bunkerweb 1.4.0

2022-06-03 17:24:14 +02:00
parent 3a078326c5
commit a9f886804a
5245 changed files with 1432051 additions and 27894 deletions
--- a/cli/CLI.py
+++ b/cli/CLI.py
@@ -0,0 +1,99 @@
+from os.path import isfile
+from dotenv import dotenv_values
+from docker import DockerClient
+from kubernetes import client, config
+
+from ApiCaller import ApiCaller
+from API import API
+
+class CLI(ApiCaller) :
+
+    def __init__(self) :
+        self.__variables = dotenv_values("/etc/nginx/variables.env")
+        self.__integration = self.__detect_integration()
+        super().__init__(self.__get_apis())
+
+    def __detect_integration(self) :
+        ret = "unknown"
+        distrib = ""
+        if isfile("/etc/os-release") :
+            with open("/etc/os-release", "r") as f :
+                if "Alpine" in f.read() :
+                    distrib = "alpine"
+                else :
+                    distrib = "other"
+        # Docker case
+        if distrib == "alpine" and isfile("/usr/sbin/nginx") :
+            return "docker"
+        # Linux case
+        if distrib == "other" :
+            return "linux"
+        # Swarm case
+        if self.__variables["SWARM_MODE"] == "yes" :
+            return "swarm"
+        # Kubernetes case
+        if self.__variables["KUBERNETES_MODE"] == "yes" :
+            return "kubernetes"
+        # Autoconf case
+        if distrib == "alpine" :
+            return "autoconf"
+        
+        raise Exception("can't detect integration")
+
+    def __get_apis(self) :
+        # Docker case
+        if self.__integration == "docker" :
+            return [API("http://127.0.0.1:" + self.__variables["API_HTTP_PORT"], host=self.__variables["API_SERVER_NAME"])]
+
+        # Autoconf case
+        if self.__integration == "autoconf" :
+            docker_client = DockerClient()
+            apis = []
+            for container in self.__client.containers.list(filters={"label" : "bunkerweb.AUTOCONF"}) :
+                port = "5000"
+                host = "bwapi"
+                for env in container.attrs["Config"]["Env"] :
+                    if env.startswith("API_HTTP_PORT=") :
+                        port = env.split("=")[1]
+                    elif env.startswith("API_SERVER_NAME=") :
+                        host = env.split("=")[1]
+                apis.append(API("http://" + container.name + ":" + port, host=host))
+            return apis
+
+        # Swarm case
+        if self.__integration == "swarm" :
+            docker_client = DockerClient()
+            apis = []
+            for service in self.__client.services.list(filters={"label" : "bunkerweb.AUTOCONF"}) :
+                port = "5000"
+                host = "bwapi"
+                for env in service.attrs["Spec"]["TaskTemplate"]["ContainerSpec"]["Env"] :
+                    if env.startswith("API_HTTP_PORT=") :
+                        port = env.split("=")[1]
+                    elif env.startswith("API_SERVER_NAME=") :
+                        host = env.split("=")[1]
+                for task in service.tasks() :
+                    apis.append(API("http://" + service.name + "." + task["NodeID"] + "." + task["ID"] + ":" + port, host=host))
+            return apis
+        
+        # Kubernetes case
+        if self.__integration == "kubernetes" :
+            config.load_incluster_config()
+            corev1 = client.CoreV1Api()
+            apis = []
+            for pod in corev1.list_pod_for_all_namespaces(watch=False).items :
+                if pod.metadata.annotations != None and "bunkerweb.io/AUTOCONF" in pod.metadata.annotations and pod.status.pod_ip :
+                    port = "5000"
+                    host = "bwapi"
+                    for env in pod.spec.containers[0].env :
+                        if env.name == "API_HTTP_PORT" :
+                            port = env.value
+                        elif env.name == "API_SERVER_NAME" :
+                            host = env.value
+                    apis.append(API("http://" + pod.status.pod_ip + ":" + port, host=host))
+            return apis
+        
+    def unban(self, ip) :
+        if self._send_to_apis("POST", "/unban", data={"ip": ip}) :
+            return True, "IP " + ip + " has been unbanned"
+        return False, "error"
--- a/cli/main.py
+++ b/cli/main.py
@@ -0,0 +1,52 @@
+#!/usr/bin/env python3
+
+import argparse, traceback, os
+
+import sys
+sys.path.append("/opt/bunkerweb/deps/python")
+sys.path.append("/opt/bunkerweb/cli")
+sys.path.append("/opt/bunkerweb/utils")
+sys.path.append("/opt/bunkerweb/api")
+
+from logger import log
+from CLI import CLI
+
+if __name__ == "__main__" :
+
+    try :
+        # Global parser
+        parser = argparse.ArgumentParser(description="BunkerWeb Command Line Interface")
+        subparsers = parser.add_subparsers(help="command", dest="command")
+        
+        # Unban subparser
+        parser_unban = subparsers.add_parser("unban", help="remove a ban from the cache")
+        parser_unban.add_argument("ip", type=str, help="IP address to unban")
+
+        # Parse args
+        args = parser.parse_args()
+
+        # Instantiate CLI
+        cli = CLI()
+        
+        # Execute command
+        ret, err = False, "unknown command"
+        if args.command == "unban" :
+            ret, err = cli.unban(args.ip)
+
+        if not ret :
+            print("CLI command status : ❌ (fail)")
+            print(err)
+            os._exit(1)
+        else :
+            print("CLI command status : ✔️ (success)")
+            print(err)
+            os._exit(0)
+
+    except SystemExit as se :
+        sys.exit(se.code)
+    except :
+        print("❌ Error while executing bwcli : ")
+        print(traceback.format_exc())
+        sys.exit(1)
+        
+    sys.exit(0)