main: Added tlsa and a few bug fixes

2023-08-17 13:27:57 +10:00 · 2023-08-17 13:27:57 +10:00 · d6db4adf50
commit d6db4adf50
parent 1f316e3a94
6 changed files with 65 additions and 7 deletions
--- a/README.md
+++ b/README.md
@ -53,5 +53,5 @@ curl -X POST http://master-server-ip:5000/add-worker?worker=worker-name&ip=worke

 Docker install
 ```
-docker run -d -p 5000:5000 -e MASTER_IP=<MASTER SERVER IP> -e DISCORD_TOKEN=<YOUR-BOT-TOKEN> -e LICENCE-API=your-api-key -e WORKER_KEY=your-api-key --name hnshosting-bot git.woodburn.au/nathanwoodburn/hnshosting-bot:latest
+docker run -d -e MASTER_IP=<MASTER SERVER IP> -e DISCORD_TOKEN=<YOUR-BOT-TOKEN> -e LICENCE-API=your-api-key -e WORKER_KEY=your-api-key --name hnshosting-bot git.woodburn.au/nathanwoodburn/hnshosting-bot:latest
 ```
--- a/discord-bot/bot.py
+++ b/discord-bot/bot.py
@ -8,6 +8,9 @@ load_dotenv()
 TOKEN = os.getenv('DISCORD_TOKEN')
 ADMINID = 0
 Master_IP = os.getenv('MASTER_IP')
+Master_Port = os.getenv('MASTER_PORT')
+if Master_IP == None:
+    Master_IP = "5000"

 intents = discord.Intents.default()
 client = discord.Client(intents=intents)
@ -16,7 +19,7 @@ tree = app_commands.CommandTree(client)
@tree.command(name="addworker", description="Adds a worker to the master server")
 async def addworker(ctx, ip: str, name: str):
    if ctx.author.id == ADMINID:
-        r = requests.get(f"http://{Master_IP}:5000/add-worker?worker={name}&ip={ip}")
+        r = requests.get(f"http://{Master_IP}:{Master_Port}/add-worker?worker={name}&ip={ip}",headers={"key":os.getenv('WORKER_KEY')})
        if r.status_code == 200:
            await ctx.response.send_message(f"Worker {name} added to the master server",ephemeral=True)
        else:
@ -24,7 +27,16 @@ async def addworker(ctx, ip: str, name: str):
    else:
        await ctx.response.send_message("You do not have permission to use this command",ephemeral=True)

-   
+@tree.command(name="listworkers", description="Lists all workers on the master server")
+async def listworkers(ctx):
+    if ctx.author.id == ADMINID:
+        r = requests.get(f"http://{Master_IP}:{Master_Port}/list-workers",headers={"key":os.getenv('WORKER_KEY')})
+        if r.status_code == 200:
+            await ctx.response.send_message(r.text,ephemeral=True)
+        else:
+            await ctx.response.send_message(f"Error listing workers\n" + r.text,ephemeral=True)
+    else:
+        await ctx.response.send_message("You do not have permission to use this command",ephemeral=True)

 # When the bot is ready
@client.event
--- a/master/main.py
+++ b/master/main.py
@ -166,6 +166,26 @@ def list_workers():
        
    return jsonify({'success': 'true', 'workers': worker_list})

+@app.route('/tlsa', methods=['GET'])
+def tlsa():
+    domain = request.args.get('domain')
+    if domain == None:
+        return jsonify({'error': 'Invalid domain', 'success': 'false'})
+    
+    # Check if domain exists
+    if not site_exists(domain):
+        return jsonify({'error': 'Domain does not exist', 'success': 'false'})
+    
+    # Get worker
+    worker = site_worker(domain)
+    if worker == None:
+        return jsonify({'error': 'Domain does not exist', 'success': 'false'})
+    
+    # Get TLSA record
+    resp=requests.get("http://"+worker + ":5000/tlsa?domain=" + domain,timeout=2)
+
+
+    return resp.json()

 def get_sites_count():
    # If file doesn't exist, create it
--- a/worker/install.sh
+++ b/worker/install.sh
@ -21,4 +21,4 @@ sudo apt install nginx -y
 sudo apt install python3-pip -y
 python3 -m pip install -r requirements.txt
 cp .env.example .env
-chmod +x wp.sh
+chmod +x wp.sh tlsa.sh
--- a/worker/main.py
+++ b/worker/main.py
@ -24,13 +24,24 @@ def new_site():
    sites_file.write(domain + '\n')
    sites_file.close()

-    # Setup site run wp.sh
-    # Get num sites
-    os.system('bash wp.sh ' + domain + ' '+ str(count))
+    # New site in background
+    new_site(domain,5000+count)

    # Return the domain and the number of sites
    return jsonify({'domain': domain, 'count': count})

+@app.route('/tlsa', methods=['GET'])
+def tlsa():
+    domain = request.args.get('domain')
+    if domain == None:
+        return jsonify({'error': 'Invalid domain', 'success': 'false'})
+    script = 'bash tlsa.sh ' + domain
+    # Get output from script
+    tlsa = os.popen(script).read()
+
+    return jsonify({'domain': domain, 'tlsa': tlsa})
+
+
 # Return status
@app.route('/status', methods=['GET'])
 def status():
@ -71,6 +82,10 @@ def site_exists(domain):
        return True
    else:
        return False
+    
+async def new_site(domain,port):
+    script = 'bash wp.sh ' + domain + ' '+ str(port)
+    os.system(script)

 # Start the server
 if __name__ == '__main__':
--- a/worker/tlsa.sh
+++ b/worker/tlsa.sh
@ -0,0 +1,11 @@
+#!/bin/bash
+
+domain=$1
+# Check if args passed
+if [ -z "$1" ]
+then
+    echo "No domain name supplied"
+    exit 1
+fi
+
+echo -n "3 1 1 " && openssl x509 -in /etc/ssl/$domain.crt -pubkey -noout | openssl pkey -pubin -outform der | openssl dgst -sha256 -binary | xxd  -p -u -c 32