search

eth0izzle / shhgit

Ah shhgit! Find secrets in your code. Secrets detection for your GitHub, GitLab and Bitbucket repositories.
MIT License
3.83k stars 481 forks source link

Include shhgit-live front-end interface #8

Closed eth0izzle closed 4 years ago

eth0izzle commented 5 years ago

From https://shhgit.darkport.co.uk/

TODO: clean up the code and do some further testing across platforms.

redex557 commented 4 years ago

Any update on this?

bridge-four commented 4 years ago

Really love your live front-end for this! Any update on releasing details?

eth0izzle commented 4 years ago

Yeah apologies for the delay on this. I've changed the architecture to help with load shortly after I released the live version. Now shhgit simply posts JSON to an SSE via nginx where the front end picks it up. So the only changes to shhgit code are:

data, _ := json.Marshal(event)
http.Post("https://api.shhgit.darkport.co.uk/push", "application/json", bytes.NewBuffer(data))

where event is a MatchEvent. I then have a publisher in nginx on /push (the URI above that shhgit POSTs to), and a subscriber on /events that the UI listens on via an EventSource (see https://shhgit.darkport.co.uk/static/script.js). The server block in my nginx config looks like this:

location /push {
        push_stream_publisher admin;
        push_stream_channels_path   "shhgit";
        push_stream_store_messages              on;

        allow 127.0.0.1/32;
        allow 172.31.33.0/24;
        deny all;
    }

location /events {
        push_stream_subscriber eventsource;
        push_stream_channels_path   "shhgit";

        client_max_body_size                    32k;
        client_body_buffer_size                 32k;
    }

You'll need this module. And that's pretty much it. The live version is hacked together. Because there's a few moving parts, it's probably best to put some effort in and Dockerize everthing.

cb-narasinga commented 4 years ago

I am trying to do shhgit activity for a specific set of repositories . I am new to Go. I would like to know on which part of code to tweak , so that my specific set of repositories is scanned. TIA

wifiuk commented 4 years ago

I am trying to do shhgit activity for a specific set of repositories . I am new to Go. I would like to know on which part of code to tweak , so that my specific set of repositories is scanned. TIA

if you get this working, i would be interested to see a guide on how you set it all up.

RiRa12621 commented 4 years ago

it's probably best to put some effort in and Dockerize everthing.

I'd be down to do that @eth0izzle if you give me a pointer on where to find the frontend

eth0izzle commented 4 years ago

@wifiuk @RiRa12621 see my comment above: https://github.com/eth0izzle/shhgit/issues/8#issuecomment-613122114

RiRa12621 commented 4 years ago

But that's only the nginx config part and one js script, I'm somewhat missing the UI part here.

eth0izzle commented 4 years ago

You can copy the source from https://shhgit.darkport.co.uk/ - just make sure to grab /static/style.css and /static/script.js too. And in the script.js change the hostname api.shhgit.darkport.co.uk to your local nginx instance.

eth0izzle commented 4 years ago

It look me almost a year. But it's here. Check the README in the latest commit.