new start.py + set password in start.py
This commit is contained in:
DomySh
@@ -52,6 +52,5 @@ Initiially the project was based only on regex filters, and also now the main fu
|
||||
|
||||
- Create hijacking port to proxy
|
||||
- Explanation about tools in the dedicated pages making them more user-friendly
|
||||
- Give the permission to set a startup password in start.py protecting firegex also at the first run
|
||||
- buffering the TCP and(/or) the UDP stream to avoid to bypass the proxy dividing the information in more packets
|
||||
- Adding new section with "general firewall rules" to manage "simple" TCP traffic rules graphically and through nftables
|
||||
|
||||
@@ -23,6 +23,10 @@ utils.socketio = SocketManager(app, "/sock", socketio_path="")
|
||||
def APP_STATUS(): return "init" if db.get("password") is None else "run"
|
||||
def JWT_SECRET(): return db.get("secret")
|
||||
|
||||
def set_psw(psw: str):
|
||||
hash_psw = crypto.hash(psw)
|
||||
db.put("password",hash_psw)
|
||||
|
||||
@utils.socketio.on("update")
|
||||
async def updater(): pass
|
||||
|
||||
@@ -78,8 +82,7 @@ async def set_password(form: PasswordForm):
|
||||
if APP_STATUS() != "init": raise HTTPException(status_code=400)
|
||||
if form.password == "":
|
||||
return {"status":"Cannot insert an empty password!"}
|
||||
hash_psw = crypto.hash(form.password)
|
||||
db.put("password",hash_psw)
|
||||
set_psw(form.password)
|
||||
await refresh_frontend()
|
||||
return {"status":"ok", "access_token": create_access_token({"logged_in": True})}
|
||||
|
||||
@@ -93,8 +96,7 @@ async def change_password(form: PasswordChangeForm):
|
||||
if form.expire:
|
||||
db.put("secret", secrets.token_hex(32))
|
||||
|
||||
hash_psw = crypto.hash(form.password)
|
||||
db.put("password",hash_psw)
|
||||
set_psw(form.password)
|
||||
await refresh_frontend()
|
||||
return {"status":"ok", "access_token": create_access_token({"logged_in": True})}
|
||||
|
||||
@@ -110,6 +112,8 @@ reset, startup, shutdown = load_routers(api)
|
||||
@app.on_event("startup")
|
||||
async def startup_event():
|
||||
db.init()
|
||||
if os.getenv("HEX_SET_PSW"):
|
||||
set_psw(bytes.fromhex(os.getenv("HEX_SET_PSW")).decode())
|
||||
await startup()
|
||||
if not JWT_SECRET(): db.put("secret", secrets.token_hex(32))
|
||||
await refresh_frontend()
|
||||
|
||||
59
start.py
59
start.py
@@ -1,6 +1,6 @@
|
||||
#!/usr/bin/env python3
|
||||
|
||||
import argparse, sys, platform, os
|
||||
import argparse, sys, platform, os, multiprocessing
|
||||
|
||||
pref = "\033["
|
||||
reset = f"{pref}0m"
|
||||
@@ -19,24 +19,41 @@ def puts(text, *args, color=colors.white, is_bold=False, **kwargs):
|
||||
print(f'{pref}{1 if is_bold else 0};{color}' + text + reset, *args, **kwargs)
|
||||
|
||||
def sep(): puts("-----------------------------------", is_bold=True)
|
||||
|
||||
parser = argparse.ArgumentParser()
|
||||
parser.add_argument('--port', "-p", type=int, required=False, help='Port where open the web service of the firewall', default=4444)
|
||||
parser.add_argument('--threads', "-t", type=int, required=False, help='Number of threads started for each service/utility', default=1)
|
||||
parser.add_argument('--no-autostart', "-n", required=False, action="store_true", help='Auto-execute "docker-compose up -d --build"', default=False)
|
||||
parser.add_argument('--threads', "-t", type=int, required=False, help='Number of threads started for each service/utility', default=-1)
|
||||
parser.add_argument('--no-autostart', "-n", required=False, action="store_true", help='Save docker-compose file and not start the container', default=False)
|
||||
parser.add_argument('--keep','-k', required=False, action="store_true", help='Keep the docker-compose file generated', default=False)
|
||||
parser.add_argument('--build', "-b", required=False, action="store_true", help='Build the container locally', default=False)
|
||||
parser.add_argument('--stop', '-s', required=False, action="store_true", help='Stop firegex execution', default=False)
|
||||
parser.add_argument('--psw-no-interactive',type=str, required=False, help='Password for no-interactive mode', default=None)
|
||||
parser.add_argument('--startup-psw', required=False, action="store_true", help='Insert password in the startup screen of firegex', default=False)
|
||||
|
||||
args = parser.parse_args()
|
||||
sep()
|
||||
puts(f"Firegex", color=colors.yellow, end="")
|
||||
puts(" will start on port ", end="")
|
||||
puts(f"{args.port}", color=colors.cyan)
|
||||
|
||||
if args.threads < 1:
|
||||
puts("Insert a valid number of threads", color=colors.red)
|
||||
exit()
|
||||
|
||||
os.chdir(os.path.dirname(os.path.realpath(__file__)))
|
||||
|
||||
if args.build and not os.path.isfile("./Dockerfile"):
|
||||
puts("This is not a clone of firegex, to build firegex the clone of the repository is needed!", color=colors.red)
|
||||
exit()
|
||||
|
||||
if args.threads < 1:
|
||||
args.threads = multiprocessing.cpu_count()
|
||||
|
||||
if not args.stop:
|
||||
sep()
|
||||
puts(f"Firegex", color=colors.yellow, end="")
|
||||
puts(" will start on port ", end="")
|
||||
puts(f"{args.port}", color=colors.cyan)
|
||||
|
||||
psw_set = None
|
||||
if not args.stop:
|
||||
if args.psw_no_interactive:
|
||||
psw_set = args.psw_no_interactive
|
||||
elif not args.startup_psw:
|
||||
puts("Insert the password for firegex: ", end="" , color=colors.yellow, is_bold=True)
|
||||
psw_set = input()
|
||||
|
||||
with open("docker-compose.yml","wt") as compose:
|
||||
|
||||
if "linux" in sys.platform and not 'microsoft-standard' in platform.uname().release: #Check if not is a wsl also
|
||||
@@ -51,6 +68,7 @@ services:
|
||||
environment:
|
||||
- PORT={args.port}
|
||||
- NTHREADS={args.threads}
|
||||
{"- HEX_SET_PSW="+psw_set.encode().hex() if psw_set else ""}
|
||||
volumes:
|
||||
- /execute/db
|
||||
cap_add:
|
||||
@@ -73,17 +91,24 @@ services:
|
||||
environment:
|
||||
- PORT={args.port}
|
||||
- NTHREADS={args.threads}
|
||||
{"- HEX_SET_PSW="+psw_set.encode().hex() if psw_set else ""}
|
||||
volumes:
|
||||
- /execute/db
|
||||
cap_add:
|
||||
- NET_ADMIN
|
||||
""")
|
||||
|
||||
sep()
|
||||
if not args.no_autostart:
|
||||
puts("Running 'docker-compose up -d --build'\n", color=colors.green)
|
||||
os.system("docker-compose up -d --build")
|
||||
try:
|
||||
if args.stop:
|
||||
puts("Running 'docker-compose down'\n", color=colors.green)
|
||||
os.system("docker-compose -p firegex down")
|
||||
else:
|
||||
puts("Running 'docker-compose up -d --build'\n", color=colors.green)
|
||||
os.system("docker-compose -p firegex up -d --build")
|
||||
finally:
|
||||
if not args.keep:
|
||||
os.remove("docker-compose.yml")
|
||||
else:
|
||||
puts("Done! You can start firegex with docker-compose up -d --build", color=colors.yellow)
|
||||
puts("Done! You can start/stop firegex with docker-compose up -d --build", color=colors.yellow)
|
||||
sep()
|
||||
|
||||
|
||||
Reference in New Issue
Block a user