def prepare_storage(self):
app_storage_dir = self.app.init_storage(USER_NAME)
fs.touchfile(join(app_storage_dir, '.ocdata'))
check_output('chmod 770 {0}'.format(app_storage_dir), shell=True)
tmp_storage_path = join(app_storage_dir, 'tmp')
fs.makepath(tmp_storage_path)
fs.chownpath(tmp_storage_path, USER_NAME)
def install(self):
linux.fix_locale()
linux.useradd(USER_NAME)
self.log.info(fs.chownpath(self.app.get_install_dir(), USER_NAME, recursive=True))
app_data_dir = self.app.get_data_dir()
database_path = '{0}/database'.format(app_data_dir)
variables = {
'app_dir': self.app_dir,
'app_data_dir': app_data_dir,
'db_psql_path': database_path,
'db_psql_port': PSQL_PORT,
'db_name': DB_NAME,
'db_user': DB_USER,
'db_password': DB_PASS
}
templates_path = join(self.app_dir, 'config.templates')
config_path = join(app_data_dir, 'config')
gen.generate_files(templates_path, config_path, variables)
fs.makepath(join(app_data_dir, 'config'))
fs.makepath(join(app_data_dir, 'redis'))
fs.makepath(join(app_data_dir, 'log'))
fs.makepath(join(app_data_dir, 'nginx'))
fs.chownpath(app_data_dir, USER_NAME, recursive=True)
self.log.info("setup systemd")
user_config = UserConfig(app_data_dir)
is_first_time = not user_config.is_activated()
if is_first_time:
database_init(self.log, self.app_dir, app_data_dir, database_path, USER_NAME)
self.app.add_service(SYSTEMD_POSTGRESQL)
config = Config(app_data_dir)
symlink(join(config_path, 'diaspora', 'diaspora.yml'), join(self.app_dir, 'diaspora', 'config', 'diaspora.yml'))
symlink(join(config_path, 'diaspora', 'database.yml'), join(self.app_dir, 'diaspora', 'config', 'database.yml'))
self.update_configuraiton(config)
if is_first_time:
self.initialize(app_data_dir, config)
self.log.info(fs.chownpath(self.app_dir, USER_NAME, recursive=True))
self.app.add_service(SYSTEMD_REDIS)
self.app.add_service(SYSTEMD_SIDEKIQ)
self.app.add_service(SYSTEMD_UNICORN)
self.app.add_service(SYSTEMD_NGINX_NAME)
self.app.init_storage(USER_NAME)
def init_app_storage(self, app_id, owner=None):
app_storage_dir = self.get_app_storage_dir(app_id)
if not path.exists(app_storage_dir):
os.mkdir(app_storage_dir)
if owner and self.__support_permissions():
self.log.info('fixing permissions on {0}'.format(app_storage_dir))
fs.chownpath(app_storage_dir, owner)
else:
self.log.info('not fixing permissions')
return app_storage_dir
def init_app_storage(self, app_id, owner=None):
app_storage_dir = self.get_app_storage_dir(app_id)
if not path.exists(app_storage_dir):
os.mkdir(app_storage_dir)
if owner and self.__support_permissions():
self.log.info('fixing permissions on {0}'.format(app_storage_dir))
fs.chownpath(app_storage_dir, owner)
else:
self.log.info('not fixing permissions')
return app_storage_dir
def sync_all(self):
update_token = self.user_platform_config.get_domain_update_token()
if update_token is None:
return
external_access = self.user_platform_config.get_external_access()
drill = self.get_drill(external_access)
web_protocol = self.user_platform_config.get_protocol()
self.redirect_service.sync(drill, update_token, web_protocol,
external_access, http_network_protocol)
if not getpass.getuser() == self.platform_config.cron_user():
fs.chownpath(self.platform_config.data_dir(),
self.platform_config.cron_user())
def init(self, fix_permissions=False):
if self.installed():
self.log.info('ldap config already initialized')
return
self.log.info('initializing ldap config')
fs.makepath(self.user_conf_dir)
init_script = '{0}/ldap/slapd.ldif'.format(self.config.config_dir())
check_output('{0}/sbin/slapadd -F {1} -b "cn=config" -l {2}'.format(
self.ldap_root, self.user_conf_dir, init_script),
shell=True)
if fix_permissions:
self.log.info('fixing permissions for ldap user conf')
fs.chownpath(self.user_conf_dir, platform_user, recursive=True)
def sync_all(self):
update_token = self.user_platform_config.get_domain_update_token()
if update_token is None:
return
external_access = self.user_platform_config.get_external_access()
upnp = self.user_platform_config.get_upnp()
public_ip = self.user_platform_config.get_public_ip()
drill = self.port_drill_factory.get_drill(upnp, external_access,
public_ip, None)
web_protocol = secure_to_protocol(self.user_platform_config.is_https())
self.redirect_service.sync(drill, update_token, web_protocol,
external_access, http_network_protocol)
if not getpass.getuser() == self.platform_config.cron_user():
fs.chownpath(self.platform_config.data_dir(),
self.platform_config.cron_user())
def install(self):
linux.fix_locale()
linux.useradd(USER_NAME)
self.log.info(fs.chownpath(self.app.get_install_dir(), USER_NAME, recursive=True))
app_data_dir = self.app.get_data_dir()
fs.makepath(join(app_data_dir, 'config'))
fs.makepath(join(app_data_dir, 'postgresql'))
fs.makepath(join(app_data_dir, 'redis'))
fs.makepath(join(app_data_dir, 'log'))
fs.makepath(join(app_data_dir, 'nginx'))
fs.chownpath(app_data_dir, USER_NAME, recursive=True)
print("setup systemd")
self.app.add_service(SYSTEMD_POSTGRESQL)
self.update_configuraiton()
if not UserConfig().is_installed():
self.initialize()
#self.recompile_assets()
self.log.info(fs.chownpath(self.config.install_path(), USER_NAME, recursive=True))
self.app.add_service(SYSTEMD_REDIS)
self.app.add_service(SYSTEMD_SIDEKIQ)
self.app.add_service(SYSTEMD_UNICORN)
self.app.add_service(SYSTEMD_NGINX_NAME)
self.app.init_storage(USER_NAME)
self.app.register_web(self.config.port())
def install(self):
linux.fix_locale()
linux.useradd(USER_NAME)
templates_path = join(self.app.get_install_dir(), 'config.templates')
config_path = join(self.app.get_data_dir(), 'config')
app_data_dir = self.app.get_data_dir()
variables = {
'app_dir': self.app.get_install_dir(),
'app_data_dir': app_data_dir,
'db_psql_port': PSQL_PORT
}
gen.generate_files(templates_path, config_path, variables)
fs.chownpath(self.app.get_install_dir(), USER_NAME, recursive=True)
config_data_dir = join(app_data_dir, 'config')
log_dir = join(app_data_dir, 'log')
fs.makepath(config_data_dir)
fs.makepath(log_dir)
fs.chownpath(app_data_dir, USER_NAME, recursive=True)
config_app_dir = join(self.app.get_install_dir(), APP_CONFIG_PATH)
symlink(config_data_dir, config_app_dir)
database_init(self.log, self.app.get_install_dir(), self.app.get_data_dir(), USER_NAME)
print("setup systemd")
self.app.add_service(SYSTEMD_POSTGRESQL)
self.app.add_service(SYSTEMD_PHP_FPM_NAME)
self.app.add_service(SYSTEMD_NGINX_NAME)
self.prepare_storage()
if self.installed():
self.upgrade()
else:
self.initialize()
cron = OwncloudCron(join(self.app.get_install_dir(), CRON_CMD), CRON_USER)
cron.remove()
cron.create()
oc_config = OCConfig(join(self.app.get_install_dir(), OC_CONFIG_PATH))
oc_config.set_value('memcache.local', '\OC\Memcache\APCu')
oc_config.set_value('loglevel', '2')
oc_config.set_value('logfile', join(self.app.get_data_dir(), OWNCLOUD_LOG_PATH))
oc_config.set_value('datadirectory', self.app.get_storage_dir())
self.on_domain_change()
fs.chownpath(self.app.get_data_dir(), USER_NAME, recursive=True)
def reset(self, user, password):
data_dir = self.app_paths.get_data_dir()
user_conf_dir = join(data_dir, ldap_user_conf_dir)
fs.removepath(user_conf_dir)
fs.makepath(user_conf_dir)
fs.chownpath(user_conf_dir, platform_user)
stop_service('platform-openldap')
files = glob.glob('/opt/data/platform/openldap-data/*')
for f in files:
os.remove(f)
init_script = '{0}/ldap/slapd.ldif'.format(self.config.config_dir())
ldap_root = '{0}/openldap'.format(self.config.app_dir())
check_output('{0}/sbin/slapadd -F {1} -b "cn=config" -l {2}'.format(
ldap_root, user_conf_dir, init_script),
shell=True)
check_output('chown -R {0}. {1}'.format(platform_user, user_conf_dir),
shell=True)
start_service('platform-openldap')
fd, filename = tempfile.mkstemp()
util.transform_file(
'{0}/ldap/init.ldif'.format(self.config.config_dir()), filename, {
'user': user,
'password': make_secret(password)
})
self.__init_db(filename, ldap_root)
check_output('echo "root:{0}" | chpasswd'.format(password), shell=True)
class Device:
def __init__(self, platform_config, user_platform_config, redirect_service,
port_drill_factory, sam, platform_cron, ldap_auth,
event_trigger, tls, nginx):
self.tls = tls
self.platform_config = platform_config
self.user_platform_config = user_platform_config
self.redirect_service = redirect_service
self.port_drill_factory = port_drill_factory
self.sam = sam
self.auth = ldap_auth
self.platform_cron = platform_cron
self.event_trigger = event_trigger
self.logger = logger.get_logger('Device')
self.nginx = nginx
def prepare_redirect(self, redirect_email, redirect_password, main_domain):
redirect_api_url = 'http://api.' + main_domain
self.logger.info("prepare redirect {0}, {1}".format(
redirect_email, redirect_api_url))
self.user_platform_config.set_redirect_enabled(True)
self.sam.update()
self.user_platform_config.update_redirect(main_domain,
redirect_api_url)
self.user_platform_config.set_user_email(redirect_email)
user = self.redirect_service.get_user(redirect_email,
redirect_password)
return user
def activate(self, redirect_email, redirect_password, user_domain,
device_username, device_password, main_domain):
user_domain_lower = user_domain.lower()
self.logger.info("activate {0}, {1}".format(user_domain_lower,
device_username))
user = self.prepare_redirect(redirect_email, redirect_password,
main_domain)
self.user_platform_config.set_user_update_token(user.update_token)
response_data = self.redirect_service.acquire(redirect_email,
redirect_password,
user_domain_lower)
self.user_platform_config.update_domain(response_data.user_domain,
response_data.update_token)
self.platform_cron.remove()
self.platform_cron.create()
self.set_access(False, False, None, 0, 0)
self.logger.info("activating ldap")
self.platform_config.set_web_secret_key(unicode(uuid.uuid4().hex))
self.tls.generate_self_signed_certificate()
name, email = parse_username(
device_username, '{0}.{1}'.format(user_domain_lower, main_domain))
self.auth.reset(name, device_username, device_password, email)
self.nginx.init_config()
self.nginx.reload_public()
self.logger.info("activation completed")
def activate_custom_domain(self, full_domain, device_username,
device_password):
full_domain_lower = full_domain.lower()
self.logger.info("activate custom {0}, {1}".format(
full_domain_lower, device_username))
self.sam.update()
self.user_platform_config.set_redirect_enabled(False)
self.user_platform_config.set_custom_domain(full_domain_lower)
name, email = parse_username(device_username, full_domain_lower)
self.user_platform_config.set_user_email(email)
self.platform_cron.remove()
self.platform_cron.create()
self.set_access(False, False, None, 0, 0)
self.logger.info("activating ldap")
self.platform_config.set_web_secret_key(unicode(uuid.uuid4().hex))
self.tls.generate_self_signed_certificate()
self.auth.reset(name, device_username, device_password, email)
self.nginx.init_config()
self.nginx.reload_public()
self.logger.info("activation completed")
def set_access(self, upnp_enabled, external_access, manual_public_ip,
manual_certificate_port, manual_access_port):
self.logger.info(
'set_access: external_access={0}'.format(external_access))
update_token = self.user_platform_config.get_domain_update_token()
if update_token is None:
return
drill = self.port_drill_factory.get_drill(upnp_enabled,
external_access,
manual_public_ip,
manual_certificate_port,
manual_access_port)
if drill is None:
self.logger.error(
'Will not change access mode. Was not able to get working port mapper.'
)
return
drill.sync_new_port(WEB_CERTIFICATE_PORT, http_network_protocol)
mapping = drill.sync_new_port(WEB_ACCESS_PORT, http_network_protocol)
router_port = None
if mapping:
router_port = mapping.external_port
external_ip = drill.external_ip()
self.redirect_service.sync(external_ip, router_port, WEB_ACCESS_PORT,
WEB_PROTOCOL, update_token, external_access)
self.user_platform_config.update_device_access(
upnp_enabled, external_access, manual_public_ip,
manual_certificate_port, manual_access_port)
self.event_trigger.trigger_app_event_domain()
def sync_all(self):
update_token = self.user_platform_config.get_domain_update_token()
if update_token is None:
return
external_access = self.user_platform_config.get_external_access()
upnp = self.user_platform_config.get_upnp()
public_ip = self.user_platform_config.get_public_ip()
manual_certificate_port = self.user_platform_config.get_manual_certificate_port(
)
manual_access_port = self.user_platform_config.get_manual_access_port()
port_drill = self.port_drill_factory.get_drill(
upnp, external_access, public_ip, manual_certificate_port,
manual_access_port)
try:
port_drill.sync_existing_ports()
except Exception, e:
self.logger.error('Unable to sync port mappings: {0}'.format(
e.message))
router_port = None
mapping = port_drill.get(WEB_ACCESS_PORT, http_network_protocol)
if mapping:
router_port = mapping.external_port
external_ip = port_drill.external_ip()
self.redirect_service.sync(external_ip, router_port, WEB_ACCESS_PORT,
WEB_PROTOCOL, update_token, external_access)
if not getpass.getuser() == self.platform_config.cron_user():
fs.chownpath(self.platform_config.data_dir(),
self.platform_config.cron_user())
def install(self):
linux.fix_locale()
linux.useradd(USER_NAME)
templates_path = join(self.app.get_install_dir(), 'templates')
config_path = join(self.app.get_install_dir(), 'config')
app_data_dir = self.app.get_data_dir()
variables = {
'app_dir': self.app.get_install_dir(),
'app_data_dir': app_data_dir,
'web_port': OWNCLOUD_PORT
}
gen.generate_files(templates_path, config_path, variables)
fs.chownpath(self.app.get_install_dir(), USER_NAME, recursive=True)
config_data_dir = join(app_data_dir, 'config')
log_dir = join(app_data_dir, 'log')
fs.makepath(config_data_dir)
fs.makepath(log_dir)
fs.chownpath(app_data_dir, USER_NAME, recursive=True)
config_app_dir = join(self.app.get_install_dir(), OWNCLOUD_APP_CONFIG_PATH)
symlink(config_data_dir, config_app_dir)
database_path = join(self.app.get_data_dir(), 'database')
if not isdir(database_path):
psql_initdb = join(self.app.get_install_dir(), 'postgresql/bin/initdb')
check_output(['sudo', '-H', '-u', USER_NAME, psql_initdb, database_path])
print("setup systemd")
self.app.add_service(SYSTEMD_POSTGRESQL)
self.app.add_service(SYSTEMD_PHP_FPM_NAME)
self.app.add_service(SYSTEMD_NGINX_NAME)
self.prepare_storage()
if not self.installed():
self.initialize()
cron = OwncloudCron(join(self.app.get_install_dir(), CRON_CMD), CRON_USER)
cron.remove()
cron.create()
oc_config = OCConfig(join(self.app.get_install_dir(), OC_CONFIG_PATH))
oc_config.set_value('memcache.local', '\OC\Memcache\APCu')
oc_config.set_value('loglevel', '2')
oc_config.set_value('logfile', join(self.app.get_data_dir(), OWNCLOUD_LOG_PATH))
oc_config.set_value('datadirectory', self.app.get_storage_dir())
oc_config.set_value('integrity.check.disabled', 'true')
self.update_domain()
fs.chownpath(self.app.get_data_dir(), USER_NAME, recursive=True)
self.app.register_web(OWNCLOUD_PORT)
except Exception, e:
self.logger.error('Unable to sync port mappings: {0}'.format(
e.message))
router_port = None
mapping = port_drill.get(WEB_ACCESS_PORT, http_network_protocol)
if mapping:
router_port = mapping.external_port
external_ip = port_drill.external_ip()
self.redirect_service.sync(external_ip, router_port, WEB_ACCESS_PORT,
WEB_PROTOCOL, update_token, external_access)
if not getpass.getuser() == self.platform_config.cron_user():
fs.chownpath(self.platform_config.data_dir(),
self.platform_config.cron_user())
def add_port(self, local_port, protocol):
external_access = self.user_platform_config.get_external_access()
upnp = self.user_platform_config.get_upnp()
public_ip = self.user_platform_config.get_public_ip()
manual_certificate_port = self.user_platform_config.get_manual_certificate_port(
)
manual_access_port = self.user_platform_config.get_manual_access_port()
drill = self.port_drill_factory.get_drill(upnp, external_access,
public_ip,
manual_certificate_port,
manual_access_port)
drill.sync_new_port(local_port, protocol)
def remove_port(self, local_port, protocol):
def install(self):
linux.fix_locale()
linux.useradd(USER_NAME)
templates_path = join(self.app.get_install_dir(), 'config.templates')
config_path = join(self.app.get_install_dir(), 'config')
app_data_dir = self.app.get_data_dir()
variables = {
'app_dir': self.app.get_install_dir(),
'app_data_dir': app_data_dir,
'web_port': WEB_PORT,
'db_psql_port': PSQL_PORT
}
gen.generate_files(templates_path, config_path, variables)
fs.chownpath(self.app.get_install_dir(), USER_NAME, recursive=True)
config_data_dir = join(app_data_dir, 'config')
log_dir = join(app_data_dir, 'log')
fs.makepath(config_data_dir)
fs.makepath(log_dir)
fs.chownpath(app_data_dir, USER_NAME, recursive=True)
config_app_dir = join(self.app.get_install_dir(), APP_CONFIG_PATH)
symlink(config_data_dir, config_app_dir)
database_init(self.log, self.app.get_install_dir(),
self.app.get_data_dir(), USER_NAME)
print("setup systemd")
self.app.add_service(SYSTEMD_POSTGRESQL)
self.app.add_service(SYSTEMD_PHP_FPM_NAME)
self.app.add_service(SYSTEMD_NGINX_NAME)
self.prepare_storage()
if self.installed():
self.upgrade()
else:
self.initialize()
cron = OwncloudCron(join(self.app.get_install_dir(), CRON_CMD),
CRON_USER)
cron.remove()
cron.create()
oc_config = OCConfig(join(self.app.get_install_dir(), OC_CONFIG_PATH))
oc_config.set_value('memcache.local', '\OC\Memcache\APCu')
oc_config.set_value('loglevel', '2')
oc_config.set_value('logfile',
join(self.app.get_data_dir(), OWNCLOUD_LOG_PATH))
oc_config.set_value('datadirectory', self.app.get_storage_dir())
self.on_domain_change()
fs.chownpath(self.app.get_data_dir(), USER_NAME, recursive=True)
self.app.register_web(WEB_PORT)