WIP reorg

Cargo.toml

@@ -0,0 +1,8 @@
+[workspace]
+resolver = "2"
+members = ["./meta/agent", "./meta/common", "./meta/pusher"]
+
+[profile.release]
+strip = true
+lto = true
+opt-level = "s"

meta/agent/Cargo.toml

@@ -0,0 +1,20 @@
+[package]
+name = "ewconfig-agent"
+publish = false
+edition = "2021"
+
+[dependencies]
+ewconfig-meta-common = { path = "../common" }
+clap = { version = "4.5.23", features = ["derive"] }
+serde = { version = "^1.0", features = ["derive"] }
+ssh-key = { version = "0.6.7", features = ["ed25519"] }
+reqwest = { version = "0.12.9", features = ["json", "blocking"] }
+serde_json = "^1.0"
+directories = "5.0.1"
+rand = "0.8.5"
+log = "0.4.22"
+anyhow = "1.0.94"
+url = "2.5.4"
+
+[[bin]]
+name = "ewconfig-agent"

meta/agent/src/crypto.rs

@@ -0,0 +1,58 @@
+//! Cryptography helper functions
+
+use std::path::{Path, PathBuf};
+
+use anyhow::Context;
+
+/// Get the default path for the agent's private key
+pub fn get_default_key_path() -> PathBuf {
+    directories::BaseDirs::new()
+        .unwrap()
+        .home_dir()
+        .join(".config/ewpratten/config-agent-key")
+}
+
+/// If a key does not exist, generate a new one
+fn make_key_if_not_exists(private_key_path: &Path) {
+    log::debug!("Ensuring keypair exists as {:?}", private_key_path);
+    if !private_key_path.exists() {
+        // Generate a new ed25519 keypair
+        log::info!("Generating a new ed25519 keypair for this system");
+        let private_key =
+            ssh_key::PrivateKey::random(&mut rand::rngs::OsRng, ssh_key::Algorithm::Ed25519)
+                .unwrap();
+        let public_key = private_key.public_key();
+
+        // Make sure the parent directory exists
+        std::fs::create_dir_all(private_key_path.parent().unwrap())
+            .with_context(|| "Failed to create keypair directory structure")
+            .unwrap();
+
+        // Write the private key to disk
+        std::fs::write(
+            &private_key_path,
+            private_key
+                .to_openssh(ssh_key::LineEnding::default())
+                .unwrap(),
+        )
+        .with_context(|| "Failed to write private key to disk")
+        .unwrap();
+
+        // Write the public key to disk
+        std::fs::write(
+            &private_key_path.with_extension("pub"),
+            public_key.to_openssh().unwrap(),
+        )
+        .with_context(|| "Failed to write public key to disk")
+        .unwrap();
+    }
+}
+
+/// Get the public key for this agent
+pub fn get_public_key(private_key_path: &Path) -> ssh_key::PublicKey {
+    make_key_if_not_exists(private_key_path);
+    std::fs::read_to_string(&private_key_path.with_extension("pub"))
+        .unwrap()
+        .parse::<ssh_key::PublicKey>()
+        .unwrap()
+}

meta/agent/src/main.rs

@@ -0,0 +1,59 @@
+mod crypto;
+
+use std::path::PathBuf;
+
+use clap::Parser;
+
+/// Evan's configuration agent
+#[derive(Parser, Debug)]
+#[command(version, about, long_about)]
+struct Args {
+    #[clap(subcommand)]
+    command: Command,
+
+    /// Enable verbose logging
+    #[clap(short, long)]
+    verbose: bool,
+}
+
+/// CLI commands
+#[derive(Parser, Debug)]
+enum Command {
+    /// Check for any updates
+    Check {
+        /// Use a custom endpoint
+        endpoint: Option<String>,
+
+        /// Use a custom private key file
+        private_key: Option<PathBuf>,
+    },
+
+    /// Print this machine's public key
+    #[clap(alias = "pubkey")]
+    PublicKey,
+
+    /// Refresh the system
+    Refresh {
+        /// Use a custom endpoint
+        endpoint: Option<String>,
+
+        /// Use a custom private key file
+        private_key: Option<PathBuf>,
+    },
+}
+
+pub fn main() {
+    // Parse the command line arguments
+    let args: Args = Args::parse();
+
+    // Handle commands
+    match args.command {
+        Command::Check { .. } => todo!(),
+        Command::PublicKey => {
+            let key_path = crypto::get_default_key_path();
+            let public_key = crypto::get_public_key(&key_path);
+            println!("{}", public_key.to_openssh().unwrap());
+        }
+        Command::Refresh { .. } => todo!(),
+    }
+}

meta/common/Cargo.toml

@@ -0,0 +1,9 @@
+[package]
+name = "ewconfig-meta-common"
+publish = false
+edition = "2021"
+
+[dependencies]
+age = { version = "0.11.1", features = ["ssh"] }
+serde = { version = "^1.0", features = ["derive"] }
+serde_json = "^1.0"

meta/common/src/lib.rs

@@ -0,0 +1,2 @@
+//! Common library for ewconfig-pusher and ewconfig-agent
+pub mod metadata;

meta/common/src/metadata/mod.rs

@@ -0,0 +1 @@
+pub mod package;

meta/pusher/Cargo.toml

@@ -0,0 +1,11 @@
+[package]
+name = "ewconfig-pusher"
+publish = false
+edition = "2021"
+
+[dependencies]
+ewconfig-meta-common = { path = "../common" }
+serde = { version = "^1.0", features = ["derive"] }
+
+[[bin]]
+name = "ewconfig-pusher"

meta/pusher/src/main.rs

@@ -0,0 +1,5 @@
+
+
+pub fn main() {
+    
+}

nodes/laptop.yml

@@ -0,0 +1,10 @@
+name: "Evan's Laptop"
+keys:
+  - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFxw4Tk29wqUIqR8YrESeqrlCZ2cZoiKt5OVBv6zGqQI
+
+selector:
+  os: macos
+  serial: 
+
+packages:
+  - network-utils

packages/1password-extras/ewpkg.yml

@@ -0,0 +1,4 @@
+name: 1Password Extras
+bin:
+  - path: pkg://bin/1p-bridge
+    os: [linux, macos]

packages/network-utils/ewpkg.yml

@@ -0,0 +1,21 @@
+name: Network Utils
+bin:
+  - path: pkg://bin/aspath
+  - path: pkg://bin/dig-authoritative
+  - path: pkg://bin/ifpi
+  - path: pkg://bin/legacy-ssh
+  - path: pkg://bin/localexpose
+  - path: pkg://bin/mtr-graph
+  - path: pkg://bin/tcp-reflect
+  - path: pkg://bin/udp-reflect
+  - path: pkg://bin/watch-ports
+  - path: pkg://bin/wg-cat
+  - path: pkg://bin/wg-edit
+  - path: pkg://bin/wg-genzone
+  - path: pkg://bin/wg-get-client-ip
+  - path: pkg://bin/wg-handshakes
+  - path: pkg://bin/wg-list-interfaces
+  - path: pkg://bin/wg-peer-to-ipv6
+  - path: pkg://bin/wg-reload
+  - path: pkg://bin/wg-restart
+  - path: pkg://bin/whois-util