notoken-core 1.0.0

package/dist/parsers/fileFinder.js

@@ -0,0 +1,226 @@
+/**
+ * Smart file finder.
+ *
+ * When a user asks about a specific file or config, searches known locations
+ * by file type, service, and name. Works locally or remotely via SSH.
+ *
+ * Reads locations from config/file-hints.json so users can extend it.
+ */
+import { readFileSync } from "node:fs";
+import { resolve } from "node:path";
+import { runRemoteCommand, runLocalCommand } from "../execution/ssh.js";
+import { CONFIG_DIR } from "../utils/paths.js";
+const HINTS_FILE = resolve(CONFIG_DIR, "file-hints.json");
+let cachedHints = null;
+function loadHints() {
+    if (cachedHints)
+        return cachedHints;
+    const raw = JSON.parse(readFileSync(HINTS_FILE, "utf-8"));
+    delete raw._description;
+    cachedHints = raw;
+    return cachedHints;
+}
+/**
+ * Known file locations by category.
+ * These are the standard/common paths on Linux systems.
+ */
+export const KNOWN_LOCATIONS = {
+    // Nginx
+    nginx: [
+        { path: "/etc/nginx/nginx.conf", description: "Nginx main config" },
+        { path: "/etc/nginx/conf.d/", description: "Nginx config directory" },
+        { path: "/etc/nginx/sites-available/", description: "Nginx sites available" },
+        { path: "/etc/nginx/sites-enabled/", description: "Nginx sites enabled" },
+        { path: "/var/log/nginx/access.log", description: "Nginx access log" },
+        { path: "/var/log/nginx/error.log", description: "Nginx error log" },
+        { path: "/usr/share/nginx/html/", description: "Nginx default webroot" },
+    ],
+    // Apache
+    apache: [
+        { path: "/etc/apache2/apache2.conf", description: "Apache main config (Debian)" },
+        { path: "/etc/httpd/conf/httpd.conf", description: "Apache main config (RHEL)" },
+        { path: "/etc/apache2/sites-available/", description: "Apache sites available" },
+        { path: "/etc/apache2/sites-enabled/", description: "Apache sites enabled" },
+        { path: "/etc/httpd/conf.d/", description: "Apache config directory (RHEL)" },
+        { path: "/var/log/apache2/access.log", description: "Apache access log (Debian)" },
+        { path: "/var/log/apache2/error.log", description: "Apache error log (Debian)" },
+        { path: "/var/log/httpd/access_log", description: "Apache access log (RHEL)" },
+        { path: "/var/log/httpd/error_log", description: "Apache error log (RHEL)" },
+        { path: "/var/www/html/", description: "Apache default webroot" },
+    ],
+    // System auth
+    auth: [
+        { path: "/etc/passwd", description: "User accounts" },
+        { path: "/etc/shadow", description: "Password hashes" },
+        { path: "/etc/group", description: "Group definitions" },
+        { path: "/etc/sudoers", description: "Sudo rules" },
+        { path: "/etc/sudoers.d/", description: "Sudo rules directory" },
+        { path: "/etc/ssh/sshd_config", description: "SSH daemon config" },
+        { path: "/etc/pam.d/", description: "PAM config directory" },
+    ],
+    // SSL/TLS
+    ssl: [
+        { path: "/etc/ssl/certs/", description: "System SSL certificates" },
+        { path: "/etc/ssl/private/", description: "Private keys" },
+        { path: "/etc/letsencrypt/live/", description: "Let's Encrypt certificates" },
+        { path: "/etc/pki/tls/certs/", description: "PKI certificates (RHEL)" },
+    ],
+    // System
+    system: [
+        { path: "/etc/hostname", description: "Hostname" },
+        { path: "/etc/hosts", description: "Hosts file" },
+        { path: "/etc/resolv.conf", description: "DNS resolver config" },
+        { path: "/etc/fstab", description: "Filesystem mounts" },
+        { path: "/etc/crontab", description: "System crontab" },
+        { path: "/etc/environment", description: "System environment variables" },
+        { path: "/etc/sysctl.conf", description: "Kernel parameters" },
+    ],
+    // Network
+    network: [
+        { path: "/etc/network/interfaces", description: "Network interfaces (Debian)" },
+        { path: "/etc/sysconfig/network-scripts/", description: "Network scripts (RHEL)" },
+        { path: "/etc/netplan/", description: "Netplan config (Ubuntu)" },
+        { path: "/etc/iptables/rules.v4", description: "iptables rules" },
+        { path: "/etc/firewalld/", description: "Firewalld config" },
+    ],
+    // Database
+    postgres: [
+        { path: "/etc/postgresql/", description: "PostgreSQL config directory" },
+        { path: "/var/lib/postgresql/", description: "PostgreSQL data" },
+        { path: "/var/log/postgresql/", description: "PostgreSQL logs" },
+    ],
+    mysql: [
+        { path: "/etc/mysql/my.cnf", description: "MySQL main config" },
+        { path: "/etc/mysql/mysql.conf.d/", description: "MySQL config directory" },
+        { path: "/var/log/mysql/", description: "MySQL logs" },
+    ],
+    redis: [
+        { path: "/etc/redis/redis.conf", description: "Redis config" },
+        { path: "/var/log/redis/", description: "Redis logs" },
+    ],
+    // Application
+    env: [
+        { path: ".env", description: "Local .env file" },
+        { path: ".env.local", description: "Local overrides" },
+        { path: ".env.production", description: "Production env" },
+        { path: ".env.staging", description: "Staging env" },
+        { path: ".env.development", description: "Development env" },
+    ],
+    // Docker
+    docker: [
+        { path: "/etc/docker/daemon.json", description: "Docker daemon config" },
+        { path: "docker-compose.yml", description: "Docker Compose config" },
+        { path: "docker-compose.yaml", description: "Docker Compose config" },
+        { path: "Dockerfile", description: "Dockerfile" },
+    ],
+    // Systemd
+    systemd: [
+        { path: "/etc/systemd/system/", description: "Systemd unit files" },
+        { path: "/usr/lib/systemd/system/", description: "System unit files" },
+        { path: "/var/log/journal/", description: "Systemd journal logs" },
+    ],
+    // Logs
+    logs: [
+        { path: "/var/log/syslog", description: "System log (Debian)" },
+        { path: "/var/log/messages", description: "System log (RHEL)" },
+        { path: "/var/log/auth.log", description: "Auth log (Debian)" },
+        { path: "/var/log/secure", description: "Auth log (RHEL)" },
+        { path: "/var/log/kern.log", description: "Kernel log" },
+        { path: "/var/log/dmesg", description: "Boot messages" },
+    ],
+};
+// Aliases for category lookup
+const CATEGORY_ALIASES = {
+    httpd: "apache", http: "apache", web: "nginx",
+    pg: "postgres", postgresql: "postgres", database: "postgres", db: "postgres",
+    cache: "redis",
+    ssh: "auth", users: "auth", passwd: "auth", shadow: "auth",
+    certs: "ssl", certificates: "ssl", tls: "ssl", "lets-encrypt": "ssl", letsencrypt: "ssl",
+    firewall: "network", iptables: "network", netplan: "network",
+    compose: "docker", container: "docker",
+    journal: "systemd", services: "systemd",
+    syslog: "logs", "auth.log": "logs",
+    dotenv: "env", environment: "env",
+};
+/**
+ * Find files for a given query (service name, file type, or filename).
+ * Reads from config/file-hints.json.
+ */
+export function findKnownLocations(query) {
+    const lower = query.toLowerCase();
+    const hints = loadHints();
+    // Find the matching category
+    let category;
+    // Direct name match
+    if (hints[lower])
+        category = hints[lower];
+    // Alias match
+    if (!category) {
+        for (const cat of Object.values(hints)) {
+            if (cat.aliases?.some((a) => a === lower)) {
+                category = cat;
+                break;
+            }
+        }
+    }
+    if (category) {
+        const results = [];
+        for (const group of [category.configs, category.logs, category.data]) {
+            if (group)
+                results.push(...group);
+        }
+        return results;
+    }
+    // Fuzzy search across all categories
+    const results = [];
+    for (const cat of Object.values(hints)) {
+        for (const group of [cat.configs, cat.logs, cat.data]) {
+            if (!group)
+                continue;
+            for (const loc of group) {
+                if (loc.path.toLowerCase().includes(lower) || loc.description.toLowerCase().includes(lower)) {
+                    results.push(loc);
+                }
+            }
+        }
+    }
+    return results;
+}
+/**
+ * Get the recommended parser type for a service.
+ */
+export function getParserForService(service) {
+    const hints = loadHints();
+    const cat = hints[service.toLowerCase()];
+    return cat?.parser ?? "text";
+}
+/**
+ * Search for a file on a remote server.
+ */
+export async function searchRemoteFile(query, environment, execution = "remote") {
+    const run = execution === "local" ? runLocalCommand : (cmd) => runRemoteCommand(environment, cmd);
+    // First check known locations
+    const known = findKnownLocations(query);
+    const knownPaths = known.map((k) => k.path);
+    // Check which known paths exist
+    if (knownPaths.length > 0) {
+        const checkCmd = knownPaths.map((p) => `test -e ${p} && echo ${p}`).join("; ");
+        try {
+            const result = (await run(checkCmd)).trim();
+            if (result)
+                return result.split("\n").filter(Boolean);
+        }
+        catch { }
+    }
+    // Fall back to find
+    const searchDirs = ["/etc", "/var/log", "/var/www", "/srv", "/opt", "/home"];
+    const sanitized = query.replace(/[^a-zA-Z0-9._*\-]/g, "");
+    const findCmd = `find ${searchDirs.join(" ")} -maxdepth 4 -iname '*${sanitized}*' 2>/dev/null | head -20`;
+    try {
+        const result = (await run(findCmd)).trim();
+        return result ? result.split("\n").filter(Boolean) : [];
+    }
+    catch {
+        return [];
+    }
+}

package/dist/parsers/index.d.ts

@@ -0,0 +1,27 @@
+/**
+ * File parser system.
+ *
+ * Detects file type and delegates to the right parser.
+ * Supports: passwd, shadow, .env, yaml, json, generic text.
+ */
+export type FileType = "passwd" | "shadow" | "env" | "yaml" | "json" | "nginx" | "apache" | "bind" | "text" | "unknown";
+export interface ParsedFile {
+    path: string;
+    type: FileType;
+    raw: string;
+    data: unknown;
+    summary: string;
+    entries?: number;
+}
+/**
+ * Detect file type from path and content.
+ */
+export declare function detectFileType(filePath: string, content?: string): FileType;
+/**
+ * Parse a file and return structured data.
+ */
+export declare function parseFile(filePath: string): ParsedFile;
+/**
+ * Format a parsed file for display.
+ */
+export declare function formatParsedFile(parsed: ParsedFile): string;

package/dist/parsers/index.js

@@ -0,0 +1,193 @@
+/**
+ * File parser system.
+ *
+ * Detects file type and delegates to the right parser.
+ * Supports: passwd, shadow, .env, yaml, json, generic text.
+ */
+import { readFileSync, existsSync } from "node:fs";
+import { extname, basename } from "node:path";
+import { parsePasswd } from "./passwd.js";
+import { parseShadow } from "./shadow.js";
+import { parseEnvFile } from "./envFile.js";
+import { parseYaml } from "./yamlParser.js";
+import { parseJson } from "./jsonParser.js";
+import { parseNginx, formatNginxSummary } from "./nginxParser.js";
+import { parseApache, formatApacheSummary } from "./apacheParser.js";
+import { parseZoneFile, formatZoneSummary } from "./bindParser.js";
+/**
+ * Detect file type from path and content.
+ */
+export function detectFileType(filePath, content) {
+    const name = basename(filePath);
+    const ext = extname(filePath).toLowerCase();
+    if (name === "passwd" || filePath.includes("/etc/passwd"))
+        return "passwd";
+    if (name === "shadow" || filePath.includes("/etc/shadow"))
+        return "shadow";
+    if (name === ".env" || name.startsWith(".env.") || ext === ".env")
+        return "env";
+    if (ext === ".yml" || ext === ".yaml")
+        return "yaml";
+    if (ext === ".json")
+        return "json";
+    if (filePath.includes("nginx") && (ext === ".conf" || ext === ""))
+        return "nginx";
+    if ((filePath.includes("apache") || filePath.includes("httpd")) && (ext === ".conf" || ext === ""))
+        return "apache";
+    if ((filePath.includes("bind") || filePath.includes("named") || filePath.includes("/zones/")) && ext === ".zone")
+        return "bind";
+    if (filePath.includes("db.") && filePath.includes("/bind"))
+        return "bind";
+    // Content-based detection
+    if (content) {
+        const firstLine = content.split("\n")[0] ?? "";
+        // passwd format: user:x:uid:gid:...
+        if (/^\w+:[x*!]:?\d+:\d+:/.test(firstLine))
+            return "passwd";
+        // shadow format: user:$hash:...
+        if (/^\w+:[\$!*]/.test(firstLine))
+            return "shadow";
+        // env format: KEY=VALUE
+        if (/^[A-Z_][A-Z0-9_]*=/.test(firstLine))
+            return "env";
+        // json
+        if (firstLine.trim().startsWith("{") || firstLine.trim().startsWith("["))
+            return "json";
+        // yaml
+        if (firstLine.trim().startsWith("---") || /^\w+:\s/.test(firstLine))
+            return "yaml";
+    }
+    return "text";
+}
+/**
+ * Parse a file and return structured data.
+ */
+export function parseFile(filePath) {
+    if (!existsSync(filePath)) {
+        return { path: filePath, type: "unknown", raw: "", data: null, summary: `File not found: ${filePath}` };
+    }
+    const raw = readFileSync(filePath, "utf-8");
+    const type = detectFileType(filePath, raw);
+    switch (type) {
+        case "passwd": {
+            const entries = parsePasswd(raw);
+            return {
+                path: filePath, type, raw, data: entries,
+                summary: `${entries.length} user(s)`,
+                entries: entries.length,
+            };
+        }
+        case "shadow": {
+            const entries = parseShadow(raw);
+            return {
+                path: filePath, type, raw, data: entries,
+                summary: `${entries.length} shadow entries`,
+                entries: entries.length,
+            };
+        }
+        case "env": {
+            const entries = parseEnvFile(raw);
+            return {
+                path: filePath, type, raw, data: entries,
+                summary: `${entries.length} variable(s)`,
+                entries: entries.length,
+            };
+        }
+        case "yaml": {
+            const data = parseYaml(raw);
+            const keys = typeof data === "object" && data ? Object.keys(data) : [];
+            return {
+                path: filePath, type, raw, data,
+                summary: `YAML with ${keys.length} top-level key(s)`,
+            };
+        }
+        case "json": {
+            const data = parseJson(raw);
+            const keys = typeof data === "object" && data && !Array.isArray(data) ? Object.keys(data) : [];
+            const count = Array.isArray(data) ? data.length : keys.length;
+            return {
+                path: filePath, type, raw, data,
+                summary: `JSON with ${count} ${Array.isArray(data) ? "item(s)" : "key(s)"}`,
+            };
+        }
+        case "nginx": {
+            const config = parseNginx(raw);
+            return {
+                path: filePath, type, raw, data: config,
+                summary: `Nginx config with ${config.servers.length} server block(s)`,
+            };
+        }
+        case "apache": {
+            const config = parseApache(raw);
+            return {
+                path: filePath, type, raw, data: config,
+                summary: `Apache config with ${config.vhosts.length} VirtualHost(s)`,
+            };
+        }
+        case "bind": {
+            const zoneData = parseZoneFile(raw);
+            return {
+                path: filePath, type, raw, data: zoneData,
+                summary: `DNS zone with ${zoneData.records.length} record(s)`,
+            };
+        }
+        default:
+            return {
+                path: filePath, type: "text", raw, data: raw,
+                summary: `${raw.split("\n").length} line(s)`,
+            };
+    }
+}
+/**
+ * Format a parsed file for display.
+ */
+export function formatParsedFile(parsed) {
+    const c = { reset: "\x1b[0m", bold: "\x1b[1m", dim: "\x1b[2m", cyan: "\x1b[36m", yellow: "\x1b[33m" };
+    const lines = [];
+    lines.push(`${c.bold}${parsed.path}${c.reset} (${parsed.type}) — ${parsed.summary}`);
+    lines.push("");
+    switch (parsed.type) {
+        case "passwd": {
+            const entries = parsed.data;
+            for (const e of entries.slice(0, 20)) {
+                lines.push(`  ${c.cyan}${e.username}${c.reset} uid=${e.uid} gid=${e.gid} home=${e.home} shell=${e.shell}`);
+            }
+            if (entries.length > 20)
+                lines.push(`  ${c.dim}... and ${entries.length - 20} more${c.reset}`);
+            break;
+        }
+        case "shadow": {
+            const entries = parsed.data;
+            for (const e of entries.slice(0, 20)) {
+                const status = e.locked ? "locked" : e.hasPassword ? "has password" : "no password";
+                lines.push(`  ${c.cyan}${e.username}${c.reset} ${status} lastChanged=${e.lastChanged ?? "?"}`);
+            }
+            break;
+        }
+        case "env": {
+            const entries = parsed.data;
+            for (const e of entries) {
+                const val = e.isSecret ? `${c.yellow}****${c.reset}` : e.value;
+                lines.push(`  ${c.cyan}${e.key}${c.reset}=${val}`);
+            }
+            break;
+        }
+        case "nginx":
+            lines.push(formatNginxSummary(parsed.data));
+            break;
+        case "apache":
+            lines.push(formatApacheSummary(parsed.data));
+            break;
+        case "bind":
+            lines.push(formatZoneSummary(parsed.data));
+            break;
+        case "yaml":
+        case "json":
+            lines.push(JSON.stringify(parsed.data, null, 2).split("\n").slice(0, 30).join("\n"));
+            break;
+        default:
+            lines.push(parsed.raw.split("\n").slice(0, 20).join("\n"));
+            break;
+    }
+    return lines.join("\n");
+}

package/dist/parsers/jsonParser.d.ts

@@ -0,0 +1,16 @@
+/**
+ * JSON parser with path-based access.
+ */
+export declare function parseJson(content: string): unknown;
+/**
+ * Get a nested value using dot-notation or bracket path.
+ * e.g., getJsonValue(data, "users[0].name")
+ */
+export declare function getJsonValue(data: unknown, path: string): unknown;
+/**
+ * Search JSON for keys matching a pattern.
+ */
+export declare function searchJsonKeys(data: unknown, pattern: string, prefix?: string): Array<{
+    path: string;
+    value: unknown;
+}>;

package/dist/parsers/jsonParser.js

@@ -0,0 +1,57 @@
+/**
+ * JSON parser with path-based access.
+ */
+export function parseJson(content) {
+    return JSON.parse(content);
+}
+/**
+ * Get a nested value using dot-notation or bracket path.
+ * e.g., getJsonValue(data, "users[0].name")
+ */
+export function getJsonValue(data, path) {
+    const parts = path.match(/[^.[\]]+/g);
+    if (!parts)
+        return undefined;
+    let current = data;
+    for (const part of parts) {
+        if (current === null || current === undefined || typeof current !== "object") {
+            return undefined;
+        }
+        if (Array.isArray(current)) {
+            const idx = Number(part);
+            if (isNaN(idx))
+                return undefined;
+            current = current[idx];
+        }
+        else {
+            current = current[part];
+        }
+    }
+    return current;
+}
+/**
+ * Search JSON for keys matching a pattern.
+ */
+export function searchJsonKeys(data, pattern, prefix = "") {
+    const results = [];
+    const lower = pattern.toLowerCase();
+    if (data === null || data === undefined || typeof data !== "object")
+        return results;
+    if (Array.isArray(data)) {
+        for (let i = 0; i < data.length; i++) {
+            results.push(...searchJsonKeys(data[i], pattern, `${prefix}[${i}]`));
+        }
+    }
+    else {
+        for (const [key, value] of Object.entries(data)) {
+            const fullPath = prefix ? `${prefix}.${key}` : key;
+            if (key.toLowerCase().includes(lower)) {
+                results.push({ path: fullPath, value });
+            }
+            if (typeof value === "object" && value !== null) {
+                results.push(...searchJsonKeys(value, pattern, fullPath));
+            }
+        }
+    }
+    return results;
+}

package/dist/parsers/nginxParser.d.ts

@@ -0,0 +1,47 @@
+/**
+ * Nginx config parser.
+ *
+ * Parses nginx.conf and site configs into structured blocks.
+ * Handles: server blocks, location blocks, upstream, directives.
+ */
+export interface NginxDirective {
+    name: string;
+    args: string[];
+    line: number;
+}
+export interface NginxBlock {
+    type: string;
+    args: string[];
+    directives: NginxDirective[];
+    blocks: NginxBlock[];
+    line: number;
+}
+export interface NginxConfig {
+    directives: NginxDirective[];
+    blocks: NginxBlock[];
+    servers: NginxServerBlock[];
+}
+export interface NginxServerBlock {
+    listen: string[];
+    serverName: string[];
+    root?: string;
+    index?: string;
+    locations: Array<{
+        path: string;
+        proxyPass?: string;
+        root?: string;
+        tryFiles?: string;
+        directives: NginxDirective[];
+    }>;
+    ssl: boolean;
+    sslCertificate?: string;
+    sslCertificateKey?: string;
+}
+/**
+ * Parse nginx config content.
+ */
+export declare function parseNginx(content: string): NginxConfig;
+/**
+ * Format an nginx config summary for display.
+ */
+export declare function formatNginxSummary(config: NginxConfig): string;