deploy-agent 1.0.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: b5fedd1d54542b1fa80f5f083698d4fac13200fd
+  data.tar.gz: f2783980bf24d0f54aeef1f2b7894c5f37b33cbb
+SHA512:
+  metadata.gz: 986c809ff4bc0655bc586599a14e84cc7708c4f9f2a7f77fec3b57054336af2ec4e0038847483687fb1a85a8bd06f69d9056d0394c67ce0552f9d99c46cca613
+  data.tar.gz: 9b3547acefee6e6bd3d4dca8c85baf15aaa791382e75796a413b4bec689cc147711083965bf1d70f3177d65e039fce67d76e9365b514cd7a440e4d76ddbccd0d

data/bin/deploy-agent

@@ -0,0 +1,5 @@
+#!/usr/bin/env ruby
+$:.unshift(File.expand_path('../../lib', __FILE__))
+require 'deploy_agent'
+
+DeployAgent::CLI.new.dispatch(ARGV)

data/lib/deploy_agent.rb

@@ -0,0 +1,14 @@
+require 'deploy_agent/certificate_manager'
+require 'deploy_agent/server_connection'
+require 'deploy_agent/destination_connection'
+require 'deploy_agent/cli'
+require 'deploy_agent/agent'
+
+module DeployAgent
+  CONFIG_PATH      = File.expand_path('~/.deploy')
+  CERTIFICATE_PATH = File.expand_path('~/.deploy/agent.crt')
+  KEY_PATH         = File.expand_path('~/.deploy/agent.key')
+  CA_PATH          = File.expand_path('~/.deploy/ca.crt')
+  PID_PATH         = File.expand_path('~/.deploy/agent.pid')
+  LOG_PATH         = File.expand_path('~/.deploy/agent.log')
+end

data/lib/deploy_agent/agent.rb

@@ -0,0 +1,36 @@
+gem 'nio4r', '1.2.1'
+require 'nio'
+require 'logger'
+
+module DeployAgent
+  class Agent
+
+    def run
+      nio_selector = NIO::Selector.new
+      target = ENV['DEPLOY_AGENT_PROXY_IP'] || 'agent.deployhq.com'
+      ServerConnection.new(self, target, nio_selector, !ENV['DEPLOY_AGENT_NOVERIFY'])
+
+      loop do
+        nio_selector.select do |monitor|
+          monitor.value.rx_data if monitor.readable?
+          monitor.value.tx_data if monitor.writeable?
+        end
+      end
+    rescue ServerConnection::ServerDisconnected
+      retry
+    end
+
+    def logger
+      @logger ||= begin
+        if $background
+          logger = Logger.new(LOG_PATH, 5, 10240)
+          logger.level = Logger::INFO
+          logger
+        else
+          Logger.new(STDOUT)
+        end
+      end
+    end
+
+  end
+end

data/lib/deploy_agent/certificate_manager.rb

@@ -0,0 +1,85 @@
+gem 'rb-readline', '0.5.4'
+require 'readline'
+require 'net/https'
+require 'json'
+require 'fileutils'
+
+module DeployAgent
+  class CertificateManager
+
+    def certificate_uri
+      URI(ENV['DEPLOY_AGENT_CERTIFICATE_URL'] || 'https://api.deployhq.com/api/v1/agents/create')
+    end
+
+    def generate_certificate
+      puts 'This tool will assist you in generating a certificate for your Deploy agent.'
+      puts
+      if File.file?(CERTIFICATE_PATH)
+        puts "***************************** WARNING *****************************"
+        puts "The Deploy agent has already been configured. Are you sure you wish"
+        puts "to remove the existing certificate and generate a new one?"
+        puts
+        Readline.completion_proc = Proc.new {}
+        begin
+          response = Readline.readline("Remove existing certificate? [no]: ", true)
+        rescue Interrupt => e
+          puts
+          Process.exit(1)
+        end
+        unless response == 'yes'
+          Process.exit(1)
+        end
+        puts
+      end
+      puts 'Please enter a name for this agent.'
+      Readline.completion_proc = Proc.new {}
+      begin
+        name = Readline.readline("Agent Name: ", true)
+      rescue Interrupt => e
+        puts
+        Process.exit(1)
+      end
+      if name.length < 2
+        puts "Name must be at least 2 characters."
+        Process.exit(1)
+      else
+        uri = certificate_uri
+        Net::HTTP.start(uri.host, uri.port, :use_ssl => uri.scheme == 'https') do |http|
+          request = Net::HTTP::Post.new(uri)
+          request.body = {:name => name}.to_json
+          request['Content-Type'] = 'application/json'
+          response = http.request request
+          response_hash = JSON.parse(response.body)
+          if response_hash['status'] == 'success'
+            FileUtils.mkdir_p(CONFIG_PATH)
+            File.write(CA_PATH,          response_hash['data']['ca'])
+            File.write(CERTIFICATE_PATH, response_hash['data']['certificate'])
+            File.write(KEY_PATH,         response_hash['data']['private_key'])
+            puts
+            puts "Certificate has been successfully generated and installed."
+            puts
+            puts "You can now associate this Agent with your Deploy account."
+            puts "Browse to Settings -> Agents in your account and enter the code below:"
+            puts
+            puts " >> #{response_hash['data']['claim_code']} <<"
+            puts
+            puts "You can start the agent using the following command:"
+            puts
+            puts " # deploy-agent start"
+            puts
+          else
+            puts
+            puts "An error occurred obtaining a certificate."
+            puts "Please contact support, quoting the debug information below:"
+            puts
+            puts response.inspect
+            puts response.body
+            puts
+            Process.exit(1)
+          end
+        end
+      end
+    end
+
+  end
+end

data/lib/deploy_agent/cli.rb

@@ -0,0 +1,100 @@
+module DeployAgent
+  class CLI
+
+    def dispatch(arguments)
+      methods = self.public_methods(false).delete_if { |n| n == :dispatch }.sort
+      if arguments[0] && methods.include?(arguments[0].to_sym)
+        public_send(arguments[0])
+      else
+        puts "Usage: deploy-agent [#{methods.join('|')}]"
+      end
+    end
+
+    def setup
+      CertificateManager.new.generate_certificate
+    end
+
+    def ensure_configured
+      unless File.file?(CERTIFICATE_PATH)
+        puts 'Deploy agent is not configured. Please run "deploy-agent setup" first.'
+        Process.exit(1)
+      end
+    end
+
+    def restart
+      stop
+      while(is_running?)
+        sleep 0.5
+      end
+      start
+    end
+
+    def start
+      if is_running?
+        puts "Deploy agent already running. Process ID #{pid_from_file}"
+        Process.exit(1)
+      else
+        ensure_configured
+        pid = fork do
+          $background = true
+          write_pid
+          run
+        end
+        puts "Deploy agent started. Process ID #{pid}"
+        Process.detach(pid)
+      end
+    end
+
+    def stop
+      if is_running?
+        pid = pid_from_file
+        Process.kill('TERM', pid)
+        puts "Deploy agent stopped. Process ID #{pid}"
+      else
+        puts "Deploy agent is not running"
+        Process.exit(1)
+      end
+    end
+
+    def status
+      if is_running?
+        puts "Deploy agent is running. PID #{pid_from_file}"
+      else
+        puts "Deploy agent is not running."
+        Process.exit(1)
+      end
+    end
+
+    def run
+      ensure_configured
+      Agent.new.run
+    end
+
+    private
+
+    def is_running?
+      if pid = pid_from_file
+        Process.kill(0, pid)
+        true
+      else
+        false
+      end
+    rescue Errno::ESRCH
+      false
+    rescue Errno::EPERM
+      true
+    end
+
+    def pid_from_file
+      File.read(PID_PATH).to_i
+    rescue Errno::ENOENT
+      nil
+    end
+
+    def write_pid
+      File.open(PID_PATH, 'w') { |f| f.write Process.pid.to_s }
+      at_exit { File.delete(PID_PATH) if File.exists?(PID_PATH) }
+    end
+
+  end
+end

data/lib/deploy_agent/destination_connection.rb

@@ -0,0 +1,106 @@
+require 'socket'
+
+module DeployAgent
+  # The DestinationConnection class managea a connection to a backend server
+  class DestinationConnection
+    attr_reader :socket
+
+    # Create a connection to a backend server
+    def initialize(host, port, id, nio_selector, server_connection)
+      @agent = server_connection.agent
+      @id = id
+      @nio_selector = nio_selector
+      @server_connection = server_connection
+
+      # Check the IP address and create a socket
+      ipaddr = IPAddr.new(host)
+      if ipaddr.ipv4?
+        @tcp_socket = Socket.new(Socket::Constants::AF_INET, Socket::Constants::SOCK_STREAM, 0)
+      else
+        @tcp_socket = Socket.new(Socket::Constants::AF_INET6, Socket::Constants::SOCK_STREAM, 0)
+      end
+      # Begin the connection attempt in the background
+      @sockaddr = Socket.sockaddr_in(port.to_i, host.to_s)
+      begin
+        @tcp_socket.connect_nonblock(@sockaddr)
+        # We don't expect to get here, but it's OK if we do
+        @status = :connected
+        @nio_monitor = @nio_selector.register(@tcp_socket, :r)
+      rescue IO::WaitWritable
+        # This is expected, we will get a callback when the connection completes
+        @status = :connecting
+        @nio_monitor = @nio_selector.register(@tcp_socket, :w)
+      end
+      @nio_monitor.value = self
+
+      # Set up a send buffer
+      @tx_buffer = String.new.force_encoding('BINARY')
+    end
+
+    # Queue data to be send to the backend
+    def send_data(data)
+      @tx_buffer << data
+      @nio_monitor.interests = :rw
+    end
+
+    def tx_data
+      # This might get called when there's data to send, but also
+      # when a connections completes or fails.
+      if @status == :connecting
+        begin
+          @tcp_socket.connect_nonblock(@sockaddr)
+        rescue IO::WaitWritable
+          # This shouldn't happen. If it does, ignore it and
+          # wait a bit longer until the connection completes
+          return
+        rescue => e
+          @agent.logger.info "[#{@id}] Connection failed: #{e.message.to_s}"
+          # Something went wrong connecting, inform the Deploy Server
+          close
+          @server_connection.send_connection_error(@id, e.message.to_s)
+          return
+        end
+          @agent.logger.info "[#{@id}] Connected to destination"
+        @server_connection.send_connection_success(@id)
+        @status = :connected
+      end
+      if @status == :connected && @tx_buffer.bytesize > 0
+        bytes_sent = @tcp_socket.write_nonblock(@tx_buffer)
+        if bytes_sent >= @tx_buffer.bytesize
+          @tx_buffer = String.new.force_encoding('BINARY')
+        else
+          @tx_buffer = @tx_buffer[bytes_sent..-1]
+        end
+      end
+      if @status == :connected && @tx_buffer.bytesize == 0
+        # Nothing more to send, wait for inbound data only
+        @nio_monitor.interests = :r
+      end
+    rescue Errno::ECONNRESET
+      # The backend has closed the connection. Inform the Deploy server.
+      @server_connection.send_connection_close(@id)
+      # Ensure everything is tidied up
+      close
+    end
+
+    def rx_data
+      # Received data from backend. Pass this along to the Deploy server
+      data = @tcp_socket.readpartial(10240)
+      @agent.logger.debug "[#{@id}] #{data.bytesize} bytes received from destination"
+      @server_connection.send_data(@id, data)
+    rescue EOFError, Errno::ECONNRESET
+      @agent.logger.info "[#{@id}] Destination closed connection"
+      # The backend has closed the connection. Inform the Deploy server.
+      @server_connection.send_connection_close(@id)
+      # Ensure everything is tidied up
+      close
+    end
+
+    def close
+      @nio_selector.deregister(@tcp_socket)
+      @server_connection.destination_connections.delete(@id)
+      @tcp_socket.close
+    end
+
+  end
+end

data/lib/deploy_agent/server_connection.rb

@@ -0,0 +1,165 @@
+require 'socket'
+require 'ipaddr'
+require 'openssl'
+
+module DeployAgent
+  # The ServerConnection class deals with all communication with the Deploy server
+  class ServerConnection
+    class ServerDisconnected < StandardError;end
+    attr_reader :destination_connections, :agent
+    attr_writer :nio_monitor
+
+    # Create a secure TLS connection to the Deploy server
+    def initialize(agent, server_host, nio_selector, check_certificate=true)
+      @agent = agent
+      @agent.logger.info "Attempting to connect to #{server_host}"
+      @destination_connections = {}
+      @nio_selector = nio_selector
+
+      # Create a TCP socket to the Deploy server
+      @tcp_socket = TCPSocket.new(server_host, 7777)
+
+      # Configure an OpenSSL context with server vertification
+      ctx = OpenSSL::SSL::SSLContext.new
+      ctx.verify_mode = OpenSSL::SSL::VERIFY_PEER
+      # Load the agent certificate and key used to authenticate this agent
+      ctx.cert = OpenSSL::X509::Certificate.new(File.read(CERTIFICATE_PATH))
+      ctx.key = OpenSSL::PKey::RSA.new(File.read(KEY_PATH))
+      # Load the Deploy CA used to verify the server
+      ctx.ca_file = CA_PATH
+
+      # Create the secure connection
+      @socket = OpenSSL::SSL::SSLSocket.new(@tcp_socket, ctx)
+      @socket.connect
+      # Check the remote certificate
+      @socket.post_connection_check(server_host) if check_certificate
+      # Create send and receive buffers
+      @tx_buffer = String.new.force_encoding('BINARY')
+      @rx_buffer = String.new.force_encoding('BINARY')
+
+      @nio_monitor = @nio_selector.register(@tcp_socket, :r)
+      @nio_monitor.value = self
+
+      @agent.logger.info "Successfully connected to server"
+    rescue => e
+      @agent.logger.info "Something went wrong connecting to server."
+      # Sleep between 10 and 20 seconds
+      random_sleep = rand(10) + 10
+      @agent.logger.info "#{e.to_s} #{e.message}"
+      @agent.logger.info "Retrying in #{random_sleep} seconds."
+      sleep random_sleep
+      retry
+    end
+
+    # Receive and process packets from the control server
+    def rx_data
+      # Ensure all received data is read
+      @rx_buffer << @socket.readpartial(10240)
+      while(@socket.pending > 0)
+        @rx_buffer << @socket.readpartial(10240)
+      end
+      # Wait until we have a complete packet of data
+      while @rx_buffer.bytesize >=2 && @rx_buffer.bytesize >= @rx_buffer[0,2].unpack('n')[0]
+        length = @rx_buffer.slice!(0,2).unpack('n')[0]
+        # Extract the packet from the buffered stream
+        packet = @rx_buffer.slice!(0,length-2)
+        # Check what type of packet we have received
+        case packet.bytes[0]
+        when 1
+          # Process new connection request
+          id = packet[1,2].unpack('n')[0]
+          host, port = packet[3..-1].split('/', 2)
+          @agent.logger.info "[#{id}] Connection request from server: #{host}:#{port}"
+          begin
+            # Create conenction to the final destination and save info by id
+            @destination_connections[id] = DestinationConnection.new(host, port, id, @nio_selector, self)
+          rescue => e
+            # Something went wrong, inform the Deploy server
+            @agent.logger.error "An error occurred: #{e.message}"
+            @agent.logger.error e.backtrace
+            send_connection_error(id, e.message)
+          end
+        when 3
+          # Process a connection close request
+          id = packet[1,2].unpack('n')[0]
+          if @destination_connections[id]
+            @agent.logger.info "[#{id}] Close requested by server, closing"
+            @destination_connections[id].close
+          else
+            @agent.logger.info "[#{id}] Close requested by server, not open"
+          end
+        when 4
+          # Data incoming, send it to the backend
+          id = packet[1,2].unpack('n')[0]
+          @agent.logger.debug "[#{id}] #{packet.bytesize} bytes received from server"
+          @destination_connections[id].send_data(packet[3..-1])
+        when 5
+          # This is a shutdown request. Disconnect and don't re-attempt connection.
+          @agent.logger.warn "Server rejected connection. Shutting down."
+          @agent.logger.warn packet[1..-1]
+          Process.exit(0)
+        when 6
+          # This is a shutdown request. Disconnect and don't re-attempt connection.
+          @agent.logger.warn "Server requested reconnect. Closing connection."
+          close
+        end
+      end
+    rescue EOFError, Errno::ECONNRESET
+      close
+    end
+
+    # Notify server of successful connection
+    def send_connection_success(id)
+      send_packet([2, id, 0].pack('CnC'))
+    end
+
+    # Notify server of failed connection
+    def send_connection_error(id, reason)
+      send_packet([2, id, 1, reason].pack('CnCa*'))
+    end
+
+    # Notify server of closed connection
+    def send_connection_close(id)
+      send_packet([3, id].pack('Cn'))
+    end
+
+    # Proxy data (coming from the backend) to the Deploy server
+    def send_data(id, data)
+      send_packet([4, id, data].pack('Cna*'))
+    end
+
+    # Called by event loop to send all waiting packets to the Deploy server
+    def tx_data
+      bytes_sent = @socket.write_nonblock(@tx_buffer[0,1024])
+      # Send as much data as possible
+      if bytes_sent >= @tx_buffer.bytesize
+        @tx_buffer = String.new.force_encoding('BINARY')
+        @nio_monitor.interests = :r
+      else
+        # If we didn't manage to send all the data, leave
+        # the remaining data in the send buffer
+        @tx_buffer.slice!(0, bytes_sent)
+      end
+    rescue EOFError, Errno::ECONNRESET
+      close
+    end
+
+    private
+
+    def close
+      @agent.logger.info "Server disconnected, terminating all connections"
+      @destination_connections.values.each{ |s| s.close }
+      @nio_selector.deregister(@tcp_socket)
+      @socket.close
+      @tcp_socket.close
+      raise ServerDisconnected
+    end
+
+    # Queue a packet of data to be sent to the Deploy server
+    def send_packet(data)
+      @tx_buffer << [data.bytesize+2, data].pack('na*')
+      @nio_monitor.interests = :rw
+    end
+
+  end
+end

metadata

@@ -0,0 +1,80 @@
+--- !ruby/object:Gem::Specification
+name: deploy-agent
+version: !ruby/object:Gem::Version
+  version: 1.0.0
+platform: ruby
+authors:
+- aTech Media
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2017-03-09 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: nio4r
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '='
+      - !ruby/object:Gem::Version
+        version: 1.2.1
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '='
+      - !ruby/object:Gem::Version
+        version: 1.2.1
+- !ruby/object:Gem::Dependency
+  name: rb-readline
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '='
+      - !ruby/object:Gem::Version
+        version: 0.5.4
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '='
+      - !ruby/object:Gem::Version
+        version: 0.5.4
+description: This gem allows you to configure a secure proxy through which Deploy
+  can forward connections
+email:
+- support@deployhq.com
+executables:
+- deploy-agent
+extensions: []
+extra_rdoc_files: []
+files:
+- bin/deploy-agent
+- lib/deploy_agent.rb
+- lib/deploy_agent/agent.rb
+- lib/deploy_agent/certificate_manager.rb
+- lib/deploy_agent/cli.rb
+- lib/deploy_agent/destination_connection.rb
+- lib/deploy_agent/server_connection.rb
+homepage: https://www.deployhq.com/
+licenses: []
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.6.8
+signing_key: 
+specification_version: 4
+summary: The Deploy agent
+test_files: []