diff --git a/ROADMAP.md b/ROADMAP.md index 592ed15..355cd3f 100644 --- a/ROADMAP.md +++ b/ROADMAP.md @@ -64,14 +64,15 @@ - [x] Channel management commands (kick, ban, unban, topic, mode) - [x] Plugin state persistence (SQLite key-value store) -## v1.1.0 -- Hardening + Wave 5 Plugins +## v1.1.0 -- Hardening + Wave 5 Plugins (done) - [x] Message truncation for IRC 512-byte limit - [x] Configurable reconnect backoff (exponential) - [x] Bot orchestrator + config merge tests - [x] `wayback` plugin (Wayback Machine snapshot lookup) - [x] `dork` plugin (Google dork query builder) -- [ ] Per-channel plugin enable/disable +- [x] Per-channel plugin enable/disable +- [x] Structured logging (JSON output option) - [ ] Integration tests with mock IRC server - [ ] `username` plugin (cross-platform username enumeration) @@ -79,6 +80,5 @@ - [ ] Multi-server support (per-server config, shared plugins) - [ ] Stable plugin API (versioned, breaking change policy) -- [ ] Structured logging (JSON output option) - [ ] `emailcheck` plugin (SMTP VRFY/RCPT TO) - [ ] `canary` plugin (canary token generator/tracker) diff --git a/TASKS.md b/TASKS.md index 2355b05..2201d32 100644 --- a/TASKS.md +++ b/TASKS.md @@ -10,13 +10,15 @@ | P1 | [x] | `wayback` plugin (Wayback Machine snapshot lookup) | | P1 | [x] | Config merge/load/resolve unit tests | | P1 | [x] | Bot API + format_msg + split_utf8 tests | +| P1 | [x] | Per-channel plugin enable/disable | +| P1 | [x] | Structured JSON logging | | P1 | [x] | Documentation update | ## Completed | Date | Task | |------|------| -| 2026-02-15 | v1.1.0 (truncation, backoff, dork, wayback, tests) | +| 2026-02-15 | v1.1.0 (channel filter, JSON logging, dork, wayback, tests) | | 2026-02-15 | v1.0.0 (IRCv3, chanmgmt, state persistence) | | 2026-02-15 | Wave 4 (opslog, note, subdomain, headers, exploitdb, payload) | | 2026-02-15 | Wave 3 plugins (geoip, asn, torcheck, iprep, cve) + update script | diff --git a/config/derp.toml.example b/config/derp.toml.example index 070d9b6..4ad2b34 100644 --- a/config/derp.toml.example +++ b/config/derp.toml.example @@ -23,3 +23,15 @@ plugins_dir = "plugins" [logging] level = "info" +# format = "json" # Log format: "text" (default) or "json" (JSONL) + +# -- Per-Channel Plugin Control -- +# Channels without a section run all plugins. +# Channels with a `plugins` list only run those plugins. +# The `core` plugin is always active regardless of config. + +# [channels."#public"] +# plugins = ["core", "dns", "cidr", "encode"] + +# [channels."#ops"] +# plugins = ["core", "revshell", "payload", "exploitdb", "opslog"] diff --git a/docs/CHEATSHEET.md b/docs/CHEATSHEET.md index 457e136..ebdb77a 100644 --- a/docs/CHEATSHEET.md +++ b/docs/CHEATSHEET.md @@ -31,6 +31,25 @@ rate_limit = 2.0 # Messages per second rate_burst = 5 # Burst capacity ``` +## Per-Channel Plugin Control + +```toml +# Only allow specific plugins in a channel +[channels."#public"] +plugins = ["core", "dns", "cidr", "encode"] + +# Omit section entirely to allow all plugins +``` + +`core` always active. PMs unrestricted. Denied commands silently ignored. + +## Structured Logging + +```toml +[logging] +format = "json" # JSONL output (default: "text") +``` + ## Container ```bash diff --git a/docs/USAGE.md b/docs/USAGE.md index 74d2d1f..e9984a7 100644 --- a/docs/USAGE.md +++ b/docs/USAGE.md @@ -53,6 +53,7 @@ admins = [] # Hostmask patterns (fnmatch), IRCOPs auto-detecte [logging] level = "info" # Logging level: debug, info, warning, error +format = "text" # Log format: "text" (default) or "json" ``` ## Built-in Commands @@ -147,6 +148,49 @@ broken.test -- error: timeout - crt.sh can be slow; the bot confirms receipt before querying - Live cert check runs only when expired CT entries exist +## Per-Channel Plugin Control + +Restrict which plugins are active in specific channels. Channels without +a `[channels.""]` section run all plugins. Channels with a `plugins` +list only run those plugins. The `core` plugin is always active (exempt +from filtering). Private messages are always unrestricted. + +```toml +[channels."#public"] +plugins = ["core", "dns", "cidr", "encode"] + +[channels."#ops"] +plugins = ["core", "revshell", "payload", "exploitdb", "opslog"] + +# #unrestricted -- no section, runs everything +``` + +When a command is denied by channel config, it is silently ignored (no +error message). Event handlers from denied plugins are also skipped. + +## Structured Logging (JSON) + +Set `format = "json"` in `[logging]` to emit one JSON object per log line +(JSONL), suitable for log aggregation tools. + +```toml +[logging] +level = "info" +format = "json" +``` + +Each line contains: + +| Field | Description | +|-------|-------------| +| `ts` | Timestamp (`YYYY-MM-DDTHH:MM:SS`) | +| `level` | Log level (`debug`, `info`, `warning`, `error`) | +| `logger` | Logger name (`derp.bot`, `derp.plugin`, etc.) | +| `msg` | Log message text | +| `exc` | Exception traceback (only present on errors) | + +Default format is `"text"` (human-readable, same as before). + ## Admin System Commands marked as `admin` require elevated permissions. Admin access is