Compare commits

...

7 Commits

37 changed files with 226 additions and 926 deletions

8
.gitignore vendored
View File

@ -1,2 +1,8 @@
.vagrant
build
build
build_deb
venv
/dist/
/*.egg-info
*.pyc
__pycache__

21
LICENSE.md Normal file
View File

@ -0,0 +1,21 @@
MIT License
Copyright (c) 2020 Benjamin Dweck
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all
copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
SOFTWARE.

33
build-deb.sh Executable file
View File

@ -0,0 +1,33 @@
#!/bin/bash
TORCH_VERSION=$(git describe --tags --abbrev=0)
PROJECT=torch-agent-$TORCH_VERSION
if [[ -z "${DEBEMAIL}" ]]; then
DEBEMAIL="$1"
fi
if [[ -z "${DEBEMAIL}" ]]; then
echo "E-mail address required for packaging signing with gpg key!"
echo "Usage: ./build-deb.sh EMAIL"
exit 1
fi
BUILD_DIR=dist
DEB_DIR=$BUILD_DIR/$PROJECT
rm -rf $BUILD_DIR/*
python3 setup.py sdist
mkdir -p $DEB_DIR/src/etc/torch
cp -r debian $DEB_DIR/
cp torch.conf $DEB_DIR/src/etc/torch/
cd $BUILD_DIR
tar -xzmf $PROJECT.tar.gz
cd $PROJECT
export USER=`whoami`
dh_make --createorig -e $DEBEMAIL -s -y
dpkg-buildpackage -k$DEBEMAIL

View File

@ -1,6 +0,0 @@
torch-agent for Debian
---------------------
<possible notes regarding this package - if none, delete this file>
-- Benjamin Dweck <bjdweck@gmail.com> Tue, 06 Oct 2020 15:53:02 +0200

10
debian/README.source vendored
View File

@ -1,10 +0,0 @@
torch-agent for Debian
---------------------
<this file describes information about the source package, see Debian policy
manual section 4.14. You WILL either need to modify or delete this file>
-- Benjamin Dweck <bjdweck@gmail.com> Tue, 06 Oct 2020 15:53:02 +0200

2
debian/compat vendored Normal file
View File

@ -0,0 +1,2 @@
11

12
debian/control vendored
View File

@ -2,15 +2,17 @@ Source: torch-agent
Section: net
Priority: optional
Maintainer: Benjamin Dweck <bjdweck@gmail.com>
Build-Depends: debhelper-compat (= 12)
Build-Depends: debhelper (>=11~), dh-python, python3-all
Standards-Version: 4.4.1
Homepage: https://rudefox.io
Homepage: https://git.rudefox.io/bj/torch-agent
X-Python3-Version: >= 3.2
#Vcs-Browser: https://salsa.debian.org/debian/torch-agent
#Vcs-Git: https://salsa.debian.org/debian/torch-agent.git
Vcs-Git: https://git.rudefox.io/bj/torch-agent.git
Package: torch-agent
Architecture: all
Depends: ssh, tor, python3-pip, ${misc:Depends}
Multi-Arch: foreign
Depends: ssh, tor, python3-pip, ${misc:Depends}, ${python3:Depends}
Description: TORch is a solution for creating an SSH-via-Tor
backdoor on a remote device as a means of fallback remote
management and initial headless device configuration.
management and initial headless device configuration.

4
debian/copyright vendored
View File

@ -1,7 +1,7 @@
Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
Upstream-Name: torch-agent
Upstream-Contact: bjdweck@gmail.com
Source: https://rudefox.io
Source: https://git.rudefox.io/bj/torch-agent
Files: debian/*
Copyright: 2020 Benjamin Dweck <bjdweck@gmail.com>
@ -20,4 +20,4 @@ License: GPL-2+
along with this program. If not, see <https://www.gnu.org/licenses/>
.
On Debian systems, the complete text of the GNU General
Public License version 2 can be found in "/usr/share/common-licenses/GPL-2".
Public License version 2 can be found in "/usr/share/common-licenses/GPL-2".

56
debian/manpage.1.ex vendored
View File

@ -1,56 +0,0 @@
.\" Hey, EMACS: -*- nroff -*-
.\" (C) Copyright 2020 Benjamin Dweck <bjdweck@gmail.com>,
.\"
.\" First parameter, NAME, should be all caps
.\" Second parameter, SECTION, should be 1-8, maybe w/ subsection
.\" other parameters are allowed: see man(7), man(1)
.TH Torch-agent SECTION "October 6 2020"
.\" Please adjust this date whenever revising the manpage.
.\"
.\" Some roff macros, for reference:
.\" .nh disable hyphenation
.\" .hy enable hyphenation
.\" .ad l left justify
.\" .ad b justify to both left and right margins
.\" .nf disable filling
.\" .fi enable filling
.\" .br insert line break
.\" .sp <n> insert n+1 empty lines
.\" for manpage-specific macros, see man(7)
.SH NAME
torch-agent \- program to do something
.SH SYNOPSIS
.B torch-agent
.RI [ options ] " files" ...
.br
.B bar
.RI [ options ] " files" ...
.SH DESCRIPTION
This manual page documents briefly the
.B torch-agent
and
.B bar
commands.
.PP
.\" TeX users may be more comfortable with the \fB<whatever>\fP and
.\" \fI<whatever>\fP escape sequences to invode bold face and italics,
.\" respectively.
\fBtorch-agent\fP is a program that...
.SH OPTIONS
These programs follow the usual GNU command line syntax, with long
options starting with two dashes (`-').
A summary of options is included below.
For a complete description, see the Info files.
.TP
.B \-h, \-\-help
Show summary of options.
.TP
.B \-v, \-\-version
Show version of program.
.SH SEE ALSO
.BR bar (1),
.BR baz (1).
.br
The programs are documented fully by
.IR "The Rise and Fall of a Fooish Bar" ,
available via the Info system.

154
debian/manpage.sgml.ex vendored
View File

@ -1,154 +0,0 @@
<!doctype refentry PUBLIC "-//OASIS//DTD DocBook V4.1//EN" [
<!-- Process this file with docbook-to-man to generate an nroff manual
page: `docbook-to-man manpage.sgml > manpage.1'. You may view
the manual page with: `docbook-to-man manpage.sgml | nroff -man |
less'. A typical entry in a Makefile or Makefile.am is:
manpage.1: manpage.sgml
docbook-to-man $< > $@
The docbook-to-man binary is found in the docbook-to-man package.
Please remember that if you create the nroff version in one of the
debian/rules file targets (such as build), you will need to include
docbook-to-man in your Build-Depends control field.
-->
<!-- Fill in your name for FIRSTNAME and SURNAME. -->
<!ENTITY dhfirstname "<firstname>FIRSTNAME</firstname>">
<!ENTITY dhsurname "<surname>SURNAME</surname>">
<!-- Please adjust the date whenever revising the manpage. -->
<!ENTITY dhdate "<date>October 6 2020</date>">
<!-- SECTION should be 1-8, maybe w/ subsection other parameters are
allowed: see man(7), man(1). -->
<!ENTITY dhsection "<manvolnum>SECTION</manvolnum>">
<!ENTITY dhemail "<email>bjdweck@gmail.com</email>">
<!ENTITY dhusername "Benjamin Dweck">
<!ENTITY dhucpackage "<refentrytitle>Torch-agent</refentrytitle>">
<!ENTITY dhpackage "torch-agent">
<!ENTITY debian "<productname>Debian</productname>">
<!ENTITY gnu "<acronym>GNU</acronym>">
<!ENTITY gpl "&gnu; <acronym>GPL</acronym>">
]>
<refentry>
<refentryinfo>
<address>
&dhemail;
</address>
<author>
&dhfirstname;
&dhsurname;
</author>
<copyright>
<year>2003</year>
<holder>&dhusername;</holder>
</copyright>
&dhdate;
</refentryinfo>
<refmeta>
&dhucpackage;
&dhsection;
</refmeta>
<refnamediv>
<refname>&dhpackage;</refname>
<refpurpose>program to do something</refpurpose>
</refnamediv>
<refsynopsisdiv>
<cmdsynopsis>
<command>&dhpackage;</command>
<arg><option>-e <replaceable>this</replaceable></option></arg>
<arg><option>--example <replaceable>that</replaceable></option></arg>
</cmdsynopsis>
</refsynopsisdiv>
<refsect1>
<title>DESCRIPTION</title>
<para>This manual page documents briefly the
<command>&dhpackage;</command> and <command>bar</command>
commands.</para>
<para>This manual page was written for the &debian; distribution
because the original program does not have a manual page.
Instead, it has documentation in the &gnu;
<application>Info</application> format; see below.</para>
<para><command>&dhpackage;</command> is a program that...</para>
</refsect1>
<refsect1>
<title>OPTIONS</title>
<para>These programs follow the usual &gnu; command line syntax,
with long options starting with two dashes (`-'). A summary of
options is included below. For a complete description, see the
<application>Info</application> files.</para>
<variablelist>
<varlistentry>
<term><option>-h</option>
<option>--help</option>
</term>
<listitem>
<para>Show summary of options.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><option>-v</option>
<option>--version</option>
</term>
<listitem>
<para>Show version of program.</para>
</listitem>
</varlistentry>
</variablelist>
</refsect1>
<refsect1>
<title>SEE ALSO</title>
<para>bar (1), baz (1).</para>
<para>The programs are documented fully by <citetitle>The Rise and
Fall of a Fooish Bar</citetitle> available via the
<application>Info</application> system.</para>
</refsect1>
<refsect1>
<title>AUTHOR</title>
<para>This manual page was written by &dhusername; &dhemail; for
the &debian; system (and may be used by others). Permission is
granted to copy, distribute and/or modify this document under
the terms of the &gnu; General Public License, Version 2 any
later version published by the Free Software Foundation.
</para>
<para>
On Debian systems, the complete text of the GNU General Public
License can be found in /usr/share/common-licenses/GPL.
</para>
</refsect1>
</refentry>
<!-- Keep this comment at the end of the file
Local variables:
mode: sgml
sgml-omittag:t
sgml-shorttag:t
sgml-minimize-attributes:nil
sgml-always-quote-attributes:t
sgml-indent-step:2
sgml-indent-data:t
sgml-parent-document:nil
sgml-default-dtd-file:nil
sgml-exposed-tags:nil
sgml-local-catalogs:nil
sgml-local-ecat-files:nil
End:
-->

291
debian/manpage.xml.ex vendored
View File

@ -1,291 +0,0 @@
<?xml version='1.0' encoding='UTF-8'?>
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
<!--
`xsltproc -''-nonet \
-''-param man.charmap.use.subset "0" \
-''-param make.year.ranges "1" \
-''-param make.single.year.ranges "1" \
/usr/share/xml/docbook/stylesheet/docbook-xsl/manpages/docbook.xsl \
manpage.xml'
A manual page <package>.<section> will be generated. You may view the
manual page with: nroff -man <package>.<section> | less'. A typical entry
in a Makefile or Makefile.am is:
DB2MAN = /usr/share/sgml/docbook/stylesheet/xsl/docbook-xsl/manpages/docbook.xsl
XP = xsltproc -''-nonet -''-param man.charmap.use.subset "0"
manpage.1: manpage.xml
$(XP) $(DB2MAN) $<
The xsltproc binary is found in the xsltproc package. The XSL files are in
docbook-xsl. A description of the parameters you can use can be found in the
docbook-xsl-doc-* packages. Please remember that if you create the nroff
version in one of the debian/rules file targets (such as build), you will need
to include xsltproc and docbook-xsl in your Build-Depends control field.
Alternatively use the xmlto command/package. That will also automatically
pull in xsltproc and docbook-xsl.
Notes for using docbook2x: docbook2x-man does not automatically create the
AUTHOR(S) and COPYRIGHT sections. In this case, please add them manually as
<refsect1> ... </refsect1>.
To disable the automatic creation of the AUTHOR(S) and COPYRIGHT sections
read /usr/share/doc/docbook-xsl/doc/manpages/authors.html. This file can be
found in the docbook-xsl-doc-html package.
Validation can be done using: `xmllint -''-noout -''-valid manpage.xml`
General documentation about man-pages and man-page-formatting:
man(1), man(7), http://www.tldp.org/HOWTO/Man-Page/
-->
<!-- Fill in your name for FIRSTNAME and SURNAME. -->
<!ENTITY dhfirstname "FIRSTNAME">
<!ENTITY dhsurname "SURNAME">
<!-- dhusername could also be set to "&dhfirstname; &dhsurname;". -->
<!ENTITY dhusername "Benjamin Dweck">
<!ENTITY dhemail "bjdweck@gmail.com">
<!-- SECTION should be 1-8, maybe w/ subsection other parameters are
allowed: see man(7), man(1) and
http://www.tldp.org/HOWTO/Man-Page/q2.html. -->
<!ENTITY dhsection "SECTION">
<!-- TITLE should be something like "User commands" or similar (see
http://www.tldp.org/HOWTO/Man-Page/q2.html). -->
<!ENTITY dhtitle "torch-agent User Manual">
<!ENTITY dhucpackage "Torch-agent">
<!ENTITY dhpackage "torch-agent">
]>
<refentry>
<refentryinfo>
<title>&dhtitle;</title>
<productname>&dhpackage;</productname>
<authorgroup>
<author>
<firstname>&dhfirstname;</firstname>
<surname>&dhsurname;</surname>
<contrib>Wrote this manpage for the Debian system.</contrib>
<address>
<email>&dhemail;</email>
</address>
</author>
</authorgroup>
<copyright>
<year>2007</year>
<holder>&dhusername;</holder>
</copyright>
<legalnotice>
<para>This manual page was written for the Debian system
(and may be used by others).</para>
<para>Permission is granted to copy, distribute and/or modify this
document under the terms of the GNU General Public License,
Version 2 or (at your option) any later version published by
the Free Software Foundation.</para>
<para>On Debian systems, the complete text of the GNU General Public
License can be found in
<filename>/usr/share/common-licenses/GPL</filename>.</para>
</legalnotice>
</refentryinfo>
<refmeta>
<refentrytitle>&dhucpackage;</refentrytitle>
<manvolnum>&dhsection;</manvolnum>
</refmeta>
<refnamediv>
<refname>&dhpackage;</refname>
<refpurpose>program to do something</refpurpose>
</refnamediv>
<refsynopsisdiv>
<cmdsynopsis>
<command>&dhpackage;</command>
<!-- These are several examples, how syntaxes could look -->
<arg choice="plain"><option>-e <replaceable>this</replaceable></option></arg>
<arg choice="opt"><option>--example=<parameter>that</parameter></option></arg>
<arg choice="opt">
<group choice="req">
<arg choice="plain"><option>-e</option></arg>
<arg choice="plain"><option>--example</option></arg>
</group>
<replaceable class="option">this</replaceable>
</arg>
<arg choice="opt">
<group choice="req">
<arg choice="plain"><option>-e</option></arg>
<arg choice="plain"><option>--example</option></arg>
</group>
<group choice="req">
<arg choice="plain"><replaceable>this</replaceable></arg>
<arg choice="plain"><replaceable>that</replaceable></arg>
</group>
</arg>
</cmdsynopsis>
<cmdsynopsis>
<command>&dhpackage;</command>
<!-- Normally the help and version options make the programs stop
right after outputting the requested information. -->
<group choice="opt">
<arg choice="plain">
<group choice="req">
<arg choice="plain"><option>-h</option></arg>
<arg choice="plain"><option>--help</option></arg>
</group>
</arg>
<arg choice="plain">
<group choice="req">
<arg choice="plain"><option>-v</option></arg>
<arg choice="plain"><option>--version</option></arg>
</group>
</arg>
</group>
</cmdsynopsis>
</refsynopsisdiv>
<refsect1 id="description">
<title>DESCRIPTION</title>
<para>This manual page documents briefly the
<command>&dhpackage;</command> and <command>bar</command>
commands.</para>
<para>This manual page was written for the Debian distribution
because the original program does not have a manual page.
Instead, it has documentation in the GNU <citerefentry>
<refentrytitle>info</refentrytitle>
<manvolnum>1</manvolnum>
</citerefentry> format; see below.</para>
<para><command>&dhpackage;</command> is a program that...</para>
</refsect1>
<refsect1 id="options">
<title>OPTIONS</title>
<para>The program follows the usual GNU command line syntax,
with long options starting with two dashes (`-'). A summary of
options is included below. For a complete description, see the
<citerefentry>
<refentrytitle>info</refentrytitle>
<manvolnum>1</manvolnum>
</citerefentry> files.</para>
<variablelist>
<!-- Use the variablelist.term.separator and the
variablelist.term.break.after parameters to
control the term elements. -->
<varlistentry>
<term><option>-e <replaceable>this</replaceable></option></term>
<term><option>--example=<replaceable>that</replaceable></option></term>
<listitem>
<para>Does this and that.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><option>-h</option></term>
<term><option>--help</option></term>
<listitem>
<para>Show summary of options.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><option>-v</option></term>
<term><option>--version</option></term>
<listitem>
<para>Show version of program.</para>
</listitem>
</varlistentry>
</variablelist>
</refsect1>
<refsect1 id="files">
<title>FILES</title>
<variablelist>
<varlistentry>
<term><filename>/etc/foo.conf</filename></term>
<listitem>
<para>The system-wide configuration file to control the
behaviour of <application>&dhpackage;</application>. See
<citerefentry>
<refentrytitle>foo.conf</refentrytitle>
<manvolnum>5</manvolnum>
</citerefentry> for further details.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><filename>${HOME}/.foo.conf</filename></term>
<listitem>
<para>The per-user configuration file to control the
behaviour of <application>&dhpackage;</application>. See
<citerefentry>
<refentrytitle>foo.conf</refentrytitle>
<manvolnum>5</manvolnum>
</citerefentry> for further details.</para>
</listitem>
</varlistentry>
</variablelist>
</refsect1>
<refsect1 id="environment">
<title>ENVIRONMENT</title>
<variablelist>
<varlistentry>
<term><envar>FOO_CONF</envar></term>
<listitem>
<para>If used, the defined file is used as configuration
file (see also <xref linkend="files"/>).</para>
</listitem>
</varlistentry>
</variablelist>
</refsect1>
<refsect1 id="diagnostics">
<title>DIAGNOSTICS</title>
<para>The following diagnostics may be issued
on <filename class="devicefile">stderr</filename>:</para>
<variablelist>
<varlistentry>
<term><errortext>Bad configuration file. Exiting.</errortext></term>
<listitem>
<para>The configuration file seems to contain a broken configuration
line. Use the <option>--verbose</option> option, to get more info.
</para>
</listitem>
</varlistentry>
</variablelist>
<para><command>&dhpackage;</command> provides some return codes, that can
be used in scripts:</para>
<segmentedlist>
<segtitle>Code</segtitle>
<segtitle>Diagnostic</segtitle>
<seglistitem>
<seg><errorcode>0</errorcode></seg>
<seg>Program exited successfully.</seg>
</seglistitem>
<seglistitem>
<seg><errorcode>1</errorcode></seg>
<seg>The configuration file seems to be broken.</seg>
</seglistitem>
</segmentedlist>
</refsect1>
<refsect1 id="bugs">
<!-- Or use this section to tell about upstream BTS. -->
<title>BUGS</title>
<para>The program is currently limited to only work
with the <package>foobar</package> library.</para>
<para>The upstreams <acronym>BTS</acronym> can be found
at <ulink url="http://bugzilla.foo.tld"/>.</para>
</refsect1>
<refsect1 id="see_also">
<title>SEE ALSO</title>
<!-- In alpabetical order. -->
<para><citerefentry>
<refentrytitle>bar</refentrytitle>
<manvolnum>1</manvolnum>
</citerefentry>, <citerefentry>
<refentrytitle>baz</refentrytitle>
<manvolnum>1</manvolnum>
</citerefentry>, <citerefentry>
<refentrytitle>foo.conf</refentrytitle>
<manvolnum>5</manvolnum>
</citerefentry></para>
<para>The programs are documented fully by <citetitle>The Rise and
Fall of a Fooish Bar</citetitle> available via the <citerefentry>
<refentrytitle>info</refentrytitle>
<manvolnum>1</manvolnum>
</citerefentry> system.</para>
</refsect1>
</refentry>

13
debian/postinst vendored
View File

@ -49,15 +49,14 @@ configure_tor_controller() {
case "$1" in
configure)
if ! getent passwd $USER >/dev/null ; then
useradd -r -g $GROUP $USER
fi
if ! getent passwd $USER >/dev/null ; then
useradd -r -g $GROUP $USER
fi
chown $USER /etc/torch
chown $USER /etc/torch/torch.conf
chown $USER /usr/share/torch-agent/torch-agent.py
chown $USER /etc/torch
chown $USER /etc/torch/torch.conf
configure_tor_controller
configure_tor_controller
;;
abort-upgrade|abort-remove|abort-deconfigure)

2
debian/postrm vendored
View File

@ -23,7 +23,7 @@ USER="torch"
case "$1" in
purge|abort-install)
rm -rf /etc/torch
rm -f /usr/share/torch-agent/torch-agent.py
if [ -x "$(command -v deluser)" ]; then
deluser --quiet --system $USER > /dev/null || true
else

3
debian/preinst vendored
View File

@ -16,10 +16,7 @@ set -e
case "$1" in
install|upgrade)
sudo -H pip3 install stem paho-mqtt PySocks
mkdir -p /etc/torch
mkdir -p /usr/share/torch-agent
;;
abort-upgrade)

38
debian/prerm.ex vendored
View File

@ -1,38 +0,0 @@
#!/bin/sh
# prerm script for torch-agent
#
# see: dh_installdeb(1)
set -e
# summary of how this script can be called:
# * <prerm> `remove'
# * <old-prerm> `upgrade' <new-version>
# * <new-prerm> `failed-upgrade' <old-version>
# * <conflictor's-prerm> `remove' `in-favour' <package> <new-version>
# * <deconfigured's-prerm> `deconfigure' `in-favour'
# <package-being-installed> <version> `removing'
# <conflicting-package> <version>
# for details, see https://www.debian.org/doc/debian-policy/ or
# the debian-policy package
case "$1" in
remove|upgrade|deconfigure)
;;
failed-upgrade)
;;
*)
echo "prerm called with unknown argument \`$1'" >&2
exit 1
;;
esac
# dh_installdeb will replace this with shell code automatically
# generated by other debhelper scripts.
#DEBHELPER#
exit 0

4
debian/rules vendored
View File

@ -13,9 +13,11 @@
# package maintainers to append LDFLAGS
#export DEB_LDFLAGS_MAINT_APPEND = -Wl,--as-needed
export PYBUILD_NAME=torch-agent
export PYBUILD_SYSTEM=distutils
%:
dh $@
dh $@ --with python3 --buildsystem=pybuild
override_dh_installsystemd:
dh_installsystemd --no-start --no-enable

View File

@ -1,11 +0,0 @@
# For more information on what jobs are run see:
# https://salsa.debian.org/salsa-ci-team/pipeline
#
# To enable the jobs, go to your repository (at salsa.debian.org)
# and click over Settings > CI/CD > Expand (in General pipelines).
# In "Custom CI config path" write debian/salsa-ci.yml and click
# in "Save Changes". The CI tests will run after the next commit.
---
include:
- https://salsa.debian.org/salsa-ci-team/pipeline/raw/master/salsa-ci.yml
- https://salsa.debian.org/salsa-ci-team/pipeline/raw/master/pipeline-jobs.yml

View File

@ -1,2 +0,0 @@
src/usr/share/torch-agent/torch-agent.py
src/etc/torch/torch.conf

View File

@ -1,19 +0,0 @@
[tor]
ProxyPort = 9050
ControllerPort = 9051
[ssh]
Port = 22
[mqtt]
BrokerHost = mqtt.example.com # OR example1i3uyrbfoi3fi.onion
BrokerPort = 1883
ClientID = my-client
Topic = example/topic
### Options for Using TLS
#RequireCertificate = true
#CaFile = ca.crt
#CertFile = client.crt
#KeyFile = client.key

View File

@ -1,98 +0,0 @@
from stem.control import Controller
import stem.connection
import paho.mqtt.client as mqtt
import ssl
import socks
import socket
import json
import configparser
import argparse
from datetime import datetime
from os import environ
parser = argparse.ArgumentParser(description='Broadcast SSH hidden service hostname via MQTT')
parser.add_argument('--config-dir', nargs='?', dest='configPath', default='/etc/torch',
help='configuration directory (default: /etc/torch)')
args = parser.parse_args()
configPath = args.configPath
if "TORCH_CONFIG_DIR" in environ:
configPath = environ.get("TORCH_CONFIG_DIR")
if not configPath.endswith("/"):
configPath = configPath + "/"
print("Using torch configuration path: " + configPath)
config = configparser.ConfigParser()
config.read(configPath + "torch.conf")
torProxyPort = config['tor'].getint('ProxyPort', fallback = 9050)
torControllerPort = config['tor'].getint('ControllerPort', fallback = 9051)
sshPort = config['ssh'].getint('Port', fallback = 22)
mqttConfig = config['mqtt']
mqttBrokerHost = mqttConfig.get('BrokerHost', fallback = "localhost")
mqttBrokerPort = mqttConfig.getint('BrokerPort', fallback = 1883)
clientID = mqttConfig.get('ClientID', fallback = socket.gethostname())
mqttTopic = mqttConfig.get('Topic', fallback = "torch/%s/onion_url" % (clientID))
mqttRequireCertificate = mqttConfig.getboolean(
'RequireCertificate',
fallback = False)
mqttCaFile = configPath + mqttConfig.get('CaFile')
mqttCertFile = configPath + mqttConfig.get('CertFile')
mqttKeyFile = configPath + mqttConfig.get('KeyFile')
with Controller.from_port(port = torControllerPort) as controller:
protocolInfo = stem.connection.get_protocolinfo(controller)
stem.connection.authenticate_safecookie(
controller,
protocolInfo.cookie_path)
print("Connected to Tor on port %s" % (torControllerPort))
service = controller.create_ephemeral_hidden_service(
sshPort,
detached = True)
onionAddress = "%s.onion" % (service.service_id)
print("Created Tor Hidden Service for local port %s at %s" % (sshPort, onionAddress))
payload = {
'clientId': clientID,
'timestamp': datetime.now().strftime("%d-%b-%Y (%H:%M:%S.%f)"),
'onionAddress': onionAddress,
'sshPort': sshPort
}
client = mqtt.Client()
protocol = "mqtt"
if mqttRequireCertificate:
client.tls_set(
ca_certs = mqttCaFile,
certfile = mqttCertFile,
keyfile = mqttKeyFile,
cert_reqs=ssl.CERT_REQUIRED)
protocol = "mqtts"
if mqttBrokerHost.endswith(".onion"):
client.proxy_set(proxy_type=socks.SOCKS5, proxy_addr="localhost", proxy_port=torProxyPort)
client.tls_insecure_set(True)
client.connect(mqttBrokerHost, mqttBrokerPort, 60)
client.publish(mqttTopic, json.dumps(payload))
print("Connected to MQTT Broker at %s://%s:%s/%s" % (protocol, mqttBrokerHost, mqttBrokerPort, mqttTopic))
print("Published payload: " + json.dumps(payload))
client.disconnect()
print("Disconnected from MQTT Broker")

View File

@ -1,2 +0,0 @@
README.Debian
README.source

View File

@ -1,4 +0,0 @@
#
# Regular cron jobs for the torch-agent package
#
0 4 * * * root [ -x /usr/bin/torch-agent_maintenance ] && /usr/bin/torch-agent_maintenance

View File

@ -1 +0,0 @@
dh_installsystemd

View File

@ -1,20 +0,0 @@
Document: torch-agent
Title: Debian torch-agent Manual
Author: <insert document author here>
Abstract: This manual describes what torch-agent is
and how it can be used to
manage online manuals on Debian systems.
Section: unknown
Format: debiandoc-sgml
Files: /usr/share/doc/torch-agent/torch-agent.sgml.gz
Format: postscript
Files: /usr/share/doc/torch-agent/torch-agent.ps.gz
Format: text
Files: /usr/share/doc/torch-agent/torch-agent.text.gz
Format: HTML
Index: /usr/share/doc/torch-agent/html/index.html
Files: /usr/share/doc/torch-agent/html/*.html

View File

@ -1,2 +1 @@
src/usr/share/torch-agent /usr/share/
src/etc/torch /etc/
src/etc/torch /etc/

View File

@ -1,19 +0,0 @@
# Automatically added by dh_installsystemd/12.10ubuntu1
if [ -d /run/systemd/system ]; then
systemctl --system daemon-reload >/dev/null || true
fi
# End automatically added section
# Automatically added by dh_installsystemd/12.10ubuntu1
if [ "$1" = "remove" ]; then
if [ -x "/usr/bin/deb-systemd-helper" ]; then
deb-systemd-helper mask 'torch-agent.service' >/dev/null || true
fi
fi
if [ "$1" = "purge" ]; then
if [ -x "/usr/bin/deb-systemd-helper" ]; then
deb-systemd-helper purge 'torch-agent.service' >/dev/null || true
deb-systemd-helper unmask 'torch-agent.service' >/dev/null || true
fi
fi
# End automatically added section

View File

@ -5,9 +5,9 @@ Requires=tor.service ssh.service
[Service]
Environment=PYTHONUNBUFFERED=1
ExecStart=/usr/bin/python3 /usr/share/torch-agent/torch-agent.py
ExecStart=/usr/bin/torch-agent
User=torch
Group=debian-tor
[Install]
WantedBy=multi-user.target ssh.service tor.service
WantedBy=multi-user.target ssh.service tor.service

38
debian/watch.ex vendored
View File

@ -1,38 +0,0 @@
# Example watch control file for uscan
# Rename this file to "watch" and then you can run the "uscan" command
# to check for upstream updates and more.
# See uscan(1) for format
# Compulsory line, this is a version 4 file
version=4
# PGP signature mangle, so foo.tar.gz has foo.tar.gz.sig
#opts="pgpsigurlmangle=s%$%.sig%"
# HTTP site (basic)
#http://example.com/downloads.html \
# files/torch-agent-([\d\.]+)\.tar\.gz debian uupdate
# Uncomment to examine an FTP server
#ftp://ftp.example.com/pub/torch-agent-(.*)\.tar\.gz debian uupdate
# SourceForge hosted projects
# http://sf.net/torch-agent/ torch-agent-(.*)\.tar\.gz debian uupdate
# GitHub hosted projects
#opts="filenamemangle=s%(?:.*?)?v?(\d[\d.]*)\.tar\.gz%<project>-$1.tar.gz%" \
# https://github.com/<user>/torch-agent/tags \
# (?:.*?/)?v?(\d[\d.]*)\.tar\.gz debian uupdate
# PyPI
# https://pypi.debian.net/torch-agent/torch-agent-(.+)\.(?:zip|tgz|tbz|txz|(?:tar\.(?:gz|bz2|xz)))
# Direct Git
# opts="mode=git" http://git.example.com/torch-agent.git \
# refs/tags/v([\d\.]+) debian uupdate
# Uncomment to find new files on GooglePages
# http://example.googlepages.com/foo.html torch-agent-(.*)\.tar\.gz

Binary file not shown.

View File

@ -1,34 +0,0 @@
#!/bin/bash
if [[ -z "${DEBEMAIL}" ]]; then
DEBEMAIL="$1"
fi
if [[ -z "${DEBEMAIL}" ]]; then
echo "E-mail address required for packaging signing with gpg key!"
echo "Usage: ./make-pkg.sh EMAIL"
exit 1
fi
TORCH_VERSION=$(git describe --tags)
DEBIAN_PKG=torch-agent-$TORCH_VERSION
PKG_ROOT=build/$DEBIAN_PKG
rf -rf $PKG_ROOT
mkdir -p $PKG_ROOT
cp -r debian $PKG_ROOT
mkdir -p $PKG_ROOT/src/etc/torch
cp torch.conf $PKG_ROOT/src/etc/torch/
mkdir -p $PKG_ROOT/src/usr/share/torch-agent
cp torch-agent.py $PKG_ROOT/src/usr/share/torch-agent/
cp torch-agent.service $PKG_ROOT/debian/
cd $PKG_ROOT
export USER=`whoami`
dh_make --createorig -e $DEBEMAIL -s -y
dpkg-buildpackage -k$DEBEMAIL

5
requirements.txt Normal file
View File

@ -0,0 +1,5 @@
wheel>=0.35.1
setuptools>=44.0.0
stem>=1.8.0
paho-mqtt>=1.5.1
PySocks>=1.7.1

31
setup.py Normal file
View File

@ -0,0 +1,31 @@
#!/usr/bin/env python3
import setuptools
with open("README.md", "r") as fh:
long_description = fh.read()
setuptools.setup(
name="torch-agent",
version="0.0.1",
author="B.J. Dweck",
author_email="bjdweck@gmail.com",
description="TORch: Iluminate the Way to your Node",
long_description=long_description,
long_description_content_type="text/markdown",
url="https://git.rudefox.io/bj/torch-agent",
packages=setuptools.find_packages(),
install_requires=[
'stem',
'paho-mqtt',
'PySocks',
],
entry_points = {
'console_scripts': ['torch-agent=torch_agent.torch_agent:main'],
},
classifiers=[
"Programming Language :: Python :: 3",
"License :: OSI Approved :: MIT License",
],
python_requires='>=3.6',
)

View File

@ -1,98 +0,0 @@
from stem.control import Controller
import stem.connection
import paho.mqtt.client as mqtt
import ssl
import socks
import socket
import json
import configparser
import argparse
from datetime import datetime
from os import environ
parser = argparse.ArgumentParser(description='Broadcast SSH hidden service hostname via MQTT')
parser.add_argument('--config-dir', nargs='?', dest='configPath', default='/etc/torch',
help='configuration directory (default: /etc/torch)')
args = parser.parse_args()
configPath = args.configPath
if "TORCH_CONFIG_DIR" in environ:
configPath = environ.get("TORCH_CONFIG_DIR")
if not configPath.endswith("/"):
configPath = configPath + "/"
print("Using torch configuration path: " + configPath)
config = configparser.ConfigParser()
config.read(configPath + "torch.conf")
torProxyPort = config['tor'].getint('ProxyPort', fallback = 9050)
torControllerPort = config['tor'].getint('ControllerPort', fallback = 9051)
sshPort = config['ssh'].getint('Port', fallback = 22)
mqttConfig = config['mqtt']
mqttBrokerHost = mqttConfig.get('BrokerHost', fallback = "localhost")
mqttBrokerPort = mqttConfig.getint('BrokerPort', fallback = 1883)
clientID = mqttConfig.get('ClientID', fallback = socket.gethostname())
mqttTopic = mqttConfig.get('Topic', fallback = "torch/%s/onion_url" % (clientID))
mqttRequireCertificate = mqttConfig.getboolean(
'RequireCertificate',
fallback = False)
mqttCaFile = configPath + mqttConfig.get('CaFile')
mqttCertFile = configPath + mqttConfig.get('CertFile')
mqttKeyFile = configPath + mqttConfig.get('KeyFile')
with Controller.from_port(port = torControllerPort) as controller:
protocolInfo = stem.connection.get_protocolinfo(controller)
stem.connection.authenticate_safecookie(
controller,
protocolInfo.cookie_path)
print("Connected to Tor on port %s" % (torControllerPort))
service = controller.create_ephemeral_hidden_service(
sshPort,
detached = True)
onionAddress = "%s.onion" % (service.service_id)
print("Created Tor Hidden Service for local port %s at %s" % (sshPort, onionAddress))
payload = {
'clientId': clientID,
'timestamp': datetime.now().strftime("%d-%b-%Y (%H:%M:%S.%f)"),
'onionAddress': onionAddress,
'sshPort': sshPort
}
client = mqtt.Client()
protocol = "mqtt"
if mqttRequireCertificate:
client.tls_set(
ca_certs = mqttCaFile,
certfile = mqttCertFile,
keyfile = mqttKeyFile,
cert_reqs=ssl.CERT_REQUIRED)
protocol = "mqtts"
if mqttBrokerHost.endswith(".onion"):
client.proxy_set(proxy_type=socks.SOCKS5, proxy_addr="localhost", proxy_port=torProxyPort)
client.tls_insecure_set(True)
client.connect(mqttBrokerHost, mqttBrokerPort, 60)
client.publish(mqttTopic, json.dumps(payload))
print("Connected to MQTT Broker at %s://%s:%s/%s" % (protocol, mqttBrokerHost, mqttBrokerPort, mqttTopic))
print("Published payload: " + json.dumps(payload))
client.disconnect()
print("Disconnected from MQTT Broker")

View File

@ -16,4 +16,5 @@ Topic = example/topic
#RequireCertificate = true
#CaFile = ca.crt
#CertFile = client.crt
#KeyFile = client.key
#KeyFile = client.key

1
torch_agent/__init__.py Normal file
View File

@ -0,0 +1 @@
__version__ = "0.0.1"

5
torch_agent/__main__.py Normal file
View File

@ -0,0 +1,5 @@
import sys
from torch_agent import main
if __name__ == '__main__':
sys.exit(main())

97
torch_agent/torch_agent.py Executable file
View File

@ -0,0 +1,97 @@
from stem.control import Controller
import stem.connection
import paho.mqtt.client as mqtt
import ssl
import socks
import socket
import json
import configparser
import argparse
from datetime import datetime
from os import environ
def main():
parser = argparse.ArgumentParser(description='Broadcast SSH hidden service hostname via MQTT')
parser.add_argument('--config-dir', nargs='?', dest='configPath', default='/etc/torch',
help='configuration directory (default: /etc/torch)')
args = parser.parse_args()
configPath = args.configPath
if "TORCH_CONFIG_DIR" in environ:
configPath = environ.get("TORCH_CONFIG_DIR")
if not configPath.endswith("/"):
configPath = configPath + "/"
print("Using torch configuration path: " + configPath)
config = configparser.ConfigParser()
config.read(configPath + "torch.conf")
torProxyPort = config['tor'].getint('ProxyPort', fallback = 9050)
torControllerPort = config['tor'].getint('ControllerPort', fallback = 9051)
sshPort = config['ssh'].getint('Port', fallback = 22)
mqttConfig = config['mqtt']
mqttBrokerHost = mqttConfig.get('BrokerHost', fallback = "localhost")
mqttBrokerPort = mqttConfig.getint('BrokerPort', fallback = 1883)
clientID = mqttConfig.get('ClientID', fallback = socket.gethostname())
mqttTopic = mqttConfig.get('Topic', fallback = "torch/%s/onion_url" % (clientID))
mqttRequireCertificate = mqttConfig.getboolean(
'RequireCertificate',
fallback = False)
mqttCaFile = configPath + mqttConfig.get('CaFile')
mqttCertFile = configPath + mqttConfig.get('CertFile')
mqttKeyFile = configPath + mqttConfig.get('KeyFile')
with Controller.from_port(port = torControllerPort) as controller:
protocolInfo = stem.connection.get_protocolinfo(controller)
stem.connection.authenticate_safecookie(
controller,
protocolInfo.cookie_path)
print("Connected to Tor on port %s" % (torControllerPort))
service = controller.create_ephemeral_hidden_service(sshPort, detached = True)
onionAddress = "%s.onion" % (service.service_id)
print("Created Tor Hidden Service for local port %s at %s" % (sshPort, onionAddress))
payload = {
'clientId': clientID,
'timestamp': datetime.now().strftime("%d-%b-%Y (%H:%M:%S.%f)"),
'onionAddress': onionAddress,
'sshPort': sshPort
}
client = mqtt.Client()
protocol = "mqtt"
if mqttRequireCertificate:
client.tls_set(
ca_certs = mqttCaFile,
certfile = mqttCertFile,
keyfile = mqttKeyFile,
cert_reqs=ssl.CERT_REQUIRED)
protocol = "mqtts"
if mqttBrokerHost.endswith(".onion"):
client.proxy_set(proxy_type=socks.SOCKS5, proxy_addr="localhost", proxy_port=torProxyPort)
client.tls_insecure_set(True)
client.connect(mqttBrokerHost, mqttBrokerPort, 60)
client.publish(mqttTopic, json.dumps(payload))
print("Connected to MQTT Broker at %s://%s:%s/%s" % (protocol, mqttBrokerHost, mqttBrokerPort, mqttTopic))
print("Published payload: " + json.dumps(payload))
client.disconnect()
print("Disconnected from MQTT Broker")