Marown/metasploitable3
1
0
Fork 0
mirror of https://github.com/rapid7/metasploitable3.git synced 2024-07-04 18:55:48 +02:00
Code Issues Packages Projects Releases Wiki Activity
541e39430b
metasploitable3/chef/cookbooks/docker/libraries/helpers_service.rb
James Barnett 9f20618e2a
Add docker and compat_resource cookbooks.
2017-03-30 15:26:04 -05:00

224 lines
8.9 KiB
Ruby
Raw Blame History

# Constants
IPV6_ADDR ||= /(
([0-9a-fA-F]{1,4}:){7,7}[0-9a-fA-F]{1,4}|
([0-9a-fA-F]{1,4}:){1,7}:|
([0-9a-fA-F]{1,4}:){1,6}:[0-9a-fA-F]{1,4}|
([0-9a-fA-F]{1,4}:){1,5}(:[0-9a-fA-F]{1,4}){1,2}|
([0-9a-fA-F]{1,4}:){1,4}(:[0-9a-fA-F]{1,4}){1,3}|
([0-9a-fA-F]{1,4}:){1,3}(:[0-9a-fA-F]{1,4}){1,4}|
([0-9a-fA-F]{1,4}:){1,2}(:[0-9a-fA-F]{1,4}){1,5}|
[0-9a-fA-F]{1,4}:((:[0-9a-fA-F]{1,4}){1,6})|
:((:[0-9a-fA-F]{1,4}){1,7}|:)|
fe80:(:[0-9a-fA-F]{0,4}){0,4}%[0-9a-zA-Z]{1,}|
::(ffff(:0{1,4}){0,1}:){0,1}
((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\.){3,3}
(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])|
([0-9a-fA-F]{1,4}:){1,4}:
((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\.){3,3}
(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])
)/
IPV4_ADDR ||= /((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])/
IPV6_CIDR ||= /s*((([0-9A-Fa-f]{1,4}:){7}([0-9A-Fa-f]{1,4}|:))|(([0-9A-Fa-f]{1,4}:){6}(:[0-9A-Fa-f]{1,4}|((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3})|:))|(([0-9A-Fa-f]{1,4}:){5}(((:[0-9A-Fa-f]{1,4}){1,2})|:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3})|:))|(([0-9A-Fa-f]{1,4}:){4}(((:[0-9A-Fa-f]{1,4}){1,3})|((:[0-9A-Fa-f]{1,4})?:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){3}(((:[0-9A-Fa-f]{1,4}){1,4})|((:[0-9A-Fa-f]{1,4}){0,2}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){2}(((:[0-9A-Fa-f]{1,4}){1,5})|((:[0-9A-Fa-f]{1,4}){0,3}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){1}(((:[0-9A-Fa-f]{1,4}){1,6})|((:[0-9A-Fa-f]{1,4}){0,4}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(:(((:[0-9A-Fa-f]{1,4}){1,7})|((:[0-9A-Fa-f]{1,4}){0,5}:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:)))(%.+)?s*/
IPV4_CIDR ||= %r{(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/([0-9]|[1-2][0-9]|3[0-2]))}
module DockerCookbook
module DockerHelpers
module Service
def docker_bin
'/usr/bin/docker'
end
def dockerd_bin
return '/usr/bin/docker' if Gem::Version.new(docker_major_version) < Gem::Version.new('1.12')
'/usr/bin/dockerd'
end
def dockerd_bin_link
"/usr/bin/dockerd-#{name}"
end
def docker_name
return 'docker' if name == 'default'
"docker-#{name}"
end
def installed_docker_version
o = shell_out("#{docker_bin} --version")
o.stdout.split[2].chomp(',')
end
def connect_host
return nil unless host
sorted = coerce_host(host).sort do |a, b|
c_a = 1 if a =~ /^unix:/
c_a = 2 if a =~ /^fd:/
c_a = 3 if a =~ %r{^tcp://127.0.0.1:}
c_a = 4 if a =~ %r{^tcp://(192\.168|10\.|172\.1[6789]\.|172\.2[0-9]\.|172\.3[01]\.).*:}
c_a = 5 if a =~ %r{^tcp://0.0.0.0:}
c_a = 6 unless c_a
c_b = 1 if b =~ /^unix:/
c_b = 2 if b =~ /^fd:/
c_b = 3 if b =~ %r{^tcp://127.0.0.1:}
c_b = 4 if b =~ %r{^tcp://(192\.168|10\.|172\.1[6789]\.|172\.2[0-9]\.|172\.3[01]\.).*:}
c_b = 5 if b =~ %r{^tcp://0.0.0.0:}
c_b = 6 unless c_b
c_a <=> c_b
end
if sorted.first =~ %r{^tcp://0.0.0.0:}
r = sorted.first.match(%r{(?<proto>.*)://(?<socket>[^:]+):?(?<port>\d+)?})
return "tcp://127.0.0.1:#{r['port']}"
end
sorted.first
end
def connect_socket
return "/var/run/#{docker_name}.sock" unless host
sorted = coerce_host(host).sort do |a, b|
c_a = 1 if a =~ /^unix:/
c_a = 2 if a =~ /^fd:/
c_a = 3 unless c_a
c_b = 1 if b =~ /^unix:/
c_b = 2 if b =~ /^fd:/
c_b = 3 unless c_b
c_a <=> c_b
end
sorted.first
end
def coerce_host(v)
v = v.split if v.is_a?(String)
Array(v).each_with_object([]) do |s, r|
if s.match(/^unix:/) || s.match(/^tcp:/) || s.match(/^fd:/)
r << s
else
Chef::Log.info("WARNING: docker_service host property #{s} not valid")
end
end
end
def coerce_daemon_labels(v)
Array(v).each_with_object([]) do |label, a|
if label =~ /:/
parts = label.split(':')
a << "#{parts[0]}=\"#{parts[1]}\""
elsif label =~ /=/
parts = label.split('=')
a << "#{parts[0]}=#{parts[1]}"
else
Chef::Log.info("WARNING: docker_service label #{label} not valid")
end
end
end
def coerce_insecure_registry(v)
case v
when Array, nil
v
else
Array(v)
end
end
def docker_major_version
ray = installed_docker_version.split('.')
ray.pop
ray.push.join('.')
end
def docker_daemon_arg
if Gem::Version.new(docker_major_version) < Gem::Version.new('1.8')
'-d'
elsif Gem::Version.new(docker_major_version) < Gem::Version.new('1.12')
'daemon'
else
''
end
end
def docker_daemon_cmd
[dockerd_bin, docker_daemon_arg, docker_daemon_opts].join(' ')
end
def docker_cmd
[docker_bin, docker_opts].join(' ')
end
def docker_opts
opts = []
opts << "--host=#{connect_host}" if connect_host
if connect_host =~ /^tcp:/
opts << "--tls=#{tls}" unless tls.nil?
opts << "--tlsverify=#{tls_verify}" unless tls_verify.nil?
opts << "--tlscacert=#{tls_ca_cert}" if tls_ca_cert
opts << "--tlscert=#{tls_client_cert}" if tls_client_cert
opts << "--tlskey=#{tls_client_key}" if tls_client_key
end
opts
end
def systemd_args
opts = ''
systemd_opts.each { |systemd_opt| opts << "#{systemd_opt}\n" } if systemd_opts
opts
end
def docker_daemon_opts
opts = []
opts << "--api-cors-header=#{api_cors_header}" if api_cors_header
opts << "--bridge=#{bridge}" if bridge
opts << "--bip=#{bip}" if bip
opts << '--debug' if debug
opts << "--cluster-advertise=#{cluster_advertise}" if cluster_advertise
opts << "--cluster-store=#{cluster_store}" if cluster_store
cluster_store_opts.each { |store_opt| opts << "--cluster-store-opt=#{store_opt}" } if cluster_store_opts
default_ulimit.each { |u| opts << "--default-ulimit=#{u}" } if default_ulimit
dns.each { |dns| opts << "--dns=#{dns}" } if dns
dns_search.each { |dns| opts << "--dns-search=#{dns}" } if dns_search
opts << "--exec-driver=#{exec_driver}" if exec_driver
exec_opts.each { |exec_opt| opts << "--exec-opt=#{exec_opt}" } if exec_opts
opts << "--fixed-cidr=#{fixed_cidr}" if fixed_cidr
opts << "--fixed-cidr-v6=#{fixed_cidr_v6}" if fixed_cidr_v6
opts << "--group=#{group}" if group
opts << "--graph=#{graph}" if graph
host.each { |h| opts << "-H #{h}" } if host
opts << "--icc=#{icc}" unless icc.nil?
insecure_registry.each { |i| opts << "--insecure-registry=#{i}" } if insecure_registry
opts << "--ip=#{ip}" if ip
opts << "--ip-forward=#{ip_forward}" unless ip_forward.nil?
opts << "--ip-masq=#{ip_masq}" unless ip_masq.nil?
opts << "--iptables=#{iptables}" unless iptables.nil?
opts << "--ipv6=#{ipv6}" unless ipv6.nil?
opts << "--log-level=#{log_level}" if log_level
labels.each { |l| opts << "--label=#{l}" } if labels
opts << "--log-driver=#{log_driver}" if log_driver
log_opts.each { |log_opt| opts << "--log-opt #{log_opt}" } if log_opts
opts << "--mtu=#{mtu}" if mtu
opts << "--pidfile=#{pidfile}" if pidfile
opts << "--registry-mirror=#{registry_mirror}" if registry_mirror
storage_driver.each { |s| opts << "--storage-driver=#{s}" } if storage_driver
opts << "--selinux-enabled=#{selinux_enabled}" unless selinux_enabled.nil?
storage_opts.each { |storage_opt| opts << "--storage-opt=#{storage_opt}" } if storage_opts
opts << "--tls=#{tls}" unless tls.nil?
opts << "--tlsverify=#{tls_verify}" unless tls_verify.nil?
opts << "--tlscacert=#{tls_ca_cert}" if tls_ca_cert
opts << "--tlscert=#{tls_server_cert}" if tls_server_cert
opts << "--tlskey=#{tls_server_key}" if tls_server_key
opts << "--userland-proxy=#{userland_proxy}" unless userland_proxy.nil?
opts << "--disable-legacy-registry=#{disable_legacy_registry}" unless disable_legacy_registry.nil?
opts << "--userns-remap=#{userns_remap}" if userns_remap
opts << misc_opts if misc_opts
opts
end
def docker_running?
o = shell_out("#{docker_cmd} ps | head -n 1 | grep ^CONTAINER")
return true if o.stdout =~ /CONTAINER/
false
end
end
end
end
Reference in New Issue View Git Blame Copy Permalink