diff --git a/Netdisco/bin/netdisco-deploy b/Netdisco/bin/netdisco-deploy index ced416e7..cda994ae 100755 --- a/Netdisco/bin/netdisco-deploy +++ b/Netdisco/bin/netdisco-deploy @@ -37,16 +37,19 @@ BEGIN { use App::Netdisco; use Dancer ':script'; use Dancer::Plugin::DBIC 'schema'; +use Dancer::Plugin::Passphrase; info "App::Netdisco version $App::Netdisco::VERSION loaded."; use 5.010_000; use Term::UI; use Term::ReadLine; +use Term::ANSIColor; use Archive::Extract; $Archive::Extract::PREFER_BIN = 1; use HTTP::Tiny; +use Digest::MD5; use Try::Tiny; use Encode; @@ -74,6 +77,7 @@ for its use. =cut +print color 'bold cyan'; say 'This is the Netdisco II deployment script.'; say ''; say 'Before we continue, the following prerequisites must be in place:'; @@ -85,6 +89,7 @@ say ' * Internet access (for OUIs and MIBs)'; say ''; say 'You will be asked to confirm all changes to your system.'; say ''; +print color 'reset'; my $term = Term::ReadLine->new('netdisco'); my $bool = $term->ask_yn( @@ -99,46 +104,46 @@ $bool = $term->ask_yn( ); deploy_db() if $bool; -say ''; -my $users = schema('netdisco')->resultset('User'); -if ($users->count == 0) { - $bool = $term->ask_yn( - prompt => 'Would you like a default web user with Admin rights (discover, etc)?', - default => 'n', - ); - - if ($bool) { - $users->create({ - username => 'guest', - admin => 'true', - port_control => 'true', - }); - if (not setting('no_auth')) { - say ''; - say '*** Done. Please add "no_auth: true" to your ~/environments/deployment.yml file. ***'; - } - } - else { - say ''; - $bool = $term->ask_yn( - prompt => 'Would you like a default web user with Port Control rights?', - default => 'n', - ); - if ($bool) { - $users->create({ - username => 'guest', - port_control => 'true', - }); - if (not setting('no_auth')) { - say ''; - say '*** Done. Please add "no_auth: true" to your ~/environments/deployment.yml file. ***'; - } - } - } -} -elsif (!setting('safe_password_store')) { +if (not setting('safe_password_store')) { + say ''; + print color 'bold red'; say '*** WARNING: Weak password hashes are being stored in the database! ***'; say '*** WARNING: Please add "safe_password_store: true" to your ~/environments/deployment.yml file. ***'; + print color 'reset'; +} + +sub _make_password { + my $pass = (shift || passphrase->generate_random); + if (setting('safe_password_store')) { + return passphrase($pass)->generate; + } + else { + return Digest::MD5::md5_hex($pass), + } +} + +my $users = schema('netdisco')->resultset('User'); +if ($users->count == 0) { + say ''; + print color 'bold green'; + say 'We need to create a user for inital login. This user will be a full Administrator.'; + say 'Afterwards, you can go to Admin -> User Management to manage users.'; + print color 'reset'; + say ''; + + my $name = $term->get_reply(prompt => 'Username: '); + my $pass = $term->get_reply(prompt => 'Password: '); + + $users->create({ + username => $name, + password => _make_password($pass), + admin => 'true', + port_control => 'true', + }); + + print color 'bold blue'; + say 'New user created.'; + print color 'reset'; } say ''; @@ -150,24 +155,26 @@ deploy_oui() if $bool; say ''; my $default_mibhome = dir($home, 'netdisco-mibs'); if (setting('mibhome') and setting('mibhome') ne $default_mibhome) { - my $mibhome = $term->get_reply( - print_me => "MIB home options:", - prompt => "Download and update MIB files to...?", - choices => [setting('mibhome'), $default_mibhome, 'Skip this.'], - default => 'Skip this.', - ); - deploy_mibs($mibhome) if $mibhome and $mibhome ne 'Skip this.'; + my $mibhome = $term->get_reply( + print_me => "MIB home options:", + prompt => "Download and update MIB files to...?", + choices => [setting('mibhome'), $default_mibhome, 'Skip this.'], + default => 'Skip this.', + ); + deploy_mibs($mibhome) if $mibhome and $mibhome ne 'Skip this.'; } else { - $bool = $term->ask_yn( - prompt => "Download and update MIB files?", default => 'n', - ); - deploy_mibs($default_mibhome) if $bool; + $bool = $term->ask_yn( + prompt => "Download and update MIB files?", default => 'n', + ); + deploy_mibs($default_mibhome) if $bool; } sub deploy_db { system 'netdisco-db-deploy'; + print color 'bold blue'; say 'DB schema update complete.'; + print color 'reset'; } sub deploy_oui { @@ -204,7 +211,9 @@ sub deploy_oui { } } + print color 'bold blue'; say 'OUI update complete.'; + print color 'reset'; } # This subroutine is from Wireshark's make-manuf @@ -254,7 +263,9 @@ sub deploy_mibs { unlink $file; } + print color 'bold blue'; say 'MIBs update complete.'; + print color 'reset'; } exit 0; diff --git a/Netdisco/share/environments/deployment.yml b/Netdisco/share/environments/deployment.yml index d2ee9277..02180926 100644 --- a/Netdisco/share/environments/deployment.yml +++ b/Netdisco/share/environments/deployment.yml @@ -28,8 +28,9 @@ safe_password_store: true # ``````````````````````````````````````````````````````` #domain_suffix: '.example.com' -# uncomment and set to true to disable authentication/login -# ````````````````````````````````````````````````````````` +# uncomment and set to true to globally disable authentication/login, +# and also create a user called "guest". +# ``````````````````````````````````````````````````````````````````` #no_auth: false # SNMP community string(s)