diff --git a/Dockerfile b/Dockerfile index 755aeb4..5eb9490 100644 --- a/Dockerfile +++ b/Dockerfile @@ -5,12 +5,12 @@ RUN mkdir /app && \ groupadd --gid 10001 app && \ useradd --no-create-home --uid 10001 --gid 10001 --home-dir /app app -ADD . /go/src/go.mozilla.org/iprepd +ADD . /go/src/go.mozilla.org/repd RUN mkdir -p /app/bin && \ - go build -o /app/bin/iprepd go.mozilla.org/iprepd/cmd/iprepd + GOPATH="/go" go build -o /app/bin/repd go.mozilla.org/repd/cmd/repd COPY version.json /app/version.json USER app WORKDIR /app -CMD /app/bin/iprepd +CMD /app/bin/repd diff --git a/Makefile b/Makefile index f86dab8..3897c05 100644 --- a/Makefile +++ b/Makefile @@ -5,7 +5,7 @@ run: compose/docker-compose.run.yml CONFIG_VOLUME=$(shell pwd) docker-compose -f compose/docker-compose.base.yml -f compose/docker-compose.run.yml up test: compose/docker-compose.test.yml - docker-compose -f compose/docker-compose.base.yml -f compose/docker-compose.test.yml run iprepd + docker-compose -f compose/docker-compose.base.yml -f compose/docker-compose.test.yml run repd .PHONY: build run test diff --git a/README.md b/README.md index 2e3533d..2189248 100644 --- a/README.md +++ b/README.md @@ -1,6 +1,6 @@ -# iprepd +# repd -iprepd is a centralized reputation daemon that can be used to store reputation information +repd is a centralized reputation daemon that can be used to store reputation information for various objects such as IP addresses and retrieve reputation scores for the objects. The project initially focused on managing reputation information for only IP addresses, but @@ -12,30 +12,30 @@ mechanism. Multiple instances of the daemon can be deployed using the same Redis ## Configuration -Configuration is done through the configuration file, by default `./iprepd.yaml`. The location +Configuration is done through the configuration file, by default `./repd.yaml`. The location can be overridden with the `-c` flag. -See [iprepd.yaml.sample](./iprepd.yaml.sample) for an example configuration. +See [repd.yaml.sample](./repd.yaml.sample) for an example configuration. ## Building the Docker image ```bash ./write_version_json.sh -docker build -t iprepd:latest . +docker build -t repd:latest . ``` -Docker images are also [published](https://hub.docker.com/r/mozilla/iprepd/). +Docker images are also [published](https://hub.docker.com/r/mozilla/repd/). ```bash -docker pull mozilla/iprepd:latest -docker run -ti --rm -v `pwd`/iprepd.yaml:/app/iprepd.yaml mozilla/iprepd:latest +docker pull mozilla/repd:latest +docker run -ti --rm -v `pwd`/repd.yaml:/app/repd.yaml mozilla/repd:latest ``` ## API ### Authentication -iprepd supports two forms of authentication. Clients can authenticate to the service using either +repd supports two forms of authentication. Clients can authenticate to the service using either standard API keys, or by using [Hawk authentication](https://github.com/hapijs/hawk). Standard API key authentication can be configured in the configuration file in the `apikey` (for @@ -53,7 +53,7 @@ header in the `Authorization` header when making a request. Request the reputation for an object of a given type. Responds with 200 and a JSON document describing the reputation if found. Responds with a 404 if the object is -unknown to iprepd, or is in the exceptions list. +unknown to repd, or is in the exceptions list. The current supported object types are `ip` for an IP address and `email` for an email address. @@ -147,7 +147,7 @@ error will be logged. #### GET /violations -Returns violations configured in iprepd in a JSON document. +Returns violations configured in repd in a JSON document. ##### Response body @@ -189,7 +189,7 @@ Return version data. ### Legacy endpoints -The initial version of iprepd focused purely on reputation management for IP addresses. +The initial version of repd focused purely on reputation management for IP addresses. Requests to the legacy endpoints deal only with IP addresses, and are intended to maintain compatibility with older clients. @@ -199,7 +199,7 @@ standard endpoints with a type set to `ip`. #### GET /10.0.0.1 Request the reputation for an IP address. Responds with 200 and a JSON document describing the -reputation if found. Responds with a 404 if the IP address is unknown to iprepd, or is in the +reputation if found. Responds with a 404 if the IP address is unknown to repd, or is in the exceptions list. The response body may include a `decayafter` element if the reputation for the address was changed diff --git a/auth.go b/auth.go index 363251c..d148142 100644 --- a/auth.go +++ b/auth.go @@ -1,4 +1,4 @@ -package iprepd +package repd import ( "bytes" diff --git a/auth_test.go b/auth_test.go index 384c13f..047c70b 100644 --- a/auth_test.go +++ b/auth_test.go @@ -1,4 +1,4 @@ -package iprepd +package repd import ( "bytes" diff --git a/client.go b/client.go index 573e0cd..0e11840 100644 --- a/client.go +++ b/client.go @@ -1,4 +1,4 @@ -package iprepd +package repd import ( "bytes" @@ -9,7 +9,7 @@ import ( "net/http" ) -// Client is the iprepd service client +// Client is the repd service client type Client struct { hostURL string authStr string @@ -86,7 +86,7 @@ func (c *Client) Dump() ([]Reputation, error) { return ret, nil } -// Heartbeat checks whether an IPrepd deployment is healthy / reachable +// Heartbeat checks whether an repd deployment is healthy / reachable func (c *Client) Heartbeat() (bool, error) { req, err := http.NewRequest(http.MethodGet, fmt.Sprintf("%s/__heartbeat__", c.hostURL), nil) if err != nil { @@ -99,7 +99,7 @@ func (c *Client) Heartbeat() (bool, error) { return (resp.StatusCode == http.StatusOK), nil } -// LBHeartbeat checks whether an IPrepd LB is healthy / reachable +// LBHeartbeat checks whether an repd LB is healthy / reachable func (c *Client) LBHeartbeat() (bool, error) { req, err := http.NewRequest(http.MethodGet, fmt.Sprintf("%s/__lbheartbeat__", c.hostURL), nil) if err != nil { @@ -215,7 +215,7 @@ type VersionResponse struct { Build string `json:"build"` } -// Version retrieves the version of the IPrepd deployment +// Version retrieves the version of the repd deployment func (c *Client) Version() (*VersionResponse, error) { req, err := http.NewRequest(http.MethodGet, fmt.Sprintf("%s/__version__", c.hostURL), nil) if err != nil { @@ -265,7 +265,7 @@ func (c *Client) GetViolations() ([]Violation, error) { return v, nil } -// ApplyViolation submits a ViolationRequest to iprepd +// ApplyViolation submits a ViolationRequest to repd func (c *Client) ApplyViolation(vr *ViolationRequest) error { if vr == nil { return errors.New(clientErrViolationRequestNil) @@ -302,7 +302,7 @@ func (c *Client) ApplyViolation(vr *ViolationRequest) error { return nil } -// BatchApplyViolation submits a batch of ViolationRequests to iprepd +// BatchApplyViolation submits a batch of ViolationRequests to repd func (c *Client) BatchApplyViolation(typ string, vrs []ViolationRequest) error { if typ == "" { return errors.New(clientErrObjectTypeEmpty) diff --git a/client_test.go b/client_test.go index d652969..a0ae834 100644 --- a/client_test.go +++ b/client_test.go @@ -1,4 +1,4 @@ -package iprepd +package repd import ( "errors" diff --git a/cmd/iprepd/main.go b/cmd/iprepd/main.go deleted file mode 100644 index fa2150d..0000000 --- a/cmd/iprepd/main.go +++ /dev/null @@ -1,13 +0,0 @@ -package main - -import ( - "flag" - - "go.mozilla.org/iprepd" -) - -func main() { - confpath := flag.String("c", "./iprepd.yaml", "path to configuration") - flag.Parse() - iprepd.StartDaemon(*confpath) -} diff --git a/cmd/repd/main.go b/cmd/repd/main.go new file mode 100644 index 0000000..7235e54 --- /dev/null +++ b/cmd/repd/main.go @@ -0,0 +1,13 @@ +package main + +import ( + "flag" + + "go.mozilla.org/repd" +) + +func main() { + confpath := flag.String("c", "./repd.yaml", "path to configuration") + flag.Parse() + repd.StartDaemon(*confpath) +} diff --git a/compose/docker-compose.base.yml b/compose/docker-compose.base.yml index cc9518d..6b07fdd 100644 --- a/compose/docker-compose.base.yml +++ b/compose/docker-compose.base.yml @@ -2,18 +2,18 @@ version: '3' services: redis: - container_name: iprepd_redis + container_name: repd_redis image: redis:3.2 ports: - "6379:6379" - iprepd: - container_name: iprepd_app - image: iprepd:build + repd: + container_name: repd_app + image: repd:build build: context: ../. environment: - - IPREPD_TEST_REDISADDR=redis:6379 + - REPD_TEST_REDISADDR=redis:6379 links: - redis ports: diff --git a/compose/docker-compose.run.yml b/compose/docker-compose.run.yml index d7f02ca..c4818f8 100644 --- a/compose/docker-compose.run.yml +++ b/compose/docker-compose.run.yml @@ -1,7 +1,7 @@ version: '3' services: - iprepd: + repd: volumes: - '$CONFIG_VOLUME:/app/config/' - command: bash -c '/app/bin/iprepd -c /app/config/iprepd.yaml' + command: bash -c '/app/bin/repd -c /app/config/repd.yaml' diff --git a/compose/docker-compose.test.yml b/compose/docker-compose.test.yml index 93168ae..6fff5e0 100644 --- a/compose/docker-compose.test.yml +++ b/compose/docker-compose.test.yml @@ -1,5 +1,5 @@ version: '3' services: - iprepd: - command: bash -c 'cd /go/src/go.mozilla.org/iprepd && go test -v' + repd: + command: bash -c 'cd /go/src/go.mozilla.org/repd && go test -v' diff --git a/docker_push.sh b/docker_push.sh index 2307a32..798b613 100755 --- a/docker_push.sh +++ b/docker_push.sh @@ -5,8 +5,8 @@ if [[ -n "$CIRCLE_TAG" ]]; then tag=$CIRCLE_TAG fi -docker tag iprepd:build mozilla/iprepd:${tag} +docker tag repd:build mozilla/repd:${tag} docker login -u "$DOCKER_USER" -p "$DOCKER_PASS" -docker push mozilla/iprepd:${tag} +docker push mozilla/repd:${tag} diff --git a/exception.go b/exception.go index a57d922..dcb79ce 100644 --- a/exception.go +++ b/exception.go @@ -1,4 +1,4 @@ -package iprepd +package repd import ( "bufio" diff --git a/http.go b/http.go index 3a4620a..5f7dcf3 100644 --- a/http.go +++ b/http.go @@ -1,4 +1,4 @@ -package iprepd +package repd import ( "encoding/json" diff --git a/http_test.go b/http_test.go index 24923b4..e8c0f14 100644 --- a/http_test.go +++ b/http_test.go @@ -1,4 +1,4 @@ -package iprepd +package repd import ( "bytes" diff --git a/redis.go b/redis.go index 900c4bc..aeb7480 100644 --- a/redis.go +++ b/redis.go @@ -1,4 +1,4 @@ -package iprepd +package repd import ( "fmt" diff --git a/iprepd.go b/repd.go similarity index 95% rename from iprepd.go rename to repd.go index 3777ca5..841c901 100644 --- a/iprepd.go +++ b/repd.go @@ -1,4 +1,4 @@ -package iprepd +package repd import ( "fmt" @@ -84,7 +84,7 @@ func (cfg *serverCfg) getViolation(v string) *Violation { var sruntime serverRuntime func init() { - mozlogrus.Enable("iprepd") + mozlogrus.Enable("repd") rand.Seed(time.Now().Unix()) } @@ -109,7 +109,7 @@ func loadCfg(confpath string) (ret serverCfg, err error) { return ret, ret.validate() } -// StartDaemon starts a new instance of iprepd using configuration file confpath. +// StartDaemon starts a new instance of repd using configuration file confpath. func StartDaemon(confpath string) { log.Infof("starting daemon") diff --git a/iprepd.yaml.sample b/repd.yaml.sample similarity index 92% rename from iprepd.yaml.sample rename to repd.yaml.sample index b0e0eed..d22dd24 100644 --- a/iprepd.yaml.sample +++ b/repd.yaml.sample @@ -68,8 +68,8 @@ violations: decay: points: 1 interval: 1s -# Exceptions control IP address exceptions in iprepd. Any IP that matches an exception will -# not be returned by iprepd if it is requested (e.g., it will effectively have a reputation +# Exceptions control IP address exceptions in repd. Any IP that matches an exception will +# not be returned by repd if it is requested (e.g., it will effectively have a reputation # score of 100). Useful for exempting internal IP addresses. # # Note the these exceptions only apply to requests for "ip" type objects, either through @@ -80,7 +80,7 @@ exceptions: file: - ./exception1.txt - ./exception2.txt - # If aws is set to true, iprepd will periodically query for known AWS IP address ranges and + # If aws is set to true, repd will periodically query for known AWS IP address ranges and # add these to the exception list. aws: false # versionresponse specifies a path to a file, the contents of which will be returned on a diff --git a/iprepd_test.go b/repd_test.go similarity index 94% rename from iprepd_test.go rename to repd_test.go index 94d8946..4261c54 100644 --- a/iprepd_test.go +++ b/repd_test.go @@ -1,4 +1,4 @@ -package iprepd +package repd import ( "encoding/json" @@ -14,7 +14,7 @@ const ( testBuild = "testing" testCommit = "testcommit" testVersion = "testversion" - testSource = "https://github.com/mozilla-services/iprepd" + testSource = "https://github.com/mozilla-services/repd" ) func baseTest() error { @@ -80,7 +80,7 @@ func baseTest() error { } func TestLoadSampleConfig(t *testing.T) { - _, err := loadCfg("./iprepd.yaml.sample") + _, err := loadCfg("./repd.yaml.sample") assert.Nil(t, err) } @@ -95,7 +95,7 @@ func TestMain(m *testing.M) { fmt.Fprintf(os.Stderr, "%v\n", err) os.Exit(1) } - renv := os.Getenv("IPREPD_TEST_REDISADDR") + renv := os.Getenv("REPD_TEST_REDISADDR") if renv != "" { tcfg.Redis.Addr = renv } diff --git a/score.go b/score.go index a3f33df..dc4e37f 100644 --- a/score.go +++ b/score.go @@ -1,4 +1,4 @@ -package iprepd +package repd import ( "encoding/json" @@ -129,7 +129,7 @@ func (r *Reputation) applyDecay() error { // Violation describes a violation penalty that can be applied to an object. type Violation struct { - // Name of violation as specified in iprepd cfg + // Name of violation as specified in repd cfg Name string `json:"name"` // Penalty is how many points a reputation will be decreased by if this diff --git a/statsd.go b/statsd.go index c100249..ea4050e 100644 --- a/statsd.go +++ b/statsd.go @@ -1,4 +1,4 @@ -package iprepd +package repd import ( "time" @@ -18,7 +18,7 @@ func newStatsdClient(cfg serverCfg) (*statsdClient, error) { if err != nil { return nil, err } - c.Namespace = "iprepd_server." + c.Namespace = "repd_server." return &statsdClient{client: c}, nil } diff --git a/validators.go b/validators.go index e823154..3799a9a 100644 --- a/validators.go +++ b/validators.go @@ -1,4 +1,4 @@ -package iprepd +package repd import ( "fmt" diff --git a/validators_test.go b/validators_test.go index 163ced2..7df455a 100644 --- a/validators_test.go +++ b/validators_test.go @@ -1,4 +1,4 @@ -package iprepd +package repd import ( "fmt" diff --git a/write_version_json.sh b/write_version_json.sh index 73c5b6d..0bcec6a 100755 --- a/write_version_json.sh +++ b/write_version_json.sh @@ -6,7 +6,7 @@ set -eo pipefail : "${CIRCLE_SHA1=$(git rev-parse HEAD)}" : "${CIRCLE_TAG=$(git describe --tags)}" : "${CIRCLE_PROJECT_USERNAME=mozilla-services}" -: "${CIRCLE_PROJECT_REPONAME=iprepd}" +: "${CIRCLE_PROJECT_REPONAME=repd}" : "${CIRCLE_BUILD_URL=localdev}" printf '{"commit":"%s","version":"%s","source":"https://github.com/%s/%s","build":"%s"}\n' \