def go(args = []):
if len(args) < 2:
msg = u"Missing parameter. Usage: uadm add ldap user|group"
l().error(msg)
send_error_report(msg)
exit(1)
else:
command = str(args[1]).lower()
if command == 'user':
new_user = args[2] if len(args) >= 3 else None
new_user = get_input_string("What is the new ldap username?", new_user)
new_user_mail = get_input_string("What is %s email?" % new_user, '%s@%s' % (new_user, CONF_MAP['UADM_LDAP_DOMAIN']))
ldaphelper.get_cred()
new_user_pass = ldaphelper.create_user(new_user, new_user_mail)
send_report(unicode(
"\nHi,\n\n"
"A new user was created:\n\n"
"username: %(username)s\n"
"password: %(password)s\n"
"\n\nUse it with care!!!"
""%
{
'username':new_user,
'password':new_user_pass,
}
),
subject_prefix='New ldap user created.')
elif command == 'group':
new_group = args[2] if len(args) >= 3 else None
new_group = get_input_string("What is the new ldap group name?", new_group)
ldaphelper.get_cred()
ldaphelper.create_group(new_group)
def go(args):
mod_conf({
"UADM_DISABLE_MAIL" : True,
})
mod_conf({
'SITE_DOC_ROOT' : "/var/www",
'SITE_VHOST_DIR' : "/etc/apache2/sites-available",
}, override=False)
admin_mail = CONF_MAP["UADM_TECH_EMAIL"]
site_name = args[1] if len(args) > 1 else HOST_INFO["hostname"]
add_www_redirect = 'n'
use_auto_mount = 'y'
create_ldap_user_group = 'Y'
ldap_username = None
ldap_useremail = None
ldap_groupname = None
create_unix_user_group = 'n'
unix_username = None
unix_groupname = None
#Ask for admin mail
admin_mail = get_input_string("What is the server admin email (yours)?", admin_mail)
#Ask for site name
site_name = get_input_string("What is the dns name of the new site?", site_name)
if not is_valid_hostname(site_name):
print "'%s' is not a valid hostname!!!" % site_name
exit(1)
#Ask for www redirect
if not site_name.startswith("www."):
add_www_redirect = get_input_choices("Do you want to redirect %s to www.%s automatically?" % (site_name, site_name), ['Y','n'])
#Ask for group name
if CONF_MAP['UADM_LDAP_AD']:
create_ldap_user_group = get_input_choices("Create a default ldap user and group for this site?", ['Y','n'])
if create_ldap_user_group == 'y':
valid = False
while not valid:
ldap_username = get_input_string("What is the new ldap username?", gen_username())
ldap_useremail = get_input_string("What is the new ldap user email?", '%s@%s' % (ldap_username, CONF_MAP['UADM_LDAP_DOMAIN']))
ldap_groupname = get_input_string("What is the new ldap group name?", site_name)
is_ugroup = unixhelper.is_unix_group(ldap_groupname)
is_uuser = unixhelper.is_unix_user(ldap_username)
if is_ugroup:
print "The unix group %s exists. Please choose another name." % ldap_groupname
if is_uuser:
print "The unix user %s exists. Please choose another name." % ldap_username
valid = not is_ugroup and not is_uuser
ldaphelper.get_cred()
create_unix_user_group = get_input_choices("Create a default unix user and group for this site?", ['y','N'])
if create_unix_user_group == 'y':
valid = False
while not valid:
unix_username = get_input_string("What is the new unix username?", gen_username())
unix_groupname = get_input_string("What is the new unix group name?", site_name)
#check for ldap collision
group_collision = unixhelper.is_notunix_group(unix_groupname) and ldap_groupname != unix_groupname
user_collision = unixhelper.is_notunix_user(unix_username) and ldap_username != unix_username
if group_collision :
print "The ldap group %s exists. Please choose another name." % unix_groupname
if user_collision:
print "The ldap user %s exists. Please choose another name." % unix_username
valid = not user_collision and not group_collision
#Ask for auto_mount
use_auto_mount = get_input_choices("Do you want use auto mount in /home/user/%s?" % site_name, ['Y','n'])
ready_to_go = """
OK, ready to go. Are those info correct?
admin_mail = %(admin_mail)s
site_name = %(site_name)s
add_www_redirect = %(add_www_redirect)s
use_auto_mount = %(use_auto_mount)s
create_ldap_user_group = %(create_ldap_user_group)s
ldap_username = %(ldap_username)s
ldap_useremail = %(ldap_useremail)s
ldap_groupname = %(ldap_groupname)s
create_unix_user_group = %(create_unix_user_group)s
unix_username = %(unix_username)s
unix_groupname = %(unix_groupname)s
>>>""" % {
"admin_mail": admin_mail,
"site_name" : site_name,
"add_www_redirect" : add_www_redirect,
"use_auto_mount" : use_auto_mount,
"create_ldap_user_group" : create_ldap_user_group,
"create_unix_user_group" : create_unix_user_group,
"ldap_username" : ldap_username,
"ldap_useremail" : ldap_useremail,
"ldap_groupname" : ldap_groupname,
"unix_username" : unix_username,
"unix_groupname" : unix_groupname,
}
ready = get_input_choices(ready_to_go, ['Y','n'])
if ready == 'y':
try:
if create_ldap_user_group == 'y':
if len(ldaphelper.search_entities("cn="+ldap_groupname)) == 0:
ldaphelper.create_group(ldap_groupname)
if len(ldaphelper.search_entities("cn="+ldap_username)) == 0:
userpass = ldaphelper.create_user(ldap_username, ldap_useremail)
print userpass
if not ldaphelper.is_member_of(ldap_username, ldap_groupname):
ldaphelper.user_to_group(ldap_username, ldap_groupname)
if create_unix_user_group == 'y':
if not unixhelper.group_exists(unix_groupname):
unixhelper.create_group(unix_groupname)
if not unixhelper.user_exists(unix_username):
userpass = unixhelper.create_user(unix_username)
print userpass
if not unixhelper.is_member_of(unix_username, unix_groupname):
unixhelper.user_to_group(unix_username, unix_groupname)
vhost, logrotate, index, site_url = build_vhost(admin_mail, site_name, add_www_redirect)
#Prep documentroot directory with ACLs
root_dir = "%s/%s" % (CONF_MAP['SITE_DOC_ROOT'], site_url)
cmd_list = [
'mkdir -p %s/logs' % root_dir,
'chown -R www-data:www-data %s' % root_dir,
'setfacl -R -m g:%s:rwx %s' % (unix_groupname, root_dir),
'setfacl -R -d -m g:%s:rwx %s' % (unix_groupname, root_dir),
]
if create_ldap_user_group == 'y':
cmd_list.append('setfacl -R -m g:%s:rwx %s' % (ldap_groupname, root_dir))
cmd_list.append('setfacl -R -d -m g:%s:rwx %s' % (ldap_groupname, root_dir))
if create_unix_user_group == 'y':
cmd_list.append('setfacl -R -m g:%s:rwx %s' % (unix_groupname, root_dir))
cmd_list.append('setfacl -R -d -m g:%s:rwx %s' % (unix_groupname, root_dir))
completed, ret_map = exec_cmd_list(cmd_list)
if not completed:
raise Exception("Error in ACL setup.")
#Create index
fname = "%s/index.html" % root_dir
create_file(fname, index)
#Create VirtualHost
fname = "%s/%s" % (CONF_MAP['SITE_VHOST_DIR'], site_url)
create_file(fname, vhost)
#Create Logrotate
fname = "%s/%s" % (CONF_MAP['UADM_LOGROTATE_DIR'], site_url)
create_file(fname, logrotate)
cmd_list = [
str('a2ensite %s' % site_url),
str('apache2ctl graceful'),
]
completed, ret_map = exec_cmd_list(cmd_list)
if not completed:
raise Exception("Error restarting apache!!!")
if use_auto_mount == 'y':
cmd_list = [
str('mkdir -p %s' % CONF_MAP['SITE_AUTO_MOUNT_DIR']),
]
completed, ret_map = exec_cmd_list(cmd_list)
if not completed:
exit(1)
auto_mount_template = Template(open(get_rel_path("auto_mount_template.py")).read())
auto_mount = auto_mount_template.safe_substitute(
template_site_name=site_name,
template_group_name=www_root_sec_group,
)
fname = "%s/%s" % (CONF_MAP['site_AUTO_MOUNT_DIR'], site_url.replace(".","_"))
create_file(fname, auto_mount)
cmd_list = [
str('chmod +x %s' % fname),
]
completed, ret_map = exec_cmd_list(cmd_list)
if not completed:
raise Exception("Error with chmod for automount.")
except Exception as err:
l().exception("Exception of fire! %s" % err)