Dreaded_X/siranga
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Changed name to siranga

Browse Source
This commit is contained in:
Dreaded_X 2025-04-17 13:31:33 +02:00
parent bb19802f40
commit ff19d6b23b
Signed by: Dreaded_X
GPG Key ID: 5A0CBFE3C3377FAA
11 changed files with 61 additions and 66 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

56
Cargo.lock generated
View File

@ -2853,6 +2853,34 @@ dependencies = [
"rand_core 0.6.4", "rand_core 0.6.4",
] ]
[[package]]
name = "siranga"
version = "0.0.0"
dependencies = [
"bytes",
"clap",
"clio",
"color-eyre",
"crossterm 0.29.0",
"dotenvy",
"futures",
"git-version",
"http-body-util",
"hyper",
"hyper-util",
"ldap3",
"pin-project-lite",
"rand 0.8.5",
"ratatui",
"reqwest",
"russh",
"thiserror 2.0.12",
"tokio",
"tracing",
"tracing-subscriber",
"unicode-width 0.2.0",
]
[[package]] [[package]]
name = "slab" name = "slab"
version = "0.4.9" version = "0.4.9"
@ -3299,34 +3327,6 @@ version = "0.2.5"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "e421abadd41a4225275504ea4d6566923418b7f05506fbc9c0fe86ba7396114b" checksum = "e421abadd41a4225275504ea4d6566923418b7f05506fbc9c0fe86ba7396114b"
[[package]]
name = "tunnel_rs"
version = "0.0.0"
dependencies = [
"bytes",
"clap",
"clio",
"color-eyre",
"crossterm 0.29.0",
"dotenvy",
"futures",
"git-version",
"http-body-util",
"hyper",
"hyper-util",
"ldap3",
"pin-project-lite",
"rand 0.8.5",
"ratatui",
"reqwest",
"russh",
"thiserror 2.0.12",
"tokio",
"tracing",
"tracing-subscriber",
"unicode-width 0.2.0",
]
[[package]] [[package]]
name = "typenum" name = "typenum"
version = "1.18.0" version = "1.18.0"

4
Cargo.toml
View File

@ -1,7 +1,7 @@
[package] [package]
name = "tunnel_rs" name = "siranga"
edition = "2024" edition = "2024"
default-run = "tunnel_rs" default-run = "siranga"
[dependencies] [dependencies]
bytes = "1.10.1" bytes = "1.10.1"

4
Dockerfile
View File

@ -18,5 +18,5 @@ ENV RUSTC_BOOTSTRAP=1
RUN cargo auditable build --release RUN cargo auditable build --release
FROM gcr.io/distroless/cc-debian12:nonroot AS runtime FROM gcr.io/distroless/cc-debian12:nonroot AS runtime
COPY --from=builder /app/target/release/tunnel_rs /tunnel_rs COPY --from=builder /app/target/release/siranga /siranga
CMD ["/tunnel_rs"] CMD ["/siranga"]

24
manifests/deployment.yaml
View File

@ -1,25 +1,25 @@
apiVersion: apps/v1 apiVersion: apps/v1
kind: Deployment kind: Deployment
metadata: metadata:
name: tunnel name: siranga
labels: labels:
app: tunnel app: siranga
app.kubernetes.io/name: tunnel app.kubernetes.io/name: siranga
spec: spec:
replicas: 1 replicas: 1
selector: selector:
matchLabels: matchLabels:
app: tunnel app: siranga
template: template:
metadata: metadata:
labels: labels:
app: tunnel app: siranga
annotations: annotations:
kubectl.kubernetes.io/default-container: tunnel kubectl.kubernetes.io/default-container: siranga
spec: spec:
containers: containers:
- name: tunnel - name: siranga
image: git.huizinga.dev/dreaded_x/tunnel_rs@${DIGEST} image: git.huizinga.dev/dreaded_x/siranga@${DIGEST}
imagePullPolicy: IfNotPresent imagePullPolicy: IfNotPresent
resources: resources:
limits: limits:
@ -40,7 +40,7 @@ spec:
mountPath: "/secrets/key" mountPath: "/secrets/key"
env: env:
- name: RUST_LOG - name: RUST_LOG
value: info,tunnel_rs=debug value: info,siranga=debug
- name: TUNNEL_DOMAIN - name: TUNNEL_DOMAIN
value: tunnel.${domain} value: tunnel.${domain}
- name: AUTHZ_ENDPOINT - name: AUTHZ_ENDPOINT
@ -50,7 +50,7 @@ spec:
- name: LDAP_BASE - name: LDAP_BASE
value: ou=people,dc=huizinga,dc=dev value: ou=people,dc=huizinga,dc=dev
- name: LDAP_BIND_DN - name: LDAP_BIND_DN
value: uid=tunnel.tunnel,ou=people,dc=huizinga,dc=dev value: uid=siranga.siranga,ou=people,dc=huizinga,dc=dev
- name: LDAP_PASSWORD_FILE - name: LDAP_PASSWORD_FILE
value: /secrets/credentials/password value: /secrets/credentials/password
- name: PRIVATE_KEY_FILE - name: PRIVATE_KEY_FILE
@ -58,8 +58,8 @@ spec:
volumes: volumes:
- name: credentials - name: credentials
secret: secret:
secretName: tunnel-lldap-credentials secretName: siranga-lldap-credentials
- name: key - name: key
secret: secret:
secretName: tunnel-key secretName: siranga-key

2
manifests/ingress-route.yaml
View File

@ -9,7 +9,7 @@ spec:
- match: HostRegexp(`^.+\.tunnel\.${domain//./\\.}$`) - match: HostRegexp(`^.+\.tunnel\.${domain//./\\.}$`)
kind: Rule kind: Rule
services: services:
- name: tunnel - name: http
port: 3000 port: 3000
tls: tls:
secretName: tunnel-tls secretName: tunnel-tls

4
manifests/kustomization.yaml
View File

@ -1,10 +1,10 @@
apiVersion: kustomize.config.k8s.io/v1beta1 apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization kind: Kustomization
namespace: tunnel namespace: siranga
resources: resources:
- ./namespace.yaml - ./namespace.yaml
- ./service-user.yaml - ./service-user.yaml
- ./secret-tunnel-key.yaml - ./secret-siranga-key.yaml
- ./deployment.yaml - ./deployment.yaml
- ./service.yaml - ./service.yaml
- ./certificate.yaml - ./certificate.yaml

2
manifests/namespace.yaml
View File

@ -1,4 +1,4 @@
apiVersion: v1 apiVersion: v1
kind: Namespace kind: Namespace
metadata: metadata:
name: tunnel name: siranga

13
manifests/secret-tunnel-key.yaml → manifests/secret-siranga-key.yaml
View File

@ -1,18 +1,13 @@
apiVersion: v1 apiVersion: v1
kind: Secret kind: Secret
metadata: metadata:
name: tunnel-key name: siranga-key
type: Opaque type: Opaque
stringData: stringData:
private.pem: ENC[AES256_GCM,data:9chbnKvGVtGEHTytURAK03ewcy+2LO3JLN6uCD6EtovQqAHZvBJFmUWDwSKXXLAoH8ErQ7VjldzaGPNhCqJaF/+69N9ruoOELR/NdqBbeXxQLdzNO95qlFGNbvBQaJheuQmT0BIqMxu8GHEjoswdHiE0wQebbJubPu3x85tLu24T86sUpeBuRcFsdouBPCO3q3h5Prdxscl/McTcdB+DE21Mpk0dw9GvxmyeTWg1LAbmtYv5vhdJRCSQW1EtQQNn/o/K3/7ALoGsekomjAoFmVG7OKIwaUbfJkVxyYN8UQ7Q4YQ3C16NCysoNx4aB9AlcvIeME/eNJ+nAQMWFA5q2ewhza+idw1H9GmBJaoIFCGsXXdPTyEglFFf5xGZR/lHGxxD1UP0Zd/b25dIKkAYBnYVPojN1HLom+3dG+Ci1oGQmDkT91w1Zj72b9uIdT+xNTBG7b8bkBlLprUJ8VYm2sGZiFmzYkJd6slwVJ+j0Y26iEEpvPb63stkhkeSIeg1fKSL,iv:lz3hiOS/+xYJ4/ooITqxXNlpZsiA+UXQH+4UTofj2p0=,tag:Pwz3pCqJkSUFx5JflKJJEw==,type:str] private.pem: ENC[AES256_GCM,data:9chbnKvGVtGEHTytURAK03ewcy+2LO3JLN6uCD6EtovQqAHZvBJFmUWDwSKXXLAoH8ErQ7VjldzaGPNhCqJaF/+69N9ruoOELR/NdqBbeXxQLdzNO95qlFGNbvBQaJheuQmT0BIqMxu8GHEjoswdHiE0wQebbJubPu3x85tLu24T86sUpeBuRcFsdouBPCO3q3h5Prdxscl/McTcdB+DE21Mpk0dw9GvxmyeTWg1LAbmtYv5vhdJRCSQW1EtQQNn/o/K3/7ALoGsekomjAoFmVG7OKIwaUbfJkVxyYN8UQ7Q4YQ3C16NCysoNx4aB9AlcvIeME/eNJ+nAQMWFA5q2ewhza+idw1H9GmBJaoIFCGsXXdPTyEglFFf5xGZR/lHGxxD1UP0Zd/b25dIKkAYBnYVPojN1HLom+3dG+Ci1oGQmDkT91w1Zj72b9uIdT+xNTBG7b8bkBlLprUJ8VYm2sGZiFmzYkJd6slwVJ+j0Y26iEEpvPb63stkhkeSIeg1fKSL,iv:lz3hiOS/+xYJ4/ooITqxXNlpZsiA+UXQH+4UTofj2p0=,tag:Pwz3pCqJkSUFx5JflKJJEw==,type:str]
sops: sops:
kms: [] lastmodified: "2025-04-17T11:29:42Z"
gcp_kms: [] mac: ENC[AES256_GCM,data:2qRJCmcQTVtI+UMkcNcMlbXiTDNj83RqCOZDsNQ9UxqFmOQy35o6ig5YPfj2bKWYJSR2l4F5JWOKk3rYeAagCZ74tWjOM/LA5u8AiCUf9tDVRA82fQAXIVg7s6Udzif0U0yzPfOb2Ia8xDrm2Hfl7GTeO1WJN+qtI9qQDJHedlA=,iv:dTWKJMCqtnDMqLZS5SwVg5Uu5Kv1p9GtAQ55wZ1j/mI=,tag:KVKKDNAtKLZ7xxVzgh/Nng==,type:str]
azure_kv: []
hc_vault: []
age: []
lastmodified: "2025-04-14T22:32:45Z"
mac: ENC[AES256_GCM,data:KGxVfxRVzyzkJTfGzVsWzLMDPBhElcpbgeHalctly14MhzsubEVPwr6Qlj4dh2714Vs0NUo3xERbIeLYRZqbqIQkVkXM31bzA0Tsud+Wapv92B9Z2yr249YX1EhxwnFzSR+180vkIB+Vc8n2hfgSXftUg5L5QEouUuilUiXWQKo=,iv:pal8Fypc6HnTnHulaFvo8A5FH6wjdDQQJGUb0G+w6Do=,tag:D4swtLKJctkyDTfMQpdGtg==,type:str]
pgp: pgp:
- created_at: "2025-04-14T16:11:54Z" - created_at: "2025-04-14T16:11:54Z"
enc: |- enc: |-
@ -56,4 +51,4 @@ sops:
-----END PGP MESSAGE----- -----END PGP MESSAGE-----
fp: 49F10679C425233EFB4B1B6F9D641BEFA42DEC28 fp: 49F10679C425233EFB4B1B6F9D641BEFA42DEC28
encrypted_regex: ^(data|stringData)$ encrypted_regex: ^(data|stringData)$
version: 3.9.4 version: 3.10.1

2
manifests/service-user.yaml
View File

@ -1,5 +1,5 @@
apiVersion: lldap.huizinga.dev/v1 apiVersion: lldap.huizinga.dev/v1
kind: ServiceUser kind: ServiceUser
metadata: metadata:
name: tunnel name: siranga
spec: {} spec: {}

8
manifests/service.yaml
View File

@ -1,19 +1,19 @@
apiVersion: v1 apiVersion: v1
kind: Service kind: Service
metadata: metadata:
name: tunnel name: http
spec: spec:
ports: ports:
- name: "3000" - name: "3000"
port: 3000 port: 3000
targetPort: 3000 targetPort: 3000
selector: selector:
app: tunnel app: siranga
--- ---
apiVersion: v1 apiVersion: v1
kind: Service kind: Service
metadata: metadata:
name: tunnel-ssh name: ssh
annotations: annotations:
external-dns.alpha.kubernetes.io/hostname: tunnel.svc.${domain} external-dns.alpha.kubernetes.io/hostname: tunnel.svc.${domain}
spec: spec:
@ -23,4 +23,4 @@ spec:
port: 22 port: 22
targetPort: 2222 targetPort: 2222
selector: selector:
app: tunnel app: siranga

8
src/main.rs
View File

@ -7,15 +7,15 @@ use git_version::git_version;
use hyper::server::conn::http1::{self}; use hyper::server::conn::http1::{self};
use hyper_util::rt::TokioIo; use hyper_util::rt::TokioIo;
use rand::rngs::OsRng; use rand::rngs::OsRng;
use siranga::ldap::Ldap;
use siranga::ssh::Server;
use siranga::tunnel::Registry;
use siranga::web::{ForwardAuth, Service};
use tokio::net::TcpListener; use tokio::net::TcpListener;
use tracing::{error, info, warn}; use tracing::{error, info, warn};
use tracing_subscriber::EnvFilter; use tracing_subscriber::EnvFilter;
use tracing_subscriber::layer::SubscriberExt; use tracing_subscriber::layer::SubscriberExt;
use tracing_subscriber::util::SubscriberInitExt; use tracing_subscriber::util::SubscriberInitExt;
use tunnel_rs::ldap::Ldap;
use tunnel_rs::ssh::Server;
use tunnel_rs::tunnel::Registry;
use tunnel_rs::web::{ForwardAuth, Service};
#[tokio::main] #[tokio::main]
async fn main() -> color_eyre::Result<()> { async fn main() -> color_eyre::Result<()> {