ereuse
/
workbench-script
8
0
Fork 0
Code Issues 1 Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: ereuse:main
Branches Tags
ereuse:main
ereuse:inxi
ereuse:issue_5
ereuse:bugfix/nfs
ereuse:isoc_f1__ssd_deletion
..
compare: ereuse:issue_5
Branches Tags
ereuse:inxi
ereuse:main
ereuse:issue_5
ereuse:bugfix/nfs
ereuse:isoc_f1__ssd_deletion

2 Commits
main ... issue_5

Author SHA1 Message Date
Cayo Puigdefabregas 468b6f63c4 create credential from snapshot 2024-11-06 14:10:02 +01:00
Cayo Puigdefabregas 7ebff00e2e issue 100 new url in qr for evidence instead of device 2024-10-31 16:30:45 +01:00
7 changed files with 136 additions and 163 deletions
Show Stats Expand all files Collapse all files

9
Makefile
View File

@ -44,15 +44,6 @@ boot_iso_uefi_secureboot:
-drive file=deploy/iso/workbench_debug.iso,cache=none,if=virtio,format=raw,index=0,media=disk \ -drive file=deploy/iso/workbench_debug.iso,cache=none,if=virtio,format=raw,index=0,media=disk \
-boot menu=on -boot menu=on
# when you change something, you need to refresh it this way
regenerate_pxe_install:
./deploy-workbench.sh
pxe/install-pxe.sh
es_gen:
$(MAKE) es_gen_po
$(MAKE) es_gen_mo
es_gen_po: es_gen_po:
cp locale/es/LC_MESSAGES/messages.po locale/es/LC_MESSAGES/messages.pot.bak cp locale/es/LC_MESSAGES/messages.po locale/es/LC_MESSAGES/messages.pot.bak
pygettext3 -p locale/es/LC_MESSAGES/ workbench-script.py pygettext3 -p locale/es/LC_MESSAGES/ workbench-script.py

65
deploy-workbench.sh
View File

@ -199,12 +199,12 @@ create_persistence_partition() {
mkdir -p "${tmp_rw_mount}" mkdir -p "${tmp_rw_mount}"
${SUDO} mount "$(pwd)/${rw_img_path}" "${tmp_rw_mount}" ${SUDO} mount "$(pwd)/${rw_img_path}" "${tmp_rw_mount}"
${SUDO} mkdir -p "${tmp_rw_mount}" ${SUDO} mkdir -p "${tmp_rw_mount}"
if [ ! -f "settings.ini" ]; then if [ -f "settings.ini" ]; then
${SUDO} cp -v settings.ini.example settings.ini ${SUDO} cp -v settings.ini "${tmp_rw_mount}/settings.ini"
echo "WARNING: settings.ini was not there, settings.ini.example was copied, this only happens once" else
echo "ERROR: settings.ini does not exist yet, cannot read config from there. You can take inspiration with file settings.ini.example"
exit 1
fi fi
${SUDO} cp -v settings.ini "${tmp_rw_mount}/settings.ini"
${SUDO} umount "${tmp_rw_mount}" ${SUDO} umount "${tmp_rw_mount}"
uuid="$(blkid "${rw_img_path}" | awk '{ print $3; }')" uuid="$(blkid "${rw_img_path}" | awk '{ print $3; }')"
@ -253,27 +253,6 @@ END2
END END
)" )"
# thanks https://wiki.debian.org/Keyboard
chroot_kbd_conf_str="$(cat<<END
chroot_kbd_conf() {
###################
# configure keyboard
cat > /etc/default/keyboard <<END2
# KEYBOARD CONFIGURATION FILE
# generated by deploy-workbench.sh
# Consult the keyboard(5) manual page.
XKBMODEL="pc105"
XKBLAYOUT="\${CUSTOM_LANG}"
BACKSPACE="guess"
END2
}
END
)"
prepare_app() { prepare_app() {
# prepare app during prepare_chroot_env # prepare app during prepare_chroot_env
workbench_dir="${ISO_PATH}/chroot/opt/workbench" workbench_dir="${ISO_PATH}/chroot/opt/workbench"
@ -301,15 +280,13 @@ if [ "\${nfs_host}" ]; then
mount --bind /run/live/medium /mnt mount --bind /run/live/medium /mnt
# debian live nfs path is readonly, do a trick # debian live nfs path is readonly, do a trick
# to make snapshots subdir readwrite # to make snapshots subdir readwrite
mount -v \${nfs_host}:/snapshots /run/live/medium/snapshots mount \${nfs_host}:/snapshots /run/live/medium/snapshots
# reload mounts on systemd # reload mounts on systemd
systemctl daemon-reload systemctl daemon-reload
fi fi
# clearly specify the right working directory, used in the python script as os.getcwd() # clearly specify the right working directory, used in the python script as os.getcwd()
cd /mnt cd /mnt
#pipenv run python /opt/workbench/workbench-script.py --config /mnt/settings.ini pipenv run python /opt/workbench/workbench-script.py --config /mnt/settings.ini
# works meanwhile this project is vanilla python
python /opt/workbench/workbench-script.py --config /mnt/settings.ini
stty echo stty echo
set +x set +x
@ -325,7 +302,7 @@ echo 'Install requirements'
# Install debian requirements # Install debian requirements
apt-get install -y --no-install-recommends \ apt-get install -y --no-install-recommends \
sudo locales keyboard-configuration console-setup qrencode \ sudo locales \
python-is-python3 python3 python3-dev python3-pip pipenv \ python-is-python3 python3 python3-dev python3-pip pipenv \
dmidecode smartmontools hwinfo pciutils lshw nfs-common < /dev/null dmidecode smartmontools hwinfo pciutils lshw nfs-common < /dev/null
@ -383,14 +360,8 @@ ${install_app_str}
# thanks src https://serverfault.com/questions/362903/how-do-you-set-a-locale-non-interactively-on-debian-ubuntu # thanks src https://serverfault.com/questions/362903/how-do-you-set-a-locale-non-interactively-on-debian-ubuntu
export LANG=${LANG} export LANG=${LANG}
export LC_ALL=${LANG} export LC_ALL=${LANG}
echo "${MYLOCALE}" > /etc/locale.gen
# Generate the locale
locale-gen
# feeds /etc/default/locale for the shell env var
update-locale LANG=${LANG} LC_ALL=${LANG}
# this is a high level command that does locale-gen and update-locale altogether # this is a high level command that does locale-gen and update-locale altogether
# but it is too interactive dpkg-reconfigure --frontend=noninteractive locales
#dpkg-reconfigure --frontend=noninteractive locales
# DEBUG # DEBUG
locale -a locale -a
@ -416,9 +387,6 @@ apt-get install -y --no-install-recommends \
< /dev/null < /dev/null
${chroot_netdns_conf_str} ${chroot_netdns_conf_str}
CUSTOM_LANG=${CUSTOM_LANG}
${chroot_kbd_conf_str}
chroot_kbd_conf
# Set up root user # Set up root user
# this is the root password # this is the root password
@ -438,19 +406,7 @@ CHROOT
} }
prepare_chroot_env() { prepare_chroot_env() {
CUSTOM_LANG="${CUSTOM_LANG:-es}" LANG="${CUSTOM_LANG:-es_ES.UTF-8}"
case "${CUSTOM_LANG}" in
es)
export LANG="es_ES.UTF-8"
export MYLOCALE="${LANG} UTF-8"
;;
en)
export LANG="en_US.UTF-8"
;;
*)
echo "ERROR: CUSTOM_LANG not supported. Available: es"
exit 1
esac
# version of debian the bootstrap is going to build # version of debian the bootstrap is going to build
# if no VERSION_CODENAME is specified we assume that the bootstrap is going to # if no VERSION_CODENAME is specified we assume that the bootstrap is going to
# be build with the same version of debian being executed because some files # be build with the same version of debian being executed because some files
@ -474,7 +430,6 @@ prepare_chroot_env() {
prepare_app prepare_app
} }
# thanks https://willhaley.com/blog/custom-debian-live-environment/ # thanks https://willhaley.com/blog/custom-debian-live-environment/
install_requirements() { install_requirements() {
# Install requirements # Install requirements

BIN
locale/es/LC_MESSAGES/messages.mo
View File

Binary file not shown.

44
locale/es/LC_MESSAGES/messages.po
View File

@ -8,7 +8,7 @@ msgid ""
msgstr "" msgstr ""
"Project-Id-Version: PACKAGE VERSION\n" "Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n" "Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2024-11-08 18:25+0100\n" "POT-Creation-Date: 2024-10-15 21:15+0200\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n" "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: LANGUAGE <LL@li.org>\n" "Language-Team: LANGUAGE <LL@li.org>\n"
@ -17,19 +17,19 @@ msgstr ""
"Content-Type: text/plain; charset=UTF-8\n" "Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n" "Content-Transfer-Encoding: 8bit\n"
#: workbench-script.py:49 workbench-script.py:54 #: workbench-script.py:48 workbench-script.py:53
msgid "Running command `%s`" msgid "Running command `%s`"
msgstr "Ejecutando comando `%s`" msgstr "Ejecutando comando `%s`"
#: workbench-script.py:279 #: workbench-script.py:284
msgid "Created snapshots directory at '%s'" msgid "Created snapshots directory at '%s'"
msgstr "Creado directorio de snapshots en '%s'" msgstr "Creado directorio de snapshots en '%s'"
#: workbench-script.py:282 #: workbench-script.py:287
msgid "Snapshot written in path '%s'" msgid "Snapshot written in path '%s'"
msgstr "Snapshot escrito en ruta '%s'" msgstr "Snapshot escrito en ruta '%s'"
#: workbench-script.py:285 #: workbench-script.py:290
msgid "" msgid ""
"Attempting to save file in actual path. Reason: Failed to write in snapshots " "Attempting to save file in actual path. Reason: Failed to write in snapshots "
"directory:\n" "directory:\n"
@ -39,11 +39,11 @@ msgstr ""
"escribir en el directorio de snapshots:\n" "escribir en el directorio de snapshots:\n"
" %s." " %s."
#: workbench-script.py:292 #: workbench-script.py:297
msgid "Snapshot written in fallback path '%s'" msgid "Snapshot written in fallback path '%s'"
msgstr "Snapshot escrito en ruta alternativa '%s'" msgstr "Snapshot escrito en ruta alternativa '%s'"
#: workbench-script.py:294 #: workbench-script.py:299
msgid "" msgid ""
"Could not save snapshot locally. Reason: Failed to write in fallback path:\n" "Could not save snapshot locally. Reason: Failed to write in fallback path:\n"
" %s" " %s"
@ -52,53 +52,49 @@ msgstr ""
"alternativa:\n" "alternativa:\n"
" %s" " %s"
#: workbench-script.py:317 #: workbench-script.py:316
msgid "Snapshot successfully sent to '%s'" msgid "Snapshot successfully sent to '%s'"
msgstr "Snapshot enviado con éxito a '%s'" msgstr "Snapshot enviado con éxito a '%s'"
#: workbench-script.py:335 #: workbench-script.py:331
msgid "Snapshot %s could not be sent to URL '%s'"
msgstr "Snapshot %s no se pudo enviar a la URL '%s'"
#: workbench-script.py:338
msgid "" msgid ""
"Snapshot %s not remotely sent to URL '%s'. Do you have internet? Is your " "Snapshot not remotely sent to URL '%s'. Do you have internet? Is your server "
"server up & running? Is the url token authorized?\n" "up & running? Is the url token authorized?\n"
" %s" " %s"
msgstr "" msgstr ""
"Snapshot %s no enviado remotamente a la URL '%s'. Tienes internet? Está el " "Snapshot no enviado remotamente a la URL '%s'. Tienes internet? Está el "
"servidor en marcha? Está autorizado el url token?\n" "servidor en marcha? Está autorizado el url token?\n"
" %s" " %s"
#: workbench-script.py:350 #: workbench-script.py:342
msgid "Found config file in path: %s." msgid "Found config file in path: %s."
msgstr "Encontrado fichero de configuración en ruta: %s." msgstr "Encontrado fichero de configuración en ruta: %s."
#: workbench-script.py:361 #: workbench-script.py:353
msgid "Config file '%s' not found. Using default values." msgid "Config file '%s' not found. Using default values."
msgstr "" msgstr ""
"Fichero de configuración '%s' no encontrado. Utilizando valores por defecto." "Fichero de configuración '%s' no encontrado. Utilizando valores por defecto."
#: workbench-script.py:379 #: workbench-script.py:373
msgid "workbench-script.py [-h] [--config CONFIG]" msgid "workbench-script.py [-h] [--config CONFIG]"
msgstr "" msgstr ""
#: workbench-script.py:380 #: workbench-script.py:374
msgid "Optional config loader for workbench." msgid "Optional config loader for workbench."
msgstr "Cargador opcional de configuración para workbench" msgstr "Cargador opcional de configuración para workbench"
#: workbench-script.py:383 #: workbench-script.py:377
msgid "" msgid ""
"path to the config file. Defaults to 'settings.ini' in the current directory." "path to the config file. Defaults to 'settings.ini' in the current directory."
msgstr "" msgstr ""
"ruta al fichero de configuración. Por defecto es 'settings.ini' en el " "ruta al fichero de configuración. Por defecto es 'settings.ini' en el "
"directorio actual" "directorio actual"
#: workbench-script.py:416 #: workbench-script.py:410
msgid "START" msgid "START"
msgstr "INICIO" msgstr "INICIO"
#: workbench-script.py:430 #: workbench-script.py:423
msgid "" msgid ""
"This script must be run as root. Collected data will be incomplete or " "This script must be run as root. Collected data will be incomplete or "
"unusable" "unusable"
@ -106,6 +102,6 @@ msgstr ""
"Es conveniente que este script sea ejecutado como administrador (root). Los " "Es conveniente que este script sea ejecutado como administrador (root). Los "
"datos recopilados serán incompletos o no usables." "datos recopilados serán incompletos o no usables."
#: workbench-script.py:448 #: workbench-script.py:441
msgid "END" msgid "END"
msgstr "FIN" msgstr "FIN"

31
pxe/install-pxe.sh
View File

@ -37,7 +37,7 @@ backup_file() {
if [ -f "${target}" ]; then if [ -f "${target}" ]; then
if ! grep -q 'we should do a backup' "${target}"; then if ! grep -q 'we should do a backup' "${target}"; then
${SUDO} cp -v -a "${target}" "${target}-bak_${ts}" ${SUDO} cp -a "${target}" "${target}-bak_${ts}"
fi fi
fi fi
} }
@ -69,14 +69,14 @@ END
# reload nfs exports # reload nfs exports
${SUDO} exportfs -vra ${SUDO} exportfs -vra
if [ ! -f ./settings.ini ]; then
cp -v ./settings.ini.example ./settings.ini
echo "WARNING: settings.ini was not there, settings.ini.example was copied, this only happens once"
fi
if [ ! -f "${nfs_path}/settings.ini" ]; then if [ ! -f "${nfs_path}/settings.ini" ]; then
${SUDO} cp -v settings.ini "${nfs_path}/settings.ini" if [ -f "settings.ini" ]; then
echo "WARNING: ${nfs_path}/settings.ini was not there, ./settings.ini was copied, this only happens once" ${SUDO} cp settings.ini "${nfs_path}/settings.ini"
else
echo "ERROR: $(pwd)/settings.ini does not exist yet, cannot read config from there. You can take inspiration with file $(pwd)/settings.ini.example"
exit 1
fi
fi fi
} }
@ -93,7 +93,6 @@ pxe-service=x86PC,"Network Boot",pxelinux
enable-tftp enable-tftp
tftp-root=${tftp_path} tftp-root=${tftp_path}
END END
sudo systemctl restart dnsmasq || true
} }
install_netboot() { install_netboot() {
@ -111,12 +110,8 @@ install_netboot() {
${SUDO} cp -fv "${PXE_DIR}/../iso/staging/live/vmlinuz" "${tftp_path}/" ${SUDO} cp -fv "${PXE_DIR}/../iso/staging/live/vmlinuz" "${tftp_path}/"
${SUDO} cp -fv "${PXE_DIR}/../iso/staging/live/initrd" "${tftp_path}/" ${SUDO} cp -fv "${PXE_DIR}/../iso/staging/live/initrd" "${tftp_path}/"
${SUDO} cp -v /usr/lib/syslinux/memdisk "${tftp_path}/" ${SUDO} cp /usr/lib/syslinux/memdisk "${tftp_path}/"
${SUDO} cp -v /usr/lib/syslinux/modules/bios/* "${tftp_path}/" ${SUDO} cp /usr/lib/syslinux/modules/bios/* "${tftp_path}/"
if [ ! -f ./pxe-menu.cfg ]; then
${SUDO} cp -v ./pxe-menu.cfg.example pxe-menu.cfg
echo "WARNING: pxe-menu.cfg was not there, pxe-menu.cfg.example was copied, this only happens once"
fi
envsubst < ./pxe-menu.cfg | ${SUDO} tee "${tftp_path}/pxelinux.cfg/default" envsubst < ./pxe-menu.cfg | ${SUDO} tee "${tftp_path}/pxelinux.cfg/default"
fi fi
@ -133,11 +128,11 @@ init_config() {
PXE_DIR="$(pwd)" PXE_DIR="$(pwd)"
if [ ! -f ./.env ]; then if [ -f ./.env ]; then
cp -v ./.env.example ./.env . ./.env
echo "WARNING: .env was not there, .env.example was copied, this only happens once" else
echo "PXE: WARNING: $(pwd)/.env does not exist yet, cannot read config from there. You can take inspiration with file $(pwd)/.env.example"
fi fi
. ./.env
VERSION_CODENAME="${VERSION_CODENAME:-bookworm}" VERSION_CODENAME="${VERSION_CODENAME:-bookworm}"
tftp_path="${tftp_path:-/srv/pxe-tftp}" tftp_path="${tftp_path:-/srv/pxe-tftp}"
# vars used in envsubst require to be exported: # vars used in envsubst require to be exported:

11
settings.ini.example
View File

@ -1,10 +1,9 @@
[settings] [settings]
url = http://localhost:8000/api/v1/snapshot/ url = http://localhost:8000/api/snapshot/
#url = https://demo.ereuse.org/api/v1/snapshot/ token = '1234'
# sample token that works with default deployment such as the previous two urls # wb_sign_token = "27de6ad7-cee2-4fe8-84d4-c7eea9c969c8"
token = 5018dd65-9abd-4a62-8896-80f34ac66150 # url_wallet = "http://localhost"
# path = /path/to/save # path = /path/to/save
# device = your_device_name # device = your_device_name
# # erase = basic # # erase = basic
# legacy = True # legacy = true

139
workbench-script.py
View File

@ -13,22 +13,39 @@ import gettext
import locale import locale
import logging import logging
from pathlib import Path
from string import Template
from datetime import datetime from datetime import datetime
BASE_DIR = Path(__file__).resolve().parent
SNAPSHOT_BASE = {
'timestamp': str(datetime.now()),
'type': 'Snapshot',
'uuid': str(uuid.uuid4()),
'software': "workbench-script",
'version': "0.0.1",
'token_hash': "",
'data': {},
'erase': []
}
## Legacy Functions ## ## Legacy Functions ##
def convert_to_legacy_snapshot(snapshot): def convert_to_legacy_snapshot(snapshot):
snapshot["sid"] = str(uuid.uuid4()).split("-")[0] snapshot["sid"] = str(uuid.uuid4()).split("-")[1]
snapshot["software"] = "workbench-script" snapshot["software"] = "workbench-script"
snapshot["version"] = "dev" snapshot["version"] = "dev"
snapshot["schema_api"] = "1.0.0" snapshot["schema_api"] = "1.0.0"
snapshot["settings_version"] = "No Settings Version (NaN)" snapshot["settings_version"] = "No Settings Version (NaN)"
snapshot["timestamp"] = snapshot["timestamp"].replace(" ", "T") snapshot["timestamp"] = snapshot["timestamp"].replace(" ", "T")
snapshot["data"]["smart"] = snapshot["data"]["disks"] snapshot["data"]["smart"] = snapshot["data"]["disks"]
snapshot["data"]["lshw"] = json.loads(snapshot["data"]["lshw"])
snapshot["data"].pop("disks") snapshot["data"].pop("disks")
snapshot.pop("erase") snapshot.pop("erase")
snapshot.pop("token_hash")
## End Legacy Functions ## ## End Legacy Functions ##
@ -59,17 +76,16 @@ def exec_cmd_erase(cmd):
## End Utility functions ## ## End Utility functions ##
SNAPSHOT_BASE = { def convert_to_credential(snapshot):
'timestamp': str(datetime.now()), snapshot["data"] = json.dumps(snapshot["data"])
'type': 'Snapshot', file_path = os.path.join(BASE_DIR, "templates", "snapshot.json")
'uuid': str(uuid.uuid4()), with open(file_path) as f:
'software': "workbench-script", ff = f.read()
'version': "0.0.1", template = Template(ff)
'data': {}, cred = template.substitute(**snapshot)
'erase': [] return cred
}
## Command Functions ## ## Command Functions ##
## Erase Functions ## ## Erase Functions ##
## Xavier Functions ## ## Xavier Functions ##
@ -266,20 +282,20 @@ def gen_snapshot(all_disks):
return snapshot return snapshot
def save_snapshot_in_disk(snapshot, path): def save_snapshot_in_disk(snapshot, path, snap_uuid):
snapshot_path = os.path.join(path, 'snapshots') snapshot_path = os.path.join(path, 'snapshots')
filename = "{}/{}_{}.json".format( filename = "{}/{}_{}.json".format(
snapshot_path, snapshot_path,
datetime.now().strftime("%Y%m%d-%H_%M_%S"), datetime.now().strftime("%Y%m%d-%H_%M_%S"),
snapshot['uuid']) snap_uuid)
try: try:
if not os.path.exists(snapshot_path): if not os.path.exists(snapshot_path):
os.makedirs(snapshot_path) os.makedirs(snapshot_path)
logger.info(_("Created snapshots directory at '%s'"), snapshot_path) logger.info(_("Created snapshots directory at '%s'"), snapshot_path)
with open(filename, "w") as f: with open(filename, "w") as f:
f.write(json.dumps(snapshot)) f.write(snapshot)
logger.info(_("Snapshot written in path '%s'"), filename) logger.info(_("Snapshot written in path '%s'"), filename)
except Exception as e: except Exception as e:
try: try:
@ -287,21 +303,48 @@ def save_snapshot_in_disk(snapshot, path):
fallback_filename = "{}/{}_{}.json".format( fallback_filename = "{}/{}_{}.json".format(
path, path,
datetime.now().strftime("%Y%m%d-%H_%M_%S"), datetime.now().strftime("%Y%m%d-%H_%M_%S"),
snapshot['uuid']) snap_uuid)
with open(fallback_filename, "w") as f: with open(fallback_filename, "w") as f:
f.write(json.dumps(snapshot)) f.write(snapshot)
logger.warning(_("Snapshot written in fallback path '%s'"), fallback_filename) logger.warning(_("Snapshot written in fallback path '%s'"), fallback_filename)
except Exception as e: except Exception as e:
logger.error(_("Could not save snapshot locally. Reason: Failed to write in fallback path:\n %s"), e) logger.error(_("Could not save snapshot locally. Reason: Failed to write in fallback path:\n %s"), e)
def send_to_sign_credential(cred, token, url):
headers = {
"Authorization": f"Bearer {token}",
"Content-Type": "application/json"
}
try:
data = json.dumps(cred).encode('utf-8')
request = urllib.request.Request(url, data=data, headers=headers)
with urllib.request.urlopen(request) as response:
status_code = response.getcode()
#response_text = response.read().decode('utf-8')
if 200 <= status_code < 300:
logger.info(_("Credential successfully signed"))
else:
logger.error(_("Credential cannot signed in '%s'"), url)
except Exception as e:
logger.error(_("Credential not remotely sent to URL '%s'. Do you have internet? Is your server up & running? Is the url token authorized?\n %s"), url, e)
# TODO sanitize url, if url is like this, it fails # TODO sanitize url, if url is like this, it fails
# url = 'http://127.0.0.1:8000/api/snapshot/' # url = 'http://127.0.0.1:8000/api/snapshot/'
def send_snapshot_to_devicehub(snapshot, token, url, legacy): def send_snapshot_to_devicehub(snapshot, token, url):
url_components = urllib.parse.urlparse(url) url_components = urllib.parse.urlparse(url)
ev_path = "evidence/{}".format(snapshot["uuid"]) ev_path = "evidence/{}".format(snapshot["uuid"])
components = (url_components.scheme, url_components.netloc, ev_path, '', '', '') components = (url_components.schema, url_components.netloc, ev_path, '', '', '')
ev_url = urllib.parse.urlunparse(components) ev_url = urllib.parse.urlunparse(components)
# apt install qrencode # apt install qrencode
qr = "echo {} | qrencode -t ANSI".format(ev_url)
print(exec_cmd(qr))
print(ev_url)
headers = { headers = {
"Authorization": f"Bearer {token}", "Authorization": f"Bearer {token}",
@ -312,38 +355,15 @@ def send_snapshot_to_devicehub(snapshot, token, url, legacy):
request = urllib.request.Request(url, data=data, headers=headers) request = urllib.request.Request(url, data=data, headers=headers)
with urllib.request.urlopen(request) as response: with urllib.request.urlopen(request) as response:
status_code = response.getcode() status_code = response.getcode()
response_text = response.read().decode('utf-8') #response_text = response.read().decode('utf-8')
if 200 <= status_code < 300: if 200 <= status_code < 300:
logger.info(_("Snapshot successfully sent to '%s'"), url) logger.info(_("Snapshot successfully sent to '%s'"), url)
if legacy:
try:
response = json.loads(response_text)
public_url = response.get('public_url')
dhid = response.get('dhid')
if public_url:
# apt install qrencode
qr = "echo {} | qrencode -t ANSI".format(public_url)
print(exec_cmd(qr))
print("url: {}".format(public_url))
if dhid:
print("dhid: {}".format(dhid))
except Exception:
logger.error(response_text)
else:
qr = "echo {} | qrencode -t ANSI".format(ev_url)
print(exec_cmd(qr))
print(f"url: {ev_url}")
else: else:
logger.error(_("Snapshot %s could not be sent to URL '%s'"), snapshot["uuid"], url) logger.error(_("Snapshot cannot sent to '%s'"), url)
# TODO review all the try-except thing here; maybe the try inside legacy does not make sense anymore
except urllib.error.HTTPError as e:
error_details = e.read().decode('utf-8') # Get the error response body
logger.error(_("Snapshot %s not remotely sent to URL '%s'. Server responded with error:\n %s"),
snapshot["uuid"], url, error_details)
except Exception as e: except Exception as e:
logger.error(_("Snapshot %s not remotely sent to URL '%s'. Do you have internet? Is your server up & running? Is the url token authorized?\n %s"), snapshot["uuid"], url, e) logger.error(_("Snapshot not remotely sent to URL '%s'. Do you have internet? Is your server up & running? Is the url token authorized?\n %s"), url, e)
def load_config(config_file="settings.ini"): def load_config(config_file="settings.ini"):
@ -365,6 +385,8 @@ def load_config(config_file="settings.ini"):
device = config.get('settings', 'device', fallback=None) device = config.get('settings', 'device', fallback=None)
erase = config.get('settings', 'erase', fallback=None) erase = config.get('settings', 'erase', fallback=None)
legacy = config.get('settings', 'legacy', fallback=None) legacy = config.get('settings', 'legacy', fallback=None)
url_wallet = config.get('settings', 'url_wallet', fallback=None)
wb_sign_token = config.get('settings', 'wb_sign_token', fallback=None)
else: else:
logger.error(_("Config file '%s' not found. Using default values."), config_file) logger.error(_("Config file '%s' not found. Using default values."), config_file)
path = os.path.join(os.getcwd()) path = os.path.join(os.getcwd())
@ -376,7 +398,9 @@ def load_config(config_file="settings.ini"):
'token': token, 'token': token,
'device': device, 'device': device,
'erase': erase, 'erase': erase,
'legacy': legacy 'legacy': legacy,
'wb_sign_token': wb_sign_token,
'url_wallet': url_wallet
} }
def parse_args(): def parse_args():
@ -430,7 +454,6 @@ def main():
config_file = args.config config_file = args.config
config = load_config(config_file) config = load_config(config_file)
legacy = config.get("legacy")
# TODO show warning if non root, means data is not complete # TODO show warning if non root, means data is not complete
# if annotate as potentially invalid snapshot (pending the new API to be done) # if annotate as potentially invalid snapshot (pending the new API to be done)
@ -439,19 +462,33 @@ def main():
all_disks = get_disks() all_disks = get_disks()
snapshot = gen_snapshot(all_disks) snapshot = gen_snapshot(all_disks)
snap_uuid = snapshot["uuid"]
if config['erase'] and config['device'] and not config.get("legacy"): if config['erase'] and config['device'] and not config.get("legacy"):
snapshot['erase'] = gen_erase(all_disks, config['erase'], user_disk=config['device']) snapshot['erase'] = gen_erase(all_disks, config['erase'], user_disk=config['device'])
elif config['erase'] and not config.get("legacy"): elif config['erase'] and not config.get("legacy"):
snapshot['erase'] = gen_erase(all_disks, config['erase']) snapshot['erase'] = gen_erase(all_disks, config['erase'])
if legacy:
convert_to_legacy_snapshot(snapshot)
save_snapshot_in_disk(snapshot, config['path']) if config.get("wb_sign_token"):
tk = config.get("wb_sign_token").encode("utf8")
snapshot["token_hash"] = hashlib.hash256(tk).hexdigest()
if config.get("legacy"):
convert_to_legacy_snapshot(snapshot)
snapshot = json.dumps(snapshot)
else:
snapshot = convert_to_credential(snapshot)
url_wallet = config.get("url_wallet")
wb_sign_token = config.get("wb_sign_token")
if url_wallet and wb_sign_token:
snapshot = send_to_sign_credential(snapshot, wb_sign_token, url_wallet)
save_snapshot_in_disk(snapshot, config['path'], snap_uuid)
if config['url']: if config['url']:
send_snapshot_to_devicehub(snapshot, config['token'], config['url'], legacy) send_snapshot_to_devicehub(snapshot, config['token'], config['url'])
logger.info(_("END")) logger.info(_("END"))