jibril 0.0.1

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: 1695dccb759b28e176fe0473eed5583d4d6d7774742579ce58b17f23a074c58e
+  data.tar.gz: ac1b0685aa0d5b845fb27168547528dca06544858975b56562076d5cdfdd4bd5
+SHA512:
+  metadata.gz: 9d27d5521e6ba3bd3398d5120b7c378c59684e68fcb554e9503bbdb1bfb98b96b37dad7c1b63dcf61010550dede204dcd4c755dd24486da04e53e1a486f4fbcc
+  data.tar.gz: 4dfc93f3319a5da70c2dac9dd1b99cf2d50c04a684bb4173a9517f7c1d2a21b89a4b0e69c635261d2186723f482eacc3cc7ff56ebc6de6f2dfd5ec4ccf0b458c

data/.gitignore

@@ -0,0 +1,11 @@
+/.bundle/
+/.yardoc
+/_yardoc/
+/coverage/
+/doc/
+/pkg/
+/spec/reports/
+/tmp/
+
+*.swp
+*.swo

data/Gemfile

@@ -0,0 +1,5 @@
+# frozen_string_literal: true
+
+source "https://rubygems.org"
+
+gemspec

data/LICENSE.txt

@@ -0,0 +1,21 @@
+The MIT License (MIT)
+
+Copyright (c) 2018 Wolf
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.

data/README.md

@@ -0,0 +1,25 @@
+# Jibril
+
+Simple chef-inspired configuration management tool. While chef is awesome,
+it has crazy high requirements (mainly memory-wise) for managing like
+8 devices I have.
+
+Ansible would be great IF all my devices were reachable, however some are
+behind NATs.
+
+Jibril tries to solve both issue. It's designed to be light on the server
+(raspberry pi is enough), with one server (so NATs are not an issue)
+and ruby DSL for the configuration scripts (so like chef, I don't like the
+way ansible uses yaml for this).
+
+## Installation
+
+	$ gem install jibril
+
+## Usage
+
+TODO: Write usage instructions here
+
+## License
+
+The gem is available as open source under the terms of the [MIT License](https://opensource.org/licenses/MIT).

data/Rakefile

@@ -0,0 +1,10 @@
+require "bundler/gem_tasks"
+require "rake/testtask"
+
+Rake::TestTask.new(:test) do |t|
+  t.libs << "test"
+  t.libs << "lib"
+  t.test_files = FileList["test/**/*_test.rb"]
+end
+
+task :default => :test

data/bin/jibril-client.rb

@@ -0,0 +1,34 @@
+#!/usr/bin/env ruby
+# frozen_string_literal: true
+
+raise NotImplementedError
+
+__END__
+require 'logger'
+require 'socket'
+require 'openssl'
+
+require 'pry'
+
+require_relative '../lib/jibril'
+
+$l = Logger.new(STDOUT)
+
+socket = TCPSocket.new('127.0.0.1', Jibril::PORT)
+
+ctx = OpenSSL::SSL::SSLContext.new
+ctx.key = OpenSSL::PKey::RSA.new(File.open('test/certs/client1.key'))
+ctx.cert = OpenSSL::X509::Certificate.new(File.open('test/certs/client1.crt'))
+
+$l.debug { "Client cert: #{OpenSSL::Digest::MD5.new(ctx.cert.to_der).to_s}" }
+
+ssl_socket = OpenSSL::SSL::SSLSocket.new(socket, ctx)
+ssl_socket.sync_close = true
+
+ssl_socket.connect
+
+pp OpenSSL::Digest::SHA1.new(ssl_socket.peer_cert.to_der).to_s
+
+ssl_socket.write 'test'
+
+ssl_socket.close

data/bin/jibril-server.rb

@@ -0,0 +1,119 @@
+#!/usr/bin/env ruby
+# frozen_string_literal: true
+
+raise NotImplementedError
+
+__END__
+require 'logger'
+require 'jibril'
+
+begin
+  $l = Logger.new(STDOUT)
+  conf = Jibril::Config.new(
+rescue => e
+  pp e
+end
+
+__END__
+sockets = Socket.tcp_server_sockets('0.0.0.0', Jibril::PORT)
+sockets.each do |socket|
+  $l.info { "Ready to accept: #{socket.local_address.inspect_sockaddr}" }
+end
+
+def handle_accept socket
+  $l.info { "Handle accept" }
+
+  begin
+    con,_ = socket.accept_nonblock
+  rescue IO::WaitReadable
+    $l.warn { 'Failed to accept!' }
+    return
+  end
+
+  cert_store = OpenSSL::X509::Store.new
+  cert_store.set_default_paths
+  cert_store.verify_callback = lambda do |preverify_ok, store_ctx|
+    puts "Store callback, #{store_ctx}"
+    true
+  end
+
+  ctx = OpenSSL::SSL::SSLContext.new
+  ctx.key = OpenSSL::PKey::RSA.new(File.open('test/certs/server.key'))
+  ctx.cert = OpenSSL::X509::Certificate.new(File.open('test/certs/server.crt'))
+  ctx.min_version = :TLS1_2
+  ctx.verify_mode = OpenSSL::SSL::VERIFY_PEER | OpenSSL::SSL::VERIFY_FAIL_IF_NO_PEER_CERT
+  ctx.cert_store = cert_store
+  ctx.verify_callback = lambda do |preverify_ok, store_ctx|
+    puts "CTX   callback, #{store_ctx}"
+    true
+  end
+
+  $l.debug { "Server cert: #{OpenSSL::Digest::MD5.new(ctx.cert.to_der).to_s}" }
+
+  ssl_socket = OpenSSL::SSL::SSLSocket.new(con, ctx)
+  ssl_socket.sync_close = true
+
+  begin
+    #ssl_socket.accept_nonblock
+    ssl_socket.accept
+  rescue IO::WaitReadable
+    IO.select([con])
+    retry
+  rescue IO::WaitWritable
+    IO.select([con])
+    retry
+  rescue => e
+    $l.warn { "Unexpected exception: #{e}" }
+    raise
+  end
+  $l.info { "Accepted" }
+
+  pp ssl_socket.peer_cert
+
+  begin
+    pp ssl_socket.read_nonblock(1024)
+  rescue IO::WaitReadable
+    IO.select([con])
+    retry
+  rescue IO::WaitWritable
+    IO.select([con])
+    retry
+  end
+
+  ssl_socket.close
+
+  $l.info { 'SSL close' }
+end
+
+while true
+  read, _, _ = IO.select(sockets)
+
+  if !read.empty?
+    $l.info { "Read ready on server socket" }
+    read.each { |socket| handle_accept(socket) }
+  end
+end
+
+__END__
+module Jibril
+  class Server
+    def initialize(host = '0.0.0.0', port = 9876)
+      @threads = []
+      @host = host
+      @port = port
+
+      @servers = Socket.tcp_server_sockets(@host, @port)
+      @servers.each do |s|
+        $l.info { "Ready to accept: #{s.local_address.inspect_sockaddr}" }
+      end
+    end
+    def start!
+      Socket.accept_loop(@servers) do |con|
+        $l.info { "Connection from: #{con.remote_address.inspect_sockaddr}" }
+        con.close
+      end
+    end
+  end
+end
+
+Jibril::Server.new.start!

data/jibril.gemspec

@@ -0,0 +1,39 @@
+# frozen_string_literal: true
+
+lib = File.expand_path("../lib", __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require "jibril/version"
+
+Gem::Specification.new do |spec|
+  spec.name          = "jibril"
+  spec.version       = Jibril::VERSION
+  spec.authors       = ["Wolf"]
+  spec.email         = ["wolf@wolfsden.cz"]
+
+  spec.summary       = %q{Simple configuration management tool.}
+  spec.description   = <<~EOF
+    Simple chef-inspired configuration management tool. While chef is awesome,
+    it has crazy high requirements (mainly memory-wise) for managing like
+    8 devices I have.
+
+    Ansible would be great IF all my devices were reachable, however some are
+    behind NATs.
+
+    Jibril tries to solve both issue. It's designed to be light on the server
+    (raspberry pi is enough), with one server (so NATs are not an issue)
+    and ruby DSL for the configuration scripts (so like chef, I don't like the
+    way ansible uses yaml for this).
+  EOF
+  spec.homepage      = "https://github.com/graywolf/jibril"
+  spec.license       = "MIT"
+
+  spec.files         = `git ls-files -z`.split("\x0").reject do |f|
+    f.match(%r{^(test|spec|features)/})
+  end
+  spec.executables   = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
+  spec.require_paths = ["lib"]
+
+  spec.add_development_dependency "bundler", "~> 1.16"
+  spec.add_development_dependency "rake", "~> 10.0"
+  spec.add_development_dependency "minitest", "~> 5.0"
+end

data/lib/jibril.rb

@@ -0,0 +1,4 @@
+# frozen_string_literal: true
+
+require_relative 'jibril/config'
+require_relative 'jibril/version'

data/lib/jibril/config.rb

@@ -0,0 +1,23 @@
+# frozen_string_literal: true
+
+require 'yaml'
+
+module Jibril
+  class Config
+    def initialize(conf_file)
+      @conf = YAML.load_file(conf_file)
+    end
+    def bind
+      @conf[:bind]
+    end
+    def port
+      @conf[:port]
+    end
+    def key
+      @conf[:key]
+    end
+    def crt
+      @conf[:crt]
+    end
+  end
+end

data/lib/jibril/version.rb

@@ -0,0 +1,5 @@
+# frozen_string_literal: true
+
+module Jibril
+  VERSION = "0.0.1"
+end

metadata

@@ -0,0 +1,110 @@
+--- !ruby/object:Gem::Specification
+name: jibril
+version: !ruby/object:Gem::Version
+  version: 0.0.1
+platform: ruby
+authors:
+- Wolf
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2018-01-27 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.16'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.16'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '10.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '10.0'
+- !ruby/object:Gem::Dependency
+  name: minitest
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '5.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '5.0'
+description: |
+  Simple chef-inspired configuration management tool. While chef is awesome,
+  it has crazy high requirements (mainly memory-wise) for managing like
+  8 devices I have.
+
+  Ansible would be great IF all my devices were reachable, however some are
+  behind NATs.
+
+  Jibril tries to solve both issue. It's designed to be light on the server
+  (raspberry pi is enough), with one server (so NATs are not an issue)
+  and ruby DSL for the configuration scripts (so like chef, I don't like the
+  way ansible uses yaml for this).
+email:
+- wolf@wolfsden.cz
+executables:
+- jibril-client.rb
+- jibril-server.rb
+extensions: []
+extra_rdoc_files: []
+files:
+- ".gitignore"
+- Gemfile
+- LICENSE.txt
+- README.md
+- Rakefile
+- bin/jibril-client.rb
+- bin/jibril-server.rb
+- jibril.gemspec
+- lib/jibril.rb
+- lib/jibril/config.rb
+- lib/jibril/version.rb
+homepage: https://github.com/graywolf/jibril
+licenses:
+- MIT
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.7.3
+signing_key: 
+specification_version: 4
+summary: Simple configuration management tool.
+test_files: []