Problem using monit with curl

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
6 messages Options
Reply | Threaded
Open this post in threaded view
|

Problem using monit with curl

Norbert Preining
Hi all,

I am trying to control a few operations (read write) via curl.
Unfortunately, the simple approach
        curl -u user:pass -s '<a href="http://localhost:NNNN/myservice'">http://localhost:NNNN/myservice' --data 'action=restart'
(monit http is running on port NNNN) finished with
        Invalid CSRF Token

A bit of search brought me to
        https://mmonit.com/documentation/http-api/Examples/cURL
which seems exactely what I want to do, alas, the very first invocation
given
        curl -c ~/.mmonit/cookie <a href="http://localhost:NNNN/index.csp">http://localhost:NNNN/index.csp
or
        curl -c ~/.mmonit/cookie <a href="http://127.0.0.1:NNNN/index.csp">http://127.0.0.1:NNNN/index.csp
ended with
        There is no service named "index.csp"
Even adding the -u user:pass didn't help at all.

Could someone please explain how to set up read/write access to monit
via curl? It seems that the wiki page/documentation is incorrect.

Thanks

Norbert

--
PREINING Norbert                              https://www.preining.info
Accelia Inc. + IFMGA ProGuide + TU Wien + JAIST + TeX Live + Debian Dev
GPG: 0x860CDC13   fp: F7D8 A928 26E3 16A1 9FA0 ACF0 6CAC A448 860C DC13

Reply | Threaded
Open this post in threaded view
|

Re: Problem using monit with curl

David-634
is not curl or monit
that site is doing CSRF check,
probably a django site or similar? many web frameworks do that automatically
you should point the curl to the  specific IP or hostname that  the  site  is expecting

bests,
David


On Sat, 18 Jul 2020 at 16:42, Norbert Preining <[hidden email]> wrote:
Hi all,

I am trying to control a few operations (read write) via curl.
Unfortunately, the simple approach
        curl -u user:pass -s 'http://localhost:NNNN/myservice' --data 'action=restart'
(monit http is running on port NNNN) finished with
        Invalid CSRF Token

A bit of search brought me to
        https://mmonit.com/documentation/http-api/Examples/cURL
which seems exactely what I want to do, alas, the very first invocation
given
        curl -c ~/.mmonit/cookie http://localhost:NNNN/index.csp
or
        curl -c ~/.mmonit/cookie http://127.0.0.1:NNNN/index.csp
ended with
        There is no service named "index.csp"
Even adding the -u user:pass didn't help at all.

Could someone please explain how to set up read/write access to monit
via curl? It seems that the wiki page/documentation is incorrect.

Thanks

Norbert

--
PREINING Norbert                              https://www.preining.info
Accelia Inc. + IFMGA ProGuide + TU Wien + JAIST + TeX Live + Debian Dev
GPG: 0x860CDC13   fp: F7D8 A928 26E3 16A1 9FA0 ACF0 6CAC A448 860C DC13

Reply | Threaded
Open this post in threaded view
|

Re: Problem using monit with curl

Lutz Mader
In reply to this post by Norbert Preining
Hello Norbert,
your problem, this is for M/Monit the central Server for Monit.

> A bit of search brought me to
> https://mmonit.com/documentation/http-api/Examples/cURL
> which seems exactely what I want to do, alas, the very first invocation
> given

> Could someone please explain how to set up read/write access to monit
> via curl? It seems that the wiki page/documentation is incorrect.

The Monit interface is not documented well, but very simple to handle.
But it is more useful to use the M/Monit server to handle this request.

With regards,
Lutz

Appendage:
A simple script to get the summary.
$1 is the monit hostname (the port is 2812)
$2 is a service or nothing

A simple sample script only:
#!/bin/ksh

OS=`uname -s | tr 'A-Z' 'a-z'`
if [ "$OS" = 'aix' ] ; then
  TOKEN=`date '+%Y%m%d%H%M%S'"$$""$RANDOM" | openssl md5 | cut -d ' ' -f 2`
elif [ "$OS" = 'darwin' ] ; then
  TOKEN=`md5 -q -s "\`date '+%Y%m%d%H%M%S'\`""$$""$RANDOM"`
elif [ "$OS" = 'linux' ] ; then
  TOKEN=`date '+%Y%m%d%H%M%S'\""$$""$RANDOM" | md5sum -t - | cut -d ' '
-f 1`
else
  TOKEN=`date '+%Y%m%d%H%M%S'\""$$""$RANDOM" | md5sum -t - | cut -d ' '
-f 1`
fi

if [ -n "$1" ]; then
  HOST="$1"
else
  HOST=`hostname`
fi

if [ -n "$2" ]; then
  SERVICE="service=$2&"
else
  SERVICE=""
fi

# The escape character.
ESC=`printf '\033'`    # Esc x1B 033 &#27;

cat <<MONIT | \
curl -k -X "POST /_summary HTTP/1.0" -H "Content-Type:
application/x-www-form-urlencoded" \
-b "securitytoken=${TOKEN}" \
-u admin:monit -d @- https://${HOST}:2812 | \
sed -e '/<.*html>/,/<\/html>/s/.*<\/h2>\(.*\)<hr>.*/\1/' | \
sed -e "s/${ESC}\[[0-9][0-9]*\;*[0-9]*[Km]//g" | \
sed -e 's/[─│├┼┤┌┬┐└┴┘]//g' | sed -e '/^$/d'
${SERVICE}format=text&securitytoken=${TOKEN}
MONIT

return

Reply | Threaded
Open this post in threaded view
|

Re: Problem using monit with curl

Lutz Mader
In reply to this post by Norbert Preining
Hello Norbert,
I append some sample scripts to get the summary, the status or do some
actions on monit to the mail. Have a look to use the right user and
password, the samples use "admin" with "monit", the port is 2812.

summary.sh host [service]
status.sh host [service]
doaction.sh host start|stop|monitor|unmonitor [service]

The scripts are very easy and samples only.
The use of the scripts takes place on your own risk.

Nobody can be made under any circumstances liable for damages to
hardware and software, lost data and others directly or indirectly by
the use of the software emerging damages.

If you do not agree with these conditions, you may not use or distribute
these scripts.

With regards,
Lutz


summary.sh (1K) Download Attachment
status.sh (1K) Download Attachment
doaction.sh (1K) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: Problem using monit with curl

Norbert Preining
Hi Lutz,

thanks a lot for your answer, that is very much appreciated.

> your problem, this is for M/Monit the central Server for Monit.

Hmmm, has that changed at some point? On our old (very very very) old
vm I see monit 5.4 (Debian machine 1:5.4-2) and there POSTing to
        curl -s 'http://localhost:2812/SOMESERVICE' --data 'action=restart'
did actually work without a hinch.

Now, on a current Debian/buster with backports I have monit 5.26.0
(Debian version 1:5.26.0-1~bpo10+1) and the same does not work
anymore.
I checked https://mmonit.com/monit/changes/ for relevant changes (but
not what has happened between 5.4 and 5.6 which is not in the above
set), but I couldn't spot anything relevant to the discussion here.

Has there been some considerable changes in how the http server access
works?

> I append some sample scripts to get the summary, the status or do some

Thanks for the scripts, I will read to them and see what I can use.

> If you do not agree with these conditions, you may not use or distribute
> these scripts.

No problem, all fine, all my responsability.

Best

Norbert

--
PREINING Norbert                              https://www.preining.info
Accelia Inc. + IFMGA ProGuide + TU Wien + JAIST + TeX Live + Debian Dev
GPG: 0x860CDC13   fp: F7D8 A928 26E3 16A1 9FA0 ACF0 6CAC A448 860C DC13

Reply | Threaded
Open this post in threaded view
|

Re: Problem using monit with curl

Lutz Mader
Hello Norbert,
I start using monit some years ago, based on 5.15/5.16.

> Has there been some considerable changes in how the http server access
> works?

I can not give some more detail information about the very old versions.
Good luck, to migrate your old configuration and scripts.

With regards,
Lutz