Drupal Remote Dashboard Introduction

DRD main documentation can be found at 

https://www.drupal.org/docs/contributed-modules/drupal-remote-dashboard/

DRDashboard basics (a more in-depth explanation of these and other terms can be found in the DRD Documentation Glossary 

https://www.drupal.org/docs/8/modules/drupal-remote-dashboard/glossary)

 

DRD is made of of three major building blocks (cliff notes):

1. Hosts – which are a logical container for organizing your Cores and Domains

2. Cores – which are individual Drupal core instances

3. Domains – which are individual sites located on those cores (single site & multi-site Drupal instances)

4. Projects – which are typically individual modules

Dependencies of DRD:

Core:

• taxonomy

• update

• views

Contrib:

• Advanced queue

• Encrypt 

• Entity views attachment  

• Key value field

 

Install & enable DRDashboard

• On dashboard site

  • composer require drupal/drd

  • drush en -y drd  (dashboard) 

• All remote sites need to be setup individually in order to be seen in the Dashboard - See Remote Site Setup

When you enable drd you will get the following message:

The following extensions will be enabled: drd, key_value_field, eva, key, encrypt, drd_agent, advancedqueue

Do you really want to continue? (y/n): y

Now you will find Dashboard button in the toolbar:

After creating your dashboard and your first agent add your cores.

• On the main dashboard (/drd) use the button “Create another core”.

• Fill out the URL field of your remote site (being sure to use the exact url that is in your browser, otherwise core creation will fail).

• Set Authentication Type

  • (I like Shared Secret)

• Set Encryption Type

  • (I use the default and use the higher Cipher)

• Fill out the name of the entity

• Select the host you wish to associate this core with (if you have more than one host setup)

• Select “Save”

Now you should be on the page on the newly created core.  Here you will setup the domain and it’s connection token.

• Click the “logged in” link to verify you are logged into the core’s domain

• Click on the “token” link to copy the security token into your clipboard.

• Click on “click here” to access the agent authorization page for your core.

  • Paste the security token into the authentication token field

  • click on “Validate”

• Once on the “Authorize Dashboard” page click on “Grant admin access”

• This will bring you full circle back to the Core page for the core you just created and your new domain will be listed

You can repeat this for all your core installations.

 

DRD Drush Commands:

To use drd drush commands you have to have drush 10+

use “drush version” to get the version of drush you are currently using.

If you are not using drush 10 you will have to install it.  

You can upgrade it globally or you can install it locally for this site only.

To do this install drush locally use composer in the root of the site where composer.json is located:

• composer require drush/drush

After installing drush check to make sure you see the updated version.  If you still don’t see it you might have to run it manually using “vendor/bin/drush” instead of just “drush” in-order to run the local copy of drush

Drupal Console is supported (but I have no experience with DC)

 

Setup Encryption Profile

• Enable modules

  • real_aes 

  • key

• Generate key

  • In LINUX run command “dd if=/dev/urandom bs=32 count=1 > /path/to/secret.key”  (creates 256 bit key)

    •  example path  private://keys/foobar.key

• Go to Configuration → Keys and select Add Key

• • Enter Key name

  • Description

  • Type settings

    • Key type

      • Encryption

    • Key size

      • 256

  • Provider settings

    • Key provider

      • File

    • File location

      • path/to/secret.key”

  • Save

• Go to Configuration → Encryption profiles

  • Select “Add Encryption profile”

  • Enter Label

  • Select “Authenticated AES (Real AES)”

  • Encryption Key

    • Select the key you created previously

  • Save

 

In the documentation there are three modules listed as suggestions.  I will skim them here.

Hacked!

Though it is listed when you go the the module site it states:

This module does not and will not prevent your site from being 'hacked'.

This is primarily a developer tool and should never ever (don't even think it) be installed on a production site.

I have also found the hacked module has a tendency to block the reporting of the site’s modules to DRD.

With this news It should not be placed on your live site. There are three other modules listed for checking module integrity.  

• 'md5check', 

• 'File integrity check' 

• 'Sentry'

As of this time I have not tried any of them with DRD.

Monitoring

This is from the module page:

This project introduces a vendor independent framework for deeply monitoring Drupal and all its projects / modules. It provides a 360 degree perspective on Drupal system health, being a critical piece for true enterprise Drupal platforms.

Our goal is to make monitoring an affordable and well established standard feature. These days, every website is somehow mission critical and the era of lazy-/unmonitored enterprise applications needs to come to an end.

With this vendor independent definition, we recommend every contrib module to provide its own sensors that allows the measuring of module health by default.

DRD reports back the status of the site to the dashboard, making monitoring simper.  

To get this output all you have to do is 

• go to Domains page (/drd/domains)

• Select the domain you wish to look at

• in Action field select “Collect Information”

• click Apply

• Run Cron

The output will appear in the “Monitoring” section of your Domain page

Security Review

This module does a security audit of your site. 

From the module page:

The Security Review module automates testing for many of the easy-to-make mistakes that render your site insecure.

To get this output all you have to do is 

• go to Domains page (/drd/domains)

• Select the domain you wish to look at

• in Action field select “Collect Information”

• click Apply

• Run Cron

The output will appear in the “Monitoring” section of your Domain page

 

Remote Site Setup

Drupal 7 Remote Site Setup using Drush

• drush en -y drd_agent security_review real_aes monitoring key encrypt
  (If the module doesn’t exist on the site codebase it will download it for you)

note: Per https://gitlab.com/drupalspoons/drd/-/issues/67 we found that on Pantheon 7.2.34 did not work for us, when we updated to php 7.3.25 worked for us. 

 Drupal 8 Remote Site Setup using Composer

• composer require drupal/drd_agent drupal/security_review drupal/real_aes drupal/monitoring

• drush en -y drd_agent security_review real_aes monitoring key encrypt