def main():
parser = ArgumentParser(
description='Provides a DBus API to perform privileged operations',
parents=[common_parser])
args = parser.parse_args()
setup_cli_logging(parser.prog, args)
load_config(args.config)
run_event_loop()
def main() -> int:
parser = create_parser()
args = parser.parse_args()
setup_cli_logging(parser.prog, args)
try:
load_config(args.config)
except ConfigError as e:
print_config_error(e)
return os.EX_CONFIG
run_event_loop()
def main():
parser = ArgumentParser(
description='Provides a DBus API to perform privileged operations',
parents=[common_parser])
args = parser.parse_args()
setup_cli_logging(parser.prog, args)
try:
load_config(args.config)
except ConfigError as e:
print_config_error(e)
return os.EX_CONFIG
run_event_loop()
def main() -> int:
parser = create_parser()
args = parser.parse_args()
setup_cli_logging(parser.prog, args)
try:
config = load_config(args.config)
except ConfigError as e:
print_config_error(e)
return os.EX_CONFIG
try:
engine = db.create_engine(config, poolclass=NullPool)
agent_pwd: pwd.struct_passwd = pwd.getpwnam(constants.AGENT_USER)
with dropped_privileges(agent_pwd):
check_database(engine, agent_pwd, (db.radacct, db.radpostauth))
portal_pwd: pwd.struct_passwd = pwd.getpwnam(constants.PORTAL_USER)
with dropped_privileges(portal_pwd):
check_database(engine, portal_pwd,
(db.radacct, db.radpostauth, db.radusergroup))
radius_pwd: pwd.struct_passwd = pwd.getpwnam(constants.RADIUS_USER)
with dropped_privileges(radius_pwd):
check_database(engine, radius_pwd,
(db.radacct, db.radgroupcheck, db.radgroupreply,
db.radpostauth, db.radreply, db.radusergroup))
except DBAPIError:
return os.EX_TEMPFAIL
return os.EX_OK
def main():
description = textwrap.dedent(
"""
Run the celery command configured for Hades.
All arguments except -c/--config and -A/--app are passed to the Celery
celery as is. You may not provide the -A/--app argument.
"""
)
parser = ArgumentParser(description=description,
formatter_class=Formatter,
parents=[common_parser])
parser.add_argument('-A', '--app', dest='app', help=argparse.SUPPRESS)
parser.add_argument('command')
args, argv = parser.parse_known_args()
try:
config = load_config(args.config)
except ConfigError as e:
print_config_error(e)
return os.EX_CONFIG
app.config_from_object(config.of_type(CeleryOption))
if args.app:
parser.error("You may not provide the -A/--app worker argument")
argv.insert(0, parser.prog)
argv.insert(1, args.command)
argv.extend(['-A', 'hades.bin.agent:app'])
if args.command == 'worker':
argv.extend(['-n', config.HADES_CELERY_WORKER_HOSTNAME])
return app.start(argv)
def main() -> int:
description = textwrap.dedent(
"""
Hades keepalived VRRP notify script.
This script is called by keepalived, if a VRRP instance's state changes.
"""
)
parser = ArgumentParser(description=description,
parents=[common_parser])
parser.add_argument('type', choices=['GROUP', 'INSTANCE'],
help="Type indication")
parser.add_argument('name', help="The name of the group or instance")
parser.add_argument('state', choices=['MASTER', 'BACKUP', 'FAULT'],
help="The state it's transitioning to")
parser.add_argument('priority', type=int, help="The priority value")
args = parser.parse_args()
logger.fatal("Transitioning %s to %s with priority %d", args.name,
args.state, args.priority)
app.config_from_object(
load_config(args.config, runtime_checks=True, option_cls=CeleryOption))
if args.name == 'hades-auth':
return notify_auth(args.state, args.priority)
elif args.name == 'hades-radius':
return notify_radius(args.state, args.priority)
elif args.name == 'hades-unauth':
return notify_unauth(args.state, args.priority)
def main() -> int:
description = textwrap.dedent(
"""
Hades keepalived VRRP notify script.
This script is called by keepalived, if a VRRP instance's state changes.
"""
)
parser = ArgumentParser(description=description,
parents=[common_parser])
parser.add_argument('type', choices=['GROUP', 'INSTANCE'],
help="Type indication")
parser.add_argument('name', help="The name of the group or instance")
parser.add_argument('state', choices=['MASTER', 'BACKUP', 'FAULT'],
help="The state it's transitioning to")
parser.add_argument('priority', type=int, help="The priority value")
args = parser.parse_args()
logger.fatal("Transitioning %s to %s with priority %d", args.name,
args.state, args.priority)
try:
config = load_config(args.config, runtime_checks=True,
option_cls=CeleryOption)
except ConfigError as e:
print_config_error(e)
return os.EX_CONFIG
app.config_from_object(config)
if args.name == 'hades-auth':
return notify_auth(args.state, args.priority)
elif args.name == 'hades-radius':
return notify_radius(args.state, args.priority)
elif args.name == 'hades-unauth':
return notify_unauth(args.state, args.priority)
def main():
parser = ArgumentParser(parents=[common_parser])
args = parser.parse_args()
setup_cli_logging(parser.prog, args)
try:
config = load_config(args.config)
except ConfigError as e:
print_config_error(e)
return os.EX_CONFIG
try:
engine = db.create_engine(config, poolclass=NullPool)
agent_pwd = pwd.getpwnam(constants.AGENT_USER)
with dropped_privileges(agent_pwd):
check_database(engine, agent_pwd.pw_name,
(db.radacct, db.radpostauth))
portal_pwd = pwd.getpwnam(constants.PORTAL_USER)
with dropped_privileges(portal_pwd):
check_database(engine, portal_pwd.pw_name,
(db.radacct, db.radpostauth, db.radusergroup))
radius_pwd = pwd.getpwnam(constants.RADIUS_USER)
with dropped_privileges(radius_pwd):
check_database(engine, radius_pwd.pw_name,
(db.radacct, db.radgroupcheck, db.radgroupreply,
db.radpostauth, db.radreply, db.radusergroup))
except DBAPIError:
return os.EX_TEMPFAIL
return os.EX_OK
def main():
parser = ArgumentParser(parents=[common_parser])
parser.add_argument(dest='source',
metavar='SOURCE',
help="Template file name or template directory name")
parser.add_argument(dest='destination',
metavar='DESTINATION',
nargs='?',
help="Destination file or directory (default is stdout"
"for files; required for directories)")
args = parser.parse_args()
setup_cli_logging(parser.prog, args)
config = load_config(args.config)
template_dir = constants.templatedir
generator = ConfigGenerator(template_dir, config)
source_path = os.path.join(template_dir, args.source)
if os.path.isdir(source_path):
generator.from_directory(args.source, args.destination)
elif os.path.isfile(source_path):
if args.destination is None:
generator.from_file(args.source, sys.stdout)
else:
with open(args.destination, 'w', encoding='utf-8') as f:
generator.from_file(args.source, f)
else:
logger.critical("No such file or directory %s in %s", args.source,
template_dir)
return os.EX_NOINPUT
def main():
parser = create_parser()
args = parser.parse_args()
setup_cli_logging(parser.prog, args)
try:
config = load_config(args.config)
except ConfigError as e:
print_config_error(e)
return os.EX_CONFIG
export(config, args.format, args.file)
return os.EX_OK
def main():
parser = create_parser()
args = parser.parse_args()
setup_cli_logging(parser.prog, args)
try:
config = load_config(args.config)
except ConfigError as e:
print_config_error(e)
return os.EX_CONFIG
search_path = constants.templatepath.split(os.path.pathsep)
generator = ConfigGenerator(search_path, config, args.mode, args.group)
try:
generator.generate(args.source, args.destination)
except GeneratorError as e:
logger.critical(str(e))
return os.EX_DATAERR
def main() -> int:
parser = create_parser()
args = parser.parse_args()
logger.fatal("Transitioning %s to %s with priority %d", args.name,
args.state, args.priority)
try:
config = load_config(args.config,
runtime_checks=True,
option_cls=CeleryOption)
except ConfigError as e:
print_config_error(e)
return os.EX_CONFIG
if args.name == 'hades-auth':
return notify_auth(args.state, args.priority)
elif args.name == 'hades-root':
return notify_root(args.state, args.priority)
elif args.name == 'hades-unauth':
return notify_unauth(args.state, args.priority)
def main():
parser = ArgumentParser(description='Export options as shell variables',
epilog='Python sequence and mapping types will '
'only be exported, if the destination '
'format support it',
parents=[parent_parser])
parser.add_argument('--format', choices=('systemd', 'posix', 'bash', 'ksh',
'zsh'),
default='systemd', help='Export format.')
parser.add_argument('file', type=argparse.FileType('wb'), metavar='FILE',
default='-', nargs='?',
help='Output destination (default: stdout)')
args = parser.parse_args()
setup_cli_logging(parser.prog, args)
try:
config = load_config(args.config)
except ConfigError as e:
print_config_error(e)
return os.EX_CONFIG
export(config, args.format, args.file)
return os.EX_OK
def main():
parser = ArgumentParser(description='Export options as shell variables',
epilog='Python sequence and mapping types will '
'only be exported, if the destination '
'format support it',
parents=[parent_parser])
parser.add_argument('--format',
choices=('systemd', 'posix', 'bash', 'ksh', 'zsh'),
default='systemd',
help='Export format.')
parser.add_argument('file',
type=argparse.FileType('wb'),
metavar='FILE',
default='-',
nargs='?',
help='Output destination (default: stdout)')
args = parser.parse_args()
setup_cli_logging(parser.prog, args)
config = load_config(args.config)
export(config, args.format, args.file)
return os.EX_OK
def main() -> int:
parser = create_parser()
args = parser.parse_args()
setup_cli_logging(parser.prog, args)
try:
config = load_config(args.config)
except ConfigError as e:
print_config_error(e)
return os.EX_CONFIG
app = create_app()
app.config_from_object(config.of_type(CeleryOption))
log_level = logging.root.level
reset_cli_logging()
worker: celery.apps.worker.Worker = app.Worker(
app=app,
hostname=config.HADES_CELERY_WORKER_HOSTNAME,
statedb=config.HADES_CELERY_STATE_DB,
pidfile=args.pid_file,
loglevel=log_level
)
worker.start()
return worker.exitcode
def main():
description = textwrap.dedent("""
Run the celery command configured for Hades.
All arguments except -c/--config and -A/--app are passed to the Celery
celery as is. You may not provide the -A/--app argument.
""")
parser = ArgumentParser(description=description,
formatter_class=Formatter,
parents=[common_parser])
parser.add_argument('-A', '--app', dest='app', help=argparse.SUPPRESS)
parser.add_argument('command')
args, argv = parser.parse_known_args()
config = load_config(args.config)
app.config_from_object(config.of_type(CeleryOption))
if args.app:
parser.error("You may not provide the -A/--app worker argument")
argv.insert(0, parser.prog)
argv.insert(1, args.command)
argv.extend(['-A', 'hades.bin.agent:app'])
if args.command == 'worker':
argv.extend(['-n', config.HADES_CELERY_WORKER_HOSTNAME])
return app.start(argv)
def main():
parser = ArgumentParser(parents=[common_parser])
args = parser.parse_args()
setup_cli_logging(parser.prog, args)
config = load_config(args.config, runtime_checks=True)
try:
engine = db.create_engine(config, poolclass=NullPool)
agent_pwd = pwd.getpwnam(constants.AGENT_USER)
with dropped_privileges(agent_pwd):
check_database(engine, agent_pwd.pw_name,
(db.radacct, db.radpostauth))
portal_pwd = pwd.getpwnam(constants.PORTAL_USER)
with dropped_privileges(portal_pwd):
check_database(engine, portal_pwd.pw_name,
(db.radacct, db.radpostauth, db.radusergroup))
radius_pwd = pwd.getpwnam(constants.RADIUS_USER)
with dropped_privileges(radius_pwd):
check_database(engine, radius_pwd.pw_name,
(db.radacct, db.radgroupcheck, db.radgroupreply,
db.radpostauth, db.radreply, db.radusergroup))
except DBAPIError:
return os.EX_TEMPFAIL
return os.EX_OK
def configure_app():
app.config.from_object(load_config(option_cls=FlaskOption))
from hades.config.loader import load_config
from hades.config.options import FlaskOption
# noinspection PyUnresolvedReferences
from hades.portal import app, views
app.config.from_object(load_config(option_cls=FlaskOption))
application = app
def main():
return app.run(debug=True)
if __name__ == '__main__':
main()
def main():
parser = ArgumentParser(
description="Listens for commands as output by `hades-dhcp-script`.",
epilog=f"""\
This server listens on a socket for commands communicating lease events.
For detailed information about the functionality see `hades-dhcp-script --help`.
It is the server component for what could have been a single python program,
however because of performance reasons, it was necessary to circumvent the need
for a complete python interpreter startup every time such a notification happens.\
""",
parents=[common_parser],
)
parser.add_argument(
'--socket',
nargs='?',
default=constants.AUTH_DHCP_SCRIPT_SOCKET,
help=
f"Socket to listen on. Default: {constants.AUTH_DHCP_SCRIPT_SOCKET}")
args = parser.parse_args()
SCRIPT_SOCKET = args.socket
setup_cli_logging(parser.prog, args)
try:
config = load_config(args.config)
except ConfigError as e:
print_config_error(e)
return os.EX_CONFIG
fds = listen_fds()
if len(fds) == 0:
logger.info(
"Opening UNIX socket at %s.",
SCRIPT_SOCKET,
)
sock = socket.socket(socket.AF_UNIX, socket.SOCK_STREAM, 0)
try:
os.unlink(SCRIPT_SOCKET)
except FileNotFoundError:
pass
sock.bind(SCRIPT_SOCKET)
sock.listen(Server.request_queue_size)
elif len(fds) == 1:
logger.info("Using systemd activation socket")
sock = fds[0]
if not is_socket_unix(sock, socket.SOCK_STREAM):
logger.critical(
"Passed socket is not an AF_UNIX SOCK_STREAM socket")
return os.EX_USAGE
else:
logger.critical(
"More than one (%d) socket passed via socket activation",
len(fds),
)
return os.EX_USAGE
engine = db.create_engine(
config,
pool_size=1,
max_overflow=2,
pool_pre_ping=True,
pool_reset_on_return='rollback',
)
try:
engine.connect()
except DBAPIError as e:
logger.critical("Could not connect to database", exc_info=e)
return os.EX_TEMPFAIL
server = Server(sock, engine)
server.serve_forever()
return os.EX_OK
def engine_from_config(filename: str) -> Engine:
config = load_config(filename)
engine = create_engine(config, isolation_level="SERIALIZABLE")
return engine
from hades.config.loader import load_config
from hades.config.options import FlaskOption
# noinspection PyUnresolvedReferences
from hades.portal import app, views
app.config.from_object(load_config(option_cls=FlaskOption))
application = app
def main():
return app.run(debug=True)
if __name__ == '__main__':
main()