#![deny(clippy::pedantic)]
#![allow(clippy::module_name_repetitions)]
use std::sync::Arc;
use clap::Parser;
use deadpool_postgres::{
tokio_postgres::{NoTls, Statement, Transaction},
GenericClient, Runtime,
};
use futures::{StreamExt, TryFutureExt};
use pisshoff_types::audit::{AuditLog, AuditLogEvent};
use tokio::net::{UnixListener, UnixStream};
use tokio_util::codec::{Decoder, LinesCodec};
use tracing::{error, info};
use tracing_subscriber::EnvFilter;
use crate::config::Args;
mod config;
mod embedded {
use refinery::embed_migrations;
embed_migrations!();
}
pub struct Context {
db: deadpool_postgres::Pool,
}
#[tokio::main]
async fn main() {
if let Err(e) = run().await {
error!("Failed to run {}: {}", env!("CARGO_CRATE_NAME"), e);
std::process::exit(1);
}
}
async fn run() -> anyhow::Result<()> {
let args = Args::parse();
std::env::set_var("RUST_LOG", args.verbosity());
tracing_subscriber::fmt()
.with_env_filter(EnvFilter::from_default_env())
.init();
let db = args.config.pg.create_pool(Some(Runtime::Tokio1), NoTls)?;
let context = Arc::new(Context { db });
embedded::migrations::runner()
.run_async(&mut **context.db.get().await?)
.await?;
spawn_listener(&args, context).await
}
async fn spawn_listener(args: &Args, context: Arc<Context>) -> anyhow::Result<()> {
let listener = UnixListener::bind(&args.config.socket_path)?;
loop {
let (stream, remote) = listener.accept().await?;
info!(?remote, "Accepted incoming connection");
let context = context.clone();
tokio::spawn(async move {
if let Err(e) = handle_connection(stream, context).await {
error!("Connection failed: {e}");
}
});
}
}
async fn handle_connection(stream: UnixStream, context: Arc<Context>) -> anyhow::Result<()> {
let mut framed = LinesCodec::new().framed(stream);
while let Some(line) = framed.next().await.transpose()? {
let context = context.clone();
tokio::spawn(
ingest_log(context, line).inspect_err(|e| error!("Failed to ingest log: {e}")),
);
}
Ok(())
}
async fn ingest_log(context: Arc<Context>, line: String) -> anyhow::Result<()> {
let line: AuditLog = serde_json::from_str(&line)?;
let Some(peer_address) = line.peer_address else {
return Ok(());
};
let mut connection = context.db.get().await?;
let tx = connection.transaction().await?;
tokio::try_join!(
async {
tx
.execute(
"INSERT INTO audit (timestamp, connection_id, peer_address, host) VALUES ($1, $2, $3, $4)",
&[&line.ts, &line.connection_id, &peer_address.to_string(), &line.host],
)
.await
.map_err(anyhow::Error::from)
},
async {
let prepared = tx.prepare("INSERT INTO audit_environment_variables (connection_id, name, value) VALUES ($1, $2, $3)").await?;
futures::future::try_join_all(line.environment_variables.iter().map(
|(key, value)| async {
tx.execute(&prepared, &[&line.connection_id, key, value])
.await
},
))
.await
.map_err(anyhow::Error::from)
},
async {
let prepared = tx.prepare("INSERT INTO audit_events (timestamp, connection_id, type, content) VALUES ($1, $2, $3, $4)").await?;
futures::future::try_join_all(
line.events
.iter()
.map(|event| insert_event(&tx, &prepared, &line, event)),
)
.await
}
)?;
tx.commit().await?;
Ok(())
}
async fn insert_event(
tx: &Transaction<'_>,
prepared: &Statement,
line: &AuditLog,
event: &AuditLogEvent,
) -> anyhow::Result<()> {
let ts = line.ts + event.start_offset;
tx.execute(
prepared,
&[
&ts,
&line.connection_id,
&<&'static str>::from(&event.action),
&serde_json::to_value(&event.action)?,
],
)
.await?;
Ok(())
}