def main(argv=None):
if argv is None:
argv = sys.argv[1:] # pragma: no cover
sumode = 'not'
if '--sumode-pre' in argv:
argv.remove('--sumode-pre')
sumode = 'pre'
elif '--sumode-post' in argv:
argv.remove('--sumode-post')
sumode = 'post'
_parser = flags.new('sadm', desc='deploy sadm env')
args = _getArgs(_parser, argv)
log.debug("deploy %s/%s sumode=%s" % (args.profile, args.env, sumode))
if sumode == 'not' and sh.getuid() == 0:
log.error('do not run as root')
return 9
try:
cmd = args.command
except AttributeError: # pragma: no cover
log.error('invalid usage')
_parser.print_usage()
return 1
log.debug("dispatch command %s" % cmd)
if args.command == 'import':
return loader.main(args)
return deploy.main(args, sumode)
def test_dummyLogger():
log._logger = log._dummyLogger()
log.debug('')
log.error('')
log.warn('')
log.info('')
log.msg('')
def _verify(envfn):
rc = call("gpg --no-tty --no --verify %s.asc %s 2>/dev/null" %
(envfn, envfn))
if rc == 0:
log.msg("%s: OK" % envfn)
else:
log.error('env signature verify failed!')
return rc
def _check(envfn):
if not envfn.endswith('.env'):
log.error("invalid file name: %s" % envfn)
return 1
env = path.basename(envfn)[:-4]
config = cfg.new(deploy.cfgfile)
if not env in config.listEnvs('deploy'):
log.error("%s env not found" % env)
return 2
return 0
def _post(self, path, data):
url = self._path(self._url, path)
ctx = None
if url.startswith('https'): # pragma: no cover
ctx = ssl.create_default_context()
ctx.check_hostname = False
with urlopen(url, data, context = ctx) as resp:
if resp.status != 200:
log.error("%s returned: %d - %s" % (url, resp.status, resp.reason))
return resp.status
def init():
log.debug('init web syslog')
try:
_logger.db = _dbInit()
except Exception as err:
log.debug("exception: %s" % type(err))
log.error("could not init web syslog: %s" % err)
else:
log.debug('attach child logger')
log._logger._child = _logger
log.info('syslog start')
def _handler(error):
log.debug("%d - %s" % (error.status_code, error.status))
argsLen = len(error.args)
if argsLen >= 3:
log.error("%s %d - %s" %
(request.remote_addr, error.status_code, error.args[2]))
if argsLen >= 4:
log.debug("%s" % error.args[3])
else:
log.error("%s %d - %s" %
(request.remote_addr, error.status_code, request.path))
response.headers['Content-Type'] = 'text/html; charset=UTF-8'
return tpl.parse('errors', error=error)
def main(args):
if len(args) != 1:
print('ERROR: sadm-listen exec invalid args', file=sys.stderr)
return 1
taskfn = args[0]
obj = None
try:
with open(taskfn, 'r') as fh:
obj = json.load(fh)
except Exception as err:
log.error("%s" % err)
return 2
finally:
path.unlink(taskfn)
log.init(obj.get('sadm.log', 'warn'))
log.debug(version.string('sadm-listen'))
log.debug("task file %s" % taskfn)
task = obj.get('task', None)
if task is None:
log.error('listen.exec task not set')
return 3
taskAction = obj.get('task.action', None)
if taskAction is None:
log.error("listen.exec task %s: no action" % task)
return 4
taskArgs = obj.get('task.args', None)
if taskArgs is None:
log.error("listen.exec task %s: no args" % task)
return 5
cliURL = obj.get('sadm.listen.url', 'http://127.0.0.1:3666')
cli = ListenClient(cliURL)
return cli.exec(task, taskAction, taskArgs)
def run(profile, env, action, cfgfile=None, sumode='user'):
err = None
e = None
try:
if isinstance(env, Env):
e = env
else:
e = Env(profile, env, cfg.new(cfgfile=cfgfile))
envAction.run(e, action, sumode=sumode)
except EnvError as err:
return (1, err)
except Error as err:
log.error("%s" % err)
return (2, err)
return (0, err)
def loadenv(filename):
envfn = path.abspath(filename)
log.msg("%s: load" % envfn)
rc = _check(envfn)
if rc != 0:
return rc
if path.isfile(envfn + '.asc'):
rc = _verify(envfn)
if rc != 0:
return rc
rc = call("sha256sum -c %s" % envfn)
if rc != 0:
log.error('env checksum failed!')
return rc
_importenv(envfn)
return 0
def wrapper(*args, **kwargs):
log.debug('apply.wrapper')
user = None
autherr = None
try:
log.debug('user auth check')
user = self.auth.check(bottle.request)
except AuthError as err:
autherr = err
if autherr is None:
kwargs['user'] = user
resp = callback(*args, **kwargs)
return resp
else:
log.error("auth error: %s" % autherr)
return self.auth.error()
def loginPost(auth=None):
log.debug('login post')
req = bottle.request
if auth is None: # pragma: no cover
auth = WebappAuth(cfg.config)
sessid = session.cookie(req)
if not sessid:
log.error('session cookie not found')
bottle.redirect(view.url('user.login'))
try:
auth.login(req, sessid)
log.debug('login done')
except AuthError as err:
log.error("login: %s" % err)
return bottle.HTTPError(401, str(err))
log.debug('redirect')
bottle.redirect(view.url('index'))
def _handler(code, error):
log.debug("handler %d" % code)
log.debug("%d - %s" % (error.status_code, error.status_line))
argsLen = len(error.args)
if argsLen >= 3:
log.error("%s %d - %s" % (request.remote_addr, code, error.args[2]))
if argsLen >= 4:
log.debug("%s" % error.args[3])
else:
log.error("%s %d - %s" % (request.remote_addr, code, request.path))
response.headers['Content-Type'] = 'text/plain; charset=UTF-8'
if code == 304:
# 304 response should not include body content
return ''
codeStatus = HTTP_CODES.get(code, None)
if codeStatus is not None:
return "%s\n" % codeStatus
return "ERROR %d\n" % code
def error(code, msg):
log.error("%s %d - %s" % (request.remote_addr, code, msg))
return HTTPError(
status=code,
body=msg,
)