forked from p15670423/monkey
Merge branch 'environment-config-section' into develop
This commit is contained in:
commit
3205d8344c
|
@ -28,6 +28,8 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
|
||||||
- Zerologon exploiter writes runtime artifacts to a secure temporary directory
|
- Zerologon exploiter writes runtime artifacts to a secure temporary directory
|
||||||
instead of $HOME. #1143
|
instead of $HOME. #1143
|
||||||
- Authentication mechanism to use bcrypt on server side. #1139
|
- Authentication mechanism to use bcrypt on server side. #1139
|
||||||
|
- `server_config.json` puts environment config options in a separate section
|
||||||
|
named "environment". #1161
|
||||||
|
|
||||||
### Removed
|
### Removed
|
||||||
- Relevant dead code as reported by Vulture. #1149
|
- Relevant dead code as reported by Vulture. #1149
|
||||||
|
|
|
@ -166,7 +166,6 @@ copy_monkey_island_to_appdir() {
|
||||||
cp -r "$1"/common "$INSTALL_DIR/"
|
cp -r "$1"/common "$INSTALL_DIR/"
|
||||||
cp -r "$1"/monkey_island "$INSTALL_DIR/"
|
cp -r "$1"/monkey_island "$INSTALL_DIR/"
|
||||||
cp ./run_appimage.sh "$INSTALL_DIR"/monkey_island/linux/
|
cp ./run_appimage.sh "$INSTALL_DIR"/monkey_island/linux/
|
||||||
cp ./island_logger_config.json "$INSTALL_DIR"/
|
|
||||||
cp ./server_config.json.standard "$INSTALL_DIR"/monkey_island/cc/
|
cp ./server_config.json.standard "$INSTALL_DIR"/monkey_island/cc/
|
||||||
|
|
||||||
# TODO: This is a workaround that may be able to be removed after PR #848 is
|
# TODO: This is a workaround that may be able to be removed after PR #848 is
|
||||||
|
|
|
@ -3,12 +3,6 @@
|
||||||
PYTHON_CMD="$APPDIR"/opt/python3.7/bin/python3.7
|
PYTHON_CMD="$APPDIR"/opt/python3.7/bin/python3.7
|
||||||
DOT_MONKEY="$HOME"/.monkey_island/
|
DOT_MONKEY="$HOME"/.monkey_island/
|
||||||
|
|
||||||
configure_default_logging() {
|
|
||||||
if [ ! -f "$DOT_MONKEY"/island_logger_config.json ]; then
|
|
||||||
cp "$APPDIR"/usr/src/island_logger_config.json "$DOT_MONKEY"
|
|
||||||
fi
|
|
||||||
}
|
|
||||||
|
|
||||||
configure_default_server() {
|
configure_default_server() {
|
||||||
if [ ! -f "$DOT_MONKEY"/server_config.json ]; then
|
if [ ! -f "$DOT_MONKEY"/server_config.json ]; then
|
||||||
cp "$APPDIR"/usr/src/monkey_island/cc/server_config.json.standard "$DOT_MONKEY"/server_config.json
|
cp "$APPDIR"/usr/src/monkey_island/cc/server_config.json.standard "$DOT_MONKEY"/server_config.json
|
||||||
|
@ -21,9 +15,8 @@ mkdir --mode=0700 --parents "$DOT_MONKEY"
|
||||||
DB_DIR="$DOT_MONKEY"/db
|
DB_DIR="$DOT_MONKEY"/db
|
||||||
mkdir --parents "$DB_DIR"
|
mkdir --parents "$DB_DIR"
|
||||||
|
|
||||||
configure_default_logging
|
|
||||||
configure_default_server
|
configure_default_server
|
||||||
|
|
||||||
cd "$APPDIR"/usr/src || exit 1
|
cd "$APPDIR"/usr/src || exit 1
|
||||||
./monkey_island/bin/mongodb/bin/mongod --dbpath "$DB_DIR" &
|
./monkey_island/bin/mongodb/bin/mongod --dbpath "$DB_DIR" &
|
||||||
${PYTHON_CMD} ./monkey_island.py --server-config "$DOT_MONKEY"/server_config.json --logger-config "$DOT_MONKEY"/island_logger_config.json
|
${PYTHON_CMD} ./monkey_island.py --server-config "$DOT_MONKEY"/server_config.json
|
||||||
|
|
|
@ -1,5 +1,8 @@
|
||||||
{
|
{
|
||||||
|
"data_dir": "~/.monkey_island",
|
||||||
|
"log_level": "DEBUG",
|
||||||
|
"environment": {
|
||||||
"server_config": "password",
|
"server_config": "password",
|
||||||
"deployment": "standard",
|
"deployment": "standard"
|
||||||
"data_dir": "~/.monkey_island"
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -32,4 +32,4 @@ if "__main__" == __name__:
|
||||||
|
|
||||||
from monkey_island.cc.main import main # noqa: E402
|
from monkey_island.cc.main import main # noqa: E402
|
||||||
|
|
||||||
main(island_args.setup_only, island_args.server_config)
|
main(config["data_dir"], island_args.setup_only, island_args.server_config)
|
||||||
|
|
|
@ -9,7 +9,6 @@ import monkey_island.cc.environment.server_config_generator as server_config_gen
|
||||||
from monkey_island.cc.environment.user_creds import UserCreds
|
from monkey_island.cc.environment.user_creds import UserCreds
|
||||||
from monkey_island.cc.resources.auth.auth_user import User
|
from monkey_island.cc.resources.auth.auth_user import User
|
||||||
from monkey_island.cc.resources.auth.user_store import UserStore
|
from monkey_island.cc.resources.auth.user_store import UserStore
|
||||||
from monkey_island.cc.server_utils.consts import DEFAULT_DATA_DIR
|
|
||||||
|
|
||||||
|
|
||||||
class EnvironmentConfig:
|
class EnvironmentConfig:
|
||||||
|
@ -19,7 +18,6 @@ class EnvironmentConfig:
|
||||||
self.deployment = None
|
self.deployment = None
|
||||||
self.user_creds = None
|
self.user_creds = None
|
||||||
self.aws = None
|
self.aws = None
|
||||||
self.data_dir = None
|
|
||||||
|
|
||||||
self._load_from_file(self._server_config_path)
|
self._load_from_file(self._server_config_path)
|
||||||
|
|
||||||
|
@ -35,31 +33,29 @@ class EnvironmentConfig:
|
||||||
|
|
||||||
def _load_from_json(self, config_json: str) -> EnvironmentConfig:
|
def _load_from_json(self, config_json: str) -> EnvironmentConfig:
|
||||||
data = json.loads(config_json)
|
data = json.loads(config_json)
|
||||||
self._load_from_dict(data)
|
self._load_from_dict(data["environment"])
|
||||||
|
|
||||||
def _load_from_dict(self, dict_data: Dict):
|
def _load_from_dict(self, dict_data: Dict):
|
||||||
aws = dict_data["aws"] if "aws" in dict_data else None
|
aws = dict_data["aws"] if "aws" in dict_data else None
|
||||||
data_dir = dict_data["data_dir"] if "data_dir" in dict_data else DEFAULT_DATA_DIR
|
|
||||||
|
|
||||||
self.server_config = dict_data["server_config"]
|
self.server_config = dict_data["server_config"]
|
||||||
self.deployment = dict_data["deployment"]
|
self.deployment = dict_data["deployment"]
|
||||||
self.user_creds = _get_user_credentials_from_config(dict_data)
|
self.user_creds = _get_user_credentials_from_config(dict_data)
|
||||||
self.aws = aws
|
self.aws = aws
|
||||||
self.data_dir = data_dir
|
|
||||||
|
|
||||||
@property
|
|
||||||
def data_dir_abs_path(self):
|
|
||||||
return os.path.abspath(os.path.expanduser(os.path.expandvars(self.data_dir)))
|
|
||||||
|
|
||||||
def save_to_file(self):
|
def save_to_file(self):
|
||||||
|
with open(self._server_config_path, "r") as f:
|
||||||
|
config = json.load(f)
|
||||||
|
|
||||||
|
config["environment"] = self.to_dict()
|
||||||
|
|
||||||
with open(self._server_config_path, "w") as f:
|
with open(self._server_config_path, "w") as f:
|
||||||
f.write(json.dumps(self.to_dict(), indent=2))
|
f.write(json.dumps(config, indent=2))
|
||||||
|
|
||||||
def to_dict(self) -> Dict:
|
def to_dict(self) -> Dict:
|
||||||
config_dict = {
|
config_dict = {
|
||||||
"server_config": self.server_config,
|
"server_config": self.server_config,
|
||||||
"deployment": self.deployment,
|
"deployment": self.deployment,
|
||||||
"data_dir": self.data_dir,
|
|
||||||
}
|
}
|
||||||
if self.aws:
|
if self.aws:
|
||||||
config_dict.update({"aws": self.aws})
|
config_dict.update({"aws": self.aws})
|
||||||
|
|
|
@ -34,10 +34,13 @@ from monkey_island.cc.setup import setup # noqa: E402
|
||||||
MINIMUM_MONGO_DB_VERSION_REQUIRED = "4.2.0"
|
MINIMUM_MONGO_DB_VERSION_REQUIRED = "4.2.0"
|
||||||
|
|
||||||
|
|
||||||
def main(should_setup_only=False, server_config_filename=DEFAULT_SERVER_CONFIG_PATH):
|
def main(
|
||||||
|
data_dir,
|
||||||
|
should_setup_only=False,
|
||||||
|
server_config_filename=DEFAULT_SERVER_CONFIG_PATH,
|
||||||
|
):
|
||||||
logger.info("Starting bootloader server")
|
logger.info("Starting bootloader server")
|
||||||
|
|
||||||
data_dir = env_singleton.env.get_config().data_dir_abs_path
|
|
||||||
env_singleton.initialize_from_file(server_config_filename)
|
env_singleton.initialize_from_file(server_config_filename)
|
||||||
initialize_encryptor(data_dir)
|
initialize_encryptor(data_dir)
|
||||||
initialize_services(data_dir)
|
initialize_services(data_dir)
|
||||||
|
|
|
@ -1,5 +1,7 @@
|
||||||
{
|
{
|
||||||
|
"log_level": "DEBUG",
|
||||||
|
"environment": {
|
||||||
"server_config": "password",
|
"server_config": "password",
|
||||||
"deployment": "develop",
|
"deployment": "develop"
|
||||||
"log_level": "DEBUG"
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -38,16 +38,6 @@ def standard_with_credentials(environment_resources_dir):
|
||||||
return os.path.join(environment_resources_dir, "server_config_standard_with_credentials.json")
|
return os.path.join(environment_resources_dir, "server_config_standard_with_credentials.json")
|
||||||
|
|
||||||
|
|
||||||
@pytest.fixture(scope="session")
|
|
||||||
def with_data_dir(environment_resources_dir):
|
|
||||||
return os.path.join(environment_resources_dir, "server_config_with_data_dir.json")
|
|
||||||
|
|
||||||
|
|
||||||
@pytest.fixture(scope="session")
|
|
||||||
def with_data_dir_home(environment_resources_dir):
|
|
||||||
return os.path.join(environment_resources_dir, "server_config_with_data_dir_home.json")
|
|
||||||
|
|
||||||
|
|
||||||
@pytest.fixture(scope="session")
|
@pytest.fixture(scope="session")
|
||||||
def server_config_resources_dir(resources_dir):
|
def server_config_resources_dir(resources_dir):
|
||||||
return os.path.join(resources_dir, "server_configs")
|
return os.path.join(resources_dir, "server_configs")
|
||||||
|
|
|
@ -6,7 +6,6 @@ import pytest
|
||||||
|
|
||||||
from monkey_island.cc.environment.environment_config import EnvironmentConfig
|
from monkey_island.cc.environment.environment_config import EnvironmentConfig
|
||||||
from monkey_island.cc.environment.user_creds import UserCreds
|
from monkey_island.cc.environment.user_creds import UserCreds
|
||||||
from monkey_island.cc.server_utils.consts import DEFAULT_DATA_DIR
|
|
||||||
|
|
||||||
|
|
||||||
@pytest.fixture
|
@pytest.fixture
|
||||||
|
@ -17,31 +16,28 @@ def config_file(tmpdir):
|
||||||
def test_get_with_credentials(with_credentials):
|
def test_get_with_credentials(with_credentials):
|
||||||
config_dict = EnvironmentConfig(with_credentials).to_dict()
|
config_dict = EnvironmentConfig(with_credentials).to_dict()
|
||||||
|
|
||||||
assert len(config_dict.keys()) == 5
|
assert len(config_dict.keys()) == 4
|
||||||
assert config_dict["server_config"] == "password"
|
assert config_dict["server_config"] == "password"
|
||||||
assert config_dict["deployment"] == "develop"
|
assert config_dict["deployment"] == "develop"
|
||||||
assert config_dict["user"] == "test"
|
assert config_dict["user"] == "test"
|
||||||
assert config_dict["password_hash"] == "abcdef"
|
assert config_dict["password_hash"] == "abcdef"
|
||||||
assert config_dict["data_dir"] == DEFAULT_DATA_DIR
|
|
||||||
|
|
||||||
|
|
||||||
def test_get_with_no_credentials(no_credentials):
|
def test_get_with_no_credentials(no_credentials):
|
||||||
config_dict = EnvironmentConfig(no_credentials).to_dict()
|
config_dict = EnvironmentConfig(no_credentials).to_dict()
|
||||||
|
|
||||||
assert len(config_dict.keys()) == 3
|
assert len(config_dict.keys()) == 2
|
||||||
assert config_dict["server_config"] == "password"
|
assert config_dict["server_config"] == "password"
|
||||||
assert config_dict["deployment"] == "develop"
|
assert config_dict["deployment"] == "develop"
|
||||||
assert config_dict["data_dir"] == DEFAULT_DATA_DIR
|
|
||||||
|
|
||||||
|
|
||||||
def test_get_with_partial_credentials(partial_credentials):
|
def test_get_with_partial_credentials(partial_credentials):
|
||||||
config_dict = EnvironmentConfig(partial_credentials).to_dict()
|
config_dict = EnvironmentConfig(partial_credentials).to_dict()
|
||||||
|
|
||||||
assert len(config_dict.keys()) == 4
|
assert len(config_dict.keys()) == 3
|
||||||
assert config_dict["server_config"] == "password"
|
assert config_dict["server_config"] == "password"
|
||||||
assert config_dict["deployment"] == "develop"
|
assert config_dict["deployment"] == "develop"
|
||||||
assert config_dict["user"] == "test"
|
assert config_dict["user"] == "test"
|
||||||
assert config_dict["data_dir"] == DEFAULT_DATA_DIR
|
|
||||||
|
|
||||||
|
|
||||||
def test_save_to_file(config_file, standard_with_credentials):
|
def test_save_to_file(config_file, standard_with_credentials):
|
||||||
|
@ -54,13 +50,28 @@ def test_save_to_file(config_file, standard_with_credentials):
|
||||||
with open(config_file, "r") as f:
|
with open(config_file, "r") as f:
|
||||||
from_file = json.load(f)
|
from_file = json.load(f)
|
||||||
|
|
||||||
assert len(from_file.keys()) == 6
|
assert len(from_file.keys()) == 2
|
||||||
assert from_file["server_config"] == "standard"
|
assert len(from_file["environment"].keys()) == 5
|
||||||
assert from_file["deployment"] == "develop"
|
assert from_file["environment"]["server_config"] == "standard"
|
||||||
assert from_file["user"] == "test"
|
assert from_file["environment"]["deployment"] == "develop"
|
||||||
assert from_file["password_hash"] == "abcdef"
|
assert from_file["environment"]["user"] == "test"
|
||||||
assert from_file["aws"] == "test_aws"
|
assert from_file["environment"]["password_hash"] == "abcdef"
|
||||||
assert from_file["data_dir"] == DEFAULT_DATA_DIR
|
assert from_file["environment"]["aws"] == "test_aws"
|
||||||
|
|
||||||
|
|
||||||
|
def test_save_to_file_preserve_log_level(config_file, standard_with_credentials):
|
||||||
|
shutil.copyfile(standard_with_credentials, config_file)
|
||||||
|
|
||||||
|
environment_config = EnvironmentConfig(config_file)
|
||||||
|
environment_config.aws = "test_aws"
|
||||||
|
environment_config.save_to_file()
|
||||||
|
|
||||||
|
with open(config_file, "r") as f:
|
||||||
|
from_file = json.load(f)
|
||||||
|
|
||||||
|
assert len(from_file.keys()) == 2
|
||||||
|
assert "log_level" in from_file
|
||||||
|
assert from_file["log_level"] == "NOTICE"
|
||||||
|
|
||||||
|
|
||||||
def test_add_user(config_file, standard_with_credentials):
|
def test_add_user(config_file, standard_with_credentials):
|
||||||
|
@ -76,9 +87,9 @@ def test_add_user(config_file, standard_with_credentials):
|
||||||
with open(config_file, "r") as f:
|
with open(config_file, "r") as f:
|
||||||
from_file = json.load(f)
|
from_file = json.load(f)
|
||||||
|
|
||||||
assert len(from_file.keys()) == 5
|
assert len(from_file["environment"].keys()) == 4
|
||||||
assert from_file["user"] == new_user
|
assert from_file["environment"]["user"] == new_user
|
||||||
assert from_file["password_hash"] == new_password_hash
|
assert from_file["environment"]["password_hash"] == new_password_hash
|
||||||
|
|
||||||
|
|
||||||
def test_get_users(standard_with_credentials):
|
def test_get_users(standard_with_credentials):
|
||||||
|
@ -101,20 +112,3 @@ def test_generate_default_file(config_file):
|
||||||
assert environment_config.user_creds.username == ""
|
assert environment_config.user_creds.username == ""
|
||||||
assert environment_config.user_creds.password_hash == ""
|
assert environment_config.user_creds.password_hash == ""
|
||||||
assert environment_config.aws is None
|
assert environment_config.aws is None
|
||||||
assert environment_config.data_dir == DEFAULT_DATA_DIR
|
|
||||||
|
|
||||||
|
|
||||||
def test_data_dir(with_data_dir):
|
|
||||||
environment_config = EnvironmentConfig(with_data_dir)
|
|
||||||
assert environment_config.data_dir == "/test/data/dir"
|
|
||||||
|
|
||||||
|
|
||||||
def set_home_env(monkeypatch, tmpdir):
|
|
||||||
monkeypatch.setenv("HOME", str(tmpdir))
|
|
||||||
|
|
||||||
|
|
||||||
def test_data_dir_abs_path_from_file(monkeypatch, tmpdir, with_data_dir_home):
|
|
||||||
set_home_env(monkeypatch, tmpdir)
|
|
||||||
|
|
||||||
config = EnvironmentConfig(with_data_dir_home)
|
|
||||||
assert config.data_dir_abs_path == os.path.join(tmpdir, "data_dir")
|
|
||||||
|
|
|
@ -1,4 +1,6 @@
|
||||||
{
|
{
|
||||||
|
"environment" : {
|
||||||
"server_config": "password",
|
"server_config": "password",
|
||||||
"deployment": "develop"
|
"deployment": "develop"
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,5 +1,7 @@
|
||||||
{
|
{
|
||||||
|
"environment" : {
|
||||||
"server_config": "password",
|
"server_config": "password",
|
||||||
"deployment": "develop",
|
"deployment": "develop",
|
||||||
"user": "test"
|
"user": "test"
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,4 +1,6 @@
|
||||||
{
|
{
|
||||||
|
"environment" : {
|
||||||
"server_config": "standard",
|
"server_config": "standard",
|
||||||
"deployment": "develop"
|
"deployment": "develop"
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,6 +1,9 @@
|
||||||
{
|
{
|
||||||
|
"log_level": "NOTICE",
|
||||||
|
"environment" : {
|
||||||
"server_config": "standard",
|
"server_config": "standard",
|
||||||
"deployment": "develop",
|
"deployment": "develop",
|
||||||
"user": "test",
|
"user": "test",
|
||||||
"password_hash": "abcdef"
|
"password_hash": "abcdef"
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,6 +1,8 @@
|
||||||
{
|
{
|
||||||
|
"environment" : {
|
||||||
"server_config": "password",
|
"server_config": "password",
|
||||||
"deployment": "develop",
|
"deployment": "develop",
|
||||||
"user": "test",
|
"user": "test",
|
||||||
"password_hash": "abcdef"
|
"password_hash": "abcdef"
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,7 +0,0 @@
|
||||||
{
|
|
||||||
"server_config": "password",
|
|
||||||
"deployment": "develop",
|
|
||||||
"user": "test",
|
|
||||||
"password_hash": "abcdef",
|
|
||||||
"data_dir": "/test/data/dir"
|
|
||||||
}
|
|
|
@ -1,7 +0,0 @@
|
||||||
{
|
|
||||||
"server_config": "password",
|
|
||||||
"deployment": "develop",
|
|
||||||
"user": "test",
|
|
||||||
"password_hash": "abcdef",
|
|
||||||
"data_dir": "~/data_dir"
|
|
||||||
}
|
|
Loading…
Reference in New Issue