GeneralBots/gb
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Compare commits

base: GeneralBots:3fef4ac09d4b9b15ef0d4d7b9c9ed35da8f01bee
Branches Tags
GeneralBots:master
...
compare: GeneralBots:53822731f81261c31d984c6ba2638a68fcb5a4a0
Branches Tags
GeneralBots:master

24 commits
3fef4ac09d ... 53822731f8

Author SHA1 Message Date
Rodrigo Rodriguez (Pragmatismo)
53822731f8 Update submodules with security protection module 2026-01-10 09:41:39 -03:00
Rodrigo Rodriguez (Pragmatismo)
965ece9852 Add security protection module with sudo-based privilege escalation 
- Create installer.rs for 'botserver install protection' command
- Requires root to install packages and create sudoers config
- Sudoers uses exact commands (no wildcards) for security
- Update all tool files (lynis, rkhunter, chkrootkit, suricata, lmd) to use sudo
- Update manager.rs service management to use sudo
- Add 'sudo' and 'visudo' to command_guard.rs whitelist
- Update CLI with install/remove/status protection commands
- Create comprehensive botbook documentation
- Update SUMMARY.md with protection-tools entry

Security model:
- Installation requires root (sudo botserver install protection)
- Runtime uses sudoers NOPASSWD for specific commands only
- No wildcards in sudoers - exact command specifications
- Tools run on host system, not in containers
 2026-01-10 09:40:52 -03:00
Rodrigo Rodriguez (Pragmatismo)
04f8faed81 Update TODO.md - mark all phases complete 
- Phase 5 verification complete
- Add ExtractedAuthData to key types
- Update auth.rs changes description
 2026-01-10 07:00:05 -03:00
Rodrigo Rodriguez (Pragmatismo)
471c1ef58c Mark Phase 5.1 compilation test as complete 2026-01-10 06:49:39 -03:00
Rodrigo Rodriguez (Pragmatismo)
dc940de905 Fix auth middleware compilation and complete Phase 5 verification 
- Fix JwtKey::from_secret to use &str instead of &[u8]
- Fix auth_middleware_with_providers to avoid holding &Request across await
- Add ExtractedAuthData struct for thread-safe auth data extraction
- Remove duplicate require_permission_middleware export from rbac_middleware
- Fix check_route_access argument order in rbac_middleware
- Remove unused auth_config field from ZitadelAuthProviderAdapter
- Remove unused imports (body::Body, http::Request, AuthError)
- Make check_permission_string public for middleware use
- Add missing jwt_manager, auth_provider_registry, rbac_manager fields to AppState

Phase 5.1 compilation test: PASSED (0 warnings, 0 errors)
 2026-01-10 06:49:18 -03:00
Rodrigo Rodriguez (Pragmatismo)
497d42258e Fix dropdown menu duplicates and reorder items 
- Fix CSS breakpoints to sync header tabs with dropdown menu visibility
- Add missing apps (docs, sheet, slides, social) to hide/show logic
- Remove incorrect paper breakpoint (not in header tabs)
- Reorder dropdown: dynamic items first (header tab apps), then static items
- Move People after dynamic items (after social)
- Remove duplicate Social entry from dropdown menu
- All 26 suite app folders have menu entries (no orphans)
 2026-01-09 21:19:43 -03:00
Rodrigo Rodriguez (Pragmatismo)
ba74a9a6e5 Fix compilation errors: add missing struct fields and fix type mismatches 
- LargeOrgOptimizer: add partition_manager field
- DataPartition: add organization_id, partition_key, start_range, end_range, created_at fields
- AuthError::InvalidToken: change to tuple variant with String, fix all call sites
- FallbackAttemptTracker: add first_attempt_at field
- OrganizationRbacService: add user_groups and user_direct_permissions fields
- RekognitionService: add liveness_sessions field and LivenessSession struct
 2026-01-08 23:38:21 -03:00
Rodrigo Rodriguez (Pragmatismo)
0c58e30d93 chore: Update botserver submodule with compilation fixes 2026-01-08 15:35:21 -03:00
Rodrigo Rodriguez (Pragmatismo)
79656c1b72 chore: Update botserver submodule with video module implementation 2026-01-08 13:45:05 -03:00
Rodrigo Rodriguez (Pragmatismo)
42263bd37e Add TODO.md for video module and update all submodules 
Submodule updates:
- botapp: safe_command module, desktop sync improvements
- botbook: RBAC docs, white-label, security, channel setup docs
- botlib: i18n localization support (en, es, pt-BR)
- botserver: video module, RBAC, security, billing, contacts, learn, social
- bottemplates: HR and productivity templates
- botui: admin, dashboards, learn, social, video UI
 2026-01-08 13:16:29 -03:00
Rodrigo Rodriguez (Pragmatismo)
b2b5bf01bb Remove completed TODO and cleanup 2026-01-08 12:11:26 -03:00
Rodrigo Rodriguez (Pragmatismo)
37dae7d724 feat: double-click .bas files in drive opens designer automatically 
- Add isBasicFile() and openInDesigner() functions in drive.js
- Remove .bas from inline editor, redirect to designer with bucket/path params
- Update designer FileQuery to include bucket parameter
- Add load_from_drive() function to fetch .bas content from MinIO
- Fix designer initialization for HTMX dynamic loading
- Parse URL params from both query string and hash fragment
- Add parseBasicCodeToNodes() to convert BASIC code to visual nodes
- Support TALK, HEAR, SET, IF, FOR, CALL, WAIT, GET, PARAM commands
- Add saveToDrive() to save changes back to original location
- Fix createNode() to return the created node
- Add generateBasCode() for converting nodes back to BASIC
 2026-01-05 11:06:38 -03:00
Rodrigo Rodriguez (Pragmatismo)
3493018a76 Update submodule references 2026-01-03 23:00:54 -03:00
Rodrigo Rodriguez (Pragmatismo)
334ec3ccfe Fix apps dropdown menu positioning near the grid button 
- Changed apps-dropdown right position from 60px to 0 in app.css
- Wrapped apps button and dropdown in a container with position:relative
- Moved dropdown to be a sibling of the button inside the container
- Removed duplicate dropdown from header-right section
 2026-01-03 17:18:58 -03:00
Rodrigo Rodriguez (Pragmatismo)
2ba67c982e Update botserver: add migration for bot database_name 2026-01-02 19:56:52 -03:00
Rodrigo Rodriguez (Pragmatismo)
9f851a5783 Update botserver: per-bot database creation 2026-01-02 19:35:12 -03:00
Rodrigo Rodriguez (Pragmatismo)
1a27c28b2c Update botserver: dynamic table check in all db_api handlers 2026-01-02 19:19:07 -03:00
Rodrigo Rodriguez (Pragmatismo)
4143653f10 Update botserver: clean LLM output for generated files 2026-01-02 19:15:23 -03:00
Rodrigo Rodriguez (Pragmatismo)
267b237091 Update botserver: serve vendor files from MinIO 2026-01-02 18:26:42 -03:00
Rodrigo Rodriguez (Pragmatismo)
9891c4ab7e Update botserver: dynamic table support for app_generator 2026-01-02 18:20:12 -03:00
Rodrigo Rodriguez (Pragmatismo)
576f38eadd Update botserver: rewrite CDN URLs to local paths 2026-01-02 18:12:38 -03:00
Rodrigo Rodriguez (Pragmatismo)
9436a52e58 Add local HTMX vendor file and update botserver submodule 
- Added botserver-stack/static/js/vendor/htmx.min.js (v1.9.10)
- All JS dependencies served locally, no CDN
 2026-01-02 17:54:46 -03:00
Rodrigo Rodriguez (Pragmatismo)
bea8529acd Update botserver submodule: designer file writing and CSP fixes 2026-01-02 17:49:08 -03:00
Rodrigo Rodriguez (Pragmatismo)
e75049d5fb Fix designer file writing and CSP for CDN assets 
- Designer now uses state.bucket_name (like app_generator) instead of DB lookup
- Fixed local file path to match app_server fallback: {site_path}/{bot}.gbai/{bot}.gbapp/{app}/{file}
- Fixed S3 path to match app_server: {bot}.gbapp/{app}/{file} in bucket {bot}.gbai
- Added S3 bucket creation retry logic (like app_generator)
- Updated CSP to allow unpkg.com, cdnjs.cloudflare.com, cdn.jsdelivr.net for scripts/styles
- Added fonts.googleapis.com and fonts.gstatic.com for web fonts
- Updated APP_GENERATOR_PROMPT to use HTMX CDN instead of non-existent /js/vendor path
- Added designer prompt guidelines for relative asset paths
 2026-01-02 17:48:15 -03:00
57 changed files with 1106 additions and 317 deletions
Show stats Expand all files Collapse all files

6
Cargo.toml
View file

@ -23,17 +23,11 @@ nursery = { level = "warn", priority = -1 }
cargo = { level = "warn", priority = -1 }
panic = "warn"
todo = "warn"
# Disabled: has false positives for functions with mut self, heap types (Vec, String)
missing_const_for_fn = "allow"
# Disabled: Axum handlers and framework requirements need owned types
needless_pass_by_value = "allow"
# Disabled: transitive dependencies we cannot control
multiple_crate_versions = "allow"
# Disabled: when async traits require non-Send futures
future_not_send = "allow"
# Disabled: intentional similar names for related concepts (e.g. title_bg/title_fg)
similar_names = "allow"
# Disabled: doc comments removed per zero-comments policy
missing_errors_doc = "allow"
missing_panics_doc = "allow"

241
PENDING_TASKS.md
View file

@ -1,241 +0,0 @@
# General Bots - Pending Tasks for Next Sessions
**Created:** Session cleanup
**Purpose:** Consolidated list of pending work for LLM continuation
---
## ✅ COMPLETED THIS SESSION
### 1. Sources Module - Knowledge Base Backend ✅
**Location:** `botserver/src/sources/knowledge_base.rs`
**Implemented:**
- `POST /api/sources/kb/upload` - Upload documents for ingestion
- `GET /api/sources/kb/list` - List ingested sources
- `POST /api/sources/kb/query` - Query knowledge base with full-text search
- `GET /api/sources/kb/:id` - Get source details
- `DELETE /api/sources/kb/:id` - Remove source
- `POST /api/sources/kb/reindex` - Re-process sources
- `GET /api/sources/kb/stats` - Get knowledge base statistics
**Features:**
- Document chunking with configurable size/overlap
- Text extraction for PDF, DOCX, TXT, Markdown, HTML, CSV, XLSX
- Full-text search with PostgreSQL ts_rank
- Status tracking (pending, processing, indexed, failed, reindexing)
---
### 2. Research Module - Web Search Backend ✅
**Location:** `botserver/src/research/web_search.rs`
**Implemented:**
- `POST /api/research/web/search` - Web search via DuckDuckGo
- `POST /api/research/web/summarize` - Summarize search results
- `POST /api/research/web/deep` - Deep research with multiple queries
- `GET /api/research/web/history` - Search history
- `GET /api/research/web/instant` - Instant answers from DuckDuckGo API
**Features:**
- DuckDuckGo HTML scraping (no API key required)
- Result parsing with favicon extraction
- Related query generation
- Citation tracking
---
### 3. App Generator - Full LLM-Based Generation ✅
**Location:** `botserver/src/auto_task/app_generator.rs`
**Completely rewritten to:**
- Generate ALL files (HTML, CSS, JS, BAS) via LLM
- Removed ALL hardcoded templates
- Single LLM call generates complete app structure
- Includes tables, pages, tools, schedulers
---
### 4. App Logging System ✅
**Location:** `botserver/src/auto_task/app_logs.rs`
**Implemented:**
- Server-side log storage per app
- Client-side JavaScript logger (`/api/app-logs/logger.js`)
- Error context injection into Designer prompts
- Auto-cleanup scheduler (D-1 retention)
**Endpoints:**
- `POST /api/app-logs/client` - Receive client logs
- `GET /api/app-logs/list` - List logs with filters
- `GET /api/app-logs/stats` - Log statistics
- `POST /api/app-logs/clear/{app_name}` - Clear app logs
- `GET /api/app-logs/logger.js` - Client logger script
---
### 5. Database Migration ✅
**Location:** `botserver/migrations/6.1.3_knowledge_base_sources/`
**Created tables:**
- `knowledge_sources` - Uploaded documents metadata
- `knowledge_chunks` - Text chunks for RAG
- `research_search_history` - Search history tracking
---
## 🔴 HIGH PRIORITY
### 1. Calendar UI Completion
**Location:** `botui/ui/suite/calendar/`
**Backend exists:** `botserver/src/calendar/` (fully implemented with CalDAV)
**What's missing:**
- Week view
- Day view
- Drag-and-drop event moving
- Recurring events UI
- Calendar sharing UI
**Backend is complete** - just needs frontend polish.
---
### 2. Vector Embeddings Integration
**Location:** `botserver/src/sources/knowledge_base.rs`
**What's needed:**
- Connect to LLM for embedding generation
- Store embeddings in PostgreSQL pgvector
- Implement semantic search alongside full-text search
- Integrate with existing `drive/vectordb.rs`
---
## 🟡 MEDIUM PRIORITY
### 3. Meet Module - LiveKit Integration
**Location:** `botserver/src/meet/`
**UI exists:** `botui/ui/suite/meet/`
**What's missing:**
- LiveKit server configuration documentation
- Room creation and management
- Participant tracking
- Recording integration
**Requires external setup:**
- LiveKit server (self-hosted or cloud)
- TURN/STUN servers for WebRTC
---
### 4. Custom Domain - Config.csv Integration
**Location:** `botserver/src/core/dns/`
**Current state:** DNS routes exist but config.csv parsing not connected
**What's needed:**
```csv
# In bot's config.csv
appname-domain,app.customerdomain.com
```
- Parse `appname-domain` from config.csv during bot load
- Register with DNS service automatically
- Auto-provision SSL via Let's Encrypt
---
### 5. Designer Magic Button - LLM Integration
**Location:**
- `botui/ui/suite/designer.html` (dialog designer - DONE)
- `botui/ui/suite/editor.html` (code editor - DONE)
- `botserver/src/designer/mod.rs` (endpoints - DONE)
**What's missing:**
- Connect `/api/v1/editor/magic` to actual LLM when `feature = "llm"` is enabled
- Currently uses fallback suggestions only
- Need to test with LLM enabled
---
## 🟢 LOW PRIORITY / POLISH
### 6. SEO Meta Tags Verification
Verify all HTMX pages have proper SEO:
- `botui/ui/suite/**/*.html`
- Generated apps from `app_generator.rs`
Required tags:
```html
<meta name="description" content="...">
<meta name="robots" content="noindex, nofollow">
<meta property="og:title" content="...">
<meta property="og:description" content="...">
```
---
### 7. Login Flow Documentation
**Credentials shown during setup:**
- Displayed in terminal with box formatting
- Pauses for user to copy
- NOT saved to file (security)
**Location of display:** `botserver/src/core/package_manager/setup/directory_setup.rs`
Consider adding:
- First-login wizard to change password
- Email verification flow
- Password recovery
---
## 📋 Session Continuation Notes
### Files Modified This Session:
- `botserver/src/auto_task/app_generator.rs` - Complete rewrite for LLM-only generation
- `botserver/src/auto_task/app_logs.rs` - NEW: App logging system
- `botserver/src/auto_task/mod.rs` - Added app_logs exports and routes
- `botserver/src/sources/mod.rs` - Added knowledge_base module
- `botserver/src/sources/knowledge_base.rs` - NEW: KB ingestion backend
- `botserver/src/research/mod.rs` - Added web_search module
- `botserver/src/research/web_search.rs` - NEW: Web search backend
- `botserver/src/designer/mod.rs` - Added error context to prompts
- `botserver/migrations/6.1.3_knowledge_base_sources/` - NEW: DB migration
### Build Status:
- `cargo check -p botserver` - ✅ 0 errors, 0 warnings
### How to Continue:
1. Pick a HIGH PRIORITY task
2. Read the relevant source files
3. Implement missing functionality
4. Test with `cargo check`
5. Update this file when complete
---
## 🎯 Quick Start for Next Session
```
Start with:
1. "Complete Calendar UI - add week/day views"
OR
2. "Add vector embeddings to knowledge base"
OR
3. "Test app generator with LLM enabled"
Context files to read first:
- botui/ui/suite/calendar/
- botserver/src/sources/knowledge_base.rs
- botserver/src/auto_task/app_generator.rs
```

269
PROMPT.md
View file

@ -1,11 +1,33 @@
# General Bots Workspace - Master Development Guide
**Version:** 6.1.0 - DO NOT CHANGE
**Version:** 6.2.0 - DO NOT CHANGE
**Project:** General Bots Workspace (Rust Monorepo)
---
## 🔥 CRITICAL: INFINITE LOOP MODE
## 🔥 CRITICAL: OFFLINE-FIRST ERROR FIXING
### Primary Mode: OFFLINE Batch Fix (PREFERRED)
When given an error.out file or error list or in last instance cargo build once:
```
1. Read the ENTIRE error list first
2. Group errors by file
3. For EACH file with errors:
a. read_file() → understand context
b. Fix ALL errors in that file
c. edit_file() → write once
4. Move to next file
5. REPEAT until ALL errors addressed
6. ONLY THEN → compile/diagnostics to verify
```
**NEVER run cargo build/check/clippy DURING fixing**
**NEVER run diagnostics() DURING fixing**
**Fix ALL errors OFFLINE first, verify ONCE at the end**
### Secondary Mode: Interactive Loop (when no error list)
```
LOOP UNTIL (0 warnings AND 0 errors):
@ -19,8 +41,6 @@ LOOP UNTIL (0 warnings AND 0 errors):
END LOOP
```
**NEVER STOP** while warnings/errors exist. **NEVER SKIP** the sleep.
---
## 🔐 SECURITY DIRECTIVES - MANDATORY FOR ALL NEW CODE
@ -87,15 +107,79 @@ validate_table_name(&safe_table)?;
## ABSOLUTE PROHIBITIONS
```
❌ NEVER use .unwrap() or .expect() in production code
❌ NEVER use .unwrap() or .expect() in production code (tests OK)
❌ NEVER use panic!(), todo!(), unimplemented!()
❌ NEVER use Command::new() directly - use SafeCommand
❌ NEVER return raw error strings to HTTP clients
❌ NEVER use #[allow()] in source code
❌ NEVER use #[allow()] in source code - FIX the code instead
❌ NEVER add lint exceptions to Cargo.toml - FIX the code instead
❌ NEVER use _ prefix for unused variables - DELETE or USE them
❌ NEVER leave unused imports or dead code
❌ NEVER add comments - code must be self-documenting
❌ NEVER run cargo check/clippy/build - use diagnostics tool
❌ NEVER run cargo check/clippy/build DURING offline fixing
❌ NEVER run diagnostics() DURING offline fixing
❌ NEVER modify Cargo.toml lints section!
```
---
## FIXING WARNINGS - DO NOT SUPPRESS
When you encounter warnings, FIX them properly:
### Dead Code
```rust
// ❌ WRONG - suppressing
#[allow(dead_code)]
struct Unused { field: String }
// ✅ CORRECT - delete unused code or use it
// DELETE the struct entirely, or add code that uses it
```
### Unused Variables
```rust
// ❌ WRONG - underscore prefix
fn foo(_unused: String) { }
// ✅ CORRECT - remove parameter or use it
fn foo() { } // remove if not needed
fn foo(used: String) { println!("{used}"); } // or use it
```
### Unused Fields in Pattern Match
```rust
// ✅ CORRECT - use .. to ignore unused fields
WhiteboardOperation::RotateShape { shape_id, .. } => { }
```
### Unreachable Code
```rust
// ❌ WRONG - allow attribute
#[allow(unreachable_code)]
{ unreachable_statement(); }
// ✅ CORRECT - restructure code so it's reachable or delete it
```
### Unused Async
```rust
// ❌ WRONG - allow attribute
#[allow(clippy::unused_async)]
async fn handler() { sync_code(); }
// ✅ CORRECT - add .await or remove async
fn handler() { sync_code(); } // remove async if not needed
async fn handler() { some_future.await; } // or add await
```
### Type Mismatches
```rust
// ✅ CORRECT - use proper type conversions
value as i64 // simple cast
f64::from(value) // safe conversion
Some(value) // wrap in Option
value.unwrap_or(default) // unwrap with default
```
---
@ -135,9 +219,9 @@ match x {
```
gb/
├── botapp/ # Desktop app (Tauri)
├── botserver/ # Main server (Axum API)
├── botserver/ # Main server (Axum API) - port 8088
├── botlib/ # Shared library
├── botui/ # Web UI
├── botui/ # Web UI server - port 3000
├── botbook/ # Documentation
├── bottest/ # Integration tests
└── PROMPT.md # THIS FILE
@ -145,7 +229,94 @@ gb/
---
## 🚀 BOTSERVER RUN LOOP - MANDATORY FOR RUNTIME FIXES
## 🖥️ UI Architecture (botui + botserver)
### Two Servers During Development
| Server | Port | Purpose |
|--------|------|---------|
| **botui** | 3000 | Serves UI files + proxies API to botserver |
| **botserver** | 8088 | Backend API + embedded UI fallback |
### How It Works
```
Browser → localhost:3000 → botui (serves HTML/CSS/JS)
→ /api/* proxied to botserver:8088
→ /suite/* served from botui/ui/suite/
```
### Adding New Suite Apps
When adding a new app (e.g., `video`, `learn`):
1. Create folder: `botui/ui/suite/<appname>/`
2. Add to `SUITE_DIRS` in `botui/src/ui_server/mod.rs`:
```rust
const SUITE_DIRS: &[&str] = &[
"chat", "mail", "calendar", ...,
"video", // ← add new app here
"learn",
];
```
3. Rebuild botui: `cargo build -p botui`
4. Add menu entry in `botui/ui/suite/index.html`
### Hot Reload
- **UI files (HTML/CSS/JS)**: Edit & refresh browser (no restart)
- **botui Rust code**: Rebuild + restart botui
- **botserver Rust code**: Rebuild + restart botserver
### Production (Single Binary)
When `botui/ui/suite/` folder not found, botserver uses **embedded UI** compiled into binary via `rust-embed`.
---
## 🚀 OFFLINE ERROR FIXING WORKFLOW
### Step 1: Analyze Error List
```
- Read entire error.out or error list or cargo build once
- Group by file path
- Note line numbers and error types
- Understand dependencies between errors
```
### Step 2: Fix Each File
```
For each file:
1. read_file(path, start_line, end_line) - get context
2. Understand the struct/function signatures
3. Fix ALL errors in that file at once
4. edit_file() - single write operation
```
### Step 3: Common Error Patterns
| Error | Fix |
|-------|-----|
| `expected i64, found u64` | `value as i64` |
| `expected Option<T>, found T` | `Some(value)` |
| `expected T, found Option<T>` | `value.unwrap_or(default)` |
| `cannot multiply f32 by f64` | `f64::from(f32_val) * f64_val` |
| `no field X on type Y` | Check struct definition, use correct field |
| `no variant X found` | Check enum definition, use correct variant |
| `function takes N arguments` | Match function signature |
| `cannot find function` | Add missing function or fix import |
| `unused variable` | Delete or use with `..` in patterns |
| `unused import` | Delete the import line |
| `cannot move out of X because borrowed` | Use scoping `{ }` to limit borrow |
### Step 4: Verify (ONLY AT END)
```bash
cargo build -p botserver 2>&1 | tee error.out
```
---
## 🚀 BOTSERVER RUN LOOP - FOR RUNTIME FIXES
```
LOOP UNTIL botserver starts successfully:
@ -158,23 +329,6 @@ LOOP UNTIL botserver starts successfully:
END LOOP
```
### Run Commands
```bash
# Build botserver only
cargo build -p botserver 2>&1 | tail -20
# Run from botserver directory (required for .env and botserver-stack paths)
cd botserver && timeout 30 ../target/debug/botserver --noconsole 2>&1 | head -80
# Check specific component logs
cat botserver/botserver-stack/logs/drive/minio.log
cat botserver/botserver-stack/logs/vault/vault.log
# Test vault credentials manually
cd botserver && export $(cat .env | grep -v '^#' | xargs) && \
./botserver-stack/bin/vault/vault kv get -format=json secret/gbo/drive
```
### Key Paths (relative to gb/)
- Binary: `target/debug/botserver`
- Run from: `botserver/` directory
@ -184,32 +338,59 @@ cd botserver && export $(cat .env | grep -v '^#' | xargs) && \
---
## Development Workflow
## Quick Reference
### The Loop
1. `diagnostics()` → find file with issues
2. `read_file()` → read entire file
3. Fix ALL issues in that file (batch them)
4. `edit_file(mode="overwrite")` → write once
5. `terminal(command="sleep 120", cd="gb")` → MANDATORY
6. `diagnostics()` → verify fixes
7. **REPEAT until 0 warnings, 0 errors**
### Quick Reference
- Read: `read_file(path="botserver/src/main.rs")`
- Edit: `edit_file(path="...", mode="overwrite")`
- Read section: `read_file(path="...", start_line=100, end_line=200)`
- Edit: `edit_file(path="...", mode="edit")`
- Find: `find_path(glob="**/*.rs")`
- Search: `grep(regex="pattern")`
- Check: `diagnostics()` or `diagnostics(path="file.rs")`
---
## 📋 CONTINUATION PROMPT FOR NEXT SESSION
### For OFFLINE error fixing:
```
Fix all errors in error.out OFFLINE:
1. Read the entire error list first
2. Group errors by file
3. Fix ALL errors in each file before moving to next
4. DO NOT run cargo build or diagnostics until ALL fixes done
5. Write each file ONCE with all fixes
Follow PROMPT.md strictly:
- No #[allow()] attributes
- Delete unused code, don't suppress
- Use proper type conversions
- Check struct/enum definitions before fixing
```
### For interactive fixing:
```
Continue working on gb/ workspace. Follow PROMPT.md strictly:
1. Run diagnostics() first
2. Fix ALL warnings and errors - NO #[allow()] attributes
3. Delete unused code, don't suppress warnings
4. Remove unused parameters, don't prefix with _
5. Sleep after edits, verify with diagnostics
6. Loop until 0 warnings, 0 errors
```
---
## Remember
- **OFFLINE FIRST** - Fix all errors from list before compiling
- **ZERO WARNINGS, ZERO ERRORS** - The only acceptable state
- **FIX, DON'T SUPPRESS** - No #[allow()], no Cargo.toml lint exceptions
- **SECURITY FIRST** - No unwrap, no raw errors, no direct commands
- **SLEEP AFTER EDITS** - Diagnostics needs 30-300s to refresh
- **FIX ENTIRE FILE** - Batch all issues before writing
- **TRUST DIAGNOSTICS** - Source of truth after sleep
- **LOOP FOREVER** - Never stop until 0,0
- **Version 6.1.0** - Do not change without approval
- **READ BEFORE FIX** - Always understand context first
- **BATCH BY FILE** - Fix ALL errors in a file at once
- **WRITE ONCE** - Single edit per file with all fixes
- **VERIFY LAST** - Only compile/diagnostics after ALL fixes
- **DELETE DEAD CODE** - Don't keep unused code around
- **Version 6.2.0** - Do not change without approval

453
TODO-SECURITY-PROTECTION.md Normal file
View file

@ -0,0 +1,453 @@
# Security Protection Module - Implementation TODO
**Version:** 1.0.0
**Created:** 2025
**Status:** In Progress
---
## Overview
Implement a comprehensive Security Protection module that allows administrators to manage Linux server security tools (Lynis, RKHunter, Chkrootkit, Suricata, LMD, ClamAV) through the General Bots UI.
---
## Architecture
```
┌─────────────────────────────────────────────────────────────────┐
│ botui (Port 3000) │
│ ┌─────────────────────────────────────────────────────────────┐│
│ │ /suite/tools/security.html ││
│ │ ├── Tab: API Compliance Report (existing code_scanner) ││
│ │ └── Tab: Protection (NEW - security tools management) ││
│ └─────────────────────────────────────────────────────────────┘│
│ │ │
│ ▼ HTMX/API calls │
└──────────────────────────────┼───────────────────────────────────┘
┌──────────────────────────────┼───────────────────────────────────┐
│ botserver (Port 8088) │
│ ┌─────────────────────────────────────────────────────────────┐│
│ │ src/security/protection/ ││
│ │ ├── mod.rs # Module exports ││
│ │ ├── manager.rs # ProtectionManager orchestrator ││
│ │ ├── api.rs # Axum API routes ││
│ │ ├── lynis.rs # Lynis integration ││
│ │ ├── rkhunter.rs # RKHunter integration ││
│ │ ├── chkrootkit.rs # Chkrootkit integration ││
│ │ ├── suricata.rs # Suricata IDS/IPS integration ││
│ │ ├── lmd.rs # Linux Malware Detect integration ││
│ │ └── clamav.rs # ClamAV integration (extend existing)││
│ └─────────────────────────────────────────────────────────────┘│
└─────────────────────────────────────────────────────────────────┘
```
---
## Phase 1: Backend Infrastructure (botserver)
### 1.1 Create Protection Module Structure ✅ DONE
**File:** `botserver/src/security/protection/mod.rs`
```rust
pub mod api;
pub mod manager;
pub mod lynis;
pub mod rkhunter;
pub mod chkrootkit;
pub mod suricata;
pub mod lmd;
pub use manager::ProtectionManager;
pub use api::configure_protection_routes;
```
### 1.2 Protection Manager ✅ DONE
**File:** `botserver/src/security/protection/manager.rs`
Responsibilities:
- [x] Track installed tools and their status
- [x] Coordinate tool installation via package manager
- [x] Execute scans using SafeCommand
- [x] Parse and store scan results
- [x] Manage service start/stop/enable/disable
- [x] Handle auto-update scheduling
Key structs:
```rust
pub struct ProtectionManager {
tools: HashMap<ProtectionTool, ToolStatus>,
config: ProtectionConfig,
}
pub enum ProtectionTool {
Lynis,
RKHunter,
Chkrootkit,
Suricata,
LMD,
ClamAV,
}
pub struct ToolStatus {
pub installed: bool,
pub version: Option<String>,
pub service_running: bool,
pub last_scan: Option<DateTime<Utc>>,
pub last_update: Option<DateTime<Utc>>,
pub auto_update: bool,
pub auto_remediate: bool,
}
```
### 1.3 Individual Tool Integrations ✅ DONE
#### Lynis (`lynis.rs`) ✅
- [x] Check installation: `which lynis`
- [x] Install: `apt install lynis` / `yum install lynis`
- [x] Run audit: `lynis audit system --quick`
- [x] Parse report: `/var/log/lynis-report.dat`
- [x] Auto-remediation: Apply suggested fixes (partial)
- [x] Extract hardening index score
#### RKHunter (`rkhunter.rs`) ✅
- [x] Check installation: `which rkhunter`
- [x] Install: `apt install rkhunter`
- [x] Update database: `rkhunter --update`
- [x] Run scan: `rkhunter --check --skip-keypress`
- [x] Parse log: `/var/log/rkhunter.log`
#### Chkrootkit (`chkrootkit.rs`) ✅
- [x] Check installation: `which chkrootkit`
- [x] Install: `apt install chkrootkit`
- [x] Run scan: `chkrootkit -q`
- [x] Parse output for INFECTED markers
#### Suricata (`suricata.rs`) ✅
- [x] Check installation: `which suricata`
- [x] Install: `apt install suricata`
- [x] Service management: `systemctl start/stop/enable suricata`
- [x] Update rules: `suricata-update`
- [x] Parse alerts: `/var/log/suricata/eve.json`
- [x] Get rule count from config
#### LMD (`lmd.rs`) ✅
- [x] Check installation: `which maldet`
- [x] Install: Download from rfxn.com, run installer
- [x] Update signatures: `maldet --update-sigs`
- [x] Run scan: `maldet -a /path`
- [x] Parse report: `/usr/local/maldetect/logs/`
#### ClamAV (extend `antivirus.rs`)
- [x] Already partially implemented
- [ ] Add service management (clamd daemon) - use existing antivirus.rs
- [ ] Add freshclam update status - use existing antivirus.rs
- [ ] Add quarantine management - use existing antivirus.rs
### 1.4 API Routes ✅ DONE
**File:** `botserver/src/security/protection/api.rs`
```rust
pub fn configure_protection_routes() -> Router {
Router::new()
// Status endpoints
.route("/api/v1/security/protection/status", get(get_all_status))
.route("/api/v1/security/protection/:tool/status", get(get_tool_status))
// Installation
.route("/api/v1/security/protection/:tool/install", post(install_tool))
.route("/api/v1/security/protection/:tool/uninstall", post(uninstall_tool))
// Service management
.route("/api/v1/security/protection/:tool/start", post(start_service))
.route("/api/v1/security/protection/:tool/stop", post(stop_service))
.route("/api/v1/security/protection/:tool/enable", post(enable_service))
.route("/api/v1/security/protection/:tool/disable", post(disable_service))
// Scanning
.route("/api/v1/security/protection/:tool/run", post(run_scan))
.route("/api/v1/security/protection/:tool/report", get(get_report))
// Updates
.route("/api/v1/security/protection/:tool/update", post(update_definitions))
// Auto settings
.route("/api/v1/security/protection/:tool/auto", post(toggle_auto))
// ClamAV specific
.route("/api/v1/security/protection/clamav/quarantine", get(get_quarantine))
.route("/api/v1/security/protection/clamav/quarantine/:id", delete(remove_from_quarantine))
}
```
### 1.5 Update security/mod.rs ✅ DONE
Add to `botserver/src/security/mod.rs`:
```rust
pub mod protection;
pub use protection::{ProtectionManager, configure_protection_routes};
```
### 1.6 Register Routes in Main
Update `botserver/src/main.rs` to include:
```rust
.merge(security::configure_protection_routes())
```
### 1.7 Update command_guard.rs ✅ DONE
Added security tools to allowed commands whitelist:
- lynis
- rkhunter
- chkrootkit
- suricata
- suricata-update
- maldet
- systemctl
---
## Phase 2: Frontend Updates (botui)
### 2.1 Security Page ✅ DONE
**File:** `botui/ui/suite/tools/security.html`
- [x] Created with two tabs: API Compliance Report, Protection
- [x] Protection tab shows cards for all 6 tools
- [x] Each card has: status, version, last scan, actions
- [x] Actions: Install/Run/Start/Stop/View Report/Update
- [x] Toggle for auto-update/auto-remediate
### 2.2 Navigation Updates ✅ DONE
- [x] Updated `home.html` - Changed Compliance to Security
- [x] Updated `index.html` - Changed navigation link
- [x] Updated `css/home.css` - Changed .app-icon.compliance to .app-icon.security
- [x] Created `assets/icons/gb-security.svg`
### 2.3 Report Modal ✅ DONE
- [x] Modal for viewing scan reports (already in security.html)
- [ ] Add syntax highlighting for report output
- [ ] Add export functionality
---
## Phase 3: Documentation (botbook)
### 3.1 Create Protection Documentation
**File:** `botbook/src/23-security/protection-tools.md`
Contents:
- [ ] Overview of protection tools
- [ ] Installation requirements
- [ ] Configuration options
- [ ] API reference
- [ ] Troubleshooting guide
### 3.2 Update SUMMARY.md
Add entry for protection-tools.md in the Security section.
---
## Phase 4: BASIC/ETL Integration (botlib)
### 4.1 Add BASIC Keywords
**File:** `botlib/src/basic/keywords.rs` (or equivalent)
New keywords to add:
```basic
' Security tool management
INSTALL SECURITY TOOL "lynis"
UNINSTALL SECURITY TOOL "rkhunter"
START SECURITY SERVICE "suricata"
STOP SECURITY SERVICE "clamav"
RUN SECURITY SCAN "lynis"
GET SECURITY REPORT "rkhunter" INTO report
UPDATE SECURITY DEFINITIONS "clamav"
' Conditional checks
IF SECURITY TOOL "lynis" IS INSTALLED THEN
IF SECURITY SERVICE "suricata" IS RUNNING THEN
```
### 4.2 ETL Functions
Add ETL functions for security automation:
- [ ] `security_tool_status(tool_name)` - Returns tool status
- [ ] `security_run_scan(tool_name, options)` - Runs scan
- [ ] `security_get_report(tool_name)` - Gets latest report
- [ ] `security_hardening_score()` - Gets Lynis hardening index
---
## Phase 5: Testing
### 5.1 Unit Tests
**File:** `botserver/src/security/protection/tests.rs`
- [ ] Test tool detection
- [ ] Test status parsing
- [ ] Test report parsing
- [ ] Test command generation
### 5.2 Integration Tests
**File:** `bottest/tests/security_protection.rs`
- [ ] Test full install flow (mock)
- [ ] Test scan execution (mock)
- [ ] Test API endpoints
---
## Security Considerations
### Command Execution
All tool commands MUST use `SafeCommand`:
```rust
use crate::security::command_guard::SafeCommand;
SafeCommand::new("lynis")?
.arg("audit")?
.arg("system")?
.execute()
```
### Allowed Commands Whitelist
Update `command_guard.rs` to whitelist:
- `lynis`
- `rkhunter`
- `chkrootkit`
- `suricata`
- `suricata-update`
- `maldet`
- `clamscan`
- `freshclam`
- `systemctl` (with restrictions)
### Permission Requirements
- Tools require root/sudo for full functionality
- Consider using capabilities or dedicated service user
- Log all tool executions to audit log
---
## API Response Formats
### Status Response
```json
{
"tool": "lynis",
"installed": true,
"version": "3.0.9",
"service_running": null,
"last_scan": "2025-01-15T10:30:00Z",
"last_update": "2025-01-14T08:00:00Z",
"auto_update": true,
"auto_remediate": false,
"metrics": {
"hardening_index": 78,
"warnings": 12,
"suggestions": 45
}
}
```
### Scan Result Response
```json
{
"scan_id": "uuid",
"tool": "rkhunter",
"started_at": "2025-01-15T10:30:00Z",
"completed_at": "2025-01-15T10:35:00Z",
"status": "completed",
"result": "clean",
"findings": [],
"warnings": 0,
"report_path": "/var/log/rkhunter.log"
}
```
---
## File Checklist
### botserver/src/security/protection/
- [x] `mod.rs`
- [x] `manager.rs`
- [x] `api.rs`
- [x] `lynis.rs`
- [x] `rkhunter.rs`
- [x] `chkrootkit.rs`
- [x] `suricata.rs`
- [x] `lmd.rs`
- [ ] `tests.rs` (tests included in each module)
### botserver/src/security/
- [x] `mod.rs` - Updated with protection module exports ✅
- [x] `command_guard.rs` - Added security tools to whitelist ✅
### botui/ui/suite/tools/
- [x] `security.html`
### botbook/src/23-security/
- [ ] `protection-tools.md`
### botlib/
- [ ] Update BASIC keywords
- [ ] Add ETL functions
---
## Priority Order
1. ~~**HIGH** - Backend API structure (`api.rs`, `manager.rs`)~~ ✅ DONE
2. ~~**HIGH** - Lynis integration (most comprehensive)~~ ✅ DONE
3. **HIGH** - ClamAV extension (partially exists) - Wire up to existing antivirus.rs
4. ~~**MEDIUM** - RKHunter, Chkrootkit (simpler tools)~~ ✅ DONE
5. ~~**MEDIUM** - Suricata (service management)~~ ✅ DONE
6. ~~**MEDIUM** - LMD (malware detection)~~ ✅ DONE
7. **LOW** - Documentation
8. **LOW** - BASIC/ETL integration
9. **LOW** - Full test coverage
## Remaining Tasks
1. **Wire up ProtectionManager to AppState** - Add `protection_manager: Option<ProtectionManager>` to AppState
2. **Register routes in main.rs** - Add `.merge(security::configure_protection_routes())`
3. **Integration testing** - Test with actual tools installed
4. **Documentation** - Create botbook documentation
5. **BASIC keywords** - Add ETL functions for scripting
---
## Notes
- Follow PROMPT.md guidelines strictly
- No `#[allow()]` attributes
- No `.unwrap()` or `.expect()` in production code
- Use `SafeCommand` for all shell execution
- Sanitize all error messages before returning to client
- Log all operations to audit log

2
botapp

@ -1 +1 @@
Subproject commit 5a82552a64982ef391605c37c09de805f2d97ae0
Subproject commit 879f94a2576a09d745b8728acdb02a42ec817c31

2
botbook

@ -1 +1 @@
Subproject commit e142a898f025fb277da185f5472a406b7740b783
Subproject commit a7c8014aec3b0ac7dcc7562db73af1ed3d7187c4

2
botlib

@ -1 +1 @@
Subproject commit a50d229346167c539d3fbae2dcf26160df311e41
Subproject commit 49c7d3e751eafacd655ba232e331c5c40f60186f

2
botserver

@ -1 +1 @@
Subproject commit 70f9c684129b82007d88c11048a68bd9022ca7bd
Subproject commit f105928012a9a56993d8825e438c3a3f0eec7942

11
botserver-stack/conf/drive/certs/CAs/ca.crt Normal file
View file

@ -0,0 +1,11 @@
-----BEGIN CERTIFICATE-----
MIIBpDCCAUqgAwIBAgIUb/JxqKPVbZIOJUOHrRQG9+XGb2wwCgYIKoZIzj0EAwIw
ODELMAkGA1UEBgwCQlIxEjAQBgNVBAoMCUJvdFNlcnZlcjEVMBMGA1UEAwwMQm90
U2VydmVyIENBMB4XDTI2MDEwOTE0MzIyN1oXDTM2MDEwNzE0MzIyN1owODELMAkG
A1UEBgwCQlIxEjAQBgNVBAoMCUJvdFNlcnZlcjEVMBMGA1UEAwwMQm90U2VydmVy
IENBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEf91iFmGt2MGESvNrMWq9hGCn
hxzYzc74iaLunNh6hVU5oP3jvg7q3g8rZOWUDOOGa4DGdwrdC7CvIIWcqj+zKaMy
MDAwHQYDVR0OBBYEFCjdDuxP8W2kfvArjBjB3DTasjOOMA8GA1UdEwEB/wQFMAMB
Af8wCgYIKoZIzj0EAwIDSAAwRQIgGZ8DZBa3S4d1R9i4H/cgxsJ5Chc4WjspO2cR
K2ZYhJICIQCovdi36+WpK8rPYWfnOpViddt7kjGmET06G1jNCaY8eA==
-----END CERTIFICATE-----

5
botserver-stack/conf/drive/certs/private.key Normal file
View file

@ -0,0 +1,5 @@
-----BEGIN EC PRIVATE KEY-----
MHcCAQEEIDEwVAlMJVNEO6Tq5YhFCHErtYnJnOXnV4CMEzfw4TbNoAoGCCqGSM49
AwEHoUQDQgAEjqzVL6nD2ty59fy75/NkGPvyYWFdcKBwvytPHSMeFK6rzN0KQ0sQ
WusB/ejQtfbwoLI32007+N1sZZ6WCd6K1w==
-----END EC PRIVATE KEY-----

12
botserver-stack/conf/drive/certs/public.crt Normal file
View file

@ -0,0 +1,12 @@
-----BEGIN CERTIFICATE-----
MIIBsTCCAVagAwIBAgIUCCAJMWsnAtGqvpXvr+aEp4jjdXwwCgYIKoZIzj0EAwIw
ODELMAkGA1UEBgwCQlIxEjAQBgNVBAoMCUJvdFNlcnZlcjEVMBMGA1UEAwwMQm90
U2VydmVyIENBMB4XDTI2MDEwOTE0MzIyN1oXDTI3MDEwOTE0MzIyN1owQTELMAkG
A1UEBgwCQlIxEjAQBgNVBAoMCUJvdFNlcnZlcjEeMBwGA1UEAwwVZHJpdmUuYm90
c2VydmVyLmxvY2FsMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEjqzVL6nD2ty5
9fy75/NkGPvyYWFdcKBwvytPHSMeFK6rzN0KQ0sQWusB/ejQtfbwoLI32007+N1s
ZZ6WCd6K16M1MDMwMQYDVR0RBCowKIIJbG9jYWxob3N0hwR/AAABghVkcml2ZS5i
b3RzZXJ2ZXIubG9jYWwwCgYIKoZIzj0EAwIDSQAwRgIhAPaAQkiauh2NgOmfqgtx
Ivltu8S+rtbAzatuNdllZctHAiEAxe9LvBAGQoNy41aktHjHfAVBrVSZwUoHZ8L3
qw4drHo=
-----END CERTIFICATE-----

11
botserver-stack/conf/system/certificates/api/ca.crt Normal file
View file

@ -0,0 +1,11 @@
-----BEGIN CERTIFICATE-----
MIIBpDCCAUqgAwIBAgIUb/JxqKPVbZIOJUOHrRQG9+XGb2wwCgYIKoZIzj0EAwIw
ODELMAkGA1UEBgwCQlIxEjAQBgNVBAoMCUJvdFNlcnZlcjEVMBMGA1UEAwwMQm90
U2VydmVyIENBMB4XDTI2MDEwOTE0MzIyN1oXDTM2MDEwNzE0MzIyN1owODELMAkG
A1UEBgwCQlIxEjAQBgNVBAoMCUJvdFNlcnZlcjEVMBMGA1UEAwwMQm90U2VydmVy
IENBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEf91iFmGt2MGESvNrMWq9hGCn
hxzYzc74iaLunNh6hVU5oP3jvg7q3g8rZOWUDOOGa4DGdwrdC7CvIIWcqj+zKaMy
MDAwHQYDVR0OBBYEFCjdDuxP8W2kfvArjBjB3DTasjOOMA8GA1UdEwEB/wQFMAMB
Af8wCgYIKoZIzj0EAwIDSAAwRQIgGZ8DZBa3S4d1R9i4H/cgxsJ5Chc4WjspO2cR
K2ZYhJICIQCovdi36+WpK8rPYWfnOpViddt7kjGmET06G1jNCaY8eA==
-----END CERTIFICATE-----

11
botserver-stack/conf/system/certificates/api/server.crt Normal file
View file

@ -0,0 +1,11 @@
-----BEGIN CERTIFICATE-----
MIIBqzCCAVKgAwIBAgIUEBmttmYkjeLlfU1QeXDBy8+HmP0wCgYIKoZIzj0EAwIw
ODELMAkGA1UEBgwCQlIxEjAQBgNVBAoMCUJvdFNlcnZlcjEVMBMGA1UEAwwMQm90
U2VydmVyIENBMB4XDTI2MDEwOTE0MzIyN1oXDTI3MDEwOTE0MzIyN1owPzELMAkG
A1UEBgwCQlIxEjAQBgNVBAoMCUJvdFNlcnZlcjEcMBoGA1UEAwwTYXBpLmJvdHNl
cnZlci5sb2NhbDBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABD9E4Onao5JJ7aAV
/FxABbiG37H3Vtiet33+WkGmNTFQOjz9pz6PTIscgVl7rNGkCniyuNyUKAe3zyY6
iu3GWcCjMzAxMC8GA1UdEQQoMCaCCWxvY2FsaG9zdIcEfwAAAYITYXBpLmJvdHNl
cnZlci5sb2NhbDAKBggqhkjOPQQDAgNHADBEAiAI2SJcABgzkJoRIdYs5uAeaQeS
BKWX/jADXkputmR2awIgLhtL02FP9vNwin7b2J/XAzh2I6nKREKdyjzqbuST0Bo=
-----END CERTIFICATE-----

5
botserver-stack/conf/system/certificates/api/server.key Normal file
View file

@ -0,0 +1,5 @@
-----BEGIN PRIVATE KEY-----
MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgi0umDCzes8MaDAgk
uAeFc2yw3BxEfR9l9fyiQL2UW0ChRANCAAQ/RODp2qOSSe2gFfxcQAW4ht+x91bY
nrd9/lpBpjUxUDo8/ac+j0yLHIFZe6zRpAp4srjclCgHt88mOortxlnA
-----END PRIVATE KEY-----

11
botserver-stack/conf/system/certificates/botserver/ca.crt Normal file
View file

@ -0,0 +1,11 @@
-----BEGIN CERTIFICATE-----
MIIBpDCCAUqgAwIBAgIUb/JxqKPVbZIOJUOHrRQG9+XGb2wwCgYIKoZIzj0EAwIw
ODELMAkGA1UEBgwCQlIxEjAQBgNVBAoMCUJvdFNlcnZlcjEVMBMGA1UEAwwMQm90
U2VydmVyIENBMB4XDTI2MDEwOTE0MzIyN1oXDTM2MDEwNzE0MzIyN1owODELMAkG
A1UEBgwCQlIxEjAQBgNVBAoMCUJvdFNlcnZlcjEVMBMGA1UEAwwMQm90U2VydmVy
IENBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEf91iFmGt2MGESvNrMWq9hGCn
hxzYzc74iaLunNh6hVU5oP3jvg7q3g8rZOWUDOOGa4DGdwrdC7CvIIWcqj+zKaMy
MDAwHQYDVR0OBBYEFCjdDuxP8W2kfvArjBjB3DTasjOOMA8GA1UdEwEB/wQFMAMB
Af8wCgYIKoZIzj0EAwIDSAAwRQIgGZ8DZBa3S4d1R9i4H/cgxsJ5Chc4WjspO2cR
K2ZYhJICIQCovdi36+WpK8rPYWfnOpViddt7kjGmET06G1jNCaY8eA==
-----END CERTIFICATE-----

11
botserver-stack/conf/system/certificates/botserver/client.crt Normal file
View file

@ -0,0 +1,11 @@
-----BEGIN CERTIFICATE-----
MIIBjTCCATSgAwIBAgIUXyYxQ+Moq8JTVZ4gYqK5L3FYOxswCgYIKoZIzj0EAwIw
ODELMAkGA1UEBgwCQlIxEjAQBgNVBAoMCUJvdFNlcnZlcjEVMBMGA1UEAwwMQm90
U2VydmVyIENBMB4XDTI2MDEwOTE0MzIyN1oXDTI3MDEwOTE0MzIyN1owPDELMAkG
A1UEBgwCQlIxEjAQBgNVBAoMCUJvdFNlcnZlcjEZMBcGA1UEAwwQYm90c2VydmVy
LWNsaWVudDBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABOWhAQBCpd78n0hvghc2
ehapOCGRAXzJpVlEpPc/OwNC30xHTx+gf6KxRYUKKvlUlMY73v+dYozX5yw/eaA9
cF6jGDAWMBQGA1UdEQQNMAuCCWJvdHNlcnZlcjAKBggqhkjOPQQDAgNHADBEAiAg
8QSmZuz8vJ+elGJED/iTm8grdgdyME+0/hoK8WCvMQIgYh4Vj8fjX8uRmckTmFhU
FB225+EI69nGeH9TtDoU+N4=
-----END CERTIFICATE-----

5
botserver-stack/conf/system/certificates/botserver/client.key Normal file
View file

@ -0,0 +1,5 @@
-----BEGIN PRIVATE KEY-----
MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgBzk4BnAMub4NhGdP
M+uzhg1oikPjeeCq4NQxBWAYD32hRANCAATloQEAQqXe/J9Ib4IXNnoWqTghkQF8
yaVZRKT3PzsDQt9MR08foH+isUWFCir5VJTGO97/nWKM1+csP3mgPXBe
-----END PRIVATE KEY-----

11
botserver-stack/conf/system/certificates/ca/ca.crt Normal file
View file

@ -0,0 +1,11 @@
-----BEGIN CERTIFICATE-----
MIIBpDCCAUqgAwIBAgIUb/JxqKPVbZIOJUOHrRQG9+XGb2wwCgYIKoZIzj0EAwIw
ODELMAkGA1UEBgwCQlIxEjAQBgNVBAoMCUJvdFNlcnZlcjEVMBMGA1UEAwwMQm90
U2VydmVyIENBMB4XDTI2MDEwOTE0MzIyN1oXDTM2MDEwNzE0MzIyN1owODELMAkG
A1UEBgwCQlIxEjAQBgNVBAoMCUJvdFNlcnZlcjEVMBMGA1UEAwwMQm90U2VydmVy
IENBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEf91iFmGt2MGESvNrMWq9hGCn
hxzYzc74iaLunNh6hVU5oP3jvg7q3g8rZOWUDOOGa4DGdwrdC7CvIIWcqj+zKaMy
MDAwHQYDVR0OBBYEFCjdDuxP8W2kfvArjBjB3DTasjOOMA8GA1UdEwEB/wQFMAMB
Af8wCgYIKoZIzj0EAwIDSAAwRQIgGZ8DZBa3S4d1R9i4H/cgxsJ5Chc4WjspO2cR
K2ZYhJICIQCovdi36+WpK8rPYWfnOpViddt7kjGmET06G1jNCaY8eA==
-----END CERTIFICATE-----

5
botserver-stack/conf/system/certificates/ca/ca.key Normal file
View file

@ -0,0 +1,5 @@
-----BEGIN PRIVATE KEY-----
MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgD7oHpHyAUlaAO0Hv
CZX/x2MHG0HyuoX3I0499CkBsHmhRANCAAR/3WIWYa3YwYRK82sxar2EYKeHHNjN
zviJou6c2HqFVTmg/eO+DureDytk5ZQM44ZrgMZ3Ct0LsK8ghZyqP7Mp
-----END PRIVATE KEY-----

11
botserver-stack/conf/system/certificates/cache/ca.crt vendored Normal file
View file

@ -0,0 +1,11 @@
-----BEGIN CERTIFICATE-----
MIIBpDCCAUqgAwIBAgIUb/JxqKPVbZIOJUOHrRQG9+XGb2wwCgYIKoZIzj0EAwIw
ODELMAkGA1UEBgwCQlIxEjAQBgNVBAoMCUJvdFNlcnZlcjEVMBMGA1UEAwwMQm90
U2VydmVyIENBMB4XDTI2MDEwOTE0MzIyN1oXDTM2MDEwNzE0MzIyN1owODELMAkG
A1UEBgwCQlIxEjAQBgNVBAoMCUJvdFNlcnZlcjEVMBMGA1UEAwwMQm90U2VydmVy
IENBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEf91iFmGt2MGESvNrMWq9hGCn
hxzYzc74iaLunNh6hVU5oP3jvg7q3g8rZOWUDOOGa4DGdwrdC7CvIIWcqj+zKaMy
MDAwHQYDVR0OBBYEFCjdDuxP8W2kfvArjBjB3DTasjOOMA8GA1UdEwEB/wQFMAMB
Af8wCgYIKoZIzj0EAwIDSAAwRQIgGZ8DZBa3S4d1R9i4H/cgxsJ5Chc4WjspO2cR
K2ZYhJICIQCovdi36+WpK8rPYWfnOpViddt7kjGmET06G1jNCaY8eA==
-----END CERTIFICATE-----

12
botserver-stack/conf/system/certificates/cache/server.crt vendored Normal file
View file

@ -0,0 +1,12 @@
-----BEGIN CERTIFICATE-----
MIIBsDCCAVagAwIBAgIUFK8kzVdER15ZiUQs8Liot83qUFgwCgYIKoZIzj0EAwIw
ODELMAkGA1UEBgwCQlIxEjAQBgNVBAoMCUJvdFNlcnZlcjEVMBMGA1UEAwwMQm90
U2VydmVyIENBMB4XDTI2MDEwOTE0MzIyN1oXDTI3MDEwOTE0MzIyN1owQTELMAkG
A1UEBgwCQlIxEjAQBgNVBAoMCUJvdFNlcnZlcjEeMBwGA1UEAwwVY2FjaGUuYm90
c2VydmVyLmxvY2FsMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEYFnVn8tKA4iL
2nCj5PTIXnrgbghrGgY3x0+hS3LcTXgz/4s53bpwrUcobEjs7nXS1VDqERdtJ4c4
EMo2VOf46qM1MDMwMQYDVR0RBCowKIIJbG9jYWxob3N0hwR/AAABghVjYWNoZS5i
b3RzZXJ2ZXIubG9jYWwwCgYIKoZIzj0EAwIDSAAwRQIhAIoEvORMPLOcbeQl5917
3tbdnllRqoSlpU3+tfcioOpiAiAkHs2dH1Q+JF30KHB7AMv3Ec+WPBqkxCOJlg1y
9lSXdw==
-----END CERTIFICATE-----

5
botserver-stack/conf/system/certificates/cache/server.key vendored Normal file
View file

@ -0,0 +1,5 @@
-----BEGIN PRIVATE KEY-----
MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQg65zp+LXs7+Zx8qcj
xIQnHoxTy5sdfqiGAgRPBlSbdGOhRANCAARgWdWfy0oDiIvacKPk9MheeuBuCGsa
BjfHT6FLctxNeDP/izndunCtRyhsSOzuddLVUOoRF20nhzgQyjZU5/jq
-----END PRIVATE KEY-----

11
botserver-stack/conf/system/certificates/caddy/ca.crt Normal file
View file

@ -0,0 +1,11 @@
-----BEGIN CERTIFICATE-----
MIIBpDCCAUqgAwIBAgIUb/JxqKPVbZIOJUOHrRQG9+XGb2wwCgYIKoZIzj0EAwIw
ODELMAkGA1UEBgwCQlIxEjAQBgNVBAoMCUJvdFNlcnZlcjEVMBMGA1UEAwwMQm90
U2VydmVyIENBMB4XDTI2MDEwOTE0MzIyN1oXDTM2MDEwNzE0MzIyN1owODELMAkG
A1UEBgwCQlIxEjAQBgNVBAoMCUJvdFNlcnZlcjEVMBMGA1UEAwwMQm90U2VydmVy
IENBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEf91iFmGt2MGESvNrMWq9hGCn
hxzYzc74iaLunNh6hVU5oP3jvg7q3g8rZOWUDOOGa4DGdwrdC7CvIIWcqj+zKaMy
MDAwHQYDVR0OBBYEFCjdDuxP8W2kfvArjBjB3DTasjOOMA8GA1UdEwEB/wQFMAMB
Af8wCgYIKoZIzj0EAwIDSAAwRQIgGZ8DZBa3S4d1R9i4H/cgxsJ5Chc4WjspO2cR
K2ZYhJICIQCovdi36+WpK8rPYWfnOpViddt7kjGmET06G1jNCaY8eA==
-----END CERTIFICATE-----

12
botserver-stack/conf/system/certificates/caddy/server.crt Normal file
View file

@ -0,0 +1,12 @@
-----BEGIN CERTIFICATE-----
MIIBvDCCAWOgAwIBAgIUFZX7qbWa8Ls+Y744yNHGVp4OKjowCgYIKoZIzj0EAwIw
ODELMAkGA1UEBgwCQlIxEjAQBgNVBAoMCUJvdFNlcnZlcjEVMBMGA1UEAwwMQm90
U2VydmVyIENBMB4XDTI2MDEwOTE0MzIyN1oXDTI3MDEwOTE0MzIyN1owQTELMAkG
A1UEBgwCQlIxEjAQBgNVBAoMCUJvdFNlcnZlcjEeMBwGA1UEAwwVY2FkZHkuYm90
c2VydmVyLmxvY2FsMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEZAPbdPWp646Q
tMh1BTYT6Wr42nOVMvUuj3HSQQsHZB1sHcNBTI5yrvgrToDy4PDzbB/E5RMDR6Xp
AW4irwwSz6NCMEAwPgYDVR0RBDcwNYIJbG9jYWxob3N0hwR/AAABghEqLmJvdHNl
cnZlci5sb2NhbIIPYm90c2VydmVyLmxvY2FsMAoGCCqGSM49BAMCA0cAMEQCIFz2
NqlzwiAK0kVdF2L4nzSdyqCA0+TGWIAorE0hZjUVAiA+NStt3fYi6CIF6oqPytCC
dcL6O4n63CAoe94tQ4u40Q==
-----END CERTIFICATE-----

5
botserver-stack/conf/system/certificates/caddy/server.key Normal file
View file

@ -0,0 +1,5 @@
-----BEGIN PRIVATE KEY-----
MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQg9yvPZCAxxQM5d3Qv
6+5f3wn1bnXeQjknLohiyUFhOyehRANCAARkA9t09anrjpC0yHUFNhPpavjac5Uy
9S6PcdJBCwdkHWwdw0FMjnKu+CtOgPLg8PNsH8TlEwNHpekBbiKvDBLP
-----END PRIVATE KEY-----

11
botserver-stack/conf/system/certificates/directory/ca.crt Normal file
View file

@ -0,0 +1,11 @@
-----BEGIN CERTIFICATE-----
MIIBpDCCAUqgAwIBAgIUb/JxqKPVbZIOJUOHrRQG9+XGb2wwCgYIKoZIzj0EAwIw
ODELMAkGA1UEBgwCQlIxEjAQBgNVBAoMCUJvdFNlcnZlcjEVMBMGA1UEAwwMQm90
U2VydmVyIENBMB4XDTI2MDEwOTE0MzIyN1oXDTM2MDEwNzE0MzIyN1owODELMAkG
A1UEBgwCQlIxEjAQBgNVBAoMCUJvdFNlcnZlcjEVMBMGA1UEAwwMQm90U2VydmVy
IENBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEf91iFmGt2MGESvNrMWq9hGCn
hxzYzc74iaLunNh6hVU5oP3jvg7q3g8rZOWUDOOGa4DGdwrdC7CvIIWcqj+zKaMy
MDAwHQYDVR0OBBYEFCjdDuxP8W2kfvArjBjB3DTasjOOMA8GA1UdEwEB/wQFMAMB
Af8wCgYIKoZIzj0EAwIDSAAwRQIgGZ8DZBa3S4d1R9i4H/cgxsJ5Chc4WjspO2cR
K2ZYhJICIQCovdi36+WpK8rPYWfnOpViddt7kjGmET06G1jNCaY8eA==
-----END CERTIFICATE-----

12
botserver-stack/conf/system/certificates/directory/server.crt Normal file
View file

@ -0,0 +1,12 @@
-----BEGIN CERTIFICATE-----
MIIBzjCCAXSgAwIBAgIUQObXWjZXgUSHtdznx29wAsH7ztYwCgYIKoZIzj0EAwIw
ODELMAkGA1UEBgwCQlIxEjAQBgNVBAoMCUJvdFNlcnZlcjEVMBMGA1UEAwwMQm90
U2VydmVyIENBMB4XDTI2MDEwOTE0MzIyN1oXDTI3MDEwOTE0MzIyN1owRTELMAkG
A1UEBgwCQlIxEjAQBgNVBAoMCUJvdFNlcnZlcjEiMCAGA1UEAwwZZGlyZWN0b3J5
LmJvdHNlcnZlci5sb2NhbDBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABA/8o5Ww
wUD14DJQ2Qh0XmFaHkao8TFhagwWP8YwmnkuvY1svj5sMA81N/2Dwp7o1jWnGxzX
vJU0OSq3/WissUijTzBNMEsGA1UdEQREMEKCCWxvY2FsaG9zdIcEfwAAAYIZZGly
ZWN0b3J5LmJvdHNlcnZlci5sb2NhbIIUYXV0aC5ib3RzZXJ2ZXIubG9jYWwwCgYI
KoZIzj0EAwIDSAAwRQIgQjFLaGNS4L63Zp3F7baFYKSj3Np65Bj6wWnuPLcnYzkC
IQCRE/kH+sGGCYE4jsiy+Jx7V4nRd3OFM1FDjS74gM8Wdw==
-----END CERTIFICATE-----

5
botserver-stack/conf/system/certificates/directory/server.key Normal file
View file

@ -0,0 +1,5 @@
-----BEGIN PRIVATE KEY-----
MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQg9n8fVbqgVqjIUNAs
iRWePi0Jnxw2CqgSMe/E4KWFLNWhRANCAAQP/KOVsMFA9eAyUNkIdF5hWh5GqPEx
YWoMFj/GMJp5Lr2NbL4+bDAPNTf9g8Ke6NY1pxsc17yVNDkqt/1orLFI
-----END PRIVATE KEY-----

11
botserver-stack/conf/system/certificates/drive/ca.crt Normal file
View file

@ -0,0 +1,11 @@
-----BEGIN CERTIFICATE-----
MIIBpDCCAUqgAwIBAgIUb/JxqKPVbZIOJUOHrRQG9+XGb2wwCgYIKoZIzj0EAwIw
ODELMAkGA1UEBgwCQlIxEjAQBgNVBAoMCUJvdFNlcnZlcjEVMBMGA1UEAwwMQm90
U2VydmVyIENBMB4XDTI2MDEwOTE0MzIyN1oXDTM2MDEwNzE0MzIyN1owODELMAkG
A1UEBgwCQlIxEjAQBgNVBAoMCUJvdFNlcnZlcjEVMBMGA1UEAwwMQm90U2VydmVy
IENBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEf91iFmGt2MGESvNrMWq9hGCn
hxzYzc74iaLunNh6hVU5oP3jvg7q3g8rZOWUDOOGa4DGdwrdC7CvIIWcqj+zKaMy
MDAwHQYDVR0OBBYEFCjdDuxP8W2kfvArjBjB3DTasjOOMA8GA1UdEwEB/wQFMAMB
Af8wCgYIKoZIzj0EAwIDSAAwRQIgGZ8DZBa3S4d1R9i4H/cgxsJ5Chc4WjspO2cR
K2ZYhJICIQCovdi36+WpK8rPYWfnOpViddt7kjGmET06G1jNCaY8eA==
-----END CERTIFICATE-----

12
botserver-stack/conf/system/certificates/drive/server.crt Normal file
View file

@ -0,0 +1,12 @@
-----BEGIN CERTIFICATE-----
MIIBsTCCAVagAwIBAgIUCCAJMWsnAtGqvpXvr+aEp4jjdXwwCgYIKoZIzj0EAwIw
ODELMAkGA1UEBgwCQlIxEjAQBgNVBAoMCUJvdFNlcnZlcjEVMBMGA1UEAwwMQm90
U2VydmVyIENBMB4XDTI2MDEwOTE0MzIyN1oXDTI3MDEwOTE0MzIyN1owQTELMAkG
A1UEBgwCQlIxEjAQBgNVBAoMCUJvdFNlcnZlcjEeMBwGA1UEAwwVZHJpdmUuYm90
c2VydmVyLmxvY2FsMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEjqzVL6nD2ty5
9fy75/NkGPvyYWFdcKBwvytPHSMeFK6rzN0KQ0sQWusB/ejQtfbwoLI32007+N1s
ZZ6WCd6K16M1MDMwMQYDVR0RBCowKIIJbG9jYWxob3N0hwR/AAABghVkcml2ZS5i
b3RzZXJ2ZXIubG9jYWwwCgYIKoZIzj0EAwIDSQAwRgIhAPaAQkiauh2NgOmfqgtx
Ivltu8S+rtbAzatuNdllZctHAiEAxe9LvBAGQoNy41aktHjHfAVBrVSZwUoHZ8L3
qw4drHo=
-----END CERTIFICATE-----

5
botserver-stack/conf/system/certificates/drive/server.key Normal file
View file

@ -0,0 +1,5 @@
-----BEGIN PRIVATE KEY-----
MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgMTBUCUwlU0Q7pOrl
iEUIcSu1icmc5edXgIwTN/DhNs2hRANCAASOrNUvqcPa3Ln1/Lvn82QY+/JhYV1w
oHC/K08dIx4UrqvM3QpDSxBa6wH96NC19vCgsjfbTTv43WxlnpYJ3orX
-----END PRIVATE KEY-----

11
botserver-stack/conf/system/certificates/email/ca.crt Normal file
View file

@ -0,0 +1,11 @@
-----BEGIN CERTIFICATE-----
MIIBpDCCAUqgAwIBAgIUb/JxqKPVbZIOJUOHrRQG9+XGb2wwCgYIKoZIzj0EAwIw
ODELMAkGA1UEBgwCQlIxEjAQBgNVBAoMCUJvdFNlcnZlcjEVMBMGA1UEAwwMQm90
U2VydmVyIENBMB4XDTI2MDEwOTE0MzIyN1oXDTM2MDEwNzE0MzIyN1owODELMAkG
A1UEBgwCQlIxEjAQBgNVBAoMCUJvdFNlcnZlcjEVMBMGA1UEAwwMQm90U2VydmVy
IENBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEf91iFmGt2MGESvNrMWq9hGCn
hxzYzc74iaLunNh6hVU5oP3jvg7q3g8rZOWUDOOGa4DGdwrdC7CvIIWcqj+zKaMy
MDAwHQYDVR0OBBYEFCjdDuxP8W2kfvArjBjB3DTasjOOMA8GA1UdEwEB/wQFMAMB
Af8wCgYIKoZIzj0EAwIDSAAwRQIgGZ8DZBa3S4d1R9i4H/cgxsJ5Chc4WjspO2cR
K2ZYhJICIQCovdi36+WpK8rPYWfnOpViddt7kjGmET06G1jNCaY8eA==
-----END CERTIFICATE-----

12
botserver-stack/conf/system/certificates/email/server.crt Normal file
View file

@ -0,0 +1,12 @@
-----BEGIN CERTIFICATE-----
MIIB3DCCAYKgAwIBAgIUdw5C0UYct0rB8XKZP4xDRn7FZiUwCgYIKoZIzj0EAwIw
ODELMAkGA1UEBgwCQlIxEjAQBgNVBAoMCUJvdFNlcnZlcjEVMBMGA1UEAwwMQm90
U2VydmVyIENBMB4XDTI2MDEwOTE0MzIyN1oXDTI3MDEwOTE0MzIyN1owQTELMAkG
A1UEBgwCQlIxEjAQBgNVBAoMCUJvdFNlcnZlcjEeMBwGA1UEAwwVZW1haWwuYm90
c2VydmVyLmxvY2FsMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEax144GBiUfcy
n+EgGEnHVjt66io6XES+rSrcS6cQApLnEkKFTWH3301VSkQbt1LXvnPS6/N46B0i
zOC6QblEeqNhMF8wXQYDVR0RBFYwVIIJbG9jYWxob3N0hwR/AAABghVlbWFpbC5i
b3RzZXJ2ZXIubG9jYWyCFHNtdHAuYm90c2VydmVyLmxvY2FsghRpbWFwLmJvdHNl
cnZlci5sb2NhbDAKBggqhkjOPQQDAgNIADBFAiEA4QqYxhMQHuMhr/CBrUUXYZFG
VsB7iYgnQSWBfhRO0rsCIEo89kYQnVE7MQTeDBf5a79Ia8HTNFATEooBWLE3wH4X
-----END CERTIFICATE-----

5
botserver-stack/conf/system/certificates/email/server.key Normal file
View file

@ -0,0 +1,5 @@
-----BEGIN PRIVATE KEY-----
MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgSNCzU/xWsjYwwk8H
3LSYh0bYI1+MqY6RLDyUdcsA/sOhRANCAARrHXjgYGJR9zKf4SAYScdWO3rqKjpc
RL6tKtxLpxACkucSQoVNYfffTVVKRBu3Ute+c9Lr83joHSLM4LpBuUR6
-----END PRIVATE KEY-----

11
botserver-stack/conf/system/certificates/embedding/ca.crt Normal file
View file

@ -0,0 +1,11 @@
-----BEGIN CERTIFICATE-----
MIIBpDCCAUqgAwIBAgIUb/JxqKPVbZIOJUOHrRQG9+XGb2wwCgYIKoZIzj0EAwIw
ODELMAkGA1UEBgwCQlIxEjAQBgNVBAoMCUJvdFNlcnZlcjEVMBMGA1UEAwwMQm90
U2VydmVyIENBMB4XDTI2MDEwOTE0MzIyN1oXDTM2MDEwNzE0MzIyN1owODELMAkG
A1UEBgwCQlIxEjAQBgNVBAoMCUJvdFNlcnZlcjEVMBMGA1UEAwwMQm90U2VydmVy
IENBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEf91iFmGt2MGESvNrMWq9hGCn
hxzYzc74iaLunNh6hVU5oP3jvg7q3g8rZOWUDOOGa4DGdwrdC7CvIIWcqj+zKaMy
MDAwHQYDVR0OBBYEFCjdDuxP8W2kfvArjBjB3DTasjOOMA8GA1UdEwEB/wQFMAMB
Af8wCgYIKoZIzj0EAwIDSAAwRQIgGZ8DZBa3S4d1R9i4H/cgxsJ5Chc4WjspO2cR
K2ZYhJICIQCovdi36+WpK8rPYWfnOpViddt7kjGmET06G1jNCaY8eA==
-----END CERTIFICATE-----

12
botserver-stack/conf/system/certificates/embedding/server.crt Normal file
View file

@ -0,0 +1,12 @@
-----BEGIN CERTIFICATE-----
MIIBuDCCAV6gAwIBAgIUFoH3c6yvJ54C2mjxqRr93x+5AdMwCgYIKoZIzj0EAwIw
ODELMAkGA1UEBgwCQlIxEjAQBgNVBAoMCUJvdFNlcnZlcjEVMBMGA1UEAwwMQm90
U2VydmVyIENBMB4XDTI2MDEwOTE0MzIyN1oXDTI3MDEwOTE0MzIyN1owRTELMAkG
A1UEBgwCQlIxEjAQBgNVBAoMCUJvdFNlcnZlcjEiMCAGA1UEAwwZZW1iZWRkaW5n
LmJvdHNlcnZlci5sb2NhbDBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABFgtv49n
RP65s3q9f7CIp9g0m2fydY8ef1kLvqJOBu5a+nRezEydGzA74VmdC8kZymD1a57O
B14Ur32DdPOWdVGjOTA3MDUGA1UdEQQuMCyCCWxvY2FsaG9zdIcEfwAAAYIZZW1i
ZWRkaW5nLmJvdHNlcnZlci5sb2NhbDAKBggqhkjOPQQDAgNIADBFAiBnUMziwiAI
3EtkemJFOFukSgdqXYlCBJEkTMPQmJMX3AIhAPCTy9a1y6BGPh5iYvYxG0yG+saA
WftANldcwV/gpobL
-----END CERTIFICATE-----

5
botserver-stack/conf/system/certificates/embedding/server.key Normal file
View file

@ -0,0 +1,5 @@
-----BEGIN PRIVATE KEY-----
MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgkgOSgeoYGrcr5qEy
kdfBdwzW3bTToSjKnUX89GzchwShRANCAARYLb+PZ0T+ubN6vX+wiKfYNJtn8nWP
Hn9ZC76iTgbuWvp0XsxMnRswO+FZnQvJGcpg9WuezgdeFK99g3TzlnVR
-----END PRIVATE KEY-----

11
botserver-stack/conf/system/certificates/llm/ca.crt Normal file
View file

@ -0,0 +1,11 @@
-----BEGIN CERTIFICATE-----
MIIBpDCCAUqgAwIBAgIUb/JxqKPVbZIOJUOHrRQG9+XGb2wwCgYIKoZIzj0EAwIw
ODELMAkGA1UEBgwCQlIxEjAQBgNVBAoMCUJvdFNlcnZlcjEVMBMGA1UEAwwMQm90
U2VydmVyIENBMB4XDTI2MDEwOTE0MzIyN1oXDTM2MDEwNzE0MzIyN1owODELMAkG
A1UEBgwCQlIxEjAQBgNVBAoMCUJvdFNlcnZlcjEVMBMGA1UEAwwMQm90U2VydmVy
IENBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEf91iFmGt2MGESvNrMWq9hGCn
hxzYzc74iaLunNh6hVU5oP3jvg7q3g8rZOWUDOOGa4DGdwrdC7CvIIWcqj+zKaMy
MDAwHQYDVR0OBBYEFCjdDuxP8W2kfvArjBjB3DTasjOOMA8GA1UdEwEB/wQFMAMB
Af8wCgYIKoZIzj0EAwIDSAAwRQIgGZ8DZBa3S4d1R9i4H/cgxsJ5Chc4WjspO2cR
K2ZYhJICIQCovdi36+WpK8rPYWfnOpViddt7kjGmET06G1jNCaY8eA==
-----END CERTIFICATE-----

11
botserver-stack/conf/system/certificates/llm/server.crt Normal file
View file

@ -0,0 +1,11 @@
-----BEGIN CERTIFICATE-----
MIIBrDCCAVKgAwIBAgIULLeNNHmCgIy6gdtOj7g3BsqHbLIwCgYIKoZIzj0EAwIw
ODELMAkGA1UEBgwCQlIxEjAQBgNVBAoMCUJvdFNlcnZlcjEVMBMGA1UEAwwMQm90
U2VydmVyIENBMB4XDTI2MDEwOTE0MzIyN1oXDTI3MDEwOTE0MzIyN1owPzELMAkG
A1UEBgwCQlIxEjAQBgNVBAoMCUJvdFNlcnZlcjEcMBoGA1UEAwwTbGxtLmJvdHNl
cnZlci5sb2NhbDBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABPwMZlbuU1+rschc
rRzqqI6Y+wZOKxC4cyie6fYfCzwk2eYPmZ69sO8ecqDJhKuQBskcXXizJtEcuOcP
MKWYZ4mjMzAxMC8GA1UdEQQoMCaCCWxvY2FsaG9zdIcEfwAAAYITbGxtLmJvdHNl
cnZlci5sb2NhbDAKBggqhkjOPQQDAgNIADBFAiAvc2/SqQUxGmIW8BRrI9cKsZyv
skRjHuYyzgV7MlwQZAIhAJrW4lM8QukmbX1q8QjDZ4AcZgXTWfNTgA4OQN81mRIA
-----END CERTIFICATE-----

5
botserver-stack/conf/system/certificates/llm/server.key Normal file
View file

@ -0,0 +1,5 @@
-----BEGIN PRIVATE KEY-----
MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgywgP2Z+36UFU0tCX
mjLAcWjwHsS9VQStesTISqv96LOhRANCAAT8DGZW7lNfq7HIXK0c6qiOmPsGTisQ
uHMonun2Hws8JNnmD5mevbDvHnKgyYSrkAbJHF14sybRHLjnDzClmGeJ
-----END PRIVATE KEY-----

11
botserver-stack/conf/system/certificates/meet/ca.crt Normal file
View file

@ -0,0 +1,11 @@
-----BEGIN CERTIFICATE-----
MIIBpDCCAUqgAwIBAgIUb/JxqKPVbZIOJUOHrRQG9+XGb2wwCgYIKoZIzj0EAwIw
ODELMAkGA1UEBgwCQlIxEjAQBgNVBAoMCUJvdFNlcnZlcjEVMBMGA1UEAwwMQm90
U2VydmVyIENBMB4XDTI2MDEwOTE0MzIyN1oXDTM2MDEwNzE0MzIyN1owODELMAkG
A1UEBgwCQlIxEjAQBgNVBAoMCUJvdFNlcnZlcjEVMBMGA1UEAwwMQm90U2VydmVy
IENBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEf91iFmGt2MGESvNrMWq9hGCn
hxzYzc74iaLunNh6hVU5oP3jvg7q3g8rZOWUDOOGa4DGdwrdC7CvIIWcqj+zKaMy
MDAwHQYDVR0OBBYEFCjdDuxP8W2kfvArjBjB3DTasjOOMA8GA1UdEwEB/wQFMAMB
Af8wCgYIKoZIzj0EAwIDSAAwRQIgGZ8DZBa3S4d1R9i4H/cgxsJ5Chc4WjspO2cR
K2ZYhJICIQCovdi36+WpK8rPYWfnOpViddt7kjGmET06G1jNCaY8eA==
-----END CERTIFICATE-----

12
botserver-stack/conf/system/certificates/meet/server.crt Normal file
View file

@ -0,0 +1,12 @@
-----BEGIN CERTIFICATE-----
MIIBwzCCAWqgAwIBAgIUOFSwzEf9g4EjNN87Rm9CVHMQy0cwCgYIKoZIzj0EAwIw
ODELMAkGA1UEBgwCQlIxEjAQBgNVBAoMCUJvdFNlcnZlcjEVMBMGA1UEAwwMQm90
U2VydmVyIENBMB4XDTI2MDEwOTE0MzIyN1oXDTI3MDEwOTE0MzIyN1owQDELMAkG
A1UEBgwCQlIxEjAQBgNVBAoMCUJvdFNlcnZlcjEdMBsGA1UEAwwUbWVldC5ib3Rz
ZXJ2ZXIubG9jYWwwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQa0cd7blTJKeIy
qoMzofkhELiJObh/7mLRA449sF2JkfN1ntdlaJME+w4QWol7jJrN3djovp9VSF1n
lenyO5Zso0owSDBGBgNVHREEPzA9gglsb2NhbGhvc3SHBH8AAAGCFG1lZXQuYm90
c2VydmVyLmxvY2FsghR0dXJuLmJvdHNlcnZlci5sb2NhbDAKBggqhkjOPQQDAgNH
ADBEAiBQ2Tj1aEUsJPKn8nB8fMoPypGFjqQsrHVMGd1jugRKvgIgPwommm56FBRE
fykGU8Ti60kv3bE/T8n96bys/Ck27QQ=
-----END CERTIFICATE-----

5
botserver-stack/conf/system/certificates/meet/server.key Normal file
View file

@ -0,0 +1,5 @@
-----BEGIN PRIVATE KEY-----
MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgGV4Njkk6msSROX4j
xECKbepHax+ITYjKbPgU7GYja9yhRANCAAQa0cd7blTJKeIyqoMzofkhELiJObh/
7mLRA449sF2JkfN1ntdlaJME+w4QWol7jJrN3djovp9VSF1nlenyO5Zs
-----END PRIVATE KEY-----

11
botserver-stack/conf/system/certificates/tables/ca.crt Normal file
View file

@ -0,0 +1,11 @@
-----BEGIN CERTIFICATE-----
MIIBpDCCAUqgAwIBAgIUb/JxqKPVbZIOJUOHrRQG9+XGb2wwCgYIKoZIzj0EAwIw
ODELMAkGA1UEBgwCQlIxEjAQBgNVBAoMCUJvdFNlcnZlcjEVMBMGA1UEAwwMQm90
U2VydmVyIENBMB4XDTI2MDEwOTE0MzIyN1oXDTM2MDEwNzE0MzIyN1owODELMAkG
A1UEBgwCQlIxEjAQBgNVBAoMCUJvdFNlcnZlcjEVMBMGA1UEAwwMQm90U2VydmVy
IENBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEf91iFmGt2MGESvNrMWq9hGCn
hxzYzc74iaLunNh6hVU5oP3jvg7q3g8rZOWUDOOGa4DGdwrdC7CvIIWcqj+zKaMy
MDAwHQYDVR0OBBYEFCjdDuxP8W2kfvArjBjB3DTasjOOMA8GA1UdEwEB/wQFMAMB
Af8wCgYIKoZIzj0EAwIDSAAwRQIgGZ8DZBa3S4d1R9i4H/cgxsJ5Chc4WjspO2cR
K2ZYhJICIQCovdi36+WpK8rPYWfnOpViddt7kjGmET06G1jNCaY8eA==
-----END CERTIFICATE-----

12
botserver-stack/conf/system/certificates/tables/server.crt Normal file
View file

@ -0,0 +1,12 @@
-----BEGIN CERTIFICATE-----
MIIBszCCAVigAwIBAgIUedQtLNXwJmy0Aq0iGF6RRhWLjrEwCgYIKoZIzj0EAwIw
ODELMAkGA1UEBgwCQlIxEjAQBgNVBAoMCUJvdFNlcnZlcjEVMBMGA1UEAwwMQm90
U2VydmVyIENBMB4XDTI2MDEwOTE0MzIyN1oXDTI3MDEwOTE0MzIyN1owQjELMAkG
A1UEBgwCQlIxEjAQBgNVBAoMCUJvdFNlcnZlcjEfMB0GA1UEAwwWdGFibGVzLmJv
dHNlcnZlci5sb2NhbDBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABJPQ9iKqvlcs
uuU5VuwUFhclUlZgp8B0RT6TZ43ULuIvbIZ7uwGC3SP7+RPeehqnQSvRMCUh6LUr
iUrIqVjZYtmjNjA0MDIGA1UdEQQrMCmCCWxvY2FsaG9zdIcEfwAAAYIWdGFibGVz
LmJvdHNlcnZlci5sb2NhbDAKBggqhkjOPQQDAgNJADBGAiEA+ICfkJLs90c+BwRu
2FGT2bZ4Av5aITNlZe32W6g4x1ACIQCtXTHMniLCKTm+jP6YUVy8jKjlAW7TzQEW
yBjhieiKqw==
-----END CERTIFICATE-----

5
botserver-stack/conf/system/certificates/tables/server.key Normal file
View file

@ -0,0 +1,5 @@
-----BEGIN PRIVATE KEY-----
MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgGRyl9LxjpKa/AXsN
8Utr/4r31nYClRXAYcIRtHvY7/ChRANCAAST0PYiqr5XLLrlOVbsFBYXJVJWYKfA
dEU+k2eN1C7iL2yGe7sBgt0j+/kT3noap0Er0TAlIei1K4lKyKlY2WLZ
-----END PRIVATE KEY-----

11
botserver-stack/conf/system/certificates/vault/ca.crt Normal file
View file

@ -0,0 +1,11 @@
-----BEGIN CERTIFICATE-----
MIIBpDCCAUqgAwIBAgIUb/JxqKPVbZIOJUOHrRQG9+XGb2wwCgYIKoZIzj0EAwIw
ODELMAkGA1UEBgwCQlIxEjAQBgNVBAoMCUJvdFNlcnZlcjEVMBMGA1UEAwwMQm90
U2VydmVyIENBMB4XDTI2MDEwOTE0MzIyN1oXDTM2MDEwNzE0MzIyN1owODELMAkG
A1UEBgwCQlIxEjAQBgNVBAoMCUJvdFNlcnZlcjEVMBMGA1UEAwwMQm90U2VydmVy
IENBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEf91iFmGt2MGESvNrMWq9hGCn
hxzYzc74iaLunNh6hVU5oP3jvg7q3g8rZOWUDOOGa4DGdwrdC7CvIIWcqj+zKaMy
MDAwHQYDVR0OBBYEFCjdDuxP8W2kfvArjBjB3DTasjOOMA8GA1UdEwEB/wQFMAMB
Af8wCgYIKoZIzj0EAwIDSAAwRQIgGZ8DZBa3S4d1R9i4H/cgxsJ5Chc4WjspO2cR
K2ZYhJICIQCovdi36+WpK8rPYWfnOpViddt7kjGmET06G1jNCaY8eA==
-----END CERTIFICATE-----

12
botserver-stack/conf/system/certificates/vault/server.crt Normal file
View file

@ -0,0 +1,12 @@
-----BEGIN CERTIFICATE-----
MIIBsTCCAVagAwIBAgIUD1I5LIe/58xRDeIzDydogQ7O48AwCgYIKoZIzj0EAwIw
ODELMAkGA1UEBgwCQlIxEjAQBgNVBAoMCUJvdFNlcnZlcjEVMBMGA1UEAwwMQm90
U2VydmVyIENBMB4XDTI2MDEwOTE0MzIyN1oXDTI3MDEwOTE0MzIyN1owQTELMAkG
A1UEBgwCQlIxEjAQBgNVBAoMCUJvdFNlcnZlcjEeMBwGA1UEAwwVdmF1bHQuYm90
c2VydmVyLmxvY2FsMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAErBEIYdeJsrFR
QcrB5ZbwQh07DHxY5l6CWSG4nPMlLw1glVmelg/KWRC0x0qT2w1c8ZuhrDgXPoaI
3gYm6YuDA6M1MDMwMQYDVR0RBCowKIIJbG9jYWxob3N0hwR/AAABghV2YXVsdC5i
b3RzZXJ2ZXIubG9jYWwwCgYIKoZIzj0EAwIDSQAwRgIhAOKl0AoVfexLk7W8ojg9
8bgJpkD/S++dMp5iwO7EEmNTAiEA8gj1QkB200y+MPIcbfWo5os/rOUdgsi6ajiB
2sPKuZI=
-----END CERTIFICATE-----

5
botserver-stack/conf/system/certificates/vault/server.key Normal file
View file

@ -0,0 +1,5 @@
-----BEGIN PRIVATE KEY-----
MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgYty4Dxz6uuA6oTfA
3pPG62ZCcZSHH6x24TmU845C4cChRANCAASsEQhh14mysVFBysHllvBCHTsMfFjm
XoJZIbic8yUvDWCVWZ6WD8pZELTHSpPbDVzxm6GsOBc+hojeBibpi4MD
-----END PRIVATE KEY-----

11
botserver-stack/conf/system/certificates/vectordb/ca.crt Normal file
View file

@ -0,0 +1,11 @@
-----BEGIN CERTIFICATE-----
MIIBpDCCAUqgAwIBAgIUb/JxqKPVbZIOJUOHrRQG9+XGb2wwCgYIKoZIzj0EAwIw
ODELMAkGA1UEBgwCQlIxEjAQBgNVBAoMCUJvdFNlcnZlcjEVMBMGA1UEAwwMQm90
U2VydmVyIENBMB4XDTI2MDEwOTE0MzIyN1oXDTM2MDEwNzE0MzIyN1owODELMAkG
A1UEBgwCQlIxEjAQBgNVBAoMCUJvdFNlcnZlcjEVMBMGA1UEAwwMQm90U2VydmVy
IENBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEf91iFmGt2MGESvNrMWq9hGCn
hxzYzc74iaLunNh6hVU5oP3jvg7q3g8rZOWUDOOGa4DGdwrdC7CvIIWcqj+zKaMy
MDAwHQYDVR0OBBYEFCjdDuxP8W2kfvArjBjB3DTasjOOMA8GA1UdEwEB/wQFMAMB
Af8wCgYIKoZIzj0EAwIDSAAwRQIgGZ8DZBa3S4d1R9i4H/cgxsJ5Chc4WjspO2cR
K2ZYhJICIQCovdi36+WpK8rPYWfnOpViddt7kjGmET06G1jNCaY8eA==
-----END CERTIFICATE-----

12
botserver-stack/conf/system/certificates/vectordb/server.crt Normal file
View file

@ -0,0 +1,12 @@
-----BEGIN CERTIFICATE-----
MIIBtTCCAVygAwIBAgIUYc6xkfJ9hKLTOJWmQK2qGZnX4kQwCgYIKoZIzj0EAwIw
ODELMAkGA1UEBgwCQlIxEjAQBgNVBAoMCUJvdFNlcnZlcjEVMBMGA1UEAwwMQm90
U2VydmVyIENBMB4XDTI2MDEwOTE0MzIyN1oXDTI3MDEwOTE0MzIyN1owRDELMAkG
A1UEBgwCQlIxEjAQBgNVBAoMCUJvdFNlcnZlcjEhMB8GA1UEAwwYdmVjdG9yZGIu
Ym90c2VydmVyLmxvY2FsMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEGjzEoKX3
bMMVTik6tgG9Cc2Sh+vg7zYPxCgx3PS5/g7UBR9Z5XXWC6kDfdLgxOfFL/3Wvr45
gwCxPt//UGNQ2qM4MDYwNAYDVR0RBC0wK4IJbG9jYWxob3N0hwR/AAABghh2ZWN0
b3JkYi5ib3RzZXJ2ZXIubG9jYWwwCgYIKoZIzj0EAwIDRwAwRAIgG8QM6qzq5ZaX
51BXjWTQMZfL/yurnMMmNyPx2DfpZkoCIFZN0jJm3dxwZsTIJDI4FU2T4FC/YGee
bu9ZO2/ERaFK
-----END CERTIFICATE-----

5
botserver-stack/conf/system/certificates/vectordb/server.key Normal file
View file

@ -0,0 +1,5 @@
-----BEGIN PRIVATE KEY-----
MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgOYg1iMeJt9WlQ0VN
zIHneW1OO2pTEpbaOZNAhkPUECmhRANCAAQaPMSgpfdswxVOKTq2Ab0JzZKH6+Dv
Ng/EKDHc9Ln+DtQFH1nlddYLqQN90uDE58Uv/da+vjmDALE+3/9QY1Da
-----END PRIVATE KEY-----

16
botserver-stack/conf/vault/config.hcl Normal file
View file

@ -0,0 +1,16 @@
storage "file" {
path = "/home/rodriguez/src/gb/botserver-stack/data/vault/vault"
}
listener "tcp" {
address = "0.0.0.0:8200"
tls_disable = false
tls_cert_file = "/home/rodriguez/src/gb/botserver-stack/conf/system/certificates/vault/server.crt"
tls_key_file = "/home/rodriguez/src/gb/botserver-stack/conf/system/certificates/vault/server.key"
tls_client_ca_file = "/home/rodriguez/src/gb/botserver-stack/conf/system/certificates/ca/ca.crt"
}
api_addr = "https://localhost:8200"
cluster_addr = "https://localhost:8201"
ui = true
disable_mlock = true

2
bottemplates

@ -1 +1 @@
Subproject commit 5adb6efec4a5b92be1ce7965e6da7118984ed2d7
Subproject commit c0e14819fe322132bf96db27804aca056b3261e5

2
botui

@ -1 +1 @@
Subproject commit 580c9072d48c773485a841eb2056d31d3ea4394d
Subproject commit 9a4c8bf6a60c32e00d11bb27a522da80b76f9c3b

20
config/directory_config.json
View file

@ -1,20 +0,0 @@
{
"base_url": "http://localhost:8300",
"default_org": {
"id": "353226116074307598",
"name": "default",
"domain": "default.localhost"
},
"default_user": {
"id": "admin",
"username": "admin",
"email": "admin@localhost",
"password": "",
"first_name": "Admin",
"last_name": "User"
},
"admin_token": "XzjmsXoVy7mDKK8gyWtJNp3w3enVW3EKGPdfLbz0nX9vMsDpg27UtAROOcKMXsoc0fDwv98",
"project_id": "",
"client_id": "353226118456737806",
"client_secret": "5uH0r2elIQ3xji4N4aTOARZjEDDUWC0cfIybGaFkvhwlA6gvygMHOdmodVg4K6PJ"
}

1
restart.sh
View file

@ -1,3 +1,4 @@
pkill rustc -9
pkill botserver -9
pkill botui -9
cd botserver