ad-infr-control/README.md

# A/D Infrastructure Control System

A comprehensive infrastructure control system for Attack/Defense CTF competitions. Manages services, monitors attacks, sends alerts, and provides a unified web dashboard.

## Features

### 🎮 Service Controller
- Start/stop/restart docker-compose services via API
- Auto-pull changes from git repositories
- Real-time service logs viewing
- Service action history tracking

### 🎯 Scoreboard Injector
- Real-time monitoring of ForcAD scoreboard WebSocket
- Automatic attack detection and classification
- Point loss threshold alerts
- Attack statistics by service

### 📱 Telegram Bot
- Automatic critical alert notifications
- Manual message sending via API
- Message delivery tracking
- Group chat integration

### 🌐 Web Dashboard
- Unified control panel for all services
- Real-time attack visualization
- Service management interface
- Alert monitoring and testing

## Quick Start

### One-Line Installation
```bash
curl -sSL https://raw.githubusercontent.com/YOUR-REPO/main/install.sh | bash
```

### Manual Installation

1. **Clone the repository**
```bash
git clone https://github.com/YOUR-USERNAME/attack-defence-infr-control.git
cd attack-defence-infr-control
```

2. **Configure environment**
```bash
cp .env.example .env
# Edit .env with your configuration
nano .env
```

3. **Start the infrastructure**
```bash
docker-compose up -d
```

4. **Access the dashboard**
Open http://localhost:8000 in your browser (default password: `admin123`)

## Configuration

### Required Environment Variables

Edit `.env` file:

```bash
# Database
POSTGRES_PASSWORD=your_secure_password

# Authentication
SECRET_TOKEN=your_random_secret_token
WEB_PASSWORD=your_web_password

# Telegram
TELEGRAM_BOT_TOKEN=your_bot_token
TELEGRAM_CHAT_ID=your_chat_id

# Game Settings
OUR_TEAM_ID=1
SCOREBOARD_WS_URL=ws://scoreboard:8080/api/events
```

### Getting Telegram Credentials

1. Create a bot with [@BotFather](https://t.me/botfather)
2. Get your chat ID from [@userinfobot](https://t.me/userinfobot)
3. Add bot to your group and make it admin

## Service Setup

After starting the infrastructure, setup your A/D services:

```bash
cd setuper
./setup.sh
```

This will guide you through setting up:
- **Packmate**: Traffic analysis (https://gitlab.com/packmate/Packmate)
- **moded_distructive_farm**: Attack/Defense farm (https://github.com/ilyastar9999/moded_distructive_farm)
- **Firegex**: Flag regex checker (https://github.com/Pwnzer0tt1/firegex)

## API Documentation

### Controller API (Port 8001)

```bash
# List services
curl -H "Authorization: Bearer YOUR_TOKEN" http://localhost:8001/services

# Start a service
curl -X POST -H "Authorization: Bearer YOUR_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{"action": "start"}' \
  http://localhost:8001/services/1/action

# Get service logs
curl -H "Authorization: Bearer YOUR_TOKEN" \
  http://localhost:8001/services/1/logs?lines=100
```

### Scoreboard Injector API (Port 8002)

```bash
# Get attack statistics
curl -H "Authorization: Bearer YOUR_TOKEN" http://localhost:8002/stats

# Get recent attacks
curl -H "Authorization: Bearer YOUR_TOKEN" \
  http://localhost:8002/attacks?limit=50&attacks_to_us=true

# Get alerts
curl -H "Authorization: Bearer YOUR_TOKEN" http://localhost:8002/alerts
```

### Telegram Bot API (Port 8003)

```bash
# Send message
curl -X POST -H "Authorization: Bearer YOUR_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{"message": "Test alert"}' \
  http://localhost:8003/send

# Get message history
curl -H "Authorization: Bearer YOUR_TOKEN" http://localhost:8003/messages
```

## Architecture

```
┌─────────────────────────────────────────────────────┐
│                  Web Dashboard :8000                │
│            (Flask + Bootstrap + jQuery)             │
└─────────────────────────────────────────────────────┘
                          │
         ┌────────────────┼────────────────┐
         │                │                │
         ▼                ▼                ▼
┌──────────────┐  ┌──────────────┐  ┌──────────────┐
│  Controller  │  │  Scoreboard  │  │  Telegram    │
│  API :8001   │  │  Injector    │  │  Bot :8003   │
│              │  │  :8002       │  │              │
└──────────────┘  └──────────────┘  └──────────────┘
         │                │                │
         └────────────────┼────────────────┘
                          │
                          ▼
                  ┌──────────────┐
                  │  PostgreSQL  │
                  │   Database   │
                  └──────────────┘
```

## Directory Structure

```
.
├── controler/              # Service controller API
│   ├── main.py
│   ├── requirements.txt
│   └── Dockerfile
├── scoreboard_injector/    # Attack monitor
│   ├── main.py
│   ├── requirements.txt
│   └── Dockerfile
├── tg-bot/                 # Telegram notifications
│   ├── main.py
│   ├── requirements.txt
│   └── Dockerfile
├── web/                    # Web dashboard
│   ├── app.py
│   ├── templates/
│   ├── requirements.txt
│   └── Dockerfile
├── setuper/                # Service setup scripts
│   ├── setup.sh
│   └── README.md
├── services/               # Managed services directory
├── docker-compose.yaml     # Main compose file
├── init-db.sql            # Database schema
└── .env.example           # Configuration template
```

## Database Schema

The system uses a single PostgreSQL instance with tables for:
- `services` - Registered services
- `service_logs` - Action history
- `attacks` - Attack events
- `attack_alerts` - Generated alerts
- `telegram_messages` - Message log
- `settings` - System configuration

## Management Commands

```bash
# View all logs
docker-compose logs -f

# View specific service logs
docker-compose logs -f web
docker-compose logs -f controller

# Restart all services
docker-compose restart

# Stop all services
docker-compose down

# Stop and remove volumes
docker-compose down -v

# Rebuild after code changes
docker-compose up -d --build
```

## Troubleshooting

### Services won't start
```bash
# Check logs
docker-compose logs

# Verify .env configuration
cat .env

# Ensure ports are available
netstat -tulpn | grep -E '8000|8001|8002|8003'
```

### Database connection errors
```bash
# Check PostgreSQL is running
docker-compose ps postgres

# Verify database credentials in .env
# Restart PostgreSQL
docker-compose restart postgres
```

### WebSocket connection to scoreboard fails
- Verify `SCOREBOARD_WS_URL` in `.env`
- Check scoreboard is accessible
- Ensure firewall allows WebSocket connections

## Security Considerations

1. **Change default passwords** in `.env`
2. **Use strong random tokens** for `SECRET_TOKEN`
3. **Restrict network access** to API ports in production
4. **Enable HTTPS** for web dashboard in production
5. **Regularly update** Docker images

## Contributing

Contributions welcome! Please:
1. Fork the repository
2. Create a feature branch
3. Submit a pull request

## License

MIT License - see LICENSE file for details

## Support

For issues and questions:
- Open an issue on GitHub
- Check existing documentation
- Review logs: `docker-compose logs -f`

## Credits

Built for Attack/Defense CTF competitions. Integrates with:
- [ForcAD](https://github.com/pomo-mondreganto/ForcAD) - CTF platform
- [Packmate](https://gitlab.com/packmate/Packmate) - Traffic analysis
- [moded_distructive_farm](https://github.com/ilyastar9999/moded_distructive_farm) - Attack farm
- [Firegex](https://github.com/Pwnzer0tt1/firegex) - Flag checker