Add support for TLS servers

.github/workflows/build.yml

@@ -14,12 +14,12 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Set up Go
-        uses: actions/setup-go@v3.2.0
+        uses: actions/setup-go@v4.0.0
         with:
           go-version: 1.17.8
         id: go
       - name: Check out code into the Go module directory
-        uses: actions/checkout@v3.0.0
+        uses: actions/checkout@v3.5.2
 
       - name: Get dependencies
         run: |

.github/workflows/client.yml

@@ -15,7 +15,7 @@ jobs:
       matrix:
         node-version: [15.11.x]
     steps:
-    - uses: actions/checkout@v3.0.0
+    - uses: actions/checkout@v3.5.2
     - name: Use Node.js ${{ matrix.node-version }}
       uses: actions/setup-node@v3.6.0
       with:

.github/workflows/codeql-analysis.yml

@@ -19,7 +19,7 @@ jobs:
 
     steps:
     - name: Checkout repository
-      uses: actions/checkout@v3.0.0
+      uses: actions/checkout@v3.5.2
 
     # Initializes the CodeQL tools for scanning.
     - name: Initialize CodeQL

.github/workflows/dockerimage-next.yml

@@ -10,7 +10,7 @@ jobs:
     runs-on: ubuntu-latest
     if: contains(toJson(github.event.commits), '[action]') == false
     steps:
-      - uses: actions/checkout@v3.0.0
+      - uses: actions/checkout@v3.5.2
         with:
           fetch-depth: 0
 
@@ -21,7 +21,7 @@ jobs:
         uses: docker/setup-buildx-action@v2
 
       - name: Login to DockerHub
-        uses: docker/login-action@v1.14.1 
+        uses: docker/login-action@v2.1.0 
         with:
           username: ${{ secrets.DOCKER_USERNAME }}
           password: ${{ secrets.DOCKER_PASSWORD }}

.github/workflows/homebrew.yml

@@ -0,0 +1,13 @@
+name: Homebrew Bump Formula
+on:
+  release:
+    types: [published]
+  workflow_dispatch:
+jobs:
+  homebrew:
+    runs-on: macos-latest
+    steps:
+      - uses: dawidd6/action-homebrew-bump-formula@v3
+        with:
+          token: ${{ secrets.HOMEBREW_GITHUB_API_TOKEN }}
+          formula: phoneinfoga

.github/workflows/release.yml

@@ -10,7 +10,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout
-        uses: actions/checkout@v3.0.0
+        uses: actions/checkout@v3.5.2
 
       - name: Unshallow
         run: git fetch --prune --unshallow
@@ -21,7 +21,7 @@ jobs:
           node-version: 15.11.x
 
       - name: Set up Go
-        uses: actions/setup-go@v3.2.0
+        uses: actions/setup-go@v4.0.0
         with:
           go-version: 1.17.8
 
@@ -32,7 +32,7 @@ jobs:
         run: make install-tools
 
       - name: Run GoReleaser
-        uses: goreleaser/goreleaser-action@v4.1.1
+        uses: goreleaser/goreleaser-action@v4.2.0
         with:
           version: v1.10.2
           args: release --rm-dist
@@ -42,15 +42,15 @@ jobs:
     runs-on: ubuntu-latest
     if: contains(toJson(github.event.commits), '[action]') == false
     steps:
-      - uses: actions/checkout@v3.0.0
+      - uses: actions/checkout@v3.5.2
         with:
           fetch-depth: 0
       - name: Set up QEMU
         uses: docker/setup-qemu-action@v2
       - name: Set up Docker Buildx
         uses: docker/setup-buildx-action@v2
       - name: Login to DockerHub
-        uses: docker/login-action@v1.14.1
+        uses: docker/login-action@v2.1.0
         with:
           username: ${{ secrets.DOCKER_USERNAME }}
           password: ${{ secrets.DOCKER_PASSWORD }}
@@ -66,9 +66,9 @@ jobs:
   publish-docs:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v3.0.0
+      - uses: actions/checkout@v3.5.2
       - name: Set up Python 3.8
-        uses: actions/setup-python@v4.3.1
+        uses: actions/setup-python@v4.6.0
         with:
           python-version: 3.8
 

Makefile

@@ -19,6 +19,14 @@ GIT_COMMIT=$(shell git rev-parse --short HEAD)
 .PHONY: all
 all: fmt lint test build go.mod
 
+# Build static assets
+# This will create dist directory containing client's static files
+.PHONY: static 
+static:
+	cd web/client 
+	yarn 
+	yarn build
+
 .PHONY: build
 build:
 	go generate ./...
@@ -48,14 +56,14 @@ clean:
 
 .PHONY: lint
 lint:
-	@which golangci-lint > /dev/null 2>&1 || (curl -sSfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | bash -s -- -b $(GOBINPATH) v1.46.2)
-	golangci-lint run -v --timeout=10m
+	golangci-lint run -v --timeout=2m
 
 .PHONY: install-tools
 install-tools:
 	$(GOINSTALL) gotest.tools/gotestsum@v1.6.3
 	$(GOINSTALL) github.com/vektra/mockery/v2@v2.8.0
 	$(GOINSTALL) github.com/swaggo/swag/cmd/swag@v1.7.0
+	@which golangci-lint > /dev/null 2>&1 || (curl -sSfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | bash -s -- -b $(GOBINPATH) v1.46.2)
 
 go.mod: FORCE
 	$(GOMOD) tidy

README.md

@@ -28,21 +28,18 @@
 <p align="center">
   <a href="https://sundowndev.github.io/phoneinfoga/">Documentation</a> •
   <a href="https://petstore.swagger.io/?url=https://raw.githubusercontent.com/sundowndev/phoneinfoga/master/web/docs/swagger.yaml">API documentation</a> •
-  <a href="https://demo.phoneinfoga.crvx.fr/">Demo instance</a> •
   <a href="https://medium.com/@SundownDEV/phone-number-scanning-osint-recon-tool-6ad8f0cac27b">Related blog post</a>
 </p>
 
 ## About
 
 PhoneInfoga is one of the most advanced tools to scan international phone numbers. It allows you to first gather basic information such as country, area, carrier and line type, then use various techniques to try to find the VoIP provider or identify the owner. It works with a collection of scanners that must be configured in order for the tool to be effective. PhoneInfoga doesn't automate everything, it's just there to help investigating on phone numbers.
 
-![web client screenshot](./docs/images/screenshot.png)
-
 ## Current status
 
 This project is stable and production-ready.
 
-**About demo instance**: This is a test service. Kittens will die if you abuse it.
+You can try out the web client or REST API on the <a href="https://demo.phoneinfoga.crvx.fr/">demo instance</a>. **This is a test service**. Kittens will die if you abuse it. Most of scanners are not configured so you won't get relevant results.
 
 ## Features
 

cmd/root.go

@@ -23,6 +23,6 @@ func Execute() {
 }
 
 func exitWithError(err error) {
-	fmt.Println(color.RedString(err.Error()))
+	fmt.Fprintf(color.Error, "%s\n", color.RedString(err.Error()))
 	os.Exit(1)
 }

cmd/scan.go

@@ -11,7 +11,6 @@ import (
 	"github.com/sundowndev/phoneinfoga/v2/lib/number"
 	"github.com/sundowndev/phoneinfoga/v2/lib/output"
 	"github.com/sundowndev/phoneinfoga/v2/lib/remote"
-	"os"
 )
 
 type ScanCmdOptions struct {
@@ -53,7 +52,7 @@ func NewScanCmd(opts *ScanCmdOptions) *cobra.Command {
 }
 
 func runScan(opts *ScanCmdOptions) {
-	fmt.Printf(color.WhiteString("Running scan for phone number %s...\n\n"), opts.Number)
+	fmt.Fprintf(color.Output, color.WhiteString("Running scan for phone number %s...\n\n"), opts.Number)
 
 	if valid := number.IsValid(opts.Number); !valid {
 		logrus.WithFields(map[string]interface{}{
@@ -83,7 +82,7 @@ func runScan(opts *ScanCmdOptions) {
 
 	result, errs := remoteLibrary.Scan(num)
 
-	err = output.GetOutput(output.Console, os.Stdout).Write(result, errs)
+	err = output.GetOutput(output.Console, color.Output).Write(result, errs)
 	if err != nil {
 		exitWithError(err)
 	}

cmd/serve.go

@@ -2,6 +2,10 @@ package cmd
 
 import (
 	"fmt"
+	"log"
+	"net/http"
+	"os"
+
 	"github.com/gin-gonic/gin"
 	"github.com/joho/godotenv"
 	"github.com/sirupsen/logrus"
@@ -11,14 +15,14 @@ import (
 	"github.com/sundowndev/phoneinfoga/v2/lib/remote"
 	"github.com/sundowndev/phoneinfoga/v2/web"
 	"github.com/sundowndev/phoneinfoga/v2/web/v2/api/handlers"
-	"log"
-	"net/http"
-	"os"
 )
 
 type ServeCmdOptions struct {
 	HttpPort         int
 	DisableClient    bool
+	Domain           string
+	KeyfilePath      string
+	CertfilePath     string
 	DisabledScanners []string
 	PluginPaths      []string
 	EnvFiles         []string
@@ -33,11 +37,19 @@ func init() {
 	// Register flags
 	cmd.PersistentFlags().IntVarP(&opts.HttpPort, "port", "p", 5000, "HTTP port")
 	cmd.PersistentFlags().BoolVar(&opts.DisableClient, "no-client", false, "Disable web client (REST API only)")
+	cmd.PersistentFlags().StringVar(&opts.Domain, "domain", "", "Use a specific domain to host (with tls).")
+	cmd.PersistentFlags().StringVar(&opts.CertfilePath, "cert", "", "Path to certfile (will use default letsencrypt path for domain if none provided).")
+	cmd.PersistentFlags().StringVar(&opts.KeyfilePath, "key", "", "Path to keyfile (will use default letsencrypt path for domain if none provided).")
 	cmd.PersistentFlags().StringArrayVarP(&opts.DisabledScanners, "disable", "D", []string{}, "Scanner to skip for the scans")
 	cmd.PersistentFlags().StringArrayVar(&opts.PluginPaths, "plugin", []string{}, "Extra scanner plugin to use for the scans")
 	cmd.PersistentFlags().StringSliceVar(&opts.EnvFiles, "env-file", []string{}, "Env files to parse environment variables from (looks for .env by default)")
 }
 
+func fmtLetsEncrypt(sitename string) (string, string) {
+	return fmt.Sprintf("/etc/letsencrypt/live/%s/fullchain.pem", sitename),
+		fmt.Sprintf("/etc/letsencrypt/live/%s/privkey.pem", sitename)
+}
+
 func NewServeCmd(opts *ServeCmdOptions) *cobra.Command {
 	return &cobra.Command{
 		Use:   "serve",
@@ -70,6 +82,15 @@ func NewServeCmd(opts *ServeCmdOptions) *cobra.Command {
 				log.Fatal(err)
 			}
 
+			if len(opts.Domain) != 0 {
+				if len(opts.CertfilePath) == 0 || len(opts.KeyfilePath) == 0 {
+					opts.CertfilePath, opts.KeyfilePath = fmtLetsEncrypt(opts.Domain)
+				}
+				if err := srv.ListenAndServeTLS(opts.Domain+":443", opts.CertfilePath, opts.KeyfilePath); err != nil && err != http.ErrServerClosed {
+					log.Fatalf("listen: %s\n", err)
+				}
+			}
+
 			addr := fmt.Sprintf(":%d", opts.HttpPort)
 			fmt.Printf("Listening on %s\n", addr)
 			if err := srv.ListenAndServe(addr); err != nil && err != http.ErrServerClosed {

docs/contribute.md

@@ -13,26 +13,25 @@ This page describe the project structure and gives you a bit of context to start
 
 **Requirements :**
 
-- Node.js >= v10.x
+- Nodejs >= v15
 - npm or yarn
 - Go >= 1.16
-- [swag](https://github.com/swaggo/swag)
 
 **Note:** if you're using npm, just replace `yarn <command>` by `npm run <command>`.
 
 ```shell
+# Install tools needed to build, creating mocks or running tests
+$ make install-tools
+
 # Build static assets
 # This will create dist directory containing client's static files
 $ (cd web/client && yarn && yarn build)
 
-# Generate in-memory assets
-# This will put content of dist directory in memory. It's usually needed to build but
-# the design requires you to do it anyway.
+# Generate in-memory assets, then build the project.
+# This will put content of dist directory in a single binary file.
+# It's needed to build but the design requires you to do it anyway.
 # This step is needed at each change if you're developing on the client.
-$ go generate ./...
-
-# Build the whole project
-$ go build -v .
+$ make build
 ```
 
 If you're developing, you don't need to build at each changes, you can compile then run with the `go run` command :

docs/getting-started/install.md

@@ -13,13 +13,14 @@ Follow the instructions :
 
 You can also do it from the terminal (UNIX systems only) :
 
-1. Download latest release in the current directory
+1. Download the latest release in the current directory
 
 ```
-curl -sSL https://raw.githubusercontent.com/sundowndev/phoneinfoga/master/support/scripts/install | bash
+# Add --help at the end of the command for a list of install options
+bash <( curl -sSL https://raw.githubusercontent.com/sundowndev/phoneinfoga/master/support/scripts/install )
 ```
 
-2. Install phoneinfoga
+2. Install it globally
 ```
 sudo install ./phoneinfoga /usr/local/bin/phoneinfoga
 ```
@@ -31,7 +32,15 @@ sudo install ./phoneinfoga /usr/local/bin/phoneinfoga
 
 To ensure your system is supported, please check the output of `echo "$(uname -s)_$(uname -m)"` in your terminal and see if it's available on the [GitHub release page](https://github.com/sundowndev/phoneinfoga/releases).
 
-## Using Docker
+## Homebrew
+
+PhoneInfoga is now available on Homebrew. Homebrew is a free and open-source package management system for Mac OS X. Install the official phoneinfoga formula from the terminal.
+
+```shell
+brew install phoneinfoga
+```
+
+## Docker
 
 !!! info
     If you want to use the beta channel, you can use the `next` tag, it's updated directly from the master branch. But in most cases we recommend using [`latest`, `v2` or `stable` tags](https://hub.docker.com/r/sundowndev/phoneinfoga/tags) to only get release updates.
@@ -68,7 +77,7 @@ services:
         - "80:5000"
 ```
 
-### From the source code
+### Build from source
 
 You can download the source code, then build the docker images