From 62536e4bfb148d05f2531624fb2e80a46b0e4d18 Mon Sep 17 00:00:00 2001 From: Adam Outler Date: Sat, 18 Oct 2025 14:07:27 -0400 Subject: [PATCH] Coderabit suggestions --- .devcontainer/Dockerfile | 4 +- .devcontainer/TODO.txt | 1 - .../config/php/php-fpm.d/99-xdebug.ini | 2 +- .vscode/tasks.json | 2 +- Dockerfile | 4 +- Dockerfile.debian | 2 +- front/php/server/speedtestcli.php | 47 ++++++++++++++++--- install/production-filesystem/README.md | 2 +- install/production-filesystem/entrypoint.sh | 2 +- .../services/check-app.sh | 7 --- .../services/start-backend.sh | 9 +++- .../services/start-crond.sh | 2 +- .../services/start-php-fpm.sh | 2 +- 13 files changed, 59 insertions(+), 27 deletions(-) delete mode 100644 .devcontainer/TODO.txt delete mode 100644 install/production-filesystem/services/check-app.sh diff --git a/.devcontainer/Dockerfile b/.devcontainer/Dockerfile index c2ce2203..b12531f6 100644 --- a/.devcontainer/Dockerfile +++ b/.devcontainer/Dockerfile @@ -74,8 +74,8 @@ ENV LOG_CROND=${NETALERTX_LOG}/crond.log # System Services configuration files ENV SYSTEM_SERVICES=/services ENV SYSTEM_SERVICES_CONFIG=${SYSTEM_SERVICES}/config -ENV SYSTEM_NGINIX_CONFIG=${SYSTEM_SERVICES_CONFIG}/nginx -ENV SYSTEM_NGINX_CONFIG_FILE=${SYSTEM_NGINIX_CONFIG}/nginx.conf +ENV SYSTEM_NGINX_CONFIG=${SYSTEM_SERVICES_CONFIG}/nginx +ENV SYSTEM_NGINX_CONFIG_FILE=${SYSTEM_NGINX_CONFIG}/nginx.conf ENV SYSTEM_SERVICES_PHP_FOLDER=${SYSTEM_SERVICES_CONFIG}/php ENV SYSTEM_SERVICES_PHP_FPM_D=${SYSTEM_SERVICES_PHP_FOLDER}/php-fpm.d ENV SYSTEM_SERVICES_CROND=${SYSTEM_SERVICES_CONFIG}/crond diff --git a/.devcontainer/TODO.txt b/.devcontainer/TODO.txt deleted file mode 100644 index c66a887e..00000000 --- a/.devcontainer/TODO.txt +++ /dev/null @@ -1 +0,0 @@ -When in devcontainer mode, need an env that doesn't kill all services when started from /entrypoint diff --git a/.devcontainer/resources/devcontainer-overlay/services/config/php/php-fpm.d/99-xdebug.ini b/.devcontainer/resources/devcontainer-overlay/services/config/php/php-fpm.d/99-xdebug.ini index 2bbbf083..37452d58 100755 --- a/.devcontainer/resources/devcontainer-overlay/services/config/php/php-fpm.d/99-xdebug.ini +++ b/.devcontainer/resources/devcontainer-overlay/services/config/php/php-fpm.d/99-xdebug.ini @@ -2,7 +2,7 @@ zend_extension="xdebug.so" [xdebug] xdebug.mode=develop,debug xdebug.log_level=0 -xdebug.client_host=127.0.0.1 +xdebug.client_host=host.docker.internal xdebug.client_port=9003 xdebug.start_with_request=yes xdebug.discover_client_host=1 diff --git a/.vscode/tasks.json b/.vscode/tasks.json index 7747d316..3f253188 100755 --- a/.vscode/tasks.json +++ b/.vscode/tasks.json @@ -2,7 +2,7 @@ "version": "2.0.0", "tasks": [ { - "label": "[Any POSIX] Generate Devcontiner Configs", + "label": "[Any POSIX] Generate Devcontainer Configs", "type": "shell", "command": ".devcontainer/scripts/generate-configs.sh", "presentation": { diff --git a/Dockerfile b/Dockerfile index 85267161..75d959bc 100755 --- a/Dockerfile +++ b/Dockerfile @@ -71,8 +71,8 @@ ENV LOG_CROND=${NETALERTX_LOG}/crond.log # System Services configuration files ENV SYSTEM_SERVICES=/services ENV SYSTEM_SERVICES_CONFIG=${SYSTEM_SERVICES}/config -ENV SYSTEM_NGINIX_CONFIG=${SYSTEM_SERVICES_CONFIG}/nginx -ENV SYSTEM_NGINX_CONFIG_FILE=${SYSTEM_NGINIX_CONFIG}/nginx.conf +ENV SYSTEM_NGINX_CONFIG=${SYSTEM_SERVICES_CONFIG}/nginx +ENV SYSTEM_NGINX_CONFIG_FILE=${SYSTEM_NGINX_CONFIG}/nginx.conf ENV SYSTEM_SERVICES_PHP_FOLDER=${SYSTEM_SERVICES_CONFIG}/php ENV SYSTEM_SERVICES_PHP_FPM_D=${SYSTEM_SERVICES_PHP_FOLDER}/php-fpm.d ENV SYSTEM_SERVICES_CROND=${SYSTEM_SERVICES_CONFIG}/crond diff --git a/Dockerfile.debian b/Dockerfile.debian index 5ea78950..dd3d62d6 100755 --- a/Dockerfile.debian +++ b/Dockerfile.debian @@ -157,7 +157,7 @@ RUN python3 -m venv ${VIRTUAL_ENV} && \ RUN chmod -R 755 /services && \ chown -R ${USER}:${USER_GID} /services && \ sed -i 's/^;listen.mode = .*/listen.mode = 0666/' ${SYSTEM_SERVICES_PHP_FPM_D}/www.conf && \ - echo "user = ${USER}\ngroup = ${USER_GID}" >> /services/config/php/php-fpm.d/www.conf + printf "user = %s\ngroup = %s\n" "${USER}" "${USER_GID}" >> /services/config/php/php-fpm.d/www.conf diff --git a/front/php/server/speedtestcli.php b/front/php/server/speedtestcli.php index b896d142..d067a898 100755 --- a/front/php/server/speedtestcli.php +++ b/front/php/server/speedtestcli.php @@ -10,12 +10,47 @@ require dirname(__FILE__).'/../server/init.php'; // check if authenticated require_once $_SERVER['DOCUMENT_ROOT'] . '/php/templates/security.php'; -//exec('speedtest-cli --secure --simple', $output); -exec('PATH=/usr/bin/:/usr/local/bin:/opt/venv/bin speedtest-cli --secure --simple', $output); -echo '

'. lang('Speedtest_Results') .'

'; -echo '
'; 
-foreach($output as $line){
-    echo $line . "\n";
+// Prefer explicit binary paths, fall back to a sanitised PATH
+$speedtestCandidates = [
+    '/opt/venv/bin/speedtest-cli',
+    '/usr/local/bin/speedtest-cli',
+    '/usr/bin/speedtest-cli',
+];
+
+$candidateDirs = array_unique(array_map('dirname', $speedtestCandidates));
+$safePath = implode(':', $candidateDirs);
+
+$resolvedCommand = null;
+foreach ($speedtestCandidates as $candidate) {
+    if (is_executable($candidate)) {
+        $resolvedCommand = escapeshellcmd($candidate) . ' --secure --simple';
+        break;
+    }
+}
+
+$output = [];
+$returnCode = 0;
+
+if ($resolvedCommand === null) {
+    $resolvedCommand = 'env PATH=' . escapeshellarg($safePath) . ' speedtest-cli --secure --simple';
+}
+
+exec($resolvedCommand, $output, $returnCode);
+
+echo '
' . lang('Speedtest_Results') . '
';
+
+if ($returnCode !== 0 || empty($output)) {
+    $errorMessage = $returnCode === 127
+        ? 'speedtest-cli command not found. Checked paths: ' . $safePath
+        : (empty($output) ? 'speedtest-cli returned no output.' : implode("\n", $output));
+
+    echo '
' . htmlspecialchars('Speedtest failed: ' . $errorMessage, ENT_QUOTES, 'UTF-8') . '
';
+    return;
+}
+
+echo '
';
+foreach ($output as $line) {
+    echo htmlspecialchars($line, ENT_QUOTES, 'UTF-8') . "\n";
 }
 echo '
';
 ?>
diff --git a/install/production-filesystem/README.md b/install/production-filesystem/README.md
index 8cc255e0..f67c3fb3 100644
--- a/install/production-filesystem/README.md
+++ b/install/production-filesystem/README.md
@@ -1,5 +1,5 @@
 
-This is the default filesystem for NetAlertX. it contains
+This is the default filesystem for NetAlertX. It contains
 
 - `/app` - The main application location.  This structure is where the source code (back, front and server directories) is copied and executed in read-only form. It also provides default structures for the working directories, such as: config, db, and log. All other directories are not required in the production image and are not tracked.
 - `/build` - a place where services can be initialized during docker container build. This folder is copied in, executed near the end of the build before the system is locked down, and then deleted.  It is only available during build time.
diff --git a/install/production-filesystem/entrypoint.sh b/install/production-filesystem/entrypoint.sh
index 7acc3cc7..53ea296c 100644
--- a/install/production-filesystem/entrypoint.sh
+++ b/install/production-filesystem/entrypoint.sh
@@ -21,7 +21,7 @@ set -u
 
 # Run all checks at container startup.
 for script in /services/check-*.sh; do
-	bash "$script"
+	sh "$script"
 done
 
 
diff --git a/install/production-filesystem/services/check-app.sh b/install/production-filesystem/services/check-app.sh
deleted file mode 100644
index d41dee96..00000000
--- a/install/production-filesystem/services/check-app.sh
+++ /dev/null
@@ -1,7 +0,0 @@
-#!/bin/sh
-# app-check.sh - Ensures /app/api/table_settings.json exists
-
-if [ ! -f /app/api/table_settings.json ]; then
-    # mkdir -p /app/api
-    # echo -ne '{}' > /app/api/table_settings.json
-fi
diff --git a/install/production-filesystem/services/start-backend.sh b/install/production-filesystem/services/start-backend.sh
index b6d62db0..9e126b36 100755
--- a/install/production-filesystem/services/start-backend.sh
+++ b/install/production-filesystem/services/start-backend.sh
@@ -1,10 +1,15 @@
 #!/bin/bash
 
 cd "${NETALERTX_APP}" || exit 1
-while $(ps ax | grep -v grep | grep python3 >/dev/null); do
-	killall python3 &>/dev/null
+max_attempts=50  # 10 seconds total (50 * 0.2s)
+attempt=0
+while ps ax | grep -v grep | grep -q python3 && [ $attempt -lt $max_attempts ]; do
+	killall -TERM python3 &>/dev/null
 	sleep 0.2
+	((attempt++))
 done
+# Force kill if graceful shutdown failed
+killall -KILL python3 &>/dev/null
 
 echo "python3 $(cat /services/config/python/backend-extra-launch-parameters 2>/dev/null) -m server > >(tee /app/log/stdout.log) 2> >(tee /app/log/stderr.log >&2)"
 exec python3 $(cat /services/config/python/backend-extra-launch-parameters 2>/dev/null) -m server > >(tee /app/log/stdout.log) 2> >(tee /app/log/stderr.log >&2)
diff --git a/install/production-filesystem/services/start-crond.sh b/install/production-filesystem/services/start-crond.sh
index 8f166f07..8e6aaaa7 100755
--- a/install/production-filesystem/services/start-crond.sh
+++ b/install/production-filesystem/services/start-crond.sh
@@ -16,7 +16,7 @@ forward_signal() {
 	fi
 }
 
-while $(ps ax | grep -v -e grep -e '.sh' | grep crond >/dev/null); do
+while ps ax | grep -v -e grep -e '.sh' | grep crond >/dev/null 2>&1; do
 	killall crond &>/dev/null
 	sleep 0.2
 done
diff --git a/install/production-filesystem/services/start-php-fpm.sh b/install/production-filesystem/services/start-php-fpm.sh
index 53e64501..4a4797f7 100755
--- a/install/production-filesystem/services/start-php-fpm.sh
+++ b/install/production-filesystem/services/start-php-fpm.sh
@@ -16,7 +16,7 @@ forward_signal() {
 	fi
 }
 
-while $(ps ax | grep -v grep | grep php-fpm83 >/dev/null); do
+while ps ax | grep -v grep | grep php-fpm83 >/dev/null; do
 	killall php-fpm83 &>/dev/null
 	sleep 0.2
 done