fixes on start.py, more clear README about standalone running, removing sha from artefacts

2025-08-04 13:23:10 +02:00
parent 8e2c9f0375
commit 430c18f7ec
3 changed files with 29 additions and 22 deletions
--- a/.github/workflows/docker-image.yml
+++ b/.github/workflows/docker-image.yml
@@ -198,21 +198,12 @@ jobs:
          gzip firegex-rootfs-arm64.tar
          ls -lh firegex-rootfs-arm64.tar.gz

-      - name: Calculate checksums
-        run: |
-          echo "Calculating checksums..."
-          sha256sum firegex-rootfs-amd64.tar.gz > firegex-rootfs-amd64.tar.gz.sha256
-          sha256sum firegex-rootfs-arm64.tar.gz > firegex-rootfs-arm64.tar.gz.sha256
-          cat *.sha256
-
      - name: Upload rootfs assets to release
        run: |
          echo "Uploading assets to release ${{ steps.get_tag.outputs.tag }}..."
          gh release upload ${{ steps.get_tag.outputs.tag }} \
            firegex-rootfs-amd64.tar.gz \
-            firegex-rootfs-amd64.tar.gz.sha256 \
            firegex-rootfs-arm64.tar.gz \
-            firegex-rootfs-arm64.tar.gz.sha256 \
            --clobber
          echo "Assets uploaded successfully!"
        env:
--- a/README.md
+++ b/README.md
@@ -13,6 +13,7 @@ Firegex is a firewall that includes different functionalities, created for CTF A
 ### Docker Mode (Recommended)
 What you need is a linux machine and docker ( + docker-compose )
 ```bash
+# One-command installer (works for both Docker and standalone modes)
 sh <(curl -sLf https://pwnzer0tt1.it/firegex.sh)
 ```
 With this command you will download firegex.py, and run it, it will require you the password to use for firegex and start it with docker-compose
@@ -22,20 +23,24 @@ Or, you can start in a similar way firegex, cloning this repository and executin
 python3 start.py start --prebuilt
 ```

-### Standalone Mode
-If Docker is not available or you're running in a rootless environment, Firegex can run in standalone mode:
-```bash
-# Automatic detection (fallback to standalone if Docker unavailable)
-python3 start.py start
+Without the `--prebuilt` flag, it will build the docker image from source, which may take longer.

-# Force standalone mode
+### Standalone Mode
+If Docker is not available or you're running in a rootless environment, Firegex can run in standalone mode. The one-command installer above also works for standalone mode and will automatically detect and use standalone mode when Docker is unavailable.
+
+```bash
+sh <(curl -sLf https://pwnzer0tt1.it/firegex.sh)
+
+# Or manually force standalone mode:
 python3 start.py start --standalone
+# Or directly using the one-command installer:
+sh <(curl -sLf https://pwnzer0tt1.it/firegex.sh) --standalone

 # Check status
-python3 start.py status
+python3 start.py status [--standalone]

 # Stop standalone mode
-python3 start.py stop
+python3 start.py stop [--standalone]
 ```

 Standalone mode automatically:
--- a/start.py
+++ b/start.py
@@ -534,14 +534,26 @@ def get_architecture():
        return None

 def download_file(url, filename):
-    """Download a file using urllib"""
+    """Download a file using urllib with progress bar"""
    import urllib.request
+    import sys
+    
+    def progress_hook(block_num, block_size, total_size):
+        if total_size > 0:
+            percent = min(100, (block_num * block_size * 100) // total_size)
+            sys.stdout.write(f"\rDownloading... {percent}%")
+            sys.stdout.flush()
+        else:
+            sys.stdout.write(f"\rDownloading... {block_num * block_size} bytes")
+            sys.stdout.flush()
    
    try:
        puts(f"Downloading {filename}...", color=colors.green)
-        urllib.request.urlretrieve(url, filename)
+        urllib.request.urlretrieve(url, filename, reporthook=progress_hook)
+        print()  # New line after progress
        return True
    except Exception as e:
+        print()  # New line after progress
        puts(f"Failed to download {filename}: {e}", color=colors.red)
        return False

@@ -590,7 +602,8 @@ def setup_standalone_rootfs():
        # Extract tar.gz file
        puts("Extracting rootfs...", color=colors.green)
        with tarfile.open(tar_path, 'r:gz') as tar:
-            tar.extractall(path=g.rootfs_path, filter=lambda _: False)
+            # Extract all files with tar filter (allows safe symbolic links)
+            tar.extractall(path=g.rootfs_path, filter='tar')
        
        # Remove tar.gz file
        os.remove(tar_path)
@@ -694,10 +707,8 @@ def run_standalone():
        # Write PID to file
        if write_pid_file(process.pid):
            puts(f"Firegex started successfully (PID: {process.pid})", color=colors.green)
-            puts(f"PID saved to: {g.pid_file}", color=colors.cyan)
            
            if is_process_running(process.pid):
-                puts("Firegex is running in background", color=colors.green)
                puts(f"Web interface should be available at: http://localhost:{args.port}", color=colors.cyan)
            else:
                puts("Firegex process failed to start", color=colors.red)