From 7d10e97888fe4dfa4af879d6e273494619a5fb67 Mon Sep 17 00:00:00 2001 From: rcourtman Date: Wed, 3 Dec 2025 14:15:17 +0000 Subject: [PATCH] feat: Add "Skip certificate verification" option for agent install commands MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Adds a checkbox in Settings → Host Agents that enables insecure mode for users running Pulse behind self-signed HTTPS certificates. When enabled: - Adds -k flag to curl commands for downloading the install script - Adds --insecure flag to the agent for connecting back to Pulse Related to #806 --- .../src/components/Settings/UnifiedAgents.tsx | 24 +++++++++++++++++-- 1 file changed, 22 insertions(+), 2 deletions(-) diff --git a/frontend-modern/src/components/Settings/UnifiedAgents.tsx b/frontend-modern/src/components/Settings/UnifiedAgents.tsx index c64da50cd..b8c84bf84 100644 --- a/frontend-modern/src/components/Settings/UnifiedAgents.tsx +++ b/frontend-modern/src/components/Settings/UnifiedAgents.tsx @@ -108,6 +108,7 @@ export const UnifiedAgents: Component = () => { const [lookupError, setLookupError] = createSignal(null); const [lookupLoading, setLookupLoading] = createSignal(false); const [enableDocker, setEnableDocker] = createSignal(false); // Default to false - user must opt-in for Docker monitoring + const [insecureMode, setInsecureMode] = createSignal(false); // For self-signed certificates (issue #806) createEffect(() => { if (requiresToken()) { @@ -235,9 +236,11 @@ export const UnifiedAgents: Component = () => { }; const getDockerFlag = () => enableDocker() ? ' --enable-docker' : ''; + const getInsecureFlag = () => insecureMode() ? ' --insecure' : ''; + const getCurlInsecureFlag = () => insecureMode() ? '-k' : ''; const getUninstallCommand = () => { - return `curl -fsSL ${pulseUrl()}/install.sh | sudo bash -s -- --uninstall`; + return `curl ${getCurlInsecureFlag()}-fsSL ${pulseUrl()}/install.sh | sudo bash -s -- --uninstall`; }; // Track previously seen host types to prevent flapping when one source temporarily has no data @@ -341,7 +344,7 @@ export const UnifiedAgents: Component = () => { const getUpgradeCommand = (_hostname: string) => { const token = resolvedToken(); - return `curl -fsSL ${pulseUrl()}/install.sh | sudo bash -s -- --url ${pulseUrl()} --token ${token}`; + return `curl ${getCurlInsecureFlag()}-fsSL ${pulseUrl()}/install.sh | sudo bash -s -- --url ${pulseUrl()} --token ${token}${getInsecureFlag()}`; }; const handleRemoveAgent = async (id: string, type: 'host' | 'docker') => { @@ -459,6 +462,15 @@ export const UnifiedAgents: Component = () => { /> Enable Docker monitoring +
@@ -474,6 +486,10 @@ export const UnifiedAgents: Component = () => { {(snippet) => { const copyCommand = () => { let cmd = snippet.command.replace(TOKEN_PLACEHOLDER, resolvedToken()); + // Insert -k flag for curl if insecure mode enabled (issue #806) + if (insecureMode() && cmd.includes('curl -fsSL')) { + cmd = cmd.replace('curl -fsSL', 'curl -kfsSL'); + } // Append docker flag if enabled if (enableDocker()) { // For PowerShell, we need to handle the env var or args differently @@ -491,6 +507,10 @@ export const UnifiedAgents: Component = () => { cmd += getDockerFlag(); } } + // Append insecure flag for agent if enabled + if (insecureMode() && !cmd.includes('$env:') && !cmd.includes('irm')) { + cmd += getInsecureFlag(); + } return cmd; };