class AppConfiguration(db.Model): __tablename__ = 'appconfig' id = db.Column(db.Integer, primary_key=True) # the DN of the replication user replication_dn = db.Column(db.String(200)) # the password for replication user replication_pw = db.Column(db.String(200)) # folder with the certificates for the app to use certificate_folder = db.Column(db.String(200)) # the result of the last replication test last_test = db.Column(db.Boolean)
class OxauthServer(db.Model): __tablename__ = "oxauth_server" id = db.Column(db.Integer, primary_key=True) # hostname for SSH access hostname = db.Column(db.String(255)) gluu_server = db.Column(db.Boolean(), default=True) gluu_version = db.Column(db.String(10), default="3.0.1") @property def jks_path(self): if not self.gluu_server: return "/etc/certs/oxauth-keys.jks" return "/opt/gluu-server-{}/etc/certs/oxauth-keys.jks".format(self.gluu_version) @property def get_version(self): if not self.gluu_server: return "" return self.gluu_version
class KeyRotation(db.Model): __tablename__ = "keyrotation" id = db.Column(db.Integer, primary_key=True) # key rotation interval (in hours) interval = db.Column(db.Integer) # timestamp when last rotation occured rotated_at = db.Column(db.DateTime(True)) # rotation type based on available backends (oxeleven or jks) type = db.Column(db.String(16)) # inum appliance, useful for searching oxAuth config in LDAP inum_appliance = db.Column(db.String(255)) # whether rotation is enabled or not enabled = db.Column(db.Boolean, default=False) def should_rotate(self): # determine whether we need to rotate the key if not self.rotated_at: return True return datetime.utcnow() > self.next_rotation_at @property def next_rotation_at(self): # when will the keys supposed to be rotated return self.rotated_at + timedelta(hours=self.interval)
class CacheServer(db.Model): __tablename__ = "cache_server" id = db.Column(db.Integer, primary_key=True) hostname = db.Column(db.String(250)) ip = db.Column(db.String(45)) install_redis = db.Column(db.Boolean, default=True) redis_password = db.Column(db.String(45)) stunnel_port = db.Column(db.Integer) installed = db.Column(db.Boolean) def __repr__(self): return '<Cache Server {} {}>'.format(self.id, self.hostname)
class KeyRotation(db.Model): __tablename__ = "keyrotation" id = db.Column(db.Integer, primary_key=True) # key rotation interval (in days) interval = db.Column(db.Integer) # timestamp when last rotation occured rotated_at = db.Column(db.DateTime(True)) # rotation type based on available backends (oxeleven or jks) type = db.Column(db.String(16)) oxeleven_url = db.Column(db.String(255)) # token used for accessing oxEleven # note, token is encrypted when we save into database; # to get the actual token, we need to decrypt it oxeleven_token = db.Column(db.LargeBinary) # random key for token encryption oxeleven_token_key = db.Column(db.LargeBinary) # random iv for token encryption oxeleven_token_iv = db.Column(db.LargeBinary) # inum appliance, useful for searching oxAuth config in LDAP inum_appliance = db.Column(db.String(255)) def should_rotate(self): # determine whether we need to rotate the key if not self.rotated_at: return True return datetime.utcnow() > self.next_rotation_at @property def next_rotation_at(self): # when will the keys supposed to be rotated return self.rotated_at + timedelta(days=self.interval)
class AppConfiguration(db.Model): __tablename__ = 'appconfig' id = db.Column(db.Integer, primary_key=True) # the DN of the replication user replication_dn = db.Column(db.String(200)) # the password for replication user replication_pw = db.Column(db.String(200)) # the result of the last replication test last_test = db.Column(db.Boolean) # gluu server version gluu_version = db.Column(db.String(10)) # use ip for replication use_ip = db.Column(db.Boolean()) nginx_host = db.Column(db.String(250)) log_purge = db.Column(db.String(50))
class Server(db.Model): __tablename__ = "server" id = db.Column(db.Integer, primary_key=True) # Hostname of the server hostname = db.Column(db.String(250), unique=True) # IP address of the server ip = db.Column(db.String(45)) # rootDN password for the LDAP server ldap_password = db.Column(db.String(150)) # Operating system running in the server os = db.Column(db.String(150)) # Cache method used by the server if it has oxAuth cache_method = db.Column(db.String(50)) # Installed components as comma seperated values components = db.Column(db.Text) # Flag to indicate whether LDAP MMR has been set up mmr = db.Column(db.Boolean) # Is the LDAP server inside the gluu server chroot container gluu_server = db.Column(db.Boolean) # Is this the primary server primary_server = db.Column(db.Boolean) # Is redis installed redis = db.Column(db.Boolean) # Is stunnel installed stunnel = db.Column(db.Boolean) def __repr__(self): return '<Server %d %s>' % (self.id, self.hostname)
class LoggingServer(db.Model): __tablename__ = "logging_server" id = db.Column(db.Integer, primary_key=True) url = db.Column(db.String(255))
class OxelevenKeyID(db.Model): __tablename__ = "oxeleven_key_id" id = db.Column(db.Integer, primary_key=True) kid = db.Column(db.String(255))
class AppConfiguration(db.Model): __tablename__ = 'appconfig' id = db.Column(db.Integer, primary_key=True) # the DN of the replication user replication_dn = db.Column(db.String(200)) # the password for replication user replication_pw = db.Column(db.String(200)) # the result of the last replication test last_test = db.Column(db.Boolean) # gluu server version gluu_version = db.Column(db.String(10)) # use ip for replication use_ip = db.Column(db.Boolean()) nginx_host = db.Column(db.String(250)) log_purge = db.Column(db.String(50)) admin_email = db.Column(db.String()) # flag if monitoring installed monitoring = db.Column(db.Boolean()) # if ip-host pairs will be written to /etc/hosts modify_hosts = db.Column(db.Boolean()) nginx_ip = db.Column(db.String(50)) ldap_update_period = db.Column(db.Integer) object_class_base = db.Column(db.String(50)) attribute_oid = db.Column(db.Integer, default=100) external_load_balancer = db.Column(db.Boolean()) use_ldap_cache = db.Column(db.Boolean()) nginx_os_type = db.Column(db.String(10)) ldap_update_period_unit = db.Column(db.String(1), default='s') latest_version = db.Column(db.String(10)) offline = db.Column(db.Boolean()) gluu_archive = db.Column(db.String(50))
class LDAPServer(db.Model): __tablename__ = "ldap_server" id = db.Column(db.Integer, primary_key=True) # hostname of the ldap server hostname = db.Column(db.String(150), unique=True) # ip address of the server ip = db.Column(db.String(45)) # port in which the LDAP server is listening port = db.Column(db.Integer) # role is either provider or consumer role = db.Column(db.String(10)) # LDAP communication protocol ldap, ldaps, starttls protocol = db.Column(db.String(10)) # location of the certificates in the server tls_cacert = db.Column(db.Text) tls_servercert = db.Column(db.Text) tls_serverkey = db.Column(db.Text) # whether the replication user has been added to the DIT # and the server is setup with replication initialized = db.Column(db.Boolean) # whether the server has been setup with proper configuration setup = db.Column(db.Boolean) # rootDN password for the LDAP server admin_pw = db.Column(db.String(150)) # provider for the consumer LDAP server provider_id = db.Column(db.Integer, db.ForeignKey('ldap_server.id')) # consumers connected to a provider consumers = relationship("LDAPServer", backref=backref( 'provider', remote_side=[id])) # is the LDAP server inside the gluu server chroot container gluu_server = db.Column(db.Boolean) # gluu server version gluu_version = db.Column(db.String(10)) def __repr__(self): return '<Server %s:%d>' % (self.hostname, self.port)