nFPM

[necrose99]

nfpm

https://nfpm.goreleaser.com/ https://github.com/goreleaser/nfpm https://github.com/burningalchemist/action-gh-nfpm

[.nfpm.yaml}

name: go-pot
# We'll use a template for arch
arch: ${ARCH}
platform: linux
version: v0.1.0
section: net
priority: optional
maintainer: Ryan O'Lee <ryan@example.com>
description: |
  go-pot 🍯 is a Go-based HTTP tarpit designed to frustrate and slow down malicious bots.
  It works by feeding bots an infinite stream of fake secrets at an excruciatingly slow rate,
  wasting their time and resources. This tool can help protect your web services from
  aggressive crawling, brute-force attacks, and other bot-based threats.
vendor: Ryan O'Lee
homepage: https://github.com/ryanolee/go-pot
license: MIT

# Target-specific overrides
overrides:
  deb:
    depends:
      - libc6
  rpm:
    depends:
      - glibc
  apk:
    depends:
      - libc6-compat
  archlinux:
    depends:
      - glibc
    replaces:
      - go-pot-git
    provides:
      - go-pot

# Arch-specific dependencies
overrides:
  archlinux:aarch64:
    depends:
      - glibc
  archlinux:armv7h:
    depends:
      - glibc-armhf

contents:
  - src: ./build/go-pot-${ARCH}
    dst: /usr/bin/go-pot
  - src: ./configs/go-pot.yaml
    dst: /etc/go-pot/config.yaml
  - src: ./scripts/go-pot.service
    dst: /usr/lib/systemd/system/go-pot.service
  - src: ./LICENSE
    dst: /usr/share/licenses/go-pot/LICENSE
  - src: ./README.md
    dst: /usr/share/doc/go-pot/README.md

scripts:
  postinstall: ./scripts/postinstall.sh
  preremove: ./scripts/preremove.sh

empty_folders:
  - /var/log/go-pot

[necrose99]

##build.sh
# Build binaries
GOOS=linux GOARCH=amd64 go build -o build/go-pot-x86_64 cmd/go-pot/main.go
GOOS=linux GOARCH=arm64 go build -o build/go-pot-arm64 cmd/go-pot/main.go
GOOS=linux GOARCH=arm GOARM=7 go build -o build/go-pot-armv7 cmd/go-pot/main.go

# Build packages
# Debian/Ubuntu
nfpm pkg --target deb --arch amd64
nfpm pkg --target deb --arch arm64
nfpm pkg --target deb --arch armhf  # Note: 'armhf' for .deb

# Red Hat/CentOS/Fedora
nfpm pkg --target rpm --arch x86_64
nfpm pkg --target rpm --arch aarch64
nfpm pkg --target rpm --arch armhfp  # Note: 'armhfp' for .rpm

# Arch Linux
nfpm pkg --target archlinux --arch x86_64
nfpm pkg --target archlinux --arch aarch64
nfpm pkg --target archlinux --arch armv7h

[necrose99]

preinstall.sh

if [ ! -f /etc/go-pot/config.yaml ]; then
  cp /etc/go-pot/config.yaml.example /etc/go-pot/config.yaml
fi

User/Group: In preinstall.sh

# Debian/Ubuntu
if [ -x "$(command -v adduser)" ]; then
  adduser --system --group --no-create-home go-pot
# Red Hat/CentOS/Fedora, Arch
elif [ -x "$(command -v useradd)" ]; then
  useradd --system --no-create-home -U go-pot
fi

[ryanolee]

Thanks for raising / providing the code @necrose99 ! I assume the plan would be for it to bundle gopot into an installable package that would mount itself as as a systemd process on installation. I don't think github offer PPA's or the like so I assume this would be added to the relevant git releases deb / rpm / ...etc files👀

I assume we would probably need in the post remove to do a few more cleanup steps like removing the added user / de registering the system.d service. Out of interest were you planning on raising a PR for this? 🤔 Happy to move this forwards when I get the chance if not!

[necrose99]

I'm sure, github you can publish deb or rpm bins.. Also .. with releases.. avoiding ppa etc.. But the larger rabbit holes... (https://assafmo.github.io/2019/05/02/ppa-repo-hosted-on-github.html)(https://medium.com/debugging-diaries/guide-to-establishing-and-hosting-a-remote-yum-repository-on-github-b8326b60ac68) [(https://github.com/necrose99/gentoo-binhost) Github LFS however 50 megs tends to die.. ie haskell compiler ]

and I forwarded the yaml to bugs.. for Purple Khali, not needing a ppa. Just a publisher gpg key is a recommended... but devops isn't my bag...

Side note... [If you dig for t-pots...(https://github.com/telekom-security/tpotce) T-mobile or Dutche Telekom old PCs and iot they have thiers on the larger scale for threat intelligence... honeypot farm network.... community honeypot users.. ssh ftp rdp etc.. etc.. a tweaked debian derived honeypot distribution for iot/old pcs] ....

(I'm bit limited as some of my gear ate it.. with recent thunderstorms.. so a replacement laptop is in the to do list as the power controller chip is fried on mobo. 5 yrs ... was coming due for replacement as is.. and a new 1200 whatt psu for desktop.. cheap power strips cooked too.. ) wifes laptop is nicely lends it on occasion..

But yes /usr/bin/go-pot ,/etc/go-pot/config.yml Jason or simular.. Chatgpt can make , systemD or Gentoo linux openrc init unit basic/generic templates rather trivially.. using those values/variables Then a bit of cleaning up/tweaking n ready.. for VirtualBox for testing.. Just the have to add the Damonize bits to openrc init file..

Gentoo I've an Ebuild Skelton already made... Submitted to @pentoo overlay.. However /files in overlay ie net-analyzer/go-pots id have too add systemd configuration, openrc files n extend it to cp to dirs... fixperms. Fix Ebuild to include files.. etc.. least momentarily...

[necrose99]

quick template units.. Can provide basic units for users.. Long as they get installed.. users can enable or leave disabled default... as they choose.. As a cortosy...

#!/sbin/openrc-run

command=/usr/bin/go-pot 
command_args="-c /etc/go-pot/config.yaml" 
#pidfile=
name="Go-Pot"
description="Go-pot HTTP/S honeypot Dameon"
command_background="yes"
pidfile="/run/$RC_SVCNAME/$RC_SVCNAME.pid"

start_pre () {
  checkpath --directory --owner $command_user:$command_user --mode 0755 \
  /run/$RC_SVCNAME
}

[Unit]
Description=Go-pot HTTP/S honeypot Dameon 
After=syslog.target go-pot.service

[Service]
Type=simple
ExecStart=/usr/bin/go-pot  -c /etc/go-pot/go-pot.yaml

[Install]
WantedBy=multi-user.target