diff --git a/attached_assets/Pasted-echo-VERIFICA-BACKEND-NODE-JS-ls-la-etc-systemd-system-_1771314251919.txt b/attached_assets/Pasted-echo-VERIFICA-BACKEND-NODE-JS-ls-la-etc-systemd-system-_1771314251919.txt new file mode 100644 index 0000000..c0dc5d3 --- /dev/null +++ b/attached_assets/Pasted-echo-VERIFICA-BACKEND-NODE-JS-ls-la-etc-systemd-system-_1771314251919.txt @@ -0,0 +1,110 @@ +echo "=== VERIFICA BACKEND NODE.JS ===" && ls -la /etc/systemd/system/ids-*.service /etc/systemd/system/ids-*.timer && echo "=== FILE SERVICE DISPONIBILI ===" && cat /etc/systemd/system/ids-backend.service 2>&1 || echo "FILE NON TROVATO" && echo "=== NGINX/REVERSE PROXY ===" && ss -tlnp | grep -E '80|443|3001|5001' && echo "=== TEST PORTA 3001 ===" && curl -v --connect-timeout 5 http://localhost:3001/api/health 2>&1 && echo "=== COME VIENE AVVIATO NODE.JS ===" && ps aux | grep -i node | grep -v grep && echo "=== PM2 STATUS ===" && pm2 list 2>&1 || echo "PM2 non installato" && echo "=== CONTENUTO /opt/ids/ ===" && ls -la /opt/ids/ && echo "=== PACKAGE.JSON ===" && cat /opt/ids/package.json 2>&1 | head -30 && echo "=== AUTO_BLOCK OUTPUT DETTAGLIATO ===" && sudo -u ids /opt/ids/python_ml/venv/bin/python3 /opt/ids/python_ml/auto_block.py 2>&1 +=== VERIFICA BACKEND NODE.JS === +-rw-r--r--. 1 root root 473 Feb 16 15:52 /etc/systemd/system/ids-analytics-aggregator.service +-rw-r--r--. 1 root root 339 Feb 16 15:52 /etc/systemd/system/ids-analytics-aggregator.timer +-rw-r--r--. 1 root root 674 Feb 16 19:23 /etc/systemd/system/ids-auto-block.service +-rw-r--r--. 1 root root 457 Feb 14 11:42 /etc/systemd/system/ids-auto-block.timer +-rw-r--r--. 1 root root 550 Nov 25 11:47 /etc/systemd/system/ids-cleanup.service +-rw-r--r--. 1 root root 440 Nov 25 11:47 /etc/systemd/system/ids-cleanup.timer +-rw-r--r--. 1 root root 623 Nov 27 19:29 /etc/systemd/system/ids-list-fetcher.service +-rw-r--r--. 1 root root 246 Nov 27 19:29 /etc/systemd/system/ids-list-fetcher.timer +-rw-r--r--. 1 root root 675 Nov 24 12:12 /etc/systemd/system/ids-ml-backend.service +-rw-r--r--. 1 root root 620 Nov 24 19:19 /etc/systemd/system/ids-ml-training.service +-rw-r--r--. 1 root root 398 Nov 24 19:19 /etc/systemd/system/ids-ml-training.timer +-rw-r--r--. 1 root root 727 Nov 24 12:12 /etc/systemd/system/ids-syslog-parser.service +=== FILE SERVICE DISPONIBILI === +cat: /etc/systemd/system/ids-backend.service: No such file or directory +FILE NON TROVATO +=== NGINX/REVERSE PROXY === +LISTEN 1107 2048 0.0.0.0:8000 0.0.0.0:* users:(("python3",pid=17629,fd=12)) +=== TEST PORTA 3001 === +* Trying ::1:3001... +* connect to ::1 port 3001 failed: Connection refused +* Trying 127.0.0.1:3001... +* connect to 127.0.0.1 port 3001 failed: Connection refused +* Failed to connect to localhost port 3001: Connection refused +* Closing connection 0 +curl: (7) Failed to connect to localhost port 3001: Connection refused +PM2 non installato +=== CONTENUTO /opt/ids/ === +total 608 +drwxr-xr-x. 14 ids ids 4096 Feb 16 19:28 . +drwxr-xr-x. 3 root root 43 Nov 17 18:20 .. +-rw-------. 1 ids ids 508 Feb 16 19:28 .env +-rw-r-----. 1 root root 508 Feb 16 19:28 .env.backup +-rw-r--r--. 1 ids ids 446 Nov 17 18:23 .env.example +drwxr-xr-x. 8 ids ids 4096 Feb 16 19:28 .git +-rw-r--r--. 1 ids ids 686 Nov 17 18:23 .gitignore +-rw-r--r--. 1 ids ids 801 Jan 2 12:50 .replit +-rw-r--r--. 1 ids ids 6264 Nov 17 17:08 GUIDA_INSTALLAZIONE.md +-rw-r--r--. 1 ids ids 44765 Feb 16 08:50 IDS_Conformita_ISO27001.docx +-rw-r--r--. 1 ids ids 7595 Nov 25 19:14 MIKROTIK_API_FIX.md +-rw-r--r--. 1 ids ids 8452 Nov 17 16:40 README.md +-rw-r--r--. 1 ids ids 9092 Nov 17 16:40 RISPOSTA_DEPLOYMENT.md +drwxr-xr-x. 2 ids ids 12288 Feb 16 16:49 attached_assets +drwxr-xr-x. 2 ids ids 4096 Feb 17 04:00 backups +drwxr-xr-x. 4 ids ids 49 Nov 17 16:40 client +-rw-r--r--. 1 ids ids 459 Nov 17 16:40 components.json +drwxr-xr-x. 3 ids ids 4096 Feb 16 19:28 database-schema +-rwxr-xr-x. 1 ids ids 10264 Nov 17 18:23 deploy-to-gitlab.sh +drwxr-xr-x. 7 ids ids 4096 Feb 16 19:28 deployment +-rw-r--r--. 1 ids ids 3165 Nov 17 16:40 design_guidelines.md +drwxr-xr-x. 3 root root 36 Nov 24 11:05 dist +-rw-r--r--. 1 ids ids 325 Nov 17 16:40 drizzle.config.ts +drwxr-xr-x. 4 ids ids 4096 Nov 17 16:40 extracted_idf +-rw-r--r--. 1 ids ids 28609 Feb 16 08:50 generate_iso27001_doc.py +-rw-r--r--. 1 ids ids 1033 Nov 17 17:08 git.env.example +-rw-r--r--. 1 ids ids 96 Nov 26 11:14 main.py +drwxr-xr-x. 328 ids ids 12288 Feb 16 19:28 node_modules +-rw-r--r--. 1 ids ids 299523 Feb 16 19:28 package-lock.json +-rw-r--r--. 1 ids ids 3696 Nov 17 16:40 package.json +-rw-r--r--. 1 ids ids 80 Nov 17 16:40 postcss.config.js +-rwxr-xr-x. 1 ids ids 2496 Nov 17 16:40 push-gitlab.sh +-rw-r--r--. 1 ids ids 191 Feb 16 08:50 pyproject.toml +drwxr-xr-x. 7 ids ids 4096 Feb 16 16:49 python_ml +-rw-r--r--. 1 ids ids 5796 Feb 16 12:33 replit.md +drwxr-xr-x. 2 ids ids 104 Feb 16 12:55 server +drwxr-xr-x. 2 ids ids 23 Jan 2 15:50 shared +-rw-r--r--. 1 ids ids 4050 Nov 17 16:40 tailwind.config.ts +-rw-r--r--. 1 ids ids 657 Nov 17 16:40 tsconfig.json +-rw-r--r--. 1 ids ids 37505 Feb 16 08:50 uv.lock +-rw-r--r--. 1 ids ids 7329 Feb 16 19:28 version.json +-rw-r--r--. 1 ids ids 1080 Nov 17 16:40 vite.config.ts +=== PACKAGE.JSON === +{ + "name": "rest-express", + "version": "1.0.0", + "type": "module", + "license": "MIT", + "scripts": { + "dev": "NODE_ENV=development tsx server/index.ts", + "build": "vite build && esbuild server/index.ts --platform=node --packages=external --bundle --format=esm --outdir=dist", + "start": "NODE_ENV=production node dist/index.js", + "check": "tsc", + "db:push": "drizzle-kit push" + }, + "dependencies": { + "@hookform/resolvers": "^3.10.0", + "@jridgewell/trace-mapping": "^0.3.25", + "@neondatabase/serverless": "^0.10.4", + "@radix-ui/react-accordion": "^1.2.4", + "@radix-ui/react-alert-dialog": "^1.1.7", + "@radix-ui/react-aspect-ratio": "^1.1.3", + "@radix-ui/react-avatar": "^1.1.4", + "@radix-ui/react-checkbox": "^1.1.5", + "@radix-ui/react-collapsible": "^1.1.4", + "@radix-ui/react-context-menu": "^2.2.7", + "@radix-ui/react-dialog": "^1.1.7", + "@radix-ui/react-dropdown-menu": "^2.1.7", + "@radix-ui/react-hover-card": "^1.1.7", + "@radix-ui/react-label": "^2.1.3", + "@radix-ui/react-menubar": "^1.1.7", + "@radix-ui/react-navigation-menu": "^1.2.6", + "@radix-ui/react-popover": "^1.1.7", +=== AUTO_BLOCK OUTPUT DETTAGLIATO === +[2026-02-17 08:38:05] Starting auto-block cycle... +[2026-02-17 08:38:05] Step 1: Detection ML... +[2026-02-17 08:38:05] ML Detection timeout, skip (blocco IP esistenti continua) +[2026-02-17 08:38:05] Step 2: Blocco IP critici sui router... +[2026-02-17 08:38:05] ERRORE: Timeout blocco IP (120s) +[root@ids ~]# \ No newline at end of file diff --git a/deployment/check_frontend.sh b/deployment/check_frontend.sh index d927e29..31f3d71 100755 --- a/deployment/check_frontend.sh +++ b/deployment/check_frontend.sh @@ -1,33 +1,23 @@ #!/bin/bash # ========================================================= -# CHECK FRONTEND - Verifica e riavvia frontend Node.js se necessario +# CHECK FRONTEND - Verifica se backend Node.js e' attivo # ========================================================= -LOG_FILE="/var/log/ids/frontend.log" -WORK_DIR="/opt/ids" +LOG_FILE="/var/log/ids/backend.log" mkdir -p /var/log/ids -# Check if frontend (vite/node) is running -if pgrep -f "vite" > /dev/null || pgrep -f "node.*server" > /dev/null; then +if systemctl is-active --quiet ids-backend.service 2>/dev/null; then exit 0 else - echo "[$(date)] Frontend Node NON attivo, riavvio..." >> "$LOG_FILE" - - # Start frontend with environment variables from .env - cd "$WORK_DIR" - if [ -f "$WORK_DIR/.env" ]; then - nohup env $(cat "$WORK_DIR/.env" | grep -v '^#' | xargs) npm run dev >> "$LOG_FILE" 2>&1 & - else - nohup npm run dev >> "$LOG_FILE" 2>&1 & - fi - NEW_PID=$! + echo "[$(date)] Backend Node.js NON attivo" >> "$LOG_FILE" + systemctl start ids-backend.service 2>> "$LOG_FILE" || true sleep 3 - if pgrep -f "vite" > /dev/null; then - echo "[$(date)] Frontend riavviato con successo (PID: $NEW_PID)" >> "$LOG_FILE" + if systemctl is-active --quiet ids-backend.service 2>/dev/null; then + echo "[$(date)] Backend riavviato con successo via systemd" >> "$LOG_FILE" else - echo "[$(date)] ERRORE: Frontend non si Γ¨ avviato" >> "$LOG_FILE" + echo "[$(date)] ERRORE: Backend non si e' avviato - verificare con: journalctl -u ids-backend -n 20" >> "$LOG_FILE" fi fi diff --git a/deployment/install_systemd_services.sh b/deployment/install_systemd_services.sh index cc6d82f..27d7f54 100755 --- a/deployment/install_systemd_services.sh +++ b/deployment/install_systemd_services.sh @@ -18,43 +18,49 @@ SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" PROJECT_ROOT="$(dirname "$SCRIPT_DIR")" echo "" -echo "πŸ“‹ Installing systemd service files..." +echo "Installing systemd service files..." # Copy service files +cp "$PROJECT_ROOT/deployment/systemd/ids-backend.service" /etc/systemd/system/ cp "$PROJECT_ROOT/deployment/systemd/ids-ml-backend.service" /etc/systemd/system/ cp "$PROJECT_ROOT/deployment/systemd/ids-syslog-parser.service" /etc/systemd/system/ +cp "$PROJECT_ROOT/deployment/systemd/ids-auto-block.service" /etc/systemd/system/ # Ensure correct permissions +chmod 644 /etc/systemd/system/ids-backend.service chmod 644 /etc/systemd/system/ids-ml-backend.service chmod 644 /etc/systemd/system/ids-syslog-parser.service +chmod 644 /etc/systemd/system/ids-auto-block.service -echo "βœ… Service files copied to /etc/systemd/system/" +echo "Service files copied to /etc/systemd/system/" echo "" -echo "πŸ”„ Reloading systemd daemon..." +echo "Reloading systemd daemon..." systemctl daemon-reload echo "" -echo "πŸ”§ Enabling services to start on boot..." +echo "Enabling services to start on boot..." +systemctl enable ids-backend.service systemctl enable ids-ml-backend.service systemctl enable ids-syslog-parser.service echo "" echo "=========================================" -echo "βœ… Installation Complete!" +echo "Installation Complete!" echo "=========================================" echo "" echo "Next steps:" echo "" echo "1. Start the services:" +echo " sudo systemctl start ids-backend" echo " sudo systemctl start ids-ml-backend" echo " sudo systemctl start ids-syslog-parser" echo "" echo "2. Check status:" -echo " sudo systemctl status ids-ml-backend" -echo " sudo systemctl status ids-syslog-parser" +echo " sudo systemctl status ids-backend ids-ml-backend ids-syslog-parser" echo "" echo "3. View logs:" +echo " tail -f /var/log/ids/backend.log" echo " tail -f /var/log/ids/ml_backend.log" echo " tail -f /var/log/ids/syslog_parser.log" echo "" diff --git a/deployment/restart_frontend.sh b/deployment/restart_frontend.sh index 8612489..cfd38cf 100755 --- a/deployment/restart_frontend.sh +++ b/deployment/restart_frontend.sh @@ -1,58 +1,56 @@ #!/bin/bash # -# Restart IDS Frontend (Node.js/Express/Vite) -# Utility per restart manuale del server frontend +# Restart IDS Frontend (Node.js/Express) +# Utility per restart manuale del server frontend via systemd # set -e -echo "πŸ”„ Restart Frontend Node.js..." +echo "Restart Backend Node.js via systemd..." -# Kill AGGRESSIVO di tutti i processi Node/Vite -echo "⏸️ Stopping all Node/Vite processes..." -pkill -9 -f "node.*tsx" 2>/dev/null || true -pkill -9 -f "vite" 2>/dev/null || true -pkill -9 -f "npm run dev" 2>/dev/null || true +# Stop servizio +echo "Stopping ids-backend..." +sudo systemctl stop ids-backend.service 2>/dev/null || true sleep 2 -# Kill processo sulla porta 5000 (se esiste) -echo "πŸ” Liberando porta 5000..." +# Kill eventuali processi orfani sulla porta 5000 +echo "Liberando porta 5000..." lsof -ti:5000 | xargs kill -9 2>/dev/null || true sleep 1 -# Verifica porta LIBERA +# Verifica porta libera if lsof -Pi :5000 -sTCP:LISTEN -t >/dev/null 2>&1; then - echo "❌ ERRORE: Porta 5000 ancora occupata!" + echo "ERRORE: Porta 5000 ancora occupata!" echo "Processi sulla porta:" lsof -i:5000 exit 1 fi -echo "βœ… Porta 5000 libera" +echo "Porta 5000 libera" -# Restart usando check_frontend.sh -echo "πŸš€ Starting frontend..." -/opt/ids/deployment/check_frontend.sh +# Start servizio +echo "Starting ids-backend..." +sudo systemctl start ids-backend.service # Attendi avvio completo sleep 5 # Verifica avvio -if pgrep -f "vite" > /dev/null; then - PID=$(pgrep -f "vite") - echo "βœ… Frontend avviato con PID: $PID" - echo "πŸ“‘ Server disponibile su: http://localhost:5000" +if systemctl is-active --quiet ids-backend.service; then + echo "Backend avviato con successo" + echo "Server disponibile su: http://localhost:5000" # Test rapido sleep 2 HTTP_CODE=$(curl -s -o /dev/null -w "%{http_code}" http://localhost:5000/ 2>/dev/null || echo "000") if [ "$HTTP_CODE" = "200" ]; then - echo "βœ… HTTP test OK (200)" + echo "HTTP test OK (200)" else - echo "⚠️ HTTP test: $HTTP_CODE" + echo "HTTP test: $HTTP_CODE (potrebbe essere in fase di avvio)" fi else - echo "❌ Errore: Frontend non avviato!" - echo "πŸ“‹ Controlla log: tail -f /var/log/ids/frontend.log" + echo "ERRORE: Backend non avviato!" + echo "Controlla log: journalctl -u ids-backend -n 20" + sudo journalctl -u ids-backend -n 20 --no-pager exit 1 fi diff --git a/deployment/systemd/ids-backend.service b/deployment/systemd/ids-backend.service new file mode 100644 index 0000000..78ff26e --- /dev/null +++ b/deployment/systemd/ids-backend.service @@ -0,0 +1,32 @@ +[Unit] +Description=IDS Node.js Backend (Express API + Frontend) +After=network.target postgresql-16.service +Wants=postgresql-16.service + +[Service] +Type=simple +User=ids +Group=ids +WorkingDirectory=/opt/ids +EnvironmentFile=/opt/ids/.env +Environment=NODE_ENV=production +Environment=PORT=5000 +Environment=PATH=/usr/local/bin:/usr/bin:/bin + +ExecStartPre=/bin/bash -c 'test -f /opt/ids/dist/index.js || (echo "ERRORE: dist/index.js non trovato - eseguire npm run build" && exit 1)' +ExecStart=/usr/bin/env node dist/index.js + +Restart=always +RestartSec=5 +StartLimitInterval=300 +StartLimitBurst=10 + +LimitNOFILE=65536 +MemoryMax=1G + +StandardOutput=append:/var/log/ids/backend.log +StandardError=append:/var/log/ids/backend.log +SyslogIdentifier=ids-backend + +[Install] +WantedBy=multi-user.target