Skip to content

Latest commit

 

History

History
194 lines (152 loc) · 7.65 KB

README.md

File metadata and controls

194 lines (152 loc) · 7.65 KB

LightkeeperRM

LightkeeperRM (Remote Management) is a lightweight and modular drop-in replacement for maintaining servers over SSH. No additional daemons, agents or other software is needed on target hosts. LightkeeperRM will only run standard Linux commands already available on the host. You can see executed commands through debug log and on target hosts's logs (depending on setup), so it's easy to audit and debug. Lightkeeper simplifies general maintenance tasks such as upgrades, monitoring, debugging and configuration.

Agentless monitoring. Monitors hosts and certificates.

LightkeeperRM aims to be customizable, modular and easily extendable, so that it can be modified for different needs.

User-interface is compact and aims to keep only the most essential information visible. Clicking and navigating between different views is kept to a minimum.
In case you find the GUI insufficient and need to dig deeper, you can always use a button, or hotkey, for launching a terminal that logs you in through SSH.

Extensive keyboard shortcuts.

NOTE: Lightkeeper is currently in beta and still has bugs and is missing some features. Documentation is also not yet complete.




Overview of LightkeeperRM's GUI.


Some features

  • Monitor status changes periodically and get alert notifications.
  • Monitor certificate validity and expiration.
  • Status summary in host table for quick status view
  • Log viewer with regex search and hotkeys similar to less/vim.
  • Text file editor for editing remote files (with built-in editor or using CLI over SSH).
  • Follow console output for longer running commands such as container builds and package updates.

Some background

The idea for Lightkeeper rose from personal needs. Writing the same commands over the years can get tiresome and feel slow, even if utilizing shell's command history.
Another pain point was monitoring. Configuring and maintaining a software stack for relatively simple monitoring needs (graphs, alerts) can get needlessly heavy. Specifically, in my case, I aim to replace CollectD, InfluxDB and Grafana (although, an external DB would still be possible with Lightkeeper).

So, I started formulating an idea about a more integrated maintenance tool for power users to simplify everything. At the same time, deploying should be as simple as possible since the aim is to streamline. The plain old shell doesn't need additional daemons on the servers so Lightkeeper shouldn't either.

Table of contents

Known issues

Error: "Unable to exchange encryption keys":

With NixOS, most likely server and client couldn't agree on MAC algorithm.
This is caused by ssh2-crate dependency, which hasn't published a release in a while and has limited algorithm support. Consider including hmac-sha2-512 and hmac-sha2-256 in server's services.openssh.settings.Macs if you're missing those.

With other distros, this can be caused by libssh2 trying to use a deprecated algorithm. New ssh2-crate release would probably solve some of the issues. For more information, see:
alexcrichton/ssh2-rs#254 libssh2/libssh2#659 https://github.com/libssh2/libssh2/issues?q=is%253Aissue+key+exchange+failed

Installing

Flatpak

It is recommended to download the app from Flathub: https://flathub.org/apps/io.github.kalaksi.Lightkeeper
It's sandboxed and uses the minimum amount of permissions required.

The alternative is building from source.

Building from source

Flatpak

# If you're missing the runtime and rust extension:
flatpak install runtime/org.kde.Sdk/x86_64/6.7
flatpak install runtime/org.freedesktop.Sdk.Extension.rust-stable/x86_64/23.08

# Test building: 
flatpak-builder build --user --force-clean flatpak/io.github.kalaksi.Lightkeeper-local.yml

# If you want to install also:
flatpak-builder --user --install --force-clean build flatpak/io.github.kalaksi.Lightkeeper-local.yml

Regular

Dependencies are:

  • Qt 6.4
  • liboping
  • libdbus

Migration to Qt6 is now done, so now you'll need these packages on Ubuntu 24.04:

  • libssl-dev
  • libdbus-1-3, libdbus-1-dev
  • liboping0, liboping-dev
  • libqt6svg6
  • qt6-declarative-dev
  • qml6-module-qt-labs-qmlmodels
  • qml6-module-qt5compat-graphicaleffects
  • qml6-module-qtqml-workerscript
  • qml6-module-qtquick-controls
  • qml6-module-qtquick-layouts
  • qml6-module-qtquick-nativestyle
  • qml6-module-qtquick-shapes
  • qml6-module-qtquick-templates
  • qml6-module-qtquick-window
  • qml6-module-qtquick-dialogs
  • qml6-module-qt-labs-platform
  • qml6-module-qtcharts

Building:

./build.sh

Running:

./run.sh

If you're getting error about missing qmake, you'll have to point cargo to correct qmake with .cargo/config.toml:

[env]
QMAKE = "/usr/lib/qt6/bin/qmake"

Post-install

If you're using the ping monitor (not used by default), you need to give Lightkeeper binary more networking privileges:

$ setcap cap_net_raw+ep $MY_BINARY

Server OS support

The (current) goal is to support:

  • Debian
  • Ubuntu
  • RHEL
  • CentOS
  • NixOS
  • Linux in general (basic functionality for most distributions)

Configuration

NOTE: There is currently an assumption that your user can run sudo without password (or has root privileges) on the target host since some commands need higher privileges.

Configuration can now be done using the graphical UI, but configuring can always be done directly through configuration files, too.

Configuration files

Example configuration files config.example.yml, hosts.example.yml and groups.example.yml can be found in the root of this repository.

When running without flatpak, the default configuration directory is usually ~/.config/lightkeeper and cache directory ~/.cache/lightkeeper. With flatpak, it's the usual app specific directory: ~/.var/app/io.github.kalaksi.Lightkeeper/config and ~/.var/app/io.github.kalaksi.Lightkeeper/cache. You can use a custom configuration directory with the -c/--config-dir option.

Debug logging

Log levels are controlled with environment variable RUST_LOG, so use RUST_LOG=debug.

Testing

test-env-directory contains Vagrantfiles for virtual machines and also matching configurations for testing.
You can use --config-dir to load the test configuration for manual testing. For example, ./target/debug/lightkeeper --config-dir test if building from source.
Automatic testing (cargo test) is currently not usable.

License

Lightkeeper

Copyright © 2023 [email protected].

This software is licensed under GNU General Public License 3.

Crate dependencies

All crate dependencies contain permissive licenses (mostly MIT license).
You can check the licenses with:

cargo tree --format "{p} {l}" --prefix none

Or, to quickly see what different licenses are being used by printing only unique license strings:

cargo tree --format "{l}" --prefix none | sort | uniq

Liboping

Liboping 1.10 (https://noping.cc/) is redistributed inside the flatpak package. It's a separate C library dependency needed by oping-crate and is distributed under LGPL-2.1 license.