Example #1
0
def install_mysql_replication(args):
  '''
  Setup and start the database replication in master-master mode.

  This function should be executed on the secondary master, after the
  primary master has been configured.

  '''
  app.print_verbose("Install mysql replication version: %d" % SCRIPT_VERSION)
  version_obj = version.Version("install-mysql-replication", SCRIPT_VERSION)
  version_obj.check_executed()

  general.wait_for_server_to_start(config.general.get_mysql_primary_master_ip(), "3306")

  repl_password=general.generate_password(20)

  for ip in [config.general.get_mysql_primary_master_ip(), config.general.get_mysql_secondary_master_ip()]:
    mysql_exec("stop slave;", True, ip)
    mysql_exec("delete from mysql.user where User = '******';", True, ip)
    mysql_exec("flush privileges;", True, ip)
    mysql_exec("GRANT REPLICATION SLAVE ON *.* TO 'repl'@'" + config.general.get_mysql_primary_master_ip() + "' IDENTIFIED BY '" + repl_password + "';", True, ip)
    mysql_exec("GRANT REPLICATION SLAVE ON *.* TO 'repl'@'" + config.general.get_mysql_secondary_master_ip() + "' IDENTIFIED BY '" + repl_password + "';", True, ip)
    if (ip==config.general.get_mysql_primary_master_ip()):
      mysql_exec("CHANGE MASTER TO MASTER_HOST='" + config.general.get_mysql_secondary_master_ip() + "', MASTER_USER='******', MASTER_PASSWORD='******'", True, ip)
    else:
      mysql_exec("CHANGE MASTER TO MASTER_HOST='" + config.general.get_mysql_primary_master_ip() + "', MASTER_USER='******', MASTER_PASSWORD='******'", True, ip)
    mysql_exec("start slave;", True, ip)

  version_obj.mark_executed()
Example #2
0
def _setup_radius_client(name, ip):
  '''
  Setup radius client config file.
  And generating password and iptables rules

  '''

  o = open("/etc/raddb/clients.conf","a")
  o.write ("client " + name +" {" "\n")
  o.write ("\tipaddr = {0}\n".format(ip))
  o.write ("\tsecret = {0}\n".format(generate_password(20, string.letters + string.digits)))
  o.write ("\tnastype = other\n")
  o.write ("\t}\n\n")
  o.close()
Example #3
0
def _setup_radius_client(name, ip):
    '''
  Setup radius client config file.
  And generating password and iptables rules

  '''

    o = open("/etc/raddb/clients.conf", "a")
    o.write("client " + name + " {" "\n")
    o.write("\tipaddr = {0}\n".format(ip))
    o.write("\tsecret = {0}\n".format(
        generate_password(20, string.letters + string.digits)))
    o.write("\tnastype = other\n")
    o.write("\t}\n\n")
    o.close()
Example #4
0
def install_purge_db():
    '''
    Install a script that purges mysql from old rows every hour.

    '''
    # Setup user for purge script.
    sql_password = generate_password(20, string.letters + string.digits)
    mysqlUtils.drop_user('purgelogdb')
    mysqlUtils.create_user('purgelogdb', sql_password, 'Syslog', 'SELECT, DELETE')

    # Script should be executed once every hour.
    fn = "/etc/cron.hourly/purge-db.sh"
    x("cp -f {0}var/rsyslog/purge-db.sh {1}".format(app.SYCO_PATH, fn))
    x("chmod +x {0}".format(fn))
    logSql = scOpen(fn)
    logSql.replace("${MYSQL_PASSWORD}", sql_password)
Example #5
0
def install_mysql_replication(args):
    '''
  Setup and start the database replication in master-master mode.

  This function should be executed on the secondary master, after the
  primary master has been configured.

  '''
    app.print_verbose("Install mysql replication version: %d" % SCRIPT_VERSION)
    version_obj = version.Version("install-mysql-replication", SCRIPT_VERSION)
    version_obj.check_executed()

    general.wait_for_server_to_start(
        config.general.get_mysql_primary_master_ip(), "3306")

    repl_password = general.generate_password(20)

    for ip in [
            config.general.get_mysql_primary_master_ip(),
            config.general.get_mysql_secondary_master_ip()
    ]:
        mysql_exec("stop slave;", True, ip)
        mysql_exec("delete from mysql.user where User = '******';", True, ip)
        mysql_exec("flush privileges;", True, ip)
        mysql_exec(
            "GRANT REPLICATION SLAVE ON *.* TO 'repl'@'" +
            config.general.get_mysql_primary_master_ip() +
            "' IDENTIFIED BY '" + repl_password + "';", True, ip)
        mysql_exec(
            "GRANT REPLICATION SLAVE ON *.* TO 'repl'@'" +
            config.general.get_mysql_secondary_master_ip() +
            "' IDENTIFIED BY '" + repl_password + "';", True, ip)
        if (ip == config.general.get_mysql_primary_master_ip()):
            mysql_exec(
                "CHANGE MASTER TO MASTER_HOST='" +
                config.general.get_mysql_secondary_master_ip() +
                "', MASTER_USER='******', MASTER_PASSWORD='******'", True, ip)
        else:
            mysql_exec(
                "CHANGE MASTER TO MASTER_HOST='" +
                config.general.get_mysql_primary_master_ip() +
                "', MASTER_USER='******', MASTER_PASSWORD='******'", True, ip)
        mysql_exec("start slave;", True, ip)

    version_obj.mark_executed()
Example #6
0
def _setup_icinga_web_mysql():
    '''
    Set up a mysql database for icinga-web

    '''
    # Generate a random password and add the icinga_web user
    web_sqlpassword = generate_password(40, chars=string.letters+string.digits)
    mysqlUtils.create_user('icinga-web', web_sqlpassword, 'icinga_web')

    # Build database tables from supplied schema
    x("mysql --user='******' --password='******' -e 'CREATE DATABASE icinga_web'".format("icinga-web",re.escape(web_sqlpassword)))
    x("mysql icinga_web  --user='******' --password='******' < /usr/share/doc/icinga-web-{2}/schema/mysql.sql".format("icinga-web",re.escape(web_sqlpassword),_get_icinga_version()))

    # Append a login password for "icingaadmin".
    x("mysql --user='******' --password='******' < {2}syco-private/var/nagios/{3}".format("icinga-web",re.escape(web_sqlpassword), constant.SYCO_USR_PATH,"icinga_password.sql"))

    return web_sqlpassword
Example #7
0
def install_purge_db():
    '''
    Install a script that purges mysql from old rows every hour.

    '''
    # Setup user for purge script.
    sql_password = generate_password(20, string.letters + string.digits)
    mysqlUtils.drop_user('purgelogdb')
    mysqlUtils.create_user('purgelogdb', sql_password, 'Syslog',
                           'SELECT, DELETE')

    # Script should be executed once every hour.
    fn = "/etc/cron.hourly/purge-db.sh"
    x("cp -f {0}var/rsyslog/purge-db.sh {1}".format(app.SYCO_PATH, fn))
    x("chmod +x {0}".format(fn))
    logSql = scOpen(fn)
    logSql.replace("${MYSQL_PASSWORD}", sql_password)
Example #8
0
def install_mariadb_replication(args):
    """
    Setup and start the database replication in master-master mode.

    This function should be executed on the secondary master, after the
    primary master has been configured.

    """
    app.print_verbose(
        "Install MariaDB replication version: %d" % SCRIPT_VERSION
    )
    version_obj = version.Version("install-mariadb-replication", SCRIPT_VERSION)
    version_obj.check_executed()

    current_host_config = config.host(net.get_hostname())
    repl_peer = current_host_config.get_option("repl_peer")
    general.wait_for_server_to_start(repl_peer, "3306")

    repl_password = general.generate_password(20)
    front_ip = current_host_config.get_front_ip()
    for ip in ["127.0.0.1", repl_peer]:
        mysql_exec("stop slave;", True, ip)
        mysql_exec("delete from mysql.user where User = '******'", True, ip)
        mysql_exec("flush privileges;", True, ip)
        mysql_exec(
            "GRANT REPLICATION SLAVE ON *.* TO " +
            "'repl'@'%s' IDENTIFIED BY '%s'," % (repl_peer, repl_password) +
            "'repl'@'%s' IDENTIFIED BY '%s'" % (front_ip, repl_password),
            True, ip)

        if ip == "127.0.0.1":
            mysql_exec(
                "CHANGE MASTER TO MASTER_HOST='%s', " % repl_peer +
                "MASTER_USER='******', MASTER_PASSWORD='******'" % repl_password,
                True, ip
            )
        else:
            mysql_exec(
                "CHANGE MASTER TO MASTER_HOST='%s', " % front_ip +
                "MASTER_USER='******', MASTER_PASSWORD='******'" % repl_password,
                True, ip
            )

        mysql_exec("start slave;", True, ip)

    version_obj.mark_executed()
Example #9
0
def install_rsyslogd(args):
    '''
    Install rsyslogd on the server.

    '''
    app.print_verbose("Install rsyslogd.")
    version_obj = version.Version("InstallRsyslogd", SCRIPT_VERSION)
    version_obj.check_executed()

    # Initialize all passwords used by the script
    app.init_mysql_passwords()

    # Setup syco dependencies.
    if not os.path.exists('/etc/init.d/mysqld'):
        install_mysql(["", "1", "1G"])

    # Installing packages
    x("yum install rsyslog rsyslog-gnutls rsyslog-mysql gnutls-utils -y")

    # Autostart rsyslog at boot
    x("chkconfig rsyslog on")

    # Generation new certs if no certs exsists
    if not os.path.exists('/etc/pki/rsyslog/ca.crt'):
        rsyslog_newcerts(args)

    sql_password = generate_password(20, string.letters + string.digits)
    _setup_database(sql_password)
    _setup_rsyslogd(sql_password)

    # Add iptables chains
    iptables.add_rsyslog_chain("server")
    iptables.save()

    # Restarting service
    x("/etc/init.d/rsyslog restart")

    install_purge_db()
    install_compress_logs()

    # Configure logrotate
    installLogrotate.install_logrotate(args)

    version_obj.mark_executed()
Example #10
0
def install_rsyslogd(args):
    '''
    Install rsyslogd on the server.

    '''
    app.print_verbose("Install rsyslogd.")
    version_obj = version.Version("InstallRsyslogd", SCRIPT_VERSION)
    version_obj.check_executed()

    # Initialize all passwords used by the script
    app.init_mysql_passwords()

    # Setup syco dependencies.
    if not os.path.exists('/etc/init.d/mysqld'):
        install_mysql(["","1","1G"])

    # Installing packages
    x("yum install rsyslog rsyslog-gnutls rsyslog-mysql gnutls-utils -y")

    # Autostart rsyslog at boot
    x("chkconfig rsyslog on")

    # Generation new certs if no certs exsists
    if not os.path.exists('/etc/pki/rsyslog/ca.crt'):
        rsyslog_newcerts(args)

    sql_password = generate_password(20, string.letters + string.digits)
    _setup_database(sql_password)
    _setup_rsyslogd(sql_password)

    # Add iptables chains
    iptables.add_rsyslog_chain("server")
    iptables.save()

    # Restarting service
    x("/etc/init.d/rsyslog restart")

    install_purge_db()
    install_compress_logs()

    # Configure logrotate
    installLogrotate.install_logrotate(args)

    version_obj.mark_executed()
Example #11
0
def _setup_icinga_mysql():
    '''
    Set up a mysql database for icinga

    '''
    # Create and configure. Install hardened MySQL if needed.
    if not os.path.exists('/etc/init.d/mysqld'):
        install_mysql(["","1","1G"])
    sqlpassword = generate_password(40,chars=string.letters+string.digits)

    # Create MySQL icinga user
    mysqlUtils.drop_user('icinga')
    mysqlUtils.create_user('icinga', sqlpassword, 'icinga')

    # Create MySQL database schema for icinga.
    x("mysql --user='******' --password='******' -e 'CREATE DATABASE icinga'".format("icinga",re.escape(sqlpassword)))
    x("mysql icinga --user='******' --password='******' < /usr/share/doc/icinga-idoutils-libdbi-mysql-{2}/db/mysql/mysql.sql".format("icinga",re.escape(sqlpassword), _get_icinga_version()))

    return sqlpassword
Example #12
0
def _setup_icinga_mysql():
    '''
    Set up a mysql database for icinga

    '''
    # Create and configure. Install hardened MySQL if needed.
    if not os.path.exists('/etc/init.d/mysqld'):
        install_mysql(["", "1", "1G"])
    sqlpassword = generate_password(40, chars=string.letters + string.digits)

    # Create MySQL icinga user
    mysqlUtils.drop_user('icinga')
    mysqlUtils.create_user('icinga', sqlpassword, 'icinga')

    # Create MySQL database schema for icinga.
    x("mysql --user='******' --password='******' -e 'CREATE DATABASE icinga'".format(
        "icinga", re.escape(sqlpassword)))
    x("mysql icinga --user='******' --password='******' < /usr/share/doc/icinga-idoutils-libdbi-mysql-{2}/db/mysql/mysql.sql"
      .format("icinga", re.escape(sqlpassword), _get_icinga_version()))

    return sqlpassword
Example #13
0
def install_loganalyzer(args):
    '''
    Install and configure adiscon.com loganalyzer.

    '''
    app.print_verbose("Install loganalyzer version: %d" % SCRIPT_VERSION)
    version_obj = version.Version("InstallLoganalyzer", SCRIPT_VERSION)
    version_obj.check_executed()

    # Initialize all passwords used by the script
    app.init_mysql_passwords()

    _install_packages(args)
    _download_loganalyzer()

    sql_password = general.generate_password(20, string.letters + string.digits)
    _create_db_user(sql_password)
    _configure_loganalyzer(sql_password)

    _configure_apache()
    _set_permissions()

    version_obj.mark_executed()
Example #14
0
def _setup_icinga_web_mysql():
    '''
    Set up a mysql database for icinga-web

    '''
    # Generate a random password and add the icinga_web user
    web_sqlpassword = generate_password(40,
                                        chars=string.letters + string.digits)
    mysqlUtils.create_user('icinga-web', web_sqlpassword, 'icinga_web')

    # Build database tables from supplied schema
    x("mysql --user='******' --password='******' -e 'CREATE DATABASE icinga_web'".
      format("icinga-web", re.escape(web_sqlpassword)))
    x("mysql icinga_web  --user='******' --password='******' < /usr/share/doc/icinga-web-{2}/schema/mysql.sql"
      .format("icinga-web", re.escape(web_sqlpassword),
              _get_icinga_web_version()))

    # Append a login password for "icingaadmin".
    x("mysql --user='******' --password='******' < {2}syco-private/var/nagios/{3}".
      format("icinga-web", re.escape(web_sqlpassword), constant.SYCO_USR_PATH,
             "icinga_password.sql"))

    return web_sqlpassword
Example #15
0
def install_loganalyzer(args):
    '''
    Install and configure adiscon.com loganalyzer.

    '''
    app.print_verbose("Install loganalyzer version: %d" % SCRIPT_VERSION)
    version_obj = version.Version("InstallLoganalyzer", SCRIPT_VERSION)
    version_obj.check_executed()

    # Initialize all passwords used by the script
    app.init_mysql_passwords()

    _install_packages(args)
    _download_loganalyzer()

    sql_password = general.generate_password(20,
                                             string.letters + string.digits)
    _create_db_user(sql_password)
    _configure_loganalyzer(sql_password)

    _configure_apache()
    _set_permissions()

    version_obj.mark_executed()