def setupnode(overwrite=False):
"""
Install a baseline host. Can be run multiple times
"""
if not port_is_open():
if not skip_disable_root():
disable_root()
port_changed = change_ssh_port()
#avoid trying to take shortcuts if setupnode did not finish
#on previous execution
if server_state('setupnode-incomplete'):
env.overwrite = True
else:
set_server_state('setupnode-incomplete')
upload_ssh_key()
restrict_ssh()
add_repositories()
upgrade_packages()
setup_ufw()
uninstall_packages()
install_packages()
upload_etc()
post_install_package()
setup_ufw_rules()
set_timezone()
set_server_state('setupnode-incomplete', delete=True)
#stop and start webservers - and reload nginx
for s in webserver_list():
stop_webserver(s)
start_webserver(s)
def setupnode(overwrite=False):
"""
Install a baseline host. Can be run multiple times
"""
if not port_is_open():
if not skip_disable_root():
disable_root()
port_changed = change_ssh_port()
#avoid trying to take shortcuts if setupnode did not finish
#on previous execution
if server_state('setupnode-incomplete'):
env.overwrite = True
else:
set_server_state('setupnode-incomplete')
upload_ssh_key()
restrict_ssh()
add_repositories()
upgrade_packages()
setup_ufw()
uninstall_packages()
install_packages()
upload_etc()
post_install_package()
setup_ufw_rules()
set_timezone()
set_server_state('setupnode-incomplete', delete=True)
#stop and start webservers - and reload nginx
for s in webserver_list():
stop_webserver(s)
start_webserver(s)
def test_lin_setup_ufw():
with settings(host_string='[email protected]',
user='******',
password='******'):
# Tests.
env.HOST_SSH_PORT = '22'
setup_ufw()
r = sudo('ufw status').strip()
assert 'woven' in r
assert 'ALLOW' in r
with settings(warn_only=True):
sudo('ufw disable')
sudo('rm -f /etc/ufw/applications.d/woven')
sudo('rm -f /etc/ufw/applications.d/woven_project')
apt_get_purge('ufw')
set_server_state('ufw_installed', delete=True)
# Test change port.
print "CHANGE PORT to add 10022"
env.HOST_SSH_PORT = '22,10022'
setup_ufw()
r = sudo('ufw status verbose')
assert '22,10022' in r
assert '80,443' in r
# Test add an allow.
env.UFW_RULES = ['allow 5432/tcp']
setup_ufw()
r = sudo('ufw status verbose')
assert '5432' in r
# Teardown.
sudo('ufw disable')
sudo('rm -f /etc/ufw/applications.d/woven')
apt_get_purge('ufw')
set_server_state('ufw_installed', delete=True)
def test_lin_setup_ufw():
with settings(host_string='[email protected]',
user='******',
password='******'):
#tests
env.HOST_SSH_PORT = '22'
setup_ufw()
r = sudo('ufw status').strip()
assert 'woven' in r
assert 'ALLOW' in r
with settings(warn_only=True):
sudo('ufw disable')
sudo('rm -f /etc/ufw/applications.d/woven')
sudo('rm -f /etc/ufw/applications.d/woven_project')
apt_get_purge('ufw')
set_server_state('ufw_installed', delete=True)
#test change port
print "CHANGE PORT to add 10022"
env.HOST_SSH_PORT = '22,10022'
setup_ufw()
r = sudo('ufw status verbose')
assert '22,10022' in r
assert '80,443' in r
#test add an allow
env.UFW_RULES = ['allow 5432/tcp']
setup_ufw()
r = sudo('ufw status verbose')
assert '5432' in r
#teardown
sudo('ufw disable')
sudo('rm -f /etc/ufw/applications.d/woven')
apt_get_purge('ufw')
set_server_state('ufw_installed', delete=True)