def app_configuration(): """This view provides application configuration forms""" # create forms conf_form = AppConfigForm() sch_form = SchemaForm() config = AppConfiguration.query.first() schemafiles = os.listdir(app.config['SCHEMA_DIR']) conf_form.gluu_archive.choices = [ (f, os.path.split(f)[1]) for f in glob.glob( os.path.join(app.config['GLUU_REPO'], 'gluu-server-*')) ] # If the form is submitted and password for replication user was not # not supplied, make password "**dummy**", so don't change # what we have before #external_lb_checked = False external_lb_checked = conf_form.external_load_balancer.data if request.method == 'POST': if conf_form.gluu_version.data < '3.1.4': conf_form.use_ldap_cache.data = False if config and not conf_form.replication_pw.data.strip(): conf_form.replication_pw.validators = [] conf_form.replication_pw_confirm.validators = [] if conf_form.external_load_balancer.data: conf_form.nginx_ip.validators = [] print "OFFLINE", conf_form.offline.data, conf_form.gluu_archive.data if not conf_form.offline.data: del conf_form._fields['gluu_archive'] if not config: #del conf_form.replication_pw #del conf_form.replication_pw_confirm config = AppConfiguration() db.session.add(config) # If form is submitted and validated process it if conf_form.update.data and conf_form.validate_on_submit(): if config.replication_pw: new_replication_passwd = conf_form.replication_pw.data.strip() if conf_form.replication_pw.data: c = None server = Server.query.first() if server: c = RemoteClient(server.hostname, ip=server.ip) try: c.startup() except Exception as e: flash( "Can't establish SSH connection to {}. " "Replication password is not changed".format( server.hostname), "warning") if c: installer = Installer(c, config.gluu_version, server.os) cmd = ( '/opt/opendj/bin/ldappasswordmodify --bindDN ' '\'cn=Directory Manager\' --bindPassword $\'{}\' ' '--port 4444 --newPassword $\'{}\' --authzID ' '\'cn=admin,cn=Administrators,cn=admin data\' ' '--trustAll --useSSL'.format( server.ldap_password.replace("'", "\\'"), new_replication_passwd.replace("'", "\\'"), )) result = installer.run(cmd) if result[1].strip() == \ 'The LDAP password modify operation was successful': flash("Replication password is changed", "success") config.replication_pw = new_replication_passwd config.gluu_version = conf_form.gluu_version.data.strip() config.nginx_host = conf_form.nginx_host.data.strip() config.nginx_ip = conf_form.nginx_ip.data.strip() config.modify_hosts = conf_form.modify_hosts.data config.ldap_update_period = conf_form.ldap_update_period.data config.ldap_update_period_unit = 's' config.external_load_balancer = conf_form.external_load_balancer.data config.use_ldap_cache = conf_form.use_ldap_cache.data if conf_form.offline.data: config.offline = True config.gluu_archive = conf_form.gluu_archive.data else: config.offline = False config.gluu_archive = '' if getattr(conf_form, 'replication_pw'): if conf_form.replication_pw_confirm.data: config.replication_pw = conf_form.replication_pw.data.strip() config.gluu_version = conf_form.gluu_version.data.strip() db.session.commit() flash( "Gluu Cluster Manager application configuration has been " "updated.", "success") elif sch_form.upload.data and sch_form.validate_on_submit(): f = sch_form.schema.data filename = secure_filename(f.filename) if any(filename in s for s in schemafiles): name, extension = os.path.splitext(filename) matches = [s for s in schemafiles if name in s] filename = name + "_" + str(len(matches)) + extension f.save(os.path.join(app.config['SCHEMA_DIR'], filename)) schemafiles.append(filename) flash( "Schema: {0} has been uploaded sucessfully. " "Please edit slapd.conf of primary server and " "re-deploy all servers.".format(filename), "success") # request.method == GET gets processed here if config: conf_form.nginx_host.data = config.nginx_host conf_form.modify_hosts.data = config.modify_hosts conf_form.nginx_ip.data = config.nginx_ip conf_form.external_load_balancer.data = config.external_load_balancer conf_form.use_ldap_cache.data = config.use_ldap_cache conf_form.offline.data = config.offline service_status_update_period = config.ldap_update_period if service_status_update_period and config.ldap_update_period_unit != 's': service_status_update_period = service_status_update_period * 60 conf_form.ldap_update_period.data = str(service_status_update_period) #conf_form.use_ip.data = config.use_ip if config.gluu_version: conf_form.gluu_version.data = config.gluu_version if not config.id: conf_form.use_ldap_cache.data = True #create fake remote class that provides the same interface with RemoteClient fc = FakeRemote() #Getermine local OS type localos = get_os_type(fc) app.jinja_env.globals['use_ldap_cache'] = config.use_ldap_cache return render_template( 'app_config.html', cform=conf_form, sform=sch_form, config=config, schemafiles=schemafiles, localos=localos, external_lb_checked=external_lb_checked, repo_dir=app.config['GLUU_REPO'], next=request.args.get('next'), )
def step1(): pserver = Server.query.filter_by(primary_server=True).first() if pserver and request.args.get('pass_set') != 'true': flash("Oops this service is not for you.", 'warning') return redirect(url_for('index.home')) wform = WizardStep1() if request.method == 'POST': if wform.validate_on_submit(): replication_pw = uuid.uuid4().hex app_conf = AppConfiguration() app_conf.nginx_host = wform.new_hostname.data.strip() app_conf.replication_pw = replication_pw app_conf.nginx_ip = wform.nginx_ip.data.strip() app_conf.modify_hosts = True db.session.add(app_conf) server = Server() server.ip = wform.ip.data.strip() server.hostname = wform.current_hostname.data.strip() server.primary_server = True db.session.add(app_conf) db.session.add(server) db.session.commit() if request.method == 'POST' or request.args.get('pass_set') == 'true': servers = Server.query.all() ask_passphrase = False c = RemoteClient(servers[0].ip, servers[0].hostname) try: c.startup() except ClientNotSetupException as e: if str(e) == 'Pubkey is encrypted.': ask_passphrase = True flash( "Pubkey seems to password protected. " "Please set passphrase.", 'warning') elif str(e) == 'Could not deserialize key data.': ask_passphrase = True flash( "Password your provided for pubkey did not work. " "Please set valid passphrase.", 'warning') else: flash( "SSH connection to {} failed. Please check if your pub key is " "added to /root/.ssh/authorized_keys on this server. Reason: {}" .format(servers[0].hostname, e), 'error') return render_template( 'index_passphrase.html', e=e, ask_passphrase=ask_passphrase, next=url_for('wizard.step1', pass_set='true'), warning_text="Error accessing Stand Allone Server") task = wizard_step1.delay() print "TASK STARTED", task.id servers = Server.query.all() return render_template('wizard/wizard_logger.html', step=1, task_id=task.id, servers=servers) return render_template('wizard/step1.html', wform=wform)