tasks: allow to load tasks from disk

Now it's possible to load tasks from disk.

There's a central file which contains the defined tasks:
/etc/opensnitchd/tasks/tasks.json

with this format:
{
    "tasks": [
        {
            "enabled": false,
            "name": "downloader",
            "configfile":
"/etc/opensnitchd/tasks/downloader/downloader.json",
        }
    ]
}

The field "name" defines the type of task to load, defined in each task.
It's static.

Whenever the tasks.json is modified, if the tasks are enabled, the task
configuration file defined in the "configfile" field will be loaded.

Configuration format of each task:

{
  "name": "downloader",
  "parent": "downloader",
  "data": {}
}

The field "name" is dynamic, unique, and identifies the instance of the
task. If there're two tasks configured with the same name, only one will
be loaded.
The "parent" field is used to know what's the base task. If it's not
specified, we'll try to use the "name" as the base task.

This allows you to run multiple instances of the same task with
different configurations: a downloader to update malware blocklists,
another to update IP blocklists, etc.

The "data" field depends of each task. It's generic, and each task is
responsible for defining it. For example for the Downloader task:

"data": {
    "interval": "1h",
    "timeout": "5s",
    "urls": [
        {
            "name": "adaway",
            "enabled": true,
            "remote": "https://adaway.o/hosts.txt",
            "localfile": "/tmp/blocklist/ads-adaway-hosts.txt"
        }
    ]
}

The tasks configuration file are also monitored for changes, and
whenever a change is detected the task is reloaded.

----

Notifications (WIP)

It's not yet fully defined and it'll change, but this is the state as
of today.

For real-time tasks, like pid-monitor, sockets monitor and node monitor,
the GUI initiates the task with a unique ID (a timestamp), to know who
is sending what, and display the data properly on the GUI.

For permanent tasks we use a unique ID defined for each task.

Right now, if we don't have the notifications channel opened and the
notification ID corresponds with one of the tasks, we'll post an alert
to the GUI, to display a desktop notification.

Each task can define if send notifications or not. For example:

{
  "name": "downloader",
  "data": {
      (...)
      "notify": {
          "enabled": true
      }
  }
}

then in each task, act accordingly to what is defined in the
configuration.

Author: gustavo-iniguez-goya

daemon/Makefile

@@ -6,6 +6,7 @@ all: opensnitchd
 
 install:
 	@mkdir -p $(DESTDIR)/etc/opensnitchd/rules
+	@mkdir -p $(DESTDIR)/etc/opensnitchd/tasks
 	@install -Dm755 opensnitchd \
 		-t $(DESTDIR)$(PREFIX)/bin/
 	@install -Dm644 opensnitchd.service \
@@ -17,6 +18,7 @@ install:
 	@install -Dm644 network_aliases.json \
 		-t $(DESTDIR)/etc/opensnitchd/
 	@install -Dm600 data/rules/* $(DESTDIR)/etc/opensnitchd/rules/
+	@install -Dm600 data/tasks/tasks.json $(DESTDIR)/etc/opensnitchd/tasks/
 	@systemctl daemon-reload
 
 opensnitchd: $(SRC)

daemon/data/tasks/tasks.json

@@ -0,0 +1,3 @@
+{
+    "tasks": []
+}

daemon/tasks/base.go daemon/tasks/base/main.godaemon/tasks/base.go renamed to daemon/tasks/base/main.go

@@ -1,17 +1,36 @@
-package tasks
+package base
 
 import (
 	"context"
 )
 
+const (
+	PID_MON      = 9000
+	NODE_MON     = 9001
+	SOCKETS_MON  = 9002
+	DOWNLOADER   = 9003
+	NETSNIFFER   = 9004
+	IOCS_SCANNER = 9005
+	REDFLAGS     = 9006
+)
+
 // TaskBase holds the common fields of every task.
 // Warning: don't define fields in tasks with these names.
 type TaskBase struct {
 	Ctx     context.Context
 	Cancel  context.CancelFunc
+	Name    string
 	Results chan interface{}
 	Errors  chan error
 
+	// ID that identifies this task
+	// Temporary tasks like PIDMonitor have a NotificationID which is used
+	// to receive and display the data from the task on the GUI.
+	// Permanent tasks like a background downloader won't have this ID,
+	// so this ID will serve as initial identification to know who is sending what,
+	// and treat data apropiately, if needed (sometimes it'll just be a desktop notification).
+	ID uint64
+
 	// Stop the task if the daemon is disconnected from the GUI (server).
 	// Some tasks don't need to run if the daemon is not connected to the GUI,
 	// like PIDMonitor, SocketsMonitor,etc.
@@ -20,6 +39,23 @@ type TaskBase struct {
 	StopOnDisconnect bool
 }
 
+func (t *TaskBase) SetID(id uint64) {
+	t.ID = id
+}
+
+func (t *TaskBase) GetID() uint64 {
+	return t.ID
+}
+
+func (t *TaskBase) IsTemporary() bool {
+	return t.StopOnDisconnect
+}
+
+type TaskResults struct {
+	Type int
+	Data interface{}
+}
+
 // Task defines the interface for tasks that the task manager will execute.
 type Task interface {
 	// Start starts the task, potentially running it asynchronously.
@@ -28,6 +64,11 @@ type Task interface {
 	// Stop stops the task.
 	Stop() error
 
+	//GetName() string
+	SetID(uint64)
+	GetID() uint64
+	IsTemporary() bool
+
 	Pause() error
 	Resume() error
 

daemon/tasks/config/main.go

@@ -0,0 +1,114 @@
+package config
+
+// Copyright 2025 The OpenSnitch Authors. All rights reserved.
+// Use of this source code is governed by the GPLv3
+// license that can be found in the LICENSE file.
+
+import (
+	"encoding/json"
+	"fmt"
+	"io/ioutil"
+	"sync"
+
+	"github.com/evilsocket/opensnitch/daemon/log"
+	"github.com/fsnotify/fsnotify"
+)
+
+var (
+	DefaultCfgFile = "/etc/opensnitchd/tasks/tasks.json"
+)
+
+// TaskData represents the configuration of a task.
+// For example:
+// {
+//   "name": "sockets-monitor",
+//   "data": {"protocol": 1, "state": "all", array: [...], ...}
+// }
+// The data field must be a JSON object.
+// Each task can unmarshal the object to its own JSON object.
+type TaskData struct {
+	// Parent holds the name of the parent task
+	Parent string
+
+	// Name holds the name of this particular task.
+	// It must be unique if you want to run multiple instances of the same task.
+	Name string
+	Data map[string]interface{}
+}
+
+// TaskConfig holds the information of each task. The name, the configuration
+// file and if its enabled or not.
+// The name of the task must be the one defined in each task: task.Name
+type TaskConfig struct {
+	Name       string
+	ConfigFile string
+	Enabled    bool
+}
+
+// TaskList holds the list of existing tasks.
+//
+// {
+//   "list": [
+//    {
+//      "name": "node-monitor",
+//		"enabled": true,
+//      "file": "/etc/opensnitchd/tasks/node-monitor/node-monitor.json",
+//    },
+//    ...
+//   ]
+// }
+//
+type TasksList struct {
+	Tasks []TaskConfig
+}
+
+type Loader struct {
+	watcher           *fsnotify.Watcher
+	Tasks             []TaskConfig
+	CfgFile           string
+	stopLiveReload    chan struct{}
+	TaskChanged       chan string
+	liveReloadRunning bool
+
+	sync.RWMutex
+}
+
+// NewTasksLoader returns a new configuration loader object.
+// It'll monitor the configuration files for changes.
+func NewTasksLoader() (*Loader, error) {
+	watcher, err := fsnotify.NewWatcher()
+	if err != nil {
+		return nil, err
+	}
+	return &Loader{
+		liveReloadRunning: false,
+		watcher:           watcher,
+		stopLiveReload:    make(chan struct{}),
+		TaskChanged:       make(chan string),
+	}, nil
+}
+
+func (l *Loader) Load(path string) ([]TaskConfig, error) {
+	if path == "" {
+		path = DefaultCfgFile
+	}
+	log.Debug("[tasks] Loader.Load() config file: %s", path)
+
+	raw, err := ioutil.ReadFile(path)
+	if err != nil || len(raw) == 0 {
+		return nil, fmt.Errorf("error reading tasks list file %s: %s", path, err)
+	}
+	var tasks TasksList
+	err = json.Unmarshal(raw, &tasks)
+	if err != nil {
+		return nil, fmt.Errorf("Error unmarshalling config file %s: %s", path, err)
+	}
+	l.Tasks = tasks.Tasks
+	l.CfgFile = path
+
+	if !l.isLiveReloadRunning() {
+		go l.liveReloadWorker()
+	}
+
+	return l.Tasks, nil
+}

daemon/tasks/config/monitor.go

@@ -0,0 +1,100 @@
+package config
+
+import (
+	//"path"
+	"strings"
+	"time"
+
+	"github.com/evilsocket/opensnitch/daemon/log"
+	"github.com/fsnotify/fsnotify"
+)
+
+func (l *Loader) AddWatch(path string) error {
+	l.RLock()
+	defer l.RUnlock()
+	return l.watcher.Add(path)
+}
+
+func (l *Loader) RemoveWatch(path string) error {
+	l.RLock()
+	defer l.RUnlock()
+	return l.watcher.Remove(path)
+}
+
+func (l *Loader) AddWatches() {
+	if err := l.watcher.Add(l.CfgFile); err != nil {
+		log.Error("[tasks] Could not watch path %s: %s", l.CfgFile, err)
+	}
+
+	for _, task := range l.Tasks {
+		if task.ConfigFile == "" {
+			log.Warning("[tasks] Loader watch, \"configfile\" field missing, skipping task %s: enabled: %v, %s", task.Name, task.Enabled, task.ConfigFile)
+			continue
+		}
+		if !task.Enabled {
+			continue
+		}
+		log.Debug("[tasks] Loader watching %s: %v, %s", task.Name, task.Enabled, task.ConfigFile)
+
+		if err := l.AddWatch(task.ConfigFile); err != nil {
+			log.Error("[tasks] Loader, could not watch path %s: %s", task.ConfigFile, err)
+		}
+	}
+}
+
+func (l *Loader) setLiveReloadRunning(running bool) {
+	l.Lock()
+	l.liveReloadRunning = running
+	l.Unlock()
+}
+
+func (l *Loader) isLiveReloadRunning() bool {
+	l.RLock()
+	defer l.RUnlock()
+	return l.liveReloadRunning
+}
+
+func (l *Loader) liveReloadWorker() {
+	l.setLiveReloadRunning(true)
+	defer l.setLiveReloadRunning(false)
+
+	//log.Info("Tasks watcher started on path %v ...", l.Tasks)
+
+	for {
+		l.AddWatches()
+
+		select {
+		case <-l.stopLiveReload:
+			goto Exit
+		case event, ok := <-l.watcher.Events:
+			if !ok {
+				log.Error("[tasks] Loader.watcher events not ready, closed?")
+			}
+			if !strings.HasSuffix(event.Name, ".json") {
+				continue
+			}
+			log.Trace("[tasks] watcher event. Write: %v, Create: %v, Removed: %v Renamed: %v, %+v, %s",
+				event.Op&fsnotify.Write == fsnotify.Write,
+				event.Op&fsnotify.Create == fsnotify.Create,
+				event.Op&fsnotify.Remove == fsnotify.Remove,
+				event.Op&fsnotify.Rename == fsnotify.Rename,
+				event, event.Name)
+
+			// a new rule json file has been created or updated
+			if event.Op&fsnotify.Create == fsnotify.Create {
+				log.Info("New task: %s", event.Name)
+
+			} else if event.Op&fsnotify.Write == fsnotify.Write || event.Op&fsnotify.Rename == fsnotify.Rename {
+				log.Important("Tasks file changed %s, reloading ...", event.Name)
+				// the events may occur too rapidly, and sometimes the file does not exist yet.
+				time.Sleep(1 * time.Second)
+				l.TaskChanged <- event.Name
+			}
+
+		case err := <-l.watcher.Errors:
+			log.Warning("[tasks] watcher error: %s", err)
+		}
+	}
+Exit:
+	log.Info("[tasks] liveReloadWorker() exited")
+}

daemon/tasks/config/utils.go

@@ -0,0 +1,25 @@
+package config
+
+import (
+	"encoding/json"
+	"fmt"
+	"io/ioutil"
+
+	"github.com/evilsocket/opensnitch/daemon/log"
+)
+
+func LoadTaskData(path string) (TaskData, error) {
+	raw, err := ioutil.ReadFile(path)
+	if err != nil {
+		return TaskData{}, fmt.Errorf("error opening task file %s: %s", path, err)
+	}
+	log.Trace("LoadTaskData: %s -> %s", path, string(raw))
+
+	var taskConf TaskData
+	err = json.Unmarshal(raw, &taskConf)
+	if err != nil {
+		return TaskData{}, fmt.Errorf("error unmarshalling task file %s: %s", path, err)
+	}
+
+	return taskConf, nil
+}

daemon/tasks/doc.go

@@ -1,14 +1,14 @@
 package tasks
 
-// Copyright 2024 The OpenSnitch Authors. All rights reserved.
+// Copyright 2025 The OpenSnitch Authors. All rights reserved.
 // Use of this source code is governed by the GPLv3
 // license that can be found in the LICENSE file.
 
 /*
 Package tasks manages actions launched by/to the daemon.
 
 These tasks are handled by the TaskManager, which is in charge of start new
-task, update and stop them.
+tasks, update and stop them.
 
 The name of each task serves as the unique key inside the task manager.
 Some tasks will be unique, like SocketsMonitor, and others might have more than one instance, like "pid-monitor-123", "pid-monitor-987".
@@ -17,4 +17,8 @@ Tasks run in background.
 
 Some tasks may run periodically (every 5s, every 2 days, ...), others will run until stop and others until a timeout.
 
+Tere're also permanent tasks and temporary tasks:
+ - temporary tasks only last while the UI is running, for example the node-monitor, netstat monitor or pid-monitor.
+ - peramnent tasks run periodically regardless if the UI is running or not, like a cron job (url downloader, background scanner, etc).
+
 */