Need to leave work-env

DaanSelen · Nov 22, 2024 · b63a99c · b63a99c
1 parent 9d66386
commit b63a99c
Show file tree

Hide file tree

Showing 2 changed files with 57 additions and 9 deletions.
diff --git a/documentation/agent-management/README.md b/documentation/agent-management/README.md
@@ -0,0 +1,25 @@
+# How to manage NTOS-agents
+
+There are many ways to manage NTOS (Linux) agents, and people are free to help me expand this documentation!<br>
+Below I will describe a couple RMM/Management solutions I am familiar with.<br>
+
+### MeshCentral:
+
+MeshCentral is the go-to application to use in this case - free, open-source and overal it has a great community ([More info](https://github.com/Ylianst/MeshCentral)).<br>
+The way to deploy a MeshCentral-agent to a NTOS-client is to configure your desired config, such as minimal (inside [the NTOS directories](../../ntos/configs/)).<br>
+And then once the preseed has been called, apply it - using `finish.sh`.<br>
+For example, paste the lines below on the lines referenced in the main [README.md](../../README.md):
+
+> Note, that the below instruction is just copied from MeshCentral when clicking '*Add Agent*' -> '*Linux / BSD*' (I just split it up into multiple lines).
+
+```
+(wget "https://<your-meshcentral-location>/meshagents?script=1" -O ./meshinstall.sh \
+  || wget "https://<your-meshcentral-location>/meshagents?script=1" --no-proxy -O ./meshinstall.sh) \
+  && chmod 755 ./meshinstall.sh \
+  && sudo -E ./meshinstall.sh https://<your-meshcentral-location> '<MESH-ID>' \
+  || ./meshinstall.sh https://<your-meshcentral-location> '<MESH-ID>'
+```
+
+> Don't forget the remove the remaining files after this installation. I normally do this through `rm *mesh*`, but make sure that this does not delete other things as well.
+
+Once you have the above lines inside the `finish.sh` script, you can deploy a NTOS-client as per usual. Once you execute th
diff --git a/ntos/credcon/credcon.sh b/ntos/credcon/credcon.sh
@@ -2,13 +2,15 @@
 
 export DISPLAY=:0
 
+# Some environmnet variables.
 currentUser=$(whoami)
 rdpFile="/home/${currentUser}/Templates/remote-connection.rdp"
 
+# A YAD loading bar to create the illusion that the system is doing something (which it is).
+# The reason is that a non-technical person might not understand the fact that the system is doing something in the background.
 show_loading_bar() {
     echo 'Starting loading bar'
 
-    # Start the loading bar in the background and get its PID
     for ((i=1; i<=100; i++)); do
         echo $i
         echo "# $i%" > /dev/tty
@@ -23,7 +25,8 @@ show_loading_bar() {
         --auto-close
 }
 
-# Show credential input dialog
+# Show credential input dialog this is to get the credentials for the RDP-session.
+# Simple yet powerful, while not taking over the entire monitor.
 show_credential_dialogue() {
     credentials=$(yad --form \
                   --title='Login' \
@@ -39,7 +42,8 @@ show_credential_dialogue() {
     result=$?
 }
 
-# Show dialogue with 'Connection failed'
+# Show dialogue with 'Connection failed', this is done to notice the user that something might not have gone completely right.
+# The purpose for this is to display this once a connection failed, not when it succeeded.
 show_connection_failure() {
     yad --form \
         --title='Connection Closed' \
@@ -49,42 +53,61 @@ show_connection_failure() {
         --height=200
 }
 
+# Main loop, because I am a bit used to that programming structure.
 main() {
+    # Start the script by displaying the credential prompt.
     show_credential_dialogue
 
+    # Check if the input fields from the credential prompt are populated.
     if [ "$result" -eq 0 ]; then
-        # Extract username and password from credentials
+
+        # Extract username and password from credentials (prompt).
         username=$(echo "$credentials" | awk -F',' '{print $1}')
         password=$(echo "$credentials" | awk -F',' '{print $2}')
 
+        # Show the loading bar in the background, this is made because the FreeRDP session will take over the entire screen.
         show_loading_bar &
 
-        # Start xfreerdp session in the background and get its process ID (PID)
+        # Start xfreerdp session in the background and get its process ID (PID).
+        # This does not hinder the process from taking over the (screen/monitor) session.
         xfreerdp "$rdpFile" /u:"${username}" /p:"${password}" /cert-ignore &>> /dev/null &
         xfreerdp_pid=$!
 
-        # Wait for the xfreerdp process up to 30 seconds
+        # Wait for the xfreerdp process up to $interval seconds, default 30.
         threshold=30
         elapsed=0
         interval=1
-
+
+        # Keep track of how long the FreeRDP process is alive for.
         while kill -0 "$xfreerdp_pid" 2> /dev/null; do
             sleep "$interval"
             elapsed=$(($elapsed + $interval))
 
-            # If xfreerdp has been running for more than 30 seconds, exit the loop
+            # If xfreerdp has been running for more than 30 seconds, exit the loop (connection likely succeeded).
             if [ "$elapsed" -ge "$threshold" ]; then
                 echo 'xfreerdp ran for more than 30 seconds Assuming success..'
+
+                # Disown the FreeRDP process to make the script exit gracefully.
                 disown "$xfreerdp_pid"
+
+                # Kill all remaining YAD dialogues.
                 pkill -f yad
+
+                # Gracefully exit the script.
                 exit 0
             fi
         done
 
-        # If we exit the loop in under 30 seconds, it means xfreerdp terminated early
+        # If we exit the loop in under 30 seconds, it means xfreerdp terminated early, which likely means a failure to login/connect.
         echo "xfreerdp terminated early (less than '${threshold}' seconds)."
+
+        # This is done to kill the loading bar process, because it will be followed-up by the "login_failed" dialogue.
         pkill -f yad
+
+        # The follow-up.
         show_connection_failure
+
+        # Gracefully exit.
         exit 0
     fi
 }