main: Added tlsa and a few bug fixes

README.md

@@ -53,5 +53,5 @@ curl -X POST http://master-server-ip:5000/add-worker?worker=worker-name&ip=worke
 
 Docker install
 ```
-docker run -d -p 5000:5000 -e MASTER_IP=<MASTER SERVER IP> -e DISCORD_TOKEN=<YOUR-BOT-TOKEN> -e LICENCE-API=your-api-key -e WORKER_KEY=your-api-key --name hnshosting-bot git.woodburn.au/nathanwoodburn/hnshosting-bot:latest
+docker run -d -e MASTER_IP=<MASTER SERVER IP> -e DISCORD_TOKEN=<YOUR-BOT-TOKEN> -e LICENCE-API=your-api-key -e WORKER_KEY=your-api-key --name hnshosting-bot git.woodburn.au/nathanwoodburn/hnshosting-bot:latest
 ```

discord-bot/bot.py

@@ -8,6 +8,9 @@ load_dotenv()
 TOKEN = os.getenv('DISCORD_TOKEN')
 ADMINID = 0
 Master_IP = os.getenv('MASTER_IP')
+Master_Port = os.getenv('MASTER_PORT')
+if Master_IP == None:
+    Master_IP = "5000"
 
 intents = discord.Intents.default()
 client = discord.Client(intents=intents)
@@ -16,7 +19,7 @@ tree = app_commands.CommandTree(client)
 @tree.command(name="addworker", description="Adds a worker to the master server")
 async def addworker(ctx, ip: str, name: str):
     if ctx.author.id == ADMINID:
-        r = requests.get(f"http://{Master_IP}:5000/add-worker?worker={name}&ip={ip}")
+        r = requests.get(f"http://{Master_IP}:{Master_Port}/add-worker?worker={name}&ip={ip}",headers={"key":os.getenv('WORKER_KEY')})
         if r.status_code == 200:
             await ctx.response.send_message(f"Worker {name} added to the master server",ephemeral=True)
         else:
@@ -24,7 +27,16 @@ async def addworker(ctx, ip: str, name: str):
     else:
         await ctx.response.send_message("You do not have permission to use this command",ephemeral=True)
 
-   
+@tree.command(name="listworkers", description="Lists all workers on the master server")
+async def listworkers(ctx):
+    if ctx.author.id == ADMINID:
+        r = requests.get(f"http://{Master_IP}:{Master_Port}/list-workers",headers={"key":os.getenv('WORKER_KEY')})
+        if r.status_code == 200:
+            await ctx.response.send_message(r.text,ephemeral=True)
+        else:
+            await ctx.response.send_message(f"Error listing workers\n" + r.text,ephemeral=True)
+    else:
+        await ctx.response.send_message("You do not have permission to use this command",ephemeral=True)
 
 # When the bot is ready
 @client.event

master/main.py

@@ -166,6 +166,26 @@ def list_workers():
         
     return jsonify({'success': 'true', 'workers': worker_list})
 
+@app.route('/tlsa', methods=['GET'])
+def tlsa():
+    domain = request.args.get('domain')
+    if domain == None:
+        return jsonify({'error': 'Invalid domain', 'success': 'false'})
+    
+    # Check if domain exists
+    if not site_exists(domain):
+        return jsonify({'error': 'Domain does not exist', 'success': 'false'})
+    
+    # Get worker
+    worker = site_worker(domain)
+    if worker == None:
+        return jsonify({'error': 'Domain does not exist', 'success': 'false'})
+    
+    # Get TLSA record
+    resp=requests.get("http://"+worker + ":5000/tlsa?domain=" + domain,timeout=2)
+
+
+    return resp.json()
 
 def get_sites_count():
     # If file doesn't exist, create it

worker/install.sh

@@ -21,4 +21,4 @@ sudo apt install nginx -y
 sudo apt install python3-pip -y
 python3 -m pip install -r requirements.txt
 cp .env.example .env
-chmod +x wp.sh
+chmod +x wp.sh tlsa.sh

worker/main.py

@@ -24,13 +24,24 @@ def new_site():
     sites_file.write(domain + '\n')
     sites_file.close()
 
-    # Setup site run wp.sh
+    # New site in background
-    # Get num sites
+    new_site(domain,5000+count)
-    os.system('bash wp.sh ' + domain + ' '+ str(count))
 
     # Return the domain and the number of sites
     return jsonify({'domain': domain, 'count': count})
 
+@app.route('/tlsa', methods=['GET'])
+def tlsa():
+    domain = request.args.get('domain')
+    if domain == None:
+        return jsonify({'error': 'Invalid domain', 'success': 'false'})
+    script = 'bash tlsa.sh ' + domain
+    # Get output from script
+    tlsa = os.popen(script).read()
+
+    return jsonify({'domain': domain, 'tlsa': tlsa})
+
+
 # Return status
 @app.route('/status', methods=['GET'])
 def status():
@@ -72,6 +83,10 @@ def site_exists(domain):
     else:
         return False
     
+async def new_site(domain,port):
+    script = 'bash wp.sh ' + domain + ' '+ str(port)
+    os.system(script)
+
 # Start the server
 if __name__ == '__main__':
     app.run(debug=False, port=5000,host='0.0.0.0')

worker/tlsa.sh

@@ -0,0 +1,11 @@
+#!/bin/bash
+
+domain=$1
+# Check if args passed
+if [ -z "$1" ]
+then
+    echo "No domain name supplied"
+    exit 1
+fi
+
+echo -n "3 1 1 " && openssl x509 -in /etc/ssl/$domain.crt -pubkey -noout | openssl pkey -pubin -outform der | openssl dgst -sha256 -binary | xxd  -p -u -c 32