def get_status(): status = {'redis': {}, 'stunnel': {}} servers = Server.query.all() check_cmd = 'python -c "import socket;s=socket.socket(socket.AF_INET,socket.SOCK_STREAM);print s.connect_ex((\'{0}\', {1}))"' for server in servers: r = os.popen3(check_cmd.format(server.ip, 7777)) stat = r[1].read().strip() if stat == '0': status['stunnel'][server.id] = True else: status['stunnel'][server.id] = False c = RemoteClient(host=server.hostname, ip=server.ip) try: c.startup() except: status['stunnel'][server.id] = False r = c.run(check_cmd.format('localhost', 6379)) stat = r[1].strip() if stat == '0': status['redis'][server.id] = True else: status['redis'][server.id] = False return jsonify(status)
def chekFSR(server, gluu_version): c = RemoteClient(server.hostname, ip=server.ip) paths = [] try: c.startup() except Exception as e: flash("Can't establish SSH connection to {}".format(server.hostname), "warning") return False, [], paths csync_config = '/opt/gluu-server-{}/etc/csync2.cfg'.format(gluu_version) result = c.get_file(csync_config) if result[0]: servers = [] paths for l in result[1].readlines(): ls = l.strip() if ls.startswith('host') and ls.endswith(';'): hostname = ls.split()[1][:-1] servers.append(hostname) elif ls.startswith('include') and ls.endswith(';'): ipath = ls.split('include')[1].strip().strip(';').strip() paths.append(ipath) if servers: return True, servers, paths return False, [], paths
def get_uptime(host): """Retreives uptime for host Args: host (string): hostname of server returns: Uptime for host """ c = RemoteClient(host) try: c.startup() except: flash( "SSH Connection to host {} could not be established".format(host)) return try: #Execute script on the remote server, fetch output and convert json data #to Python dictionary cmd = 'python /var/monitoring/scripts/get_data.py age' result = c.run(cmd) data = json.loads(result[1]) return str(timedelta(seconds=data['data']['uptime'])) except: flash("Uptime information could not be fethced from {}".format(host))
def __init__(self, server, tid): self.server = server self.tid = tid self.rc = RemoteClient(server.hostname, ip=server.ip) self.chdir = None if self.server.gluu_server: version = AppConfiguration.query.first().gluu_version self.chdir = "/opt/gluu-server-{0}".format(version)
def dry_run(server_id): #return jsonify({'nginx': {'port_status': {7777: True, 1636: True, 80: True, 30865: True, 1689: True, 443: True, 4444: False, 8989: True}, 'ssh': True}, 'server': {'port_status': {7777: True, 1636: True, 80: True, 30865: True, 1689: True, 443: True, 4444: False, 8989: False}, 'ssh': True}}) result = {'server':{'ssh':False, 'port_status':{}}, 'nginx':{'ssh':False, 'port_status':{}}} server_ports = [1689, 443, 4444, 1636, 80, 8989, 7777, 30865] for p in server_ports: result['nginx']['port_status'][p] = False result['server']['port_status'][p] = False server = Server.query.get(server_id) appconf = AppConfiguration.query.first() c = RemoteClient(server.hostname, server.ip) try: c.startup() result['server']['ssh']=True except: pass if result['server']['ssh']: #Test is any process listening ports that will be used by gluu-server for p in server_ports: r = c.run('nc -zv {} {}'.format(server.ip, p)) if r[2].strip().endswith('open') or r[2].strip().endswith('succeeded!'): result['server']['port_status'][p] = True if appconf.external_load_balancer: c_host = appconf.cache_host c_ip = appconf.cache_ip else: c_host = appconf.nginx_host c_ip = appconf.nginx_ip c_nginx = RemoteClient(c_host, c_ip) try: c_nginx.startup() result['nginx']['ssh']=True except: pass if result['nginx']['ssh']: for p in server_ports: if not result['server']['port_status'][p]: r = test_port(c, c_nginx, p) if r: result['nginx']['port_status'][p] = True else: r = c_nginx.run('nc -zv {} {}'.format(server.ip, p)) if r[2].strip().endswith('open') or r[2].strip().endswith('succeeded!'): result['nginx']['port_status'][p] = True return jsonify(result)
def __get_remote_client(server, tid): rc = RemoteClient(server.hostname, ip=server.ip) try: rc.startup() wlogger.log(tid, "Connecting to server: {0}".format(server.hostname), "success", server_id=server.id) except Exception as e: wlogger.log(tid, "Could not connect to the server over SSH. Error:" "\n{0}".format(e), "error", server_id=server.id) return None return rc
def setup_redis_cluster(tid): servers = Server.query.filter(Server.redis.is_(True)).filter( Server.stunnel.is_(True)).all() appconf = AppConfiguration.query.first() master_conf = [ "port 7000", "cluster-enabled yes", "cluster-config-file nodes_7000.conf", "cluster-node-timeout 5000", "appendonly yes" ] slave_conf = [ "port 7001", "cluster-enabled yes", "cluster-config-file nodes_7001.conf", "cluster-node-timeout 5000", "appendonly yes" ] for server in servers: rc = RemoteClient(server.hostname, ip=server.ip) try: rc.startup() wlogger.log(tid, "Connecting to server ...", "success", server_id=server.id) except Exception as e: wlogger.log(tid, "Could not connect to the server over SSH. Error:" "{0}\nRedis configuration failed.".format(e), "error", server_id=server.id) continue chdir = '/' if server.gluu_server: chdir = "/opt/gluu-server-{0}".format(appconf.gluu_version) # upload the conf files wlogger.log(tid, "Uploading redis conf files...", "debug", server_id=server.id) rc.put_file(os.path.join(chdir, "etc/redis/redis_7000.conf"), "\n".join(master_conf)) rc.put_file(os.path.join(chdir, "etc/redis/redis_7001.conf"), "\n".join(slave_conf)) # upload the modified init.d file rc.upload( os.path.join(app.root_path, "templates", "redis", "redis-server"), os.path.join(chdir, "etc/init.d/redis-server")) wlogger.log(tid, "Configuration upload complete.", "success", server_id=server.id) return True
def index(): servers = Server.query.all() appconf = AppConfiguration.query.first() if not appconf: flash( "The application needs to be configured first. Kindly set the " "values before attempting clustering.", "warning") return redirect(url_for("index.app_configuration")) if not servers: flash("Add servers to the cluster before attempting to manage cache", "warning") return redirect(url_for('index.home')) if appconf.external_load_balancer: c_host = appconf.cache_host c_ip = appconf.cache_ip else: c_host = appconf.nginx_host c_ip = appconf.nginx_ip c = RemoteClient(host=c_host, ip=c_ip) try: c.startup() except: flash("SSH connection can't be established to cache server", "warning") result = c.get_file('/etc/stunnel/stunnel.conf') installed_servers = [] if result[0]: installed_servers = get_redis_config(result[1]) for server in servers: if server.ip in installed_servers: server.redis = True else: server.redis = False version = int(appconf.gluu_version.replace(".", "")) if version < 311: flash( "Cache Management is available only for clusters configured with" " Gluu Server version 3.1.1 and above", "danger") return redirect(url_for('index.home')) form = CacheSettingsForm() return render_template('cache_index.html', servers=servers, form=form)
def get_status(): status = {'redis': {}, 'stunnel': {}} servers = Server.query.all() check_cmd = 'python -c "import socket;s=socket.socket(socket.AF_INET,socket.SOCK_STREAM);print s.connect_ex((\'{0}\', {1}))"' cache_servers = get_cache_servers() stunnel_port = cache_servers[0].stunnel_port if cache_servers else None for server in servers + cache_servers: key = server.ip.replace('.', '_') c = RemoteClient(host=server.hostname, ip=server.ip) try: c.startup() except: status['stunnel'][key] = False status['redis'][key] = False else: status['stunnel'][key] = False if server in cache_servers: r = c.run(check_cmd.format('localhost', 6379)) stat = r[1].strip() if stat == '0': status['redis'][key] = True else: status['redis'][key] = False if stunnel_port: r = c.run(check_cmd.format(server.ip, stunnel_port)) stat = r[1].strip() if stat == '0': status['stunnel'][key] = True else: if stunnel_port: r = c.run(check_cmd.format('localhost', '6379')) stat = r[1].strip() if stat == '0': status['stunnel'][key] = True c.close() return jsonify(status)
def startup(self): if self.local: ldap_server = 'localhost' else: ldap_server = self.server ldap_server = Server("ldaps://{}:1636".format(self.server), use_ssl=True) self.conn = Connection(ldap_server, user="******", password=self.ldap_password) r = self.conn.bind() if not r: print "Can't conect to LDAP Server" return False self.container = '/opt/gluu-server-{}'.format(self.gluu_version) if not self.local: print "NOT LOCAL?" sys.path.append("..") from clustermgr.core.remote import RemoteClient self.c = RemoteClient(self.server) self.c.startup() else: self.c = FakeRemote() if os.path.exists('/etc/gluu/conf/ox-ldap.properties'): self.container = '/' self.c.fake_remote = True self.installer = Installer(self.c, self.gluu_version, self.os_type) self.appliance_inum = self.get_appliance_inum() self.base_inum = self.get_base_inum() return True
def test_starup_falls_back_to_ip(self, mock_client): instance = mock_client.return_value instance.connect = MagicMock(side_effect=[SSHException, None]) RemoteClient('server', ip='0.0.0.0').startup() instance.connect.assert_called_with('0.0.0.0', port=22, username='******')
def get_remote_stats(): app_conf = AppConfiguration.query.first() if app_conf: if app_conf.monitoring: servers = Server.query.all() for server in servers: print "Monitoring: getting data for server {}".format( server.hostname) c = RemoteClient(server.hostname, ip=server.ip) try: c.startup() for t in sqlite_monitoring_tables.monitoring_tables: get_remote_data(server.hostname, t, c) get_age(server.hostname, c) except Exception as e: print "Monitoring: An error occurred while retreiveing monitoring data from server {}. Error {}".format( server.hostname, e)
def get_opendj_replication_status(): """Retreives opendj replication status form primary server :returns: A string that shows replication status """ primary_server = Server.query.filter_by(primary_server=True).first() app_config = AppConfiguration.query.first() #Make ssh connection to primary server c = RemoteClient(primary_server.hostname, ip=primary_server.ip) chroot = '/opt/gluu-server-' + app_config.gluu_version cmd_run = '{}' #determine execution environment for differetn OS types if (primary_server.os == 'CentOS 7') or (primary_server.os == 'RHEL 7'): chroot = None cmd_run = ('ssh -o IdentityFile=/etc/gluu/keys/gluu-console ' '-o Port=60022 -o LogLevel=QUIET ' '-o StrictHostKeyChecking=no ' '-o UserKnownHostsFile=/dev/null ' '-o PubkeyAuthentication=yes root@localhost "{}"') else: cmd_run = 'chroot %s /bin/bash -c "{}"' % (chroot) try: c.startup() except Exception as e: return False, "Cannot establish SSH connection {0}".format(e) #This command queries server for replication status cmd = ('/opt/opendj/bin/dsreplication status -n -X -h {} ' '-p 4444 -I admin -w $\'{}\'').format( primary_server.hostname, app_config.replication_pw.replace("'", "\\'")) print "executing", cmd cmd = cmd_run.format(cmd) si, so, se = c.run(cmd) return True, so
def __init__(self, c, gluu_version, server_os=None, logger_tid=None, server_id=None): self.c = c self.logger_tid = logger_tid self.gluu_version = gluu_version self.server_os = server_os self.server_id = server_id if not "RemoteClient" in str(type(c)): self.server_os = c.os self.server_id = c.id self.c = RemoteClient(c.hostname, c.ip) wlogger.log( self.logger_tid, "Making SSH connection to {} ...".format(c.hostname), 'info', server_id=self.server_id, ) try: self.c.startup() wlogger.log( self.logger_tid, "SSH connection to {} was successful.".format(c.hostname), 'success', server_id=self.server_id, ) except: self.c = None wlogger.log( self.logger_tid, "Can't make SSH connection to {}".format(c.hostname), 'fail', server_id=self.server_id, ) if self.server_os: self.appy_config()
def get_server_status(): servers = Server.query.all() services = { 'oxauth': '.well-known/openid-configuration', 'identity': 'identity/restv1/scim-configuration', 'shib': 'idp/shibboleth', 'passport': 'passport' } status = {} active_services = ['oxauth', 'identity'] prop = get_setup_properties() if prop['installSaml']: active_services.append('shib') if prop['installPassport']: active_services.append('passport') for server in servers: status[server.id] = {} c = RemoteClient(server.hostname) c.ok = False try: c.startup() c.ok = True except Exception as e: pass for service in active_services: status[server.id][service] = False if c.ok: try: result = c.run("curl -kLI https://localhost/" + services[service] + " -o /dev/null -w '%{http_code}\n' -s") if result[1].strip() == '200': status[server.id][service] = True except Exception as e: print "Error getting service status of {0} for {1}. ERROR: {2}".format( server.hostname, service, e) return jsonify(status)
def edit_slapd_conf(server_id): """This view provides editing of slapd.conf file before depoloyments.""" server = Server.query.get(server_id) appconf = AppConfiguration.query.first() # If there is no server with server_id return to home if not server: flash("No such server.", "warning") return redirect(url_for('index.home')) if not server.gluu_server: chroot = '/' else: chroot = '/opt/gluu-server-' + appconf.gluu_version # slapd.conf file will be downloaded from server. Make ssh connection # and download it c = RemoteClient(server.hostname, ip=server.ip) try: c.startup() except ClientNotSetupException as e: flash(str(e), "danger") return redirect(url_for('index.home')) slapd_conf_file = os.path.join(chroot, 'opt/symas/etc/openldap/slapd.conf') if request.method == 'POST': config = request.form.get('conf') r = c.put_file(slapd_conf_file, config) if not r[0]: flash("Cant' saved to server: {0}".format(r[1]), "danger") else: flash('File {0} was saved on {1}'.format(slapd_conf_file, server.hostname)) return redirect(url_for('index.home')) # After editing, slapd.conf file will be uploaded to server via ssh r = c.get_file(slapd_conf_file) if not r[0]: flash("Cant't get file {0}: {1}".format(slapd_conf_file, r[1]), "success") return redirect(url_for('index.home')) config = r[1].read() return render_template('conf_editor.html', config=config, hostname=server.hostname)
def edit_slapd_conf(server_id): server = Server.query.get(server_id) appconf = AppConfiguration.query.first() if not server: print "Yoook" flash("No such server.", "warning") return redirect(url_for('index.home')) if not server.gluu_server: chroot = '/' else: chroot = '/opt/gluu-server-' + appconf.gluu_version c = RemoteClient(server.hostname, ip=server.ip) try: c.startup() except ClientNotSetupException as e: flash(str(e), "danger") return redirect(url_for('index.home')) slapd_conf_file = os.path.join(chroot, 'opt/symas/etc/openldap/slapd.conf') if request.method == 'POST': config = request.form.get('conf') r = c.put_file(slapd_conf_file, config) if not r[0]: flash("Cant' saved to server: {0}".format(r[1]), "danger") else: flash('File {0} was saved on {1}'.format(slapd_conf_file, server.hostname)) return redirect(url_for('index.home')) r = c.get_file(slapd_conf_file) if not r[0]: flash("Cant't get file {0}: {1}".format(slapd_conf_file, r[1]), "success") return redirect(url_for('index.home')) config = r[1].read() return render_template('conf_editor.html', config=config, hostname=server.hostname)
def wizard_step1(self): """Celery task that collects information about server. :param self: the celery task :return: the number of servers where both stunnel and redis were installed successfully """ tid = self.request.id wlogger.log(tid, "Analayzing Current Server") server = Server.query.filter_by(primary_server=True).first() app_conf = AppConfiguration.query.first() c = RemoteClient(server.hostname, ip=server.ip) try: c.startup() wlogger.log(tid, "SSH connection established", 'success') except: wlogger.log(tid, "Can't establish SSH connection", 'fail') wlogger.log(tid, "Ending analyzation of server.", 'error') return os_type = get_os_type(c) server.os = os_type wlogger.log(tid, "OS type was determined as {}".format(os_type), 'debug') gluu_version = None #Determine if a version of gluu server was installed. r = c.listdir("/opt") if r[0]: for s in r[1]: m = re.search( 'gluu-server-(?P<gluu_version>(\d+).(\d+).(\d+)(.\d+)?)$', s) if m: gluu_version = m.group("gluu_version") app_conf.gluu_version = gluu_version wlogger.log( tid, "Gluu version was determined as {}".format(gluu_version), 'debug') if not gluu_version: wlogger.log(tid, "Gluu server was not installed on this server", 'fail') wlogger.log(tid, "Ending analyzation of server.", 'error') return gluu_path = '/opt/gluu-server-{}'.format(gluu_version) server.gluu_server = True setup_properties_last = os.path.join( gluu_path, 'install/community-edition-setup/setup.properties.last') setup_properties_local = os.path.join(Config.DATA_DIR, 'setup.properties') result = c.download(setup_properties_last, setup_properties_local) prop = get_setup_properties() prop['hostname'] = app_conf.nginx_host write_setup_properties_file(prop) if not result.startswith('Download successful'): wlogger.log(tid, result, 'fail') wlogger.log(tid, "Ending analyzation of server.", 'error') return wlogger.log(tid, "setup.properties file was downloaded", 'debug') server.ldap_password = prop['ldapPass'] wlogger.log(tid, "LDAP Bind password was identifed", 'success') db.session.commit()
def install_cache_cluster(self, servers_id_list, cache_servers_id_list): tid = self.request.id servers = [ Server.query.get(id) for id in servers_id_list ] cache_servers = [ CacheServer.query.get(id) for id in cache_servers_id_list ] app_conf = AppConfiguration.query.first() primary_cache = None primary_cache_server = CacheServer.query.first() for server in cache_servers: rc = __get_remote_client(server, tid) if not rc: wlogger.log(tid, "SSH connection to server failed", "error", server_id=server.id) return False ri = RedisInstaller(server, tid, rc) if app_conf.offline: if not ri.check_installed(): wlogger.log( tid, 'Redis Server was not installed. Please install Redis ' ' Server and retry.', 'error', server_id=server.id ) return False redis_installed = ri.install() wlogger.log( tid, 'Setting Redis password', 'info', server_id=server.id ) ri.set_redis_password() if redis_installed: wlogger.log(tid, "Redis install successful", "success", server_id=server.id) else: wlogger.log(tid, "Redis install failed", "fail", server_id=server.id) return False ri.run_sysctl('enable') ri.run_sysctl('restart') si = StunnelInstaller(server, tid, rc) if app_conf.offline: if not si.check_installed(): wlogger.log( tid, 'Stunnel was not installed. Please install stunnel ' 'and retry.', 'error', server_id=server.id ) return False if si.check_installed(): server.stunnel = True else: wlogger.log(tid, "Installing Stunnel", "info", server_id=server.id) stunnel_installed = si.install() if stunnel_installed: server.stunnel = True wlogger.log(tid, "Stunnel install successful", "success", server_id=server.id) else: server.stunnel = False wlogger.log(tid, "Stunnel install failed", "fail", server_id=server.id) return False if si.os_type == 'rpm': si.upload_service_file() if si.os_type == 'deb': wlogger.log(tid, "Enabling stunnel", "debug", server_id=server.id) si.run_command("sed -i 's/ENABLED=0/ENABLED=1/g' /etc/default/stunnel4") if not primary_cache: primary_cache = server.ip if not rc.exists('/etc/stunnel/redis-server.crt'): wlogger.log(tid, "Creating SSL certificate for stunnel", "info", server_id=server.id) si.run_command( 'openssl req -x509 -nodes -days 3650 -newkey rsa:2048 ' '-batch -keyout /etc/stunnel/redis-server.key ' '-out /etc/stunnel/redis-server.crt' ) si.run_command('chmod 600 /etc/stunnel/redis-server.key') wlogger.log(tid, "Retreiving server certificate", "info", server_id=server.id) stunnel_redis_conf = ( 'pid = /run/stunnel-redis.pid\n' '[redis-server]\n' 'cert = /etc/stunnel/redis-server.crt\n' 'key = /etc/stunnel/redis-server.key\n' 'accept = {0}:{1}\n' 'connect = 127.0.0.1:6379\n' ).format(server.ip, primary_cache_server.stunnel_port) wlogger.log(tid, "Writing redis stunnel configurations", "info", server_id=server.id) rc.put_file('/etc/stunnel/stunnel.conf', stunnel_redis_conf) si.run_sysctl('enable') si.run_sysctl('restart') server.installed = True db.session.commit() rc.close() wlogger.log(tid, "2", "set_step") # retreive stunnel certificate rc = RemoteClient(primary_cache_server.hostname, ip=primary_cache_server.ip) rc.startup() stunnel_cert = rc.get_file('/etc/stunnel/redis-server.crt') if not stunnel_cert[0]: print "Can't retreive server certificate from primary cache server" return False stunnel_cert = stunnel_cert[1].read() for server in servers: rc = __get_remote_client(server, tid) if not rc: wlogger.log(tid, "SSH connection to server failed", "error", server_id=server.id) return False si = StunnelInstaller(server, tid, rc) wlogger.log(tid, "Installing Stunnel", "debug", server_id=server.id) if si.rc.exists('/usr/bin/stunnel') or si.rc.exists('/bin/stunnel'): wlogger.log(tid, "Stunnel was allready installed", "info", server_id=server.id) server.stunnel = True else: wlogger.log(tid, "Installing Stunnel", "info", server_id=server.id) stunnel_installed = si.install() if stunnel_installed: server.stunnel = True wlogger.log(tid, "Stunnel install successful", "success", server_id=server.id) else: server.stunnel = False wlogger.log(tid, "Stunnel install failed", "fail", server_id=server.id) return False if si.os_type == 'rpm': si.upload_service_file() if si.os_type == 'deb': wlogger.log(tid, "Enabling stunnel", "debug", server_id=server.id) si.run_command("sed -i 's/ENABLED=0/ENABLED=1/g' /etc/default/stunnel4") stunnel_redis_conf = ( 'pid = /run/stunnel-redis.pid\n' '[redis-client]\n' 'client = yes\n' 'accept = 127.0.0.1:{1}\n' 'connect = {0}:{1}\n' 'CAfile = /etc/stunnel/redis-server.crt\n' 'verify = 4\n' ).format(primary_cache, primary_cache_server.stunnel_port) wlogger.log(tid, "Writing redis stunnel configurations", "info", server_id=server.id) rc.put_file('/etc/stunnel/stunnel.conf', stunnel_redis_conf) wlogger.log(tid, "Uploading server certificate", "info", server_id=server.id) rc.put_file('/etc/stunnel/redis-server.crt', stunnel_cert) si.run_sysctl('enable') si.run_sysctl('restart') if server.primary_server: server_string = 'localhost:{0}'.format(primary_cache_server.stunnel_port) __update_LDAP_cache_method(tid, server, server_string, redis_password=primary_cache_server.redis_password) wlogger.log(tid, "Restarting Gluu Server", "info", server_id=server.id) if server.os in ('RHEL 7', 'CentOS 7', 'Ubuntu 18'): si.run_command('/sbin/gluu-serverd-{} restart'.format(app_conf.gluu_version)) else: si.run_command('systemctl restart gluu-server-{}'.format(app_conf.gluu_version)) wlogger.log(tid, "3", "set_step")
s_in, s_out, s_err = c.run(cmd) try: data = json.loads(s_out) arg_d = { u'fields': ['time', u'uptime'], u'data': [[int(time.time()), data['data']['uptime']]] } except: print "Server did not return json data" arg_d = { u'fields': ['time', u'uptime'], u'data': [[int(time.time()), 0]] } print "Uptime", data['data'] write_influx(host, 'uptime', arg_d) servers = sys.argv[1:] if not servers: print "Usage: python get_remote_stats.py server1 server2 servser3" for server in servers: c = RemoteClient(server) c.startup() for t in sqlite_monitoring_tables.monitoring_tables: get_remote_data(server, t, c) #get_age(server, c)
def index(): """Route for URL /server/. GET returns ServerForm to add a server, POST accepts the ServerForm, validates and creates a new Server object """ appconfig = AppConfiguration.query.first() if not appconfig: flash( "Kindly set default values for the application before adding" " servers.", "info") return redirect(url_for('index.app_configuration', next="/server/")) form = ServerForm() header = "New Server" primary_server = Server.query.filter( Server.primary_server.is_(True)).first() if primary_server: del form.ldap_password del form.ldap_password_confirm else: header = "New Server - Primary Server" if form.validate_on_submit(): server = Server() server.hostname = form.hostname.data.strip() server.ip = form.ip.data.strip() server.mmr = False ask_passphrase = False server_exist = Server.query.filter_by( hostname=form.hostname.data.strip()).first() if server_exist: flash( "Server with hostname {} is already in cluster".format( server_exist.hostname), "warning") return redirect(url_for('index.home')) c = RemoteClient(server.hostname, server.ip) try: c.startup() except ClientNotSetupException as e: if str(e) == 'Pubkey is encrypted.': ask_passphrase = True flash( "Pubkey seems to password protected. " "After setting your passphrase re-submit this form.", 'warning') elif str(e) == 'Could not deserialize key data.': ask_passphrase = True flash( "Password your provided for pubkey did not work. " "After setting your passphrase re-submit this form.", 'warning') else: flash( "SSH connection to {} failed. Please check if your pub key is " "added to /root/.ssh/authorized_keys on this server. Reason: {}" .format(server.hostname, e), 'error') #except: # flash("SSH connection to {} failed. Please check if your pub key is " # "asdded to /root/.ssh/authorized_keys on this server".format( # server.hostname)) print "ask_passphrase", ask_passphrase return render_template('new_server.html', form=form, header=header, server_id=None, ask_passphrase=ask_passphrase, next=url_for('server.index')) if primary_server: server.ldap_password = primary_server.ldap_password else: server.ldap_password = form.ldap_password.data.strip() server.primary_server = True if not server.hostname == appconfig.nginx_host: db.session.add(server) db.session.commit() # start the background job to get system details collect_server_details.delay(server.id) return redirect(url_for('index.home')) else: flash("Load balancer can't be used as gluu server", 'danger') return render_template('new_server.html', form=form, header=header, server_id=None)
def app_configuration(): """This view provides application configuration forms""" # create forms conf_form = AppConfigForm() sch_form = SchemaForm() config = AppConfiguration.query.first() schemafiles = os.listdir(app.config['SCHEMA_DIR']) conf_form.gluu_archive.choices = [ (f, os.path.split(f)[1]) for f in glob.glob( os.path.join(app.config['GLUU_REPO'], 'gluu-server-*')) ] # If the form is submitted and password for replication user was not # not supplied, make password "**dummy**", so don't change # what we have before #external_lb_checked = False external_lb_checked = conf_form.external_load_balancer.data if request.method == 'POST': if conf_form.gluu_version.data < '3.1.4': conf_form.use_ldap_cache.data = False if config and not conf_form.replication_pw.data.strip(): conf_form.replication_pw.validators = [] conf_form.replication_pw_confirm.validators = [] if conf_form.external_load_balancer.data: conf_form.nginx_ip.validators = [] print "OFFLINE", conf_form.offline.data, conf_form.gluu_archive.data if not conf_form.offline.data: del conf_form._fields['gluu_archive'] if not config: #del conf_form.replication_pw #del conf_form.replication_pw_confirm config = AppConfiguration() db.session.add(config) # If form is submitted and validated process it if conf_form.update.data and conf_form.validate_on_submit(): if config.replication_pw: new_replication_passwd = conf_form.replication_pw.data.strip() if conf_form.replication_pw.data: c = None server = Server.query.first() if server: c = RemoteClient(server.hostname, ip=server.ip) try: c.startup() except Exception as e: flash( "Can't establish SSH connection to {}. " "Replication password is not changed".format( server.hostname), "warning") if c: installer = Installer(c, config.gluu_version, server.os) cmd = ( '/opt/opendj/bin/ldappasswordmodify --bindDN ' '\'cn=Directory Manager\' --bindPassword $\'{}\' ' '--port 4444 --newPassword $\'{}\' --authzID ' '\'cn=admin,cn=Administrators,cn=admin data\' ' '--trustAll --useSSL'.format( server.ldap_password.replace("'", "\\'"), new_replication_passwd.replace("'", "\\'"), )) result = installer.run(cmd) if result[1].strip() == \ 'The LDAP password modify operation was successful': flash("Replication password is changed", "success") config.replication_pw = new_replication_passwd config.gluu_version = conf_form.gluu_version.data.strip() config.nginx_host = conf_form.nginx_host.data.strip() config.nginx_ip = conf_form.nginx_ip.data.strip() config.modify_hosts = conf_form.modify_hosts.data config.ldap_update_period = conf_form.ldap_update_period.data config.ldap_update_period_unit = 's' config.external_load_balancer = conf_form.external_load_balancer.data config.use_ldap_cache = conf_form.use_ldap_cache.data if conf_form.offline.data: config.offline = True config.gluu_archive = conf_form.gluu_archive.data else: config.offline = False config.gluu_archive = '' if getattr(conf_form, 'replication_pw'): if conf_form.replication_pw_confirm.data: config.replication_pw = conf_form.replication_pw.data.strip() config.gluu_version = conf_form.gluu_version.data.strip() db.session.commit() flash( "Gluu Cluster Manager application configuration has been " "updated.", "success") elif sch_form.upload.data and sch_form.validate_on_submit(): f = sch_form.schema.data filename = secure_filename(f.filename) if any(filename in s for s in schemafiles): name, extension = os.path.splitext(filename) matches = [s for s in schemafiles if name in s] filename = name + "_" + str(len(matches)) + extension f.save(os.path.join(app.config['SCHEMA_DIR'], filename)) schemafiles.append(filename) flash( "Schema: {0} has been uploaded sucessfully. " "Please edit slapd.conf of primary server and " "re-deploy all servers.".format(filename), "success") # request.method == GET gets processed here if config: conf_form.nginx_host.data = config.nginx_host conf_form.modify_hosts.data = config.modify_hosts conf_form.nginx_ip.data = config.nginx_ip conf_form.external_load_balancer.data = config.external_load_balancer conf_form.use_ldap_cache.data = config.use_ldap_cache conf_form.offline.data = config.offline service_status_update_period = config.ldap_update_period if service_status_update_period and config.ldap_update_period_unit != 's': service_status_update_period = service_status_update_period * 60 conf_form.ldap_update_period.data = str(service_status_update_period) #conf_form.use_ip.data = config.use_ip if config.gluu_version: conf_form.gluu_version.data = config.gluu_version if not config.id: conf_form.use_ldap_cache.data = True #create fake remote class that provides the same interface with RemoteClient fc = FakeRemote() #Getermine local OS type localos = get_os_type(fc) app.jinja_env.globals['use_ldap_cache'] = config.use_ldap_cache return render_template( 'app_config.html', cform=conf_form, sform=sch_form, config=config, schemafiles=schemafiles, localos=localos, external_lb_checked=external_lb_checked, repo_dir=app.config['GLUU_REPO'], next=request.args.get('next'), )
def home(): cfg_file = app.config["AUTH_CONFIG_FILE"] oxd_file_config = app.config["OXD_CLIENT_CONFIG_FILE"] if not os.path.exists(cfg_file): if not os.path.exists(oxd_file_config): return redirect(url_for('auth.signup')) if not current_user.is_authenticated: return redirect(url_for("auth.login", next='/')) """This is the home view --dashboard--""" if 'nongluuldapinfo' in session: del session['nongluuldapinfo'] try: appconf = AppConfiguration.query.first() except: return render_template('index_nodb.html') if not appconf: return render_template('intro.html', setup='cluster') servers = Server.query.all() if not servers: return render_template('intro.html', setup='server') ask_passphrase = False logger.debug("Checking if primary server is reachable with ssh") c = RemoteClient(servers[0].ip, servers[0].hostname) try: c.startup() except ClientNotSetupException as e: if str(e) == 'Pubkey is encrypted.': ask_passphrase = True flash( "Pubkey seems to password protected. " "Please set passphrase.", 'warning') elif str(e) == 'Could not deserialize key data.': ask_passphrase = True flash( "Password you provided for pubkey did not work. " "Please set valid passphrase.", 'warning') else: flash( "SSH connection to {} failed. Please check if your pub key is " "added to /root/.ssh/authorized_keys on this server. Reason: {}" .format(servers[0].hostname, e), 'error') if ask_passphrase: return render_template( 'index_passphrase.html', e=e, ask_passphrase=ask_passphrase, next='/', warning_text="Error accessing primary server") server_id_list = [str(server.id) for server in servers] services = ['oxauth', 'identity'] prop = get_setup_properties() if as_boolean(prop['installSaml']): services.append('shib') if as_boolean(prop['installPassport']): services.append('passport') service_update_period = 300 if appconf.ldap_update_period: service_update_period = appconf.ldap_update_period if appconf.ldap_update_period_unit != 's': service_update_period = service_update_period * 60 return render_template('dashboard.html', servers=servers, app_conf=appconf, services=services, server_id_list=server_id_list, service_update_period=service_update_period)
def __init__(self, server, tid): self.server = server self.tid = tid self.rc = RemoteClient(server.hostname, ip=server.ip)
def step1(): pserver = Server.query.filter_by(primary_server=True).first() if pserver and request.args.get('pass_set') != 'true': flash("Oops this service is not for you.", 'warning') return redirect(url_for('index.home')) wform = WizardStep1() if request.method == 'POST': if wform.validate_on_submit(): replication_pw = uuid.uuid4().hex app_conf = AppConfiguration() app_conf.nginx_host = wform.new_hostname.data.strip() app_conf.replication_pw = replication_pw app_conf.nginx_ip = wform.nginx_ip.data.strip() app_conf.modify_hosts = True db.session.add(app_conf) server = Server() server.ip = wform.ip.data.strip() server.hostname = wform.current_hostname.data.strip() server.primary_server = True db.session.add(app_conf) db.session.add(server) db.session.commit() if request.method == 'POST' or request.args.get('pass_set') == 'true': servers = Server.query.all() ask_passphrase = False c = RemoteClient(servers[0].ip, servers[0].hostname) try: c.startup() except ClientNotSetupException as e: if str(e) == 'Pubkey is encrypted.': ask_passphrase = True flash( "Pubkey seems to password protected. " "Please set passphrase.", 'warning') elif str(e) == 'Could not deserialize key data.': ask_passphrase = True flash( "Password your provided for pubkey did not work. " "Please set valid passphrase.", 'warning') else: flash( "SSH connection to {} failed. Please check if your pub key is " "added to /root/.ssh/authorized_keys on this server. Reason: {}" .format(servers[0].hostname, e), 'error') return render_template( 'index_passphrase.html', e=e, ask_passphrase=ask_passphrase, next=url_for('wizard.step1', pass_set='true'), warning_text="Error accessing Stand Allone Server") task = wizard_step1.delay() print "TASK STARTED", task.id servers = Server.query.all() return render_template('wizard/wizard_logger.html', step=1, task_id=task.id, servers=servers) return render_template('wizard/step1.html', wform=wform)
class BaseInstaller(object): """Base class for component installers. Args: server (class:`clustermgr.models.Server`): the server object denoting the server where server should be installed tid (string): the task id of the celery task to add logs """ def __init__(self, server, tid): self.server = server self.tid = tid self.rc = RemoteClient(server.hostname, ip=server.ip) def install(self): """install() detects the os of the server and calls the appropriate function to install redis on that server. Returns: boolean status of the install process """ try: self.rc.startup() except Exception as e: wlogger.log(self.tid, "Could not connect to {0}".format(e), "error", server_id=self.server.id) return False cin, cout, cerr = self.rc.run("ls /etc/*release") files = cout.split() cin, cout, cerr = self.rc.run("cat " + files[0]) status = False if "Ubuntu" in cout: status = self.install_in_ubuntu() elif "CentOS" in cout: status = self.install_in_centos() else: wlogger.log(self.tid, "Server OS is not supported. {0}".format( cout), "error", server_id=self.server.id) self.rc.close() return status def install_in_ubuntu(self): """This method should be overridden by the sub classes. Run the commands needed to install your component. Returns: boolean status of success of the install """ pass def install_in_centos(self): """This method should be overridden by the sub classes. Run the commands needed to install your component. Returns: boolean status of success of the install """ pass def run_command(self, cmd): wlogger.log(self.tid, cmd, "debug", server_id=self.server.id) return self.rc.run(cmd)
def install_cache_components(self, method): """Celery task that installs the redis, stunnel and twemproxy applications in the required servers. Redis and stunnel are installed in all the servers in the cluster. Twemproxy is installed in the load-balancer/proxy server :param self: the celery task :param method: either STANDALONE, SHARDED :return: the number of servers where both stunnel and redis were installed successfully """ tid = self.request.id installed = 0 servers = Server.query.all() for server in servers: wlogger.log(tid, "Installing Redis in server {0}".format( server.hostname), "info", server_id=server.id) ri = RedisInstaller(server, tid) redis_installed = ri.install() if redis_installed: server.redis = True wlogger.log(tid, "Redis install successful", "success", server_id=server.id) else: server.redis = False wlogger.log(tid, "Redis install failed", "fail", server_id=server.id) wlogger.log(tid, "Installing Stunnel", "info", server_id=server.id) si = StunnelInstaller(server, tid) stunnel_installed = si.install() if stunnel_installed: server.stunnel = True wlogger.log(tid, "Stunnel install successful", "success", server_id=server.id) else: server.stunnel = False wlogger.log(tid, "Stunnel install failed", "fail", server_id=server.id) # Save the redis and stunnel install situation to the db db.session.commit() if redis_installed and stunnel_installed: installed += 1 if method != 'STANDALONE': # No need to install twemproxy for "SHARDED" configuration return True # Install twemproxy in the Nginx load balancing proxy server app_conf = AppConfiguration.query.first() host = app_conf.nginx_host rc = RemoteClient(host) try: rc.startup() except Exception as e: wlogger.log(tid, "Could not connect to {0}".format(e), "error") return False server_os = get_os_type(rc) mock_server = Server() mock_server.hostname = host wlogger.log(tid, "Installing Stunnel in proxy server") si = StunnelInstaller(mock_server, tid) stunnel_installed = si.install() if stunnel_installed: wlogger.log(tid, "Stunnel install successful", "success") else: wlogger.log(tid, "Stunnel install failed", "fail") wlogger.log(tid, "Cluster manager will now try to build Twemproxy") # 1. Setup the development tools for installation if server_os in ["Ubuntu 16", "Ubuntu 14"]: run_and_log(rc, "apt-get update", tid) run_and_log(rc, "apt-get install -y build-essential autoconf libtool", tid) elif server_os in ["CentOS 6", "CentOS 7", "RHEL 7"]: run_and_log(rc, "yum install -y wget", tid) run_and_log(rc, "yum groupinstall -y 'Development tools'", tid) if server_os == "CentOS 6": run_and_log(rc, "wget http://ftp.gnu.org/gnu/autoconf/autoconf-2.69.tar.gz", tid) run_and_log(rc, "tar xvfvz autoconf-2.69.tar.gz", tid) run_and_log(rc, "cd autoconf-2.69 && ./configure", tid) run_and_log(rc, "cd autoconf-2.69 && make", tid) run_and_log(rc, "cd autoconf-2.69 && make install", tid) # 2. Get the source, build & install the nutcracker binaries run_and_log(rc, "wget https://github.com/twitter/twemproxy/archive/v0.4.1.tar.gz", tid) run_and_log(rc, "tar -xf v0.4.1.tar.gz", tid) run_and_log(rc, "cd twemproxy-0.4.1", tid) run_and_log(rc, "cd twemproxy-0.4.1 && autoreconf -fvi", tid) run_and_log(rc, "cd twemproxy-0.4.1 && ./configure --prefix=/usr", tid) run_and_log(rc, "cd twemproxy-0.4.1 && make", tid) run_and_log(rc, "cd twemproxy-0.4.1 && make install", tid) # 3. Post installation - setup user and logging run_and_log(rc, "useradd nutcracker", tid) run_and_log(rc, "mkdir /var/log/nutcracker", tid) run_and_log(rc, "touch /var/log/nutcracker/nutcracker.log", tid) run_and_log(rc, "chown -R nutcracker:nutcracker /var/log/nutcracker", tid) logrotate_conf = ["/var/log/nutcracker/nutcracker*.log {", "\tweekly", "\tmissingok", "\trotate 12", "\tcompress", "\tnotifempty", "}"] rc.put_file("/etc/logrotate.d/nutcracker", "\n".join(logrotate_conf)) # 4. Add init/service scripts to run nutcracker as a service if server_os in ["Ubuntu 16", "CentOS 7", "RHEL 7"]: local = os.path.join(app.root_path, "templates", "twemproxy", "twemproxy.service") remote = "/lib/systemd/system/nutcracker.service" rc.upload(local, remote) run_and_log(rc, "systemctl enable nutcracker", tid, None) elif server_os == "Ubuntu 14": local = os.path.join(app.root_path, "templates", "twemproxy", "nutcracker.init") remote = "/etc/init.d/nutcracker" rc.upload(local, remote) run_and_log(rc, 'chmod +x /etc/init.d/nutcracker', tid) run_and_log(rc, "update-rc.d nutcracker defaults", tid) elif server_os == "CentOS 6": local = os.path.join(app.root_path, "templates", "twemproxy", "nutcracker.centos.init") remote = "/etc/rc.d/init.d/nutcracker" rc.upload(local, remote) run_and_log(rc, "chmod +x /etc/init.d/nutcracker", tid) run_and_log(rc, "chkconfig --add nutcracker", tid) run_and_log(rc, "chkconfig nutcracker on", tid) # 5. Create the default configuration file referenced in the init scripts run_and_log(rc, "mkdir -p /etc/nutcracker", tid) run_and_log(rc, "touch /etc/nutcracker/nutcracker.yml", tid) rc.close() return installed
def setup_server(self, server_id, conffile): """This Task sets up a standalone server with only OpenLDAP installed as per the request. As the task proceeds the various status are logged to the WebLogger under the uniqueID of the task. This lets the web interface to poll for the near-realtime updates. Args: server_id (int): the primary key of the LDAPServer object conffile (string): complete path of the slapd.conf generated via webui """ server = LDAPServer.query.get(server_id) tid = self.request.id wlogger.log(tid, "Connecting to the server %s" % server.hostname) c = RemoteClient(server.hostname) try: c.startup() except Exception as e: wlogger.log(tid, "Cannot establish SSH connection {0}".format(e), "error") wlogger.log(tid, "Retrying with the IP address") c = RemoteClient(server.ip) try: c.startup() except Exception as e: wlogger.log(tid, "Cannot establish SSH connection {0}".format(e), "error") wlogger.log(tid, "Ending server setup process.", "error") return False wlogger.log(tid, 'Starting premilinary checks') # 1. Check OpenLDAP is installed if c.exists('/opt/symas/bin/slaptest'): wlogger.log(tid, 'Checking if OpenLDAP is installed', 'success') else: wlogger.log(tid, 'Cheking if OpenLDAP is installed', 'fail') wlogger.log( tid, 'Kindly install OpenLDAP on the server and refresh' ' this page to try setup again.') return # 2. symas-openldap.conf file exists if c.exists('/opt/symas/etc/openldap/symas-openldap.conf'): wlogger.log(tid, 'Checking symas-openldap.conf exists', 'success') else: wlogger.log(tid, 'Checking if symas-openldap.conf exists', 'fail') wlogger.log( tid, 'Configure OpenLDAP with /opt/gluu/etc/openldap' '/symas-openldap.conf', 'warning') return # 3. Certificates if server.tls_cacert: if c.exists(server.tls_cacert): wlogger.log(tid, 'Checking TLS CA Certificate', 'success') else: wlogger.log(tid, 'Checking TLS CA Certificate', 'fail') if server.tls_servercert: if c.exists(server.tls_servercert): wlogger.log(tid, 'Checking TLS Server Certificate', 'success') else: wlogger.log(tid, 'Checking TLS Server Certificate', 'fail') if server.tls_serverkey: if c.exists(server.tls_serverkey): wlogger.log(tid, 'Checking TLS Server Key', 'success') else: wlogger.log(tid, 'Checking TLS Server Key', 'fail') # 4. Data directories wlogger.log(tid, "Checking for data and schema folders for LDAP") conf = open(conffile, 'r') for line in conf: if re.match('^directory', line): folder = line.split()[1] if not c.exists(folder): run_command(tid, c, 'mkdir -p ' + folder) else: wlogger.log(tid, folder, 'success') # 5. Copy Gluu Schema files wlogger.log(tid, "Copying Schema files to server") if not c.exists('/opt/gluu/schema/openldap'): run_command(tid, c, 'mkdir -p /opt/gluu/schema/openldap') gluu_schemas = os.listdir(os.path.join(app.static_folder, 'schema')) for schema in gluu_schemas: upload_file(tid, c, os.path.join(app.static_folder, 'schema', schema), "/opt/gluu/schema/openldap/" + schema) # 6. Copy User's custom schema files schemas = os.listdir(app.config['SCHEMA_DIR']) for schema in schemas: upload_file(tid, c, os.path.join(app.config['SCHEMA_DIR'], schema), "/opt/gluu/schema/openldap/" + schema) # 7. Setup slapd.conf wlogger.log(tid, "Copying slapd.conf file to remote server") upload_file(tid, c, conffile, '/opt/symas/etc/openldap/slapd.conf') wlogger.log(tid, "Restarting LDAP server to validate slapd.conf") # IMPORTANT: # Restart allows the server to create missing mdb files for accesslog so # slapd.conf -> slapd.d conversion runs without error run_command(tid, c, 'service solserver restart') # 8. Generate OLC slapd.d wlogger.log(tid, "Migrating from slapd.conf to slapd.d OnlineConfig (OLC)") run_command(tid, c, 'service solserver stop') run_command(tid, c, 'rm -rf /opt/symas/etc/openldap/slapd.d') run_command(tid, c, 'mkdir -p /opt/symas/etc/openldap/slapd.d') run_command( tid, c, '/opt/symas/bin/slaptest -f /opt/symas/etc/openldap/slapd.conf' ' -F /opt/symas/etc/openldap/slapd.d') # 9. Restart the solserver with the new configuration wlogger.log( tid, "Starting LDAP server with OLC configuraion. Any future" "changes to slapd.conf will have NO effect on the LDAP server") log = run_command(tid, c, 'service solserver start') if 'failed' in log: wlogger.log(tid, "OpenLDAP server failed to start.", "error") wlogger.log(tid, "Debugging slapd...", "info") run_command(tid, "service solserver start -d 1") # Everything is done. Set the flag to based on the messages msgs = wlogger.get_messages(tid) setup_success = True for msg in msgs: setup_success = setup_success and msg['level'] != 'error' server.setup = setup_success db.session.commit()
def configure_gluu_server(self, server_id, conffile): server = LDAPServer.query.get(server_id) tid = self.request.id chdir = '/opt/gluu-server-' + server.gluu_version wlogger.log(tid, "Connecting to the server %s" % server.hostname) c = RemoteClient(server.hostname) try: c.startup() except Exception as e: wlogger.log(tid, "Cannot establish SSH connection {0}".format(e), "error") wlogger.log(tid, "Retrying with the IP address") c = RemoteClient(server.ip) try: c.startup() except Exception as e: wlogger.log(tid, "Cannot establish SSH connection {0}".format(e), "error") wlogger.log(tid, "Ending server setup process.", "error") return False # Since it is a Gluu Server, a number of checks can be avoided # 1. Check if OpenLDAP is installed # 2. Check if symas-openldap.conf files exists # 3. Check for certificates - They will be at /etc/certs # 4. Existance of data directories - this is necassr check as we will be # enabling accesslog DIT, maybe others by admin in the conf editor wlogger.log(tid, "Checking existing data and schema folders for LDAP") conf = open(conffile, 'r') for line in conf: if re.match('^directory', line): folder = line.split()[1] if not c.exists(os.path.join(chdir, folder)): run_command(tid, c, 'mkdir -p ' + folder, chdir) else: wlogger.log(tid, folder, 'success') # 5. Gluu Schema file will be present - no checks required # 6. Copy User's custom schema files if any schemas = os.listdir(app.config['SCHEMA_DIR']) if len(schemas): wlogger.log(tid, "Copying custom schema files to the server") for schema in schemas: local = os.path.join(app.config['SCHEMA_DIR'], schema) remote = chdir + "/opt/gluu/schema/openldap/" + schema upload_file(tid, c, local, remote) # 7. Copy the slapd.conf wlogger.log(tid, "Copying slapd.conf file to the server") upload_file(tid, c, conffile, chdir + "/opt/symas/etc/openaldap/slapd.conf") wlogger.log(tid, "Restarting LDAP server to validate slapd.conf") # IMPORTANT: # Restart allows the server to create the mdb files for accesslog so # slaptest doesn't throw errors during OLC generation run_command(tid, c, 'service solserver restart', chdir) # 8. Download openldap.crt to be used in other servers for ldaps wlogger.log(tid, "Downloading SSL Certificate to be used in other servers") remote = chdir + '/etc/certs/openldap.crt' local = os.path.join(app.config["CERTS_DIR"], "{0}.crt".format(server.hostname)) download_file(tid, c, remote, local) # 9. Generate OLC slapd.d wlogger.log(tid, "Convert slapd.conf to slapd.d OLC") run_command(tid, c, 'service solserver stop', chdir) run_command(tid, c, "rm -rf /opt/symas/etc/openldap/slapd.d", chdir) run_command(tid, c, "mkdir /opt/symas/etc/openldap/slapd.d", chdir) run_command( tid, c, "/opt/symas/bin/slaptest -f /opt/symas/etc/openldap/" "slapd.conf -F /opt/symas/etc/openldap/slapd.d", chdir) # 10. Reset ownerships run_command(tid, c, "chown -R ldap:ldap /opt/gluu/data", chdir) run_command(tid, c, "chown -R ldap:ldap /opt/gluu/schema/openldap", chdir) run_command(tid, c, "chown -R ldap:ldap /opt/symas/etc/openldap/slapd.d", chdir) # 11. Restart the solserver with the new OLC configuration wlogger.log(tid, "Restarting LDAP server with OLC configuration") log = run_command(tid, c, "service solserver start", chdir) if 'failed' in log: wlogger.log( tid, "There seems to be some issue in starting the server." "Running LDAP server in debug mode for troubleshooting") run_command(tid, c, "service solserver start -d 1", chdir) # Everything is done. Set the flag to based on the messages msgs = wlogger.get_messages(tid) setup_success = True for msg in msgs: setup_success = setup_success and msg['level'] != 'error' server.setup = setup_success db.session.commit()
def wizard_step2(self): tid = self.request.id setup_prop = get_setup_properties() server = Server.query.filter_by(primary_server=True).first() app_conf = AppConfiguration.query.first() c = RemoteClient(server.hostname, ip=server.ip) wlogger.log(tid, "Making SSH Connection") try: c.startup() wlogger.log(tid, "SSH connection established", 'success') except: wlogger.log(tid, "Can't establish SSH connection", 'fail') wlogger.log(tid, "Ending changing name.", 'error') return name_changer = ChangeGluuHostname( old_host=server.hostname, new_host=app_conf.nginx_host, cert_city=setup_prop['city'], cert_mail=setup_prop['admin_email'], cert_state=setup_prop['state'], cert_country=setup_prop['countryCode'], server=server.hostname, ip_address=server.ip, ldap_password=setup_prop['ldapPass'], os_type=server.os, gluu_version=app_conf.gluu_version, local=False, ) name_changer.logger_tid = tid r = name_changer.startup() if not r: wlogger.log(tid, "Name changer can't be started", 'fail') wlogger.log(tid, "Ending changing name.", 'error') return wlogger.log(tid, "Cahnging LDAP Applience configurations") name_changer.change_appliance_config() wlogger.log(tid, "LDAP Applience configurations were changed", 'success') wlogger.log(tid, "Cahnging LDAP Clients entries") name_changer.change_clients() wlogger.log(tid, "LDAP Applience Clients entries were changed", 'success') wlogger.log(tid, "Cahnging LDAP Uma entries") name_changer.change_uma() wlogger.log(tid, "LDAP Applience Uma entries were changed", 'success') wlogger.log(tid, "Modifying SAML & Passport") name_changer.modify_saml_passport() wlogger.log(tid, "SAML & Passport were changed", 'success') wlogger.log(tid, "Reconfiguring http") name_changer.change_httpd_conf() wlogger.log(tid, " LDAP Applience Uma entries were changed", 'success') wlogger.log(tid, "Creating certificates") name_changer.create_new_certs() wlogger.log(tid, "Changing /etc/hostname") name_changer.change_host_name() wlogger.log(tid, "/etc/hostname was changed", 'success') wlogger.log(tid, "Modifying /etc/hosts") name_changer.modify_etc_hosts() wlogger.log(tid, "/etc/hosts was modified", 'success') name_changer.installer.restart_gluu()