def configure_virtualenvwrapper_for_user(username, python_ver='2'):
"""
Configure virtualenvwrapper for user
"""
assert python_ver in ('2', '3')
python_ver = int(python_ver)
check_sudo()
check_os()
if not confirm('Do you want to configure python {} virtualenvwrapper to user "{}"?'.format(python_ver, username)):
return
if not exists('/usr/local/bin/virtualenvwrapper.sh', use_sudo=True):
abort('virtualenvwrapper is not installed.')
print_green('INFO: Configure virtualenvwrapper to user {}...'.format(username))
user_dir = '/home/{}'.format(username)
if not exists(user_dir, use_sudo=True):
print_red("Directory {} doesn't exists :(".format(user_dir))
if not confirm('Do you want to ignore this error and continue? (else will be abort)', default=False):
abort("Directory {} doesn't exists :(".format(user_dir))
else:
bashrc = '{}/.bashrc'.format(user_dir)
python_path = '/usr/bin/python2.7'
if python_ver == 3:
python_path = '/usr/bin/python{}'.format(get_python3_version())
append(bashrc, 'export WORKON_HOME=$HOME/.virtualenvs', use_sudo=True)
append(bashrc, 'export VIRTUALENVWRAPPER_HOOK_DIR=$WORKON_HOME', use_sudo=True)
append(bashrc, 'export VIRTUALENVWRAPPER_PYTHON={}'.format(python_path), use_sudo=True)
append(bashrc, 'source /usr/local/bin/virtualenvwrapper.sh', use_sudo=True)
print_green('INFO: Configure python {} virtualenvwrapper to user {}... OK'.format(python_ver, username))
def check_sudo():
"""
Check available sudo command
"""
if '_fd_checked_sudo_' in env:
return
print_green('INFO: Check sudo...')
t = sudo('whoami', quiet=True)
if t.failed:
print_red('NOTE: For using this fabfile you need to install sudo:\n'
' # aptitude install sudo\n'
'and add your non-root user to group sudo:\n'
' # adduser YourNonRootUserName sudo')
abort(t)
print_green('INFO: Check sudo... OK')
env._fd_checked_sudo_ = True
def install_ntp():
"""
Install ntp daemon
"""
check_sudo()
check_os()
if not confirm('Do you want install NTP client?'):
return
print_green('INFO: Install ntp...')
apt_install('ntp ntpdate', noconfirm=True)
print_red(
"Go to http://www.pool.ntp.org/ and select servers in your server's country.\n"
"For example (Ukraine):\n"
" 0.ua.pool.ntp.org\n"
" 1.ua.pool.ntp.org\n"
" 2.ua.pool.ntp.org\n"
" 3.ua.pool.ntp.org")
def read_ntp_servers():
ntp_server_list = []
while True:
t = prompt('Set NTP-server host. (Set empty string to continue)',
default='').strip()
if not t:
break
ntp_server_list.append(t)
return ntp_server_list
while True:
ntp_servers = read_ntp_servers()
print_yellow('You wrote following NTP-server list:\n {}'.format(
'\n '.join(ntp_servers or ('-empty-', ))))
if confirm('Are you confirm this NTP-server list?'):
break
if ntp_servers:
ntp_conf_fn = '/etc/ntp.conf'
comment(ntp_conf_fn, r'^server\s', use_sudo=True)
for ntp_server in ntp_servers:
append(ntp_conf_fn,
'server {} iburst'.format(ntp_server),
use_sudo=True)
print_green('INFO: Install ntp... OK')
def configure_virtualenvwrapper_for_user(username, python_ver='2'):
"""
Configure virtualenvwrapper for user
"""
assert python_ver in ('2', '3')
python_ver = int(python_ver)
check_sudo()
check_os()
if not confirm(
'Do you want to configure python {} virtualenvwrapper to user "{}"?'
.format(python_ver, username)):
return
if not exists('/usr/local/bin/virtualenvwrapper.sh', use_sudo=True):
abort('virtualenvwrapper is not installed.')
print_green(
'INFO: Configure virtualenvwrapper to user {}...'.format(username))
user_dir = '/home/{}'.format(username)
if not exists(user_dir, use_sudo=True):
print_red("Directory {} doesn't exists :(".format(user_dir))
if not confirm(
'Do you want to ignore this error and continue? (else will be abort)',
default=False):
abort("Directory {} doesn't exists :(".format(user_dir))
else:
bashrc = '{}/.bashrc'.format(user_dir)
python_path = '/usr/bin/python2.7'
if python_ver == 3:
python_path = '/usr/bin/python{}'.format(get_python3_version())
append(bashrc, 'export WORKON_HOME=$HOME/.virtualenvs', use_sudo=True)
append(bashrc,
'export VIRTUALENVWRAPPER_HOOK_DIR=$WORKON_HOME',
use_sudo=True)
append(bashrc,
'export VIRTUALENVWRAPPER_PYTHON={}'.format(python_path),
use_sudo=True)
append(bashrc,
'source /usr/local/bin/virtualenvwrapper.sh',
use_sudo=True)
print_green(
'INFO: Configure python {} virtualenvwrapper to user {}... OK'.format(
python_ver, username))
def install_exim4():
"""
Install email-server exim4, configure DKIM and generate DKIM-keys
"""
check_sudo()
check_os()
if not confirm('Do you want install exim4?'):
return
print_green('INFO: Install exim4...')
apt_install('exim4', noconfirm=True)
dkim_keys_path = '/etc/exim4/dkim'
print_red('You need run exim4 configure:\n'
' # dpkg-reconfigure exim4-config\n'
'and set options:\n'
' General type of mail configuration: internet site; ...using SMTP\n'
' System mail name: your-real-domain.com\n'
' IP-address to listen on for incoming SMTP connectins: 127.0.0.1; ::1\n'
' Other destinations for which mail is accepted: <allow empty>\n'
' Domains to relay mail for: <allow empty>\n'
' Machines to relay mail for: <allow empty>\n'
' Keep number of DNS-queries minimal: No\n'
' Delivery method for local mail: mbox format\n'
' Split configuration into small files: No\n'
' Root and postmaster mail recipient: <allow empty>\n')
if confirm('Do you want install opendkim and setup dkim in exim4?'):
apt_install('opendkim opendkim-tools', noconfirm=True)
sudo('mkdir {}'.format(dkim_keys_path), warn_only=True)
sudo('chown Debian-exim:Debian-exim {dkp} && chmod 700 {dkp}'.format(dkp=dkim_keys_path))
dkim_selector = prompt('Set DKIM selector name', default='mail', validate=r'[\w]+')
sudo('cp /etc/exim4/exim4.conf.template /etc/exim4/exim4.conf.template.bak')
t = BytesIO()
get('/etc/exim4/exim4.conf.template', local_path=t, use_sudo=True)
t = BytesIO(re.sub(
br'(# This transport is used for delivering messages over SMTP connections\.\n).*?'
br'(remote_smtp:.+?driver = smtp\n).+?(\.ifdef)',
r'\1\n'
r'DKIM_DOMAIN_NAME = ${{lc:${{domain:$h_from:}}}}\n'
r'DKIM_FILE = {dkp}/${{lc:${{domain:$h_from:}}}}.key\n'
r'DKIM_PRIV_KEY = ${{if exists{{DKIM_FILE}}{{DKIM_FILE}}{{0}}}}\n\n'
r'\2\n'
r' dkim_domain = DKIM_DOMAIN_NAME\n'
r' dkim_selector = {dsn}\n'
r' dkim_private_key = DKIM_PRIV_KEY\n\n'
r'\3'.format(dkp=dkim_keys_path, dsn=dkim_selector).encode(),
t.getvalue(),
flags=(re.M | re.S)
))
put(t, '/etc/exim4/exim4.conf.template', use_sudo=True)
sudo('chown root:root {cfn} && chmod 644 {cfn}'.format(cfn='/etc/exim4/exim4.conf.template'))
print_red('You need to have DKIM keys.\n'
'You can generate their:\n'
' # opendkim-genkey -D {dkp} -d your-real-domain.com -s {dsn}\n'
' # mv {dkp}/{dsn}.private {dkp}/your-real-domain.com.key\n'
' # mv {dkp}/{dsn}.txt {dkp}/your-real-domain.com.txt\n'
' # chown Debian-exim:Debian-exim {dkp}/*\n'
' # chmod 600 {dkp}/*\n'
'Set DNS record for your your-real-domain.com from {dkp}/your-real-domain.com.txt\n'
'And may set DNS ADSP record:\n'
' _adsp._domainkey IN TXT "dkim=all"\n'
'For test sending mail run:\n'
' # echo testmail | /usr/sbin/sendmail [email protected]\n'
''.format(dkp=dkim_keys_path, dsn=dkim_selector))
service_restart('exim4')
print_green('INFO: Install exim4... OK')
def install_user_rsa_key(username):
"""
Install RSA/SSH key for user
"""
check_sudo()
check_os()
if not user_exists:
abort('User {} noes not exist'.format(username))
if not confirm('Do you want set SSH key?'):
return
print_green('INFO: Set SSH key...')
print_yellow(
'Setup SSH key methods:\n'
'1: Generate new ~/.ssh/id_rsa key and manually add public key to remote servers.\n'
'2: Copy exists SSH RSA key from local to ~/.ssh/id_rsa.\n'
'3: Copy exists SSH RSA key from local to ~/.ssh/{keyname}.rsa and configure ~/.ssh/config.'
)
n = prompt('Select method', default='1', validate='[1-3]')
def file_exists_validator(fn):
fn = fn.replace('\\', '/')
if not os.path.exists(fn):
raise ValueError('File {} does not exist.'.format(fn))
return fn
with settings(sudo_user=username, user=username, group=username):
sudo('mkdir ~/.ssh', warn_only=True)
if n == '1':
with settings(sudo_user=username, user=username, group=username):
sudo('ssh-keygen -t rsa -b 2048 -f ~/.ssh/id_rsa')
sudo('chmod 600 ~/.ssh/id_rsa', warn_only=True)
pub = sudo('cat ~/.ssh/id_rsa.pub', quiet=True)
print_red(
'Add this public key to remote host:\n\n{}\n\n'.format(pub))
while not confirm('Did you do it?'):
pass
elif n == '2':
local_key_fn = prompt(
'Set path to RSA key in local (in windows skip part "C:")',
default='/home/yourusername/.ssh/id_rsa',
validate=file_exists_validator)
put(local_key_fn,
'/home/{}/.ssh/id_rsa'.format(username),
use_sudo=True,
mode=0o600)
sudo('chown {u}:{u} /home/{u}/.ssh/id_rsa'.format(u=username))
elif n == '3':
local_key_fn = prompt(
'Set path to RSA key in local (in windows skip part "C:")',
default='/home/yourusername/.ssh/id_rsa',
validate=file_exists_validator)
kn = prompt('Set key name which will be saved as ~/.ssh/{keyname}.rsa',
default='key',
validate='\w+')
put(local_key_fn,
'/home/{u}/.ssh/{kn}.rsa'.format(u=username, kn=kn),
use_sudo=True,
mode=0o600)
sudo('chown {u}:{u} /home/{u}/.ssh/{kn}.rsa'.format(u=username, kn=kn))
h = p = u = None
while True:
h = prompt(
'Set hostname for which will be used ~/.ssh/{}.rsa key (without port!)'
.format(kn),
default='github.com',
validate='.+')
p = prompt(
'Set port for which will be used ~/.ssh/{}.rsa key e.g. "22" (not requirement)'
.format(kn),
default='',
validate='|\d+')
u = prompt(
'Set user for which will be used ~/.ssh/{}.rsa key e.g. "git" (not requirement)'
.format(kn),
validate='|\w+')
print_yellow(('HostHame: {h}\n'
'Port: {p}\n'
'User: {u}').format(h=h,
p=(p or '-NONE-'),
u=(u or '-NONE-')))
if confirm('Are you confirm it?'):
break
cf = '~/.ssh/config'
with settings(sudo_user=username, user=username, group=username):
append(cf, '\nHost {}'.format(h), use_sudo=True)
append(cf, '\tHostName {}'.format(h), use_sudo=True)
append(cf,
'\tIdentityFile ~/.ssh/{}.rsa'.format(kn),
use_sudo=True)
if p:
append(cf, '\tPort {}'.format(p), use_sudo=True)
if u:
append(cf, '\tUser {}'.format(u), use_sudo=True)
else:
abort('Unknown method')
print_green('INFO: Set SSH key... OK')