wative 1.1.16 → 1.1.18

package/src/wative.ts

@@ -1,20 +1,58 @@
 import * as path from 'path';
 import { Command } from 'commander';
 import { execSync } from 'child_process';
-import { getAndGenerateConfig } from './ssh/utils';
+import { SSHServiceManager } from './ssh/service_manager';
+import { SSHConfigManager } from './ssh/config_manager';
 import * as fs from 'fs';
+import { spawn } from 'child_process';
 
-const os = require('os');
 const program = new Command();
 const packageJson = require('../package.json');
 
-const hasSystemd = () => {
-    try {
-        execSync('systemctl --version', { stdio: 'ignore' });
-        return true;
-    } catch (error) {
-        return false;
+// 全局服务管理器实例
+let serviceManager: SSHServiceManager;
+
+// 守护进程监控器
+const startDaemonWatcher = (serviceName: string, encryptedPasswords: string) => {
+    const logDir = path.join(process.env.HOME || '', '.wative', 'logs');
+    const pidDir = path.join(process.env.HOME || '', '.wative', 'ssh', 'pids');
+
+    if (!fs.existsSync(logDir)) {
+        fs.mkdirSync(logDir, { recursive: true });
+    }
+    if (!fs.existsSync(pidDir)) {
+        fs.mkdirSync(pidDir, { recursive: true });
     }
+
+    const logFile = path.join(logDir, `${serviceName}-daemon.log`);
+    const pidFile = path.join(pidDir, `${serviceName}-daemon.pid`);
+    const watcherPidFile = path.join(pidDir, `${serviceName}-watcher.pid`);
+
+    // Start daemon watcher process
+    const watcher = spawn('node', [
+        path.resolve(__dirname, 'daemon-watcher.js'),
+        serviceName,
+        logFile,
+        pidFile,
+        watcherPidFile,
+        path.resolve(__dirname, '..')
+    ], {
+        detached: true,
+        stdio: 'ignore',
+        env: {
+            ...process.env,
+            WATIVE_ENCRYPTED_PASSWORDS: encryptedPasswords
+        }
+    });
+
+    // 写入监控器PID文件
+    fs.writeFileSync(watcherPidFile, watcher.pid!.toString());
+
+    watcher.unref();
+
+    console.log(`SSH service '${serviceName}' daemon watcher started with PID: ${watcher.pid}`);
+    console.log(`Daemon log file: ${logFile}`);
+    console.log(`Watcher PID file: ${watcherPidFile}`);
 };
 
 program
@@ -28,144 +66,544 @@ program
         console.log(`Wative CLI Tool v${packageJson.version}`);
     });
 
-
-const startSSHService = async () => {
-    if (!hasSystemd()) {
-        console.log('Systemd is not available.');
-        return;
+// 初始化服务管理器
+const initServiceManager = () => {
+    if (!serviceManager) {
+        const configDir = path.join(process.env.HOME || '', '.wative', 'ssh');
+        serviceManager = new SSHServiceManager(configDir);
     }
+    return serviceManager;
+};
 
-    let logDir = '/var/log/wative';
-    if (!fs.existsSync(logDir)) {
-        fs.mkdirSync(logDir);
-    }
+const sshCommand = program
+    .command('ssh')
+    .description('Manage SSH services');
 
-    const userHomeDirectory = os.homedir();
-    const keystorePath = path.join(userHomeDirectory, '.wative');
-    await getAndGenerateConfig(keystorePath);
-    console.log('Starting SSH service...');
-    try {
-        execSync('wative-ssh --daemon', { stdio: 'inherit' });
-    } catch (error) { }
-    console.log('SSH service started.');
-}
 
-const stopSSHService = () => {
-    if (!hasSystemd()) {
-        console.log('Systemd is not available.');
-        return;
-    }
 
-    try {
-        execSync("ps aux | grep wative-ssh | grep -v grep | awk '{print $2}' | sudo xargs kill", { stdio: 'inherit' });
-    } catch (error) {
-        // console.log(error);
-    }
-    console.log('SSH service stopped.');
-}
+// SSH start command
+sshCommand
+    .command('start')
+    .description('Start SSH service')
+    .option('-c, --config <name>', 'Specify service configuration name')
+    .option('-d, --daemon', 'Run service in daemon mode')
+    .action(async (options) => {
+        const manager = initServiceManager();
 
-const addSSHService = async () => {
-    if (!hasSystemd()) {
-        console.log('Systemd is not available.');
-        return;
-    }
+        try {
+            if (!options.config) {
+                console.error('Error: Configuration name is required. Use -c or --config to specify a service configuration.');
+                process.exit(1);
+            }
+
+            const serviceName = options.config;
+
+            // 在启动前检查端口是否被占用
+            const config = manager.getServiceConfig(serviceName);
+            const net = require('net');
+
+            // 端口占用检查函数
+            const isPortInUse = async (port: number, host: string = '127.0.0.1'): Promise<boolean> => {
+                return new Promise((resolve) => {
+                    const server = net.createServer();
+
+                    server.listen(port, host, () => {
+                        server.once('close', () => {
+                            resolve(false); // 端口未被占用
+                        });
+                        server.close();
+                    });
+
+                    server.on('error', (err: any) => {
+                        if (err.code === 'EADDRINUSE') {
+                            resolve(true); // 端口被占用
+                        } else {
+                            resolve(false); // 其他错误，假设端口可用
+                        }
+                    });
+                });
+            };
+
+            // 检查端口占用
+            const portInUse = await isPortInUse(config.ssh.port, config.ssh.listen);
+            if (portInUse) {
+                const errorMessage = `Port ${config.ssh.port} on ${config.ssh.listen} is already in use. Cannot start SSH service '${serviceName}'.`;
+                console.error(`Error: ${errorMessage}`);
+                process.exit(1);
+            }
+
+            console.log(`Port ${config.ssh.port} on ${config.ssh.listen} is available for service '${serviceName}'`);
+
+            if (options.daemon) {
+                console.log(`Starting SSH service '${serviceName}' in daemon mode...`);
+
+                // 在 daemon 模式下，先收集密码
+                const passwords = await manager.promptForPasswords(config.keystore.allowed_keystores);
+
+                const crypto = require('crypto');
+
+                // 生成临时密钥用于加密密码
+                const tempKey = crypto.randomBytes(32);
+                const iv = crypto.randomBytes(16);
+                const cipher = crypto.createCipheriv('aes-256-cbc', tempKey, iv);
+                let encryptedPasswords = cipher.update(JSON.stringify(passwords), 'utf8', 'hex');
+                encryptedPasswords += cipher.final('hex');
+                const encryptedData = iv.toString('hex') + ':' + tempKey.toString('hex') + ':' + encryptedPasswords;
+
+                // 启动守护进程监控器
+                startDaemonWatcher(serviceName, encryptedData);
+
+                return;
+            } else if (process.env.WATIVE_DAEMON_PASSWORDS && process.env.WATIVE_WORKER_MODE) {
+                // 工作进程模式：解密并使用密码
+                const crypto = require('crypto');
+                const encryptedPasswords = process.env.WATIVE_DAEMON_PASSWORDS;
+
+                // 立即清除环境变量以防止其他进程访问
+                delete process.env.WATIVE_DAEMON_PASSWORDS;
+                delete process.env.WATIVE_WORKER_MODE;
+
+                try {
+                    // 解密密码
+                    const parts = encryptedPasswords.split(':');
+                    const iv = Buffer.from(parts[0], 'hex');
+                    const tempKey = Buffer.from(parts[1], 'hex');
+                    const encryptedData = parts[2];
+                    const decipher = crypto.createDecipheriv('aes-256-cbc', tempKey, iv);
+                    let decryptedData = decipher.update(encryptedData, 'hex', 'utf8');
+                    decryptedData += decipher.final('utf8');
+                    const passwords = JSON.parse(decryptedData);
+
+                    console.log(`[${new Date().toISOString()}] Worker process starting SSH service '${serviceName}'...`);
+
+                    // 启动服务
+                    const workerManager = initServiceManager();
+                    await workerManager.startService(serviceName, passwords);
+
+                    // 立即清除内存中的密码
+                    for (const key in passwords) {
+                        passwords[key] = null;
+                        delete passwords[key];
+                    }
+
+                    console.log(`[${new Date().toISOString()}] SSH service '${serviceName}' started successfully`);
+
+                    // 设置优雅关闭处理
+                    const gracefulShutdown = async (signal: string) => {
+                        console.log(`[${new Date().toISOString()}] Worker received ${signal}, stopping service...`);
+                        try {
+                            await workerManager.stopService(serviceName);
+                            console.log(`[${new Date().toISOString()}] Service stopped successfully`);
+                        } catch (error) {
+                            console.error(`[${new Date().toISOString()}] Error stopping service:`, error);
+                        }
+                        process.exit(0);
+                    };
+
+                    process.on('SIGTERM', () => gracefulShutdown('SIGTERM'));
+                    process.on('SIGINT', () => gracefulShutdown('SIGINT'));
+
+                    // 监控服务状态
+                    const monitorInterval = setInterval(async () => {
+                        try {
+                            const status = await workerManager.getServiceStatus(serviceName);
+                            if (status !== 'running') {
+                                console.log(`[${new Date().toISOString()}] Service status changed to: ${status}`);
+                                if (status === 'stopped') {
+                                    console.log(`[${new Date().toISOString()}] Service stopped unexpectedly, exiting worker...`);
+                                    clearInterval(monitorInterval);
+                                    process.exit(1);
+                                }
+                            }
+                        } catch (error) {
+                            console.error(`[${new Date().toISOString()}] Error checking service status:`, error);
+                        }
+                    }, 30000); // 每30秒检查一次
+
+                    // 保持进程活跃
+                    const keepAliveInterval = setInterval(() => {
+                        // 空操作，保持进程运行
+                    }, 60000);
+
+                    // 清理函数
+                    const cleanup = () => {
+                        clearInterval(monitorInterval);
+                        clearInterval(keepAliveInterval);
+                    };
+
+                    process.on('exit', cleanup);
+
+                } catch (error) {
+                    console.error(`[${new Date().toISOString()}] Worker process error:`, error);
+                    process.exit(1);
+                }
+
+                return;
+            } else {
+                // 非 daemon 模式
+                await manager.startService(serviceName);
+                console.log(`SSH service '${serviceName}' started successfully`);
+
+                // 非 daemon 模式下保持进程运行
+                process.on('SIGINT', async () => {
+                    console.log('\nReceived SIGINT, stopping services...');
+                    await manager.stopAllServices();
+                    process.exit(0);
+                });
+
+                process.on('SIGTERM', async () => {
+                    console.log('\nReceived SIGTERM, stopping services...');
+                    await manager.stopAllServices();
+                    process.exit(0);
+                });
+
+                // 保持进程活跃
+                const keepAlive = setInterval(() => {
+                    const status = manager.getServiceStatus(serviceName);
+                    if (status !== 'running') {
+                        console.log(`Service ${serviceName} is no longer running, exiting...`);
+                        clearInterval(keepAlive);
+                        process.exit(1);
+                    }
+                }, 5000);
+
+                // 阻止进程退出
+                process.stdin.resume();
+            }
+        } catch (error) {
+            console.error(`Error: ${error instanceof Error ? error.message : String(error)}`);
+            process.exit(1);
+        }
+    });
 
-    let logDir = '/var/log/wative';
-    if (!fs.existsSync(logDir)) {
-        fs.mkdirSync(logDir);
-    }
+// SSH stop command
+sshCommand
+    .command('stop')
+    .description('Stop SSH service')
+    .option('-c, --config <name>', 'Specify service configuration name')
+    .action(async (options) => {
+        const manager = initServiceManager();
 
-    const userHomeDirectory = os.homedir();
-    const keystorePath = path.join(userHomeDirectory, '.wative');
-    await getAndGenerateConfig(keystorePath);
-
-    const serviceFilePath = '/etc/systemd/system/wative.service';
-    const serviceContent = `
-[Unit]
-Description=Wative SSH Server
-After=network.target
-
-[Service]
-ExecStart=/usr/local/bin/wative-ssh
-User=root
-Group=root
-StandardOutput=append:/var/log/wative/wative.log
-StandardError=append:/var/log/wative/wative.err
-
-[Install]
-WantedBy=multi-user.target
-    `;
-
-    console.log('Adding SSH service...');
-    try {
-        execSync(`sudo echo '${serviceContent}' > ${serviceFilePath}`, { stdio: 'inherit' });
-        execSync('sudo systemctl daemon-reload', { stdio: 'inherit' });
-        execSync('sudo systemctl enable wative', { stdio: 'inherit' });
-        execSync('sudo systemctl start wative', { stdio: 'inherit' });
-    } catch (error) {
-        // console.log(error);
-    }
+        try {
+            if (!options.config) {
+                console.error('Error: Configuration name is required. Use -c or --config to specify a service configuration.');
+                process.exit(1);
+            }
+
+            await manager.stopService(options.config);
+            console.log(`SSH service '${options.config}' stopped successfully`);
+        } catch (error) {
+            console.error(`Error: ${error instanceof Error ? error.message : String(error)}`);
+            process.exit(1);
+        }
+    });
 
-    console.log('SSH service added.');
-}
+// SSH restart command
+sshCommand
+    .command('restart')
+    .description('Restart SSH service')
+    .option('-c, --config <name>', 'Specify service configuration name')
+    .action(async (options) => {
+        const manager = initServiceManager();
 
+        try {
+            if (!options.config) {
+                console.error('Error: Configuration name is required. Use -c or --config to specify a service configuration.');
+                process.exit(1);
+            }
+
+            await manager.restartService(options.config);
+            console.log(`SSH service '${options.config}' restarted successfully`);
+        } catch (error) {
+            console.error(`Error: ${error instanceof Error ? error.message : String(error)}`);
+            process.exit(1);
+        }
+    });
 
-const removeSSHService = () => {
-    if (!hasSystemd()) {
-        console.log('Systemd is not available.');
-        return;
-    }
-    console.log('Removing SSH service...');
+// SSH create command
+sshCommand
+    .command('create')
+    .description('Create new SSH service configuration interactively')
+    .action(async () => {
+        const readline = require('readline');
+        const fs = require('fs');
+        const path = require('path');
+        // Use the already imported SSHConfigManager instead of requiring it again
+
+        const rl = readline.createInterface({
+            input: process.stdin,
+            output: process.stdout
+        });
+
+        const question = (prompt: string): Promise<string> => {
+            return new Promise((resolve) => {
+                rl.question(prompt, resolve);
+            });
+        };
 
-    try {
-        execSync('sudo systemctl stop wative', { stdio: 'inherit' });
-    } catch (error) {
-    }
+        try {
+            console.log('SSH create command started...');
+
+            // 1. Configure storage location
+            const defaultStoragePath = path.join(process.env.HOME || '', '.wative/ssh');
+            const storagePathInput = await question(`SSH storage located in (default: ${defaultStoragePath}): `);
+            const storagePath = storagePathInput.trim() || defaultStoragePath;
+
+            // 2. Configure keystore location
+            const defaultKeystorePath = path.join(process.env.HOME || '', '.wative');
+            const keystorePathInput = await question(`Keystore storage located in (default: ${defaultKeystorePath}): `);
+            const keystorePath = keystorePathInput.trim() || defaultKeystorePath;
+
+            const configManager = new SSHConfigManager(storagePath, keystorePath);
+
+            // 3. Enter service name
+            let serviceName: string;
+            while (true) {
+                serviceName = await question('Enter service name: ');
+                if (serviceName.trim()) {
+                    try {
+                        configManager.loadServiceConfig(serviceName);
+                        console.log('Service name already exists, please enter a different name');
+                    } catch {
+                        break; // Service doesn't exist, can use this name
+                    }
+                } else {
+                    console.log('Service name cannot be empty');
+                }
+            }
+
+            // 4. Enter port number
+            let port: number;
+            while (true) {
+                const portStr = await question('Enter port number: ');
+                port = parseInt(portStr);
+                if (isNaN(port) || port < 1024 || port > 65535) {
+                    console.log('Port number must be between 1024-65535');
+                    continue;
+                }
+
+                // 检查端口是否已被使用
+                const existingConfigs = configManager.listServiceConfigs();
+                let portInUse = false;
+                for (const configName of existingConfigs) {
+                    try {
+                        const config = configManager.loadServiceConfig(configName);
+                        if (config.ssh.port === port) {
+                            portInUse = true;
+                            break;
+                        }
+                    } catch {
+                        // Ignore loading errors
+                    }
+                }
+
+                if (portInUse) {
+                    console.log(`Port ${port} is already in use by another service, please enter a different port`);
+                } else {
+                    break;
+                }
+            }
+
+            // 5. Enter allowed keystores
+            let allowedKeystores: string[];
+
+            while (true) {
+                const keystoresStr = await question('Enter allowed keystore list (comma separated): ');
+                if (!keystoresStr.trim()) {
+                    console.log('Keystore list cannot be empty');
+                    continue;
+                }
+
+                allowedKeystores = keystoresStr.split(',').map(k => k.trim()).filter(k => k);
+                if (allowedKeystores.length === 0) {
+                    console.log('At least one valid keystore is required');
+                    continue;
+                }
+
+                // Only verify keystore existence (no password verification)
+                const keystoreAccountsPath = path.join(keystorePath, 'accounts');
+                let allKeystoresValid = true;
+
+                for (const keystore of allowedKeystores) {
+                    const keystoreFile = path.join(keystoreAccountsPath, `${keystore}.json`);
+                    if (!fs.existsSync(keystoreFile)) {
+                        console.log(`Keystore '${keystore}' does not exist`);
+                        allKeystoresValid = false;
+                        break;
+                    }
+                }
+
+                if (allKeystoresValid) {
+                    console.log('All keystores verified to exist');
+                    break;
+                } else {
+                    console.log('Please re-enter valid keystore list');
+                }
+            }
+
+            // 6. Enter remote client name
+            let clientName: string;
+            while (true) {
+                clientName = await question('Enter remote client name: ');
+                if (clientName.trim()) {
+                    break;
+                } else {
+                    console.log('Client name cannot be empty');
+                }
+            }
+
+            // 7. Prompt user to place client public key
+            const serviceDir = path.join(storagePath, 'conf.d', serviceName);
+            if (!fs.existsSync(serviceDir)) {
+                fs.mkdirSync(serviceDir, { recursive: true });
+            }
+            const clientPublicKeyPath = path.join(serviceDir, `${clientName}.pub`);
+
+            console.log(`\nPlease place the remote client's public key file at the following path:`);
+            console.log(`${clientPublicKeyPath}`);
+            console.log('\nPress Enter to continue after placing the file...');
+
+            while (true) {
+                await question('');
+                if (fs.existsSync(clientPublicKeyPath)) {
+                    console.log('Client public key file found');
+                    break;
+                } else {
+                    console.log('Client public key file not found, please confirm the file is correctly placed and press Enter again');
+                }
+            }
+
+            // 8. Enter service description (optional)
+            const description = await question('Enter service description (optional): ');
+
+            // Create service configuration
+            console.log('\nCreating SSH service configuration...');
+            const config = await configManager.createServiceConfig(
+                serviceName,
+                port,
+                allowedKeystores,
+                clientName,
+                description || undefined
+            );
+
+            // Configuration created successfully
+            console.log('\nNote: Passwords will be requested when starting the service.');
+
+            console.log(`\nSSH service configuration '${serviceName}' created successfully!`);
+            console.log(`Port: ${port}`);
+            console.log(`Allowed keystores: ${allowedKeystores.join(', ')}`);
+            console.log(`Client name: ${clientName}`);
+            console.log(`Server private key: ${config.server_keys.private_key_path}`);
+            console.log(`Client public key: ${clientPublicKeyPath}`);
+
+        } catch (error) {
+            console.error(`Error: ${error instanceof Error ? error.message : String(error)}`);
+            process.exit(1);
+        } finally {
+            rl.close();
+        }
+    });
 
-    try {
-        execSync('sudo systemctl disable wative', { stdio: 'inherit' });
-    } catch (error) {
-    }
+// SSH remove command
+sshCommand
+    .command('remove')
+    .description('Remove SSH service configuration')
+    .option('-c, --config <name>', 'Service configuration name')
+    .action(async (options) => {
+        const manager = initServiceManager();
 
-    try {
-        execSync('sudo rm -rf /etc/systemd/system/wative.service', { stdio: 'inherit' });
-    } catch (error) {
-    }
+        try {
+            if (!options.config) {
+                console.error('Error: Configuration name is required for remove command');
+                process.exit(1);
+            }
+
+            await manager.removeService(options.config);
+            console.log(`SSH service configuration '${options.config}' removed successfully`);
+        } catch (error) {
+            console.error(`Error: ${error instanceof Error ? error.message : String(error)}`);
+            process.exit(1);
+        }
+    });
 
-    try {
-        execSync('sudo systemctl daemon-reload', { stdio: 'inherit' });
-    } catch (error) {
-    }
-    console.log('SSH service removed.');
-}
 
 
+// SSH list command
+sshCommand
+    .command('list')
+    .description('List all SSH service configurations')
+    .action(async () => {
+        const configManager = new SSHConfigManager();
+        const serviceManager = new SSHServiceManager();
 
-program
-    .command('ssh')
-    .option('start', 'Start SSH service')
-    .option('stop', 'Stop SSH service')
-    .option('service add', 'Add SSH service')
-    .option('service remove', 'Remove SSH service')
-    .action(async (argv1, argv2) => {
-        if (argv1 === 'start') {
-            await startSSHService();
+        const configNames = configManager.listServiceConfigs();
+
+        if (configNames.length === 0) {
+            console.log('No SSH service configurations found.');
             return;
         }
 
-        if (argv1 === 'stop') {
-            stopSSHService();
-            return;
+        console.log('SSH Service Configurations:');
+        for (const configName of configNames) {
+            try {
+                const config = configManager.loadServiceConfig(configName);
+                const status = serviceManager.getServiceStatus(configName);
+                console.log(`  - ${configName}: ${config.description || 'No description'} (${status})`);
+            } catch (error) {
+                const status = serviceManager.getServiceStatus(configName);
+                console.log(`  - ${configName}: Configuration error (${status})`);
+            }
         }
+    });
 
-        if (argv1 === 'service' && argv2 === 'add') {
-            addSSHService();
-            return;
+// SSH status command
+sshCommand
+    .command('status')
+    .description('Show SSH service status')
+    .option('-c, --config <name>', 'Service configuration name')
+    .action(async (options) => {
+        const manager = initServiceManager();
+
+        try {
+            if (options.config) {
+                const status = manager.getServiceStatus(options.config);
+                console.log(`SSH service '${options.config}' status: ${status}`);
+            } else {
+                const services = manager.listServices();
+
+                if (services.length === 0) {
+                    console.log('No SSH service configurations found');
+                    return;
+                }
+
+                console.log('SSH Service Status:');
+                services.forEach(service => {
+                    const status = manager.getServiceStatus(service.name);
+                    console.log(`  - ${service.name}: ${status}`);
+                });
+            }
+        } catch (error) {
+            console.error(`Error: ${error instanceof Error ? error.message : String(error)}`);
+            process.exit(1);
         }
+    });
 
-        if (argv1 === 'service' && argv2 === 'remove') {
-            removeSSHService();
-            return;
+// SSH log command
+sshCommand
+    .command('log')
+    .description('Show SSH service logs')
+    .option('-c, --config <name>', 'Service configuration name')
+    .option('-n, --lines <number>', 'Number of lines to show (default: 50)', '50')
+    .option('-f, --follow', 'Follow log output')
+    .action(async (options) => {
+        const manager = initServiceManager();
+
+        try {
+            const lines = parseInt(options.lines) || 50;
+            await manager.showLogs(options.config, lines, options.follow);
+        } catch (error) {
+            console.error(`Error: ${error instanceof Error ? error.message : String(error)}`);
+            process.exit(1);
         }
     });
 
@@ -180,4 +618,10 @@ program
     });
 
 
-program.parse(process.argv);
+// Parse CLI arguments only when called from bin script or directly
+if (require.main === module || (process.argv[1] && process.argv[1].includes('bin/wative.js'))) {
+    program.parse(process.argv);
+}
+
+// Export the program for potential library usage
+export { program };