120 lines
2.7 KiB
Go
120 lines
2.7 KiB
Go
package config
|
|
|
|
import (
|
|
"fmt"
|
|
"os"
|
|
"os/exec"
|
|
"path/filepath"
|
|
|
|
"github.com/BurntSushi/toml"
|
|
)
|
|
|
|
var DetectedFirewall string
|
|
|
|
const (
|
|
ConfigDir = "/etc/banforge"
|
|
ConfigFile = "config.toml"
|
|
)
|
|
|
|
func CreateConf() error {
|
|
if os.Geteuid() != 0 {
|
|
return fmt.Errorf("you must be root to run this command, use sudo/doas")
|
|
}
|
|
|
|
configPath := filepath.Join(ConfigDir, ConfigFile)
|
|
|
|
if _, err := os.Stat(configPath); err == nil {
|
|
fmt.Printf("Config file already exists: %s\n", configPath)
|
|
return nil
|
|
}
|
|
|
|
file, err := os.Create("/etc/banforge/config.toml")
|
|
if err != nil {
|
|
return fmt.Errorf("failed to create config file: %w", err)
|
|
}
|
|
defer func() {
|
|
err = file.Close()
|
|
if err != nil {
|
|
fmt.Println(err)
|
|
}
|
|
}()
|
|
if err := os.Chmod(configPath, 0600); err != nil {
|
|
return fmt.Errorf("failed to set permissions: %w", err)
|
|
}
|
|
err = os.WriteFile(configPath, []byte(Base_config), 0600)
|
|
if err != nil {
|
|
return fmt.Errorf("failed to write config file: %w", err)
|
|
}
|
|
fmt.Printf(" Config file created: %s\n", configPath)
|
|
file, err = os.Create("/etc/banforge/rules.toml")
|
|
if err != nil {
|
|
return fmt.Errorf("failed to create rules file: %w", err)
|
|
}
|
|
defer func() {
|
|
err = file.Close()
|
|
if err != nil {
|
|
fmt.Println(err)
|
|
}
|
|
}()
|
|
if err := os.Chmod(configPath, 0600); err != nil {
|
|
return fmt.Errorf("failed to set permissions: %w", err)
|
|
}
|
|
fmt.Printf(" Rules file created: %s\n", configPath)
|
|
return nil
|
|
}
|
|
|
|
func FindFirewall() error {
|
|
if os.Getegid() != 0 {
|
|
fmt.Printf("Firewall settings needs sudo privileges\n")
|
|
os.Exit(1)
|
|
}
|
|
|
|
firewalls := []string{"nft", "firewall-cmd", "iptables", "ufw"}
|
|
for _, firewall := range firewalls {
|
|
_, err := exec.LookPath(firewall)
|
|
if err == nil {
|
|
switch firewall {
|
|
case "firewall-cmd":
|
|
DetectedFirewall = "firewalld"
|
|
case "nft":
|
|
DetectedFirewall = "nftables"
|
|
default:
|
|
DetectedFirewall = firewall
|
|
}
|
|
|
|
fmt.Printf("Detected firewall: %s\n", DetectedFirewall)
|
|
|
|
cfg := &Config{}
|
|
_, err := toml.DecodeFile("/etc/banforge/config.toml", cfg)
|
|
if err != nil {
|
|
return fmt.Errorf("failed to decode config: %w", err)
|
|
}
|
|
|
|
cfg.Firewall.Name = DetectedFirewall
|
|
|
|
file, err := os.Create("/etc/banforge/config.toml")
|
|
if err != nil {
|
|
return fmt.Errorf("failed to create config file: %w", err)
|
|
}
|
|
|
|
encoder := toml.NewEncoder(file)
|
|
if err := encoder.Encode(cfg); err != nil {
|
|
err = file.Close()
|
|
if err != nil {
|
|
return fmt.Errorf("failed to close file: %w", err)
|
|
}
|
|
return fmt.Errorf("failed to encode config: %w", err)
|
|
}
|
|
|
|
if err := file.Close(); err != nil {
|
|
return fmt.Errorf("failed to close file: %w", err)
|
|
}
|
|
|
|
fmt.Printf("Config updated with firewall: %s\n", DetectedFirewall)
|
|
return nil
|
|
}
|
|
}
|
|
|
|
return fmt.Errorf("firewall not found")
|
|
}
|