|
type: object
|
|
storage.LogEntry:
|
|
properties:
|
|
agent:
|
|
type: string
|
|
level:
|
|
type: string
|
|
message:
|
|
type: string
|
|
service:
|
|
type: string
|
|
timestamp:
|
|
type: string
|
|
type: object
|
|
info:
|
|
contact: {}
|
|
paths:
|
|
/agents:
|
|
get:
|
|
description: Returns a list of all agents currently connected via gRPC streaming
|
|
produces:
|
|
- application/json
|
|
responses:
|
|
"200":
|
|
description: OK
|
|
schema:
|
|
items:
|
|
$ref: '#/definitions/handlers.AgentInfo'
|
|
type: array
|
|
summary: Get connected agents
|
|
tags:
|
|
- agents
|
|
/agents/deploy:
|
|
post:
|
|
consumes:
|
|
- application/json
|
|
description: Deploy HellreigN agents to multiple servers using Ansible playbooks.
|
|
Supports Docker and Binary deployment types.
|
|
parameters:
|
|
- description: Deployment configuration for servers
|
|
in: body
|
|
name: request
|
|
required: true
|
|
schema:
|
|
$ref: '#/definitions/repository.DeployAgentsRequest'
|
|
produces:
|
|
- application/json
|
|
responses:
|
|
"200":
|
|
description: Deployment results with tokens for each server
|
|
schema:
|
|
$ref: '#/definitions/repository.DeployResponse'
|
|
"400":
|
|
description: Invalid request
|
|
schema:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
"500":
|
|
description: Internal server error
|
|
schema:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
security:
|
|
- Bearer: []
|
|
summary: Deploy agents to multiple servers via Ansible
|
|
tags:
|
|
- agents
|
|
/agents/register:
|
|
post:
|
|
consumes:
|
|
- application/json
|
|
parameters:
|
|
- description: CSR + token
|
|
in: body
|
|
name: request
|
|
required: true
|
|
schema:
|
|
$ref: '#/definitions/handlers.RegisterRequest'
|
|
produces:
|
|
- application/json
|
|
responses:
|
|
"200":
|
|
description: OK
|
|
schema:
|
|
$ref: '#/definitions/handlers.RegisterResponse'
|
|
summary: Register agent
|
|
tags:
|
|
- agents
|
|
/agents/register-token:
|
|
post:
|
|
consumes:
|
|
- application/json
|
|
parameters:
|
|
- description: Label
|
|
in: body
|
|
name: request
|
|
required: true
|
|
schema:
|
|
$ref: '#/definitions/repository.RegistrationRequest'
|
|
produces:
|
|
- application/json
|
|
responses:
|
|
"200":
|
|
description: OK
|
|
schema:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
security:
|
|
- Bearer: []
|
|
summary: Create registration token
|
|
tags:
|
|
- agents
|
|
/auth/login:
|
|
post:
|
|
consumes:
|
|
- application/json
|
|
description: Authenticate with login and password, returns a token and permissions
|
|
parameters:
|
|
- description: Login credentials
|
|
in: body
|
|
name: request
|
|
required: true
|
|
schema:
|
|
$ref: '#/definitions/repository.LoginRequest'
|
|
responses:
|
|
"200":
|
|
description: OK
|
|
schema:
|
|
$ref: '#/definitions/repository.LoginResponse'
|
|
"400":
|
|
description: Bad Request
|
|
schema:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
"401":
|
|
description: Unauthorized
|
|
schema:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
"403":
|
|
description: Forbidden
|
|
schema:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
summary: Login
|
|
tags:
|
|
- auth
|
|
/auth/token:
|
|
delete:
|
|
description: Deletes the current authenticated user
|
|
responses:
|
|
"200":
|
|
description: OK
|
|
schema:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
"401":
|
|
description: Unauthorized
|
|
schema:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
"500":
|
|
description: Internal Server Error
|
|
schema:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
summary: Delete my account
|
|
tags:
|
|
- auth
|
|
post:
|
|
consumes:
|
|
- application/json
|
|
description: Creates a new user with permissions
|
|
parameters:
|
|
- description: User data
|
|
in: body
|
|
name: request
|
|
required: true
|
|
schema:
|
|
$ref: '#/definitions/repository.TokenCreate'
|
|
responses:
|
|
"200":
|
|
description: OK
|
|
schema:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
"400":
|
|
description: Bad Request
|
|
schema:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
"401":
|
|
description: Unauthorized
|
|
schema:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
"500":
|
|
description: Internal Server Error
|
|
schema:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
summary: Create user
|
|
tags:
|
|
- auth
|
|
/auth/tokens:
|
|
get:
|
|
description: Returns list of all users with their permissions
|
|
produces:
|
|
- application/json
|
|
responses:
|
|
"200":
|
|
description: OK
|
|
schema:
|
|
items:
|
|
$ref: '#/definitions/repository.Tokens'
|
|
type: array
|
|
"500":
|
|
description: Internal Server Error
|
|
schema:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
summary: List users
|
|
tags:
|
|
- auth
|
|
/auth/tokens/:login:
|
|
delete:
|
|
description: Deletes a user by their login
|
|
parameters:
|
|
- description: Login of the user to delete
|
|
in: path
|
|
name: login
|
|
required: true
|
|
type: string
|
|
responses:
|
|
"200":
|
|
description: OK
|
|
schema:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
"400":
|
|
description: Bad Request
|
|
schema:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
"500":
|
|
description: Internal Server Error
|
|
schema:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
summary: Delete user
|
|
tags:
|
|
- auth
|
|
/auth/users/:login:
|
|
get:
|
|
description: Returns a user by their login (admin only)
|
|
parameters:
|
|
- description: Login of the user
|
|
in: path
|
|
name: login
|
|
required: true
|
|
type: string
|
|
produces:
|
|
- application/json
|
|
responses:
|
|
"200":
|
|
description: OK
|
|
schema:
|
|
$ref: '#/definitions/repository.Tokens'
|
|
"400":
|
|
description: Bad Request
|
|
schema:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
"404":
|
|
description: Not Found
|
|
schema:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
"500":
|
|
description: Internal Server Error
|
|
schema:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
summary: Get user by login
|
|
tags:
|
|
- auth
|
|
put:
|
|
consumes:
|
|
- application/json
|
|
description: Updates a user's name and last name (admin only)
|
|
parameters:
|
|
- description: Login of the user
|
|
in: path
|
|
name: login
|
|
required: true
|
|
type: string
|
|
- description: User data to update
|
|
in: body
|
|
name: request
|
|
required: true
|
|
schema:
|
|
$ref: '#/definitions/repository.TokenUpdate'
|
|
responses:
|
|
"200":
|
|
description: OK
|
|
schema:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
"400":
|
|
description: Bad Request
|
|
schema:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
"404":
|
|
description: Not Found
|
|
schema:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
"500":
|
|
description: Internal Server Error
|
|
schema:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
summary: Update user
|
|
tags:
|
|
- auth
|
|
/auth/users/:login/activate:
|
|
post:
|
|
description: Activates a user account by login (admin only)
|
|
parameters:
|
|
- description: Login of the user to activate
|
|
in: path
|
|
name: login
|
|
required: true
|
|
type: string
|
|
responses:
|
|
"200":
|
|
description: OK
|
|
schema:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
"400":
|
|
description: Bad Request
|
|
schema:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
"404":
|
|
description: Not Found
|
|
schema:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
"500":
|
|
description: Internal Server Error
|
|
schema:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
summary: Activate user
|
|
tags:
|
|
- auth
|
|
/auth/users/:login/deactivate:
|
|
post:
|
|
description: Deactivates a user account by login (admin only)
|
|
parameters:
|
|
- description: Login of the user to deactivate
|
|
in: path
|
|
name: login
|
|
required: true
|
|
type: string
|
|
responses:
|
|
"200":
|
|
description: OK
|
|
schema:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
"400":
|
|
description: Bad Request
|
|
schema:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
"404":
|
|
description: Not Found
|
|
schema:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
"500":
|
|
description: Internal Server Error
|
|
schema:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
summary: Deactivate user
|
|
tags:
|
|
- auth
|
|
/auth/users/:login/password:
|
|
put:
|
|
consumes:
|
|
- application/json
|
|
description: Resets a user's password to a new value (admin only)
|
|
parameters:
|
|
- description: Login of the user
|
|
in: path
|
|
name: login
|
|
required: true
|
|
type: string
|
|
- description: New password
|
|
in: body
|
|
name: request
|
|
required: true
|
|
schema:
|
|
$ref: '#/definitions/repository.TokenPasswordReset'
|
|
responses:
|
|
"200":
|
|
description: OK
|
|
schema:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
"400":
|
|
description: Bad Request
|
|
schema:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
"404":
|
|
description: Not Found
|
|
schema:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
"500":
|
|
description: Internal Server Error
|
|
schema:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
summary: Reset user password
|
|
tags:
|
|
- auth
|
|
/auth/users/:login/permissions:
|
|
put:
|
|
consumes:
|
|
- application/json
|
|
description: Updates a user's permissions and activation status (admin only)
|
|
parameters:
|
|
- description: Login of the user
|
|
in: path
|
|
name: login
|
|
required: true
|
|
type: string
|
|
- description: Permissions to update
|
|
in: body
|
|
name: request
|
|
required: true
|
|
schema:
|
|
$ref: '#/definitions/repository.TokenUpdatePermissions'
|
|
responses:
|
|
"200":
|
|
description: OK
|
|
schema:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
"400":
|
|
description: Bad Request
|
|
schema:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
"404":
|
|
description: Not Found
|
|
schema:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
"500":
|
|
description: Internal Server Error
|
|
schema:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
summary: Update user permissions
|
|
tags:
|
|
- auth
|
|
/auth/users/inactive:
|
|
get:
|
|
description: Returns list of all users waiting for activation
|
|
produces:
|
|
- application/json
|
|
responses:
|
|
"200":
|
|
description: OK
|
|
schema:
|
|
items:
|
|
$ref: '#/definitions/repository.Tokens'
|
|
type: array
|
|
"500":
|
|
description: Internal Server Error
|
|
schema:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
summary: List inactive users
|
|
tags:
|
|
- auth
|
|
/auth/validate:
|
|
get:
|
|
description: Check if the provided Bearer token is valid and return its permissions
|
|
produces:
|
|
- application/json
|
|
responses:
|
|
"200":
|
|
description: OK
|
|
schema:
|
|
$ref: '#/definitions/repository.Tokens'
|
|
"401":
|
|
description: Unauthorized
|
|
schema:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
summary: Validate token
|
|
tags:
|
|
- auth
|
|
/logs:
|
|
get:
|
|
description: Searches logs with various filters
|
|
parameters:
|
|
- description: Log level (INFO, WARNING, ERROR, FATAL)
|
|
in: query
|
|
name: level
|
|
type: string
|
|
- description: Service name
|
|
in: query
|
|
name: service
|
|
type: string
|
|
- description: Agent name
|
|
in: query
|
|
name: agent
|
|
type: string
|
|
- description: Date from (RFC3339)
|
|
in: query
|
|
name: date_from
|
|
type: string
|
|
- description: Date to (RFC3339)
|
|
in: query
|
|
name: date_to
|
|
type: string
|
|
- default: 100
|
|
description: Limit results
|
|
in: query
|
|
name: limit
|
|
type: integer
|
|
- default: 0
|
|
description: Offset results
|
|
in: query
|
|
name: offset
|
|
type: integer
|
|
produces:
|
|
- application/json
|
|
responses:
|
|
"200":
|
|
description: OK
|
|
schema:
|
|
items:
|
|
$ref: '#/definitions/storage.LogEntry'
|
|
type: array
|
|
summary: Search logs
|
|
tags:
|
|
- logs
|
|
post:
|
|
consumes:
|
|
- application/json
|
|
description: Inserts a single log entry into ClickHouse
|
|
parameters:
|
|
- description: Log entry
|
|
in: body
|
|
name: body
|
|
required: true
|
|
schema:
|
|
$ref: '#/definitions/handlers.InsertLogRequest'
|
|
produces:
|
|
- application/json
|
|
responses:
|
|
"201":
|
|
description: Created
|
|
schema:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
summary: Insert log entry
|
|
tags:
|
|
- logs
|
|
/logs/agents:
|
|
get:
|
|
description: Returns list of all unique agent names in logs
|
|
produces:
|
|
- application/json
|
|
responses:
|
|
"200":
|
|
description: OK
|
|
schema:
|
|
items:
|
|
type: string
|
|
type: array
|
|
summary: Get distinct agents
|
|
tags:
|
|
- logs
|
|
/logs/batch:
|
|
post:
|
|
consumes:
|
|
- application/json
|
|
description: Inserts multiple log entries into ClickHouse
|
|
parameters:
|
|
- description: Log entries
|
|
in: body
|
|
name: body
|
|
required: true
|
|
schema:
|
|
$ref: '#/definitions/handlers.InsertLogsRequest'
|
|
produces:
|
|
- application/json
|
|
responses:
|
|
"201":
|
|
description: Created
|
|
schema:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
summary: Insert log entries (batch)
|
|
tags:
|
|
- logs
|
|
/logs/levels:
|
|
get:
|
|
description: Returns list of all unique log levels in logs
|
|
produces:
|
|
- application/json
|
|
responses:
|
|
"200":
|
|
description: OK
|
|
schema:
|
|
items:
|
|
type: string
|
|
type: array
|
|
summary: Get distinct log levels
|
|
tags:
|
|
- logs
|
|
/logs/mock:
|
|
get:
|
|
description: Returns 100 mock log entries for frontend development (no ClickHouse
|
|
required)
|
|
parameters:
|
|
- description: Filter by level
|
|
in: query
|
|
name: level
|
|
type: string
|
|
- description: Filter by service
|
|
in: query
|
|
name: service
|
|
type: string
|
|
- description: Filter by agent
|
|
in: query
|
|
name: agent
|
|
type: string
|
|
- default: 100
|
|
description: Limit results
|
|
in: query
|
|
name: limit
|
|
type: integer
|
|
- default: 0
|
|
description: Offset results
|
|
in: query
|
|
name: offset
|
|
type: integer
|
|
produces:
|
|
- application/json
|
|
responses:
|
|
"200":
|
|
description: OK
|
|
schema:
|
|
items:
|
|
$ref: '#/definitions/storage.LogEntry'
|
|
type: array
|
|
summary: Get mock logs
|
|
tags:
|
|
- logs
|
|
/logs/services:
|
|
get:
|
|
description: Returns list of all unique service names in logs
|
|
produces:
|
|
- application/json
|
|
responses:
|
|
"200":
|
|
description: OK
|
|
schema:
|
|
items:
|
|
type: string
|
|
type: array
|
|
summary: Get distinct services
|
|
tags:
|
|
- logs
|
|
securityDefinitions:
|
|
Bearer:
|
|
description: Type "Bearer" followed by a space and the JWT token.
|
|
in: header
|
|
name: Authorization
|
|
type: apiKey
|
|
swagger: "2.0"
|