v0.1.16: Security overhaul and systematic deployment preparation

Breaking changes for clean alpha releases: - JWT authentication with user-provided secrets (no more development defaults) - Registration token system for secure agent enrollment - Rate limiting with user-adjustable settings - Enhanced agent configuration with proxy support - Interactive server setup wizard (--setup flag) - Heartbeat architecture separation for better UX - Package status synchronization fixes - Accurate timestamp tracking for RMM features Setup process for new installations: 1. docker-compose up -d postgres 2. ./redflag-server --setup 3. ./redflag-server --migrate 4. ./redflag-server 5. Generate tokens via admin UI 6. Deploy agents with registration tokens
2025-10-29 10:38:18 -04:00
parent b3e1b9e52f
commit 03fee29760
50 changed files with 5807 additions and 466 deletions
--- a/aggregator-server/internal/models/command.go
+++ b/aggregator-server/internal/models/command.go
@@ -8,20 +8,28 @@ import (

 // AgentCommand represents a command to be executed by an agent
 type AgentCommand struct {
-	ID          uuid.UUID  `json:"id" db:"id"`
-	AgentID     uuid.UUID  `json:"agent_id" db:"agent_id"`
-	CommandType string     `json:"command_type" db:"command_type"`
-	Params      JSONB      `json:"params" db:"params"`
-	Status      string     `json:"status" db:"status"`
-	CreatedAt   time.Time  `json:"created_at" db:"created_at"`
-	SentAt      *time.Time `json:"sent_at,omitempty" db:"sent_at"`
-	CompletedAt *time.Time `json:"completed_at,omitempty" db:"completed_at"`
-	Result      JSONB      `json:"result,omitempty" db:"result"`
+	ID             uuid.UUID  `json:"id" db:"id"`
+	AgentID        uuid.UUID  `json:"agent_id" db:"agent_id"`
+	CommandType    string     `json:"command_type" db:"command_type"`
+	Params         JSONB      `json:"params" db:"params"`
+	Status         string     `json:"status" db:"status"`
+	CreatedAt      time.Time  `json:"created_at" db:"created_at"`
+	SentAt         *time.Time `json:"sent_at,omitempty" db:"sent_at"`
+	CompletedAt    *time.Time `json:"completed_at,omitempty" db:"completed_at"`
+	Result         JSONB      `json:"result,omitempty" db:"result"`
+	RetriedFromID  *uuid.UUID `json:"retried_from_id,omitempty" db:"retried_from_id"`
 }

 // CommandsResponse is returned when an agent checks in for commands
 type CommandsResponse struct {
-	Commands []CommandItem `json:"commands"`
+	Commands       []CommandItem `json:"commands"`
+	RapidPolling   *RapidPollingConfig `json:"rapid_polling,omitempty"`
+}
+
+// RapidPollingConfig contains rapid polling configuration for the agent
+type RapidPollingConfig struct {
+	Enabled bool   `json:"enabled"`
+	Until   string `json:"until"` // ISO 8601 timestamp
 }

 // CommandItem represents a command in the response
@@ -40,6 +48,8 @@ const (
 	CommandTypeConfirmDependencies = "confirm_dependencies"
 	CommandTypeRollback           = "rollback_update"
 	CommandTypeUpdateAgent        = "update_agent"
+	CommandTypeEnableHeartbeat    = "enable_heartbeat"
+	CommandTypeDisableHeartbeat   = "disable_heartbeat"
 )

 // Command statuses
@@ -55,15 +65,20 @@ const (

 // ActiveCommandInfo represents information about an active command for UI display
 type ActiveCommandInfo struct {
-	ID           uuid.UUID  `json:"id" db:"id"`
-	AgentID      uuid.UUID  `json:"agent_id" db:"agent_id"`
-	CommandType  string     `json:"command_type" db:"command_type"`
-	Status       string     `json:"status" db:"status"`
-	CreatedAt    time.Time  `json:"created_at" db:"created_at"`
-	SentAt       *time.Time `json:"sent_at,omitempty" db:"sent_at"`
-	CompletedAt  *time.Time `json:"completed_at,omitempty" db:"completed_at"`
-	Result       JSONB      `json:"result,omitempty" db:"result"`
-	AgentHostname string    `json:"agent_hostname" db:"agent_hostname"`
-	PackageName  string     `json:"package_name" db:"package_name"`
-	PackageType  string     `json:"package_type" db:"package_type"`
+	ID            uuid.UUID  `json:"id" db:"id"`
+	AgentID       uuid.UUID  `json:"agent_id" db:"agent_id"`
+	CommandType   string     `json:"command_type" db:"command_type"`
+	Params        JSONB      `json:"params" db:"params"`
+	Status        string     `json:"status" db:"status"`
+	CreatedAt     time.Time  `json:"created_at" db:"created_at"`
+	SentAt        *time.Time `json:"sent_at,omitempty" db:"sent_at"`
+	CompletedAt   *time.Time `json:"completed_at,omitempty" db:"completed_at"`
+	Result        JSONB      `json:"result,omitempty" db:"result"`
+	AgentHostname string     `json:"agent_hostname" db:"agent_hostname"`
+	PackageName   string     `json:"package_name" db:"package_name"`
+	PackageType   string     `json:"package_type" db:"package_type"`
+	RetriedFromID *uuid.UUID `json:"retried_from_id,omitempty" db:"retried_from_id"`
+	IsRetry       bool       `json:"is_retry" db:"is_retry"`
+	HasBeenRetried bool      `json:"has_been_retried" db:"has_been_retried"`
+	RetryCount    int        `json:"retry_count" db:"retry_count"`
 }