|
1
|
|
|
#! /usr/bin/env python |
|
2
|
|
|
|
|
3
|
|
|
import os |
|
4
|
|
|
import logging |
|
5
|
|
|
import argparse |
|
6
|
|
|
from os.path import dirname, abspath |
|
7
|
|
|
import sys |
|
8
|
|
|
from time import time, strftime, localtime |
|
9
|
|
|
|
|
10
|
|
|
from spike import create_app, version |
|
11
|
|
|
from spike.model import db, rulesets_seeds, whitelists_seeds |
|
12
|
|
|
from spike.model.naxsi_rulesets import NaxsiRuleSets |
|
13
|
|
|
from spike.model.naxsi_whitelistsets import NaxsiWhitelistSets |
|
14
|
|
|
|
|
15
|
|
|
from sqlalchemy.exc import SQLAlchemyError |
|
16
|
|
|
|
|
17
|
|
|
|
|
18
|
|
|
def run(debug=False): |
|
19
|
|
|
app = create_app(__get_config_file()) |
|
20
|
|
|
db.init_app(app) |
|
21
|
|
|
|
|
22
|
|
|
if debug: |
|
23
|
|
|
app.test_request_context().push() |
|
24
|
|
|
|
|
25
|
|
|
try: |
|
26
|
|
|
host = app.config["APP_HOST"] |
|
27
|
|
|
except KeyError: |
|
28
|
|
|
host = '127.0.0.1' |
|
29
|
|
|
|
|
30
|
|
|
try: |
|
31
|
|
|
port = int(app.config["APP_PORT"]) |
|
32
|
|
|
except KeyError: |
|
33
|
|
|
port = 5555 |
|
34
|
|
|
|
|
35
|
|
|
app.run(debug=debug, host=host, port=port) |
|
36
|
|
|
|
|
37
|
|
|
|
|
38
|
|
|
def spike_init(): |
|
39
|
|
|
logging.info("Initializing Spike") |
|
40
|
|
|
timestamp = int(time()) |
|
41
|
|
|
|
|
42
|
|
|
app = create_app(__get_config_file()) |
|
43
|
|
|
db.init_app(app) |
|
44
|
|
|
|
|
45
|
|
|
with app.app_context(): |
|
46
|
|
|
db.create_all() |
|
47
|
|
|
|
|
48
|
|
|
for r in rulesets_seeds: |
|
49
|
|
|
logging.info("Adding ruleset: %s", r) |
|
50
|
|
|
rmks = "Ruleset for %s / auto-created %s" % (r, strftime("%F - %H:%M", localtime(time()))) |
|
51
|
|
|
db.session.add(NaxsiRuleSets(r, rmks, timestamp)) |
|
52
|
|
|
for w in whitelists_seeds: |
|
53
|
|
|
logging.info("Adding whitelistset: %s", w) |
|
54
|
|
|
rmks = "Ruleset for %s / auto-created %s" % (w, strftime("%F - %H:%M", localtime(time()))) |
|
55
|
|
|
db.session.add(NaxsiWhitelistSets(w, rmks, timestamp)) |
|
56
|
|
|
try: |
|
57
|
|
|
db.session.commit() |
|
58
|
|
|
except SQLAlchemyError: |
|
59
|
|
|
logging.error('It seems that the database was already initialized. Did you meant to run `%s run` instead?', |
|
60
|
|
|
sys.argv[0]) |
|
61
|
|
|
logging.info('Spike initialization completed') |
|
62
|
|
|
|
|
63
|
|
|
|
|
64
|
|
|
def __get_config_file(): |
|
65
|
|
|
return os.path.join(dirname(abspath(__name__)), 'config.cfg') |
|
66
|
|
|
|
|
67
|
|
|
|
|
68
|
|
|
if __name__ == "__main__": |
|
69
|
|
|
logging.basicConfig(level=logging.DEBUG, format='%(message)s') |
|
70
|
|
|
parser = argparse.ArgumentParser(description='Spike %s' % version) |
|
71
|
|
|
parser.add_argument('command', help='Run the spike server', choices=['run', 'init']) |
|
72
|
|
|
parser.add_argument('-d', '--debug', help='Run server in debug mode', action='store_true') |
|
73
|
|
|
args = parser.parse_args() |
|
74
|
|
|
|
|
75
|
|
|
if args.command == 'run': |
|
76
|
|
|
if not os.path.exists(os.path.join(dirname(abspath(__name__)), 'spike', 'rules.db')): |
|
77
|
|
|
print('You should run `python %s init` before using Spike' % sys.argv[0]) |
|
78
|
|
|
else: |
|
79
|
|
|
run(args.debug) |
|
80
|
|
|
elif args.command == 'init': |
|
81
|
|
|
spike_init() |
|
82
|
|
|
|
nbs-system /
spike
