ip_auditor 0.0.2

checksums.yaml

@@ -0,0 +1,15 @@
+---
+!binary "U0hBMQ==":
+  metadata.gz: !binary |-
+    M2IxZmI1MzhmZGVhOWE0ZmE1MTNlNjMyYmM5NjdhNTdmNDQyNzlmZg==
+  data.tar.gz: !binary |-
+    MjMwZjM3YmNiMGM4ZjE3Y2U4MGJjYzVmOGRjODY5ZjgyNmEyMDA4ZA==
+SHA512:
+  metadata.gz: !binary |-
+    YmI1MmJiZDdkOGViY2ViMzZmMjBjMTUxN2E1ZjU2MGJkZDk4NzdmMTg5NmI4
+    MjMzYTFiYjRlYzViZThhZGIwNzcwODA2ZWQ3Y2VhZTY3YjdlNDBiZmJmZjNk
+    NjkwNWI3MGQ1MjczMWUzNDU2OWI2YmRhMDI5YWE4NmQzYWMxZWI=
+  data.tar.gz: !binary |-
+    YjRiOTU2NGNiZTg0M2I4ZGRjOGI2ZjBjNGMxNjM1MDA5NmNhMWM5NWQxYTQ1
+    YmRhYjFkYTZiYjA0NTZjNzhkOTI3NzE0ZTdmMWZlNjc3YzE0YmI4MDk3NjVm
+    ZTBiZDE2OWFhZDI2N2FhZDlhNDI0MjFjOGIwZDc1ZmVmMDdjMjM=

data/.gitignore

@@ -0,0 +1,18 @@
+*.gem
+*.rbc
+.bundle
+.config
+.yardoc
+Gemfile.lock
+InstalledFiles
+_yardoc
+coverage
+doc/
+lib/bundler/man
+pkg
+rdoc
+spec/reports
+test/tmp
+test/version_tmp
+tmp
+.rvmrc

data/Gemfile

@@ -0,0 +1,4 @@
+source 'https://rubygems.org'
+
+# Specify your gem's dependencies in ip_auditor.gemspec
+gemspec

data/LICENSE

@@ -0,0 +1,22 @@
+Copyright (c) 2013 James Kurczodyna
+
+MIT License
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md

@@ -0,0 +1,64 @@
+# IP Auditor
+
+The IP Auditor looks through your Apache vhosts to compile a list of apps on the server, what domains are being listened for and what IP each domain is actually pointing to.
+
+This allows you to quickly track which domains and apps are active and which are pointing elsewhere.
+
+## Installation
+
+* clone this repo
+* cd into the repo
+* run `bundle install`
+
+## Usage
+
+To use the Auditor, cd into the cloned repo and run the following command:
+
+	ruby ./lib/ip_auditor.rb [server name/IP] [user] [options]
+
+Example:
+
+	ruby ./lib/ip_auditor.rb someserver.com myuser
+
+## Output
+
+The Auditor will return a crude report for each VirtualHost in the following format.
+
+	============
+	/path/to/vhost/vhostname: <VirtualHost  [IP]:[port]>
+	============
+	[domain-1]
+	[IP domain-1 is actually pointing to]
+	[domain-2]
+	[IP domain-2 is actually pointing to]
+	[/path/to/app/DocumentRoot]
+
+## Options
+
+* -p [PORT NUMBER] : Specify a port number (default is 22)
+* -c [FILE NAME (optional)]: Output to .csv file instead of terminal (can specify a name)
+* -v : Output more information as to what's happening
+* -e [prod|stage|dev|etc.]: Specify an environment to output (defaults to 'all'; determined by passenger config files, so non-rails site will always return)
+
+## License
+
+MIT License
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/Rakefile

@@ -0,0 +1,2 @@
+#!/usr/bin/env rake
+require "bundler/gem_tasks"

data/bin/audit_ips

@@ -0,0 +1,5 @@
+#!/usr/bin/env ruby
+
+require_relative '../lib/ip_auditor.rb'
+
+IpAuditor.audit

data/ip_auditor.gemspec

@@ -0,0 +1,21 @@
+# -*- encoding: utf-8 -*-
+require File.expand_path('../lib/ip_auditor/version', __FILE__)
+
+Gem::Specification.new do |gem|
+  gem.name          = "ip_auditor"
+  gem.version       = IpAuditor::VERSION
+  gem.platform      = Gem::Platform::RUBY
+  gem.authors       = ["James Kurczodyna", "Kellen Hawley"]
+  gem.email         = ["james@finedesigngroup.com"]
+  gem.description   = "IP Auditor"
+  gem.summary       = "Audits Apache vhosts and domain IPs"
+  gem.homepage      = "https://github.com/jamesmkur/ip-auditor"
+
+  gem.files         = `git ls-files`.split($\)
+  gem.executables   = ['audit_ips']
+  gem.test_files    = gem.files.grep(%r{^(test|spec|features)/})
+  gem.require_paths = ["lib"]
+  gem.bindir        = 'bin'
+
+  gem.add_dependency "net-ssh", "~> 2.6.7"
+end

data/lib/ip_auditor.rb

@@ -0,0 +1,284 @@
+# require "ip_auditor/version"
+require 'net/ssh'
+require 'optparse'
+require 'ostruct'
+require 'yaml'
+
+begin
+  require 'io/console'
+rescue LoadError
+end
+
+
+module IpAuditor
+
+  def IpAuditor.set_options
+    @options = OpenStruct.new
+
+    @options.verbose = false
+    @options.environment = 'all'
+
+    # parse the options passed in through the terminal
+    OptionParser.new do |opts|
+      opts.banner = 'Usage: ip.auditor.rb [server name/IP] [username] [options]'
+
+      # get the port number
+      opts.on('-p', '--port [PORT NUMBER]', 'Port (default is 22)') do |p|
+        @options.port = p
+      end
+
+      # check whether to output data as csv, possibly get the name
+      opts.on('-c', '--csv [FILENAME]', 'Output data as CSV file') do |c|
+        @options.csv = true
+        @options.csv_name = c =~ /[^[:space:]]/ ? c : nil
+      end
+
+      # check whether output more information
+      opts.on('-v', '--verbose', 'Print out more information about what\'s happening') do |v|
+        @options.verbose = true
+      end
+
+      # specify the environment we're checking
+      opts.on('-e', '--environment [prod|stage|dev|etc.]', 'Print only the sites that have environment specified in their passenger files (default is all)') do |e|
+        @options.environment = e
+      end
+
+    end.parse!
+
+    # prompt for password
+    @options.pass = IpAuditor.get_password
+    puts "\n"
+
+    # set the connection variables
+    @options.server = ARGV[0] || ''
+    @options.user = ARGV[1] || ''
+    @options.port = @options.port || 22
+    @options.pass = @options.pass || ''
+    @options.csv_name = @options.csv_name || @options.server
+
+  end
+
+  # prompt for and return password
+  def IpAuditor.get_password
+    if STDIN.respond_to?(:noecho)
+      puts "Password: "
+      STDIN.noecho(&:gets).chomp
+    else
+      `read -s -p "Password: " password; echo $password`.chomp
+    end
+  end
+
+  # get and parse the yaml passenger config file if available, else return false
+  def IpAuditor.get_passenger_file(ssh,file_name)
+
+    puts "Getting passenger information for #{file_name}..." if @options.verbose
+
+    yaml_file = ssh.exec!("find /etc/passenger.d -name '#{file_name}.yml' -exec cat {} \\;")
+
+    # if blank, return false
+    if yaml_file !~ /[^[:space:]]/
+      return false
+    else
+      begin
+        content = YAML.load(yaml_file)
+      rescue ArgumentError
+        return false
+      end
+    end
+
+  end
+
+  # get the rails version for the site, else return nil
+  def IpAuditor.get_rails_version(ssh,gemset)
+
+    puts "Getting the rails version..." if @options.verbose
+    rails_version = ssh.exec!("/usr/local/rvm/bin/rvm #{gemset} do gem list")[/\nrails \((.*?)\)\n/,1]
+
+  end
+
+
+  # get the rails information using passenger, or return false
+  def IpAuditor.get_rails_information(ssh,file_name)
+
+    rails_info = get_passenger_file(ssh,file_name)
+
+    # only return info if we're looking for this environment. Return false if rails info exists but
+    # we should ignore this environment, nil if there is no rails info
+    if rails_info && (rails_info['environment'][@options.environment] || @options.environment == 'all')
+      rails_info['rails_version'] = get_rails_version(ssh,rails_info['rvm'])
+      return rails_info
+    elsif rails_info
+      return false
+    else
+      return nil
+    end
+
+  end
+
+  # use nslookup to get the IP of a given domain
+  def IpAuditor.check_site_status(domain)
+    lookup = `nslookup #{domain}`
+
+    # strip output to IPs only
+    output = lookup[/Non-authoritative answer:(.*)/m,1]
+    ip = !output.nil? ? output[/Address: (.*)/m,1] : false
+
+    # output IP address or message saying lookup failed
+    if ip
+      return ip
+    else
+      return 'DOMAIN LOOKUP FAILED'
+    end
+  end
+
+  # get and compile information from /etc/apache2/sites-enabled
+  def IpAuditor.get_site_information(ssh)
+    data = []
+    current_file_path = '--'
+    current_file = nil
+    directory = ''
+    virtual_host = ''
+    domain_statuses = []
+
+    # get all relevant lines from vhost files
+    domain_text = ssh.exec!("grep -r '<VirtualHost\\|DocumentRoot\\|<Directory\\|ServerName\\|ServerAlias' /etc/apache2/sites-enabled")
+
+    # parse each line for relevant data
+    domain_text.each_line do |line|
+
+      # if we're still looking at the same file, get information
+      if line[current_file_path]
+
+        domain = nil
+
+        # if line contains a domain, get its status
+        if line[/(ServerName|ServerAlias)(.*)/]
+          domain = line[/(ServerName|ServerAlias)(.*)/,2].strip
+          domain_statuses << [domain,IpAuditor.check_site_status(domain)]
+
+        elsif line[/<VirtualHost/]
+          virtual_host = line[/<VirtualHost (.*)>/,1].strip.split(" ").join(", ")
+
+        elsif line[/DocumentRoot/]
+          directory = line[/DocumentRoot\s*?"?(.*)"?/,1]
+        end
+
+      else
+        # if this is a new file, get rails info and push into data array before resetting variables
+        if !(current_file.nil?)
+          rails_info = IpAuditor.get_rails_information(ssh,current_file)
+
+          # if it has rails info an dit's for the relavant domains
+          if rails_info
+            data << [current_file, rails_info['environment'], rails_info['cwd'], rails_info['rvm'], rails_info['rails_version'], virtual_host,domain_statuses].flatten
+          elsif rails_info.nil?
+            data << [current_file,'',directory,'','',virtual_host,domain_statuses].flatten
+          end
+        end
+
+        # reset the per-file variables
+        current_file_path = line[/(.*?):/,1]
+        current_file = current_file_path[/.*\/(.*?\.com$)/,1]
+        virtual_host = line[/<VirtualHost/] ? line[/<VirtualHost (.*)>/,1].strip.split(" ").join(", ") : ''
+        directory = ''
+        domain_statuses = []
+
+      end
+    end
+
+    data
+
+  end
+
+
+  def IpAuditor.write_to_csv(headers,csv_data)
+    require 'csv'
+    CSV.open("IP Audit - #{@options.csv_name}.csv", "w") do |csv|
+      csv << headers
+      csv_data.each do |line|
+        csv << line
+      end
+    end
+  end
+
+  def IpAuditor.write_to_terminal(headers,site_data)
+    last_header_index = headers.length - 1
+
+    site_data.each do |site|
+
+      puts "\n\n============\n#{site[0]}\n============"
+
+
+      (1...site.length).each do |index|
+        if site[index] =~ /[^[:space:]]/
+
+          if !headers[index].nil? && index < last_header_index
+            puts "#{headers[index]}: #{site[index]}"
+
+          elsif index == last_header_index
+            puts "------------\n#{headers[index]}\n------------"
+            puts site[index]
+          else
+            puts site[index]
+          end
+        end
+      end
+
+    end
+  end
+
+
+  def IpAuditor.audit
+
+    # set the options for this instance
+    IpAuditor.set_options
+
+    puts "Opening SSH connection to #{@options.server}..."
+
+    begin
+
+      # open an ssh connection
+      Net::SSH.start(@options.server, @options.user, {port: @options.port, password: @options.pass}) do |ssh|
+
+        puts "Connection opened! Finding and parsing apache/passenger files (this may take a while)..."
+
+        # find lines of interest in vhosts, assumes location is /etc/apache2/sites-enabled
+        domain_text = ssh.exec!("grep -r '<VirtualHost\\|DocumentRoot\\|<Directory\\|ServerName\\|ServerAlias' /etc/apache2/sites-enabled")
+
+        headers = ['Site','Environment','Directory','Gemset','Rails Version','Virtual Host','Site Statuses']
+
+        puts "Parsing the vhosts files ..." if @options.verbose
+        site_data = IpAuditor.get_site_information(ssh)
+
+
+
+
+        # output to .csv file
+        if !@options.csv.nil? && @options.csv
+
+          puts "Writing to .csv file..." if @options.verbose
+          IpAuditor.write_to_csv(headers,site_data)
+
+          puts "File saved to ./IP Audit - #{@options.csv_name}.csv!"
+
+
+        # output to terminal
+        else
+          IpAuditor.write_to_terminal(headers,site_data)
+
+        end
+
+      end
+
+      # catch the basic errors
+    rescue SocketError => e
+      puts "Socket Error! Is your domain name correct?"
+    rescue Net::SSH::AuthenticationFailed
+      puts "Authentication Error! Did you correctly type in your username and password?"
+    rescue Exception => e
+      puts "Error! Have you specified the correct port? Or maybe there's a problem with the code..."
+    end
+
+  end
+
+end

data/lib/ip_auditor/version.rb

@@ -0,0 +1,3 @@
+module IpAuditor
+  VERSION = "0.0.2"
+end

metadata

@@ -0,0 +1,68 @@
+--- !ruby/object:Gem::Specification
+name: ip_auditor
+version: !ruby/object:Gem::Version
+  version: 0.0.2
+platform: ruby
+authors:
+- James Kurczodyna
+- Kellen Hawley
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2014-05-09 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: net-ssh
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 2.6.7
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 2.6.7
+description: IP Auditor
+email:
+- james@finedesigngroup.com
+executables:
+- audit_ips
+extensions: []
+extra_rdoc_files: []
+files:
+- .gitignore
+- Gemfile
+- LICENSE
+- README.md
+- Rakefile
+- ip_auditor.gemspec
+- lib/ip_auditor.rb
+- lib/ip_auditor/version.rb
+- bin/audit_ips
+homepage: https://github.com/jamesmkur/ip-auditor
+licenses: []
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.1.3
+signing_key: 
+specification_version: 4
+summary: Audits Apache vhosts and domain IPs
+test_files: []