public string CreatePrepareUnit(string name, string frameworkDir)
{
var unitName = $"app-{name.ToLower()}-01-prepare.service".Replace(" ", "");
var fileName = $"{Parameter.AppsUnits}/{unitName}";
if (File.Exists(fileName))
{
File.Delete(fileName);
}
var oldUnitName = $"{Parameter.ApplicativeUnits}/{unitName}";
if (File.Exists(oldUnitName))
{
File.Delete(oldUnitName);
}
var lines = new List <string> {
"[Unit]",
"Description=External Volume Unit, Application: {name} Prepare Service",
$"Before=app-{name.ToLower()}-02-mount.service".Replace(" ", ""),
"",
"[Service]",
$"ExecStart=/bin/mkdir -p {frameworkDir}",
"SuccessExitStatus=0",
"RemainAfterExit=yes",
"",
"[Install]",
"WantedBy=applicative.target"
};
FileWithAcl.WriteAllLines(fileName, lines, "644", "root", "wheel");
Systemctl.DaemonReload();
return(unitName);
}
public static void SaveSystemConfiguration(Settings model)
{
var text = JsonConvert.SerializeObject(model, Formatting.Indented);
FileWithAcl.WriteAllText(_systemFile, text, "644", "root", "wheel");
ConsoleLogger.Log("[vfs] configuration saved");
}
public string CreateLauncherUnit(string name, string exeName, string exePath)
{
var unitName = $"app-{name.ToLower()}-{exeName.ToLower().Replace(".exe", "")}-launcher.service";
var fileName = $"{Parameter.AppsUnits}/{unitName}";
if (File.Exists(fileName))
{
File.Delete(fileName);
}
var oldUnitName = $"{Parameter.ApplicativeUnits}/{unitName}";
if (File.Exists(oldUnitName))
{
File.Delete(oldUnitName);
}
var lines = new List <string> {
"[Unit]",
$"Description=External Volume Unit, Application: {exeName} Launcher Service",
$"After=app-{name.ToLower()}-02-mount.service".Replace(" ", ""),
"",
"[Service]",
$"ExecStart=/usr/bin/mono {exePath}",
"Restart=on-failure",
"RemainAfterExit=no",
"TasksMax=infinity",
"LimitNOFILE=1024000",
"",
"[Install]",
"WantedBy=applicative.target"
};
FileWithAcl.WriteAllLines(fileName, lines, "644", "root", "wheel");
Systemctl.DaemonReload();
return(unitName);
}
public void Download(string appName, MachineIdsModel machineUid, byte[] publicKey)
{
if (File.Exists(_licensePath))
{
return;
}
var cloudaddress = new AppConfiguration().Get().CloudAddress;
if (string.IsNullOrEmpty(cloudaddress))
{
return;
}
if (cloudaddress.Contains("localhost"))
{
return;
}
if (!cloudaddress.EndsWith("/"))
{
cloudaddress = cloudaddress + "/";
}
var pk = Encoding.ASCII.GetString(publicKey);
var dict = new Dictionary <string, string> {
{ "AppName", appName },
{ "PartNumber", machineUid.PartNumber },
{ "SerialNumber", machineUid.SerialNumber },
{ "Uid", machineUid.MachineUid },
{ "PublicKey", pk }
};
var lic = _api.Post <string>($"{cloudaddress}license/create", dict);
if (lic != null)
{
FileWithAcl.WriteAllText(_licensePath, lic, "644", "root", "wheel");
}
}
private static MachineIdsModel GetMachineId()
{
if (File.Exists(IdPath))
{
var checkFile = File.ReadAllText(IdPath);
if (checkFile == "000000-000000-0000-0000")
{
File.Delete(IdPath);
}
else
{
try {
var x = JsonConvert.DeserializeObject <MachineIdsModel>(checkFile);
return(x);
}
catch (Exception) {
File.Delete(IdPath);
}
}
}
else
{
var machineUuid = new MachineIdsModel();
var json = JsonConvert.SerializeObject(machineUuid, Formatting.Indented);
FileWithAcl.WriteAllText(IdPath, json, "644", "root", "wheel");
return(machineUuid);
}
return(new MachineIdsModel());
}
private static void WriteTimerMountFile()
{
const string file = "/usr/lib64/systemd/system/etc-systemd-system-tt.target.wants.mount";
if (File.Exists(file))
{
File.Delete(file);
}
var timerText = new List <string> {
"[Unit]",
"Description=Description=Anthilla OS - Triggers and Timers Target Units Binding",
"After=mnt-cdrom.mount",
"Before=tt.service tt.target",
"",
"[Mount]",
"What=/mnt/cdrom/Units/tt.target.wants",
"Where=/etc/systemd/system/tt.target.wants",
"Type=bind",
"Options=bind",
"",
"[Install]",
"WantedBy=multi-user.target",
""
};
FileWithAcl.WriteAllLines(file, timerText, "644", "root", "wheel");
}
public void Save(KerberosConfigurationModel model)
{
var text = JsonConvert.SerializeObject(model, Formatting.Indented);
FileWithAcl.WriteAllText(_cfgFile, text);
ConsoleLogger.Log("[kerberos] configuration saved");
}
public static void Save(AclConfigurationModel model)
{
var text = JsonConvert.SerializeObject(model, Formatting.Indented);
FileWithAcl.WriteAllText(CfgFile, text, "644", "root", "wheel");
ConsoleLogger.Log("[acl] configuration saved");
}
public void Set()
{
Enable();
Stop();
#region [ named.conf generation ]
if (File.Exists(MainFilePath))
{
if (File.Exists(MainFilePathBackup))
{
File.Delete(MainFilePathBackup);
}
File.Copy(MainFilePath, MainFilePathBackup);
}
var lines = new List <string>
{
"options {"
};
FileWithAcl.WriteAllLines(MainFilePath, lines, "644", "root", "wheel");
#endregion
Start();
}
public static void Backup(string dir)
{
var acls = Bash.Execute($"getfacl -R {dir}").SplitBash();
var destination = SetAclBackupFilePath(dir);
FileWithAcl.WriteAllLines(destination, acls, "644", "root", "wheel");
}
public static void CreateSmartCardCertificate(string name, string passphrase, string upn, string email, string c, string st, string l, string o, string ou)
{
var config = $"{CaIntermediateDirectory}/{name}.openssl.cnf";
if (!File.Exists(config))
{
var applicationSetting = new AppConfiguration().Get();
FileWithAcl.WriteAllLines(config, CaConfigurationFiles.IntermediateCaSmartCardOpensslCnf(
CaIntermediateDirectory,
$"http://{GetThisIp()}:{applicationSetting.AntdPort}/services/ca/crl",
upn
), "644", "root", "wheel");
}
var key = $"{CaIntermediateDirectory}/private/{name}.key.pem";
if (!File.Exists(key))
{
Bash.Execute($"openssl genrsa -aes256 -out {key} -passout pass:{passphrase} 2048");
Bash.Execute($"chmod 400 ${key}");
}
var csr = $"{CaIntermediateDirectory}/csr/{name}.csr.pem";
if (!File.Exists(key))
{
Bash.Execute($"openssl req -config {config} -key {key} -new -sha256 -out {csr} -passin pass:{passphrase} -subj \"/C={c}/ST={st}/L={l}/O={o}/OU={ou}/CN={name}/emailAddress={email}\"");
}
var cert = $"{CaIntermediateDirectory}/certs/{name}.cert.pem";
if (!File.Exists(cert))
{
Bash.Execute($"openssl ca -config {config} -extensions usr_cert -days 375 -notext -md sha256 -in {csr} -out {cert}");
Bash.Execute($"chmod 444 ${cert}");
}
}
private static bool SetUnitForTunnel(string remoteHost)
{
var lines = new List <string> {
"[Unit]",
"Description=ExtUnit, VpnConnection",
"",
"[Service]",
$"ExecStart=/usr/bin/ssh -o Tunnel=ethernet -f -w 1:1 root@{remoteHost} true",
"SuccessExitStatus=1 2 3 4 5 6 7 8 9 0",
"RemainAfterExit=yes",
"Type=oneshot",
"",
"[Install]",
"WantedBy=antd.target"
};
var unitName = $"/mnt/cdrom/Units/antd.target.wants/antd-{remoteHost}-vpn.service";
ConsoleLogger.Log(unitName);
if (!File.Exists(unitName))
{
FileWithAcl.WriteAllLines(unitName, lines, "644", "root", "wheel");
Systemctl.DaemonReload();
}
Systemctl.Restart($"antd-{remoteHost}-vpn.service");
return(Systemctl.IsActive($"antd-{remoteHost}-vpn.service"));
}
public void Setup()
{
if (!File.Exists(FilePath))
{
FileWithAcl.WriteAllText(FilePath, $"{Name} {Password}", "644", "root", "wheel");
}
}
private static void WriteTimerServiceFile()
{
const string file = "/usr/lib64/systemd/system/tt.service";
if (File.Exists(file))
{
File.Delete(file);
}
var timerText = new List <string> {
"[Unit]",
"Description=Description=Anthilla OS - Triggers and Timers Target",
"After=etc-systemd-system-tt.target.wants.mount",
"Before=tt.target",
"Requires=etc-systemd-system-tt.target.wants.mount",
"",
"[Service]",
"ExecStartPre=/usr/bin/systemctl daemon-reload",
"ExecStart=/usr/bin/systemctl start tt.target",
"",
"[Install]",
"WantedBy=multi-user.target",
""
};
FileWithAcl.WriteAllLines(file, timerText, "644", "root", "wheel");
}
public static void Set()
{
Stop();
DirectoryWithAcl.CreateDirectory(LibDirMnt, "755", "root", "root");
MountManagement.Dir(LibDir);
#region [ torrc generation ]
if (File.Exists(MainFilePath))
{
if (File.Exists(MainFilePathBackup))
{
File.Delete(MainFilePathBackup);
}
File.Copy(MainFilePath, MainFilePathBackup);
}
var lines = new List <string>();
foreach (var svc in ServiceModel.Services)
{
if (string.IsNullOrEmpty(svc.Name) ||
string.IsNullOrEmpty(svc.IpAddress) ||
string.IsNullOrEmpty(svc.TorPort))
{
continue;
}
//HiddenServiceDir /var/lib/tor/hidden_service/
//HiddenServicePort 80 127.0.0.1:8080
var dire = $"{LibDirMnt}/{svc.Name}";
DirectoryWithAcl.CreateDirectory(dire, "755", "root", "root");
lines.Add($"HiddenServiceDir {dire}");
lines.Add($"HiddenServicePort {svc.TorPort} {svc.IpAddress}");
}
FileWithAcl.WriteAllLines(MainFilePath, lines, "700", "tor", "root");
#endregion
Start();
}
public static void Save(SyslogNgConfigurationModel model)
{
var text = JsonConvert.SerializeObject(model, Formatting.Indented);
FileWithAcl.WriteAllText(CfgFile, text);
ConsoleLogger.Log("[syslogng] configuration saved");
}
public void GenerateReport()
{
DirectoryWithAcl.CreateDirectory(ReportDir, "755", "root", "wheel");
try {
var lines = new List <string> {
"+================================+",
$"| Antd Report @ {DateTime.Now:yyyy-MM-dd} |",
"+================================+",
"",
Bash.Execute("uname -a"),
$"uptime: {Bash.Execute("uptime | awk -F ',' '{print $1 $2}'").Trim()}",
$"processes: {Bash.Execute("ps -aef | wc | awk -F ' ' '{ print $1 }'").Trim()}",
$"users logged: {Bash.Execute("who | awk -F ' ' '{print $1}' |sort -u | wc |awk -F ' ' '{print $1}'").Trim()}",
$"sessions open: {Bash.Execute("who | sort -u | wc |awk -F ' ' '{print $1}'").Trim()}",
$"load: {Bash.Execute("uptime | awk -F ',' '{print $4 $5 $6}' | awk -F ':' '{print $2}'").Trim()}",
""
};
lines.AddRange(GetSecurityReport());
FileWithAcl.WriteAllLines($"{ReportDir}/{Timestamp.Now}-antd-report.txt", lines, "644", "root", "wheel");
}
catch (Exception ex) {
ConsoleLogger.Error($"unable to create the log report: {ex.Message}");
}
}
public static void SaveConfiguration(Cluster.Configuration model)
{
Prepare();
var text = JsonConvert.SerializeObject(model, Formatting.Indented);
FileWithAcl.WriteAllText(IpFile, text, "644", "root", "wheel");
ConsoleLogger.Log("[cluster] configuration saved");
}
public static void PrepareIntermediateConfigurationFile()
{
if (!File.Exists($"{CaIntermediateDirectory}/openssl.cnf"))
{
var applicationSetting = new AppConfiguration().Get();
FileWithAcl.WriteAllLines($"{CaIntermediateDirectory}/openssl.cnf", CaConfigurationFiles.IntermediateCaOpensslCnf(CaIntermediateDirectory, $"http://{GetThisIp()}:{applicationSetting.AntdPort}/services/ca/crl"), "644", "root", "wheel");
}
}
public static void PrepareConfigurationFile()
{
// /data/ca/openssl.cnf
if (!File.Exists($"{CaMainDirectory}/openssl.cnf"))
{
FileWithAcl.WriteAllLines($"{CaMainDirectory}/openssl.cnf", CaConfigurationFiles.RootCaOpensslCnf(CaMainDirectory), "644", "root", "wheel");
}
}
public AuthorizedKeysModule()
{
Post["/ak/create"] = x => {
string remoteUser = Request.Form.RemoteUser;
string user = Request.Form.User;
string key = Request.Form.Key;
var model = new AuthorizedKeyModel {
RemoteUser = remoteUser,
User = user,
KeyValue = key
};
var authorizedKeysConfiguration = new AuthorizedKeysConfiguration();
authorizedKeysConfiguration.AddKey(model);
var home = user == "root" ? "/root/.ssh" : $"/home/{user}/.ssh";
var authorizedKeysPath = $"{home}/authorized_keys";
if (!File.Exists(authorizedKeysPath))
{
File.Create(authorizedKeysPath);
}
var line = $"{key} {remoteUser}";
FileWithAcl.AppendAllLines(authorizedKeysPath, new List <string> {
line
}, "644", "root", "wheel");
Bash.Execute($"chmod 600 {authorizedKeysPath}", false);
Bash.Execute($"chown {user}:{user} {authorizedKeysPath}", false);
return(HttpStatusCode.OK);
};
Get["/ak/introduce"] = x => {
var remoteHost = Request.Query.Host;
var remoteUser = $"{Environment.UserName}@{Environment.MachineName}";
Console.WriteLine(remoteUser);
string user = Request.Query.User;
string key = Request.Query.Key;
var dict = new Dictionary <string, string> {
{ "RemoteUser", remoteUser },
{ "User", user },
{ "Key", key }
};
var r = new ApiConsumer().Post($"http://{remoteHost}/ak/create", dict);
return(r);
};
Post["/ak/introduce"] = x => {
var remoteHost = Request.Form.Host;
var remoteUser = $"{Environment.UserName}@{Environment.MachineName}";
Console.WriteLine(remoteUser);
string user = Request.Form.User;
string key = Request.Form.Key;
var dict = new Dictionary <string, string> {
{ "RemoteUser", remoteUser },
{ "User", user },
{ "Key", key }
};
var r = new ApiConsumer().Post($"http://{remoteHost}/ak/create", dict);
return(r);
};
}
public static void DownloadRootServerHits()
{
var apiConsumer = new ApiConsumer();
var text = apiConsumer.GetString("https://www.internic.net/domain/named.named");
const string namedHintsFile = "/etc/bind/named.named";
FileWithAcl.WriteAllText(namedHintsFile, text, "644", "named", "named");
RndcReload();
}
public void Remove(string host)
{
if (!Hosts.Contains(host))
{
return;
}
Hosts.Remove(host);
FileWithAcl.WriteAllText(_filePath, JsonConvert.SerializeObject(Hosts, Formatting.Indented), "644", "root", "wheel");
}
public static void Enable()
{
var s = new TorConfigurationModel {
IsActive = true, Services = ServiceModel.Services
};
var text = JsonConvert.SerializeObject(s, Formatting.Indented);
FileWithAcl.WriteAllText(CfgFile, text, "644", "root", "wheel");
ConsoleLogger.Log("[tor] enabled");
}
public static void Save(List <TorService> model)
{
var s = new TorConfigurationModel {
IsActive = ServiceModel.IsActive, Services = model
};
var text = JsonConvert.SerializeObject(s, Formatting.Indented);
FileWithAcl.WriteAllText(CfgFile, text, "644", "root", "wheel");
ConsoleLogger.Log("[tor] configuration saved");
}
public static void SetAcl(string guid, string[] rules)
{
var acls = ServiceModel.Settings;
var model = acls.FirstOrDefault(_ => _.Guid == guid);
if (model == null)
{
return;
}
FileWithAcl.WriteAllLines(model.Acl, rules, "644", "root", "wheel");
}
public static void Save(SambaConfigurationModel model)
{
var text = JsonConvert.SerializeObject(model, Formatting.Indented);
if (File.Exists(CfgFile))
{
File.Copy(CfgFile, CfgFileBackup, true);
}
FileWithAcl.WriteAllText(CfgFile, text, "644", "root", "wheel");
ConsoleLogger.Log("[samba] configuration saved");
}
public static void SetRmmodList(List <string> objects)
{
var lines = objects;
try {
FileWithAcl.WriteAllLines(RmmodFile, lines, "644", "root", "wheel");
}
catch (Exception ex) {
ConsoleLogger.Error($"[host parameters] rmmod configuration set error: {ex.Message}");
}
}
public static void SetEndCommandsList(List <Control> commands)
{
var text = JsonConvert.SerializeObject(commands, Formatting.Indented);
try {
FileWithAcl.WriteAllText(EndcommandsFile, text, "644", "root", "wheel");
}
catch (Exception ex) {
ConsoleLogger.Error($"[host parameters] endcommands configuration set error: {ex.Message}");
}
}
public static bool Save(Network2ConfigurationModel conf)
{
var text = JsonConvert.SerializeObject(conf, Formatting.Indented);
try {
FileWithAcl.WriteAllText(CfgFile, text, "644", "root", "wheel");
}
catch (Exception ex) {
ConsoleLogger.Error($"[network] configuration save error: {ex.Message}");
return(false);
}
return(true);
}
