827c364335
Aggregierter Reader für alle EdgeGuard-Service-Journale + audit_log.
internal/services/syslogs/
- 9 Quellen: edgeguard-api, edgeguard-scheduler, haproxy, squid,
unbound, chrony, wg-quick@*, ulogd2, audit
- journalctl --output=json + parser für __REALTIME_TIMESTAMP,
PRIORITY (0-7 → debug/info/warn/error), MESSAGE, _HOSTNAME
- audit-Reader nutzt bestehende audit.Repo.ListRecent
- Concurrent fan-out über alle gewählten Quellen, dann merge-sort
by Timestamp DESC + cap auf Limit (max 1000)
- Client-Filter: Level, Grep (case-insensitive über message +
actor + action + subject)
internal/handlers/logs.go:
GET /api/v1/logs — Filter via Query-Params
GET /api/v1/logs/sources — statische Quellen-Liste fürs UI
postinst: edgeguard → systemd-journal + adm Gruppen, damit
journalctl ohne sudo lesen kann. Verifiziert auf der Box: id zeigt
`groups=adm,systemd-journal,haproxy,edgeguard`.
UI: management-ui/src/pages/Logs — Multi-Source-Select, Level-Color-
Tags, Time-Range-Picker, Volltext-Suche, Auto-Refresh 5s (Toggle),
CSV-Export. Sidebar-Eintrag "Logs" unter System (FileSearchOutlined).
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
60 lines
2.0 KiB
Go
60 lines
2.0 KiB
Go
// Command edgeguard-ctl is the admin CLI for setup, migrations and
|
|
// (later) cluster ops. v1 wires migrate + initdb so postinst can
|
|
// initialise a fresh node; cluster-* and promote remain stubs until
|
|
// Phase 3.
|
|
package main
|
|
|
|
import (
|
|
"fmt"
|
|
"os"
|
|
)
|
|
|
|
var version = "1.0.62"
|
|
|
|
const usage = `edgeguard-ctl — EdgeGuard CLI
|
|
|
|
Usage:
|
|
edgeguard-ctl <command> [args]
|
|
|
|
Commands:
|
|
version Print version and exit
|
|
migrate up Apply pending migrations
|
|
migrate down Roll back the most recent migration (dev only)
|
|
migrate check Validate embedded migrations (no DB connect)
|
|
migrate dump [dir] Write embedded SQL files to dir (default: ./migrations)
|
|
initdb Create PostgreSQL role + database (idempotent)
|
|
render-config Regenerate haproxy / nftables configs from PG (--no-reload, --only=)
|
|
wg-import [--path <dir>] Import existing /etc/wireguard/*.conf files into the DB
|
|
cluster-join Join an existing cluster (Phase 3, not yet implemented)
|
|
promote Promote this node's PG to primary (Phase 3, not yet implemented)
|
|
dump-config Print effective config (Phase 3, not yet implemented)
|
|
`
|
|
|
|
func main() {
|
|
if len(os.Args) < 2 {
|
|
fmt.Fprint(os.Stderr, usage)
|
|
os.Exit(2)
|
|
}
|
|
switch os.Args[1] {
|
|
case "-h", "--help", "help":
|
|
fmt.Print(usage)
|
|
case "version", "--version":
|
|
fmt.Println(version)
|
|
case "migrate":
|
|
os.Exit(cmdMigrate(os.Args[2:]))
|
|
case "initdb":
|
|
os.Exit(cmdInitDB(os.Args[2:]))
|
|
case "render-config":
|
|
os.Exit(cmdRenderConfig(os.Args[2:]))
|
|
case "wg-import":
|
|
os.Exit(cmdWGImport(os.Args[2:]))
|
|
case "cluster-join", "cluster-leave", "promote", "dump-config":
|
|
fmt.Fprintf(os.Stderr, "edgeguard-ctl: %q is a Phase-3 stub — not yet implemented\n", os.Args[1])
|
|
os.Exit(1)
|
|
default:
|
|
fmt.Fprintf(os.Stderr, "edgeguard-ctl: unknown command %q\n", os.Args[1])
|
|
fmt.Fprint(os.Stderr, usage)
|
|
os.Exit(2)
|
|
}
|
|
}
|