Merge pull request #510 from bergware/master

Added Dokcer/VM XML files to diagnostics

plugins/dynamix/DiskSettings.page

@@ -4,8 +4,8 @@ Icon="icon-disks"
 Tag="icon-disk"
 ---
 <?PHP
-/* Copyright 2005-2018, Lime Technology
- * Copyright 2012-2018, Bergware International.
+/* Copyright 2005-2019, Lime Technology
+ * Copyright 2012-2019, Bergware International.
  *
  * This program is free software; you can redistribute it and/or
  * modify it under the terms of the GNU General Public License version 2,
@@ -36,7 +36,7 @@ function doDispatch(form) {
 <?endif;?>
   fields['#cfg'] = "/boot/config/plugins/dynamix/dynamix.cfg";
   fields['#cleanup'] = true;
-  $(form).find('input[name^="display_"]').each(function(){fields[$(this).attr('name')] = $(this).val(); $(this).prop('disabled',true);});
+  $(form).find('input[name^="display_"],select[name^="display_"]').each(function(){fields[$(this).attr('name')] = $(this).val(); $(this).prop('disabled',true);});
   $.post('/webGui/include/Dispatcher.php',fields);
 }
 function prepareDiskSettings(form) {
@@ -131,6 +131,17 @@ Default file system:
 >
 > The default file system type for a single or multi-device cache is always Btrfs.
 
+Cache encryption passphrase:
+: <select name="display_keyfile" size="1">
+  <?=mk_option($display['keyfile'], "", "No")?>
+  <?=mk_option($display['keyfile'], "1", "Yes")?>
+  </select>
+
+> By default the user is asked to enter the passphrase each time the array is restarted.<br>
+> Caching the passphrase allows for restarting the array without intervention once the passphrase is entered the first time
+>
+> Note: the passphrase is lost after a system reboot or system powerdown and must be re-entered
+
 Shutdown time-out:
 : <input type="text" name="shutdownTimeout" maxlength="10" value="<?=$var['shutdownTimeout']?>" class="narrow">
 

plugins/dynamix/ManagementAccess.page

@@ -192,7 +192,6 @@ Use UPnP:
 > Enable (default) or disable the UPnP function on the server. This function allows automatic forwarding of ports on the router, only applicable when UPnP is enabled on the router itself.
 
 <?endif;?>
-
 Use SSL/TLS:
 : <select name="USE_SSL" size="1" onchange="updateSSL(this.form)">
   <?=mk_option($var['USE_SSL'], "auto", "Auto")?>

plugins/dynamix/event/started/delete_keyfile

@@ -0,0 +1,2 @@
+#!/bin/bash
+[[ -f /root/keyfile && -z $(grep -Po '^keyfile="\K[^"]+' /boot/config/plugins/dynamix/dynamix.cfg 2>/dev/null) ]] && rm -f /root/keyfile

plugins/dynamix/event/stopped/delete_keyfile

@@ -0,0 +1,2 @@
+#!/bin/bash
+[[ -f /root/keyfile && -z $(grep -Po '^keyfile="\K[^"]+' /boot/config/plugins/dynamix/dynamix.cfg 2>/dev/null) ]] && rm -f /root/keyfile

plugins/dynamix/scripts/diagnostics

@@ -1,7 +1,7 @@
 #!/usr/bin/php -q
 <?PHP
-/* Copyright 2005-2018, Lime Technology
- * Copyright 2012-2018, Bergware International.
+/* Copyright 2005-2019, Lime Technology
+ * Copyright 2012-2019, Bergware International.
  *
  * This program is free software; you can redistribute it and/or
  * modify it under the terms of the GNU General Public License version 2,
@@ -72,7 +72,7 @@ if ($cli) {
   $date = "{$split[2]}-{$split[3]}";
 }
 // create folder structure
-exert("mkdir -p ".escapeshellarg("/$diag/system")." ".escapeshellarg("/$diag/config")." ".escapeshellarg("/$diag/logs")." ".escapeshellarg("/$diag/shares")." ".escapeshellarg("/$diag/smart")." ".escapeshellarg("/$diag/qemu"));
+exert("mkdir -p ".escapeshellarg("/$diag/system")." ".escapeshellarg("/$diag/config")." ".escapeshellarg("/$diag/logs")." ".escapeshellarg("/$diag/shares")." ".escapeshellarg("/$diag/smart")." ".escapeshellarg("/$diag/qemu")." ".escapeshellarg("/$diag/xml"));
 // get utilization of running processes
 exert("top -bn1 -o%CPU 2>/dev/null|todos >".escapeshellarg("/$diag/system/top.txt"));
 // make Unraid version reference
@@ -227,8 +227,14 @@ if ($qemu) {
       exert("truncate -s '<$max' ".escapeshellarg("$log.txt"));
     }
   }
-} else
+} else {
   file_put_contents("/$diag/qemu/no qemu log files","");
+}
+// copy VM XML config files
+exert("cp /etc/libvirt/qemu/*.xml ".escapeshellarg("/$diag/xml")." 2>/dev/null");
+// anonymize MAC OSK info
+exert("sed -ri 's/(,osk=).+/\\1.../' ".escapeshellarg("/$diag/xml/*.xml")." 2>/dev/null");
+
 // copy syslog information (anonymize if applicable)
 $max = 2*1024*1024; //=2MB
 foreach (glob("/var/log/syslog*") as $file) {

plugins/dynamix/scripts/upnp_poller

@@ -0,0 +1,44 @@
+#!/bin/bash
+while :; do
+  if [[ -x /usr/bin/upnpc ]]; then
+    UPNP=/var/tmp/upnp
+    XML=$(cat $UPNP 2>/dev/null)
+    LINK=eth0
+    [[ -e /sys/class/net/bond0 ]] && LINK=bond0
+    [[ -e /sys/class/net/br0 ]] && LINK=br0
+    if [[ -n $XML ]]; then
+      # validate XML
+      timeout 6 stdbuf -o0 upnpc -u $XML -m $LINK -l 2>&1|grep -qm1 'refused'
+      [[ $? -ne 1 ]] && XML=
+    fi
+    if [[ -z $XML ]]; then
+      # obtain XML
+      GW=$(ip -4 route list default dev $LINK|awk '{print $3}')
+      DESC=$(timeout 12 stdbuf -o0 upnpc -m $LINK -l 2>/dev/null|grep -Po 'desc: \K.+')
+      for URL in $DESC; do
+        IP=${URL#*://}
+        if [[ ${IP%:*} == $GW ]]; then
+          XML=$URL
+          echo -n $XML >$UPNP
+          break
+        fi
+      done
+    fi
+    if [[ -n $XML ]]; then
+      # upnp on router is enabled, get active tunnels
+      TUNNEL=$(wg show interfaces)
+      UPNP=$(timeout 6 stdbuf -o0 upnpc -u $XML -m $LINK -l 2>/dev/null|grep -Po "WireGuard-\Kwg[0-9]+"|tr '\n' ' ')
+      for WG in $TUNNEL; do
+        if [[ -z $(grep -Pom1 'UPNP:0="\K.[^"]+' /etc/wireguard/$WG.cfg) && ! ${UPNP[@]} =~ "$WG " ]]; then
+          # port forwarding is closed; re-open it
+          IP=$(ip -4 addr show dev $LINK|grep -Pom1 'inet \K.[^/]+')
+          PORT=$(wg show $WG listen-port)
+          upnpc -u $XML -m $LINK -e "WireGuard-$WG" -a $IP $PORT $PORT udp >/dev/null 2>&1
+          [[ $? -eq 0 ]] && logger -t upnpc "Added port $PORT/udp" || logger -t upnpc "Failed to add port $PORT/udp"
+        fi
+      done
+    fi
+  fi
+  # loop every 3 minutes
+  sleep 180
+done &

plugins/dynamix/scripts/upnp_poller_start

@@ -0,0 +1,3 @@
+#!/bin/bash
+POLLER=/usr/local/emhttp/webGui/scripts/upnp_poller
+[[ -z $(pgrep -f $POLLER) ]] && $POLLER

plugins/dynamix/scripts/upnp_port

@@ -0,0 +1,56 @@
+#!/bin/bash
+# upnp_port add link descr ip port port udp
+# upnp_port del link port udp
+
+# exit if not executable
+[[ ! -x /usr/bin/upnpc ]] && exit 0
+
+LINK=$2
+UPNP=/var/tmp/upnp
+XML=$(cat $UPNP 2>/dev/null)
+
+if [[ -n $XML ]]; then
+  # validate XML
+  timeout 6 stdbuf -o0 upnpc -u $XML -m $LINK -l 2>&1|grep -qm1 'refused'
+  [[ $? -ne 1 ]] && XML=
+fi
+if [[ -z $XML ]]; then
+  # obtain XML
+  GW=$(ip -4 route list default dev $LINK|awk '{print $3}')
+  DESC=$(timeout 12 stdbuf -o0 upnpc -m $LINK -l 2>/dev/null|grep -Po 'desc: \K.+')
+  for URL in $DESC; do
+    IP=${URL#*://}
+    if [[ ${IP%:*} == $GW ]]; then
+      XML=$URL
+      echo -n $XML >$UPNP
+      break
+    fi
+  done
+fi
+# exit when no XML
+[[ -z $XML ]] && exit 0
+
+WG=$(wg show interfaces)
+POLLER=/usr/local/emhttp/webGui/scripts/upnp_poller
+
+case $1 in
+add)
+  upnpc -u $XML -m $LINK -e $3 -a $4 $5 $6 $7 >/dev/null 2>&1
+  if [[ $? -eq 0 ]]; then
+    [[ -n $WG ]] && at -M -f ${POLLER}_start now 2>/dev/null
+    logger -t upnpc "Added port $5/$7"
+  else
+    logger -t upnpc "Failed to add port $5/$7"
+  fi
+  ;;
+del)
+  upnpc -u $XML -m $LINK -d $3 $4 >/dev/null 2>&1
+  if [[ $? -eq 0 ]]; then
+    [[ -z $WG && -n $(pgrep -f $POLLER) ]] && pkill -f $POLLER
+    logger -t upnpc "Deleted port $3/$4"
+  else
+    logger -t upnpc "Failed to delete port $3/$4"
+  fi
+  ;;
+esac
+exit 0