Beispiel #1
0
def authenticate_dbx(flog=None, config_db=None, rt_status_db=None):

    flog.debug(inspect.stack()[0][3] + ": authenticatie met dropbox start.")

    _id, access_token_crypted, _label = config_db.strget(47, flog)
    flog.debug(inspect.stack()[0][3] + ": access_token(encrypted) = " +
               access_token_crypted)
    access_token = crypto3.p1Decrypt(access_token_crypted, CRYPT_KEY_ACCESS)
    flog.debug(inspect.stack()[0][3] + ": decrypted key = " +
               str(access_token))

    _id, refresh_token_crypted, _label = config_db.strget(170, flog)
    flog.debug(inspect.stack()[0][3] + ": refresh_token(encrypted) = " +
               refresh_token_crypted)
    refresh_token = crypto3.p1Decrypt(refresh_token_crypted, CRYPT_KEY_REFRESH)
    flog.debug(inspect.stack()[0][3] + ": decrypted refresh_token = " +
               str(refresh_token))

    try:

        dbx = dropbox.Dropbox(oauth2_access_token=access_token,
                              oauth2_refresh_token=refresh_token,
                              app_key=APP_KEY,
                              app_secret=APP_SECRET)

        dbx.users_get_current_account()
        rt_status_db.timestamp(59, flog)  # dropbox succes timestamp
        flog.debug(inspect.stack()[0][3] +
                   ": authenticatie met dropbox succesvol.")
    except Exception as e:
        rt_status_db.strset('authenticatie gefaald', 62, flog)
        flog.critical(inspect.stack()[0][3] +
                      ": authenticatie gefaald melding:" + str(e.args[0]))
        dbx = None
    return dbx
Beispiel #2
0
def copy_and_crypto_file(mode='e',
                         source_pathfile=None,
                         destination_pathfile=None,
                         flog=None,
                         cryptoseed=None):

    try:
        with open(source_pathfile, 'r') as w_file:
            data = w_file.read()

        #flog.debug ( "source data " + str(data) )

        if mode == 'encrypt':
            result = crypto3.p1Encrypt(str(data), cryptoseed)
        elif mode == 'decrypt':
            result = crypto3.p1Decrypt(str(data), cryptoseed)
        else:
            raise Exception(
                " geen goed crypto mode opgegeven, valide opties (encrypt of decrypt)."
            )

        #flog.debug ( "destination data " + str( result )  )

        destination = destination_pathfile
        fp = open(destination, "w")
        fp.write(result)
        fp.close()

        flog.debug("bestand " + source_pathfile +
                   " versleuteld en gekopieerd naar " + destination)

    except Exception as e:
        raise Exception(str(e))
Beispiel #3
0
def Main(argv):
    parser = argparse.ArgumentParser(
        description="encrypte of decrypte input string")
    parser.add_argument('-e', '--enc', required=False)
    parser.add_argument('-d', '--dec', required=False)
    parser.add_argument('-s', '--seed', required=False)
    parser.add_argument('-t', '--test', required=False,
                        action="store_true")  # flag only
    args = parser.parse_args()
    enc = args.enc  # encode the input string
    dec = args.dec  # decode the base64 input to a string
    seed = args.seed  # seed the internal key with a identifier to prevent plaintext attack.

    if args.test == True:
        crypto3.testP1CryptoSuite()
        sys.exit(0)

    try:
        if enc != None:
            if seed != None:
                result = crypto3.p1Encrypt(enc, seed)
            else:
                result = crypto3.p1Encrypt(enc)
            print(result)
            flog.debug(inspect.stack()[0][3] + ": encoding result: " +
                       str(result))

        if dec != None:
            if seed != None:
                result = crypto3.p1Decrypt(dec, seed)
            else:
                result = crypto3.p1Decrypt(dec)
            print(result)
            flog.debug(inspect.stack()[0][3] + ": encoding result: " +
                       str(result))
    except Exception as e:
        flog.error(inspect.stack()[0][3] + ": gestopt." + str(e))
Beispiel #4
0
def getUrlParameters():
	# get config values
	api_key = 0
	api_id 	= 0
	r 		= True
	
	try:
		sqlstr = "select id, parameter from "+const.DB_CONFIG_TAB+" where id=13 or id=25 order by id asc"
		sqlstr=" ".join(sqlstr.split())
		flog.debug(inspect.stack()[0][3]+": sql(1)="+sqlstr)
		config=config_db.select_rec(sqlstr)    
		flog.debug(inspect.stack()[0][3]+": waarde config record"+str(config))
		api_key = config[0][1]
		api_id = config[1][1]
	except Exception as e:
		flog.error(inspect.stack()[0][3]+": sql error(1)"+str(e))
		r = False
	
	#decode api_key
	
	try:
		decoded_api_key = base64.standard_b64decode(crypto3.p1Decrypt(api_key,'weatherapikey')).decode('utf-8')
	except Exception as e:
		flog.error(inspect.stack()[0][3]+": api decodering gefaald. coded password="******" Gestopt. melding:" + str(e.args[0]) )
		r = False
	flog.info("Password decryptie ok.")
	flog.debug("Decoded api key = " + api_key )

	"""
	flog.debug(inspect.stack()[0][3]+": decoded api key "+decoded_api_key)
	if all(c in string.printable for c in decoded_api_key) == False:
		flog.error(inspect.stack()[0][3]+": password decodering gefaald. Decode_api_key="+decoded_api_key)
		r = False
	else:
		flog.info("Password decryptie ok.")
	"""

	return r, api_id, decoded_api_key
Beispiel #5
0
def setConfigFromDb():
    global mqtt_para, mqtt_topics_smartmeter, mqtt_topics_watermeter, mqtt_topics_weather, mqtt_topics_indoor_temperature, mqtt_topics_phase, mqtt_topics_powerproduction

    try:
        _id, parameter, _label = config_db.strget(105, flog)
        if parameter == None:
            parameter = ''
        mqtt_para['clientname'] = str(parameter).replace(" ", "")

        _id, parameter, _label = config_db.strget(106, flog)
        if parameter == None:
            parameter = ''

        mqtt_para['topicprefix'] = str(parameter).replace(
            " ", "")  # no whitespace in topic
        if len(mqtt_para['topicprefix']) < 1:
            mqtt_para[
                'topicprefix'] = 'p1monitor'  # topic may not start with a / this would happen with an empty topicprefix

        _id, parameter, _label = config_db.strget(107, flog)
        mqtt_para['brokeruser'] = str(parameter)

        _id, parameter, _label = config_db.strget(108, flog)
        if len(parameter) > 0:
            decoded_password = str(
                base64.standard_b64decode(
                    crypto3.p1Decrypt(parameter, 'mqttclpw')).decode('utf-8'))
            flog.debug(inspect.stack()[0][3] + " encoded password="******" decoded password="******" ", "")  # no whitespace in hostname or IP

        _id, parameter, _label = config_db.strget(110, flog)
        mqtt_para['brokerport'] = int(
            (parameter).replace(" ", ""))  # no whitespace in port number

        _id, parameter, _label = config_db.strget(111, flog)
        mqtt_para['brokerkeepalive'] = int(
            (parameter).replace(" ", ""))  # no whitespace keep alive seconds.

        _id, parameter, _label = config_db.strget(112, flog)
        mqtt_para['protocol'] = int(
            (parameter).replace(" ", ""))  # no whitespace number of version
        mqtt_para['protocol'] = 4

        _id, parameter, _label = config_db.strget(113, flog)
        mqtt_para['qosglobal'] = int(
            (parameter).replace(" ", ""))  # no whitespace QoS number

        flog.debug(inspect.stack()[0][3] + ": mqtt_para = " + str(mqtt_para))

    except Exception as e:
        flog.warning(inspect.stack()[0][3] +
                     ": DB configuratie heeft een probeem -> " +
                     str(e.args[0]))

    # update the topics
    mqtt_topics_smartmeter = {
        0:
        mqtt_para['topicprefix'] + '/' +
        os.path.basename(apiconst.ROUTE_SMARTMETER) + '/' +
        apiconst.JSON_TS_LCL.lower(),
        1:
        mqtt_para['topicprefix'] + '/' +
        os.path.basename(apiconst.ROUTE_SMARTMETER) + '/' +
        apiconst.JSON_TS_LCL_UTC.lower(),
        2:
        mqtt_para['topicprefix'] + '/' +
        os.path.basename(apiconst.ROUTE_SMARTMETER) + '/' +
        apiconst.JSON_API_CNSMPTN_GAS_M3.lower(),
        3:
        mqtt_para['topicprefix'] + '/' +
        os.path.basename(apiconst.ROUTE_SMARTMETER) + '/' +
        apiconst.JSON_API_CNSMPTN_KWH_H.lower(),
        4:
        mqtt_para['topicprefix'] + '/' +
        os.path.basename(apiconst.ROUTE_SMARTMETER) + '/' +
        apiconst.JSON_API_CNSMPTN_KWH_L.lower(),
        5:
        mqtt_para['topicprefix'] + '/' +
        os.path.basename(apiconst.ROUTE_SMARTMETER) + '/' +
        apiconst.JSON_API_CNSMPTN_KW.lower(),
        6:
        mqtt_para['topicprefix'] + '/' +
        os.path.basename(apiconst.ROUTE_SMARTMETER) + '/' +
        apiconst.JSON_API_PRDCTN_KWH_H.lower(),
        7:
        mqtt_para['topicprefix'] + '/' +
        os.path.basename(apiconst.ROUTE_SMARTMETER) + '/' +
        apiconst.JSON_API_PRDCTN_KWH_L.lower(),
        8:
        mqtt_para['topicprefix'] + '/' +
        os.path.basename(apiconst.ROUTE_SMARTMETER) + '/' +
        apiconst.JSON_API_PRDCTN_KW.lower(),
        9:
        mqtt_para['topicprefix'] + '/' +
        os.path.basename(apiconst.ROUTE_SMARTMETER) + '/' +
        apiconst.JSON_API_TRFCD.lower(),
        10:
        mqtt_para['topicprefix'] + '/' +
        os.path.basename(apiconst.ROUTE_SMARTMETER) + '/' +
        apiconst.JSON_API_REC_PRCSSD.lower(),
    }

    mqtt_topics_watermeter = {
        0:
        mqtt_para['topicprefix'] + '/' + apiconst.BASE_WATERMETER +
        '/minute'.lower() + '/' + apiconst.JSON_TS_LCL.lower(),
        1:
        mqtt_para['topicprefix'] + '/' + apiconst.BASE_WATERMETER +
        '/minute'.lower() + '/' + apiconst.JSON_TS_LCL_UTC.lower(),
        2:
        mqtt_para['topicprefix'] + '/' + apiconst.BASE_WATERMETER +
        '/minute'.lower() + '/' + apiconst.JSON_API_WM_PULS_CNT.lower(),
        3:
        mqtt_para['topicprefix'] + '/' + apiconst.BASE_WATERMETER +
        '/minute'.lower() + '/' + apiconst.JSON_API_WM_CNSMPTN_LTR.lower(),
        4:
        mqtt_para['topicprefix'] + '/' + apiconst.BASE_WATERMETER +
        '/minute'.lower() + '/' + apiconst.JSON_API_WM_CNSMPTN_LTR_M3.lower()
    }

    mqtt_topics_weather = {
        0:
        mqtt_para['topicprefix'] + '/' +
        os.path.basename(apiconst.ROUTE_WEATHER_CURRENT) + '/' +
        apiconst.JSON_TS_LCL.lower(),
        1:
        mqtt_para['topicprefix'] + '/' +
        os.path.basename(apiconst.ROUTE_WEATHER_CURRENT) + '/' +
        apiconst.JSON_TS_LCL_UTC.lower(),
        2:
        mqtt_para['topicprefix'] + '/' +
        os.path.basename(apiconst.ROUTE_WEATHER_CURRENT) + '/' +
        apiconst.JSON_API_CTY_ID.lower(),
        3:
        mqtt_para['topicprefix'] + '/' +
        os.path.basename(apiconst.ROUTE_WEATHER_CURRENT) + '/' +
        apiconst.JSON_API_CTY_NM.lower(),
        4:
        mqtt_para['topicprefix'] + '/' +
        os.path.basename(apiconst.ROUTE_WEATHER_CURRENT) + '/' +
        apiconst.JSON_API_WTHR_TMPRTR.lower(),
        5:
        mqtt_para['topicprefix'] + '/' +
        os.path.basename(apiconst.ROUTE_WEATHER_CURRENT) + '/' +
        apiconst.JSON_API_WTHR_DSCRPTN.lower(),
        6:
        mqtt_para['topicprefix'] + '/' +
        os.path.basename(apiconst.ROUTE_WEATHER_CURRENT) + '/' +
        apiconst.JSON_API_WTHR_ICON.lower(),
        7:
        mqtt_para['topicprefix'] + '/' +
        os.path.basename(apiconst.ROUTE_WEATHER_CURRENT) + '/' +
        apiconst.JSON_API_WTHR_PRSSR.lower(),
        8:
        mqtt_para['topicprefix'] + '/' +
        os.path.basename(apiconst.ROUTE_WEATHER_CURRENT) + '/' +
        apiconst.JSON_API_WTHR_HMDTY.lower(),
        9:
        mqtt_para['topicprefix'] + '/' +
        os.path.basename(apiconst.ROUTE_WEATHER_CURRENT) + '/' +
        apiconst.JSON_API_WTHR_WND_SPD.lower(),
        10:
        mqtt_para['topicprefix'] + '/' +
        os.path.basename(apiconst.ROUTE_WEATHER_CURRENT) + '/' +
        apiconst.JSON_API_WTHR_WND_DGRS.lower(),
        11:
        mqtt_para['topicprefix'] + '/' +
        os.path.basename(apiconst.ROUTE_WEATHER_CURRENT) + '/' +
        apiconst.JSON_API_WTHR_CLDS.lower(),
        12:
        mqtt_para['topicprefix'] + '/' +
        os.path.basename(apiconst.ROUTE_WEATHER_CURRENT) + '/' +
        apiconst.JSON_API_WTHR_WEATHER_ID.lower(),
    }

    mqtt_topics_indoor_temperature = {
        0:
        mqtt_para['topicprefix'] + '/' + apiconst.BASE_INDOOR + '/' +
        apiconst.JSON_TS_LCL.lower(),
        1:
        mqtt_para['topicprefix'] + '/' + apiconst.BASE_INDOOR + '/' +
        apiconst.JSON_TS_LCL_UTC.lower(),
        2:
        mqtt_para['topicprefix'] + '/' + apiconst.BASE_INDOOR + '/' +
        apiconst.JSON_API_RM_TMPRTR_IN_L.lower(),
        3:
        mqtt_para['topicprefix'] + '/' + apiconst.BASE_INDOOR + '/' +
        apiconst.JSON_API_RM_TMPRTR_IN_A.lower(),
        4:
        mqtt_para['topicprefix'] + '/' + apiconst.BASE_INDOOR + '/' +
        apiconst.JSON_API_RM_TMPRTR_IN_H.lower(),
        5:
        mqtt_para['topicprefix'] + '/' + apiconst.BASE_INDOOR + '/' +
        apiconst.JSON_API_RM_TMPRTR_OUT_L.lower(),
        6:
        mqtt_para['topicprefix'] + '/' + apiconst.BASE_INDOOR + '/' +
        apiconst.JSON_API_RM_TMPRTR_OUT_A.lower(),
        7:
        mqtt_para['topicprefix'] + '/' + apiconst.BASE_INDOOR + '/' +
        apiconst.JSON_API_RM_TMPRTR_OUT_H.lower(),
    }

    mqtt_topics_phase = {
        0:
        mqtt_para['topicprefix'] + '/' +
        os.path.basename(apiconst.ROUTE_PHASE) + '/' +
        apiconst.JSON_TS_LCL.lower(),
        1:
        mqtt_para['topicprefix'] + '/' +
        os.path.basename(apiconst.ROUTE_PHASE) + '/' +
        apiconst.JSON_TS_LCL_UTC.lower(),
        2:
        mqtt_para['topicprefix'] + '/' +
        os.path.basename(apiconst.ROUTE_PHASE) + '/' +
        apiconst.JSON_API_PHS_CNSMPTN_L1_W.lower(),
        3:
        mqtt_para['topicprefix'] + '/' +
        os.path.basename(apiconst.ROUTE_PHASE) + '/' +
        apiconst.JSON_API_PHS_CNSMPTN_L2_W.lower(),
        4:
        mqtt_para['topicprefix'] + '/' +
        os.path.basename(apiconst.ROUTE_PHASE) + '/' +
        apiconst.JSON_API_PHS_CNSMPTN_L3_W.lower(),
        5:
        mqtt_para['topicprefix'] + '/' +
        os.path.basename(apiconst.ROUTE_PHASE) + '/' +
        apiconst.JSON_API_PHS_PRDCTN_L1_W.lower(),
        6:
        mqtt_para['topicprefix'] + '/' +
        os.path.basename(apiconst.ROUTE_PHASE) + '/' +
        apiconst.JSON_API_PHS_PRDCTN_L2_W.lower(),
        7:
        mqtt_para['topicprefix'] + '/' +
        os.path.basename(apiconst.ROUTE_PHASE) + '/' +
        apiconst.JSON_API_PHS_PRDCTN_L3_W.lower(),
        8:
        mqtt_para['topicprefix'] + '/' +
        os.path.basename(apiconst.ROUTE_PHASE) + '/' +
        apiconst.JSON_API_PHS_L1_V.lower(),
        9:
        mqtt_para['topicprefix'] + '/' +
        os.path.basename(apiconst.ROUTE_PHASE) + '/' +
        apiconst.JSON_API_PHS_L2_V.lower(),
        10:
        mqtt_para['topicprefix'] + '/' +
        os.path.basename(apiconst.ROUTE_PHASE) + '/' +
        apiconst.JSON_API_PHS_L3_V.lower(),
        11:
        mqtt_para['topicprefix'] + '/' + os.path.basename(
            apiconst.ROUTE_PHASE) + '/' + apiconst.JSON_API_PHS_L1_A.lower(),
        12:
        mqtt_para['topicprefix'] + '/' + os.path.basename(
            apiconst.ROUTE_PHASE) + '/' + apiconst.JSON_API_PHS_L2_A.lower(),
        13:
        mqtt_para['topicprefix'] + '/' + os.path.basename(
            apiconst.ROUTE_PHASE) + '/' + apiconst.JSON_API_PHS_L3_A.lower(),
    }

    mqtt_topics_powerproduction = {
        0:
        mqtt_para['topicprefix'] + '/' + apiconst.BASE_POWERPRODUCTION_S0 +
        '/minute'.lower() + '/' + apiconst.JSON_TS_LCL.lower(),
        1:
        mqtt_para['topicprefix'] + '/' + apiconst.BASE_POWERPRODUCTION_S0 +
        '/minute'.lower() + '/' + apiconst.JSON_TS_LCL_UTC.lower(),
        2:
        mqtt_para['topicprefix'] + '/' + apiconst.BASE_POWERPRODUCTION_S0 +
        '/minute'.lower() + '/' + apiconst.JSON_API_PROD_KWH_H.lower(),
        3:
        mqtt_para['topicprefix'] + '/' + apiconst.BASE_POWERPRODUCTION_S0 +
        '/minute'.lower() + '/' + apiconst.JSON_API_PROD_KWH_L.lower(),
        4:
        mqtt_para['topicprefix'] + '/' + apiconst.BASE_POWERPRODUCTION_S0 +
        '/minute'.lower() + '/' + apiconst.JSON_API_PROD_PULS_CNT_H.lower(),
        5:
        mqtt_para['topicprefix'] + '/' + apiconst.BASE_POWERPRODUCTION_S0 +
        '/minute'.lower() + '/' + apiconst.JSON_API_PROD_PULS_CNT_L.lower(),
        6:
        mqtt_para['topicprefix'] + '/' + apiconst.BASE_POWERPRODUCTION_S0 +
        '/minute'.lower() + '/' + apiconst.JSON_API_PROD_KWH_TOTAL_H.lower(),
        7:
        mqtt_para['topicprefix'] + '/' + apiconst.BASE_POWERPRODUCTION_S0 +
        '/minute'.lower() + '/' + apiconst.JSON_API_PROD_KWH_TOTAL_L.lower(),
        8:
        mqtt_para['topicprefix'] + '/' + apiconst.BASE_POWERPRODUCTION_S0 +
        '/minute'.lower() + '/' + apiconst.JSON_API_PROD_KWH_TOTAL.lower(),
        9:
        mqtt_para['topicprefix'] + '/' + apiconst.BASE_POWERPRODUCTION_S0 +
        '/minute'.lower() + '/' + apiconst.JSON_API_PROD_W_PSEUDO.lower(),
    }
Beispiel #6
0
def Main(argv):
    flog.info("Start van programma.")
    global smtp_para

    # open van status database
    try:
        rt_status_db.init(const.FILE_DB_STATUS, const.DB_STATUS_TAB)
    except Exception as e:
        flog.critical(inspect.stack()[0][3] + ": Database niet te openen(1)." +
                      const.FILE_DB_STATUS + ") melding:" + str(e.args[0]))
        sys.exit(1)
    flog.debug(inspect.stack()[0][3] + ": database tabel " +
               const.DB_STATUS_TAB + " succesvol geopend.")

    # open van config database
    try:
        config_db.init(const.FILE_DB_CONFIG, const.DB_CONFIG_TAB)
    except Exception as e:
        flog.critical(inspect.stack()[0][3] + ": database niet te openen(2)." +
                      const.FILE_DB_CONFIG + ") melding:" + str(e.args[0]))
        sys.exit(1)
    flog.debug(inspect.stack()[0][3] + ": database tabel " +
               const.DB_CONFIG_TAB + " succesvol geopend.")

    # update field from database, the cli switches overwrite the DB values!

    _id, smtp_para['mailuser'], _label = config_db.strget(63, flog)
    _id, smtp_para['mailuserpassword'], _label = config_db.strget(64, flog)
    _id, smtp_para['mailserver'], _label = config_db.strget(65, flog)
    _id, smtp_para['mailserverport_ssl'], _label = config_db.strget(66, flog)
    _id, smtp_para['mailserverport_starttls'], _label = config_db.strget(
        67, flog)
    _id, smtp_para['mailserverport_plaintext'], _label = config_db.strget(
        68, flog)
    _id, smtp_para['subject'], _label = config_db.strget(69, flog)
    _id, to, _label = config_db.strget(70, flog)
    smtp_para['to'] = to.split()
    _id, cc, _label = config_db.strget(74, flog)
    smtp_para['cc'] = cc.split()
    _id, bcc, _label = config_db.strget(75, flog)
    smtp_para['bcc'] = bcc.split()
    _id, smtp_para['fromalias'], _label = config_db.strget(71, flog)
    _id, smtp_para['timeout'], _label = config_db.strget(72, flog)

    flog.debug(inspect.stack()[0][3] + ": parameters uit de DB:" +
               str(smtp_para))

    parser = argparse.ArgumentParser(description="smtp....")  # DB ID
    parser.add_argument('-u', '--mailuser', required=False)  #63
    parser.add_argument('-pw', '--mailuserpassword', required=False)  #64
    parser.add_argument('-srv', '--mailserver', required=False)  #65
    parser.add_argument('-pssl', '--mailserverport_ssl', required=False)  #66
    parser.add_argument('-pstls', '--mailserverport_starttls',
                        required=False)  #67
    parser.add_argument('-pplain',
                        '--mailserverport_plaintext',
                        required=False)  #68
    parser.add_argument('-subject', '--subject', required=False)  #69
    parser.add_argument('-to', '--to', action='append', required=False)  #70
    parser.add_argument('-cc', '--cc', action='append', required=False)  #74
    parser.add_argument('-bcc', '--bcc', action='append', required=False)  #75
    parser.add_argument('-from', '--fromalias', required=False)  #71
    parser.add_argument('-msgtext', '--messagetext', required=False)  #NONE
    parser.add_argument('-msghtml', '--messagehtml', required=False)  #NONE
    parser.add_argument('-time', '--timeout', required=False)  #72
    parser.add_argument('-a', '--attachment', action='append',
                        required=False)  #NONE
    parser.add_argument('-test',
                        '--testmail',
                        action='store_true',
                        required=False)  #NONE

    args = parser.parse_args()

    # send a test mail with default value
    if args.testmail != None:
        smtp_para['messagetext'] = "Dit is een test mail van de P1 monitor en mag genegeert worden. De mail is op " +  makeLocalTimeString() + " verzonden." + \
        "\n\n" + getQuote() + "\n\nBezoek https://www.ztatz.nl voor meer informatie over de P1 monitor."
        smtp_para[
            'subject'] = "P1 monitor test email van " + makeLocalTimeString(
            ) + "."

    if args.mailuser != None:
        smtp_para['mailuser'] = args.mailuser

    if args.mailuserpassword != None:
        smtp_para['mailuserpassword'] = args.mailuserpassword
    else:  #decode password
        try:
            smtp_para['mailuserpassword'] = base64.standard_b64decode(
                crypto3.p1Decrypt(smtp_para['mailuserpassword'],
                                  'mailpw')).decode('utf-8')
        except Exception as e:
            flog.error(inspect.stack()[0][3]+": password decodering gefaald. Decoded password="******" Gestopt. melding:" + str(e.args[0]) )
            sys.exit(16)
        flog.info("Password decryptie ok.")
        flog.debug("Decoded password = "******"P1 monitor version " + const.P1_VERSIE

    if args.messagehtml != None:
        smtp_para['messagehtml'] = args.messagehtml

    if args.messagetext != None:
        smtp_para['messagetext'] = args.messagetext

    if args.timeout != None:
        smtp_para['timeout'] = int(args.timeout)

    if args.attachment != None:
        #print ( args.attachment )
        for a in args.attachment:
            smtp_para['attachments'].append(a)

    flog.debug(inspect.stack()[0][3] + ": parameters na CLI parsing:" +
               str(smtp_para))

    #check if at least one reciever is given.
    cnt_valid_senders = 0
    for x in [smtp_para['to'], smtp_para['cc'], smtp_para['bcc']]:
        if len(x) > 0:
            cnt_valid_senders += 1

    if cnt_valid_senders == 0:
        flog.critical(inspect.stack()[0][3] +
                      ": geen TO,CC of BCC ontvangers opgegeven.")
        sys.exit(1)

    # 1 Start an SMTP connection that is secured from the beginning using SMTP_SSL().
    # 2 Start an unsecured SMTP connection that can then be encrypted using .starttls()
    # 3 Fallback to unsecure plaintext email.

    if sendSmtpMail('ssl') == False:
        flog.info(inspect.stack()[0][3] +
                  ": SSL/TSL verbinding is niet gelukt.")
        if sendSmtpMail('starttls') == False:
            flog.info(inspect.stack()[0][3] +
                      ": STARTTLS verbinding is niet gelukt.")
            if sendSmtpMail('plaintext') == False:
                flog.error("plaintext is mislukt gestopt.")
                sys.exit(1)

    #print ( sendSmtpMail('plaintext') )
    #print ( sendSmtpMail( 'starttls' ) )
    #print (  sendSmtpMail('ssl') )

    flog.info(inspect.stack()[0][3] + ": Programma is succesvol gestopt.")
    rt_status_db.timestamp(82, flog)
    sys.exit(0)  # all is well.
Beispiel #7
0
def Main(argv):

    my_pid = os.getpid()

    flog.info("Start van programma met process id " + str(my_pid))
    flog.info(inspect.stack()[0][3] + ": wordt uitgevoerd als user -> " +
              pwd.getpwuid(os.getuid()).pw_name)

    parser = argparse.ArgumentParser(description='help informatie')
    parser = argparse.ArgumentParser(
        add_help=False)  # suppress default UK help text

    parser.add_argument('-h',
                        '--help',
                        action='help',
                        default=argparse.SUPPRESS,
                        help='Laat dit bericht zien en stop.')

    parser.add_argument(
        '-u',
        '--update',
        required=False,
        action="store_true",
        help="start de automatische update van publiek IP en DNS naam.")

    args = parser.parse_args()

    ####################################
    # open van config status database  #
    ####################################
    try:
        config_db.init(const.FILE_DB_CONFIG, const.DB_CONFIG_TAB)
    except Exception as e:
        flog.critical(inspect.stack()[0][3] + ": database niet te openen(1)." +
                      const.FILE_DB_CONFIG + ") melding:" + str(e.args[0]))
        sys.exit(1)
    flog.debug(inspect.stack()[0][3] + ": database tabel " +
               const.DB_CONFIG_TAB + " succesvol geopend.")

    ########################################################
    # update the local IP adres with the FQDN name from    #
    # the config database                                  #
    ########################################################
    if args.update == True:

        # read en decode the DuckDNS token
        try:
            _id, dynamic_dns, _label = config_db.strget(150, flog)
            _id, duckdns_token_encoded, _label = config_db.strget(151, flog)

            #print ( duckdns_token_encoded )
            duckdns_token = base64.standard_b64decode(
                crypto3.p1Decrypt(duckdns_token_encoded,
                                  'dckdckdns')).decode('utf-8')

        except Exception as e:
            flog.critical(inspect.stack()[0][3] +
                          ": configuratie gegevens fout (DuckDNS token) -> ." +
                          str(e.args[0]))
            sys.exit(1)

        # remove older status file when it exist.
        try:
            if os.path.exists(const.FILE_DUCKDNS_STATUS):
                os.remove(const.FILE_DUCKDNS_STATUS)
        except Exception as e:
            flog.warning(inspect.stack()[0][3] + ": status file " +
                         const.FILE_DUCKDNS_STATUS + " probleem. " +
                         str(e.args[0]))

        #duckdns_token = duckdns_token + "x"

        # execute the curl command to update the DuckDNS IP
        try:
            flog.debug(inspect.stack()[0][3] + ": Parameters token=" +
                       duckdns_token + " dns_name=" + dynamic_dns)

            cmd = 'echo url="https://www.duckdns.org/update?domains=' + dynamic_dns + '&token=' + duckdns_token + '&ip=" | curl -s -k -o ' + const.FILE_DUCKDNS_STATUS + ' -K -'
            if os.system(cmd) > 0:
                flog.error(inspect.stack()[0][3] + " update gefaald")

        except Exception as e:
            flog.critical(inspect.stack()[0][3] + ": update gefaald door -> " +
                          str(e.args[0]))
            sys.exit(1)

        # check if the command was excuted OK (KO) is not ok.
        try:
            f = open(const.FILE_DUCKDNS_STATUS, "r")
            if f.mode == 'r':
                status = f.read().strip()
                if status == "OK":
                    flog.info(inspect.stack()[0][3] +
                              ": DNS naam naar IP update is succesvol.")
                else:
                    flog.warning(inspect.stack()[0][3] +
                                 ": DNS naam naar IP update is gefaald.")
            f.close()
        except Exception as e:
            flog.warning(inspect.stack()[0][3] +
                         ": status check probleem -> " + str(e.args[0]))
            sys.exit(1)

        sys.exit(0)

    flog.warning(inspect.stack()[0][3] + ": geen command line opties opgeven!")
    sys.exit(1)
Beispiel #8
0
def read_api_key(db, flog=None):
    #raise Exception("test exception.")
    _id, encoded_api_key, _label = db.strget(139, flog)
    decoded_api_key = base64.standard_b64decode(
        crypto3.p1Decrypt(encoded_api_key, 'solaredgeapikey')).decode('utf-8')
    return decoded_api_key
Beispiel #9
0
def Main(argv):

    my_pid = os.getpid()

    flog.info("Start van programma met process id " + str(my_pid))
    flog.info(inspect.stack()[0][3] + ": wordt uitgevoerd als user -> " +
              pwd.getpwuid(os.getuid()).pw_name)

    parser = argparse.ArgumentParser(description='help informatie')
    parser = argparse.ArgumentParser(
        add_help=False)  # suppress default UK help text

    parser.add_argument('-ac',
                        '--activatecert',
                        required=False,
                        action="store_true",
                        help="maak een Lets Encrypt certificaat aan")

    parser.add_argument(
        '-arn',
        '--autorenewon',
        required=False,
        action="store_true",
        help="activeer het automatisch updaten van certificaten.")

    parser.add_argument(
        '-arf',
        '--autorenewoff',
        required=False,
        action="store_true",
        help="deactiveer het automatisch updaten van certificaten.")

    parser.add_argument(
        '-at',
        '--apitokens',
        required=False,
        action="store_true",
        help="configureerde de API tokens, uit de configuratie database.")

    parser.add_argument(
        '-ci',
        '--certinfo',
        required=False,
        action="store_true",
        help=
        "geeft de certificaat informatie weer en update de status database.")

    parser.add_argument(
        '-ch',
        '--createhttpconfigfile',
        type=pathvalidate.argparse.sanitize_filepath_arg,
        required=False,
        help=
        "schrijft een http config bestand naar het opgegeven path bv: /etc/nginx/sites-enabled/p1mon_80"
    )

    parser.add_argument(
        '-dc',
        '--deactivatecert',
        required=False,
        action="store_true",
        help="verwijder alle bestaande Lets Encrypt certificaten")

    parser.add_argument('-h',
                        '--help',
                        action='help',
                        default=argparse.SUPPRESS,
                        help='Laat dit bericht zien en stop.')

    parser.add_argument(
        '-hs',
        '--https',
        required=False,
        action="store_true",
        help=
        "maak een HTTP en HTTPS configuratie bestand aan en herstart de webserver."
    )

    parser.add_argument(
        '-ht',
        '--http',
        required=False,
        action="store_true",
        help=
        "maak een basis configuratie bestand met alleen HTTP (fabrieks instelling) en herstart de webserver."
    )

    parser.add_argument(
        '-g',
        '--gateway',
        required=False,
        action="store_true",
        help=
        "configureer het config file voor de router/gatway. Nodig voor http naar https redirection."
    )

    parser.add_argument('-r',
                        '--renewcerts',
                        required=False,
                        action="store_true",
                        help="renew alle certificaten die aangemaakt zijn")

    args = parser.parse_args()

    ###################################
    # init stuff                      #
    ###################################

    ####################################
    # open van config status database  #
    ####################################
    try:
        config_db.init(const.FILE_DB_CONFIG, const.DB_CONFIG_TAB)
    except Exception as e:
        flog.critical(inspect.stack()[0][3] + ": database niet te openen(1)." +
                      const.FILE_DB_CONFIG + ") melding:" + str(e.args[0]))
        sys.exit(1)
    flog.info(inspect.stack()[0][3] + ": database tabel " +
              const.DB_CONFIG_TAB + " succesvol geopend.")

    try:
        rt_status_db.init(const.FILE_DB_STATUS, const.DB_STATUS_TAB)
    except Exception as e:
        flog.critical(inspect.stack()[0][3] + ": Database niet te openen(2)." +
                      const.FILE_DB_STATUS + ") melding:" + str(e.args[0]))
        sys.exit(1)
    flog.info(inspect.stack()[0][3] + ": database tabel " +
              const.DB_STATUS_TAB + " succesvol geopend.")

    if args.createhttpconfigfile != None:
        filename = str(args.createhttpconfigfile)
        flog.info(inspect.stack()[0][3] + ": http config bestand  " +
                  str(filename) + " wordt aangemaakt:")
        create_default_p80_config_file(filename)

    #######################################
    # display and log cert info and write #
    # expire date to status file          #
    #######################################
    if args.certinfo == True:
        if cert_info() == False:
            sys.exit(1)
        sys.exit(0)

    #######################################
    # update the certificates when needed #
    #######################################
    if args.renewcerts == True:

        flog.info(inspect.stack()[0][3] + ": update van certificaten gestart.")
        try:
            cmd = '/usr/bin/sudo certbot renew'
            proc = subprocess.Popen([cmd],
                                    shell=True,
                                    stdout=subprocess.PIPE,
                                    stderr=subprocess.STDOUT)
            stdout, stderr = proc.communicate(timeout=60)
            exit_code = int(proc.wait())
            if exit_code == 0:  # last succesfull try to renew the certificate.
                rt_status_db.strset(makeLocalTimeString.makeLocalTimeString(),
                                    120, flog)
                cert_info()  # update database with how long the cert is valid.
        except Exception as e:
            flog.critical(inspect.stack()[0][3] +
                          ": update van certificaten gefaald " + str(e.args))
            sys.exit(1)

        flog.info(inspect.stack()[0][3] + ": antwoord van LetsEncrypt: " +
                  str(stdout.decode('utf-8').replace('\n', ' ')))
        nginx_restart(
        )  # needed to read in a new recieved cert after an true renew.
        sys.exit(0)

    #################################################
    # change crontab to start auto update off certs #
    #################################################
    if args.autorenewon == True:
        if set_cert_auto_renew(mode='on', flog=flog) == False:
            flog.error(inspect.stack()[0][3] +
                       ": Automatische update activeren gefaald.")
            sys.exit(1)
        sys.exit(0)

    #################################################
    # change crontab to stop auto update off certs  #
    #################################################
    if args.autorenewoff == True:
        if set_cert_auto_renew(mode='off', flog=flog) == False:
            flog.error(inspect.stack()[0][3] +
                       ": Automatische update deactiveren gefaald.")
            sys.exit(1)
        sys.exit(0)

    ######################################################
    # create cert, update nginx config and reload NGINX  #
    ######################################################
    if args.activatecert == True:

        fqdn = None
        try:
            _id, fqdn, _label = config_db.strget(150, flog)
            if len(fqdn.strip()) == 0:
                raise Exception("geen domain naam ingesteld.")
        except Exception as e:
            flog.critical(
                inspect.stack()[0][3] +
                ": FQDN (domain naam) is niet te lezen of niet gezet: " +
                str(e.args))
            sys.exit(1)  # things went wrong.

        email = None
        try:
            _id, email, _label = config_db.strget(159, flog)
            if len(email.strip()) == 0:
                raise Exception("geen email ingsteld voor LetsEncrypt!")
        except Exception as e:
            flog.critical(inspect.stack()[0][3] +
                          ": e-mail is niet te lezen of niet gezet: " +
                          str(e.args))
            sys.exit(1)  # things went wrong.

        certbot_exit_code = 0
        try:
            #cmd = '/usr/bin/sudo certbot certonly -n --email '+ email + ' --agree-tos --no-eff-email --webroot -w /p1mon/www -d ' + fqdn
            cmd = '/usr/bin/sudo certbot certonly -v -n --email ' + email + ' --agree-tos --no-eff-email --webroot -w /p1mon/www/ -d ' + fqdn
            proc = subprocess.Popen([cmd],
                                    shell=True,
                                    stdout=subprocess.PIPE,
                                    stderr=subprocess.STDOUT)
            stdout, stderr = proc.communicate(timeout=60)
            certbot_exit_code = int(proc.wait())
        except Exception as e:
            if stderr != None:
                flog.critical( inspect.stack()[0][3] + ": creatie van certificaat voor " + fqdn + " gefaald " +\
                    str( e.args)  + " fout melding " + str( stderr.decode('utf-8').replace('\n', ' ') ))

            sys.exit(1)

        flog.info(inspect.stack()[0][3] + ": antwoord van LetsEncrypt: " +
                  str(stdout.decode('utf-8').replace('\n', ' ')))

        ###############################################
        # set nginx config files with new certifcate  #
        # and reload NGINX                            #
        ###############################################
        if certbot_exit_code == 0:  # only make change after en succesfull cerbot run.
            set_nginx_https_config()

        # normal exit
        sys.exit(0)

    ######################################################
    # delete cert, update nginx config and reload NGINX  #
    ######################################################
    if args.deactivatecert == True:

        fqdn_set = set()  # set has unique values.
        try:
            cmd = '/usr/bin/sudo certbot certificates'
            proc = subprocess.Popen([cmd],
                                    shell=True,
                                    stdout=subprocess.PIPE,
                                    stderr=subprocess.STDOUT)
            buf = proc.stdout.readlines()

            for item in buf:
                value = item.decode('utf-8').strip()
                if value.find('Domains:') == 0:
                    #print( item.split()[1].decode('utf-8') )
                    fqdn_set.add(item.split()[1].decode('utf-8').strip())
        except Exception as e:
            flog.warning(inspect.stack()[0][3] +
                         ": certifcaat is niet te lezen of niet gezet: " +
                         str(e.args))
            sys.exit(1)  # things went wrong.

        for fqdn in fqdn_set:
            #print ( fqdn )
            try:
                cmd = '/usr/bin/sudo certbot delete -n --cert-name ' + fqdn
                proc = subprocess.Popen([cmd],
                                        shell=True,
                                        stdout=subprocess.PIPE,
                                        stderr=subprocess.STDOUT)
                stdout, stderr = proc.communicate(timeout=60)
            except Exception as e:
                flog.warning(inspect.stack()[0][3] +
                             ": verwijderen van het certificaat voor " + fqdn +
                             "gefaald " + str(e.args))

            flog.info(inspect.stack()[0][3] + ": antwoord van LetsEncrypt: " +
                      str(stdout.decode('utf-8').replace('\n', ' ')))

        if (len(fqdn_set) == 0):
            flog.info(inspect.stack()[0][3] +
                      ": geen geïnstalleerde certificaten gevonden.")

        ###############################################
        # set nginx config file                       #
        # and reload NGINX also handles the exit code #
        ###############################################
        set_default_p80_config()

    ######################################################
    # maken default gateway nginx map file for https     #
    # redirect                                           #
    ######################################################
    if args.gateway == True:
        make_nginx_conf()

        if check_nginx_configuration(flog=flog) == False:
            flog.error(inspect.stack()[0][3] +
                       ": gateway config bestands fout, gestopt!")
            sys.exit(1)

        nginx_restart()
        sys.exit(0)

    ########################################################
    # add the api tokens to the nginx configuration file   #
    ########################################################
    if args.apitokens == True:

        try:
            _id, crypto_data, _label = config_db.strget(160, flog)
            full_json = base64.standard_b64decode(
                crypto3.p1Decrypt(crypto_data, '20210731apikey'))
            flog.debug(inspect.stack()[0][3] + ": decrypted json = " +
                       full_json.decode('utf-8'))

            tokens = []
            json_dict = json.loads(full_json)
            for item in json_dict:
                tokens.append(item['TOKEN'])

        except Exception as e:
            flog.warning(inspect.stack()[0][3] +
                         ": inlezen van versleutelde tokens, Fout=" +
                         str(e.args[0]))

        flog.debug(inspect.stack()[0][3] + ": API token list  = " +
                   str(tokens))

        buffer = generate_header_string()
        buffer += '\nmap $http_x_apikey $api_realm {\n'
        buffer += '    default "";\n'
        for token in tokens:
            buffer += '    "' + token + '" "p1mon_api";\n'
        buffer += '}\n'

        #print( buffer )
        flog.debug(inspect.stack()[0][3] + ": api tokens:\n" + str(buffer))

        if write_buffer(buffer=buffer, file=nginx_lib.APIKEYFILE,
                        flog=flog) == False:
            sys.exit(1)  # things went wrong.

        if check_nginx_configuration(flog=flog) == False:
            flog.error(inspect.stack()[0][3] +
                       ": api tokens bestands fout, gestopt!")
            sys.exit(0)

        nginx_restart()
        sys.exit(0)

    ########################################################
    # reset all the setting to factory setting and remove  #
    # https (443) settings                                 #
    ########################################################
    if args.http == True:
        make_nginx_conf()
        set_default_p80_config()

    ###########################################################
    # change port 80 and 443 config so the lets encrypt certs #
    # are used and the redirection for de UI is in place.     #
    ###########################################################
    if args.https == True:
        make_nginx_conf()
        set_nginx_https_config()

    flog.info(
        inspect.stack()[0][3] +
        ": gestopt zonder uitgevoerde acties, geef commandline opties op.")
    sys.exit(1)  # should be an error when there are no options given.
Beispiel #10
0
def restore():
    flog.info("Herstellen van gegevens gestart.")
    # check of there is a USB drive with data
    usb_drive = checkForExistingUsedDrive()
    data_is_processed_flag = False

    if usb_drive != None:  # we have a backup
        flog.info("Drive " + str(usb_drive) + " bevat mogelijke backup data.")

        # copy data to folder with .p1ua extention.
        # this is done te make sure we can erease the data on the USB stick.
        # after the succesfull erease the extention is remove

        try:

            # process WIFI config data
            flog.info("Wifi data verwerken.")
            for name in glob.glob(const.DIR_UPGRADE_ASSIST_USB_MOUNT +
                                  const.DIR_UPGRADE_ASSIST_WIFI + "/*.p1ua"):

                #print (name)
                # read en decode
                with open(name, 'r') as w_file:
                    data = w_file.read()
                #print ('crypted data' )
                #print ( data )
                result_decrypt = crypto3.p1Decrypt(data, CRYPTO_SEED)
                #print ('result_decrypt' )
                #print ( result_decrypt )

                #print ( 'wifi_config_file')
                #print ( wifi_config_file )

                wifi_fp = open(wifi_config_file, "w")
                wifi_fp.write(result_decrypt)
                wifi_fp.write('\n')
                wifi_fp.close()
                flog.info("Wifi bestand " + wifi_config_file + P1UAEXT +
                          " gekopierd.")
                #sys.exit(0)

                subprocess.run(['sudo', 'chmod', '0660', wifi_config_file],
                               stdout=subprocess.DEVNULL,
                               stderr=subprocess.DEVNULL)
                flog.info("Wifi bestand " + wifi_config_file + " verwerkt")

                if isVerfiedRemoveOfFile(name) == True:
                    flog.info("Wifi bestand " + name + " is gewist.")
                    data_is_processed_flag = True  # we have processed some data and removed the file to prevent endless loop/reboot

        except Exception as e:
            data_is_processed_flag = False
            flog.error(inspect.stack()[0][3] +
                       ": probleem met het verwerken van de wifi data: " +
                       str(e))

        try:
            flog.info("Database SQL data verwerken.")
            # process Database data
            # if there is a SQL export we don't use the *.db files
            # print ( glob.glob( const.DIR_UPGRADE_ASSIST_USB_MOUNT + const.DIR_UPGRADE_ASSIST_DATA + "/" + const.EXPORT_PREFIX + "*.p1ua") )

            for name in glob.glob(const.DIR_UPGRADE_ASSIST_USB_MOUNT +
                                  const.DIR_UPGRADE_ASSIST_DATA + "/" +
                                  const.EXPORT_PREFIX + "*.p1ua"):
                _path, file = os.path.split(name)
                copyFile(name,
                         const.DIR_FILEDISK)  # to p1mon normal data folder
                flog.info("SQL export bestand " + file + " gekopierd.")
                if isVerfiedRemoveOfFile(name) == True:
                    flog.info("SQL export bestand " + name + " gewist.")

                # set file rights
                subprocess.run(
                    ['sudo', 'chmod', '0664', const.DIR_FILEDISK + file],
                    stdout=subprocess.DEVNULL,
                    stderr=subprocess.DEVNULL)
                flog.info("Data bestand " + const.DIR_FILEDISK + file +
                          " verwerkt.")
                #data_is_processed_flag = True # we have processed some data

            flog.info("Database datafiles verwerken.")
            for name in glob.glob(const.DIR_UPGRADE_ASSIST_USB_MOUNT +
                                  const.DIR_UPGRADE_ASSIST_DATA + "/*db.p1ua"):
                _path, file = os.path.split(name)
                source = const.DIR_UPGRADE_ASSIST_USB_MOUNT + const.DIR_UPGRADE_ASSIST_DATA + '/' + file
                copyFile(source, const.DIR_FILEDISK)
                flog.info("Database bestand " + source + " gekopierd.")

                if isVerfiedRemoveOfFile(source) == True:
                    # rename file
                    filename_no_ext, _file_extension = os.path.splitext(source)
                    _path, source_filename = os.path.split(source)
                    #print ( const.DIR_FILEDISK + source_filename )
                    #print ( const.DIR_FILEDISK + source_filename )
                    #print ( filename_no_ext )
                    _path, dest_filename = os.path.split(filename_no_ext)
                    #print ( dest_filename )
                    #print ( const.DIR_FILEDISK + dest_filename )

                    os.rename(const.DIR_FILEDISK + source_filename,
                              const.DIR_FILEDISK + dest_filename)
                    # set file rights
                    subprocess.run([
                        'sudo', 'chmod', '0664',
                        const.DIR_FILEDISK + dest_filename
                    ],
                                   stdout=subprocess.DEVNULL,
                                   stderr=subprocess.DEVNULL)
                    flog.info("Data bestand " + const.DIR_FILEDISK +
                              dest_filename + " verwerkt.")
                    data_is_processed_flag = True  # we have processed some data

        except Exception as e:
            flog.error(inspect.stack()[0][3] +
                       ": probleem met het verwerken van de database data: " +
                       str(e))
            data_is_processed_flag = False

        umountUSB(usb_drive)

    if data_is_processed_flag == False:
        flog.info("Geen data gevonden op de USB drive(s) niets uitgevoerd.")
    else:

        flog.info("cron jobs worden aangemaakt uit de database.")
        # const.FILE_DB_CONFIG split for filename
        _head, tail = os.path.split(const.FILE_DB_CONFIG)
        copyFile(const.DIR_FILEDISK + tail,
                 const.DIR_RAMDISK)  #disk to ram, scripts uses ram location

        if os.system('sudo -u p1mon /p1mon/scripts/P1Scheduler.py') > 0:
            flog.error(inspect.stack()[0][3] + " cron jobs update gefaald.")
        time.sleep(2)

        flog.info(
            "Filesysteem wordt vergroot naar de maximale ruimte van de SDHC kaart."
        )
        _cp = subprocess.run(['sudo raspi-config --expand-rootfs'],
                             shell=True,
                             check=True)
        #print( _cp.stdout )
        #print( _cp.stderr )
        #print( _cp.returncode )
        time.sleep(2)

        ############################################################################
        # make a (possible empty) api tokens file. this is needed if the p1mon_443 #
        # file exist nginx fails if the token file is missing. This also makes     #
        # sure that nginx is reloaded or restarted if it is not running            #
        ############################################################################
        if os.system(
                'sudo -u p1mon /p1mon/scripts/P1NginxConfig.py --apitokens'
        ) > 0:
            msg = "Nginx API tokens update gefaald."
            flog.error(inspect.stack()[0][3] + ": " + msg)

        if os.system(
                'sudo -u p1mon /p1mon/scripts/P1NginxConfig.py --gateway') > 0:
            msg = "Nginx gateway update gefaald."
            flog.error(inspect.stack()[0][3] + ": " + msg)

        flog.info("file system sync uitvoeren.")
        if os.system('sudo sync') > 0:
            flog.warning(inspect.stack()[0][3] + " file system sync gefaald.")

        flog.info(
            "Data herstelt vanaf de USB drive. Er wordt een reboot uitgevoerd."
        )
        time.sleep(5)
        subprocess.run(['sudo', '/sbin/reboot'],
                       stdout=subprocess.DEVNULL,
                       stderr=subprocess.DEVNULL)
        time.sleep(
            30
        )  # failsave to make sure the reboot is done and no other scripts are started.
Beispiel #11
0
def Main(argv):
    flog.info("Start van programma.")
    global ftp_para

    # open van status database
    try:
        rt_status_db.init(const.FILE_DB_STATUS, const.DB_STATUS_TAB)
    except Exception as e:
        flog.critical(inspect.stack()[0][3] + ": Database niet te openen(1)." +
                      const.FILE_DB_STATUS + ") melding:" + str(e.args[0]))
        sys.exit(1)
    flog.debug(inspect.stack()[0][3] + ": database tabel " +
               const.DB_STATUS_TAB + " succesvol geopend.")

    # open van config database
    try:
        config_db.init(const.FILE_DB_CONFIG, const.DB_CONFIG_TAB)
    except Exception as e:
        flog.critical(inspect.stack()[0][3] + ": database niet te openen(2)." +
                      const.FILE_DB_CONFIG + ") melding:" + str(e.args[0]))
        sys.exit(1)
    flog.debug(inspect.stack()[0][3] + ": database tabel " +
               const.DB_CONFIG_TAB + " succesvol geopend.")

    rt_status_db.timestamp(47, flog)

    # update field from database, the cli switches overwrite the DB values!
    _id, ftp_para['user'], _label = config_db.strget(28, flog)
    _id, ftp_para['password'], _label = config_db.strget(29, flog)
    _id, ftp_para['directory'], _label = config_db.strget(30, flog)
    _id, ftp_para['server'], _label = config_db.strget(31, flog)
    _id, ftp_para['port'], _label = config_db.strget(32, flog)
    _id, ftp_para['filename'], _label = config_db.strget(33, flog)
    _id, ftp_para['maxfilecount'], _label = config_db.strget(34, flog)
    _id, ftp_para['ftps'], _label = config_db.strget(35, flog)  # was secure
    _id, ftp_para['ftp'], _label = config_db.strget(76, flog)
    _id, ftp_para['sftp'], _label = config_db.strget(77, flog)
    # sftp toevoegen. ftp toevoegen

    flog.debug(inspect.stack()[0][3] + ": parameters uit de DB:" +
               str(ftp_para))

    parser = argparse.ArgumentParser(description="ftp....")
    parser.add_argument('-u', '--user', required=False)
    parser.add_argument('-pw', '--password', required=False)
    parser.add_argument('-dir', '--directory', required=False)
    parser.add_argument('-srv', '--server', required=False)
    parser.add_argument('-fname', '--filename', required=False)
    parser.add_argument('-mfcnt', '--maxfilecount', required=False)
    parser.add_argument('-pt', '--port', required=False)
    parser.add_argument('-ftps', '--ftps', required=False,
                        action="store_true")  # flag only
    parser.add_argument('-sftp', '--sftp', required=False,
                        action="store_true")  # flag only
    parser.add_argument('-ftp', '--ftp', required=False,
                        action="store_true")  # flag only

    args = parser.parse_args()
    if args.user != None:
        ftp_para['user'] = args.user

    if args.password != None:
        ftp_para['password'] = args.password
        flog.debug("password van commandline ontvangen -> " +
                   ftp_para['password'])
    else:  #decode password from database
        try:
            ftp_para['password'] = base64.standard_b64decode(
                crypto3.p1Decrypt(ftp_para['password'],
                                  'ftppw')).decode('utf-8')
            #  added by Aad
            if ftp_para['password'] == '':
                ftp_para['password'] = "******"
                raise Exception(" wachtwoord is niet ingesteld.")
        except Exception as e:
            flog.error(inspect.stack()[0][3]+": password decodering gefaald. Decoded password="******" Gestopt. melding:" + str(e.args[0]) )
            sys.exit(16)
        flog.info("Password decryptie ok.")
        flog.debug("Decoded password = "******"''"
                raise Exception(
                    "server adres (IP adres of url) is niet ingesteld.")
        except Exception as e:
            flog.error(inspect.stack()[0][3] + ": Gestopt, melding: " +
                       str(e.args[0]))
            sys.exit(17)

    if args.filename != None:
        ftp_para['filename'] = args.filename

    if args.maxfilecount != None:
        ftp_para['maxfilecount'] = int(args.maxfilecount)

    if args.port != None:
        ftp_para['port'] = int(args.port)

    if args.ftp == True:
        ftp_para['ftp'] = 1
        ftp_para['ftps'] = 0
        ftp_para['sftp'] = 0

    if args.ftps == True:
        ftp_para['ftp'] = 0
        ftp_para['ftps'] = 1
        ftp_para['sftp'] = 0

    if args.sftp == True:
        ftp_para['ftp'] = 0
        ftp_para['ftps'] = 0
        ftp_para['sftp'] = 1

    flog.debug(inspect.stack()[0][3] + ": parameters na CLI parsing:" +
               str(ftp_para))

    if int(ftp_para['ftp']) == 0 and int(ftp_para['ftps']) == 0 and int(
            ftp_para['sftp']) == 0:
        flog.warning(inspect.stack()[0][3] +
                     ": geen ftp, ftps of sftp opties geslecteerd!")

    if os.path.isfile(ftp_para['filename']) == False:
        rt_status_db.strset(
            'fout: te kopieren bestand niet gevonden. Gestopt.', 48, flog)
        flog.error(inspect.stack()[0][3] +
                   ": te kopieren bestand niet gevonden. Gestopt.")
        sys.exit(17)

    # do normal plain text FTP
    if int(ftp_para['ftp']) == 1:
        flog.info(inspect.stack()[0][3] + ": probeer bestand  " +
                  ftp_para['filename'] + " te kopieren via ftp.")
        try:
            ftpConnection = ftpConnect()
            if len(ftp_para['directory']) > 0:
                ftpChangeDirectory(ftpConnection, ftp_para['directory'])
            ftpCopy(ftpConnection, ftp_para['filename'])
            flog.info(inspect.stack()[0][3] + ": bestand  " +
                      ftp_para['filename'] + " succesvol gekopierd via ftp.")
            ftpConnection.quit()  # be polite to ftp servers
        except Exception as e:
            rt_status_db.strset(
                'fout: server antwoord: ' + str(e.args[0]) + ' Gestopt.', 48,
                flog)
            flog.error(inspect.stack()[0][3] + ": FTP server antwoord: " +
                       str(e.args[0]) + " Gestopt.")
            sys.exit(11)

        rt_status_db.strset("FTP transfer is succesvol gestopt.", 48, flog)
        rt_status_db.timestamp(49, flog)
        flog.info("FTP transfer is succesvol gestopt.")
        sys.exit(0)  # all is well.

    # TODO ftps en sftp aanpassen zodat ze poort meenemen.
    # do ftps FTP with SSL
    if int(ftp_para['ftps']) == 1:

        #################################################################
        # STEP 1 copy the file                                          #
        #################################################################
        try:  # copying file

            #flog.setLevel( logging.DEBUG )

            _head, tail = os.path.split(ftp_para['filename'])
            changed_filename = '//p1mon/mnt/ramdisk/' + fileprefix + str(
                getUtcTime()) + '-' + tail
            #server              = "ftps://"+ftp_para['server']
            server = "ftp://" + ftp_para['server']  #+ ":990"
            if len(ftp_para['directory']) > 0:
                server = server + "/" + ftp_para[
                    'directory'] + "/"  # checked can handle // and / in path.

            flog.debug(inspect.stack()[0][3] + ": server path is=" +
                       str(server))
            shutil.copy(ftp_para['filename'], changed_filename)

            flog.info(inspect.stack()[0][3] + ": probeer bestand  " +
                      ftp_para['filename'] + " te kopieren via ftps.")
            """
            cp = subprocess.run([ "curl",  "--ssl-reqd", "--ftp-ssl-control", "-ssl", "--globoff", "--insecure", "-sSv", server, "--user", ftp_para['user']+":"+ftp_para['password'], "-T", changed_filename  ], \
                universal_newlines=True, stdout=subprocess.PIPE, stderr=subprocess.PIPE, timeout=60 )
            """

            cp = subprocess.run([ "curl", "--ftp-ssl-control", "--ftp-ssl" ,"--globoff", "--insecure", "-sSv", server, "--user", ftp_para['user']+":"+ftp_para['password'], "-T", changed_filename  ], \
                universal_newlines=True, stdout=subprocess.PIPE, stderr=subprocess.PIPE, timeout=60 )

            flog.debug(inspect.stack()[0][3] + ": cp.stdout=" + str(cp.stdout))
            flog.debug(inspect.stack()[0][3] + ": cp.stderr=" + str(cp.stderr))
            flog.debug(inspect.stack()[0][3] + ": cp.returncode=" +
                       str(cp.returncode))

            # Added by Aad.
            saveDelete(changed_filename)  # remove tmp copy of file.

            if cp.returncode == 0:
                flog.info(inspect.stack()[0][3] + ": bestand  " +
                          ftp_para['filename'] +
                          " succesvol gekopierd via ftps als " +
                          changed_filename)
            else:
                raise Exception(cp.stderr.replace("\n", ""))

        except Exception as e:
            rt_status_db.strset(
                'fout: server antwoord: ' + str(e.args[0]) + ' Gestopt.', 48,
                flog)
            flog.error(inspect.stack()[0][3] + ": SFTP server antwoord: " +
                       str(e.args[0]) + " Gestopt.")
            sys.exit(11)

        #################################################################
        # STEP 2 checking if we have reached the maxium number of files #
        #################################################################
        try:  # checkin if max files are reached
            _head, tail = os.path.split(ftp_para['filename'])
            changed_filename = '//p1mon/mnt/ramdisk/' + fileprefix + str(
                getUtcTime()) + tail
            server = "ftp://" + ftp_para['server']
            if len(ftp_para['directory']) > 0:
                server = server + "/" + ftp_para[
                    'directory'] + "/"  # checked can handle // and / in path.

            flog.debug(inspect.stack()[0][3] + ": server path is=" +
                       str(server))

            cp = subprocess.run([ "curl", "--ftp-ssl-control", "--ftp-ssl", "--globoff", "--insecure", "-sS", server, "--user", ftp_para['user']+":"+ftp_para['password'], "--list-only" ], \
                 universal_newlines=True, stdout=subprocess.PIPE, stderr=subprocess.PIPE, timeout=60 )

            #flog.debug( inspect.stack()[0][3]+": cp.stdout="        + str(cp.stdout) )
            #flog.debug( inspect.stack()[0][3]+": cp.stderr="        + str(cp.stderr) )
            #flog.debug( inspect.stack()[0][3]+": cp.returncode="    + str(cp.returncode ) )

            if cp.returncode == 0:  # process output, proces files based on epoch value in filename
                filtered_file_list = grep("\AP1BU-\d+", cp.stdout.split('\n'))
                if len(filtered_file_list) < int(ftp_para['maxfilecount']) - 1:
                    flog.info(inspect.stack()[0][3] +
                              ": maximale aantal van files " +
                              str(ftp_para['maxfilecount']) +
                              " niet gehaald (" +
                              str(len(filtered_file_list)) + ")")
                else:
                    flog.info(inspect.stack()[0][3] +
                              ": maximale aantal van files overschreden " +
                              str(ftp_para['maxfilecount']))
                    ftpsRemoveOldFiles(filtered_file_list)
            else:
                raise Exception(cp.stderr.replace("\n", ""))
        except Exception as e:
            rt_status_db.strset(
                'fout: directory list server : ' + str(e.args[0]) +
                ' Gestopt.', 48, flog)
            flog.error(inspect.stack()[0][3] +
                       ": SFTP directory list server fout: " + str(e.args[0]) +
                       " Gestopt.")
            sys.exit(13)

        rt_status_db.strset("FTPS transfer is succesvol gestopt.", 48, flog)
        rt_status_db.timestamp(49, flog)
        flog.info("FTPS transfer is succesvol gestopt.")
        sys.exit(0)  # all is well.

    # do sftp FTP with SSH
    if int(ftp_para['sftp']) == 1:

        #################################################################
        # STEP 1 copy the file                                          #
        #################################################################
        try:  # copying file
            _head, tail = os.path.split(ftp_para['filename'])
            tmp_path = '/var/log/p1monitor/'
            changed_filename = tmp_path + fileprefix + str(
                getUtcTime()) + '-' + tail
            server = "sftp://" + ftp_para['server'] + "/"
            if len(ftp_para['directory']) > 0:
                server = server + ftp_para[
                    'directory'] + "/"  # checked can handle // and / in path.
            else:
                server = server + "home/"

            flog.debug(inspect.stack()[0][3] + ": server path is=" +
                       str(server))

            #print ( "changed_filename " + changed_filename + " filename " + ftp_para['filename'] )

            shutil.copy(ftp_para['filename'], changed_filename)
            flog.info(inspect.stack()[0][3] + ": probeer bestand " +
                      ftp_para['filename'] + " te kopieren via sftp.")

            cp = subprocess.run([ "curl","--globoff", "--insecure", "-sSv", server, "--user", ftp_para['user']+":"+ftp_para['password'], "-T", changed_filename  ], \
                universal_newlines=True, stdout=subprocess.PIPE, stderr=subprocess.PIPE, timeout=60 )

            flog.debug(inspect.stack()[0][3] + ": cp.stdout=" + str(cp.stdout))
            flog.debug(inspect.stack()[0][3] + ": cp.stderr=" + str(cp.stderr))
            flog.debug(inspect.stack()[0][3] + ": cp.returncode=" +
                       str(cp.returncode))

            #Added by Aad.
            saveDelete(changed_filename)  # remove tmp copy of file.

            if cp.returncode == 0:
                flog.info(inspect.stack()[0][3] + ": bestand  " +
                          ftp_para['filename'] +
                          " succesvol gekopierd via ftps als " +
                          changed_filename)
            else:
                raise Exception(cp.stderr.replace("\n", ""))

        except Exception as e:
            rt_status_db.strset(
                'fout: server antwoord: ' + str(e.args[0]) + ' Gestopt.', 48,
                flog)
            flog.error(inspect.stack()[0][3] + ": SFTP server antwoord: " +
                       str(e.args[0]) + " Gestopt.")
            sys.exit(11)

        #################################################################
        # STEP 2 checking if we have reached the maxium number of files #
        #################################################################
        try:  # checkin if max files are reached

            #_head,tail = os.path.split( ftp_para['filename'] )
            #changed_filename    = '//p1mon/mnt/ramdisk/' + fileprefix + str(getUtcTime()) + '-' + tail

            server = "sftp://" + ftp_para['server'] + "/"
            if len(ftp_para['directory']) > 0:
                server = server + ftp_para[
                    'directory'] + "/"  # checked can handle // and / in path.
            else:
                server = server + "home/"

            flog.debug(inspect.stack()[0][3] + ": server path is=" +
                       str(server))

            # Modified by Aad: for clarity, conform curl params: --list-only parameter added.
            cp = subprocess.run([ "curl", "--globoff", "--insecure", "-sSv", server, "--user", ftp_para['user']+":"+ftp_para['password'], "--list-only" ], \
                 universal_newlines=True, stdout=subprocess.PIPE, stderr=subprocess.PIPE, timeout=60 )

            flog.debug(inspect.stack()[0][3] + ": cp.stdout=" + str(cp.stdout))
            flog.debug(inspect.stack()[0][3] + ": cp.stderr=" + str(cp.stderr))
            flog.debug(inspect.stack()[0][3] + ": cp.returncode=" +
                       str(cp.returncode))

            # pre-process output that could have a unspecified layout.
            filtered_file_list = []
            matched_lines = [
                line for line in cp.stdout.split('\n') if fileprefix in line
            ]
            for line in matched_lines:
                #filtered_file_list.append ( line[ line.find('P1BU-'): ] )
                #modified by Aad: absolute find filter replaced by variable.
                filtered_file_list.append(line[line.find(fileprefix):])

            if cp.returncode == 0:  # process output, proces files based on epoch value in filename
                if len(filtered_file_list) < int(ftp_para['maxfilecount']) - 1:
                    flog.info(inspect.stack()[0][3] +
                              ": maximale aantal van files " +
                              str(ftp_para['maxfilecount']) +
                              " niet gehaald (" +
                              str(len(filtered_file_list)) + ")")
                else:
                    flog.info(inspect.stack()[0][3] +
                              ": maximale aantal van files overschreden " +
                              str(ftp_para['maxfilecount']))
                    # sftpRemoveOldFiles( filtered_file_list ) # orignal
                    if sftpRemoveOldFiles(filtered_file_list) == False:
                        flog.info(inspect.stack()[0][3] +
                                  " Een of meerdere bestanden >" +
                                  str(ftp_para['maxfilecount']) +
                                  " zijn niet gewist.")

            else:
                raise Exception(cp.stderr.replace("\n", ""))
        except Exception as e:
            rt_status_db.strset(
                'fout: directory list server : ' + str(e.args[0]) +
                ' Gestopt.', 48, flog)
            flog.error(inspect.stack()[0][3] +
                       ": SFTP directory list server fout: " + str(e.args[0]) +
                       " Gestopt.")
            sys.exit(13)

        rt_status_db.strset("SFTP transfer is succesvol gestopt.", 48, flog)
        rt_status_db.timestamp(49, flog)
        flog.info("SFTP transfer is succesvol gestopt.")
        sys.exit(0)  # all is well.
Beispiel #12
0
def Main(argv): 
    global config_db
    flog.info("Start van programma.")
     
    parser = argparse.ArgumentParser(description="Set het wpa wachtwoord voor een essid ESSID (\"MIJN WIFI\")")
    parser.add_argument('-e', '--essid', required=False)
    parser.add_argument('-k', '--key',   required=False)
    args = parser.parse_args()
    essid   = args.essid
    key     = args.key
    
    #try to read from database
    if ( essid == None or key == None ): 
        flog.info(inspect.stack()[0][3]+": Lees essid en wpa key uit database.")
         # open van config database
        try:    
            config_db.init(const.FILE_DB_CONFIG,const.DB_CONFIG_TAB)
        except Exception as e:
            flog.critical(inspect.stack()[0][3]+": database niet te openen(2)."+const.FILE_DB_CONFIG+") melding:"+str(e.args[0]))
            sys.exit(1)
        flog.info(inspect.stack()[0][3]+": database tabel "+const.DB_CONFIG_TAB+" succesvol geopend.")

        # open van status database
        try:    
            rt_status_db.init(const.FILE_DB_STATUS,const.DB_STATUS_TAB)     
        except Exception as e:
            flog.critical(inspect.stack()[0][3]+": database niet te openen(1)."+const.FILE_DB_STATUS+") melding:"+str(e.args[0]))
            sys.exit(1)
        flog.info(inspect.stack()[0][3]+": database tabel: "+const.DB_STATUS_TAB+" succesvol geopend.")
        

        sqlstr = "select id, parameter from "+const.DB_CONFIG_TAB+" where id >=11 and id <=12 order by id asc"
        sqlstr=" ".join(sqlstr.split())
        flog.debug(inspect.stack()[0][3]+": sql(1)="+sqlstr)
        wifi_config=config_db.select_rec(sqlstr) 
        essid   	= str(wifi_config[0][1])
        crypto_key	= str(wifi_config[1][1])
        flog.debug(inspect.stack()[0][3]+": essid = "+essid+" crypto key = "+crypto_key)

        key = base64.standard_b64decode( crypto3.p1Decrypt(crypto_key,'wifipw') )

        flog.debug( inspect.stack()[0][3]+": decrypted key = " + key.decode( 'utf-8' ) )

        flog.info(inspect.stack()[0][3]+": Essid ("+essid+") en key uit database gehaald ")
        
    flog.info(inspect.stack()[0][3]+": ESSID = "+essid)
    if ( len(key.strip()) == 0 or len(essid.strip()) == 0 ):
        flog.info(inspect.stack()[0][3]+": ESSID en/of PSK ontbreekt, wifi wordt gestopt. ")
        stopWifi()
        sys.exit(0) 

    # change wpa_supplicant file
    writeWpaSupplicantConfig( essid, key )
    reconfigureWifi()
    
    sec_count = 0
    flog.debug(inspect.stack()[0][3]+": start van ip actief controle.")
    while (sec_count < 180):
    # try for maximum of 3 minutes (sleep is 5)
         buf = network_lib.get_nic_info( 'wlan0' )
         if buf['ip4'] != None:
             flog.info(inspect.stack()[0][3]+": Wifi actief op IP adres "+buf['ip4'])
             rt_status_db.strset(buf['ip4'],42,flog)
             sys.exit(0) # up and running wifi
         sec_count+=5
         time.sleep(5)
         flog.debug(inspect.stack()[0][3]+": wacht op activering van wifi voor "+str(sec_count)+" seconden.")
    flog.warning(inspect.stack()[0][3]+": Wifi is niet actief.") 
    rt_status_db.strset('onbekend',42,flog)