@neurosec/sentry 1.0.11 → 1.0.13
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/package.json +1 -1
- package/scripts/postinstall.js +78 -9
package/package.json
CHANGED
package/scripts/postinstall.js
CHANGED
|
@@ -120,6 +120,58 @@ discovery:
|
|
|
120
120
|
`;
|
|
121
121
|
}
|
|
122
122
|
|
|
123
|
+
const SERVICE_NAME = 'neuroshield-sentry';
|
|
124
|
+
|
|
125
|
+
function installSystemdService(paths) {
|
|
126
|
+
const servicePath = '/etc/systemd/system/' + SERVICE_NAME + '.service';
|
|
127
|
+
const binPath = '/usr/local/bin/neuroshield-sentryd';
|
|
128
|
+
const content = `[Unit]
|
|
129
|
+
Description=NeuroShield Sentry — Host-Level Agent Protection Daemon
|
|
130
|
+
Documentation=https://docs.neurosec.ai/sentry
|
|
131
|
+
After=network.target network-online.target
|
|
132
|
+
Wants=network-online.target
|
|
133
|
+
|
|
134
|
+
[Service]
|
|
135
|
+
Type=simple
|
|
136
|
+
ExecStart=${binPath}
|
|
137
|
+
Restart=always
|
|
138
|
+
RestartSec=10
|
|
139
|
+
Environment=NODE_ENV=production
|
|
140
|
+
Environment=SENTRY_CONFIG_PATH=${paths.configPath}
|
|
141
|
+
Environment=LOG_LEVEL=info
|
|
142
|
+
StandardOutput=journal
|
|
143
|
+
StandardError=journal
|
|
144
|
+
|
|
145
|
+
[Install]
|
|
146
|
+
WantedBy=multi-user.target
|
|
147
|
+
`;
|
|
148
|
+
|
|
149
|
+
try {
|
|
150
|
+
fs.writeFileSync(servicePath, content, 'utf8');
|
|
151
|
+
console.log(`[neuroshield-sentry] Service file created: ${servicePath}`);
|
|
152
|
+
return true;
|
|
153
|
+
} catch (e) {
|
|
154
|
+
console.warn(`[neuroshield-sentry] Could not write service file: ${e.message}`);
|
|
155
|
+
return false;
|
|
156
|
+
}
|
|
157
|
+
}
|
|
158
|
+
|
|
159
|
+
function enableAndStartService() {
|
|
160
|
+
const { execSync } = require('child_process');
|
|
161
|
+
for (const cmd of [
|
|
162
|
+
'systemctl daemon-reload',
|
|
163
|
+
'systemctl enable ' + SERVICE_NAME,
|
|
164
|
+
'systemctl start ' + SERVICE_NAME,
|
|
165
|
+
]) {
|
|
166
|
+
try {
|
|
167
|
+
execSync(cmd, { timeout: 10000, stdio: 'pipe' });
|
|
168
|
+
} catch (e) {
|
|
169
|
+
return false;
|
|
170
|
+
}
|
|
171
|
+
}
|
|
172
|
+
return true;
|
|
173
|
+
}
|
|
174
|
+
|
|
123
175
|
function main() {
|
|
124
176
|
const paths = getPlatformPaths();
|
|
125
177
|
const configDir = paths.configDir;
|
|
@@ -128,6 +180,10 @@ function main() {
|
|
|
128
180
|
|
|
129
181
|
// Skip if config already exists
|
|
130
182
|
if (fs.existsSync(configPath)) {
|
|
183
|
+
// Still ensure service is installed if on Linux
|
|
184
|
+
if (os.platform() === 'linux' && process.getuid && process.getuid() === 0) {
|
|
185
|
+
installSystemdService(paths);
|
|
186
|
+
}
|
|
131
187
|
console.log(`[neuroshield-sentry] Config already exists at ${configPath} — skipping`);
|
|
132
188
|
return;
|
|
133
189
|
}
|
|
@@ -164,25 +220,38 @@ function main() {
|
|
|
164
220
|
console.warn(`[neuroshield-sentry] Warning: could not write token: ${e.message}`);
|
|
165
221
|
}
|
|
166
222
|
|
|
223
|
+
console.log('');
|
|
224
|
+
// Auto-install systemd service on Linux if running as root
|
|
225
|
+
let serviceInstalled = false;
|
|
226
|
+
if (os.platform() === 'linux' && process.getuid && process.getuid() === 0) {
|
|
227
|
+
if (installSystemdService(paths)) {
|
|
228
|
+
serviceInstalled = enableAndStartService();
|
|
229
|
+
}
|
|
230
|
+
}
|
|
231
|
+
|
|
167
232
|
console.log('');
|
|
168
233
|
console.log('╔══════════════════════════════════════════════════════════╗');
|
|
169
234
|
console.log('║ NeuroShield Sentry installed! ║');
|
|
170
235
|
console.log('╠══════════════════════════════════════════════════════════╣');
|
|
171
236
|
console.log('║ ║');
|
|
237
|
+
if (serviceInstalled) {
|
|
238
|
+
console.log('║ ✓ Systemd service installed and started ║');
|
|
239
|
+
console.log('║ ║');
|
|
240
|
+
}
|
|
172
241
|
console.log('║ Next steps: ║');
|
|
173
242
|
console.log('║ ║');
|
|
174
243
|
console.log('║ 1. Configure your NeuroSec connection: ║');
|
|
175
244
|
console.log(`║ neuroshield-sentry setup ║`);
|
|
176
|
-
console.log('║ (or set env vars: NEUROSEC_ORG_ID, etc.) ║');
|
|
177
245
|
console.log('║ ║');
|
|
178
|
-
|
|
179
|
-
|
|
180
|
-
|
|
181
|
-
|
|
182
|
-
|
|
183
|
-
|
|
184
|
-
|
|
185
|
-
console.log('║
|
|
246
|
+
if (!serviceInstalled) {
|
|
247
|
+
console.log('║ 2. Install as a system service: ║');
|
|
248
|
+
console.log('║ sudo systemctl daemon-reload ║');
|
|
249
|
+
console.log('║ sudo systemctl enable ' + SERVICE_NAME + ' ║');
|
|
250
|
+
console.log('║ sudo systemctl start ' + SERVICE_NAME + ' ║');
|
|
251
|
+
console.log('║ ║');
|
|
252
|
+
}
|
|
253
|
+
console.log('║ Check status: ║');
|
|
254
|
+
console.log('║ systemctl status ' + SERVICE_NAME + ' ║');
|
|
186
255
|
console.log('║ ║');
|
|
187
256
|
console.log('╚══════════════════════════════════════════════════════════╝');
|
|
188
257
|
console.log('');
|