# import configparser import constants import os import sys from functions import isValidHostIpv4 from functions import printScript from functions import putSftp from functions import sambaTool from functions import subProc title = os.path.basename(__file__).replace('.py', '').split('_')[1] logfile = constants.LOGDIR + '/setup.' + title + '.log' printScript('', 'begin') printScript(title) # files cacert = constants.CACERT mailcert = constants.SSLDIR + '/mail.cert.pem' mailkey = constants.SSLDIR + '/mail.key.pem' setuptmp = '/tmp/setup.ini' imagename = 'tvial/docker-mailserver:stable' # read setup ini msg = 'Reading setup data ' printScript(msg, '', False, False, True) setupini = constants.SETUPINI try: setup = configparser.RawConfigParser(delimiters=('='),
def main(): # helper files for mailserver setup msg = '* Creating helper files ' printScript(msg, '', False, False, True) try: # add binduser password to setup.ini rc, content = readTextfile(setupini) content = content + 'binduserpw = ' + binduserpw rc = writeTextfile(setuptmp, content, 'w') # create setup helper script content = '#!/bin/bash\nmkdir -p ' + constants.SSLDIR content = content + '\nmv /tmp/*.pem ' + constants.SSLDIR content = content + '\nchmod 640 ' + constants.SSLDIR + '/*.key.pem' content = content + '\nln -sf ' + constants.SSLDIR + '/cacert.pem /etc/ssl/certs/cacert.pem' content = content + '\napt-get update\napt-get -y install linuxmuster-mail' content = content + '\nlinuxmuster-mail.py -c ' + setuptmp content = content + '\nsystemctl enable linuxmuster-mail.service' content = content + '\nsystemctl start linuxmuster-mail.service' rc = writeTextfile(setuphelper, content, 'w') printScript(' Success!', '', True, True, False, len(msg)) except: printScript(' Failed!', '', True, True, False, len(msg)) sys.exit(1) # open ssh connection if mailip != serverip: msg = '* Establishing ssh connection to mailserver ' printScript(msg, '', False, False, True) ssh = paramiko.SSHClient() ssh.load_system_host_keys() ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy()) ssh.connect(mailip, 22, 'root', adminpw) try: ftp = ssh.open_sftp() printScript(' Success!', '', True, True, False, len(msg)) except: printScript(' Failed!', '', True, True, False, len(msg)) sys.exit(1) # uploading data & certs msg = '* Uploading files to mailserver ' printScript(msg, '', False, False, True) for item in [setuptmp, setuphelper, mailcert, mailkey]: if not ftp.put(item, '/tmp/' + os.path.basename(item)): printScript(' ' + os.path.basename(item) + ' failed!', '', True, True, False, len(msg)) sys.exit(1) ftp.chmod(setuphelper, stat.S_IRWXU | stat.S_IRGRP | stat.S_IXGRP) printScript(' Success!', '', True, True, False, len(msg)) # start mailserver setup per ssh msg = '* Starting mailserver setup ' printScript(msg, '', False, False, True) try: stdin, stdout, stderr = ssh.exec_command(setuphelper) printScript(' Success!', '', True, True, False, len(msg)) except: printScript(' Failed!', '', True, True, False, len(msg)) sys.exit(1) # close ssh connection ftp.close() ssh.close() # local mailserver setup else: msg = '* Starting mailserver setup ' printScript(msg, '', False, False, True) try: subProc('apt update && apt -y install linuxmuster-mail', logfile) subProc('linuxmuster-mail.py -s -c ' + setuptmp, logfile) subProc('systemctl enable linuxmuster-mail.service', logfile) subProc('systemctl start linuxmuster-mail.service', logfile) printScript(' Success!', '', True, True, False, len(msg)) except: printScript(' Failed!', '', True, True, False, len(msg)) sys.exit(1) os.unlink(setuptmp) # add mail dns entry msg = '* Creating dns entry ' printScript(msg, '', False, False, True) try: sambaTool('dns add localhost ' + domainname + ' mail A ' + mailip) sambaTool('dns add localhost ' + domainname + ' mail MX "' + mailip + ' 10"') printScript(' Success!', '', True, True, False, len(msg)) except: printScript(' Failed!', '', True, True, False, len(msg)) sys.exit(1)
import random import re import sys from functions import printScript from functions import readTextfile from functions import writeTextfile from functions import isValidHostIpv4 from functions import subProc from subprocess import Popen, PIPE from uuid import getnode title = os.path.basename(__file__).replace('.py', '').split('_')[1] logfile = constants.LOGDIR + '/setup.' + title + '.log' printScript('', 'begin') printScript(title) # read setup.ini msg = 'Reading setup data ' printScript(msg, '', False, False, True) setupini = constants.SETUPINI try: setup = configparser.ConfigParser(inline_comment_prefixes=('#', ';')) setup.read(setupini) firewallip = setup.get('setup', 'firewallip') opsiip = setup.get('setup', 'opsiip') mailip = setup.get('setup', 'mailip') dockerip = setup.get('setup', 'dockerip') serverip = setup.get('setup', 'serverip') iface = setup.get('setup', 'iface')
import configparser import constants import os import sys from functions import printScript from functions import isValidHostname from functions import isValidDomainname from functions import isValidHostIpv4 from functions import randomPassword from functions import subProc from IPy import IP title = os.path.basename(__file__).replace('.py', '').split('_')[1] logfile = constants.LOGDIR + '/setup.' + title + '.log' printScript('', 'begin') printScript(title) # read ini files setup = configparser.RawConfigParser(delimiters=('='), inline_comment_prefixes=('#', ';')) for item in [ constants.DEFAULTSINI, constants.PREPINI, constants.SETUPINI, constants.CUSTOMINI ]: # skip non existant file if not os.path.isfile(item): continue # reading setup values msg = 'Reading ' + item + ' ' printScript(msg, '', False, False, True)
import sys from functions import backupCfg from functions import checkSocket from functions import doSshLink from functions import isValidHostIpv4 from functions import printScript from functions import replaceInFile from functions import setupComment from functions import subProc from functions import modIni title = os.path.basename(__file__).replace('.py', '').split('_')[1] logfile = constants.LOGDIR + '/setup.' + title + '.log' printScript('', 'begin') printScript(title) # read setup ini msg = 'Reading setup data ' printScript(msg, '', False, False, True) setupini = constants.SETUPINI try: setup = configparser.RawConfigParser(delimiters=('='), inline_comment_prefixes=('#', ';')) setup.read(setupini) # get ip addresses serverip = setup.get('setup', 'serverip') opsiip = setup.get('setup', 'opsiip') dockerip = setup.get('setup', 'dockerip') printScript(' Success!', '', True, True, False, len(msg))
def main(): # open ssh connection if mailip != serverip: # start mailserver setup per ssh printScript('Remote mailserver setup') sshcmd = 'ssh -q -oStrictHostKeyChecking=accept-new ' + mailip + ' ' try: msg = '* Uploading certificates ' printScript(msg, '', False, False, True) # create remote ssl cert dir subProc(sshcmd + 'mkdir -p ' + constants.SSLDIR, logfile) # upload certs for item in [cacert, mailcert, mailkey]: putSftp(mailip, item, item) # link cacert subProc(sshcmd + 'ln -sf ' + cacert + ' /etc/ssl/certs', logfile) printScript(' Success!', '', True, True, False, len(msg)) msg = '* Uploading setup data ' printScript(msg, '', False, False, True) # create remote dir for setup.ini subProc(sshcmd + 'mkdir -p ' + constants.VARDIR, logfile) # upload setup.ini putSftp(mailip, setuptmp, setupini) printScript(' Success!', '', True, True, False, len(msg)) msg = '* Installing linuxmuster-mail package ' printScript(msg, '', False, False, True) # install linuxmuster-mail pkg subProc(sshcmd + 'apt update', logfile) subProc(sshcmd + 'apt -y install linuxmuster-mail', logfile) # key permissions subProc(sshcmd + 'chmod 640 ' + mailkey, logfile) subProc(sshcmd + 'chgrp docker ' + mailkey, logfile) printScript(' Success!', '', True, True, False, len(msg)) msg = '* Pulling mailserver image ' printScript(msg, '', False, False, True) # pull image subProc(sshcmd + 'docker pull ' + imagename, logfile) printScript(' Success!', '', True, True, False, len(msg)) msg = '* Setting up mailserver container ' printScript(msg, '', False, False, True) # invoke setup script subProc(sshcmd + '/usr/sbin/linuxmuster-mail-setup -f -c ' + setupini, logfile) printScript(' Success!', '', True, True, False, len(msg)) except: msg = 'Remote mailserver setup ' printScript(msg, '', False, False, True) printScript(' Failed!', '', True, True, False, len(msg)) sys.exit(1) # local mailserver setup else: msg = 'Local mailserver setup ' printScript(msg, '', False, False, True) try: subProc('apt update && apt -y install linuxmuster-mail', logfile) subProc('/usr/sbin/linuxmuster-mail-setup -f -c ' + setuptmp, logfile) printScript(' Success!', '', True, True, False, len(msg)) except: printScript(' Failed!', '', True, True, False, len(msg)) sys.exit(1) # add mail dns entry msg = '* Creating dns entry ' printScript(msg, '', False, False, True) try: sambaTool('dns add localhost ' + domainname + ' mail A ' + mailip) sambaTool('dns add localhost ' + domainname + ' mail MX "' + mailip + ' 10"') printScript(' Success!', '', True, True, False, len(msg)) except: printScript(' Failed!', '', True, True, False, len(msg)) sys.exit(1)
import sys from functions import setupComment from functions import backupCfg from functions import readTextfile from functions import writeTextfile from functions import printScript from functions import modIni from functions import isValidPassword from functions import enterPassword from functions import subProc title = os.path.basename(__file__).replace('.py', '').split('_')[1] logfile = constants.LOGDIR + '/setup.' + title + '.log' printScript('', 'begin') printScript(title) # read INIFILE, get schoolname msg = 'Reading setup data ' printScript(msg, '', False, False, True) setupini = constants.SETUPINI try: setup = configparser.RawConfigParser(inline_comment_prefixes=('#', ';')) setup.read(setupini) serverip = setup.get('setup', 'serverip') printScript(' Success!', '', True, True, False, len(msg)) except: printScript(' Failed!', '', True, True, False, len(msg)) sys.exit(1)
import constants import getopt import os import sys from functions import datetime from functions import firewallApi from functions import getSetupValue from functions import printScript from functions import readTextfile # check first if firewall is skipped by setup skipfw = getSetupValue('skipfw') if skipfw == 'True': printScript('Firewall is skipped by setup!') sys.exit(0) def usage(): print('Usage: create-keytab.py [options]') print('Creates opnsense web proxy sso keytable.') print('If adminpw is omitted saved administrator credentials are used.') print(' [options] may be:') print(' -a <adminpw>, --adminpw=<adminpw>: global-admin password (optional)') print(' -c, --check : check only the presence of keytable file') print(' -v, --verbose : be more verbose') print(' -h, --help : print this help') # get cli args