def install_wapttasks_service(options, conf=None): if setuphelpers.service_installed('WAPTTasks'): if setuphelpers.service_is_running('WAPTTasks'): setuphelpers.service_stop('WAPTTasks') setuphelpers.service_delete('WAPTTasks') if conf is None: conf = waptserver.config.load_config(options.configfile) print("install wapttasks") service_binary = os.path.abspath( os.path.join(wapt_root_dir, 'waptpython.exe')) service_parameters = '"%s" %s' % (os.path.join( wapt_root_dir, 'waptserver', 'wapthuey.py'), 'tasks_common.huey -w 2') service_logfile = os.path.join(log_directory, 'nssm_wapttasks.log') service_dependencies = 'WAPTPostgresql' install_windows_nssm_service('WAPTTasks', service_binary, service_parameters, service_logfile, service_dependencies) tasks_db = os.path.join(wapt_root_dir, 'db') setuphelpers.run(r'icacls "%s" /grant "*S-1-5-20":(OI)(CI)(M)' % tasks_db) if setuphelpers.service_installed('WAPTTasks'): if not setuphelpers.service_is_running('WAPTTasks'): setuphelpers.service_start('WAPTTasks')
def install_wapttasks_service(options,conf=None): if setuphelpers.service_installed('WAPTTasks'): if setuphelpers.service_is_running('WAPTTasks'): setuphelpers.service_stop('WAPTTasks') setuphelpers.service_delete('WAPTTasks') if conf is None: conf = waptserver.config.load_config(options.configfile) print("install wapttasks") service_binary = os.path.abspath(os.path.join(wapt_root_dir,'waptpython.exe')) service_parameters = '"%s" %s' % (os.path.join(wapt_root_dir,'waptserver','wapthuey.py'),'waptenterprise.waptserver.wsus_tasks.huey -w 2') service_logfile = os.path.join(log_directory, 'nssm_wapttasks.log') service_dependencies = 'WAPTPostgresql' install_windows_nssm_service('WAPTTasks',service_binary,service_parameters,service_logfile,service_dependencies) tasks_db = os.path.join(wapt_root_dir,'db') setuphelpers.run(r'icacls "%s" /grant "*S-1-5-20":(OI)(CI)(M)' % tasks_db) if setuphelpers.service_installed('WAPTTasks'): if not setuphelpers.service_is_running('WAPTTasks'): setuphelpers.service_start('WAPTTasks')
def install_postgresql_service(options, conf=None): if conf is None: conf = waptserver.config.load_config(options.configfile) print("install postgres database") pgsql_root_dir = r'%s\waptserver\pgsql-9.6' % wapt_root_dir pgsql_data_dir = r'%s\waptserver\pgsql_data-9.6' % wapt_root_dir pgsql_data_dir = pgsql_data_dir.replace('\\', '/') print("build database directory") if not os.path.exists(os.path.join(pgsql_data_dir, 'postgresql.conf')): setuphelpers.mkdirs(pgsql_data_dir) # need to have specific write acls for current user otherwise initdb fails... setuphelpers.run(r'icacls "%s" /t /grant "%s":(OI)(CI)(M)' % (pgsql_data_dir, GetUserName())) setuphelpers.run(r'"%s\bin\initdb" -U postgres -E=UTF8 -D "%s"' % (pgsql_root_dir, pgsql_data_dir)) setuphelpers.run(r'icacls "%s" /t /grant "*S-1-5-20":(OI)(CI)(M)' % pgsql_data_dir) print("start postgresql database") if setuphelpers.service_installed('WaptPostgresql'): if setuphelpers.service_is_running('WaptPostgresql'): setuphelpers.service_stop('waptPostgresql') setuphelpers.service_delete('waptPostgresql') cmd = r'"%s\bin\pg_ctl" register -N WAPTPostgresql -U "nt authority\networkservice" -S auto -D "%s" ' % ( pgsql_root_dir, pgsql_data_dir) print cmd run(cmd) setuphelpers.run(r'icacls "%s" /grant "*S-1-5-20":(OI)(CI)(M)' % log_directory) setuphelpers.run(r'icacls "%s" /grant "*S-1-5-20":(OI)(CI)(M)' % pgsql_data_dir) else: print("database already instanciated, doing nothing") # try to migrate from old version (pg 9.4, wapt 1.5) old_pgsql_root_dir = r'%s\waptserver\pgsql' % wapt_root_dir old_pgsql_data_dir = r'%s\waptserver\pgsql_data' % wapt_root_dir old_pgsql_data_dir = old_pgsql_data_dir.replace('\\', '/') if os.path.isdir(old_pgsql_data_dir) and os.path.isdir(old_pgsql_root_dir): print('migrating database from previous postgresql DB') migrate_pg_db(old_pgsql_root_dir, old_pgsql_data_dir, pgsql_root_dir, pgsql_data_dir) print('starting postgresql') if not setuphelpers.service_is_running('waptpostgresql'): setuphelpers.service_start('waptpostgresql') # waiting for postgres to be ready time.sleep(2) print("creating wapt database") import psycopg2 from psycopg2.extensions import ISOLATION_LEVEL_AUTOCOMMIT conn = None cur = None try: conn = psycopg2.connect('dbname=template1 user=postgres') conn.set_isolation_level(ISOLATION_LEVEL_AUTOCOMMIT) cur = conn.cursor() cur.execute("select 1 from pg_roles where rolname='%(db_user)s'" % conf) val = cur.fetchone() if val is None: print( "%(db_user)s pgsql user does not exists, creating %(db_user)s user" % conf) cur.execute("create user %(db_user)s" % conf) cur.execute("select 1 from pg_database where datname='%(db_name)s'" % conf) val = cur.fetchone() if val is None: print( "database %(db_name)s does not exists, creating %(db_name)s db" % conf) cur.execute("create database %(db_name)s owner %(db_user)s" % conf) finally: if cur: cur.close() if conn: conn.close() print("Creating/upgrading wapt tables") run(r'"%s\waptpython.exe" "%s\waptserver\model.py" init_db -c "%s"' % (wapt_root_dir, wapt_root_dir, options.configfile)) print("Done") print('Import lcoal Packages data into database') repo = WaptLocalRepo(conf['wapt_folder']) load_db_config(conf) Packages.update_from_repo(repo)
def install_waptserver_service(options,conf=None): if setuphelpers.service_installed('WAPTServer'): if setuphelpers.service_is_running('WAPTServer'): setuphelpers.service_stop('WAPTServer') setuphelpers.service_delete('WAPTServer') if conf is None: conf = waptserver.config.load_config(options.configfile) conf_dir = os.path.join(wapt_root_dir,'conf') if not os.path.isdir(conf_dir): os.makedirs(conf_dir) run(r'icacls "%s" /t /grant "*S-1-5-20":(OI)(CI)(M)' % conf_dir) print("install waptserver") service_binary = os.path.abspath(os.path.join(wapt_root_dir,'waptpython.exe')) service_parameters = '"%s"' % os.path.join(wapt_root_dir,'waptserver','server.py') service_logfile = os.path.join(log_directory, 'nssm_waptserver.log') service_dependencies = 'WAPTPostgresql' install_windows_nssm_service('WAPTServer',service_binary,service_parameters,service_logfile,service_dependencies) tasks_db = os.path.join(wapt_root_dir,'db') mkdir_p(tasks_db) setuphelpers.run(r'icacls "%s" /grant "*S-1-5-20":(OI)(CI)(M)' % tasks_db) if not conf.get('secret_key'): conf['secret_key'] = ''.join(random.SystemRandom().choice(string.letters + string.digits) for _ in range(64)) waptserver.config.write_config_file(options.configfile,conf) if options.setpassword: conf['wapt_password'] = pbkdf2_sha256.hash(base64.b64decode(options.setpassword).encode('utf8')) waptserver.config.write_config_file(options.configfile,conf) clients_signing_certificate = conf.get('clients_signing_certificate') clients_signing_key = conf.get('clients_signing_key') if not clients_signing_certificate or not clients_signing_key: clients_signing_certificate = os.path.join(wapt_root_dir,'conf','ca-%s.crt' % fqdn()) clients_signing_key = os.path.join(wapt_root_dir,'conf','ca-%s.pem' % fqdn()) conf['clients_signing_certificate'] = clients_signing_certificate conf['clients_signing_key'] = clients_signing_key waptserver.config.write_config_file(options.configfile,conf) if clients_signing_certificate is not None and clients_signing_key is not None and not os.path.isfile(clients_signing_certificate): print('Create a certificate and key for clients certificate signing') key = SSLPrivateKey(clients_signing_key) if not os.path.isfile(clients_signing_key): print('Create SSL RSA Key %s' % clients_signing_key) key.create() key.save_as_pem() crt = key.build_sign_certificate(cn=fqdn(),is_code_signing=False,is_ca=True) print('Create X509 cert %s' % clients_signing_certificate) crt.save_as_pem(clients_signing_certificate) # ensure Packages index repo = WaptLocalRepo(conf['wapt_folder']) repo.update_packages_index() if setuphelpers.service_installed('WAPTServer'): if not setuphelpers.service_is_running('WAPTServer'): setuphelpers.service_start('WAPTServer')
def install_postgresql_service(options,conf=None): if conf is None: conf = waptserver.config.load_config(options.configfile) print ("install postgres database") pgsql_root_dir = r'%s\waptserver\pgsql-9.6' % wapt_root_dir pgsql_data_dir = r'%s\waptserver\pgsql_data-9.6' % wapt_root_dir pgsql_data_dir = pgsql_data_dir.replace('\\','/') print ("about to build database directory") if setuphelpers.service_installed('waptpostgresql') and setuphelpers.service_is_running('waptpostgresql'): print('stopping postgresql') setuphelpers.service_stop('waptpostgresql') # waiting for postgres to be ready time.sleep(2) if not os.path.exists(os.path.join(pgsql_data_dir,'postgresql.conf')): setuphelpers.mkdirs(pgsql_data_dir) # need to have specific write acls for current user otherwise initdb fails... setuphelpers.run(r'icacls "%s" /t /grant "%s":(OI)(CI)(M)' % (pgsql_data_dir,GetUserName())) setuphelpers.run(r'"%s\bin\initdb" -U postgres -E=UTF8 -D "%s"' % (pgsql_root_dir,pgsql_data_dir)) setuphelpers.run(r'icacls "%s" /t /grant "*S-1-5-20":(OI)(CI)(M)' % pgsql_data_dir) else: print("database already instanciated, doing nothing") print("start postgresql database") if setuphelpers.service_installed('WaptPostgresql'): if setuphelpers.service_is_running('WaptPostgresql'): setuphelpers.service_stop('waptPostgresql') setuphelpers.service_delete('waptPostgresql') cmd = r'"%s\bin\pg_ctl" register -N WAPTPostgresql -U "nt authority\networkservice" -S auto -D "%s" ' % (pgsql_root_dir ,pgsql_data_dir) run(cmd) setuphelpers.run(r'icacls "%s" /grant "*S-1-5-20":(OI)(CI)(M)' % log_directory) setuphelpers.run(r'icacls "%s" /grant "*S-1-5-20":(OI)(CI)(M)' % pgsql_data_dir) # try to migrate from old version (pg 9.4, wapt 1.5) old_pgsql_root_dir = r'%s\waptserver\pgsql' % wapt_root_dir old_pgsql_data_dir = r'%s\waptserver\pgsql_data' % wapt_root_dir old_pgsql_data_dir = old_pgsql_data_dir.replace('\\','/') if os.path.isdir(old_pgsql_data_dir) and os.path.isdir(old_pgsql_root_dir): print('migrating database from previous postgresql DB') migrate_pg_db(old_pgsql_root_dir,old_pgsql_data_dir,pgsql_root_dir,pgsql_data_dir) print('starting postgresql') if not setuphelpers.service_is_running('waptpostgresql'): setuphelpers.service_start('waptpostgresql') # waiting for postgres to be ready time.sleep(2) print("checking wapt database") import psycopg2 from psycopg2.extensions import ISOLATION_LEVEL_AUTOCOMMIT conn = None cur = None try: conn = psycopg2.connect('dbname=template1 user=postgres') conn.set_isolation_level(ISOLATION_LEVEL_AUTOCOMMIT) cur = conn.cursor() cur.execute("select 1 from pg_roles where rolname='%(db_user)s'" % conf) val = cur.fetchone() if val is None: print("%(db_user)s pgsql user does not exists, creating %(db_user)s user" % conf) cur.execute("create user %(db_user)s" % conf) cur.execute("select 1 from pg_database where datname='%(db_name)s'" % conf) val = cur.fetchone() if val is None: print ("database %(db_name)s does not exists, creating %(db_name)s db" % conf) cur.execute("create database %(db_name)s owner %(db_user)s" % conf) finally: if cur: cur.close() if conn: conn.close() print("Creating/upgrading wapt db tables") run(r'"%s\waptpython.exe" "%s\waptserver\model.py" init_db -c "%s"' % (wapt_root_dir, wapt_root_dir, options.configfile )) print("Done") print('Import lcoal Packages data into database') repo = WaptLocalRepo(conf['wapt_folder']) load_db_config(conf) Packages.update_from_repo(repo)
def install_waptserver_service(options,conf=None): if setuphelpers.service_installed('WAPTServer'): if setuphelpers.service_is_running('WAPTServer'): setuphelpers.service_stop('WAPTServer') setuphelpers.service_delete('WAPTServer') if conf is None: conf = waptserver.config.load_config(options.configfile) conf_dir = os.path.join(wapt_root_dir,'conf') if not os.path.isdir(conf_dir): os.makedirs(conf_dir) run(r'icacls "%s" /t /grant "*S-1-5-20":(OI)(CI)(M)' % conf_dir) if not conf.get('server_uuid'): conf['server_uuid'] = str(uuid.uuid1()) waptserver.config.write_config_file(options.configfile,conf) print("install waptserver") service_binary = os.path.abspath(os.path.join(wapt_root_dir,'waptpython.exe')) service_parameters = '"%s"' % os.path.join(wapt_root_dir,'waptserver','server.py') service_logfile = os.path.join(log_directory, 'nssm_waptserver.log') service_dependencies = 'WAPTPostgresql' install_windows_nssm_service('WAPTServer',service_binary,service_parameters,service_logfile,service_dependencies) tasks_db = os.path.join(wapt_root_dir,'db') mkdir_p(tasks_db) setuphelpers.run(r'icacls "%s" /grant "*S-1-5-20":(OI)(CI)(M)' % tasks_db) if not conf.get('secret_key'): conf['secret_key'] = ''.join(random.SystemRandom().choice(string.letters + string.digits) for _ in range(64)) waptserver.config.write_config_file(options.configfile,conf) if options.setpassword: conf['wapt_password'] = pbkdf2_sha256.hash(base64.b64decode(options.setpassword).encode('utf8')) waptserver.config.write_config_file(options.configfile,conf) clients_signing_certificate = conf.get('clients_signing_certificate') clients_signing_key = conf.get('clients_signing_key') if not clients_signing_certificate or not clients_signing_key: clients_signing_certificate = os.path.join(wapt_root_dir,'conf','ca-%s.crt' % fqdn()) clients_signing_key = os.path.join(wapt_root_dir,'conf','ca-%s.pem' % fqdn()) conf['clients_signing_certificate'] = clients_signing_certificate conf['clients_signing_key'] = clients_signing_key waptserver.config.write_config_file(options.configfile,conf) if clients_signing_certificate is not None and clients_signing_key is not None and not os.path.isfile(clients_signing_certificate): print('Create a certificate and key for clients certificate signing') key = SSLPrivateKey(clients_signing_key) if not os.path.isfile(clients_signing_key): print('Create SSL RSA Key %s' % clients_signing_key) key.create() key.save_as_pem() crt = key.build_sign_certificate(cn=fqdn(),is_code_signing=False,is_ca=True) print('Create X509 cert %s' % clients_signing_certificate) crt.save_as_pem(clients_signing_certificate) # ensure Packages index repo = WaptLocalRepo(conf['wapt_folder']) repo.update_packages_index() #Migrate file for new version waptwua wuafolder = conf['waptwua_folder'] for (root,dirs,files) in list(os.walk(wuafolder,topdown=False)): if root == os.path.join(wuafolder,'.stfolder'): continue for f in files: oldpath = os.path.join(root,f) newpath = os.path.join(wuafolder,f) if os.path.isfile(newpath): continue print('Move %s --> %s' % (oldpath,newpath)) os.rename(oldpath,newpath) for d in dirs: if d == '.stfolder': continue print('Delete folder %s' % os.path.join(root,d)) shutil.rmtree(os.path.join(root,d)) if setuphelpers.service_installed('WAPTServer'): if not setuphelpers.service_is_running('WAPTServer'): setuphelpers.service_start('WAPTServer')
def install_postgresql_service(): print("install postgres database") pgsql_root_dir = r'%s\waptserver\pgsql' % wapt_root_dir pgsql_data_dir = r'%s\waptserver\pgsql_data' % wapt_root_dir pgsql_data_dir = pgsql_data_dir.replace('\\', '/') print("build database directory") if os.path.exists(os.path.join(pgsql_data_dir, 'postgresql.conf')): print("database already instanciated, doing nothing") # TODO: check that database is fully working and up to date # TODO: add a force option return print("init pgsql data directory") pg_data_dir = os.path.join(wapt_root_dir, 'waptserver', 'pgsql_data') setuphelpers.mkdirs(pg_data_dir) # need to have specific write acls for current user otherwise initdb fails... setuphelpers.run(r'icacls "%s" /t /grant "%s":(OI)(CI)(M)' % (pg_data_dir, GetUserName())) setuphelpers.run( r'"%s\waptserver\pgsql\bin\initdb" -U postgres -E=UTF8 -D "%s\waptserver\pgsql_data"' % (wapt_root_dir, wapt_root_dir)) setuphelpers.run(r'icacls "%s" /t /grant "*S-1-5-20":(OI)(CI)(M)' % pg_data_dir) print("start postgresql database") if setuphelpers.service_installed('WaptPostgresql'): if setuphelpers.service_is_running('WaptPostgresql'): setuphelpers.service_stop('waptPostgresql') setuphelpers.service_delete('waptPostgresql') cmd = r'"%s\bin\pg_ctl" register -N WAPTPostgresql -U "nt authority\networkservice" -S auto -D "%s" ' % ( pgsql_root_dir, os.path.join(wapt_root_dir, 'waptserver', 'pgsql_data')) print cmd run(cmd) setuphelpers.run(r'icacls "%s" /grant "*S-1-5-20":(OI)(CI)(M)' % log_directory) setuphelpers.run(r'icacls "%s" /grant "*S-1-5-20":(OI)(CI)(M)' % pgsql_data_dir) print('starting postgresql') run('net start waptpostgresql') #cmd = r"%s\bin\pg_ctl.exe -D %s start" % (pgsql_root_dir, pgsql_data_dir) #devnull = open(os.devnull,'wb') #print(subprocess.Popen(cmd,shell=True)) # waiting for postgres to be ready time.sleep(1) print("creating wapt database") import psycopg2 from psycopg2.extensions import ISOLATION_LEVEL_AUTOCOMMIT conn = psycopg2.connect('dbname=template1 user=postgres') conn.set_isolation_level(ISOLATION_LEVEL_AUTOCOMMIT) cur = conn.cursor() cur.execute("select 1 from pg_roles where rolname='wapt'") val = cur.fetchone() if val != 1: print("wapt pgsql user does not exists, creating wapt user") cur.execute("create user wapt") val = cur.execute("select 1 from pg_database where datname='wapt'") if val != 1: print("database wapt does not exists, creating wapt db") cur.execute(r"create extension hstore") cur.execute("create database wapt owner wapt") cur.close() conn.close() run(r'"%s\waptpython.exe" "%s\waptserver\waptserver_model.py" init_db' % (wapt_root_dir, wapt_root_dir)) time.sleep(1) setuphelpers.service_stop('waptpostgresql')