diff --git a/NEWS.md b/NEWS.md index f7927086d..b0acbf52b 100644 --- a/NEWS.md +++ b/NEWS.md @@ -2,16 +2,13 @@ Hit tab to unselect buttons and scroll through the text using UP/DOWN or PGUP/PGDN. All announcements are stored in `/opt/openhabian/docs/CHANGELOG.md` for you to lookup. +## Frontail removed ## December XX, 2024 +We have removed the frontail log-viewer package and deleted it from all +systems with openHAB 4.3 or later installed. As of openHAB 4.3 a log-viewer +is built in to openHAB, and frontail has serious security vulnerabilities +present and is no longer maintained. We apologize for any inconvenience +this may cause. + ## Legacy openHAB 2 support removed ## November 23, 2024 We have removed legacy support for the openHAB 2 systems. Please upgrade to the latest version of openHAB to receive further support. - -## openHABian 1.9 released based on Debian 12 bookworm ## March 13, 2024 -We stepped up to latest Debian Linux release. The openHABian image for RPis -uses Raspberry Pi OS (lite) and we finally managed to switch over to latest -RaspiOS which is "bookworm" based. -Note that not all 3rd party tools are fully tested with bookworm homegear. -If you run a bullseye (Debian 11) or even older distribution, please read the -docs how to reinstall. It's safer to reinstall (and import your old config, -of course) than to attempt doing a dist-upgrade. -See also the OH4 migration FAQ on the forum. diff --git a/build-image/openhabian.conf b/build-image/openhabian.conf index 0d93d5a3c..65720ab8a 100644 --- a/build-image/openhabian.conf +++ b/build-image/openhabian.conf @@ -114,7 +114,4 @@ storagecapacity=1024 # preauthkey=tskey-xxxxxxxxxxxxxxxxx # tstags=tag:client -# Custom log files -# custom_log_files=("/var/log/foo.log" "/var/log/bar.log") - # vim: filetype=sh diff --git a/build.bash b/build.bash index 62e79548f..51b75894f 100755 --- a/build.bash +++ b/build.bash @@ -353,12 +353,6 @@ if [[ $hwPlatform == "raspios32" ]] || [[ $hwPlatform == "raspios64" ]]; then firemotd_download "${buildFolder}/root/opt" &> /dev/null ) - # Cache frontail for offline install. - ( - echo_process "Downloading frontail..." - frontail_download "${buildFolder}/root/opt" &> /dev/null - ) - sync umount_image_file_root "$imageFile" "$buildFolder" diff --git a/docs/CHANGELOG.md b/docs/CHANGELOG.md index 007cf7141..9d413ea97 100644 --- a/docs/CHANGELOG.md +++ b/docs/CHANGELOG.md @@ -1,3 +1,10 @@ +## Frontail removed ## December XX, 2024 +We have removed the frontail log-viewer package and deleted it from all +systems with openHAB 4.3 or later installed. As of openHAB 4.3 a log-viewer +is built in to openHAB, and frontail has serious security vulnerabilities +present and is no longer maintained. We apologize for any inconvenience +this may cause. + ## Legacy openHAB 2 support removed ## November 23, 2024 We have removed legacy support for the openHAB 2 systems. Please upgrade to the latest version of openHAB to receive further support. diff --git a/docs/openhabian.md b/docs/openhabian.md index d4e62b019..8023cecfa 100644 --- a/docs/openhabian.md +++ b/docs/openhabian.md @@ -28,7 +28,6 @@ It provides: - ZRAM - [SD card mirroring](#sd-mirroring) - [Amanda backup system](openhabian-amanda.md) -- Web based openHAB Log Viewer (based on [frontail](https://github.com/mthenw/frontail)) - [Tailscale](https://tailscale.com/blog/how-tailscale-works/) VPN and [WireGuard](https://www.wireguard.com/) for remote VPN access - Samba file sharing [pre-configured ready to use shares](https://www.openhab.org/docs/installation/linux.html#mounting-locally) - Login information screen, powered by [FireMotD](https://github.com/OutsideIT/FireMotD) @@ -168,7 +167,6 @@ The whole process will take some minutes, then openHAB and all other tools requi - Insert the SD card into your Raspberry Pi. Connect your Ethernet. If you want to use Wi-Fi instead, [configure Wi-Fi](#wi-fi-based-setup-notes) before booting or use the hotspot function later on. **Do not attach a keyboard**. Power on and wait approximately 10-30 minutes for openHABian to do its magic. The system will be accessible by its IP or via the local DNS name `openhabian` and you can watch the install progress in your browser at [http://openhabian:81](http://openhabian:81). If for whatever reason networking does not work, openHABian will launch a [hotspot](#Wi-Fi-Hotspot) so if you see that, something's up with your networking. - Connect to the openHAB UI at [http://openhabian:8080](http://openhabian:8080) - [Connect to the Samba network shares](https://www.openhab.org/docs/installation/linux.html#mounting-locally) -- Connect to the openHAB Log Viewer (frontail): [http://openhabian:9001](http://openhabian:9001) - **If you encounter any setup problem, [please continue here](#successful)** When openHABian has installed and configured your openHAB system, you can start to use it right away. @@ -462,7 +460,6 @@ In `openhabian.conf`, uncomment and complete the lines reading `hw=`, `hwarch=` openHABian comes with a number of additional tools to quickly install and set up additional home automation related software. You'll find all of these in the [openHABian Configuration Tool](#openhabian-configuration-tool), menu option 20. -- [Frontail](https://github.com/mthenw/frontail) - openHAB Log Viewer accessible from [http://openhabian:9001](http://openhabian:9001) - [InfluxDB and Grafana](https://community.openhab.org/t/influxdb-grafana-persistence-and-graphing/13761/1) - persistence and graphing available from [http://openhabian:3000](http://openhabian:3000) - [Eclipse Mosquitto](http://mosquitto.org) - Open Source MQTT v3.1/v3.1.1 Broker - [Node-RED](https://nodered.org) - "Flow-based programming for the Internet of Things". Access at [http://openhabian:1880](http://openhabian:1880). diff --git a/functions/menu.bash b/functions/menu.bash index 54a3a331f..4f0d2d053 100644 --- a/functions/menu.bash +++ b/functions/menu.bash @@ -112,24 +112,21 @@ show_main_menu() { elif [[ "$choice" == "20"* ]]; then choice2=$(whiptail --title "openHABian Configuration Tool — $(get_git_revision)" --menu "Optional Components" 24 118 16 --cancel-button Back --ok-button Execute \ - "21 | Log Viewer" "openHAB Log Viewer webapp (frontail)" \ - " | Add log to viewer" "Add a custom log to openHAB Log Viewer (frontail)" \ - " | Remove log from viewer" "Remove a custom log from openHAB Log Viewer (frontail)" \ - "22 | miflora-mqtt-daemon" "Xiaomi Mi Flora Plant Sensor MQTT Client/Daemon" \ - "23 | Mosquitto" "MQTT broker Eclipse Mosquitto" \ - "24 | InfluxDB+Grafana" "A powerful persistence and graphing solution" \ - "25 | Node-RED" "Flow-based programming for the Internet of Things" \ - "26 | Homegear" "Homematic specific, the CCU2 emulation software Homegear" \ - "27 | knxd" "KNX specific, the KNX router/gateway daemon knxd" \ - "28 | 1wire" "1wire specific, owserver and related packages" \ - "29 | deCONZ" "deCONZ / Phoscon companion app for Conbee/Raspbee controller" \ - "2A | Zigbee2MQTT" "Install or Update Zigbee2MQTT" \ + "21 | miflora-mqtt-daemon" "Xiaomi Mi Flora Plant Sensor MQTT Client/Daemon" \ + "22 | Mosquitto" "MQTT broker Eclipse Mosquitto" \ + "23 | InfluxDB+Grafana" "A powerful persistence and graphing solution" \ + "24 | Node-RED" "Flow-based programming for the Internet of Things" \ + "25 | Homegear" "Homematic specific, the CCU2 emulation software Homegear" \ + "26 | knxd" "KNX specific, the KNX router/gateway daemon knxd" \ + "27 | 1wire" "1wire specific, owserver and related packages" \ + "28 | deCONZ" "deCONZ / Phoscon companion app for Conbee/Raspbee controller" \ + "29 | Zigbee2MQTT" "Install or Update Zigbee2MQTT" \ " | Remove Zigbee2MQTT" "Remove Zigbee2MQTT from this system" \ - "2B | FIND 3" "Framework for Internal Navigation and Discovery" \ + "2A | FIND 3" "Framework for Internal Navigation and Discovery" \ " | Monitor Mode" "Patch firmware to enable monitor mode (ALPHA/DANGEROUS)" \ - "2C | Install HABApp" "Python 3 integration and rule engine for openHAB" \ + "2B | Install HABApp" "Python 3 integration and rule engine for openHAB" \ " | Remove HABApp" "Remove HABApp from this system" \ - "2D | Install EVCC" "Deploy Electric Vehicle Charge Controller" \ + "2C | Install EVCC" "Deploy Electric Vehicle Charge Controller" \ " | Remove EVCC" "Uninstall EVCC" \ " | Setup EVCC" "Setup EVCC from command line (German only)" \ 3>&1 1>&2 2>&3) @@ -137,24 +134,21 @@ show_main_menu() { if [ $RET -eq 1 ] || [ $RET -eq 255 ]; then return 0; fi wait_for_apt_to_finish_update case "$choice2" in - 21\ *) frontail_setup;; - *Add\ log\ to\ viewer*) custom_frontail_log "add";; - *Remove\ log\ from\ viewer*) custom_frontail_log "remove";; - 22\ *) miflora_setup ;; - 23\ *) mqtt_setup ;; - 24\ *) influxdb_grafana_setup ;; - 25\ *) nodered_setup ;; - 26\ *) homegear_setup ;; - 27\ *) knxd_setup ;; - 28\ *) 1wire_setup ;; - 29\ *) deconz_setup ;; - 2A\ *) zigbee2mqtt_setup "install";; + 21\ *) miflora_setup ;; + 22\ *) mqtt_setup ;; + 23\ *) influxdb_grafana_setup ;; + 24\ *) nodered_setup ;; + 25\ *) homegear_setup ;; + 26\ *) knxd_setup ;; + 27\ *) 1wire_setup ;; + 28\ *) deconz_setup ;; + 29\ *) zigbee2mqtt_setup "install";; *Remove\ Zigbee2MQTT*) zigbee2mqtt_setup "remove";; - 2B\ *) find3_setup ;; + 2A\ *) find3_setup ;; *Monitor\ Mode) setup_monitor_mode ;; - 2C\ *) habapp_setup "install";; + 2B\ *) habapp_setup "install";; *Remove\ HABApp*) habapp_setup "remove";; - 2D\ *) install_evcc "install";; + 2C\ *) install_evcc "install";; *Remove\ EVCC*) install_evcc "remove";; *Setup\ EVCC*) setup_evcc;; "") return 0 ;; diff --git a/functions/nodejs-apps.bash b/functions/nodejs-apps.bash index 0dbdb1f78..229ee5d33 100644 --- a/functions/nodejs-apps.bash +++ b/functions/nodejs-apps.bash @@ -1,7 +1,7 @@ #!/usr/bin/env bash # shellcheck disable=SC2181 -## Function for installing NodeJS for frontail and other addons. +## Function for installing NodeJS for Node-RED and other addons. ## ## nodejs_setup() ## @@ -54,109 +54,32 @@ nodejs_setup() { fi } -## Function for downloading frontail to current system +## Function for removing frontail as its insecure and not maintained. ## -## frontail_download(String prefix) +## frontail_remove() ## -frontail_download() { - echo -n "$(timestamp) [openHABian] Downloading frontail... " - if ! [[ -d "${1}/frontail" ]]; then - cond_echo "\\nFresh Installation... " - if cond_redirect git clone https://github.com/Interstellar0verdrive/frontail_AEM.git "${1}/frontail"; then echo "OK"; else echo "FAILED (git clone)"; return 1; fi - else - cond_echo "\\nUpdate... " - if cond_redirect update_git_repo "${1}/frontail" "master"; then echo "OK"; else echo "FAILED (update git repo)"; return 1; fi - fi -} - -## Function for installing frontail to enable the openHAB log viewer web application. -## -## frontail_setup() -## -frontail_setup() { +frontail_remove() { local frontailBase - local frontailUser="frontail" - - if ! node_is_installed || is_armv6l; then - echo -n "$(timestamp) [openHABian] Installing Frontail prerequsites (NodeJS)... " - if cond_redirect nodejs_setup; then echo "OK"; else echo "FAILED"; return 1; fi - fi + local frontailDir="/opt/frontail" frontailBase="$(npm list -g | head -n 1)/node_modules/frontail" - if ! (id -u ${frontailUser} &> /dev/null || cond_redirect useradd --groups "${username:-openhabian}",openhab -s /bin/bash -d /var/tmp ${frontailUser}); then echo "FAILED (adduser)"; return 1; fi + if ! [[ $(openhab-cli info | grep "Version" | xargs | cut -d ' ' -f 2) =~ 4.[3-9]* ]]; then return 0; fi - echo -n "$(timestamp) [openHABian] Installing openHAB Log Viewer (frontail)... " - if [[ -d $frontailBase ]]; then - cond_echo "Removing any old installations... " + if [[ -d $frontailBase ]] || [[ -d $frontailDir ]]; then + echo -n "$(timestamp) [openHABian] Removing openHAB Log Viewer frontail... " + if [[ $(systemctl is-active frontail.service) == "active" ]]; then + if ! cond_redirect systemctl stop frontail.service; then echo "FAILED (stop service)"; return 1; fi + fi cond_redirect npm uninstall -g frontail - fi - - if ! cond_redirect frontail_download "/opt"; then echo "FAILED (download)"; return 1; fi - cd /opt/frontail || (echo "FAILED (cd)"; return 1) - # npm arguments explained: - # --omit=dev ignores the dev dependencies (we do not require them for production usage) - # Do NOT catch exit 1 for npm audit fix, because it's thrown when a vulnerability can't be fixed. Happens when a fix requires an upgrade to a new major release with possible breaking changes. - cond_redirect npm audit fix --omit=dev - if ! cond_redirect npm update --audit=false --omit=dev; then echo "FAILED (update)"; return 1; fi - if cond_redirect npm install --global --audit=false --omit=dev; then echo "OK"; else echo "FAILED (install)"; return 1; fi - - echo -n "$(timestamp) [openHABian] Setting up openHAB Log Viewer (frontail) service... " - if ! (sed -e "s|%FRONTAILBASE|${frontailBase}|g" "${BASEDIR:-/opt/openhabian}"/includes/frontail.service > /etc/systemd/system/frontail.service); then echo "FAILED (service file creation)"; return 1; fi - if ! cond_redirect chmod 644 /etc/systemd/system/frontail.service; then echo "FAILED (permissions)"; return 1; fi - if ! cond_redirect systemctl -q daemon-reload; then echo "FAILED (daemon-reload)"; return 1; fi - if ! cond_redirect systemctl enable --now frontail.service; then echo "FAILED (enable service)"; return 1; fi - if cond_redirect systemctl restart frontail.service; then echo "OK"; else echo "FAILED (restart service)"; return 1; fi # Restart the service to make the change visible + rm -f /etc/systemd/system/frontail.service + rm -rf /var/log/frontail + rm -rf /opt/frontail - if openhab_is_installed; then - dashboard_add_tile "frontail" - fi -} - -## Function for adding/removing a user specifed log to/from frontail -## -## custom_frontail_log() -## -custom_frontail_log() { - local frontailService="/etc/systemd/system/frontail.service" - local addLog - local removeLog - local array - - if ! [[ -f $frontailService ]]; then - whiptail --title "Frontail not installed" --msgbox "Frontail is not installed!\\n\\nCanceling operation!" 9 80 - return 0 - fi - - if [[ $1 == "add" ]]; then - if [[ -n $INTERACTIVE ]]; then - if ! addLog="$(whiptail --title "Enter file path" --inputbox "\\nEnter the path to the logfile that you would like to add to frontail:" 9 80 3>&1 1>&2 2>&3)"; then echo "CANCELED"; return 0; fi - else - if [[ -n $2 ]]; then addLog="$2"; else return 0; fi + if grep -qs "frontail-link" "/etc/openhab/services/runtime.cfg"; then + cond_redirect sed -i -e "/^frontail-link-*$/d" "/etc/openhab/services/runtime.cfg" fi - - for log in "${addLog[@]}"; do - if [[ -f $log ]]; then - echo -n "$(timestamp) [openHABian] Adding '${log}' to frontail... " - if ! cond_redirect sed -i -e "/^ExecStart/ s|$| ${log}|" "$frontailService"; then echo "FAILED (add log)"; return 1; fi - if ! cond_redirect systemctl -q daemon-reload; then echo "FAILED (daemon-reload)"; return 1; fi - if cond_redirect systemctl restart frontail.service; then echo "OK"; else echo "FAILED (restart service)"; return 1; fi - else - if [[ -n $INTERACTIVE ]]; then - whiptail --title "File does not exist" --msgbox "The specifed file path does not exist!\\n\\nCanceling operation!" 9 80 - return 0 - else - echo "$(timestamp) [openHABian] Adding '${log}' to frontail... FAILED (file does not exist)" - fi - fi - done - elif [[ $1 == "remove" ]] && [[ -n $INTERACTIVE ]]; then - readarray -t array < <(grep -e "^ExecStart.*$" "$frontailService" | awk '{for (i=12; i<=NF; i++) {printf "%s\n\n", $i}}') - ((count=${#array[@]} + 6)) - removeLog="$(whiptail --title "Select log to remove" --cancel-button Cancel --ok-button Select --menu "\\nPlease choose the log that you would like to remove from frontail:\\n" "$count" 80 0 "${array[@]}" 3>&1 1>&2 2>&3)" - if ! cond_redirect sed -i -e "s|${removeLog}||" -e '/^ExecStart/ s|[[:space:]]\+| |g' "$frontailService"; then echo "FAILED (remove log)"; return 1; fi - if ! cond_redirect systemctl -q daemon-reload; then echo "FAILED (daemon-reload)"; return 1; fi - if cond_redirect systemctl restart frontail.service; then echo "OK"; else echo "FAILED (restart service)"; return 1; fi + if cond_redirect systemctl -q daemon-reload; then echo "OK"; else echo "FAILED (daemon-reload)"; return 1; fi fi } @@ -174,7 +97,7 @@ nodered_setup() { local temp if ! node_is_installed || is_armv6l; then - echo -n "$(timestamp) [openHABian] Installing Frontail prerequsites (NodeJS)... " + echo -n "$(timestamp) [openHABian] Installing Node-RED prerequsites (NodeJS)... " if cond_redirect nodejs_setup; then echo "OK"; else echo "FAILED"; return 1; fi fi if ! dpkg -s 'build-essential' &> /dev/null; then diff --git a/functions/nodejs-apps.bats b/functions/nodejs-apps.bats index 544869dc4..e7c2eca9e 100644 --- a/functions/nodejs-apps.bats +++ b/functions/nodejs-apps.bats @@ -5,27 +5,10 @@ load helpers.bash setup_file() { export BASEDIR="${BATS_TEST_DIRNAME}/.." - mkdir -p /var/log/openhab - setfacl -R -m g::rwX /var/log/openhab } teardown_file() { unset BASEDIR - systemctl kill frontail.service || true -} - -@test "installation-frontail_install" { - echo -e "# ${COL_CYAN}$(timestamp) [openHABian] Frontail installation starting...${COL_DEF}" >&3 - run frontail_setup 3>&- - if [ "$status" -ne 0 ]; then echo "$output" >&3; fi - [ "$status" -eq 0 ] - echo -e "# ${COL_GREEN}$(timestamp) [openHABian] Frontail installation successful.${COL_DEF}" >&3 - - echo -e "# ${COL_CYAN}$(timestamp) [openHABian] Checking if Frontail service is running...${COL_DEF}" >&3 - run systemctl is-active --quiet frontail.service - if [ "$status" -ne 0 ]; then echo "$output" >&3; fi - [ "$status" -eq 0 ] - echo -e "# ${COL_GREEN}$(timestamp) [openHABian] Frontail service is running.${COL_DEF}" >&3 } @test "installation-zigbee2mqtt_install" { diff --git a/functions/openhab.bash b/functions/openhab.bash index 5159345c9..7f3a461f1 100644 --- a/functions/openhab.bash +++ b/functions/openhab.bash @@ -2,7 +2,7 @@ # shellcheck disable=SC2154 -## Generate systemd dependencies for zram, Frontail and others to start together with OH +## Generate systemd dependencies for zram and others to start together with OH ## This is done using /etc/systemd/system/openhab.service.d/override.conf ## ## create_systemd_dependencies() @@ -243,7 +243,7 @@ openhab_misc() { } ## Create a openHAB dashboard title and image for the input application. -## Valid arguments: "grafana", "frontail", "nodered", "find", or "openhabiandocs" +## Valid arguments: "grafana", "nodered", "find", or "openhabiandocs" ## ## dashboard_add_tile(String application) ## @@ -267,7 +267,7 @@ dashboard_add_tile() { echo -n "$(timestamp) [openHABian] Adding an openHAB dashboard tile for '${application}'... " case $application in - grafana|frontail|nodered|find3|openhabiandocs) + grafana|nodered|find3|openhabiandocs) true ;; *) echo "FAILED (tile name not valid)"; return 1 ;; diff --git a/includes/dashboard-imagedata b/includes/dashboard-imagedata index 7df6f3594..f86bedda2 100644 --- a/includes/dashboard-imagedata +++ b/includes/dashboard-imagedata @@ -12,10 +12,6 @@ tile_desc_grafana="Grafana" tile_url_grafana="http://{HOSTNAME}:3000" tile_imagedata_grafana="" -tile_desc_frontail="openHAB Log Viewer" -tile_url_frontail="http://{HOSTNAME}:9001" -tile_imagedata_frontail="" - tile_desc_nodered="Node-RED" tile_url_nodered="http://{HOSTNAME}:1880" tile_imagedata_nodered="" diff --git a/includes/frontail.service b/includes/frontail.service deleted file mode 100644 index ecfaceb64..000000000 --- a/includes/frontail.service +++ /dev/null @@ -1,18 +0,0 @@ -[Unit] -Description=Frontail openHAB instance, reachable at http://%H:9001 -Documentation=https://github.com/mthenw/frontail -After=openhab.service -PartOf=openhab.service - -[Service] -Type=simple -ExecStart=%FRONTAILBASE/bin/frontail --disable-usage-stats --ui-highlight --ui-highlight-preset %FRONTAILBASE/preset/openhab_AEM.json --theme openhab_AEM --lines 2000 --number 200 /var/log/openhab/openhab.log /var/log/openhab/events.log -Restart=always -User=frontail -Group=openhab -Environment=PATH=/usr/local/bin:/usr/bin/ -Environment=NODE_ENV=production -WorkingDirectory=/usr/bin/ - -[Install] -WantedBy=multi-user.target diff --git a/includes/openhab-override.conf b/includes/openhab-override.conf index 04127d683..68cd6d534 100644 --- a/includes/openhab-override.conf +++ b/includes/openhab-override.conf @@ -1,6 +1,6 @@ [Unit] -Wants=frontail.service homegear.service -Before=frontail.service homegear.service +Wants=homegear.service +Before=homegear.service [Service] UMask=0002 diff --git a/openhabian-setup.sh b/openhabian-setup.sh index 7549de6e9..e54452342 100755 --- a/openhabian-setup.sh +++ b/openhabian-setup.sh @@ -117,8 +117,6 @@ if [[ -n "$UNATTENDED" ]]; then srv_bind_mounts samba_setup clean_config_userpw - frontail_setup - custom_frontail_log "add" "$custom_log_files" jsscripting_npm_install "openhab_rules_tools" zram_setup exim_setup @@ -135,6 +133,7 @@ else zram_is_installed && init_zram_mounts "autoupdate" && echo "zram_reset=done" >> /etc/openhabian.conf # update zram to fix potential issues jsscripting_npm_check "openhab" jsscripting_npm_check "openhab_rules_tools" + frontail_remove # remove old frontail service if present can be removed in future while show_main_menu; do true done