kevinveenbirkenbach/computer-playbook
1
0
Fork 0
mirror of https://github.com/kevinveenbirkenbach/computer-playbook.git synced 2025-05-14 17:24:57 +02:00
Code Issues Packages Projects Releases Wiki Activity

Added checkcsp logic

Browse Source
This commit is contained in:
Kevin Veen-Birkenbach 2025-05-13 15:33:06 +02:00
parent 383fb5bd90
commit 894e31bc3f
No known key found for this signature in database
GPG Key ID: 44D8F11FD62F878E
1 changed files with 23 additions and 27 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

50
roles/health-csp/files/health-csp.py
View File

@ -6,61 +6,57 @@ import subprocess
import sys import sys
import argparse import argparse
def extract_domains(config_path): def extract_domains(config_path):
""" """
Extracts domain names from .conf filenames in the given directory. Extracts domain names from .conf filenames in the given directory.
""" """
domain_pattern = re.compile(r'^([a-zA-Z0-9-]+\.)+[a-zA-Z]{2,}\.conf$') domain_pattern = re.compile(r'^([a-zA-Z0-9-]+\.)+[a-zA-Z]{2,}\.conf$')
domains = []
try: try:
for filename in os.listdir(config_path): return [
if filename.endswith(".conf") and domain_pattern.match(filename): fn[:-5]
domain = filename[:-5] # Remove ".conf" for fn in os.listdir(config_path)
domains.append(domain) if fn.endswith(".conf") and domain_pattern.match(fn)
]
except FileNotFoundError: except FileNotFoundError:
print(f"Directory {config_path} not found.", file=sys.stderr) print(f"Directory {config_path} not found.", file=sys.stderr)
return None return None
return domains def run_checkcsp(domains):
def run_node_checker(script_path, domains):
""" """
Executes the Node.js CSP checker script with the given domains. Executes the 'checkcsp' command with the given domains.
""" """
cmd = ["checkcsp", "start"] + domains
try: try:
result = subprocess.run( result = subprocess.run(cmd, check=True)
["node", script_path] + domains,
check=True
)
return result.returncode return result.returncode
except subprocess.CalledProcessError as e: except subprocess.CalledProcessError as e:
print(f"{os.path.basename(script_path)} reported issues (exit code {e.returncode})") print(f"'checkcsp' reported issues (exit code {e.returncode})", file=sys.stderr)
return e.returncode return e.returncode
except Exception as e: except Exception as e:
print(f"Unexpected error: {e}", file=sys.stderr) print(f"Unexpected error: {e}", file=sys.stderr)
return 1 return 1
def main(): def main():
parser = argparse.ArgumentParser(description="Check CSP-blocked resources via Puppeteer") parser = argparse.ArgumentParser(
parser.add_argument("--nginx-config-dir", required=True, help="Directory containing NGINX .conf files") description="Extract domains from NGINX and run checkcsp against them"
parser.add_argument("--script", required=True, help="Path to Node.js CSP checker script") )
parser.add_argument(
"--nginx-config-dir",
required=True,
help="Directory containing NGINX .conf files"
)
args = parser.parse_args() args = parser.parse_args()
domains = extract_domains(args.nginx_config_dir) domains = extract_domains(args.nginx_config_dir)
if domains is None: if domains is None:
return 1 sys.exit(1)
if not domains: if not domains:
print("No domains found to check.") print("No domains found to check.")
return 0 sys.exit(0)
return run_node_checker(args.script, domains)
rc = run_checkcsp(domains)
sys.exit(rc)
if __name__ == "__main__": if __name__ == "__main__":
sys.exit(main()) main()