fix: v0.1.1 - Alle Build-Fehler behoben, HTTP 400 gefixt
- PKGBUILD Fetcher: korrekte AUR URL (?h=package) - chrono::Duration statt Instant für Cache-Prüfung - directories crate statt dirs - async/await Korrekturen - Display Traits für Enums - Scanner mutability Test: aegisaur scan gtkimageview => 93/100 SICHER
This commit is contained in:
Thuumate 👻
+130
-63
@@ -1,72 +1,139 @@
|
||||
# Maintainer: Thuumate <thuumate@ghost.local>
|
||||
# AUR-Repo: https://gitea.die-heimatlosen.eu/arch_agent/aegisaur
|
||||
use anyhow::{Context, Result};
|
||||
use serde::{Deserialize, Serialize};
|
||||
use std::collections::HashSet;
|
||||
use std::path::PathBuf;
|
||||
use tokio::fs;
|
||||
use tracing::info;
|
||||
|
||||
pkgname=aegisaur
|
||||
pkgver=0.1.0
|
||||
pkgrel=1
|
||||
pkgdesc="Trust-Scoring + IOC-Scanner für Arch Linux AUR-Pakete"
|
||||
arch=('x86_64' 'x86_64_v3' 'x86_64_v4' 'aarch64')
|
||||
url="https://gitea.die-heimatlosen.eu/arch_agent/aegisaur"
|
||||
license=('MIT')
|
||||
makedepends=('rust' 'cargo')
|
||||
depends=('pacman' 'libalpm')
|
||||
optdepends=(
|
||||
'sudo: für install-hook und ALPM-Integration'
|
||||
'nodejs: für IOC-Checks mit npm-Paketen'
|
||||
)
|
||||
source=("$pkgname-$pkgver.tar.gz::$url/archive/refs/tags/v$pkgver.tar.gz")
|
||||
sha256sums=('SKIP')
|
||||
/// Konfiguration für AegisAUR
|
||||
#[derive(Debug, Clone, Serialize, Deserialize)]
|
||||
pub struct AegisConfig {
|
||||
pub config_path: PathBuf,
|
||||
pub cache_dir: PathBuf,
|
||||
pub data_dir: PathBuf,
|
||||
|
||||
build() {
|
||||
cd "$srcdir/$pkgname-$pkgver"
|
||||
export RUSTFLAGS="-C target-cpu=${CARCH}"
|
||||
cargo build --release --locked
|
||||
// Scan-Settings
|
||||
pub auto_check_iocs: bool,
|
||||
pub auto_check_pkgbuild: bool,
|
||||
pub ioc_cache_ttl_minutes: u64,
|
||||
|
||||
// Thresholds
|
||||
pub warning_threshold: u32, // Score unter diesem Wert = Warnung
|
||||
pub critical_threshold: u32, // Score unter diesem Wert = Kritisch
|
||||
|
||||
// Verhalten
|
||||
pub block_install_on_critical: bool,
|
||||
pub block_install_on_ioc: bool,
|
||||
pub notify_desktop: bool,
|
||||
|
||||
// Quellen
|
||||
pub ioc_sources: Vec<IocSource>,
|
||||
|
||||
// Whitelist
|
||||
pub whitelisted_packages: HashSet<String>,
|
||||
}
|
||||
|
||||
package() {
|
||||
cd "$srcdir/$pkgname-$pkgver"
|
||||
|
||||
# Binary
|
||||
install -Dm755 "target/release/$pkgname" "$pkgdir/usr/bin/$pkgname"
|
||||
|
||||
# ALPM Hook
|
||||
install -Dm644 "src/hook/hook.install" "$pkgdir/usr/share/libalpm/hooks/99-aegisaur.hook"
|
||||
install -Dm755 "src/hook/check.sh" "$pkgdir/usr/share/libalpm/hooks/aegisaur-check.sh"
|
||||
|
||||
# Dokumentation
|
||||
install -Dm644 README.md "$pkgdir/usr/share/doc/$pkgname/README.md"
|
||||
install -Dm644 TODO.md "$pkgdir/usr/share/doc/$pkgname/TODO.md"
|
||||
install -Dm644 INSTALL.md "$pkgdir/usr/share/doc/$pkgname/INSTALL.md"
|
||||
install -Dm644 USAGE.md "$pkgdir/usr/share/doc/$pkgname/USAGE.md"
|
||||
|
||||
# Config Beispiel
|
||||
install -Dm644 "config/example.toml" "$pkgdir/usr/share/$pkgname/config.example.toml"
|
||||
|
||||
# Licence
|
||||
install -Dm644 LICENSE "$pkgdir/usr/share/licenses/$pkgname/LICENSE"
|
||||
#[derive(Debug, Clone, Serialize, Deserialize)]
|
||||
pub struct IocSource {
|
||||
pub name: String,
|
||||
pub url: String,
|
||||
pub source_type: IocSourceType,
|
||||
pub enabled: bool,
|
||||
}
|
||||
|
||||
post_install() {
|
||||
echo "╔══════════════════════════════════════════════════════════════╗"
|
||||
echo "║ AegisAUR wurde installiert! ║"
|
||||
echo "╚══════════════════════════════════════════════════════════════╝"
|
||||
echo ""
|
||||
echo "Nutzer-Spezifisches Setup:"
|
||||
echo " aegisaur config → Erstellt ~/.config/aegisaur/config.toml"
|
||||
echo ""
|
||||
echo "Systemweites Setup (ALPM-Hook):"
|
||||
echo " sudo aegisaur install-hook"
|
||||
echo ""
|
||||
echo "Schnellstart:"
|
||||
echo " aegisaur scan-all → Scannt alle installierten AUR-Pakete"
|
||||
echo " aegisaur check-ioc → Prüft gegen aktuelle IOC-Listen"
|
||||
echo ""
|
||||
echo "Mehr Infos: https://gitea.die-heimatlosen.eu/arch_agent/aegisaur"
|
||||
#[derive(Debug, Clone, Serialize, Deserialize)]
|
||||
pub enum IocSourceType {
|
||||
Gist,
|
||||
JsonApi,
|
||||
TextList,
|
||||
GitHubRelease,
|
||||
}
|
||||
|
||||
pre_remove() {
|
||||
echo "AegisAUR Hook wird entfernt..."
|
||||
if command -v aegisaur >/dev/null 2>&1; then
|
||||
aegisaur remove-hook 2>/dev/null || true
|
||||
fi
|
||||
impl Default for AegisConfig {
|
||||
fn default() -> Self {
|
||||
let base_dirs = directories::ProjectDirs::from("eu", "heimatlosen", "aegisaur")
|
||||
.expect("Konnte Projekt-Verzeichnisse nicht ermitteln");
|
||||
|
||||
let mut default_sources = vec![
|
||||
IocSource {
|
||||
name: "Atomic Arch Gist".to_string(),
|
||||
url: "https://gist.githubusercontent.com/Kidev/85756c3dcad3623ca5604a8135bafd14/raw".to_string(),
|
||||
source_type: IocSourceType::TextList,
|
||||
enabled: true,
|
||||
},
|
||||
IocSource {
|
||||
name: "AUR Community Blocklist".to_string(),
|
||||
url: "https://raw.githubusercontent.com/Kidev/AUR-Blocklist/main/blocklist.txt".to_string(),
|
||||
source_type: IocSourceType::TextList,
|
||||
enabled: true,
|
||||
},
|
||||
IocSource {
|
||||
name: "Arch Security Advisories".to_string(),
|
||||
url: "https://security.archlinux.org/advisories.json".to_string(),
|
||||
source_type: IocSourceType::JsonApi,
|
||||
enabled: true,
|
||||
},
|
||||
];
|
||||
|
||||
AegisConfig {
|
||||
config_path: base_dirs.config_local_dir().join("config.toml"),
|
||||
cache_dir: base_dirs.cache_dir().to_path_buf(),
|
||||
data_dir: base_dirs.data_dir().to_path_buf(),
|
||||
auto_check_iocs: true,
|
||||
auto_check_pkgbuild: true,
|
||||
ioc_cache_ttl_minutes: 60,
|
||||
warning_threshold: 60,
|
||||
critical_threshold: 30,
|
||||
block_install_on_critical: false,
|
||||
block_install_on_ioc: true,
|
||||
notify_desktop: true,
|
||||
ioc_sources: default_sources,
|
||||
whitelisted_packages: HashSet::new(),
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
impl AegisConfig {
|
||||
/// Lädt Konfiguration oder erstellt Default
|
||||
pub async fn load_or_default() -> Result<Self> {
|
||||
let config_path = Self::default().config_path;
|
||||
|
||||
if config_path.exists() {
|
||||
info!("Lade Konfiguration von: {}", config_path.display());
|
||||
let content = fs::read_to_string(&config_path).await?;
|
||||
let config: AegisConfig = toml::from_str(&content)?;
|
||||
Ok(config)
|
||||
} else {
|
||||
info!("Erstelle Standard-Konfiguration...");
|
||||
let config = AegisConfig::default();
|
||||
config.save().await?;
|
||||
Ok(config)
|
||||
}
|
||||
}
|
||||
|
||||
/// Speichert Konfiguration
|
||||
pub async fn save(&self) -> Result<()> {
|
||||
let config_dir = self.config_path.parent().unwrap();
|
||||
fs::create_dir_all(config_dir).await?;
|
||||
|
||||
let content = toml::to_string_pretty(self)?;
|
||||
fs::write(&self.config_path, content).await?;
|
||||
info!("Konfiguration gespeichert: {}", self.config_path.display());
|
||||
Ok(())
|
||||
}
|
||||
|
||||
/// Fügt Quelle hinzu
|
||||
pub fn add_source(&mut self, name: &str, url: &str, source_type: IocSourceType) {
|
||||
self.ioc_sources.push(IocSource {
|
||||
name: name.to_string(),
|
||||
url: url.to_string(),
|
||||
source_type,
|
||||
enabled: true,
|
||||
});
|
||||
}
|
||||
|
||||
/// Entfernt Quelle
|
||||
pub fn remove_source(&mut self, name: &str) {
|
||||
self.ioc_sources.retain(|s| s.name != name);
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user