ECSC2022

ECSC2022 · Nov 3, 2022 · ef3af01 · ef3af01
1 parent ce56a10
commit ef3af01
Show file tree

Hide file tree

Showing 37 changed files with 1,125 additions and 323 deletions.
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
diff --git a/.gitmodules b/.gitmodules
@@ -0,0 +1,3 @@
+[submodule "saarctf-gameserver"]
+	path = saarctf-gameserver
+	url = https://github.com/ECSC2022/saarctf-gameserver.git
diff --git a/Dockerfile b/Dockerfile
@@ -0,0 +1,49 @@
+FROM python:3.8 as gameserver-base
+RUN apt-get update && apt-get install -y libmemcached-dev libsystemd-dev postgresql-client && rm -rf /var/lib/apt/lists/*
+ADD src /opt/ctf-gameserver/src/
+ADD scripts /opt/ctf-gameserver/scripts/
+ADD setup.py Makefile /opt/ctf-gameserver/
+RUN cd /opt/ctf-gameserver && make ext
+RUN mkdir -p /etc/ctf-gameserver
+RUN pip install /opt/ctf-gameserver[prod]
+
+FROM gameserver-base as web
+RUN pip install uwsgi
+RUN mkdir /uploads && chmod -R 777 /uploads
+ADD conf/web/prod_settings.py /etc/ctf-gameserver/web/
+ADD doc/controller/scoring.sql /scoring.sql
+ADD doc/controller/scoreboard_v2.sql /scoreboard_v2.sql
+ENV CTF_IPPATTERN=10.10.%s.1
+EXPOSE 5000
+CMD uwsgi --http-socket 0.0.0.0:5000 --module ctf_gameserver.web.wsgi \
+        --python-path=/etc/ctf-gameserver/web \
+        --env "CTF_IPPATTERN=${CTF_IPPATTERN}" \
+        --env "DJANGO_SETTINGS_MODULE=prod_settings" \
+        --static-map '/static/admin=/usr/local/lib/python3.8/site-packages/django/contrib/admin/static/admin' \
+        --static-map '/static=/usr/local/lib/python3.8/site-packages/ctf_gameserver/web/static'
+
+FROM web as web-init
+RUN pip install ansible passlib
+COPY ./init/docker-init.sh /bin/
+COPY ./init/ansible /ansible/
+CMD /bin/docker-init.sh
+
+FROM gameserver-base as submission
+RUN useradd -m -U -s /bin/bash ctf-submission
+USER ctf-submission
+ENTRYPOINT [ "ctf-submission" ]
+
+FROM gameserver-base as controller
+RUN useradd -m -U -s /bin/bash ctf-controller
+USER ctf-controller
+ENTRYPOINT [ "ctf-controller" ]
+
+FROM gameserver-base as checkerbase
+RUN apt-get update && apt-get install -y sudo && rm -rf /var/lib/apt/lists/*
+RUN useradd -m -U -s /bin/bash ctf-checkermaster
+RUN useradd -m -U -s /bin/bash ctf-checkerrunner
+ADD examples/checker/sudoers.d/ctf-checker /etc/sudoers.d/
+ADD scripts/checker/docker-entrypoint.sh /sbin/
+#USER ctf-checkermaster # do this downstream checkers
+ENV CTF_SUDOUSER ctf-checkerrunner
+ENTRYPOINT [ "/sbin/docker-entrypoint.sh" ]
diff --git a/README.md b/README.md
@@ -1,4 +1,26 @@
-CTF Gameserver
+CTF Gameserver (ECSC 2022 Version)
+==============
+
+This repo contains the FAUST framework with adaptations for the European Cyber Security Challenge 2022. The main changes are:
+
+- Added support for multiple flagstores per challenge via ServiceGroups
+    - Separate checker for each flagstore, Flags and SLA status is evaluated for each flagstore
+    - Points are aggregated by ServiceGroup
+    - Attack and Defense Points are calculated according to the original FaustCTF formula
+    - SLA points depend on other services of the same ServiceGroup:
+        - ServiceGroups with all services up give SLA points according to the original FaustCTF formula
+        - ServiceGroups with at least one service recovering give 50% of regular SLA points
+        - ServiceGroups with at least one service down/faulty/not checked give SLA 0 points
+- Added checker status messages, telling participants what went wrong
+- Improved integration with the Saarctf scoreboard:
+    - Added ability to freeze the scoreboard
+    - Displaying of team IP addresses
+    - Displaying of service status messages
+    - First blood is displayed per flagstore
+- Added checker logging via Loki
+- ECSC-specific theme changes
+
+Original README
 ==============
 
 This is a gameserver for [attack-defense (IT security) CTFs](https://ctftime.org/ctf-wtf/). It was originally

diff --git a/conf/web/prod_settings.py b/conf/web/prod_settings.py
@@ -30,11 +30,11 @@
 DATABASES = {
     'default': {
         'ENGINE': 'django.db.backends.postgresql',
-        'HOST': '',
-        'PORT': '',
-        'NAME': '',
-        'USER': '',
-        'PASSWORD': '',
+        'HOST': 'gameserver-postgres',
+        'PORT': 5432,
+        'NAME': 'ctf-gameserver',
+        'USER': 'ctf-gameserver',
+        'PASSWORD': '9iyzXY6pMYzRvXZi',
         'CONN_MAX_AGE': 60
     }
 }
@@ -44,42 +44,44 @@
 CACHES = {
     'default': {
         'BACKEND': 'django.core.cache.backends.memcached.PyLibMCCache',
-        'LOCATION': '',
+        'LOCATION': 'gameserver-memcached:11211',
         'TIMEOUT': 60
     }
 }
 
 # Settings for the SMTP server that will be used to send email messages
 # See https://docs.djangoproject.com/en/1.8/ref/settings/#email-host and other options
-EMAIL_HOST = ''
-EMAIL_PORT = 25
-EMAIL_HOST_USER = ''
-EMAIL_HOST_PASSWORD = ''
-# See https://docs.djangoproject.com/en/1.8/ref/settings/#email-use-tls
-EMAIL_USE_TLS = False
-EMAIL_USE_SSL = False
-
-# Sender address for messages sent by the gameserver
-DEFAULT_FROM_EMAIL = ''
+# EMAIL_HOST = ''
+# EMAIL_PORT = 25
+# EMAIL_HOST_USER = ''
+# EMAIL_HOST_PASSWORD = ''
+# # See https://docs.djangoproject.com/en/1.8/ref/settings/#email-use-tls
+# EMAIL_USE_TLS = False
+# EMAIL_USE_SSL = False
+
+# # Sender address for messages sent by the gameserver
+# DEFAULT_FROM_EMAIL = ''
+EMAIL_BACKEND = 'django.core.mail.backends.console.EmailBackend'
+DEFAULT_FROM_EMAIL = 'ctf-gameserver.web@localhost'
 
 # Filesystem path where user-uploaded files are stored
 # This directory must be served by the web server under the path defined by MEDIA_URL in 'base_settings.py'
 # ("/uploads" by default)
-MEDIA_ROOT = ''
+MEDIA_ROOT = '/uploads'
 
 # The backend used to store user sessions
 SESSION_ENGINE = 'django.contrib.sessions.backends.cached_db'
 
 # A long, random string, which you are supposed to keep secret
-SECRET_KEY = ''
+SECRET_KEY = '4HqT2rlhn4efX7jZ2d8MkCBzgRLO0t33udFoqi5YEt72VeHhBv3pTI6pUIGsCPZP'
 
 # Insert all hostnames your site is available under
 # See https://docs.djangoproject.com/en/1.8/ref/settings/#allowed-hosts
-ALLOWED_HOSTS = []
+ALLOWED_HOSTS = ['*']
 
 # The name of the time zone (i.e. something like "Europe/Berlin") in which dates should be displayed
 # See https://en.wikipedia.org/wiki/List_of_tz_database_time_zones for a list of valid options
-TIME_ZONE = ''
+TIME_ZONE = 'Europe/Vienna'
 
 # First day of the week: 0 means Sunday, 1 means Monday and so on
 FIRST_DAY_OF_WEEK = 1
@@ -91,23 +93,23 @@
 
 # You should not have to edit anything below this line
 
-# Set up logging to syslog
-LOGGING = {
-    'version': 1,
-    'disable_existing_loggers': False,
-    'handlers': {
-        'syslog': {
-            'class': 'logging.handlers.SysLogHandler',
-            'address': '/dev/log'
-        }
-    },
-    'loggers': {
-        'django': {
-            'handlers': ['syslog'],
-            'level': 'WARNING'
-        }
-    }
-}
+# # Set up logging to syslog
+# LOGGING = {
+#     'version': 1,
+#     'disable_existing_loggers': False,
+#     'handlers': {
+#         'syslog': {
+#             'class': 'logging.handlers.SysLogHandler',
+#             'address': '/dev/log'
+#         }
+#     },
+#     'loggers': {
+#         'django': {
+#             'handlers': ['syslog'],
+#             'level': 'WARNING'
+#         }
+#     }
+# }
 
 DEBUG = False