d3m0k1d
81 lines
2.2 KiB
Go
81 lines
2.2 KiB
Go
package main
|
|
|
|
import (
|
|
"context"
|
|
"log"
|
|
"os"
|
|
"strings"
|
|
|
|
"gitea.d3m0k1d.ru/d3m0k1d/HellreigN/agent/internal/client"
|
|
"gitea.d3m0k1d.ru/d3m0k1d/HellreigN/agent/internal/commander"
|
|
"gitea.d3m0k1d.ru/d3m0k1d/HellreigN/agent/internal/config"
|
|
"gitea.d3m0k1d.ru/d3m0k1d/HellreigN/agent/internal/mtls"
|
|
"gitea.d3m0k1d.ru/d3m0k1d/HellreigN/agent/internal/registration"
|
|
)
|
|
|
|
func main() {
|
|
cfgPath := os.Getenv("CONFIG_FILE")
|
|
if cfgPath == "" {
|
|
cfgPath = "/etc/hellreign-agent/config.yml"
|
|
}
|
|
|
|
cfg, err := config.Load(cfgPath)
|
|
if err != nil {
|
|
log.Fatalf("Failed to load config: %v", err)
|
|
}
|
|
|
|
log.Printf("Agent label: %s", cfg.Label)
|
|
|
|
if cfg.RegistrationToken == "" {
|
|
log.Fatal("No registration token provided")
|
|
}
|
|
|
|
// Generate key and CSR
|
|
key, csrPEM, err := registration.GenerateKeyAndCSR(cfg.Label)
|
|
if err != nil {
|
|
log.Fatalf("Failed to generate key and CSR: %v", err)
|
|
}
|
|
log.Println("Generated ECDSA key pair and CSR")
|
|
|
|
// Register with backend
|
|
certs, err := registration.Register(cfg.BackendURL, cfg.RegistrationToken, csrPEM)
|
|
if err != nil {
|
|
log.Fatalf("Failed to register: %v", err)
|
|
}
|
|
log.Println("Successfully registered, received certificates")
|
|
|
|
// Save certificates
|
|
if err := registration.SaveCerts(cfg.CertDir, certs, key); err != nil {
|
|
log.Fatalf("Failed to save certificates: %v", err)
|
|
}
|
|
log.Printf("Certificates saved to %s", cfg.CertDir)
|
|
|
|
log.Println("Agent registration complete")
|
|
err = func() error {
|
|
creds, err := mtls.LoadMTLSCredentialsFromFiles(
|
|
cfg.CertDir+"/ca.crt",
|
|
cfg.CertDir+"/client.crt",
|
|
cfg.CertDir+"/client.key",
|
|
)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
ctx, cancel := context.WithCancel(context.Background())
|
|
defer cancel()
|
|
cmdexe := new(commander.CommandExecutor)
|
|
ccli := client.New(cmdexe, cfg.Label, cfg.Label)
|
|
// Use grpc_url for gRPC connection, strip scheme if present
|
|
grpcAddr := cfg.GRPCURL
|
|
if grpcAddr == "" {
|
|
// Fallback: derive from backend_url by stripping scheme
|
|
grpcAddr = cfg.BackendURL
|
|
}
|
|
grpcAddr = strings.TrimPrefix(grpcAddr, "http://")
|
|
grpcAddr = strings.TrimPrefix(grpcAddr, "https://")
|
|
return ccli.HandleCommands(ctx, grpcAddr, creds)
|
|
}()
|
|
if err != nil {
|
|
log.Fatalf("Failed to generate key and CSR: %v", err)
|
|
}
|
|
}
|