anti
77ceb9d6f3
- Declarative config_schema on RDP, Telnet, MySQL, Redis, SMTP, SMTP_Relay matching the keys each service already reads at compose time. - TODO marker on the 19 services that accept service_cfg but never read it, so future contributors know where to plug schemas in. - Wizard base64-wraps all textarea values at INI emit (DeckyFleet buildIni); validate_cfg detects the b64: sentinel and decodes back to UTF-8. Plain raw strings still pass through for direct API submitters. - HTTPS image entrypoint accepts PEM content or path in TLS_CERT/TLS_KEY: detects a BEGIN header, writes content to /opt/tls/, and re-exports the on-disk path so server.py keeps reading paths. - Tests cover schema/compose alignment for each new service plus textarea base64 round-trip (incl. UTF-8) and HTTPS PEM end-to-end.
33 lines
1.1 KiB
Python
33 lines
1.1 KiB
Python
from pathlib import Path
|
|
from decnet.services.base import BaseService
|
|
|
|
TEMPLATES_DIR = Path(__file__).parent.parent / "templates" / "llmnr"
|
|
|
|
|
|
class LLMNRService(BaseService):
|
|
"""LLMNR/mDNS/NBNS poisoning detector.
|
|
|
|
Listens on UDP 5355 (LLMNR) and UDP 5353 (mDNS) and logs any
|
|
name-resolution queries it receives — a strong indicator of an attacker
|
|
running Responder or similar tools on the LAN.
|
|
"""
|
|
|
|
name = "llmnr"
|
|
ports = [5355, 5353]
|
|
default_image = "build"
|
|
# config_schema: no user-tunable fields yet — TODO add when compose_fragment grows cfg reads
|
|
|
|
def compose_fragment(self, decky_name: str, log_target: str | None = None, service_cfg: dict | None = None) -> dict:
|
|
fragment: dict = {
|
|
"build": {"context": str(TEMPLATES_DIR)},
|
|
"container_name": f"{decky_name}-llmnr",
|
|
"restart": "unless-stopped",
|
|
"environment": {"NODE_NAME": decky_name},
|
|
}
|
|
if log_target:
|
|
fragment["environment"]["LOG_TARGET"] = log_target
|
|
return fragment
|
|
|
|
def dockerfile_context(self) -> Path | None:
|
|
return TEMPLATES_DIR
|