added server log monitoring

docker/chungus/docker-compose.yml

@@ -0,0 +1,44 @@
+services:
+  postgres:
+    image: postgres:latest
+    container_name: postgres_db
+    environment:
+      POSTGRES_USER: asdfuser
+      POSTGRES_PASSWORD: asdfpassword
+      POSTGRES_DB: asdfdb
+    ports:
+      - "3335:5432"
+    volumes:
+      - postgres_data:/var/lib/postgresql/data
+
+  modsecurity:
+    image: owasp/modsecurity-crs:apache-alpine
+    container_name: modsecurity
+    restart: always
+    environment:
+      BACKEND: "http://localhost:80"
+      SERVER_NAME: "localhost"
+      PORT: "3331"
+      MODSEC_AUDIT_LOG: "/var/log/modsec_audit.log"
+      ERRORLOG: "/var/log/modsec_error.log"
+      ACCESSLOG: "/var/log/apache2/access.log"
+      MODSEC_AUDIT_LOG_FORMAT: "JSON"
+      BLOCKING_PARANOIA: 1
+      DETECTION_PARANOIA: 1
+      EXECUTING_PARANOIA: 1
+      PARANOIA: 1
+    network_mode: "host"
+    volumes:
+      - "/tmp/host-fs-auditlog.log:/var/log/modsec_audit.log"
+      - "/tmp/host-fs-errorlog.log:/var/log/modsec_error.log"
+      - "/tmp/host-fs-accesslog.log:/var/log/apache2/access.log"
+
+  dvwa:
+    image: vulnerables/web-dvwa
+    container_name: dvwa
+    restart: always
+    ports:
+      - "80:80"
+
+volumes:
+  postgres_data:

docker/chungus/setup.sh

@@ -0,0 +1,6 @@
+touch /tmp/host-fs-auditlog.log
+touch /tmp/host-fs-errorlog.log
+touch /tmp/host-fs-accesslog.log
+chmod 777 /tmp/host-fs-auditlog.log
+chmod 777 /tmp/host-fs-errorlog.log
+chmod 777 /tmp/host-fs-accesslog.log

server/go.mod

@@ -5,9 +5,13 @@ go 1.23.2
 require github.com/jackc/pgx/v5 v5.7.1
 
 require (
+	github.com/go-telegram-bot-api/telegram-bot-api/v5 v5.5.1 // indirect
 	github.com/jackc/pgpassfile v1.0.0 // indirect
 	github.com/jackc/pgservicefile v0.0.0-20240606120523-5a60cdf6a761 // indirect
 	github.com/jackc/puddle/v2 v2.2.2 // indirect
+	github.com/tidwall/gjson v1.18.0 // indirect
+	github.com/tidwall/match v1.1.1 // indirect
+	github.com/tidwall/pretty v1.2.0 // indirect
 	golang.org/x/crypto v0.32.0 // indirect
 	golang.org/x/sync v0.10.0 // indirect
 	golang.org/x/text v0.21.0 // indirect

server/go.sum

@@ -1,6 +1,8 @@
 github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
+github.com/go-telegram-bot-api/telegram-bot-api/v5 v5.5.1 h1:wG8n/XJQ07TmjbITcGiUaOtXxdrINDz1b0J1w0SzqDc=
+github.com/go-telegram-bot-api/telegram-bot-api/v5 v5.5.1/go.mod h1:A2S0CWkNylc2phvKXWBBdD3K0iGnDBGbzRpISP2zBl8=
 github.com/jackc/pgpassfile v1.0.0 h1:/6Hmqy13Ss2zCq62VdNG8tM1wchn8zjSGOBJ6icpsIM=
 github.com/jackc/pgpassfile v1.0.0/go.mod h1:CEx0iS5ambNFdcRtxPj5JhEz+xB6uRky5eyVu/W2HEg=
 github.com/jackc/pgservicefile v0.0.0-20240606120523-5a60cdf6a761 h1:iCEnooe7UlwOQYpKFhBabPMi4aNAfoODPEFNiAnClxo=
@@ -16,6 +18,12 @@ github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UV
 github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
 github.com/stretchr/testify v1.8.1 h1:w7B6lhMri9wdJUVmEZPGGhZzrYTPvgJArz7wNPgYKsk=
 github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4=
+github.com/tidwall/gjson v1.18.0 h1:FIDeeyB800efLX89e5a8Y0BNH+LOngJyGrIWxG2FKQY=
+github.com/tidwall/gjson v1.18.0/go.mod h1:/wbyibRr2FHMks5tjHJ5F8dMZh3AcwJEMf5vlfC0lxk=
+github.com/tidwall/match v1.1.1 h1:+Ho715JplO36QYgwN9PGYNhgZvoUSc9X2c80KVTi+GA=
+github.com/tidwall/match v1.1.1/go.mod h1:eRSPERbgtNPcGhD8UCthc6PmLEQXEWd3PRB5JTxsfmM=
+github.com/tidwall/pretty v1.2.0 h1:RWIZEg2iJ8/g6fDDYzMpobmaoGh5OLl4AXtGUGPcqCs=
+github.com/tidwall/pretty v1.2.0/go.mod h1:ITEVvHYasfjBbM0u2Pg8T2nJnzm8xPwvNhhsoaGGjNU=
 golang.org/x/crypto v0.32.0 h1:euUpcYgM8WcP71gNpTqQCn6rC2t6ULUPiOzfWaXVVfc=
 golang.org/x/crypto v0.32.0/go.mod h1:ZnnJkOaASj8g0AjIduWNlq2NRxL0PlBrbKVyZ6V/Ugc=
 golang.org/x/sync v0.10.0 h1:3NQrjDixjgGwUOCaF8w2+VYHv0Ve/vGYSbdkTa98gmQ=

server/internal/telegram/telegram.go

@@ -0,0 +1,59 @@
+package telegram
+
+import (
+	"bufio"
+	"fmt"
+	"io"
+	"log"
+	"os"
+	"time"
+
+	tg "github.com/go-telegram-bot-api/telegram-bot-api/v5"
+)
+
+const (
+	modsecLogFile  = "/tmp/host-fs-auditlog.log"
+	telegramToken  = "7215466800:AAGwjZnXEfbbjQiA0y7qtSzbSZNUWQJnyjo"
+	telegramChatID = 622943829
+)
+
+func TelegramBotInit() {
+	bot, err := tg.NewBotAPI(telegramToken)
+	if err != nil {
+		log.Fatal("Failed to create Telegram bot:", err)
+	}
+
+	log.Println("Telegram bot connected")
+
+	// send init message on startup
+	testMsg := tg.NewMessage(telegramChatID, "I'm in")
+	_, err = bot.Send(testMsg)
+	if err != nil {
+		log.Fatal("Failed to send test message:", err)
+	}
+
+	// open the log file
+	logFile, err := os.Open(modsecLogFile)
+	if err != nil {
+		log.Fatal("Failed to open log file:", err)
+	}
+	defer logFile.Close()
+
+	// seek to the end of the file to read only new entries
+	logFile.Seek(0, io.SeekEnd)
+
+	reader := bufio.NewReader(logFile)
+	for {
+		line, err := reader.ReadString('\n')
+		if err == nil {
+			sendTelegramAlert(bot, line)
+		}
+		// maybe change this logic? interrupt vs polling??????
+		time.Sleep(1 * time.Second)
+	}
+}
+
+func sendTelegramAlert(bot *tg.BotAPI, message string) {
+	msg := tg.NewMessage(telegramChatID, fmt.Sprintf("*WEEWOO ALERT*\n%s", message))
+	bot.Send(msg)
+}

server/main.go

@@ -5,6 +5,7 @@ import (
 
 	"github.com/Vomitblood/cspj-application/server/internal/db"
 	"github.com/Vomitblood/cspj-application/server/internal/http_server"
+	"github.com/Vomitblood/cspj-application/server/internal/telegram"
 )
 
 func main() {
@@ -15,5 +16,7 @@ func main() {
 	}
 	defer db.DbPool.Close()
 
+	go telegram.TelegramBotInit()
+
 	http_server.ServeApi()
 }