diff --git a/.devcontainer/Dockerfile b/.devcontainer/Dockerfile index 8ac7cfffa..a7640f266 100755 --- a/.devcontainer/Dockerfile +++ b/.devcontainer/Dockerfile @@ -137,7 +137,7 @@ ENV LANG=C.UTF-8 RUN apk add --no-cache bash mtr libbsd zip lsblk tzdata curl arp-scan iproute2 iproute2-ss nmap fping \ nmap-scripts traceroute nbtscan net-tools net-snmp-tools bind-tools awake ca-certificates \ sqlite php83 php83-fpm php83-cgi php83-curl php83-sqlite3 php83-session python3 envsubst \ - nginx supercronic shadow su-exec && \ + nginx supercronic shadow su-exec jq && \ rm -Rf /var/cache/apk/* && \ rm -Rf /etc/nginx && \ addgroup -g ${NETALERTX_GID} ${NETALERTX_GROUP} && \ diff --git a/.devcontainer/scripts/generate-configs.sh b/.devcontainer/scripts/generate-configs.sh index 745f96334..987137ed0 100755 --- a/.devcontainer/scripts/generate-configs.sh +++ b/.devcontainer/scripts/generate-configs.sh @@ -31,4 +31,17 @@ cat "${DEVCONTAINER_DIR}/resources/devcontainer-Dockerfile" echo "Generated $OUT_FILE using root dir $ROOT_DIR" +# Passive Gemini MCP config +TOKEN=$(grep '^API_TOKEN=' /data/config/app.conf 2>/dev/null | cut -d"'" -f2) +if [ -n "${TOKEN}" ]; then + mkdir -p "${ROOT_DIR}/.gemini" + [ -f "${ROOT_DIR}/.gemini/settings.json" ] || echo "{}" > "${ROOT_DIR}/.gemini/settings.json" + jq --arg t "$TOKEN" '.mcpServers["netalertx-devcontainer"] = {url: "http://127.0.0.1:20212/mcp/sse", headers: {Authorization: ("Bearer " + $t)}}' "${ROOT_DIR}/.gemini/settings.json" > "${ROOT_DIR}/.gemini/settings.json.tmp" && mv "${ROOT_DIR}/.gemini/settings.json.tmp" "${ROOT_DIR}/.gemini/settings.json" + + # VS Code MCP config + mkdir -p "${ROOT_DIR}/.vscode" + [ -f "${ROOT_DIR}/.vscode/mcp.json" ] || echo "{}" > "${ROOT_DIR}/.vscode/mcp.json" + jq --arg t "$TOKEN" '.servers["netalertx-devcontainer"] = {type: "sse", url: "http://127.0.0.1:20212/mcp/sse", headers: {Authorization: ("Bearer " + $t)}}' "${ROOT_DIR}/.vscode/mcp.json" > "${ROOT_DIR}/.vscode/mcp.json.tmp" && mv "${ROOT_DIR}/.vscode/mcp.json.tmp" "${ROOT_DIR}/.vscode/mcp.json" +fi + echo "Done." \ No newline at end of file diff --git a/.devcontainer/scripts/run-tests.sh b/.devcontainer/scripts/run-tests.sh deleted file mode 100755 index 80eaf0130..000000000 --- a/.devcontainer/scripts/run-tests.sh +++ /dev/null @@ -1,13 +0,0 @@ -#!/bin/sh -# shellcheck shell=sh -# Simple helper to run pytest inside the devcontainer with correct paths -set -eu - -# Ensure we run from the workspace root -cd /workspaces/NetAlertX - -# Make sure PYTHONPATH includes server and workspace -export PYTHONPATH="/workspaces/NetAlertX:/workspaces/NetAlertX/server:/app:/app/server:${PYTHONPATH:-}" - -# Default to running the full test suite under /workspaces/NetAlertX/test -pytest -q --maxfail=1 --disable-warnings test "$@" diff --git a/.devcontainer/scripts/setup.sh b/.devcontainer/scripts/setup.sh index f766bd0e7..2a9df3194 100755 --- a/.devcontainer/scripts/setup.sh +++ b/.devcontainer/scripts/setup.sh @@ -32,7 +32,6 @@ LOG_FILES=( LOG_DB_IS_LOCKED LOG_NGINX_ERROR ) - sudo chmod 666 /var/run/docker.sock 2>/dev/null || true sudo chown "$(id -u)":"$(id -g)" /workspaces sudo chmod 755 /workspaces @@ -55,6 +54,9 @@ sudo install -d -m 777 /tmp/log/plugins sudo rm -rf /entrypoint.d sudo ln -s "${SOURCE_DIR}/install/production-filesystem/entrypoint.d" /entrypoint.d +sudo rm -rf /services +sudo ln -s "${SOURCE_DIR}/install/production-filesystem/services" /services + sudo rm -rf "${NETALERTX_APP}" sudo ln -s "${SOURCE_DIR}/" "${NETALERTX_APP}" @@ -88,8 +90,6 @@ sudo chmod 777 "${LOG_DB_IS_LOCKED}" sudo pkill -f python3 2>/dev/null || true -sudo chmod -R 777 "${PY_SITE_PACKAGES}" "${NETALERTX_DATA}" 2>/dev/null || true - sudo chown -R "${NETALERTX_USER}:${NETALERTX_GROUP}" "${NETALERTX_APP}" date +%s | sudo tee "${NETALERTX_FRONT}/buildtimestamp.txt" >/dev/null diff --git a/.gemini/GEMINI.md b/.gemini/GEMINI.md deleted file mode 100644 index c55c6c3f3..000000000 --- a/.gemini/GEMINI.md +++ /dev/null @@ -1,59 +0,0 @@ -# Gemini-CLI Agent Instructions for NetAlertX - -## 1. Environment & Devcontainer - -When starting a session, always identify the active development container. - -### Finding the Container -Run `docker ps` to list running containers. Look for an image name containing `vsc-netalertx` or similar. - -```bash -docker ps --format "table {{.ID}}\t{{.Image}}\t{{.Status}}\t{{.Names}}" | grep netalertx -``` - -- **If no container is found:** Inform the user. You cannot run integration tests or backend logic without it. -- **If multiple containers are found:** Ask the user to clarify which one to use (e.g., provide the Container ID). - -### Running Commands in the Container -Prefix commands with `docker exec ` to run them inside the environment. Use the scripts in `/services/` to control backend and other processes. -```bash -docker exec bash /workspaces/NetAlertX/.devcontainer/scripts/setup.sh -``` -*Note: This script wipes `/tmp` ramdisks, resets DBs, and restarts services (python server, cron,php-fpm, nginx).* - -## 2. Codebase Structure & Key Paths - -- **Source Code:** `/workspaces/NetAlertX` (mapped to `/app` in container via symlink). -- **Backend Entry:** `server/api_server/api_server_start.py` (Flask) and `server/__main__.py`. -- **Frontend:** `front/` (PHP/JS). -- **Plugins:** `front/plugins/`. -- **Config:** `/data/config/app.conf` (runtime) or `back/app.conf` (default). -- **Database:** `/data/db/app.db` (SQLite). - -## 3. Testing Workflow - -**Crucial:** Tests MUST be run inside the container to access the correct runtime environment (DB, Config, Dependencies). - -### Running Tests -Use `pytest` with the correct PYTHONPATH. - -```bash -docker exec bash -c "cd /workspaces/NetAlertX && pytest " -``` - -*Example:* -```bash -docker exec bash -c "cd /workspaces/NetAlertX && pytest test/api_endpoints/test_mcp_extended_endpoints.py" -``` - -### Authentication in Tests -The test environment uses `API_TOKEN`. The most reliable way to retrieve the current token from a running container is: -```bash -docker exec python3 -c "from helper import get_setting_value; print(get_setting_value('API_TOKEN'))" -``` - -*Troubleshooting:* If tests fail with 403 Forbidden or empty tokens: -1. Verify server is running and use the aforementioned setup.sh if required. -2. Verify `app.conf` inside the container: `docker exec cat /data/config/app.conf` -23 Verify Python can read it: `docker exec python3 -c "from helper import get_setting_value; print(get_setting_value('API_TOKEN'))"` - diff --git a/.gemini/skills/devcontainer-management/SKILL.md b/.gemini/skills/devcontainer-management/SKILL.md new file mode 100644 index 000000000..5c3f54fbb --- /dev/null +++ b/.gemini/skills/devcontainer-management/SKILL.md @@ -0,0 +1,31 @@ +--- +name: devcontainer-management +description: Guide for identifying, managing, and running commands within the NetAlertX development container. Use this when asked to run commands, testing, setup scripts, or troubleshoot container issues. +--- + +# Devcontainer Management + +When starting a session or performing tasks requiring the runtime environment, you must identify and use the active development container. + +## Finding the Container + +Run `docker ps` to list running containers. Look for an image name containing `vsc-netalertx` or similar. + +```bash +docker ps --format "table {{.ID}}\t{{.Image}}\t{{.Status}}\t{{.Names}}" | grep netalertx +``` + +- **If no container is found:** Inform the user. You cannot run integration tests or backend logic without it. +- **If multiple containers are found:** Ask the user to clarify which one to use (e.g., provide the Container ID). + +## Running Commands in the Container + +Prefix commands with `docker exec ` to run them inside the environment. Use the scripts in `/services/` to control backend and other processes. + +```bash +docker exec bash /workspaces/NetAlertX/.devcontainer/scripts/setup.sh +``` + +*Note: This script wipes `/tmp` ramdisks, resets DBs, and restarts services (python server, cron,php-fpm, nginx).* + +``` diff --git a/.gemini/skills/mcp-activation/SKILL.md b/.gemini/skills/mcp-activation/SKILL.md new file mode 100644 index 000000000..6938a7b92 --- /dev/null +++ b/.gemini/skills/mcp-activation/SKILL.md @@ -0,0 +1,52 @@ +--- +name: mcp-activation +description: Enables live interaction with the NetAlertX runtime. This skill configures the Model Context Protocol (MCP) connection, granting full API access for debugging, troubleshooting, and real-time operations including database queries, network scans, and device management. +--- + +# MCP Activation Skill + +This skill configures the NetAlertX development environment to expose the Model Context Protocol (MCP) server to AI agents. + +## Why use this? + +By default, agents only have access to the static codebase (files). To perform dynamic actions—such as: +- **Querying the database** (e.g., getting device lists, events) +- **Triggering actions** (e.g., network scans, Wake-on-LAN) +- **Validating runtime state** (e.g., checking if a fix actually works) + +...you need access to the **MCP Server** running inside the container. This skill sets up the necessary authentication tokens and connection configs to bridge your agent to that live server. + +## Prerequisites + +1. **Devcontainer:** You must be connected to the NetAlertX devcontainer. +2. **Server Running:** The backend server must be running (to generate `app.conf` with the API token). + +## Activation Steps + +1. **Activate Devcontainer Skill:** + If you are not already inside the container, activate the management skill: + ```text + activate_skill("devcontainer-management") + ``` + +2. **Generate Configurations:** + Run the configuration generation script *inside* the container. This script extracts the API Token and creates the necessary settings files (`.gemini/settings.json` and `.vscode/mcp.json`). + + ```bash + # Run inside the container + /workspaces/NetAlertX/.devcontainer/scripts/generate-configs.sh + ``` + +3. **Apply Changes:** + + * **For Gemini CLI:** + The agent session must be **restarted** to load the new `.gemini/settings.json`. + > "I have generated the MCP configuration. Please **restart this session** to activate the `netalertx-devcontainer` tools." + + * **For VS Code (GitHub Copilot / Cline):** + The VS Code window must be **reloaded** to pick up the new `.vscode/mcp.json`. + > "I have generated the MCP configuration. Please run **'Developer: Reload Window'** in VS Code to activate the MCP server." + +## Verification + +After restarting, you should see new tools available (e.g., `netalertx-devcontainer__get_devices`). diff --git a/.gemini/skills/project-navigation/SKILL.md b/.gemini/skills/project-navigation/SKILL.md new file mode 100644 index 000000000..24ef258a7 --- /dev/null +++ b/.gemini/skills/project-navigation/SKILL.md @@ -0,0 +1,15 @@ +--- +name: project-navigation +description: Reference for the NetAlertX codebase structure, key file paths, and configuration locations. Use this when exploring the codebase or looking for specific components like the backend entry point, frontend files, or database location. +--- + +# Project Navigation & Structure + +## Codebase Structure & Key Paths + +- **Source Code:** `/workspaces/NetAlertX` (mapped to `/app` in container via symlink). +- **Backend Entry:** `server/api_server/api_server_start.py` (Flask) and `server/__main__.py`. +- **Frontend:** `front/` (PHP/JS). +- **Plugins:** `front/plugins/`. +- **Config:** `/data/config/app.conf` (runtime) or `back/app.conf` (default). +- **Database:** `/data/db/app.db` (SQLite). diff --git a/.gemini/skills/testing-workflow/SKILL.md b/.gemini/skills/testing-workflow/SKILL.md new file mode 100644 index 000000000..debf79839 --- /dev/null +++ b/.gemini/skills/testing-workflow/SKILL.md @@ -0,0 +1,78 @@ +--- +name: testing-workflow +description: Read before running tests. Detailed instructions for single, standard unit tests (fast), full suites (slow), handling authentication, and obtaining the API Token. Tests must be run when a job is complete. +--- + +# Testing Workflow +After code is developed, tests must be run to ensure the integrity of the final result. + +**Crucial:** Tests MUST be run inside the container to access the correct runtime environment (DB, Config, Dependencies). + +## 0. Pre-requisites: Environment Check + +Before running any tests, verify you are inside the development container: + +```bash +ls -d /workspaces/NetAlertX +``` + +**IF** this directory does not exist, you are likely on the host machine. You **MUST** immediately activate the `devcontainer-management` skill to enter the container or run commands inside it. + +```text +activate_skill("devcontainer-management") +``` + +## 1. Full Test Suite (MANDATORY DEFAULT) + +Unless the user **explicitly** requests "fast" or "quick" tests, you **MUST** run the full test suite. **Do not** optimize for time. Comprehensive coverage is the priority over speed. + +```bash +cd /workspaces/NetAlertX; pytest test/ +``` + +## 2. Fast Unit Tests (Conditional) + +**ONLY** use this if the user explicitly asks for "fast tests", "quick tests", or "unit tests only". This **excludes** slow tests marked with `docker` or `feature_complete`. + +```bash +cd /workspaces/NetAlertX; pytest test/ -m 'not docker and not feature_complete' +``` + +## 3. Running Specific Tests + +To run a specific file or folder: + +```bash +cd /workspaces/NetAlertX; pytest test/ +``` + +*Example:* +```bash +cd /workspaces/NetAlertX; pytest test/api_endpoints/test_mcp_extended_endpoints.py +``` + +## Authentication & Environment Reset + +Authentication tokens are required to perform certain operations such as manual testing or crafting expressions to work with the web APIs. After making code changes, you MUST reset the environment to ensure the new code is running and verify you have the latest `API_TOKEN`. + +1. **Reset Environment:** Run the setup script inside the container. + ```bash + bash /workspaces/NetAlertX/.devcontainer/scripts/setup.sh + ``` +2. **Wait for Stabilization:** Wait at least 5 seconds for services (nginx, python server, etc.) to start. + ```bash + sleep 5 + ``` +3. **Obtain Token:** Retrieve the current token from the container. + ```bash + python3 -c "from helper import get_setting_value; print(get_setting_value('API_TOKEN'))" + ``` + +The retrieved token MUST be used in all subsequent API or test calls requiring authentication. + +### Troubleshooting + +If tests fail with 403 Forbidden or empty tokens: +1. Verify server is running and use the setup script (`/workspaces/NetAlertX/.devcontainer/scripts/setup.sh`) if required. +2. Verify `app.conf` inside the container: `cat /data/config/app.conf` +3. Verify Python can read it: `python3 -c "from helper import get_setting_value; print(get_setting_value('API_TOKEN'))"` \ No newline at end of file diff --git a/.github/FUNDING.yml b/.github/FUNDING.yml index 61f29310d..8fc779fdc 100755 --- a/.github/FUNDING.yml +++ b/.github/FUNDING.yml @@ -1,3 +1,2 @@ github: jokob-sk -patreon: netalertx buy_me_a_coffee: jokobsk diff --git a/.github/ISSUE_TEMPLATE/config.yml b/.github/ISSUE_TEMPLATE/config.yml new file mode 100644 index 000000000..c315bc81d --- /dev/null +++ b/.github/ISSUE_TEMPLATE/config.yml @@ -0,0 +1,8 @@ +blank_issues_enabled: false +contact_links: + - name: 💬 Discussions + url: https://github.com/netalertx/NetAlertX/discussions + about: Ask questions or start discussions here. + - name: 🗯 Discord + url: https://discord.com/invite/NczTUTWyRr + about: Ask the community for help. \ No newline at end of file diff --git a/.github/ISSUE_TEMPLATE/documentation-feedback.yml b/.github/ISSUE_TEMPLATE/documentation-feedback.yml index fac8b58a5..a53939b93 100755 --- a/.github/ISSUE_TEMPLATE/documentation-feedback.yml +++ b/.github/ISSUE_TEMPLATE/documentation-feedback.yml @@ -1,7 +1,11 @@ -name: Documentation Feedback 📝 +name: ✍ Documentation Feedback description: Suggest improvements, clarify inconsistencies, or report issues related to the documentation. labels: ['documentation 📚'] body: +- type: markdown + attributes: + value: | + - type: checkboxes attributes: label: Is there an existing issue for this? diff --git a/.github/ISSUE_TEMPLATE/feature_request.yml b/.github/ISSUE_TEMPLATE/feature-request.yml old mode 100755 new mode 100644 similarity index 95% rename from .github/ISSUE_TEMPLATE/feature_request.yml rename to .github/ISSUE_TEMPLATE/feature-request.yml index 8ee485c32..078026ce0 --- a/.github/ISSUE_TEMPLATE/feature_request.yml +++ b/.github/ISSUE_TEMPLATE/feature-request.yml @@ -1,7 +1,11 @@ -name: Feature Request +name: 🎁 Feature Request description: 'Suggest an idea for NetAlertX' labels: ['Feature request ➕'] body: +- type: markdown + attributes: + value: | + - type: checkboxes attributes: label: Is there an existing issue for this? diff --git a/.github/ISSUE_TEMPLATE/i-have-an-issue.yml b/.github/ISSUE_TEMPLATE/i-have-an-issue.yml index 63bbe77d9..66312ccec 100755 --- a/.github/ISSUE_TEMPLATE/i-have-an-issue.yml +++ b/.github/ISSUE_TEMPLATE/i-have-an-issue.yml @@ -1,7 +1,11 @@ -name: Bug Report +name: 🐛 Bug Report description: 'When submitting an issue enable LOG_LEVEL="trace" and have a look at the docs.' labels: ['bug 🐛'] body: +- type: markdown + attributes: + value: | + - type: dropdown id: installation_type attributes: diff --git a/.github/ISSUE_TEMPLATE/security-report.yml b/.github/ISSUE_TEMPLATE/security-report.yml index 6653dd928..ae0cf9157 100755 --- a/.github/ISSUE_TEMPLATE/security-report.yml +++ b/.github/ISSUE_TEMPLATE/security-report.yml @@ -1,13 +1,17 @@ -name: Security Report 🔐 +name: 🔐 Security Report description: Report a security vulnerability or concern privately. labels: ['security 🔐'] body: +- type: markdown + attributes: + value: | + - type: markdown attributes: value: | **Important:** For security reasons, please do **not** post sensitive security issues publicly in the issue tracker. Instead, send details to our security contact email: [jokob@duck.com](mailto:jokob@duck.com). - + We appreciate your responsible disclosure. - type: textarea attributes: diff --git a/.github/ISSUE_TEMPLATE/setup-help.yml b/.github/ISSUE_TEMPLATE/setup-help.yml index 44ac630ee..7b1a9bf79 100755 --- a/.github/ISSUE_TEMPLATE/setup-help.yml +++ b/.github/ISSUE_TEMPLATE/setup-help.yml @@ -1,7 +1,11 @@ -name: Setup help +name: 📥 Setup help description: 'When submitting an issue enable LOG_LEVEL="trace" and re-search first.' labels: ['Setup 📥'] body: +- type: markdown + attributes: + value: | + - type: dropdown id: installation_type attributes: diff --git a/.github/copilot-instructions.md b/.github/copilot-instructions.md old mode 100755 new mode 100644 index 04a75ad64..187da1a82 --- a/.github/copilot-instructions.md +++ b/.github/copilot-instructions.md @@ -1,89 +1,49 @@ ### ROLE: NETALERTX ARCHITECT & STRICT CODE AUDITOR -You are a cynical Security Engineer and Core Maintainer of NetAlertX. Your goal is not just to "help," but to "deliver verified, secure, and production-ready solutions." +You are a cynical Security Engineer and Core Maintainer of NetAlertX. Your goal is to deliver verified, secure, and production-ready solutions. -### MANDATORY BEHAVIORAL OVERRIDES: -1. **Obsessive Verification:** Never provide a solution without a corresponding proof of correctness. If you write a function, you MUST write a test case or validation step immediately after. -2. **Anti-Laziness Protocol:** You are forbidden from using placeholders (e.g., `// ... rest of code`, ``). You must output the full, functional block every time to ensure context is preserved. -3. **Priority Hierarchy:** Priority 1 is Correctness. Priority 2 is Completeness. Priority 3 is Speed. -4. **Mantra:** "Job's not done 'till unit tests run." +### MANDATORY BEHAVIORAL OVERRIDES +1. **Obsessive Verification:** Never provide a solution without proof of correctness. Write test cases or validation immediately after writing functions. +2. **Anti-Laziness Protocol:** No placeholders. Output full, functional blocks every time. +3. **Priority Hierarchy:** Correctness > Completeness > Speed. +4. **Mantra:** "Job's not done 'till unit tests run." --- -# NetAlertX AI Assistant Instructions -This is NetAlertX — network monitoring & alerting. NetAlertX provides Network inventory, awareness, insight, categorization, intruder and presence detection. This is a heavily community-driven project, welcoming of all contributions. +# NetAlertX -## Architecture (what runs where) -- Backend (Python): main loop + GraphQL/REST endpoints orchestrate scans, plugins, workflows, notifications, and JSON export. - - Key: `server/__main__.py`, `server/plugin.py`, `server/initialise.py`, `server/api_server/api_server_start.py` -- Data (SQLite): persistent state in `db/app.db`; helpers in `server/database.py` and `server/db/*`. -- Frontend (Nginx + PHP + JS): UI reads JSON, triggers execution queue events. - - Key: `front/`, `front/js/common.js`, `front/php/server/*.php` -- Plugins (Python): acquisition/enrichment/publishers under `front/plugins/*` with `config.json` manifests. -- Messaging/Workflows: `server/messaging/*`, `server/workflows/*` -- API JSON Cache for UI: generated under `api/*.json` +Network monitoring & alerting. Provides inventory, awareness, insight, categorization, intruder and presence detection. -Backend loop phases (see `server/__main__.py` and `server/plugin.py`): `once`, `schedule`, `always_after_scan`, `before_name_updates`, `on_new_device`, `on_notification`, plus ad‑hoc `run` via execution queue. Plugins execute as scripts that write result logs for ingestion. +## Architecture -## Plugin patterns that matter -- Manifest lives at `front/plugins//config.json`; `code_name` == folder, `unique_prefix` drives settings and filenames (e.g., `ARPSCAN`). -- Control via settings: `_RUN` (phase), `_RUN_SCHD` (cron-like), `_CMD` (script path), `_RUN_TIMEOUT`, `_WATCH` (diff columns). -- Data contract: scripts write `/tmp/log/plugins/last_result..log` (pipe‑delimited: 9 required cols + optional 4). Use `front/plugins/plugin_helper.py`’s `Plugin_Objects` to sanitize text and normalize MACs, then `write_result_file()`. -- Device import: define `database_column_definitions` when creating/updating devices; watched fields trigger notifications. +- **Backend (Python):** `server/__main__.py`, `server/plugin.py`, `server/api_server/api_server_start.py` +- **Backend Config:** `/data/config/app.conf` +- **Data (SQLite):** `/data/db/app.db`; helpers in `server/db/*` +- **Frontend (Nginx + PHP + JS):** `front/` +- **Plugins (Python):** `front/plugins/*` with `config.json` manifests -### Standard Plugin Formats -* publisher: Sends notifications to services. Runs `on_notification`. Data source: self. -* dev scanner: Creates devices and manages online/offline status. Runs on `schedule`. Data source: self / SQLite DB. -* name discovery: Discovers device names via various protocols. Runs `before_name_updates` or on `schedule`. Data source: self. -* importer: Imports devices from another service. Runs on `schedule`. Data source: self / SQLite DB. -* system: Provides core system functionality. Runs on `schedule` or is always on. Data source: self / Template. -* other: Miscellaneous plugins. Runs at various times. Data source: self / Template. +## Skills -### Plugin logging & outputs -- Always check relevant logs first. -- Use logging as shown in other plugins. -- Collect results with `Plugin_Objects.add_object(...)` during processing and call `plugin_objects.write_result_file()` exactly once at the end of the script. -- Prefer to log a brief summary before writing (e.g., total objects added) to aid troubleshooting; keep logs concise at `info` level and use `verbose` or `debug` for extra context. -- Do not write ad‑hoc files for results; the only consumable output is `last_result..log` generated by `Plugin_Objects`. +Procedural knowledge lives in `.github/skills/`. Load the appropriate skill when performing these tasks: -## API/Endpoints quick map -- Flask app: `server/api_server/api_server_start.py` exposes routes like `/device/`, `/devices`, `/devices/export/{csv,json}`, `/devices/import`, `/devices/totals`, `/devices/by-status`, plus `nettools`, `events`, `sessions`, `dbquery`, `metrics`, `sync`. -- Authorization: all routes expect header `Authorization: Bearer ` via `get_setting_value('API_TOKEN')`. -- All responses need to return `"success":` and if `False` an "error" message needs to be returned, e.g. `{"success": False, "error": f"No stored open ports for Device"}` +| Task | Skill | +|------|-------| +| Run tests, check failures | `testing-workflow` | +| Start/stop/restart services | `devcontainer-services` | +| Wipe database, fresh start | `database-reset` | +| Load sample devices | `sample-data` | +| Build Docker images | `docker-build` | +| Reprovision devcontainer | `devcontainer-setup` | +| Create or run plugins | `plugin-run-development` | +| Analyze PR comments | `pr-analysis` | +| Clean Docker resources | `docker-prune` | +| Generate devcontainer configs | `devcontainer-configs` | +| Create API endpoints | `api-development` | +| Logging conventions | `logging-standards` | +| Settings and config | `settings-management` | +| Find files and paths | `project-navigation` | +| Coding standards | `code-standards` | -## Conventions & helpers to reuse -- Settings: add/modify via `ccd()` in `server/initialise.py` or per‑plugin manifest. Never hardcode ports or secrets; use `get_setting_value()`. -- Logging: use `mylog(level, [message])`; levels: none/minimal/verbose/debug/trace. `none` is used for most important messages that should always appear, such as exceptions. Do NOT use `error` as level. -- Time/MAC/strings: `server/utils/datetime_utils.py` (`timeNowDB`), `front/plugins/plugin_helper.py` (`normalize_mac`), `server/helper.py` (sanitizers). Validate MACs before DB writes. -- DB helpers: prefer `server/db/db_helper.py` functions (e.g., `get_table_json`, device condition helpers) over raw SQL in new paths. +## Execution Protocol -## Dev workflow (devcontainer) -- **Devcontainer philosophy: brutal simplicity.** One user, everything writable, completely idempotent. No permission checks, no conditional logic, no sudo needed. If something doesn't work, tear down the wall and rebuild - don't patch. We unit test permissions in the hardened build. -- **Permissions:** Never `chmod` or `chown` during operations. Everything is already writable. If you need permissions, the devcontainer setup is broken - fix `.devcontainer/scripts/setup.sh` or `.devcontainer/resources/devcontainer-Dockerfile` instead. -- **Files & Paths:** Use environment variables (`NETALERTX_DB`, `NETALERTX_LOG`, etc.) everywhere. `/data` for persistent config/db, `/tmp` for runtime logs/api/nginx state. Never hardcode `/data/db` or relative paths. -- **Database reset:** Use the `[Dev Container] Wipe and Regenerate Database` task. Kills backend, deletes `/data/{db,config}/*`, runs first-time setup scripts. Clean slate, no questions. -- Services: use tasks to (re)start backend and nginx/PHP-FPM. Backend runs with debugpy on 5678; attach a Python debugger if needed. -- Run a plugin manually: `python3 front/plugins//script.py` (ensure `sys.path` includes `/app/front/plugins` and `/app/server` like the template). -- Testing: pytest available via Alpine packages. Tests live in `test/`; app code is under `server/`. PYTHONPATH is preconfigured to include workspace and `/opt/venv` site‑packages. -- **Subprocess calls:** ALWAYS set explicit timeouts. Default to 60s minimum unless plugin config specifies otherwise. Nested subprocess calls (e.g., plugins calling external tools) need their own timeout - outer plugin timeout won't save you. -- you need to set the BACKEND_API_URL setting (e.g. in teh app.conf file or via the APP_CONF_OVERRIDE env variable) to the backend api port url , e.g. https://something-20212.app.github.dev/ depending on your github codespace url. - -## What “done right” looks like -- When adding a plugin, start from `front/plugins/__template`, implement with `plugin_helper`, define manifest settings, and wire phase via `_RUN`. Verify logs in `/tmp/log/plugins/` and data in `api/*.json`. -- When introducing new config, define it once (core `ccd()` or plugin manifest) and read it via helpers everywhere. -- When exposing new server functionality, add endpoints in `server/api_server/*` and keep authorization consistent; update UI by reading/writing JSON cache rather than bypassing the pipeline. -- Always try following the DRY principle, do not re-implement functionality, but re-use existing methods where possible, or refactor to use a common method that is called multiple times -- If new functionality needs to be added, look at impenting it into existing handlers (e.g. `DeviceInstance` in `server/models/device_instance.py`) or create a new one if it makes sense. Do not access the DB from otehr application layers. -- Code files shoudln't be longer than 500 lines of code - -## Useful references -- Docs: `docs/PLUGINS_DEV.md`, `docs/SETTINGS_SYSTEM.md`, `docs/API_*.md`, `docs/DEBUG_*.md` -- Logs: All logs are under `/tmp/log/`. Plugin logs are very shortly under `/tmp/log/plugins/` until picked up by the server. - - plugin logs: `/tmp/log/plugins/*.log` - - backend logs: `/tmp/log/stdout.log` and `/tmp/log/stderr.log` - - php errors: `/tmp/log/app.php_errors.log` - - nginx logs: `/tmp/log/nginx-access.log` and `/tmp/log/nginx-error.log` - -## Execution Protocol (Strict) -- Always run the `testFailure` tool before executing any tests to gather current failure information and avoid redundant runs. -- Always prioritize using the appropriate tools in the environment first. Example: if a test is failing use `testFailure` then `runTests`. -- Docker tests take an extremely long time to run. Avoid changes to docker or tests until you've examined the existing `testFailure`s and `runTests` results. \ No newline at end of file +- **Before running tests:** Always use `testFailure` tool first to gather current failures. +- **Docker tests are slow.** Examine existing failures before changing tests or Dockerfiles. diff --git a/.github/skills/api-development/SKILL.md b/.github/skills/api-development/SKILL.md new file mode 100644 index 000000000..2133a29b6 --- /dev/null +++ b/.github/skills/api-development/SKILL.md @@ -0,0 +1,69 @@ +--- +name: api-development +description: Develop and extend NetAlertX REST API endpoints. Use this when asked to create endpoint, add API route, implement API, or modify API responses. +--- + +# API Development + +## Entry Point + +Flask app: `server/api_server/api_server_start.py` + +## Existing Routes + +- `/device/` - Single device operations +- `/devices` - Device list +- `/devices/export/{csv,json}` - Export devices +- `/devices/import` - Import devices +- `/devices/totals` - Device counts +- `/devices/by-status` - Devices grouped by status +- `/nettools` - Network utilities +- `/events` - Event log +- `/sessions` - Session management +- `/dbquery` - Database queries +- `/metrics` - Prometheus metrics +- `/sync` - Synchronization + +## Authorization + +All routes require header: + +``` +Authorization: Bearer +``` + +Retrieve token via `get_setting_value('API_TOKEN')`. + +## Response Contract + +**MANDATORY:** All responses must include `"success": true|false` + +```python +return {"success": False, "error": "Description of what went wrong"} +``` + +On success: + +```python +return {"success": True, "data": result} +``` + +```python +return {"success": False, "error": "Description of what went wrong"} +``` + +On success: + +```python +return {"success": True, "data": result} +``` + + +**Exception:** The legacy `/device/` GET endpoint does not follow this contract to maintain backward compatibility with the UI. + +## Adding New Endpoints + +1. Add route in `server/api_server/` directory +2. Follow authorization pattern +3. Return proper response contract +4. Update UI to read/write JSON cache (don't bypass pipeline) diff --git a/.github/skills/authentication/SKILL.md b/.github/skills/authentication/SKILL.md new file mode 100644 index 000000000..16ae1ac1a --- /dev/null +++ b/.github/skills/authentication/SKILL.md @@ -0,0 +1,60 @@ +--- +name: netalertx-authentication-tokens +description: Manage and troubleshoot API tokens and authentication-related secrets. Use this when you need to find, rotate, verify, or debug authentication issues (401/403) in NetAlertX. +--- + +# Authentication + +## Purpose ✅ +Explain how to locate, validate, rotate, and troubleshoot API tokens and related authentication settings used by NetAlertX. + +## Pre-Flight Check (MANDATORY) ⚠️ +1. Ensure the backend is running (use devcontainer services or `ps`/systemd checks). +2. Verify the `API_TOKEN` setting can be read with Python (see below). +3. If a token-related error occurs, gather logs (`/tmp/log/app.log`, nginx logs) before changing secrets. + +## Retrieve the API token (Python — preferred) 🐍 +Always use Python helpers to read secrets to avoid accidental exposure in shells or logs: + +```python +from helper import get_setting_value +token = get_setting_value("API_TOKEN") +``` + +If you must inspect from a running container (read-only), use: + +```bash +docker exec python3 -c "from helper import get_setting_value; print(get_setting_value('API_TOKEN'))" +``` + +You can also check the runtime config file: + +```bash +docker exec grep API_TOKEN /data/config/app.conf +``` + +## Rotate / Generate a new token 🔁 +- Preferred: Use the web UI (Settings / System) and click **Generate** for the `API_TOKEN` field — this updates the value safely and immediately. +- Manual: Edit `/data/config/app.conf` and restart the backend if required (use the existing devcontainer service tasks). +- After rotation: verify the value with `get_setting_value('API_TOKEN')` and update any clients or sync nodes to use the new token. + +## Troubleshooting 401 / 403 Errors 🔍 +1. Confirm backend is running and reachable. +2. Confirm `get_setting_value('API_TOKEN')` returns a non-empty value. +3. Ensure client requests send the header exactly: `Authorization: Bearer `. +4. Check `/tmp/log/app.log` and plugin logs (e.g., sync plugin) for "Incorrect API Token" messages. +5. If using multiple nodes, ensure the token matches across nodes for sync operations. +6. If token appears missing or incorrect, rotate via UI or update `app.conf` and re-verify. + +## Best Practices & Security 🔐 +- Never commit tokens to source control or paste them in public issues. Redact tokens when sharing logs. +- Rotate tokens when a secret leak is suspected or per your security policy. +- Use `get_setting_value()` in tests and scripts — do not hardcode secrets. + +## Related Skills & Docs 📚 +- `testing-workflow` — how to use `API_TOKEN` in tests +- `settings-management` — where settings live and how they are managed +- Docs: `docs/API.md`, `docs/API_OLD.md`, `docs/API_SSE.md` + +--- +_Last updated: 2026-01-23_ diff --git a/.github/skills/code-standards/SKILL.md b/.github/skills/code-standards/SKILL.md new file mode 100644 index 000000000..7257e8bec --- /dev/null +++ b/.github/skills/code-standards/SKILL.md @@ -0,0 +1,65 @@ +--- +name: netalertx-code-standards +description: NetAlertX coding standards and conventions. Use this when writing code, reviewing code, or implementing features. +--- + +# Code Standards + +## File Length + +Keep code files under 500 lines. Split larger files into modules. + +## DRY Principle + +Do not re-implement functionality. Reuse existing methods or refactor to create shared methods. + +## Database Access + +- Never access DB directly from application layers +- Use `server/db/db_helper.py` functions (e.g., `get_table_json`) +- Implement new functionality in handlers (e.g., `DeviceInstance` in `server/models/device_instance.py`) + +## MAC Address Handling + +Always validate and normalize MACs before DB writes: + +```python +from plugin_helper import normalize_mac + +mac = normalize_mac(raw_mac) +``` + +## Subprocess Safety + +**MANDATORY:** All subprocess calls must set explicit timeouts. + +```python +result = subprocess.run(cmd, timeout=60) # Minimum 60s +``` + +Nested subprocess calls need their own timeout—outer timeout won't save you. + +## Time Utilities + +```python +from utils.datetime_utils import timeNowDB + +timestamp = timeNowDB() +``` + +## String Sanitization + +Use sanitizers from `server/helper.py` before storing user input. + +## Devcontainer Constraints + +- Never `chmod` or `chown` during operations +- Everything is already writable +- If permissions needed, fix `.devcontainer/scripts/setup.sh` + +## Path Hygiene + +- Use environment variables for runtime paths +- `/data` for persistent config/db +- `/tmp` for runtime logs/api/nginx state +- Never hardcode `/data/db` or use relative paths diff --git a/.github/skills/database-reset/SKILL.md b/.github/skills/database-reset/SKILL.md new file mode 100644 index 000000000..8cc47c4ad --- /dev/null +++ b/.github/skills/database-reset/SKILL.md @@ -0,0 +1,38 @@ +--- +name: reset-netalertx-database +description: Wipe and regenerate the NetAlertX database and config. Use this when asked to reset database, wipe db, fresh database, clean slate, or start fresh. +--- + +# Database Reset + +Completely wipes devcontainer database and config, then regenerates from scratch. + +## Command + +```bash +killall 'python3' || true +sleep 1 +rm -rf /data/db/* /data/config/* +bash /entrypoint.d/15-first-run-config.sh +bash /entrypoint.d/20-first-run-db.sh +``` + +## What This Does + +1. Kills backend to release database locks +2. Deletes all files in `/data/db/` and `/data/config/` +3. Runs first-run config provisioning +4. Runs first-run database initialization + +## After Reset + +Run the startup script to restart services: + +```bash +/workspaces/NetAlertX/.devcontainer/scripts/setup.sh +``` + +## Database Location + +- Runtime: `/data/db/app.db` (SQLite) +- Config: `/data/config/app.conf` diff --git a/.github/skills/devcontainer-configs/SKILL.md b/.github/skills/devcontainer-configs/SKILL.md new file mode 100644 index 000000000..bec8e2500 --- /dev/null +++ b/.github/skills/devcontainer-configs/SKILL.md @@ -0,0 +1,28 @@ +--- +name: netalertx-devcontainer-configs +description: Generate devcontainer configuration files. Use this when asked to generate devcontainer configs, update devcontainer template, or regenerate devcontainer. +--- + +# Devcontainer Config Generation + +Generates devcontainer configs from the template. Must be run after changes to devcontainer configuration. + +## Command + +```bash +/workspaces/NetAlertX/.devcontainer/scripts/generate-configs.sh +``` + +## What It Does + +Combines and merges template configurations into the final config used by VS Code. + +## When to Run + +- After modifying `.devcontainer/` template files +- After changing devcontainer features or settings +- Before committing devcontainer changes + +## Note + +This affects only the devcontainer configuration. It has no bearing on the production or test Docker image. diff --git a/.github/skills/devcontainer-services/SKILL.md b/.github/skills/devcontainer-services/SKILL.md new file mode 100644 index 000000000..e96202a16 --- /dev/null +++ b/.github/skills/devcontainer-services/SKILL.md @@ -0,0 +1,50 @@ +--- +name: restarting-netalertx-services +description: Control NetAlertX services inside the devcontainer. Use this when asked to start backend, start frontend, start nginx, start php-fpm, start crond, stop services, restart services, or check if services are running. +--- + +# Devcontainer Services + +You operate inside the devcontainer. Do not use `docker exec`. + +## Start Backend (Python) + +```bash +/services/start-backend.sh +``` + +Backend runs with debugpy on port 5678 for debugging. Takes ~5 seconds to be ready. + +## Start Frontend (nginx + PHP-FPM) + +```bash +/services/start-php-fpm.sh & +/services/start-nginx.sh & +``` + +Launches almost instantly. + +## Start Scheduler (CronD) + +```bash +/services/start-crond.sh +``` + +## Stop All Services + +```bash +pkill -f 'php-fpm83|nginx|crond|python3' || true +``` + +## Check Running Services + +```bash +pgrep -a 'python3|nginx|php-fpm|crond' +``` + +## Service Ports + +- Frontend (nginx): 20211 +- Backend API: 20212 +- GraphQL: 20212 +- Debugpy: 5678 diff --git a/.github/skills/devcontainer-setup/SKILL.md b/.github/skills/devcontainer-setup/SKILL.md new file mode 100644 index 000000000..9b554d625 --- /dev/null +++ b/.github/skills/devcontainer-setup/SKILL.md @@ -0,0 +1,36 @@ +--- +name: netalertx-idempotent-setup +description: Reprovision and reset the devcontainer environment. Use this when asked to re-run startup, reprovision, setup devcontainer, fix permissions, or reset runtime state. +--- + +# Devcontainer Setup + +The setup script forcefully resets all runtime state. It is idempotent—every run wipes and recreates all relevant folders, symlinks, and files. + +## Command + +```bash +/workspaces/NetAlertX/.devcontainer/scripts/setup.sh +``` + +## What It Does + +1. Kills all services (php-fpm, nginx, crond, python3) +2. Mounts tmpfs ramdisks for `/tmp/log`, `/tmp/api`, `/tmp/run`, `/tmp/nginx` +3. Creates critical subdirectories +4. Links `/entrypoint.d` and `/app` symlinks +5. Creates `/data`, `/data/config`, `/data/db` directories +6. Creates all log files +7. Runs `/entrypoint.sh` to start services +8. Writes version to `.VERSION` + +## When to Use + +- After modifying setup scripts +- After container rebuild +- When environment is in broken state +- After database reset + +## Philosophy + +No conditional logic. Everything is recreated unconditionally. If something doesn't work, run setup again. diff --git a/.github/skills/docker-build/SKILL.md b/.github/skills/docker-build/SKILL.md new file mode 100644 index 000000000..f66374abf --- /dev/null +++ b/.github/skills/docker-build/SKILL.md @@ -0,0 +1,38 @@ +--- +name: netalertx-docker-build +description: Build Docker images for testing or production. Use this when asked to build container, build image, docker build, build test image, or launch production container. +--- + +# Docker Build + +## Build Unit Test Image + +Required after container/Dockerfile changes. Tests won't see changes until image is rebuilt. + +```bash +docker buildx build -t netalertx-test . +``` + +Build time: ~30 seconds (or ~90s if venv stage changes) + +## Build and Launch Production Container + +Before launching, stop devcontainer services first to free ports. + +```bash +cd /workspaces/NetAlertX +docker compose up -d --build --force-recreate +``` + +## Pre-Launch Checklist + +1. Stop devcontainer services: `pkill -f 'php-fpm83|nginx|crond|python3'` +2. Close VS Code forwarded ports +3. Run the build command + +## Production Container Details + +- Image: `netalertx:latest` +- Container name: `netalertx` +- Network mode: host +- Ports: 20211 (UI), 20212 (API/GraphQL) diff --git a/.github/skills/docker-prune/SKILL.md b/.github/skills/docker-prune/SKILL.md new file mode 100644 index 000000000..145718135 --- /dev/null +++ b/.github/skills/docker-prune/SKILL.md @@ -0,0 +1,32 @@ +--- +name: netalertx-docker-prune +description: Clean up unused Docker resources. Use this when asked to prune docker, clean docker, remove unused images, free disk space, or docker cleanup. DANGEROUS operation. Requires human confirmation. +--- + +# Docker Prune + +**DANGER:** This destroys containers, images, volumes, and networks. Any stopped container will be wiped and data will be lost. + +## Command + +```bash +/workspaces/NetAlertX/.devcontainer/scripts/confirm-docker-prune.sh +``` + +## What Gets Deleted + +- All stopped containers +- All unused images +- All unused volumes +- All unused networks + +## When to Use + +- Disk space is low +- Build cache is corrupted +- Clean slate needed for testing +- After many image rebuilds + +## Safety + +The script requires explicit confirmation before proceeding. diff --git a/.github/skills/mcp-activation/SKILL.md b/.github/skills/mcp-activation/SKILL.md new file mode 100644 index 000000000..abbdb317f --- /dev/null +++ b/.github/skills/mcp-activation/SKILL.md @@ -0,0 +1,34 @@ +--- +name: mcp-activation +description: Enables live interaction with the NetAlertX runtime. This skill configures the Model Context Protocol (MCP) connection, granting full API access for debugging, troubleshooting, and real-time operations including database queries, network scans, and device management. +--- + +# MCP Activation Skill + +This skill configures the environment to expose the Model Context Protocol (MCP) server to AI agents running inside the devcontainer. + +## Usage + +This skill assumes you are already running within the NetAlertX devcontainer. + +1. **Generate Configurations:** + Run the configuration generation script to extract the API Token and update the VS Code MCP settings. + + ```bash + /workspaces/NetAlertX/.devcontainer/scripts/generate-configs.sh + ``` + +2. **Reload Window:** + Request the user to reload the VS Code window to activate the new tools. + > I have generated the MCP configuration. Please run the **'Developer: Reload Window'** command to activate the MCP server tools. + > In VS Code: open the Command Palette (Windows/Linux: Ctrl+Shift+P, macOS: Cmd+Shift+P), type Developer: Reload Window, press Enter — or click the Reload button if a notification appears. 🔁 + > After you reload, tell me “Window reloaded” (or just “reloaded”) and I’ll continue. + + +## Why use this? + +Access the live runtime API to perform operations that are not possible through static file analysis: +- **Query the database** +- **Trigger network scans** +- **Manage devices and events** +- **Troubleshoot real-time system state** diff --git a/.github/skills/plugin-run-development/SKILL.md b/.github/skills/plugin-run-development/SKILL.md new file mode 100644 index 000000000..b7d6799ff --- /dev/null +++ b/.github/skills/plugin-run-development/SKILL.md @@ -0,0 +1,85 @@ +--- +name: netalertx-plugin-run-development +description: Create and run NetAlertX plugins. Use this when asked to create plugin, run plugin, test plugin, plugin development, or execute plugin script. +--- + +# Plugin Development + +## Expected Workflow for Running Plugins + +1. Read this skill document for context and instructions. +2. Find the plugin in `front/plugins//`. +3. Read the plugin's `config.json` and `script.py` to understand its functionality and settings. +4. Formulate and run the command: `python3 front/plugins//script.py`. +5. Retrieve the result from the plugin log folder (`/tmp/log/plugins/last_result..log`) quickly, as the backend may delete it after processing. + +## Run a Plugin Manually + +```bash +python3 front/plugins//script.py +``` + +Ensure `sys.path` includes `/app/front/plugins` and `/app/server` (as in the template). + +## Plugin Structure + +```text +front/plugins// +├── config.json # Manifest with settings +├── script.py # Main script +└── ... +``` + +## Manifest Location + +`front/plugins//config.json` + +- `code_name` == folder name +- `unique_prefix` drives settings and filenames (e.g., `ARPSCAN`) + +## Settings Pattern + +- `_RUN`: execution phase +- `_RUN_SCHD`: cron-like schedule +- `_CMD`: script path +- `_RUN_TIMEOUT`: timeout in seconds +- `_WATCH`: columns to watch for changes + +## Data Contract + +Scripts write to `/tmp/log/plugins/last_result..log` + +**Important:** The backend will almost immediately process this result file and delete it after ingestion. If you need to inspect the output, run the plugin and immediately retrieve the result file before the backend processes it. + +Use `front/plugins/plugin_helper.py`: + +```python +from plugin_helper import Plugin_Objects + +plugin_objects = Plugin_Objects() +plugin_objects.add_object(...) # During processing +plugin_objects.write_result_file() # Exactly once at end +``` + +## Execution Phases + +- `once`: runs once at startup +- `schedule`: runs on cron schedule +- `always_after_scan`: runs after every scan +- `before_name_updates`: runs before name resolution +- `on_new_device`: runs when new device detected +- `on_notification`: runs when notification triggered + +## Plugin Formats + +| Format | Purpose | Runs | +|--------|---------|------| +| publisher | Send notifications | `on_notification` | +| dev scanner | Create/manage devices | `schedule` | +| name discovery | Discover device names | `before_name_updates` | +| importer | Import from services | `schedule` | +| system | Core functionality | `schedule` | + +## Starting Point + +Copy from `front/plugins/__template` and customize. diff --git a/.github/skills/project-navigation/SKILL.md b/.github/skills/project-navigation/SKILL.md new file mode 100644 index 000000000..0c57a3003 --- /dev/null +++ b/.github/skills/project-navigation/SKILL.md @@ -0,0 +1,59 @@ +--- +name: about-netalertx-project-structure +description: Navigate the NetAlertX codebase structure. Use this when asked about file locations, project structure, where to find code, or key paths. +--- + +# Project Navigation + +## Key Paths + +| Component | Path | +|-----------|------| +| Workspace root | `/workspaces/NetAlertX` | +| Backend entry | `server/__main__.py` | +| API server | `server/api_server/api_server_start.py` | +| Plugin system | `server/plugin.py` | +| Initialization | `server/initialise.py` | +| Frontend | `front/` | +| Frontend JS | `front/js/common.js` | +| Frontend PHP | `front/php/server/*.php` | +| Plugins | `front/plugins/` | +| Plugin template | `front/plugins/__template` | +| Database helpers | `server/db/db_helper.py` | +| Device model | `server/models/device_instance.py` | +| Messaging | `server/messaging/` | +| Workflows | `server/workflows/` | + +## Architecture + +NetAlertX uses a frontend–backend architecture: the frontend runs on **PHP + Nginx** (see `front/`), the backend is implemented in **Python** (see `server/`), and scheduled tasks are managed by a **supercronic** scheduler that runs periodic jobs. + +## Runtime Paths + +| Data | Path | +|------|------| +| Config (runtime) | `/data/config/app.conf` | +| Config (default) | `back/app.conf` | +| Database | `/data/db/app.db` | +| API JSON cache | `/tmp/api/*.json` | +| Logs | `/tmp/log/` | +| Plugin logs | `/tmp/log/plugins/` | + +## Environment Variables + +Use these NETALERTX_* instead of hardcoding paths. Examples: + +- `NETALERTX_DB` +- `NETALERTX_LOG` +- `NETALERTX_CONFIG` +- `NETALERTX_DATA` +- `NETALERTX_APP` + +## Documentation + +| Topic | Path | +|-------|------| +| Plugin development | `docs/PLUGINS_DEV.md` | +| System settings | `docs/SETTINGS_SYSTEM.md` | +| API docs | `docs/API_*.md` | +| Debug guides | `docs/DEBUG_*.md` | diff --git a/.github/skills/sample-data/SKILL.md b/.github/skills/sample-data/SKILL.md new file mode 100644 index 000000000..2dc225596 --- /dev/null +++ b/.github/skills/sample-data/SKILL.md @@ -0,0 +1,31 @@ +--- +name: netalertx-sample-data +description: Load synthetic device data into the devcontainer. Use this when asked to load sample devices, seed data, import test devices, populate database, or generate test data. +--- + +# Sample Data Loading + +Generates synthetic device inventory and imports it via the `/devices/import` API endpoint. + +## Command + +```bash +cd /workspaces/NetAlertX/.devcontainer/scripts +./load-devices.sh +``` + +## Environment + +- `CSV_PATH`: defaults to `/tmp/netalertx-devices.csv` + +## Prerequisites + +- Backend must be running +- API must be accessible + +## What It Does + +1. Generates synthetic device records (MAC addresses, IPs, names, vendors) +2. Creates CSV file at `$CSV_PATH` +3. POSTs to `/devices/import` endpoint +4. Devices appear in database and UI diff --git a/.github/skills/settings-management/SKILL.md b/.github/skills/settings-management/SKILL.md new file mode 100644 index 000000000..137ea4a2e --- /dev/null +++ b/.github/skills/settings-management/SKILL.md @@ -0,0 +1,47 @@ +--- +name: netalertx-settings-management +description: Manage NetAlertX configuration settings. Use this when asked to add setting, read config, get_setting_value, ccd, or configure options. +--- + +# Settings Management + +## Reading Settings + +```python +from helper import get_setting_value + +value = get_setting_value('SETTING_NAME') +``` + +Never hardcode ports, secrets, or configuration values. Always use `get_setting_value()`. + +## Adding Core Settings + +Use `ccd()` in `server/initialise.py`: + +```python +ccd('SETTING_NAME', 'default_value', 'description') +``` + +## Adding Plugin Settings + +Define in plugin's `config.json` manifest under the settings section. + +## Config Files + +| File | Purpose | +|------|---------| +| `/data/config/app.conf` | Runtime config (modified by app) | +| `back/app.conf` | Default config (template) | + +## Environment Override + +Use `APP_CONF_OVERRIDE` environment variable for settings that must be set before startup. + +## Backend API URL + +For Codespaces, set `BACKEND_API_URL` to your Codespace URL: + +``` +BACKEND_API_URL=https://something-20212.app.github.dev/ +``` diff --git a/.github/skills/testing-workflow/SKILL.md b/.github/skills/testing-workflow/SKILL.md new file mode 100644 index 000000000..d89b3be29 --- /dev/null +++ b/.github/skills/testing-workflow/SKILL.md @@ -0,0 +1,61 @@ +--- +name: netalertx-testing-workflow +description: Run and debug tests in the NetAlertX devcontainer. Use this when asked to run tests, check test failures, debug failing tests, or execute pytest. +--- + +# Testing Workflow + +## Pre-Flight Check (MANDATORY) + +Before running any tests, always check for existing failures first: + +1. Use the `testFailure` tool to gather current failure information +2. Review the failures to understand what's already broken +3. Only then proceed with test execution + +## Running Tests + +Use VS Code's testing interface or the `runTests` tool with appropriate parameters: + +- To run all tests: invoke runTests without file filter +- To run specific test file: invoke runTests with the test file path +- To run failed tests only: invoke runTests with `--lf` flag + +## Test Location + +Tests live in `test/` directory. App code is under `server/`. + +PYTHONPATH is preconfigured to include the following which should meet all needs: +- `/app` # the primary location where python runs in the production system +- `/app/server` # symbolic link to /wprkspaces/NetAlertX/server +- `/app/front/plugins` # symbolic link to /workspaces/NetAlertX/front/plugins +- `/opt/venv/lib/pythonX.Y/site-packages` +- `/workspaces/NetAlertX/test` +- `/workspaces/NetAlertX/server` +- `/workspaces/NetAlertX` +- `/usr/lib/pythonX.Y/site-packages` + +## Authentication in Tests + +Retrieve `API_TOKEN` using Python (not shell): + +```python +from helper import get_setting_value +token = get_setting_value("API_TOKEN") +``` + +## Troubleshooting 403 Forbidden + +1. Ensure backend is running (use devcontainer-services skill) +2. Verify config loaded: `get_setting_value("API_TOKEN")` returns non-empty +3. Re-run startup if needed (use devcontainer-setup skill) + +## Docker Test Image + +If container changes affect tests, rebuild the test image first: + +```bash +docker buildx build -t netalertx-test . +``` + +This takes ~30 seconds unless venv stage changes (~90s). diff --git a/.github/workflows/code_checks.yml b/.github/workflows/code-checks.yml old mode 100755 new mode 100644 similarity index 77% rename from .github/workflows/code_checks.yml rename to .github/workflows/code-checks.yml index e586b2004..9087a5701 --- a/.github/workflows/code_checks.yml +++ b/.github/workflows/code-checks.yml @@ -1,4 +1,4 @@ -name: Code checks +name: ✅ Code checks on: push: branches: @@ -17,6 +17,23 @@ jobs: - name: Checkout code uses: actions/checkout@v4 + - name: 🚨 Ensure DELETE FROM CurrentScan is not commented out + run: | + echo "🔍 Checking that DELETE FROM CurrentScan is not commented out..." + + MATCHES=$(grep -RInE '^[[:space:]]*#[[:space:]]*db\.sql\.execute\("DELETE FROM CurrentScan"\)' \ + --include="*.py" .) || true + + if [ -n "$MATCHES" ]; then + echo "❌ Found commented-out DELETE FROM CurrentScan call:" + echo "$MATCHES" + echo + echo "This line must NOT be commented out in committed code." + exit 1 + else + echo "✅ DELETE FROM CurrentScan is active." + fi + - name: Check for incorrect absolute '/php/' URLs in frontend code run: | echo "🔍 Checking for incorrect absolute '/php/' URLs (should be 'php/' or './php/')..." @@ -95,5 +112,5 @@ jobs: - name: Run Docker-based tests run: | echo "🐳 Running Docker-based tests..." - chmod +x ./test/docker_tests/run_docker_tests.sh - ./test/docker_tests/run_docker_tests.sh + chmod +x ./scripts/run_tests_in_docker_environment.sh + ./scripts/run_tests_in_docker_environment.sh diff --git a/.github/workflows/docker_cache-cleaner.yml b/.github/workflows/docker_cache-cleaner.yml deleted file mode 100755 index 435738153..000000000 --- a/.github/workflows/docker_cache-cleaner.yml +++ /dev/null @@ -1,25 +0,0 @@ -name: 🤖Automation - ci-package-cleaner - -on: - - workflow_dispatch: # manual option - - # schedule: - # - cron: '15 22 * * 1' # every Monday 10.15pm UTC (~11.15am Tuesday NZT) - -jobs: - - package-cleaner: - name: package-cleaner - runs-on: ubuntu-latest - timeout-minutes: 5 - permissions: - packages: write - steps: - - - uses: actions/delete-package-versions@v4 - with: - package-name: netalertx - package-type: container - min-versions-to-keep: 0 - delete-only-untagged-versions: true \ No newline at end of file diff --git a/.github/workflows/docker_dev.yml b/.github/workflows/docker_dev.yml index fff07b5aa..52eb48121 100755 --- a/.github/workflows/docker_dev.yml +++ b/.github/workflows/docker_dev.yml @@ -1,4 +1,4 @@ -name: docker +name: 🐳 👩‍💻 docker dev on: push: diff --git a/.github/workflows/docker_dev_unsafe.yml b/.github/workflows/docker_dev_unsafe.yml index 0caf86725..b1597a622 100644 --- a/.github/workflows/docker_dev_unsafe.yml +++ b/.github/workflows/docker_dev_unsafe.yml @@ -1,4 +1,4 @@ -name: docker-unsafe +name: 🐳 ⚠ docker-unsafe from next_release branch on: push: diff --git a/.github/workflows/docker_prod.yml b/.github/workflows/docker_prod.yml index df793e772..b82920543 100755 --- a/.github/workflows/docker_prod.yml +++ b/.github/workflows/docker_prod.yml @@ -6,7 +6,7 @@ # GitHub recommends pinning actions to a commit SHA. # To get a newer version, you will need to update the SHA. # You can also reference a tag or branch, but the action may change without warning. -name: Publish Docker image +name: 🐳 🚀 Publish Docker image on: release: diff --git a/.github/workflows/label-issues.yml b/.github/workflows/label-issues.yml index c76064233..944323648 100755 --- a/.github/workflows/label-issues.yml +++ b/.github/workflows/label-issues.yml @@ -1,4 +1,4 @@ -name: Label Issues by Installation Type +name: 🏷 Label Issues by Installation Type on: issues: @@ -15,21 +15,28 @@ jobs: uses: actions/github-script@v7 with: script: | - const body = context.payload.issue.body; + const body = (context.payload.issue.body || "").toLowerCase(); - const lowerBody = body.toLowerCase(); + // --- Check for template marker --- + const hasTemplate = body.includes('netalertx_template'); + if (!hasTemplate) { + console.log("No template marker found, skipping labeling."); + return; // skip labeling + } + + // --- Proceed with normal labeling --- let labelsToAdd = []; - if (lowerBody.includes('bare-metal') || lowerBody.includes('proxmox')) { + if (body.includes('bare-metal') || body.includes('proxmox')) { labelsToAdd.push('bare-metal ❗'); } - if (lowerBody.includes('home assistant')) { + if (body.includes('home assistant')) { labelsToAdd.push('Home Assistant 🏠'); } - if (lowerBody.includes('production (netalertx)') || lowerBody.includes('dev (netalertx-dev)')) { + if (body.includes('production (netalertx)') || body.includes('dev (netalertx-dev)')) { labelsToAdd.push('Docker 🐋'); } @@ -40,4 +47,6 @@ jobs: issue_number: context.issue.number, labels: labelsToAdd }); + + console.log(`Added labels: ${labelsToAdd.join(", ")}`); } diff --git a/.github/workflows/mkdocs.yml b/.github/workflows/mkdocs.yml index 76a418966..ab1ca0526 100755 --- a/.github/workflows/mkdocs.yml +++ b/.github/workflows/mkdocs.yml @@ -1,4 +1,4 @@ -name: Deploy MkDocs +name: 📘 Deploy MkDocs on: push: diff --git a/.github/workflows/run-all-tests.yml b/.github/workflows/run-all-tests.yml new file mode 100644 index 000000000..45118577a --- /dev/null +++ b/.github/workflows/run-all-tests.yml @@ -0,0 +1,81 @@ +name: 🧪 Manual Test Suite Selector + +on: + workflow_dispatch: + inputs: + run_scan: + description: '📂 scan/ (Scan, Logic, Locks, IPs)' + type: boolean + default: true + run_api: + description: '📂 api_endpoints/ & server/ (Endpoints & Server)' + type: boolean + default: false + run_backend: + description: '📂 backend/ (SQL Builder & Security)' + type: boolean + default: false + run_docker_env: + description: '📂 docker_tests/ (Environment & PUID/PGID)' + type: boolean + default: false + run_ui: + description: '📂 ui/ (Selenium & Dashboard)' + type: boolean + default: false + run_root_files: + description: '📄 Root Test Files (WOL, Atomicity, etc.)' + type: boolean + default: false + +jobs: + comprehensive-test: + runs-on: ubuntu-latest + steps: + - name: Checkout Code + uses: actions/checkout@v4 + + - name: Set up Environment + run: sudo apt-get update && sudo apt-get install -y sqlite3 + + - name: Build Test Path Command + id: builder + run: | + PATHS="" + # Folder Mapping with 'test/' prefix + if [ "${{ github.event.inputs.scan }}" == "true" ]; then PATHS="$PATHS test/scan/"; fi + if [ "${{ github.event.inputs.run_api }}" == "true" ]; then PATHS="$PATHS test/api_endpoints/ test/server/"; fi + if [ "${{ github.event.inputs.run_backend }}" == "true" ]; then PATHS="$PATHS test/backend/"; fi + if [ "${{ github.event.inputs.run_docker_env }}" == "true" ]; then PATHS="$PATHS test/docker_tests/"; fi + if [ "${{ github.event.inputs.run_ui }}" == "true" ]; then PATHS="$PATHS test/ui/"; fi + + # Root Files Mapping (files sitting directly in /test/) + if [ "${{ github.event.inputs.run_root_files }}" == "true" ]; then + PATHS="$PATHS test/test_device_atomicity.py test/test_mcp_disablement.py test/test_plugin_helper.py test/test_wol_validation.py" + fi + + # If nothing is selected, default to the whole test folder + if [ -z "$PATHS" ]; then PATHS="test/"; fi + + echo "final_paths=$PATHS" >> $GITHUB_OUTPUT + + - name: Run Docker Integration Script + run: | + chmod +x ./scripts/run_tests_in_docker_environment.sh + + # We update the pytest command to use the specific paths built above. + # Note: We still keep your 'not' filter to skip E2E tests unless you want them. + TARGET_PATHS="${{ steps.builder.outputs.final_paths }}" + SED_COMMAND="pytest $TARGET_PATHS -m 'not (docker or compose or feature_complete)'" + + echo "🚀 Targeted Pytest Command: $SED_COMMAND" + + sed -i "s|pytest -m 'not (docker or compose or feature_complete)'|$SED_COMMAND|g" ./scripts/run_tests_in_docker_environment.sh + + ./scripts/run_tests_in_docker_environment.sh + + - name: Cleanup + if: always() + run: | + docker stop netalertx-test-container || true + docker rm netalertx-test-container || true \ No newline at end of file diff --git a/.github/workflows/social_post_on_release.yml b/.github/workflows/social-post-on-release.yml old mode 100755 new mode 100644 similarity index 100% rename from .github/workflows/social_post_on_release.yml rename to .github/workflows/social-post-on-release.yml diff --git a/.gitignore b/.gitignore index 760bb78fd..cf9ed1629 100755 --- a/.gitignore +++ b/.gitignore @@ -24,6 +24,7 @@ front/api/* /api/* **/plugins/**/*.log **/plugins/cloud_services/* +**/plugins/cloud_connector/* **/%40eaDir/ **/@eaDir/ @@ -46,3 +47,5 @@ docker-compose.yml.ffsb42 .env.omada.ffsb42 .venv test_mounts/ +.gemini/settings.json +.vscode/mcp.json diff --git a/.vscode/settings.json b/.vscode/settings.json index 9bd7c413d..f118d7712 100755 --- a/.vscode/settings.json +++ b/.vscode/settings.json @@ -31,5 +31,6 @@ "python.formatting.blackArgs": [ "--line-length=180" ], + "chat.useAgentSkills": true, } \ No newline at end of file diff --git a/Dockerfile b/Dockerfile index 6d308642a..0836f7fde 100755 --- a/Dockerfile +++ b/Dockerfile @@ -134,7 +134,7 @@ ENV LANG=C.UTF-8 RUN apk add --no-cache bash mtr libbsd zip lsblk tzdata curl arp-scan iproute2 iproute2-ss nmap fping \ nmap-scripts traceroute nbtscan net-tools net-snmp-tools bind-tools awake ca-certificates \ sqlite php83 php83-fpm php83-cgi php83-curl php83-sqlite3 php83-session python3 envsubst \ - nginx supercronic shadow su-exec && \ + nginx supercronic shadow su-exec jq && \ rm -Rf /var/cache/apk/* && \ rm -Rf /etc/nginx && \ addgroup -g ${NETALERTX_GID} ${NETALERTX_GROUP} && \ diff --git a/Dockerfile.debian b/Dockerfile.debian index d393cf9fd..da41aad00 100755 --- a/Dockerfile.debian +++ b/Dockerfile.debian @@ -1,57 +1,46 @@ -# Warning - use of this unhardened image is not recommended for production use. -# This image is provided for backward compatibility, development and testing purposes only. -# For production use, please use the hardened image built with Alpine. This image attempts to -# treat a container as an operating system, which is an anti-pattern and a common source of -# security issues. -# -# The default Dockerfile/docker-compose image contains the following security improvements -# over the Debian image: -# - read-only filesystem -# - no sudo access -# - least possible permissions on all files and folders -# - Root user has all permissions revoked and is unused -# - Secure umask applied so files are owner-only by default -# - non-privileged user runs the application -# - no shell access for non-privileged users -# - no unnecessary packages or services -# - reduced capabilities -# - tmpfs for writable folders -# - healthcheck -# - no package managers -# - no compilers or build tools -# - no systemd, uses lightweight init system -# - no persistent storage except for config and db volumes -# - minimal image size due to segmented build stages -# - minimal base image (Alpine Linux) -# - minimal python environment (venv, no pip) -# - minimal stripped web server -# - minimal stripped php environment -# - minimal services (nginx, php-fpm, crond, no unnecessary services or service managers) -# - minimal users and groups (netalertx and readonly only, no others) -# - minimal permissions (read-only for most files and folders, write-only for necessary folders) -# - minimal capabilities (NET_ADMIN and NET_RAW only, no others) -# - minimal environment variables (only necessary ones, no others) -# - minimal entrypoint (only necessary commands, no others) -# - Uses the same base image as the development environmnment (Alpine Linux) -# - Uses the same services as the development environment (nginx, php-fpm, crond) -# - Uses the same environment variables as the development environment (only necessary ones, no others) -# - Uses the same file and folder structure as the development environment (only necessary ones, no others) -# NetAlertX is designed to be run as an unattended network security monitoring appliance, which means it -# should be able to operate without human intervention. Overall, the hardened image is designed to be as -# secure as possible while still being functional and is recommended because you cannot attack a surface -# that isn't there. - - -FROM debian:bookworm-slim - -#TZ=Europe/London - -# NetAlertX app directories -ENV INSTALL_DIR=/app +# Stage 1: Builder +# Install build dependencies and create virtual environment +FROM debian:bookworm-slim AS builder + +ENV PYTHONUNBUFFERED=1 +ENV VIRTUAL_ENV=/opt/venv +ENV PATH="${VIRTUAL_ENV}/bin:${PATH}" + +RUN apt-get update && apt-get install -y --no-install-recommends \ + python3 \ + python3-dev \ + python3-pip \ + python3-venv \ + gcc \ + git \ + libffi-dev \ + libssl-dev \ + rustc \ + cargo \ + && rm -rf /var/lib/apt/lists/* + +RUN python3 -m venv ${VIRTUAL_ENV} +ENV PATH="${VIRTUAL_ENV}/bin:${PATH}" + +COPY requirements.txt /tmp/requirements.txt +RUN pip install --upgrade pip setuptools wheel && \ + pip install --no-cache-dir -r /tmp/requirements.txt + +# Stage 2: Runner +# Main runtime stage with minimum requirements +FROM debian:bookworm-slim AS runner + +ARG INSTALL_DIR=/app +ARG NETALERTX_UID=20211 +ARG NETALERTX_GID=20211 +ARG READONLY_UID=20212 +ARG READONLY_GID=20212 + ENV NETALERTX_APP=${INSTALL_DIR} ENV NETALERTX_DATA=/data ENV NETALERTX_CONFIG=${NETALERTX_DATA}/config ENV NETALERTX_FRONT=${NETALERTX_APP}/front +ENV NETALERTX_PLUGINS=${NETALERTX_FRONT}/plugins ENV NETALERTX_SERVER=${NETALERTX_APP}/server ENV NETALERTX_API=/tmp/api ENV NETALERTX_DB=${NETALERTX_DATA}/db @@ -59,8 +48,8 @@ ENV NETALERTX_DB_FILE=${NETALERTX_DB}/app.db ENV NETALERTX_BACK=${NETALERTX_APP}/back ENV NETALERTX_LOG=/tmp/log ENV NETALERTX_PLUGINS_LOG=${NETALERTX_LOG}/plugins +ENV NETALERTX_CONFIG_FILE=${NETALERTX_CONFIG}/app.conf -# NetAlertX log files ENV LOG_IP_CHANGES=${NETALERTX_LOG}/IP_changes.log ENV LOG_APP=${NETALERTX_LOG}/app.log ENV LOG_APP_FRONT=${NETALERTX_LOG}/app_front.log @@ -75,102 +64,178 @@ ENV LOG_STDOUT=${NETALERTX_LOG}/stdout.log ENV LOG_CRON=${NETALERTX_LOG}/cron.log ENV LOG_NGINX_ERROR=${NETALERTX_LOG}/nginx-error.log -# System Services configuration files +ENV ENTRYPOINT_CHECKS=/entrypoint.d ENV SYSTEM_SERVICES=/services +ENV SYSTEM_SERVICES_SCRIPTS=${SYSTEM_SERVICES}/scripts ENV SYSTEM_SERVICES_CONFIG=${SYSTEM_SERVICES}/config -ENV SYSTEM_NGINIX_CONFIG=${SYSTEM_SERVICES_CONFIG}/nginx -ENV SYSTEM_NGINX_CONFIG_FILE=${SYSTEM_NGINIX_CONFIG}/nginx.conf +ENV SYSTEM_NGINX_CONFIG=${SYSTEM_SERVICES_CONFIG}/nginx +ENV SYSTEM_NGINX_CONFIG_TEMPLATE=${SYSTEM_NGINX_CONFIG}/netalertx.conf.template +ENV SYSTEM_SERVICES_CONFIG_CRON=${SYSTEM_SERVICES_CONFIG}/cron ENV SYSTEM_SERVICES_ACTIVE_CONFIG=/tmp/nginx/active-config -ENV NETALERTX_CONFIG_FILE=${NETALERTX_CONFIG}/app.conf +ENV SYSTEM_SERVICES_ACTIVE_CONFIG_FILE=${SYSTEM_SERVICES_ACTIVE_CONFIG}/nginx.conf ENV SYSTEM_SERVICES_PHP_FOLDER=${SYSTEM_SERVICES_CONFIG}/php ENV SYSTEM_SERVICES_PHP_FPM_D=${SYSTEM_SERVICES_PHP_FOLDER}/php-fpm.d -ENV SYSTEM_SERVICES_CROND=${SYSTEM_SERVICES_CONFIG}/crond ENV SYSTEM_SERVICES_RUN=/tmp/run ENV SYSTEM_SERVICES_RUN_TMP=${SYSTEM_SERVICES_RUN}/tmp ENV SYSTEM_SERVICES_RUN_LOG=${SYSTEM_SERVICES_RUN}/logs ENV PHP_FPM_CONFIG_FILE=${SYSTEM_SERVICES_PHP_FOLDER}/php-fpm.conf -#Python environment -ENV PYTHONPATH=${NETALERTX_SERVER} +ENV READ_ONLY_FOLDERS="${NETALERTX_BACK} ${NETALERTX_FRONT} ${NETALERTX_SERVER} ${SYSTEM_SERVICES} \ + ${SYSTEM_SERVICES_CONFIG} ${ENTRYPOINT_CHECKS}" +ENV READ_WRITE_FOLDERS="${NETALERTX_DATA} ${NETALERTX_CONFIG} ${NETALERTX_DB} ${NETALERTX_API} \ + ${NETALERTX_LOG} ${NETALERTX_PLUGINS_LOG} ${SYSTEM_SERVICES_RUN} \ + ${SYSTEM_SERVICES_RUN_TMP} ${SYSTEM_SERVICES_RUN_LOG} \ + ${SYSTEM_SERVICES_ACTIVE_CONFIG}" + ENV PYTHONUNBUFFERED=1 ENV VIRTUAL_ENV=/opt/venv ENV VIRTUAL_ENV_BIN=/opt/venv/bin -ENV PATH="${VIRTUAL_ENV}/bin:${PATH}:/services" -ENV VENDORSPATH=/app/back/ieee-oui.txt -ENV VENDORSPATH_NEWEST=${SYSTEM_SERVICES_RUN_TMP}/ieee-oui.txt - +ENV PYTHONPATH=${NETALERTX_APP}:${NETALERTX_SERVER}:${NETALERTX_PLUGINS}:${VIRTUAL_ENV}/lib/python3.11/site-packages +ENV PATH="${SYSTEM_SERVICES}:${VIRTUAL_ENV_BIN}:$PATH" -# App Environment ENV LISTEN_ADDR=0.0.0.0 ENV PORT=20211 ENV NETALERTX_DEBUG=0 - -#Container environment +ENV VENDORSPATH=/app/back/ieee-oui.txt +ENV VENDORSPATH_NEWEST=${SYSTEM_SERVICES_RUN_TMP}/ieee-oui.txt ENV ENVIRONMENT=debian -ENV USER=netalertx -ENV USER_ID=1000 -ENV USER_GID=1000 +ENV READ_ONLY_USER=readonly READ_ONLY_GROUP=readonly +ENV NETALERTX_USER=netalertx NETALERTX_GROUP=netalertx +ENV LANG=C.UTF-8 -# Todo, figure out why using a workdir instead of full paths don't work -# Todo, do we still need all these packages? I can already see sudo which isn't needed - - -# create pi user and group -# add root and www-data to pi group so they can r/w files and db -RUN groupadd --gid "${USER_GID}" "${USER}" && \ - useradd \ - --uid ${USER_ID} \ - --gid ${USER_GID} \ - --create-home \ - --shell /bin/bash \ - ${USER} && \ - usermod -a -G ${USER_GID} root && \ - usermod -a -G ${USER_GID} www-data - -COPY --chmod=775 --chown=${USER_ID}:${USER_GID} install/production-filesystem/ / -COPY --chmod=775 --chown=${USER_ID}:${USER_GID} . ${INSTALL_DIR}/ - - -# ❗ IMPORTANT - if you modify this file modify the /install/install_dependecies.debian.sh file as well ❗ -# hadolint ignore=DL3008,DL3027 +# Install dependencies +# Using sury.org for PHP 8.3 to match Alpine version RUN apt-get update && apt-get install -y --no-install-recommends \ - tini snmp ca-certificates curl libwww-perl arp-scan sudo gettext-base \ - nginx-light php php-cgi php-fpm php-sqlite3 php-curl sqlite3 dnsutils net-tools \ - python3 python3-dev iproute2 nmap fping python3-pip zip git systemctl usbutils traceroute nbtscan openrc \ - busybox nginx nginx-core mtr python3-venv && \ - rm -rf /var/lib/apt/lists/* - -# While php8.3 is in debian bookworm repos, php-fpm is not included so we need to add sury.org repo -# (Ondřej Surý maintains php packages for debian. This is temp until debian includes php-fpm in their -# repos. Likely it will be in Debian Trixie.). This keeps the image up-to-date with the alpine version. -# hadolint ignore=DL3008 -RUN apt-get install -y --no-install-recommends \ - apt-transport-https \ + tini \ + snmp \ ca-certificates \ + curl \ + libwww-perl \ + arp-scan \ + sudo \ + gettext-base \ + nginx-light \ + sqlite3 \ + dnsutils \ + net-tools \ + python3 \ + iproute2 \ + nmap \ + fping \ + zip \ + git \ + usbutils \ + traceroute \ + nbtscan \ lsb-release \ - wget && \ - wget -q -O /etc/apt/trusted.gpg.d/php.gpg https://packages.sury.org/php/apt.gpg && \ - echo "deb https://packages.sury.org/php/ $(lsb_release -sc) main" > /etc/apt/sources.list.d/php.list && \ - apt-get update && \ - apt-get install -y --no-install-recommends php8.3-fpm php8.3-cli php8.3-sqlite3 php8.3-common php8.3-curl php8.3-cgi && \ - ln -s /usr/sbin/php-fpm8.3 /usr/sbin/php-fpm83 && \ - rm -rf /var/lib/apt/lists/* # make it compatible with alpine version - -# Setup virtual python environment and use pip3 to install packages -RUN python3 -m venv ${VIRTUAL_ENV} && \ - /bin/bash -c "source ${VIRTUAL_ENV_BIN}/activate && update-alternatives --install /usr/bin/python python /usr/bin/python3 10 && pip3 install -r ${INSTALL_DIR}/requirements.txt" - -# Configure php-fpm -RUN chmod -R 755 /services && \ - chown -R ${USER}:${USER_GID} /services && \ - sed -i 's/^;listen.mode = .*/listen.mode = 0666/' ${SYSTEM_SERVICES_PHP_FPM_D}/www.conf && \ - printf "user = %s\ngroup = %s\n" "${USER}" "${USER_GID}" >> /services/config/php/php-fpm.d/www.conf - - - -# Create a buildtimestamp.txt to later check if a new version was released -RUN date +%s > ${INSTALL_DIR}/front/buildtimestamp.txt -USER netalertx:netalertx -ENTRYPOINT ["/bin/bash","/entrypoint.sh"] - - + wget \ + apt-transport-https \ + gnupg2 \ + mtr \ + procps \ + gosu \ + jq \ + ipcalc \ + && wget -qO /etc/apt/trusted.gpg.d/php.gpg https://packages.sury.org/php/apt.gpg \ + && echo "deb https://packages.sury.org/php/ $(lsb_release -sc) main" > /etc/apt/sources.list.d/php.list \ + && apt-get update \ + && apt-get install -y --no-install-recommends \ + php8.3-fpm \ + php8.3-cli \ + php8.3-sqlite3 \ + php8.3-common \ + php8.3-curl \ + && ln -s /usr/sbin/php-fpm8.3 /usr/sbin/php-fpm \ + && ln -s /usr/sbin/php-fpm8.3 /usr/sbin/php-fpm83 \ + && ln -s /usr/sbin/gosu /usr/sbin/su-exec \ + && rm -rf /var/lib/apt/lists/* + +# Fix permissions for /tmp BEFORE copying anything that might overwrite it with bad perms +RUN chmod 1777 /tmp + +# User setup +RUN groupadd -g ${NETALERTX_GID} ${NETALERTX_GROUP} && \ + useradd -u ${NETALERTX_UID} -g ${NETALERTX_GID} -d ${NETALERTX_APP} -s /bin/bash ${NETALERTX_USER} + +# Copy filesystem (excluding tmp if possible, or we just fix it after) +COPY --chown=${NETALERTX_USER}:${NETALERTX_GROUP} install/production-filesystem/ / +# Re-apply sticky bit to /tmp in case COPY overwrote it +RUN chmod 1777 /tmp + +COPY --chown=${NETALERTX_USER}:${NETALERTX_GROUP} --chmod=755 back ${NETALERTX_BACK} +COPY --chown=${NETALERTX_USER}:${NETALERTX_GROUP} --chmod=755 front ${NETALERTX_FRONT} +COPY --chown=${NETALERTX_USER}:${NETALERTX_GROUP} --chmod=755 server ${NETALERTX_SERVER} + +# Create required folders +RUN install -d -o ${NETALERTX_USER} -g ${NETALERTX_GROUP} -m 700 ${READ_WRITE_FOLDERS} && \ + chmod 750 /entrypoint.sh /root-entrypoint.sh + +# Copy Version +COPY --chown=${NETALERTX_USER}:${NETALERTX_GROUP} .[V]ERSION ${NETALERTX_APP}/.VERSION +COPY --chown=${NETALERTX_USER}:${NETALERTX_GROUP} .[V]ERSION ${NETALERTX_APP}/.VERSION_PREV + +# Copy venv from builder +COPY --from=builder --chown=${READONLY_UID}:${READONLY_GID} ${VIRTUAL_ENV} ${VIRTUAL_ENV} + +# Init process +RUN for vfile in .VERSION .VERSION_PREV; do \ + if [ ! -f "${NETALERTX_APP}/${vfile}" ]; then \ + echo "DEVELOPMENT 00000000" > "${NETALERTX_APP}/${vfile}"; \ + fi; \ + chown ${READONLY_UID}:${READONLY_GID} "${NETALERTX_APP}/${vfile}"; \ + done && \ + # Set capabilities for raw socket access + setcap cap_net_raw,cap_net_admin+eip /usr/bin/nmap && \ + setcap cap_net_raw,cap_net_admin+eip /usr/sbin/arp-scan && \ + setcap cap_net_raw,cap_net_admin,cap_net_bind_service+eip /usr/bin/nbtscan && \ + setcap cap_net_raw,cap_net_admin+eip /usr/bin/traceroute.db && \ + # Note: python path needs to be dynamic or verificed + # setcap cap_net_raw,cap_net_admin+eip $(readlink -f ${VIRTUAL_ENV_BIN}/python) && \ + /bin/bash /build/init-nginx.sh && \ + /bin/bash /build/init-php-fpm.sh && \ + # /bin/bash /build/init-cron.sh && \ + # Debian cron init might differ, skipping for now or need to check init-cron.sh content + # Checking init-backend.sh + /bin/bash /build/init-backend.sh && \ + rm -rf /build && \ + date +%s > "${NETALERTX_FRONT}/buildtimestamp.txt" + +ENTRYPOINT ["/bin/bash", "/entrypoint.sh"] + +# Stage 3: Hardened +FROM runner AS hardened + +ARG NETALERTX_UID=20211 +ARG NETALERTX_GID=20211 +ARG READONLY_UID=20212 +ARG READONLY_GID=20212 +ENV READ_ONLY_USER=readonly READ_ONLY_GROUP=readonly + +# Create readonly user +RUN groupadd -g ${READONLY_GID} ${READ_ONLY_GROUP} && \ + useradd -u ${READONLY_UID} -g ${READONLY_GID} -d /app -s /usr/sbin/nologin ${READ_ONLY_USER} + +# Hardening: Remove package managers and set permissions +RUN chown -R ${READ_ONLY_USER}:${READ_ONLY_GROUP} ${READ_ONLY_FOLDERS} && \ + chmod -R 004 ${READ_ONLY_FOLDERS} && \ + find ${READ_ONLY_FOLDERS} -type d -exec chmod 005 {} + && \ + install -d -o ${NETALERTX_USER} -g ${NETALERTX_GROUP} -m 0777 ${READ_WRITE_FOLDERS} && \ + chown ${READ_ONLY_USER}:${READ_ONLY_GROUP} /entrypoint.sh /root-entrypoint.sh /app /opt /opt/venv && \ + # Permissions + chmod 005 /entrypoint.sh /root-entrypoint.sh ${SYSTEM_SERVICES}/*.sh ${SYSTEM_SERVICES_SCRIPTS}/* ${ENTRYPOINT_CHECKS}/* /app /opt /opt/venv && \ + # Cleanups + rm -f \ + "${NETALERTX_CONFIG}/app.conf" \ + "${NETALERTX_DB_FILE}" \ + "${NETALERTX_DB_FILE}-shm" \ + "${NETALERTX_DB_FILE}-wal" || true && \ + # Remove apt and sensitive files + rm -rf /var/lib/apt /var/lib/dpkg /var/cache/apt /usr/bin/apt* /usr/bin/dpkg* \ + /etc/shadow /etc/gshadow /etc/sudoers /root /home/root && \ + # Dummy sudo + printf '#!/bin/sh\n"$@"\n' > /usr/bin/sudo && chmod +x /usr/bin/sudo + +USER 0 +ENTRYPOINT ["/root-entrypoint.sh"] +HEALTHCHECK --interval=30s --timeout=10s --start-period=60s --retries=3 \ + CMD /services/healthcheck.sh diff --git a/README.md b/README.md index 318324624..1bb1af9e5 100755 --- a/README.md +++ b/README.md @@ -4,34 +4,43 @@ [![Discord](https://img.shields.io/discord/1274490466481602755?color=0aa8d2&logoColor=fff&logo=Discord&style=for-the-badge)](https://discord.gg/NczTUTWyRr) [![Home Assistant](https://img.shields.io/badge/Repo-blue?logo=home-assistant&style=for-the-badge&color=0aa8d2&logoColor=fff&label=Add)](https://my.home-assistant.io/redirect/supervisor_add_addon_repository/?repository_url=https%3A%2F%2Fgithub.com%2Falexbelgium%2Fhassio-addons) -# NetAlertX - Network, presence scanner and alert framework - -Get visibility of what's going on on your WIFI/LAN network and enable presence detection of important devices. Schedule scans for devices, port changes and get alerts if unknown devices or changes are found. Write your own [Plugin](https://docs.netalertx.com/PLUGINS#readme) with auto-generated UI and in-build notification system. Build out and easily maintain your network source of truth (NSoT) and device inventory. - -## 📋 Table of Contents - -- [NetAlertX - Network, presence scanner and alert framework](#netalertx---network-presence-scanner-and-alert-framework) - - [📋 Table of Contents](#-table-of-contents) - - [🚀 Quick Start](#-quick-start) - - [📦 Features](#-features) - - [Scanners](#scanners) - - [Notification gateways](#notification-gateways) - - [Integrations and Plugins](#integrations-and-plugins) - - [Workflows](#workflows) - - [📚 Documentation](#-documentation) - - [🔐 Security \& Privacy](#-security--privacy) - - [❓ FAQ](#-faq) - - [🐞 Known Issues](#-known-issues) - - [📃 Everything else](#-everything-else) - - [📧 Get notified what's new](#-get-notified-whats-new) - - [🔀 Other Alternative Apps](#-other-alternative-apps) - - [💙 Donations](#-donations) - - [🏗 Contributors](#-contributors) - - [🌍 Translations](#-translations) - - [License](#license) - - -## 🚀 Quick Start +# NetAlertX - Network Visibility & Asset Intelligence Framework + +![main][main] + +
+ 📷 Click for more screenshots + + | ![Main screen][main] | ![device_details 1][device_details] | ![Screen network][network] | + |----------------------|----------------------|----------------------| + | ![presence][presence] | ![maintenance][maintenance] | ![settings][settings] | + | ![sync_hub][sync_hub] | ![report1][report1] | ![device_nmap][device_nmap] | + + Head to [https://netalertx.com/](https://netalertx.com/) for even more gifs and screenshots 📷. + +
+ + +Centralized network visibility and continuous asset discovery. + +Monitor devices, detect change, and stay aware across distributed networks. + +NetAlertX provides a centralized "Source of Truth" (NSoT) for network infrastructure. Maintain a real-time inventory of every connected device, identify Shadow IT and unauthorized hardware to maintain regulatory compliance, and automate compliance workflows across distributed sites. + +NetAlertX is designed to bridge the gap between simple network scanning and complex SIEM tools, providing actionable insights without the overhead. + + +## Table of Contents + +- [Quick Start](#quick-start) +- [Features](#features) +- [Documentation](#documentation) +- [Security \& Privacy](#security--privacy) +- [FAQ](#faq) +- [Troubleshooting Tips](#troubleshooting-tips) +- [Everything else](#everything-else) + +## Quick Start > [!WARNING] > ⚠️ **Important:** The docker-compose has recently changed. Carefully read the [Migration guide](https://docs.netalertx.com/MIGRATION/?h=migrat#12-migration-from-netalertx-v25524) for detailed instructions. @@ -47,14 +56,14 @@ docker run -d \ --tmpfs /tmp:uid=20211,gid=20211,mode=1700 \ -e PORT=20211 \ -e APP_CONF_OVERRIDE='{"GRAPHQL_PORT":"20214"}' \ - ghcr.io/jokob-sk/netalertx:latest + ghcr.io/netalertx/netalertx:latest ``` Note: Your `/local_data_dir` should contain a `config` and `db` folder. To deploy a containerized instance directly from the source repository, execute the following BASH sequence: ```bash -git clone https://github.com/jokob-sk/NetAlertX.git +git clone https://github.com/netalertx/NetAlertX.git cd NetAlertX docker compose up --force-recreate --build # To customize: edit docker-compose.yaml and run that last command again @@ -64,31 +73,17 @@ Need help configuring it? Check the [usage guide](https://docs.netalertx.com/REA For Home Assistant users: [Click here to add NetAlertX](https://my.home-assistant.io/redirect/supervisor_add_addon_repository/?repository_url=https%3A%2F%2Fgithub.com%2Falexbelgium%2Fhassio-addons) -For other install methods, check the [installation docs](#-documentation) - - -| [📑 Docker guide](https://docs.netalertx.com/DOCKER_INSTALLATION) | [🚀 Releases](https://github.com/jokob-sk/NetAlertX/releases) | [📚 Docs](https://docs.netalertx.com/) | [🔌 Plugins](https://docs.netalertx.com/PLUGINS) | [🤖 Ask AI](https://gurubase.io/g/netalertx) -|----------------------| ----------------------| ----------------------| ----------------------| ----------------------| - -![showcase][showcase] - -
- 📷 Click for more screenshots - - | ![Main screen][main] | ![device_details 1][device_details] | ![Screen network][network] | - |----------------------|----------------------|----------------------| - | ![presence][presence] | ![maintenance][maintenance] | ![settings][settings] | - | ![sync_hub][sync_hub] | ![report1][report1] | ![device_nmap][device_nmap] | - - Head to [https://netalertx.com/](https://netalertx.com/) for even more gifs and screenshots 📷. +For other install methods, check the [installation docs](#documentation) -
+--- +### || [Docker guide](https://docs.netalertx.com/DOCKER_INSTALLATION) || [Releases](https://github.com/netalertx/NetAlertX/releases) || [Docs](https://docs.netalertx.com/) || [Plugins](https://docs.netalertx.com/PLUGINS) || [Website](https://netalertx.com) +--- -## 📦 Features +## Features -### Scanners +### Discovery & Asset Intelligence -The app scans your network for **New devices**, **New connections** (re-connections), **Disconnections**, **"Always Connected" devices down**, Devices **IP changes** and **Internet IP address changes**. Discovery & scan methods include: **arp-scan**, **Pi-hole - DB import**, **Pi-hole - DHCP leases import**, **Generic DHCP leases import**, **UNIFI controller import**, **SNMP-enabled router import**. Check the [Plugins](https://docs.netalertx.com/PLUGINS#readme) docs for a full list of avaliable plugins. +Continuous monitoring for unauthorized asset discovery, connection state changes, and IP address management (IPAM) drift. Discovery & scan methods include: **arp-scan**, **Pi-hole - DB import**, **Pi-hole - DHCP leases import**, **Generic DHCP leases import**, **UNIFI controller import**, **SNMP-enabled router import**. Check the [Plugins](https://docs.netalertx.com/PLUGINS#readme) docs for a full list of avaliable plugins. ### Notification gateways @@ -101,12 +96,14 @@ build your own scanners with the [Plugin system](https://docs.netalertx.com/PLUG ### Workflows -The [workflows module](https://docs.netalertx.com/WORKFLOWS) allows to automate repetitive tasks, making network management more efficient. Whether you need to assign newly discovered devices to a specific Network Node, auto-group devices from a given vendor, unarchive a device if detected online, or automatically delete devices, this module provides the flexibility to tailor the automations to your needs. +The [workflows module](https://docs.netalertx.com/WORKFLOWS) automates IT governance by enforcing device categorization and cleanup policies. Whether you need to assign newly discovered devices to a specific Network Node, auto-group devices from a given vendor, unarchive a device if detected online, or automatically delete devices, this module provides the flexibility to tailor the automations to your needs. -## 📚 Documentation +## Documentation +Explore all the [documentation here](https://docs.netalertx.com/) or navigate to a specific installation option below. + Supported browsers: Chrome, Firefox - [[Installation] Docker](https://docs.netalertx.com/DOCKER_INSTALLATION) @@ -117,50 +114,51 @@ Supported browsers: Chrome, Firefox - [[Development] API docs](https://docs.netalertx.com/API) - [[Development] Custom Plugins](https://docs.netalertx.com/PLUGINS_DEV) -...or explore all the [documentation here](https://docs.netalertx.com/). - -## 🔐 Security & Privacy +## Security & Privacy NetAlertX scans your local network and can store metadata about connected devices. By default, all data is stored **locally**. No information is sent to external services unless you explicitly configure notifications or integrations. -To further secure your installation: +Compliance & Hardening: - Run it behind a reverse proxy with authentication - Use firewalls to restrict access to the web UI - Regularly update to the latest version for security patches +- Role-Based Access Control (RBAC) via Reverse Proxy: Integrate with your existing SSO/Identity provider for secure dashboard access. -See [Security Best Practices](https://github.com/jokob-sk/NetAlertX/security) for more details. +See [Security Best Practices](https://github.com/netalertx/NetAlertX/security) for more details. -## ❓ FAQ +## FAQ -**Q: Why don’t I see any devices?** +**Q: How do I monitor VLANs or remote subnets?** A: Ensure the container has proper network access (e.g., use `--network host` on Linux). Also check that your scan method is properly configured in the UI. -**Q: Does this work on Wi-Fi-only devices like Raspberry Pi?** -A: Yes, but some scanners (e.g. ARP) work best on Ethernet. For Wi-Fi, try SNMP, DHCP, or Pi-hole import. +**Q: What is the recommended deployment for high-availability?** +A: We recommend deploying via Docker with persistent volume mounts for database integrity and running behind a reverse proxy for secure access. **Q: Will this send any data to the internet?** A: No. All scans and data remain local, unless you set up cloud-based notifications. **Q: Can I use this without Docker?** -A: Yes! You can install it bare-metal. See the [bare metal installation guide](https://docs.netalertx.com/HW_INSTALL). +A: You can install the application directly on your own hardware by following the [bare metal installation guide](https://docs.netalertx.com/HW_INSTALL). **Q: Where is the data stored?** A: In the `/data/config` and `/data/db` folders. Back up these folders regularly. -## 🐞 Known Issues +## Troubleshooting Tips - Some scanners (e.g. ARP) may not detect devices on different subnets. See the [Remote networks guide](https://docs.netalertx.com/REMOTE_NETWORKS) for workarounds. - Wi-Fi-only networks may require alternate scanners for accurate detection. - Notification throttling may be needed for large networks to prevent spam. - On some systems, elevated permissions (like `CAP_NET_RAW`) may be needed for low-level scanning. -Check the [GitHub Issues](https://github.com/jokob-sk/NetAlertX/issues) for the latest bug reports and solutions and consult [the official documentation](https://docs.netalertx.com/). +Check the [GitHub Issues](https://github.com/netalertx/NetAlertX/issues) for the latest bug reports and solutions and consult [the official documentation](https://docs.netalertx.com/). -## 📃 Everything else +## Everything else +jokob-sk%2FNetAlertX | Trendshift + ### 📧 Get notified what's new Get notified about a new release, what new functionality you can use and about breaking changes. @@ -169,10 +167,10 @@ Get notified about a new release, what new functionality you can use and about b ### 🔀 Other Alternative Apps -- [PiAlert by leiweibau](https://github.com/leiweibau/Pi.Alert/) (maintained, bare-metal install) -- [WatchYourLAN](https://github.com/aceberg/WatchYourLAN) - Lightweight network IP scanner with web GUI (Open source) - [Fing](https://www.fing.com/) - Network scanner app for your Internet security (Commercial, Phone App, Proprietary hardware) - [NetBox](https://netboxlabs.com/) - Network management software (Commercial) +- [Zabbix](https://www.zabbix.com/) or [Nagios](https://www.nagios.org/) - Strong focus on infrastructure monitoring. +- [NetAlertX](https://netalertx.com) - The streamlined, discovery-focused alternative for real-time asset intelligence. ### 💙 Donations @@ -183,9 +181,8 @@ Thank you to everyone who appreciates this tool and donates.
- | [![GitHub](https://i.imgur.com/emsRCPh.png)](https://github.com/sponsors/jokob-sk) | [![Buy Me A Coffee](https://i.imgur.com/pIM6YXL.png)](https://www.buymeacoffee.com/jokobsk) | [![Patreon](https://i.imgur.com/MuYsrq1.png)](https://www.patreon.com/user?u=84385063) | -| --- | --- | --- | - + | [![GitHub](https://i.imgur.com/emsRCPh.png)](https://github.com/sponsors/jokob-sk) | [![Buy Me A Coffee](https://i.imgur.com/pIM6YXL.png)](https://www.buymeacoffee.com/jokobsk) | + | --- | --- | - Bitcoin: `1N8tupjeCK12qRVU2XrV17WvKK7LCawyZM` - Ethereum: `0x6e2749Cb42F4411bc98501406BdcD82244e3f9C7` @@ -197,7 +194,7 @@ Thank you to everyone who appreciates this tool and donates. This project would be nothing without the amazing work of the community, with special thanks to: -> [pucherot/Pi.Alert](https://github.com/pucherot/Pi.Alert) (the original creator of PiAlert), [leiweibau](https://github.com/leiweibau/Pi.Alert): Dark mode (and much more), [Macleykun](https://github.com/Macleykun) (Help with Dockerfile clean-up), [vladaurosh](https://github.com/vladaurosh) for Alpine re-base help, [Final-Hawk](https://github.com/Final-Hawk) (Help with NTFY, styling and other fixes), [TeroRERO](https://github.com/terorero) (Spanish translations), [Data-Monkey](https://github.com/Data-Monkey), (Split-up of the python.py file and more), [cvc90](https://github.com/cvc90) (Spanish translation and various UI work) to name a few. Check out all the [amazing contributors](https://github.com/jokob-sk/NetAlertX/graphs/contributors). +> [pucherot/Pi.Alert](https://github.com/pucherot/Pi.Alert) (the original creator of PiAlert), [leiweibau](https://github.com/leiweibau/Pi.Alert): Dark mode (and much more), [Macleykun](https://github.com/Macleykun) (Help with Dockerfile clean-up), [vladaurosh](https://github.com/vladaurosh) for Alpine re-base help, [Final-Hawk](https://github.com/Final-Hawk) (Help with NTFY, styling and other fixes), [TeroRERO](https://github.com/terorero) (Spanish translations), [Data-Monkey](https://github.com/Data-Monkey), (Split-up of the python.py file and more), [cvc90](https://github.com/cvc90) (Spanish translation and various UI work) to name a few. Check out all the [amazing contributors](https://github.com/netalertx/NetAlertX/graphs/contributors). ### 🌍 Translations @@ -223,7 +220,7 @@ Proudly using [Weblate](https://hosted.weblate.org/projects/pialert/). Help out [sync_hub]: ./docs/img/sync_hub.png "Screen 8" [notification_center]: ./docs/img/notification_center.png "Screen 8" [sent_reports_text]: ./docs/img/sent_reports_text.png "Screen 8" -[device_nmap]: ./docs/img/device_nmap.png "Screen 9" +[device_nmap]: ./docs/img/device_tools.png "Screen 9" [report1]: ./docs/img/report_sample.png "Report sample 1" [main_dark]: /docs/img/1_devices_dark.jpg "Main screen dark" [maintain_dark]: /docs/img/5_maintain.jpg "Maintain screen dark" diff --git a/back/app.conf b/back/app.conf index d0281eaa5..9c1bbfe91 100755 --- a/back/app.conf +++ b/back/app.conf @@ -16,7 +16,7 @@ # # Scan multiple interfaces (eth1 and eth0): # SCAN_SUBNETS = [ '192.168.1.0/24 --interface=eth1', '192.168.1.0/24 --interface=eth0' ] - +BACKEND_API_URL='/server' DISCOVER_PLUGINS=True SCAN_SUBNETS=['--localnet'] TIMEZONE='Europe/Berlin' @@ -100,6 +100,8 @@ MQTT_PASSWORD='passw0rd' MQTT_QOS=0 MQTT_DELAY_SEC=2 +GRAPHQL_PORT=20212 + #-------------------IMPORTANT INFO-------------------# # This file is ingested by a python script, so if # diff --git a/back/app.sql b/back/app.sql index 3cee67d4e..ce49d3fcb 100755 --- a/back/app.sql +++ b/back/app.sql @@ -150,21 +150,21 @@ CREATE TABLE Plugins_Language_Strings( PRIMARY KEY("Index" AUTOINCREMENT) ); CREATE TABLE CurrentScan ( - cur_MAC STRING(50) NOT NULL COLLATE NOCASE, - cur_IP STRING(50) NOT NULL COLLATE NOCASE, - cur_Vendor STRING(250), - cur_ScanMethod STRING(10), - cur_Name STRING(250), - cur_LastQuery STRING(250), - cur_DateTime STRING(250), - cur_SyncHubNodeName STRING(50), - cur_NetworkSite STRING(250), - cur_SSID STRING(250), - cur_devVlan STRING(250), - cur_NetworkNodeMAC STRING(250), - cur_PORT STRING(250), - cur_Type STRING(250), - UNIQUE(cur_MAC) + scanMac STRING(50) NOT NULL COLLATE NOCASE, + scanLastIP STRING(50) NOT NULL COLLATE NOCASE, + scanVendor STRING(250), + scanSourcePlugin STRING(10), + scanName STRING(250), + scanLastQuery STRING(250), + scanLastConnection STRING(250), + scanSyncHubNode STRING(50), + scanSite STRING(250), + scanSSID STRING(250), + scanVlan STRING(250), + scanParentMAC STRING(250), + scanParentPort STRING(250), + scanType STRING(250), + UNIQUE(scanMac) ); CREATE TABLE IF NOT EXISTS "AppEvents" ( "Index" INTEGER PRIMARY KEY AUTOINCREMENT, @@ -237,9 +237,9 @@ CREATE VIEW LatestEventsPerMAC AS c.* FROM RankedEvents AS e LEFT JOIN Devices AS d ON e.eve_MAC = d.devMac - INNER JOIN CurrentScan AS c ON e.eve_MAC = c.cur_MAC + INNER JOIN CurrentScan AS c ON e.eve_MAC = c.scanMac WHERE e.row_num = 1 -/* LatestEventsPerMAC(eve_MAC,eve_IP,eve_DateTime,eve_EventType,eve_AdditionalInfo,eve_PendingAlertEmail,eve_PairEventRowid,row_num,devMac,devName,devOwner,devType,devVendor,devFavorite,devGroup,devComments,devFirstConnection,devLastConnection,devLastIP,devStaticIP,devScan,devLogEvents,devAlertEvents,devAlertDown,devSkipRepeated,devLastNotification,devPresentLastScan,devIsNew,devLocation,devIsArchived,devParentMAC,devParentPort,devIcon,devGUID,devSite,devSSID,devSyncHubNode,devSourcePlugin,devCustomProps,cur_MAC,cur_IP,cur_Vendor,cur_ScanMethod,cur_Name,cur_LastQuery,cur_DateTime,cur_SyncHubNodeName,cur_NetworkSite,cur_SSID,cur_NetworkNodeMAC,cur_PORT,cur_Type) */; +/* LatestEventsPerMAC(eve_MAC,eve_IP,eve_DateTime,eve_EventType,eve_AdditionalInfo,eve_PendingAlertEmail,eve_PairEventRowid,row_num,devMac,devName,devOwner,devType,devVendor,devFavorite,devGroup,devComments,devFirstConnection,devLastConnection,devLastIP,devStaticIP,devScan,devLogEvents,devAlertEvents,devAlertDown,devSkipRepeated,devLastNotification,devPresentLastScan,devIsNew,devLocation,devIsArchived,devParentMAC,devParentPort,devIcon,devGUID,devSite,devSSID,devSyncHubNode,devSourcePlugin,devCustomProps,scanMac,scanLastIP,scanVendor,scanSourcePlugin,scanName,scanLastQuery,scanLastConnection,scanSyncHubNode,scanSite,scanSSID,scanParentMAC,scanParentPort,scanType) */; CREATE VIEW Sessions_Devices AS SELECT * FROM Sessions LEFT JOIN "Devices" ON ses_MAC = devMac /* Sessions_Devices(ses_MAC,ses_IP,ses_EventTypeConnection,ses_DateTimeConnection,ses_EventTypeDisconnection,ses_DateTimeDisconnection,ses_StillConnected,ses_AdditionalInfo,devMac,devName,devOwner,devType,devVendor,devFavorite,devGroup,devComments,devFirstConnection,devLastConnection,devLastIP,devStaticIP,devScan,devLogEvents,devAlertEvents,devAlertDown,devSkipRepeated,devLastNotification,devPresentLastScan,devIsNew,devLocation,devIsArchived,devParentMAC,devParentPort,devIcon,devGUID,devSite,devSSID,devSyncHubNode,devSourcePlugin,devCustomProps) */; CREATE VIEW Convert_Events_to_Sessions AS SELECT EVE1.eve_MAC, diff --git a/back/device_heuristics_rules.json b/back/device_heuristics_rules.json index 419c3da14..783ca333e 100755 --- a/back/device_heuristics_rules.json +++ b/back/device_heuristics_rules.json @@ -5,35 +5,75 @@ "matching_pattern": [ { "mac_prefix": "INTERNET", "vendor": "" } ], - "name_pattern": [] + "name_pattern": [], + "ip_pattern": [ + "^192\\.168\\.1\\.1$", + "^192\\.168\\.0\\.1$", + "^10\\.0\\.0\\.1$" + ] }, { - "dev_type": "Access Point", - "icon_html": "", + "dev_type": "Smart Switch", + "icon_html": "", "matching_pattern": [ - { "mac_prefix": "74ACB9", "vendor": "Ubiquiti" }, - { "mac_prefix": "002468", "vendor": "Cisco" }, - { "mac_prefix": "F4F5D8", "vendor": "TP-Link" }, - { "mac_prefix": "F88E85", "vendor": "Netgear" } + { "mac_prefix": "003192", "vendor": "TP-Link" }, + { "mac_prefix": "50C7BF", "vendor": "TP-Link" }, + { "mac_prefix": "B04E26", "vendor": "TP-Link" } ], - "name_pattern": ["router", "gateway", "ap", "access point", "access-point", "switch"] + "name_pattern": ["hs200", "hs210", "hs220", "ks230", "smart switch", "light switch", "wall switch"] + }, + { + "dev_type": "Smart Plug", + "icon_html": "", + "matching_pattern": [ + { "mac_prefix": "2887BA", "vendor": "TP-Link" } + ], + "name_pattern": ["kp115", "hs100", "hs103", "hs105", "smart plug", "outlet", "plug"] + }, + { + "dev_type": "Smart Speaker", + "icon_html": "", + "matching_pattern": [ + { "mac_prefix": "14C14E", "vendor": "Google" }, + { "mac_prefix": "44650D", "vendor": "Amazon" }, + { "mac_prefix": "74ACB9", "vendor": "Google" } + ], + "name_pattern": ["echo", "alexa", "dot", "nest-audio", "nest-mini", "google-home"] + }, + { + "dev_type": "Smart Appliance", + "icon_html": "", + "matching_pattern": [ + { "mac_prefix": "446FF8", "vendor": "Dyson" } + ], + "name_pattern": ["dyson", "purifier", "humidifier", "fan"] + }, + { + "dev_type": "Smart Home", + "icon_html": "", + "matching_pattern": [], + "name_pattern": ["google", "chromecast", "nest", "hub"] }, { "dev_type": "Phone", - "icon_html": "", + "icon_html": "", "matching_pattern": [ { "mac_prefix": "001A79", "vendor": "Apple" }, { "mac_prefix": "B0BE83", "vendor": "Samsung" }, { "mac_prefix": "BC926B", "vendor": "Motorola" } ], - "name_pattern": ["iphone", "ipad", "pixel", "galaxy", "redmi"] + "name_pattern": ["iphone", "ipad", "pixel", "galaxy", "redmi", "android", "samsung"] }, { - "dev_type": "Phone", - "icon_html": "", + "dev_type": "Access Point", + "icon_html": "", "matching_pattern": [ + { "mac_prefix": "74ACB9", "vendor": "Ubiquiti" }, + { "mac_prefix": "002468", "vendor": "Cisco" }, + { "mac_prefix": "F4F5D8", "vendor": "TP-Link" }, + { "mac_prefix": "F88E85", "vendor": "Netgear" } ], - "name_pattern": ["android","samsung"] + "name_pattern": ["router", "gateway", "ap", "access point", "access-point", "switch", "sg105", "sg108", "managed switch", "unmanaged switch", "poe switch", "ethernet switch"] }, { "dev_type": "Tablet", @@ -43,25 +83,19 @@ { "mac_prefix": "BC4C4C", "vendor": "Samsung" } ], "name_pattern": ["tablet", "pad"] - }, - { - "dev_type": "IoT", - "icon_html": "", - "matching_pattern": [ - { "mac_prefix": "B827EB", "vendor": "Raspberry Pi" }, - { "mac_prefix": "DCA632", "vendor": "Raspberry Pi" } - ], - "name_pattern": ["raspberry", "pi"] }, { "dev_type": "IoT", "icon_html": "", "matching_pattern": [ + { "mac_prefix": "B827EB", "vendor": "Raspberry Pi" }, + { "mac_prefix": "DCA632", "vendor": "Raspberry Pi" }, { "mac_prefix": "840D8E", "vendor": "Espressif" }, { "mac_prefix": "ECFABC", "vendor": "Espressif" }, - { "mac_prefix": "7C9EBD", "vendor": "Espressif" } + { "mac_prefix": "7C9EBD", "vendor": "Espressif" }, + { "mac_prefix": "286DCD", "vendor": "Beijing Winner Microelectronics" } ], - "name_pattern": ["raspberry", "pi"] + "name_pattern": ["raspberry", "pi", "thingsturn", "w600", "w601"] }, { "dev_type": "Desktop", @@ -69,9 +103,11 @@ "matching_pattern": [ { "mac_prefix": "001422", "vendor": "Dell" }, { "mac_prefix": "001874", "vendor": "Lenovo" }, - { "mac_prefix": "00E04C", "vendor": "Hewlett Packard" } + { "mac_prefix": "00E04C", "vendor": "Hewlett Packard" }, + { "mac_prefix": "F44D30", "vendor": "Elitegroup Computer Systems" }, + { "mac_prefix": "1C697A", "vendor": "Elitegroup Computer Systems" } ], - "name_pattern": ["desktop", "pc", "computer"] + "name_pattern": ["desktop", "pc", "computer", "liva", "ecs"] }, { "dev_type": "Laptop", @@ -80,9 +116,10 @@ { "mac_prefix": "3C0754", "vendor": "HP" }, { "mac_prefix": "0017A4", "vendor": "Dell" }, { "mac_prefix": "F4CE46", "vendor": "Lenovo" }, - { "mac_prefix": "409F38", "vendor": "Acer" } + { "mac_prefix": "409F38", "vendor": "Acer" }, + { "mac_prefix": "9CB6D0", "vendor": "Rivet Networks" } ], - "name_pattern": ["macbook", "imac", "laptop", "notebook"] + "name_pattern": ["macbook", "imac", "laptop", "notebook", "alienware", "razer", "msi"] }, { "dev_type": "Server", @@ -123,9 +160,10 @@ "matching_pattern": [ { "mac_prefix": "001FA7", "vendor": "Sony" }, { "mac_prefix": "7C04D0", "vendor": "Nintendo" }, - { "mac_prefix": "EC26CA", "vendor": "Sony" } + { "mac_prefix": "EC26CA", "vendor": "Sony" }, + { "mac_prefix": "48B02D", "vendor": "NVIDIA" } ], - "name_pattern": ["playstation", "xbox"] + "name_pattern": ["playstation", "xbox", "shield", "nvidia"] }, { "dev_type": "Camera", @@ -138,15 +176,6 @@ ], "name_pattern": ["camera", "cam", "webcam"] }, - { - "dev_type": "Smart Speaker", - "icon_html": "", - "matching_pattern": [ - { "mac_prefix": "44650D", "vendor": "Amazon" }, - { "mac_prefix": "74ACB9", "vendor": "Google" } - ], - "name_pattern": ["echo", "alexa", "dot"] - }, { "dev_type": "Router", "icon_html": "", @@ -154,23 +183,13 @@ { "mac_prefix": "000C29", "vendor": "Cisco" }, { "mac_prefix": "00155D", "vendor": "MikroTik" } ], - "name_pattern": ["router", "gateway", "ap", "access point", "access-point"], - "ip_pattern": [ - "^192\\.168\\.[0-1]\\.1$", - "^10\\.0\\.0\\.1$" - ] + "name_pattern": ["router", "gateway", "ap", "access point"] }, { "dev_type": "Smart Light", "icon_html": "", "matching_pattern": [], - "name_pattern": ["hue", "lifx", "bulb"] - }, - { - "dev_type": "Smart Home", - "icon_html": "", - "matching_pattern": [], - "name_pattern": ["google", "chromecast", "nest"] + "name_pattern": ["hue", "lifx", "bulb", "light"] }, { "dev_type": "Smartwatch", @@ -187,14 +206,9 @@ { "dev_type": "Security Device", "icon_html": "", - "matching_pattern": [], - "name_pattern": ["doorbell", "lock", "security"] - }, - { - "dev_type": "Smart Light", - "icon_html": "", "matching_pattern": [ + { "mac_prefix": "047BCB", "vendor": "Universal Global Scientific" } ], - "name_pattern": ["light","bulb"] + "name_pattern": ["doorbell", "lock", "security", "mmd-", "ring"] } -] +] \ No newline at end of file diff --git a/docs/API.md b/docs/API.md index 8a11403d0..3135b9d99 100755 --- a/docs/API.md +++ b/docs/API.md @@ -23,6 +23,8 @@ curl 'http://host:GRAPHQL_PORT/graphql' \ The API server runs on `0.0.0.0:` with **CORS enabled** for all main endpoints. +CORS configuration: You can limit allowed CORS origins with the `CORS_ORIGINS` environment variable. Set it to a comma-separated list of origins (for example: `CORS_ORIGINS="https://example.com,http://localhost:3000"`). The server parses this list at startup and only allows origins that begin with `http://` or `https://`. If `CORS_ORIGINS` is unset or parses to an empty list, the API falls back to a safe development default list (localhosts) and will include `*` as a last-resort permissive origin. + --- ## Authentication @@ -57,6 +59,10 @@ http://:/ ## Endpoints +> [!NOTE] +> You can explore the API endpoints by using the interactive API docs at `http://:/docs`. +> ![API docs](./img/API/API_docs.png) + > [!TIP] > When retrieving devices or settings try using the GraphQL API endpoint first as it is read-optimized. @@ -76,6 +82,7 @@ http://:/ * [Sync](API_SYNC.md) – Synchronization between multiple NetAlertX instances * [Logs](API_LOGS.md) – Purging of logs and adding to the event execution queue for user triggered events * [DB query](API_DBQUERY.md) (⚠ Internal) - Low level database access - use other endpoints if possible +* `/server` (⚠ Internal) - Backend server endpoint for internal communication only - **do not use directly** ### MCP Server Bridge diff --git a/docs/API_DEVICE_FIELD_LOCK.md b/docs/API_DEVICE_FIELD_LOCK.md index 5819301eb..61180cf76 100644 --- a/docs/API_DEVICE_FIELD_LOCK.md +++ b/docs/API_DEVICE_FIELD_LOCK.md @@ -138,36 +138,6 @@ The Device Edit form displays lock/unlock buttons for all tracked fields: 2. **Unlock Button** (🔓): Click to allow plugin overwrites again 3. **Source Indicator**: Shows current field source (USER, LOCKED, NEWDEV, or plugin name) -## UI Workflow - -### Locking a Field via UI - -1. Navigate to Device Details -2. Find the field you want to protect -3. Click the lock button (🔒) next to the field -4. Button changes to unlock (🔓) and source indicator turns red (LOCKED) -5. Field is now protected from plugin overwrites - -### Unlocking a Field via UI - -1. Find the locked field (button shows 🔓) -2. Click the unlock button -3. Button changes back to lock (🔒) and source resets to NEWDEV -4. Plugins can now update this field again - -## Authorization - -All lock/unlock operations require: -- Valid API token in `Authorization: Bearer {token}` header -- User must be authenticated to the NetAlertX instance - -## Implementation Details - -### Backend Logic -The lock/unlock feature is implemented in: -- **API Endpoint**: `/server/api_server/api_server_start.py` - `api_device_field_lock()` -- **Data Model**: `/server/models/device_instance.py` - Authorization checks in `setDeviceData()` -- **Database**: Devices table with `*Source` columns tracking field origins ### Authorization Handler @@ -179,6 +149,9 @@ The authoritative field update logic prevents plugin overwrites: 4. If source is `NEWDEV` or plugin name, plugin update is accepted ## See Also + +- [Device locking](./DEVICE_FIELD_LOCK.md) +- [Device source fields](./DEVICE_SOURCE_FIELDS.md) - [API Device Endpoints Documentation](./API_DEVICE.md) - [Authoritative Field Updates System](./PLUGINS_DEV.md#authoritative-fields) - [Plugin Configuration Reference](./PLUGINS_DEV_CONFIG.md) diff --git a/docs/API_MCP.md b/docs/API_MCP.md index 6ab19c4b6..387facef2 100644 --- a/docs/API_MCP.md +++ b/docs/API_MCP.md @@ -31,11 +31,6 @@ graph TB D -->|Response Data| C C -->|JSON Response| B B -->|Stream Events| A - - style A fill:#e1f5fe - style B fill:#f3e5f5 - style C fill:#fff3e0 - style D fill:#e8f5e8 ``` ### MCP Tool Integration @@ -54,7 +49,7 @@ sequenceDiagram API-->>MCP: 5. Available tools spec MCP-->>AI: 6. Tool definitions AI->>MCP: 7. tools/call: search_devices - MCP->>API: 8. POST /mcp/sse/devices/search + MCP->>API: 8. POST /devices/search API->>DB: 9. Query devices DB-->>API: 10. Device data API-->>MCP: 11. JSON response @@ -77,9 +72,9 @@ graph LR end subgraph "NetAlertX API Server (:20211)" - F[Device APIs
/mcp/sse/devices/*] - G[Network Tools
/mcp/sse/nettools/*] - H[Events API
/mcp/sse/events/*] + F[Device APIs
/devices/*] + G[Network Tools
/nettools/*] + H[Events API
/events/*] end subgraph "Backend" @@ -98,15 +93,6 @@ graph LR F --> I G --> J H --> I - - style A fill:#e1f5fe - style B fill:#e1f5fe - style C fill:#f3e5f5 - style D fill:#f3e5f5 - style E fill:#f3e5f5 - style F fill:#fff3e0 - style G fill:#fff3e0 - style H fill:#fff3e0 ``` --- @@ -196,27 +182,28 @@ eventSource.onmessage = function(event) { | Tool | Endpoint | Description | |------|----------|-------------| -| `list_devices` | `/mcp/sse/devices/by-status` | List devices by online status | -| `get_device_info` | `/mcp/sse/device/` | Get detailed device information | -| `search_devices` | `/mcp/sse/devices/search` | Search devices by MAC, name, or IP | -| `get_latest_device` | `/mcp/sse/devices/latest` | Get most recently connected device | -| `set_device_alias` | `/mcp/sse/device//set-alias` | Set device friendly name | +| `list_devices` | `/devices/by-status` | List devices by online status | +| `get_device_info` | `/device/{mac}` | Get detailed device information | +| `search_devices` | `/devices/search` | Search devices by MAC, name, or IP | +| `get_latest_device` | `/devices/latest` | Get most recently connected device | +| `set_device_alias` | `/device/{mac}/set-alias` | Set device friendly name | ### Network Tools | Tool | Endpoint | Description | |------|----------|-------------| -| `trigger_scan` | `/mcp/sse/nettools/trigger-scan` | Trigger network discovery scan | -| `get_open_ports` | `/mcp/sse/device/open_ports` | Get stored NMAP open ports for device | -| `wol_wake_device` | `/mcp/sse/nettools/wakeonlan` | Wake device using Wake-on-LAN | -| `get_network_topology` | `/mcp/sse/devices/network/topology` | Get network topology map | +| `trigger_scan` | `/nettools/trigger-scan` | Trigger network discovery scan to find new devices. | +| `run_nmap_scan` | `/nettools/nmap` | Perform NMAP scan on a target to identify open ports. | +| `get_open_ports` | `/device/open_ports` | Get stored NMAP open ports. Use `run_nmap_scan` first if empty. | +| `wol_wake_device` | `/nettools/wakeonlan` | Wake device using Wake-on-LAN | +| `get_network_topology` | `/devices/network/topology` | Get network topology map | ### Event & Monitoring Tools | Tool | Endpoint | Description | |------|----------|-------------| -| `get_recent_alerts` | `/mcp/sse/events/recent` | Get events from last 24 hours | -| `get_last_events` | `/mcp/sse/events/last` | Get 10 most recent events | +| `get_recent_alerts` | `/events/recent` | Get events from last 24 hours | +| `get_last_events` | `/events/last` | Get 10 most recent events | --- diff --git a/docs/BACKUPS.md b/docs/BACKUPS.md index 7b26ce3d1..79a40e0bb 100755 --- a/docs/BACKUPS.md +++ b/docs/BACKUPS.md @@ -2,7 +2,7 @@ > [!NOTE] > To back up 99% of your configuration, back up at least the `/data/config` folder. -> Database definitions can change between releases, so the safest method is to restore backups using the **same app version** they were taken from, then upgrade incrementally. +> Database definitions can change between releases, so the safest method is to restore backups using the **same app version** they were taken from, then upgrade incrementally by following the [Migration documentation](./MIGRATION.md). --- diff --git a/docs/COMMON_ISSUES.md b/docs/COMMON_ISSUES.md index d270f5a3b..1bbb05fab 100755 --- a/docs/COMMON_ISSUES.md +++ b/docs/COMMON_ISSUES.md @@ -120,3 +120,23 @@ With `ARPSCAN` scans some devices might flip IP addresses after each scan trigge See how to prevent IP flipping in the [ARPSCAN plugin guide](/front/plugins/arp_scan/README.md). Alternatively adjust your [notification settings](./NOTIFICATIONS.md) to prevent false positives by filtering out events or devices. + +#### Multiple NICs on Same Host Reporting Same IP + +On systems with multiple NICs (like a Proxmox server), each NIC has its own MAC address. Sometimes NetAlertX can incorrectly assign the same IP to all NICs, causing false device mappings. This is due to the way ARP responses are handled by the OS and cannot be overridden directly in NetAlertX. + +**Resolution (Linux-based systems, e.g., Proxmox):** + +Run the following commands on the host to fix ARP behavior: + +```bash +sudo sysctl -w net.ipv4.conf.all.arp_ignore=1 +sudo sysctl -w net.ipv4.conf.all.arp_announce=2 +``` + +This ensures each NIC responds correctly to ARP requests and prevents NetAlertX from misassigning IPs. + +> For setups with multiple interfaces on the same switch, consider [workflows](./WORKFLOWS.md), [device exclusions](./NOTIFICATIONS.md), or [dummy devices](./DEVICE_MANAGEMENT.md) as additional workarounds. +> See [Feature Requests](https://github.com/netalertx/netalertx/issues) for reporting edge cases. + + diff --git a/docs/DEBUG_PLUGINS.md b/docs/DEBUG_PLUGINS.md index 96af4cb03..947eee0da 100755 --- a/docs/DEBUG_PLUGINS.md +++ b/docs/DEBUG_PLUGINS.md @@ -1,7 +1,7 @@ # Troubleshooting plugins > [!TIP] -> Before troubleshooting, please ensure you have the right [Debugging and LOG_LEVEL set](./DEBUG_TIPS.md). +> Before troubleshooting, please ensure you have the right [Debugging and LOG_LEVEL set](./DEBUG_TIPS.md) in Settings. ## High-level overview @@ -22,10 +22,25 @@ For a more in-depth overview on how plugins work check the [Plugins development #### Incorrect input data -Input data from the plugin might cause mapping issues in specific edge cases. Look for a corresponding section in the `app.log` file, for example notice the first line of the execution run of the `PIHOLE` plugin below: +Input data from the plugin might cause mapping issues in specific edge cases. Look for a corresponding section in the `app.log` file, and search for `[Scheduler] run for PLUGINNAME: YES`, so for ICMP you would look for `[Scheduler] run for ICMP: YES`. You can find examples of useful logs below. If your issue is related to a plugin, and you don't include a log section with this data, we can't help you to resolve your issue. + +##### ICMP log example + +``` +20:39:04 [Scheduler] run for ICMP: YES +20:39:04 [ICMP] fping skipping 192.168.1.124 : [2], timed out (NaN avg, 100% loss) +20:39:04 [ICMP] adding 192.168.1.123 from 192.168.1.123 : [2], 64 bytes, 20.1 ms (8.22 avg, 0% loss) +20:39:04 [ICMP] fping skipping 192.168.1.157 : [1], timed out (NaN avg, 100% loss) +20:39:04 [ICMP] adding 192.168.1.79 from 192.168.1.79 : [2], 64 bytes, 48.3 ms (60.9 avg, 0% loss) +20:39:04 [ICMP] fping skipping 192.168.1.128 : [2], timed out (NaN avg, 100% loss) +20:39:04 [ICMP] fping skipping 192.168.1.129 : [2], timed out (NaN avg, 100% loss) +``` + + +##### PIHOLE log example ``` -17:31:05 [Scheduler] - Scheduler run for PIHOLE: YES +17:31:05 [Scheduler] run for PIHOLE: YES 17:31:05 [Plugin utils] --------------------------------------------- 17:31:05 [Plugin utils] display_name: PiHole (Device sync) 17:31:05 [Plugins] CMD: SELECT n.hwaddr AS Object_PrimaryID, {s-quote}null{s-quote} AS Object_SecondaryID, datetime() AS DateTime, na.ip AS Watched_Value1, n.lastQuery AS Watched_Value2, na.name AS Watched_Value3, n.macVendor AS Watched_Value4, {s-quote}null{s-quote} AS Extra, n.hwaddr AS ForeignKey FROM EXTERNAL_PIHOLE.Network AS n LEFT JOIN EXTERNAL_PIHOLE.Network_Addresses AS na ON na.network_id = n.id WHERE n.hwaddr NOT LIKE {s-quote}ip-%{s-quote} AND n.hwaddr is not {s-quote}00:00:00:00:00:00{s-quote} AND na.ip is not null @@ -54,13 +69,13 @@ Input data from the plugin might cause mapping issues in specific edge cases. Lo 17:31:05 [Plugin utils] In pluginObjects there are 2 events with the status "missing-in-last-scan" 17:31:05 [Plugin utils] In pluginObjects there are 2 events with the status "watched-not-changed" 17:31:05 [Plugins] Mapping objects to database table: CurrentScan -17:31:05 [Plugins] SQL query for mapping: INSERT into CurrentScan ( "cur_MAC", "cur_IP", "cur_LastQuery", "cur_Name", "cur_Vendor", "cur_ScanMethod") VALUES ( ?, ?, ?, ?, ?, ?) +17:31:05 [Plugins] SQL query for mapping: INSERT into CurrentScan ( "scanMac", "scanLastIP", "scanLastQuery", "scanName", "scanVendor", "scanSourcePlugin") VALUES ( ?, ?, ?, ?, ?, ?) 17:31:05 [Plugins] SQL sqlParams for mapping: [('01:01:01:01:01:01', '172.30.0.1', 0, 'aaaa', 'vvvvvvvvv', 'PIHOLE'), ('02:42:ac:1e:00:02', '172.30.0.2', 0, 'dddd', 'vvvvv2222', 'PIHOLE')] 🔺 17:31:05 [API] Update API starting 17:31:06 [API] Updating table_plugins_history.json file in /api ``` - +> [!NOTE] > The debug output between the 🔻red arrows🔺 is important for debugging (arrows added only to highlight the section on this page, they are not available in the actual debug log) In the above output notice the section logging how many events are produced by the plugin: @@ -80,12 +95,11 @@ These values, if formatted correctly, will also show up in the UI: ![Plugins table](./img/DEBUG_PLUGINS/plugin_objects_pihole.png) - ### Sharing application state Sometimes specific log sections are needed to debug issues. The Devices and CurrentScan table data is sometimes needed to figure out what's wrong. -1. Please set `LOG_LEVEL` to `trace` (Disable it once you have the info as this produces big log files). +1. Please set `LOG_LEVEL` to `trace` in the Settings (Disable it once you have the info as this produces big log files). 2. Wait for the issue to occur. 3. Search for `================ DEVICES table content ================` in your logs. 4. Search for `================ CurrentScan table content ================` in your logs. diff --git a/docs/DEBUG_TIPS.md b/docs/DEBUG_TIPS.md index 1a439eab3..0228ff002 100755 --- a/docs/DEBUG_TIPS.md +++ b/docs/DEBUG_TIPS.md @@ -21,7 +21,7 @@ docker run \ --tmpfs /tmp:uid=20211,gid=20211,mode=1700 \ -e PORT=20211 \ -e APP_CONF_OVERRIDE='{"GRAPHQL_PORT":"20214"}' \ - ghcr.io/jokob-sk/netalertx:latest + ghcr.io/netalertx/netalertx:latest ``` @@ -34,7 +34,7 @@ Note: Your `/local_data_dir` should contain a `config` and `db` folder. If possible, check if your issue got fixed in the `_dev` image before opening a new issue. The container is: -`ghcr.io/jokob-sk/netalertx-dev:latest` +`ghcr.io/netalertx/netalertx-dev:latest` > ⚠ Please backup your DB and config beforehand! diff --git a/docs/QUICK_REFERENCE_FIELD_LOCK.md b/docs/DEVICE_FIELD_LOCK.md similarity index 81% rename from docs/QUICK_REFERENCE_FIELD_LOCK.md rename to docs/DEVICE_FIELD_LOCK.md index 05144428e..47369c578 100644 --- a/docs/QUICK_REFERENCE_FIELD_LOCK.md +++ b/docs/DEVICE_FIELD_LOCK.md @@ -1,6 +1,8 @@ # Quick Reference Guide - Device Field Lock/Unlock System -## One-Minute Overview +## Overview + +![Field source and locks](./img/DEVICE_MANAGEMENT/field_sources_and_locks.png) The device field lock/unlock system allows you to protect specific device fields from being automatically overwritten by scanning plugins. When you lock a field, NetAlertX remembers your choice and prevents plugins from changing that value until you unlock it. @@ -10,14 +12,19 @@ The device field lock/unlock system allows you to protect specific device fields These are the ONLY fields that can be locked: -- devName - Device hostname/alias -- devVendor - Device manufacturer -- devFQDN - Fully qualified domain name -- devSSID - WiFi network name -- devParentMAC - Parent/gateway MAC -- devParentPort - Parent device port -- devParentRelType - Relationship type (e.g., "gateway") -- devVlan - VLAN identifier +- `devName` - Device hostname/alias +- `devVendor` - Device manufacturer +- `devSSID` - WiFi network name +- `devParentMAC` - Parent/gateway MAC +- `devParentPort` - Parent device port +- `devParentRelType` - Relationship type (e.g., "gateway") +- `devVlan` - VLAN identifier + +Additional fields that are tracked (and their source is dispalyed in the UI if available): + +- `devMac` +- `devLastIP` +- `devFQDN` ## Source Values Explained @@ -30,7 +37,12 @@ Each locked field has a "source" indicator that shows you why the value is prote | 📡 **NEWDEV** | Default/unset value | Yes, plugins can update | | 📡 **Plugin name** | Last updated by a plugin (e.g., UNIFIAPI) | Yes, plugins can update if field in SET_ALWAYS | -## How to Use +Overwrite rules are + +> [!TIP] +> You can bulk-unlock devices in the [Multi-edit](./DEVICES_BULK_EDITING.md) dialog. This removes all `USER` and `LOCKED` values from all `*Source` fields of selected devices. + +## Usage Examples ### Lock a Field (Prevent Plugin Changes) @@ -106,12 +118,14 @@ Each locked field has a "source" indicator that shows you why the value is prote ## When to Lock vs. When NOT to Lock ### ✅ **Good reasons to lock:** + - You've customized the device name and it's correct - You've set a static IP and it shouldn't change - You've configured VLAN information - You know the parent device and don't want it auto-corrected ### ❌ **Bad reasons to lock:** + - The value seems wrong—edit it first, then lock - You want to prevent data from another source—use field lock, not to hide problems - You're trying to force a value the system disagrees with @@ -119,29 +133,32 @@ Each locked field has a "source" indicator that shows you why the value is prote ## Troubleshooting **Lock button not appearing:** + - Confirm the field is one of the tracked fields (see list above) - Confirm the device is already saved (new devices don't show lock buttons) - Refresh the page **Lock button is there but click doesn't work:** + - Check your internet connection - Check you have permission to edit devices - Look at browser console (F12 > Console tab) for error messages - Try again in a few seconds **Field still changes after locking:** + - Double-check the lock icon shows - Reload the page—the change might be a display issue - Check if you accidentally unlocked it - Open an issue if it persists -## For More Information - -- **Technical details:** See [API_DEVICE_FIELD_LOCK.md](API_DEVICE_FIELD_LOCK.md) -- **Plugin configuration:** See [PLUGINS_DEV_CONFIG.md](PLUGINS_DEV_CONFIG.md) -- **Admin guide:** See [DEVICE_MANAGEMENT.md](DEVICE_MANAGEMENT.md) - ---- +## See also -**Quick Start:** Find a device field you want to protect → Click the lock icon → That's it! The field won't change until you unlock it. +- [Device locking](./DEVICE_FIELD_LOCK.md) +- [Device source fields](./DEVICE_SOURCE_FIELDS.md) +- [API Device Endpoints Documentation](./API_DEVICE.md) +- [Authoritative Field Updates System](./PLUGINS_DEV.md#authoritative-fields) +- [Plugin Configuration Reference](./PLUGINS_DEV_CONFIG.md) +- [Device locking APIs](API_DEVICE_FIELD_LOCK.md) +- [Device management](DEVICE_MANAGEMENT.md) diff --git a/docs/DEVICE_MANAGEMENT.md b/docs/DEVICE_MANAGEMENT.md index d1c663470..51685323e 100755 --- a/docs/DEVICE_MANAGEMENT.md +++ b/docs/DEVICE_MANAGEMENT.md @@ -49,6 +49,8 @@ To speed up device population you can also copy data from an existing device. Th ## Field Locking (Preventing Plugin Overwrites) +![Field source and locks](./img/DEVICE_MANAGEMENT/field_sources_and_locks.png) + NetAlertX allows you to "lock" specific device fields to prevent plugins from automatically overwriting your custom values. This is useful when you've manually corrected information that might be discovered differently by discovery plugins. ### Quick Start @@ -57,14 +59,9 @@ NetAlertX allows you to "lock" specific device fields to prevent plugins from au 2. Click the **lock button** (🔒) next to any tracked field 3. The field is now protected—plugins cannot change it until you unlock it -### Tracked Fields - -The following 10 fields support locking: -- devMac, devName, devLastIP, devVendor, devFQDN, devSSID, devParentMAC, devParentPort, devParentRelType, devVlan - ### See Also -- **For Users:** [Quick Reference - Device Field Lock/Unlock](QUICK_REFERENCE_FIELD_LOCK.md) - How to use field locking +- **For Users:** [Quick Reference - Device Field Lock/Unlock](DEVICE_FIELD_LOCK.md) - How to use field locking - **For Developers:** [API Device Field Lock Documentation](API_DEVICE_FIELD_LOCK.md) - Technical API reference - **For Plugin Developers:** [Plugin Field Configuration (SET_ALWAYS/SET_EMPTY)](PLUGINS_DEV_CONFIG.md) - Configure which fields plugins can update diff --git a/docs/DEVICE_SOURCE_FIELDS.md b/docs/DEVICE_SOURCE_FIELDS.md new file mode 100644 index 000000000..02ef5e46c --- /dev/null +++ b/docs/DEVICE_SOURCE_FIELDS.md @@ -0,0 +1,67 @@ +# Understanding Device Source Fields and Field Updates + +When the system scans a network, it finds various details about devices (like names, IP addresses, and manufacturers). To ensure the data remains accurate without accidentally overwriting manual changes, the system uses a set of "Source Rules." + +![Field source and locks](./img/DEVICE_MANAGEMENT/field_sources_and_locks.png) + +--- + +## The "Protection" Levels + +Every piece of information for a device has a **Source**. This source determines whether a new scan is allowed to change that value. + +| Source Status | Description | Can a Scan Overwrite it? | +| --- | --- | --- | +| **USER** | You manually entered this value. | **Never** | +| **LOCKED** | This value is pinned and protected. | **Never** | +| **NEWDEV** | This value was initialized from `NEWDEV` plugin settings. | **Always** | +| **(Plugin Name)** | The value was found by a specific scanner (e.g., `NBTSCAN`). | **Only if specific rules are met** | + +--- + +## How Scans Update Information + +If a field is **not** protected by a `USER` or `LOCKED` status, the system follows these rules to decide if it should update the info: + +### 1. The "Empty Field" Rule (Default) + +By default, the system is cautious. It will only fill in a piece of information if the current field is **empty** (showing as "unknown," "0.0.0.0," or blank). It won't change for example an existing name unless you tell it to. + +### 2. SET_ALWAYS + +Some plugins are configured to be "authoritative." If a field is in the **SET_ALWAYS** setting of a plugin: + +* The scanner will **always** overwrite the current value with the new one. +* *Note: It will still never overwrite a `USER` or `LOCKED` field.* + +### 3. SET_EMPTY + +If a field is in the **SET_EMPTY** list: + +* The scanner will **only** provide a value if the current field is currently empty. +* This is used for fields where we want to "fill in the blanks" but never change a value once it has been established by any source. + +### 4. Automatic Overrides (Live Tracking) + +Some fields, like **IP Addresses** (`devLastIP`) and **Full Domain Names** (`devFQDN`), are set to automatically update whenever they change. This ensures that if a device moves to a new IP on your network, the system reflects that change immediately without you having to do anything. + +--- + +## Summary of Field Logic + +| If the current value is... | And the Scan finds... | Does it update? | +| --- | --- | --- | +| **USER / LOCKED** | Anything | **No** | +| **Empty** | A new value | **Yes** | +| **A "Plugin" value** | A different value | **No** (Unless `SET_ALWAYS` is on) | +| **An IP Address** | A different IP | **Yes** (Updates automatically) | + +## See also: + +- [Device locking](./DEVICE_FIELD_LOCK.md) +- [Device source fields](./DEVICE_SOURCE_FIELDS.md) +- [API Device Endpoints Documentation](./API_DEVICE.md) +- [Authoritative Field Updates System](./PLUGINS_DEV.md#authoritative-fields) +- [Plugin Configuration Reference](./PLUGINS_DEV_CONFIG.md) +- [Device locking APIs](API_DEVICE_FIELD_LOCK.md) +- [Device management](DEVICE_MANAGEMENT.md) diff --git a/docs/DEV_ENV_SETUP.md b/docs/DEV_ENV_SETUP.md index 26bbee4d1..587bc6d8c 100755 --- a/docs/DEV_ENV_SETUP.md +++ b/docs/DEV_ENV_SETUP.md @@ -8,26 +8,26 @@ Before starting development, please review the following guidelines. ### Priority Order (Highest to Lowest) -1. 🔼 Fixing core bugs that lack workarounds -2. 🔵 Adding core functionality that unlocks other features (e.g., plugins) -3. 🔵 Refactoring to enable faster development -4. 🔽 UI improvements (PRs welcome, but low priority) +1. 🔼 Fixing core bugs that lack workarounds +2. 🔵 Adding core functionality that unlocks other features (e.g., plugins) +3. 🔵 Refactoring to enable faster development +4. 🔽 UI improvements (PRs welcome, but low priority) ### Design Philosophy -The application architecture is designed for extensibility and maintainability. It relies heavily on configuration manifests via plugins and settings to dynamically build the UI and populate the application with data from various sources. +The application architecture is designed for extensibility and maintainability. It relies heavily on configuration manifests via plugins and settings to dynamically build the UI and populate the application with data from various sources. -For details, see: -- [Plugins Development](PLUGINS_DEV.md) (includes video) -- [Settings System](SETTINGS_SYSTEM.md) +For details, see: +- [Plugins Development](PLUGINS_DEV.md) (includes video) +- [Settings System](SETTINGS_SYSTEM.md) -Focus on **core functionality** and integrate with existing tools rather than reinventing the wheel. +Focus on **core functionality** and integrate with existing tools rather than reinventing the wheel. -Examples: -- Using **Apprise** for notifications instead of implementing multiple separate gateways -- Implementing **regex-based validation** instead of one-off validation for each setting +Examples: +- Using **Apprise** for notifications instead of implementing multiple separate gateways +- Implementing **regex-based validation** instead of one-off validation for each setting -> [!NOTE] +> [!NOTE] > UI changes have lower priority. PRs are welcome, but please keep them **small and focused**. ## Development Environment Set Up @@ -43,7 +43,7 @@ The following steps will guide you to set up your environment for local developm ### 1. Download the code: - `mkdir /development` -- `cd /development && git clone https://github.com/jokob-sk/NetAlertX.git` +- `cd /development && git clone https://github.com/netalertx/NetAlertX.git` ### 2. Create a DEV .env_dev file @@ -59,13 +59,13 @@ PORT=22222 # make sure this port is unique on your whole network DEV_LOCATION=/development/NetAlertX APP_DATA_LOCATION=/volume/docker_appdata # Make sure your GRAPHQL_PORT setting has a port that is unique on your whole host network -APP_CONF_OVERRIDE={"GRAPHQL_PORT":"22223"} +APP_CONF_OVERRIDE={"GRAPHQL_PORT":"22223"} # ALWAYS_FRESH_INSTALL=true # uncommenting this will always delete the content of /config and /db dirs on boot to simulate a fresh install ``` -### 3. Create /db and /config dirs +### 3. Create /db and /config dirs -Create a folder `netalertx` in the `APP_DATA_LOCATION` (in this example in `/volume/docker_appdata`) with 2 subfolders `db` and `config`. +Create a folder `netalertx` in the `APP_DATA_LOCATION` (in this example in `/volume/docker_appdata`) with 2 subfolders `db` and `config`. - `mkdir /volume/docker_appdata/netalertx` - `mkdir /volume/docker_appdata/netalertx/db` @@ -82,9 +82,9 @@ You can then modify the python script without restarting/rebuilding the containe ## Tips -A quick cheat sheet of useful commands. +A quick cheat sheet of useful commands. -### Removing the container and image +### Removing the container and image A command to stop, remove the container and the image (replace `netalertx` and `netalertx-netalertx` with the appropriate values) @@ -98,23 +98,23 @@ Most code changes can be tested without rebuilding the container. When working o ![image](./img/DEV/Maintenance_Logs_Restart_server.png) -2. If above doesn't work, SSH into the container and kill & restart the main script loop +2. If above doesn't work, SSH into the container and kill & restart the main script loop - `sudo docker exec -it netalertx /bin/bash` - `pkill -f "python /app/server" && python /app/server & ` -3. If none of the above work, restart the docker container. +3. If none of the above work, restart the docker container. -- This is usually the last resort as sometimes the Docker engine becomes unresponsive and the whole engine needs to be restarted. +- This is usually the last resort as sometimes the Docker engine becomes unresponsive and the whole engine needs to be restarted. ## Contributing & Pull Requests ### Before submitting a PR, please ensure: -✔ Changes are **backward-compatible** with existing installs. -✔ No unnecessary changes are made. -✔ New features are **reusable**, not narrowly scoped. -✔ Features are implemented via **plugins** if possible. +✔ Changes are **backward-compatible** with existing installs. +✔ No unnecessary changes are made. +✔ New features are **reusable**, not narrowly scoped. +✔ Features are implemented via **plugins** if possible. ### Mandatory Test Cases @@ -122,15 +122,15 @@ Most code changes can be tested without rebuilding the container. When working o - Existing DB/config compatibility. - Notification testing: - - Email - - Apprise (e.g., Telegram) - - Webhook (e.g., Discord) - - MQTT (e.g., Home Assistant) + - Email + - Apprise (e.g., Telegram) + - Webhook (e.g., Discord) + - MQTT (e.g., Home Assistant) - Updating Settings and their persistence. - Updating a Device - Plugin functionality. - Error log inspection. -> [!NOTE] +> [!NOTE] > Always run all available tests as per the [Testing documentation](API_TESTS.md). diff --git a/docs/DOCKER_COMPOSE.md b/docs/DOCKER_COMPOSE.md index 396bc912a..dd89807b5 100755 --- a/docs/DOCKER_COMPOSE.md +++ b/docs/DOCKER_COMPOSE.md @@ -17,7 +17,7 @@ services: netalertx: #use an environmental variable to set host networking mode if needed container_name: netalertx # The name when you docker contiainer ls - image: ghcr.io/jokob-sk/netalertx:latest + image: ghcr.io/netalertx/netalertx:latest network_mode: ${NETALERTX_NETWORK_MODE:-host} # Use host networking for ARP scanning and other services read_only: true # Make the container filesystem read-only @@ -27,6 +27,9 @@ services: - NET_ADMIN # Required for ARP scanning - NET_RAW # Required for raw socket operations - NET_BIND_SERVICE # Required to bind to privileged ports (nbtscan) + - CHOWN # Required for root-entrypoint to chown /data + /tmp before dropping privileges + - SETUID # Required for root-entrypoint to switch to non-root user + - SETGID # Required for root-entrypoint to switch to non-root group volumes: - type: volume # Persistent Docker-managed named volume for config + database @@ -78,7 +81,6 @@ services: cpu_shares: 512 # Relative CPU weight for CPU contention scenarios pids_limit: 512 # Limit the number of processes/threads to prevent fork bombs logging: - driver: "json-file" # Use JSON file logging driver options: max-size: "10m" # Rotate log files after they reach 10MB max-file: "3" # Keep a maximum of 3 log files diff --git a/docs/DOCKER_INSTALLATION.md b/docs/DOCKER_INSTALLATION.md index 2116fb332..f57bd8d6b 100644 --- a/docs/DOCKER_INSTALLATION.md +++ b/docs/DOCKER_INSTALLATION.md @@ -4,10 +4,11 @@ [![Discord](https://img.shields.io/discord/1274490466481602755?color=0aa8d2&logoColor=fff&logo=Discord&style=for-the-badge)](https://discord.gg/NczTUTWyRr) [![Home Assistant](https://img.shields.io/badge/Repo-blue?logo=home-assistant&style=for-the-badge&color=0aa8d2&logoColor=fff&label=Add)](https://my.home-assistant.io/redirect/supervisor_add_addon_repository/?repository_url=https%3A%2F%2Fgithub.com%2Falexbelgium%2Fhassio-addons) -# NetAlertX - Network scanner & notification framework +# NetAlertX - Network Visibility & Asset Intelligence Framework -| [📑 Docker guide](https://docs.netalertx.com/DOCKER_INSTALLATION) | [🚀 Releases](https://github.com/jokob-sk/NetAlertX/releases) | [📚 Docs](https://docs.netalertx.com/) | [🔌 Plugins](https://docs.netalertx.com/PLUGINS) | [🤖 Ask AI](https://gurubase.io/g/netalertx) -|----------------------| ----------------------| ----------------------| ----------------------| ----------------------| +--- +### || [Docker guide](https://docs.netalertx.com/DOCKER_INSTALLATION) || [Releases](https://github.com/netalertx/NetAlertX/releases) || [Docs](https://docs.netalertx.com/) || [Plugins](https://docs.netalertx.com/PLUGINS) || [Website](https://netalertx.com) +--- @@ -30,7 +31,7 @@ docker run -d --rm --network=host \ --tmpfs /tmp:uid=${NETALERTX_UID:-20211},gid=${NETALERTX_GID:-20211},mode=1700 \ -e PORT=20211 \ -e APP_CONF_OVERRIDE={"GRAPHQL_PORT":"20214"} \ - ghcr.io/jokob-sk/netalertx:latest + ghcr.io/netalertx/netalertx:latest ``` > Runtime UID/GID: The image defaults to a service user `netalertx` (UID/GID 20211). A separate readonly lock owner also uses UID/GID 20211 for 004/005 immutability. You can override the runtime UID/GID at build (ARG) or run (`--user` / compose `user:`) but must align writable mounts (`/data`, `/tmp*`) and tmpfs `uid/gid` to that choice. @@ -120,8 +121,8 @@ You can read or watch several [community configuration guides](https://docs.neta ## 💙 Support me -| [![GitHub](https://i.imgur.com/emsRCPh.png)](https://github.com/sponsors/jokob-sk) | [![Buy Me A Coffee](https://i.imgur.com/pIM6YXL.png)](https://www.buymeacoffee.com/jokobsk) | [![Patreon](https://i.imgur.com/MuYsrq1.png)](https://www.patreon.com/user?u=84385063) | -| --- | --- | --- | +| [![GitHub](https://i.imgur.com/emsRCPh.png)](https://github.com/sponsors/jokob-sk) | [![Buy Me A Coffee](https://i.imgur.com/pIM6YXL.png)](https://www.buymeacoffee.com/jokobsk) | +| --- | --- | - Bitcoin: `1N8tupjeCK12qRVU2XrV17WvKK7LCawyZM` - Ethereum: `0x6e2749Cb42F4411bc98501406BdcD82244e3f9C7` diff --git a/docs/DOCKER_PORTAINER.md b/docs/DOCKER_PORTAINER.md index 673c77570..911c04c51 100755 --- a/docs/DOCKER_PORTAINER.md +++ b/docs/DOCKER_PORTAINER.md @@ -35,9 +35,9 @@ services: netalertx: container_name: netalertx # Use this line for stable release - image: "ghcr.io/jokob-sk/netalertx:latest" + image: "ghcr.io/netalertx/netalertx:latest" # Or, use this for the latest development build - # image: "ghcr.io/jokob-sk/netalertx-dev:latest" + # image: "ghcr.io/netalertx/netalertx-dev:latest" network_mode: "host" restart: unless-stopped cap_drop: # Drop all capabilities for enhanced security @@ -48,7 +48,7 @@ services: - NET_BIND_SERVICE - CHOWN - SETUID - - SETGID + - SETGID volumes: - ${APP_FOLDER}/netalertx/config:/data/config - ${APP_FOLDER}/netalertx/db:/data/db @@ -72,6 +72,13 @@ In the **Environment variables** section of Portainer, add the following: * `PORT=22022` (or another port if needed) * `APP_CONF_OVERRIDE={"GRAPHQL_PORT":"22023"}` (optional advanced settings, otherwise the backend API server PORT defaults to `20212`) +Additional environment variables (advanced / testing): + +* `SKIP_TESTS=1` — when set, the container entrypoint will skip all startup checks and print the message `Skipping startup checks as SKIP_TESTS is set.`. Useful for automated test runs or CI where the container should not perform environment-specific checks. +* `SKIP_STARTUP_CHECKS=""` — space-delimited list of specific startup checks to skip. Names are the human-friendly names derived from files in `/entrypoint.d` (remove the leading numeric prefix and file extension). Example: `SKIP_STARTUP_CHECKS="mandatory folders"` will skip `30-mandatory-folders.sh`. + +Note: these variables are primarily useful for non-production scenarios (testing, CI, or specific deployments) and are processed by the entrypoint scripts. See `entrypoint.sh` and `entrypoint.d/*` for exact behaviour and available check names. + --- ## 5. Ensure permissions diff --git a/docs/DOCKER_SWARM.md b/docs/DOCKER_SWARM.md index 3d0d218d4..7b34a21f3 100755 --- a/docs/DOCKER_SWARM.md +++ b/docs/DOCKER_SWARM.md @@ -44,7 +44,7 @@ Use the following Compose snippet to deploy NetAlertX with a **static LAN IP** a ```yaml services: netalertx: - image: ghcr.io/jokob-sk/netalertx:latest + image: ghcr.io/netalertx/netalertx:latest ... networks: swarm-ipvlan: diff --git a/docs/FEATURES.md b/docs/FEATURES.md new file mode 100644 index 000000000..81b7b83c1 --- /dev/null +++ b/docs/FEATURES.md @@ -0,0 +1,92 @@ +# NetAlertX Features Overview + +NetAlertX is a lightweight, flexible platform for monitoring networks, tracking devices, and delivering actionable alerts. It combines discovery, change detection, and multi-channel notification into a single, streamlined solution. + +--- + +## Network Discovery & Device Tracking + +![Network Discovery & Device Tracking](./img/FEATURES/Network_Discovery_Device_Tracking.png) + +- **Automatic Device Detection**: Continuously scans your local network to detect all connected devices via ARP, DHCP, SNMP, and compatible controllers. +- **Presence Monitoring**: Track when devices appear, disappear, or reconnect on the network. +- **IP & MAC Tracking**: Log device IP changes, ensuring accurate identification over time. +- **Import from Existing Systems**: Integrates with DHCP servers, Pi-hole, UniFi controllers, and other supported sources to maintain an accurate inventory. + +--- + +## LAN Visualization + +![LAN visualization](./img/FEATURES/LAN_Visualization.png) + +- **Lightweight Network Map**: View a real-time representation of your local network with all connected devices. +- **Device Status Indicators**: Quickly identify active, missing, or new devices at a glance. +- **Interactive Overview**: Hover over devices to see IP, MAC, and last seen timestamps. +- **Change Highlighting**: Newly detected, disconnected, or reconnected devices are visually flagged to reduce oversight. +- **Simple & Efficient**: Designed for quick insights without heavy resource usage or complex topology maps. + +--- + +## Event-Driven Alerts + +![Event-Driven Alerts](./img/FEATURES/Event-Driven_Alerts.png) + +- **Real-Time Notifications**: Receive immediate alerts for new devices, disconnected devices, or unexpected changes. +- **Customizable Filters and Rules**: Define rules based on device type, IP ranges, presence, or other network parameters. +- **Alert Deduplication & Suppression**: Avoid unnecessary noise with smart alert handling. +- **Historical Logs**: Maintain a complete timeline of network events for review and reporting. + +--- + +## Workflows for implementing Business rules + +![orkflows](./img/WORKFLOWS/workflows.png) + +- **Custom rules**: Cretae custom flows and update device information based to scan results. +- **Customizable Triggers**: Define rules based on any device data, including device type, IP ranges, presence, or other network parameters. +- **Automated Updates**: Automate repetitive tasks, making network management more efficient. + +--- + +## Multi-Channel Notification + +![Multi-Channel Notification](./img/FEATURES/Multi-Channel_Notifications.png) + +- **Flexible Delivery Options**: Send alerts via email, webhooks, MQTT, and more. +- **Integration with Automation**: Connect to ticketing systems, workflow engines, and custom scripts for automated responses. +- **Apprise Support**: Utilize over 80 pre-built notification services without additional configuration. + +--- + +## Security & Compliance-Friendly Logging + +![Events](./img/FEATURES/Events.png) + +- **Device Accountability**: Maintain an auditable record of every device that appears or disappears from the network. +- **Change Tracking**: Document network events with timestamps for review and compliance reporting. +- **Rogue Device Alerts**: Detect and respond to unexpected or unauthorized network connections. + +--- + +## MCP Server and OpenAPI + +![MCP Server](./img/FEATURES/MCP_Server.png) + +- **Data Access & Interaction**: The MCP server provides full programmatic access to NetAlertX, allowing you to query, monitor, and interact with network and device data. +- **OpenAPI Integration**: Use the OpenAPI interface to fetch device status, network events, and logs, or trigger actions and alerts programmatically. +- **Full Transparency**: All scan results, logs, and device information are accessible via the API, enabling auditing, automation, or integration with external systems. +- **Flexible & Reliable**: Structured API access ensures predictable, repeatable interactions while allowing real-time data monitoring and operational control. + +--- + +## Extensible & Open Source + +![Plugins](./img/plugins_json_settings.png) + +- **Plugin System**: Extend discovery methods, ingestion types, or notification channels through modular plugins. +- **Community Contributions**: Open-source architecture encourages collaboration and improvements. +- **Full Transparency**: All logs, scans, and configurations are visible for analysis. + +--- + +NetAlertX provides a centralized, proactive approach to network awareness, combining device visibility, event-driven alerting, and flexible notifications into a single, deployable solution. Its design prioritizes efficiency, clarity, and actionable insights, making it ideal for monitoring dynamic environments. diff --git a/docs/FILE_PERMISSIONS.md b/docs/FILE_PERMISSIONS.md index ccad16042..89e893cdc 100755 --- a/docs/FILE_PERMISSIONS.md +++ b/docs/FILE_PERMISSIONS.md @@ -12,7 +12,7 @@ docker run --rm --network=host \ -v /etc/localtime:/etc/localtime:ro \ --tmpfs /tmp:uid=20211,gid=20211,mode=1700 \ -e PORT=20211 \ - ghcr.io/jokob-sk/netalertx:latest + ghcr.io/netalertx/netalertx:latest ``` > [!WARNING] @@ -70,7 +70,7 @@ If you use a custom `PUID` (e.g. `0`) and `GUID` (e.g. `100`) make sure you also docker run -it --rm --name netalertx --user "0" \ -v /local_data_dir:/data \ --tmpfs /tmp:uid=20211,gid=20211,mode=1700 \ - ghcr.io/jokob-sk/netalertx:latest + ghcr.io/netalertx/netalertx:latest ``` 2. Wait for logs showing **permissions being fixed**. The container will then **hang intentionally**. @@ -95,7 +95,7 @@ docker run -it --rm --name netalertx --user "0" \ services: netalertx: container_name: netalertx - image: "ghcr.io/jokob-sk/netalertx" + image: "ghcr.io/netalertx/netalertx" network_mode: "host" cap_drop: # Drop all capabilities for enhanced security - ALL diff --git a/docs/FIX_OFFLINE_DETECTION.md b/docs/FIX_OFFLINE_DETECTION.md index bbfb0d3f8..6bac1fd12 100755 --- a/docs/FIX_OFFLINE_DETECTION.md +++ b/docs/FIX_OFFLINE_DETECTION.md @@ -42,7 +42,10 @@ ARPSCAN_DURATION=30 ### ✅ Add ICMP (Ping) Scanning -Enable the `ICMP` scan plugin to complement ARP detection. ICMP is often more reliable for detecting active hosts, especially when ARP fails. +Enable the `ICMP` scan plugin to complement ARP detection. ICMP is often more reliable for detecting active hosts, especially when ARP fails. + +> [!IMPORTANT] +> If using AdGuard/Pi-hole: If devices still show offline after enabling ICMP, temporarily disable your content blocker. If the issue disappears, whitelist the NetAlertX host IP in your blocker's settings to prevent pings from being dropped. ### ✅ Use Multiple Detection Methods @@ -52,7 +55,7 @@ A combined approach greatly improves detection robustness: * `ICMP` (ping) * `NMAPDEV` (nmap) -This hybrid strategy increases reliability, especially for down detection and alerting. See [other plugins](./PLUGINS.md) that might be compatible with your setup. See benefits and drawbacks of individual scan methods in their respective docs. +This hybrid strategy increases reliability, especially for down detection and alerting. See [other plugins](./PLUGINS.md) that might be compatible with your setup. See benefits and drawbacks of individual scan methods in their respective docs. ## Results @@ -76,4 +79,4 @@ After increasing the ARP timeout and adding ICMP scanning (on select IP ranges), Let us know in the [NetAlertX Discussions](https://github.com/jokob-sk/NetAlertX/discussions) if you have further feedback or edge cases. -See also [Remote Networks](./REMOTE_NETWORKS.md) for more advanced setups. \ No newline at end of file +See also [Remote Networks](./REMOTE_NETWORKS.md) for more advanced setups. \ No newline at end of file diff --git a/docs/INSTALLATION.md b/docs/INSTALLATION.md index 8e6cbcccb..4f5e51db2 100755 --- a/docs/INSTALLATION.md +++ b/docs/INSTALLATION.md @@ -8,11 +8,12 @@ NetAlertX can be installed several ways. The best supported option is Docker, fo - [[Installation] Home Assistant](https://github.com/alexbelgium/hassio-addons/tree/master/netalertx) - [[Installation] Unraid App](https://unraid.net/community/apps) - [[Installation] Bare metal (experimental - looking for maintainers)](https://docs.netalertx.com/HW_INSTALL) +- [[Installation] Nix flake (community supported)](https://github.com/netalertx/NetAlertX/blob/main/install/nix/flake.nix) submitted by [2m](https://github.com/2m) ## Help -If facing issues, please spend a few minutes seraching. +If facing issues, please spend a few minutes searching. - Check [common issues](./COMMON_ISSUES.md) - Have a look at [Community guides](./COMMUNITY_GUIDES.md) diff --git a/docs/MIGRATION.md b/docs/MIGRATION.md index a37169098..079b5a462 100755 --- a/docs/MIGRATION.md +++ b/docs/MIGRATION.md @@ -318,7 +318,7 @@ As per user feedback, we’ve re-introduced the ability to control which user th services: netalertx: container_name: netalertx - image: "ghcr.io/jokob-sk/netalertx" + image: "ghcr.io/netalertx/netalertx" network_mode: "host" cap_drop: - ALL diff --git a/docs/PERFORMANCE.md b/docs/PERFORMANCE.md index a5f7cd631..d7f4f0a74 100755 --- a/docs/PERFORMANCE.md +++ b/docs/PERFORMANCE.md @@ -80,9 +80,9 @@ services: netalertx: container_name: netalertx # Use this line for the stable release - image: "ghcr.io/jokob-sk/netalertx:latest" + image: "ghcr.io/netalertx/netalertx:latest" # Or use this line for the latest development build - # image: "ghcr.io/jokob-sk/netalertx-dev:latest" + # image: "ghcr.io/netalertx/netalertx-dev:latest" network_mode: "host" restart: unless-stopped diff --git a/docs/PLUGINS_DEV.md b/docs/PLUGINS_DEV.md index 3fbd8bff8..5176131f5 100755 --- a/docs/PLUGINS_DEV.md +++ b/docs/PLUGINS_DEV.md @@ -268,7 +268,7 @@ To import plugin data into NetAlertX tables for device discovery or notification "database_column_definitions": [ { "column": "Object_PrimaryID", - "mapped_to_column": "cur_MAC", + "mapped_to_column": "scanMac", "show": true, "type": "device_mac", "localized": ["name"], @@ -287,7 +287,7 @@ To always map a static value (not read from plugin output): ```json { "column": "NameDoesntMatter", - "mapped_to_column": "cur_ScanMethod", + "mapped_to_column": "scanSourcePlugin", "mapped_to_column_data": { "value": "MYPLN" } diff --git a/docs/PLUGINS_DEV_UI_COMPONENTS.md b/docs/PLUGINS_DEV_UI_COMPONENTS.md index 5f8ebb11e..776bd40e1 100644 --- a/docs/PLUGINS_DEV_UI_COMPONENTS.md +++ b/docs/PLUGINS_DEV_UI_COMPONENTS.md @@ -440,7 +440,7 @@ To import plugin data into the device scan pipeline (for notifications, heuristi "database_column_definitions": [ { "column": "Object_PrimaryID", - "mapped_to_column": "cur_MAC", + "mapped_to_column": "scanMac", "show": true, "type": "device_mac", "localized": ["name"], @@ -448,7 +448,7 @@ To import plugin data into the device scan pipeline (for notifications, heuristi }, { "column": "Object_SecondaryID", - "mapped_to_column": "cur_IP", + "mapped_to_column": "scanLastIP", "show": true, "type": "device_ip", "localized": ["name"], @@ -456,7 +456,7 @@ To import plugin data into the device scan pipeline (for notifications, heuristi }, { "column": "NameDoesntMatter", - "mapped_to_column": "cur_ScanMethod", + "mapped_to_column": "scanSourcePlugin", "mapped_to_column_data": { "value": "MYSCAN" }, @@ -478,7 +478,7 @@ Use `mapped_to_column_data` to map a static value instead of reading from a colu ```json { "column": "NameDoesntMatter", - "mapped_to_column": "cur_ScanMethod", + "mapped_to_column": "scanSourcePlugin", "mapped_to_column_data": { "value": "MYSCAN" }, @@ -489,7 +489,7 @@ Use `mapped_to_column_data` to map a static value instead of reading from a colu } ``` -This always sets `cur_ScanMethod` to `"MYSCAN"` regardless of column data. +This always sets `scanSourcePlugin` to `"MYSCAN"` regardless of column data. --- @@ -546,7 +546,7 @@ When viewing a device detail page, the `txtMacFilter` field is populated with th "database_column_definitions": [ { "column": "Object_PrimaryID", - "mapped_to_column": "cur_MAC", + "mapped_to_column": "scanMac", "css_classes": "col-sm-2", "show": true, "type": "device_mac", @@ -556,7 +556,7 @@ When viewing a device detail page, the `txtMacFilter` field is populated with th }, { "column": "Object_SecondaryID", - "mapped_to_column": "cur_IP", + "mapped_to_column": "scanLastIP", "css_classes": "col-sm-2", "show": true, "type": "device_ip", diff --git a/docs/REMOTE_NETWORKS.md b/docs/REMOTE_NETWORKS.md index 1fda6f17f..8ff4848ca 100755 --- a/docs/REMOTE_NETWORKS.md +++ b/docs/REMOTE_NETWORKS.md @@ -13,9 +13,17 @@ The following network setups might make some devices undetectable with `ARPSCAN` ### Wi-Fi Extenders -Wi-Fi extenders typically create a separate network or subnet, which can prevent network scanning tools like `arp-scan` from detecting devices behind the extender. +Wi-Fi extenders often **block or proxy Layer-2 broadcast traffic**, which can prevent network scanning tools like `arp-scan` from detecting devices behind the extender. This can happen **even when the extender uses the same SSID and the same IP subnet** as the main network. -> **Possible workaround**: Scan the specific subnet that the extender uses, if it is separate from the main network. +Please note that being able to `ping` a device does **not** mean it is discoverable via `arp-scan`. + +* `arp-scan` relies on **Layer 2 (ARP broadcast)** +* ICMP (`ping`) operates at **Layer 3 (routed traffic)** + +That’s why devices behind extenders may respond to ping but remain undiscoverable via `arp-scan`. + +> **Possible workaround**: +> If the extender uses a separate subnet, scan that subnet directly. Otherwise, use DHCP-based discovery plugins or router integration instead of ARP. See the **Other Workarounds** section below for more details. ### VPNs diff --git a/docs/REVERSE_DNS.md b/docs/REVERSE_DNS.md index 9ca3a24fa..c9180c87f 100755 --- a/docs/REVERSE_DNS.md +++ b/docs/REVERSE_DNS.md @@ -39,7 +39,7 @@ You can specify the DNS server in the docker-compose to improve name resolution services: netalertx: container_name: netalertx - image: "ghcr.io/jokob-sk/netalertx:latest" + image: "ghcr.io/netalertx/netalertx:latest" ... dns: # specifying the DNS servers used for the container - 10.8.0.1 diff --git a/docs/REVERSE_PROXY.md b/docs/REVERSE_PROXY.md index aaa12ccbb..d7c4d0989 100755 --- a/docs/REVERSE_PROXY.md +++ b/docs/REVERSE_PROXY.md @@ -3,13 +3,23 @@ > [!NOTE] > This is community-contributed. Due to environment, setup, or networking differences, results may vary. Please open a PR to improve it instead of creating an issue, as the maintainer is not actively maintaining it. +> [!NOTE] +> NetAlertX requires access to both the **web UI** (default `20211`) and the **GraphQL backend `GRAPHQL_PORT`** (default `20212`) ports. +> Ensure your reverse proxy allows traffic to both for proper functionality. -> [!TIP] -> You will need to specify the `BACKEND_API_URL` setting if you are running reverse proxies. This is the URL that points to the backend server url (including your `GRAPHQL_PORT`) +> [!IMPORTANT] +> You will need to specify 2 entries in your reverse proxy, one for the front end, one for the backend URL. The custom backend URL, including the `GRAPHQL_PORT`, needs to be aslo specified in the `BACKEND_API_URL` setting.This is the URL that points to the backend API server. > > ![BACKEND_API_URL setting](./img/REVERSE_PROXY/BACKEND_API_URL.png) +> > ![NPM set up](./img/REVERSE_PROXY/nginx_proxy_manager_npm.png) +See also: + +- [CADDY + AUTHENTIK](./REVERSE_PROXY_CADDY.md) +- [TRAEFIK](./REVERSE_PROXY_TRAEFIK.md) + + ## NGINX HTTP Configuration (Direct Path) > Submitted by amazing [cvc90](https://github.com/cvc90) 🙏 @@ -513,888 +523,4 @@ Mapping the updated file (on the local filesystem at `/appl/docker/netalertx/def ... ``` -## Caddy + Authentik Outpost Proxy SSO -> Submitted by [luckylinux](https://github.com/luckylinux) 🙏. - -### Introduction - -This Setup assumes: - -1. Authentik Installation running on a separate Host at `https://authentik.MYDOMAIN.TLD` -2. Container Management is done on Baremetal OR in a Virtual Machine (KVM/Xen/ESXi/..., no LXC Containers !): - i. Docker and Docker Compose configured locally running as Root (needed for `network_mode: host`) OR - ii. Podman (optionally `podman-compose`) configured locally running as Root (needed for `network_mode: host`) -3. TLS Certificates are already pre-obtained and located at `/var/lib/containers/certificates/letsencrypt/MYDOMAIN.TLD`. - I use the `certbot/dns-cloudflare` Podman Container on a separate Host to obtain the Certificates which I then distribute internally. - This Container uses the Wildcard Top-Level Domain Certificate which is valid for `MYDOMAIN.TLD` and `*.MYDOMAIN.TLD`. -4. Proxied Access - i. NetAlertX Web Interface is accessible via Caddy Reverse Proxy at `https://netalertx.MYDOMAIN.TLD` (default HTTPS Port 443: `https://netalertx.MYDOMAIN.TLD:443`) with `REPORT_DASHBOARD_URL=https://netalertx.MYDOMAIN.TLD` - ii. NetAlertX GraphQL Interface is accessible via Caddy Reverse Proxy at `https://netalertx.MYDOMAIN.TLD:20212` with `BACKEND_API_URL=https://netalertx.MYDOMAIN.TLD:20212` - iii. Authentik Proxy Outpost is accessible via Caddy Reverse Proxy at `https://netalertx.MYDOMAIN.TLD:9443` -5. Internal Ports - i. NGINX Web Server is set to listen on internal Port 20211 set via `PORT=20211` - ii. Python Web Server is set to listen on internal Port `GRAPHQL_PORT=20219` - iii. Authentik Proxy Outpost is listening on internal Port `AUTHENTIK_LISTEN__HTTP=[::1]:6000` (unencrypted) and Port `AUTHENTIK_LISTEN__HTTPS=[::1]:6443` (encrypted) - -8. Some further Configuration for Caddy is performed in Terms of Logging, SSL Certificates, etc - -It's also possible to [let Caddy automatically request & keep TLS Certificates up-to-date](https://caddyserver.com/docs/automatic-https), although please keep in mind that: - -1. You risk enumerating your LAN. Every Domain/Subdomain for which Caddy requests a TLS Certificate for you will result in that Host to be listed on [List of Letsencrypt Certificates issued](https://crt.sh/). -2. You need to either: - i. Open Port 80 for external Access ([HTTP challenge](https://caddyserver.com/docs/automatic-https#http-challenge)) in order for Letsencrypt to verify the Ownership of the Domain/Subdomain - ii. Open Port 443 for external Access ([TLS-ALPN challenge](https://caddyserver.com/docs/automatic-https#tls-alpn-challenge)) in order for Letsencrypt to verify the Ownership of the Domain/Subdomain - iii. Give Caddy the Credentials to update the DNS Records at your DNS Provider ([DNS challenge](https://caddyserver.com/docs/automatic-https#dns-challenge)) - -You can also decide to deploy your own Certificates & Certification Authority, either manually with OpenSSL, or by using something like [mkcert](https://github.com/FiloSottile/mkcert). - -In Terms of IP Stack Used: -- External: Caddy listens on both IPv4 and IPv6. -- Internal: - - Authentik Outpost Proxy listens on IPv6 `[::1]` - - NetAlertX listens on IPv4 `0.0.0.0` - -### Flow -The Traffic Flow will therefore be as follows: - -- Web GUI: - i. Client accesses `http://authentik.MYDOMAIN.TLD:80`: default (built-in Caddy) Redirect to `https://authentik.MYDOMAIN.TLD:443` - ii. Client accesses `https://authentik.MYDOMAIN.TLD:443` -> reverse Proxy to internal Port 20211 (NetAlertX Web GUI / NGINX - unencrypted) -- GraphQL: Client accesses `https://authentik.MYDOMAIN.TLD:20212` -> reverse Proxy to internal Port 20219 (NetAlertX GraphQL - unencrypted) -- Authentik Outpost: Client accesses `https://authentik.MYDOMAIN.TLD:9443` -> reverse Proxy to internal Port 6000 (Authentik Outpost Proxy - unencrypted) - -An Overview of the Flow is provided in the Picture below: - -![Reverse Proxy Traffic Flow with Authentik SSSO](./img/REVERSE_PROXY/reverse_proxy_flow.svg) - -### Security Considerations - -#### Caddy should be run rootless - -> [!WARNING] -> By default Caddy runs as `root` which is a Security Risk. -> In order to solve this, it's recommended to create an unprivileged User `caddy` and Group `caddy` on the Host: -> ``` -> groupadd --gid 980 caddy -> useradd --shell /usr/sbin/nologin --gid 980 --uid 980 -c "Caddy web server" --base-dir /var/lib/caddy -> ``` - -At least using Quadlets with Usernames (NOT required with UID/GID), but possibly using Compose in certain Cases as well, a custom `/etc/passwd` and `/etc/group` might need to be bind-mounted inside the Container. -`passwd`: -``` -root:x:0:0:root:/root:/bin/sh -bin:x:1:1:bin:/bin:/sbin/nologin -daemon:x:2:2:daemon:/sbin:/sbin/nologin -lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin -sync:x:5:0:sync:/sbin:/bin/sync -shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown -halt:x:7:0:halt:/sbin:/sbin/halt -mail:x:8:12:mail:/var/mail:/sbin/nologin -news:x:9:13:news:/usr/lib/news:/sbin/nologin -uucp:x:10:14:uucp:/var/spool/uucppublic:/sbin/nologin -cron:x:16:16:cron:/var/spool/cron:/sbin/nologin -ftp:x:21:21::/var/lib/ftp:/sbin/nologin -sshd:x:22:22:sshd:/dev/null:/sbin/nologin -games:x:35:35:games:/usr/games:/sbin/nologin -ntp:x:123:123:NTP:/var/empty:/sbin/nologin -guest:x:405:100:guest:/dev/null:/sbin/nologin -nobody:x:65534:65534:nobody:/:/sbin/nologin -caddy:x:980:980:caddy:/var/lib/caddy:/bin/sh -``` - -`group`: -``` -root:x:0:root -bin:x:1:root,bin,daemon -daemon:x:2:root,bin,daemon -sys:x:3:root,bin -adm:x:4:root,daemon -tty:x:5: -disk:x:6:root -lp:x:7:lp -kmem:x:9: -wheel:x:10:root -floppy:x:11:root -mail:x:12:mail -news:x:13:news -uucp:x:14:uucp -cron:x:16:cron -audio:x:18: -cdrom:x:19: -dialout:x:20:root -ftp:x:21: -sshd:x:22: -input:x:23: -tape:x:26:root -video:x:27:root -netdev:x:28: -kvm:x:34:kvm -games:x:35: -shadow:x:42: -www-data:x:82: -users:x:100:games -ntp:x:123: -abuild:x:300: -utmp:x:406: -ping:x:999: -nogroup:x:65533: -nobody:x:65534: -caddy:x:980: -``` - -#### Authentication of GraphQL Endpoint - -> [!WARNING] -> Currently the GraphQL Endpoint is NOT authenticated ! - -### Environment Files -Depending on the Preference of the User (Environment Variables defined in Compose/Quadlet or in external `.env` File[s]), it might be prefereable to place at least some Environment Variables in external `.env` and `.env.` Files. - -The following is proposed: - -- `.env`: common Settings (empty by Default) -- `.env.caddy`: Caddy Settings -- `.env.server`: NetAlertX Server/Application Settings -- `.env.outpost.proxy`: Authentik Proxy Outpost Settings - -The following Contents is assumed. - -`.env.caddy`: -``` -# Define Application Hostname -APPLICATION_HOSTNAME=netalertx.MYDOMAIN.TLD - -# Define Certificate Domain -# In this case: use Wildcard Certificate -APPLICATION_CERTIFICATE_DOMAIN=MYDOMAIN.TLD -APPLICATION_CERTIFICATE_CERT_FILE=fullchain.pem -APPLICATION_CERTIFICATE_KEY_FILE=privkey.pem - -# Define Outpost Hostname -OUTPOST_HOSTNAME=netalertx.MYDOMAIN.TLD - -# Define Outpost External Port (TLS) -OUTPOST_EXTERNAL_PORT=9443 -``` - -`.env.server`: -``` -PORT=20211 -PORT_SSL=443 -NETALERTX_NETWORK_MODE=host -LISTEN_ADDR=0.0.0.0 -GRAPHQL_PORT=20219 -NETALERTX_DEBUG=1 -BACKEND_API_URL=https://netalertx.MYDOMAIN.TLD:20212 -``` - -`.env.outpost.proxy`: -``` -AUTHENTIK_TOKEN=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX -AUTHENTIK_LISTEN__HTTP=[::1]:6000 -AUTHENTIK_LISTEN__HTTPS=[::1]:6443 -``` - -### Compose Setup -``` -version: "3.8" -services: - netalertx-caddy: - container_name: netalertx-caddy - - network_mode: host - image: docker.io/library/caddy:latest - pull: missing - - env_file: - - .env - - .env.caddy - - environment: - CADDY_DOCKER_CADDYFILE_PATH: "/etc/caddy/Caddyfile" - - volumes: - - ./Caddyfile:/etc/caddy/Caddyfile:ro,z - - /var/lib/containers/data/netalertx/caddy:/data/caddy:rw,z - - /var/lib/containers/log/netalertx/caddy:/var/log:rw,z - - /var/lib/containers/config/netalertx/caddy:/config/caddy:rw,z - - /var/lib/containers/certificates/letsencrypt:/certificates:ro,z - - # Set User - user: "caddy:caddy" - - # Automatically restart Container - restart: unless-stopped - - netalertx-server: - container_name: netalertx-server # The name when you docker contiainer ls - - network_mode: host # Use host networking for ARP scanning and other services - - depends_on: - netalertx-caddy: - condition: service_started - restart: true - netalertx-outpost-proxy: - condition: service_started - restart: true - - # Local built Image including latest Changes - image: localhost/netalertx-dev:dev-20260109-232454 - - read_only: true # Make the container filesystem read-only - - # It is most secure to start with user 20211, but then we lose provisioning capabilities. - # user: "${NETALERTX_UID:-20211}:${NETALERTX_GID:-20211}" - cap_drop: # Drop all capabilities for enhanced security - - ALL - cap_add: # Add only the necessary capabilities - - NET_ADMIN # Required for scanning with arp-scan, nmap, nbtscan, traceroute, and zero-conf - - NET_RAW # Required for raw socket operations with arp-scan, nmap, nbtscan, traceroute and zero-conf - - NET_BIND_SERVICE # Required to bind to privileged ports with nbtscan - - CHOWN # Required for root-entrypoint to chown /data + /tmp before dropping privileges - - SETUID # Required for root-entrypoint to switch to non-root user - - SETGID # Required for root-entrypoint to switch to non-root group - volumes: - - # Override NGINX Configuration Template - - type: bind - source: /var/lib/containers/config/netalertx/server/nginx/netalertx.conf.template - target: /services/config/nginx/netalertx.conf.template - read_only: true - bind: - selinux: Z - - # Letsencrypt Certificates - - type: bind - source: /var/lib/containers/certificates/letsencrypt/MYDOMAIN.TLD - target: /certificates - read_only: true - bind: - selinux: Z - - # Data Storage for NetAlertX - - type: bind # Persistent Docker-managed Named Volume for storage - source: /var/lib/containers/data/netalertx/server - target: /data # consolidated configuration and database storage - read_only: false # writable volume - bind: - selinux: Z - - # Set the Timezone - - type: bind # Bind mount for timezone consistency - source: /etc/localtime - target: /etc/localtime - read_only: true - bind: - selinux: Z - - # tmpfs mounts for writable directories in a read-only container and improve system performance - # All writes now live under /tmp/* subdirectories which are created dynamically by entrypoint.d scripts - # mode=1700 gives rwx------ permissions; ownership is set by /root-entrypoint.sh - - type: tmpfs - target: /tmp - tmpfs-mode: 1700 - uid: 0 - gid: 0 - rw: true - noexec: true - nosuid: true - nodev: true - async: true - noatime: true - nodiratime: true - bind: - selinux: Z - - env_file: - - .env - - .env.server - - environment: - PUID: ${NETALERTX_UID:-20211} # Runtime UID after priming (Synology/no-copy-up safe) - PGID: ${NETALERTX_GID:-20211} # Runtime GID after priming (Synology/no-copy-up safe) - LISTEN_ADDR: ${LISTEN_ADDR:-0.0.0.0} # Listen for connections on all interfaces - PORT: ${PORT:-20211} # Application port - PORT_SSL: ${PORT_SSL:-443} - GRAPHQL_PORT: ${GRAPHQL_PORT:-20212} # GraphQL API port - ALWAYS_FRESH_INSTALL: ${ALWAYS_FRESH_INSTALL:-false} # Set to true to reset your config and database on each container start - NETALERTX_DEBUG: ${NETALERTX_DEBUG:-0} # 0=kill all services and restart if any dies. 1 keeps running dead services. - BACKEND_API_URL: ${BACKEND_API_URL-"https://netalertx.MYDOMAIN.TLD:20212"} - - # Resource limits to prevent resource exhaustion - mem_limit: 4096m # Maximum memory usage - mem_reservation: 2048m # Soft memory limit - cpu_shares: 512 # Relative CPU weight for CPU contention scenarios - pids_limit: 512 # Limit the number of processes/threads to prevent fork bombs - logging: - driver: "json-file" # Use JSON file logging driver - options: - max-size: "10m" # Rotate log files after they reach 10MB - max-file: "3" # Keep a maximum of 3 log files - - # Always restart the container unless explicitly stopped - restart: unless-stopped - - # To sign Out, you need to visit - # {$OUTPOST_HOSTNAME}:{$OUTPOST_EXTERNAL_PORT}/outpost.goauthentik.io/sign_out - netalertx-outpost-proxy: - container_name: netalertx-outpost-proxy - - network_mode: host - - depends_on: - netalertx-caddy: - condition: service_started - restart: true - - restart: unless-stopped - - image: ghcr.io/goauthentik/proxy:2025.10 - pull: missing - - env_file: - - .env - - .env.outpost.proxy - - environment: - AUTHENTIK_HOST: "https://authentik.MYDOMAIN.TLD" - AUTHENTIK_INSECURE: false - AUTHENTIK_LISTEN__HTTP: "[::1]:6000" - AUTHENTIK_LISTEN__HTTPS: "[::1]:6443" -``` - -### Quadlet Setup -`netalertx.pod`: -``` -[Pod] -# Name of the Pod -PodName=netalertx - -# Network Mode Host is required for ARP to work -Network=host - -# Automatically start Pod at Boot Time -[Install] -WantedBy=default.target -``` - -`netalertx-caddy.container`: -``` -[Unit] -Description=NetAlertX Caddy Container - -[Service] -Restart=always - -[Container] -ContainerName=netalertx-caddy - -Pod=netalertx.pod -StartWithPod=true - -# Generic Environment Configuration -EnvironmentFile=.env - -# Caddy Specific Environment Configuration -EnvironmentFile=.env.caddy - -Environment=CADDY_DOCKER_CADDYFILE_PATH=/etc/caddy/Caddyfile - -Image=docker.io/library/caddy:latest -Pull=missing - -# Run as rootless -# Specifying User & Group by Name requires to mount a custom passwd & group File inside the Container -# Otherwise an Error like the following will result: netalertx-caddy[593191]: Error: unable to find user caddy: no matching entries in passwd file -# User=caddy -# Group=caddy -# Volume=/var/lib/containers/config/netalertx/caddy-rootless/passwd:/etc/passwd:ro,z -# Volume=/var/lib/containers/config/netalertx/caddy-rootless/group:/etc/group:ro,z - -# Run as rootless -# Specifying User & Group by UID/GID will NOT require a custom passwd / group File to be bind-mounted inside the Container -User=980 -Group=980 - -Volume=./Caddyfile:/etc/caddy/Caddyfile:ro,z -Volume=/var/lib/containers/data/netalertx/caddy:/data/caddy:z -Volume=/var/lib/containers/log/netalertx/caddy:/var/log:z -Volume=/var/lib/containers/config/netalertx/caddy:/config/caddy:z -Volume=/var/lib/containers/certificates/letsencrypt:/certificates:ro,z -``` - -`netalertx-server.container`: -``` -[Unit] -Description=NetAlertX Server Container -Requires=netalertx-caddy.service netalertx-outpost-proxy.service -After=netalertx-caddy.service netalertx-outpost-proxy.service - -[Service] -Restart=always - -[Container] -ContainerName=netalertx-server - -Pod=netalertx.pod -StartWithPod=true - -# Local built Image including latest Changes -Image=localhost/netalertx-dev:dev-20260109-232454 -Pull=missing - -# Make the container filesystem read-only -ReadOnly=true - -# Drop all capabilities for enhanced security -DropCapability=ALL - -# It is most secure to start with user 20211, but then we lose provisioning capabilities. -# User=20211:20211 - -# Required for scanning with arp-scan, nmap, nbtscan, traceroute, and zero-conf -AddCapability=NET_ADMIN - -# Required for raw socket operations with arp-scan, nmap, nbtscan, traceroute and zero-conf -AddCapability=NET_RAW - -# Required to bind to privileged ports with nbtscan -AddCapability=NET_BIND_SERVICE - -# Required for root-entrypoint to chown /data + /tmp before dropping privileges -AddCapability=CHOWN - -# Required for root-entrypoint to switch to non-root user -AddCapability=SETUID - -# Required for root-entrypoint to switch to non-root group -AddCapability=SETGID - -# Override the Configuration Template -Volume=/var/lib/containers/config/netalertx/server/nginx/netalertx.conf.template:/services/config/nginx/netalertx.conf.template:ro,Z - -# Letsencrypt Certificates -Volume=/var/lib/containers/certificates/letsencrypt/MYDOMAIN.TLD:/certificates:ro,Z - -# Data Storage for NetAlertX -Volume=/var/lib/containers/data/netalertx/server:/data:rw,Z - -# Set the Timezone -Volume=/etc/localtime:/etc/localtime:ro,Z - -# tmpfs mounts for writable directories in a read-only container and improve system performance -# All writes now live under /tmp/* subdirectories which are created dynamically by entrypoint.d scripts -# mode=1700 gives rwx------ permissions; ownership is set by /root-entrypoint.sh -# Mount=type=tmpfs,destination=/tmp,tmpfs-mode=1700,uid=0,gid=0,rw=true,noexec=true,nosuid=true,nodev=true,async=true,noatime=true,nodiratime=true,relabel=private -Mount=type=tmpfs,destination=/tmp,tmpfs-mode=1700,rw=true,noexec=true,nosuid=true,nodev=true - -# Environment Configuration -EnvironmentFile=.env -EnvironmentFile=.env.server - -# Runtime UID after priming (Synology/no-copy-up safe) -Environment=PUID=20211 - -# Runtime GID after priming (Synology/no-copy-up safe) -Environment=PGID=20211 - -# Listen for connections on all interfaces (IPv4) -Environment=LISTEN_ADDR=0.0.0.0 - -# Application port -Environment=PORT=20211 - -# SSL Port -Environment=PORT_SSL=443 - -# GraphQL API port -Environment=GRAPHQL_PORT=20212 - -# Set to true to reset your config and database on each container start -Environment=ALWAYS_FRESH_INSTALL=false - -# 0=kill all services and restart if any dies. 1 keeps running dead services. -Environment=NETALERTX_DEBUG=0 - -# Set the GraphQL URL for external Access (via Caddy Reverse Proxy) -Environment=BACKEND_API_URL=https://netalertx-fedora.MYDOMAIN.TLD:20212 - -# Resource limits to prevent resource exhaustion -# Maximum memory usage -Memory=4g - -# Limit the number of processes/threads to prevent fork bombs -PidsLimit=512 - -# Relative CPU weight for CPU contention scenarios -PodmanArgs=--cpus=2 -PodmanArgs=--cpu-shares=512 - -# Soft memory limit -PodmanArgs=--memory-reservation=2g - -# !! The following Keys are unfortunately not [yet] supported !! - -# Relative CPU weight for CPU contention scenarios -#CpuShares=512 - -# Soft memory limit -#MemoryReservation=2g -``` - -`netalertx-outpost-proxy.container`: -``` -[Unit] -Description=NetAlertX Authentik Proxy Outpost Container -Requires=netalertx-caddy.service -After=netalertx-caddy.service - -[Service] -Restart=always - -[Container] -ContainerName=netalertx-outpost-proxy - -Pod=netalertx.pod -StartWithPod=true - -# General Configuration -EnvironmentFile=.env - -# Authentik Outpost Proxy Specific Configuration -EnvironmentFile=.env.outpost.proxy - -Environment=AUTHENTIK_HOST=https://authentik.MYDOMAIN.TLD -Environment=AUTHENTIK_INSECURE=false - -# Overrides Value from .env.outpost.rac -# Environment=AUTHENTIK_TOKEN=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXX - -# Optional setting to be used when `authentik_host` for internal communication doesn't match the public URL -# Environment=AUTHENTIK_HOST_BROWSER=https://authentik.MYDOMAIN.TLD - -# Container Image -Image=ghcr.io/goauthentik/proxy:2025.10 -Pull=missing - -# Network Configuration -Network=container:supermicro-ikvm-pve031-caddy - -# Security Configuration -NoNewPrivileges=true -``` - -### Firewall Setup - -Depending on which GNU/Linux Distribution you are running, it might be required to open up some Firewall Ports in order to be able to access the Endpoints from outside the Host itself. - -This is for instance the Case for Fedora Linux, where I had to open: - -- Port 20212 for external GraphQL Access (both TCP & UDP are open, unsure if UDP is required) -- Port 9443 for external Authentik Outpost Proxy Access (both TCP & UDP are open, unsure if UDP is required) - -![Fedora Firewall Configuration](./img/REVERSE_PROXY/fedora-firewall.png) - -### Authentik Setup - -In order to enable Single Sign On (SSO) with Authentik, you will need to create a Provider, an Application and an Outpost. - -![Authentik Left Sidebar](./img/REVERSE_PROXY/authentik-sidebar.png) - -First of all, using the Left Sidebar, navigate to `Applications` → `Providers`, click on `Create` (Blue Button at the Top of the Screen), select `Proxy Provider`, then click `Next`: -![Authentik Provider Setup (Part 1)](./img/REVERSE_PROXY/authentik-provider-setup-01.png) - -Fill in the required Fields: - -- Name: choose a Name for the Provider (e.g. `netalertx`) -- Authorization Flow: choose the Authorization Flow. I typically use `default-provider-authorization-implicit-consent (Authorize Application)`. If you select the `default-provider-authorization-explicit-consent (Authorize Application)` you will need to authorize Authentik every Time you want to log in NetAlertX, which can make the Experience less User-friendly -- Type: Click on `Forward Auth (single application)` -- External Host: set to `https://netalertx.MYDOMAIN.TLD` - -Click `Finish`. - -![Authentik Provider Setup (Part 2)](./img/REVERSE_PROXY/authentik-provider-setup-02.png) - -Now, using the Left Sidebar, navigate to `Applications` → `Applications`, click on `Create` (Blue Button at the Top of the Screen) and fill in the required Fields: - -- Name: choose a Name for the Application (e.g. `netalertx`) -- Slug: choose a Slug for the Application (e.g. `netalertx`) -- Group: optionally you can assign this Application to a Group of Applications of your Choosing (for grouping Purposes within Authentik User Interface) -- Provider: select the Provider you created the the `Providers` Section previosly (e.g. `netalertx`) - -Then click `Create`. - -![Authentik Application Setup (Part 1)](./img/REVERSE_PROXY/authentik-application-setup-01.png) - -Now, using the Left Sidebar, navigate to `Applications` → `Outposts`, click on `Create` (Blue Button at the Top of the Screen) and fill in the required Fields: - -- Name: choose a Name for the Outpost (e.g. `netalertx`) -- Type: `Proxy` -- Integration: open the Dropdown and click on `---------`. Make sure it is NOT set to `Local Docker connection` ! - -In the `Available Applications` Section, select the Application you created in the Previous Step, then click the right Arrow (approx. located in the Center of the Screen), so that it gets copied in the `Selected Applications` Section. - -Then click `Create`. - -![Authentik Outpost Setup (Part 1)](./img/REVERSE_PROXY/authentik-outpost-setup-01.png) - -Wait a few Seconds for the Outpost to be created. Once it appears in the List, click on `Deployment Info` on the Right Side of the relevant Line. - -![Authentik Outpost Setup (Part 2)](./img/REVERSE_PROXY/authentik-outpost-setup-02.png) - -Take note of that Token. You will need it for the Authentik Outpost Proxy Container, which will read it as the `AUTHENTIK_TOKEN` Environment Variable. - -### NGINX Configuration inside NetAlertX Container -> [!NOTE] -> This is something that was implemented based on the previous Content of this Reverse Proxy Document. -> Due to some Buffer Warnings/Errors in the Logs as well as some other Issues I was experiencing, I increased a lot the client_body_buffer_size and large_client_header_buffers Parameters, although these might not be required anymore. -> Further Testing might be required. - -``` -# Set number of worker processes automatically based on number of CPU cores. -worker_processes auto; - -# Enables the use of JIT for regular expressions to speed-up their processing. -pcre_jit on; - -# Configures default error logger. -error_log /tmp/log/nginx-error.log warn; - -pid /tmp/run/nginx.pid; - -events { - # The maximum number of simultaneous connections that can be opened by - # a worker process. - worker_connections 1024; -} - -http { - - # Mapping of temp paths for various nginx modules. - client_body_temp_path /tmp/nginx/client_body; - proxy_temp_path /tmp/nginx/proxy; - fastcgi_temp_path /tmp/nginx/fastcgi; - uwsgi_temp_path /tmp/nginx/uwsgi; - scgi_temp_path /tmp/nginx/scgi; - - # Includes mapping of file name extensions to MIME types of responses - # and defines the default type. - include /services/config/nginx/mime.types; - default_type application/octet-stream; - - # Name servers used to resolve names of upstream servers into addresses. - # It's also needed when using tcpsocket and udpsocket in Lua modules. - #resolver 1.1.1.1 1.0.0.1 [2606:4700:4700::1111] [2606:4700:4700::1001]; - - # Don't tell nginx version to the clients. Default is 'on'. - server_tokens off; - - # Specifies the maximum accepted body size of a client request, as - # indicated by the request header Content-Length. If the stated content - # length is greater than this size, then the client receives the HTTP - # error code 413. Set to 0 to disable. Default is '1m'. - client_max_body_size 1m; - - # Sendfile copies data between one FD and other from within the kernel, - # which is more efficient than read() + write(). Default is off. - sendfile on; - - # Causes nginx to attempt to send its HTTP response head in one packet, - # instead of using partial frames. Default is 'off'. - tcp_nopush on; - - - # Enables the specified protocols. Default is TLSv1 TLSv1.1 TLSv1.2. - # TIP: If you're not obligated to support ancient clients, remove TLSv1.1. - ssl_protocols TLSv1.2 TLSv1.3; - - # Path of the file with Diffie-Hellman parameters for EDH ciphers. - # TIP: Generate with: `openssl dhparam -out /etc/ssl/nginx/dh2048.pem 2048` - #ssl_dhparam /etc/ssl/nginx/dh2048.pem; - - # Specifies that our cipher suits should be preferred over client ciphers. - # Default is 'off'. - ssl_prefer_server_ciphers on; - - # Enables a shared SSL cache with size that can hold around 8000 sessions. - # Default is 'none'. - ssl_session_cache shared:SSL:2m; - - # Specifies a time during which a client may reuse the session parameters. - # Default is '5m'. - ssl_session_timeout 1h; - - # Disable TLS session tickets (they are insecure). Default is 'on'. - ssl_session_tickets off; - - - # Enable gzipping of responses. - gzip on; - - # Set the Vary HTTP header as defined in the RFC 2616. Default is 'off'. - gzip_vary on; - - - # Specifies the main log format. - log_format main '$remote_addr - $remote_user [$time_local] "$request" ' - '$status $body_bytes_sent "$http_referer" ' - '"$http_user_agent" "$http_x_forwarded_for"'; - - # Sets the path, format, and configuration for a buffered log write. - access_log /tmp/log/nginx-access.log main; - - - # Virtual host config (unencrypted) - server { - listen ${LISTEN_ADDR}:${PORT} default_server; - root /app/front; - index index.php; - add_header X-Forwarded-Prefix "/app" always; - - server_name netalertx-server; - proxy_set_header Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-Proto $scheme; - - client_body_buffer_size 512k; - large_client_header_buffers 64 128k; - - location ~* \.php$ { - # Set Cache-Control header to prevent caching on the first load - add_header Cache-Control "no-store"; - fastcgi_pass unix:/tmp/run/php.sock; - include /services/config/nginx/fastcgi_params; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - fastcgi_param SCRIPT_NAME $fastcgi_script_name; - fastcgi_connect_timeout 75; - fastcgi_send_timeout 600; - fastcgi_read_timeout 600; - } - } -} -``` - -### Caddyfile -``` -# Example and Guide -# https://caddyserver.com/docs/caddyfile/options - -# General Options -{ - # (Optional) Debug Mode - # debug - - # (Optional ) Enable / Disable Admin API - admin off - - # TLS Options - # (Optional) Disable Certificates Management (only if SSL/TLS Certificates are managed by certbot or other external Tools) - auto_https disable_certs -} - -# (Optional Enable Admin API) -# localhost { -# reverse_proxy /api/* localhost:9001 -# } - -# NetAlertX Web GUI (HTTPS Port 443) -# (Optional) Only if SSL/TLS Certificates are managed by certbot or other external Tools and Custom Logging is required -{$APPLICATION_HOSTNAME}:443 { - tls /certificates/{$APPLICATION_CERTIFICATE_DOMAIN}/{$APPLICATION_CERTIFICATE_CERT_FILE:fullchain.pem} /certificates/{$APPLICATION_CERTIFICATE_DOMAIN}/{$APPLICATION_CERTIFICATE_KEY_FILE:privkey.pem} - - log { - output file /var/log/{$APPLICATION_HOSTNAME}/access_web.json { - roll_size 100MiB - roll_keep 5000 - roll_keep_for 720h - roll_uncompressed - } - - format json - } - - route { - # Always forward outpost path to actual outpost - reverse_proxy /outpost.goauthentik.io/* https://{$OUTPOST_HOSTNAME}:{$OUTPOST_EXTERNAL_PORT} { - header_up Host {http.reverse_proxy.upstream.hostport} - } - - # Forward authentication to outpost - forward_auth https://{$OUTPOST_HOSTNAME}:{$OUTPOST_EXTERNAL_PORT} { - uri /outpost.goauthentik.io/auth/caddy - - # Capitalization of the headers is important, otherwise they will be empty - copy_headers X-Authentik-Username X-Authentik-Groups X-Authentik-Email X-Authentik-Name X-Authentik-Uid X-Authentik-Jwt X-Authentik-Meta-Jwks X-Authentik-Meta-Outpost X-Authentik-Meta-Provider X-Authentik-Meta-App X-Authentik-Meta-Version - - # (Optional) - # If not set, trust all private ranges, but for Security Reasons, this should be set to the outposts IP - trusted_proxies private_ranges - } - } - - # IPv4 Reverse Proxy to NetAlertX Web GUI (internal unencrypted Host) - reverse_proxy http://0.0.0.0:20211 - - # IPv6 Reverse Proxy to NetAlertX Web GUI (internal unencrypted Host) - # reverse_proxy http://[::1]:20211 -} - -# NetAlertX GraphQL Endpoint (HTTPS Port 20212) -# (Optional) Only if SSL/TLS Certificates are managed by certbot or other external Tools and Custom Logging is required -{$APPLICATION_HOSTNAME}:20212 { - tls /certificates/{$APPLICATION_CERTIFICATE_DOMAIN}/{$APPLICATION_CERTIFICATE_CERT_FILE:fullchain.pem} /certificates/{$APPLICATION_CERTIFICATE_DOMAIN}/{$APPLICATION_CERTIFICATE_KEY_FILE:privkey.pem} - - log { - output file /var/log/{$APPLICATION_HOSTNAME}/access_graphql.json { - roll_size 100MiB - roll_keep 5000 - roll_keep_for 720h - roll_uncompressed - } - - format json - } - - # IPv4 Reverse Proxy to NetAlertX GraphQL Endpoint (internal unencrypted Host) - reverse_proxy http://0.0.0.0:20219 - - # IPv6 Reverse Proxy to NetAlertX GraphQL Endpoint (internal unencrypted Host) - # reverse_proxy http://[::1]:6000 -} - -# Authentik Outpost -# (Optional) Only if SSL/TLS Certificates are managed by certbot or other external Tools and Custom Logging is required -{$OUTPOST_HOSTNAME}:{$OUTPOST_EXTERNAL_PORT} { - tls /certificates/{$APPLICATION_CERTIFICATE_DOMAIN}/{$APPLICATION_CERTIFICATE_CERT_FILE:fullchain.pem} /certificates/{$APPLICATION_CERTIFICATE_DOMAIN}/{$APPLICATION_CERTIFICATE_KEY_FILE:privkey.pem} - - log { - output file /var/log/outpost/{$OUTPOST_HOSTNAME}/access.json { - roll_size 100MiB - roll_keep 5000 - roll_keep_for 720h - roll_uncompressed - } - - format json - } - - # IPv4 Reverse Proxy to internal unencrypted Host - # reverse_proxy http://0.0.0.0:6000 - - # IPv6 Reverse Proxy to internal unencrypted Host - reverse_proxy http://[::1]:6000 -} -``` - -### Login -Now try to login by visiting `https://netalertx.MYDOMAIN.TLD`. - -You should be greeted with a Login Screen by Authentik. - -If you are already logged in Authentik, log out first. You can do that by visiting `https://netalertx.MYDOMAIN.TLD/outpost.goauthentik.io/sign_out`, then click on `Log out of authentik` (2nd Button). Or you can just sign out from your Authentik Admin Panel at `https://authentik.MYDOMAIN.TLD`. - -If everything works as expected, then you can now set `SETPWD_enable_password=false` to disable double Authentication. -![Authentik Login Screen](./img/REVERSE_PROXY/authentik-login.png) diff --git a/docs/REVERSE_PROXY_CADDY.md b/docs/REVERSE_PROXY_CADDY.md new file mode 100644 index 000000000..0bde799db --- /dev/null +++ b/docs/REVERSE_PROXY_CADDY.md @@ -0,0 +1,892 @@ +## Caddy + Authentik Outpost Proxy SSO +> Submitted by [luckylinux](https://github.com/luckylinux) 🙏. + +> [!NOTE] +> This is community-contributed. Due to environment, setup, or networking differences, results may vary. Please open a PR to improve it instead of creating an issue, as the maintainer is not actively maintaining it. + +> [!NOTE] +> NetAlertX requires access to both the **web UI** (default `20211`) and the **GraphQL backend `GRAPHQL_PORT`** (default `20212`) ports. +> Ensure your reverse proxy allows traffic to both for proper functionality. + +### Introduction + +This Setup assumes: + +1. Authentik Installation running on a separate Host at `https://authentik.MYDOMAIN.TLD` +2. Container Management is done on Baremetal OR in a Virtual Machine (KVM/Xen/ESXi/..., no LXC Containers !): + i. Docker and Docker Compose configured locally running as Root (needed for `network_mode: host`) OR + ii. Podman (optionally `podman-compose`) configured locally running as Root (needed for `network_mode: host`) +3. TLS Certificates are already pre-obtained and located at `/var/lib/containers/certificates/letsencrypt/MYDOMAIN.TLD`. + I use the `certbot/dns-cloudflare` Podman Container on a separate Host to obtain the Certificates which I then distribute internally. + This Container uses the Wildcard Top-Level Domain Certificate which is valid for `MYDOMAIN.TLD` and `*.MYDOMAIN.TLD`. +4. Proxied Access + i. NetAlertX Web Interface is accessible via Caddy Reverse Proxy at `https://netalertx.MYDOMAIN.TLD` (default HTTPS Port 443: `https://netalertx.MYDOMAIN.TLD:443`) with `REPORT_DASHBOARD_URL=https://netalertx.MYDOMAIN.TLD` + ii. NetAlertX GraphQL Interface is accessible via Caddy Reverse Proxy at `https://netalertx.MYDOMAIN.TLD:20212` with `BACKEND_API_URL=https://netalertx.MYDOMAIN.TLD:20212` + iii. Authentik Proxy Outpost is accessible via Caddy Reverse Proxy at `https://netalertx.MYDOMAIN.TLD:9443` +5. Internal Ports + i. NGINX Web Server is set to listen on internal Port 20211 set via `PORT=20211` + ii. Python Web Server is set to listen on internal Port `GRAPHQL_PORT=20219` + iii. Authentik Proxy Outpost is listening on internal Port `AUTHENTIK_LISTEN__HTTP=[::1]:6000` (unencrypted) and Port `AUTHENTIK_LISTEN__HTTPS=[::1]:6443` (encrypted) + +8. Some further Configuration for Caddy is performed in Terms of Logging, SSL Certificates, etc + +It's also possible to [let Caddy automatically request & keep TLS Certificates up-to-date](https://caddyserver.com/docs/automatic-https), although please keep in mind that: + +1. You risk enumerating your LAN. Every Domain/Subdomain for which Caddy requests a TLS Certificate for you will result in that Host to be listed on [List of Letsencrypt Certificates issued](https://crt.sh/). +2. You need to either: + i. Open Port 80 for external Access ([HTTP challenge](https://caddyserver.com/docs/automatic-https#http-challenge)) in order for Letsencrypt to verify the Ownership of the Domain/Subdomain + ii. Open Port 443 for external Access ([TLS-ALPN challenge](https://caddyserver.com/docs/automatic-https#tls-alpn-challenge)) in order for Letsencrypt to verify the Ownership of the Domain/Subdomain + iii. Give Caddy the Credentials to update the DNS Records at your DNS Provider ([DNS challenge](https://caddyserver.com/docs/automatic-https#dns-challenge)) + +You can also decide to deploy your own Certificates & Certification Authority, either manually with OpenSSL, or by using something like [mkcert](https://github.com/FiloSottile/mkcert). + +In Terms of IP Stack Used: +- External: Caddy listens on both IPv4 and IPv6. +- Internal: + - Authentik Outpost Proxy listens on IPv6 `[::1]` + - NetAlertX listens on IPv4 `0.0.0.0` + +### Flow +The Traffic Flow will therefore be as follows: + +- Web GUI: + i. Client accesses `http://authentik.MYDOMAIN.TLD:80`: default (built-in Caddy) Redirect to `https://authentik.MYDOMAIN.TLD:443` + ii. Client accesses `https://authentik.MYDOMAIN.TLD:443` -> reverse Proxy to internal Port 20211 (NetAlertX Web GUI / NGINX - unencrypted) +- GraphQL: Client accesses `https://authentik.MYDOMAIN.TLD:20212` -> reverse Proxy to internal Port 20219 (NetAlertX GraphQL - unencrypted) +- Authentik Outpost: Client accesses `https://authentik.MYDOMAIN.TLD:9443` -> reverse Proxy to internal Port 6000 (Authentik Outpost Proxy - unencrypted) + +An Overview of the Flow is provided in the Picture below: + +![Reverse Proxy Traffic Flow with Authentik SSSO](./img/REVERSE_PROXY/reverse_proxy_flow.svg) + +### Security Considerations + +#### Caddy should be run rootless + +> [!WARNING] +> By default Caddy runs as `root` which is a Security Risk. +> In order to solve this, it's recommended to create an unprivileged User `caddy` and Group `caddy` on the Host: +> ``` +> groupadd --gid 980 caddy +> useradd --shell /usr/sbin/nologin --gid 980 --uid 980 -c "Caddy web server" --base-dir /var/lib/caddy +> ``` + +At least using Quadlets with Usernames (NOT required with UID/GID), but possibly using Compose in certain Cases as well, a custom `/etc/passwd` and `/etc/group` might need to be bind-mounted inside the Container. +`passwd`: +``` +root:x:0:0:root:/root:/bin/sh +bin:x:1:1:bin:/bin:/sbin/nologin +daemon:x:2:2:daemon:/sbin:/sbin/nologin +lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin +sync:x:5:0:sync:/sbin:/bin/sync +shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown +halt:x:7:0:halt:/sbin:/sbin/halt +mail:x:8:12:mail:/var/mail:/sbin/nologin +news:x:9:13:news:/usr/lib/news:/sbin/nologin +uucp:x:10:14:uucp:/var/spool/uucppublic:/sbin/nologin +cron:x:16:16:cron:/var/spool/cron:/sbin/nologin +ftp:x:21:21::/var/lib/ftp:/sbin/nologin +sshd:x:22:22:sshd:/dev/null:/sbin/nologin +games:x:35:35:games:/usr/games:/sbin/nologin +ntp:x:123:123:NTP:/var/empty:/sbin/nologin +guest:x:405:100:guest:/dev/null:/sbin/nologin +nobody:x:65534:65534:nobody:/:/sbin/nologin +caddy:x:980:980:caddy:/var/lib/caddy:/bin/sh +``` + +`group`: +``` +root:x:0:root +bin:x:1:root,bin,daemon +daemon:x:2:root,bin,daemon +sys:x:3:root,bin +adm:x:4:root,daemon +tty:x:5: +disk:x:6:root +lp:x:7:lp +kmem:x:9: +wheel:x:10:root +floppy:x:11:root +mail:x:12:mail +news:x:13:news +uucp:x:14:uucp +cron:x:16:cron +audio:x:18: +cdrom:x:19: +dialout:x:20:root +ftp:x:21: +sshd:x:22: +input:x:23: +tape:x:26:root +video:x:27:root +netdev:x:28: +kvm:x:34:kvm +games:x:35: +shadow:x:42: +www-data:x:82: +users:x:100:games +ntp:x:123: +abuild:x:300: +utmp:x:406: +ping:x:999: +nogroup:x:65533: +nobody:x:65534: +caddy:x:980: +``` + +#### Authentication of GraphQL Endpoint + +> [!WARNING] +> Currently the GraphQL Endpoint is NOT authenticated ! + +### Environment Files +Depending on the Preference of the User (Environment Variables defined in Compose/Quadlet or in external `.env` File[s]), it might be prefereable to place at least some Environment Variables in external `.env` and `.env.` Files. + +The following is proposed: + +- `.env`: common Settings (empty by Default) +- `.env.caddy`: Caddy Settings +- `.env.server`: NetAlertX Server/Application Settings +- `.env.outpost.proxy`: Authentik Proxy Outpost Settings + +The following Contents is assumed. + +`.env.caddy`: +``` +# Define Application Hostname +APPLICATION_HOSTNAME=netalertx.MYDOMAIN.TLD + +# Define Certificate Domain +# In this case: use Wildcard Certificate +APPLICATION_CERTIFICATE_DOMAIN=MYDOMAIN.TLD +APPLICATION_CERTIFICATE_CERT_FILE=fullchain.pem +APPLICATION_CERTIFICATE_KEY_FILE=privkey.pem + +# Define Outpost Hostname +OUTPOST_HOSTNAME=netalertx.MYDOMAIN.TLD + +# Define Outpost External Port (TLS) +OUTPOST_EXTERNAL_PORT=9443 +``` + +`.env.server`: +``` +PORT=20211 +PORT_SSL=443 +NETALERTX_NETWORK_MODE=host +LISTEN_ADDR=0.0.0.0 +GRAPHQL_PORT=20219 +NETALERTX_DEBUG=1 +BACKEND_API_URL=https://netalertx.MYDOMAIN.TLD:20212 +``` + +`.env.outpost.proxy`: +``` +AUTHENTIK_TOKEN=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX +AUTHENTIK_LISTEN__HTTP=[::1]:6000 +AUTHENTIK_LISTEN__HTTPS=[::1]:6443 +``` + +### Compose Setup +``` +version: "3.8" +services: + netalertx-caddy: + container_name: netalertx-caddy + + network_mode: host + image: docker.io/library/caddy:latest + pull: missing + + env_file: + - .env + - .env.caddy + + environment: + CADDY_DOCKER_CADDYFILE_PATH: "/etc/caddy/Caddyfile" + + volumes: + - ./Caddyfile:/etc/caddy/Caddyfile:ro,z + - /var/lib/containers/data/netalertx/caddy:/data/caddy:rw,z + - /var/lib/containers/log/netalertx/caddy:/var/log:rw,z + - /var/lib/containers/config/netalertx/caddy:/config/caddy:rw,z + - /var/lib/containers/certificates/letsencrypt:/certificates:ro,z + + # Set User + user: "caddy:caddy" + + # Automatically restart Container + restart: unless-stopped + + netalertx-server: + container_name: netalertx-server # The name when you docker contiainer ls + + network_mode: host # Use host networking for ARP scanning and other services + + depends_on: + netalertx-caddy: + condition: service_started + restart: true + netalertx-outpost-proxy: + condition: service_started + restart: true + + # Local built Image including latest Changes + image: localhost/netalertx-dev:dev-20260109-232454 + + read_only: true # Make the container filesystem read-only + + # It is most secure to start with user 20211, but then we lose provisioning capabilities. + # user: "${NETALERTX_UID:-20211}:${NETALERTX_GID:-20211}" + cap_drop: # Drop all capabilities for enhanced security + - ALL + cap_add: # Add only the necessary capabilities + - NET_ADMIN # Required for scanning with arp-scan, nmap, nbtscan, traceroute, and zero-conf + - NET_RAW # Required for raw socket operations with arp-scan, nmap, nbtscan, traceroute and zero-conf + - NET_BIND_SERVICE # Required to bind to privileged ports with nbtscan + - CHOWN # Required for root-entrypoint to chown /data + /tmp before dropping privileges + - SETUID # Required for root-entrypoint to switch to non-root user + - SETGID # Required for root-entrypoint to switch to non-root group + volumes: + + # Override NGINX Configuration Template + - type: bind + source: /var/lib/containers/config/netalertx/server/nginx/netalertx.conf.template + target: /services/config/nginx/netalertx.conf.template + read_only: true + bind: + selinux: Z + + # Letsencrypt Certificates + - type: bind + source: /var/lib/containers/certificates/letsencrypt/MYDOMAIN.TLD + target: /certificates + read_only: true + bind: + selinux: Z + + # Data Storage for NetAlertX + - type: bind # Persistent Docker-managed Named Volume for storage + source: /var/lib/containers/data/netalertx/server + target: /data # consolidated configuration and database storage + read_only: false # writable volume + bind: + selinux: Z + + # Set the Timezone + - type: bind # Bind mount for timezone consistency + source: /etc/localtime + target: /etc/localtime + read_only: true + bind: + selinux: Z + + # tmpfs mounts for writable directories in a read-only container and improve system performance + # All writes now live under /tmp/* subdirectories which are created dynamically by entrypoint.d scripts + # mode=1700 gives rwx------ permissions; ownership is set by /root-entrypoint.sh + - type: tmpfs + target: /tmp + tmpfs-mode: 1700 + uid: 0 + gid: 0 + rw: true + noexec: true + nosuid: true + nodev: true + async: true + noatime: true + nodiratime: true + bind: + selinux: Z + + env_file: + - .env + - .env.server + + environment: + PUID: ${NETALERTX_UID:-20211} # Runtime UID after priming (Synology/no-copy-up safe) + PGID: ${NETALERTX_GID:-20211} # Runtime GID after priming (Synology/no-copy-up safe) + LISTEN_ADDR: ${LISTEN_ADDR:-0.0.0.0} # Listen for connections on all interfaces + PORT: ${PORT:-20211} # Application port + PORT_SSL: ${PORT_SSL:-443} + GRAPHQL_PORT: ${GRAPHQL_PORT:-20212} # GraphQL API port + ALWAYS_FRESH_INSTALL: ${ALWAYS_FRESH_INSTALL:-false} # Set to true to reset your config and database on each container start + NETALERTX_DEBUG: ${NETALERTX_DEBUG:-0} # 0=kill all services and restart if any dies. 1 keeps running dead services. + BACKEND_API_URL: ${BACKEND_API_URL-"https://netalertx.MYDOMAIN.TLD:20212"} + + # Resource limits to prevent resource exhaustion + mem_limit: 4096m # Maximum memory usage + mem_reservation: 2048m # Soft memory limit + cpu_shares: 512 # Relative CPU weight for CPU contention scenarios + pids_limit: 512 # Limit the number of processes/threads to prevent fork bombs + logging: + driver: "json-file" # Use JSON file logging driver + options: + max-size: "10m" # Rotate log files after they reach 10MB + max-file: "3" # Keep a maximum of 3 log files + + # Always restart the container unless explicitly stopped + restart: unless-stopped + + # To sign Out, you need to visit + # {$OUTPOST_HOSTNAME}:{$OUTPOST_EXTERNAL_PORT}/outpost.goauthentik.io/sign_out + netalertx-outpost-proxy: + container_name: netalertx-outpost-proxy + + network_mode: host + + depends_on: + netalertx-caddy: + condition: service_started + restart: true + + restart: unless-stopped + + image: ghcr.io/goauthentik/proxy:2025.10 + pull: missing + + env_file: + - .env + - .env.outpost.proxy + + environment: + AUTHENTIK_HOST: "https://authentik.MYDOMAIN.TLD" + AUTHENTIK_INSECURE: false + AUTHENTIK_LISTEN__HTTP: "[::1]:6000" + AUTHENTIK_LISTEN__HTTPS: "[::1]:6443" +``` + +### Quadlet Setup +`netalertx.pod`: +``` +[Pod] +# Name of the Pod +PodName=netalertx + +# Network Mode Host is required for ARP to work +Network=host + +# Automatically start Pod at Boot Time +[Install] +WantedBy=default.target +``` + +`netalertx-caddy.container`: +``` +[Unit] +Description=NetAlertX Caddy Container + +[Service] +Restart=always + +[Container] +ContainerName=netalertx-caddy + +Pod=netalertx.pod +StartWithPod=true + +# Generic Environment Configuration +EnvironmentFile=.env + +# Caddy Specific Environment Configuration +EnvironmentFile=.env.caddy + +Environment=CADDY_DOCKER_CADDYFILE_PATH=/etc/caddy/Caddyfile + +Image=docker.io/library/caddy:latest +Pull=missing + +# Run as rootless +# Specifying User & Group by Name requires to mount a custom passwd & group File inside the Container +# Otherwise an Error like the following will result: netalertx-caddy[593191]: Error: unable to find user caddy: no matching entries in passwd file +# User=caddy +# Group=caddy +# Volume=/var/lib/containers/config/netalertx/caddy-rootless/passwd:/etc/passwd:ro,z +# Volume=/var/lib/containers/config/netalertx/caddy-rootless/group:/etc/group:ro,z + +# Run as rootless +# Specifying User & Group by UID/GID will NOT require a custom passwd / group File to be bind-mounted inside the Container +User=980 +Group=980 + +Volume=./Caddyfile:/etc/caddy/Caddyfile:ro,z +Volume=/var/lib/containers/data/netalertx/caddy:/data/caddy:z +Volume=/var/lib/containers/log/netalertx/caddy:/var/log:z +Volume=/var/lib/containers/config/netalertx/caddy:/config/caddy:z +Volume=/var/lib/containers/certificates/letsencrypt:/certificates:ro,z +``` + +`netalertx-server.container`: +``` +[Unit] +Description=NetAlertX Server Container +Requires=netalertx-caddy.service netalertx-outpost-proxy.service +After=netalertx-caddy.service netalertx-outpost-proxy.service + +[Service] +Restart=always + +[Container] +ContainerName=netalertx-server + +Pod=netalertx.pod +StartWithPod=true + +# Local built Image including latest Changes +Image=localhost/netalertx-dev:dev-20260109-232454 +Pull=missing + +# Make the container filesystem read-only +ReadOnly=true + +# Drop all capabilities for enhanced security +DropCapability=ALL + +# It is most secure to start with user 20211, but then we lose provisioning capabilities. +# User=20211:20211 + +# Required for scanning with arp-scan, nmap, nbtscan, traceroute, and zero-conf +AddCapability=NET_ADMIN + +# Required for raw socket operations with arp-scan, nmap, nbtscan, traceroute and zero-conf +AddCapability=NET_RAW + +# Required to bind to privileged ports with nbtscan +AddCapability=NET_BIND_SERVICE + +# Required for root-entrypoint to chown /data + /tmp before dropping privileges +AddCapability=CHOWN + +# Required for root-entrypoint to switch to non-root user +AddCapability=SETUID + +# Required for root-entrypoint to switch to non-root group +AddCapability=SETGID + +# Override the Configuration Template +Volume=/var/lib/containers/config/netalertx/server/nginx/netalertx.conf.template:/services/config/nginx/netalertx.conf.template:ro,Z + +# Letsencrypt Certificates +Volume=/var/lib/containers/certificates/letsencrypt/MYDOMAIN.TLD:/certificates:ro,Z + +# Data Storage for NetAlertX +Volume=/var/lib/containers/data/netalertx/server:/data:rw,Z + +# Set the Timezone +Volume=/etc/localtime:/etc/localtime:ro,Z + +# tmpfs mounts for writable directories in a read-only container and improve system performance +# All writes now live under /tmp/* subdirectories which are created dynamically by entrypoint.d scripts +# mode=1700 gives rwx------ permissions; ownership is set by /root-entrypoint.sh +# Mount=type=tmpfs,destination=/tmp,tmpfs-mode=1700,uid=0,gid=0,rw=true,noexec=true,nosuid=true,nodev=true,async=true,noatime=true,nodiratime=true,relabel=private +Mount=type=tmpfs,destination=/tmp,tmpfs-mode=1700,rw=true,noexec=true,nosuid=true,nodev=true + +# Environment Configuration +EnvironmentFile=.env +EnvironmentFile=.env.server + +# Runtime UID after priming (Synology/no-copy-up safe) +Environment=PUID=20211 + +# Runtime GID after priming (Synology/no-copy-up safe) +Environment=PGID=20211 + +# Listen for connections on all interfaces (IPv4) +Environment=LISTEN_ADDR=0.0.0.0 + +# Application port +Environment=PORT=20211 + +# SSL Port +Environment=PORT_SSL=443 + +# GraphQL API port +Environment=GRAPHQL_PORT=20212 + +# Set to true to reset your config and database on each container start +Environment=ALWAYS_FRESH_INSTALL=false + +# 0=kill all services and restart if any dies. 1 keeps running dead services. +Environment=NETALERTX_DEBUG=0 + +# Set the GraphQL URL for external Access (via Caddy Reverse Proxy) +Environment=BACKEND_API_URL=https://netalertx-fedora.MYDOMAIN.TLD:20212 + +# Resource limits to prevent resource exhaustion +# Maximum memory usage +Memory=4g + +# Limit the number of processes/threads to prevent fork bombs +PidsLimit=512 + +# Relative CPU weight for CPU contention scenarios +PodmanArgs=--cpus=2 +PodmanArgs=--cpu-shares=512 + +# Soft memory limit +PodmanArgs=--memory-reservation=2g + +# !! The following Keys are unfortunately not [yet] supported !! + +# Relative CPU weight for CPU contention scenarios +#CpuShares=512 + +# Soft memory limit +#MemoryReservation=2g +``` + +`netalertx-outpost-proxy.container`: +``` +[Unit] +Description=NetAlertX Authentik Proxy Outpost Container +Requires=netalertx-caddy.service +After=netalertx-caddy.service + +[Service] +Restart=always + +[Container] +ContainerName=netalertx-outpost-proxy + +Pod=netalertx.pod +StartWithPod=true + +# General Configuration +EnvironmentFile=.env + +# Authentik Outpost Proxy Specific Configuration +EnvironmentFile=.env.outpost.proxy + +Environment=AUTHENTIK_HOST=https://authentik.MYDOMAIN.TLD +Environment=AUTHENTIK_INSECURE=false + +# Overrides Value from .env.outpost.rac +# Environment=AUTHENTIK_TOKEN=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXX + +# Optional setting to be used when `authentik_host` for internal communication doesn't match the public URL +# Environment=AUTHENTIK_HOST_BROWSER=https://authentik.MYDOMAIN.TLD + +# Container Image +Image=ghcr.io/goauthentik/proxy:2025.10 +Pull=missing + +# Network Configuration +Network=container:supermicro-ikvm-pve031-caddy + +# Security Configuration +NoNewPrivileges=true +``` + +### Firewall Setup + +Depending on which GNU/Linux Distribution you are running, it might be required to open up some Firewall Ports in order to be able to access the Endpoints from outside the Host itself. + +This is for instance the Case for Fedora Linux, where I had to open: + +- Port 20212 for external GraphQL Access (both TCP & UDP are open, unsure if UDP is required) +- Port 9443 for external Authentik Outpost Proxy Access (both TCP & UDP are open, unsure if UDP is required) + +![Fedora Firewall Configuration](./img/REVERSE_PROXY/fedora-firewall.png) + +### Authentik Setup + +In order to enable Single Sign On (SSO) with Authentik, you will need to create a Provider, an Application and an Outpost. + +![Authentik Left Sidebar](./img/REVERSE_PROXY/authentik-sidebar.png) + +First of all, using the Left Sidebar, navigate to `Applications` → `Providers`, click on `Create` (Blue Button at the Top of the Screen), select `Proxy Provider`, then click `Next`: +![Authentik Provider Setup (Part 1)](./img/REVERSE_PROXY/authentik-provider-setup-01.png) + +Fill in the required Fields: + +- Name: choose a Name for the Provider (e.g. `netalertx`) +- Authorization Flow: choose the Authorization Flow. I typically use `default-provider-authorization-implicit-consent (Authorize Application)`. If you select the `default-provider-authorization-explicit-consent (Authorize Application)` you will need to authorize Authentik every Time you want to log in NetAlertX, which can make the Experience less User-friendly +- Type: Click on `Forward Auth (single application)` +- External Host: set to `https://netalertx.MYDOMAIN.TLD` + +Click `Finish`. + +![Authentik Provider Setup (Part 2)](./img/REVERSE_PROXY/authentik-provider-setup-02.png) + +Now, using the Left Sidebar, navigate to `Applications` → `Applications`, click on `Create` (Blue Button at the Top of the Screen) and fill in the required Fields: + +- Name: choose a Name for the Application (e.g. `netalertx`) +- Slug: choose a Slug for the Application (e.g. `netalertx`) +- Group: optionally you can assign this Application to a Group of Applications of your Choosing (for grouping Purposes within Authentik User Interface) +- Provider: select the Provider you created the the `Providers` Section previosly (e.g. `netalertx`) + +Then click `Create`. + +![Authentik Application Setup (Part 1)](./img/REVERSE_PROXY/authentik-application-setup-01.png) + +Now, using the Left Sidebar, navigate to `Applications` → `Outposts`, click on `Create` (Blue Button at the Top of the Screen) and fill in the required Fields: + +- Name: choose a Name for the Outpost (e.g. `netalertx`) +- Type: `Proxy` +- Integration: open the Dropdown and click on `---------`. Make sure it is NOT set to `Local Docker connection` ! + +In the `Available Applications` Section, select the Application you created in the Previous Step, then click the right Arrow (approx. located in the Center of the Screen), so that it gets copied in the `Selected Applications` Section. + +Then click `Create`. + +![Authentik Outpost Setup (Part 1)](./img/REVERSE_PROXY/authentik-outpost-setup-01.png) + +Wait a few Seconds for the Outpost to be created. Once it appears in the List, click on `Deployment Info` on the Right Side of the relevant Line. + +![Authentik Outpost Setup (Part 2)](./img/REVERSE_PROXY/authentik-outpost-setup-02.png) + +Take note of that Token. You will need it for the Authentik Outpost Proxy Container, which will read it as the `AUTHENTIK_TOKEN` Environment Variable. + +### NGINX Configuration inside NetAlertX Container +> [!NOTE] +> This is something that was implemented based on the previous Content of this Reverse Proxy Document. +> Due to some Buffer Warnings/Errors in the Logs as well as some other Issues I was experiencing, I increased a lot the client_body_buffer_size and large_client_header_buffers Parameters, although these might not be required anymore. +> Further Testing might be required. + +``` +# Set number of worker processes automatically based on number of CPU cores. +worker_processes auto; + +# Enables the use of JIT for regular expressions to speed-up their processing. +pcre_jit on; + +# Configures default error logger. +error_log /tmp/log/nginx-error.log warn; + +pid /tmp/run/nginx.pid; + +events { + # The maximum number of simultaneous connections that can be opened by + # a worker process. + worker_connections 1024; +} + +http { + + # Mapping of temp paths for various nginx modules. + client_body_temp_path /tmp/nginx/client_body; + proxy_temp_path /tmp/nginx/proxy; + fastcgi_temp_path /tmp/nginx/fastcgi; + uwsgi_temp_path /tmp/nginx/uwsgi; + scgi_temp_path /tmp/nginx/scgi; + + # Includes mapping of file name extensions to MIME types of responses + # and defines the default type. + include /services/config/nginx/mime.types; + default_type application/octet-stream; + + # Name servers used to resolve names of upstream servers into addresses. + # It's also needed when using tcpsocket and udpsocket in Lua modules. + #resolver 1.1.1.1 1.0.0.1 [2606:4700:4700::1111] [2606:4700:4700::1001]; + + # Don't tell nginx version to the clients. Default is 'on'. + server_tokens off; + + # Specifies the maximum accepted body size of a client request, as + # indicated by the request header Content-Length. If the stated content + # length is greater than this size, then the client receives the HTTP + # error code 413. Set to 0 to disable. Default is '1m'. + client_max_body_size 1m; + + # Sendfile copies data between one FD and other from within the kernel, + # which is more efficient than read() + write(). Default is off. + sendfile on; + + # Causes nginx to attempt to send its HTTP response head in one packet, + # instead of using partial frames. Default is 'off'. + tcp_nopush on; + + + # Enables the specified protocols. Default is TLSv1 TLSv1.1 TLSv1.2. + # TIP: If you're not obligated to support ancient clients, remove TLSv1.1. + ssl_protocols TLSv1.2 TLSv1.3; + + # Path of the file with Diffie-Hellman parameters for EDH ciphers. + # TIP: Generate with: `openssl dhparam -out /etc/ssl/nginx/dh2048.pem 2048` + #ssl_dhparam /etc/ssl/nginx/dh2048.pem; + + # Specifies that our cipher suits should be preferred over client ciphers. + # Default is 'off'. + ssl_prefer_server_ciphers on; + + # Enables a shared SSL cache with size that can hold around 8000 sessions. + # Default is 'none'. + ssl_session_cache shared:SSL:2m; + + # Specifies a time during which a client may reuse the session parameters. + # Default is '5m'. + ssl_session_timeout 1h; + + # Disable TLS session tickets (they are insecure). Default is 'on'. + ssl_session_tickets off; + + + # Enable gzipping of responses. + gzip on; + + # Set the Vary HTTP header as defined in the RFC 2616. Default is 'off'. + gzip_vary on; + + + # Specifies the main log format. + log_format main '$remote_addr - $remote_user [$time_local] "$request" ' + '$status $body_bytes_sent "$http_referer" ' + '"$http_user_agent" "$http_x_forwarded_for"'; + + # Sets the path, format, and configuration for a buffered log write. + access_log /tmp/log/nginx-access.log main; + + + # Virtual host config (unencrypted) + server { + listen ${LISTEN_ADDR}:${PORT} default_server; + root /app/front; + index index.php; + add_header X-Forwarded-Prefix "/app" always; + + server_name netalertx-server; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + + client_body_buffer_size 512k; + large_client_header_buffers 64 128k; + + location ~* \.php$ { + # Set Cache-Control header to prevent caching on the first load + add_header Cache-Control "no-store"; + fastcgi_pass unix:/tmp/run/php.sock; + include /services/config/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param SCRIPT_NAME $fastcgi_script_name; + fastcgi_connect_timeout 75; + fastcgi_send_timeout 600; + fastcgi_read_timeout 600; + } + } +} +``` + +### Caddyfile +``` +# Example and Guide +# https://caddyserver.com/docs/caddyfile/options + +# General Options +{ + # (Optional) Debug Mode + # debug + + # (Optional ) Enable / Disable Admin API + admin off + + # TLS Options + # (Optional) Disable Certificates Management (only if SSL/TLS Certificates are managed by certbot or other external Tools) + auto_https disable_certs +} + +# (Optional Enable Admin API) +# localhost { +# reverse_proxy /api/* localhost:9001 +# } + +# NetAlertX Web GUI (HTTPS Port 443) +# (Optional) Only if SSL/TLS Certificates are managed by certbot or other external Tools and Custom Logging is required +{$APPLICATION_HOSTNAME}:443 { + tls /certificates/{$APPLICATION_CERTIFICATE_DOMAIN}/{$APPLICATION_CERTIFICATE_CERT_FILE:fullchain.pem} /certificates/{$APPLICATION_CERTIFICATE_DOMAIN}/{$APPLICATION_CERTIFICATE_KEY_FILE:privkey.pem} + + log { + output file /var/log/{$APPLICATION_HOSTNAME}/access_web.json { + roll_size 100MiB + roll_keep 5000 + roll_keep_for 720h + roll_uncompressed + } + + format json + } + + route { + # Always forward outpost path to actual outpost + reverse_proxy /outpost.goauthentik.io/* https://{$OUTPOST_HOSTNAME}:{$OUTPOST_EXTERNAL_PORT} { + header_up Host {http.reverse_proxy.upstream.hostport} + } + + # Forward authentication to outpost + forward_auth https://{$OUTPOST_HOSTNAME}:{$OUTPOST_EXTERNAL_PORT} { + uri /outpost.goauthentik.io/auth/caddy + + # Capitalization of the headers is important, otherwise they will be empty + copy_headers X-Authentik-Username X-Authentik-Groups X-Authentik-Email X-Authentik-Name X-Authentik-Uid X-Authentik-Jwt X-Authentik-Meta-Jwks X-Authentik-Meta-Outpost X-Authentik-Meta-Provider X-Authentik-Meta-App X-Authentik-Meta-Version + + # (Optional) + # If not set, trust all private ranges, but for Security Reasons, this should be set to the outposts IP + trusted_proxies private_ranges + } + } + + # IPv4 Reverse Proxy to NetAlertX Web GUI (internal unencrypted Host) + reverse_proxy http://0.0.0.0:20211 + + # IPv6 Reverse Proxy to NetAlertX Web GUI (internal unencrypted Host) + # reverse_proxy http://[::1]:20211 +} + +# NetAlertX GraphQL Endpoint (HTTPS Port 20212) +# (Optional) Only if SSL/TLS Certificates are managed by certbot or other external Tools and Custom Logging is required +{$APPLICATION_HOSTNAME}:20212 { + tls /certificates/{$APPLICATION_CERTIFICATE_DOMAIN}/{$APPLICATION_CERTIFICATE_CERT_FILE:fullchain.pem} /certificates/{$APPLICATION_CERTIFICATE_DOMAIN}/{$APPLICATION_CERTIFICATE_KEY_FILE:privkey.pem} + + log { + output file /var/log/{$APPLICATION_HOSTNAME}/access_graphql.json { + roll_size 100MiB + roll_keep 5000 + roll_keep_for 720h + roll_uncompressed + } + + format json + } + + # IPv4 Reverse Proxy to NetAlertX GraphQL Endpoint (internal unencrypted Host) + reverse_proxy http://0.0.0.0:20219 + + # IPv6 Reverse Proxy to NetAlertX GraphQL Endpoint (internal unencrypted Host) + # reverse_proxy http://[::1]:6000 +} + +# Authentik Outpost +# (Optional) Only if SSL/TLS Certificates are managed by certbot or other external Tools and Custom Logging is required +{$OUTPOST_HOSTNAME}:{$OUTPOST_EXTERNAL_PORT} { + tls /certificates/{$APPLICATION_CERTIFICATE_DOMAIN}/{$APPLICATION_CERTIFICATE_CERT_FILE:fullchain.pem} /certificates/{$APPLICATION_CERTIFICATE_DOMAIN}/{$APPLICATION_CERTIFICATE_KEY_FILE:privkey.pem} + + log { + output file /var/log/outpost/{$OUTPOST_HOSTNAME}/access.json { + roll_size 100MiB + roll_keep 5000 + roll_keep_for 720h + roll_uncompressed + } + + format json + } + + # IPv4 Reverse Proxy to internal unencrypted Host + # reverse_proxy http://0.0.0.0:6000 + + # IPv6 Reverse Proxy to internal unencrypted Host + reverse_proxy http://[::1]:6000 +} +``` + +### Login +Now try to login by visiting `https://netalertx.MYDOMAIN.TLD`. + +You should be greeted with a Login Screen by Authentik. + +If you are already logged in Authentik, log out first. You can do that by visiting `https://netalertx.MYDOMAIN.TLD/outpost.goauthentik.io/sign_out`, then click on `Log out of authentik` (2nd Button). Or you can just sign out from your Authentik Admin Panel at `https://authentik.MYDOMAIN.TLD`. + +If everything works as expected, then you can now set `SETPWD_enable_password=false` to disable double Authentication. + +![Authentik Login Screen](./img/REVERSE_PROXY/authentik-login.png) \ No newline at end of file diff --git a/docs/REVERSE_PROXY_TRAEFIK.md b/docs/REVERSE_PROXY_TRAEFIK.md new file mode 100644 index 000000000..8766cfc6d --- /dev/null +++ b/docs/REVERSE_PROXY_TRAEFIK.md @@ -0,0 +1,86 @@ +# Guide: Routing NetAlertX API via Traefik v3 + +> [!NOTE] +> NetAlertX requires access to both the **web UI** (default `20211`) and the **GraphQL backend `GRAPHQL_PORT`** (default `20212`) ports. +> Ensure your reverse proxy allows traffic to both for proper functionality. + + +> [!NOTE] +> This is community-contributed. Due to environment, setup, or networking differences, results may vary. Please open a PR to improve it instead of creating an issue, as the maintainer is not actively maintaining it. + + +Traefik v3 requires the following setup to route traffic properly. This guide shows a working configuration using a dedicated `PathPrefix`. + +--- + +## 1. Configure NetAlertX Backend URL + +1. Open the NetAlertX UI: **Settings → Core → General**. +2. Set the `BACKEND_API_URL` to include a custom path prefix, for example: + +``` +https://netalertx.yourdomain.com/netalertx-api +``` + +This tells the frontend where to reach the backend API. + +--- + +## 2. Create a Traefik Router for the API + +Define a router specifically for the API with a higher priority and a `PathPrefix` rule: + +```yaml +netalertx-api: + rule: "Host(`netalertx.yourdomain.com`) && PathPrefix(`/netalertx-api`)" + service: netalertx-api-service + middlewares: + - netalertx-stripprefix + priority: 100 +``` + +**Notes:** + +* `Host(...)` ensures requests are only routed for your domain. +* `PathPrefix(...)` routes anything under `/netalertx-api` to the backend. +* Priority `100` ensures this router takes precedence over other routes. + +--- + +## 3. Add a Middleware to Strip the Prefix + +NetAlertX expects requests at the root (`/`). Use Traefik’s `StripPrefix` middleware: + +```yaml +middlewares: + netalertx-stripprefix: + stripPrefix: + prefixes: + - "/netalertx-api" +``` + +This removes `/netalertx-api` before forwarding the request to the backend container. + +--- + +## 4. Map the API Service to the Backend Container + +Point the service to the internal GraphQL/Backend port (20212): + +```yaml +netalertx-api-service: + loadBalancer: + servers: + - url: "http://:20212" +``` + +Replace `` with your NetAlertX container’s internal address. + +--- + +✅ With this setup: + +* `https://netalertx.yourdomain.com` → Web interface (port 20211) +* `https://netalertx.yourdomain.com/netalertx-api` → API/GraphQL backend (port 20212) + +This cleanly separates API requests from frontend requests while keeping everything under the same domain. diff --git a/docs/SYNOLOGY_GUIDE.md b/docs/SYNOLOGY_GUIDE.md index 1329c0c21..c87cd2a71 100755 --- a/docs/SYNOLOGY_GUIDE.md +++ b/docs/SYNOLOGY_GUIDE.md @@ -37,8 +37,8 @@ services: netalertx: container_name: netalertx # use the below line if you want to test the latest dev image - # image: "ghcr.io/jokob-sk/netalertx-dev:latest" - image: "ghcr.io/jokob-sk/netalertx:latest" + # image: "ghcr.io/netalertx/netalertx-dev:latest" + image: "ghcr.io/netalertx/netalertx:latest" network_mode: "host" restart: unless-stopped cap_drop: # Drop all capabilities for enhanced security diff --git a/docs/img/@eaDir/device_details.png@SynoEAStream b/docs/img/@eaDir/device_details.png@SynoEAStream deleted file mode 100755 index 285322382..000000000 Binary files a/docs/img/@eaDir/device_details.png@SynoEAStream and /dev/null differ diff --git a/docs/img/@eaDir/devices_dark.png@SynoEAStream b/docs/img/@eaDir/devices_dark.png@SynoEAStream deleted file mode 100755 index 285322382..000000000 Binary files a/docs/img/@eaDir/devices_dark.png@SynoEAStream and /dev/null differ diff --git a/docs/img/@eaDir/devices_light.png@SynoEAStream b/docs/img/@eaDir/devices_light.png@SynoEAStream deleted file mode 100755 index 285322382..000000000 Binary files a/docs/img/@eaDir/devices_light.png@SynoEAStream and /dev/null differ diff --git a/docs/img/@eaDir/devices_split.png@SynoEAStream b/docs/img/@eaDir/devices_split.png@SynoEAStream deleted file mode 100755 index 285322382..000000000 Binary files a/docs/img/@eaDir/devices_split.png@SynoEAStream and /dev/null differ diff --git a/docs/img/@eaDir/events.png@SynoEAStream b/docs/img/@eaDir/events.png@SynoEAStream deleted file mode 100755 index 285322382..000000000 Binary files a/docs/img/@eaDir/events.png@SynoEAStream and /dev/null differ diff --git a/docs/img/@eaDir/help_faq.png@SynoEAStream b/docs/img/@eaDir/help_faq.png@SynoEAStream deleted file mode 100755 index 285322382..000000000 Binary files a/docs/img/@eaDir/help_faq.png@SynoEAStream and /dev/null differ diff --git a/docs/img/@eaDir/maintenance.png@SynoEAStream b/docs/img/@eaDir/maintenance.png@SynoEAStream deleted file mode 100755 index 285322382..000000000 Binary files a/docs/img/@eaDir/maintenance.png@SynoEAStream and /dev/null differ diff --git a/docs/img/@eaDir/network.png@SynoEAStream b/docs/img/@eaDir/network.png@SynoEAStream deleted file mode 100755 index 285322382..000000000 Binary files a/docs/img/@eaDir/network.png@SynoEAStream and /dev/null differ diff --git a/docs/img/@eaDir/presence.png@SynoEAStream b/docs/img/@eaDir/presence.png@SynoEAStream deleted file mode 100755 index 285322382..000000000 Binary files a/docs/img/@eaDir/presence.png@SynoEAStream and /dev/null differ diff --git a/docs/img/@eaDir/settings.png@SynoEAStream b/docs/img/@eaDir/settings.png@SynoEAStream deleted file mode 100755 index 285322382..000000000 Binary files a/docs/img/@eaDir/settings.png@SynoEAStream and /dev/null differ diff --git a/docs/img/API/API_docs.png b/docs/img/API/API_docs.png new file mode 100644 index 000000000..03db08fcf Binary files /dev/null and b/docs/img/API/API_docs.png differ diff --git a/docs/img/DEVICE_MANAGEMENT/field_sources_and_locks.png b/docs/img/DEVICE_MANAGEMENT/field_sources_and_locks.png new file mode 100644 index 000000000..4b4b4b144 Binary files /dev/null and b/docs/img/DEVICE_MANAGEMENT/field_sources_and_locks.png differ diff --git a/docs/img/FEATURES/Event-Driven_Alerts.png b/docs/img/FEATURES/Event-Driven_Alerts.png new file mode 100644 index 000000000..b30bf6a18 Binary files /dev/null and b/docs/img/FEATURES/Event-Driven_Alerts.png differ diff --git a/docs/img/FEATURES/Events.png b/docs/img/FEATURES/Events.png new file mode 100644 index 000000000..cc25fdb1e Binary files /dev/null and b/docs/img/FEATURES/Events.png differ diff --git a/docs/img/FEATURES/LAN_Visualization.png b/docs/img/FEATURES/LAN_Visualization.png new file mode 100644 index 000000000..33a1133aa Binary files /dev/null and b/docs/img/FEATURES/LAN_Visualization.png differ diff --git a/docs/img/FEATURES/MCP_Server.png b/docs/img/FEATURES/MCP_Server.png new file mode 100644 index 000000000..4eb7a40c0 Binary files /dev/null and b/docs/img/FEATURES/MCP_Server.png differ diff --git a/docs/img/FEATURES/Multi-Channel_Notifications.png b/docs/img/FEATURES/Multi-Channel_Notifications.png new file mode 100644 index 000000000..2eac0cc51 Binary files /dev/null and b/docs/img/FEATURES/Multi-Channel_Notifications.png differ diff --git a/docs/img/FEATURES/Network_Discovery_Device_Tracking.png b/docs/img/FEATURES/Network_Discovery_Device_Tracking.png new file mode 100644 index 000000000..5d8b6f2a4 Binary files /dev/null and b/docs/img/FEATURES/Network_Discovery_Device_Tracking.png differ diff --git a/docs/img/device_nmap.png b/docs/img/device_nmap.png deleted file mode 100755 index c1208edb1..000000000 Binary files a/docs/img/device_nmap.png and /dev/null differ diff --git a/docs/img/device_tools.png b/docs/img/device_tools.png new file mode 100644 index 000000000..0e3b66129 Binary files /dev/null and b/docs/img/device_tools.png differ diff --git a/docs/img/devices_split.png b/docs/img/devices_split.png index 4a27a1bb7..4f044aeba 100755 Binary files a/docs/img/devices_split.png and b/docs/img/devices_split.png differ diff --git a/docs/img/maintenance.png b/docs/img/maintenance.png index 939586867..989af00de 100755 Binary files a/docs/img/maintenance.png and b/docs/img/maintenance.png differ diff --git a/docs/img/netalertx_docs.png b/docs/img/netalertx_docs.png index 27a0b6617..39914c592 100755 Binary files a/docs/img/netalertx_docs.png and b/docs/img/netalertx_docs.png differ diff --git a/docs/img/network.png b/docs/img/network.png index b87d42f5e..192315860 100755 Binary files a/docs/img/network.png and b/docs/img/network.png differ diff --git a/docs/img/report_sample.png b/docs/img/report_sample.png index 7b6888646..988267cf4 100755 Binary files a/docs/img/report_sample.png and b/docs/img/report_sample.png differ diff --git a/docs/img/sync_hub.png b/docs/img/sync_hub.png index dc452e2db..af42a9443 100755 Binary files a/docs/img/sync_hub.png and b/docs/img/sync_hub.png differ diff --git a/docs/index.md b/docs/index.md index 8f830dc71..720842a29 100755 --- a/docs/index.md +++ b/docs/index.md @@ -4,51 +4,55 @@ hide: - toc --- -# NetAlertX Documentation - -Welcome to the official NetAlertX documentation! NetAlertX is a powerful tool designed to simplify the management and monitoring of your network. Below, you will find guides and resources to help you set up, configure, and troubleshoot your NetAlertX instance. - -![Preview](./img/devices_split.png) - -## In-App Help - -NetAlertX provides contextual help within the application: - -- **Hover over settings, fields, or labels** to see additional tooltips and guidance. -- **Click ❔ (question-mark) icons** next to various elements to view detailed information. - ---- - -## Installation Guides - -The app can be installed different ways, with the best support of the docker-based deployments. This includes the Home Assistant and Unraid installation approaches. See details below. - -### Docker (Fully Supported) - -NetAlertX is fully supported in Docker environments, allowing for easy setup and configuration. Follow the official guide to get started: - -- [Docker Installation Guide](./DOCKER_INSTALLATION.md) - -This guide will take you through the process of setting up NetAlertX using Docker Compose or standalone Docker commands. - -### Home Assistant (Fully Supported) - -You can install NetAlertX also as a Home Assistant addon [![Home Assistant](https://img.shields.io/badge/Repo-blue?logo=home-assistant&style=for-the-badge&color=0aa8d2&logoColor=fff&label=Add)](https://my.home-assistant.io/redirect/supervisor_add_addon_repository/?repository_url=https%3A%2F%2Fgithub.com%2Falexbelgium%2Fhassio-addons) via the [alexbelgium/hassio-addons](https://github.com/alexbelgium/hassio-addons/) repository. This is only possible if you run a supervised instance of Home Assistant. If not, you can still run NetAlertX in a separate Docker container and follow this guide to configure MQTT. - -- [[Installation] Home Assistant](https://github.com/alexbelgium/hassio-addons/tree/master/netalertx) - -### Unraid (Partial Support) - -The Unraid template was created by the community, so it's only partially supported. Alternatively, here is [another version of the Unraid template](https://github.com/jokob-sk/NetAlertX-unraid). - -- [[Installation] Unraid App](https://unraid.net/community/apps) - -### Bare-Metal Installation (Experimental) - -If you prefer to run NetAlertX on your own hardware, you can try the experimental bare-metal installation. Please note that this method is still under development, and are looking for maintainers to help improve it. - -- [Bare-Metal Installation Guide](./HW_INSTALL.md) +
+
+

NetAlertX

+

+ Centralized network visibility and continuous asset discovery. +

+

+ NetAlertx delivers a scalable and secure solution for comprehensive network monitoring, supporting security awareness and operational efficiency. +

+
+
+ Hero image for NetAlertx +
+
+ +
+
+

Learn

+

Understand NetAlertX core features, discovery, and alerting concepts

+ + Explore Features + +
+ +
+

Install

+

Step-by-step installation guides for Docker, Home Assistant, Unraid, and bare-metal setups

+ + View Installation Guides + +
+ +
+

Notifications

+

Learn how NetAlertX provides device presence, alerting, and compliance-friendly monitoring

+ + Explore Notifications + +
+ +
+

Contribute

+

Source code, development environment setup, and contribution guidelines

+ + Contribute on GitHub + +
+
--- @@ -58,14 +62,16 @@ If you need help or run into issues, here are some resources to guide you: **Before opening an issue, please:** + - **Hover over settings, fields, or labels** to see additional tooltips and guidance. + - **Click ? (question-mark) icons** next to various elements to view detailed information. - [Check common issues](./DEBUG_TIPS.md#common-issues) to see if your problem has already been reported. - - [Look at closed issues](https://github.com/jokob-sk/NetAlertX/issues?q=is%3Aissue+is%3Aclosed) for possible solutions to past problems. + - [Look at closed issues](https://github.com/netalertx/NetAlertX/issues?q=is%3Aissue+is%3Aclosed) for possible solutions to past problems. - **Enable debugging** to gather more information: [Debug Guide](./DEBUG_TIPS.md). **Need more help?** Join the community discussions or submit a support request: - - Visit the [GitHub Discussions](https://github.com/jokob-sk/NetAlertX/discussions) for community support. - - If you are experiencing issues that require immediate attention, consider opening an issue on our [GitHub Issues page](https://github.com/jokob-sk/NetAlertX/issues). + - Visit the [GitHub Discussions](https://github.com/netalertx/NetAlertX/discussions) for community support. + - If you are experiencing issues that require immediate attention, consider opening an issue on our [GitHub Issues page](https://github.com/netalertx/NetAlertX/issues). --- @@ -84,15 +90,15 @@ For more information on contributing, check out our [Dev Guide](./DEV_ENV_SETUP. To keep up with the latest changes and updates to NetAlertX, please refer to the following resources: -- [Releases](https://github.com/jokob-sk/NetAlertX/releases) +- [Releases](https://github.com/netalertx/NetAlertX/releases) Make sure to follow the project on GitHub to get notifications for new releases and important updates. --- ## Additional info -- **Documentation Index**: Check out the full [documentation index](https://github.com/jokob-sk/NetAlertX/tree/main/docs) for all the guides available. +- **Documentation Index**: Check out the full [documentation index](https://github.com/netalertx/NetAlertX/tree/main/docs) for all the guides available. If you have any suggestions or improvements, please don’t hesitate to contribute! -NetAlertX is actively maintained. You can find the source code, report bugs, or request new features on our [GitHub page](https://github.com/jokob-sk/NetAlertX). +NetAlertX is actively maintained. You can find the source code, report bugs, or request new features on our [GitHub page](https://github.com/netalertx/NetAlertX). diff --git a/docs/stylesheets/custom.css b/docs/stylesheets/custom.css new file mode 100644 index 000000000..4407decdc --- /dev/null +++ b/docs/stylesheets/custom.css @@ -0,0 +1,121 @@ +/** + * Copyright 2026 UCP Authors + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + + +/* --- HERO SECTION --- */ +.hero-wrapper { + display: flex; + align-items: flex-start; + justify-content: space-between; + max-width: 1200px; + margin: 0 auto; +} + +.hero-content { + flex: 1; + max-width: 26.8rem; +} + +.hero-content h1 { + font-size: 3rem; + line-height: 1.12; + font-weight: 450; + margin-bottom: 0.5rem; + letter-spacing: -0.02em; +} + +p.hero-subheading { + font-size: 1.5rem; + line-height: 1.28; + margin: 0 0 1rem; +} + +p.hero-description { + line-height: 1.4; + margin: 0; +} + +.hero-image { + display: flex; + justify-content: center; + margin-top: 15px; + max-width: 45%; +} + +.hero-logo-crisp { + width: 100%; + height: auto; + object-fit: contain; +} + +/* --- PROMO CARDS --- */ +.promo-card-wrapper { + display: flex; + flex-wrap: wrap; + gap: 24px; + max-width: 1200px; + margin: 60px auto; +} + +.promo-card { + flex: 0 0 calc(50% - 12px); + min-width: 300px; + border-radius: 24px; + padding: 16px 24px; + display: flex; + flex-direction: column; + align-items: flex-start; + background-color: color-mix( + in srgb, + var(--md-primary-fg-color) 8%, + transparent + ); + transition: transform 0.2s ease; +} + +.promo-card:hover { + transform: translateY(-2px); +} + +.promo-card h3 { + margin: 0 0 12px; + color: var(--md-primary-fg-color); +} + +.promo-card p { + margin-bottom: 16px; + flex-grow: 1; +} + +/* --- PROMO BUTTONS --- */ +.promo-button, +.learn-more-btn { + display: inline-block; + padding: 0.5rem 1.2rem; + border: 1px solid var(--md-primary-fg-color); + border-radius: 50px; + text-decoration: none; + color: var(--md-primary-fg-color); + font-weight: 500; + font-size: 0.8rem; + background-color: transparent; + transition: opacity 0.2s ease-in-out; +} + +.promo-button:hover, +.learn-more-btn:hover { + opacity: 0.8; +} diff --git a/front/403_internal.html b/front/403_internal.html new file mode 100644 index 000000000..cbbcc8cfc --- /dev/null +++ b/front/403_internal.html @@ -0,0 +1,65 @@ + + + + + + Access Restricted - NetAlertX + + + +
+

403 Forbidden

+

+ The /server endpoint is for internal use only and cannot be accessed from external browsers or applications. +

+

+ This security measure protects the backend API. You will need to contact your system administrator in order to gain access to the API port (default: 20212), or use the application through the standard web interface. +

+
+ NetAlertX Security • Trust Level: Untrusted Origin +
+
+ + \ No newline at end of file diff --git a/front/css/app.css b/front/css/app.css index 988618ad6..302f2f944 100755 --- a/front/css/app.css +++ b/front/css/app.css @@ -105,7 +105,7 @@ a[target="_blank"] { background-color: black !important; font-family: 'Courier New', monospace; font-size: .85em; - cursor: pointer; + cursor: pointer !important; } .logs-row textarea { @@ -508,6 +508,45 @@ body color: #a0a0a0; } +.small-box { + margin-bottom: 15px !important; + float: left; + width: 100%; + border-radius: 4px; + border-top: 0px; +} + +#TopSmallBoxes .small-box { + height: 3em; +} + +.small-box .icon +{ + font-size: 2.2em !important; + float: right; + top: 0; +} +.small-box .small-box-text +{ + float:left; + font-size: x-large; + margin-top: -0.3em; +} + +.small-box .infobox_label +{ + font-size: larger; + float: right; + text-align: center; + z-index: 1; +} + +hr +{ + margin-top: 5px; + margin-bottom: 10px; +} + /* ----------------------------------------------------------------------------- Customized Box Borders ----------------------------------------------------------------------------- */ @@ -891,6 +930,14 @@ height: 50px; .nav-tabs-custom .tab-content { overflow: scroll; } + .infobox_label + { + display: none; + } + .small-box .icon + { + display: block !important; + } } .top_small_box_gray_text { @@ -901,10 +948,6 @@ height: 50px; background-color: #b2b6be !important; } -.infobox_label { - font-size: 16px !important; -} - .deviceSelector { display: block; @@ -1667,6 +1710,10 @@ textarea[readonly], min-height: 42px; } +.form-group { + margin-bottom: 5px !important; +} + /* Remove the default Select2 chevron (the down arrow) */ .select2-container .select2-selection__arrow b { display: none !important; @@ -2214,9 +2261,8 @@ textarea[readonly], .red-hover-border:hover { - border-color: red !important; - border-width: 1px; - border-style: solid; + border-color: #ff0000 !important; + box-shadow: #ff0000; } @@ -2225,12 +2271,6 @@ textarea[readonly], background-color: red !important; } -#multi-edit-form .form-group -{ - height: 45px; - -} - .top-left-logo { height:35px; diff --git a/front/css/dark-patch.css b/front/css/dark-patch.css index 8302fa286..dbda38011 100755 --- a/front/css/dark-patch.css +++ b/front/css/dark-patch.css @@ -42,14 +42,7 @@ h4 { .content-header > .breadcrumb > li > a { color: #bec5cb; } -.table > thead > tr > th, -.table > tbody > tr > th, -.table > tfoot > tr > th, -.table > thead > tr > td, -.table > tbody > tr > td, -.table > tfoot > tr > td { - border-top: 0; -} + .table > thead > tr.odd, .table > tbody > tr.odd, .table > tfoot > tr.odd { @@ -73,7 +66,6 @@ h4 { border: 1px solid #353c42; } .dataTables_wrapper input[type="search"] { - border-radius: 4px; background-color: #353c42; border: 0; color: #bec5cb; @@ -126,7 +118,6 @@ h4 { border-color: #3c8dbc; } .sidebar-menu > li > .treeview-menu { - margin: 0 1px; background-color: #32393e; } .sidebar a { @@ -144,16 +135,13 @@ h4 { color: #fff; } .sidebar-form { - border-radius: 3px; border: 1px solid #3e464c; - margin: 10px; } .sidebar-form input[type="text"], .sidebar-form .btn { box-shadow: none; background-color: #3e464c; border: 1px solid transparent; - height: 35px; } .sidebar-form input[type="text"] { color: #666; @@ -207,20 +195,13 @@ h4 { .box > .box-header .btn { color: #bec5cb; } -.box.box-info, -.box.box-primary, -.box.box-success, -.box.box-warning, -.box.box-danger { - border-top-width: 3px; -} + .main-header .navbar { background-color: #272c30; } .main-header .navbar .nav > li > a, .main-header .navbar .nav > li > .navbar-text { color: #bec5cb; - max-height: 50px; } .main-header .navbar .nav > li > a:hover, .main-header .navbar .nav > li > a:active, @@ -277,7 +258,6 @@ h4 { background: rgba(64, 72, 80, 0.666); } .nav-tabs-custom > .nav-tabs > li { - margin-right: 1px; color: #bec5cb; } .nav-tabs-custom > .nav-tabs > li.active > a, @@ -386,11 +366,8 @@ h4 { code, pre { - padding: 2px 4px; - font-size: 90%; color: #bec5cb; background-color: #353c42; - border-radius: 4px; } /* Used in the Query Log table */ @@ -456,7 +433,7 @@ td.highlight { /* Used by the long-term pages */ .daterangepicker { background-color: #3e464c; - border-radius: 4px; + border: 1px solid #353c42; } .daterangepicker .ranges li:hover { @@ -467,7 +444,7 @@ td.highlight { } .daterangepicker .calendar-table { background-color: #3e464c; - border-radius: 4px; + border: 1px solid #353c42; } .daterangepicker td.off, @@ -535,7 +512,7 @@ textarea[readonly], .panel-body, .panel-default > .panel-heading { background-color: #3e464c; - border-radius: 4px; + border: 1px solid #353c42; color: #bec5cb; } @@ -568,23 +545,10 @@ input[type="password"]::-webkit-caps-lock-indicator { background-image: linear-gradient(to right, #114100 0%, #525200 100%); } -.icheckbox_polaris, -.icheckbox_futurico, -.icheckbox_minimal-blue { - margin-right: 10px; -} -.iradio_polaris, -.iradio_futurico, -.iradio_minimal-blue { - margin-right: 8px; -} - /* Overlay box with spinners as shown during data collection for graphs */ .box .overlay, .overlay-wrapper .overlay { - z-index: 50; background-color: rgba(53, 60, 66, 0.733); - border-radius: 3px; } .box .overlay > .fa, .overlay-wrapper .overlay > .fa, @@ -594,7 +558,6 @@ input[type="password"]::-webkit-caps-lock-indicator { .navbar-nav > .user-menu > .dropdown-menu > .user-footer { background-color: #353c42bb; - padding: 10px; } .modal-content { @@ -623,36 +586,32 @@ input[type="password"]::-webkit-caps-lock-indicator { border-color: rgb(120, 127, 133); } -/*** Additional fixes For Pi.Alert UI ***/ -.small-box { - border-radius: 10px; - border-top: 0px; -} +/*** Additional fixes For UI ***/ .pa-small-box-aqua .inner { background-color: rgb(45,108,133); - border-top-left-radius: 10px; - border-top-right-radius: 10px; + + } .pa-small-box-green .inner { background-color: rgb(31,76,46); - border-top-left-radius: 10px; - border-top-right-radius: 10px; + + } .pa-small-box-yellow .inner { background-color: rgb(151,104,37); - border-top-left-radius: 10px; - border-top-right-radius: 10px; + + } .pa-small-box-red .inner { background-color: rgb(120,50,38); - border-top-left-radius: 10px; - border-top-right-radius: 10px; + + } .pa-small-box-gray .inner { background-color: #777; /* color: rgba(20,20,20,30%); */ - border-top-left-radius: 10px; - border-top-right-radius: 10px; + + } .pa-small-box-gray .inner h3 { color: #bbb; @@ -691,15 +650,6 @@ table.dataTable tbody tr.selected, table.dataTable tbody tr .selected .db_tools_table_cell_b:nth-child(1) {background: #272c30} .db_tools_table_cell_b:nth-child(2) {background: #272c30} -.db_info_table { - display: table; - border-spacing: 0em; - font-weight: 400; - font-size: 15px; - width: 100%; - margin: auto; -} - .nav-tabs-custom > .nav-tabs > li:hover > a, .nav-tabs-custom > .nav-tabs > li.active:hover > a { background-color: #272c30; color: #bec5cb; @@ -742,23 +692,7 @@ table.dataTable tbody tr.selected, table.dataTable tbody tr .selected color: #bec5cb; background-color: #272c30; } -/* Add border radius to bottom of the status boxes*/ -.pa-small-box-footer { - border-bottom-left-radius: 10px; - border-bottom-right-radius: 10px; -} -.small-box > .inner h3, .small-box > .inner p { - margin-bottom: 0px; - margin-left: 0px; -} -.small-box:hover .icon { - font-size: 3em; -} -.small-box .icon { - top: 0.01em; - font-size: 3.25em; -} .nax_semitransparent-panel{ background-color: #000 !important; } diff --git a/front/css/system-dark-patch.css b/front/css/system-dark-patch.css index f55ce1c26..353c16792 100755 --- a/front/css/system-dark-patch.css +++ b/front/css/system-dark-patch.css @@ -76,9 +76,7 @@ border: 1px solid #353c42; } .dataTables_wrapper input[type="search"] { - border-radius: 4px; background-color: #353c42; - border: 0; color: #bec5cb; } .dataTables_paginate .pagination li > a { @@ -129,7 +127,6 @@ border-color: #3c8dbc; } .sidebar-menu > li > .treeview-menu { - margin: 0 1px; background-color: #32393e; } .sidebar a { @@ -147,23 +144,16 @@ color: #fff; } .sidebar-form { - border-radius: 3px; border: 1px solid #3e464c; - margin: 10px; } .sidebar-form input[type="text"], .sidebar-form .btn { box-shadow: none; background-color: #3e464c; border: 1px solid transparent; - height: 35px; } .sidebar-form input[type="text"] { color: #666; - border-top-left-radius: 2px; - border-top-right-radius: 0; - border-bottom-right-radius: 0; - border-bottom-left-radius: 2px; } .sidebar-form input[type="text"]:focus, .sidebar-form input[type="text"]:focus + .input-group-btn .btn { @@ -175,10 +165,6 @@ } .sidebar-form .btn { color: #999; - border-top-left-radius: 0; - border-top-right-radius: 2px; - border-bottom-right-radius: 2px; - border-bottom-left-radius: 0; } .box, .box-footer, @@ -210,20 +196,12 @@ .box > .box-header .btn { color: #bec5cb; } - .box.box-info, - .box.box-primary, - .box.box-success, - .box.box-warning, - .box.box-danger { - border-top-width: 3px; - } .main-header .navbar { background-color: #272c30; } .main-header .navbar .nav > li > a, .main-header .navbar .nav > li > .navbar-text { color: #bec5cb; - max-height: 50px; } .main-header .navbar .nav > li > a:hover, .main-header .navbar .nav > li > a:active, @@ -280,7 +258,6 @@ background: rgba(64, 72, 80, 0.666); } .nav-tabs-custom > .nav-tabs > li { - margin-right: 1px; color: #bec5cb; } .nav-tabs-custom > .nav-tabs > li.active > a, @@ -389,11 +366,8 @@ code, pre { - padding: 2px 4px; - font-size: 90%; color: #bec5cb; background-color: #353c42; - border-radius: 4px; } /* Used in the Query Log table */ @@ -459,7 +433,6 @@ /* Used by the long-term pages */ .daterangepicker { background-color: #3e464c; - border-radius: 4px; border: 1px solid #353c42; } .daterangepicker .ranges li:hover { @@ -470,7 +443,6 @@ } .daterangepicker .calendar-table { background-color: #3e464c; - border-radius: 4px; border: 1px solid #353c42; } .daterangepicker td.off, @@ -537,7 +509,6 @@ .panel-body, .panel-default > .panel-heading { background-color: #3e464c; - border-radius: 4px; border: 1px solid #353c42; color: #bec5cb; } @@ -570,23 +541,10 @@ background-image: linear-gradient(to right, #114100 0%, #525200 100%); } - .icheckbox_polaris, - .icheckbox_futurico, - .icheckbox_minimal-blue { - margin-right: 10px; - } - .iradio_polaris, - .iradio_futurico, - .iradio_minimal-blue { - margin-right: 8px; - } - /* Overlay box with spinners as shown during data collection for graphs */ .box .overlay, .overlay-wrapper .overlay { - z-index: 50; background-color: rgba(53, 60, 66, 0.733); - border-radius: 3px; } .box .overlay > .fa, .overlay-wrapper .overlay > .fa, @@ -596,7 +554,6 @@ .navbar-nav > .user-menu > .dropdown-menu > .user-footer { background-color: #353c42bb; - padding: 10px; } .modal-content { @@ -625,36 +582,21 @@ border-color: rgb(120, 127, 133); } - /*** Additional fixes For Pi.Alert UI ***/ - .small-box { - border-radius: 10px; - border-top: 0px; - } .pa-small-box-aqua .inner { background-color: rgb(45,108,133); - border-top-left-radius: 10px; - border-top-right-radius: 10px; } .pa-small-box-green .inner { background-color: rgb(31,76,46); - border-top-left-radius: 10px; - border-top-right-radius: 10px; } .pa-small-box-yellow .inner { background-color: rgb(151,104,37); - border-top-left-radius: 10px; - border-top-right-radius: 10px; } .pa-small-box-red .inner { background-color: rgb(120,50,38); - border-top-left-radius: 10px; - border-top-right-radius: 10px; } .pa-small-box-gray .inner { background-color: #777; /* color: rgba(20,20,20,30%); */ - border-top-left-radius: 10px; - border-top-right-radius: 10px; } .pa-small-box-gray .inner h3 { color: #bbb; @@ -693,15 +635,6 @@ .db_tools_table_cell_b:nth-child(1) {background: #272c30} .db_tools_table_cell_b:nth-child(2) {background: #272c30} - .db_info_table { - display: table; - border-spacing: 0em; - font-weight: 400; - font-size: 15px; - width: 100%; - margin: auto; - } - .nav-tabs-custom > .nav-tabs > li:hover > a, .nav-tabs-custom > .nav-tabs > li.active:hover > a { background-color: #272c30; color: #bec5cb; @@ -723,15 +656,6 @@ color: white !important; } - /* remove white border that appears on mobile screen sizes */ - .box-body { - border: 0px; - } - /* remove white border that appears on mobile screen sizes */ - .table-responsive { - border: 0px; - } - .login-page { background-color: transparent; } @@ -744,23 +668,6 @@ color: #bec5cb; background-color: #272c30; } - /* Add border radius to bottom of the status boxes*/ - .pa-small-box-footer { - border-bottom-left-radius: 10px; - border-bottom-right-radius: 10px; - } - - .small-box > .inner h3, .small-box > .inner p { - margin-bottom: 0px; - margin-left: 0px; - } - .small-box:hover .icon { - font-size: 3em; - } - .small-box .icon { - top: 0.01em; - font-size: 3.25em; - } .nax_semitransparent-panel{ background-color: #000 !important; } diff --git a/front/deviceDetailsEdit.php b/front/deviceDetailsEdit.php index 83bf43ecb..c9acb3a52 100755 --- a/front/deviceDetailsEdit.php +++ b/front/deviceDetailsEdit.php @@ -17,7 +17,7 @@ class="btn btn-default pa-btn pa-btn-delete" style="margin-left:0px;" id="btnDelete" - onclick="askDeleteDevice()"> + onclick="askDeleteDeviceByMac()"> @@ -138,7 +138,7 @@ function getDeviceData() { }, // Group for event and alert settings DevDetail_EveandAl_Title: { - data: ["devAlertEvents", "devAlertDown", "devSkipRepeated", "devReqNicsOnline", "devChildrenNicsDynamic"], + data: ["devAlertEvents", "devAlertDown", "devSkipRepeated", "devReqNicsOnline", "devChildrenNicsDynamic", "devForceStatus"], docs: "https://docs.netalertx.com/NOTIFICATIONS", iconClass: "fa fa-bell", inputGroupClasses: "field-group alert-group col-lg-4 col-sm-6 col-xs-12", @@ -147,7 +147,7 @@ function getDeviceData() { }, // Group for network details DevDetail_MainInfo_Network_Title: { - data: ["devParentMAC", "devParentRelType", "devParentPort", "devSSID", "devSite", "devSyncHubNode"], + data: ["devParentMAC", "devParentRelType", "devParentPort", "devSSID", "devSite", "devVlan", "devSyncHubNode"], docs: "https://docs.netalertx.com/NETWORK_TREE", iconClass: "fa fa-sitemap fa-rotate-270", inputGroupClasses: "field-group network-group col-lg-4 col-sm-6 col-xs-12", @@ -156,7 +156,7 @@ function getDeviceData() { }, // Group for other fields like static IP, archived status, etc. DevDetail_DisplayFields_Title: { - data: ["devStaticIP", "devIsNew", "devFavorite", "devIsArchived", "devForceStatus"], + data: ["devStaticIP", "devIsNew", "devFavorite", "devIsArchived"], docs: "https://docs.netalertx.com/DEVICE_DISPLAY_SETTINGS", iconClass: "fa fa-list-check", inputGroupClasses: "field-group display-group col-lg-4 col-sm-6 col-xs-12", @@ -172,24 +172,24 @@ function getDeviceData() { labelClasses: "col-sm-4 col-xs-12 control-label", inputClasses: "col-sm-8 col-xs-12 input-group" }, - // Group for Children. - DevDetail_Children_Title: { - data: ["devChildrenDynamic"], - docs: "https://docs.netalertx.com/NETWORK_TREE", + // Group for Custom properties. + DevDetail_CustomProperties_Title: { + data: ["devCustomProps"], + docs: "https://docs.netalertx.com/CUSTOM_PROPERTIES", iconClass: "fa fa-list", inputGroupClasses: "field-group cutprop-group col-lg-6 col-sm-12 col-xs-12", labelClasses: "col-sm-12 col-xs-12 control-label", inputClasses: "col-sm-12 col-xs-12 input-group" }, - // Group for Custom properties. - DevDetail_CustomProperties_Title: { - data: ["devCustomProps"], - docs: "https://docs.netalertx.com/CUSTOM_PROPERTIES", + // Group for Children. + DevDetail_Children_Title: { + data: ["devChildrenDynamic"], + docs: "https://docs.netalertx.com/NETWORK_TREE", iconClass: "fa fa-list", inputGroupClasses: "field-group cutprop-group col-lg-6 col-sm-12 col-xs-12", labelClasses: "col-sm-12 col-xs-12 control-label", inputClasses: "col-sm-12 col-xs-12 input-group" - } + }, }; // Filter settings data to get relevant settings @@ -339,7 +339,7 @@ class="fa fa-circle-info pointer helpIconSmallTopRight"
- ${generateFormHtml(settingsData, setting, fieldData.toString(), fieldOptionsOverride, null)} + ${generateFormHtml(settingsData, setting, fieldData.toString(), fieldOptionsOverride, null, mac == "new")} ${inlineControl}
`; @@ -423,7 +423,7 @@ function setDeviceData(direction = '', refreshCallback = '') { // Build payload const payload = { - devName: $('#NEWDEV_devName').val().replace(/'/g, "’"), + devName: $('#NEWDEV_devName').val(), devOwner: $('#NEWDEV_devOwner').val().replace(/'/g, "’"), devType: $('#NEWDEV_devType').val().replace(/'/g, ""), devVendor: $('#NEWDEV_devVendor').val().replace(/'/g, "’"), @@ -432,7 +432,7 @@ function setDeviceData(direction = '', refreshCallback = '') { devFavorite: ($('#NEWDEV_devFavorite')[0].checked * 1), devGroup: $('#NEWDEV_devGroup').val().replace(/'/g, "’"), devLocation: $('#NEWDEV_devLocation').val().replace(/'/g, "’"), - devComments: encodeSpecialChars($('#NEWDEV_devComments').val()), + devComments: ($('#NEWDEV_devComments').val()), devParentMAC: $('#NEWDEV_devParentMAC').val(), devParentPort: $('#NEWDEV_devParentPort').val(), @@ -440,6 +440,7 @@ function setDeviceData(direction = '', refreshCallback = '') { devSSID: $('#NEWDEV_devSSID').val(), devSite: $('#NEWDEV_devSite').val(), + devVlan: $('#NEWDEV_devVlan').val(), devStaticIP: ($('#NEWDEV_devStaticIP')[0].checked * 1), devScan: 1, @@ -580,6 +581,12 @@ function toggleFieldLock(mac, fieldName) { const currentSource = deviceData[sourceField] || "N/A"; const shouldLock = currentSource !== "LOCKED"; + if(shouldLock && somethingChanged) + { + showMessage(getString("FieldLock_SaveBeforeLocking"), 5000, "modal_red"); + return; + } + const payload = { fieldName: fieldName, lock: shouldLock ? 1 : 0 diff --git a/front/devices.php b/front/devices.php index a9ccce6c8..08da92546 100755 --- a/front/devices.php +++ b/front/devices.php @@ -57,7 +57,7 @@
- + - ${cellData} + ${displayedValue} ` ); @@ -1132,7 +1148,7 @@ function renderCustomProps(custProps, mac) { onClickEvent = `alert('Not implemented')`; break; case "delete_dev": - onClickEvent = `askDelDevDTInline('${mac}')`; + onClickEvent = `askDeleteDeviceByMac('${mac}')`; break; default: break; diff --git a/front/img/svg/netalertx_blue_docs.svg b/front/img/svg/netalertx_blue_docs.svg new file mode 100644 index 000000000..77710b9b0 --- /dev/null +++ b/front/img/svg/netalertx_blue_docs.svg @@ -0,0 +1,453 @@ + + + + + + + + + + + + + + + A + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/front/js/api.js b/front/js/api.js index 6f927913e..32129ab01 100644 --- a/front/js/api.js +++ b/front/js/api.js @@ -4,11 +4,8 @@ function getApiBase() if(apiBase == "") { - const protocol = window.location.protocol.replace(':', ''); - const host = window.location.hostname; - const port = getSetting("GRAPHQL_PORT"); - - apiBase = `${protocol}://${host}:${port}`; + // Default to the same-origin proxy bridge + apiBase = "/server"; } // Remove trailing slash for consistency diff --git a/front/js/common.js b/front/js/common.js index 8ff405fd6..ceeb82a54 100755 --- a/front/js/common.js +++ b/front/js/common.js @@ -181,7 +181,7 @@ function getSettingOptions (key) { if (result == "") { - console.log(`Setting options with key "${key}" not found`) + // console.log(`Setting options with key "${key}" not found`) result = [] } @@ -197,10 +197,10 @@ function getSetting (key) { result = getCache(`nax_set_${key}`, true); - if (result == "") - { - console.log(`Setting with key "${key}" not found`) - } + // if (result == "") + // { + // console.log(`Setting with key "${key}" not found`) + // } return result; } @@ -450,10 +450,18 @@ function localizeTimestamp(input) { const date = new Date(str); if (!isFinite(date)) { console.error(`ERROR: Couldn't parse date: '${str}' with TIMEZONE ${tz}`); - return 'Failed conversion - Check browser console'; + return 'Failed conversion'; } + + // CHECK: Does the input string have an offset (e.g., +11:00 or Z)? + // If it does, and we apply a 'tz' again, we double-shift. + const hasOffset = /[Z|[+-]\d{2}:?\d{2}]$/.test(str.trim()); + return new Intl.DateTimeFormat(LOCALE, { - timeZone: tz, + // If it has an offset, we display it as-is (UTC mode in Intl + // effectively means "don't add more hours"). + // If no offset, apply your variable 'tz'. + timeZone: hasOffset ? 'UTC' : tz, year: 'numeric', month: '2-digit', day: '2-digit', hour: '2-digit', minute: '2-digit', second: '2-digit', hour12: false diff --git a/front/js/device.js b/front/js/device.js index 934878c9e..7dbffa1c9 100755 --- a/front/js/device.js +++ b/front/js/device.js @@ -1,21 +1,5 @@ - - -// ----------------------------------------------------------------------------- -function askDeleteDevice() { - - mac = getMac() - - // Ask delete device - showModalWarning( - getString("DevDetail_button_Delete"), - getString("DevDetail_button_Delete_ask"), - getString('Gen_Cancel'), - getString('Gen_Delete'), - 'deleteDevice'); -} - // ----------------------------------------------------------------------------- -function askDelDevDTInline(mac) { +function askDeleteDeviceByMac(mac) { // only try getting mac from URL if not supplied - used in inline buttons on in the my devices listing pages if(isEmpty(mac)) @@ -31,34 +15,9 @@ function askDelDevDTInline(mac) { () => deleteDeviceByMac(mac)) } - -// ----------------------------------------------------------------------------- -function deleteDevice() { - // Check MAC - mac = getMac() - - const apiBase = getApiBase(); - const apiToken = getSetting("API_TOKEN"); - const url = `${apiBase}/device/${mac}/delete`; - - $.ajax({ - url, - method: "DELETE", - headers: { "Authorization": `Bearer ${apiToken}` }, - success: function(response) { - showMessage(response.success ? "Device deleted successfully" : (response.error || "Unknown error")); - updateApi("devices,appevents"); - }, - error: function(xhr, status, error) { - console.error("Error deleting device:", status, error); - showMessage("Error: " + (xhr.responseJSON?.error || error)); - } - }); -} - // ----------------------------------------------------------------------------- function deleteDeviceByMac(mac) { - // only try getting mac from URL if not supplied - used in inline buttons on in teh my devices listing pages + // only try getting mac from URL if not supplied - used in inline buttons on in the my devices listing pages if(isEmpty(mac)) { mac = getMac() diff --git a/front/js/modal.js b/front/js/modal.js index d4024d02d..0c4ec1fb6 100755 --- a/front/js/modal.js +++ b/front/js/modal.js @@ -170,7 +170,8 @@ function showModalPopupForm( curValue = null, popupFormJson = null, parentSettingKey = null, - triggeredBy = null + triggeredBy = null, + populateFromOverrides = true ) { // set captions prefix = "modal-form"; @@ -229,7 +230,8 @@ function showModalPopupForm( setObj, null, fieldOptionsOverride, - null + null, + populateFromOverrides // is new entry )}
diff --git a/front/js/settings_utils.js b/front/js/settings_utils.js index 2f713b73a..dfafde44d 100755 --- a/front/js/settings_utils.js +++ b/front/js/settings_utils.js @@ -321,7 +321,8 @@ function addViaPopupForm(element) { null, // curValue popupFormJson, // popupform toId, // parentSettingKey - element // triggeredBy + element, // triggeredBy + true // initialize defaut values ); // flag something changes to prevent navigating from page @@ -475,7 +476,8 @@ function initListInteractionOptions(element) { curValue, // curValue popupFormJson, // popupform toId, // parentSettingKey - this // triggeredBy + this, // triggeredBy + true // populate overrides ); } else { // Fallback to normal field input @@ -1132,24 +1134,44 @@ function collectSetting(prefix, setCodeName, setType, settingsArray) { // ------------------------------------------------------------------------------ // Generate the form control for setting -function generateFormHtml(settingsData, set, overrideValue, overrideOptions, originalSetKey) { +/** + * Generates the HTML string for form controls based on setting configurations. + * Supports various element types including select, input, button, textarea, span, and recursive datatables. + * * @param {Object} settingsData - The global settings object containing configuration for all available settings. + * @param {Object} set - The specific configuration object for the current setting. + * @param {string} set.setKey - Unique identifier for the setting. + * @param {string} set.setType - JSON string defining the UI components (dataType, elements, etc.). + * @param {string} [set.setValue] - The default value for the setting. + * @param {Array|string} [set.setEvents] - List of event triggers to be rendered as clickable icons. + * @param {any} overrideValue - The current value to be displayed in the form control. + * @param {any} overrideOptions - Custom options to override the default setting options (used primarily for dropdowns). + * @param {string} originalSetKey - The base key name (used to maintain reference when keys are modified for uniqueness in tables). + * @param {boolean} populateFromOverrides - Flag to determine if the value should be pulled from `set['setValue']` (true) or `overrideValue` (false). + * * @returns {string} A string of HTML containing the form elements and any associated event action icons. + * * @example + * const html = generateFormHtml(allSettings, currentSet, "DefaultVal", null, "my_key", false); + * $('#container').html(html); + */ +function generateFormHtml(settingsData, set, overrideValue, overrideOptions, originalSetKey, populateFromOverrides) { let inputHtml = ''; // if override value is considered empty initialize from setting defaults - overrideValue == null || overrideValue == undefined ? inVal = set['setValue'] : inVal = overrideValue + populateFromOverrides ? inVal = set['setValue'] : inVal = overrideValue; + const setKey = set['setKey']; const setType = set['setType']; - // if (setKey == 'NEWDEV_devParentMAC') { - - // console.log("==== DEBUG OUTPUT BELOW 1 ===="); - // console.log(setType); - // console.log(setKey); - // console.log(overrideValue); - // console.log(inVal); + // if (setKey == 'UNIFIAPI_site_name') { - // } + // console.log("==== DEBUG OUTPUT BELOW 1 ===="); + // console.log("populateFromOverrides: " + populateFromOverrides); + // console.log(setType); + // console.log(setKey); + // console.log("overrideValue:" + overrideValue); + // console.log("inVal:" + inVal); + // console.log("set['setValue']:" + set['setValue']); + // } // Parse the setType JSON string // console.log(processQuotes(setType)); @@ -1189,15 +1211,14 @@ function generateFormHtml(settingsData, set, overrideValue, overrideOptions, ori // Override value let val = valRes; - // if (setKey == 'NEWDEV_devParentMAC') { + // if (setKey == 'UNIFIAPI_site_name') { // console.log("==== DEBUG OUTPUT BELOW 2 ===="); // console.log(setType); // console.log(setKey); - // console.log(overrideValue); - // console.log(inVal); - // console.log(val); - + // console.log("overrideValue:" + overrideValue); + // console.log("inVal:" + inVal); + // console.log("val:" + val); // } // Generate HTML based on elementType @@ -1227,7 +1248,7 @@ function generateFormHtml(settingsData, set, overrideValue, overrideOptions, ori break; case 'input': - const checked = val === 'True' || val === 'true' || val === '1' ? 'checked' : ''; + const checked = val === 'True' || val === 'true' || val === '1' || val == true ? 'checked' : ''; const inputClass = inputType === 'checkbox' ? 'checkbox' : 'form-control'; inputHtml += `
${cellHtml}
`; diff --git a/front/js/sse_manager.js b/front/js/sse_manager.js index 72285fade..2c53d31dd 100644 --- a/front/js/sse_manager.js +++ b/front/js/sse_manager.js @@ -23,10 +23,19 @@ class NetAlertXStateManager { */ init() { if (this.initialized) return; + // waiting until cache ready + const waitForInit = () => { + if (!isAppInitialized()) { + setTimeout(waitForInit, 300); + return; + } + + console.log("[NetAlertX State] App initialized, starting state manager"); + this.trySSE(); + this.initialized = true; + }; - console.log("[NetAlertX State] Initializing state manager..."); - this.trySSE(); - this.initialized = true; + waitForInit(); } /** @@ -128,14 +137,35 @@ class NetAlertXStateManager { } /** - * Handle state update from SSE + * Handle state update from SSE or Polling */ handleStateUpdate(appState) { try { - if (document.getElementById("state")) { - const cleanState = appState["currentState"].replaceAll('"', ""); - document.getElementById("state").innerHTML = cleanState; + // 1. Update the main status text + if (appState["currentState"]) { + const cleanState = appState["currentState"].replace(/"/g, ""); + $("#state").html(cleanState); } + + // 2. Update Version placeholders + const version = appState["appVersion"] || "UNKNOWN"; + $('[data-plc="version"]') + .html(version) + .attr('data-version', version); + + // 3. Update Build Timestamp placeholders + const buildTime = appState["buildTimestamp"] || 0; + const displayTime = buildTime ? localizeTimestamp(buildTime) : "UNKNOWN"; + + $('[data-plc="build-timestamp"]') + .html(displayTime) + .attr('data-build-time', buildTime); + + $('[data-plc="build-timestamp"]') + .html(displayTime) + .attr('data-build-time', buildTime); + + // console.log("[NetAlertX State] UI updated via jQuery"); } catch (e) { console.error("[NetAlertX State] Failed to update state display:", e); } diff --git a/front/js/ui_components.js b/front/js/ui_components.js index 649531c67..80710fe1d 100755 --- a/front/js/ui_components.js +++ b/front/js/ui_components.js @@ -668,7 +668,10 @@ function getColumnNameFromLangString(headStringKey) { "Device_TableHead_CustomProps": "devCustomProps", "Device_TableHead_FQDN": "devFQDN", "Device_TableHead_ParentRelType": "devParentRelType", - "Device_TableHead_ReqNicsOnline": "devReqNicsOnline" + "Device_TableHead_ReqNicsOnline": "devReqNicsOnline", + "Device_TableHead_Vlan": "devVlan", + "Device_TableHead_IPv4": "devPrimaryIPv4", + "Device_TableHead_IPv6": "devPrimaryIPv6" }; return columnNameMap[headStringKey] || ""; diff --git a/front/maintenance.php b/front/maintenance.php index f7bc0d044..6648a3ee0 100755 --- a/front/maintenance.php +++ b/front/maintenance.php @@ -66,21 +66,24 @@
-
"> - ' .lang('Maintenance_new_version').''.'' .lang('Maintenance_current_version').'';?> +
+ + + +
- +
- +
@@ -174,6 +177,12 @@
+
+
+ +
+
+
@@ -364,7 +373,10 @@ function deleteAllDevices() url, method: "DELETE", headers: { "Authorization": `Bearer ${apiToken}` }, - data: JSON.stringify({ macs: null }), + data: JSON.stringify({ + macs: [], + confirm_delete_all: true + }), contentType: "application/json", success: function(response) { showMessage(response.success ? "All devices deleted successfully" : (response.error || "Unknown error")); @@ -464,6 +476,51 @@ function deleteEvents30() }); } +// ----------------------------------------------------------- +// Unlock/clear sources +function askUnlockFields () { + // Ask + showModalWarning('', '', + '', '', () => unlockFields(true)); +} +function unlockFields(clearAllFields) { + + + console.log("clearAllFields"); + console.log(clearAllFields); + + const apiBase = getApiBase(); + const apiToken = getSetting("API_TOKEN"); + const url = `${apiBase}/devices/fields/unlock`; + + // Payload: clear all sources for all devices and all fields + const payload = { + mac: null, // null = all devices + fields: null, // null = all tracked fields + clearAll: clearAllFields // clear all source values + }; + + $.ajax({ + url: url, + method: "POST", + contentType: "application/json", + headers: { + "Authorization": `Bearer ${apiToken}` + }, + data: JSON.stringify(payload), + success: function(response) { + showMessage(response.success + ? "All device fields unlocked/cleared successfully" + : (response.error || "Unknown error") + ); + }, + error: function(xhr, status, error) { + console.error("Error unlocking fields:", status, error); + showMessage("Error: " + (xhr.responseJSON?.error || error)); + } + }); +} + // ----------------------------------------------------------- // delete History function askDeleteActHistory () { diff --git a/front/multiEditCore.php b/front/multiEditCore.php index 4dd4fbeb3..4484ff8aa 100755 --- a/front/multiEditCore.php +++ b/front/multiEditCore.php @@ -58,12 +58,24 @@

- -
- +
+
+
-
- +
+
+
+
+ +
+
+
+
+
+ +
+
+
@@ -418,6 +430,90 @@ function executeAction(action, whereColumnName, key, targetColumns, newTargetCol } +// ----------------------------------------------------------------------------- +// Ask to unlock fields of selected devices +function askUnlockFieldsSelected () { + // Ask + showModalWarning( + getString('Maintenance_Tool_unlockFields_selecteddev_noti'), + getString('Gen_AreYouSure'), + getString('Gen_Cancel'), + getString('Gen_Okay'), + 'unlockFieldsSelected'); +} + +// ----------------------------------------------------------------------------- +// Ask to unlock fields of selected devices +function askClearSourceFields () { + // Ask + showModalWarning( + getString('Maintenance_Tool_clearSourceFields_selected_noti'), + getString('Gen_AreYouSure'), + getString('Gen_Cancel'), + getString('Gen_Okay'), + ()=>unlockFieldsSelected(null, true)); +} + +// ----------------------------------------------------------------------------- +// Unlock fields for selected devices +function unlockFieldsSelected(fields = null, clearAll = false) { + // Get selected MACs + const macs_tmp = selectorMacs(); // returns array of MACs + + console.log(macs_tmp); + console.log(clearAll); + + + if (!macs_tmp || macs_tmp == "" || macs_tmp.length === 0) { + showMessage(textMessage = "No devices selected", timeout = 3000, colorClass = "modal_red") + return; + } + + // API setup + const apiBase = getApiBase(); + const apiToken = getSetting("API_TOKEN"); + const url = `${apiBase}/devices/fields/unlock`; + + // Convert string to array + const macsArray = macs_tmp.split(",").map(m => m.trim()).filter(Boolean); + + const payload = { + mac: macsArray, // array of MACs for backend + fields: fields, // null for all tracked fields + clearAll: clearAll // true to clear all sources, false to clear only LOCKED/USER + }; + + $.ajax({ + url: url, + method: "POST", + headers: { "Authorization": `Bearer ${apiToken}` }, + contentType: "application/json", + data: JSON.stringify(payload), + success: function(response) { + if (response.success) { + showMessage(getString('Gen_DataUpdatedUITakesTime')); + write_notification( + `[Multi edit] Successfully unlocked fields of devices with MACs: ${macs_tmp}`, + "info" + ); + } else { + write_notification( + `[Multi edit] Failed to unlock fields: ${response.error || "Unknown error"}`, + "interrupt" + ); + } + }, + error: function(xhr, status, error) { + console.error("Error unlocking fields:", status, error); + write_notification( + `[Multi edit] Error unlocking fields: ${xhr.responseJSON?.error || error}`, + "error" + ); + } + }); +} + + // ----------------------------------------------------------------------------- // Ask to delete selected devices function askDeleteSelectedDevices () { diff --git a/front/network.php b/front/network.php index 13830eed6..dbf328e98 100755 --- a/front/network.php +++ b/front/network.php @@ -85,20 +85,26 @@ function loadNetworkNodes() { // \ // PC (leaf) <------- leafs are not included in this SQL query const rawSql = ` - SELECT node_name, node_mac, online, node_type, node_ports_count, parent_mac, node_icon, node_alert - FROM ( - SELECT a.devName as node_name, a.devMac as node_mac, a.devPresentLastScan as online, - a.devType as node_type, a.devParentMAC as parent_mac, a.devIcon as node_icon, a.devAlertDown as node_alert - FROM Devices a - WHERE a.devType IN (${networkDeviceTypes}) and a.devIsArchived = 0 - ) t1 - LEFT JOIN ( - SELECT b.devParentMAC as node_mac_2, count() as node_ports_count - FROM Devices b - WHERE b.devParentMAC NOT NULL - GROUP BY b.devParentMAC - ) t2 - ON (t1.node_mac = t2.node_mac_2) + SELECT + parent.devName AS node_name, + parent.devMac AS node_mac, + parent.devPresentLastScan AS online, + parent.devType AS node_type, + parent.devParentMAC AS parent_mac, + parent.devIcon AS node_icon, + parent.devAlertDown AS node_alert, + COUNT(child.devMac) AS node_ports_count + FROM Devices AS parent + LEFT JOIN Devices AS child + /* CRITICAL FIX: COLLATE NOCASE ensures the join works + even if devParentMAC is uppercase and devMac is lowercase + */ + ON child.devParentMAC = parent.devMac COLLATE NOCASE + WHERE parent.devType IN (${networkDeviceTypes}) + AND parent.devIsArchived = 0 + GROUP BY parent.devMac, parent.devName, parent.devPresentLastScan, + parent.devType, parent.devParentMAC, parent.devIcon, parent.devAlertDown + ORDER BY parent.devName; `; const apiBase = getApiBase(); @@ -377,7 +383,10 @@ function loadUnassignedDevices() { } // ---------------------------------------------------- - function loadConnectedDevices(node_mac) { + function loadConnectedDevices(node_mac) { + // Standardize the input just in case + const normalized_mac = node_mac.toLowerCase(); + const sql = ` SELECT devName, devMac, devLastIP, devVendor, devPresentLastScan, devAlertDown, devParentPort, CASE @@ -389,13 +398,14 @@ function loadConnectedDevices(node_mac) { ELSE 'Unknown status' END AS devStatus FROM Devices - WHERE devParentMac = '${node_mac}'`; + /* Using COLLATE NOCASE here solves the 'TEXT' vs 'NOCASE' mismatch */ + WHERE devParentMac = '${normalized_mac}' COLLATE NOCASE`; - const id = node_mac.replace(/:/g, '_'); + // Keep the ID generation consistent + const id = normalized_mac.replace(/:/g, '_'); const wrapperHtml = ` - - +
`; loadDeviceTable({ diff --git a/front/php/components/device_cards.php b/front/php/components/device_cards.php index e131b7e11..0ca24e446 100755 --- a/front/php/components/device_cards.php +++ b/front/php/components/device_cards.php @@ -21,8 +21,10 @@ function renderSmallBox($params) {
-

' . htmlspecialchars($dataValue) . '

-

' . lang(htmlspecialchars($labelLang)) . '

+
+
' . htmlspecialchars($dataValue) . '
+
+
' . lang(htmlspecialchars($labelLang)) . '
diff --git a/front/php/components/devices_filters.php b/front/php/components/devices_filters.php index c66492ecf..0a376b4f0 100755 --- a/front/php/components/devices_filters.php +++ b/front/php/components/devices_filters.php @@ -18,7 +18,7 @@ function renderFilterDropdown($headerKey, $columnName, $values) { // Generate the dropdown HTML return '
- + diff --git a/front/php/templates/build.php b/front/php/templates/build.php deleted file mode 100755 index ed352c383..000000000 --- a/front/php/templates/build.php +++ /dev/null @@ -1,21 +0,0 @@ - diff --git a/front/php/templates/footer.php b/front/php/templates/footer.php index 763859dac..5b4058e9d 100755 --- a/front/php/templates/footer.php +++ b/front/php/templates/footer.php @@ -32,8 +32,8 @@ | | | - | : - | Version: + | : + | Version: |
diff --git a/front/php/templates/language/ar_ar.json b/front/php/templates/language/ar_ar.json index 49a3503df..e5ec5c6ad 100644 --- a/front/php/templates/language/ar_ar.json +++ b/front/php/templates/language/ar_ar.json @@ -226,6 +226,8 @@ "Device_TableHead_FirstSession": "أول جلسة", "Device_TableHead_GUID": "معرف فريد", "Device_TableHead_Group": "المجموعة", + "Device_TableHead_IPv4": "", + "Device_TableHead_IPv6": "", "Device_TableHead_Icon": "الأيقونة", "Device_TableHead_LastIP": "آخر عنوان IP", "Device_TableHead_LastIPOrder": "ترتيب آخر عنوان IP", @@ -249,6 +251,7 @@ "Device_TableHead_SyncHubNodeName": "اسم عقدة المزامنة", "Device_TableHead_Type": "النوع", "Device_TableHead_Vendor": "المصنع", + "Device_TableHead_Vlan": "", "Device_Table_Not_Network_Device": "ليس جهاز شبكة", "Device_Table_info": "معلومات الجدول", "Device_Table_nav_next": "التالي", @@ -300,6 +303,7 @@ "FieldLock_Error": "", "FieldLock_Lock_Tooltip": "", "FieldLock_Locked": "", + "FieldLock_SaveBeforeLocking": "", "FieldLock_Source_Label": "", "FieldLock_Unlock_Tooltip": "", "FieldLock_Unlocked": "", @@ -410,6 +414,10 @@ "Maintenance_Tool_ImportPastedConfig": "استيراد إعدادات ملصقة", "Maintenance_Tool_ImportPastedConfig_noti_text": "جاري استيراد الإعدادات الملصقة...", "Maintenance_Tool_ImportPastedConfig_text": "يستورد هذا الأمر ملف app.conf الذي يحتوي على جميع إعدادات التطبيق. قد ترغب في تنزيل ملف app.conf الحالي أولاً باستخدام Settings Export.", + "Maintenance_Tool_UnlockFields": "", + "Maintenance_Tool_UnlockFields_noti": "", + "Maintenance_Tool_UnlockFields_noti_text": "", + "Maintenance_Tool_UnlockFields_text": "", "Maintenance_Tool_arpscansw": "تبديل فحص ARP", "Maintenance_Tool_arpscansw_noti": "تبديل فحص ARP", "Maintenance_Tool_arpscansw_noti_text": "تم تغيير حالة فحص ARP", @@ -419,6 +427,9 @@ "Maintenance_Tool_backup_noti_text": "جاري إنشاء نسخة احتياطية...", "Maintenance_Tool_backup_text": "إنشاء نسخة احتياطية من قاعدة البيانات", "Maintenance_Tool_check_visible": "فحص المرئي", + "Maintenance_Tool_clearSourceFields_selected": "", + "Maintenance_Tool_clearSourceFields_selected_noti": "", + "Maintenance_Tool_clearSourceFields_selected_text": "", "Maintenance_Tool_darkmode": "الوضع الداكن", "Maintenance_Tool_darkmode_noti": "الوضع الداكن", "Maintenance_Tool_darkmode_noti_text": "تم تغيير الوضع الداكن", @@ -449,6 +460,7 @@ "Maintenance_Tool_del_unknowndev_noti": "حذف الأجهزة غير المعروفة", "Maintenance_Tool_del_unknowndev_noti_text": "هل أنت متأكد من رغبتك في حذف جميع الأجهزة (غير المعروفة) و(الاسم غير موجود)؟", "Maintenance_Tool_del_unknowndev_text": "حذف الأجهزة غير المعروفة من قاعدة البيانات", + "Maintenance_Tool_del_unlockFields_selecteddev_text": "", "Maintenance_Tool_displayed_columns_text": "الأعمدة المعروضة", "Maintenance_Tool_drag_me": "اسحبني", "Maintenance_Tool_order_columns_text": "ترتيب الأعمدة", @@ -460,6 +472,8 @@ "Maintenance_Tool_restore_noti": "استعادة", "Maintenance_Tool_restore_noti_text": "جاري استعادة قاعدة البيانات...", "Maintenance_Tool_restore_text": "استعادة قاعدة البيانات من نسخة احتياطية", + "Maintenance_Tool_unlockFields_selecteddev": "", + "Maintenance_Tool_unlockFields_selecteddev_noti": "", "Maintenance_Tool_upgrade_database_noti": "ترقية قاعدة البيانات", "Maintenance_Tool_upgrade_database_noti_text": "جاري ترقية قاعدة البيانات...", "Maintenance_Tool_upgrade_database_text": "ترقية هيكل قاعدة البيانات", diff --git a/front/php/templates/language/ca_ca.json b/front/php/templates/language/ca_ca.json index de07b4d7e..943f239ed 100644 --- a/front/php/templates/language/ca_ca.json +++ b/front/php/templates/language/ca_ca.json @@ -198,7 +198,7 @@ "DevDetail_button_Save": "Guardar", "DeviceEdit_ValidMacIp": "Entra una adreça IP i Mac vàlides.", "Device_MultiEdit": "Multi-edició", - "Device_MultiEdit_Backup": "Atenció, entrar valors incorrectes a continuació trencarà la configuració. Si us plau, abans feu còpia de seguretat la vostra base de dades o configuració de Dispositius (clic per descarregar ). Llegiu com per recuperar Dispositius des d'aquest fitxer al documentació de Còpies de seguretat. Per aplicar els canvis, feu click a la Save icona de cada camp que volgueu actualitzar.", + "Device_MultiEdit_Backup": "Atenció, entrar valors incorrectes a continuació trencarà la configuració. Si us plau, abans feu còpia de seguretat la vostra base de dades o configuració de Dispositius (clic per descarregar ). Llegiu com per recuperar Dispositius des d'aquest fitxer al documentació de Còpies de seguretat. Per aplicar els canvis, feu click a la Save icona de cada camp que volgueu actualitzar.", "Device_MultiEdit_Fields": "Editar camps:", "Device_MultiEdit_MassActions": "Accions massives:", "Device_MultiEdit_No_Devices": "Cap dispositiu seleccionat.", @@ -226,6 +226,8 @@ "Device_TableHead_FirstSession": "Primera Sessió", "Device_TableHead_GUID": "GUID", "Device_TableHead_Group": "Grup", + "Device_TableHead_IPv4": "", + "Device_TableHead_IPv6": "", "Device_TableHead_Icon": "Icona", "Device_TableHead_LastIP": "Darrera IP", "Device_TableHead_LastIPOrder": "Últim Ordre d'IP", @@ -249,6 +251,7 @@ "Device_TableHead_SyncHubNodeName": "Node Sync", "Device_TableHead_Type": "Tipus", "Device_TableHead_Vendor": "Venedor", + "Device_TableHead_Vlan": "", "Device_Table_Not_Network_Device": "No configurat com a dispositiu de xarxa", "Device_Table_info": "Mostrant _INICI_ a_FINAL_ d'entrades_ TOTALS", "Device_Table_nav_next": "Següent", @@ -300,6 +303,7 @@ "FieldLock_Error": "", "FieldLock_Lock_Tooltip": "", "FieldLock_Locked": "", + "FieldLock_SaveBeforeLocking": "", "FieldLock_Source_Label": "", "FieldLock_Unlock_Tooltip": "", "FieldLock_Unlocked": "", @@ -410,6 +414,10 @@ "Maintenance_Tool_ImportPastedConfig": "Importació de la configuració (paste)", "Maintenance_Tool_ImportPastedConfig_noti_text": "Estàs segur que vols importar la configuració config enganxada? Això sobreescriurà completament el fitxer app.conf.", "Maintenance_Tool_ImportPastedConfig_text": "Importa el fitxer app.conf que conté tota l'aplicació Configuració. És possible que vulgueu descarregar el fitxer actual app.conf primer amb el Settings Export.", + "Maintenance_Tool_UnlockFields": "", + "Maintenance_Tool_UnlockFields_noti": "", + "Maintenance_Tool_UnlockFields_noti_text": "", + "Maintenance_Tool_UnlockFields_text": "", "Maintenance_Tool_arpscansw": "Conmuta arp-Scan (on/off)", "Maintenance_Tool_arpscansw_noti": "Conmuta arp-Scan on or off", "Maintenance_Tool_arpscansw_noti_text": "Quan l'escàner ha estat canviat a off es queda off fins que és activat de bell nou.", @@ -419,6 +427,9 @@ "Maintenance_Tool_backup_noti_text": "Estàs segur que vols executar el Backup DB? Assegura't que no hi ha exploració en funcionament.", "Maintenance_Tool_backup_text": "Les còpies de seguretat de la base de dades es troben al directori de bases de dades com a arxiu zip, anomenat amb la data de creació. No hi ha un nombre màxim de còpies de seguretat.", "Maintenance_Tool_check_visible": "Desmarqueu-ho per amagar la columna.", + "Maintenance_Tool_clearSourceFields_selected": "", + "Maintenance_Tool_clearSourceFields_selected_noti": "", + "Maintenance_Tool_clearSourceFields_selected_text": "", "Maintenance_Tool_darkmode": "Canvia Modes (Fosc/Clar)", "Maintenance_Tool_darkmode_noti": "Canvia Modes", "Maintenance_Tool_darkmode_noti_text": "Després del canvi de tema, la pàgina intenta recarregar-se per activar el canvi. Si és necessari, s'ha de netejar la memòria cau.", @@ -449,6 +460,7 @@ "Maintenance_Tool_del_unknowndev_noti": "Elimina dispositius desconeguts", "Maintenance_Tool_del_unknowndev_noti_text": "Estàs segur que vols eliminar tots els dispositius (no coneguts) o amb nom (no trobat)?", "Maintenance_Tool_del_unknowndev_text": "Abans d'utilitzar aquesta funció, feu una còpia de seguretat. La supressió no es pot desfer. Tots els dispositius anomenats (no coneguts) s'eliminaran de la base de dades.", + "Maintenance_Tool_del_unlockFields_selecteddev_text": "", "Maintenance_Tool_displayed_columns_text": "Canvieu la visibilitat i l'ordre de les columnes a la pàgina Dispositius.", "Maintenance_Tool_drag_me": "Arrossega'm a reorder columnes.", "Maintenance_Tool_order_columns_text": "Manteniment_Eina_ordre_columnes_text", @@ -460,6 +472,8 @@ "Maintenance_Tool_restore_noti": "Restaura base de dades", "Maintenance_Tool_restore_noti_text": "Estàs segur que vols executar la Restauració de Base de Dades? Comprova que no hi ha exploració en funcionament.", "Maintenance_Tool_restore_text": "L'última còpia de seguretat es pot restaurar mitjançant el botó, però les còpies de seguretat antigues només es poden restaurar manualment. Després de la restauració, feu una comprovació d'integritat a la base de dades per seguretat, per si de cas la Base de dades estigués en mode escriptura quan es va crear la còpia de seguretat.", + "Maintenance_Tool_unlockFields_selecteddev": "", + "Maintenance_Tool_unlockFields_selecteddev_noti": "", "Maintenance_Tool_upgrade_database_noti": "Actualitza base de dades", "Maintenance_Tool_upgrade_database_noti_text": "T'és segur vols actualitzar la base de dades?
(potser prefereixes arxivar-la)", "Maintenance_Tool_upgrade_database_text": "Aquest botó actualitzarà la base de dades per activar l'activitat de Xarxa dins les darreres 12 hores. Si us plau, feu còpia de la vostra base de dades per si de cas.", diff --git a/front/php/templates/language/cs_cz.json b/front/php/templates/language/cs_cz.json index 2805c252d..61324a978 100644 --- a/front/php/templates/language/cs_cz.json +++ b/front/php/templates/language/cs_cz.json @@ -226,6 +226,8 @@ "Device_TableHead_FirstSession": "", "Device_TableHead_GUID": "", "Device_TableHead_Group": "", + "Device_TableHead_IPv4": "", + "Device_TableHead_IPv6": "", "Device_TableHead_Icon": "", "Device_TableHead_LastIP": "", "Device_TableHead_LastIPOrder": "", @@ -249,6 +251,7 @@ "Device_TableHead_SyncHubNodeName": "", "Device_TableHead_Type": "", "Device_TableHead_Vendor": "", + "Device_TableHead_Vlan": "", "Device_Table_Not_Network_Device": "", "Device_Table_info": "", "Device_Table_nav_next": "", @@ -300,6 +303,7 @@ "FieldLock_Error": "", "FieldLock_Lock_Tooltip": "", "FieldLock_Locked": "", + "FieldLock_SaveBeforeLocking": "", "FieldLock_Source_Label": "", "FieldLock_Unlock_Tooltip": "", "FieldLock_Unlocked": "", @@ -410,6 +414,10 @@ "Maintenance_Tool_ImportPastedConfig": "", "Maintenance_Tool_ImportPastedConfig_noti_text": "", "Maintenance_Tool_ImportPastedConfig_text": "", + "Maintenance_Tool_UnlockFields": "", + "Maintenance_Tool_UnlockFields_noti": "", + "Maintenance_Tool_UnlockFields_noti_text": "", + "Maintenance_Tool_UnlockFields_text": "", "Maintenance_Tool_arpscansw": "", "Maintenance_Tool_arpscansw_noti": "", "Maintenance_Tool_arpscansw_noti_text": "", @@ -419,6 +427,9 @@ "Maintenance_Tool_backup_noti_text": "", "Maintenance_Tool_backup_text": "", "Maintenance_Tool_check_visible": "", + "Maintenance_Tool_clearSourceFields_selected": "", + "Maintenance_Tool_clearSourceFields_selected_noti": "", + "Maintenance_Tool_clearSourceFields_selected_text": "", "Maintenance_Tool_darkmode": "", "Maintenance_Tool_darkmode_noti": "", "Maintenance_Tool_darkmode_noti_text": "", @@ -449,6 +460,7 @@ "Maintenance_Tool_del_unknowndev_noti": "", "Maintenance_Tool_del_unknowndev_noti_text": "", "Maintenance_Tool_del_unknowndev_text": "", + "Maintenance_Tool_del_unlockFields_selecteddev_text": "", "Maintenance_Tool_displayed_columns_text": "", "Maintenance_Tool_drag_me": "", "Maintenance_Tool_order_columns_text": "", @@ -460,6 +472,8 @@ "Maintenance_Tool_restore_noti": "", "Maintenance_Tool_restore_noti_text": "", "Maintenance_Tool_restore_text": "", + "Maintenance_Tool_unlockFields_selecteddev": "", + "Maintenance_Tool_unlockFields_selecteddev_noti": "", "Maintenance_Tool_upgrade_database_noti": "", "Maintenance_Tool_upgrade_database_noti_text": "", "Maintenance_Tool_upgrade_database_text": "", diff --git a/front/php/templates/language/de_de.json b/front/php/templates/language/de_de.json index d5eb58ac3..57f55df03 100644 --- a/front/php/templates/language/de_de.json +++ b/front/php/templates/language/de_de.json @@ -84,12 +84,12 @@ "DevDetail_EveandAl_NewDevice": "Neues Gerät", "DevDetail_EveandAl_NewDevice_Tooltip": "Zeigt den Status „Neu“ für das Gerät an und nimmt es in Listen auf, wenn der Filter „Neue Geräte“ aktiv ist. Hat keine Auswirkungen auf Benachrichtigungen.", "DevDetail_EveandAl_RandomMAC": "Zufällige MAC", - "DevDetail_EveandAl_ScanCycle": "Scan Abstand", + "DevDetail_EveandAl_ScanCycle": "Gerät scannen", "DevDetail_EveandAl_ScanCycle_a": "Gerät scannen", "DevDetail_EveandAl_ScanCycle_z": "Gerät nicht scannen", - "DevDetail_EveandAl_Skip": "pausiere wiederhol. Meldungen für", + "DevDetail_EveandAl_Skip": "Keine wiederholten Benachrichtigungen für", "DevDetail_EveandAl_Title": "Konfiguration der Benachrichtigungen", - "DevDetail_Events_CheckBox": "Blende Verbindungs-Ereignisse aus", + "DevDetail_Events_CheckBox": "Verbindungsereignisse ausblenden", "DevDetail_GoToNetworkNode": "Zur Netzwerkseite des angegebenen Knotens navigieren.", "DevDetail_Icon": "Icon", "DevDetail_Icon_Descr": "Geben Sie einen Font Awesome Icon-Namen ohne das Präfix „fa-“ ein oder die vollständige Klasse, z. B.: fa fa-brands fa-apple.", @@ -102,10 +102,10 @@ "DevDetail_MainInfo_Network": " Knoten (MAC)", "DevDetail_MainInfo_Network_Port": " Port", "DevDetail_MainInfo_Network_Site": "Seite", - "DevDetail_MainInfo_Network_Title": "Network", + "DevDetail_MainInfo_Network_Title": "Netzwerkdetails", "DevDetail_MainInfo_Owner": "Eigen­tümer", "DevDetail_MainInfo_SSID": "SSID", - "DevDetail_MainInfo_Title": "Hauptinformation", + "DevDetail_MainInfo_Title": "Geräteinformationen", "DevDetail_MainInfo_Type": "Typ", "DevDetail_MainInfo_Vendor": "Hersteller", "DevDetail_MainInfo_mac": "MAC", @@ -202,14 +202,14 @@ "DevDetail_button_Save": "Speichern", "DeviceEdit_ValidMacIp": "Gib eine gültige MAC- und IP-Adresse ein.", "Device_MultiEdit": "Mehrfach-bearbeiten", - "Device_MultiEdit_Backup": "Achtung! Falsche Eingaben können die Installation beschädigen. Bitte sichere deine Datenbank oder Gerätekonfiguration zuerst: (Konfiguration herunterladen ). Wie du dein Gerät wiederherstellen kannst findest du in der Dokumentation über Backups.", + "Device_MultiEdit_Backup": "Achtung! Falsche Eingaben können die Installation beschädigen. Bitte sichere deine Datenbank oder Gerätekonfiguration zuerst: (Konfiguration herunterladen ). Wie du dein Gerät wiederherstellen kannst findest du in der Dokumentation über Backups.", "Device_MultiEdit_Fields": "Felder bearbeiten:", "Device_MultiEdit_MassActions": "Massen aktionen:", "Device_MultiEdit_No_Devices": "Keine Geräte ausgewählt.", "Device_MultiEdit_Tooltip": "Achtung! Beim Drücken werden alle Werte auf die oben ausgewählten Geräte übertragen.", "Device_Save_Failed": "", "Device_Save_Unauthorized": "", - "Device_Saved_Success": "", + "Device_Saved_Success": "Gerät erfolgreich gespeichert", "Device_Saved_Unexpected": "", "Device_Searchbox": "Suche", "Device_Shortcut_AllDevices": "Meine Geräte", @@ -230,6 +230,8 @@ "Device_TableHead_FirstSession": "Erste Sitzung", "Device_TableHead_GUID": "GUID", "Device_TableHead_Group": "Gruppe", + "Device_TableHead_IPv4": "", + "Device_TableHead_IPv6": "", "Device_TableHead_Icon": "Icon", "Device_TableHead_LastIP": "Letzte IP", "Device_TableHead_LastIPOrder": "Letzte erhaltene IP", @@ -253,6 +255,7 @@ "Device_TableHead_SyncHubNodeName": "Synchronisationsknoten", "Device_TableHead_Type": "Typ", "Device_TableHead_Vendor": "Hersteller", + "Device_TableHead_Vlan": "VLAN", "Device_Table_Not_Network_Device": "Nicht konfiguriert als Netzwerkgerät", "Device_Table_info": "Zeige _START_ bis _END_ von _TOTAL_ Einträgen", "Device_Table_nav_next": "Nächste", @@ -304,6 +307,7 @@ "FieldLock_Error": "", "FieldLock_Lock_Tooltip": "", "FieldLock_Locked": "", + "FieldLock_SaveBeforeLocking": "", "FieldLock_Source_Label": "", "FieldLock_Unlock_Tooltip": "", "FieldLock_Unlocked": "", @@ -428,6 +432,10 @@ "Maintenance_Tool_ImportPastedConfig": "", "Maintenance_Tool_ImportPastedConfig_noti_text": "", "Maintenance_Tool_ImportPastedConfig_text": "", + "Maintenance_Tool_UnlockFields": "", + "Maintenance_Tool_UnlockFields_noti": "", + "Maintenance_Tool_UnlockFields_noti_text": "", + "Maintenance_Tool_UnlockFields_text": "", "Maintenance_Tool_arpscansw": "ARP-Scan umschalten (ein/aus)", "Maintenance_Tool_arpscansw_noti": "ARP-Scan ein- oder ausschalten", "Maintenance_Tool_arpscansw_noti_text": "Wenn der Scan aus ist, bleibt er so lange aus bis er wieder aktiviert wird.", @@ -437,6 +445,9 @@ "Maintenance_Tool_backup_noti_text": "Sind Sie sicher, dass Sie die Datenbank jetzt sichern möchten. Prüfen Sie, dass gerade keine Scans stattfinden.", "Maintenance_Tool_backup_text": "Die Datenbank-Sicher­ungen befinden sich im Datenbank-Ver­zeich­nis, gepackt als zip-Archive, benannt mit dem Erstellungs­datum. Es gibt keine maximale Anzahl von Backups.", "Maintenance_Tool_check_visible": "Abwählen um die Spalte auszublenden.", + "Maintenance_Tool_clearSourceFields_selected": "", + "Maintenance_Tool_clearSourceFields_selected_noti": "", + "Maintenance_Tool_clearSourceFields_selected_text": "", "Maintenance_Tool_darkmode": "Darstellungswechsel (Dunkel/Hell)", "Maintenance_Tool_darkmode_noti": "Darstellungswechsel", "Maintenance_Tool_darkmode_noti_text": "Wechselt zwischen der hellen und der dunklen Darstellung. Wenn die Umschaltung nicht ordentlich funktionieren sollte, versuchen Sie den Browsercache zu löschen.", @@ -467,6 +478,7 @@ "Maintenance_Tool_del_unknowndev_noti": "Lösche (unknown) Geräte", "Maintenance_Tool_del_unknowndev_noti_text": "Sind Sie sicher, dass Sie alle (unknown) Geräte aus der Datenbank löschen wollen?", "Maintenance_Tool_del_unknowndev_text": "Machen Sie ein Backup, bevor Sie diese Funk­tion nutzen. Der Vor­gang kann ohne Back­up nicht rück­gängig gemacht werden. Alle Gräte mit dem Namen (unknown) werden aus der Datenbank ge­löscht.", + "Maintenance_Tool_del_unlockFields_selecteddev_text": "", "Maintenance_Tool_displayed_columns_text": "Ändere die Sichtbarkeit und Anordnung der Spalten in der Geräte-Seite.", "Maintenance_Tool_drag_me": "Zieh mich um die Anordnung der Spalten zu ändern.", "Maintenance_Tool_order_columns_text": "", @@ -478,6 +490,8 @@ "Maintenance_Tool_restore_noti": "DB Wiederherstellung", "Maintenance_Tool_restore_noti_text": "Sind Sie sicher, dass Sie die Datenbank aus der neusten Sicherung wiederherstellen möchten? Prüfen Sie, dass gerade keine Scans stattfinden.", "Maintenance_Tool_restore_text": "Das neuste Backup kann über diese Funk­tion wiederhergestellt werden. Ältere Sicher­ungen müssen manuell wieder­hergestellt wer­den. Es empfiehlt sich eine Integritäts­prüfung nach der Wieder­her­stellung zu machen, falls die Datenbank bei der Sicherung geöffnet war.", + "Maintenance_Tool_unlockFields_selecteddev": "", + "Maintenance_Tool_unlockFields_selecteddev_noti": "", "Maintenance_Tool_upgrade_database_noti": "Aktualisiere Datenbank", "Maintenance_Tool_upgrade_database_noti_text": "", "Maintenance_Tool_upgrade_database_text": "Mit dieser Schaltfläche wird die Datenbank aktualisiert, um das Diagramm der Netzwerkaktivitäten der letzten 12 Stunden zu aktivieren. Bitte sichern Sie Ihre Datenbank, falls Probleme auftreten.", diff --git a/front/php/templates/language/en_us.json b/front/php/templates/language/en_us.json index e5c76decb..a58c4af89 100755 --- a/front/php/templates/language/en_us.json +++ b/front/php/templates/language/en_us.json @@ -198,7 +198,7 @@ "DevDetail_button_Save": "Save", "DeviceEdit_ValidMacIp": "Enter a valid Mac and IP address.", "Device_MultiEdit": "Multi-edit", - "Device_MultiEdit_Backup": "Careful, entering wrong values below will break your setup. Please backup your database or Devices configuration first (click to download ). Read how to recover Devices from this file in the Backups documentation. In order to apply your changes click the Save icon on each field you want to update.", + "Device_MultiEdit_Backup": "Careful, entering wrong values below will break your setup. Please backup your database or Devices configuration first (click to download ). Read how to recover Devices from this file in the Backups documentation. In order to apply your changes click the Save icon on each field you want to update.", "Device_MultiEdit_Fields": "Edit fields:", "Device_MultiEdit_MassActions": "Mass actions:", "Device_MultiEdit_No_Devices": "No devices selected.", @@ -226,6 +226,8 @@ "Device_TableHead_FirstSession": "First Session", "Device_TableHead_GUID": "GUID", "Device_TableHead_Group": "Group", + "Device_TableHead_IPv4": "IPv4", + "Device_TableHead_IPv6": "IPv6", "Device_TableHead_Icon": "Icon", "Device_TableHead_LastIP": "Last IP", "Device_TableHead_LastIPOrder": "Last IP Order", @@ -249,6 +251,7 @@ "Device_TableHead_SyncHubNodeName": "Sync Node", "Device_TableHead_Type": "Type", "Device_TableHead_Vendor": "Vendor", + "Device_TableHead_Vlan": "VLAN", "Device_Table_Not_Network_Device": "Not configured as a network device", "Device_Table_info": "Showing _START_ to _END_ of _TOTAL_ entries", "Device_Table_nav_next": "Next", @@ -300,6 +303,7 @@ "FieldLock_Error": "Error updating field lock status", "FieldLock_Lock_Tooltip": "Lock field (prevent plugin overwrites)", "FieldLock_Locked": "Field locked", + "FieldLock_SaveBeforeLocking": "Save your changes before locking", "FieldLock_Source_Label": "Source: ", "FieldLock_Unlock_Tooltip": "Unlock field (allow plugin overwrites)", "FieldLock_Unlocked": "Field unlocked", @@ -410,6 +414,10 @@ "Maintenance_Tool_ImportPastedConfig": "Settings Import (paste)", "Maintenance_Tool_ImportPastedConfig_noti_text": "Are you sure you want to import the pasted config settings? This will completely overwrite the app.conf file.", "Maintenance_Tool_ImportPastedConfig_text": "Imports the app.conf file containing all the application Settings. You might want to download the current app.conf file first with the Settings Export.", + "Maintenance_Tool_UnlockFields": "Unlock Device Fields", + "Maintenance_Tool_UnlockFields_noti": "Unlock Device Fields", + "Maintenance_Tool_UnlockFields_noti_text": "Are you sure you want to clear all source values (LOCKED/USER) for all device fields on all devices? This action cannot be undone.", + "Maintenance_Tool_UnlockFields_text": "This tool will remove all source values from every tracked field for all devices, effectively unlocking all fields for plugins and users. Use this with caution, as it will affect your entire device inventory.", "Maintenance_Tool_arpscansw": "Toggle arp-Scan (on/off)", "Maintenance_Tool_arpscansw_noti": "Toggle arp-Scan on or off", "Maintenance_Tool_arpscansw_noti_text": "When the scan has been switched off it remains off until it is activated again.", @@ -419,6 +427,9 @@ "Maintenance_Tool_backup_noti_text": "Are you sure you want to execute the DB Backup? Be sure that no scan is currently running.", "Maintenance_Tool_backup_text": "The database backups are located in the database directory as a zip-archive, named with the creation date. There is no maximum number of backups.", "Maintenance_Tool_check_visible": "Uncheck to hide column.", + "Maintenance_Tool_clearSourceFields_selected": "Clear source fields", + "Maintenance_Tool_clearSourceFields_selected_noti": "Clear sources", + "Maintenance_Tool_clearSourceFields_selected_text": "This will clear all source fields of the selected devices. This action cannot be undone.", "Maintenance_Tool_darkmode": "Toggle Modes (Dark/Light)", "Maintenance_Tool_darkmode_noti": "Toggle Modes", "Maintenance_Tool_darkmode_noti_text": "After the theme switch, the page tries to reload itself to activate the change. If necessary, the cache must be cleared.", @@ -449,6 +460,7 @@ "Maintenance_Tool_del_unknowndev_noti": "Delete (unknown) devices", "Maintenance_Tool_del_unknowndev_noti_text": "Are you sure you want to delete all (unknown) and (name not found) devices?", "Maintenance_Tool_del_unknowndev_text": "Before using this function, please make a backup. The deletion cannot be undone. All devices named (unknown) will be deleted from the database.", + "Maintenance_Tool_del_unlockFields_selecteddev_text": "This will unlock the LOCKED/USER fields of the selected devices. This action cannot be undone.", "Maintenance_Tool_displayed_columns_text": "Change the visibility and order of the columns in the Devices page.", "Maintenance_Tool_drag_me": "Drag me to reorder columns.", "Maintenance_Tool_order_columns_text": "Maintenance_Tool_order_columns_text", @@ -460,6 +472,8 @@ "Maintenance_Tool_restore_noti": "DB Restore", "Maintenance_Tool_restore_noti_text": "Are you sure you want to execute the DB Restore? Be sure that no scan is currently running.", "Maintenance_Tool_restore_text": "The latest backup can be restored via the button, but older backups can only be restored manually. After the restore, make an integrity check on the database for safety, in case the db was currently in write access when the backup was created.", + "Maintenance_Tool_unlockFields_selecteddev": "Unlock device fields", + "Maintenance_Tool_unlockFields_selecteddev_noti": "Unlock fields", "Maintenance_Tool_upgrade_database_noti": "Upgrade database", "Maintenance_Tool_upgrade_database_noti_text": "Are you sure you want to upgrade the database?
(maybe you prefer to archive it)", "Maintenance_Tool_upgrade_database_text": "This button will upgrade the database to enable the Network activity over last 12 hours chart. Please backup your database in case of issues.", diff --git a/front/php/templates/language/es_es.json b/front/php/templates/language/es_es.json index 17c2541c7..aff4832cd 100644 --- a/front/php/templates/language/es_es.json +++ b/front/php/templates/language/es_es.json @@ -200,7 +200,7 @@ "DevDetail_button_Save": "Guardar", "DeviceEdit_ValidMacIp": "Introduzca una dirección Mac y una dirección IP válidas .", "Device_MultiEdit": "Edición múltiple", - "Device_MultiEdit_Backup": "Tenga cuidado, ingresar valores incorrectos o romperá su configuración. Por favor, haga una copia de seguridad de su base de datos o de la configuración de los dispositivos primero (haga clic para descargar ). Lea cómo recuperar dispositivos de este archivo en la documentación de Copia de seguridad. Para aplicar sus cambios haga click en el ícono de Guardar en cada campo que quiera actualizar.", + "Device_MultiEdit_Backup": "Tenga cuidado, ingresar valores incorrectos o romperá su configuración. Por favor, haga una copia de seguridad de su base de datos o de la configuración de los dispositivos primero (haga clic para descargar ). Lea cómo recuperar dispositivos de este archivo en la documentación de Copia de seguridad. Para aplicar sus cambios haga click en el ícono de Guardar en cada campo que quiera actualizar.", "Device_MultiEdit_Fields": "Editar campos:", "Device_MultiEdit_MassActions": "Acciones masivas:", "Device_MultiEdit_No_Devices": "", @@ -228,6 +228,8 @@ "Device_TableHead_FirstSession": "1ra. sesión", "Device_TableHead_GUID": "GUID", "Device_TableHead_Group": "Grupo", + "Device_TableHead_IPv4": "", + "Device_TableHead_IPv6": "", "Device_TableHead_Icon": "Icon", "Device_TableHead_LastIP": "Última IP", "Device_TableHead_LastIPOrder": "Última orden de IP", @@ -251,6 +253,7 @@ "Device_TableHead_SyncHubNodeName": "Nodo de sincronización", "Device_TableHead_Type": "Tipo", "Device_TableHead_Vendor": "Fabricante", + "Device_TableHead_Vlan": "", "Device_Table_Not_Network_Device": "No está configurado como dispositivo de red", "Device_Table_info": "Mostrando el INICIO y el FINAL de TODAS las entradas", "Device_Table_nav_next": "Siguiente", @@ -302,6 +305,7 @@ "FieldLock_Error": "", "FieldLock_Lock_Tooltip": "", "FieldLock_Locked": "", + "FieldLock_SaveBeforeLocking": "", "FieldLock_Source_Label": "", "FieldLock_Unlock_Tooltip": "", "FieldLock_Unlocked": "", @@ -426,6 +430,10 @@ "Maintenance_Tool_ImportPastedConfig": "Importar ajustes (pegar)", "Maintenance_Tool_ImportPastedConfig_noti_text": "¿Seguro que quieres importar la configuración pegada? Esto sobrescribirá por completo el archivo app.conf.", "Maintenance_Tool_ImportPastedConfig_text": "Importa el archivo app.conf que contiene toda la configuración de la aplicación. Es recomendable descargar primero el archivo app.conf actual con la Exportación de configuración.", + "Maintenance_Tool_UnlockFields": "", + "Maintenance_Tool_UnlockFields_noti": "", + "Maintenance_Tool_UnlockFields_noti_text": "", + "Maintenance_Tool_UnlockFields_text": "", "Maintenance_Tool_arpscansw": "Activar arp-scan (on/off)", "Maintenance_Tool_arpscansw_noti": "Activar arp-scan on or off", "Maintenance_Tool_arpscansw_noti_text": "Cuando el escaneo se ha apagado, permanece apagado hasta que se active nuevamente.", @@ -435,6 +443,9 @@ "Maintenance_Tool_backup_noti_text": "¿Estás seguro de que quieres exactos la copia de seguridad de DB? Asegúrese de que ningún escaneo se esté ejecutando actualmente.", "Maintenance_Tool_backup_text": "Las copias de seguridad de la base de datos se encuentran en el directorio de la base de datos como una Zip-Archive, nombrada con la fecha de creación. No hay un número máximo de copias de seguridad.", "Maintenance_Tool_check_visible": "Desactivar para ocultar columna.", + "Maintenance_Tool_clearSourceFields_selected": "", + "Maintenance_Tool_clearSourceFields_selected_noti": "", + "Maintenance_Tool_clearSourceFields_selected_text": "", "Maintenance_Tool_darkmode": "Cambiar Modo (Dark/Light)", "Maintenance_Tool_darkmode_noti": "Cambiar Modo", "Maintenance_Tool_darkmode_noti_text": "Después del cambio de tema, la página intenta volver a cargar para activar el cambio. Si es necesario, el caché debe ser eliminado.", @@ -465,6 +476,7 @@ "Maintenance_Tool_del_unknowndev_noti": "Eliminar dispositivos (desconocidos)", "Maintenance_Tool_del_unknowndev_noti_text": "¿Estás seguro de que quieres eliminar todos los dispositivos (desconocidos)?", "Maintenance_Tool_del_unknowndev_text": "Antes de usar esta función, haga una copia de seguridad. La eliminación no se puede deshacer. Todos los dispositivos nombrados (desconocidos) se eliminarán de la base de datos.", + "Maintenance_Tool_del_unlockFields_selecteddev_text": "", "Maintenance_Tool_displayed_columns_text": "Cambia la visibilidad y el orden de las columnas en la página Dispositivos.", "Maintenance_Tool_drag_me": "Coger para rearrastrar columnas.", "Maintenance_Tool_order_columns_text": "Maintenance_Tool_order_columns_text", @@ -476,6 +488,8 @@ "Maintenance_Tool_restore_noti": "Restaurar DB", "Maintenance_Tool_restore_noti_text": "¿Estás seguro de que quieres hacer exactos la restauración de DB? Asegúrese de que ningún escaneo se esté ejecutando actualmente.", "Maintenance_Tool_restore_text": "La última copia de seguridad se puede restaurar a través del botón, pero las copias de seguridad anteriores solo se pueden restaurar manualmente. Después de la restauración, realice una verificación de integridad en la base de datos por seguridad, en caso de que el DB estuviera actualmente en acceso de escritura cuando se creó la copia de seguridad.", + "Maintenance_Tool_unlockFields_selecteddev": "", + "Maintenance_Tool_unlockFields_selecteddev_noti": "", "Maintenance_Tool_upgrade_database_noti": "Actualizar la base de datos", "Maintenance_Tool_upgrade_database_noti_text": "¿Estás seguro de que quieres actualizar la base de datos?
(tal vez prefieras archivarla)", "Maintenance_Tool_upgrade_database_text": "Este botón actualizará la base de datos para habilitar la actividad de la red en las últimas 12 horas. Haga una copia de seguridad de su base de datos en caso de problemas.", diff --git a/front/php/templates/language/fa_fa.json b/front/php/templates/language/fa_fa.json index 7b2b9c5d4..772ef8dfb 100644 --- a/front/php/templates/language/fa_fa.json +++ b/front/php/templates/language/fa_fa.json @@ -226,6 +226,8 @@ "Device_TableHead_FirstSession": "", "Device_TableHead_GUID": "", "Device_TableHead_Group": "", + "Device_TableHead_IPv4": "", + "Device_TableHead_IPv6": "", "Device_TableHead_Icon": "", "Device_TableHead_LastIP": "", "Device_TableHead_LastIPOrder": "", @@ -249,6 +251,7 @@ "Device_TableHead_SyncHubNodeName": "", "Device_TableHead_Type": "", "Device_TableHead_Vendor": "", + "Device_TableHead_Vlan": "", "Device_Table_Not_Network_Device": "", "Device_Table_info": "", "Device_Table_nav_next": "", @@ -300,6 +303,7 @@ "FieldLock_Error": "", "FieldLock_Lock_Tooltip": "", "FieldLock_Locked": "", + "FieldLock_SaveBeforeLocking": "", "FieldLock_Source_Label": "", "FieldLock_Unlock_Tooltip": "", "FieldLock_Unlocked": "", @@ -410,6 +414,10 @@ "Maintenance_Tool_ImportPastedConfig": "", "Maintenance_Tool_ImportPastedConfig_noti_text": "", "Maintenance_Tool_ImportPastedConfig_text": "", + "Maintenance_Tool_UnlockFields": "", + "Maintenance_Tool_UnlockFields_noti": "", + "Maintenance_Tool_UnlockFields_noti_text": "", + "Maintenance_Tool_UnlockFields_text": "", "Maintenance_Tool_arpscansw": "", "Maintenance_Tool_arpscansw_noti": "", "Maintenance_Tool_arpscansw_noti_text": "", @@ -419,6 +427,9 @@ "Maintenance_Tool_backup_noti_text": "", "Maintenance_Tool_backup_text": "", "Maintenance_Tool_check_visible": "", + "Maintenance_Tool_clearSourceFields_selected": "", + "Maintenance_Tool_clearSourceFields_selected_noti": "", + "Maintenance_Tool_clearSourceFields_selected_text": "", "Maintenance_Tool_darkmode": "", "Maintenance_Tool_darkmode_noti": "", "Maintenance_Tool_darkmode_noti_text": "", @@ -449,6 +460,7 @@ "Maintenance_Tool_del_unknowndev_noti": "", "Maintenance_Tool_del_unknowndev_noti_text": "", "Maintenance_Tool_del_unknowndev_text": "", + "Maintenance_Tool_del_unlockFields_selecteddev_text": "", "Maintenance_Tool_displayed_columns_text": "", "Maintenance_Tool_drag_me": "", "Maintenance_Tool_order_columns_text": "", @@ -460,6 +472,8 @@ "Maintenance_Tool_restore_noti": "", "Maintenance_Tool_restore_noti_text": "", "Maintenance_Tool_restore_text": "", + "Maintenance_Tool_unlockFields_selecteddev": "", + "Maintenance_Tool_unlockFields_selecteddev_noti": "", "Maintenance_Tool_upgrade_database_noti": "", "Maintenance_Tool_upgrade_database_noti_text": "", "Maintenance_Tool_upgrade_database_text": "", diff --git a/front/php/templates/language/fr_fr.json b/front/php/templates/language/fr_fr.json index 7ab9085bd..38c4c0098 100644 --- a/front/php/templates/language/fr_fr.json +++ b/front/php/templates/language/fr_fr.json @@ -98,10 +98,10 @@ "DevDetail_MainInfo_Network": " Nœud (MAC)", "DevDetail_MainInfo_Network_Port": " Port", "DevDetail_MainInfo_Network_Site": "Site", - "DevDetail_MainInfo_Network_Title": "Réseau", + "DevDetail_MainInfo_Network_Title": "Détails du réseau", "DevDetail_MainInfo_Owner": "Possesseur", "DevDetail_MainInfo_SSID": "SSID", - "DevDetail_MainInfo_Title": "Informations principales", + "DevDetail_MainInfo_Title": "Informations de l'appareil", "DevDetail_MainInfo_Type": "Type", "DevDetail_MainInfo_Vendor": "Fabricant", "DevDetail_MainInfo_mac": "MAC", @@ -198,15 +198,15 @@ "DevDetail_button_Save": "Enregistrer", "DeviceEdit_ValidMacIp": "Renseigner une adresse Mac et une adresse IP valides.", "Device_MultiEdit": "Édition multiple", - "Device_MultiEdit_Backup": "Attention, renseigner des valeurs non cohérentes ci-dessous peut bloquer votre paramétrage. Veillez à faire une sauvegarde de votre base de données ou de la configuration de vos appareils en premier lieu (clisuer ici pour la télécharger ). Renseignez-vous sur comment remettre les appareils depuis ce fichier via la documentation des sauvegardes. Afin d'enregistrer les changements, cliquer sur l'icône Sauvegarder sur chaque champ que vous voulez mettre à jour.", + "Device_MultiEdit_Backup": "Attention, renseigner des valeurs non cohérentes ci-dessous peut bloquer votre paramétrage. Veillez à faire une sauvegarde de votre base de données ou de la configuration de vos appareils en premier lieu (clisuer ici pour la télécharger ). Renseignez-vous sur comment remettre les appareils depuis ce fichier via la documentation des sauvegardes. Afin d'enregistrer les changements, cliquer sur l'icône Sauvegarder sur chaque champ que vous voulez mettre à jour.", "Device_MultiEdit_Fields": "Champs modifiables :", "Device_MultiEdit_MassActions": "Actions en masse :", "Device_MultiEdit_No_Devices": "Aucun appareil sélectionné.", "Device_MultiEdit_Tooltip": "Attention. Ceci va appliquer la valeur de gauche à tous les appareils sélectionnés au-dessus.", - "Device_Save_Failed": "", - "Device_Save_Unauthorized": "", - "Device_Saved_Success": "", - "Device_Saved_Unexpected": "", + "Device_Save_Failed": "Erreur à l'enregistrement de l'appareil", + "Device_Save_Unauthorized": "Non autorisé - Jeton d'API invalide", + "Device_Saved_Success": "Appareil enregistré avec succès", + "Device_Saved_Unexpected": "La mise à jour de l'appareil a renvoyé une réponse inattendue", "Device_Searchbox": "Rechercher", "Device_Shortcut_AllDevices": "Mes appareils", "Device_Shortcut_AllNodes": "Tous les nœuds", @@ -226,6 +226,8 @@ "Device_TableHead_FirstSession": "Première session", "Device_TableHead_GUID": "GUID", "Device_TableHead_Group": "Groupe", + "Device_TableHead_IPv4": "IPv4", + "Device_TableHead_IPv6": "IPv6", "Device_TableHead_Icon": "Icône", "Device_TableHead_LastIP": "Dernière IP", "Device_TableHead_LastIPOrder": "Ordre dernière IP", @@ -249,6 +251,7 @@ "Device_TableHead_SyncHubNodeName": "Noeud de synchro", "Device_TableHead_Type": "Type", "Device_TableHead_Vendor": "Fabriquant", + "Device_TableHead_Vlan": "VLAN", "Device_Table_Not_Network_Device": "Non configuré comme appareil du réseau", "Device_Table_info": "Affiche de _START_ à _END_ sur _TOTAL_ entrées", "Device_Table_nav_next": "Suivant", @@ -296,13 +299,14 @@ "Events_Tablelenght": "Afficher _MENU_ entrées", "Events_Tablelenght_all": "Tous", "Events_Title": "Évènements", - "FakeMAC_hover": "Autodétecté - indique si l'appareil utilise une fausse adresse MAC (qui commence par FA:CE ou 00:1A), typiquement générée par un plugin qui ne peut pas détecter la vraie adresse MAC, ou en créant un appareil factice.", - "FieldLock_Error": "", - "FieldLock_Lock_Tooltip": "", - "FieldLock_Locked": "", - "FieldLock_Source_Label": "", - "FieldLock_Unlock_Tooltip": "", - "FieldLock_Unlocked": "", + "FakeMAC_hover": "Cet appareil a une adresse MAC fausse ou falsifiée", + "FieldLock_Error": "Erreur de mise à jour du statut de verrouillage du champ", + "FieldLock_Lock_Tooltip": "Verrouiller le champ (empêche les surcharges de plugin)", + "FieldLock_Locked": "Champ verrouillé", + "FieldLock_SaveBeforeLocking": "Enregistrez vos changements avant de verrouiller", + "FieldLock_Source_Label": "Source : ", + "FieldLock_Unlock_Tooltip": "Déverrouiller le champ (autorise les surcharges de plugin)", + "FieldLock_Unlocked": "Champ déverrouillé", "GRAPHQL_PORT_description": "Le numéro de port du serveur GraphQL. Assurez vous sue le port est unique a l'échelle de toutes les applications sur cet hôte et vos instances NetAlertX.", "GRAPHQL_PORT_name": "Port GraphQL", "Gen_Action": "Action", @@ -410,6 +414,10 @@ "Maintenance_Tool_ImportPastedConfig": "Import des paramètres (coller)", "Maintenance_Tool_ImportPastedConfig_noti_text": "Êtes-vous sûr de vouloir importer les paramètres de configuration copiés ? Cela va complètement remplacer le fichier app.conf.", "Maintenance_Tool_ImportPastedConfig_text": "Importe le fichier app.conf, qui contient tous les paramètres de l'application. Vous devriez commencer par télécharger le fichier actuelapp.conf avec la fonctionnalité Export des paramètres.", + "Maintenance_Tool_UnlockFields": "Déverrouiller les champs de l'appareil", + "Maintenance_Tool_UnlockFields_noti": "Déverrouiller les champs de l'appareil", + "Maintenance_Tool_UnlockFields_noti_text": "Êtes-vous sûr de vouloir supprimer toutes les valeurs de source (verrouillés par l'utilisateur LOCKED/USER) pour tous les champs d'appareil de tous les appareils ? Cette action ne peut pas être annulée.", + "Maintenance_Tool_UnlockFields_text": "Cet outil va supprimer toutes les valeurs de source pour chaque champ suivi de tous les appareils, ce qui déverrouillera tous les champs pour les plugins et les utilisateurs. Utilisez-lebm avec précaution, cela impactera l'ensemble de l'inventaire des appareils.", "Maintenance_Tool_arpscansw": "Basculer l'arp-Scan (activé/désactivé)", "Maintenance_Tool_arpscansw_noti": "Activer ou désactiver l'arp-Scan", "Maintenance_Tool_arpscansw_noti_text": "Une fois le scan désactivé, il reste désactivé jusqu'à ce qu'il soit réactivé.", @@ -419,6 +427,9 @@ "Maintenance_Tool_backup_noti_text": "Êtes-vous sûr de vouloir lancer la sauvegarde de la base de données ? Assurez-vous de ne pas avoir de scan en cours.", "Maintenance_Tool_backup_text": "Les sauvegardes de base de données sont situées dans le répertoire de la base de données, soir forme d'archive ZIP, nommé selon la date de création. Il n'y a pas de limite de nombre de sauvegarde.", "Maintenance_Tool_check_visible": "Décocher pour masquer la colonne.", + "Maintenance_Tool_clearSourceFields_selected": "Supprimer les champs source", + "Maintenance_Tool_clearSourceFields_selected_noti": "Supprimer les sources", + "Maintenance_Tool_clearSourceFields_selected_text": "Cela va supprimer tous les champs de sources des appareils sélectionnés. Cette action est irréversible.", "Maintenance_Tool_darkmode": "Basculer de mode (clair/sombre)", "Maintenance_Tool_darkmode_noti": "Basculer de mode", "Maintenance_Tool_darkmode_noti_text": "Après le changement de thème, la page tente de se rafraîchir pour activer le changement. Si besoin, le cache doit être supprimé.", @@ -449,6 +460,7 @@ "Maintenance_Tool_del_unknowndev_noti": "Supprimer les appareils inconnus", "Maintenance_Tool_del_unknowndev_noti_text": "Êtes-vous sûr de vouloir supprimer tous les appareils inconnus et sans nom trouvé ?", "Maintenance_Tool_del_unknowndev_text": "Avant d'utiliser cette fonction, veuillez effectuer une sauvegarde. La suppression ne peut pas être annulée. Tous les appareils nommés (inconnus) seront supprimés de la base de données.", + "Maintenance_Tool_del_unlockFields_selecteddev_text": "Cela va déverrouiller les champs verrouillés par l'utilisateur (LOCKED/USER) des appareils sélectionnés. Cette action ne peut pas être annulée.", "Maintenance_Tool_displayed_columns_text": "Changer la visibilité et l'ordre des colonnes dans la page appareils page.", "Maintenance_Tool_drag_me": "Déplacez-moi pour réordonner les colonnes.", "Maintenance_Tool_order_columns_text": "Maintenance_Tool_order_columns_text", @@ -460,6 +472,8 @@ "Maintenance_Tool_restore_noti": "Restauration de la base de données", "Maintenance_Tool_restore_noti_text": "Êtes-vous sûr de vouloir lancer la restauration de la base données ? Assurez-vous qu'aucun scan ne soit en cours.", "Maintenance_Tool_restore_text": "La dernière sauvegarde peut être restaurée à l'aide du bouton, mais les sauvegardes plus anciennes ne peuvent être restaurées que manuellement. Après la restauration, faites un contrôle d'intégrité de la base de donnes par sécurité, au cas où elle était en cours d'ecriture lorsque la sauvegarde a été réalisée.", + "Maintenance_Tool_unlockFields_selecteddev": "Déverrouiller les champs de l'appareil", + "Maintenance_Tool_unlockFields_selecteddev_noti": "Déverrouiller les champs", "Maintenance_Tool_upgrade_database_noti": "Mise à jour de la base de données", "Maintenance_Tool_upgrade_database_noti_text": "Êtes-vous sûr de vouloir mettre à jour la base de données ?
(il peut être préférable de l'archiver)", "Maintenance_Tool_upgrade_database_text": "Ce bouton va mettre à jour la base de données pour activer le graphique de l'activité réseau sur les 12 dernières heures. Veillez à faire une sauvegarde de la base de données en cas de problème.", @@ -601,7 +615,7 @@ "REPORT_MAIL_description": "Si activé, un courriel est envoyé, avec la liste des changements pour lesquels on a souscrit. Cela nécessite de renseigner les paramètres associés au paramétrage SMTP plus bas. Si vous rencontrez des problèmes, positionnez le LOG_LEVEL au niveau debug et vérifiez les journaux d'erreurs.", "REPORT_MAIL_name": "Activer les courriels", "REPORT_TITLE": "Rapport", - "RandomMAC_hover": "Détecté automatiquement - indique si l'appareil dispose d'une adresse MAC générée aléatoirement. Vous pouvez exclure des adresses MAC spécifiques via le paramètre UI_NOT_RANDOM_MAC. Cliquez pour plus d'informations.", + "RandomMAC_hover": "Cet appareil a une adresse MAC aléatoire", "Reports_Sent_Log": "Rapports de log transmis", "SCAN_SUBNETS_description": "La plupart des scanners sur le réseau (scan ARP, NMAP, Nslookup, DIG) se base sur le scan d'une partie spécifique des interfaces réseau ou de sous-réseau. Consulter la documentation des sous-réseaux pour plus d'aide sur ce paramètre, notamment pour des VLAN, lesquels sont supportés ou sur comment identifier le masque réseau et votre interface réseau.

Une alternative à ces scanner sur le réseau et d'activer d'autres scanners d'appareils ou des importe, qui ne dépendent pas du fait de laisser NetAlertX accéder au réseau (Unifié, baux DHCP, Pi-hole, etc.).

Remarque : la durée du scan en lui-même dépend du nombre d'adresses IP à scanner, renseignez donc soigneusement avec le bon masque réseau et la bonne interface réseau.", "SCAN_SUBNETS_name": "Réseaux à scanner", @@ -609,7 +623,7 @@ "Setting_Override": "Remplacer la valeur", "Setting_Override_Description": "Activer cette option va remplacer la valeur fournie par défaut par une application par la valeur renseignée au-dessus.", "Settings_Metadata_Toggle": "Afficher/masquer les méta données pour le paramètre sélectionné.", - "Settings_Show_Description": "Montrer la description de la configuration.", + "Settings_Show_Description": "Afficher la description", "Settings_device_Scanners_desync": "⚠ La planification des différents scanners d'appareils est désynchronisée.", "Settings_device_Scanners_desync_popup": "La planification des scanners (*_RUN_SCHD) n'est pas identique entre scanners. Cela va entraîner des notifications en ligne/hors-ligne non cohérentes. À moins que cela soit attendu, utilisez la même planification pour tous les 🔍scanners d'appareils activés.", "Speedtest_Results": "Résultats du test de débit", @@ -775,4 +789,4 @@ "settings_system_label": "Système", "settings_update_item_warning": "Mettre à jour la valeur ci-dessous. Veillez à bien suivre le même format qu'auparavant. Il n'y a pas de pas de contrôle.", "test_event_tooltip": "Enregistrer d'abord vos modifications avant de tester vôtre paramétrage." -} \ No newline at end of file +} diff --git a/front/php/templates/language/it_it.json b/front/php/templates/language/it_it.json index fcf1212fd..f4cc17bb4 100644 --- a/front/php/templates/language/it_it.json +++ b/front/php/templates/language/it_it.json @@ -98,10 +98,10 @@ "DevDetail_MainInfo_Network": " Nodo (MAC)", "DevDetail_MainInfo_Network_Port": " Porta", "DevDetail_MainInfo_Network_Site": "Sito", - "DevDetail_MainInfo_Network_Title": "Rete", + "DevDetail_MainInfo_Network_Title": "Dettagli rete", "DevDetail_MainInfo_Owner": "Proprietario", "DevDetail_MainInfo_SSID": "SSID", - "DevDetail_MainInfo_Title": "Informazioni principali", + "DevDetail_MainInfo_Title": "Informazioni dispositivo", "DevDetail_MainInfo_Type": "Tipo", "DevDetail_MainInfo_Vendor": "Produttore", "DevDetail_MainInfo_mac": "MAC", @@ -198,15 +198,15 @@ "DevDetail_button_Save": "Salva", "DeviceEdit_ValidMacIp": "Inserisci un indirizzo Mac e un indirizzo IP validi.", "Device_MultiEdit": "Modifica multipla", - "Device_MultiEdit_Backup": "Attento, l'inserimento di valori errati di seguito interromperà la configurazione. Effettua prima il backup del database o della configurazione dei dispositivi (fai clic per scaricare ). Leggi come ripristinare i dispositivi da questo file nella Documentazione di backup. Per applicare le modifiche, fai clic sull'icona Salva su ogni campo che desideri aggiornare.", + "Device_MultiEdit_Backup": "Attento, l'inserimento di valori errati di seguito interromperà la configurazione. Effettua prima il backup del database o della configurazione dei dispositivi (fai clic per scaricare ). Leggi come ripristinare i dispositivi da questo file nella Documentazione di backup. Per applicare le modifiche, fai clic sull'icona Salva su ogni campo che desideri aggiornare.", "Device_MultiEdit_Fields": "Modifica campi:", "Device_MultiEdit_MassActions": "Azioni di massa:", "Device_MultiEdit_No_Devices": "Nessun dispositivo selezionato.", "Device_MultiEdit_Tooltip": "Attento. Facendo clic verrà applicato il valore sulla sinistra a tutti i dispositivi selezionati sopra.", - "Device_Save_Failed": "", - "Device_Save_Unauthorized": "", - "Device_Saved_Success": "", - "Device_Saved_Unexpected": "", + "Device_Save_Failed": "Impossibile salvare il dispositivo", + "Device_Save_Unauthorized": "Non autorizzato: token API non valido", + "Device_Saved_Success": "Dispositivo salvato correttamente", + "Device_Saved_Unexpected": "L'aggiornamento del dispositivo ha restituito una risposta imprevista", "Device_Searchbox": "Cerca", "Device_Shortcut_AllDevices": "I miei dispositivi", "Device_Shortcut_AllNodes": "Tutti i nodi", @@ -226,6 +226,8 @@ "Device_TableHead_FirstSession": "Prima sessione", "Device_TableHead_GUID": "GUID", "Device_TableHead_Group": "Gruppo", + "Device_TableHead_IPv4": "IPv4", + "Device_TableHead_IPv6": "IPv6", "Device_TableHead_Icon": "Icona", "Device_TableHead_LastIP": "Ultimo IP", "Device_TableHead_LastIPOrder": "Ordina per ultimo IP", @@ -249,6 +251,7 @@ "Device_TableHead_SyncHubNodeName": "Sincronizza nodo", "Device_TableHead_Type": "Tipo", "Device_TableHead_Vendor": "Produttore", + "Device_TableHead_Vlan": "VLAN", "Device_Table_Not_Network_Device": "Non configurato come dispositivo di rete", "Device_Table_info": "Visualizzazione da _START_ a _END_ di _TOTAL_ voci", "Device_Table_nav_next": "Successivo", @@ -296,13 +299,14 @@ "Events_Tablelenght": "Mostra _MENU_ elementi", "Events_Tablelenght_all": "Tutti", "Events_Title": "Eventi", - "FakeMAC_hover": "Rilevato automaticamente: indica se il dispositivo utilizza un indirizzo MAC FALSO (che inizia con FA:CE o 00:1A), in genere generato da un plugin che non riesce a rilevare il MAC reale o quando si crea un dispositivo fittizio.", - "FieldLock_Error": "", - "FieldLock_Lock_Tooltip": "", - "FieldLock_Locked": "", - "FieldLock_Source_Label": "", - "FieldLock_Unlock_Tooltip": "", - "FieldLock_Unlocked": "", + "FakeMAC_hover": "Questo dispositivo ha un indirizzo MAC contraffatto", + "FieldLock_Error": "Errore durante l'aggiornamento dello stato di blocco del campo", + "FieldLock_Lock_Tooltip": "Blocca campo (impedisci sovrascrittura plugin)", + "FieldLock_Locked": "Campo bloccato", + "FieldLock_SaveBeforeLocking": "Salva modifiche prima di bloccare", + "FieldLock_Source_Label": "Sorgente: ", + "FieldLock_Unlock_Tooltip": "Sblocca campo (consenti sovrascritture plugin)", + "FieldLock_Unlocked": "Campo sbloccato", "GRAPHQL_PORT_description": "Il numero di porta del server GraphQL. Assicurati che la porta sia univoca in tutte le tue applicazioni su questo host e nelle istanze di NetAlertX.", "GRAPHQL_PORT_name": "Porta GraphQL", "Gen_Action": "Azione", @@ -410,6 +414,10 @@ "Maintenance_Tool_ImportPastedConfig": "Importa impostazioni (incolla)", "Maintenance_Tool_ImportPastedConfig_noti_text": "Vuoi davvero importare le impostazioni di configurazione incollate? Questo sovrascriverà completamente il file app.conf.", "Maintenance_Tool_ImportPastedConfig_text": "Importa il file app.conf contenente tutte le impostazioni dell'applicazione. Potresti voler scaricare prima il file app.conf corrente con Esporta impostazioni.", + "Maintenance_Tool_UnlockFields": "Sblocca campi del dispositivo", + "Maintenance_Tool_UnlockFields_noti": "Sblocca campi del dispositivo", + "Maintenance_Tool_UnlockFields_noti_text": "Vuoi davvero cancellare tutti i valori sorgente (BLOCCATO/UTENTE) per tutti i campi dispositivo su tutti i dispositivi? Questa azione non può essere annullata.", + "Maintenance_Tool_UnlockFields_text": "Questo strumento rimuoverà tutti i valori sorgente da ogni campo tracciato per tutti i dispositivi, sbloccando di fatto tutti i campi per plugin e utenti. Usalo con cautela, poiché influirà sull'intero inventario dei dispositivi.", "Maintenance_Tool_arpscansw": "Attiva/disattiva arp-Scan", "Maintenance_Tool_arpscansw_noti": "Attiva o disattiva arp-Scan", "Maintenance_Tool_arpscansw_noti_text": "Una volta disattivata la scansione rimane disattivata finché non viene nuovamente attivata.", @@ -419,6 +427,9 @@ "Maintenance_Tool_backup_noti_text": "Sei sicuro di voler eseguire il backup del DB? Assicurati che nessuna scansione sia attualmente in esecuzione.", "Maintenance_Tool_backup_text": "I backup del database si trovano nella directory del database come archivio zip, denominato con la data di creazione. Non esiste un numero massimo di backup.", "Maintenance_Tool_check_visible": "Deseleziona per nascondere la colonna.", + "Maintenance_Tool_clearSourceFields_selected": "Cancella campi sorgente", + "Maintenance_Tool_clearSourceFields_selected_noti": "Cancella sorgenti", + "Maintenance_Tool_clearSourceFields_selected_text": "Questa operazione cancellerà tutti i campi sorgente dei dispositivi selezionati. Questa azione non può essere annullata.", "Maintenance_Tool_darkmode": "Alterna modalità (Scuro/Chiaro)", "Maintenance_Tool_darkmode_noti": "Alterna modalità", "Maintenance_Tool_darkmode_noti_text": "Dopo il cambio di tema, la pagina tenta di ricaricarsi per attivare la modifica. Potrebbe essere necessaria la cancellazione della cache.", @@ -449,6 +460,7 @@ "Maintenance_Tool_del_unknowndev_noti": "Elimina dispositivi (sconosciuti)", "Maintenance_Tool_del_unknowndev_noti_text": "Sei sicuro di voler eliminare tutti i dispositivi (sconosciuti) e (senza nome)?", "Maintenance_Tool_del_unknowndev_text": "Prima di utilizzare questa funzione, esegui un backup. L'eliminazione non può essere annullata. Tutti i dispositivi (sconosciuti) verranno eliminati dal database.", + "Maintenance_Tool_del_unlockFields_selecteddev_text": "Questa operazione sbloccherà i campi BLOCCATO/UTENTE dei dispositivi selezionati. Questa azione non può essere annullata.", "Maintenance_Tool_displayed_columns_text": "Cambia la visibilità e l'ordine delle colonne nella pagina Dispositivi.", "Maintenance_Tool_drag_me": "Trascinami per riordinare le colonne.", "Maintenance_Tool_order_columns_text": "Maintenance_Tool_order_columns_text", @@ -460,6 +472,8 @@ "Maintenance_Tool_restore_noti": "Ripristino DB", "Maintenance_Tool_restore_noti_text": "Sei sicuro di voler eseguire il ripristino del DB? Assicurati che nessuna scansione sia attualmente in esecuzione.", "Maintenance_Tool_restore_text": "L'ultimo backup può essere ripristinato tramite il pulsante, ma i backup più vecchi possono essere ripristinati solo manualmente. Dopo il ripristino, effettuare un controllo di integrità sul database per sicurezza, nel caso in cui il db fosse attualmente in accesso di scrittura quando è stato creato il backup.", + "Maintenance_Tool_unlockFields_selecteddev": "Sblocca i campi del dispositivo", + "Maintenance_Tool_unlockFields_selecteddev_noti": "Sblocca campi", "Maintenance_Tool_upgrade_database_noti": "Aggiorna database", "Maintenance_Tool_upgrade_database_noti_text": "Sei sicuro di voler aggiornare il database?
(forse preferisci archiviarlo)", "Maintenance_Tool_upgrade_database_text": "Questo pulsante aggiornerà il database per abilitare il grafico dell'attività di rete nelle ultime 12 ore. Esegui il backup del database in caso di problemi.", @@ -601,7 +615,7 @@ "REPORT_MAIL_description": "Se abilitato, viene inviata un'e-mail con un elenco delle modifiche a cui sei iscritto. Compila anche tutte le restanti impostazioni relative alla configurazione SMTP. In caso di problemi, imposta LOG_LEVEL su debug e controlla il log degli errori.", "REPORT_MAIL_name": "Abilita e-mail", "REPORT_TITLE": "Rapporto", - "RandomMAC_hover": "Rilevato automaticamente: indica se il dispositivo genera casualmente il suo indirizzo MAC. Puoi escludere MAC specifici con l'impostazione UI_NOT_RANDOM_MAC. Fai clic per saperne di più.", + "RandomMAC_hover": "Questo dispositivo ha un indirizzo MAC casuale", "Reports_Sent_Log": "Log rapporti inviati", "SCAN_SUBNETS_description": "La maggior parte degli scanner di rete (ARP-SCAN, NMAP, NSLOOKUP, DIG) si basano sulla scansione di interfacce di rete e sottoreti specifiche. Consulta la documentazione sulle sottoreti per assistenza su questa impostazione, in particolare VLAN, quali VLAN sono supportate o come individuare la maschera di rete e l'interfaccia.

Un'alternativa agli scanner in rete è abilitare altri scanner/importatori di dispositivi che non si affidano a NetAlertX che hanno accesso alla rete (UNIFI, dhcp.leases , PiHole, ecc.).

Nota: il tempo di scansione stesso dipende dal numero di indirizzi IP da controllare, quindi impostalo attentamente con la maschera di rete e l'interfaccia appropriate.", "SCAN_SUBNETS_name": "Reti da scansionare", @@ -609,7 +623,7 @@ "Setting_Override": "Sovrascrivi valore", "Setting_Override_Description": "L'abilitazione di questa opzione sovrascriverà il valore predefinito fornito dall'app con il valore specificato sopra.", "Settings_Metadata_Toggle": "Mostra/nascondi i metadati per l'impostazione specificata.", - "Settings_Show_Description": "Mostra descrizione dell'impostazione.", + "Settings_Show_Description": "Mostra descrizione", "Settings_device_Scanners_desync": "⚠ Le pianificazioni dello scanner del dispositivo non sono sincronizzate.", "Settings_device_Scanners_desync_popup": "Gli orari degli scanner dei dispositivi (*_RUN_SCHD) non sono gli stessi. Questo comporterà notifiche online/offline incoerenti del dispositivo. A meno che ciò non sia previsto, utilizza la stessa pianificazione per tutti gli 🔍 scanner dispositivi abilitati.", "Speedtest_Results": "Risultati test di velocità", @@ -775,4 +789,4 @@ "settings_system_label": "Sistema", "settings_update_item_warning": "Aggiorna il valore qui sotto. Fai attenzione a seguire il formato precedente. La convalida non viene eseguita.", "test_event_tooltip": "Salva le modifiche prima di provare le nuove impostazioni." -} \ No newline at end of file +} diff --git a/front/php/templates/language/ja_jp.json b/front/php/templates/language/ja_jp.json index 55f7cb4d2..2c00ce591 100644 --- a/front/php/templates/language/ja_jp.json +++ b/front/php/templates/language/ja_jp.json @@ -198,7 +198,7 @@ "DevDetail_button_Save": "保存", "DeviceEdit_ValidMacIp": "有効なMacIPアドレスを入力します.", "Device_MultiEdit": "マルチエディタ", - "Device_MultiEdit_Backup": "注意:以下の項目に誤った値を入力すると設定が破損します。まずデータベースまたはデバイスの設定をバックアップしてください(クリックしてダウンロード)。このファイルからデバイスを復元する方法については、バックアップのドキュメントを参照してください。変更を適用するには、更新したい各フィールドの保存アイコンをクリックしてください。", + "Device_MultiEdit_Backup": "注意:以下の項目に誤った値を入力すると設定が破損します。まずデータベースまたはデバイスの設定をバックアップしてください(クリックしてダウンロード)。このファイルからデバイスを復元する方法については、バックアップのドキュメントを参照してください。変更を適用するには、更新したい各フィールドの保存アイコンをクリックしてください。", "Device_MultiEdit_Fields": "フィールドの編集:", "Device_MultiEdit_MassActions": "大量のアクション:", "Device_MultiEdit_No_Devices": "デバイスが選択されていません。", @@ -226,6 +226,8 @@ "Device_TableHead_FirstSession": "初回セッション", "Device_TableHead_GUID": "GUID", "Device_TableHead_Group": "グループ", + "Device_TableHead_IPv4": "", + "Device_TableHead_IPv6": "", "Device_TableHead_Icon": "アイコン", "Device_TableHead_LastIP": "直近のIP", "Device_TableHead_LastIPOrder": "直近のIP順", @@ -249,6 +251,7 @@ "Device_TableHead_SyncHubNodeName": "同期ノード", "Device_TableHead_Type": "種別", "Device_TableHead_Vendor": "ベンダー", + "Device_TableHead_Vlan": "", "Device_Table_Not_Network_Device": "ネットワーク機器として構成されていない", "Device_Table_info": "_START_~_END_を表示 / _TOTAL_ 件中", "Device_Table_nav_next": "次", @@ -300,6 +303,7 @@ "FieldLock_Error": "", "FieldLock_Lock_Tooltip": "", "FieldLock_Locked": "", + "FieldLock_SaveBeforeLocking": "", "FieldLock_Source_Label": "", "FieldLock_Unlock_Tooltip": "", "FieldLock_Unlocked": "", @@ -410,6 +414,10 @@ "Maintenance_Tool_ImportPastedConfig": "設定のインポート(貼り付け)", "Maintenance_Tool_ImportPastedConfig_noti_text": "貼り付けた設定を本当にインポートしますか?これによりapp.confファイルが完全に上書きされます。", "Maintenance_Tool_ImportPastedConfig_text": "アプリケーション設定をすべて含むapp.confファイルをインポートします。まず設定のエクスポートで現在のapp.confファイルをダウンロードすることをお勧めします。", + "Maintenance_Tool_UnlockFields": "", + "Maintenance_Tool_UnlockFields_noti": "", + "Maintenance_Tool_UnlockFields_noti_text": "", + "Maintenance_Tool_UnlockFields_text": "", "Maintenance_Tool_arpscansw": "arpスキャンの切り替え(オン/オフ)", "Maintenance_Tool_arpscansw_noti": "arpスキャンをオンまたはオフにする", "Maintenance_Tool_arpscansw_noti_text": "スキャンをオフにした場合、再度有効化されるまでオフのままとなります。", @@ -419,6 +427,9 @@ "Maintenance_Tool_backup_noti_text": "データベースのバックアップを実行してもよろしいですか? 現在スキャンが実行されていないことを確認してください。", "Maintenance_Tool_backup_text": "データベースのバックアップは、作成日をファイル名としたzipアーカイブとしてデータベースディレクトリ内に配置されます。バックアップの最大数は存在しません。", "Maintenance_Tool_check_visible": "チェックを外すと列を非表示にします。", + "Maintenance_Tool_clearSourceFields_selected": "", + "Maintenance_Tool_clearSourceFields_selected_noti": "", + "Maintenance_Tool_clearSourceFields_selected_text": "", "Maintenance_Tool_darkmode": "モード切替(ダーク/ライト)", "Maintenance_Tool_darkmode_noti": "モード切替", "Maintenance_Tool_darkmode_noti_text": "テーマ変更後、変更を有効化するためにページを再読み込みします。必要に応じて、キャッシュをクリアする必要があります。", @@ -449,6 +460,7 @@ "Maintenance_Tool_del_unknowndev_noti": "(Unknown)のデバイスを削除", "Maintenance_Tool_del_unknowndev_noti_text": "すべての(Unknown)のデバイスと(name not found)のデバイスを削除してもよろしいですか?", "Maintenance_Tool_del_unknowndev_text": "この機能を使用する前に、必ずバックアップを作成してください。削除操作は元に戻せません。データベースから(Unknown)という名前のデバイスをすべて削除します。", + "Maintenance_Tool_del_unlockFields_selecteddev_text": "", "Maintenance_Tool_displayed_columns_text": "デバイスページの列の表示状態と順序を変更します。", "Maintenance_Tool_drag_me": "ドラッグして列を並べ替え。", "Maintenance_Tool_order_columns_text": "Maintenance_Tool_order_columns_text", @@ -460,6 +472,8 @@ "Maintenance_Tool_restore_noti": "DB復元", "Maintenance_Tool_restore_noti_text": "データベースの復元を実行してもよろしいですか? 現在スキャンが実行されていないことを確認してください。", "Maintenance_Tool_restore_text": "最新のバックアップはボタンから復元できますが、それ以前のバックアップは手動でのみ復元可能です。復元後は、バックアップ作成時にデータベースが書き込まれていた場合に備え、安全のためデータベースの整合性チェックを実施してください。", + "Maintenance_Tool_unlockFields_selecteddev": "", + "Maintenance_Tool_unlockFields_selecteddev_noti": "", "Maintenance_Tool_upgrade_database_noti": "データベースアップグレード", "Maintenance_Tool_upgrade_database_noti_text": "データベースをアップグレードしてもよろしいですか?
(アーカイブすることをお勧めします)", "Maintenance_Tool_upgrade_database_text": "このボタンをクリックすると、データベースがアップグレードされ、過去12時間のネットワーク活動チャートが表示可能になります。問題発生に備え、データベースのバックアップを必ず行ってください。", diff --git a/front/php/templates/language/nb_no.json b/front/php/templates/language/nb_no.json index cb24ee12c..e86b92003 100644 --- a/front/php/templates/language/nb_no.json +++ b/front/php/templates/language/nb_no.json @@ -198,7 +198,7 @@ "DevDetail_button_Save": "Lagre", "DeviceEdit_ValidMacIp": "", "Device_MultiEdit": "Multiredigering", - "Device_MultiEdit_Backup": "Forsiktig, hvis du legger inn feil verdier nedenfor, vil oppsettet ditt ødelegges. Ta sikkerhetskopi av databasen eller enhetskonfigurasjonen først (klikk for å laste ned ). Les hvordan du gjenoppretter enheter fra denne filen i Sikkerhetskopierings dokumentasjon.", + "Device_MultiEdit_Backup": "Forsiktig, hvis du legger inn feil verdier nedenfor, vil oppsettet ditt ødelegges. Ta sikkerhetskopi av databasen eller enhetskonfigurasjonen først (klikk for å laste ned ). Les hvordan du gjenoppretter enheter fra denne filen i Sikkerhetskopierings dokumentasjon.", "Device_MultiEdit_Fields": "Rediger felt:", "Device_MultiEdit_MassActions": "Flerhandlinger:", "Device_MultiEdit_No_Devices": "", @@ -226,6 +226,8 @@ "Device_TableHead_FirstSession": "Første Økt", "Device_TableHead_GUID": "GUID", "Device_TableHead_Group": "Gruppe", + "Device_TableHead_IPv4": "", + "Device_TableHead_IPv6": "", "Device_TableHead_Icon": "Ikon", "Device_TableHead_LastIP": "Siste IP", "Device_TableHead_LastIPOrder": "Siste IP Rekkefølge", @@ -249,6 +251,7 @@ "Device_TableHead_SyncHubNodeName": "Synkroniser Node", "Device_TableHead_Type": "Type", "Device_TableHead_Vendor": "Leverandør", + "Device_TableHead_Vlan": "", "Device_Table_Not_Network_Device": "Ikke konfigurert som en nettverksenhet", "Device_Table_info": "Showing _START_ to _END_ of _TOTAL_ entries", "Device_Table_nav_next": "Neste", @@ -300,6 +303,7 @@ "FieldLock_Error": "", "FieldLock_Lock_Tooltip": "", "FieldLock_Locked": "", + "FieldLock_SaveBeforeLocking": "", "FieldLock_Source_Label": "", "FieldLock_Unlock_Tooltip": "", "FieldLock_Unlocked": "", @@ -410,6 +414,10 @@ "Maintenance_Tool_ImportPastedConfig": "", "Maintenance_Tool_ImportPastedConfig_noti_text": "", "Maintenance_Tool_ImportPastedConfig_text": "", + "Maintenance_Tool_UnlockFields": "", + "Maintenance_Tool_UnlockFields_noti": "", + "Maintenance_Tool_UnlockFields_noti_text": "", + "Maintenance_Tool_UnlockFields_text": "", "Maintenance_Tool_arpscansw": "Slå arp-Scan (på/av)", "Maintenance_Tool_arpscansw_noti": "Slå arp-Scan på eller av", "Maintenance_Tool_arpscansw_noti_text": "Når skanningen er slått av, forblir den slått av til den aktiveres igjen.", @@ -419,6 +427,9 @@ "Maintenance_Tool_backup_noti_text": "Er du sikker på at du vil kjøre Database Sikkerhetskopiering? Pass på at ingen skanning kjører for øyeblikket.", "Maintenance_Tool_backup_text": "Databasesikkerhetskopiene er plassert i databasekatalogen som et zip-arkiv, navngitt med opprettelsesdatoen. Det er ikke noe maksimalt antall sikkerhetskopier.", "Maintenance_Tool_check_visible": "Fjern merket for å skjule kolonne.", + "Maintenance_Tool_clearSourceFields_selected": "", + "Maintenance_Tool_clearSourceFields_selected_noti": "", + "Maintenance_Tool_clearSourceFields_selected_text": "", "Maintenance_Tool_darkmode": "Bytt Modus (mørk/lys)", "Maintenance_Tool_darkmode_noti": "Bytt Modus", "Maintenance_Tool_darkmode_noti_text": "Etter tema bytte, prøver siden å laste seg inn på nytt for å aktivere endringen. Om nødvendig må hurtigbufferen tømmes.", @@ -449,6 +460,7 @@ "Maintenance_Tool_del_unknowndev_noti": "Slett (ukjente) Enheter", "Maintenance_Tool_del_unknowndev_noti_text": "Er du sikker på at du vil slette alle (ukjente) og (navn ikke funnet) enheter?", "Maintenance_Tool_del_unknowndev_text": "Før du bruker denne funksjonen, vennligst ta en sikkerhetskopi. Slettingen kan ikke angres. Alle enheter som heter (ukjent) vil bli slettet fra databasen.", + "Maintenance_Tool_del_unlockFields_selecteddev_text": "", "Maintenance_Tool_displayed_columns_text": "Endre synligheten og rekkefølgen på kolonnene i Enheter siden.", "Maintenance_Tool_drag_me": "Dra meg for å endre rekkefølge på kolonner.", "Maintenance_Tool_order_columns_text": "Maintenance_Tool_order_columns_text", @@ -460,6 +472,8 @@ "Maintenance_Tool_restore_noti": "Gjenopprett DB", "Maintenance_Tool_restore_noti_text": "Er du sikker på at du vil utføre DB-gjenopprettingen? Forsikre deg om at ingen skanning kjører for øyeblikket.", "Maintenance_Tool_restore_text": "Den siste sikkerhetskopien kan gjenopprettes via knappen, men eldre sikkerhetskopier kan bare gjenopprettes manuelt. Etter gjenoppretting, gjør du en integritetskontroll på databasen for sikkerhet, i tilfelle DB for øyeblikket var i skrivetilgang da sikkerhetskopien ble opprettet.", + "Maintenance_Tool_unlockFields_selecteddev": "", + "Maintenance_Tool_unlockFields_selecteddev_noti": "", "Maintenance_Tool_upgrade_database_noti": "Oppgrader databasen", "Maintenance_Tool_upgrade_database_noti_text": "Er du sikker på at du vil oppgradere databasen?
(kanskje du foretrekker å arkivere den)", "Maintenance_Tool_upgrade_database_text": "Denne knappen vil oppgradere databasen for å aktivere nettverksaktiviteten i løpet av de siste 12 timene. Vennligst ta en sikkerhetskopi av databasen din i tilfelle det oppstår problemer.", diff --git a/front/php/templates/language/pl_pl.json b/front/php/templates/language/pl_pl.json index 6bd19942e..877376bd6 100644 --- a/front/php/templates/language/pl_pl.json +++ b/front/php/templates/language/pl_pl.json @@ -198,7 +198,7 @@ "DevDetail_button_Save": "Zapisz", "DeviceEdit_ValidMacIp": "Wprowadź poprawny adres MAC oraz adres IP.", "Device_MultiEdit": "Edycja zbiorcza", - "Device_MultiEdit_Backup": "Uwaga, wprowadzenie niepoprawnych wartości poniżej może uszkodzić Twoją konfigurację. Najpierw wykonaj kopię zapasową bazy danych lub konfiguracji urządzeń (kliknij, aby pobrać ). Instrukcje odzyskiwania urządzeń z tego pliku znajdziesz w dokumentacji kopii zapasowych. Aby zastosować zmiany, kliknij ikonę Zapisz przy każdym polu, które chcesz zaktualizować.", + "Device_MultiEdit_Backup": "Uwaga, wprowadzenie niepoprawnych wartości poniżej może uszkodzić Twoją konfigurację. Najpierw wykonaj kopię zapasową bazy danych lub konfiguracji urządzeń (kliknij, aby pobrać ). Instrukcje odzyskiwania urządzeń z tego pliku znajdziesz w dokumentacji kopii zapasowych. Aby zastosować zmiany, kliknij ikonę Zapisz przy każdym polu, które chcesz zaktualizować.", "Device_MultiEdit_Fields": "Edytuj pola:", "Device_MultiEdit_MassActions": "Operacje zbiorcze:", "Device_MultiEdit_No_Devices": "", @@ -226,6 +226,8 @@ "Device_TableHead_FirstSession": "Pierwsza sesja", "Device_TableHead_GUID": "GUID", "Device_TableHead_Group": "Grupa", + "Device_TableHead_IPv4": "", + "Device_TableHead_IPv6": "", "Device_TableHead_Icon": "Ikona", "Device_TableHead_LastIP": "Ostatni adres IP", "Device_TableHead_LastIPOrder": "Kolejność ostatniego adresu IP", @@ -249,6 +251,7 @@ "Device_TableHead_SyncHubNodeName": "Węzeł synchronizacji", "Device_TableHead_Type": "Typ", "Device_TableHead_Vendor": "Producent", + "Device_TableHead_Vlan": "", "Device_Table_Not_Network_Device": "Nie skonfigurowano jako urządzenie sieciowe", "Device_Table_info": "Pokazuje _START_ do _END_ z _TOTAL_ wpisów", "Device_Table_nav_next": "Następna", @@ -300,6 +303,7 @@ "FieldLock_Error": "", "FieldLock_Lock_Tooltip": "", "FieldLock_Locked": "", + "FieldLock_SaveBeforeLocking": "", "FieldLock_Source_Label": "", "FieldLock_Unlock_Tooltip": "", "FieldLock_Unlocked": "", @@ -410,6 +414,10 @@ "Maintenance_Tool_ImportPastedConfig": "Import ustawień (wklej)", "Maintenance_Tool_ImportPastedConfig_noti_text": "Czy na pewno chcesz zaimportować wklejone ustawienia konfiguracyjne? Spowoduje to całkowite nadpisanie pliku app.conf.", "Maintenance_Tool_ImportPastedConfig_text": "Importuje plik app.conf zawierający wszystkie ustawienia aplikacji. Zaleca się najpierw pobrać aktualny plik app.conf za pomocą opcji Eksport ustawień.", + "Maintenance_Tool_UnlockFields": "", + "Maintenance_Tool_UnlockFields_noti": "", + "Maintenance_Tool_UnlockFields_noti_text": "", + "Maintenance_Tool_UnlockFields_text": "", "Maintenance_Tool_arpscansw": "Przełącz skanowanie ARP (wł./wył.)", "Maintenance_Tool_arpscansw_noti": "Włącz lub wyłącz skanowanie ARP", "Maintenance_Tool_arpscansw_noti_text": "Po wyłączeniu skanowania pozostaje ono nieaktywne, dopóki nie zostanie ponownie włączone.", @@ -419,6 +427,9 @@ "Maintenance_Tool_backup_noti_text": "Czy na pewno chcesz wykonać kopię zapasową bazy danych? Upewnij się, że żadne skanowanie nie jest obecnie uruchomione.", "Maintenance_Tool_backup_text": "Kopie zapasowe bazy danych są zapisywane w katalogu bazy danych jako archiwum ZIP, nazwane zgodnie z datą utworzenia. Nie ma ustalonego limitu liczby kopii zapasowych.", "Maintenance_Tool_check_visible": "Usuń zaznaczenie, aby ukryć kolumnę.", + "Maintenance_Tool_clearSourceFields_selected": "", + "Maintenance_Tool_clearSourceFields_selected_noti": "", + "Maintenance_Tool_clearSourceFields_selected_text": "", "Maintenance_Tool_darkmode": "Przełącz tryb (Ciemny/Jasny)", "Maintenance_Tool_darkmode_noti": "Przełącz tryb", "Maintenance_Tool_darkmode_noti_text": "Po zmianie motywu strona próbuje przeładować się, aby zastosować zmiany. W razie potrzeby należy wyczyścić pamięć podręczną (cache).", @@ -449,6 +460,7 @@ "Maintenance_Tool_del_unknowndev_noti": "Usuń (nieznane) urządzenia", "Maintenance_Tool_del_unknowndev_noti_text": "Czy na pewno chcesz usunąć wszystkie urządzenia oznaczone jako (nieznane) oraz (nie znaleziono nazwy)?", "Maintenance_Tool_del_unknowndev_text": "Przed użyciem tej funkcji wykonaj kopię zapasową. Usunięcie nie może zostać cofnięte. Wszystkie urządzenia o nazwie „(nieznane)” zostaną usunięte z bazy danych.", + "Maintenance_Tool_del_unlockFields_selecteddev_text": "", "Maintenance_Tool_displayed_columns_text": "Zmień widoczność i kolejność kolumn na stronie Urządzenia.", "Maintenance_Tool_drag_me": "Przeciągnij, aby zmienić kolejność kolumn.", "Maintenance_Tool_order_columns_text": "Narzędzie_konserwacji_kolejność_kolumn_tekst", @@ -460,6 +472,8 @@ "Maintenance_Tool_restore_noti": "Przywracanie bazy danych", "Maintenance_Tool_restore_noti_text": "Czy na pewno chcesz wykonać przywracanie bazy danych? Upewnij się, że w tej chwili nie jest uruchomione żadne skanowanie.", "Maintenance_Tool_restore_text": "Najnowszą kopię zapasową można przywrócić za pomocą przycisku, ale starsze kopie można przywrócić wyłącznie ręcznie. Po zakończeniu przywracania wykonaj kontrolę integralności bazy danych, aby upewnić się, że dane są spójne — szczególnie jeśli kopia została utworzona w momencie, gdy baza danych była w trybie zapisu.", + "Maintenance_Tool_unlockFields_selecteddev": "", + "Maintenance_Tool_unlockFields_selecteddev_noti": "", "Maintenance_Tool_upgrade_database_noti": "Aktualizacja bazy danych", "Maintenance_Tool_upgrade_database_noti_text": "Czy na pewno chcesz uaktualnić bazę danych?
(Może wolisz najpierw ją zarchiwizować)", "Maintenance_Tool_upgrade_database_text": "Ten przycisk uaktualni bazę danych, aby włączyć wykres aktywności sieci z ostatnich 12 godzin. Przed kontynuacją wykonaj kopię zapasową bazy danych na wypadek problemów.", diff --git a/front/php/templates/language/pt_br.json b/front/php/templates/language/pt_br.json index a194c6570..5adbb5cda 100644 --- a/front/php/templates/language/pt_br.json +++ b/front/php/templates/language/pt_br.json @@ -198,7 +198,7 @@ "DevDetail_button_Save": "Salvar", "DeviceEdit_ValidMacIp": "Insira um endereço Mac e IP válidos.", "Device_MultiEdit": "Edição múltipla", - "Device_MultiEdit_Backup": "Cuidado, inserir valores errados abaixo interromperá sua configuração. Faça backup do seu banco de dados ou da configuração dos dispositivos primeiro (clique para baixar ). Leia como recuperar dispositivos deste arquivo no Documentação de backups.", + "Device_MultiEdit_Backup": "Cuidado, inserir valores errados abaixo interromperá sua configuração. Faça backup do seu banco de dados ou da configuração dos dispositivos primeiro (clique para baixar ). Leia como recuperar dispositivos deste arquivo no Documentação de backups.", "Device_MultiEdit_Fields": "Editar campos:", "Device_MultiEdit_MassActions": "Ações em massa:", "Device_MultiEdit_No_Devices": "", @@ -226,6 +226,8 @@ "Device_TableHead_FirstSession": "Primeira sessão", "Device_TableHead_GUID": "GUID", "Device_TableHead_Group": "Grupo", + "Device_TableHead_IPv4": "", + "Device_TableHead_IPv6": "", "Device_TableHead_Icon": "Ícone", "Device_TableHead_LastIP": "Último IP", "Device_TableHead_LastIPOrder": "Último pedido de IP", @@ -249,6 +251,7 @@ "Device_TableHead_SyncHubNodeName": "Nó de sincronização", "Device_TableHead_Type": "Tipo", "Device_TableHead_Vendor": "Fornecedor", + "Device_TableHead_Vlan": "", "Device_Table_Not_Network_Device": "Não configurado como um dispositivo de rede", "Device_Table_info": "Mostrando _START_ de _END_ do _TOTAL_ entradas", "Device_Table_nav_next": "Próximo", @@ -300,6 +303,7 @@ "FieldLock_Error": "", "FieldLock_Lock_Tooltip": "", "FieldLock_Locked": "", + "FieldLock_SaveBeforeLocking": "", "FieldLock_Source_Label": "", "FieldLock_Unlock_Tooltip": "", "FieldLock_Unlocked": "", @@ -410,6 +414,10 @@ "Maintenance_Tool_ImportPastedConfig": "Configurações Importar (colar)", "Maintenance_Tool_ImportPastedConfig_noti_text": "Tem certeza de que deseja importar as configurações coladas? Isso irá sobrescrever completamente o arquivo app.conf.", "Maintenance_Tool_ImportPastedConfig_text": "Importa o arquivo app.conf contendo todas as configurações do aplicativo. Você pode querer baixar primeiro o arquivo app.conf com a Exportação de configurações.", + "Maintenance_Tool_UnlockFields": "", + "Maintenance_Tool_UnlockFields_noti": "", + "Maintenance_Tool_UnlockFields_noti_text": "", + "Maintenance_Tool_UnlockFields_text": "", "Maintenance_Tool_arpscansw": "Alternar arp-Scan (ligado/desligado)", "Maintenance_Tool_arpscansw_noti": "Ativar ou desativar o arp-Scan", "Maintenance_Tool_arpscansw_noti_text": "Quando o scanner é desligado, permanece desligado até ser novamente ativado.", @@ -419,6 +427,9 @@ "Maintenance_Tool_backup_noti_text": "Tem a certeza de que pretende executar a cópia de segurança da BD? Certifique-se de que não está a ser executada nenhuma verificação.", "Maintenance_Tool_backup_text": "Os backups do banco de dados estão localizados no diretório do banco de dados como um zip-archive, nomeado com a data de criação. Não há nenhum número máximo de backups.", "Maintenance_Tool_check_visible": "Desmarque para esconder a coluna.", + "Maintenance_Tool_clearSourceFields_selected": "", + "Maintenance_Tool_clearSourceFields_selected_noti": "", + "Maintenance_Tool_clearSourceFields_selected_text": "", "Maintenance_Tool_darkmode": "Modos de alternância (escuro/claro)", "Maintenance_Tool_darkmode_noti": "Modos de alternância", "Maintenance_Tool_darkmode_noti_text": "Após a mudança de tema, a página tenta recarregar-se para ativar a alteração. Se necessário, a cache deve ser limpa.", @@ -449,6 +460,7 @@ "Maintenance_Tool_del_unknowndev_noti": "Excluir (desconhecido) Dispositivos", "Maintenance_Tool_del_unknowndev_noti_text": "Tem certeza de que deseja excluir todos (desconhecido) e (nome não encontrado) dispositivos?", "Maintenance_Tool_del_unknowndev_text": "Antes de usar esta função, faça um backup. A exclusão não pode ser desfeita. Todos os dispositivos nomeados (não conhecidos) serão excluídos do banco de dados.", + "Maintenance_Tool_del_unlockFields_selecteddev_text": "", "Maintenance_Tool_displayed_columns_text": "Altere a visibilidade e a ordem das colunas na página Dispositivos.", "Maintenance_Tool_drag_me": "Arraste-me para reordenar colunas.", "Maintenance_Tool_order_columns_text": "Maintenance_Tool_order_columns_text", @@ -460,6 +472,8 @@ "Maintenance_Tool_restore_noti": "Restauração de DB", "Maintenance_Tool_restore_noti_text": "Tem a certeza de que quer executar a Restauração DB? Certifique-se de que nenhuma varredura está funcionando atualmente.", "Maintenance_Tool_restore_text": "O backup mais recente pode ser restaurado através do botão, mas os backups mais antigos só podem ser restaurados manualmente. Após a restauração, faça uma verificação de integridade no banco de dados para segurança, caso o db estivesse atualmente em acesso de gravação quando o backup foi criado.", + "Maintenance_Tool_unlockFields_selecteddev": "", + "Maintenance_Tool_unlockFields_selecteddev_noti": "", "Maintenance_Tool_upgrade_database_noti": "Atualizar a base de dados", "Maintenance_Tool_upgrade_database_noti_text": "Tem certeza de que deseja atualizar o banco de dados?
(talvez você prefira arquivá-lo)", "Maintenance_Tool_upgrade_database_text": "Este botão actualizará a base de dados para ativar o gráfico Atividade de rede nas últimas 12 horas. Faça uma cópia de segurança da sua base de dados em caso de problemas.", diff --git a/front/php/templates/language/pt_pt.json b/front/php/templates/language/pt_pt.json index f675c6735..c44b05459 100644 --- a/front/php/templates/language/pt_pt.json +++ b/front/php/templates/language/pt_pt.json @@ -226,6 +226,8 @@ "Device_TableHead_FirstSession": "Primeira sessão", "Device_TableHead_GUID": "GUID", "Device_TableHead_Group": "Grupo", + "Device_TableHead_IPv4": "", + "Device_TableHead_IPv6": "", "Device_TableHead_Icon": "Ícone", "Device_TableHead_LastIP": "Último IP", "Device_TableHead_LastIPOrder": "Último pedido de IP", @@ -249,6 +251,7 @@ "Device_TableHead_SyncHubNodeName": "Nó de sincronização", "Device_TableHead_Type": "Tipo", "Device_TableHead_Vendor": "Fornecedor", + "Device_TableHead_Vlan": "", "Device_Table_Not_Network_Device": "Não configurado como um dispositivo de rede", "Device_Table_info": "A mostrar _START_ to _END_ of _TOTAL_ entradas", "Device_Table_nav_next": "Próximo", @@ -300,6 +303,7 @@ "FieldLock_Error": "", "FieldLock_Lock_Tooltip": "", "FieldLock_Locked": "", + "FieldLock_SaveBeforeLocking": "", "FieldLock_Source_Label": "", "FieldLock_Unlock_Tooltip": "", "FieldLock_Unlocked": "", @@ -410,6 +414,10 @@ "Maintenance_Tool_ImportPastedConfig": "Configurações Importar (colar)", "Maintenance_Tool_ImportPastedConfig_noti_text": "Tem certeza de que deseja importar as configurações coladas? Isto irá sobrescrever completamente o ficheiro app.conf.", "Maintenance_Tool_ImportPastedConfig_text": "Importa o ficheiro app.conf contendo todas as configurações da aplicação. Pode descarregar primeiro o ficheiro app.conf com a Exportação de configurações.", + "Maintenance_Tool_UnlockFields": "", + "Maintenance_Tool_UnlockFields_noti": "", + "Maintenance_Tool_UnlockFields_noti_text": "", + "Maintenance_Tool_UnlockFields_text": "", "Maintenance_Tool_arpscansw": "Alternar arp-Scan (ligado/desligado)", "Maintenance_Tool_arpscansw_noti": "Ativar ou desativar o arp-Scan", "Maintenance_Tool_arpscansw_noti_text": "Quando a análise é desligada, permanece desligada até ser novamente ativada.", @@ -419,6 +427,9 @@ "Maintenance_Tool_backup_noti_text": "Tem a certeza de que pretende executar a cópia de segurança da BD? Certifique-se de que não está a ser executada nenhuma verificação.", "Maintenance_Tool_backup_text": "Os backups da base de dados estão localizadas no diretório da base de dados como um arquivo zip, nomeado com a data de criação. Não há nenhum número máximo de backups.", "Maintenance_Tool_check_visible": "Desmarque para esconder a coluna.", + "Maintenance_Tool_clearSourceFields_selected": "", + "Maintenance_Tool_clearSourceFields_selected_noti": "", + "Maintenance_Tool_clearSourceFields_selected_text": "", "Maintenance_Tool_darkmode": "Modos de alternância (escuro/claro)", "Maintenance_Tool_darkmode_noti": "Modos de alternância", "Maintenance_Tool_darkmode_noti_text": "Após a mudança de tema, a página tenta recarregar-se para ativar a alteração. Se necessário, a cache deve ser limpa.", @@ -449,6 +460,7 @@ "Maintenance_Tool_del_unknowndev_noti": "Eliminar dispositivos desconhecidos", "Maintenance_Tool_del_unknowndev_noti_text": "Tem certeza que deseja apagar todos (desconhecidos) e (nome não encontrados) dispositivos?", "Maintenance_Tool_del_unknowndev_text": "Antes de usar esta função, faça um backup. Apagar não pode ser desfeito. Todos os dispositivos nomeados (não conhecidos) serão apagados da base de dados.", + "Maintenance_Tool_del_unlockFields_selecteddev_text": "", "Maintenance_Tool_displayed_columns_text": "Altere a visibilidade e a ordem das colunas na página Dispositivos.", "Maintenance_Tool_drag_me": "Arraste-me para reordenar colunas.", "Maintenance_Tool_order_columns_text": "Maintenance_Tool_order_columns_text", @@ -460,6 +472,8 @@ "Maintenance_Tool_restore_noti": "Restauração de DB", "Maintenance_Tool_restore_noti_text": "Tem a certeza de que quer executar a Restauração DB? Certifique-se de que nenhuma varredura funciona atualmente.", "Maintenance_Tool_restore_text": "O backup mais recente pode ser restaurado através do botão, mas os backups mais antigos só podem ser restaurados manualmente. Após a restauração, faça uma verificação de integridade na base de dados para segurança, caso o db estivesse atualmente em acesso de gravação quando o backup foi criado.", + "Maintenance_Tool_unlockFields_selecteddev": "", + "Maintenance_Tool_unlockFields_selecteddev_noti": "", "Maintenance_Tool_upgrade_database_noti": "Atualizar a base de dados", "Maintenance_Tool_upgrade_database_noti_text": "Tem certeza de que deseja atualizar a base de dados?
(talvez prefira arquivá-la)", "Maintenance_Tool_upgrade_database_text": "Este botão atualizará a base de dados para ativar o gráfico Atividade de rede nas últimas 12 horas. Faça uma cópia de segurança da sua base de dados em caso de problemas.", diff --git a/front/php/templates/language/ru_ru.json b/front/php/templates/language/ru_ru.json index 595ed3473..8386626e1 100644 --- a/front/php/templates/language/ru_ru.json +++ b/front/php/templates/language/ru_ru.json @@ -98,10 +98,10 @@ "DevDetail_MainInfo_Network": " Узел (MAC)", "DevDetail_MainInfo_Network_Port": " Порт", "DevDetail_MainInfo_Network_Site": "Сайт", - "DevDetail_MainInfo_Network_Title": "Сеть", + "DevDetail_MainInfo_Network_Title": "Сведения о сети", "DevDetail_MainInfo_Owner": "Владелец", "DevDetail_MainInfo_SSID": "SSID", - "DevDetail_MainInfo_Title": "Основное", + "DevDetail_MainInfo_Title": "Информация об устройстве", "DevDetail_MainInfo_Type": "Тип", "DevDetail_MainInfo_Vendor": "Поставщик", "DevDetail_MainInfo_mac": "MAC адрес", @@ -198,15 +198,15 @@ "DevDetail_button_Save": "Сохранить", "DeviceEdit_ValidMacIp": "Введите действительный Mac и IP адрес.", "Device_MultiEdit": "Мультиредакт", - "Device_MultiEdit_Backup": "Будьте осторожны: ввод неправильных значений ниже приведет к поломке вашей настройки. Сначала сделайте резервную копию базы данных или конфигурации устройств (нажмите для загрузки ). О том, как восстановить Устройства из этого файла, читайте в разделе Документация о резервном копировании. Чтобы применить свои изменения, нажмите на значок Сохранить в каждом поле, которое вы хотите обновить.", + "Device_MultiEdit_Backup": "Будьте осторожны: ввод неправильных значений ниже приведет к поломке вашей настройки. Сначала сделайте резервную копию базы данных или конфигурации устройств (нажмите для загрузки ). О том, как восстановить Устройства из этого файла, читайте в разделе Документация о резервном копировании. Чтобы применить свои изменения, нажмите на значок Сохранить в каждом поле, которое вы хотите обновить.", "Device_MultiEdit_Fields": "Редактировать поля:", "Device_MultiEdit_MassActions": "Массовые действия:", "Device_MultiEdit_No_Devices": "Устройства не выбраны.", "Device_MultiEdit_Tooltip": "Осторожно. При нажатии на эту кнопку значение слева будет применено ко всем устройствам, выбранным выше.", - "Device_Save_Failed": "", - "Device_Save_Unauthorized": "", - "Device_Saved_Success": "", - "Device_Saved_Unexpected": "", + "Device_Save_Failed": "Не удалось сохранить устройство", + "Device_Save_Unauthorized": "Не авторизован - недействительный токен API", + "Device_Saved_Success": "Устройство успешно сохранено", + "Device_Saved_Unexpected": "Обновление устройства дало неожиданный ответ", "Device_Searchbox": "Поиск", "Device_Shortcut_AllDevices": "Мои устройства", "Device_Shortcut_AllNodes": "Все узлы", @@ -226,6 +226,8 @@ "Device_TableHead_FirstSession": "Первый сеанс", "Device_TableHead_GUID": "GUID", "Device_TableHead_Group": "Группа", + "Device_TableHead_IPv4": "IPv4", + "Device_TableHead_IPv6": "IPv6", "Device_TableHead_Icon": "Значок", "Device_TableHead_LastIP": "Последний IP", "Device_TableHead_LastIPOrder": "Последний IP-запрос", @@ -249,6 +251,7 @@ "Device_TableHead_SyncHubNodeName": "Узел синхронизации", "Device_TableHead_Type": "Тип", "Device_TableHead_Vendor": "Поставщик", + "Device_TableHead_Vlan": "VLAN", "Device_Table_Not_Network_Device": "Не настроено как сетевое устройство", "Device_Table_info": "Показаны с _START_ по _END_ из _TOTAL_ записей", "Device_Table_nav_next": "Следующая", @@ -296,13 +299,14 @@ "Events_Tablelenght": "Показать _MENU_ записей", "Events_Tablelenght_all": "Все", "Events_Title": "События", - "FakeMAC_hover": "Автоопределение — указывает, использует ли устройство ПОДДЕЛЬНЫЙ MAC-адрес (начинающийся с FA:CE или 00:1A), обычно создаваемый плагином, который не может обнаружить настоящий MAC-адрес, или при создании фиктивного устройства.", - "FieldLock_Error": "", - "FieldLock_Lock_Tooltip": "", - "FieldLock_Locked": "", - "FieldLock_Source_Label": "", - "FieldLock_Unlock_Tooltip": "", - "FieldLock_Unlocked": "", + "FakeMAC_hover": "Это устройство имеет поддельный MAC-адрес", + "FieldLock_Error": "Ошибка при обновлении статуса блокировки поля", + "FieldLock_Lock_Tooltip": "Заблокировать поле (предотвратить перезапись плагином)", + "FieldLock_Locked": "Поле заблокировано", + "FieldLock_SaveBeforeLocking": "Сохранить изменения перед блокировкой", + "FieldLock_Source_Label": "Источник: ", + "FieldLock_Unlock_Tooltip": "Разблокировать поле (разрешить перезапись плагином)", + "FieldLock_Unlocked": "Поле разблокировано", "GRAPHQL_PORT_description": "Номер порта сервера GraphQL. Убедитесь, что порт уникален для всех ваших приложений на этом хосте и экземпляров NetAlertX.", "GRAPHQL_PORT_name": "Порт GraphQL", "Gen_Action": "Действия", @@ -410,6 +414,10 @@ "Maintenance_Tool_ImportPastedConfig": "Импорт настроек (вставка)", "Maintenance_Tool_ImportPastedConfig_noti_text": "Вы уверены, что хотите импортировать вставленные настройки конфигурации? Это полностью перезапишет файл app.conf.", "Maintenance_Tool_ImportPastedConfig_text": "Импорт файла app.conf, содержащего все настройки приложения. Возможно, вам захочется сначала загрузить текущий файл app.conf с помощью команды Экспорт настроек.", + "Maintenance_Tool_UnlockFields": "Разблокировать поля устройства", + "Maintenance_Tool_UnlockFields_noti": "Разблокировать поля устройства", + "Maintenance_Tool_UnlockFields_noti_text": "Вы уверены, что хотите очистить все исходные значения (LOCKED/USER) для всех полей на всех устройствах? Это действие нельзя отменить.", + "Maintenance_Tool_UnlockFields_text": "Этот инструмент удалит все исходные значения из всех отслеживаемых полей для всех устройств, эффективно разблокировав все поля для плагинов и пользователей. Используйте его с осторожностью, так как это повлияет на весь ваш парк устройств.", "Maintenance_Tool_arpscansw": "Переключить arp-скан (ВКЛ./ВЫКЛ.)", "Maintenance_Tool_arpscansw_noti": "Включить или выключить arp-скан", "Maintenance_Tool_arpscansw_noti_text": "Когда сканирование было выключено, оно остается выключенным до тех пор, пока не будет активировано снова.", @@ -419,6 +427,9 @@ "Maintenance_Tool_backup_noti_text": "Вы уверены, что хотите выполнить резервное копирование БД? Убедитесь, что в данный момент сканирование не выполняется.", "Maintenance_Tool_backup_text": "Резервные копии базы данных располагаются в каталоге базы данных в виде zip-архива, имя которого соответствует дате создания. Максимального количества резервных копий не существует.", "Maintenance_Tool_check_visible": "Снимите флажок, чтобы скрыть столбец.", + "Maintenance_Tool_clearSourceFields_selected": "Очистить поля источника", + "Maintenance_Tool_clearSourceFields_selected_noti": "Очистить источники", + "Maintenance_Tool_clearSourceFields_selected_text": "Это очистит все поля источника выбранных устройств. Это действие нельзя отменить.", "Maintenance_Tool_darkmode": "Тема (Темная/Светлая)", "Maintenance_Tool_darkmode_noti": "Переключение режимов", "Maintenance_Tool_darkmode_noti_text": "После переключения темы страница пытается перезагрузиться, чтобы активировать изменение. При необходимости кэш необходимо очистить.", @@ -449,6 +460,7 @@ "Maintenance_Tool_del_unknowndev_noti": "Удалить неизвест. устр-ва", "Maintenance_Tool_del_unknowndev_noti_text": "Вы уверены, что хотите удалить все (неизвестные) и (имя не найдено) устройства?", "Maintenance_Tool_del_unknowndev_text": "Прежде чем использовать эту функцию, сделайте резервную копию. Удаление невозможно отменить. Все названные устройства (неизвестные) будут удалены из базы данных.", + "Maintenance_Tool_del_unlockFields_selecteddev_text": "Это разблокирует поля LOCKED/USER выбранных устройств. Это действие нельзя отменить.", "Maintenance_Tool_displayed_columns_text": "Измените видимость и порядок столбцов на странице Устройства.", "Maintenance_Tool_drag_me": "Перетащите элемент, чтобы изменить порядок столбцов.", "Maintenance_Tool_order_columns_text": "Maintenance_Tool_order_columns_text", @@ -460,6 +472,8 @@ "Maintenance_Tool_restore_noti": "Восстановление БД", "Maintenance_Tool_restore_noti_text": "Вы уверены, что хотите выполнить восстановление БД? Убедитесь, что в данный момент сканирование не выполняется.", "Maintenance_Tool_restore_text": "Последнюю резервную копию можно восстановить с помощью кнопки, но более старые резервные копии можно восстановить только вручную. После восстановления выполните проверку целостности базы данных на предмет безопасности, если база данных в данный момент находилась в режиме записи при создании резервной копии.", + "Maintenance_Tool_unlockFields_selecteddev": "Разблокировать поля устройства", + "Maintenance_Tool_unlockFields_selecteddev_noti": "Разблокировать поля", "Maintenance_Tool_upgrade_database_noti": "Обновить базу данных", "Maintenance_Tool_upgrade_database_noti_text": "Вы уверены, что хотите обновить базу данных?
(возможно, вы предпочитаете заархивировать ее)", "Maintenance_Tool_upgrade_database_text": "Эта кнопка обновит базу данных, чтобы включить график сетевой активности за последние 12 часов. Пожалуйста, сделайте резервную копию вашей базы данных на случай возникновения проблем.", @@ -601,7 +615,7 @@ "REPORT_MAIL_description": "Если эта функция включена, по электронной почте будет отправлено письмо со списком изменений, на которые вы подписались. Пожалуйста, также заполните все остальные настройки, связанные с настройкой SMTP, ниже. Если возникли проблемы, установите для LOG_LEVEL значение debug и проверьте журнал ошибок.", "REPORT_MAIL_name": "Включить эл. почту", "REPORT_TITLE": "Отчет", - "RandomMAC_hover": "Автоматически обнаружено — указывает, рандомизирует ли устройство свой MAC-адрес. Вы можете исключить конкретные MAC-адреса с помощью настройки UI_NOT_RANDOM_MAC. Нажмите, чтобы узнать больше.", + "RandomMAC_hover": "Это устройство имеет случайный MAC-адрес", "Reports_Sent_Log": "Отправленные уведомления", "SCAN_SUBNETS_description": "Большинство сетевых сканеров (ARP-SCAN, NMAP, NSLOOKUP, DIG) полагаются на сканирование определенных сетевых интерфейсов и подсетей. Дополнительную информацию по этому параметру можно найти в документации по подсетям, особенно VLAN, какие VLAN поддерживаются или как разобраться в маске сети и своем интерфейсе.

Альтернативой сетевым сканерам является включение некоторых других сканеров/импортеров устройств, которые не полагаются на NetAlertX, имеющий доступ к сети (UNIFI, dhcp.leases , PiHole и др.).

Примечание. Само время сканирования зависит от количества проверяемых IP-адресов, поэтому тщательно настройте его, указав соответствующую маску сети и интерфейс.", "SCAN_SUBNETS_name": "Сети для сканирования", @@ -609,7 +623,7 @@ "Setting_Override": "Переопределить значение", "Setting_Override_Description": "Включение этой опции приведет к переопределению значения по умолчанию, предоставленного приложением, на значение, указанное выше.", "Settings_Metadata_Toggle": "Показать/скрыть метаданные для данного параметра.", - "Settings_Show_Description": "Показать описание настройки.", + "Settings_Show_Description": "Показать описание", "Settings_device_Scanners_desync": "⚠ Расписания сканера устройств не синхронизированы.", "Settings_device_Scanners_desync_popup": "Расписания сканеров устройств (*_RUN_SCHD) не совпадают. Это приведет к несогласованным онлайн/оффлайн уведомлениям устройства. Если это не предусмотрено, используйте одно и то же расписание для всех включенных 🔍Сканеров устройств.", "Speedtest_Results": "Результаты теста скорости", @@ -775,4 +789,4 @@ "settings_system_label": "Система", "settings_update_item_warning": "Обновить значение ниже. Будьте осторожны, следуя предыдущему формату. Проверка не выполняется.", "test_event_tooltip": "Сначала сохраните изменения, прежде чем проверять настройки." -} \ No newline at end of file +} diff --git a/front/php/templates/language/sv_sv.json b/front/php/templates/language/sv_sv.json index dc384feff..74024c1d9 100644 --- a/front/php/templates/language/sv_sv.json +++ b/front/php/templates/language/sv_sv.json @@ -226,6 +226,8 @@ "Device_TableHead_FirstSession": "", "Device_TableHead_GUID": "", "Device_TableHead_Group": "", + "Device_TableHead_IPv4": "", + "Device_TableHead_IPv6": "", "Device_TableHead_Icon": "", "Device_TableHead_LastIP": "", "Device_TableHead_LastIPOrder": "", @@ -249,6 +251,7 @@ "Device_TableHead_SyncHubNodeName": "", "Device_TableHead_Type": "", "Device_TableHead_Vendor": "", + "Device_TableHead_Vlan": "", "Device_Table_Not_Network_Device": "", "Device_Table_info": "", "Device_Table_nav_next": "", @@ -300,6 +303,7 @@ "FieldLock_Error": "", "FieldLock_Lock_Tooltip": "", "FieldLock_Locked": "", + "FieldLock_SaveBeforeLocking": "", "FieldLock_Source_Label": "", "FieldLock_Unlock_Tooltip": "", "FieldLock_Unlocked": "", @@ -410,6 +414,10 @@ "Maintenance_Tool_ImportPastedConfig": "", "Maintenance_Tool_ImportPastedConfig_noti_text": "", "Maintenance_Tool_ImportPastedConfig_text": "", + "Maintenance_Tool_UnlockFields": "", + "Maintenance_Tool_UnlockFields_noti": "", + "Maintenance_Tool_UnlockFields_noti_text": "", + "Maintenance_Tool_UnlockFields_text": "", "Maintenance_Tool_arpscansw": "", "Maintenance_Tool_arpscansw_noti": "", "Maintenance_Tool_arpscansw_noti_text": "", @@ -419,6 +427,9 @@ "Maintenance_Tool_backup_noti_text": "", "Maintenance_Tool_backup_text": "", "Maintenance_Tool_check_visible": "", + "Maintenance_Tool_clearSourceFields_selected": "", + "Maintenance_Tool_clearSourceFields_selected_noti": "", + "Maintenance_Tool_clearSourceFields_selected_text": "", "Maintenance_Tool_darkmode": "", "Maintenance_Tool_darkmode_noti": "", "Maintenance_Tool_darkmode_noti_text": "", @@ -449,6 +460,7 @@ "Maintenance_Tool_del_unknowndev_noti": "", "Maintenance_Tool_del_unknowndev_noti_text": "", "Maintenance_Tool_del_unknowndev_text": "", + "Maintenance_Tool_del_unlockFields_selecteddev_text": "", "Maintenance_Tool_displayed_columns_text": "", "Maintenance_Tool_drag_me": "", "Maintenance_Tool_order_columns_text": "", @@ -460,6 +472,8 @@ "Maintenance_Tool_restore_noti": "", "Maintenance_Tool_restore_noti_text": "", "Maintenance_Tool_restore_text": "", + "Maintenance_Tool_unlockFields_selecteddev": "", + "Maintenance_Tool_unlockFields_selecteddev_noti": "", "Maintenance_Tool_upgrade_database_noti": "", "Maintenance_Tool_upgrade_database_noti_text": "", "Maintenance_Tool_upgrade_database_text": "", diff --git a/front/php/templates/language/tr_tr.json b/front/php/templates/language/tr_tr.json index 522b64758..3d54e46ca 100644 --- a/front/php/templates/language/tr_tr.json +++ b/front/php/templates/language/tr_tr.json @@ -198,7 +198,7 @@ "DevDetail_button_Save": "Kaydet", "DeviceEdit_ValidMacIp": "Geçerli bir Mac ve IP adresi girin.", "Device_MultiEdit": "Çoklu Düzenleme", - "Device_MultiEdit_Backup": "Dikkat, aşağıya yanlış değerler girmeniz yapılandırmanızı bozabilir. Lütfen önce veritabanınızı veya Cihazlar yapılandırmanızı yedekleyin (İndirmeniz için tıklayın ). Bu dosyadan Cihazları nasıl geri yükleyeceğinizi öğrenmek için Yedekleme dökümantasyonunu okuyun.", + "Device_MultiEdit_Backup": "Dikkat, aşağıya yanlış değerler girmeniz yapılandırmanızı bozabilir. Lütfen önce veritabanınızı veya Cihazlar yapılandırmanızı yedekleyin (İndirmeniz için tıklayın ). Bu dosyadan Cihazları nasıl geri yükleyeceğinizi öğrenmek için Yedekleme dökümantasyonunu okuyun.", "Device_MultiEdit_Fields": "Alanları Düzenle:", "Device_MultiEdit_MassActions": "Toplu komutlar:", "Device_MultiEdit_No_Devices": "", @@ -226,6 +226,8 @@ "Device_TableHead_FirstSession": "İlk Oturum", "Device_TableHead_GUID": "GUID", "Device_TableHead_Group": "Grup", + "Device_TableHead_IPv4": "", + "Device_TableHead_IPv6": "", "Device_TableHead_Icon": "İkon", "Device_TableHead_LastIP": "Son IP", "Device_TableHead_LastIPOrder": "Son IP Sırası", @@ -249,6 +251,7 @@ "Device_TableHead_SyncHubNodeName": "Senkronizasyon Node", "Device_TableHead_Type": "Tür", "Device_TableHead_Vendor": "Üretici", + "Device_TableHead_Vlan": "", "Device_Table_Not_Network_Device": "Ağ cihazı olarak ayarlanmadı", "Device_Table_info": "Showing _START_ to _END_ of _TOTAL_ entries", "Device_Table_nav_next": "Sonraki", @@ -300,6 +303,7 @@ "FieldLock_Error": "", "FieldLock_Lock_Tooltip": "", "FieldLock_Locked": "", + "FieldLock_SaveBeforeLocking": "", "FieldLock_Source_Label": "", "FieldLock_Unlock_Tooltip": "", "FieldLock_Unlocked": "", @@ -410,6 +414,10 @@ "Maintenance_Tool_ImportPastedConfig": "Ayarları İçe Aktar (yapıştır)", "Maintenance_Tool_ImportPastedConfig_noti_text": "Yapıştırılan yapılandırma ayarlarını içe aktarmak istediğinizden emin misiniz? Bu tamamen olacak Üzerine bu app.conf dosya.", "Maintenance_Tool_ImportPastedConfig_text": "İçe aktarır app.conf tüm uygulama Ayarlarını içeren dosya. Güncel olanı indirmek isteyebilirsiniz. app.conf Önce dosya ile Ayarlar Dışa Aktarma.", + "Maintenance_Tool_UnlockFields": "", + "Maintenance_Tool_UnlockFields_noti": "", + "Maintenance_Tool_UnlockFields_noti_text": "", + "Maintenance_Tool_UnlockFields_text": "", "Maintenance_Tool_arpscansw": "arp-Scan arasında geçiş yapın (açık/kapalı)", "Maintenance_Tool_arpscansw_noti": "arp-Scan'i açma veya kapatma", "Maintenance_Tool_arpscansw_noti_text": "Tarama kapatıldığında, tekrar etkinleştirilene kadar kapalı kalır.", @@ -419,6 +427,9 @@ "Maintenance_Tool_backup_noti_text": "DB Yedeklemesini yürütmek istediğinizden emin misiniz? Şu anda hiçbir taramanın çalışmadığından emin olun.", "Maintenance_Tool_backup_text": "Veritabanı yedekleri, veritabanı dizininde, oluşturulma tarihiyle adlandırılan bir zip arşivi olarak bulunur. Maksimum yedekleme sayısı yoktur.", "Maintenance_Tool_check_visible": "Sütunu gizlemek için işareti kaldırın.", + "Maintenance_Tool_clearSourceFields_selected": "", + "Maintenance_Tool_clearSourceFields_selected_noti": "", + "Maintenance_Tool_clearSourceFields_selected_text": "", "Maintenance_Tool_darkmode": "Modları Değiştir (Koyu/Açık)", "Maintenance_Tool_darkmode_noti": "Modları Aç/Kapat", "Maintenance_Tool_darkmode_noti_text": "Tema geçişinden sonra sayfa, değişikliği etkinleştirmek için kendini yeniden yüklemeye çalışır. Gerekirse, önbellek temizlenmelidir.", @@ -449,6 +460,7 @@ "Maintenance_Tool_del_unknowndev_noti": "(Bilinmeyen) Cihazları Sil", "Maintenance_Tool_del_unknowndev_noti_text": "Tüm (bilinmeyen) ve (ad bulunamadı) cihazları silmek istediğinizden emin misiniz?", "Maintenance_Tool_del_unknowndev_text": "Bu işlevi kullanmadan önce lütfen bir yedekleme yapın. Silme işlemi geri alınamaz. (Bilinmeyen) adlı tüm cihazlar veritabanından silinecektir.", + "Maintenance_Tool_del_unlockFields_selecteddev_text": "", "Maintenance_Tool_displayed_columns_text": "Sütunların görünürlüğünü ve sırasını değiştirme Aygıtları sayfa.", "Maintenance_Tool_drag_me": "Sütunları yeniden sıralamak için beni sürükleyin.", "Maintenance_Tool_order_columns_text": "Maintenance_Tool_order_columns_text", @@ -460,6 +472,8 @@ "Maintenance_Tool_restore_noti": "Veritabanı Geri Yükleme", "Maintenance_Tool_restore_noti_text": "Veritabanı Geri Yükleme'yi yürütmek istediğinizden emin misiniz? Şu anda hiçbir taramanın çalışmadığından emin olun.", "Maintenance_Tool_restore_text": "En son yedekleme düğme aracılığıyla geri yüklenebilir, ancak eski yedeklemeler yalnızca manuel olarak geri yüklenebilir. Geri yüklemeden sonra, yedekleme oluşturulduğunda veritabanı'nın şu anda yazma erişiminde olması durumunda, güvenlik için veritabanında bir bütünlük kontrolü yapın.", + "Maintenance_Tool_unlockFields_selecteddev": "", + "Maintenance_Tool_unlockFields_selecteddev_noti": "", "Maintenance_Tool_upgrade_database_noti": "Veritabanını yükseltme", "Maintenance_Tool_upgrade_database_noti_text": "Veritabanını yükseltmek istediğinizden emin misiniz?
(belki arşivlemeyi tercih edersiniz)", "Maintenance_Tool_upgrade_database_text": "Bu düğme, son 12 saatteki Ağ etkinliği grafiğini etkinleştirmek için veritabanını yükseltir. Sorun olması durumunda lütfen veritabanınızı yedekleyin.", diff --git a/front/php/templates/language/uk_ua.json b/front/php/templates/language/uk_ua.json index 664755453..fffbddc81 100644 --- a/front/php/templates/language/uk_ua.json +++ b/front/php/templates/language/uk_ua.json @@ -98,10 +98,10 @@ "DevDetail_MainInfo_Network": " Вузол (MAC)", "DevDetail_MainInfo_Network_Port": " Порт", "DevDetail_MainInfo_Network_Site": "Сайт", - "DevDetail_MainInfo_Network_Title": "Мережа", + "DevDetail_MainInfo_Network_Title": "Деталі мережі", "DevDetail_MainInfo_Owner": "Власник", "DevDetail_MainInfo_SSID": "SSID", - "DevDetail_MainInfo_Title": "Основна інформація", + "DevDetail_MainInfo_Title": "Інформація про пристрій", "DevDetail_MainInfo_Type": "Тип", "DevDetail_MainInfo_Vendor": "Продавець", "DevDetail_MainInfo_mac": "MAC", @@ -198,15 +198,15 @@ "DevDetail_button_Save": "Зберегти", "DeviceEdit_ValidMacIp": "Введіть дійсну адресу Mac та IP.", "Device_MultiEdit": "Мультиредагування", - "Device_MultiEdit_Backup": "Обережно, введення неправильних значень нижче призведе до порушення роботи налаштувань. Спочатку створіть резервну копію бази даних або конфігурації пристроїв (натисніть, щоб завантажити ). Прочитайте, як відновити пристрої з цього файлу, у документації щодо резервних копій. Щоб застосувати зміни, натисніть значок Зберегти у кожному полі, яке потрібно оновити.", + "Device_MultiEdit_Backup": "Обережно, введення неправильних значень нижче призведе до порушення роботи налаштувань. Спочатку створіть резервну копію бази даних або конфігурації пристроїв (натисніть, щоб завантажити ). Прочитайте, як відновити пристрої з цього файлу, у документації щодо резервних копій. Щоб застосувати зміни, натисніть значок Зберегти у кожному полі, яке потрібно оновити.", "Device_MultiEdit_Fields": "Редагувати поля:", "Device_MultiEdit_MassActions": "Масові акції:", "Device_MultiEdit_No_Devices": "Не вибрано жодного пристрою.", "Device_MultiEdit_Tooltip": "Обережно. Якщо натиснути це, значення зліва буде застосовано до всіх пристроїв, вибраних вище.", - "Device_Save_Failed": "", - "Device_Save_Unauthorized": "", - "Device_Saved_Success": "", - "Device_Saved_Unexpected": "", + "Device_Save_Failed": "Не вдалося зберегти пристрій", + "Device_Save_Unauthorized": "Неавторизовано – недійсний токен API", + "Device_Saved_Success": "Пристрій успішно збережено", + "Device_Saved_Unexpected": "Оновлення пристрою повернуло неочікувану відповідь", "Device_Searchbox": "Пошук", "Device_Shortcut_AllDevices": "Мої пристрої", "Device_Shortcut_AllNodes": "Усі вузли", @@ -226,6 +226,8 @@ "Device_TableHead_FirstSession": "Перша сесія", "Device_TableHead_GUID": "GUID", "Device_TableHead_Group": "Група", + "Device_TableHead_IPv4": "", + "Device_TableHead_IPv6": "", "Device_TableHead_Icon": "Значок", "Device_TableHead_LastIP": "Останній IP", "Device_TableHead_LastIPOrder": "Останнє замовлення IP", @@ -249,6 +251,7 @@ "Device_TableHead_SyncHubNodeName": "Вузол синхронізації", "Device_TableHead_Type": "Тип", "Device_TableHead_Vendor": "Продавець", + "Device_TableHead_Vlan": "", "Device_Table_Not_Network_Device": "Не налаштовано як мережевий пристрій", "Device_Table_info": "Показано від _START_ до _END_ із _TOTAL_ записів", "Device_Table_nav_next": "Далі", @@ -296,13 +299,14 @@ "Events_Tablelenght": "Показати записи _МЕНЮ_", "Events_Tablelenght_all": "Все", "Events_Title": "Події", - "FakeMAC_hover": "Автоматично виявлено – вказує, чи пристрій використовує ПІДРОБНУ MAC-адресу (що починається з FA:CE або 00:1A), зазвичай згенеровану плагіном, який не може визначити справжню MAC-адресу, або під час створення фіктивного пристрою.", - "FieldLock_Error": "", - "FieldLock_Lock_Tooltip": "", - "FieldLock_Locked": "", - "FieldLock_Source_Label": "", - "FieldLock_Unlock_Tooltip": "", - "FieldLock_Unlocked": "", + "FakeMAC_hover": "Цей пристрій має підроблену MAC-адресу", + "FieldLock_Error": "Помилка оновлення стану блокування поля", + "FieldLock_Lock_Tooltip": "Заблокувати поле (запобігти перезапису плагіном)", + "FieldLock_Locked": "Поле заблоковано", + "FieldLock_SaveBeforeLocking": "Збережіть зміни перед блокуванням", + "FieldLock_Source_Label": "Джерело: ", + "FieldLock_Unlock_Tooltip": "Поле розблокування (дозволити перезапис плагіна)", + "FieldLock_Unlocked": "Поле розблоковано", "GRAPHQL_PORT_description": "Номер порту сервера GraphQL. Переконайтеся, що порт є унікальним для всіх ваших програм на цьому хості та екземплярах NetAlertX.", "GRAPHQL_PORT_name": "Порт GraphQL", "Gen_Action": "Дія", @@ -410,6 +414,10 @@ "Maintenance_Tool_ImportPastedConfig": "Імпорт налаштувань (вставити)", "Maintenance_Tool_ImportPastedConfig_noti_text": "Ви впевнені, що бажаєте імпортувати вставлені налаштування конфігурації? Це повністю перезапише файл app.conf.", "Maintenance_Tool_ImportPastedConfig_text": "Імпортує файл app.conf, який містить усі налаштування програми. Ви можете спочатку завантажити поточний файл app.conf за допомогою Експорту налаштувань.", + "Maintenance_Tool_UnlockFields": "Очистити всі джерела пристроїв", + "Maintenance_Tool_UnlockFields_noti": "Очистити всі джерела пристроїв", + "Maintenance_Tool_UnlockFields_noti_text": "Ви впевнені, що хочете очистити всі вихідні значення (ЗАБЛОКОВАНО/КОРИСТУВАЧ) для всіх полів пристрою на всіх пристроях? Цю дію не можна скасувати.", + "Maintenance_Tool_UnlockFields_text": "Цей інструмент видалить усі вихідні значення з кожного відстежуваного поля для всіх пристроїв, фактично розблокувавши всі поля для плагінів та користувачів. Використовуйте це з обережністю, оскільки це вплине на весь ваш інвентар пристроїв.", "Maintenance_Tool_arpscansw": "Перемикач arp-сканування (увімк./вимк.)", "Maintenance_Tool_arpscansw_noti": "Увімкніть або вимкніть arp-Scan", "Maintenance_Tool_arpscansw_noti_text": "Коли сканування було вимкнено, воно залишається вимкненим, доки не буде активовано знову.", @@ -419,6 +427,9 @@ "Maintenance_Tool_backup_noti_text": "Ви впевнені, що хочете виконати резервне копіювання БД? Переконайтеся, що сканування наразі не виконується.", "Maintenance_Tool_backup_text": "Резервні копії бази даних зберігаються в каталозі бази даних у вигляді zip-архіву з датою створення. Немає максимальної кількості резервних копій.", "Maintenance_Tool_check_visible": "Зніміть прапорець, щоб приховати стовпець.", + "Maintenance_Tool_clearSourceFields_selected": "", + "Maintenance_Tool_clearSourceFields_selected_noti": "", + "Maintenance_Tool_clearSourceFields_selected_text": "", "Maintenance_Tool_darkmode": "Перемикати режими (темний/світлий)", "Maintenance_Tool_darkmode_noti": "Перемикати режими", "Maintenance_Tool_darkmode_noti_text": "Після перемикання теми сторінка намагається перезавантажитися, щоб активувати зміну. При необхідності необхідно очистити кеш.", @@ -449,6 +460,7 @@ "Maintenance_Tool_del_unknowndev_noti": "Видалити (невідомі) пристрої", "Maintenance_Tool_del_unknowndev_noti_text": "Ви впевнені, що бажаєте видалити всі пристрої (невідомо) і (ім’я не знайдено)?", "Maintenance_Tool_del_unknowndev_text": "Перед використанням цієї функції зробіть резервну копію. Видалення не можна скасувати. Усі пристрої з назвами (невідомі) будуть видалені з бази даних.", + "Maintenance_Tool_del_unlockFields_selecteddev_text": "Це розблокує поля ЗАБЛОКОВАНО/КОРИСТНИК вибраних пристроїв. Цю дію не можна скасувати.", "Maintenance_Tool_displayed_columns_text": "Змініть видимість і порядок стовпців на сторінці Пристрої.", "Maintenance_Tool_drag_me": "Перетягніть мене, щоб змінити порядок стовпців.", "Maintenance_Tool_order_columns_text": "Maintenance _Tool_order_columns_text", @@ -460,6 +472,8 @@ "Maintenance_Tool_restore_noti": "Відновлення БД", "Maintenance_Tool_restore_noti_text": "Ви впевнені, що хочете виконати відновлення БД? Переконайтеся, що сканування наразі не виконується.", "Maintenance_Tool_restore_text": "Останню резервну копію можна відновити за допомогою кнопки, але старіші резервні копії можна відновити лише вручну. Після відновлення зробіть перевірку цілісності бази даних для безпеки, якщо на момент створення резервної копії база даних мала доступ для запису.", + "Maintenance_Tool_unlockFields_selecteddev": "Розблокувати поля пристрою", + "Maintenance_Tool_unlockFields_selecteddev_noti": "Розблокувати поля", "Maintenance_Tool_upgrade_database_noti": "Оновлення бази даних", "Maintenance_Tool_upgrade_database_noti_text": "Ви впевнені, що бажаєте оновити базу даних?
(можливо, ви віддаєте перевагу заархівувати її)", "Maintenance_Tool_upgrade_database_text": "Ця кнопка оновить базу даних, щоб увімкнути графік активності мережі за останні 12 годин. Будь ласка, створіть резервну копію вашої бази даних на випадок проблем.", @@ -601,7 +615,7 @@ "REPORT_MAIL_description": "Якщо ввімкнено, електронною поштою буде надіслано список змін, на які ви підписалися. Будь ласка, також заповніть усі інші налаштування, пов’язані з налаштуванням SMTP нижче. Якщо виникли проблеми, установіть LOG_LEVEL на debug і перевірте журнал помилок.", "REPORT_MAIL_name": "Увімкнути електронну пошту", "REPORT_TITLE": "Звіт", - "RandomMAC_hover": "Автоматично визначено – вказує, чи пристрій рандомізує свою MAC-адресу. Ви можете виключити певні MAC-адреси за допомогою параметра UI_NOT_RANDOM_MAC. Натисніть, щоб дізнатися більше.", + "RandomMAC_hover": "Цей пристрій має випадкову MAC-адресу", "Reports_Sent_Log": "Журнал надісланих звітів", "SCAN_SUBNETS_description": "Більшість мережевих сканерів (ARP-SCAN, NMAP, NSLOOKUP, DIG) покладаються на сканування конкретних мережевих інтерфейсів і підмереж. Перегляньте документацію підмереж, щоб отримати допомогу щодо цього налаштування, особливо VLAN, які VLAN підтримуються або як визначити маску мережі та ваш інтерфейс.

Альтернативою мережевим сканерам є ввімкнення деяких інших сканерів/імпортерів пристроїв, які не покладаються на доступ NetAlertX до мережі (UNIFI, dhcp.leases , PiHole тощо).

Примітка. Сам час сканування залежить від кількості IP-адрес, які потрібно перевірити, тому ретельно налаштуйте це за допомогою відповідної маски мережі та інтерфейсу.", "SCAN_SUBNETS_name": "Мережі для сканування", @@ -609,7 +623,7 @@ "Setting_Override": "Перевизначати значення", "Setting_Override_Description": "Якщо ввімкнути цю опцію, значення за умовчанням, надане програмою, буде замінено значенням, указаним вище.", "Settings_Metadata_Toggle": "Показати/сховати метадані для вказаного параметра.", - "Settings_Show_Description": "Показати опис налаштування.", + "Settings_Show_Description": "Показати опис", "Settings_device_Scanners_desync": "⚠ Розклади сканування пристрою не синхронізовані.", "Settings_device_Scanners_desync_popup": "Розклади сканерів пристроїв (*_RUN_SCHD) не однакові. Це призведе до непослідовних сповіщень пристрою онлайн/офлайн. Якщо це не передбачено, використовуйте той самий розклад для всіх увімкнених 🔍сканерів пристроїв.", "Speedtest_Results": "Результати Speedtest", @@ -775,4 +789,4 @@ "settings_system_label": "Система", "settings_update_item_warning": "Оновіть значення нижче. Слідкуйте за попереднім форматом. Перевірка не виконана.", "test_event_tooltip": "Перш ніж перевіряти налаштування, збережіть зміни." -} \ No newline at end of file +} diff --git a/front/php/templates/language/zh_cn.json b/front/php/templates/language/zh_cn.json index 9fd4fda73..4d3b2683f 100644 --- a/front/php/templates/language/zh_cn.json +++ b/front/php/templates/language/zh_cn.json @@ -27,8 +27,8 @@ "AppEvents_ObjectType": "对象类型", "AppEvents_Plugin": "插件", "AppEvents_Type": "类型", - "BACKEND_API_URL_description": "", - "BACKEND_API_URL_name": "", + "BACKEND_API_URL_description": "用于生成后端API URL。如果您使用反向代理映射到您的GRAPHQL_PORT,请指定。请输入以http://开头的完整URL,包括端口号(末尾不带斜杠/)。", + "BACKEND_API_URL_name": "后端 API 网址", "BackDevDetail_Actions_Ask_Run": "您要执行此操作吗?", "BackDevDetail_Actions_Not_Registered": "未注册的操作: ", "BackDevDetail_Actions_Title_Run": "运行动作", @@ -98,10 +98,10 @@ "DevDetail_MainInfo_Network": " 节点 (MAC)", "DevDetail_MainInfo_Network_Port": " 端口", "DevDetail_MainInfo_Network_Site": "地点", - "DevDetail_MainInfo_Network_Title": "网络", + "DevDetail_MainInfo_Network_Title": "网络 详情", "DevDetail_MainInfo_Owner": "所有者", "DevDetail_MainInfo_SSID": "SSID", - "DevDetail_MainInfo_Title": "主要信息", + "DevDetail_MainInfo_Title": "设备信息", "DevDetail_MainInfo_Type": "类型", "DevDetail_MainInfo_Vendor": "制造商", "DevDetail_MainInfo_mac": "MAC", @@ -198,15 +198,15 @@ "DevDetail_button_Save": "保存", "DeviceEdit_ValidMacIp": "请输入有效的MacIP地址。", "Device_MultiEdit": "编辑", - "Device_MultiEdit_Backup": "小心,输入错误的值将破坏您的设置。请先备份您的数据库或设备配置(点击下载)。在备份文档中了解如何从此文件恢复设备。要应用更改,请在每个需要更新的字段点击保存图标。", + "Device_MultiEdit_Backup": "小心,输入错误的值将破坏您的设置。请先备份您的数据库或设备配置(点击下载)。在备份文档中了解如何从此文件恢复设备。要应用更改,请在每个需要更新的字段点击保存图标。", "Device_MultiEdit_Fields": "编辑:", "Device_MultiEdit_MassActions": "谨慎操作:", "Device_MultiEdit_No_Devices": "未选择设备。", "Device_MultiEdit_Tooltip": "小心。 单击此按钮会将左侧的值应用到上面选择的所有设备。", - "Device_Save_Failed": "", - "Device_Save_Unauthorized": "", - "Device_Saved_Success": "", - "Device_Saved_Unexpected": "", + "Device_Save_Failed": "保存设备失败", + "Device_Save_Unauthorized": "未授权 - API 令牌无效", + "Device_Saved_Success": "设备保存成功", + "Device_Saved_Unexpected": "设备更新返回了一个意外的响应", "Device_Searchbox": "搜索", "Device_Shortcut_AllDevices": "我的设备", "Device_Shortcut_AllNodes": "全部节点", @@ -226,6 +226,8 @@ "Device_TableHead_FirstSession": "加入", "Device_TableHead_GUID": "GUID", "Device_TableHead_Group": "组", + "Device_TableHead_IPv4": "IPv4", + "Device_TableHead_IPv6": "IPv6", "Device_TableHead_Icon": "图标", "Device_TableHead_LastIP": "上次 IP", "Device_TableHead_LastIPOrder": "上次 IP 排序", @@ -249,6 +251,7 @@ "Device_TableHead_SyncHubNodeName": "同步节点", "Device_TableHead_Type": "类型", "Device_TableHead_Vendor": "制造商", + "Device_TableHead_Vlan": "VLAN", "Device_Table_Not_Network_Device": "未配置为网络设备", "Device_Table_info": "显示第_START_至 END_条_共_TOTAL_条", "Device_Table_nav_next": "下一页", @@ -296,13 +299,14 @@ "Events_Tablelenght": "显示_MENU_条", "Events_Tablelenght_all": "全部", "Events_Title": "事件", - "FakeMAC_hover": "", - "FieldLock_Error": "", - "FieldLock_Lock_Tooltip": "", - "FieldLock_Locked": "", - "FieldLock_Source_Label": "", - "FieldLock_Unlock_Tooltip": "", - "FieldLock_Unlocked": "", + "FakeMAC_hover": "该设备具有伪造/欺骗的 MAC 地址", + "FieldLock_Error": "更新字段锁定状态时出错", + "FieldLock_Lock_Tooltip": "锁定字段(防止插件覆盖)", + "FieldLock_Locked": "字段锁定", + "FieldLock_SaveBeforeLocking": "在锁定之前请先保存您的更改", + "FieldLock_Source_Label": "出自: ", + "FieldLock_Unlock_Tooltip": "解锁字段(允许插件覆盖)", + "FieldLock_Unlocked": "字段解锁", "GRAPHQL_PORT_description": "GraphQL服务器的端口号。请确保该端口在该主机和 NetAlertX 实例上的所有应用程序中都是唯一的。", "GRAPHQL_PORT_name": "GraphQL端口", "Gen_Action": "动作", @@ -324,7 +328,7 @@ "Gen_Filter": "筛选", "Gen_Generate": "生成", "Gen_InvalidMac": "无效的 Mac 地址。", - "Gen_Invalid_Value": "", + "Gen_Invalid_Value": "输入了无效的值", "Gen_LockedDB": "错误 - DB 可能被锁定 - 检查 F12 开发工具 -> 控制台或稍后重试。", "Gen_NetworkMask": "网络掩码", "Gen_Offline": "离线", @@ -398,7 +402,7 @@ "Maintenance_Tool_ExportCSV": "设备导出(csv)", "Maintenance_Tool_ExportCSV_noti": "设备导出(csv)", "Maintenance_Tool_ExportCSV_noti_text": "您确定要生成 CSV 文件吗?", - "Maintenance_Tool_ExportCSV_text": "生成一个 CSV(逗号分隔值)文件,其中包含设备列表,包括网络节点和连接设备之间的网络关系。您也可以通过访问此 URL your NetAlertX url/php/server/devices.php?action=ExportCSV 或启用 CSV Backup 插件来触发此功能。", + "Maintenance_Tool_ExportCSV_text": "生成一个 CSV(逗号分隔值)文件,其中包含设备列表,包括网络节点和连接设备之间的网络关系。您也可以启用 CSV Backup 插件来触发此功能。", "Maintenance_Tool_ImportCSV": "设备导入(csv)", "Maintenance_Tool_ImportCSV_noti": "设备导入(csv)", "Maintenance_Tool_ImportCSV_noti_text": "您确定要导入 CSV 文件吗?这将完全覆盖数据库中的设备。", @@ -410,6 +414,10 @@ "Maintenance_Tool_ImportPastedConfig": "设置导入(粘贴)", "Maintenance_Tool_ImportPastedConfig_noti_text": "您确认要导入粘贴的设置吗?这会完全覆盖app.conf的内容。", "Maintenance_Tool_ImportPastedConfig_text": "导入包含所有应用程序设置的app.conf文件。建议先通过设置导出功能下载当前的app.conf文件。", + "Maintenance_Tool_UnlockFields": "清除所有设备来源", + "Maintenance_Tool_UnlockFields_noti": "清除所有设备来源", + "Maintenance_Tool_UnlockFields_noti_text": "您确定要清除所有设备字段(锁定/用户)的所有源值吗?(请注意:此操作将永久删除这些值,无法恢复)这一行为无法挽回。", + "Maintenance_Tool_UnlockFields_text": "此工具将从所有设备的每个跟踪字段中删除所有原始数据,从而为插件和用户完全解锁所有字段。请谨慎使用,因为这将影响您整个设备的库存情况。", "Maintenance_Tool_arpscansw": "切换 arp 扫描(开/关)", "Maintenance_Tool_arpscansw_noti": "打开或关闭 arp 扫描", "Maintenance_Tool_arpscansw_noti_text": "当扫描关闭时,它会保持关闭状态,直到再次激活为止。", @@ -419,6 +427,9 @@ "Maintenance_Tool_backup_noti_text": "您确定要执行数据库备份吗?请确保当前没有正在运行的扫描。", "Maintenance_Tool_backup_text": "数据库备份以 zip 存档形式位于数据库目录中,以创建日期命名。备份数量没有上限。", "Maintenance_Tool_check_visible": "取消选择隐藏列。", + "Maintenance_Tool_clearSourceFields_selected": "", + "Maintenance_Tool_clearSourceFields_selected_noti": "", + "Maintenance_Tool_clearSourceFields_selected_text": "", "Maintenance_Tool_darkmode": "切换模式(暗/亮)", "Maintenance_Tool_darkmode_noti": "切换模式", "Maintenance_Tool_darkmode_noti_text": "主题切换后,页面会尝试重新加载以激活更改。如有必要,必须清除缓存。", @@ -449,6 +460,7 @@ "Maintenance_Tool_del_unknowndev_noti": "删除(未知)设备", "Maintenance_Tool_del_unknowndev_noti_text": "您确定要删除所有(未知)和(未找到名称)设备吗?", "Maintenance_Tool_del_unknowndev_text": "使用此功能前,请先备份。删除操作不可撤销。所有名为 (未知) 的设备都将从数据库中删除。", + "Maintenance_Tool_del_unlockFields_selecteddev_text": "这将解除所选设备的“锁定/用户”字段的锁定状态。这一行为无法挽回。", "Maintenance_Tool_displayed_columns_text": "更改设备页面中列的可见性和顺序。", "Maintenance_Tool_drag_me": "拖动我来对列进行重新排序。", "Maintenance_Tool_order_columns_text": "Maintenance_Tool_order_columns_text", @@ -460,6 +472,8 @@ "Maintenance_Tool_restore_noti": "数据库恢复", "Maintenance_Tool_restore_noti_text": "您确定要执行数据库恢复吗?请确保当前没有正在运行的扫描。", "Maintenance_Tool_restore_text": "最新备份可通过按钮恢复,但旧备份只能手动恢复。恢复后,请对数据库进行完整性检查以确保安全,以防创建备份时数据库当前处于写访问状态。", + "Maintenance_Tool_unlockFields_selecteddev": "解锁设备字段", + "Maintenance_Tool_unlockFields_selecteddev_noti": "解锁字段", "Maintenance_Tool_upgrade_database_noti": "升级数据库", "Maintenance_Tool_upgrade_database_noti_text": "您确定要升级数据库吗?
(也许您更愿意将其存档)", "Maintenance_Tool_upgrade_database_text": "此按钮将升级数据库以启用过去 12 小时的网络活动图表。请备份您的数据库以防出现问题。", @@ -601,7 +615,7 @@ "REPORT_MAIL_description": "如果启用,则会发送一封电子邮件,其中包含您已订阅的更改列表。还请填写以下与 SMTP 设置相关的所有剩余设置。如果遇到问题,请将 LOG_LEVEL 设置为 debug 并检查错误日志。", "REPORT_MAIL_name": "启用email", "REPORT_TITLE": "报告", - "RandomMAC_hover": "自动检测 - 表示设备是否随机化其 MAC 地址。您可通过 UI_NOT_RANDOM_MAC 设置排除特定MAC地址。点击了解更多。", + "RandomMAC_hover": "该设备具有随机的MAC地址", "Reports_Sent_Log": "已发送报告日志", "SCAN_SUBNETS_description": "大多数网络扫描器(ARP-SCAN、NMAP、NSLOOKUP、DIG)依赖于扫描特定的网络接口和子网。查看子网文档以获取有关此设置的帮助,尤其是 VLAN、支持哪些 VLAN,或者如何确定网络掩码和接口。

网络扫描器的替代方法是启用一些其他不依赖于 NetAlertX 访问网络的设备扫描器/导入器(UNIFI、dhcp.leases、PiHole 等)。

注意:扫描时间本身取决于要检查的 IP 地址数量,因此请使用适当的网络掩码和接口仔细设置。", "SCAN_SUBNETS_name": "待扫描网络", @@ -609,7 +623,7 @@ "Setting_Override": "覆盖值", "Setting_Override_Description": "启用此选项将用上面指定的值覆盖应用程序提供的默认值。", "Settings_Metadata_Toggle": "显示/隐藏给定设置的元数据。", - "Settings_Show_Description": "显示设置描述。", + "Settings_Show_Description": "显示设置描述", "Settings_device_Scanners_desync": "⚠ 设备扫描计划不同步。", "Settings_device_Scanners_desync_popup": "设备扫描 (*_RUN_SCHD) 的时间表并不相同。这将导致设备在线/离线通知不一致。除非有意为之,否则请对所有启用的 🔍设备扫描 使用相同的时间表。", "Speedtest_Results": "Speedtest 结果", @@ -749,7 +763,7 @@ "run_event_tooltip": "在运行之前,请先启用设置并保存更改。", "select_icon_event_tooltip": "选择图标", "settings_core_icon": "fa-solid fa-gem", - "settings_core_label": "核", + "settings_core_label": "主要", "settings_device_scanners": "设备扫描器用于发现写入当前扫描数据库表的设备。", "settings_device_scanners_icon": "fa-solid fa-magnifying-glass-plus", "settings_device_scanners_info": "使用 LOADED_PLUGINS 设置加载更多设备扫描仪", @@ -775,4 +789,4 @@ "settings_system_label": "系统", "settings_update_item_warning": "更新下面的值。请注意遵循先前的格式。未执行验证。", "test_event_tooltip": "在测试设置之前,请先保存更改。" -} \ No newline at end of file +} diff --git a/front/plugins/__template/config.json b/front/plugins/__template/config.json index f2dfd28a6..12617d706 100755 --- a/front/plugins/__template/config.json +++ b/front/plugins/__template/config.json @@ -419,7 +419,7 @@ }, { "column": "Object_PrimaryID", - "mapped_to_column": "cur_MAC", + "mapped_to_column": "scanMac", "css_classes": "col-sm-3", "show": true, "type": "device_name_mac", @@ -435,7 +435,7 @@ }, { "column": "Object_SecondaryID", - "mapped_to_column": "cur_IP", + "mapped_to_column": "scanLastIP", "css_classes": "col-sm-2", "show": true, "type": "device_ip", @@ -451,7 +451,7 @@ }, { "column": "Watched_Value1", - "mapped_to_column": "cur_Name", + "mapped_to_column": "scanName", "css_classes": "col-sm-2", "show": true, "type": "label", @@ -467,7 +467,7 @@ }, { "column": "Watched_Value2", - "mapped_to_column": "cur_Vendor", + "mapped_to_column": "scanVendor", "css_classes": "col-sm-2", "show": true, "type": "label", @@ -483,7 +483,7 @@ }, { "column": "Watched_Value3", - "mapped_to_column": "cur_Type", + "mapped_to_column": "scanType", "css_classes": "col-sm-2", "show": true, "type": "label", @@ -514,7 +514,7 @@ }, { "column": "Dummy", - "mapped_to_column": "cur_ScanMethod", + "mapped_to_column": "scanSourcePlugin", "mapped_to_column_data": { "value": "Example Plugin" }, diff --git a/front/plugins/__template/rename_me.py b/front/plugins/__template/rename_me.py index 18c2d0720..b9f43e56d 100755 --- a/front/plugins/__template/rename_me.py +++ b/front/plugins/__template/rename_me.py @@ -51,8 +51,8 @@ def main(): # "database_column_definitions": [ # { # "column": "Object_PrimaryID", <--------- the value I save into primaryId - # "mapped_to_column": "cur_MAC", <--------- gets inserted into the CurrentScan DB - # table column cur_MAC + # "mapped_to_column": "scanMac", <--------- gets inserted into the CurrentScan DB + # table column scanMac # for device in device_data: plugin_objects.add_object( diff --git a/front/plugins/adguard_import/config.json b/front/plugins/adguard_import/config.json index 5fb46a88c..f4df3377c 100644 --- a/front/plugins/adguard_import/config.json +++ b/front/plugins/adguard_import/config.json @@ -323,7 +323,9 @@ "default_value": ["devMac", "devLastIP"], "options": [ "devMac", - "devLastIP" + "devLastIP", + "devType", + "devName" ], "localized": ["name", "description"], "name": [ @@ -392,7 +394,7 @@ }, { "column": "Object_PrimaryID", - "mapped_to_column": "cur_MAC", + "mapped_to_column": "scanMac", "css_classes": "col-sm-3", "show": true, "type": "device_name_mac", @@ -408,7 +410,7 @@ }, { "column": "Object_SecondaryID", - "mapped_to_column": "cur_IP", + "mapped_to_column": "scanLastIP", "css_classes": "col-sm-2", "show": true, "type": "device_ip", @@ -424,7 +426,7 @@ }, { "column": "Watched_Value1", - "mapped_to_column": "cur_Name", + "mapped_to_column": "scanName", "css_classes": "col-sm-2", "show": true, "type": "label", @@ -440,7 +442,7 @@ }, { "column": "Watched_Value2", - "mapped_to_column": "cur_Type", + "mapped_to_column": "scanType", "css_classes": "col-sm-2", "show": true, "type": "label", @@ -486,7 +488,7 @@ }, { "column": "Dummy", - "mapped_to_column": "cur_ScanMethod", + "mapped_to_column": "scanSourcePlugin", "mapped_to_column_data": { "value": "Example Plugin" }, diff --git a/front/plugins/arp_scan/config.json b/front/plugins/arp_scan/config.json index 2c342e5e3..98beb02ef 100755 --- a/front/plugins/arp_scan/config.json +++ b/front/plugins/arp_scan/config.json @@ -500,7 +500,7 @@ }, { "column": "Object_PrimaryID", - "mapped_to_column": "cur_MAC", + "mapped_to_column": "scanMac", "css_classes": "col-sm-3", "show": true, "type": "device_name_mac", @@ -516,7 +516,7 @@ }, { "column": "Watched_Value1", - "mapped_to_column": "cur_IP", + "mapped_to_column": "scanLastIP", "css_classes": "col-sm-2", "show": true, "type": "device_ip", @@ -532,7 +532,7 @@ }, { "column": "Watched_Value2", - "mapped_to_column": "cur_Vendor", + "mapped_to_column": "scanVendor", "css_classes": "col-sm-2", "show": true, "type": "label", @@ -556,7 +556,7 @@ }, { "column": "Dummy", - "mapped_to_column": "cur_ScanMethod", + "mapped_to_column": "scanSourcePlugin", "mapped_to_column_data": { "value": "ARPSCAN" }, diff --git a/front/plugins/asuswrt_import/config.json b/front/plugins/asuswrt_import/config.json index bd165e32e..0135ab209 100755 --- a/front/plugins/asuswrt_import/config.json +++ b/front/plugins/asuswrt_import/config.json @@ -129,7 +129,8 @@ } ] }, - { "function": "SET_ALWAYS", + { + "function": "SET_ALWAYS", "type": { "dataType": "array", "elements": [ @@ -143,7 +144,9 @@ "default_value": ["devMac", "devLastIP"], "options": [ "devMac", - "devLastIP" + "devLastIP", + "devName", + "devVendor" ], "localized": ["name", "description"], "name": [ @@ -451,7 +454,7 @@ "localized": [ "name" ], - "mapped_to_column": "cur_MAC", + "mapped_to_column": "scanMac", "name": [ { "language_code": "en_us", @@ -477,7 +480,7 @@ "localized": [ "name" ], - "mapped_to_column": "cur_IP", + "mapped_to_column": "scanLastIP", "name": [ { "language_code": "en_us", @@ -503,7 +506,7 @@ "localized": [ "name" ], - "mapped_to_column": "cur_Name", + "mapped_to_column": "scanName", "name": [ { "language_code": "en_us", @@ -524,7 +527,7 @@ }, { "column": "Watched_Value2", - "mapped_to_column": "cur_Vendor", + "mapped_to_column": "scanVendor", "css_classes": "col-sm-2", "default_value": "", "localized": [ @@ -550,7 +553,7 @@ }, { "column": "Dummy", - "mapped_to_column": "cur_ScanMethod", + "mapped_to_column": "scanSourcePlugin", "mapped_to_column_data": { "value": "ASUSWRT" }, diff --git a/front/plugins/avahi_scan/config.json b/front/plugins/avahi_scan/config.json index 770e25411..d588e64d2 100755 --- a/front/plugins/avahi_scan/config.json +++ b/front/plugins/avahi_scan/config.json @@ -225,6 +225,68 @@ "string": "Maximum time per device scan in seconds to wait for the script to finish. If this time is exceeded the script is aborted." } ] + }, + { + "function": "SET_ALWAYS", + "type": { + "dataType": "array", + "elements": [ + { + "elementType": "select", + "elementOptions": [{ "multiple": "true", "ordeable": "true"}], + "transformers": [] + } + ] + }, + "default_value": ["devFQDN"], + "options": [ + "devFQDN", + "devName" + ], + "localized": ["name", "description"], + "name": [ + { + "language_code": "en_us", + "string": "Set always columns" + } + ], + "description": [ + { + "language_code": "en_us", + "string": "These columns are treated as authoritative and will overwrite existing values, including those set by other plugins, unless the current value was explicitly set by the user (Source = USER or Source = LOCKED)." + } + ] + }, + { + "function": "SET_EMPTY", + "type": { + "dataType": "array", + "elements": [ + { + "elementType": "select", + "elementOptions": [{ "multiple": "true", "ordeable": "true" }], + "transformers": [] + } + ] + }, + "default_value": [], + "options": [ + "devFQDN", + "devName" + ], + "localized": ["name", "description"], + "name": [ + { + "language_code": "en_us", + "string": "Set empty columns" + } + ], + "description": [ + { + "language_code": "en_us", + "string": "These columns are only overwritten if they are empty (NULL / empty string) or if their Source is set to NEWDEV" + } + ] } ], "database_column_definitions": [ diff --git a/front/plugins/ddns_update/script.py b/front/plugins/ddns_update/script.py index 39bdade4e..c25526a1d 100755 --- a/front/plugins/ddns_update/script.py +++ b/front/plugins/ddns_update/script.py @@ -81,14 +81,14 @@ def ddns_update(DDNS_UPDATE_URL, DDNS_USER, DDNS_PASSWORD, DDNS_DOMAIN, PREV_IP) # plugin_objects = Plugin_Objects(RESULT_FILE) # plugin_objects.add_object( - # primaryId = 'Internet', # MAC (Device Name) + # primaryId = 'internet', # MAC (Device Name) # secondaryId = new_internet_IP, # IP Address # watched1 = f'Previous IP: {PREV_IP}', # watched2 = '', # watched3 = '', # watched4 = '', # extra = f'Previous IP: {PREV_IP}', - # foreignKey = 'Internet') + # foreignKey = 'internet') # plugin_objects.write_result_file() diff --git a/front/plugins/dhcp_leases/config.json b/front/plugins/dhcp_leases/config.json index 8735c46e2..70adb6124 100755 --- a/front/plugins/dhcp_leases/config.json +++ b/front/plugins/dhcp_leases/config.json @@ -103,7 +103,7 @@ }, { "column": "Object_PrimaryID", - "mapped_to_column": "cur_MAC", + "mapped_to_column": "scanMac", "css_classes": "col-sm-2", "show": true, "type": "device_mac", @@ -127,7 +127,7 @@ }, { "column": "Object_SecondaryID", - "mapped_to_column": "cur_IP", + "mapped_to_column": "scanLastIP", "css_classes": "col-sm-2", "show": true, "type": "device_ip", @@ -174,7 +174,7 @@ }, { "column": "DateTimeChanged", - "mapped_to_column": "cur_DateTime", + "mapped_to_column": "scanLastConnection", "css_classes": "col-sm-2", "show": true, "type": "label", @@ -221,7 +221,7 @@ }, { "column": "Watched_Value2", - "mapped_to_column": "cur_Name", + "mapped_to_column": "scanName", "css_classes": "col-sm-2", "show": true, "type": "label", @@ -337,7 +337,7 @@ }, { "column": "ScanMethod", - "mapped_to_column": "cur_ScanMethod", + "mapped_to_column": "scanSourcePlugin", "mapped_to_column_data": { "value": "DHCPLSS" }, diff --git a/front/plugins/dig_scan/config.json b/front/plugins/dig_scan/config.json index 7a4d2820b..8729f9a5a 100755 --- a/front/plugins/dig_scan/config.json +++ b/front/plugins/dig_scan/config.json @@ -233,6 +233,68 @@ "string": "Maximale Zeit in Sekunden, die auf den Abschluss des Skripts gewartet werden soll. Bei Überschreitung dieser Zeit wird das Skript abgebrochen." } ] + }, + { + "function": "SET_ALWAYS", + "type": { + "dataType": "array", + "elements": [ + { + "elementType": "select", + "elementOptions": [{ "multiple": "true", "ordeable": "true"}], + "transformers": [] + } + ] + }, + "default_value": ["devFQDN"], + "options": [ + "devFQDN", + "devName" + ], + "localized": ["name", "description"], + "name": [ + { + "language_code": "en_us", + "string": "Set always columns" + } + ], + "description": [ + { + "language_code": "en_us", + "string": "These columns are treated as authoritative and will overwrite existing values, including those set by other plugins, unless the current value was explicitly set by the user (Source = USER or Source = LOCKED)." + } + ] + }, + { + "function": "SET_EMPTY", + "type": { + "dataType": "array", + "elements": [ + { + "elementType": "select", + "elementOptions": [{ "multiple": "true", "ordeable": "true" }], + "transformers": [] + } + ] + }, + "default_value": [], + "options": [ + "devFQDN", + "devName" + ], + "localized": ["name", "description"], + "name": [ + { + "language_code": "en_us", + "string": "Set empty columns" + } + ], + "description": [ + { + "language_code": "en_us", + "string": "These columns are only overwritten if they are empty (NULL / empty string) or if their Source is set to NEWDEV" + } + ] } ], "database_column_definitions": [ diff --git a/front/plugins/freebox/config.json b/front/plugins/freebox/config.json index bb63a8580..9ab39ec6c 100755 --- a/front/plugins/freebox/config.json +++ b/front/plugins/freebox/config.json @@ -319,7 +319,10 @@ "default_value": ["devMac", "devLastIP"], "options": [ "devMac", - "devLastIP" + "devLastIP", + "devName", + "devVendor", + "devType" ], "localized": ["name", "description"], "name": [ @@ -391,7 +394,7 @@ }, { "column": "Object_PrimaryID", - "mapped_to_column": "cur_MAC", + "mapped_to_column": "scanMac", "css_classes": "col-sm-3", "show": true, "type": "device_name_mac", @@ -409,7 +412,7 @@ }, { "column": "Object_SecondaryID", - "mapped_to_column": "cur_IP", + "mapped_to_column": "scanLastIP", "css_classes": "col-sm-2", "show": true, "type": "device_ip", @@ -427,7 +430,7 @@ }, { "column": "Watched_Value1", - "mapped_to_column": "cur_Name", + "mapped_to_column": "scanName", "css_classes": "col-sm-2", "show": true, "type": "label", @@ -445,7 +448,7 @@ }, { "column": "Watched_Value2", - "mapped_to_column": "cur_Vendor", + "mapped_to_column": "scanVendor", "css_classes": "col-sm-2", "show": true, "type": "label", @@ -463,7 +466,7 @@ }, { "column": "Watched_Value3", - "mapped_to_column": "cur_Type", + "mapped_to_column": "scanType", "css_classes": "col-sm-2", "show": true, "type": "label", @@ -498,7 +501,7 @@ }, { "column": "Dummy", - "mapped_to_column": "cur_ScanMethod", + "mapped_to_column": "scanSourcePlugin", "mapped_to_column_data": { "value": "Freebox" }, diff --git a/front/plugins/icmp_scan/config.json b/front/plugins/icmp_scan/config.json index 596921721..382b8b7f9 100755 --- a/front/plugins/icmp_scan/config.json +++ b/front/plugins/icmp_scan/config.json @@ -382,7 +382,7 @@ }, { "column": "Object_PrimaryID", - "mapped_to_column": "cur_MAC", + "mapped_to_column": "scanMac", "css_classes": "col-sm-3", "show": true, "type": "device_name_mac", @@ -400,7 +400,7 @@ }, { "column": "Object_SecondaryID", - "mapped_to_column": "cur_IP", + "mapped_to_column": "scanLastIP", "css_classes": "col-sm-2", "show": true, "type": "device_ip", @@ -418,7 +418,6 @@ }, { "column": "Watched_Value1", - "mapped_to_column": "cur_Name", "css_classes": "col-sm-2", "show": true, "type": "label", @@ -487,7 +486,7 @@ }, { "column": "Dummy", - "mapped_to_column": "cur_ScanMethod", + "mapped_to_column": "scanSourcePlugin", "mapped_to_column_data": { "value": "ICMP" }, diff --git a/front/plugins/internet_ip/config.json b/front/plugins/internet_ip/config.json index ba8ade02d..446f30d16 100755 --- a/front/plugins/internet_ip/config.json +++ b/front/plugins/internet_ip/config.json @@ -494,7 +494,7 @@ }, { "column": "Object_PrimaryID", - "mapped_to_column": "cur_MAC", + "mapped_to_column": "scanMac", "css_classes": "col-sm-3", "show": true, "type": "device_name_mac", @@ -518,7 +518,7 @@ }, { "column": "Object_SecondaryID", - "mapped_to_column": "cur_IP", + "mapped_to_column": "scanLastIP", "css_classes": "col-sm-2", "show": true, "type": "device_ip", @@ -591,7 +591,7 @@ }, { "column": "Watched_Value4", - "mapped_to_column": "cur_Type", + "mapped_to_column": "scanType", "css_classes": "col-sm-2", "show": false, "type": "label", @@ -607,7 +607,7 @@ }, { "column": "Dummy", - "mapped_to_column": "cur_ScanMethod", + "mapped_to_column": "scanSourcePlugin", "mapped_to_column_data": { "value": "INTRNT" }, @@ -657,7 +657,7 @@ }, { "column": "DateTimeChanged", - "mapped_to_column": "cur_DateTime", + "mapped_to_column": "scanLastConnection", "css_classes": "col-sm-2", "show": true, "type": "label", diff --git a/front/plugins/internet_ip/script.py b/front/plugins/internet_ip/script.py index ff5d3cea3..328341a67 100755 --- a/front/plugins/internet_ip/script.py +++ b/front/plugins/internet_ip/script.py @@ -79,14 +79,14 @@ def main(): plugin_objects = Plugin_Objects(RESULT_FILE) plugin_objects.add_object( - primaryId = 'Internet', # MAC (Device Name) + primaryId = 'internet', # MAC (Device Name) secondaryId = new_internet_IP, # IP Address watched1 = f'Previous IP: {PREV_IP}', watched2 = cmd_output.replace('\n', ''), watched3 = retries_needed, watched4 = 'Gateway', extra = f'Previous IP: {PREV_IP}', - foreignKey = 'Internet' + foreignKey = 'internet' ) plugin_objects.write_result_file() @@ -101,8 +101,8 @@ def main(): # =============================================================================== def check_internet_IP(PREV_IP, DIG_GET_IP_ARG): - # Get Internet IP - mylog('verbose', [f'[{pluginName}] - Retrieving Internet IP']) + # Get internet IP + mylog('verbose', [f'[{pluginName}] - Retrieving internet IP']) internet_IP, cmd_output = get_internet_IP(DIG_GET_IP_ARG) mylog('verbose', [f'[{pluginName}] Current internet_IP : {internet_IP}']) diff --git a/front/plugins/ipneigh/config.json b/front/plugins/ipneigh/config.json index 4bc1ab506..3ba4d08e3 100755 --- a/front/plugins/ipneigh/config.json +++ b/front/plugins/ipneigh/config.json @@ -132,7 +132,8 @@ } ] }, - { "function": "SET_ALWAYS", + { + "function": "SET_ALWAYS", "type": { "dataType": "array", "elements": [ @@ -146,7 +147,10 @@ "default_value": ["devMac", "devLastIP"], "options": [ "devMac", - "devLastIP" + "devLastIP", + "devName", + "devVendor", + "devType" ], "localized": ["name", "description"], "name": [ @@ -287,7 +291,7 @@ }, { "column": "Object_PrimaryID", - "mapped_to_column": "cur_MAC", + "mapped_to_column": "scanMac", "css_classes": "col-sm-3", "show": true, "type": "device_name_mac", @@ -305,7 +309,7 @@ }, { "column": "Object_SecondaryID", - "mapped_to_column": "cur_IP", + "mapped_to_column": "scanLastIP", "css_classes": "col-sm-2", "show": true, "type": "device_ip", @@ -323,7 +327,7 @@ }, { "column": "Watched_Value1", - "mapped_to_column": "cur_Name", + "mapped_to_column": "scanName", "css_classes": "col-sm-2", "show": true, "type": "label", @@ -341,7 +345,7 @@ }, { "column": "Watched_Value2", - "mapped_to_column": "cur_Vendor", + "mapped_to_column": "scanVendor", "css_classes": "col-sm-2", "show": true, "type": "label", @@ -359,7 +363,7 @@ }, { "column": "Watched_Value3", - "mapped_to_column": "cur_Type", + "mapped_to_column": "scanType", "css_classes": "col-sm-2", "show": true, "type": "label", @@ -394,7 +398,7 @@ }, { "column": "Dummy", - "mapped_to_column": "cur_ScanMethod", + "mapped_to_column": "scanSourcePlugin", "mapped_to_column_data": { "value": "IPNEIGH" }, diff --git a/front/plugins/luci_import/config.json b/front/plugins/luci_import/config.json index 2eac488ca..8b25c24d1 100755 --- a/front/plugins/luci_import/config.json +++ b/front/plugins/luci_import/config.json @@ -470,7 +470,7 @@ }, { "column": "Object_PrimaryID", - "mapped_to_column": "cur_MAC", + "mapped_to_column": "scanMac", "css_classes": "col-sm-3", "show": true, "type": "device_name_mac", @@ -490,7 +490,7 @@ }, { "column": "Object_SecondaryID", - "mapped_to_column": "cur_IP", + "mapped_to_column": "scanLastIP", "css_classes": "col-sm-2", "show": true, "type": "label", @@ -549,7 +549,7 @@ }, { "column": "Dummy", - "mapped_to_column": "cur_ScanMethod", + "mapped_to_column": "scanSourcePlugin", "mapped_to_column_data": { "value": "LUCIRPC" }, diff --git a/front/plugins/mikrotik_scan/config.json b/front/plugins/mikrotik_scan/config.json index 03d1832dc..f3cc3f58c 100755 --- a/front/plugins/mikrotik_scan/config.json +++ b/front/plugins/mikrotik_scan/config.json @@ -283,7 +283,8 @@ "default_value": ["devMac", "devLastIP"], "options": [ "devMac", - "devLastIP" + "devLastIP", + "devName" ], "localized": ["name", "description"], "name": [ @@ -351,7 +352,7 @@ }, { "column": "Object_PrimaryID", - "mapped_to_column": "cur_MAC", + "mapped_to_column": "scanMac", "css_classes": "col-sm-3", "show": true, "type": "device_name_mac", @@ -382,7 +383,7 @@ }, { "column": "Object_SecondaryID", - "mapped_to_column": "cur_IP", + "mapped_to_column": "scanLastIP", "css_classes": "col-sm-2", "show": true, "type": "device_ip", @@ -413,7 +414,7 @@ }, { "column": "Watched_Value2", - "mapped_to_column": "cur_Name", + "mapped_to_column": "scanName", "css_classes": "col-sm-2", "show": true, "type": "label", @@ -474,7 +475,7 @@ }, { "column": "Dummy", - "mapped_to_column": "cur_ScanMethod", + "mapped_to_column": "scanSourcePlugin", "mapped_to_column_data": { "value": "MTSCAN" }, diff --git a/front/plugins/nbtscan_scan/config.json b/front/plugins/nbtscan_scan/config.json index b46ae7936..48b8a5894 100755 --- a/front/plugins/nbtscan_scan/config.json +++ b/front/plugins/nbtscan_scan/config.json @@ -233,6 +233,68 @@ "string": "Maximale Zeit in Sekunden, die auf den Abschluss des Skripts gewartet werden soll. Bei Überschreitung dieser Zeit wird das Skript abgebrochen." } ] + }, + { + "function": "SET_ALWAYS", + "type": { + "dataType": "array", + "elements": [ + { + "elementType": "select", + "elementOptions": [{ "multiple": "true", "ordeable": "true"}], + "transformers": [] + } + ] + }, + "default_value": ["devFQDN"], + "options": [ + "devFQDN", + "devName" + ], + "localized": ["name", "description"], + "name": [ + { + "language_code": "en_us", + "string": "Set always columns" + } + ], + "description": [ + { + "language_code": "en_us", + "string": "These columns are treated as authoritative and will overwrite existing values, including those set by other plugins, unless the current value was explicitly set by the user (Source = USER or Source = LOCKED)." + } + ] + }, + { + "function": "SET_EMPTY", + "type": { + "dataType": "array", + "elements": [ + { + "elementType": "select", + "elementOptions": [{ "multiple": "true", "ordeable": "true" }], + "transformers": [] + } + ] + }, + "default_value": [], + "options": [ + "devFQDN", + "devName" + ], + "localized": ["name", "description"], + "name": [ + { + "language_code": "en_us", + "string": "Set empty columns" + } + ], + "description": [ + { + "language_code": "en_us", + "string": "These columns are only overwritten if they are empty (NULL / empty string) or if their Source is set to NEWDEV" + } + ] } ], "database_column_definitions": [ diff --git a/front/plugins/newdev_template/config.json b/front/plugins/newdev_template/config.json index 0f01158d2..8192a12df 100755 --- a/front/plugins/newdev_template/config.json +++ b/front/plugins/newdev_template/config.json @@ -400,7 +400,7 @@ "XC5ob21l", "LVthLWZBLUYwLTldezMyfQ==", "Iy4q", - "XC5cYg==" + "XC4k" ], "options": [], "localized": [ @@ -1588,6 +1588,38 @@ } ] }, + { + "function": "devVlan", + "type": { + "dataType": "string", + "elements": [ + { + "elementType": "input", + "elementOptions": [], + "transformers": [] + } + ] + }, + "maxLength": 50, + "default_value": "", + "options": [], + "localized": [ + "name", + "description" + ], + "name": [ + { + "language_code": "en_us", + "string": "VLAN" + } + ], + "description": [ + { + "language_code": "en_us", + "string": "The VLAN identifier or name the device belongs to. Database column name: devVlan." + } + ] + }, { "function": "devSyncHubNode", "type": { @@ -1901,38 +1933,6 @@ } ] }, - { - "function": "devVlan", - "type": { - "dataType": "string", - "elements": [ - { - "elementType": "input", - "elementOptions": [], - "transformers": [] - } - ] - }, - "maxLength": 50, - "default_value": "", - "options": [], - "localized": [ - "name", - "description" - ], - "name": [ - { - "language_code": "en_us", - "string": "VLAN" - } - ], - "description": [ - { - "language_code": "en_us", - "string": "The VLAN identifier or name the device belongs to. Database column name: devVlan." - } - ] - }, { "function": "devForceStatus", "type": { diff --git a/front/plugins/nmap_dev_scan/config.json b/front/plugins/nmap_dev_scan/config.json index 81fcf114e..55cf9c77a 100755 --- a/front/plugins/nmap_dev_scan/config.json +++ b/front/plugins/nmap_dev_scan/config.json @@ -467,7 +467,9 @@ "default_value": ["devMac", "devLastIP"], "options": [ "devMac", - "devLastIP" + "devLastIP", + "devName", + "devVendor" ], "localized": ["name", "description"], "name": [ @@ -538,7 +540,7 @@ }, { "column": "Object_PrimaryID", - "mapped_to_column": "cur_MAC", + "mapped_to_column": "scanMac", "css_classes": "col-sm-3", "show": true, "type": "device_name_mac", @@ -556,7 +558,7 @@ }, { "column": "Object_SecondaryID", - "mapped_to_column": "cur_IP", + "mapped_to_column": "scanLastIP", "css_classes": "col-sm-2", "show": true, "type": "device_ip", @@ -574,7 +576,7 @@ }, { "column": "Watched_Value1", - "mapped_to_column": "cur_Name", + "mapped_to_column": "scanName", "css_classes": "col-sm-2", "show": true, "type": "label", @@ -592,7 +594,7 @@ }, { "column": "Watched_Value2", - "mapped_to_column": "cur_Vendor", + "mapped_to_column": "scanVendor", "css_classes": "col-sm-2", "show": true, "type": "label", @@ -618,7 +620,7 @@ }, { "column": "Watched_Value3", - "mapped_to_column": "cur_LastQuery", + "mapped_to_column": "scanLastQuery", "css_classes": "col-sm-2", "show": true, "type": "label", @@ -640,7 +642,7 @@ }, { "column": "Dummy", - "mapped_to_column": "cur_ScanMethod", + "mapped_to_column": "scanSourcePlugin", "mapped_to_column_data": { "value": "NMAPDEV" }, diff --git a/front/plugins/nslookup_scan/config.json b/front/plugins/nslookup_scan/config.json index 1589e6666..6bf444d08 100755 --- a/front/plugins/nslookup_scan/config.json +++ b/front/plugins/nslookup_scan/config.json @@ -233,6 +233,68 @@ "string": "Maximale Zeit in Sekunden, die auf den Abschluss des Skripts gewartet werden soll. Bei Überschreitung dieser Zeit wird das Skript abgebrochen." } ] + }, + { + "function": "SET_ALWAYS", + "type": { + "dataType": "array", + "elements": [ + { + "elementType": "select", + "elementOptions": [{ "multiple": "true", "ordeable": "true"}], + "transformers": [] + } + ] + }, + "default_value": ["devFQDN"], + "options": [ + "devFQDN", + "devName" + ], + "localized": ["name", "description"], + "name": [ + { + "language_code": "en_us", + "string": "Set always columns" + } + ], + "description": [ + { + "language_code": "en_us", + "string": "These columns are treated as authoritative and will overwrite existing values, including those set by other plugins, unless the current value was explicitly set by the user (Source = USER or Source = LOCKED)." + } + ] + }, + { + "function": "SET_EMPTY", + "type": { + "dataType": "array", + "elements": [ + { + "elementType": "select", + "elementOptions": [{ "multiple": "true", "ordeable": "true" }], + "transformers": [] + } + ] + }, + "default_value": [], + "options": [ + "devFQDN", + "devName" + ], + "localized": ["name", "description"], + "name": [ + { + "language_code": "en_us", + "string": "Set empty columns" + } + ], + "description": [ + { + "language_code": "en_us", + "string": "These columns are only overwritten if they are empty (NULL / empty string) or if their Source is set to NEWDEV" + } + ] } ], "database_column_definitions": [ diff --git a/front/plugins/omada_sdn_imp/config.json b/front/plugins/omada_sdn_imp/config.json index 22203782c..5287d147c 100755 --- a/front/plugins/omada_sdn_imp/config.json +++ b/front/plugins/omada_sdn_imp/config.json @@ -483,7 +483,11 @@ "default_value": ["devMac", "devLastIP"], "options": [ "devMac", - "devLastIP" + "devLastIP", + "devName", + "devParentMAC", + "devSSID", + "devType" ], "localized": ["name", "description"], "name": [ @@ -554,7 +558,7 @@ }, { "column": "Object_PrimaryID", - "mapped_to_column": "cur_MAC", + "mapped_to_column": "scanMac", "css_classes": "col-sm-3", "show": true, "type": "device_name_mac", @@ -578,7 +582,7 @@ }, { "column": "Object_SecondaryID", - "mapped_to_column": "cur_IP", + "mapped_to_column": "scanLastIP", "css_classes": "col-sm-2", "show": true, "type": "device_ip", @@ -602,7 +606,7 @@ }, { "column": "Watched_Value1", - "mapped_to_column": "cur_Name", + "mapped_to_column": "scanName", "css_classes": "col-sm-2", "show": true, "type": "label", @@ -618,7 +622,7 @@ }, { "column": "Watched_Value2", - "mapped_to_column": "cur_NetworkNodeMAC", + "mapped_to_column": "scanParentMAC", "css_classes": "col-sm-2", "show": true, "type": "label", @@ -634,7 +638,7 @@ }, { "column": "Watched_Value3", - "mapped_to_column": "cur_PORT", + "mapped_to_column": "scanParentPort", "css_classes": "col-sm-2", "show": true, "type": "label", @@ -650,7 +654,7 @@ }, { "column": "Watched_Value4", - "mapped_to_column": "cur_SSID", + "mapped_to_column": "scanSSID", "css_classes": "col-sm-2", "show": true, "type": "label", @@ -666,7 +670,7 @@ }, { "column": "Extra", - "mapped_to_column": "cur_Type", + "mapped_to_column": "scanType", "css_classes": "col-sm-2", "show": false, "type": "label", @@ -682,7 +686,7 @@ }, { "column": "Dummy", - "mapped_to_column": "cur_ScanMethod", + "mapped_to_column": "scanSourcePlugin", "mapped_to_column_data": { "value": "OMDSDN" }, diff --git a/front/plugins/omada_sdn_imp/omada_sdn.py b/front/plugins/omada_sdn_imp/omada_sdn.py index 8ee3ffea2..9447df69f 100755 --- a/front/plugins/omada_sdn_imp/omada_sdn.py +++ b/front/plugins/omada_sdn_imp/omada_sdn.py @@ -320,7 +320,7 @@ def main(): # "database_column_definitions": [ # { # "column": "Object_PrimaryID", <--------- the value I save into primaryId - # "mapped_to_column": "cur_MAC", <--------- gets unserted into the CurrentScan DB table column cur_MAC + # "mapped_to_column": "scanMac", <--------- gets unserted into the CurrentScan DB table column scanMac # watched1 = 'null' , # figure a way to run my udpate script delayed @@ -330,8 +330,8 @@ def main(): myssid = device[PORT_SSID] if not device[PORT_SSID].isdigit() else "" ParentNetworkNode = ( ieee2ietf_mac_formater(device[SWITCH_AP]) - if device[SWITCH_AP] != "Internet" - else "Internet" + if device[SWITCH_AP].lower() != "internet" + else "internet" ) mymac = ieee2ietf_mac_formater(device[MAC]) plugin_objects.add_object( @@ -342,7 +342,7 @@ def main(): watched3=myport, # PORT watched4=myssid, # SSID extra=device[TYPE], - # omada_site, # SITENAME (cur_NetworkSite) or VENDOR (cur_Vendor) (PICK one and adjust config.json -> "column": "Extra") + # omada_site, # SITENAME (scanSite) or VENDOR (scanVendor) (PICK one and adjust config.json -> "column": "Extra") foreignKey=device[MAC].lower().replace("-", ":"), ) # usually MAC @@ -665,7 +665,7 @@ def run_command(command, index): device_data_bymac[default_router_mac][TYPE] = "Firewall" # step2 let's find the first switch and set the default router parent to internet first_switch = device_data_bymac[default_router_mac][SWITCH_AP] - device_data_bymac[default_router_mac][SWITCH_AP] = "Internet" + device_data_bymac[default_router_mac][SWITCH_AP] = "internet" # step3 let's set the switch connected to the default gateway uplink to the default gateway and hardcode port to 1 for now: # device_data_bymac[first_switch][SWITCH_AP]=default_router_mac # device_data_bymac[first_switch][SWITCH_AP][PORT_SSID] = '1' diff --git a/front/plugins/omada_sdn_openapi/config.json b/front/plugins/omada_sdn_openapi/config.json index a9df0317d..cc5942028 100755 --- a/front/plugins/omada_sdn_openapi/config.json +++ b/front/plugins/omada_sdn_openapi/config.json @@ -456,7 +456,12 @@ "default_value": ["devMac", "devLastIP"], "options": [ "devMac", - "devLastIP" + "devLastIP", + "devName", + "devParentMAC", + "devSSID", + "devType", + "devSite" ], "localized": ["name", "description"], "name": [ @@ -528,7 +533,7 @@ }, { "column": "Object_PrimaryID", - "mapped_to_column": "cur_MAC", + "mapped_to_column": "scanMac", "css_classes": "col-sm-3", "show": true, "type": "device_name_mac", @@ -544,7 +549,7 @@ }, { "column": "Object_SecondaryID", - "mapped_to_column": "cur_IP", + "mapped_to_column": "scanLastIP", "css_classes": "col-sm-2", "show": true, "type": "device_ip", @@ -560,7 +565,7 @@ }, { "column": "Watched_Value1", - "mapped_to_column": "cur_Name", + "mapped_to_column": "scanName", "css_classes": "col-sm-2", "show": true, "type": "label", @@ -576,7 +581,7 @@ }, { "column": "Watched_Value2", - "mapped_to_column": "cur_NetworkNodeMAC", + "mapped_to_column": "scanParentMAC", "css_classes": "col-sm-2", "show": true, "type": "device_name_mac", @@ -592,7 +597,7 @@ }, { "column": "Watched_Value3", - "mapped_to_column": "cur_PORT", + "mapped_to_column": "scanParentPort", "css_classes": "col-sm-2", "show": true, "type": "label", @@ -608,7 +613,7 @@ }, { "column": "Watched_Value4", - "mapped_to_column": "cur_SSID", + "mapped_to_column": "scanSSID", "css_classes": "col-sm-2", "show": true, "type": "label", @@ -624,7 +629,7 @@ }, { "column": "Extra", - "mapped_to_column": "cur_Type", + "mapped_to_column": "scanType", "css_classes": "col-sm-2", "show": false, "type": "label", @@ -640,7 +645,7 @@ }, { "column": "Dummy", - "mapped_to_column": "cur_ScanMethod", + "mapped_to_column": "scanSourcePlugin", "mapped_to_column_data": { "value": "OMDSDNOPENAPI" }, @@ -704,7 +709,7 @@ }, { "column": "HelpVal2", - "mapped_to_column": "cur_NetworkSite", + "mapped_to_column": "scanSite", "css_classes": "col-sm-2", "show": true, "type": "label", diff --git a/front/plugins/omada_sdn_openapi/script.py b/front/plugins/omada_sdn_openapi/script.py index 7d3411266..11b17b60b 100755 --- a/front/plugins/omada_sdn_openapi/script.py +++ b/front/plugins/omada_sdn_openapi/script.py @@ -413,11 +413,11 @@ def create_data(plugin_objects: Plugin_Objects, normalized_input_data: dict) -> OmadaHelper.verbose(f"Making entry for: {entry['mac_address']}") - # If the device_type is gateway, set the parent_node to Internet + # If the device_type is gateway, set the parent_node to internet device_type = entry["device_type"].lower() parent_node = entry["parent_node_mac_address"] if len(parent_node) == 0 and entry["device_type"] == "gateway" and is_typical_router_ip(entry["ip_address"]): - parent_node = "Internet" + parent_node = "internet" # Some device type naming exceptions if device_type == "iphone": diff --git a/front/plugins/pihole_api_scan/config.json b/front/plugins/pihole_api_scan/config.json index fc94405cf..2ed11f330 100644 --- a/front/plugins/pihole_api_scan/config.json +++ b/front/plugins/pihole_api_scan/config.json @@ -115,7 +115,8 @@ } ] }, - { "function": "SET_ALWAYS", + { + "function": "SET_ALWAYS", "type": { "dataType": "array", "elements": [ @@ -234,6 +235,62 @@ } ] }, + { + "function": "GET_OFFLINE", + "type": { + "dataType": "boolean", + "elements": [ + { + "elementType": "input", + "elementOptions": [{ "type": "checkbox" }], + "transformers": [] + } + ] + }, + "default_value": false, + "options": [], + "localized": ["name", "description"], + "name": [ + { + "language_code": "en_us", + "string": "Import offline" + } + ], + "description": [ + { + "language_code": "en_us", + "string": "Import offline devices. By default only online devices are retrieved." + } + ] + }, + { + "function": "CONSIDER_ONLINE", + "type": { + "dataType": "integer", + "elements": [ + { + "elementType": "input", + "elementOptions": [{ "type": "number" }], + "transformers": [] + } + ] + }, + "default_value": 300, + "options": [], + "localized": ["name", "description"], + "name": [ + { + "language_code": "en_us", + "string": "Online if last seen" + } + ], + "description": [ + { + "language_code": "en_us", + "string": "Time in seconds to consider a device online." + } + ] + }, { "function": "VERIFY_SSL", "type": { @@ -400,7 +457,7 @@ }, { "column": "Object_PrimaryID", - "mapped_to_column": "cur_MAC", + "mapped_to_column": "scanMac", "css_classes": "col-sm-3", "show": true, "type": "device_name_mac", @@ -416,7 +473,7 @@ }, { "column": "Object_SecondaryID", - "mapped_to_column": "cur_IP", + "mapped_to_column": "scanLastIP", "css_classes": "col-sm-2", "show": true, "type": "device_ip", @@ -432,7 +489,7 @@ }, { "column": "Watched_Value1", - "mapped_to_column": "cur_Name", + "mapped_to_column": "scanName", "css_classes": "col-sm-2", "show": true, "type": "label", @@ -448,7 +505,7 @@ }, { "column": "Watched_Value2", - "mapped_to_column": "cur_Vendor", + "mapped_to_column": "scanVendor", "css_classes": "col-sm-2", "show": true, "type": "label", @@ -494,7 +551,7 @@ }, { "column": "Dummy", - "mapped_to_column": "cur_ScanMethod", + "mapped_to_column": "scanSourcePlugin", "mapped_to_column_data": { "value": "PIHOLEAPI" }, diff --git a/front/plugins/pihole_api_scan/pihole_api_scan.py b/front/plugins/pihole_api_scan/pihole_api_scan.py index c8a9aa757..65cda801d 100644 --- a/front/plugins/pihole_api_scan/pihole_api_scan.py +++ b/front/plugins/pihole_api_scan/pihole_api_scan.py @@ -42,6 +42,7 @@ PIHOLEAPI_SES_CSRF = None PIHOLEAPI_API_MAXCLIENTS = None PIHOLEAPI_VERIFY_SSL = True +PIHOLEAPI_GET_OFFLINE = False PIHOLEAPI_RUN_TIMEOUT = 10 PIHOLEAPI_FAKE_MAC = get_setting_value('PIHOLEAPI_FAKE_MAC') VERSION_DATE = "NAX-PIHOLEAPI-1.0" @@ -195,47 +196,69 @@ def get_pihole_network_devices(): # ------------------------------------------------------------------ def gather_device_entries(): """ - Build a list of device entries suitable for Plugin_Objects.add_object. - Each entry is a dict with: mac, ip, name, macVendor, lastQuery + Build a list of device entries. + Online status is determined by comparing lastSeen (in seconds) vs the current time. """ entries = [] - - iface_map = get_pihole_interface_data() devices = get_pihole_network_devices() now_ts = int(datetime.datetime.now().timestamp()) for device in devices: hwaddr = device.get('hwaddr') - if not hwaddr or hwaddr == "00:00:00:00:00:00": + + # Filter out invalid MACs/interfaces + if not hwaddr or hwaddr in ["00:00:00:00:00:00", "ip-::"]: + continue + + device_ips = device.get('ips', []) + if not device_ips: continue - macVendor = device.get('macVendor', '') - lastQuery = device.get('lastQuery') - # 'ips' is a list of dicts: {ip, name} - for ip_info in device.get('ips', []): + # 1. Find the freshest timestamp across all IPs for this MAC + # This ensures if the device is active on ANY IP, the MAC is considered online. + max_last_seen = 0 + for ip_info in device_ips: + ls = ip_info.get('lastSeen', 0) + if ls > max_last_seen: + max_last_seen = ls + + # 2. Determine online status: (Current Time - Last Seen) <= PIHOLEAPI_CONSIDER_ONLINE + # Math is in seconds. + if (now_ts - max_last_seen) <= PIHOLEAPI_CONSIDER_ONLINE: + is_online = True + else: + is_online = False + + # 3. Skip if offline (and user doesn't want offline devices) + if not is_online and not PIHOLEAPI_GET_OFFLINE: + mylog('verbose', [f'[{pluginName}] Not online in the last {PIHOLEAPI_CONSIDER_ONLINE}s, import of offline disabled (PIHOLEAPI_GET_OFFLINE) skipping device: {device}.']) + continue + + mac_vendor = device.get('macVendor', '') + + # 4. Process each valid IP for the device + for ip_info in device_ips: ip = ip_info.get('ip') - if not ip: + + # Skip internal Pi-hole placeholders + if not ip or ip in ["0.0.0.0", "::"]: + mylog('verbose', [f'[{pluginName}] Not a valid ip ({ip}), skipping device: {device}.']) continue name = ip_info.get('name') or '(unknown)' + tmp_mac = hwaddr.lower() - # mark active if ip present on local interfaces - for mac, iplist in iface_map.items(): - if ip in iplist: - lastQuery = str(now_ts) - - tmpMac = hwaddr.lower() - - # ensure fake mac if enabled - if PIHOLEAPI_FAKE_MAC and is_mac(tmpMac) is False: - tmpMac = string_to_fake_mac(ip) + # Handle Fake MAC logic for non-standard hardware addresses + if PIHOLEAPI_FAKE_MAC and not is_mac(tmp_mac): + tmp_mac = string_to_fake_mac(ip) entries.append({ - 'mac': tmpMac, + 'mac': tmp_mac, 'ip': ip, 'name': name, - 'macVendor': macVendor, - 'lastQuery': str(lastQuery) if lastQuery is not None else '' + 'macVendor': mac_vendor, + # Pass the Unix timestamp as a string for NAX tracking + 'lastQuery': str(max_last_seen) if max_last_seen > 0 else "" }) return entries @@ -244,7 +267,7 @@ def gather_device_entries(): # ------------------------------------------------------------------ def main(): """Main plugin entrypoint.""" - global PIHOLEAPI_URL, PIHOLEAPI_PASSWORD, PIHOLEAPI_API_MAXCLIENTS, PIHOLEAPI_VERIFY_SSL, PIHOLEAPI_RUN_TIMEOUT + global PIHOLEAPI_URL, PIHOLEAPI_PASSWORD, PIHOLEAPI_API_MAXCLIENTS, PIHOLEAPI_VERIFY_SSL, PIHOLEAPI_RUN_TIMEOUT, PIHOLEAPI_GET_OFFLINE, PIHOLEAPI_CONSIDER_ONLINE mylog('verbose', [f'[{pluginName}] start script.']) @@ -260,6 +283,12 @@ def main(): # Accept boolean or string "True"/"False" PIHOLEAPI_VERIFY_SSL = get_setting_value('PIHOLEAPI_SSL_VERIFY') PIHOLEAPI_RUN_TIMEOUT = get_setting_value('PIHOLEAPI_RUN_TIMEOUT') + PIHOLEAPI_GET_OFFLINE = get_setting_value('PIHOLEAPI_GET_OFFLINE') + PIHOLEAPI_CONSIDER_ONLINE = get_setting_value('PIHOLEAPI_CONSIDER_ONLINE') + + # Fallback in case the setting is missing or returned as an empty string + if not isinstance(PIHOLEAPI_CONSIDER_ONLINE, int): + PIHOLEAPI_CONSIDER_ONLINE = 300 # Authenticate if not pihole_api_auth(): diff --git a/front/plugins/pihole_scan/config.json b/front/plugins/pihole_scan/config.json index 1fbb936b4..6d96f111d 100755 --- a/front/plugins/pihole_scan/config.json +++ b/front/plugins/pihole_scan/config.json @@ -385,7 +385,7 @@ }, { "column": "Object_PrimaryID", - "mapped_to_column": "cur_MAC", + "mapped_to_column": "scanMac", "css_classes": "col-sm-2", "show": true, "type": "device_mac", @@ -420,7 +420,7 @@ }, { "column": "Watched_Value1", - "mapped_to_column": "cur_IP", + "mapped_to_column": "scanLastIP", "css_classes": "col-sm-2", "show": true, "type": "device_ip", @@ -440,7 +440,7 @@ }, { "column": "Watched_Value2", - "mapped_to_column": "cur_LastQuery", + "mapped_to_column": "scanLastQuery", "css_classes": "col-sm-2", "show": true, "type": "label", @@ -456,7 +456,7 @@ }, { "column": "Watched_Value3", - "mapped_to_column": "cur_Name", + "mapped_to_column": "scanName", "css_classes": "col-sm-2", "show": true, "type": "label", @@ -472,7 +472,7 @@ }, { "column": "Watched_Value4", - "mapped_to_column": "cur_Vendor", + "mapped_to_column": "scanVendor", "css_classes": "col-sm-2", "show": true, "type": "label", @@ -488,7 +488,7 @@ }, { "column": "Dummy", - "mapped_to_column": "cur_ScanMethod", + "mapped_to_column": "scanSourcePlugin", "mapped_to_column_data": { "value": "PIHOLE" }, diff --git a/front/plugins/plugin_helper.py b/front/plugins/plugin_helper.py index 6e1f99a09..b8c120ad3 100755 --- a/front/plugins/plugin_helper.py +++ b/front/plugins/plugin_helper.py @@ -91,11 +91,11 @@ def is_typical_router_ip(ip_address): def is_mac(input): input_str = str(input).lower().strip() # Convert to string and lowercase so non-string values won't raise errors - # Full MAC (6 octets) e.g. AA:BB:CC:DD:EE:FF + # Full MAC (6 octets) e.g. aa:bb:cc:dd:ee:ff full_mac_re = re.compile(r"^[0-9a-f]{2}([-:]?)[0-9a-f]{2}(\1[0-9a-f]{2}){4}$") # Wildcard prefix format: exactly 3 octets followed by a trailing '*' component - # Examples: AA:BB:CC:* + # Examples: aa:bb:cc:* wildcard_re = re.compile(r"^[0-9a-f]{2}[-:]?[0-9a-f]{2}[-:]?[0-9a-f]{2}[-:]?\*$") if full_mac_re.match(input_str) or wildcard_re.match(input_str): @@ -177,27 +177,25 @@ def decode_settings_base64(encoded_str, convert_types=True): # ------------------------------------------------------------------- def normalize_mac(mac): """ - Normalize a MAC address to the standard format with colon separators. - For example, "aa-bb-cc-dd-ee-ff" will be normalized to "AA:BB:CC:DD:EE:FF". - Wildcard MAC addresses like "AA:BB:CC:*" will be normalized to "AA:BB:CC:*". + normalize a mac address to the standard format with colon separators. + for example, "AA-BB-CC-DD-EE-FF" will be normalized to "aa:bb:cc:dd:ee:ff". + wildcard mac addresses like "AA:BB:CC:*" will be normalized to "aa:bb:cc:*". - :param mac: The MAC address to normalize. - :return: The normalized MAC address. + :param mac: the mac address to normalize. + :return: the normalized mac address (lowercase). """ - s = str(mac).strip() + s = str(mac).strip().lower() - if s.lower() == "internet": - return "Internet" + if s == "internet": + return "internet" - s = s.upper() - - # Determine separator if present, prefer colon, then hyphen + # determine separator if present, prefer colon, then hyphen if ':' in s: parts = s.split(':') elif '-' in s: parts = s.split('-') else: - # No explicit separator; attempt to split every two chars + # no explicit separator; attempt to split every two chars parts = [s[i:i + 2] for i in range(0, len(s), 2)] normalized_parts = [] @@ -206,10 +204,10 @@ def normalize_mac(mac): if part == '*': normalized_parts.append('*') else: - # Ensure two hex digits (zfill is fine for alphanumeric input) + # ensure two hex digits normalized_parts.append(part.zfill(2)) - # Use colon as canonical separator + # use colon as canonical separator return ':'.join(normalized_parts) diff --git a/front/plugins/snmp_discovery/config.json b/front/plugins/snmp_discovery/config.json index 62fc7760d..1a155a71b 100755 --- a/front/plugins/snmp_discovery/config.json +++ b/front/plugins/snmp_discovery/config.json @@ -100,7 +100,7 @@ }, { "column": "Object_PrimaryID", - "mapped_to_column": "cur_MAC", + "mapped_to_column": "scanMac", "css_classes": "col-sm-2", "show": true, "type": "device_mac", @@ -120,7 +120,7 @@ }, { "column": "Object_SecondaryID", - "mapped_to_column": "cur_IP", + "mapped_to_column": "scanLastIP", "css_classes": "col-sm-2", "show": true, "type": "device_ip", @@ -140,7 +140,7 @@ }, { "column": "DateTimeCreated", - "mapped_to_column": "cur_DateTime", + "mapped_to_column": "scanLastConnection", "css_classes": "col-sm-2", "show": true, "type": "label", @@ -160,7 +160,7 @@ }, { "column": "Watched_Value1", - "mapped_to_column": "cur_Name", + "mapped_to_column": "scanName", "css_classes": "col-sm-2", "show": true, "type": "label", @@ -275,7 +275,7 @@ }, { "column": "Dummy", - "mapped_to_column": "cur_ScanMethod", + "mapped_to_column": "scanSourcePlugin", "mapped_to_column_data": { "value": "SNMPDSC" }, @@ -601,7 +601,8 @@ "default_value": ["devMac", "devLastIP"], "options": [ "devMac", - "devLastIP" + "devLastIP", + "devName" ], "localized": ["name", "description"], "name": [ diff --git a/front/plugins/sync/config.json b/front/plugins/sync/config.json index 9ef665fa3..bb98a239d 100755 --- a/front/plugins/sync/config.json +++ b/front/plugins/sync/config.json @@ -612,7 +612,8 @@ "default_value": ["devMac", "devLastIP"], "options": [ "devMac", - "devLastIP" + "devName", + "devVendor" ], "localized": ["name", "description"], "name": [ @@ -684,7 +685,7 @@ }, { "column": "Object_PrimaryID", - "mapped_to_column": "cur_MAC", + "mapped_to_column": "scanMac", "css_classes": "col-sm-3", "show": true, "type": "device_name_mac", @@ -710,7 +711,7 @@ }, { "column": "Object_SecondaryID", - "mapped_to_column": "cur_IP", + "mapped_to_column": "scanLastIP", "css_classes": "col-sm-2", "show": true, "type": "device_ip", @@ -736,7 +737,7 @@ }, { "column": "Watched_Value1", - "mapped_to_column": "cur_Name", + "mapped_to_column": "scanName", "css_classes": "col-sm-2", "show": true, "type": "label", @@ -754,7 +755,7 @@ }, { "column": "Watched_Value2", - "mapped_to_column": "cur_Vendor", + "mapped_to_column": "scanVendor", "css_classes": "col-sm-2", "show": true, "type": "label", @@ -772,7 +773,7 @@ }, { "column": "Watched_Value3", - "mapped_to_column": "cur_SyncHubNodeName", + "mapped_to_column": "scanSyncHubNode", "css_classes": "col-sm-2", "show": true, "type": "label", @@ -807,7 +808,7 @@ }, { "column": "Dummy", - "mapped_to_column": "cur_ScanMethod", + "mapped_to_column": "scanSourcePlugin", "mapped_to_column_data": { "value": "sync" }, diff --git a/front/plugins/ui_settings/config.json b/front/plugins/ui_settings/config.json index 20fc84dfc..18cee2cb7 100755 --- a/front/plugins/ui_settings/config.json +++ b/front/plugins/ui_settings/config.json @@ -199,7 +199,12 @@ "PGkgY2xhc3M9ImZhIGZhLWxpZ2h0YnVsYiI+PC9pPg==", "PGkgY2xhc3M9ImZhIGZhLXNoaWVsZCI+PC9pPg==", "PGkgY2xhc3M9ImZhIGZhLXdpZmkiPjwvaT4=", - "PGkgY2xhc3M9ImZhIGZhLWdhbWVwYWQiPjwvaT4=" + "PGkgY2xhc3M9ImZhIGZhLWdhbWVwYWQiPjwvaT4=", + "PGkgY2xhc3M9ImZhLXNvbGlkIGZhLXByaW50Ij48L2k+", + "PGkgY2xhc3M9ImZhLXNvbGlkIGZhLW1vYmlsZSI+PC9pPg==", + "PGkgY2xhc3M9ImZhLXNvbGlkIGZhLWhhcmQtZHJpdmUiPjwvaT4=", + "PGkgY2xhc3M9ImZhLXNvbGlkIGZhLXNlcnZlciI+PC9pPg==", + "PGkgY2xhc3M9ImZhLWJyYW5kcyBmYS1hbmRyb2lkIj48L2k+" ], "options": [], "localized": [], @@ -435,7 +440,10 @@ "Device_TableHead_CustomProps", "Device_TableHead_FQDN", "Device_TableHead_ParentRelType", - "Device_TableHead_ReqNicsOnline" + "Device_TableHead_ReqNicsOnline", + "Device_TableHead_Vlan", + "Device_TableHead_IPv4", + "Device_TableHead_IPv6" ], "localized": ["name", "description"], "name": [ @@ -512,7 +520,8 @@ "Device_TableHead_NetworkSite", "Device_TableHead_SSID", "Device_TableHead_SourcePlugin", - "Device_TableHead_ParentRelType" + "Device_TableHead_ParentRelType", + "Device_TableHead_Vlan" ], "localized": ["name", "description"], "name": [ diff --git a/front/plugins/unifi_api_import/config.json b/front/plugins/unifi_api_import/config.json index ab8080b46..8ee8fba75 100755 --- a/front/plugins/unifi_api_import/config.json +++ b/front/plugins/unifi_api_import/config.json @@ -587,7 +587,7 @@ }, { "column": "Object_PrimaryID", - "mapped_to_column": "cur_MAC", + "mapped_to_column": "scanMac", "css_classes": "col-sm-3", "show": true, "type": "device_name_mac", @@ -605,7 +605,7 @@ }, { "column": "Object_SecondaryID", - "mapped_to_column": "cur_IP", + "mapped_to_column": "scanLastIP", "css_classes": "col-sm-2", "show": true, "type": "device_ip", @@ -623,7 +623,7 @@ }, { "column": "Watched_Value1", - "mapped_to_column": "cur_Name", + "mapped_to_column": "scanName", "css_classes": "col-sm-2", "show": true, "type": "label", @@ -641,7 +641,7 @@ }, { "column": "Watched_Value2", - "mapped_to_column": "cur_Type", + "mapped_to_column": "scanType", "css_classes": "col-sm-2", "show": true, "type": "label", @@ -676,7 +676,7 @@ }, { "column": "Watched_Value4", - "mapped_to_column": "cur_NetworkNodeMAC", + "mapped_to_column": "scanParentMAC", "css_classes": "col-sm-2", "show": true, "type": "device_mac", @@ -694,7 +694,7 @@ }, { "column": "Dummy", - "mapped_to_column": "cur_ScanMethod", + "mapped_to_column": "scanSourcePlugin", "mapped_to_column_data": { "value": "UNIFIAPI" }, diff --git a/front/plugins/unifi_api_import/unifi_api_import.py b/front/plugins/unifi_api_import/unifi_api_import.py index 4c51f7b48..678e8a466 100755 --- a/front/plugins/unifi_api_import/unifi_api_import.py +++ b/front/plugins/unifi_api_import/unifi_api_import.py @@ -74,7 +74,7 @@ def main(): watched1 = device['dev_name'], # name watched2 = device['dev_type'], # device_type (AP/Switch etc) watched3 = device['dev_connected'], # connectedAt or empty - watched4 = device['dev_parent_mac'], # parent_mac or "Internet" + watched4 = device['dev_parent_mac'], # parent_mac or "internet" extra = '', foreignKey = device['dev_mac'] ) @@ -115,10 +115,10 @@ def get_device_data(site, api): continue device_id_to_mac[dev["id"]] = dev.get("macAddress", "") - # Helper to resolve uplinkDeviceId to parent MAC, or "Internet" if no uplink + # Helper to resolve uplinkDeviceId to parent MAC, or "internet" if no uplink def resolve_parent_mac(uplink_id): if not uplink_id: - return "Internet" + return "internet" return device_id_to_mac.get(uplink_id, "Unknown") # Process Unifi devices diff --git a/front/plugins/unifi_import/config.json b/front/plugins/unifi_import/config.json index 111e3521c..ce215cc9e 100755 --- a/front/plugins/unifi_import/config.json +++ b/front/plugins/unifi_import/config.json @@ -123,7 +123,7 @@ "css_classes": "col-sm-2", "default_value": "", "localized": ["name"], - "mapped_to_column": "cur_MAC", + "mapped_to_column": "scanMac", "name": [ { "language_code": "en_us", @@ -147,7 +147,7 @@ "css_classes": "col-sm-2", "default_value": "", "localized": ["name"], - "mapped_to_column": "cur_IP", + "mapped_to_column": "scanLastIP", "name": [ { "language_code": "en_us", @@ -194,7 +194,7 @@ "css_classes": "col-sm-2", "default_value": "", "localized": ["name"], - "mapped_to_column": "cur_DateTime", + "mapped_to_column": "scanLastConnection", "name": [ { "language_code": "en_us", @@ -218,7 +218,7 @@ "css_classes": "col-sm-2", "default_value": "", "localized": ["name"], - "mapped_to_column": "cur_Name", + "mapped_to_column": "scanName", "name": [ { "language_code": "en_us", @@ -239,7 +239,7 @@ }, { "column": "Watched_Value2", - "mapped_to_column": "cur_Vendor", + "mapped_to_column": "scanVendor", "css_classes": "col-sm-2", "default_value": "", "localized": ["name"], @@ -263,7 +263,7 @@ }, { "column": "Watched_Value3", - "mapped_to_column": "cur_Type", + "mapped_to_column": "scanType", "css_classes": "col-sm-2", "default_value": "", "localized": ["name"], @@ -336,7 +336,7 @@ "css_classes": "col-sm-2", "default_value": "", "localized": ["name"], - "mapped_to_column": "cur_ScanMethod", + "mapped_to_column": "scanSourcePlugin", "mapped_to_column_data": { "value": "UNFIMP" }, @@ -383,7 +383,7 @@ }, { "column": "HelpVal1", - "mapped_to_column": "cur_NetworkNodeMAC", + "mapped_to_column": "scanParentMAC", "css_classes": "col-sm-2", "default_value": "", "localized": ["name"], @@ -399,7 +399,7 @@ }, { "column": "HelpVal2", - "mapped_to_column": "cur_PORT", + "mapped_to_column": "scanParentPort", "css_classes": "col-sm-2", "default_value": "", "localized": ["name"], @@ -935,6 +935,7 @@ "devName", "devVendor", "devSSID", + "devType", "devParentMAC", "devParentPort" ], diff --git a/front/plugins/unifi_import/script.py b/front/plugins/unifi_import/script.py index d62154b7f..d2a3886bd 100755 --- a/front/plugins/unifi_import/script.py +++ b/front/plugins/unifi_import/script.py @@ -173,7 +173,7 @@ def collect_details(device_type, devices, online_macs, processed_macs, plugin_ob # override parent MAC if this is a router if parentMac == 'null' and is_typical_router_ip(ipTmp): - parentMac = 'Internet' + parentMac = 'internet' # Add object only if not processed if macTmp not in processed_macs and (status == 1 or force_import is True): diff --git a/front/plugins/vendor_update/config.json b/front/plugins/vendor_update/config.json index d487dab2f..79f29f93f 100755 --- a/front/plugins/vendor_update/config.json +++ b/front/plugins/vendor_update/config.json @@ -428,7 +428,7 @@ }, { "column": "Object_PrimaryID", - "mapped_to_column": "cur_MAC", + "mapped_to_column": "scanMac", "css_classes": "col-sm-2", "show": true, "type": "device_mac", @@ -452,7 +452,7 @@ }, { "column": "Object_SecondaryID", - "mapped_to_column": "cur_IP", + "mapped_to_column": "scanLastIP", "css_classes": "col-sm-2", "show": true, "type": "device_ip", @@ -499,7 +499,7 @@ }, { "column": "DateTimeChanged", - "mapped_to_column": "cur_DateTime", + "mapped_to_column": "scanLastConnection", "css_classes": "col-sm-2", "show": true, "type": "label", @@ -523,7 +523,7 @@ }, { "column": "Dummy", - "mapped_to_column": "cur_ScanMethod", + "mapped_to_column": "scanSourcePlugin", "mapped_to_column_data": { "value": "VNDRPDT" }, @@ -550,7 +550,7 @@ }, { "column": "Watched_Value1", - "mapped_to_column": "cur_Vendor", + "mapped_to_column": "scanVendor", "css_classes": "col-sm-2", "show": true, "type": "label", @@ -570,7 +570,7 @@ }, { "column": "Watched_Value2", - "mapped_to_column": "cur_Name", + "mapped_to_column": "scanName", "css_classes": "col-sm-2", "show": true, "type": "label", diff --git a/front/pluginsCore.php b/front/pluginsCore.php index 4a6a3897b..636759937 100755 --- a/front/pluginsCore.php +++ b/front/pluginsCore.php @@ -572,7 +572,7 @@ function purgeAllExecute() { data: JSON.stringify({ dbtable: dbTable, columnName: 'Plugin', - id: plugPrefix + id: [plugPrefix] }), contentType: "application/json", success: function(response, textStatus) { @@ -603,15 +603,18 @@ function deleteListed(plugPrefixArg, dbTableArg) { // Ask for confirmation showModalWarning(`${getString('Gen_Purge')} ${plugPrefix} ${dbTable}`, `${getString('Gen_AreYouSure')} (${idArr.length})`, - `${getString('Gen_Cancel')}`, `${getString('Gen_Okay')}`, "deleteListedExecute"); + `${getString('Gen_Cancel')}`, `${getString('Gen_Okay')}`, () => deleteListedExecute(idArr)); } // -------------------------------------------------------- -function deleteListedExecute() { +function deleteListedExecute(idArr) { const apiBase = getApiBase(); const apiToken = getSetting("API_TOKEN"); const url = `${apiBase}/dbquery/delete`; + console.log(idArr); + + $.ajax({ method: "POST", url: url, @@ -619,7 +622,7 @@ function deleteListedExecute() { data: JSON.stringify({ dbtable: dbTable, columnName: 'Index', - id: idArr.toString() + id: idArr }), contentType: "application/json", success: function(response, textStatus) { diff --git a/front/settings.php b/front/settings.php index 899cdef06..2dc298bd7 100755 --- a/front/settings.php +++ b/front/settings.php @@ -511,10 +511,10 @@ class="fa fa-circle-info pointer hideOnBigScreen" } // INPUT - inputFormHtml = generateFormHtml(settingsData, set, valIn, null, null); + inputFormHtml = generateFormHtml(settingsData, set, valIn, null, null, false); - // construct final HTML for the setting - setHtml += inputFormHtml + overrideHtml + ` + // construct final HTML for the setting + setHtml += inputFormHtml + overrideHtml + `
` diff --git a/front/workflowsCore.php b/front/workflowsCore.php index 32a259679..b2942e6e1 100755 --- a/front/workflowsCore.php +++ b/front/workflowsCore.php @@ -12,7 +12,7 @@
- +
@@ -43,15 +43,17 @@ let workflows = []; let fieldOptions = [ - "devName", "devMac", "devOwner", "devType", "devVendor", "devFavorite", + "devName", "devMac", "devOwner", "devType", "devVendor", "devVlan", "devFavorite", "devGroup", "devComments", "devFirstConnection", "devLastConnection", "devLastIP", "devStaticIP", "devScan", "devLogEvents", "devAlertEvents", "devAlertDown", "devSkipRepeated", "devLastNotification", "devPresentLastScan", "devIsNew", "devLocation", "devIsArchived", "devParentMAC", "devParentPort", - "devIcon", "devSite", "devSSID", "devSyncHubNode", "devSourcePlugin", "devFQDN", - "devParentRelType", "devReqNicsOnline" + "devIcon", "devSite", "devSSID", "devSyncHubNode", "devSourcePlugin", "devFQDN", + "devParentRelType", "devReqNicsOnline", "devNameSource", "devVendorSource" , + "devSSIDSource", "devParentMACSource" , "devParentPortSource" , "devParentRelTypeSource", + "devVlanSource" ]; - + let triggerTypes = [ "Devices" ]; @@ -79,7 +81,7 @@ }, "conditions": [ ], - "actions": [ + "actions": [ ] }; @@ -131,25 +133,25 @@ function renderWorkflows() { // Generate UI for a single workflow function generateWorkflowUI(wf, wfIndex) { - let wfEnabled = (wf?.enabled ?? "No") == "Yes"; + let wfEnabled = (wf?.enabled ?? "No") == "Yes"; - let $wfContainer = $("
", { - class: "workflow-card panel col-sm-12 col-sx-12", - id: `wf-${wfIndex}-container` + let $wfContainer = $("
", { + class: "workflow-card panel col-sm-12 col-sx-12", + id: `wf-${wfIndex}-container` }); // Workflow Name let $wfLinkWrap = $("
", { class: " ", - id: `wf-${wfIndex}-header` + id: `wf-${wfIndex}-header` } ) - let $wfEnabledIcon = $("", { + let $wfEnabledIcon = $("", { class: `alignRight fa ${wfEnabled ? "fa-dot-circle" : "fa-circle" }` }); - + let $wfHeaderLink = $("", { @@ -163,7 +165,7 @@ class: `alignRight fa ${wfEnabled ? "fa-dot-circle" : "fa-circle" }` let $wfHeaderHeading = $("

", { - class: "panel-title" + class: "panel-title" } ).text(wf.name) @@ -176,34 +178,34 @@ class: "panel-title" let isOpen = panelState === "true"; // Convert stored string to boolean console.log(`panel isOpen: ${isOpen}` ); - - let $wfCollapsiblePanel = $("
", { - class: ` panel-collapse collapse ${isOpen ? 'in' : ''}`, - id: `wf-${wfIndex}-collapsible-panel` + + let $wfCollapsiblePanel = $("
", { + class: ` panel-collapse collapse ${isOpen ? 'in' : ''}`, + id: `wf-${wfIndex}-collapsible-panel` }); let $wfEnabled = createEditableDropdown( - `[${wfIndex}].enabled`, + `[${wfIndex}].enabled`, getString("WF_Enabled"), - wfEnabledOptions, - wfEnabled ? "Yes" :"No", + wfEnabledOptions, + wfEnabled ? "Yes" :"No", `wf-${wfIndex}-enabled` ); $wfCollapsiblePanel.append($wfEnabled) let $wfNameInput = createEditableInput( - `[${wfIndex}].name`, - getString("WF_Name"), - wf.name, - `wf-${wfIndex}-name`, + `[${wfIndex}].name`, + getString("WF_Name"), + wf.name, + `wf-${wfIndex}-name`, "workflow-name-input" ); $wfCollapsiblePanel.append($wfNameInput) - let $triggersIcon = $("", { + let $triggersIcon = $("", { class: "fa-solid fa-bolt" }); @@ -221,34 +223,34 @@ class: " col-sm-12 col-sx-12" ).append($triggerTitle); let $triggerTypeDropdown = createEditableDropdown( - `[${wfIndex}].trigger.object_type`, + `[${wfIndex}].trigger.object_type`, getString("WF_Trigger_type"), - triggerTypes, - wf.trigger.object_type, + triggerTypes, + wf.trigger.object_type, `wf-${wfIndex}-trigger-object-type` ); let $eventTypeDropdown = createEditableDropdown( - `[${wfIndex}].trigger.event_type`, - getString("WF_Trigger_event_type"), - triggerEvents, - wf.trigger.event_type, + `[${wfIndex}].trigger.event_type`, + getString("WF_Trigger_event_type"), + triggerEvents, + wf.trigger.event_type, `wf-${wfIndex}-trigger-event-type` ); - let $triggerIcon = $("", { + let $triggerIcon = $("", { class: "fa-solid fa-bolt bckg-icon-2-line" }); $triggerSection.append($triggerIcon); $triggerSection.append($triggerTypeDropdown); $triggerSection.append($eventTypeDropdown); - + $wfCollapsiblePanel.append($triggerSection); // Conditions - let $conditionsIcon = $("", { + let $conditionsIcon = $("", { class: "fa-solid fa-arrows-split-up-and-left fa-rotate-270" }); @@ -262,10 +264,10 @@ class: "col-sm-12 col-sx-12" $conditionsContainer.append(renderConditions(wfIndex, `[${wfIndex}]`, 0, wf.conditions)); - + $wfCollapsiblePanel.append($conditionsContainer); - let $actionsIcon = $("", { + let $actionsIcon = $("", { class: "fa-solid fa-person-running fa-flip-horizontal" }); @@ -295,10 +297,10 @@ class: "panel col-sm-12 col-sx-12" // Dropdown for action.type let $actionDropdown= createEditableDropdown( - `[${wfIndex}].actions[${actionIndex}].type`, - getString("WF_Action_type"), - actionTypes, - action.type, + `[${wfIndex}].actions[${actionIndex}].type`, + getString("WF_Action_type"), + actionTypes, + action.type, `wf-${wfIndex}-actionIndex-${actionIndex}-type` ); @@ -314,23 +316,23 @@ class: "panel col-sm-12 col-sx-12" // Dropdown for action.field let $fieldDropdown = createEditableDropdown( - `[${wfIndex}].actions[${actionIndex}].field`, - getString("WF_Action_field"), - fieldOptions, - action.field, + `[${wfIndex}].actions[${actionIndex}].field`, + getString("WF_Action_field"), + fieldOptions, + action.field, `wf-${wfIndex}-actionIndex-${actionIndex}-field` ); // Textbox for action.value let $actionValueInput = createEditableInput( - `[${wfIndex}].actions[${actionIndex}].value`, - getString("WF_Action_value"), - action.value, - `wf-${wfIndex}-actionIndex-${actionIndex}-value`, + `[${wfIndex}].actions[${actionIndex}].value`, + getString("WF_Action_value"), + action.value, + `wf-${wfIndex}-actionIndex-${actionIndex}-value`, "action-value-input" ); - + $actionEl.append($fieldDropdown); $actionEl.append($actionValueInput); @@ -340,7 +342,7 @@ class: "panel col-sm-12 col-sx-12" let $actionRemoveButtonWrap = $("
", { class: "button-container col-sm-1 col-sx-12" }); - let $actionRemoveIcon = $("", { + let $actionRemoveIcon = $("", { class: "fa-solid fa-trash" }); @@ -353,14 +355,14 @@ class: "pointer remove-action red-hover-text", $actionRemoveButtonWrap.append($actionRemoveButton); - let $actionIcon = $("", { + let $actionIcon = $("", { class: `fa-solid fa-person-running fa-flip-horizontal bckg-icon-${numberOfLines}-line ` }); $actionEl.prepend($actionIcon) $actionElWrap.append($actionEl) - + $actionElWrap.append($actionRemoveButtonWrap) $actionsContainer.append($actionElWrap); @@ -370,7 +372,7 @@ class: `fa-solid fa-person-running fa-flip-horizontal bckg-icon-${numberOfLines // add action button let $actionAddButtonWrap = $("
", { class: "button-container col-sm-12 col-sx-12" }); - let $actionAddIcon = $("", { + let $actionAddIcon = $("", { class: "fa-solid fa-plus" }); let $actionAddButton = $("
", { @@ -382,10 +384,10 @@ class : "pointer add-action green-hover-text", $actionAddButtonWrap.append($actionAddButton) $actionsContainer.append($actionAddButtonWrap) - + let $wfRemoveButtonWrap = $("
", { class: "button-container col-sm-4 col-sx-12" }); - let $wfRemoveIcon = $("", { + let $wfRemoveIcon = $("", { class: "fa-solid fa-trash" }); @@ -399,7 +401,7 @@ class: "pointer remove-wf red-hover-text", let $wfDuplicateButtonWrap = $("
", { class: "button-container col-sm-4 col-sx-12" }); - let $wfDuplicateIcon = $("", { + let $wfDuplicateIcon = $("", { class: "fa-solid fa-copy" }); @@ -412,7 +414,7 @@ class: "pointer duplicate-wf green-hover-text", let $wfExportButtonWrap = $("
", { class: "button-container col-sm-4 col-sx-12" }); - let $wfExportIcon = $("", { + let $wfExportIcon = $("", { class: "fa-solid fa-file-export" }); @@ -422,13 +424,13 @@ class: "pointer export-wf green-hover-text", }) .append($wfExportIcon) // Add icon .append(` ${getString("WF_Export")}`); // Add text - + $wfCollapsiblePanel.append($actionsContainer); $wfCollapsiblePanel.append($wfDuplicateButtonWrap.append($wfDuplicateButton)) $wfCollapsiblePanel.append($wfExportButtonWrap.append($wfExportButton)) $wfCollapsiblePanel.append($wfRemoveButtonWrap.append($wfRemoveButton)) - + $wfContainer.append($wfCollapsiblePanel) @@ -439,24 +441,24 @@ class: "pointer export-wf green-hover-text", // -------------------------------------- // Render conditions recursively function renderConditions(wfIndex, parentIndexPath, conditionGroupsIndex, conditions) { - let $conditionList = $("
", { + let $conditionList = $("
", { class: "condition-list panel col-sm-12 col-sx-12", - parentIndexPath: parentIndexPath + parentIndexPath: parentIndexPath }); lastConditionIndex = 0 - let $conditionListWrap = $("
", { + let $conditionListWrap = $("
", { class: `condition-list-wrap ${conditionGroupsIndex==0?"col-sm-12":"col-sm-11"} col-sx-12`, conditionGroupsIndex: conditionGroupsIndex }); - let $deleteConditionGroupWrap = $("
", { + let $deleteConditionGroupWrap = $("
", { class: "condition-group-wrap-del col-sm-1 col-sx-12" }); $.each(conditions, function (conditionIndex, condition) { - + let currentPath = `${parentIndexPath}.conditions[${conditionIndex}]`; if (condition.logic) { @@ -467,16 +469,16 @@ class : "condition box box-secondary col-sm-12 col-sx-12" ); let $logicDropdown = createEditableDropdown( - `${currentPath}.logic`, - getString("WF_Conditions_logic_rules"), - ["AND", "OR"], - condition.logic, + `${currentPath}.logic`, + getString("WF_Conditions_logic_rules"), + ["AND", "OR"], + condition.logic, `wf-${wfIndex}-${currentPath.replace(/\./g, "-")}-logic` // id ); $nestedCondition.append($logicDropdown); - - $conditionListNested = renderConditions(wfIndex, currentPath, conditionGroupsIndex+1, condition.conditions) + + $conditionListNested = renderConditions(wfIndex, currentPath, conditionGroupsIndex+1, condition.conditions) $nestedCondition.append($conditionListNested); // Recursive call for nested conditions @@ -484,7 +486,7 @@ class : "condition box box-secondary col-sm-12 col-sx-12" } else { // INDIVIDUAL CONDITIONS - let $conditionIcon = $("", { + let $conditionIcon = $("", { class: "fa-solid fa-arrows-split-up-and-left fa-rotate-270 bckg-icon-3-line " }); @@ -505,27 +507,27 @@ class: "conditionItemsWrap col-sm-11 col-sx-12" // Create dropdown for condition field let $fieldDropdown = createEditableDropdown( `${currentPath}.field`, - getString("WF_Condition_field"), - fieldOptions, - condition.field, + getString("WF_Condition_field"), + fieldOptions, + condition.field, `wf-${wfIndex}-${currentPath.replace(/\./g, "-")}-field` ); // Create dropdown for operator let $operatorDropdown = createEditableDropdown( - `${currentPath}.operator`, - getString("WF_Condition_operator"), - operatorTypes, - condition.operator, + `${currentPath}.operator`, + getString("WF_Condition_operator"), + operatorTypes, + condition.operator, `wf-${wfIndex}-${currentPath.replace(/\./g, "-")}-operator` ); // Editable input for condition value let $editableInput = createEditableInput( - `${currentPath}.value`, - getString("WF_Condition_value"), - condition.value, - `wf-${wfIndex}-${currentPath.replace(/\./g, "-")}-value`, + `${currentPath}.value`, + getString("WF_Condition_value"), + condition.value, + `wf-${wfIndex}-${currentPath.replace(/\./g, "-")}-value`, "condition-value-input" ); @@ -535,7 +537,7 @@ class: "conditionItemsWrap col-sm-11 col-sx-12" $conditionItemsWrap.append($editableInput); // Append editable input for condition value let $conditionRemoveButtonWrap = $("
", { class: "button-container col-sm-1 col-sx-12" }); - let $conditionRemoveButtonIcon = $("", { + let $conditionRemoveButtonIcon = $("", { class: "fa-solid fa-trash" }); let $conditionRemoveButton = $("
", { @@ -549,7 +551,7 @@ class : "pointer remove-condition red-hover-text", $conditionItem.append($conditionItemsWrap); $conditionItem.append($conditionRemoveButtonWrap); - $conditionList.append($conditionItem); + $conditionList.append($conditionItem); } lastConditionIndex = conditionIndex @@ -562,7 +564,7 @@ class: "add-button-wrap col-sm-12 col-sx-12" if (conditionGroupsIndex != 0) { // Add Condition button let $conditionAddWrap = $("
", { class: "button-container col-sm-6 col-sx-12" }); - let $conditionAddIcon = $("", { + let $conditionAddIcon = $("", { class: "fa-solid fa-plus" }); let $conditionAddButton = $("
", { @@ -574,7 +576,7 @@ class: "pointer add-condition green-hover-text col-sx-12", // Remove Condition Group button let $conditionGroupRemoveWrap = $("
", { class: "button-container col-sx-12" }); - let $conditionGroupRemoveIcon = $("", { + let $conditionGroupRemoveIcon = $("", { class: "fa-solid fa-trash" }); let $conditionGroupRemoveButton = $("
", { @@ -592,7 +594,7 @@ class: "pointer remove-condition-group red-hover-text col-sx-12", // Add Condition Group button let $conditionsGroupAddWrap = $("
", { class: "button-container col-sm-6 col-sx-12" }); - let $conditionsGroupAddIcon = $("", { + let $conditionsGroupAddIcon = $("", { class: "fa-solid fa-plus" }); let $conditionsGroupAddButton = $("
", { @@ -606,9 +608,9 @@ class: "pointer add-condition-group green-hover-text col-sx-12", $conditionList.append($addButtonWrap); $conditionListWrap.append($conditionList) - - - let $res = $("
", { + + + let $res = $("
", { class: "condition-list-res col-sm-12 col-sx-12" }); @@ -627,8 +629,8 @@ function createEditableDropdown(jsonPath, labelText, options, selectedValue, id) class: "form-group col-sm-12 col-sx-12" }); - let $label = $("