linsk/cmd/run.go

// Linsk - A utility to access Linux-native file systems on non-Linux operating systems.
// Copyright (c) 2023 The Linsk Authors.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with this program. If not, see <https://www.gnu.org/licenses/>.

package cmd

import (
	"context"
	"fmt"
	"log/slog"
	"os"
	"strings"

	"github.com/AlexSSD7/linsk/osspecifics"
	"github.com/AlexSSD7/linsk/share"
	"github.com/AlexSSD7/linsk/vm"
	"github.com/sethvargo/go-password/password"
	"github.com/spf13/cobra"
)

var runCmd = &cobra.Command{
	Use:   "run",
	Short: "Start a VM and expose an FTP file share.",
	Args:  cobra.RangeArgs(1, 3),
	Run: func(cmd *cobra.Command, args []string) {
		var luksContainerDevice string

		vmMountDevName := "vdb"

		if luksContainerFlag != "" {
			if luksContainerEntireDriveFlag {
				slog.Error("--luks-container and --luks-container-entire-drive (-c) cannot be both specified at once")
				os.Exit(1)
			}

			luksContainerDevice = luksContainerFlag
		} else if luksContainerEntireDriveFlag {
			luksContainerDevice = vmMountDevName
		}

		if len(args) > 1 {
			vmMountDevName = args[1]
		} else if luksContainerDevice != "" {
			slog.Error("Cannot use the default (entire) device with a LUKS container. Please specify the in-VM device name to mount as a second positional argument.")
		}

		var fsTypeOverride string
		if len(args) > 2 {
			fsTypeOverride = args[2]
		}

		newBackendFunc := share.GetBackend(shareBackendFlag)
		if newBackendFunc == nil {
			slog.Error("Unknown file share backend", "type", shareBackendFlag)
			os.Exit(1)
		}

		cfg, err := share.RawUserConfiguration{
			ListenIP: shareListenIPFlag,

			FTPExtIP:   ftpExtIPFlag,
			SMBExtMode: smbUseExternAddrFlag,
		}.Process(shareBackendFlag, slog.With("caller", "share-config"))
		if err != nil {
			slog.Error("Failed to process raw configuration", "error", err.Error())
			os.Exit(1)
		}

		backend, vmOpts, err := newBackendFunc(cfg)
		if err != nil {
			slog.Error("Failed to initialize share backend", "backend", shareBackendFlag, "error", err.Error())
			os.Exit(1)
		}

		if (luksFlag || luksContainerDevice != "") && !allowLUKSLowMemoryFlag {
			if vmMemAllocFlag < defaultMemAllocLUKS {
				if vmMemAllocFlag != defaultMemAlloc {
					slog.Warn("Enforcing minimum LUKS memory allocation. Please add --allow-luks-low-memory to disable this.", "min", vmMemAllocFlag, "specified", vmMemAllocFlag)
				}

				vmMemAllocFlag = defaultMemAllocLUKS
			}
		}

		os.Exit(runVM(args[0], func(ctx context.Context, i *vm.VM, fm *vm.FileManager, tapCtx *share.NetTapRuntimeContext) int {
			fsToLog := "<auto>"
			if fsTypeOverride != "" {
				fsToLog = fsTypeOverride
			}

			slog.Info("Mounting the device", "dev", vmMountDevName, "fs", fsToLog, "luks", luksFlag)

			err := fm.Mount(vmMountDevName, vm.MountOptions{
				LUKSContainerPreopen: luksContainerDevice,

				FSTypeOverride: fsTypeOverride,
				LUKS:           luksFlag,
			})
			if err != nil {
				slog.Error("Failed to mount the disk inside the VM", "error", err.Error())
				return 1
			}

			sharePWD, err := password.Generate(16, 10, 0, false, false)
			if err != nil {
				slog.Error("Failed to generate ephemeral password for the network file share", "error", err.Error())
				return 1
			}

			lg := slog.With("backend", shareBackendFlag)

			shareURI, err := backend.Apply(ctx, sharePWD, &share.VMShareContext{
				Instance:    i,
				FileManager: fm,
				NetTapCtx:   tapCtx,
			})
			if err != nil {
				lg.Error("Failed to apply (start) file share backend", "error", err.Error())
				return 1
			}

			lg.Info("Started the network share successfully")

			fmt.Fprintf(os.Stderr, "===========================\n[Network File Share Config]\nThe network file share was started. Please use the credentials below to connect to the file server.\n\nType: "+strings.ToUpper(shareBackendFlag)+"\nURL: %v\nUsername: linsk\nPassword: %v\n===========================\n", shareURI, sharePWD)

			ctxWait := true

			if debugShellFlag {
				slog.Warn("Starting a debug VM shell")
				err := runVMShell(ctx, i)
				if err != nil {
					slog.Error("Failed to run VM shell", "error", err.Error())
				} else {
					ctxWait = false
				}
			}

			if ctxWait {
				<-ctx.Done()
			}

			return 0
		}, vmOpts.Ports, unrestrictedNetworkingFlag, vmOpts.EnableTap))
	},
}

var (
	luksFlag                     bool
	luksContainerFlag            string
	luksContainerEntireDriveFlag bool
	allowLUKSLowMemoryFlag       bool
	shareListenIPFlag            string
	ftpExtIPFlag                 string
	shareBackendFlag             string
	smbUseExternAddrFlag         bool
	debugShellFlag               bool
)

func init() {
	runCmd.Flags().BoolVarP(&luksFlag, "luks", "l", false, "Use cryptsetup to open a LUKS volume (password will be prompted).")
	runCmd.Flags().StringVar(&luksContainerFlag, "luks-container", "", `Specifies a device path (without "dev/" prefix) to preopen as a LUKS container (password will be prompted). Useful for accessing LVM partitions behind LUKS.`)
	runCmd.Flags().BoolVarP(&luksContainerEntireDriveFlag, "luks-container-entire-drive", "c", false, `Similar to --luks-container, but this assumes that the entire passed-through volume is a LUKS container (password will be prompted).`)
	runCmd.Flags().BoolVar(&allowLUKSLowMemoryFlag, "allow-luks-low-memory", false, "Allow VM memory allocation lower than 2048 MiB when LUKS is enabled.")
	runCmd.Flags().BoolVar(&debugShellFlag, "debug-shell", false, "Start a VM shell when the network file share is active.")

	var defaultShareType string
	switch {
	case osspecifics.IsMacOS():
		defaultShareType = "afp"
	default:
		defaultShareType = "smb"
	}

	runCmd.Flags().StringVar(&shareBackendFlag, "share-backend", defaultShareType, `Specifies the file share backend to use. The default value is OS-specific. (available "smb", "afp", "ftp")`)
	runCmd.Flags().StringVar(&shareListenIPFlag, "share-listen", share.GetDefaultListenIPStr(), "Specifies the IP to bind the network share port to. NOTE: For FTP, changing the bind address is not enough to connect remotely. You should also specify --ftp-extip.")

	runCmd.Flags().StringVar(&ftpExtIPFlag, "ftp-extip", share.GetDefaultListenIPStr(), "Specifies the external IP the FTP server should advertise.")
	runCmd.Flags().BoolVar(&smbUseExternAddrFlag, "smb-extern", share.IsSMBExtModeDefault(), "Specifies whether Linsk emulate external networking for the VM's SMB server. This is the default for Windows as there is no way to specify ports in Windows SMB client.")
}
Licensing & Copyright 2023-09-02 20:03:44 +01:00			`// Linsk - A utility to access Linux-native file systems on non-Linux operating systems.`
			`// Copyright (c) 2023 The Linsk Authors.`
			`//`
			`// This program is free software: you can redistribute it and/or modify`
			`// it under the terms of the GNU General Public License as published by`
			`// the Free Software Foundation, either version 3 of the License, or`
			`// (at your option) any later version.`
			`//`
			`// This program is distributed in the hope that it will be useful,`
			`// but WITHOUT ANY WARRANTY; without even the implied warranty of`
			`// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the`
			`// GNU General Public License for more details.`
			`//`
			`// You should have received a copy of the GNU General Public License`
			`// along with this program. If not, see <https://www.gnu.org/licenses/>.`

Better logging + runVM impl 2023-08-25 16:54:58 +01:00			`package cmd`

			`import (`
			`"context"`
			`"fmt"`
			`"log/slog"`
Implement shell command 2023-08-26 11:27:38 +01:00			`"os"`
Wire most of the work from today together 2023-08-31 16:23:40 +01:00			`"strings"`
Better logging + runVM impl 2023-08-25 16:54:58 +01:00
Better OS checks 2023-09-02 11:28:23 +01:00			`"github.com/AlexSSD7/linsk/osspecifics"`
Wire most of the work from today together 2023-08-31 16:23:40 +01:00			`"github.com/AlexSSD7/linsk/share"`
vldisk => linsk 2023-08-26 09:16:52 +01:00			`"github.com/AlexSSD7/linsk/vm"`
Working SMB file share 2023-08-26 16:26:35 +01:00			`"github.com/sethvargo/go-password/password"`
Better logging + runVM impl 2023-08-25 16:54:58 +01:00			`"github.com/spf13/cobra"`
			`)`

			`var runCmd = &cobra.Command{`
Command descriptions 2023-08-29 10:37:52 +01:00			`Use: "run",`
Minor things 2023-08-30 15:24:25 +01:00			`Short: "Start a VM and expose an FTP file share.",`
Optional run 2-3 args + -c flag 2023-09-27 15:37:28 +01:00			`Args: cobra.RangeArgs(1, 3),`
In-house Alpine builder 2023-08-27 15:30:51 +01:00			`Run: func(cmd *cobra.Command, args []string) {`
Optional run 2-3 args + -c flag 2023-09-27 15:37:28 +01:00			`var luksContainerDevice string`

			`vmMountDevName := "vdb"`

			`if luksContainerFlag != "" {`
			`if luksContainerEntireDriveFlag {`
			`slog.Error("--luks-container and --luks-container-entire-drive (-c) cannot be both specified at once")`
			`os.Exit(1)`
			`}`

			`luksContainerDevice = luksContainerFlag`
			`} else if luksContainerEntireDriveFlag {`
			`luksContainerDevice = vmMountDevName`
			`}`

			`if len(args) > 1 {`
			`vmMountDevName = args[1]`
			`} else if luksContainerDevice != "" {`
			`slog.Error("Cannot use the default (entire) device with a LUKS container. Please specify the in-VM device name to mount as a second positional argument.")`
			`}`

			`var fsTypeOverride string`
			`if len(args) > 2 {`
			`fsTypeOverride = args[2]`
			`}`
Better logging + runVM impl 2023-08-25 16:54:58 +01:00
Wire most of the work from today together 2023-08-31 16:23:40 +01:00			`newBackendFunc := share.GetBackend(shareBackendFlag)`
			`if newBackendFunc == nil {`
			`slog.Error("Unknown file share backend", "type", shareBackendFlag)`
Working SMB file share 2023-08-26 16:26:35 +01:00			`os.Exit(1)`
			`}`

Wire most of the work from today together 2023-08-31 16:23:40 +01:00			`cfg, err := share.RawUserConfiguration{`
			`ListenIP: shareListenIPFlag,`
Minor things 2023-08-30 15:24:25 +01:00
Wire most of the work from today together 2023-08-31 16:23:40 +01:00			`FTPExtIP: ftpExtIPFlag,`
			`SMBExtMode: smbUseExternAddrFlag,`
			`}.Process(shareBackendFlag, slog.With("caller", "share-config"))`
			`if err != nil {`
			`slog.Error("Failed to process raw configuration", "error", err.Error())`
Minor things 2023-08-30 15:24:25 +01:00			`os.Exit(1)`
			`}`

Wire most of the work from today together 2023-08-31 16:23:40 +01:00			`backend, vmOpts, err := newBackendFunc(cfg)`
			`if err != nil {`
			`slog.Error("Failed to initialize share backend", "backend", shareBackendFlag, "error", err.Error())`
			`os.Exit(1)`
Use FTP instead of SMB 2023-08-29 10:00:12 +01:00			`}`

Optional run 2-3 args + -c flag 2023-09-27 15:37:28 +01:00			`if (luksFlag \|\| luksContainerDevice != "") && !allowLUKSLowMemoryFlag {`
Implement LUKS container mount 2023-09-27 14:49:48 +01:00			`if vmMemAllocFlag < defaultMemAllocLUKS {`
LUKS support touchups 2023-09-01 12:40:13 +01:00			`if vmMemAllocFlag != defaultMemAlloc {`
			`slog.Warn("Enforcing minimum LUKS memory allocation. Please add --allow-luks-low-memory to disable this.", "min", vmMemAllocFlag, "specified", vmMemAllocFlag)`
			`}`
Minor touchups 2023-09-01 16:29:01 +01:00
LUKS support touchups 2023-09-01 12:40:13 +01:00			`vmMemAllocFlag = defaultMemAllocLUKS`
			`}`
			`}`

Wire most of the work from today together 2023-08-31 16:23:40 +01:00			`os.Exit(runVM(args[0], func(ctx context.Context, i vm.VM, fm vm.FileManager, tapCtx *share.NetTapRuntimeContext) int {`
Optional run 2-3 args + -c flag 2023-09-27 15:37:28 +01:00			`fsToLog := "<auto>"`
			`if fsTypeOverride != "" {`
			`fsToLog = fsTypeOverride`
			`}`

			`slog.Info("Mounting the device", "dev", vmMountDevName, "fs", fsToLog, "luks", luksFlag)`
Many minor fixes/improvements 2023-08-29 10:59:50 +01:00
LUKS support + other things 2023-08-25 19:55:11 +01:00			`err := fm.Mount(vmMountDevName, vm.MountOptions{`
Optional run 2-3 args + -c flag 2023-09-27 15:37:28 +01:00			`LUKSContainerPreopen: luksContainerDevice,`
Implement LUKS container mount 2023-09-27 14:49:48 +01:00
Optional run 2-3 args + -c flag 2023-09-27 15:37:28 +01:00			`FSTypeOverride: fsTypeOverride,`
			`LUKS: luksFlag,`
LUKS support + other things 2023-08-25 19:55:11 +01:00			`})`
Better logging + runVM impl 2023-08-25 16:54:58 +01:00			`if err != nil {`
Many minor fixes/improvements 2023-08-29 10:59:50 +01:00			`slog.Error("Failed to mount the disk inside the VM", "error", err.Error())`
Implement shell command 2023-08-26 11:27:38 +01:00			`return 1`
Better logging + runVM impl 2023-08-25 16:54:58 +01:00			`}`

Working SMB file share 2023-08-26 16:26:35 +01:00			`sharePWD, err := password.Generate(16, 10, 0, false, false)`
			`if err != nil {`
More tiny fixes/enhancements 2023-08-29 13:29:46 +01:00			`slog.Error("Failed to generate ephemeral password for the network file share", "error", err.Error())`
Working SMB file share 2023-08-26 16:26:35 +01:00			`return 1`
			`}`

Initial AFP support implementation 2023-09-01 15:15:40 +01:00			`lg := slog.With("backend", shareBackendFlag)`

Wire most of the work from today together 2023-08-31 16:23:40 +01:00			`shareURI, err := backend.Apply(ctx, sharePWD, &share.VMShareContext{`
			`Instance: i,`
			`FileManager: fm,`
			`NetTapCtx: tapCtx,`
			`})`
Working SMB file share 2023-08-26 16:26:35 +01:00			`if err != nil {`
Initial AFP support implementation 2023-09-01 15:15:40 +01:00			`lg.Error("Failed to apply (start) file share backend", "error", err.Error())`
Working SMB file share 2023-08-26 16:26:35 +01:00			`return 1`
			`}`

Initial AFP support implementation 2023-09-01 15:15:40 +01:00			`lg.Info("Started the network share successfully")`
Working SMB file share 2023-08-26 16:26:35 +01:00
linsk clean: Prune net taps 2023-08-31 19:46:13 +01:00			`fmt.Fprintf(os.Stderr, "===========================\n[Network File Share Config]\nThe network file share was started. Please use the credentials below to connect to the file server.\n\nType: "+strings.ToUpper(shareBackendFlag)+"\nURL: %v\nUsername: linsk\nPassword: %v\n===========================\n", shareURI, sharePWD)`
More tiny fixes/enhancements 2023-08-29 13:29:46 +01:00
Implement debug shell in run cmd 2023-09-01 14:40:17 +01:00			`ctxWait := true`

			`if debugShellFlag {`
			`slog.Warn("Starting a debug VM shell")`
			`err := runVMShell(ctx, i)`
			`if err != nil {`
			`slog.Error("Failed to run VM shell", "error", err.Error())`
			`} else {`
			`ctxWait = false`
			`}`
			`}`

			`if ctxWait {`
			`<-ctx.Done()`
			`}`

Implement shell command 2023-08-26 11:27:38 +01:00			`return 0`
Wire most of the work from today together 2023-08-31 16:23:40 +01:00			`}, vmOpts.Ports, unrestrictedNetworkingFlag, vmOpts.EnableTap))`
Better logging + runVM impl 2023-08-25 16:54:58 +01:00			`},`
			`}`
LUKS support + other things 2023-08-25 19:55:11 +01:00
LUKS support touchups 2023-09-01 12:40:13 +01:00			`var (`
Optional run 2-3 args + -c flag 2023-09-27 15:37:28 +01:00			`luksFlag bool`
			`luksContainerFlag string`
			`luksContainerEntireDriveFlag bool`
			`allowLUKSLowMemoryFlag bool`
			`shareListenIPFlag string`
			`ftpExtIPFlag string`
			`shareBackendFlag string`
			`smbUseExternAddrFlag bool`
			`debugShellFlag bool`
LUKS support touchups 2023-09-01 12:40:13 +01:00			`)`
LUKS support + other things 2023-08-25 19:55:11 +01:00
			`func init() {`
Minor things 2023-08-30 15:24:25 +01:00			`runCmd.Flags().BoolVarP(&luksFlag, "luks", "l", false, "Use cryptsetup to open a LUKS volume (password will be prompted).")`
Implement LUKS container mount 2023-09-27 14:49:48 +01:00			runCmd.Flags().StringVar(&luksContainerFlag, "luks-container", "", `Specifies a device path (without "dev/" prefix) to preopen as a LUKS container (password will be prompted). Useful for accessing LVM partitions behind LUKS.`)
Optional run 2-3 args + -c flag 2023-09-27 15:37:28 +01:00			runCmd.Flags().BoolVarP(&luksContainerEntireDriveFlag, "luks-container-entire-drive", "c", false, `Similar to --luks-container, but this assumes that the entire passed-through volume is a LUKS container (password will be prompted).`)
LUKS support touchups 2023-09-01 12:40:13 +01:00			`runCmd.Flags().BoolVar(&allowLUKSLowMemoryFlag, "allow-luks-low-memory", false, "Allow VM memory allocation lower than 2048 MiB when LUKS is enabled.")`
Implement debug shell in run cmd 2023-09-01 14:40:17 +01:00			`runCmd.Flags().BoolVar(&debugShellFlag, "debug-shell", false, "Start a VM shell when the network file share is active.")`
Wire most of the work from today together 2023-08-31 16:23:40 +01:00
			`var defaultShareType string`
Better OS checks 2023-09-02 11:28:23 +01:00			`switch {`
			`case osspecifics.IsMacOS():`
Set macOS default backend to AFP 2023-09-01 15:25:35 +01:00			`defaultShareType = "afp"`
Wire most of the work from today together 2023-08-31 16:23:40 +01:00			`default:`
Set the default share backend to SMB for Linux 2023-09-27 15:03:16 +01:00			`defaultShareType = "smb"`
Wire most of the work from today together 2023-08-31 16:23:40 +01:00			`}`

Linting fixes + FileManager share start refactor 2023-09-02 12:07:30 +01:00			runCmd.Flags().StringVar(&shareBackendFlag, "share-backend", defaultShareType, `Specifies the file share backend to use. The default value is OS-specific. (available "smb", "afp", "ftp")`)
Wire most of the work from today together 2023-08-31 16:23:40 +01:00			`runCmd.Flags().StringVar(&shareListenIPFlag, "share-listen", share.GetDefaultListenIPStr(), "Specifies the IP to bind the network share port to. NOTE: For FTP, changing the bind address is not enough to connect remotely. You should also specify --ftp-extip.")`

			`runCmd.Flags().StringVar(&ftpExtIPFlag, "ftp-extip", share.GetDefaultListenIPStr(), "Specifies the external IP the FTP server should advertise.")`
More resolved TODOs 2023-08-31 20:17:55 +01:00			`runCmd.Flags().BoolVar(&smbUseExternAddrFlag, "smb-extern", share.IsSMBExtModeDefault(), "Specifies whether Linsk emulate external networking for the VM's SMB server. This is the default for Windows as there is no way to specify ports in Windows SMB client.")`
LUKS support + other things 2023-08-25 19:55:11 +01:00			`}`