Exemple #1
0
def setup_cert():
    server_cert = None
    server_key = None
    server_dh_params = None
    acme_domain = None

    if _database:
        settings_collection = get_collection('settings')
        doc = settings_collection.find_one({'_id': 'app'})
        if doc:
            server_cert = doc.get('server_cert')
            server_key = doc.get('server_key')
            server_dh_params = doc.get('server_dh_params')
            acme_domain = doc.get('acme_domain')

    if not server_cert or not server_key:
        logger.info('Generating setup server ssl cert', 'setup')
        server_cert_path, server_key_path = utils.generate_server_cert()
        server_dh_path = utils.generate_server_dh_params(1024)
        return server_cert_path, None, server_key_path, server_dh_path

    if not server_dh_params:
        server_dh_params = utils.generate_server_dh_params_inline(1024)

    return utils.write_server_cert(
        server_cert,
        server_key,
        server_dh_params,
        acme_domain,
    )
Exemple #2
0
def _run_wsgi(restart=False):
    global app_server

    logger.info('Starting server', 'app')

    app_server = limiter.CherryPyWSGIServerLimited(
        (settings.conf.bind_addr, settings.app.server_port),
        app,
        request_queue_size=settings.app.request_queue_size,
        server_name=APP_NAME,
    )
    app_server.shutdown_timeout = 1

    if settings.app.server_ssl:
        utils.write_server_cert()

        server_cert_path = os.path.join(settings.conf.temp_path,
                                        SERVER_CERT_NAME)
        server_key_path = os.path.join(settings.conf.temp_path,
                                       SERVER_KEY_NAME)
        app_server.ssl_adapter = SSLAdapter(
            server_cert_path,
            server_key_path,
        )

    if not restart:
        settings.local.server_ready.set()
        settings.local.server_start.wait()

    try:
        app_server.start()
    except (KeyboardInterrupt, SystemExit):
        pass
    except ServerRestart:
        logger.info('Server restarting...', 'app')
        return _run_wsgi(True)
    except:
        logger.exception('Server error occurred', 'app')
        raise
Exemple #3
0
def _run_wsgi(restart=False):
    global app_server

    logger.info('Starting server', 'app')

    app_server = limiter.CherryPyWSGIServerLimited(
        (settings.conf.bind_addr, settings.app.server_port),
        app,
        request_queue_size=settings.app.request_queue_size,
        server_name=APP_NAME,
    )
    app_server.shutdown_timeout = 1

    if settings.app.server_ssl:
        setup_server_cert()

        server_cert_path, server_chain_path, server_key_path, \
            server_dh_path = utils.write_server_cert(
                settings.app.server_cert,
                settings.app.server_key,
                settings.app.server_dh_params,
                settings.app.acme_domain,
            )

        app_server.ssl_adapter = SSLAdapter(
            server_cert_path,
            server_key_path,
            server_chain_path,
            server_dh_path,
        )

    if not restart:
        settings.local.server_ready.set()
        settings.local.server_start.wait()

    _watch_event.set()

    try:
        app_server.start()
    except (KeyboardInterrupt, SystemExit):
        pass
    except ServerRestart:
        _watch_event.clear()
        logger.info('Server restarting...', 'app')
        return _run_wsgi(True)
    except:
        logger.exception('Server error occurred', 'app')
        raise
Exemple #4
0
def setup_cert():
    server_cert = None
    server_key = None
    acme_domain = None

    if _database:
        settings_collection = get_collection('settings')
        doc = settings_collection.find_one({'_id': 'app'})
        if doc:
            server_cert = doc.get('server_cert')
            server_key = doc.get('server_key')
            acme_domain = doc.get('acme_domain')

    if not server_cert or not server_key:
        logger.info('Generating setup server ssl cert', 'setup')
        return utils.generate_server_cert()

    return utils.write_server_cert(
        server_cert,
        server_key,
        acme_domain,
    )
Exemple #5
0
def _run_server(restart):
    global app_server

    logger.info('Starting server', 'app')

    app_server = CherryPyWSGIServerLogged(
        ('localhost', settings.app.server_internal_port),
        app,
        request_queue_size=settings.app.request_queue_size,
        numthreads=settings.app.request_thread_count,
        shutdown_timeout=3,
    )
    app_server.server_name = ''

    server_cert_path = None
    server_key_path = None
    redirect_server = 'true' if settings.app.redirect_server else 'false'
    internal_addr = 'localhost:' + str(settings.app.server_internal_port)

    if settings.app.server_ssl:
        setup_server_cert()

        server_cert_path, server_key_path = utils.write_server_cert(
            settings.app.server_cert,
            settings.app.server_key,
            settings.app.acme_domain,
        )

    if not restart:
        settings.local.server_ready.set()
        settings.local.server_start.wait()

    process_state = True
    process = subprocess.Popen(
        ['pritunl-web'],
        stdout=subprocess.PIPE,
        stderr=subprocess.PIPE,
        env=dict(os.environ, **{
            'REVERSE_PROXY_HEADER': settings.app.reverse_proxy_header if \
                settings.app.reverse_proxy else '',
            'REDIRECT_SERVER': redirect_server,
            'BIND_HOST': settings.conf.bind_addr,
            'BIND_PORT': str(settings.app.server_port),
            'INTERNAL_ADDRESS': internal_addr,
            'CERT_PATH': server_cert_path or '',
            'KEY_PATH': server_key_path or '',
        }),
    )

    def poll_thread():
        time.sleep(0.5)
        if process.wait() and process_state:
            time.sleep(0.25)
            if not check_global_interrupt():
                stdout, stderr = process._communicate(None)
                logger.error('Web server process exited unexpectedly', 'app',
                    stdout=stdout,
                    stderr=stderr,
                )
                time.sleep(1)
                restart_server(1)
    thread = threading.Thread(target=poll_thread)
    thread.daemon = True
    thread.start()

    _watch_event.set()

    try:
        app_server.start()
    except (KeyboardInterrupt, SystemExit):
        return
    except ServerRestart:
        raise
    except:
        logger.exception('Server error occurred', 'app')
        raise
    finally:
        process_state = False
        try:
            process.kill()
        except:
            pass
Exemple #6
0
def _run_server(restart):
    global app_server

    try:
        context = subprocess.check_output(
            ['id', '-Z'],
            stderr=subprocess.PIPE,
        ).strip()
    except:
        context = 'none'

    logger.info(
        'Starting server',
        'app',
        context=context,
    )

    app_server = cheroot.wsgi.Server(
        ('localhost', settings.app.server_internal_port),
        app,
        request_queue_size=settings.app.request_queue_size,
        accepted_queue_size=settings.app.request_accepted_queue_size,
        numthreads=settings.app.request_thread_count,
        max=settings.app.request_max_thread_count,
        shutdown_timeout=3,
    )
    app_server.server_name = ''

    server_cert_path = None
    server_key_path = None
    redirect_server = 'true' if settings.app.redirect_server else 'false'
    internal_addr = 'localhost:%s' % settings.app.server_internal_port

    app.config.update(
        SESSION_COOKIE_HTTPONLY=True,
        SESSION_COOKIE_SECURE=True,
    )

    if settings.app.server_ssl:
        setup_server_cert()

        server_cert_path, server_key_path = utils.write_server_cert(
            settings.app.server_cert,
            settings.app.server_key,
            settings.app.acme_domain,
        )

    if not restart:
        settings.local.server_ready.set()
        settings.local.server_start.wait()

    process_state = True
    process = subprocess.Popen(
        ['pritunl-web'],
        stdout=subprocess.PIPE,
        stderr=subprocess.PIPE,
        env=dict(os.environ, **{
            'REVERSE_PROXY_HEADER': settings.app.reverse_proxy_header if \
                settings.app.reverse_proxy else '',
            'REDIRECT_SERVER': redirect_server,
            'BIND_HOST': settings.conf.bind_addr,
            'BIND_PORT': str(settings.app.server_port),
            'INTERNAL_ADDRESS': internal_addr,
            'CERT_PATH': server_cert_path or '',
            'KEY_PATH': server_key_path or '',
        }),
    )

    def poll_thread():
        time.sleep(0.5)
        if process.wait() and process_state:
            time.sleep(0.25)
            if not check_global_interrupt():
                stdout, stderr = process._communicate(None)
                logger.error(
                    'Web server process exited unexpectedly',
                    'app',
                    stdout=stdout,
                    stderr=stderr,
                )
                time.sleep(1)
                restart_server(1)

    thread = threading.Thread(target=poll_thread)
    thread.daemon = True
    thread.start()

    _watch_event.set()

    try:
        app_server.start()
    except (KeyboardInterrupt, SystemExit):
        return
    except ServerRestart:
        raise
    except:
        logger.exception('Server error occurred', 'app')
        raise
    finally:
        process_state = False
        try:
            process.kill()
        except:
            pass
Exemple #7
0
def _run_server(restart):
    global app_server

    logger.info('Starting server', 'app')

    app_server = CherryPyWSGIServerLogged(
        ('localhost', settings.app.server_internal_port),
        app,
        request_queue_size=settings.app.request_queue_size,
        numthreads=settings.app.request_thread_count,
        shutdown_timeout=3,
    )
    app_server.server_name = ''

    server_cert_path = None
    server_key_path = None
    redirect_server = 'true' if settings.app.redirect_server else 'false'
    internal_addr = 'localhost:' + str(settings.app.server_internal_port)

    if settings.app.server_ssl:
        setup_server_cert()

        server_cert_path, server_key_path = utils.write_server_cert(
            settings.app.server_cert,
            settings.app.server_key,
            settings.app.acme_domain,
        )

    process_state = True
    process = subprocess.Popen(
        ['pritunl-web'],
        stdout=subprocess.PIPE,
        stderr=subprocess.PIPE,
        env=dict(
            os.environ, **{
                'REDIRECT_SERVER': redirect_server,
                'BIND_HOST': settings.conf.bind_addr,
                'BIND_PORT': str(settings.app.server_port),
                'INTERNAL_ADDRESS': internal_addr,
                'CERT_PATH': server_cert_path or '',
                'KEY_PATH': server_key_path or '',
            }),
    )

    def poll_thread():
        if process.wait() and process_state and not check_global_interrupt():
            stdout, stderr = process._communicate(None)
            logger.error(
                "Web server process exited unexpectedly",
                "app",
                stdout=stdout,
                stderr=stderr,
            )
            time.sleep(1)
            restart_server(1)

    thread = threading.Thread(target=poll_thread)
    thread.daemon = True
    thread.start()

    if not restart:
        settings.local.server_ready.set()
        settings.local.server_start.wait()

    _watch_event.set()

    try:
        app_server.start()
    except (KeyboardInterrupt, SystemExit):
        return
    except ServerRestart:
        raise
    except:
        logger.exception('Server error occurred', 'app')
        raise
    finally:
        process_state = False
        try:
            process.kill()
        except:
            pass
Exemple #8
0
def _run_server(restart):
    global app_server

    logger.info("Starting server", "app")

    app_server = CherryPyWSGIServerLogged(
        ("localhost", settings.app.server_internal_port),
        app,
        request_queue_size=settings.app.request_queue_size,
        numthreads=settings.app.request_thread_count,
        shutdown_timeout=3,
    )
    app_server.server_name = ""

    server_cert_path = None
    server_key_path = None
    redirect_server = "true" if settings.app.redirect_server else "false"
    internal_addr = "localhost:%s" % settings.app.server_internal_port

    if settings.app.server_ssl:
        app.config.update(SESSION_COOKIE_SECURE=True)

        setup_server_cert()

        server_cert_path, server_key_path = utils.write_server_cert(
            settings.app.server_cert, settings.app.server_key, settings.app.acme_domain
        )

    if not restart:
        settings.local.server_ready.set()
        settings.local.server_start.wait()

    process_state = True
    process = subprocess.Popen(
        ["pritunl-web"],
        stdout=subprocess.PIPE,
        stderr=subprocess.PIPE,
        env=dict(
            os.environ,
            **{
                "REVERSE_PROXY_HEADER": settings.app.reverse_proxy_header if settings.app.reverse_proxy else "",
                "REDIRECT_SERVER": redirect_server,
                "BIND_HOST": settings.conf.bind_addr,
                "BIND_PORT": str(settings.app.server_port),
                "INTERNAL_ADDRESS": internal_addr,
                "CERT_PATH": server_cert_path or "",
                "KEY_PATH": server_key_path or "",
            }
        ),
    )

    def poll_thread():
        time.sleep(0.5)
        if process.wait() and process_state:
            time.sleep(0.25)
            if not check_global_interrupt():
                stdout, stderr = process._communicate(None)
                logger.error("Web server process exited unexpectedly", "app", stdout=stdout, stderr=stderr)
                time.sleep(1)
                restart_server(1)

    thread = threading.Thread(target=poll_thread)
    thread.daemon = True
    thread.start()

    _watch_event.set()

    try:
        app_server.start()
    except (KeyboardInterrupt, SystemExit):
        return
    except ServerRestart:
        raise
    except:
        logger.exception("Server error occurred", "app")
        raise
    finally:
        process_state = False
        try:
            process.kill()
        except:
            pass