Development and deployment scripts for Synapse.
The local Windows build environment runs as a VM accessible via SSH. It has the synapse repo mounted as a shared folder, so code changes on the Linux host are immediately available.
| Setting | Default | Override |
|---|---|---|
| Host | gen0sec@10.10.10.1 |
WIN_HOST / BUILD_HOST |
| SSH port | 2222 |
WIN_PORT / BUILD_SSH_PORT |
| Repo path | C:\Users\gen0sec\Desktop\Shared\synapse |
WIN_DIR / SYNAPSE_PATH |
- Rust toolchain (stable, 2024 edition)
- .NET 8 SDK — required for WiX MSI builds
- WiX Toolset v5 —
dotnet tool install --global wix --version 5.0.2 - WiX extensions — Firewall, Util, UI (
wix extension add WixToolset.*.wixext/5.0.2) - Visual Studio Build Tools — MSVC linker for Rust
| Build | Features |
|---|---|
| Windows (agent only) | --no-default-features |
| Linux (all features) | --all-features |
| Linux (agent only, no proxy) | --no-default-features --features bpf |
Key feature gates:
proxy— reverse proxy, WAF actions (captcha, content scanning, rate limiting), Redis, ACME, internal services. Unix-only.classifier— ML/ONNX fingerprint classifier via cortex crate. Linux-only.bpf— eBPF/XDP kernel firewall. Linux-only (requires clang/libbpf).graceful-restart— zero-downtime restart via ecdysis. Unix-only. Enabled by default.
Run the full CI test suite on the local Windows VM. Mirrors .github/workflows/windows-build.yaml.
# Run all steps (fmt, clippy, build, test)
./scripts/test_windows.sh
# Run a single step
./scripts/test_windows.sh --step clippy
./scripts/test_windows.sh --step test
./scripts/test_windows.sh --step build
./scripts/test_windows.sh --step fmt
./scripts/test_windows.sh --step ebpf
# Skip initial setup or file sync
./scripts/test_windows.sh --skip-setup
./scripts/test_windows.sh --skip-syncBuild the Synapse MSI installer on the local Windows VM and deploy it to a remote Windows server.
# Full build + deploy
./scripts/deploy_windows_msi.sh <remote_host> [remote_user]
# Skip build, reuse last MSI
SKIP_BUILD=1 ./scripts/deploy_windows_msi.sh <remote_host>
# Deploy and start the service
LAUNCH_SERVICE=1 ./scripts/deploy_windows_msi.sh <remote_host>What it does:
- Builds
synapse.exe(release-windows profile) on the local VM - Builds the MSI with WiX (includes service registration, firewall rule, event log)
- Downloads MSI from build host via SCP
- Uploads MSI to the remote server
- Uninstalls any existing Synapse installation
- Installs the new MSI
- Verifies: exe, config, logs dir, rules dir, service, event log source
Environment variables:
| Variable | Default | Description |
|---|---|---|
BUILD_HOST |
gen0sec@10.10.10.1 |
Local Windows build VM |
BUILD_SSH_PORT |
2222 |
SSH port for build VM |
SYNAPSE_PATH |
C:\Users\gen0sec\Desktop\Shared\synapse |
Repo path on build VM |
FEATURES |
`` | Extra Cargo features (empty — IDS always linked) |
SKIP_BUILD |
0 |
Set to 1 to reuse existing MSI |
LAUNCH_SERVICE |
0 |
Set to 1 to start service after install |
Copy a local SSH public key to a remote Windows server running OpenSSH.
./scripts/copy-ssh-key.sh admin@192.168.1.100
./scripts/copy-ssh-key.sh admin@server01 ~/.ssh/id_ed25519.pubDocker Compose configuration for local development services (Redis, etc.).