def do_shell(self, line):
if line:
tokens = line.split(' ')
#
# - update from @stphung -> reformat the input line to handle indirect paths transparently
# - for instance ../foo.bar will become foo.bar with the actual file included in the multi-part post
#
files = {}
substituted = tokens[:1]
for token in tokens[1:]:
expanded = expanduser(token)
full = abspath(expanded)
tag = basename(full)
if isfile(expanded):
#
# - if the token maps to a local file upload it
# - this is for instance what happens when you do 'deploy foo.yml'
#
files[tag] = abspath(full)
substituted += [tag]
elif isdir(expanded):
#
# - if the token maps to a local directory TGZ & upload it
# - this is typically used to upload settings & script for our CD pipeline
# - the TGZ is stored in our temp. directory
#
path = join(tmp, '%s.tgz' % tag)
shell('tar zcf %s *' % path, cwd=full)
files['%s.tgz' % tag] = path
substituted += ['%s.tgz' % tag]
else:
substituted += [token]
#
# - compute the SHA1 signature if we have a token
# - prep the CURL statement and run it
# - we should always get a HTTP 200 back with some UTF-8 json payload
# - parse & print
#
line = ' '.join(substituted)
digest = 'sha1=' + hmac.new(self.token, line, hashlib.sha1).hexdigest() if self.token else ''
url = 'http://%s/shell' % ipAndPort
headers = \
{
'X-Signature': digest,
'X-Shell': line
}
files_post = {file_id: open(files[file_id], 'rb') for file_id in files.keys()}
reply = post(url, headers=headers, files=files_post)
code = reply.status_code
out = reply.content
js = json.loads(out.decode('utf-8'))
print(js['out'] if code is 200 else 'i/o failure (is the proxy down ?)')
def __ReadyWorkAfterProduceAP(self):
print '[+]Waiting for completing configuration'
shell('ifconfig at0 192.168.2.254 netmask 255.255.255.0')
shell('ifconfig at0 up')
shell(
'routers add -net 192.168.2.0 netmask 255.255.255.0 gw 192.168.2.254'
)
shell('echo 1 > /proc/net/ipv4/ip_forward')
shell('iptables -t nat -A POSTROUTING -o ' + self.a_iface +
' -j MASQUERADE')
def __ProduceAP(self):
shell('airmon-ng check kill') #这一步可能会杀掉用于正常上网的无线网卡接口
shell('airmon-ng start ' + self.ap_iface, err=False)
airbase_c = "airbase-ng -e " + "'" + self.wifiname + "'" + " -c " + str(
self.channel) + " " + self.ap_iface + "mon"
self.airbase_proc = Popen(airbase_c,
shell=True,
stdout=PIPE,
stderr=PIPE) #不会输出到当前终端里
print '[' + B + '+' + W + ']' + 'airbase is running and you are able to find AP(' + self.wifiname + ')'
def do_shell(self, line):
if line:
tokens = line.split(' ')
#
# - update from @stphung -> reformat the input line to handle indirect paths transparently
# - for instance ../foo.bar will become foo.bar with the actual file included in the multi-part post
#
files = {}
substituted = tokens[:1]
for token in tokens[1:]:
expanded = expanduser(token)
full = abspath(expanded)
tag = basename(full)
if isfile(expanded):
#
# - if the token maps to a local file upload it
# - this is for instance what happens when you do 'deploy foo.yml'
#
files[tag] = abspath(full)
substituted += [tag]
elif isdir(expanded):
#
# - if the token maps to a local directory TGZ & upload it
# - this is typically used to upload settings & script for our CD pipeline
# - the TGZ is stored in our temp. directory
#
path = join(tmp, '%s.tgz' % tag)
shell('tar zcf %s *' % path, cwd=full)
files['%s.tgz' % tag] = path
substituted += ['%s.tgz' % tag]
else:
substituted += [token]
#
# - compute the SHA1 signature if we have a token
# - prep the CURL statement and run it
# - we should always get a HTTP 200 back with some UTF-8 json payload
# - parse & print
#
line = ' '.join(substituted)
unrolled = ['-F %s=@%s' % (k, v) for k, v in files.items()]
digest = 'sha1=' + hmac.new(
self.token, line,
hashlib.sha1).hexdigest() if self.token else ''
snippet = 'curl -X POST -H "X-Shell:%s" -H "X-Signature:%s" %s %s:9000/shell' % (
line, digest, ' '.join(unrolled), ip)
code, out = shell(snippet, cwd=tmp)
js = json.loads(out.decode('utf-8'))
print(js['out'] if code is 0 else
'i/o failure (is the proxy down ?)')
def do_shell(self, line):
if line:
tokens = line.split(' ')
#
# - update from @stphung -> reformat the input line to handle indirect paths transparently
# - for instance ../foo.bar will become foo.bar with the actual file included in the multi-part post
#
files = {}
substituted = tokens[:1]
for token in tokens[1:]:
expanded = expanduser(token)
full = abspath(expanded)
tag = basename(full)
if isfile(expanded):
#
# - if the token maps to a local file upload it
# - this is for instance what happens when you do 'deploy foo.yml'
#
files[tag] = abspath(full)
substituted += [tag]
elif isdir(expanded):
#
# - if the token maps to a local directory TGZ & upload it
# - this is typically used to upload settings & script for our CD pipeline
# - the TGZ is stored in our temp. directory
#
path = join(tmp, '%s.tgz' % tag)
shell('tar zcf %s *' % path, cwd=full)
files['%s.tgz' % tag] = path
substituted += ['%s.tgz' % tag]
else:
substituted += [token]
#
# - compute the SHA1 signature if we have a token
# - prep the CURL statement and run it
# - we should always get a HTTP 200 back with some UTF-8 json payload
# - parse & print
#
line = ' '.join(substituted)
unrolled = ['-F %s=@%s' % (k, v) for k, v in files.items()]
digest = 'sha1=' + hmac.new(self.token, line, hashlib.sha1).hexdigest() if self.token else ''
snippet = 'curl -X POST -H "X-Shell:%s" -H "X-Signature:%s" %s %s:9000/shell' % (line, digest, ' '.join(unrolled), ip)
code, out = shell(snippet, cwd=tmp)
js = json.loads(out.decode('utf-8'))
print(js['out'] if code is 0 else 'i/o failure (is the proxy down ?)')
def __StartDhcpServer(self):
result = shell('sudo /etc/init.d/isc-dhcp-server start')
if result.find('Starting isc-dhcp-server (via systemctl)') != -1:
print '[+]DHCP server(isc-dhcp-server) start successfully!'
print '[+]Now you can use AP(' + self.wifiname + ') normally:-)'
else:
print '[-]DHCP server(isc-dhcp-server) failed to start!'
print 'Error:\n' + R + result + W + '\n'
def bootstrap(name):
user = '******'
bootstrap_user = "******"
pub_key = shell('cat ~/.ssh/supporttor_bootstrap.pub')
# Add user bootstrap
dexec(name, user, 'sudo pw useradd -n %s -m -s /bin/sh' % bootstrap_user)
# Add bootstrap user to sudoers
dexec(
name, user,
'echo "%s ALL=(ALL) NOPASSWD:ALL" | sudo tee -a /usr/local/etc/sudoers'
% bootstrap_user)
# Make .ssh directory in bootstrap home
dexec(
name, user, 'sudo su %s -c "mkdir -p /home/%s/.ssh"' %
(bootstrap_user, bootstrap_user))
# Add bootstrap key to user
dexec(
name, user,
'echo "%s" | sudo su %s -c "tee /home/%s/.ssh/authorized_keys"' %
(pub_key, bootstrap_user, bootstrap_user))
# Delete default digital ocean freebsd user
dexec(name, user, 'sudo pw userdel -n freebsd')
# Finally, try ssh in with bootstrap user, run uname
dexec(name, bootstrap_user, 'uname -a')
# Install puppet
dexec(name, bootstrap_user, 'sudo pkg install -y puppet4')
# Enable puppet at boot
dexec(name, bootstrap_user, 'sudo sysrc puppet_enable="YES"')
# Deploy puppet configuration
dexec(
name, bootstrap_user,
'echo "%s" | sudo tee /usr/local/etc/puppet/puppet.conf' %
puppet_configuration)
# Start puppet now
dexec(name, bootstrap_user, 'sudo service puppet start')
def init(args):
tmp = tempfile.mkdtemp()
try:
#
# - git clone the template repo from the opaugam org.
#
kind = args[0] if args else 'default'
repo = 'ochothon-template-%s' % kind
code, _ = shell('git clone https://github.com/opaugam/%s' % repo, cwd=tmp)
assert code == 0, 'unable to find template "%s" in git' % kind
#
# - ask a few questions
#
tag = raw_input('> enter a short identifier (e.g web or database): ')
image = raw_input('> enter the docker repo/image: ')
#
# - strip non-alpha characters from the tag
#
bad = ''.join(c for c in map(chr, range(256)) if not c.isalnum() and c not in ['-'])
tag = tag.translate(None, bad)
mappings = \
{
'tag': tag,
'image': image
}
renderable = \
[
'Dockerfile',
'README*',
'*.py',
'*.yml',
'*.conf'
]
#
# - walk through the cloned repo
# - render all templates
#
l = len(tmp) + 1
env = Environment(loader=FileSystemLoader(tmp))
for root, sub, items in os.walk(tmp):
for item in items:
absolute = path.join(root, item)
if not '.git' in absolute:
for regex in renderable:
if fnmatch.fnmatch(item, regex):
rendered = env.get_template(absolute[l:]).render(mappings)
import codecs
with codecs.open(absolute, 'wb', 'utf-8') as f:
f.write(rendered)
break
#
# - copy the whole thing to where the script is invoked from
#
local = 'ochopod-marathon-%s' % tag
code, _ = shell('mkdir %s && cp -r %s/%s/* %s' % (local, tmp, repo, local))
print 'template ready in %s/' % local
except KeyboardInterrupt:
exit(0)
except Exception as failure:
print('internal failure <- %s' % str(failure))
exit(1)
finally:
#
# - cleanup the temporary directory
#
shutil.rmtree(tmp)
def avail_path(machine, module_path):
log.info("Reading modules from " + machine)
# Check if running on mahuika01, and recheck modules
# source /etc/bashrc doesn't work on maui for some reason
log.info("Working... Takes about 100 sec... for some reason")
stdout_full = (c.shell(
"MODULEPATH=" + module_path +
"; /usr/share/lmod/lmod/libexec/lmod -t avail").split("MODULEPATH")[0])
main_dict = {}
lastApp = ""
# return main_dict
# Get names of all apps
for line in stdout_full.split("\n"):
# Check if this is the same app as last time.
thisApp = line.split("/")[0].strip()
# Check nonzero
if len(thisApp) > 0:
# If new app, add to dictionary.
if lastApp != thisApp:
# Define dict
main_dict[thisApp] = deepcopy(settings["default"])
main_dict[thisApp]["machines"][machine] = []
try:
data = c.shell(
"MODULEPATH=" + module_path +
"; /usr/share/lmod/lmod/libexec/lmod -t whatis " +
thisApp)
except:
log.error("Module whatis for " + thisApp +
" failed, skipping...")
# return
# Cant remember why I did this, and I aint touching it.
regexHomepage = r"(?<=Homepage: )\S*"
matchesHomepage = re.findall(regexHomepage, data)
if len(matchesHomepage) > 0:
main_dict[thisApp]["homepage"] = matchesHomepage[0]
if len(data.split("Description: ")) > 1:
short = data.split("Description: ")[1]
elif len(data.split(": ")) > 1:
short = (data.split(": "))[1]
else:
short = data
main_dict[thisApp]["description"] = short.split(thisApp +
"/")[0]
else:
# If add to versionlist
main_dict[thisApp]["machines"][machine].append(line)
lastApp = thisApp
log.info("Module avail complete")
return main_dict
def dexec(name, user, command):
dip = get_droplet_ip(name)
ssh_base_cmd = "ssh -q -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -i ~/.ssh/supporttor_bootstrap %s@%s" % (
user, dip)
return shell('%s \'%s\'' % (ssh_base_cmd, command))
def init(args):
tmp = tempfile.mkdtemp()
try:
#
# - git clone the template repo from the opaugam org.
#
kind = args[0] if args else 'default'
repo = 'ochothon-template-%s' % kind
code, _ = shell('git clone https://github.com/opaugam/%s' % repo,
cwd=tmp)
assert code == 0, 'unable to find template "%s" in git' % kind
#
# - ask a few questions
#
tag = raw_input('> enter a short identifier (e.g web or database): ')
image = raw_input('> enter the docker repo/image: ')
#
# - strip non-alpha characters from the tag
#
bad = ''.join(c for c in map(chr, range(256))
if not c.isalnum() and c not in ['-'])
tag = tag.translate(None, bad)
mappings = \
{
'tag': tag,
'image': image
}
renderable = \
[
'Dockerfile',
'README*',
'*.py',
'*.yml',
'*.conf'
]
#
# - walk through the cloned repo
# - render all templates
#
l = len(tmp) + 1
env = Environment(loader=FileSystemLoader(tmp))
for root, sub, items in os.walk(tmp):
for item in items:
absolute = path.join(root, item)
if not '.git' in absolute:
for regex in renderable:
if fnmatch.fnmatch(item, regex):
rendered = env.get_template(
absolute[l:]).render(mappings)
import codecs
with codecs.open(absolute, 'wb', 'utf-8') as f:
f.write(rendered)
break
#
# - copy the whole thing to where the script is invoked from
#
local = 'ochopod-marathon-%s' % tag
code, _ = shell('mkdir %s && cp -r %s/%s/* %s' %
(local, tmp, repo, local))
print 'template ready in %s/' % local
except KeyboardInterrupt:
exit(0)
except Exception as failure:
print('internal failure <- %s' % str(failure))
exit(1)
finally:
#
# - cleanup the temporary directory
#
shutil.rmtree(tmp)
