Adds intelmq-api sources. Just copypasted.

Author: gethvi

contrib/app/api/api-apache.conf

@@ -0,0 +1,9 @@
+# SPDX-FileCopyrightText: 2022 CERT.at GmbH <https://cert.at/>
+# SPDX-License-Identifier: CC0-1.0
+
+
+# If you want to change default location, please align the ROOT_PATH in the service configuration
+<Location /intelmq/>
+	ProxyPass unix:/usr/lib/python3/dist-packages/intelmq_api/intelmq_api.sock|http://127.0.0.1/
+	ProxyPassReverse unix:/usr/lib/python3/dist-packages/intelmq_api/intelmq_api.sock|http://127.0.0.1/
+</Location>

contrib/app/api/api-config.json

@@ -0,0 +1,7 @@
+{
+	"intelmq_ctl_cmd": ["sudo", "-u", "intelmq", "intelmqctl"],
+	"allowed_path": "/opt/intelmq/var/lib/bots/",
+	"session_store": "/etc/intelmq/api-session.sqlite",
+	"session_duration": 86400,
+	"allow_origins": ["*"]
+}

contrib/app/api/api-config.json.license

@@ -0,0 +1,3 @@
+SPDX-FileCopyrightText: 2020 Birger Schacht
+
+SPDX-License-Identifier: AGPL-3.0-or-later

contrib/app/api/api-session.sql

@@ -0,0 +1,19 @@
+-- Session database structure for intelmq-api
+-- 
+-- SPDX-FileCopyrightText: 2021 Birger Schacht <schacht@cert.at>
+-- SPDX-License-Identifier: AGPL-3.0-or-later
+
+CREATE TABLE version (version INTEGER);
+INSERT INTO version (version) VALUES (1);
+
+CREATE TABLE session (
+    session_id TEXT PRIMARY KEY,
+    modified TIMESTAMP,
+    data BLOB
+);
+
+CREATE TABLE user(
+    username TEXT PRIMARY KEY,
+    password TEXT,
+    salt TEXT
+);

contrib/app/api/api-sudoers.conf

@@ -0,0 +1,7 @@
+# SPDX-FileCopyrightText: 2020 Birger Schacht
+#
+# SPDX-License-Identifier: CC0-1.0
+#
+# intelmq-api sudoers file, allowing the intelmq-api which usually
+# is run by a webserver, to run intelmqctl as user intelmq
+www-data ALL=(intelmq) NOPASSWD: /usr/bin/intelmqctl

contrib/app/api/initesqlite.py

@@ -0,0 +1,40 @@
+""" Initialize session database for intelmq-api
+
+SPDX-FileCopyrightText: 2021 Birger Schacht <schacht@cert.at>
+SPDX-License-Identifier: AGPL-3.0-or-later
+
+"""
+
+import sqlite3
+import pathlib
+import sys
+
+folder = pathlib.Path(__file__).parent
+
+if len(sys.argv) > 1:
+    folder = pathlib.Path(sys.argv[1])
+
+conn = sqlite3.connect(folder / 'api-session.sqlite')
+
+INIT_DB_SQL = """
+BEGIN;
+CREATE TABLE version (version INTEGER);
+INSERT INTO version (version) VALUES (1);
+
+CREATE TABLE session (
+    session_id TEXT PRIMARY KEY,
+    modified TIMESTAMP,
+    data BLOB
+);
+
+CREATE TABLE user(
+    username TEXT PRIMARY KEY,
+    password TEXT,
+    salt TEXT
+);
+
+COMMIT;
+"""
+
+c = conn.cursor()
+c.executescript(INIT_DB_SQL)

contrib/app/api/intelmq-api.service

@@ -0,0 +1,26 @@
+# SPDX-FileCopyrightText: 2022 CERT.at GmbH <https://cert.at/>
+# SPDX-License-Identifier: CC0-1.0
+
+[Unit]
+Description=Gunicorn deamon to serve the IntelMQ API
+Requires=intelmq-api.socket
+After=network.target
+
+[Service]
+
+# To override settings path, use e.g.:
+# Environment="INTELMQ_API_CONFIG=/etc/intelmq/api-config.json"
+
+Environment="ROOT_PATH=/intelmq"
+User=www-data
+Group=www-data
+RuntimeDirectory=gunicorn
+WorkingDirectory=/usr/lib/python3/dist-packages/intelmq_api/
+ExecStart=/usr/bin/gunicorn intelmq_api.main:app --workers 4 --worker-class uvicorn.workers.UvicornWorker --bind unix:intelmq_api.sock
+ExecReload=/bin/kill -s HUP $MAINPID
+KillMode=mixed
+TimeoutStopSec=5
+PrivateTmp=true
+
+[Install]
+WantedBy=multi-user.target

contrib/app/api/intelmq-api.socket

@@ -0,0 +1,12 @@
+# SPDX-FileCopyrightText: 2022 CERT.at GmbH <https://cert.at/>
+# SPDX-License-Identifier: CC0-1.0
+
+[Unit]
+Description=The socket to handle IntelMQ API requests
+
+[Socket]
+ListenStream=/usr/lib/python3/dist-packages/intelmq_api/intelmq_api.sock
+SocketUser=www-data
+
+[Install]
+WantedBy=sockets.target

contrib/app/api/positions.conf

@@ -0,0 +1,58 @@
+{
+    "feodo-tracker-browse-parser": {
+        "x": -304,
+        "y": 250
+    },
+    "feodo-tracker-browse-collector": {
+        "x": -508,
+        "y": 282
+    },
+    "cymru-whois-expert": {
+        "x": 510,
+        "y": -407
+    },
+    "deduplicator-expert": {
+        "x": -107,
+        "y": 162
+    },
+    "file-output": {
+        "x": 504,
+        "y": -614
+    },
+    "gethostbyname-1-expert": {
+        "x": 481,
+        "y": -198
+    },
+    "gethostbyname-2-expert": {
+        "x": 322,
+        "y": -325
+    },
+    "malc0de-parser": {
+        "x": -292,
+        "y": 48
+    },
+    "malc0de-windows-format-collector": {
+        "x": -477,
+        "y": -46
+    },
+    "spamhaus-drop-collector": {
+        "x": -88,
+        "y": 589
+    },
+    "spamhaus-drop-parser": {
+        "x": -114,
+        "y": 381
+    },
+    "taxonomy-expert": {
+        "x": 89,
+        "y": 29
+    },
+    "url2fqdn-expert": {
+        "x": 275,
+        "y": -116
+    },
+    "settings": {
+        "physics": false,
+        "live": true
+    }
+}

contrib/app/api/positions.conf.license

@@ -0,0 +1,3 @@
+SPDX-FileCopyrightText: 2020 Birger Schacht
+
+SPDX-License-Identifier: CC0-1.0