From 23956dce220426efc482a1e961783cfe545f49e9 Mon Sep 17 00:00:00 2001 From: SkyperTHC Date: Fri, 24 Mar 2023 11:28:39 +0000 Subject: [PATCH] log --- docker-compose.yml | 1 + guest/fs-root/etc/shellrc | 4 ++-- host/fs-root/bin/docker_sshd.sh | 1 + host/fs-root/bin/segfaultsh | 13 +++++++++++-- host/fs-root/etc/ssh/sshd_config | 1 + provision/env.example | 4 ++++ 6 files changed, 20 insertions(+), 4 deletions(-) mode change 100644 => 100755 host/fs-root/etc/ssh/sshd_config mode change 100644 => 100755 provision/env.example diff --git a/docker-compose.yml b/docker-compose.yml index 502a7ce..e3d9fbf 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -532,6 +532,7 @@ services: - SF_RPC_IP=${SF_RPC_IP} - SF_SEED=${SF_SEED} - SF_HM_SIZE_LG=8 + - SF_LOG_IP - SF_DIRECT - SF_DEBUG volumes: diff --git a/guest/fs-root/etc/shellrc b/guest/fs-root/etc/shellrc index 3ed322a..4bbaf68 100644 --- a/guest/fs-root/etc/shellrc +++ b/guest/fs-root/etc/shellrc @@ -178,10 +178,10 @@ tty -s && [[ -n $TERM ]] && [[ "$TERM" != dumb ]] && { prompt_symbol=šŸ’› PROMPT= PROMPT=$'%F{%(#.blue.green)}ā”Œā”€ā”€${debian_chroot:+($debian_chroot)ā”€}${VIRTUAL_ENV:+($(basename $VIRTUAL_ENV))ā”€}(%F{%(#.yellow.blue)}%n'$prompt_symbol$'%m%b%F{%(#.blue.green)})-[%B%F{reset}%(6~.%-1~/ā€¦/%4~.%5~)%b%F{%(#.blue.green)}]\n%{%Gā””%}%{%Gā”€%}%B%(#.%F{yellow}#.%F{blue}$)%b%F{reset} ' } +# Make the Project name visibile in the PS1 prompt +[[ -z $VIRTUAL_ENV ]] && VIRTUAL_ENV="${SF_PRJ}" PATH="/sec/root/.local/bin:/sec/usr/sbin:/sec/usr/bin:/sf/bin:$PATH" -#[[ -d /sec/usr/bin ]] && PATH="/sec/usr/bin:$PATH" -#[[ -d /sec/usr/sbin ]] && PATH="/sec/usr/sbin:$PATH" _sf_info_non_perm() { diff --git a/host/fs-root/bin/docker_sshd.sh b/host/fs-root/bin/docker_sshd.sh index a484a56..30ea57d 100755 --- a/host/fs-root/bin/docker_sshd.sh +++ b/host/fs-root/bin/docker_sshd.sh @@ -130,6 +130,7 @@ SF_REDIS_AUTH=\"${SF_REDIS_AUTH}\" SF_RPC_IP=\"${SF_RPC_IP}\" SF_USER=\"${SF_USER}\" SF_DEBUG=\"${SF_DEBUG}\" +SF_LOG_IP=\"${SF_LOG_IP}\" SF_BASEDIR=\"${SF_BASEDIR}\" SF_SHMDIR=\"${SF_SHMDIR}\" SF_RAND_OFS=\"$RANDOM\" diff --git a/host/fs-root/bin/segfaultsh b/host/fs-root/bin/segfaultsh index 37b8878..b7e6226 100755 --- a/host/fs-root/bin/segfaultsh +++ b/host/fs-root/bin/segfaultsh @@ -34,6 +34,7 @@ CG="\e[1;32m" # green CDG="\e[0;32m" # green CDC="\e[0;36m" # cyan CDR="\e[0;31m" # red +CDM="\e[0;35m" # magenta CN="\e[0m" # none CW="\e[1;37m" # white CF="\e[2m" # faint @@ -52,7 +53,7 @@ _log() # Replace ' with '"'"' str="${*//\'/\'\"\'\"\'}" # NOTE: segfault.log must be owned 1000:1000 - bash -c "{ echo -en '[$(date '+%F %T' -u)]${p:- }'; echo -e '[${LID}][$$] $str';} 2>/dev/null >>'/sf/run/logs/segfault.log'" + bash -c "{ echo -en '[$(date '+%F %T' -u)]${p:- }'; echo -e '[${CDM}${LID}${CN}] $str';} 2>/dev/null >>'/sf/run/logs/segfault.log'" } LOG(){ _log "" "$@"; } @@ -882,6 +883,8 @@ fi [[ -z $REMOTE_ADDR || ${#REMOTE_ADDR} -gt 32 ]] && ERREXIT "Bad REMOTE_ADDR: len=${#REMOTE_ADDR}" YOUR_IP="${REMOTE_ADDR}" } + +[[ -n $PRJ ]] && SF_PRJ="${PRJ//[^a-zA-Z0-9._]}" ### ----END SANITIZE---- LID=$(echo -n "LID ${SF_SEC}" | sha512sum | base64 -w0) @@ -960,7 +963,11 @@ else fi DEBUGF "LID=${LID} SF_HOSTNAME=${SF_HOSTNAME}" -LOG "${CDG}${SF_HOSTNAME}${CN}, ${CDC}$*${CN}" +unset str +[[ -n $SF_LOG_IP ]] && str="[${CDY}${YOUR_IP}${CN}] " +str+="${CDG}${SF_HOSTNAME}" +[[ -n $SF_PRJ ]] && str+="/${CW}${SF_PRJ}" +LOG "${str}${CN} ${CDC}$*${CN}" # Record which SSHD process is connect to guest LG. tofile "SSHD_PID=$PPID @@ -1019,6 +1026,7 @@ xmkdir "${selfdir}" # Note: cgroup-parents: with cgroup-v1 the full path needs to be specified (e.g. sf.slice/sf-guest.slice) whereas with # cgroup-v2 only sf-guest.slice need to be specified. [[ -n $SF_IS_GOLD_PROMPT ]] && export SF_IS_GOLD_PROMPT +[[ -n $SF_PRJ ]] && export SF_PRJ exec_devnull docker run \ --hostname "sf-${SF_HOSTNAME}" \ "${DOCKER_ARGS[@]}" \ @@ -1042,6 +1050,7 @@ exec_devnull docker run \ --env SF_HOSTNAME="${SF_HOSTNAME}" \ --env SF_LID="${LID}" \ --env SF_IS_LOGINSHELL=1 \ + -e SF_PRJ \ -e SF_IS_GOLD_PROMPT \ --log-driver "${SF_DOCKER_LOG}" \ --mount type=tmpfs,destination=/tmp,tmpfs-mode=1777 \ diff --git a/host/fs-root/etc/ssh/sshd_config b/host/fs-root/etc/ssh/sshd_config old mode 100644 new mode 100755 index 6b8d134..a3d92bf --- a/host/fs-root/etc/ssh/sshd_config +++ b/host/fs-root/etc/ssh/sshd_config @@ -104,6 +104,7 @@ GatewayPorts yes #X11UseLocalhost yes #PermitTTY yes PrintMotd no +AcceptEnv PRJ AcceptEnv SF_DEBUG AcceptEnv SECRET #PrintLastLog yes diff --git a/provision/env.example b/provision/env.example old mode 100644 new mode 100755 index 4e2683e..f5a13f3 --- a/provision/env.example +++ b/provision/env.example @@ -6,6 +6,8 @@ SF_BASEDIR=${HOME}/segfault #SF_SSH_PORT=22 #SF_SSH_PORT2=443 #SF_DEBUG=1 +## Log IP (do not enable on SEGFAULT) +#SF_LOG_IP=1 #SF_USER=root #SF_USER_PASSWORD=segfault #SF_FQDN=CHANGEME.segfault-net @@ -13,6 +15,7 @@ SF_BASEDIR=${HOME}/segfault #SF_TOR_VIA_VPN= ## Obtain the private key by executing: ## docker run --rm --cap-add=NET_ADMIN -e USER=XXX -e PASS=YYY bubuntux/nordvpn:get_private_key +#SF_DIRECT=1 #SF_NORDVPN_PRIVATE_KEY= ## Obtain the config by executing: ## docker run --rm --e CRYPTOSTORM_TOKEN=XXX --entrypoint /getkey.sh hackerschoice/cryptostorm @@ -27,6 +30,7 @@ SF_TOR_IP=172.20.0.111 SF_NORDVPN_IP=172.20.0.254 SF_CRYPTOSTORM_IP=172.20.0.253 SF_MULLVAD_IP=172.20.0.252 +SF_NOVPN_IP=172.20.0.240 SF_NGINX_IP=172.20.1.80 SF_RPC_IP=10.11.0.3 SF_GSNC_IP=172.22.0.21