5 files changed, 224 insertions, 0 deletions

diff --git a/packages/files/dtail-rocky/dserver-update-key-cache.sh b/packages/files/dtail-rocky/dserver-update-key-cache.sh
new file mode 100755
index 0000000..831f5be
--- /dev/null
+++ b/packages/files/dtail-rocky/dserver-update-key-cache.sh
@@ -0,0 +1,54 @@
+#!/usr/bin/env bash
+
+set -euo pipefail
+
+declare -r CACHEDIR=/var/run/dserver/cache
+declare -r DSERVER_USER=dserver
+declare -r DSERVER_GROUP=dserver
+
+cache_keys() {
+    local remoteuser=$1
+    local home_dir=$2
+    local keysfile=$home_dir/.ssh/authorized_keys
+    local cachefile=$CACHEDIR/$remoteuser.authorized_keys
+
+    if [[ -f "$keysfile" ]]; then
+        echo "Caching $keysfile -> $cachefile"
+        cp "$keysfile" "$cachefile"
+        chown "$DSERVER_USER:$DSERVER_GROUP" "$cachefile"
+        chmod 600 "$cachefile"
+    fi
+}
+
+expected_key_path() {
+    local remoteuser=$1
+
+    if [[ "$remoteuser" == "root" ]]; then
+        printf '%s\n' /root/.ssh/authorized_keys
+        return
+    fi
+
+    printf '/home/%s/.ssh/authorized_keys\n' "$remoteuser"
+}
+
+echo "Updating SSH key cache"
+
+mkdir -p "$CACHEDIR"
+
+cache_keys root /root
+
+while IFS= read -r remoteuser; do
+    cache_keys "$remoteuser" "/home/$remoteuser"
+done < <(find /home -mindepth 1 -maxdepth 1 -type d -printf '%f\n' | sort)
+
+find "$CACHEDIR" -name '*.authorized_keys' -type f | while read -r cachefile; do
+    remoteuser=$(basename "$cachefile" | cut -d. -f1)
+    keysfile=$(expected_key_path "$remoteuser")
+
+    if [[ ! -f "$keysfile" ]]; then
+        echo "Deleting obsolete cache file $cachefile"
+        rm -f "$cachefile"
+    fi
+done
+
+echo "All set..."
diff --git a/packages/files/dtail-rocky/dserver-update-keycache.service b/packages/files/dtail-rocky/dserver-update-keycache.service
new file mode 100644
index 0000000..dddab12
--- /dev/null
+++ b/packages/files/dtail-rocky/dserver-update-keycache.service
@@ -0,0 +1,6 @@
+[Unit]
+Description=Refresh DServer SSH key cache
+
+[Service]
+Type=oneshot
+ExecStart=/usr/local/bin/dserver-update-key-cache.sh
diff --git a/packages/files/dtail-rocky/dserver-update-keycache.timer b/packages/files/dtail-rocky/dserver-update-keycache.timer
new file mode 100644
index 0000000..339011d
--- /dev/null
+++ b/packages/files/dtail-rocky/dserver-update-keycache.timer
@@ -0,0 +1,11 @@
+[Unit]
+Description=Refresh DServer SSH key cache every 30 minutes
+
+[Timer]
+OnBootSec=2m
+OnCalendar=*:0/30
+Persistent=true
+Unit=dserver-update-keycache.service
+
+[Install]
+WantedBy=timers.target
diff --git a/packages/files/dtail-rocky/dserver.service b/packages/files/dtail-rocky/dserver.service
new file mode 100644
index 0000000..f43a5ce
--- /dev/null
+++ b/packages/files/dtail-rocky/dserver.service
@@ -0,0 +1,22 @@
+[Unit]
+Description=DTail server
+After=network.target
+
+[Service]
+Slice=dserver.slice
+User=dserver
+Group=dserver
+ExecStart=/usr/local/bin/dserver -cfg /etc/dserver/dtail.json
+WorkingDirectory=/var/run/dserver
+RuntimeDirectory=dserver
+RuntimeDirectoryMode=0755
+ExecStartPre=/usr/bin/mkdir -p /var/run/dserver/cache /var/run/dserver/log
+NoNewPrivileges=true
+PrivateDevices=true
+PrivateTmp=true
+CPUAccounting=true
+MemoryAccounting=true
+BlockIOAccounting=true
+
+[Install]
+WantedBy=multi-user.target
diff --git a/packages/files/dtail-rocky/dtail.json b/packages/files/dtail-rocky/dtail.json
new file mode 100644
index 0000000..eaa0a39
--- /dev/null
+++ b/packages/files/dtail-rocky/dtail.json
@@ -0,0 +1,131 @@
+{
+  "Client": {
+    "TermColorsEnable": true,
+    "TermColors": {
+      "Remote": {
+        "DelimiterAttr": "Dim",
+        "DelimiterBg": "Blue",
+        "DelimiterFg": "Cyan",
+        "RemoteAttr": "Dim",
+        "RemoteBg": "Blue",
+        "RemoteFg": "White",
+        "CountAttr": "Dim",
+        "CountBg": "Blue",
+        "CountFg": "White",
+        "HostnameAttr": "Bold",
+        "HostnameBg": "Blue",
+        "HostnameFg": "White",
+        "IDAttr": "Dim",
+        "IDBg": "Blue",
+        "IDFg": "White",
+        "StatsOkAttr": "None",
+        "StatsOkBg": "Green",
+        "StatsOkFg": "Black",
+        "StatsWarnAttr": "None",
+        "StatsWarnBg": "Red",
+        "StatsWarnFg": "White",
+        "TextAttr": "None",
+        "TextBg": "Black",
+        "TextFg": "White"
+      },
+      "Client": {
+        "DelimiterAttr": "Dim",
+        "DelimiterBg": "Yellow",
+        "DelimiterFg": "Black",
+        "ClientAttr": "Dim",
+        "ClientBg": "Yellow",
+        "ClientFg": "Black",
+        "HostnameAttr": "Dim",
+        "HostnameBg": "Yellow",
+        "HostnameFg": "Black",
+        "TextAttr": "None",
+        "TextBg": "Black",
+        "TextFg": "White"
+      },
+      "Server": {
+        "DelimiterAttr": "AttrDim",
+        "DelimiterBg": "BgCyan",
+        "DelimiterFg": "FgBlack",
+        "ServerAttr": "AttrDim",
+        "ServerBg": "BgCyan",
+        "ServerFg": "FgBlack",
+        "HostnameAttr": "AttrBold",
+        "HostnameBg": "BgCyan",
+        "HostnameFg": "FgBlack",
+        "TextAttr": "AttrNone",
+        "TextBg": "BgBlack",
+        "TextFg": "FgWhite"
+      },
+      "Common": {
+        "SeverityErrorAttr": "AttrBold",
+        "SeverityErrorBg": "BgRed",
+        "SeverityErrorFg": "FgWhite",
+        "SeverityFatalAttr": "AttrBold",
+        "SeverityFatalBg": "BgMagenta",
+        "SeverityFatalFg": "FgWhite",
+        "SeverityWarnAttr": "AttrBold",
+        "SeverityWarnBg": "BgBlack",
+        "SeverityWarnFg": "FgWhite"
+      },
+      "MaprTable": {
+        "DataAttr": "AttrNone",
+        "DataBg": "BgBlue",
+        "DataFg": "FgWhite",
+        "DelimiterAttr": "AttrDim",
+        "DelimiterBg": "BgBlue",
+        "DelimiterFg": "FgWhite",
+        "HeaderAttr": "AttrBold",
+        "HeaderBg": "BgBlue",
+        "HeaderFg": "FgWhite",
+        "HeaderDelimiterAttr": "AttrDim",
+        "HeaderDelimiterBg": "BgBlue",
+        "HeaderDelimiterFg": "FgWhite",
+        "HeaderSortKeyAttr": "AttrUnderline",
+        "HeaderGroupKeyAttr": "AttrReverse",
+        "RawQueryAttr": "AttrDim",
+        "RawQueryBg": "BgBlack",
+        "RawQueryFg": "FgCyan"
+      }
+    }
+  },
+  "Server": {
+    "SSHBindAddress": "0.0.0.0",
+    "HostKeyFile": "cache/ssh_host_key",
+    "HostKeyBits": 2048,
+    "MapreduceLogFormat": "default",
+    "MaxConcurrentCats": 2,
+    "MaxConcurrentTails": 50,
+    "MaxConnections": 50,
+    "MaxLineLength": 1048576,
+    "TurboBoostDisable": false,
+    "Permissions": {
+      "Default": [
+        "readfiles:^/.*$"
+      ],
+      "Users": {
+        "paul": [
+          "readfiles:^/.*$"
+        ],
+        "pbuetow": [
+          "readfiles:^/.*$"
+        ],
+        "jamesblake": [
+          "readfiles:^/tmp/foo.log$",
+          "readfiles:^/.*$",
+          "readfiles:!^/tmp/bar.log$"
+        ],
+        "root": [
+          "readfiles:^/.*$"
+        ]
+      }
+    }
+  },
+  "Common": {
+    "LogDir": "log",
+    "Logger": "Fout",
+    "LogRotation": "Daily",
+    "CacheDir": "cache",
+    "SSHPort": 2222,
+    "LogLevel": "Info"
+  }
+}