feat: Universal Linux build + redesigned ostp-guard

- Build static musl binaries (work on any Linux distro) - Redesign ostp-guard with weighted scoring system (threshold: 4 points) - HIGH (2pts): Analysis tools (gdb/ida/ghidra), sandbox artifacts - MEDIUM (1pt): Low resources (<1GB RAM), suspicious env vars - Production VPS safe (1-2 points), sandbox blocked (4+ points) - Anti-debug: Windows (IsDebuggerPresent), Linux (/proc/self/status) - Deployment packages for Linux + Windows with SHA256 checksums
2026-01-02 01:38:30 +03:00
parent 5879344336
commit 7ed4217987
23 changed files with 1045 additions and 432 deletions
--- a/dist/linux-amd64/install.sh
+++ b/dist/linux-amd64/install.sh
@@ -0,0 +1,107 @@
+#!/bin/bash
+set -e
+
+echo "========================================"
+echo "  OSTP Server Installation Script"
+echo "========================================"
+echo ""
+
+# Check for root
+if [ "$EUID" -ne 0 ]; then 
+    echo "❌ Please run as root or with sudo"
+    exit 1
+fi
+
+# Detect distro
+if [ -f /etc/os-release ]; then
+    . /etc/os-release
+    OS=$ID
+    VERSION=$VERSION_ID
+else
+    echo "❌ Cannot detect Linux distribution"
+    exit 1
+fi
+
+echo "✓ Detected: $PRETTY_NAME"
+
+# Install dependencies
+echo ""
+echo "📦 Installing dependencies..."
+case $OS in
+    debian|ubuntu)
+        apt update
+        apt install -y libssl3 openssl ca-certificates
+        ;;
+    rhel|rocky|almalinux|centos)
+        dnf install -y openssl-libs openssl ca-certificates
+        ;;
+    *)
+        echo "⚠️  Unknown distribution. Please install libssl3 manually."
+        ;;
+esac
+
+# Create directories
+echo ""
+echo "📁 Creating directories..."
+mkdir -p /etc/ostp
+mkdir -p /var/lib/oncp
+
+# Copy binaries
+echo ""
+echo "📋 Installing binaries..."
+cp ostp-server oncp-master /usr/local/bin/
+chmod +x /usr/local/bin/ostp-server /usr/local/bin/oncp-master
+
+# Create oncp user
+echo ""
+echo "👤 Creating oncp user..."
+if ! id -u oncp > /dev/null 2>&1; then
+    useradd -r -s /bin/false oncp
+fi
+chown -R oncp:oncp /var/lib/oncp
+
+# Copy config examples
+echo ""
+echo "⚙️  Copying configuration examples..."
+if [ ! -f /etc/ostp/server.json ]; then
+    cp server.json.example /etc/ostp/server.json
+    echo "   Created /etc/ostp/server.json"
+fi
+
+# Copy systemd services
+echo ""
+echo "🔧 Installing systemd services..."
+cp ostp-server.service /etc/systemd/system/
+cp oncp-master.service /etc/systemd/system/
+systemctl daemon-reload
+
+echo ""
+echo "========================================"
+echo "  ✅ Installation Complete!"
+echo "========================================"
+echo ""
+echo "📝 Next steps:"
+echo ""
+echo "1. Generate PSK:"
+echo "   ostp-server gen-key"
+echo ""
+echo "2. Edit config:"
+echo "   nano /etc/ostp/server.json"
+echo "   (Replace PSK with generated key)"
+echo ""
+echo "3. Start ostp-server:"
+echo "   systemctl enable ostp-server"
+echo "   systemctl start ostp-server"
+echo "   systemctl status ostp-server"
+echo ""
+echo "4. (Optional) Start oncp-master:"
+echo "   systemctl enable oncp-master"
+echo "   systemctl start oncp-master"
+echo "   systemctl status oncp-master"
+echo ""
+echo "5. View logs:"
+echo "   journalctl -u ostp-server -f"
+echo "   journalctl -u oncp-master -f"
+echo ""
+echo "📖 Full documentation: README.md"
+echo ""