From cabdbb7f9c1df8007749d07a2e186bb3ad35f62b Mon Sep 17 00:00:00 2001 From: Eugen Rochko Date: Sun, 26 Aug 2018 20:21:03 +0200 Subject: Add CLI task for rotating keys (#8466) * If an Update is signed with known key, skip re-following procedure Because it means the remote actor did *not* lose their database * Add CLI method for rotating keys bin/tootctl accounts rotate [USERNAME] Generates a new RSA key per account and sends out an Update activity signed with the old key. * Key rotation: Space out Update fan-outs every 5 minutes per 1000 accounts * Skip suspended accounts in key rotation --- lib/mastodon/accounts_cli.rb | 55 ++++++++++++++++++++++++++++++++++++++++++++ lib/mastodon/emoji_cli.rb | 2 +- lib/mastodon/media_cli.rb | 2 +- 3 files changed, 57 insertions(+), 2 deletions(-) create mode 100644 lib/mastodon/accounts_cli.rb (limited to 'lib/mastodon') diff --git a/lib/mastodon/accounts_cli.rb b/lib/mastodon/accounts_cli.rb new file mode 100644 index 000000000..83b69549d --- /dev/null +++ b/lib/mastodon/accounts_cli.rb @@ -0,0 +1,55 @@ +# frozen_string_literal: true + +require 'rubygems/package' +require_relative '../../config/boot' +require_relative '../../config/environment' +require_relative 'cli_helper' + +module Mastodon + class AccountsCLI < Thor + option :all, type: :boolean + desc 'rotate [USERNAME]', 'Generate and broadcast new keys' + long_desc <<-LONG_DESC + Generate and broadcast new RSA keys as part of security + maintenance. + + With the --all option, all local accounts will be subject + to the rotation. Otherwise, and by default, only a single + account specified by the USERNAME argument will be + processed. + LONG_DESC + def rotate(username = nil) + if options[:all] + processed = 0 + delay = 0 + + Account.local.without_suspended.find_in_batches do |accounts| + accounts.each do |account| + rotate_keys_for_account(account, delay) + processed += 1 + say('.', :green, false) + end + + delay += 5.minutes + end + + say + say("OK, rotated keys for #{processed} accounts", :green) + elsif username.present? + rotate_keys_for_account(Account.find_local(username)) + say('OK', :green) + else + say('No account(s) given', :red) + end + end + + private + + def rotate_keys_for_account(account, delay = 0) + old_key = account.private_key + new_key = OpenSSL::PKey::RSA.new(2048).to_pem + account.update(private_key: new_key) + ActivityPub::UpdateDistributionWorker.perform_in(delay, account.id, sign_with: old_key) + end + end +end diff --git a/lib/mastodon/emoji_cli.rb b/lib/mastodon/emoji_cli.rb index 71f8b2cc7..0a773c771 100644 --- a/lib/mastodon/emoji_cli.rb +++ b/lib/mastodon/emoji_cli.rb @@ -13,7 +13,7 @@ module Mastodon option :suffix option :overwrite, type: :boolean option :unlisted, type: :boolean - desc 'import PATH', 'import emoji from a TAR archive at PATH' + desc 'import PATH', 'Import emoji from a TAR archive at PATH' long_desc <<-LONG_DESC Imports custom emoji from a TAR archive specified by PATH. diff --git a/lib/mastodon/media_cli.rb b/lib/mastodon/media_cli.rb index 00bd662f4..ee28270da 100644 --- a/lib/mastodon/media_cli.rb +++ b/lib/mastodon/media_cli.rb @@ -10,7 +10,7 @@ module Mastodon class MediaCLI < Thor option :days, type: :numeric, default: 7 option :background, type: :boolean, default: false - desc 'remove', 'remove remote media files' + desc 'remove', 'Remove remote media files' long_desc <<-DESC Removes locally cached copies of media attachments from other servers. -- cgit