src/config.py

#!/usr/bin/env python3

import os
import sys
from dataclasses import dataclass
from pathlib import Path
from typing import Optional, Tuple
from zoneinfo import ZoneInfo
import time

import yaml


@dataclass
class Config:
    """Configuration class for the deception server"""
    port: int = 5000
    delay: int = 100  # milliseconds
    server_header: str = ""
    links_length_range: Tuple[int, int] = (5, 15)
    links_per_page_range: Tuple[int, int] = (10, 15)
    char_space: str = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789'
    max_counter: int = 10
    canary_token_url: Optional[str] = None
    canary_token_tries: int = 10
    dashboard_secret_path: str = None
    api_server_url: Optional[str] = None
    api_server_port: int = 8080
    api_server_path: str = "/api/v2/users"
    probability_error_codes: int = 0  # Percentage (0-100)

    # Crawl limiting settings - for legitimate vs malicious crawlers
    max_pages_limit: int = 100  # Max pages limit for good crawlers and regular users (and bad crawlers/attackers if infinite_pages_for_malicious is False)
    infinite_pages_for_malicious: bool = True  # Infinite pages for malicious crawlers
    ban_duration_seconds: int = 600  # Ban duration in seconds for IPs exceeding limits

    # Database settings
    database_path: str = "data/krawl.db"
    database_retention_days: int = 30

    # Analyzer settings
    http_risky_methods_threshold: float = None
    violated_robots_threshold: float = None
    uneven_request_timing_threshold: float = None
    uneven_request_timing_time_window_seconds: float = None
    user_agents_used_threshold: float = None
    attack_urls_threshold: float = None

    @classmethod
    def from_yaml(cls) -> 'Config':
        """Create configuration from YAML file"""
        config_location = os.getenv('CONFIG_LOCATION', 'config.yaml')
        config_path = Path(__file__).parent.parent / config_location

        try:
            with open(config_path, 'r') as f:
                data = yaml.safe_load(f)
        except FileNotFoundError:
            print(f"Error: Configuration file '{config_path}' not found.", file=sys.stderr)
            print(f"Please create a config.yaml file or set CONFIG_LOCATION environment variable.", file=sys.stderr)
            sys.exit(1)
        except yaml.YAMLError as e:
            print(f"Error: Invalid YAML in configuration file '{config_path}': {e}", file=sys.stderr)
            sys.exit(1)

        if data is None:
            data = {}

        # Extract nested values with defaults
        server = data.get('server', {})
        links = data.get('links', {})
        canary = data.get('canary', {})
        dashboard = data.get('dashboard', {})
        api = data.get('api', {})
        database = data.get('database', {})
        behavior = data.get('behavior', {})
        analyzer = data.get('analyzer') or {}
        crawl = data.get('crawl', {})

        # Handle dashboard_secret_path - auto-generate if null/not set
        dashboard_path = dashboard.get('secret_path')
        if dashboard_path is None:
            dashboard_path = f'/{os.urandom(16).hex()}'
        else:
            # ensure the dashboard path starts with a /
            if dashboard_path[:1] != "/":
                dashboard_path = f"/{dashboard_path}"

        return cls(
            port=server.get('port', 5000),
            delay=server.get('delay', 100),
            server_header=server.get('server_header',""),
            links_length_range=(
                links.get('min_length', 5),
                links.get('max_length', 15)
            ),
            links_per_page_range=(
                links.get('min_per_page', 10),
                links.get('max_per_page', 15)
            ),
            char_space=links.get('char_space', 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789'),
            max_counter=links.get('max_counter', 10),
            canary_token_url=canary.get('token_url'),
            canary_token_tries=canary.get('token_tries', 10),
            dashboard_secret_path=dashboard_path,
            api_server_url=api.get('server_url'),
            api_server_port=api.get('server_port', 8080),
            api_server_path=api.get('server_path', '/api/v2/users'),
            probability_error_codes=behavior.get('probability_error_codes', 0),
            database_path=database.get('path', 'data/krawl.db'),
            database_retention_days=database.get('retention_days', 30),
            http_risky_methods_threshold=analyzer.get('http_risky_methods_threshold', 0.1),
            violated_robots_threshold=analyzer.get('violated_robots_threshold', 0.1),
            uneven_request_timing_threshold=analyzer.get('uneven_request_timing_threshold', 0.5), # coefficient of variation
            uneven_request_timing_time_window_seconds=analyzer.get('uneven_request_timing_time_window_seconds', 300),
            user_agents_used_threshold=analyzer.get('user_agents_used_threshold', 2),
            attack_urls_threshold=analyzer.get('attack_urls_threshold', 1),
            infinite_pages_for_malicious=crawl.get('infinite_pages_for_malicious', True),
            max_pages_limit=crawl.get('max_pages_limit', 200),
            ban_duration_seconds=crawl.get('ban_duration_seconds', 60)
        )

def __get_env_from_config(config: str) -> str:
    
    env = config.upper().replace('.', '_').replace('-', '__').replace(' ', '_')
    
    return f'KRAWL_{env}'

def override_config_from_env(config: Config = None):
    """Initialize configuration from environment variables"""
    
    for field in config.__dataclass_fields__:
        
        env_var = __get_env_from_config(field)
        if env_var in os.environ:
            field_type = config.__dataclass_fields__[field].type
            env_value = os.environ[env_var]
            if field_type == int:
                setattr(config, field, int(env_value))
            elif field_type == float:
                setattr(config, field, float(env_value))
            elif field_type == Tuple[int, int]:
                parts = env_value.split(',')
                if len(parts) == 2:
                    setattr(config, field, (int(parts[0]), int(parts[1])))
            else:
                setattr(config, field, env_value)

_config_instance = None

def get_config() -> Config:
    """Get the singleton Config instance"""
    global _config_instance
    if _config_instance is None:
        _config_instance = Config.from_yaml()
    
        override_config_from_env(_config_instance)
    
    return _config_instance
First commit 2025-12-14 19:08:01 +01:00			`#!/usr/bin/env python3`

			`import os`
parametrized into config.yaml + bug fix 2026-01-04 22:20:10 +01:00			`import sys`
First commit 2025-12-14 19:08:01 +01:00			`from dataclasses import dataclass`
parametrized into config.yaml + bug fix 2026-01-04 22:20:10 +01:00			`from pathlib import Path`
First commit 2025-12-14 19:08:01 +01:00			`from typing import Optional, Tuple`
Added timezone env variable handling 2025-12-28 17:07:18 +01:00			`from zoneinfo import ZoneInfo`
			`import time`
First commit 2025-12-14 19:08:01 +01:00
parametrized into config.yaml + bug fix 2026-01-04 22:20:10 +01:00			`import yaml`

First commit 2025-12-14 19:08:01 +01:00
			`@dataclass`
			`class Config:`
			`"""Configuration class for the deception server"""`
			`port: int = 5000`
			`delay: int = 100 # milliseconds`
parametrized into config.yaml + bug fix 2026-01-04 22:20:10 +01:00			`server_header: str = ""`
First commit 2025-12-14 19:08:01 +01:00			`links_length_range: Tuple[int, int] = (5, 15)`
			`links_per_page_range: Tuple[int, int] = (10, 15)`
			`char_space: str = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789'`
			`max_counter: int = 10`
			`canary_token_url: Optional[str] = None`
			`canary_token_tries: int = 10`
			`dashboard_secret_path: str = None`
			`api_server_url: Optional[str] = None`
			`api_server_port: int = 8080`
			`api_server_path: str = "/api/v2/users"`
			`probability_error_codes: int = 0 # Percentage (0-100)`
parametrized into config.yaml + bug fix 2026-01-04 22:20:10 +01:00
added site depth limit mechanism (#48) * added site depth limit mechanism * modified max pages limit and ban duration seconds --------- Co-authored-by: Leonardo Bambini <lbambini@Leonardos-MacBook-Air.local> Co-authored-by: BlessedRebuS <patrick.difa@gmail.com> 2026-01-23 21:33:32 +01:00			`# Crawl limiting settings - for legitimate vs malicious crawlers`
			`max_pages_limit: int = 100 # Max pages limit for good crawlers and regular users (and bad crawlers/attackers if infinite_pages_for_malicious is False)`
			`infinite_pages_for_malicious: bool = True # Infinite pages for malicious crawlers`
			`ban_duration_seconds: int = 600 # Ban duration in seconds for IPs exceeding limits`

feat: add SQLite persistent storage for request logging - Add SQLAlchemy-based database layer for persistent storage - Create models for access_logs, credential_attempts, attack_detections, ip_stats - Include fields for future GeoIP and reputation enrichment - Implement sanitization utilities to protect against malicious payloads - Fix XSS vulnerability in dashboard template (HTML escape all user data) - Add DATABASE_PATH and DATABASE_RETENTION_DAYS config options - Dual storage: in-memory for dashboard performance + SQLite for persistence New files: - src/models.py - SQLAlchemy ORM models - src/database.py - DatabaseManager singleton - src/sanitizer.py - Input sanitization and HTML escaping - requirements.txt - SQLAlchemy dependency Security protections: - Parameterized queries via SQLAlchemy ORM - Field length limits to prevent storage exhaustion - Null byte and control character stripping - HTML escaping on dashboard output 2025-12-28 10:43:32 -06:00			`# Database settings`
			`database_path: str = "data/krawl.db"`
			`database_retention_days: int = 30`
parametrized into config.yaml + bug fix 2026-01-04 22:20:10 +01:00
			`# Analyzer settings`
			`http_risky_methods_threshold: float = None`
			`violated_robots_threshold: float = None`
			`uneven_request_timing_threshold: float = None`
			`uneven_request_timing_time_window_seconds: float = None`
			`user_agents_used_threshold: float = None`
			`attack_urls_threshold: float = None`

First commit 2025-12-14 19:08:01 +01:00			`@classmethod`
parametrized into config.yaml + bug fix 2026-01-04 22:20:10 +01:00			`def from_yaml(cls) -> 'Config':`
			`"""Create configuration from YAML file"""`
			`config_location = os.getenv('CONFIG_LOCATION', 'config.yaml')`
			`config_path = Path(__file__).parent.parent / config_location`

			`try:`
			`with open(config_path, 'r') as f:`
			`data = yaml.safe_load(f)`
			`except FileNotFoundError:`
			`print(f"Error: Configuration file '{config_path}' not found.", file=sys.stderr)`
			`print(f"Please create a config.yaml file or set CONFIG_LOCATION environment variable.", file=sys.stderr)`
			`sys.exit(1)`
			`except yaml.YAMLError as e:`
			`print(f"Error: Invalid YAML in configuration file '{config_path}': {e}", file=sys.stderr)`
			`sys.exit(1)`

			`if data is None:`
			`data = {}`

			`# Extract nested values with defaults`
			`server = data.get('server', {})`
			`links = data.get('links', {})`
			`canary = data.get('canary', {})`
			`dashboard = data.get('dashboard', {})`
			`api = data.get('api', {})`
			`database = data.get('database', {})`
			`behavior = data.get('behavior', {})`
modified default analyzer values 2026-01-05 10:01:51 +01:00			`analyzer = data.get('analyzer') or {}`
added site depth limit mechanism (#48) * added site depth limit mechanism * modified max pages limit and ban duration seconds --------- Co-authored-by: Leonardo Bambini <lbambini@Leonardos-MacBook-Air.local> Co-authored-by: BlessedRebuS <patrick.difa@gmail.com> 2026-01-23 21:33:32 +01:00			`crawl = data.get('crawl', {})`
parametrized into config.yaml + bug fix 2026-01-04 22:20:10 +01:00
			`# Handle dashboard_secret_path - auto-generate if null/not set`
			`dashboard_path = dashboard.get('secret_path')`
			`if dashboard_path is None:`
			`dashboard_path = f'/{os.urandom(16).hex()}'`
			`else:`
			`# ensure the dashboard path starts with a /`
			`if dashboard_path[:1] != "/":`
			`dashboard_path = f"/{dashboard_path}"`
feat:removed manual timezone management, delegate timezone configuration to execution environment removed code that manages timezone setup from config file, krawl now obeys to the environment configuration 2026-01-17 18:06:09 +01:00
First commit 2025-12-14 19:08:01 +01:00			`return cls(`
parametrized into config.yaml + bug fix 2026-01-04 22:20:10 +01:00			`port=server.get('port', 5000),`
			`delay=server.get('delay', 100),`
			`server_header=server.get('server_header',""),`
First commit 2025-12-14 19:08:01 +01:00			`links_length_range=(`
parametrized into config.yaml + bug fix 2026-01-04 22:20:10 +01:00			`links.get('min_length', 5),`
			`links.get('max_length', 15)`
First commit 2025-12-14 19:08:01 +01:00			`),`
			`links_per_page_range=(`
parametrized into config.yaml + bug fix 2026-01-04 22:20:10 +01:00			`links.get('min_per_page', 10),`
			`links.get('max_per_page', 15)`
First commit 2025-12-14 19:08:01 +01:00			`),`
parametrized into config.yaml + bug fix 2026-01-04 22:20:10 +01:00			`char_space=links.get('char_space', 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789'),`
			`max_counter=links.get('max_counter', 10),`
			`canary_token_url=canary.get('token_url'),`
			`canary_token_tries=canary.get('token_tries', 10),`
			`dashboard_secret_path=dashboard_path,`
			`api_server_url=api.get('server_url'),`
			`api_server_port=api.get('server_port', 8080),`
			`api_server_path=api.get('server_path', '/api/v2/users'),`
			`probability_error_codes=behavior.get('probability_error_codes', 0),`
			`database_path=database.get('path', 'data/krawl.db'),`
			`database_retention_days=database.get('retention_days', 30),`
			`http_risky_methods_threshold=analyzer.get('http_risky_methods_threshold', 0.1),`
			`violated_robots_threshold=analyzer.get('violated_robots_threshold', 0.1),`
feat:removed manual timezone management, delegate timezone configuration to execution environment removed code that manages timezone setup from config file, krawl now obeys to the environment configuration 2026-01-17 18:06:09 +01:00			`uneven_request_timing_threshold=analyzer.get('uneven_request_timing_threshold', 0.5), # coefficient of variation`
parametrized into config.yaml + bug fix 2026-01-04 22:20:10 +01:00			`uneven_request_timing_time_window_seconds=analyzer.get('uneven_request_timing_time_window_seconds', 300),`
modified default analyzer values 2026-01-05 10:01:51 +01:00			`user_agents_used_threshold=analyzer.get('user_agents_used_threshold', 2),`
added site depth limit mechanism (#48) * added site depth limit mechanism * modified max pages limit and ban duration seconds --------- Co-authored-by: Leonardo Bambini <lbambini@Leonardos-MacBook-Air.local> Co-authored-by: BlessedRebuS <patrick.difa@gmail.com> 2026-01-23 21:33:32 +01:00			`attack_urls_threshold=analyzer.get('attack_urls_threshold', 1),`
			`infinite_pages_for_malicious=crawl.get('infinite_pages_for_malicious', True),`
			`max_pages_limit=crawl.get('max_pages_limit', 200),`
			`ban_duration_seconds=crawl.get('ban_duration_seconds', 60)`
First commit 2025-12-14 19:08:01 +01:00			`)`
parametrized into config.yaml + bug fix 2026-01-04 22:20:10 +01:00
Configuration override from environment variable (#47) * Add environment variable override for config fields Introduces functions to override configuration fields from environment variables, allowing dynamic configuration without modifying YAML files. The environment variable names are generated from field names, and type conversion is handled for int, float, and tuple fields. * update chart version to 0.1.4 * Update README.md to enhance environment variable configuration details and improve overall clarity 2026-01-23 17:34:23 +01:00			`def __get_env_from_config(config: str) -> str:`

			`env = config.upper().replace('.', '_').replace('-', '__').replace(' ', '_')`

			`return f'KRAWL_{env}'`

			`def override_config_from_env(config: Config = None):`
			`"""Initialize configuration from environment variables"""`

			`for field in config.__dataclass_fields__:`

			`env_var = __get_env_from_config(field)`
			`if env_var in os.environ:`
			`field_type = config.__dataclass_fields__[field].type`
			`env_value = os.environ[env_var]`
			`if field_type == int:`
			`setattr(config, field, int(env_value))`
			`elif field_type == float:`
			`setattr(config, field, float(env_value))`
			`elif field_type == Tuple[int, int]:`
			`parts = env_value.split(',')`
			`if len(parts) == 2:`
			`setattr(config, field, (int(parts[0]), int(parts[1])))`
			`else:`
			`setattr(config, field, env_value)`
parametrized into config.yaml + bug fix 2026-01-04 22:20:10 +01:00
			`_config_instance = None`

			`def get_config() -> Config:`
			`"""Get the singleton Config instance"""`
			`global _config_instance`
			`if _config_instance is None:`
			`_config_instance = Config.from_yaml()`
Configuration override from environment variable (#47) * Add environment variable override for config fields Introduces functions to override configuration fields from environment variables, allowing dynamic configuration without modifying YAML files. The environment variable names are generated from field names, and type conversion is handled for int, float, and tuple fields. * update chart version to 0.1.4 * Update README.md to enhance environment variable configuration details and improve overall clarity 2026-01-23 17:34:23 +01:00
			`override_config_from_env(_config_instance)`

			`return _config_instance`