Deployment

Deploy more easily and faster with docker

Python virtual environment

Linux (Debian)

sudo apt updatesudo apt upgradesudo apt install python3-venvpython3 -m venv WebScripts# Make a virtual environment for WebScriptssource WebScripts/bin/activate# Activate your virtual environmentsudo WebScripts/bin/python3 -m pip install --use-pep517 WebScripts --install-option"--admin-password=<your password>" --install-option"--owner=<owner>" --install-option"--directory=./WebScripts"# Install WebScripts using setup.py with pipsudo WebScripts/bin/python3 -m WebScripts.harden -p'<my admin password>' -o'<my webscripts user>' -d'WebScripts/'# Harden default configurationscd WebScripts# Use your virtual environment to start WebScriptsWebScripts# Start WebScripts server for demonstration (for production see deployment documentation)

Windows

python -m venv WebScripts# Make a virtual environment for WebScriptsWebScripts/Scripts/activate# Activate your virtual environmentWebScripts/Scripts/python -m pip install --use-pep517 WebScripts --install-option"--admin-password=<your password>" --install-option"--directory=.\WebScripts"# Install WebScripts using setup.py with pipWebScripts/Scripts/python -m WebScripts.harden -p'<my admin password>' -o'' -d'WebScripts/'# Harden default configurationscd WebScripts# Use your virtual environment to start WebScriptsWebScripts# Start WebScripts server for demonstration (for production see deployment documentation)

Web Server (Using Debian)

NGINX - As a proxy HTTPS

WebScripts Service

useradd --system --no-create-home --shell /bin/false WebScriptspython3 -m venv WebScripts# Make a virtual environment for WebScriptssource WebScripts/bin/activate# Activate your virtual environmentsudo WebScripts/bin/python3 -m pip install --use-pep517 WebScripts --install-option"--admin-password=<your password>" --install-option"--owner=WebScripts" --install-option"--directory=./WebScripts"# Install WebScripts using setup.py with pipsudo WebScripts/bin/python3 -m WebScripts.harden -p'<my admin password>' -o'WebScripts' -d'WebScripts/'# Harden default configurationscd WebScripts# Use your virtual environment to start WebScriptsWebScripts# Start WebScripts server for demonstration (for production see deployment documentation)nano /lib/systemd/system/WebScripts.service

[Unit]Description=The WebScripts Service (python service using HTTP protocol to run scripts from API or web interface).Requires=network.targetAfter=network.target[Service]Type=simpleExecStart=/path/to/virtualenv/bin/python3 -m WebScriptsRestart=alwaysStandardInput=tty-forceStandardOutput=inheritUser=WebScriptsUMask=077WorkingDirectory=/path/to/virtualenv/[Install]WantedBy=multi-user.target

chown -R WebScripts:WebScripts /path/to/virtualenv/sudo systemctl daemon-reloadsudo systemctl start WebScriptssudo systemctl status WebScripts

Configure NGINX

sudo apt install nginx opensslopenssl req -newkey rsa:4096 -x509 -sha256 -days 3650 -nodes -out nginx.crt -keyout nginx.keysudo systemctlenable nginxsudo touch /etc/nginx/sites-available/WebScripts.confsudo ln -s /etc/nginx/sites-available/WebScripts.conf /etc/nginx/sites-enabledsudo nano  /etc/nginx/sites-available/WebScripts.conf

server {    listen 80 default_server;    listen [::]:80 default_server;    server_name _;    return 301 https://$host$request_uri;}server {     listen 443 ssl; server_name kali;    root /path/to/virtualenv/WebScripts;    ssl_certificate     /path/to/certificat/nginx.crt;    ssl_certificate_key /path/to/certificat/nginx.key;    ssl_protocols       TLSv1 TLSv1.1 TLSv1.2;    ssl_ciphers         HIGH:!aNULL:!MD5;    location / {        proxy_set_header Host $http_host;        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;        proxy_redirect off;        proxy_pass http://127.0.0.1:8000;    }}

sudo nano /etc/nginx/nginx.conf

include /etc/nginx/sites-available/WebScripts.conf;# include /etc/nginx/sites-available/;# include /etc/nginx/conf.d/*.conf;

sudo systemctl restart nginx

Apache using WSGI mod

Install

sudo apt install libexpat1sudo apt install apache2 apache2-utils ssl-cert libapache2-mod-wsgi-py3sudo mkdir /var/www/WebScriptspython3 -m venv WebScripts# Make a virtual environment for WebScriptssource WebScripts/bin/activate# Activate your virtual environmentsudo WebScripts/bin/python3 -m pip install --use-pep517 WebScripts --install-option"--admin-password=<your password>" --install-option"--owner=www-data" --install-option"--directory=/var/www/WebScripts/"# Install WebScripts using setup.py with pipsudo WebScripts/bin/python3 -m WebScripts.harden -p'<my admin password>' -o'www-data' -d'/var/www/WebScripts/'# Harden default configurationscd WebScripts# Use your virtual environment to start WebScriptsWebScripts# Start WebScripts server for demonstration (for production see deployment documentation)

Configure Apache

sudo chown www-data:www-data /path/to/virtualenv/bin/wsgi.pysudo chmod 600 /path/to/virtualenv/bin/wsgi.pysudo chown www-data:www-data /path/to/virtualenv/bin/activate_this.pysudo chmod 600 /path/to/virtualenv/bin/activate_this.pysudo touch /var/www/WebScripts/logs/apache-errors.logssudo touch /var/www/WebScripts/logs/apache-custom.logssudo touch /var/www/WebScripts/logs/root.logssudo apt install opensslopenssl req -newkey rsa:4096 -x509 -sha256 -days 3650 -nodes -out WebScripts.crt -keyout WebScripts.pemsudo nano /etc/apache2/conf-available/wsgi.conf

<VirtualHost *:80>    ServerName www.webscripts.com    ServerAlias webscripts.com    ServerAdmin admin@webscripts.com    Redirect permanent / https://webscripts.com/</VirtualHost><VirtualHost *:443>    ServerName www.webscripts.com    ServerAlias webscripts.com    ServerAdmin admin@webscripts.com    WSGIScriptAlias / /path/to/virtualenv/bin/wsgi.py    WSGIDaemonProcess webscripts.com processes=1 threads=15 display-name=%{GROUP}    WSGIProcessGroup webscripts.com    DocumentRoot /var/www/WebScripts    DirectoryIndex index.html    Alias /robots.txt /var/www/WebScripts/robots.txt    Alias /favicon.ico /var/www/WebScripts/favicon.ico    LogLevel info    ErrorLog /var/www/WebScripts/logs/apache-errors.logs    CustomLog /var/www/WebScripts/logs/apache-custom.logs combined    SSLEngine on    SSLCertificateFile /path/to/certificat/WebScripts.crt    SSLCertificateKeyFile /path/to/certificat/WebScripts.pem    <Directory /var/www/WebScripts>        <IfVersion < 2.4>            Order allow,deny            Allow from all        </IfVersion>        <IfVersion >= 2.4>            Require all granted        </IfVersion>    </Directory></VirtualHost>

sudo a2enconf wsgisudo a2enmod sslsudo systemctl reload apache2sudo systemctl restart apache2

Python Scripts used for Apache deployment

#!/usr/bin/env python3# -*- coding: utf-8 -*-####################    This tool runs CLI scripts and displays output in a Web Interface.#    Copyright (C) 2021, 2022, 2023  Maurice Lambert#    This program is free software: you can redistribute it and/or modify#    it under the terms of the GNU General Public License as published by#    the Free Software Foundation, either version 3 of the License, or#    (at your option) any later version.#    This program is distributed in the hope that it will be useful,#    but WITHOUT ANY WARRANTY; without even the implied warranty of#    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the#    GNU General Public License for more details.#    You should have received a copy of the GNU General Public License#    along with this program.  If not, see <https://www.gnu.org/licenses/>.###################"""This tool runs CLI scripts and displays output in a Web Interface."""__version__="1.0.1"__author__="Maurice Lambert"__author_email__="mauricelambert434@gmail.com"__maintainer__="Maurice Lambert"__maintainer_email__="mauricelambert434@gmail.com"__description__= ("This tool runs CLI scripts and displays output in a Web Interface.")__license__="GPL-3.0 License"__url__="https://github.com/mauricelambert/WebScripts"copyright="""WebScripts  Copyright (C) 2021, 2022, 2023  Maurice LambertThis program comes with ABSOLUTELY NO WARRANTY.This is free software, and you are welcome to redistribute itunder certain conditions."""license=__license____copyright__=copyrightprint(copyright)fromos.pathimportjoin,dirnamefromtypingimportListimportatexitactivator=join(dirname(__file__),"activate_this.py")withopen(activator)asf:exec(f.read(), {"__file__":activator})# nosec # nosemgrepfromWebScripts.WebScriptsimport (Server,configure_logs_system,send_mail,hardening,Logs,logger_debug,logger_info,logger_warning,prepare_server,)classPaths:"""    This class define configuration files.    """def__init__(self,config_cfg:List[str],config_json:List[str]):self.config_cfg=config_cfgself.config_json=config_jsonconfigure_logs_system()paths=Paths([], [])server,_=prepare_server()logger_debug("Trying to send email notification...")send_mail(server.configuration,f"Server is up on http://{server.interface}:{server.port}/.")logger_debug("Configure email notification on server exit...")atexit.register(send_mail,server.configuration,f"Server is down on http://{server.interface}:{server.port}/.",)logger_info("WebScripts server hardening audit...")hardening(server)logger_warning("Starting server...")application=server.app

"""By using execfile(this_file, dict(__file__=this_file)) you willactivate this virtualenv environment.This can be used when you must use an existing Python interpreter, notthe virtualenv bin/python"""try:__file__exceptNameError:raiseAssertionError("You must run this like execfile('path/to/active_this.py', dict(__file__='path/to/activate_this.py'))"    )importsysimportosbase=os.path.dirname(os.path.dirname(os.path.abspath(__file__)))site_packages=os.path.join(base,"lib","python%s"%".".join(sys.version.split(".",2)[:2]),"site-packages")prev_sys_path=list(sys.path)importsitesite.addsitedir(site_packages)sys.real_prefix=sys.prefixsys.prefix=base# Move the added items to the front of the path:new_sys_path= []foriteminlist(sys.path):ifitemnotinprev_sys_path:new_sys_path.append(item)sys.path.remove(item)sys.path[:0]=new_sys_path