Closed yodapotatofly closed 1 year ago
g-bougard
commented
1 year ago Hi @yodapotatofly
did you try to use the proxy configuration parameter ?
Maybe HTTP_PROXY is not available for the service. Did you try to run glpi-agent from the command line checking HTTP_PROXY is set in the root environment ?
I can confirm you we uses LWP::UserAgent perl library which should support HTTP_PROXY environment variable if "proxy" parameter is not setup in conf.
yodapotatofly
commented
1 year ago @g-bougard Yes, I also tried using the proxy parameter, and it doesn't work either
g-bougard
commented
1 year ago Hi @yodapotatofly just tested on a ubuntu 22.04. I locally installed a tinyproxy service to pass by a proxy. I tried with both HTTP_PROXY environment variable and --proxy option from the commandline:
root@ubuntu-2204:/root# HTTP_PROXY=http://127.0.0.1:8888 glpi-agent --logger=stderr --debug --force
...
root@ubuntu-2204:/root# glpi-agent --logger=stderr --debug --force --proxy http://127.0.0.1:8888
...This works perfectly and in debug mode, I can see a dedicated log showing the proxy is used:
...
[debug] Running in foreground mode
[info] target server0: server http://my-glpi-server/plugins/glpiinventory/
[debug] [http client] 17CE28F0: Using Compress::Zlib for compression
[info] sending contact request to server0
[debug] [http client] Using 'http://127.0.0.1:8888' as proxy for http protocol
[debug] server message: remoteinventory task not supported
[debug] [http client] Using Compress::Zlib for compression
[info] sending prolog request to server0
[debug] [http client] Using 'http://127.0.0.1:8888' as proxy for http protocol
[info] running task Inventory
[info] New inventory from ubuntu-2204-2022-06-23-12-25-40 for server0
...
[debug] Running GLPI::Agent::Task::Inventory::Provider
[debug] Running GLPI::Agent::Task::Inventory::Virtualization
[debug] Section OPERATINGSYSTEM has changed since last inventory
[debug] [http client] 7D78C55D: Using Compress::Zlib for compression
[debug] [http client] Using 'http://127.0.0.1:8888' as proxy for http protocol
[debug] Remote inventory task execution disabled: no remote to inventory
[debug] WakeOnLan task execution not requested
...In the log you're showing, I don't see this dedicated line:
[debug] [http client] Using 'http://127.0.0.1:8888' as proxy for http protocolSo my guess is you're not using it the right way.
What kind of proxy you're using ? What's its URL ? Are you sure your proxy is reachable from the computer ?
yodapotatofly
commented
1 year ago After doing more tests, I found that running glpi-agent by hand works fine, even without specifying explicitly proxy parameter. However, running it as a service from the perl installer doesn't, because it doesn't take the proxy env variable into account. Moreover, it is not possible to pass a proxy parameter to the script
After modifying the config file with proxy parameter, it finally does works fine.
This means that the perl script should be improve to take the env variable from user context and put it in hard in the conf file, and there should be a cli option to manually specify the proxy on install
those options should also be added to glpi-injector for debug purposes
g-bougard
commented
1 year ago Okay, I understand the --proxy option support is required for perl installer. Using the user proxy environment by default is probably wrong as I think this is not always what people wants. But I can add an option to use the current user environment proxy as proxy value in configuration.
For glpi-injector, you're right it should support proxy too.
g-bougard
commented
1 year ago @yodapotatofly Would you please test the next nightly to validate everything now works as expected for you ?
Use --help option to check added options.
Thx
yodapotatofly
commented
1 year ago Thanks a lot for reacting that quickly.
For the record, I do think that we should use the env variable by default, as it is what the doc states _"By default, the agent uses HTTPPROXY environment variable." Nothing mention a difference between running by hand and using a service. Or at least it should be clarified.
I will test the nightly ASAP and keep you posted
yodapotatofly
commented
1 year ago I just tried the nightly. It's works perfectly except that the --runnow option breaks the service and it has to be restarted (this is probably unrelated though)
[Mon Jan 2 17:11:27 2023][debug] Logger backend File initialized
[Mon Jan 2 17:11:27 2023][debug] GLPI Agent (1.5-giteab5c585)
[Mon Jan 2 17:11:27 2023][debug] Configuration directory: /etc/glpi-agent
[Mon Jan 2 17:11:27 2023][debug] Data directory: /usr/share/glpi-agent
[Mon Jan 2 17:11:27 2023][debug] Storage directory: /var/lib/glpi-agent
[Mon Jan 2 17:11:27 2023][debug] Lib directory: /usr/share/glpi-agent/lib
[Mon Jan 2 17:11:27 2023][debug] [target server0] Next server contact planned for Mon Jan 2 18:00:21 2023
[Mon Jan 2 17:11:27 2023][debug2] getAvailableTasks() : add of task Inventory version 1.12
[Mon Jan 2 17:11:27 2023][debug2] getAvailableTasks() : add of task RemoteInventory version 1.0
[Mon Jan 2 17:11:27 2023][debug2] getAvailableTasks() : add of task WakeOnLan version 2.2
[Mon Jan 2 17:11:27 2023][debug2] Preparing execution plan
[Mon Jan 2 17:11:27 2023][debug] Available tasks:
[Mon Jan 2 17:11:27 2023][debug] - Inventory: 1.12
[Mon Jan 2 17:11:27 2023][debug] - RemoteInventory: 1.0
[Mon Jan 2 17:11:27 2023][debug] - WakeOnLan: 2.2
[Mon Jan 2 17:11:27 2023][debug] target server0: server https://glpi01.domain.fr
[Mon Jan 2 17:11:27 2023][debug] Planned tasks for server0: Inventory
[Mon Jan 2 17:11:27 2023][debug] Built by Debian
[Mon Jan 2 17:11:27 2023][debug] Source time: 2022-12-31 02:15
[Mon Jan 2 17:11:27 2023][info] GLPI Agent starting
[Mon Jan 2 17:11:27 2023][debug] Skipping running daemon control based on PID file checking
[Mon Jan 2 17:11:27 2023][debug] GLPI Agent started in foreground
[Mon Jan 2 17:11:27 2023][debug] Trusted target ip: 10.21.30.100/32, ::ffff:a15:1e64/128
[Mon Jan 2 17:11:27 2023][debug] [http server] Trying to load BasicAuthentication Server plugin
[Mon Jan 2 17:11:27 2023][debug] [basic authentication server plugin] Initializing BasicAuthentication v1.0 Server plugin...
[Mon Jan 2 17:11:27 2023][debug] [basic authentication server plugin] BasicAuthentication Server plugin configuration missing: /etc/glpi-agent/basic-authentication-server-plugin.cfg
[Mon Jan 2 17:11:27 2023][debug] [http server] HTTPD BasicAuthentication Server plugin loaded but disabled
[Mon Jan 2 17:11:27 2023][debug] [http server] Trying to load Inventory Server plugin
[Mon Jan 2 17:11:27 2023][debug] [inventory server plugin] Initializing Inventory v1.1 Server plugin...
[Mon Jan 2 17:11:27 2023][debug] [inventory server plugin] Loading Inventory Server plugin configuration from /etc/glpi-agent/inventory-server-plugin.cfg
[Mon Jan 2 17:11:27 2023][debug] [http server] HTTPD Inventory Server plugin loaded but disabled
[Mon Jan 2 17:11:27 2023][debug] [http server] Trying to load Proxy Server plugin
[Mon Jan 2 17:11:27 2023][debug] [proxy server plugin] Initializing Proxy v2.1 Server plugin...
[Mon Jan 2 17:11:27 2023][debug] [proxy server plugin] Loading Proxy Server plugin configuration from /etc/glpi-agent/proxy-server-plugin.cfg
[Mon Jan 2 17:11:27 2023][debug] [http server] HTTPD Proxy Server plugin loaded but disabled
[Mon Jan 2 17:11:27 2023][debug] [http server] Trying to load SecondaryProxy Server plugin
[Mon Jan 2 17:11:27 2023][debug] [proxy2 server plugin] Initializing SecondaryProxy v1.1 Server plugin...
[Mon Jan 2 17:11:27 2023][debug] [proxy2 server plugin] Loading SecondaryProxy Server plugin configuration from /etc/glpi-agent/proxy2-server-plugin.cfg
[Mon Jan 2 17:11:27 2023][debug] [http server] HTTPD SecondaryProxy Server plugin loaded but disabled
[Mon Jan 2 17:11:27 2023][debug] [http server] Trying to load SSL Server plugin
[Mon Jan 2 17:11:27 2023][debug] [ssl server plugin] Initializing SSL v1.1 Server plugin...
[Mon Jan 2 17:11:27 2023][debug] [ssl server plugin] Loading SSL Server plugin configuration from /etc/glpi-agent/ssl-server-plugin.cfg
[Mon Jan 2 17:11:27 2023][debug] [http server] HTTPD SSL Server plugin loaded but disabled
[Mon Jan 2 17:11:27 2023][debug] [http server] Trying to load Test Server plugin
[Mon Jan 2 17:11:27 2023][debug] [server test plugin] Initializing Test v1.5-giteab5c585 Server plugin...
[Mon Jan 2 17:11:27 2023][debug] [server test plugin] Loading Test Server plugin configuration from /etc/glpi-agent/server-test-plugin.cfg
[Mon Jan 2 17:11:27 2023][debug] [http server] HTTPD Test Server plugin loaded but disabled
[Mon Jan 2 17:11:27 2023][debug] [http server] Trying to load ToolBox Server plugin
[Mon Jan 2 17:11:27 2023][debug] [toolbox plugin] Initializing ToolBox v1.1 Server plugin...
[Mon Jan 2 17:11:27 2023][debug] [toolbox plugin] Loading ToolBox Server plugin configuration from /etc/glpi-agent/toolbox-plugin.cfg
[Mon Jan 2 17:11:27 2023][debug] [http server] HTTPD ToolBox Server plugin loaded but disabled
[Mon Jan 2 17:11:27 2023][info] [http server] HTTPD service started on port 62354journalctl -xeu shows :
Jan 02 17:36:31 myServer glpi-agent[161509]: [debug] [http server] HTTPD Test Server plugin loaded but disabled
Jan 02 17:36:31 myServer glpi-agent[161509]: [debug] [http server] Trying to load ToolBox Server plugin
Jan 02 17:36:31 myServer glpi-agent[161509]: [debug] [toolbox plugin] Initializing ToolBox v1.1 Server plugin...
Jan 02 17:36:31 myServer glpi-agent[161509]: [debug] [toolbox plugin] Loading ToolBox Server plugin configuration from /etc/glpi-agent/toolbox-plugin.cfg
Jan 02 17:36:31 myServer glpi-agent[161509]: [debug] [http server] HTTPD ToolBox Server plugin loaded but disabled
Jan 02 17:36:31 myServer glpi-agent[161509]: [info] [http server] HTTPD service started on port 62354
Jan 02 17:36:31 myServer systemd[1]: glpi-agent.service: Sent signal SIGUSR1 to main process 161509 (glpi-agent) on client request.
Jan 02 17:36:31 myServer systemd[1]: glpi-agent.service: Main process exited, code=killed, status=10/USR1
░░ Subject: Unit process exited
░░ Defined-By: systemd
░░ Support: http://www.ubuntu.com/support
░░
░░ An ExecStart= process belonging to unit glpi-agent.service has exited.
░░
░░ The process' exit code is 'killed' and its exit status is 10.
Jan 02 17:36:31 systemd[1]: glpi-agent.service: Failed with result 'signal'.
░░ Subject: Unit failed
░░ Defined-By: systemd
░░ Support: http://www.ubuntu.com/support
░░
░░ The unit glpi-agent.service has entered the 'failed' state with result 'signal'.
Jan 02 17:36:31 systemd[1]: glpi-agent.service: Consumed 1.025s CPU time.
░░ Subject: Resources consumed by unit runtime
░░ Defined-By: systemd
░░ Support: http://www.ubuntu.com/support
░░
░░ The unit glpi-agent.service completed and consumed the indicated resources.
Hi @yodapotatofly
what do you mean by --runnow option is breaking the service ? I only see logs in your post, so can you clarify what you did ?
yodapotatofly
commented
1 year ago @g-bougard
When I use the --runnow option, then the SIGUSR1 seems to be sent too soon and it makes the agent crash.
After the log "HTTPD service started on port 62354", the signal is sent and it makes the ùmain process exit and the service enters the failed state.
However, if I don't use --runnow and let the agent start properly, then I can send SIGUSR1 and it works perfectly
g-bougard
commented
1 year ago Okay, I understand. You're are talking about the --runnow option of the perl installer which send too early the SIGUSR1 signal. I must investigate.
yodapotatofly
commented
1 year ago Yes. I feel this is not due to what you changed related to the proxy, most probably other changes made between the latest stable and the nighlty
g-bougard
commented
1 year ago Indeed, I didn't change anything related to this installer option since a year. For you to know, the installer waits just one second before sending the SIGUSR1 on start when --runnow option is used. It seems this is not sufficient in your context. I'll modify the agent to support it as soon as possible so we can hope the one second is sufficient. Maybe it won't be sufficient if your computer is too slow to start the service.
g-bougard
commented
1 year ago Can you try this problem with the next nightly or apply this commit ? With just the commit, you can test with:
systemctl restart glpi-agent; sleep 1; systemctl -s SIGUSR1 kill glpi-agent
static302
commented
7 months ago Agent running as a service still ignores environment variables (http_proxy, https_proxy, HTTP_PROXY, HTTPS_PROXY).
If i start it ad-hoc, via glpi-agent -f - everything works fine.
Should I bump this issue or create a new one?
g-bougard
commented
7 months ago Hi @static302
your question is not really related to this issue. You should probably have to better open a new Q&A discussion.
But to answer, environment variables are made for commands run from a shell. You have no guaranty they will be used by a service. Anyway, you can simply configure glpi-agent service providing the required value to the proxy parameter.
Bug reporting acknowledgment
Yes, I read it
Professional support
Yes, I know
Describe the bug
When glpi-agent is separated from glpi server by a proxy, it does not succeed to connect to glpi server.
The proxy has access to glpi web interface on port 443
The proxy is set in the client system as $HTTP_PROXY and $HTTPS_PROXY environnent variables I also tried manually adding the proxy URL to glpi-agent conf file. (the proxy url does appear in the logs but result is the same) I tried running glpi-injector as well, with no more success.
However, I have successfully loaded an 'inventory.json' file using curl, and it went perfectly fine.
This is the log I have :
To reproduce
Install glpi agent with perl script using
sudo perl glpi-agent-1.4-linux-installer.pl --install --server https://glpi.mydomain.fr --logfile=/var/log/glpi-agent.log --debug=2 --no-ssl-check --tasks=inventory --no-compression --runnowread the log file and contemplate the agent failing to reach glpi server
sudo tail -f /var/log/glpi-agent.logExpected behavior
The agent should successfully reach the glpi server and upload it's inventory
Operating system
Linux
GLPI Agent version
1.4
GLPI version
Other (See additional context below)
GLPIInventory plugin or FusionInventory for GLPI plugin version
Not applicable
Additional context
GLPI server 10.0.5 on Ubuntu 22.04.1 LTS GLPI Agent 1.4-1 on Ubuntu 22.04.1 LTS