HellreigN/backend/internal/storage/migrations.go

package storage

const CreateSqlite = `
	CREATE TABLE IF NOT EXISTS tokens (
	id INTEGER PRIMARY KEY AUTOINCREMENT,
	name TEXT NOT NULL,
	last_name TEXT NOT NULL,
	login TEXT NOT NULL UNIQUE,
	password TEXT NOT NULL,
	token TEXT NOT NULL UNIQUE,
	permission_view BOOL NOT NULL,
	permission_manage_agent BOOL NOT NULL,
	permission_admin BOOL NOT NULL,
	is_active BOOL NOT NULL DEFAULT 0
);
`

// AddIsActiveColumn adds is_active column to tokens table if it doesn't exist.
// This is a migration for existing databases that don't have this column.
const AddIsActiveColumn = `
	ALTER TABLE tokens ADD COLUMN is_active BOOL NOT NULL DEFAULT 0
`

const CreateRegistrationTokensTable = `
CREATE TABLE IF NOT EXISTS registration_tokens (
	id INTEGER PRIMARY KEY AUTOINCREMENT,
	token TEXT NOT NULL UNIQUE,
	label TEXT NOT NULL,
	used BOOL NOT NULL DEFAULT 0,
	created_at DATETIME DEFAULT CURRENT_TIMESTAMP,
	used_at DATETIME
);
`

const CreateJobsTable = `
CREATE TABLE IF NOT EXISTS jobs (
	id INTEGER PRIMARY KEY AUTOINCREMENT,
	agent_id TEXT NOT NULL,
	command TEXT NOT NULL,
	stdin TEXT,
	stdout TEXT DEFAULT '',
	stderr TEXT DEFAULT '',
	status INTEGER DEFAULT 0,
	created_at DATETIME DEFAULT CURRENT_TIMESTAMP,
	updated_at DATETIME DEFAULT CURRENT_TIMESTAMP
);
`

const CreateScriptInterpretersTable = `
CREATE TABLE IF NOT EXISTS script_interpreters (
	id INTEGER PRIMARY KEY AUTOINCREMENT,
	name TEXT NOT NULL UNIQUE,
	label TEXT NOT NULL,
	argv TEXT NOT NULL,
	created_at DATETIME DEFAULT CURRENT_TIMESTAMP,
	updated_at DATETIME DEFAULT CURRENT_TIMESTAMP
);
`

const CreateScriptsTable = `
CREATE TABLE IF NOT EXISTS scripts (
	id INTEGER PRIMARY KEY AUTOINCREMENT,
	path TEXT NOT NULL UNIQUE,
	content TEXT NOT NULL DEFAULT '',
	interpreter_id INTEGER NOT NULL,
	created_at DATETIME DEFAULT CURRENT_TIMESTAMP,
	updated_at DATETIME DEFAULT CURRENT_TIMESTAMP,
	FOREIGN KEY (interpreter_id) REFERENCES script_interpreters(id)
);
`

const CreateLogsTable = `
CREATE TABLE IF NOT EXISTS logs (
    timestamp DateTime64(3) DEFAULT now(),
    level     LowCardinality(String),
    service   LowCardinality(String),
    agent     LowCardinality(String),
    message   String
) ENGINE = MergeTree()
ORDER BY (timestamp, level, service, agent)
TTL timestamp + INTERVAL 30 DAY
SETTINGS index_granularity = 8192
`

// SeedDefaultScripts inserts the bash interpreter and default diagnostic scripts.
// Uses INSERT OR IGNORE to avoid duplicates on subsequent runs.
const SeedDefaultScripts = `
-- Create bash interpreter with id=2
INSERT OR IGNORE INTO script_interpreters (id, name, label, argv) VALUES
(2, 'bash', 'Bash Shell', '["/bin/bash"]');

-- Insert default scripts bound to bash interpreter (id=2)
INSERT OR IGNORE INTO scripts (path, content, interpreter_id) VALUES
('default/system_info.sh', '#!/bin/bash
# Скрипт сбора базовой информации о системе: hostname, IP-адреса, сетевые интерфейсы, версия ОС

echo "=== SYSTEM INFORMATION ==="
echo ""

# Hostname
echo "--- Hostname ---"
hostname 2>/dev/null || echo "hostname command failed"
echo ""

# OS Version
echo "--- OS Version ---"
if [ -f /etc/os-release ]; then
    cat /etc/os-release
elif [ -f /etc/redhat-release ]; then
    cat /etc/redhat-release
elif command -v uname >/dev/null 2>&1; then
    uname -a
else
    echo "Unable to determine OS version"
fi
echo ""

# Network Interfaces
echo "--- Network Interfaces ---"
if command -v ip >/dev/null 2>&1; then
    ip addr show 2>/dev/null
elif command -v ifconfig >/dev/null 2>&1; then
    ifconfig -a 2>/dev/null
else
    echo "Neither ip nor ifconfig available"
fi
echo ""

# IP Addresses (summary)
echo "--- IP Addresses Summary ---"
if command -v ip >/dev/null 2>&1; then
    ip -brief addr show 2>/dev/null || ip addr show | grep "inet " | awk ''{print $2, $4}''
elif command -v ifconfig >/dev/null 2>&1; then
    ifconfig | grep "inet " | awk ''{print $2}''
else
    echo "Unable to retrieve IP addresses"
fi
echo ""

# Default Gateway
echo "--- Default Gateway ---"
if command -v ip >/dev/null 2>&1; then
    ip route show default 2>/dev/null | head -5
elif command -v route >/dev/null 2>&1; then
    route -n | grep "^0.0.0.0"
else
    echo "Unable to determine default gateway"
fi
echo ""

# DNS Configuration
echo "--- DNS Configuration ---"
if [ -f /etc/resolv.conf ]; then
    cat /etc/resolv.conf
else
    echo "/etc/resolv.conf not found"
fi
echo ""

echo "=== END SYSTEM INFORMATION ==="', 2),

('default/services_scan.sh', '#!/bin/bash
# Скрипт сканирования доступных сервисов и портов на машине

echo "=== SERVICES AND PORTS SCAN ==="
echo ""

# Listening ports
echo "--- Listening Ports ---"
if command -v ss >/dev/null 2>&1; then
    echo "Using ss:"
    ss -tulnp 2>/dev/null
elif command -v netstat >/dev/null 2>&1; then
    echo "Using netstat:"
    netstat -tulnp 2>/dev/null
else
    echo "Neither ss nor netstat available"
fi
echo ""

# Common services check
echo "--- Common Services Check ---"
COMMON_PORTS="22 80 443 3306 5432 6379 8080 8443 27017 9200"
for port in $COMMON_PORTS; do
    if command -v ss >/dev/null 2>&1; then
        if ss -tuln | grep -q ":${port} "; then
            echo "Port ${port}: LISTENING"
        fi
    elif command -v netstat >/dev/null 2>&1; then
        if netstat -tuln | grep -q ":${port} "; then
            echo "Port ${port}: LISTENING"
        fi
    fi
done
echo ""

# Running services
echo "--- Running Services (systemd) ---"
if command -v systemctl >/dev/null 2>&1; then
    systemctl list-units --type=service --state=running --no-pager 2>/dev/null | head -30
else
    echo "systemctl not available"
    echo "--- Running processes (top 20) ---"
    ps aux --sort=-%mem 2>/dev/null | head -20 || ps aux | head -20
fi
echo ""

# Docker containers (if available)
echo "--- Docker Containers ---"
if command -v docker >/dev/null 2>&1; then
    docker ps --format "table {{.Names}}\t{{.Status}}\t{{.Ports}}" 2>/dev/null || echo "Docker command failed"
else
    echo "Docker not installed"
fi
echo ""

echo "=== END SERVICES AND PORTS SCAN ==="', 2),

('default/diagnostics.sh', '#!/bin/bash
# Скрипт выполнения базовых диагностических команд

echo "=== DIAGNOSTIC COMMANDS ==="
echo ""

# Uptime
echo "--- Uptime ---"
uptime 2>/dev/null || echo "uptime command failed"
echo ""

# Load average
echo "--- Load Average ---"
cat /proc/loadavg 2>/dev/null || echo "/proc/loadavg not available"
echo ""

# Memory usage
echo "--- Memory Usage ---"
if command -v free >/dev/null 2>&1; then
    free -h 2>/dev/null
elif [ -f /proc/meminfo ]; then
    head -10 /proc/meminfo
else
    echo "Unable to retrieve memory info"
fi
echo ""

# Disk usage
echo "--- Disk Usage ---"
df -h 2>/dev/null || echo "df command failed"
echo ""

# CPU info
echo "--- CPU Info ---"
if [ -f /proc/cpuinfo ]; then
    echo "CPU cores: $(grep -c ^processor /proc/cpuinfo 2>/dev/null || echo ''unknown'')"
    grep "model name" /proc/cpuinfo 2>/dev/null | head -1 || echo "CPU model unknown"
else
    echo "/proc/cpuinfo not available"
fi
echo ""

# Top processes by CPU
echo "--- Top 10 Processes by CPU ---"
ps aux --sort=-%cpu 2>/dev/null | head -11 || ps aux | head -11
echo ""

# Network connectivity check
echo "--- Network Connectivity ---"
echo "Pinging 8.8.8.8..."
ping -c 2 -W 2 8.8.8.8 2>/dev/null || echo "Ping to 8.8.8.8 failed"
echo ""

echo "Pinging 1.1.1.1..."
ping -c 2 -W 2 1.1.1.1 2>/dev/null || echo "Ping to 1.1.1.1 failed"
echo ""

# Last reboots
echo "--- Last Reboots (last 5) ---"
last reboot 2>/dev/null | head -5 || echo "Unable to get reboot history"
echo ""

# Systemd failed services
echo "--- Failed Systemd Services ---"
if command -v systemctl >/dev/null 2>&1; then
    systemctl list-units --state=failed --no-pager 2>/dev/null | head -10 || echo "No failed services or systemctl unavailable"
else
    echo "systemctl not available"
fi
echo ""

echo "=== END DIAGNOSTIC COMMANDS ==="', 2),

('default/network_info.sh', '#!/bin/bash
# Скрипт сбора базовой сетевой информации

echo "=== NETWORK INFORMATION ==="
echo ""

# Network interfaces with IPs
echo "--- Network Interfaces ---"
if command -v ip >/dev/null 2>&1; then
    ip addr show 2>/dev/null
elif command -v ifconfig >/dev/null 2>&1; then
    ifconfig -a 2>/dev/null
else
    echo "Unable to retrieve network interface info"
fi
echo ""

# Routing table
echo "--- Routing Table ---"
if command -v ip >/dev/null 2>&1; then
    ip route show 2>/dev/null
elif command -v route >/dev/null 2>&1; then
    route -n 2>/dev/null
else
    echo "Unable to retrieve routing table"
fi
echo ""

# ARP table
echo "--- ARP Table ---"
if command -v ip >/dev/null 2>&1; then
    ip neigh show 2>/dev/null
elif command -v arp >/dev/null 2>&1; then
    arp -an 2>/dev/null
else
    echo "Unable to retrieve ARP table"
fi
echo ""

# DNS resolution test
echo "--- DNS Resolution Test ---"
echo "Resolving google.com..."
if command -v nslookup >/dev/null 2>&1; then
    nslookup google.com 2>/dev/null | head -10
elif command -v dig >/dev/null 2>&1; then
    dig google.com +short 2>/dev/null
elif command -v host >/dev/null 2>&1; then
    host google.com 2>/dev/null | head -5
elif command -v getent >/dev/null 2>&1; then
    getent hosts google.com 2>/dev/null
else
    echo "No DNS tools available"
fi
echo ""

# Active connections
echo "--- Active Connections (ESTABLISHED) ---"
if command -v ss >/dev/null 2>&1; then
    ss -tnp state established 2>/dev/null | head -20
elif command -v netstat >/dev/null 2>&1; then
    netstat -tnp 2>/dev/null | grep ESTABLISHED | head -20
else
    echo "Unable to retrieve active connections"
fi
echo ""

# Firewall rules (if accessible)
echo "--- Firewall Rules ---"
if command -v iptables >/dev/null 2>&1; then
    iptables -L -n 2>/dev/null | head -30 || echo "iptables: permission denied or error"
else
    echo "iptables not available"
fi
echo ""

# Network namespaces (if applicable)
echo "--- Network Namespaces ---"
if command -v ip >/dev/null 2>&1; then
    ip netns list 2>/dev/null || echo "No network namespaces or permission denied"
else
    echo "ip command not available"
fi
echo ""

echo "=== END NETWORK INFORMATION ==="', 2);
`