Add patrowl engines software-type with some engines

c60f6369 · Alain Takoudjou · b9dfcb49 · c60f6369 · c60f6369 · c60f6369
Commit c60f6369 authored Oct 13, 2023 by Alain Takoudjou
7 changed files
--- a/software/patrowl/buildout.hash.cfg
+++ b/software/patrowl/buildout.hash.cfg
@@ -15,15 +15,19 @@

 [instance]
 filename = instance.cfg.in
-md5sum = 6b6eadb804d0d15c116d865d02938322
+md5sum = 1eca3808d5caededd6170e0d2126c66c

 [template-patrowl]
 filename = instance-patrowl.cfg.jinja2.in
-md5sum = 9a955d621b255cc1c71f7ad7008b7d6e
+md5sum = 552bf4e4e4625f6fdefb054d06578cf7
+
+[template-patrowl-engines]
+filename = instance-patrowl-engines.cfg.jinja2.in
+md5sum = 492e7f0a1a476189895a4f8b8addb253

 [template-patrowl-wrapper]
 filename = patrowl-wapper.sh.in
-md5sum = b58da4365f8b12afb492523c5310cc49
+md5sum = d2d8c018fd46a9e2936736961a3fa872

 [template-create_default_admin.py.in]
 filename = create_default_admin.py.in
@@ -32,3 +36,7 @@ md5sum = 9b7bb45c5c934884054eedc0f7d801ef
 [template-nginx.conf.in]
 filename = nginx.conf.in
 md5sum = 4046c3f1e9c7e9d17e1ba245177daa58
+
+[template-nginx-engines.conf.in]
+filename = nginx-engines.conf.in
+md5sum = 9221f27c6ceb71ea1b39dfac41e3e421
--- a/software/patrowl/instance-patrowl-engines.cfg.jinja2.in
+++ b/software/patrowl/instance-patrowl-engines.cfg.jinja2.in
+{% set local_ipv4 = (ipv4 | list)[0] -%}
+{% set local_ipv6 = (ipv6 | list)[0] -%}
+{% set engine_port_dict = {} -%}
+[directory]
+recipe = slapos.cookbook:mkdirectory
+etc = ${buildout:directory}/etc
+bin = ${buildout:directory}/bin
+srv = ${buildout:directory}/srv
+var = ${buildout:directory}/var
+run = ${:var}/run
+log = ${:var}/log
+scripts = ${:etc}/run
+services = ${:etc}/service
+plugins = ${:etc}/plugin
+ssl = ${:etc}/ssl
+tmp = ${:srv}/tmp
+nginx = ${:srv}/nginx
+
+[gunicorn]
+recipe = slapos.recipe.template
+engines-directory = ${directory:srv}/patrowl-engines
+inline =
+  #!/bin/sh -e
+  FOLDER=${:engines-directory}
+  [ ! -d "$FOLDER" ] && cp -ax {{ parameter_dict['engines-location'] }} $FOLDER
+  cd $FOLDER/engines/$ENGINE_FOLER_NAME
+  # export PYTHONPATH=$FOLDER:$PYTHONPATH
+  exec {{ gunicorn_bin }} "$@"
+output = ${directory:bin}/gunicorn
+
+{% if slapparameter_dict.get('apivoid-apikey') -%}
+# Deploy apivoid
+[service-apivoid]
+recipe = slapos.cookbook:wrapper
+command-line =
+  ${gunicorn:output} engine-apivoid:app -b {{ local_ipv4 }}:${:port}
+    --access-logfile ${directory:log}/apivoid.log --log-level error
+wrapper-path = ${directory:services}/gunicorn-apivoid
+port = 5022
+environment =
+  ENGINE_FOLER_NAME=apivoid
+  APP_MAXSCANS=${instance-parameters:app-maxscans}
+  APIVOID_APIKEY=${instance-parameters:apivoid-apikey}
+depends =
+  ${configure-engine-apivoid:recipe}
+
+[configure-engine-apivoid]
+recipe = plone.recipe.command
+stop-on-error = true
+update-command = ${:command}
+command =
+  BASE=${gunicorn:engines-directory}/engines/apivoid
+  mkdir -p $BASE/results
+  cp $BASE/apivoid.json.sample $BASE/apivoid.json
+
+[apivoid-promise]
+<= monitor-promise-base
+promise = check_socket_listening
+name = apivoid_promise.py
+config-host = {{ local_ipv4 }}
+config-port = ${service-apivoid:port}
+depends =
+  ${apivoid-url-promise:recipe}
+
+[apivoid-url-promise]
+<= monitor-promise-base
+promise = check_url_available
+name = apivoid_url_promise.py
+config-url = http://{{ local_ipv4 }}:${service-apivoid:port}/engines/apivoid/status
+
+{% do engine_port_dict.__setitem__('engine-apivoid', '${apivoid-promise:config-port}') -%}
+{% endif %}
+
+{% if slapparameter_dict.get('enable-sslscan', True) -%}
+[sslscan.json]
+recipe = slapos.recipe.template
+output = ${gunicorn:engines-directory}/engines/sslscan/sslscan.json
+inline ={
+    "name": "SSLScan",
+    "version": "2",
+    "description": "SSL Scanner based on SSLScan",
+    "allowed_asset_types": ["domain", "fqdn", "url", "ip"],
+    "options": {
+      "bin_path": "{{ parameter_dict['sslscan-bin'] }}",
+      "show-certificate": { "type": "optional", "value": "--show-certificate"},
+      "no-check-certificate": { "type": "optional", "value": "--no-check-certificate"},
+      "ssl2-only": { "type": "optional", "value": "--ssl2"},
+      "ssl3-only": { "type": "optional", "value": "--ssl3"},
+      "tls10-only": { "type": "optional", "value": "--tls10"},
+      "tls11-only": { "type": "optional", "value": "--tls11"},
+      "tls12-only": { "type": "optional", "value": "--tls12"},
+      "tlsall": { "type": "optional", "value": "--tlsall"},
+      "show_ocsp_status": { "type": "optional", "value": "--oscp"},
+      "no-ciphersuites": { "type": "optional", "value": "--no-ciphersuites"},
+      "no-renegociation": { "type": "optional", "value": "--no-renegociation"},
+      "no-fallback": { "type": "optional", "value": "--no-fallback"},
+      "no-compression": { "type": "optional", "value": "--no-compression"},
+      "no-heartbleed": { "type": "optional", "value": "--no-heartbleed"}
+    }
+  }
+[service-sslscan]
+recipe = slapos.cookbook:wrapper
+command-line =
+  ${gunicorn:output} engine-sslscan:app -b {{ local_ipv4 }}:${:port}
+    --access-logfile ${directory:log}/sslscan.log --log-level error
+wrapper-path = ${directory:services}/gunicorn-sslscan
+port = 5014
+environment =
+  ENGINE_FOLER_NAME=sslscan
+  APP_MAXSCANS=${instance-parameters:app-maxscans}
+depends =
+  ${directory-sslscan:recipe}
+  ${sslscan.json:recipe}
+
+[directory-sslscan]
+recipe = slapos.cookbook:mkdirectory
+results = ${gunicorn:engines-directory}/engines/sslscan/results
+
+[sslscan-promise]
+<= monitor-promise-base
+promise = check_socket_listening
+name = sslscan_promise.py
+config-host = {{ local_ipv4 }}
+config-port = ${service-sslscan:port}
+depends =
+  ${sslscan-url-promise:recipe}
+
+[sslscan-url-promise]
+<= monitor-promise-base
+promise = check_url_available
+name = sslscan_url_promise.py
+config-url = http://{{ local_ipv4 }}:${service-sslscan:port}/engines/sslscan/status
+
+{% do engine_port_dict.__setitem__('engine-sslscan', '${sslscan-promise:config-port}') -%}
+
+{% endif %}
+
+[nginx-parameters]
+nginx-ip = {{ local_ipv6 }}
+local-ipv4 = {{ local_ipv4 }}
+nginx-port = 8050
+access-log = ${directory:log}/nginx.patrowlengines-access.log
+error-log = ${directory:log}/nginx.patrowlengines-error.log
+nginx-mime-types = {{ nginx_mime_types }}
+key-file = ${nginx-certificate:key-file}
+cert-file = ${nginx-certificate:cert-file}
+path-pid = ${directory:run}/nginx-engines.pid
+nb-workers = 2
+{% for name, port in engine_port_dict.items() -%}
+{{ name }} = {{ port }}
+{% endfor %}
+
+[nginx-conf]
+recipe = slapos.recipe.template:jinja2
+url = {{ parameter_dict['nginx-engines-conf'] }}
+context =
+  section parameter_dict nginx-parameters
+output = ${directory:etc}/nginx-engines.conf
+
+# self-signed certificate for https
+[nginx-certificate]
+recipe  = plone.recipe.command
+stop-on-error   = true
+cert-file   = ${directory:ssl}/nginx_backend.crt
+key-file    = ${directory:ssl}/nginx_backend.key
+command =
+    test -e ${:key-file} || \
+        {{ openssl_bin }} req -newkey rsa -batch -new -x509 -days 3650 -nodes   \
+        -keyout ${:key-file} -out ${:cert-file}
+update-command = ${:command}
+
+[service-nginx]
+recipe = slapos.cookbook:wrapper
+command-line =
+  {{ nginx_bin }} -p ${directory:nginx} -c ${nginx-conf:output}
+wrapper-path = ${directory:services}/nginx
+url = https://[${nginx-parameters:nginx-ip}]:${nginx-parameters:nginx-port}
+
+[promise-nginx]
+<= monitor-promise-base
+promise = check_command_execute
+name   = promise_nginx_site.py
+promise = check_url_available
+config-http-code   = 404
+config-url     = ${service-nginx:url}
+
+[patrowl-engines-frontend]
+<= slap-connection
+recipe = slapos.cookbook:requestoptional
+name = Patrowl engines Frontend
+# XXX We have hardcoded SR URL here.
+software-url = http://git.erp5.org/gitweb/slapos.git/blob_plain/HEAD:/software/apache-frontend/software.cfg
+shared = true
+config-url = ${service-nginx:url}
+config-https-only = true
+return = domain secure_access
+
+[patrowl-engines-frontend-promise]
+<= monitor-promise-base
+promise = check_url_available
+name = check_engines_frontend.py
+config-url = ${patrowl-engines-frontend:connection-secure_access}
+config-http-code   = 404
+
+[publish-connection-information]
+<= monitor-publish
+recipe = slapos.cookbook:publish
+engines-url = ${patrowl-engines-frontend:connection-secure_access}
+
+[instance-parameters]
+apivoid-apikey = {{ slapparameter_dict.get('apivoid-apikey', '')}}
+app-maxscans = {{ slapparameter_dict.get('app-maxscans', 25)}}
+enable-sslscan = true
+
+[buildout]
+extends = {{ template_monitor }}
+
+parts =
+  patrowl-engines-frontend-promise
+  publish-connection-information
+
+eggs-directory = {{ eggs_directory }}
+develop-eggs-directory = {{ develop_eggs_directory }}
+offline = true
--- a/software/patrowl/instance-patrowl.cfg.jinja2.in
+++ b/software/patrowl/instance-patrowl.cfg.jinja2.in
@@ -12,13 +12,16 @@ scripts = ${:etc}/run
 services = ${:etc}/service
 plugins = ${:etc}/plugin
 ssl = ${:etc}/ssl
-www = ${:srv}/www
 tmp = ${:srv}/tmp
 rabbitmq = ${:srv}/rabbitmq
 mqlog = ${:log}/rabbitmq
 mqlib = ${:var}/lib/rabbitmq
 nginx = ${:srv}/nginx

+[rabbitmq-password]
+recipe = slapos.cookbook:generate.password
+storage-path = ${directory:etc}/.rabbitmq
+
 [service-rabbitmq]
 recipe = slapos.cookbook:wrapper
 command-line =
@@ -31,6 +34,8 @@ environment =
  RABBITMQ_SERVER_ADDITIONAL_ERL_ARGS=-rabbit log_levels [{connection,error}]
  RABBITMQ_ADVANCED_CONFIG_FILE=${directory:rabbitmq}/advanced.config
  RABBITMQ_CONF_ENV_FILE=${directory:rabbitmq}/rabbitmq-env.conf
+  RABBITMQ_DEFAULT_USER=${:username}
+  RABBITMQ_DEFAULT_PASS=${:password}
  RABBITMQ_NODE_IP_ADDRESS={{ local_ipv4 }}
  RABBITMQ_NODE_PORT=${:port}
  ERL_EPMD_ADDRESS={{ local_ipv4 }}
@@ -41,6 +46,29 @@ environment =
  RABBITMQ_PLUGINS_DIR=${directory:mqlib}/plugins
  PATH={{ parameter_dict['erlang-location'] }}/bin:/usr/local/bin:/usr/bin:/bin
 port = 5672
+username = rabbitmq
+password = ${rabbitmq-password:passwd}
+
+[service-rabbitmqctl]
+recipe = slapos.cookbook:wrapper
+command-line =
+  {{ parameter_dict['rabbitmq-location'] }}/sbin/rabbitmqctl
+wrapper-path = ${directory:bin}/rabbitmqctl
+environment =
+  ${service-rabbitmq:environment}
+
+[rabbimq-configure-script]
+recipe = slapos.recipe.template
+inline =#!/bin/bash -e
+  TEST_FILE=${directory:rabbitmq}/.user_created
+  [ -f "$TEST_FILE" ] && exit 0;
+  echo '${service-rabbitmq:password}' | ${service-rabbitmqctl:wrapper-path} add_user '${service-rabbitmq:username}'
+  # Grants a user permissions to all virtual hosts.
+  for v in $(${service-rabbitmqctl:wrapper-path} list_vhosts --silent); do
+    ${service-rabbitmqctl:wrapper-path} set_permissions -p $v "${service-rabbitmq:username}" ".*" ".*" ".*";
+  done
+  touch $TEST_FILE
+output = ${directory:scripts}/configure-rabbitmq

 [promise-rabbitmq]
 <= monitor-promise-base
@@ -77,7 +105,7 @@ config-command =
 [gunicorn-wrapper]
 recipe = slapos.cookbook:wrapper
 command-line =
-  {{ parameter_dict['gunicorn-bin'] }} -b {{ local_ipv4 }}:${:port} app.wsgi:application
+  {{ gunicorn_bin }} -b {{ local_ipv4 }}:${:port} app.wsgi:application
    --timeout 300 --log-level error
 wrapper-path = ${directory:bin}/gunicorn
 port = 8003
@@ -104,8 +132,8 @@ inline =
  export RABBITMQ_HOST={{ local_ipv4 }}
  export RABBITMQ_PORT=${service-rabbitmq:port}
  export RABBITMQ_HOSTNAME='{{ local_ipv4 }}:${service-rabbitmq:port}'
-  export RABBIT_ENV_USER='guest'
-  #export RABBIT_ENV_PASS='guest'
+  export RABBIT_ENV_USER='${service-rabbitmq:username}'
+  export RABBIT_ENV_PASS='${service-rabbitmq:password}'
  export BROKER_URL=
  export PE_INSTALL_PATH=
  export PATROWL_SU_USERNAME="admin"
@@ -198,7 +226,7 @@ access-log = ${directory:log}/nginx.patrowlmanager-access.log
 error-log = ${directory:log}/nginx.patrowlmanager-error.log
 gunicorn-url = http://{{ local_ipv4 }}:${gunicorn-wrapper:port}
 patrowl-directory = ${patrowl-parameters:patrowl-directory}
-nginx-mime-types = {{ parameter_dict['nginx-mime-types'] }}
+nginx-mime-types = {{ nginx_mime_types }}
 key-file = ${nginx-certificate:key-file}
 cert-file = ${nginx-certificate:cert-file}
 path-pid = ${directory:run}/nginx.pid
@@ -206,7 +234,7 @@ nb-workers = 4

 [nginx-conf]
 recipe = slapos.recipe.template:jinja2
-url = {{ parameter_dict['nginx-conf'] }}
+url = {{ nginx_conf }}
 context =
  section parameter_dict nginx-parameters
 output = ${directory:etc}/nginx.conf
@@ -226,7 +254,7 @@ update-command = ${:command}
 [service-nginx]
 recipe = slapos.cookbook:wrapper
 command-line =
-  {{ parameter_dict['nginx-bin'] }} -p ${directory:nginx} -c ${nginx-conf:output}
+  {{ nginx_bin }} -p ${directory:nginx} -c ${nginx-conf:output}
 wrapper-path = ${directory:services}/nginx
 url = https://[${nginx-parameters:nginx-ip}]:${nginx-parameters:nginx-port}

@@ -241,10 +269,10 @@ config-url     = ${service-nginx:url}
 [patrowl-frontend]
 <= slap-connection
 recipe = slapos.cookbook:requestoptional
-name = Patrowl nginx Frontend
+name = Patrowl Manager Frontend
 # XXX We have hardcoded SR URL here.
 software-url = http://git.erp5.org/gitweb/slapos.git/blob_plain/HEAD:/software/apache-frontend/software.cfg
-slave = true
+shared = true
 config-url = ${service-nginx:url}
 config-https-only = true
 return = domain secure_access
@@ -274,6 +302,7 @@ parts =
  publish-connection-information
  promise-postgresql
  service-rabbitmq
+  rabbimq-configure-script
  promise-rabbitmq
  service-patrowl
  service-nginx

--- a/software/patrowl/instance.cfg.in
+++ b/software/patrowl/instance.cfg.in
@@ -11,6 +11,7 @@ offline = true
 recipe = slapos.cookbook:switch-softwaretype
 default  = dynamic-template-patrowl:output
 RootSoftwareInstance = ${:default}
+engines = dynamic-template-patrowl-engines:output

 [slap-configuration]
 recipe = slapos.cookbook:slapconfiguration.serialised
@@ -35,6 +36,10 @@ context =
  key slapparameter_dict slap-configuration:configuration
  key computer_id slap-configuration:computer
  key partition_id slap-configuration:partition
+  raw nginx_bin {{ nginx_bin }}
+  raw gunicorn_bin {{ bin_directory }}/gunicorn
+  raw nginx_conf {{ template_nginx_conf }}
+  raw nginx_mime_types {{ nginx_mime_types }}
  raw openssl_bin {{ openssl_location }}/bin/openssl
  raw python_bin {{ bin_directory }}/{{ python_with_eggs }}
  raw template_monitor {{ template_monitor_cfg }}
@@ -45,14 +50,10 @@ context =
 erlang-location = {{ erlang_location }}
 rabbitmq-location = {{ rabbitmq_location }}
 postgresql-location = {{ postgresql_location }}
-gunicorn-bin = {{ bin_directory }}/gunicorn
 celery-bin = {{ bin_directory }}/celery
 patrowl-wrapper = {{ template_patrowl_wrapper }}
 patrowl-location = {{ patrowl_location }}
 template-create-admin = {{ template_create_admin }}
-nginx-conf = {{ template_nginx_conf }}
-nginx-bin = {{ nginx_bin }}
-nginx-mime-types = {{ nginx_mime_types }}

 [dynamic-template-patrowl]
 <= jinja2-template-base
@@ -60,3 +61,15 @@ url = {{ template_patrowl }}
 filename = instance-patrowl.cfg
 extra-context =
  section   parameter_dict           dynamic-template-patrowl-parameters
+
+[dynamic-template-patrowl-engines-parameters]
+engines-location = {{ patrowl_engines_location }}
+nginx-engines-conf = {{ template_nginx_engines_conf }}
+sslscan-bin = {{ sslscan_bin }}
+
+[dynamic-template-patrowl-engines]
+<= jinja2-template-base
+url = {{ telplate_patrowl_engines }}
+filename = instance-patrowl-engines.cfg
+extra-context =
+  section   parameter_dict           dynamic-template-patrowl-engines-parameters
--- a/software/patrowl/nginx-engines.conf.in
+++ b/software/patrowl/nginx-engines.conf.in
+worker_processes {{ parameter_dict['nb-workers'] }};
+
+pid {{ parameter_dict['path-pid'] }};
+error_log {{ parameter_dict['access-log' ] }};
+
+daemon off;
+
+events {
+  worker_connections 1024;
+  accept_mutex off;
+}
+
+http {
+    include {{ parameter_dict['nginx-mime-types'] }};
+    default_type  application/octet-stream;
+    types_hash_bucket_size 64;
+    access_log {{ parameter_dict['access-log' ] }} combined;
+
+    server {
+        listen [{{ parameter_dict['nginx-ip' ] }}]:{{ parameter_dict['nginx-port' ] }} ssl http2;
+        autoindex off;
+        server_name _;
+
+        ssl_certificate {{ parameter_dict['cert-file'] }};
+        ssl_certificate_key {{ parameter_dict['key-file'] }};
+        ssl_session_timeout 1d;
+        ssl_session_cache shared:MozSSL:10m;
+        ssl_session_tickets off;
+        ssl_protocols TLSv1.3;
+        ssl_prefer_server_ciphers off;
+
+        {% for name, value in parameter_dict.items() %}
+        {% if name.startswith('engine-') -%}
+        {%   set engine = name.split('-')[1] -%}
+          location /engines/{{ engine }}/ {
+              proxy_pass http://{{ parameter_dict['local-ipv4' ] }}:{{ value }}/engines/{{ engine }}/;
+
+              proxy_set_header                 X-Forwarded-Proto https;
+              proxy_set_header                 X-Forwarded-For   $proxy_add_x_forwarded_for;
+              proxy_set_header                 X-Forwarded-Host  $http_host;
+              proxy_set_header                 X-Real-IP         $remote_addr;
+              proxy_set_header                 Host              $http_host;
+              proxy_set_header                 X-Forwarded-Ssl   on;
+              proxy_redirect                   off;
+          }
+        {% endif %}
+        {% endfor %}
+    }
+}
--- a/software/patrowl/patrowl-wapper.sh.in
+++ b/software/patrowl/patrowl-wapper.sh.in
@@ -75,4 +75,5 @@ fi

 # Start Gunicorn WSGI server
 echo "[+] Starting server"
+sleep 2
 exec {{ parameter_dict['gunicorn-wrapper'] }}
--- a/software/patrowl/software.cfg
+++ b/software/patrowl/software.cfg
@@ -4,6 +4,7 @@ extends =
  ../../component/postgresql/buildout.cfg
  ../../component/psycopg2/buildout.cfg
  ../../component/erlang/buildout.cfg
+  ../../component/sslscan/buildout.cfg
  ../../component/openssl/buildout.cfg
  ../../component/nginx/buildout.cfg
  ../../stack/monitor/buildout.cfg
@@ -34,6 +35,7 @@ recipe = zc.recipe.egg
 interpreter = python_eggs
 eggs =
  celery
+  click
  gunicorn
  Django
  django-celery-beat
@@ -50,29 +52,77 @@ eggs =
  psutil
  django-organizations
  django-annoying
-  ${django-dbconn-retry-setup:egg}
-  ${django-reset-migrations-setup:egg}
+  django-dbconn-retry
+  django-reset-migrations
  django-celery-results
  djangorestframework-datatables
+  ${Flask:egg}
+  Flask-Cors
+  flasgger
+  gevent
+  greenlet
+  itsdangerous
+  ${Jinja2:egg}
+  jsonschema
+  markupsafe
  meld3
+  mistune
  more-itertools
  netaddr
  openapi-codec
+  PatrowlEnginesUtils
+  pyrsistent
  ${psycopg2-binary:egg}
  python-crontab
  python-dateutil
  python-magic
  python-memcached
-  ${thehive4py-setup:egg}
+  PyYAML
+  ratelimit
+  thehive4py
  tornado
  tzlocal
-  Werkzeug
+  typing-extensions
+  ${Werkzeug:egg}
  zipp
  cpe
 scripts =
  gunicorn
  celery

+[slapos-cookbook]
+recipe = zc.recipe.egg:custom
+setup-eggs =
+  ${Flask:egg}
+
+[Flask]
+recipe = zc.recipe.egg:custom
+egg = Flask
+setup-eggs =
+  click
+  itsdangerous
+  ${Jinja2:egg}
+  markupsafe
+  ${Werkzeug:egg}
+
+[Jinja2]
+recipe = zc.recipe.egg:custom
+egg = Jinja2
+setup-eggs =
+  markupsafe
+
+[Werkzeug]
+recipe = zc.recipe.egg:custom
+egg = Werkzeug
+setup-eggs =
+  markupsafe
+
+[slapos.recipe.template]
+recipe = zc.recipe.egg:custom
+egg = slapos.recipe.template
+setup-eggs =
+  ${Jinja2:egg}
+
 [gitclone]
 recipe  = slapos.recipe.build:gitclone
 git-executable = ${git:location}/bin/git
@@ -80,35 +130,12 @@ git-executable = ${git:location}/bin/git
 [patrowl]
 <= gitclone
 repository = https://github.com/Patrowl/PatrowlManager.git
-git-executable = ${git:location}/bin/git
-
-[django-dbconn-retry]
-<= gitclone
-repository = https://github.com/jdelic/django-dbconn-retry.git
-
-[django-reset-migrations]
-<= gitclone
-repository = https://github.com/valdergallo/django-reset-migrations.git
+revision = 1.8.4

-[thehive4py]
+[patrowl-engines]
 <= gitclone
-repository = https://github.com/TheHive-Project/Thehive4py.git
-revision = 1.8.1
-
-[django-dbconn-retry-setup]
-recipe  = zc.recipe.egg:develop
-egg = django-dbconn-retry
-setup = ${django-dbconn-retry:location}
-
-[django-reset-migrations-setup]
-recipe  = zc.recipe.egg:develop
-egg = django-reset-migrations
-setup = ${django-reset-migrations:location}
-
-[thehive4py-setup]
-recipe  = zc.recipe.egg:develop
-egg = thehive4py
-setup = ${thehive4py:location}
+repository = https://github.com/Patrowl/PatrowlEngines.git
+revision = 1.5.12

 [download-template]
 recipe = slapos.recipe.build:download
@@ -128,31 +155,39 @@ context =
    key erlang_location erlang:location
    key openssl_location openssl:location
    key patrowl_location patrowl:location
+    key patrowl_engines_location patrowl-engines:location
    key postgresql_location postgresql:location
    key nginx_bin nginx-output:nginx
    key nginx_mime_types nginx-output:mime
    key python_with_eggs eggs:interpreter
    key rabbitmq_location rabbitmq:location
+    raw sslscan_bin ${sslscan:location}/bin/sslscan
    key template_create_admin template-create_default_admin.py.in:target
    key template_patrowl template-patrowl:target
+    key telplate_patrowl_engines template-patrowl-engines:target
    key template_patrowl_wrapper template-patrowl-wrapper:target
    key template_nginx_conf template-nginx.conf.in:target
+    key template_nginx_engines_conf template-nginx-engines.conf.in:target
+depends =
+  ${slapos.recipe.template:egg}

 [template-patrowl]
 <= download-template
-output = ${buildout:directory}/instance-patrowl.cfg.jinja2
+
+[template-patrowl-engines]
+<= download-template

 [template-patrowl-wrapper]
 <= download-template
-output = ${buildout:directory}/patrowl-wapper.sh.in

 [template-create_default_admin.py.in]
 <= download-template
-output = ${buildout:directory}/create_default_admin.py.in

 [template-nginx.conf.in]
 <= download-template
-output = ${buildout:directory}/nginx.conf.in
+
+[template-nginx-engines.conf.in]
+<= download-template

 [versions]
 amqp = 2.5.2
@@ -180,17 +215,17 @@ flower = 0.9.2
 future = 0.16.0
 futures = 3.1.1
 gunicorn = 20.0.4
-idna = 2.5
+#idna = 2.5
 importlib-metadata = 0.23
 itypes = 1.1.0
-Jinja2 = 2.11.3
+#Jinja2 = 2.11.3
 jsonfield = 2.0.2
 kombu = 4.6.7
 libmagic = 1.0
-MarkupSafe = 1.1.0
+# MarkupSafe = 1.1.0
 meld3 = 1.0.2
 more-itertools = 7.2.0
-netaddr = 0.7.19
+#netaddr = 0.7.19
 openapi-codec = 1.3.2
 #psycopg2-binary = 2.8.6
 psycopg2-binary = 2.8.6
@@ -200,12 +235,12 @@ python-magic = 0.4.15
 #python-magic-bin = 0.4.14
 python-memcached = 1.59
 pytz = 2019.2
-requests = 2.25.1
+# requests = 2.25.1
 simplejson = 3.16.0
 singledispatch = 3.4.0.3
-six = 1.10.0
+# six = 1.10.0
 sqlparse = 0.4.2
-thehive4py = 1.8.1
+thehive4py = 1.8.1:whl
 #thehive4py = 1.5.1
 PyJWT = 2.8.0
 tornado = 5.1
@@ -219,12 +254,45 @@ django-filter = 2.4.0
 django-cors-headers = 3.2.0
 djangorestframework-simplejwt = 4.4.0
 django-health-check = 3.12.1
-psutil = 5.7.0
+# psutil = 5.7.0
 django-organizations = 1.1.2
 django-annoying = 0.10.6
 #django-reset-migrations
 #django-dbconn-retry
 cpe = 1.2.1
-django-dbconn-retry = 0.1.7
-django-reset-migrations = 0.4.0
+django-dbconn-retry = 0.1.7:whl
+django-reset-migrations = 0.4.0:whl
+
+# Dependencies for engines
+click = 8.0
+Flask = 2.0.3
+#2.2.3
+itsdangerous = 2.0
+Jinja2 = 3.1.2
+MarkupSafe = 2.0.1
+requests = 2.28.2
+werkzeug = 2.0.0
+#2.2.3
+# PatrowlEnginesUtils = 1.0.1
+ratelimit = 2.2.1
+netaddr = 0.8.0
+
+# nmap
+gevent = 22.10.2
+greenlet = 2.0.1
+idna = 2.7
+PatrowlEnginesUtils = 1.0.2
+psutil = 5.9.4

+# sslscan
+Flask-Cors = 3.0.10
+flasgger = 0.9.5
+importlib-metadata = 4.8.1
+# itsdangerous = 2.0.1
+#jsonschema = 4.1.0
+mistune = 2.0.3:whl
+pyrsistent = 0.18.0
+PyYAML = 5.4.1
+six = 1.16.0
+#typing-extensions = 3.10.0.2
+#zipp = 3.6.0
\ No newline at end of file