Code By
Lucas Mouilleron

63 projects - An Open Source selection

TSAnalysisWorld

Python 99.5% - CSS 0.4% - Shell 0.1%
Last update : 18/12/2018 - 18:18
Analysis framework.
Project is private, can't show more.

TSSysAdmin

Python 89.1% - Shell 6% - Scheme 2.7% - CSS 1.1% - Dockerfile 1.1% - Vim script 0.1%
Last update : 18/12/2018 - 13:15
System administration tools.
Project is private, can't show more.

+ simpleWebFolder2

Python 57.5% - Mako 37.9% - CSS 4.6%
Last update : 17/12/2018 - 10:40

Screenshot

Features

  • List files and folders
  • Nice layout
  • Password protection:
    • drop a .password file containing the desired password in folders (and subfolders) you want to protect
    • drop a .nopassword file in folders (and subfolders) you want to deprotect (in case of protected parent)
  • Listing protection: drop a .nolist file in folders you want to forbid the listing of
  • Show protection: drop a .noshow file in folders you don't want to appear in their parents
  • Download folder as a zip
  • README.md files in folders are interpreted and displayed on top
  • Shares: expiration, path obfuscation, tracking
  • Tracking: optional tracking

Install

  • Pytohn 3
  • pip install -r _sf/requirements.txt
  • Copy _sf/assets/style.sample.css to _sf/assets/style.css
  • Copy _sf/config/config.sample.json to _sf/config/config.json
  • Drop _sf folder in the root folder you want to expose

Customisation

  • Edit _sf/config.json
  • Edit _sf/assets/style.css

TODO

  • Clean shares
  • Better locks
  • Clean locks
  • Track and clean tracking periodicly to file (and not on the fly)

+ sshForFriends

Shell 100%
Last update : 14/12/2018 - 12:55

Temporally give ssh access to your friends.

sshForFriends uses friends public keys to give them access to the computer.
When sshForFriends has finished running, public keys are cleaned and friends can't access the computer anymore.
Public keys are fetched from known identity providers.

Tested on macOS and Ubuntu.

No password, no hastle, 100% SSH.

Screenshot

Usage

  • sshForFriends [OPTIONS] friendUsername
  • friendUsername is the friend username which will be granted access (identity provider username)
  • sshForFriends -h for more usage help

Identity providers

  • id_rsa: key from cat $HOME/.ssh/id_rsa.pub on your friend's machine (-r RSA_PUB_KEY)
  • Github : keys from https://github.com/$USER_NAME.keys (-g, -i github)
  • Keybase : keys from https://$USER_NAME.keybase.pub/id_rsa.pub (-k, -i keybase)

Behind a firewall

  • If the computer being accessed is behind a firewall, sshForFriends can use a public server for ssh forwading.
  • See params -x, -l, -m and -n
  • On the public server, make sure GatewayPorts yes is set in the /etc/ssh/sshd_config file
  • See examples below

Miscs

  • macOS, enable ssh server : sudo systemsetup -setremotelogin on

Examples

  • Give access from a machine to lucasmouilleron in one line : curl -sL https://raw.githubusercontent.com/lucasmouilleron/sshForFriends/master/sshForFriends -o $HOME/sshForFriends ; chmod a+x $HOME/sshForFriends ; $HOME/sshForFriends -g lucasmouilleron
  • Give access from a machine to lucasmouilleron in one line : curl -sL https://raw.githubusercontent.com/lucasmouilleron/sshForFriends/master/sshForFriends -o $HOME/sshForFriends ; chmod a+x $HOME/sshForFriends ; $HOME/sshForFriends -k lucasmouilleron
  • Give access from a machine behind a firewall to lucasmouilleron in one line : curl -sL https://raw.githubusercontent.com/lucasmouilleron/sshForFriends/master/sshForFriends -o $HOME/sshForFriends ; chmod a+x $HOME/sshForFriends ; $HOME/sshForFriends -g -x lucasmouilleron.com -l sshtunnel -m 10022 lucasmouilleron
  • Give access from a machine behind a firewall to a friend with pub key in one line : curl -sL https://raw.githubusercontent.com/lucasmouilleron/sshForFriends/master/sshForFriends -o $HOME/sshForFriends ; chmod a+x $HOME/sshForFriends ; $HOME/sshForFriends -r "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDqN4/IlNfY8I5AUYYnj9mieJ9Uyx4rMbZjxyukmwM1nqSpTmFBs5xdqtE1Qi1DDb6V0Nphua80GUxXfIiKmbJVuOnrBjX2qInwMPtFxJ0gr8adXYIamcCVylcCPm2qO418KQpuHNM1es5s0a2hzuuRCtw6trysq/SCSIp6o05OEdHP8CbfCdFA+P7sy99XHG3yGzqHdU0D04ScDePzm1buSOXqQRCrSkuLmRMBhtRQSj7UAI3IlRcF3tEFPqAywjwnZVIvv6fUoXnpJuoCzBPuJv5D5lo06xixwIvHc39t1r4Tv/OrD+EyWfPsmCpLGfEkMRBqmj/ds5c4y6NjO9cl" -x lucasmouilleron.com -l sshtunnel -m 10022 yourfriendname

Credits

  • Inspired by https://github.com/flplv/ssh-allow-friend

TSDataCenter

Java 99.7% - PHP 0.2% - Dockerfile 0.1% - Shell 0%
Last update : 12/12/2018 - 13:30
TSDataCenter software.
Project is private, can't show more.

TSDeGama

Python 96.2% - CSS 1.9% - Dockerfile 1% - Shell 0.9%
Last update : 10/12/2018 - 11:42
Interactive analysis framework.
Project is private, can't show more.

TSMagellan

Python 97.5% - Shell 1.3% - Dockerfile 0.7% - CSS 0.6%
Last update : 07/12/2018 - 10:05
TSMagellan environment. Main software, scripts and docs.
Project is private, can't show more.

siteERAAM

PHP 54.4% - HTML 21.4% - JavaScript 13.3% - CSS 9% - Shell 1.9%
Last update : 05/12/2018 - 16:37
Project is private, can't show more.

+ Survival

Shell 97.4% - Vim script 2.6%
Last update : 05/12/2018 - 09:57

Screenshot

Nice minimal setup for hostile environments :)

Install - Ubuntu

  • From root or sudo user:usermod -aG sudo username
  • From user username: sudo ls
  • From user username: cd $HOME;sh <(wget -o /dev/null -qO- https://raw.githubusercontent.com/lucasmouilleron/Survival/master/ubuntu.sh)

Install - Others

TODO :)

+ watchTower

Python 58.8% - JavaScript 15.1% - Java 12.8% - HTML 5.4% - CSS 4.1% - Dockerfile 3.1% - Shell 0.8%
Last update : 05/12/2018 - 09:12

Screenshot

A simple watchtower service.
Heartbeat monitoring + event agregator.

Hearbeat definitions

  • The server is in charge of monitoring services
  • When a service is considered dead, the server then alerts its owner
  • A service is a pulsing agent
  • A pulse is a sign of aliveness
  • When a service pulse the server, it tells him when he will pulse again in the worst case
  • If the service has not pulsed again in time, the server considers the service dead and alerts its owner
  • When a service is no longer required, it must inform the server to avoid a false dead alerts
  • An alert can be a mail, a pushover message, etc.

Event definitions

  • The server is in charge or recieving events
  • When a service sends an event, the server stores it
  • On demand, events can be retrieved for consultation
  • An event is: service + message + level + date of registration

Implementation

  • HTTP client / server architecture
  • All queries protected by password set in HTTP headers under "password"
  • Heartbeat protocol:
    • Pulse:
      • POST /
      • {"service":"SERVICE_NAME","alertType":"ALERT_TYPE","alertTarget":"TARGET_NAME","nextIn":EXPECTED_NEXT_HEARTBEAT_IN_SECS}
    • Cancel:
      • DELETE /
      • {"service":"SERVICE_NAME"}
    • List:
      • GET /
  • Event protocol:
    • Add:
      • POST /add-event
      • {"service":"SERVICE_NAME", "level":"level", "message":"the message"}
    • List:
      • GET /list-events
      • optional params: service (is), from (above), to (below), level (above), message (contains)

Server

  • ./server
  • python3
  • Dependencies: pip install -r requirements.txt
  • Config:
    • config/config.json: main config (cp config/sample.json config/config.json)
    • config/server.crt, config/server.key: SSL certificate, used only if SSL activated
  • Datas: data
  • Deploy:
    • Install dependencies
    • Setup config
    • Generate ssl certificates (optional)
    • Hook in with upstart (optional, ./server/config/sample.upstart.conf, http://upstart.ubuntu.com/getting-started.html)
  • Run: python server.py
  • Docker:
    • ./docker
    • Config: place server config files in ./docker/config
    • Interactive: cd docker && tools/dockerBuild && tools/dockerRun
    • Detached: cd docker && tools/dockerBuild && tools/dockerRunDetached

Server GUI

  • https://hostname.com:443/gui

Java Client

  • ./clientJava
  • Java 7+
  • No dependencies
  • Run test:

Python Client

  • ./clientPython
  • python3
  • Dependencies: requests (pip install requests)
  • Run test: python test.py

Javascript client

  • ./clientJavascript
  • client.js is a node module
  • Dependencies: packages.json -> devDependencies (npm install)
  • Run test: node test.js
  • Run test in browser: browserify test.js -o bundle.js and open test.html in browser

Certificates

  • Self signed: openssl req -x509 -sha256 -nodes -days 365 -newkey rsa:2048 -keyout server.key -out server.crt
  • Letsencrypt: TODO

TODO

  • Put data writing in a queue
  • Put alert sending in a queue
  • (Way) better events persister