Update Debian package to use wssshd2 C binary instead of Python

- Change build dependencies from Python to C build tools (gcc, make, libssl-dev, libsqlite3-dev, uuid-dev) - Update runtime dependencies to include libsqlite3-0 and libssl3 - Modify debian/rules to build wssshd2 C binary instead of PyInstaller - Update man page with C version command line options - Update package description to reflect C binary with embedded web interface - Keep all existing init scripts, logrotate, and service files unchanged - Maintain same user creation and path configurations

Update Debian package to use wssshd2 C binary instead of Python
- Change build dependencies from Python to C build tools (gcc, make, libssl-dev, libsqlite3-dev, uuid-dev) - Update runtime dependencies to include libsqlite3-0 and libssl3 - Modify debian/rules to build wssshd2 C binary instead of PyInstaller - Update man page with C version command line options - Update package description to reflect C binary with embedded web interface - Keep all existing init scripts, logrotate, and service files unchanged - Maintain same user creation and path configurations
e3d59552 · Stefy Lanza (nextime / spora ) · 13efc854 · e3d59552 · e3d59552 · e3d59552
Commit e3d59552 authored Sep 21, 2025 by Stefy Lanza (nextime / spora )
Hide whitespace changes
Inline Side-by-side

Showing with 83 additions and 122 deletions

control wsssh-server/debian/control +7 -7

rules wsssh-server/debian/rules +7 -84

wssshd.1 wsssh-server/debian/wssshd.1 +69 -31

No files found.
--- a/wsssh-server/debian/control
+++ b/wsssh-server/debian/control
@@ -2,7 +2,7 @@ Source: wsssh-server
 Section: net
 Priority: optional
 Maintainer: Stefy Lanza <stefy@nexlab.net>
-Build-Depends: debhelper-compat (= 13), python3, python3-pip, python3-setuptools
+Build-Depends: debhelper-compat (= 13), gcc, make, libssl-dev, libsqlite3-dev, uuid-dev
 Standards-Version: 4.6.2
 Homepage: https://git.nexlab.net/nexlab/wsssh
 Vcs-Browser: https://git.nexlab.net/nexlab/wsssh
@@ -10,13 +10,13 @@ Vcs-Git: https://git.nexlab.net/nexlab/wsssh.git

 Package: wsssh-server
 Architecture: any
-Depends: ${shlibs:Depends}, ${misc:Depends}, adduser, debconf (>= 0.5) | debconf-2.0
+Depends: ${shlibs:Depends}, ${misc:Depends}, adduser, debconf (>= 0.5) | debconf-2.0, libsqlite3-0, libssl3
 Description: WSSSH: Warp-Powered Stefy's Spatial Secure Hyperdrive Server (wssshd)
- wsssh is a swiss army's knife server assisted tunnelling system for the win initially born as a websocket ssh tunnelling system and evolved to a universal tunnelling utility. This package contains the server component
- that handles WebSocket connections and manages SSH tunnels.
- .
- This package includes a standalone PyInstaller binary that bundles all
- required dependencies, eliminating the need for external Python packages.
+  wsssh is a swiss army's knife server assisted tunnelling system for the win initially born as a websocket ssh tunnelling system and evolved to a universal tunnelling utility. This package contains the server component
+  that handles WebSocket connections and manages SSH tunnels.
+  .
+  This package includes a standalone C binary that provides high performance
+  and includes an embedded web interface with SQLite database for user management.
 .
 The wssshd server provides:
   - WSSSH tunnel management

--- a/wsssh-server/debian/rules
+++ b/wsssh-server/debian/rules
@@ -16,88 +16,12 @@
 	dh $@

 override_dh_auto_configure:
-	# Create PyInstaller spec file for wssshd
-	@echo '# -*- mode: python ; coding: utf-8 -*-' > wssshd.spec
-	@echo '' >> wssshd.spec
-	@echo 'block_cipher = None' >> wssshd.spec
-	@echo '' >> wssshd.spec
-	@echo 'a = Analysis(' >> wssshd.spec
-	@echo "    ['../wssshd.py']," >> wssshd.spec
-	@echo '    pathex=[],' >> wssshd.spec
-	@echo '    binaries=[],' >> wssshd.spec
-	@echo '    datas=[],' >> wssshd.spec
-	@echo '    hiddenimports=[' >> wssshd.spec
-	@echo "        'websockets'," >> wssshd.spec
-	@echo "        'flask'," >> wssshd.spec
-	@echo "        'flask_login'," >> wssshd.spec
-	@echo "        'flask_sqlalchemy'," >> wssshd.spec
-	@echo "        'ssl'," >> wssshd.spec
-	@echo "        'asyncio'," >> wssshd.spec
-	@echo "        'configparser'," >> wssshd.spec
-	@echo "        'argparse'," >> wssshd.spec
-	@echo "        'signal'," >> wssshd.spec
-	@echo "        'os'," >> wssshd.spec
-	@echo "        'sys'," >> wssshd.spec
-	@echo "        'json'," >> wssshd.spec
-	@echo "        'subprocess'," >> wssshd.spec
-	@echo "        'pty'," >> wssshd.spec
-	@echo "        'select'," >> wssshd.spec
-	@echo "        'termios'," >> wssshd.spec
-	@echo "        'fcntl'," >> wssshd.spec
-	@echo "        'stat'," >> wssshd.spec
-	@echo "        'threading'," >> wssshd.spec
-	@echo "        'time'," >> wssshd.spec
-	@echo "        'uuid'," >> wssshd.spec
-	@echo "        'socket'," >> wssshd.spec
-	@echo "        'netdb'," >> wssshd.spec
-	@echo "        'errno'," >> wssshd.spec
-	@echo "        'pysqlite3'" >> wssshd.spec
-	@echo '    ],' >> wssshd.spec
-	@echo '    hookspath=[],' >> wssshd.spec
-	@echo '    hooksconfig={},' >> wssshd.spec
-	@echo '    runtime_hooks=[],' >> wssshd.spec
-	@echo '    excludes=[],' >> wssshd.spec
-	@echo '    win_no_prefer_redirects=False,' >> wssshd.spec
-	@echo '    win_private_assemblies=False,' >> wssshd.spec
-	@echo '    cipher=block_cipher,' >> wssshd.spec
-	@echo '    noarchive=False,' >> wssshd.spec
-	@echo ')' >> wssshd.spec
-	@echo '' >> wssshd.spec
-	@echo 'pyz = PYZ(a.pure, a.zipped_data, cipher=block_cipher)' >> wssshd.spec
-	@echo '' >> wssshd.spec
-	@echo 'exe = EXE(' >> wssshd.spec
-	@echo '    pyz,' >> wssshd.spec
-	@echo '    a.scripts,' >> wssshd.spec
-	@echo '    a.binaries,' >> wssshd.spec
-	@echo '    a.zipfiles,' >> wssshd.spec
-	@echo '    a.datas,' >> wssshd.spec
-	@echo '    [],' >> wssshd.spec
-	@echo "    name='wssshd'," >> wssshd.spec
-	@echo '    debug=False,' >> wssshd.spec
-	@echo '    bootloader_ignore_signals=False,' >> wssshd.spec
-	@echo '    strip=False,' >> wssshd.spec
-	@echo '    upx=True,' >> wssshd.spec
-	@echo '    upx_exclude=[],' >> wssshd.spec
-	@echo '    runtime_tmpdir=None,' >> wssshd.spec
-	@echo '    console=True,' >> wssshd.spec
-	@echo '    disable_windowed_traceback=False,' >> wssshd.spec
-	@echo '    argv_emulation=False,' >> wssshd.spec
-	@echo '    target_arch=None,' >> wssshd.spec
-	@echo '    codesign_identity=None,' >> wssshd.spec
-	@echo '    entitlements_file=None,' >> wssshd.spec
-	@echo ')' >> wssshd.spec
+	# Configure wssshd2 build
+	cd ../wssshd2 && ./configure.sh

 override_dh_auto_build:
-	# Check if wssshd binary already exists in dist directory
-	if [ -f ../dist/wssshd ]; then \
-		echo "Using existing wssshd binary from ../dist/wssshd"; \
-		mkdir -p dist; \
-		cp ../dist/wssshd dist/wssshd; \
-	else \
-		echo "Building PyInstaller binary"; \
-		pip3 install pyinstaller; \
-		pyinstaller --clean --onefile wssshd.spec; \
-	fi
+	# Build wssshd2 C binary
+	cd ../wssshd2 && make clean && make

 override_dh_auto_install:
 	# Create necessary directories
@@ -114,8 +38,8 @@ override_dh_auto_install:
 	mkdir -p debian/wsssh-server/usr/sbin
 	mkdir -p debian/wsssh-server/etc/logrotate.d

-	# Install PyInstaller binary
-	install -m 755 dist/wssshd debian/wsssh-server/usr/bin/
+	# Install C binary
+	install -m 755 ../wssshd2/wssshd debian/wsssh-server/usr/bin/

 	# Install init script
 	install -m 755 ../wssshd.init debian/wsssh-server/etc/init.d/wssshd
@@ -142,6 +66,5 @@ override_dh_auto_install:
 	cp -r ../logos/* debian/wsssh-server/usr/share/wsssh/logos/

 override_dh_auto_clean:
-	rm -rf build *.spec
-	# Don't clean dist directory to preserve existing wssshd binary
+	rm -rf build *.spec dist
 	dh_auto_clean
\ No newline at end of file
--- a/wsssh-server/debian/wssshd.1
+++ b/wsssh-server/debian/wssshd.1
@@ -6,9 +6,14 @@ wssshd \- WebSocket SSH Server daemon for secure tunneling
 [\fB\-\-config\fR \fIFILE\fR]
 [\fB\-\-host\fR \fIHOST\fR]
 [\fB\-\-port\fR \fIPORT\fR]
-[\fB\-\-ssl\-cert\fR \fIFILE\fR]
-[\fB\-\-ssl\-key\fR \fIFILE\fR]
+[\fB\-\-domain\fR \fIDOMAIN\fR]
+[\fB\-\-password\fR \fIPASSWORD\fR]
+[\fB\-\-web\-host\fR \fIHOST\fR]
+[\fB\-\-web\-port\fR \fIPORT\fR]
+[\fB\-\-web\-https\fR]
 [\fB\-\-debug\fR]
+[\fB\-\-debug\-web\fR]
+[\fB\-\-debug\-database\fR]
 [\fB\-\-help\fR]
 .SH DESCRIPTION
 .B wssshd
@@ -19,52 +24,82 @@ is a WebSocket SSH server daemon that provides secure tunneling capabilities for
 Configuration file path (default: /etc/wssshd.conf)
 .TP
 .BR \-\-host " \fIHOST\fR"
-Server bind address (default: 0.0.0.0)
+WebSocket server bind address (default: 0.0.0.0)
 .TP
 .BR \-\-port " \fIPORT\fR"
-Server port (default: 9898)
+WebSocket server port (default: 9898)
 .TP
-.BR \-\-ssl\-cert " \fIFILE\fR"
-SSL certificate file path
+.BR \-\-domain " \fIDOMAIN\fR"
+Domain name for the server
 .TP
-.BR \-\-ssl\-key " \fIFILE\fR"
-SSL private key file path
+.BR \-\-password " \fIPASSWORD\fR"
+Server password for client authentication
+.TP
+.BR \-\-web\-host " \fIHOST\fR"
+Web interface bind address (default: 127.0.0.1)
+.TP
+.BR \-\-web\-port " \fIPORT\fR"
+Web interface port (default: 8080)
+.TP
+.B \-\-web\-https
+Enable HTTPS for web interface
 .TP
 .B \-\-debug
-Enable debug output for troubleshooting
+Enable general debug output
+.TP
+.B \-\-debug\-web
+Enable web interface debug output
+.TP
+.B \-\-debug\-database
+Enable database operation debug output
 .TP
 .B \-\-help
 Display help message and exit
 .SH CONFIGURATION
-The server can be configured through command line options or configuration files. The configuration file supports the following sections and options:
-.TP
-.B [server]
- \fBhost\fR: Server bind address
- \fBport\fR: Server port
- \fBssl_cert\fR: SSL certificate file
- \fBssl_key\fR: SSL private key file
- \fBdebug\fR: Enable debug mode
-.TP
-.B [database]
- \fBpath\fR: SQLite database file path
-.TP
-.B [web]
- \fBusername\fR: Web interface username
- \fBpassword\fR: Web interface password (hashed)
- \fBsecret_key\fR: Flask secret key for sessions
+The server can be configured through command line options or configuration files. The configuration file supports the following options:
+.TP
+.B host
+WebSocket server bind address (default: 0.0.0.0)
+.TP
+.B port
+WebSocket server port (default: 9898)
+.TP
+.B domain
+Domain name for the server
+.TP
+.B password
+Server password for client authentication
+.TP
+.B web_host
+Web interface bind address (default: 127.0.0.1)
+.TP
+.B web_port
+Web interface port (default: 8080)
+.TP
+.B web_https
+Enable HTTPS for web interface (default: false)
+.TP
+.B debug
+Enable general debug output (default: false)
+.TP
+.B debug_web
+Enable web interface debug output (default: false)
+.TP
+.B debug_database
+Enable database operation debug output (default: false)
 .SH EXAMPLES
 .TP
 Start server with default configuration:
 .B wssshd
 .TP
 Start server with custom configuration:
-.B wssshd --config /etc/wssshd/custom.conf
+.B wssshd --config /etc/wssshd.conf
 .TP
 Start server with debug output:
-.B wssshd --debug --port 8080
+.B wssshd --debug --debug-web --debug-database
 .TP
-Start server with SSL:
-.B wssshd --ssl-cert /etc/ssl/certs/wssshd.crt --ssl-key /etc/ssl/private/wssshd.key
+Start server with custom web interface:
+.B wssshd --web-host 0.0.0.0 --web-port 8080 --web-https
 .SH WEB INTERFACE
 The server provides a web-based management interface accessible at https://server:port/ (when SSL is enabled) or http://server:port/ (without SSL). The web interface allows:
 - Client registration and management
@@ -89,8 +124,11 @@ Reload configuration (if supported)
 .I /etc/wssshd.conf
 Main configuration file
 .TP
-.I /var/lib/wssshd/wssshd.db
-SQLite database for client and tunnel data
+.I ~/.config/wssshd/users.db
+SQLite database for user management (per-user)
+.TP
+.I /etc/wssshd/users.db
+SQLite database for user management (system-wide, when running as root)
 .TP
 .I /var/log/wssshd/
 Log directory