From fc0ccb8f9c90d1d794307e2ad33d6e73961efe57 Mon Sep 17 00:00:00 2001
From: Aidaho <aidaho@roxy-wi.org>
Date: Tue, 28 Jan 2025 17:59:14 +0300
Subject: [PATCH] v8.1.5: Fix SSH handling, password decryption, and error
 messaging.

Ensure SSH key validity check, correct password decryption, and proper error handling for SSH agent startup and service activation. Enhanced error messages improve debugging and maintainability.
---
 app/modules/server/ssh.py           | 10 +++++++---
 app/modules/service/installation.py |  5 ++++-
 2 files changed, 11 insertions(+), 4 deletions(-)

diff --git a/app/modules/server/ssh.py b/app/modules/server/ssh.py
index d3376253..69653be9 100644
--- a/app/modules/server/ssh.py
+++ b/app/modules/server/ssh.py
@@ -39,7 +39,10 @@ def return_ssh_keys_path(server_ip: str) -> dict:
 		else:
 			passphrase = ssh.passphrase
 
-		ssh_key = _return_correct_ssh_file(ssh)
+		if ssh.private_key:
+			ssh_key = _return_correct_ssh_file(ssh)
+		else:
+			ssh_key = None
 		ssh_settings.setdefault('enabled', ssh.key_enabled)
 		ssh_settings.setdefault('user', ssh.username)
 		ssh_settings.setdefault('password', password)
@@ -170,10 +173,11 @@ def decrypt_password(password: str) -> str:
 	salt = get_config.get_config_var('main', 'secret_phrase')
 	fernet = Fernet(salt.encode())
 	try:
-		decryp_pass = fernet.decrypt(password.encode()).decode()
+		decrypted_pass = fernet.decrypt(password.encode()).decode()
+		decrypted_pass = decrypted_pass.replace("'", "")
 	except Exception as e:
 		raise Exception(f'error: Cannot decrypt password: {e}')
-	return decryp_pass
+	return decrypted_pass
 
 
 def get_creds(group_id: int = None, cred_id: int = None, not_shared: bool = False) -> list:
diff --git a/app/modules/service/installation.py b/app/modules/service/installation.py
index f2718616..0914a727 100644
--- a/app/modules/service/installation.py
+++ b/app/modules/service/installation.py
@@ -238,7 +238,7 @@ def run_ansible(inv: dict, server_ips: list, ansible_role: str) -> dict:
 	try:
 		agent_pid = server_mod.start_ssh_agent()
 	except Exception as e:
-		raise Exception(f'{e}')
+		raise Exception(f'Cannot start SSH agent: {e}')
 
 	try:
 		_install_ansible_collections()
@@ -450,6 +450,9 @@ def install_service(service: str, json_data: Union[str, ServiceInstall, HACluste
 		raise Exception(f'Cannot generate inv {service}: {e}')
 	try:
 		service_actions_after_install(server_ips, service, json_data)
+	except Exception as e:
+		raise Exception(f'Cannot activate {service} on server {server_ips}: {e}')
+	try:
 		return run_ansible(inv, server_ips, service)
 	except Exception as e:
 		raise Exception(f'Cannot install {service}: {e}')