def setup_new_server(digitalocean_account, droplet, psinet):
try:
new_root_password = psi_utils.generate_password()
new_stats_password = psi_utils.generate_password()
region = get_datacenter_region(droplet.region['slug'])
datacenter_name = 'Digital Ocean ' + droplet.region['name']
new_droplet_public_key = refresh_credentials(digitalocean_account,
droplet.ip_address,
new_root_password,
new_stats_password)
assert(new_droplet_public_key)
host = psinet.get_host_object(droplet.name, None, droplet.id, droplet.ip_address,
digitalocean_account.base_ssh_port, 'root', new_root_password,
' '.join(new_droplet_public_key.split(' ')[:2]),
digitalocean_account.base_stats_username, new_stats_password,
datacenter_name, region, None, None, None, None, None, None)
ssh_port = '22'
ossh_port = random.choice(['280', '591', '901'])
capabilities = {'handshake': True, 'FRONTED-MEEK': False, 'UNFRONTED-MEEK': False,
'SSH': True, 'OSSH': True, 'VPN': True}
server = psinet.get_server_object(None, droplet.name, droplet.ip_address, droplet.ip_address,
droplet.ip_address, psinet.get_propagation_channel_by_name('Testing').id,
False, False, None, capabilities, str(random.randrange(8000, 9000)), None, None, None,
ssh_port, None, None, None, ossh_port, None, None)
psinet.setup_server(host, [server])
return True
except Exception as e:
raise e
return False
def prepare_new_server(digitalocean_account, droplet, psinet):
"""
Set up a new server. This takes the newly launched droplet and prepares
it to be a new Psiphon server.
digitalocean_account : DigitalOcean account details
droplet : newly created digitalocean.Droplet.
psinet : instance of psinet.
returns:
Boolean value. True if all tasks completed successfully.
"""
try:
new_root_password = psi_utils.generate_password()
new_stats_password = psi_utils.generate_password()
region = get_datacenter_region(droplet.region['slug'])
datacenter_name = 'Digital Ocean ' + droplet.region['name']
new_droplet_public_key = refresh_credentials(digitalocean_account,
droplet.ip_address,
new_root_password,
new_stats_password)
assert (new_droplet_public_key)
host = psinet.get_host_object(
droplet.name, None, droplet.id, droplet.ip_address,
digitalocean_account.base_ssh_port, 'root', new_root_password,
' '.join(new_droplet_public_key.split(' ')[:2]),
digitalocean_account.base_stats_username, new_stats_password,
datacenter_name, region, None, None, None, None, None, None, None)
ssh_port = '22'
ossh_port = random.choice(['280', '591', '901'])
capabilities = {
'handshake': True,
'FRONTED-MEEK': False,
'UNFRONTED-MEEK': False,
'SSH': True,
'OSSH': True,
'VPN': True
}
server = psinet.get_server_object(
None, droplet.name, droplet.ip_address, droplet.ip_address,
droplet.ip_address,
psinet.get_propagation_channel_by_name('Testing').id, False, False,
None, capabilities, str(random.randrange(8000, 9000)), None, None,
None, ssh_port, None, None, None, ossh_port, None, None)
return (host, server)
except Exception as e:
raise e
return (False, False)
def launch_new_server(linode_account, plugins):
linode_id = None
linode_api = linode.api.Api(key=linode_account.api_key)
# Power on the base image linode if it is not already running
if linode_api.linode_list(
LinodeID=linode_account.base_id)[0]['STATUS'] != 1:
start_linode(linode_api, linode_account.base_id, None)
try:
# Create a new linode
new_root_password = psi_utils.generate_password()
linode_id, datacenter_name, region = create_linode(linode_api)
disk_ids = create_linode_disks(linode_api, linode_id,
new_root_password, plugins)
bootstrap_config_id, psiphon3_host_config_id = create_linode_configurations(
linode_api, linode_id, ','.join(disk_ids), plugins)
start_linode(linode_api, linode_id, bootstrap_config_id)
# Clone the base linode
linode_ip_address = linode_api.linode_ip_list(
LinodeID=linode_id)[0]['IPADDRESS']
pave_linode(linode_account, linode_ip_address, new_root_password)
stop_linode(linode_api, linode_id)
start_linode(linode_api, linode_id, psiphon3_host_config_id)
# Query hostname
hostname = get_host_name(linode_account, linode_ip_address)
# Change the new linode's credentials
new_stats_password = psi_utils.generate_password()
new_host_public_key = refresh_credentials(linode_account,
linode_ip_address,
new_root_password,
new_stats_password)
except Exception as ex:
if linode_id:
remove_server(linode_account, linode_id)
raise
finally:
# Power down the base image linode
#stop_linode(linode_api, linode_account.base_id)
# New: we'll leave this on now due to parallelization
pass
return (hostname, None, str(linode_id), linode_ip_address,
linode_account.base_ssh_port, 'root', new_root_password,
' '.join(new_host_public_key.split(' ')[:2]),
linode_account.base_stats_username, new_stats_password,
datacenter_name, region, None, None, None, None)
def launch_new_server(ramnode_account, is_TCS, plugins, multi_ip=False):
ramnode = None
ramnode_id = None
ramnode_api = PsiRamnode(ramnode_account) # Use new API interface
if is_TCS:
# New APIv4 require root_pass when create disk from image
root_password = ramnode_account.tcs_base_root_password
host_public_key = ramnode_account.tcs_base_host_public_key
try:
hostname = 'rn-' + ramnode_api.get_region(
ramnode_api.region).lower() + ''.join(
random.choice(string.ascii_lowercase) for x in range(8))
# Create a new node
new_root_password = psi_utils.generate_password()
ramnode, datacenter_name, region = ramnode_api.create_ramnode(hostname)
ramnode_ip_address = ramnode.addresses['Public'][0]['addr']
egress_ip_address = None
if is_TCS:
# Ramnodes created by an image keep the image's hostname. Override this
set_host_name(ramnode_account, ramnode_ip_address, root_password,
host_public_key, hostname)
stats_username = psi_utils.generate_stats_username()
set_allowed_users(ramnode_account, ramnode_ip_address,
root_password, host_public_key, stats_username)
# Change the new node's credentials
new_stats_password = psi_utils.generate_password()
new_host_public_key = refresh_credentials(
ramnode_account, ramnode_ip_address, root_password,
host_public_key, new_root_password, new_stats_password,
stats_username)
except Exception as ex:
if ramnode:
ramnode_api.remove_ramnode(ramnode.id)
raise ex
return (hostname, is_TCS, 'NATIVE' if is_TCS else None, None,
str(ramnode.id), ramnode_ip_address, ramnode_account.base_ssh_port,
'root', new_root_password,
' '.join(new_host_public_key.split(' ')[:2]), stats_username,
new_stats_password, datacenter_name, region, None, None)
def prepare_new_server(digitalocean_account, droplet, psinet):
"""
Set up a new server. This takes the newly launched droplet and prepares
it to be a new Psiphon server.
digitalocean_account : DigitalOcean account details
droplet : newly created digitalocean.Droplet.
psinet : instance of psinet.
returns:
Boolean value. True if all tasks completed successfully.
"""
try:
new_root_password = psi_utils.generate_password()
new_stats_password = psi_utils.generate_password()
region = get_datacenter_region(droplet.region['slug'])
datacenter_name = 'Digital Ocean ' + droplet.region['name']
new_droplet_public_key = refresh_credentials(digitalocean_account,
droplet.ip_address,
new_root_password,
new_stats_password)
assert(new_droplet_public_key)
host = psinet.get_host_object(
droplet.name, None, droplet.id, droplet.ip_address,
digitalocean_account.base_ssh_port, 'root', new_root_password,
' '.join(new_droplet_public_key.split(' ')[:2]),
digitalocean_account.base_stats_username, new_stats_password,
datacenter_name, region, None, None, None, None, None, None)
ssh_port = '22'
ossh_port = random.choice(['280', '591', '901'])
capabilities = {'handshake': True, 'FRONTED-MEEK': False, 'UNFRONTED-MEEK': False,
'SSH': True, 'OSSH': True, 'VPN': True}
server = psinet.get_server_object(
None, droplet.name, droplet.ip_address,
droplet.ip_address, droplet.ip_address, psinet.get_propagation_channel_by_name('Testing').id,
False, False, None, capabilities, str(random.randrange(8000, 9000)), None, None, None,
ssh_port, None, None, None, ossh_port, None, None)
return (host, server)
except Exception as e:
raise e
return (False, False)
def setup_new_server(digitalocean_account, droplet, psinet):
try:
new_root_password = psi_utils.generate_password()
new_stats_password = psi_utils.generate_password()
region = get_datacenter_region(droplet.region['slug'])
datacenter_name = 'Digital Ocean ' + droplet.region['name']
new_droplet_public_key = refresh_credentials(digitalocean_account,
droplet.ip_address,
new_root_password,
new_stats_password)
assert (new_droplet_public_key)
host = psinet.get_host_object(
droplet.name, None, droplet.id, droplet.ip_address,
digitalocean_account.base_ssh_port, 'root', new_root_password,
' '.join(new_droplet_public_key.split(' ')[:2]),
digitalocean_account.base_stats_username, new_stats_password,
datacenter_name, region, None, None, None, None, None, None)
ssh_port = '22'
ossh_port = random.choice(['280', '591', '901'])
capabilities = {
'handshake': True,
'FRONTED-MEEK': False,
'UNFRONTED-MEEK': False,
'SSH': True,
'OSSH': True,
'VPN': True
}
server = psinet.get_server_object(
None, droplet.name, droplet.ip_address, droplet.ip_address,
droplet.ip_address,
psinet.get_propagation_channel_by_name('Testing').id, False, False,
None, capabilities, str(random.randrange(8000, 9000)), None, None,
None, ssh_port, None, None, None, ossh_port, None, None)
psinet.setup_server(host, [server])
return True
except Exception as e:
raise e
return False
def launch_new_server(linode_account, plugins):
linode_id = None
linode_api = linode.api.Api(key=linode_account.api_key)
# Power on the base image linode if it is not already running
if linode_api.linode_list(LinodeID=linode_account.base_id)[0]['STATUS'] != 1:
start_linode(linode_api, linode_account.base_id, None)
try:
# Create a new linode
new_root_password = psi_utils.generate_password()
linode_id, datacenter_name, region = create_linode(linode_api)
disk_ids = create_linode_disks(linode_api, linode_id, new_root_password, plugins)
bootstrap_config_id, psiphon3_host_config_id = create_linode_configurations(linode_api, linode_id, ','.join(disk_ids), plugins)
start_linode(linode_api, linode_id, bootstrap_config_id)
# Clone the base linode
linode_ip_address = linode_api.linode_ip_list(LinodeID=linode_id)[0]['IPADDRESS']
pave_linode(linode_account, linode_ip_address, new_root_password)
stop_linode(linode_api, linode_id)
start_linode(linode_api, linode_id, psiphon3_host_config_id)
# Query hostname
hostname = get_host_name(linode_account, linode_ip_address)
# Change the new linode's credentials
new_stats_password = psi_utils.generate_password()
new_host_public_key = refresh_credentials(linode_account, linode_ip_address, new_root_password, new_stats_password)
except Exception as ex:
if linode_id:
remove_server(linode_account, linode_id)
raise
finally:
# Power down the base image linode
#stop_linode(linode_api, linode_account.base_id)
# New: we'll leave this on now due to parallelization
pass
return (hostname, None, str(linode_id), linode_ip_address,
linode_account.base_ssh_port, 'root', new_root_password,
' '.join(new_host_public_key.split(' ')[:2]),
linode_account.base_stats_username, new_stats_password,
datacenter_name, region, None, None, None, None)
def launch_new_server(scaleway_account, is_TCS, plugins, multi_ip=False):
scaleway = None
scaleway_api = PsiScaleway(scaleway_account) # Use new API interface
try:
# Create a new scaleway
region = scaleway_api.get_region()
host_id = 'sw' + '-' + region.lower() + ''.join(random.choice(string.ascii_lowercase) for x in range(8))
scaleway, datacenter_name, region = scaleway_api.create_scaleway(host_id)
scaleway_ip_address = scaleway['public_ip']['address']
scaleway_internal_ip_address = scaleway['private_ip']
new_stats_username = psi_utils.generate_stats_username()
# scaleways created by an image keep the image's hostname. Override this
set_host_name(scaleway_account, scaleway_ip_address, host_id)
set_allowed_users(scaleway_account, scaleway_ip_address, new_stats_username)
add_swap_file(scaleway_account, scaleway_ip_address)
# Change the new scaleway's credentials
new_root_password = psi_utils.generate_password()
new_stats_password = psi_utils.generate_password()
new_host_public_key = refresh_credentials(scaleway_account, scaleway_ip_address,
new_root_password, new_stats_password,
new_stats_username)
except Exception as ex:
if scaleway:
scaleway_api.remove_scaleway(scaleway['id'])
raise ex
return (host_id, is_TCS, 'NATIVE' if is_TCS else None, None,
scaleway_api.region + '_' + scaleway['id'], scaleway_ip_address,
scaleway_account.base_ssh_port, 'root', new_root_password,
' '.join(new_host_public_key.split(' ')[:2]),
new_stats_username, new_stats_password,
datacenter_name, region, None, scaleway_internal_ip_address)
def launch_new_server(digitalocean_account, is_TCS, _, multi_ip=False):
"""
Launches a new droplet and configures it to be a Psiphon server.
This is called from psi_ops.py
digitalocean_account : DigitalOcean account information
returns:
instance of a psinet server
"""
# None TCS id '25617090' only for VPN + filebeat
# Old working None TCS id: 17784624
base_id = '25617090' if not is_TCS else '59795497'
try:
Droplet = collections.namedtuple(
'Droplet', ['name', 'region', 'image', 'size', 'backups'])
new_root_password = psi_utils.generate_password()
new_stats_password = psi_utils.generate_password()
stats_username = digitalocean_account.base_stats_username
do_mgr = digitalocean.Manager(token=digitalocean_account.oauth_token)
# Get the base image
base_image = do_mgr.get_image(base_id)
if not base_image:
raise Exception("Base image with ID: %s is not found" % (base_id))
Droplet.image = base_image.id
# Set the default size
droplet_sizes = do_mgr.get_all_sizes()
if not unicode(digitalocean_account.base_size_slug) in [
unicode(s.slug) for s in droplet_sizes
]:
raise 'Size slug not found'
Droplet.size = 's-2vcpu-4gb'
droplet_regions = do_mgr.get_all_regions()
common_regions = list(
set([r.slug for r in droplet_regions
if r.available]).intersection(base_image.regions))
Droplet.region = random.choice(common_regions)
# Use new host_id standard
Droplet.name = str('do-' +
get_datacenter_region(Droplet.region).lower() +
''.join(
random.choice(string.ascii_lowercase)
for x in range(8)))
sshkeys = do_mgr.get_all_sshkeys()
# treat sshkey id as unique
if not unicode(digitalocean_account.ssh_key_template_id) in [
unicode(k.id) for k in sshkeys
]:
raise 'No SSHKey found'
droplet = digitalocean.Droplet(
token=digitalocean_account.oauth_token,
name=Droplet.name,
region=Droplet.region,
image=Droplet.image,
size=Droplet.size,
ssh_keys=[int(digitalocean_account.ssh_key_template_id)],
backups=False)
droplet.create()
if not wait_on_action(do_mgr, droplet, None, 30, 'create',
'completed'):
raise Exception('Event did not complete in time')
droplet = do_mgr.get_droplet(droplet.id)
region = get_datacenter_region(droplet.region['slug'])
datacenter_name = 'Digital Ocean ' + droplet.region['name']
if is_TCS:
set_host_name(digitalocean_account, droplet.ip_address,
new_root_password, droplet.name)
stats_username = psi_utils.generate_stats_username()
set_allowed_users(digitalocean_account, droplet.ip_address,
new_root_password, stats_username)
new_droplet_public_key = refresh_credentials(digitalocean_account,
droplet.ip_address,
new_root_password,
new_stats_password,
stats_username)
assert (new_droplet_public_key)
except Exception as e:
print type(e), str(e)
if droplet is not None:
droplet.destroy()
else:
print type(e), "No droplet to be destroyed: ", str(droplet)
raise
return (droplet.name, is_TCS, 'NATIVE' if is_TCS else None, None,
droplet.id, droplet.ip_address, digitalocean_account.base_ssh_port,
'root', new_root_password,
' '.join(new_droplet_public_key.split(' ')[:2]), stats_username,
new_stats_password, datacenter_name, region, None, None, None,
None, None, None, None, None)
def launch_new_server(linode_account, is_TCS, plugins, multi_ip=False):
linode = None
linode_id = None
linode_api = PsiLinode(linode_account) # Use new API interface
if is_TCS:
# New APIv4 require root_pass when create disk from image
root_password = linode_account.tcs_base_root_password
host_public_key = linode_account.tcs_base_host_public_key
else:
# Power on the base image linode if it is not already running
if linode_api.linode_status(linode_account.base_id) != 'running':
linode_api.start_linode(
linode_account.base_id) # Lagecy psiphon servers, NOT TESTED
# root_password = linode_account.base_root_password
# in order to use New APIv4 and make sure the legacy host also working as before, generate a root_password ahead
root_password = psi_utils.generate_password()
host_public_key = linode_account.base_host_public_key
try:
# Create a new linode
new_root_password = psi_utils.generate_password()
linode, datacenter_name, region = linode_api.create_linode()
if multi_ip:
linode_second_ip_address = linode_api.pubip_allocate(linode)
disk_ids = linode_api.create_linode_disks(linode, root_password,
is_TCS, plugins)
bootstrap_config, psiphon3_host_config = linode_api.create_linode_configurations(
linode, disk_ids, is_TCS, plugins, multi_ip)
# Clone the base linode
linode_ip_details = linode.ips.ipv4.public
linode_ip_address = linode_ip_details[0].address
egress_ip_address = None
linode_rdns_name = linode_ip_details[0].rdns.split('.', 1)[0]
host_id = 'li-' + region.lower() + ''.join(
random.choice(string.ascii_lowercase) for x in range(8))
if not is_TCS:
# Lagecy psiphon servers, NOT TESTED
linode_api.start_linode(linode.id, config=bootstrap_config_id)
pave_linode(linode_account, linode_ip_address, root_password)
linode_api.stop_linode(linode.id)
linode_api.start_linode(linode.id, config=psiphon3_host_config)
stats_username = linode_account.base_stats_username
if is_TCS:
print(linode.label)
# Linodes created by an image keep the image's hostname. Override this
set_host_name(linode_account, linode_ip_address, root_password,
host_public_key, host_id)
stats_username = psi_utils.generate_stats_username()
set_allowed_users(linode_account, linode_ip_address, root_password,
host_public_key, stats_username)
# Query hostname
hostname = get_host_name(linode_account, linode_ip_address,
root_password, host_public_key)
# Change the new linode's credentials
new_stats_password = psi_utils.generate_password()
new_host_public_key = refresh_credentials(
linode_account, linode_ip_address, root_password, host_public_key,
new_root_password, new_stats_password, stats_username)
if multi_ip:
egress_ip_address = get_egress_ip_address(linode_account,
linode_ip_address,
new_root_password,
new_host_public_key)
linode_ip_address = linode_ip_details[
1].address if linode_ip_address == egress_ip_address else linode_ip_address
except Exception as ex:
if linode:
linode_api.remove_linode(linode.id)
raise ex
finally:
# Power down the base image linode
#stop_linode(linode_api, linode_account.base_id)
# New: we'll leave this on now due to parallelization
pass
return (hostname, is_TCS, 'NATIVE' if is_TCS else None, None, str(
linode.id), linode_ip_address, linode_account.base_ssh_port, 'root',
new_root_password, ' '.join(new_host_public_key.split(' ')[:2]),
stats_username, new_stats_password, datacenter_name, region,
egress_ip_address, None)
def launch_new_server(self, account, plugins):
# Note that we're using the libcloud API in a fairly bastardized way.
# We're not using the real API at all (we've found that it doesn't work),
# but we're using the connection object, because it makes our code a lot
# cleaner.
self._account = account
self._create_connection()
self._print('Creating new ElasticHosts server in zone: %s...' % self._account.zone)
# Determine the base drive size. We can then use this as the size for
# the new drive.
self._print('Determining drive size...')
resp = self._driver.connection.request(action='/drives/%s/info'
% self._account.base_drive_id)
drive_size = resp.object['size']
self._print('Drive size: %dGB' % (drive_size/1024/1024/1024))
random_name = ''.join([random.choice(string.letters + string.digits) for i in range(16)])
self._print('Server/drive name: %s' % random_name)
# Create a blank new drive of the appropriate size
self._print('Creating blank drive...')
resp = self._driver.connection.request(action='/drives/create',
method='POST',
data=json.dumps({'name': random_name,
'size': drive_size}))
drive_id = resp.object['drive']
# Start imaging the new drive with the base drive
self._print('Drive imaging start...')
self._driver.connection.request(action='/drives/%s/image/%s'
% (drive_id, self._account.base_drive_id),
method='POST')
# Imaging takes up to about 20 minutes, so we'll check and wait and repeat.
# HACK: We have seen the imaging key be absent even though the imaging
# isn't finished. So we'll add a bit of a hack to check a few more times
# before we accept it as finished. We're also going to make sure that
# the last % we saw was in the 90s.
done_check = 3
last_imaging_value = ''
while done_check > 0:
resp = self._driver.connection.request(action='/drives/%s/info' % drive_id)
if not resp.object.has_key('imaging'):
if last_imaging_value.startswith('9') and len(last_imaging_value) == 3: # '99%'
done_check -= 1
self._print('Imaging might be done; checking again (%d)...' % done_check)
else:
self._print('Imaging probably not done, but returning no progress; checking again...')
continue
self._print(resp.object['imaging'], newline=False)
last_imaging_value = resp.object['imaging']
time.sleep(5)
self._print('Drive imaging complete')
# If we don't use a static IP, the server will get a fresh IP every time
# it reboots (which is bad).
self._print('Creating IP address...')
resp = self._driver.connection.request(action='/resources/ip/create',
method='POST',
data=json.dumps({'name': random_name}))
ip_address = resp.object['resource']
self._print('IP address: %s' % ip_address)
# The drive is ready, now create the server that uses it.
self._print('Creating server...')
resp = self._driver.connection.request(action='/servers/create/stopped',
method='POST',
data=json.dumps({'ide:0:0':drive_id,
'name': random_name,
'cpu': self._account.cpu,
'mem': self._account.mem,
'nic:0:dhcp': ip_address,
# The rest of these settings are basically the defaults.
# ...But the create won't work without them.
'persistent': True,
'smp': 'auto',
'boot': 'ide:0:0',
'nic:0:model': 'e1000',
}))
server_id = resp.object['server']
# Start the new server
self._print('Starting server...')
resp = self._driver.connection.request(action='/servers/%s/start' % server_id,
method='POST')
ssh_info = SSHInfo(ip_address, self._account.base_ssh_port,
self._account.root_username, self._account.base_root_password,
self._account.base_host_public_key)
# Change hostname
self._print('Changing hostname...')
self._change_hostname(ssh_info, random_name, reboot=False)
# Change credentials
self._print('Refreshing credentials...')
new_root_password = psi_utils.generate_password()
new_stats_password = psi_utils.generate_password()
new_pub_key = self._refresh_credentials(ssh_info, new_root_password, new_stats_password)
new_pub_key = ' '.join(new_pub_key.split(' ')[:2])
ssh_info.password = new_root_password
ssh_info.public_key = new_pub_key
# Reboot
self._print('Rebooting server...')
self._reboot(ssh_info)
self._print('Complete')
return (random_name, None, str(server_id), ip_address,
ssh_info.port, ssh_info.username, new_root_password,
' '.join(new_pub_key.split(' ')[:2]),
self._account.stats_username, new_stats_password,
account.zone)
def launch_new_server(linode_account, is_TCS, plugins):
linode_id = None
linode_api = linode.api.Api(key=linode_account.api_key)
if is_TCS:
root_password = linode_account.tcs_base_root_password
host_public_key = linode_account.tcs_base_host_public_key
else:
# Power on the base image linode if it is not already running
if linode_api.linode_list(
LinodeID=linode_account.base_id)[0]['STATUS'] != 1:
start_linode(linode_api, linode_account.base_id, None)
root_password = linode_account.base_root_password
host_public_key = linode_account.base_host_public_key
try:
# Create a new linode
new_root_password = psi_utils.generate_password()
linode_id, datacenter_name, region = create_linode(linode_api)
disk_ids = create_linode_disks(linode_api, linode_id,
new_root_password, is_TCS, plugins)
bootstrap_config_id, psiphon3_host_config_id = create_linode_configurations(
linode_api, linode_id, ','.join(disk_ids), is_TCS, plugins)
# Clone the base linode
linode_ip_details = linode_api.linode_ip_list(LinodeID=linode_id)
linode_ip_address = linode_ip_details[0]['IPADDRESS']
linode_rdns_name = linode_ip_details[0]['RDNS_NAME'].split('.', 1)[0]
if not is_TCS:
start_linode(linode_api, linode_id, bootstrap_config_id)
pave_linode(linode_account, linode_ip_address, new_root_password)
stop_linode(linode_api, linode_id)
start_linode(linode_api, linode_id, psiphon3_host_config_id)
stats_username = linode_account.base_stats_username
if is_TCS:
# Linodes created by an image keep the image's hostname. Override this
set_host_name(linode_account, linode_ip_address, root_password,
host_public_key, linode_rdns_name)
stats_username = psi_utils.generate_stats_username()
set_allowed_users(linode_account, linode_ip_address, root_password,
host_public_key, stats_username)
# Query hostname
hostname = get_host_name(linode_account, linode_ip_address,
root_password, host_public_key)
# Change the new linode's credentials
new_stats_password = psi_utils.generate_password()
new_host_public_key = refresh_credentials(
linode_account, linode_ip_address, root_password, host_public_key,
new_root_password, new_stats_password, stats_username)
except Exception as ex:
if linode_id:
remove_server(linode_account, linode_id)
raise
finally:
# Power down the base image linode
#stop_linode(linode_api, linode_account.base_id)
# New: we'll leave this on now due to parallelization
pass
return (hostname, is_TCS, None, str(linode_id), linode_ip_address,
linode_account.base_ssh_port, 'root', new_root_password,
' '.join(new_host_public_key.split(' ')[:2]), stats_username,
new_stats_password, datacenter_name, region, None, None, None,
None)
def launch_new_server(digitalocean_account, _):
"""
Launches a new droplet and configures it to be a Psiphon server.
This is called from psi_ops.py
digitalocean_account : DigitalOcean account information
returns:
instance of a psinet server
"""
try:
Droplet = collections.namedtuple('Droplet', ['name', 'region', 'image',
'size', 'backups'])
new_root_password = psi_utils.generate_password()
new_stats_password = psi_utils.generate_password()
do_mgr = digitalocean.Manager(token=digitalocean_account.oauth_token)
# Get the base image
base_image = do_mgr.get_image(digitalocean_account.base_id)
if not base_image:
raise Exception("Base image with ID: %s is not found" % (digitalocean_account.base_id))
Droplet.image = base_image.id
Droplet.name = str('do-' +
''.join(random.choice(string.ascii_lowercase) for x in range(8)))
# Set the default size
droplet_sizes = do_mgr.get_all_sizes()
if not unicode(digitalocean_account.base_size_slug) in [unicode(s.slug) for s in droplet_sizes]:
raise 'Size slug not found'
Droplet.size = '2gb'
droplet_regions = do_mgr.get_all_regions()
common_regions = list(set([r.slug for r in droplet_regions if r.available])
.intersection(base_image.regions))
Droplet.region = random.choice(common_regions)
sshkeys = do_mgr.get_all_sshkeys()
# treat sshkey id as unique
if not unicode(digitalocean_account.ssh_key_template_id) in [unicode(k.id) for k in sshkeys]:
raise 'No SSHKey found'
droplet = digitalocean.Droplet(token=digitalocean_account.oauth_token,
name=Droplet.name,
region=Droplet.region,
image=Droplet.image,
size=Droplet.size,
ssh_keys=[int(digitalocean_account.ssh_key_template_id)],
backups=False)
droplet.create()
if not wait_on_action(do_mgr, droplet, None, 30, 'create', 'completed'):
raise Exception('Event did not complete in time')
droplet = do_mgr.get_droplet(droplet.id)
region = get_datacenter_region(droplet.region['slug'])
datacenter_name = 'Digital Ocean ' + droplet.region['name']
new_droplet_public_key = refresh_credentials(digitalocean_account,
droplet.ip_address,
new_root_password,
new_stats_password)
assert(new_droplet_public_key)
except Exception as e:
print type(e), str(e)
if droplet is not None:
droplet.destroy()
else:
print type(e), "No droplet to be destroyed: ", str(droplet)
raise
return (droplet.name, None, droplet.id, droplet.ip_address,
digitalocean_account.base_ssh_port, 'root', new_root_password,
' '.join(new_droplet_public_key.split(' ')[:2]),
digitalocean_account.base_stats_username, new_stats_password,
datacenter_name, region, None, None, None, None, None, None)
def launch_new_server(vps247_account, is_TCS, _, multi_ip=False):
# Try launch New VPS 247 Server
try:
v247_api = v247.Api(key=vps247_account.api_key)
# Get random choice region id or use default region id: 25 (ES)
if vps247_account.base_region_id != 0:
region_id = vps247_account.base_region_id
else:
region_id = get_region_id(
random_pick_region(v247_api.get_all_regions()))
# Get preset default package id
package_id = vps247_account.base_package_id
# Hostname generator
hostname = generate_host_id()
# Create VPS node
instance_id = v247_api.create_vm(hostname, region_id, package_id)
print 'Waiting for the instance to power on and get instance information'
time.sleep(60)
instance = v247_api.get_vm(str(instance_id))
instance_ip_address = instance['ip_assignments'][0]['ip_address']
instance_init_password = str(instance['initial_password'])
print 'Reset init password to default root password'
reset_root_password(vps247_account, instance_ip_address,
instance_init_password)
print 'Installing TCS Dependencies..'
install_tcs(vps247_account, instance_ip_address)
print 'Waiting for TCS installation finished.'
time.sleep(150) # Time needed to reboot the instances
upload_certs(vps247_account, instance_ip_address)
add_swap_file(vps247_account, instance_ip_address)
print 'Refreshing Credential..'
new_root_password = psi_utils.generate_password()
new_stats_password = psi_utils.generate_password()
new_stats_username = psi_utils.generate_stats_username()
new_host_public_key = refresh_credentials(vps247_account,
instance_ip_address,
new_root_password,
new_stats_password,
new_stats_username)
except Exception as e:
print type(e), str(e)
if instance:
# TODO: If instance exist, delete the instance.
pass
raise
# Get all informations
host_id = instance['name']
provider_id = str(instance['id'])
region_code = v247_api.get_region(str(
instance['region_id']))['country_code']
datacenter_name = 'VPS247 ' + region_code
return (host_id, is_TCS, 'NATIVE' if is_TCS else None, None, provider_id,
instance_ip_address, vps247_account.base_ssh_port, 'root',
new_root_password, ' '.join(new_host_public_key.split(' ')[:2]),
new_stats_username, new_stats_password, datacenter_name,
region_code, None, None)
def launch_new_server(digitalocean_account, is_TCS, _):
# TODO-TCS: select base image based on is_TCS flag
image = {}
droplet = None
try:
new_root_password = psi_utils.generate_password()
new_stats_password = psi_utils.generate_password()
do_api = DigitalOceanAPI(digitalocean_account.client_id,
digitalocean_account.api_key)
image['image_id'] = digitalocean_account.base_id
regions = do_api.get_all_regions()
image['region_id'] = random.choice([
region['id'] for region in regions
if region['id'] in [1, 2, 3, 4, 5, 6, 7]
])
for r in regions:
if image['region_id'] == r['id']:
print 'Using region: %s' % (r['name'])
break
image['size_id'] = digitalocean_account.base_size_id
# get a list of image sizes and see if the size is available (maybe some checks)
droplet_sizes = do_api.get_all_droplet_sizes()
if image['size_id'] not in [size['id'] for size in droplet_sizes]:
raise Exception('Droplet size not available')
# Hostname generator
image['name'] = generate_random_string(
prefix=('do-' + str(image['region_id']) + str(image['size_id']) +
'-'))
image['ssh_key_ids'] = digitalocean_account.ssh_key_template_id
print 'Launching %s, using image %s' % (image['name'],
str(image['image_id']))
resp = do_api.create_new_droplet(image)
if resp['status'] != 'OK':
raise Exception(resp['message'] + ': ' + resp['error_message'])
droplet = resp['droplet']
if not wait_on_event_completion(
do_api, resp['droplet']['event_id'], interval=30):
raise Exception('Event did not complete in time')
print 'Waiting for the droplet to power on and get an IP address'
time.sleep(30)
# get more details about droplet
resp = do_api.droplet_show(resp['droplet']['id'])
droplet = resp['droplet']
if resp['status'] != 'OK':
raise Exception(resp['message'] + ': ' + resp['error_message'])
if droplet['status'] != 'active':
start_droplet(do_api, droplet['id'])
provider_id = str(droplet['id'])
region = get_datacenter_region(droplet['region_id'])
datacenter_name = 'Digital Ocean ' + next(
(r for r in regions if r['id'] == droplet['region_id']),
None)['name']
new_host_public_key = refresh_credentials(digitalocean_account,
droplet['ip_address'],
new_root_password,
new_stats_password)
assert (new_host_public_key)
except Exception as e:
print type(e), str(e)
if droplet != None:
if 'id' in droplet:
remove_droplet(do_api, droplet['id'])
else:
print type(e), "No droplet to be deleted: ", str(droplet)
raise
return (image['name'], is_TCS, None, provider_id, droplet['ip_address'],
digitalocean_account.base_ssh_port, 'root', new_root_password,
' '.join(new_host_public_key.split(' ')[:2]),
digitalocean_account.base_stats_username, new_stats_password,
datacenter_name, region, None, None, None, None)
def launch_new_server(digitalocean_account, _):
image = {}
droplet = None
try:
new_root_password = psi_utils.generate_password()
new_stats_password = psi_utils.generate_password()
do_api = DigitalOceanAPI(digitalocean_account.client_id, digitalocean_account.api_key)
image['image_id'] = digitalocean_account.base_id
regions = do_api.get_all_regions()
image['region_id'] = random.choice([region['id'] for region in regions if region['id'] in [1,2,3,4,5,6,7]])
for r in regions:
if image['region_id'] == r['id']:
print 'Using region: %s' % (r['name'])
break
image['size_id'] = digitalocean_account.base_size_id
# get a list of image sizes and see if the size is available (maybe some checks)
droplet_sizes = do_api.get_all_droplet_sizes()
if image['size_id'] not in [size['id'] for size in droplet_sizes]:
raise Exception('Droplet size not available')
# Hostname generator
image['name'] = generate_random_string(prefix=('do-' + str(image['region_id']) + str(image['size_id']) + '-'))
image['ssh_key_ids'] = digitalocean_account.ssh_key_template_id
print 'Launching %s, using image %s' % (image['name'], str(image['image_id']))
resp = do_api.create_new_droplet(image)
if resp['status'] != 'OK':
raise Exception(resp['message'] + ': ' + resp['error_message'])
droplet = resp['droplet']
if not wait_on_event_completion(do_api, resp['droplet']['event_id'], interval=30):
raise Exception('Event did not complete in time')
print 'Waiting for the droplet to power on and get an IP address'
time.sleep(30)
# get more details about droplet
resp = do_api.droplet_show(resp['droplet']['id'])
droplet = resp['droplet']
if resp['status'] != 'OK':
raise Exception(resp['message'] + ': ' + resp['error_message'])
if droplet['status'] != 'active':
start_droplet(do_api, droplet['id'])
provider_id = str(droplet['id'])
region = get_datacenter_region(droplet['region_id'])
datacenter_name = 'Digital Ocean ' + next((r for r in regions if r['id'] == droplet['region_id']), None)['name']
new_host_public_key = refresh_credentials(digitalocean_account, droplet['ip_address'],
new_root_password, new_stats_password)
assert(new_host_public_key)
except Exception as e:
print type(e), str(e)
if droplet != None:
if 'id' in droplet:
remove_droplet(do_api, droplet['id'])
else:
print type(e), "No droplet to be deleted: ", str(droplet)
raise
return (image['name'], None, provider_id, droplet['ip_address'],
digitalocean_account.base_ssh_port, 'root',
new_root_password, ' '.join(new_host_public_key.split(' ')[:2]),
digitalocean_account.base_stats_username, new_stats_password,
datacenter_name, region, None, None, None, None)
def launch_new_server(vpsnet_account, is_TCS, _, datacenter_city=None):
"""
launch_new_server is called from psi_ops.py to create a new server.
"""
# TODO-TCS: select base image based on is_TCS flag
base_image_id = '8849' # For VPS
# base_image_id = '8850' # For Cloud Server
try:
VPSNetHost = collections.namedtuple('VPSNetHost', [
'ssd_vps_plan', 'fqdn', 'system_template_id', 'cloud_id',
'backups_enabled', 'rsync_backups_enabled', 'licenses'
])
vpsnet_conn = get_vpsnet_connection(vpsnet_account)
# Get a list of regions (clouds) that can be used
vpsnet_clouds = vpsnet_conn.get_available_ssd_clouds()
# vpsnet_clouds = vpsnet_conn.get_available_clouds()
# Check each available cloud for a psiphon template to use.
# Populate a list of templates and the cloud IDs.
psiphon_templates = list()
print 'Available Regions:\n'
for region in vpsnet_clouds:
print '%s -> %s' % (region['cloud']['id'],
region['cloud']['label'])
for template in region['cloud']['system_templates']:
if 'psiphond-template' in template['label'].lower() and str(
template['id']) == base_image_id:
print '\tFound psiphon template id %s in region %s' % (
template['id'], region['cloud']['id'])
template['cloud_id'] = region['cloud']['id']
template['cloud_label'] = region['cloud']['label']
psiphon_templates.append(template)
if datacenter_city != None:
region_template = [
s for s in psiphon_templates
if datacenter_city in s['cloud_label'].lower()
][0]
else:
region_template = random.choice(psiphon_templates)
VPSNetHost.cloud_id = region_template['cloud_id']
VPSNetHost.system_template_id = region_template['id']
print 'Using template: %s with cloud_id: %s' % (
VPSNetHost.system_template_id, VPSNetHost.cloud_id)
'''
package/plan for the new SSD server.
(VPS 1GB - 1, VPS 2GB - 2, VPS 4GB - 3, VPS 8GB - 4, VPS 16GB - 5)
'''
host_id = 'vn-' + ''.join(
random.choice(string.ascii_lowercase) for x in range(8))
VPSNetHost.name = str(host_id)
VPSNetHost.ssd_vps_plan = vpsnet_account.base_ssd_plan
VPSNetHost.fqdn = str(host_id + '.vps.net')
VPSNetHost.backups_enabled = False
VPSNetHost.rsync_backups_enabled = False
VPSNetHost.licenses = None
node = vpsnet_conn.create_ssd_node(
fqdn=VPSNetHost.fqdn,
image_id=VPSNetHost.system_template_id,
cloud_id=VPSNetHost.cloud_id,
size=VPSNetHost.ssd_vps_plan,
backups_enabled=VPSNetHost.backups_enabled,
rsync_backups_enabled=VPSNetHost.rsync_backups_enabled,
)
# node = vpsnet_conn.create_node(
# name=VPSNetHost.name,
# image_id=VPSNetHost.system_template_id,
# cloud_id=VPSNetHost.cloud_id,
# size=VPSNetHost.ssd_vps_plan,
# backups_enabled=VPSNetHost.backups_enabled,
# rsync_backups_enabled=VPSNetHost.rsync_backups_enabled,
# ex_fqdn=VPSNetHost.fqdn,
# )
if not wait_on_action(vpsnet_conn, node, 30):
raise "Could not power on node"
else:
node = vpsnet_conn.get_ssd_node(node.id)
#node = vpsnet_conn.get_node(node.id)
generated_root_password = node.extra['password']
# Get the Node IP address
if isinstance(node.public_ips, list):
for public_ip in node.public_ips:
if 'ip_address' in (public_ip and public_ip['ip_address']):
public_ip_address = public_ip['ip_address']['ip_address']
if is_TCS:
stats_username = psi_utils.generate_stats_username()
elif not is_TCS:
stats_username = vpsnet_account.base_stats_username
new_root_password = psi_utils.generate_password()
new_stats_password = psi_utils.generate_password()
node_public_key = refresh_credentials(
vpsnet_account, public_ip_address, generated_root_password,
new_root_password, new_stats_password, stats_username)
set_allowed_users(vpsnet_account, public_ip_address, new_root_password,
stats_username)
except Exception as e:
print type(e), str(e)
if node is not None:
remove_server(vpsnet_account, node.id)
else:
print type(e), "No node to be destoryed: %s", str(node)
raise
return (
host_id,
is_TCS,
'NATIVE' if is_TCS else None,
None,
node.id,
public_ip_address,
vpsnet_account.base_ssh_port,
'root',
new_root_password,
' '.join(node_public_key.split(' ')[:2]),
stats_username,
new_stats_password,
region_template['cloud_label'],
get_region_name(region_template),
None,
None,
None,
None,
None,
None,
None,
)
def launch_new_server(digitalocean_account, _):
try:
Droplet = collections.namedtuple(
'Droplet', ['name', 'region', 'image', 'size', 'backups'])
new_root_password = psi_utils.generate_password()
new_stats_password = psi_utils.generate_password()
do_mgr = digitalocean.Manager(token=digitalocean_account.oauth_token)
# Get the base image
base_image = do_mgr.get_image(digitalocean_account.base_id)
if not base_image:
raise Exception("Base image with ID: %s is not found" %
(digitalocean_account.base_id))
Droplet.image = base_image.id
Droplet.name = str('do-' + ''.join(
random.choice(string.ascii_lowercase) for x in range(8)))
# Set the default size
droplet_sizes = do_mgr.get_all_sizes()
if not unicode(digitalocean_account.base_size_slug) in [
unicode(s.slug) for s in droplet_sizes
]:
raise 'Size slug not found'
Droplet.size = '2gb'
droplet_regions = do_mgr.get_all_regions()
common_regions = list(
set([r.slug for r in droplet_regions
if r.available]).intersection(base_image.regions))
Droplet.region = random.choice(common_regions)
sshkeys = do_mgr.get_all_sshkeys()
# treat sshkey id as unique
if not unicode(digitalocean_account.ssh_key_template_id) in [
unicode(k.id) for k in sshkeys
]:
raise 'No SSHKey found'
droplet = digitalocean.Droplet(
token=digitalocean_account.oauth_token,
name=Droplet.name,
region=Droplet.region,
image=Droplet.image,
size=Droplet.size,
ssh_keys=[int(digitalocean_account.ssh_key_template_id)],
backups=False)
droplet.create()
if not wait_on_action(do_mgr, droplet, None, 30, 'create',
'completed'):
raise Exception('Event did not complete in time')
droplet = do_mgr.get_droplet(droplet.id)
region = get_datacenter_region(droplet.region['slug'])
datacenter_name = 'Digital Ocean ' + droplet.region['name']
new_droplet_public_key = refresh_credentials(digitalocean_account,
droplet.ip_address,
new_root_password,
new_stats_password)
assert (new_droplet_public_key)
except Exception as e:
print type(e), str(e)
if droplet != None:
droplet.destroy()
else:
print type(e), "No droplet to be destroyed: ", str(droplet)
raise
return (droplet.name, None, droplet.id, droplet.ip_address,
digitalocean_account.base_ssh_port, 'root', new_root_password,
' '.join(new_droplet_public_key.split(' ')[:2]),
digitalocean_account.base_stats_username, new_stats_password,
datacenter_name, region, None, None, None, None, None, None)
