Merge pull request #1 from yousefvand/dev

v0.1.0

.github/workflows/test.yml

@@ -0,0 +1,23 @@
+# Needs revision
+
+on: [push, pull_request]
+name: Test
+env:
+  ENV: "TEST"
+jobs:
+  test:
+    strategy:
+      matrix:
+        go-version: [1.15.x, 1.16.x]
+        os: [ubuntu-latest, macos-latest]
+    runs-on: ${{ matrix.os }}
+    name: Go ${{ matrix.go }} tests
+    steps:
+    - name: Install Go
+      uses: actions/setup-go@v2
+      with:
+        go-version: ${{ matrix.go-version }}
+    - name: Checkout code
+      uses: actions/checkout@v2
+    - name: Test
+      run: go test -race -timeout 60s ./...

.gitignore

@@ -0,0 +1,7 @@
+tmp/
+logs/
+coverage.*
+secretservice
+secretserviced
+!secretservice/
+!secretserviced/

.vscode/launch.json

@@ -0,0 +1,36 @@
+{
+  // Use IntelliSense to learn about possible attributes.
+  // Hover to view descriptions of existing attributes.
+  // For more information, visit: https://go.microsoft.com/fwlink/?linkid=830387
+  "version": "0.2.0",
+  "configurations": [
+    {
+      "name": "service",
+      "type": "go",
+      "request": "launch",
+      "mode": "debug",
+      "env": {
+        "ENV": "DEV",
+        "MASTERPASSWORD": "a012345678901234567890123456789z"
+      },
+      "program": "${workspaceFolder}/cmd/app/secretserviced/main.go"
+    },
+    {
+      "name": "cli",
+      "type": "go",
+      "request": "launch",
+      "mode": "debug",
+      "env": {
+        "ENV": "DEV"
+      },
+      "program": "${workspaceFolder}/cmd/app/secretservice/main.go"
+    },
+    {
+      "name": "file",
+      "type": "go",
+      "request": "launch",
+      "mode": "debug",
+      "program": "${file}"
+    }
+  ]
+}

.vscode/settings.json

@@ -0,0 +1,49 @@
+{
+  "cSpell.words": [
+    "Aamoo",
+    "Archlinux",
+    "Debugf",
+    "Diffie",
+    "Errorf",
+    "HKDF",
+    "HMAC",
+    "Infof",
+    "MASTERPASSWORD",
+    "PKCS",
+    "PKGBUILD",
+    "READWRITE",
+    "Ramiz",
+    "Remisa",
+    "Remmina",
+    "SIGHUP",
+    "Struct",
+    "Tracef",
+    "Unpadded",
+    "Warnf",
+    "Warningf",
+    "Yousefvand",
+    "chmod",
+    "dbus",
+    "dhkx",
+    "fips",
+    "freedesktop",
+    "godbus",
+    "keyrings",
+    "killall",
+    "monnand",
+    "oayays",
+    "secretservice",
+    "secretserviced",
+    "somepassword",
+    "stretchr",
+    "structs",
+    "unalias",
+    "unencrypted",
+    "unexported",
+    "unpadding",
+    "unpads",
+    "vsub",
+    "wmctrl"
+  ],
+  "favorites.resources": []
+}

.vscode/tasks.json

@@ -0,0 +1,62 @@
+{
+  // See https://go.microsoft.com/fwlink/?LinkId=733558
+  // for the documentation about the tasks.json format
+  "version": "2.0.0",
+  "tasks": [
+    {
+      "label": "stop systemctl service",
+      "type": "shell",
+      "command": "systemctl stop --user secretserviced.service"
+    },
+    {
+      "label": "start systemctl service",
+      "type": "shell",
+      "command": "systemctl start --user secretserviced.service"
+    },
+    {
+      "label": "Delete service home",
+      "type": "shell",
+      "command": "rm -rf ~/.secret-service"
+    },
+    {
+      "label": "Delete logs",
+      "type": "shell",
+      "command": "rm logs/*"
+    },
+    {
+      "label": "Delete coverage",
+      "type": "shell",
+      "command": "rm coverage.*"
+    },
+    {
+      "label": "Delete binaries",
+      "type": "shell",
+      "command": "rm secretservice*"
+    },
+    {
+      "label": "Build binaries",
+      "type": "shell",
+      "command": "echo \"Building \"Secret Service\"...\"; go build -race -o secretserviced cmd/app/secretserviced/main.go; go build -race -o secretservice cmd/app/secretservice/main.go; du -bh secretservice*"
+    },
+    {
+      "label": "loc",
+      "type": "shell",
+      "command": "find . -name \"*.go\" | xargs grep -v \"^$\" | wc -l"
+    },
+    {
+      "label": "Run tests",
+      "type": "shell",
+      "command": "rm -f logs/* ; ENV=TEST MASTERPASSWORD=a012345678901234567890123456789z grc go test -race -cover -timeout 60s ./..."
+    },
+    {
+      "label": "Run service",
+      "type": "shell",
+      "command": "MASTERPASSWORD=a012345678901234567890123456789z go run -race ./cmd/app/secretserviced/main.go"
+    },
+    {
+      "label": "Tests coverage",
+      "type": "shell",
+      "command": "rm -f logs/* ; ENV=TEST MASTERPASSWORD=a012345678901234567890123456789z grc go test -v -timeout 60s ./... -coverprofile=coverage.out && go tool cover -html=coverage.out -o coverage.html && google-chrome-stable -incognito coverage.html"
+    }
+  ]
+}

CHANGELOG.md

@@ -0,0 +1,19 @@
+# Change Log
+
+## Release [date]
+
+### secretserviced v0.1.0
+
+- Initial Release
+
+### secretservice v0.1.0
+
+- Initial Release
+
+### config v0.1.0
+
+- Initial Release
+
+### database v0.1.0
+
+- Initial Release

LICENSE.md

@@ -0,0 +1,21 @@
+# MIT License
+
+Copyright (c) 2021 Remisa Yousefvand <remisa.yousefvand@gmail.com>
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

README.md

@@ -1,2 +1,97 @@
-# secret-service
-Service to keep secrets of applications
+# Secret Service
+
+[![GitHub release](https://img.shields.io/github/release/yousefvand/secret-service.svg?style=plastic)](https://github.com/yousefvand/secret-service/releases)
+[![GitHub license](https://img.shields.io/github/license/yousefvand/secret-service.svg?style=plastic)](https://github.com/yousefvand/secret-service/blob/master/LICENSE.md)
+[![GitHub stars](https://img.shields.io/github/stars/yousefvand/secret-service.svg?style=plastic)](https://github.com/yousefvand/secret-service/stargazers)
+[![GitHub issues](https://img.shields.io/github/forks/yousefvand/secret-service.svg?style=plastic)](https://github.com/yousefvand/secret-service/forks)
+[![GitHub issues](https://img.shields.io/github/issues/yousefvand/secret-service.svg?style=plastic)](https://github.com/yousefvand/secret-service/issues)
+
+Implementation of [Secret Service API](http://standards.freedesktop.org/secret-service)
+
+## What does this project do?
+
+To use **secret service** you don't need using `KeePassXC` for storing and retrieving you applications credentials anymore, or login every tome to `Skype`, `vscode sync`, `Remmina`...
+
+## Install
+
+There is an `manage.sh` shellscript that do the job of install/uninstall but here are the details:
+
+You need to copy the binary (`secretserviced`, build the project or download it from [releases](https://github.com/yousefvand/secret-service/releases) page) some where usually `/usr/bin` but if you don't have the permission, `~/.local/bin` is OK too. To build the binary from source code:
+
+```bash
+git clone https://github.com/yousefvand/secret-service.git
+cd secret-service
+go build -race -o secretserviced cmd/app/secretserviced/main.go
+```
+
+You need a `systemd` **UNIT** file named `secretserviced.service` to put in `/etc/systemd/user` but if you don't have the permission `~/.config/systemd/user` is OK too. Here is a sample **UNIT** file, change `WorkingDirectory` and `ExecStart` according to where you put the binary:
+
+```config
+[Unit]
+Description=Service to keep secrets of applications
+Documentation=https://github.com/yousefvand/secret-service
+
+[Install]
+WantedBy=default.target
+
+[Service]
+Type=simple
+RestartSec=30
+Restart=always
+Environment="MASTERPASSWORD=01234567890123456789012345678912"
+WorkingDirectory=/usr/bin/
+ExecStart=/usr/bin/secretserviced
+```
+
+**CAUTION**: `MASTERPASSWORD` is very important, don't loose it. `manage.sh` would generate a random `32` character password automatically. If you don't use the `manage.sh` shellscript, it is up to you to set the password and it should be **EXACTLY** `32` characters length.
+
+Now start the service:
+
+```bash
+systemctl enable --now --user secretserviced.service
+```
+
+and you can stop the service by:
+
+```bash
+systemctl disable --now --user secretserviced.service
+```
+
+to see the status of service:
+
+```bash
+systemctl status --user secretserviced.service
+```
+
+All `secret-service` stuff (database, logs...) are stored under: `~/.secret-service`.
+
+By default all secrets are encrypted with `AES-CBC-256` symmetric algorithm with `MASTERPASSWORD`. If you wish to switch between encrypted/unencrypted database you need to follow these steps:
+
+1. Stop service: `systemctl stop --user secretserviced.service`
+2. Change config `encryption` key (located at: `~/.secret-service/secretserviced/config.yaml`)
+3. If you are changing to `encryption: true` make sure `MASTERPASSWORD` is set.
+4. Delete database (located at: `~/.secret-service/secretserviced/db.json`)
+5. Start service: `systemctl start --user secretserviced.service`
+
+If service refuses to start and you see `OS` exit code `5` in logs, it means som other application has taken dbus name `org.freedesktop.secrets` before (such as keyrings), stop that application and try again.
+
+## Contribution
+
+This project is in its infancy and as it is my first golang project there are many design and code problems. I do appreciate suggestions and `PR`s. If you can get done any item from `TODO` list, you are welcome. This list will be updated based on new insights and user issues.
+
+In case of sending a `PR` please make sure:
+
+1. You are addressing just one issue per PR.
+2. Completely describe the problem and your solution in plain English.
+3. Send PRs to `dev` branch and make sure all tests have passed.
+4. If any new test is needed based on your PR, please write the test as well.
+
+### TODO
+
+[ ] Configure CI (preferably on Archlinux) 
+
+[ ] What's the best way to secure `/etc/systemd/user/secretserviced.service` file
+
+[ ] deb, rpm, AppImage packages
+
+[ ] ...

assets/.grc/conf.gotest

@@ -0,0 +1,36 @@
+regexp==== RUN .*
+colours=bold blue
+-
+regexp=--- PASS: .*
+colour=green
+-
+regexp=^PASS$
+colours=reverse green
+-
+regexp=^(ok|\?) .*
+colour=magenta
+-
+regexp=^\?
+colour=yellow
+-
+regexp=^ok
+colours=bold green
+-
+regexp=--- FAIL: .*
+colour=red
+-
+regexp=^FAIL.*
+colour=red
+-
+regexp=^FAIL$
+colours=reverse red
+-
+regexp=[^\s]+\.go(:\d+)?
+colour=cyan
+-
+regexp=coverage: .*
+colour=yellow
+-
+regexp=\[no test files\]
+colours=dark yellow
+

assets/.grc/grc.conf

@@ -0,0 +1,3 @@
+# Go
+\bgo.* test\b
+conf.gotest