def httpd_certs():
app_config = AppConfiguration.query.first()
server = Server.query.filter_by(primary_server=True).first()
installer = Installer(server, app_config.gluu_version, logger_tid=None)
httpd_key_io = installer.c.get_file(
os.path.join(installer.container, 'etc/certs/httpd.key'))
if httpd_key_io[0]:
httpd_key = httpd_key_io[1].read(
) #.replace('-----BEGIN RSA PRIVATE KEY-----','').replace('-----END RSA PRIVATE KEY-----','').strip()
httpd_crt_io = installer.c.get_file(
os.path.join(installer.container, 'etc/certs/httpd.crt'))
if httpd_crt_io[0]:
httpd_crt = httpd_crt_io[1].read(
) #.replace('-----BEGIN CERTIFICATE-----','').replace('-----END CERTIFICATE-----','').strip()
cert_form = httpdCertificatesForm()
cert_form.httpd_key.data = httpd_key
cert_form.httpd_crt.data = httpd_crt
return render_template('httpd_certificates.html', cert_form=cert_form)
def startup(self):
if self.local:
ldap_server = 'localhost'
else:
ldap_server = self.server
ldap_server = Server("ldaps://{}:1636".format(self.server), use_ssl=True)
self.conn = Connection(ldap_server, user="******", password=self.ldap_password)
r = self.conn.bind()
if not r:
print "Can't conect to LDAP Server"
return False
self.container = '/opt/gluu-server-{}'.format(self.gluu_version)
if not self.local:
print "NOT LOCAL?"
sys.path.append("..")
from clustermgr.core.remote import RemoteClient
self.c = RemoteClient(self.server)
self.c.startup()
else:
self.c = FakeRemote()
if os.path.exists('/etc/gluu/conf/ox-ldap.properties'):
self.container = '/'
self.c.fake_remote = True
self.installer = Installer(self.c, self.gluu_version, self.os_type)
self.appliance_inum = self.get_appliance_inum()
self.base_inum = self.get_base_inum()
return True
def app_configuration():
"""This view provides application configuration forms"""
# create forms
conf_form = AppConfigForm()
sch_form = SchemaForm()
config = AppConfiguration.query.first()
schemafiles = os.listdir(app.config['SCHEMA_DIR'])
conf_form.gluu_archive.choices = [
(f, os.path.split(f)[1]) for f in glob.glob(
os.path.join(app.config['GLUU_REPO'], 'gluu-server-*'))
]
# If the form is submitted and password for replication user was not
# not supplied, make password "**dummy**", so don't change
# what we have before
#external_lb_checked = False
external_lb_checked = conf_form.external_load_balancer.data
if request.method == 'POST':
if conf_form.gluu_version.data < '3.1.4':
conf_form.use_ldap_cache.data = False
if config and not conf_form.replication_pw.data.strip():
conf_form.replication_pw.validators = []
conf_form.replication_pw_confirm.validators = []
if conf_form.external_load_balancer.data:
conf_form.nginx_ip.validators = []
print "OFFLINE", conf_form.offline.data, conf_form.gluu_archive.data
if not conf_form.offline.data:
del conf_form._fields['gluu_archive']
if not config:
#del conf_form.replication_pw
#del conf_form.replication_pw_confirm
config = AppConfiguration()
db.session.add(config)
# If form is submitted and validated process it
if conf_form.update.data and conf_form.validate_on_submit():
if config.replication_pw:
new_replication_passwd = conf_form.replication_pw.data.strip()
if conf_form.replication_pw.data:
c = None
server = Server.query.first()
if server:
c = RemoteClient(server.hostname, ip=server.ip)
try:
c.startup()
except Exception as e:
flash(
"Can't establish SSH connection to {}. "
"Replication password is not changed".format(
server.hostname), "warning")
if c:
installer = Installer(c, config.gluu_version,
server.os)
cmd = (
'/opt/opendj/bin/ldappasswordmodify --bindDN '
'\'cn=Directory Manager\' --bindPassword $\'{}\' '
'--port 4444 --newPassword $\'{}\' --authzID '
'\'cn=admin,cn=Administrators,cn=admin data\' '
'--trustAll --useSSL'.format(
server.ldap_password.replace("'", "\\'"),
new_replication_passwd.replace("'", "\\'"),
))
result = installer.run(cmd)
if result[1].strip() == \
'The LDAP password modify operation was successful':
flash("Replication password is changed", "success")
config.replication_pw = new_replication_passwd
config.gluu_version = conf_form.gluu_version.data.strip()
config.nginx_host = conf_form.nginx_host.data.strip()
config.nginx_ip = conf_form.nginx_ip.data.strip()
config.modify_hosts = conf_form.modify_hosts.data
config.ldap_update_period = conf_form.ldap_update_period.data
config.ldap_update_period_unit = 's'
config.external_load_balancer = conf_form.external_load_balancer.data
config.use_ldap_cache = conf_form.use_ldap_cache.data
if conf_form.offline.data:
config.offline = True
config.gluu_archive = conf_form.gluu_archive.data
else:
config.offline = False
config.gluu_archive = ''
if getattr(conf_form, 'replication_pw'):
if conf_form.replication_pw_confirm.data:
config.replication_pw = conf_form.replication_pw.data.strip()
config.gluu_version = conf_form.gluu_version.data.strip()
db.session.commit()
flash(
"Gluu Cluster Manager application configuration has been "
"updated.", "success")
elif sch_form.upload.data and sch_form.validate_on_submit():
f = sch_form.schema.data
filename = secure_filename(f.filename)
if any(filename in s for s in schemafiles):
name, extension = os.path.splitext(filename)
matches = [s for s in schemafiles if name in s]
filename = name + "_" + str(len(matches)) + extension
f.save(os.path.join(app.config['SCHEMA_DIR'], filename))
schemafiles.append(filename)
flash(
"Schema: {0} has been uploaded sucessfully. "
"Please edit slapd.conf of primary server and "
"re-deploy all servers.".format(filename), "success")
# request.method == GET gets processed here
if config:
conf_form.nginx_host.data = config.nginx_host
conf_form.modify_hosts.data = config.modify_hosts
conf_form.nginx_ip.data = config.nginx_ip
conf_form.external_load_balancer.data = config.external_load_balancer
conf_form.use_ldap_cache.data = config.use_ldap_cache
conf_form.offline.data = config.offline
service_status_update_period = config.ldap_update_period
if service_status_update_period and config.ldap_update_period_unit != 's':
service_status_update_period = service_status_update_period * 60
conf_form.ldap_update_period.data = str(service_status_update_period)
#conf_form.use_ip.data = config.use_ip
if config.gluu_version:
conf_form.gluu_version.data = config.gluu_version
if not config.id:
conf_form.use_ldap_cache.data = True
#create fake remote class that provides the same interface with RemoteClient
fc = FakeRemote()
#Getermine local OS type
localos = get_os_type(fc)
app.jinja_env.globals['use_ldap_cache'] = config.use_ldap_cache
return render_template(
'app_config.html',
cform=conf_form,
sform=sch_form,
config=config,
schemafiles=schemafiles,
localos=localos,
external_lb_checked=external_lb_checked,
repo_dir=app.config['GLUU_REPO'],
next=request.args.get('next'),
)