def authenticate_dbx(flog=None, config_db=None, rt_status_db=None): flog.debug(inspect.stack()[0][3] + ": authenticatie met dropbox start.") _id, access_token_crypted, _label = config_db.strget(47, flog) flog.debug(inspect.stack()[0][3] + ": access_token(encrypted) = " + access_token_crypted) access_token = crypto3.p1Decrypt(access_token_crypted, CRYPT_KEY_ACCESS) flog.debug(inspect.stack()[0][3] + ": decrypted key = " + str(access_token)) _id, refresh_token_crypted, _label = config_db.strget(170, flog) flog.debug(inspect.stack()[0][3] + ": refresh_token(encrypted) = " + refresh_token_crypted) refresh_token = crypto3.p1Decrypt(refresh_token_crypted, CRYPT_KEY_REFRESH) flog.debug(inspect.stack()[0][3] + ": decrypted refresh_token = " + str(refresh_token)) try: dbx = dropbox.Dropbox(oauth2_access_token=access_token, oauth2_refresh_token=refresh_token, app_key=APP_KEY, app_secret=APP_SECRET) dbx.users_get_current_account() rt_status_db.timestamp(59, flog) # dropbox succes timestamp flog.debug(inspect.stack()[0][3] + ": authenticatie met dropbox succesvol.") except Exception as e: rt_status_db.strset('authenticatie gefaald', 62, flog) flog.critical(inspect.stack()[0][3] + ": authenticatie gefaald melding:" + str(e.args[0])) dbx = None return dbx
def copy_and_crypto_file(mode='e', source_pathfile=None, destination_pathfile=None, flog=None, cryptoseed=None): try: with open(source_pathfile, 'r') as w_file: data = w_file.read() #flog.debug ( "source data " + str(data) ) if mode == 'encrypt': result = crypto3.p1Encrypt(str(data), cryptoseed) elif mode == 'decrypt': result = crypto3.p1Decrypt(str(data), cryptoseed) else: raise Exception( " geen goed crypto mode opgegeven, valide opties (encrypt of decrypt)." ) #flog.debug ( "destination data " + str( result ) ) destination = destination_pathfile fp = open(destination, "w") fp.write(result) fp.close() flog.debug("bestand " + source_pathfile + " versleuteld en gekopieerd naar " + destination) except Exception as e: raise Exception(str(e))
def Main(argv): parser = argparse.ArgumentParser( description="encrypte of decrypte input string") parser.add_argument('-e', '--enc', required=False) parser.add_argument('-d', '--dec', required=False) parser.add_argument('-s', '--seed', required=False) parser.add_argument('-t', '--test', required=False, action="store_true") # flag only args = parser.parse_args() enc = args.enc # encode the input string dec = args.dec # decode the base64 input to a string seed = args.seed # seed the internal key with a identifier to prevent plaintext attack. if args.test == True: crypto3.testP1CryptoSuite() sys.exit(0) try: if enc != None: if seed != None: result = crypto3.p1Encrypt(enc, seed) else: result = crypto3.p1Encrypt(enc) print(result) flog.debug(inspect.stack()[0][3] + ": encoding result: " + str(result)) if dec != None: if seed != None: result = crypto3.p1Decrypt(dec, seed) else: result = crypto3.p1Decrypt(dec) print(result) flog.debug(inspect.stack()[0][3] + ": encoding result: " + str(result)) except Exception as e: flog.error(inspect.stack()[0][3] + ": gestopt." + str(e))
def getUrlParameters(): # get config values api_key = 0 api_id = 0 r = True try: sqlstr = "select id, parameter from "+const.DB_CONFIG_TAB+" where id=13 or id=25 order by id asc" sqlstr=" ".join(sqlstr.split()) flog.debug(inspect.stack()[0][3]+": sql(1)="+sqlstr) config=config_db.select_rec(sqlstr) flog.debug(inspect.stack()[0][3]+": waarde config record"+str(config)) api_key = config[0][1] api_id = config[1][1] except Exception as e: flog.error(inspect.stack()[0][3]+": sql error(1)"+str(e)) r = False #decode api_key try: decoded_api_key = base64.standard_b64decode(crypto3.p1Decrypt(api_key,'weatherapikey')).decode('utf-8') except Exception as e: flog.error(inspect.stack()[0][3]+": api decodering gefaald. coded password="******" Gestopt. melding:" + str(e.args[0]) ) r = False flog.info("Password decryptie ok.") flog.debug("Decoded api key = " + api_key ) """ flog.debug(inspect.stack()[0][3]+": decoded api key "+decoded_api_key) if all(c in string.printable for c in decoded_api_key) == False: flog.error(inspect.stack()[0][3]+": password decodering gefaald. Decode_api_key="+decoded_api_key) r = False else: flog.info("Password decryptie ok.") """ return r, api_id, decoded_api_key
def setConfigFromDb(): global mqtt_para, mqtt_topics_smartmeter, mqtt_topics_watermeter, mqtt_topics_weather, mqtt_topics_indoor_temperature, mqtt_topics_phase, mqtt_topics_powerproduction try: _id, parameter, _label = config_db.strget(105, flog) if parameter == None: parameter = '' mqtt_para['clientname'] = str(parameter).replace(" ", "") _id, parameter, _label = config_db.strget(106, flog) if parameter == None: parameter = '' mqtt_para['topicprefix'] = str(parameter).replace( " ", "") # no whitespace in topic if len(mqtt_para['topicprefix']) < 1: mqtt_para[ 'topicprefix'] = 'p1monitor' # topic may not start with a / this would happen with an empty topicprefix _id, parameter, _label = config_db.strget(107, flog) mqtt_para['brokeruser'] = str(parameter) _id, parameter, _label = config_db.strget(108, flog) if len(parameter) > 0: decoded_password = str( base64.standard_b64decode( crypto3.p1Decrypt(parameter, 'mqttclpw')).decode('utf-8')) flog.debug(inspect.stack()[0][3] + " encoded password="******" decoded password="******" ", "") # no whitespace in hostname or IP _id, parameter, _label = config_db.strget(110, flog) mqtt_para['brokerport'] = int( (parameter).replace(" ", "")) # no whitespace in port number _id, parameter, _label = config_db.strget(111, flog) mqtt_para['brokerkeepalive'] = int( (parameter).replace(" ", "")) # no whitespace keep alive seconds. _id, parameter, _label = config_db.strget(112, flog) mqtt_para['protocol'] = int( (parameter).replace(" ", "")) # no whitespace number of version mqtt_para['protocol'] = 4 _id, parameter, _label = config_db.strget(113, flog) mqtt_para['qosglobal'] = int( (parameter).replace(" ", "")) # no whitespace QoS number flog.debug(inspect.stack()[0][3] + ": mqtt_para = " + str(mqtt_para)) except Exception as e: flog.warning(inspect.stack()[0][3] + ": DB configuratie heeft een probeem -> " + str(e.args[0])) # update the topics mqtt_topics_smartmeter = { 0: mqtt_para['topicprefix'] + '/' + os.path.basename(apiconst.ROUTE_SMARTMETER) + '/' + apiconst.JSON_TS_LCL.lower(), 1: mqtt_para['topicprefix'] + '/' + os.path.basename(apiconst.ROUTE_SMARTMETER) + '/' + apiconst.JSON_TS_LCL_UTC.lower(), 2: mqtt_para['topicprefix'] + '/' + os.path.basename(apiconst.ROUTE_SMARTMETER) + '/' + apiconst.JSON_API_CNSMPTN_GAS_M3.lower(), 3: mqtt_para['topicprefix'] + '/' + os.path.basename(apiconst.ROUTE_SMARTMETER) + '/' + apiconst.JSON_API_CNSMPTN_KWH_H.lower(), 4: mqtt_para['topicprefix'] + '/' + os.path.basename(apiconst.ROUTE_SMARTMETER) + '/' + apiconst.JSON_API_CNSMPTN_KWH_L.lower(), 5: mqtt_para['topicprefix'] + '/' + os.path.basename(apiconst.ROUTE_SMARTMETER) + '/' + apiconst.JSON_API_CNSMPTN_KW.lower(), 6: mqtt_para['topicprefix'] + '/' + os.path.basename(apiconst.ROUTE_SMARTMETER) + '/' + apiconst.JSON_API_PRDCTN_KWH_H.lower(), 7: mqtt_para['topicprefix'] + '/' + os.path.basename(apiconst.ROUTE_SMARTMETER) + '/' + apiconst.JSON_API_PRDCTN_KWH_L.lower(), 8: mqtt_para['topicprefix'] + '/' + os.path.basename(apiconst.ROUTE_SMARTMETER) + '/' + apiconst.JSON_API_PRDCTN_KW.lower(), 9: mqtt_para['topicprefix'] + '/' + os.path.basename(apiconst.ROUTE_SMARTMETER) + '/' + apiconst.JSON_API_TRFCD.lower(), 10: mqtt_para['topicprefix'] + '/' + os.path.basename(apiconst.ROUTE_SMARTMETER) + '/' + apiconst.JSON_API_REC_PRCSSD.lower(), } mqtt_topics_watermeter = { 0: mqtt_para['topicprefix'] + '/' + apiconst.BASE_WATERMETER + '/minute'.lower() + '/' + apiconst.JSON_TS_LCL.lower(), 1: mqtt_para['topicprefix'] + '/' + apiconst.BASE_WATERMETER + '/minute'.lower() + '/' + apiconst.JSON_TS_LCL_UTC.lower(), 2: mqtt_para['topicprefix'] + '/' + apiconst.BASE_WATERMETER + '/minute'.lower() + '/' + apiconst.JSON_API_WM_PULS_CNT.lower(), 3: mqtt_para['topicprefix'] + '/' + apiconst.BASE_WATERMETER + '/minute'.lower() + '/' + apiconst.JSON_API_WM_CNSMPTN_LTR.lower(), 4: mqtt_para['topicprefix'] + '/' + apiconst.BASE_WATERMETER + '/minute'.lower() + '/' + apiconst.JSON_API_WM_CNSMPTN_LTR_M3.lower() } mqtt_topics_weather = { 0: mqtt_para['topicprefix'] + '/' + os.path.basename(apiconst.ROUTE_WEATHER_CURRENT) + '/' + apiconst.JSON_TS_LCL.lower(), 1: mqtt_para['topicprefix'] + '/' + os.path.basename(apiconst.ROUTE_WEATHER_CURRENT) + '/' + apiconst.JSON_TS_LCL_UTC.lower(), 2: mqtt_para['topicprefix'] + '/' + os.path.basename(apiconst.ROUTE_WEATHER_CURRENT) + '/' + apiconst.JSON_API_CTY_ID.lower(), 3: mqtt_para['topicprefix'] + '/' + os.path.basename(apiconst.ROUTE_WEATHER_CURRENT) + '/' + apiconst.JSON_API_CTY_NM.lower(), 4: mqtt_para['topicprefix'] + '/' + os.path.basename(apiconst.ROUTE_WEATHER_CURRENT) + '/' + apiconst.JSON_API_WTHR_TMPRTR.lower(), 5: mqtt_para['topicprefix'] + '/' + os.path.basename(apiconst.ROUTE_WEATHER_CURRENT) + '/' + apiconst.JSON_API_WTHR_DSCRPTN.lower(), 6: mqtt_para['topicprefix'] + '/' + os.path.basename(apiconst.ROUTE_WEATHER_CURRENT) + '/' + apiconst.JSON_API_WTHR_ICON.lower(), 7: mqtt_para['topicprefix'] + '/' + os.path.basename(apiconst.ROUTE_WEATHER_CURRENT) + '/' + apiconst.JSON_API_WTHR_PRSSR.lower(), 8: mqtt_para['topicprefix'] + '/' + os.path.basename(apiconst.ROUTE_WEATHER_CURRENT) + '/' + apiconst.JSON_API_WTHR_HMDTY.lower(), 9: mqtt_para['topicprefix'] + '/' + os.path.basename(apiconst.ROUTE_WEATHER_CURRENT) + '/' + apiconst.JSON_API_WTHR_WND_SPD.lower(), 10: mqtt_para['topicprefix'] + '/' + os.path.basename(apiconst.ROUTE_WEATHER_CURRENT) + '/' + apiconst.JSON_API_WTHR_WND_DGRS.lower(), 11: mqtt_para['topicprefix'] + '/' + os.path.basename(apiconst.ROUTE_WEATHER_CURRENT) + '/' + apiconst.JSON_API_WTHR_CLDS.lower(), 12: mqtt_para['topicprefix'] + '/' + os.path.basename(apiconst.ROUTE_WEATHER_CURRENT) + '/' + apiconst.JSON_API_WTHR_WEATHER_ID.lower(), } mqtt_topics_indoor_temperature = { 0: mqtt_para['topicprefix'] + '/' + apiconst.BASE_INDOOR + '/' + apiconst.JSON_TS_LCL.lower(), 1: mqtt_para['topicprefix'] + '/' + apiconst.BASE_INDOOR + '/' + apiconst.JSON_TS_LCL_UTC.lower(), 2: mqtt_para['topicprefix'] + '/' + apiconst.BASE_INDOOR + '/' + apiconst.JSON_API_RM_TMPRTR_IN_L.lower(), 3: mqtt_para['topicprefix'] + '/' + apiconst.BASE_INDOOR + '/' + apiconst.JSON_API_RM_TMPRTR_IN_A.lower(), 4: mqtt_para['topicprefix'] + '/' + apiconst.BASE_INDOOR + '/' + apiconst.JSON_API_RM_TMPRTR_IN_H.lower(), 5: mqtt_para['topicprefix'] + '/' + apiconst.BASE_INDOOR + '/' + apiconst.JSON_API_RM_TMPRTR_OUT_L.lower(), 6: mqtt_para['topicprefix'] + '/' + apiconst.BASE_INDOOR + '/' + apiconst.JSON_API_RM_TMPRTR_OUT_A.lower(), 7: mqtt_para['topicprefix'] + '/' + apiconst.BASE_INDOOR + '/' + apiconst.JSON_API_RM_TMPRTR_OUT_H.lower(), } mqtt_topics_phase = { 0: mqtt_para['topicprefix'] + '/' + os.path.basename(apiconst.ROUTE_PHASE) + '/' + apiconst.JSON_TS_LCL.lower(), 1: mqtt_para['topicprefix'] + '/' + os.path.basename(apiconst.ROUTE_PHASE) + '/' + apiconst.JSON_TS_LCL_UTC.lower(), 2: mqtt_para['topicprefix'] + '/' + os.path.basename(apiconst.ROUTE_PHASE) + '/' + apiconst.JSON_API_PHS_CNSMPTN_L1_W.lower(), 3: mqtt_para['topicprefix'] + '/' + os.path.basename(apiconst.ROUTE_PHASE) + '/' + apiconst.JSON_API_PHS_CNSMPTN_L2_W.lower(), 4: mqtt_para['topicprefix'] + '/' + os.path.basename(apiconst.ROUTE_PHASE) + '/' + apiconst.JSON_API_PHS_CNSMPTN_L3_W.lower(), 5: mqtt_para['topicprefix'] + '/' + os.path.basename(apiconst.ROUTE_PHASE) + '/' + apiconst.JSON_API_PHS_PRDCTN_L1_W.lower(), 6: mqtt_para['topicprefix'] + '/' + os.path.basename(apiconst.ROUTE_PHASE) + '/' + apiconst.JSON_API_PHS_PRDCTN_L2_W.lower(), 7: mqtt_para['topicprefix'] + '/' + os.path.basename(apiconst.ROUTE_PHASE) + '/' + apiconst.JSON_API_PHS_PRDCTN_L3_W.lower(), 8: mqtt_para['topicprefix'] + '/' + os.path.basename(apiconst.ROUTE_PHASE) + '/' + apiconst.JSON_API_PHS_L1_V.lower(), 9: mqtt_para['topicprefix'] + '/' + os.path.basename(apiconst.ROUTE_PHASE) + '/' + apiconst.JSON_API_PHS_L2_V.lower(), 10: mqtt_para['topicprefix'] + '/' + os.path.basename(apiconst.ROUTE_PHASE) + '/' + apiconst.JSON_API_PHS_L3_V.lower(), 11: mqtt_para['topicprefix'] + '/' + os.path.basename( apiconst.ROUTE_PHASE) + '/' + apiconst.JSON_API_PHS_L1_A.lower(), 12: mqtt_para['topicprefix'] + '/' + os.path.basename( apiconst.ROUTE_PHASE) + '/' + apiconst.JSON_API_PHS_L2_A.lower(), 13: mqtt_para['topicprefix'] + '/' + os.path.basename( apiconst.ROUTE_PHASE) + '/' + apiconst.JSON_API_PHS_L3_A.lower(), } mqtt_topics_powerproduction = { 0: mqtt_para['topicprefix'] + '/' + apiconst.BASE_POWERPRODUCTION_S0 + '/minute'.lower() + '/' + apiconst.JSON_TS_LCL.lower(), 1: mqtt_para['topicprefix'] + '/' + apiconst.BASE_POWERPRODUCTION_S0 + '/minute'.lower() + '/' + apiconst.JSON_TS_LCL_UTC.lower(), 2: mqtt_para['topicprefix'] + '/' + apiconst.BASE_POWERPRODUCTION_S0 + '/minute'.lower() + '/' + apiconst.JSON_API_PROD_KWH_H.lower(), 3: mqtt_para['topicprefix'] + '/' + apiconst.BASE_POWERPRODUCTION_S0 + '/minute'.lower() + '/' + apiconst.JSON_API_PROD_KWH_L.lower(), 4: mqtt_para['topicprefix'] + '/' + apiconst.BASE_POWERPRODUCTION_S0 + '/minute'.lower() + '/' + apiconst.JSON_API_PROD_PULS_CNT_H.lower(), 5: mqtt_para['topicprefix'] + '/' + apiconst.BASE_POWERPRODUCTION_S0 + '/minute'.lower() + '/' + apiconst.JSON_API_PROD_PULS_CNT_L.lower(), 6: mqtt_para['topicprefix'] + '/' + apiconst.BASE_POWERPRODUCTION_S0 + '/minute'.lower() + '/' + apiconst.JSON_API_PROD_KWH_TOTAL_H.lower(), 7: mqtt_para['topicprefix'] + '/' + apiconst.BASE_POWERPRODUCTION_S0 + '/minute'.lower() + '/' + apiconst.JSON_API_PROD_KWH_TOTAL_L.lower(), 8: mqtt_para['topicprefix'] + '/' + apiconst.BASE_POWERPRODUCTION_S0 + '/minute'.lower() + '/' + apiconst.JSON_API_PROD_KWH_TOTAL.lower(), 9: mqtt_para['topicprefix'] + '/' + apiconst.BASE_POWERPRODUCTION_S0 + '/minute'.lower() + '/' + apiconst.JSON_API_PROD_W_PSEUDO.lower(), }
def Main(argv): flog.info("Start van programma.") global smtp_para # open van status database try: rt_status_db.init(const.FILE_DB_STATUS, const.DB_STATUS_TAB) except Exception as e: flog.critical(inspect.stack()[0][3] + ": Database niet te openen(1)." + const.FILE_DB_STATUS + ") melding:" + str(e.args[0])) sys.exit(1) flog.debug(inspect.stack()[0][3] + ": database tabel " + const.DB_STATUS_TAB + " succesvol geopend.") # open van config database try: config_db.init(const.FILE_DB_CONFIG, const.DB_CONFIG_TAB) except Exception as e: flog.critical(inspect.stack()[0][3] + ": database niet te openen(2)." + const.FILE_DB_CONFIG + ") melding:" + str(e.args[0])) sys.exit(1) flog.debug(inspect.stack()[0][3] + ": database tabel " + const.DB_CONFIG_TAB + " succesvol geopend.") # update field from database, the cli switches overwrite the DB values! _id, smtp_para['mailuser'], _label = config_db.strget(63, flog) _id, smtp_para['mailuserpassword'], _label = config_db.strget(64, flog) _id, smtp_para['mailserver'], _label = config_db.strget(65, flog) _id, smtp_para['mailserverport_ssl'], _label = config_db.strget(66, flog) _id, smtp_para['mailserverport_starttls'], _label = config_db.strget( 67, flog) _id, smtp_para['mailserverport_plaintext'], _label = config_db.strget( 68, flog) _id, smtp_para['subject'], _label = config_db.strget(69, flog) _id, to, _label = config_db.strget(70, flog) smtp_para['to'] = to.split() _id, cc, _label = config_db.strget(74, flog) smtp_para['cc'] = cc.split() _id, bcc, _label = config_db.strget(75, flog) smtp_para['bcc'] = bcc.split() _id, smtp_para['fromalias'], _label = config_db.strget(71, flog) _id, smtp_para['timeout'], _label = config_db.strget(72, flog) flog.debug(inspect.stack()[0][3] + ": parameters uit de DB:" + str(smtp_para)) parser = argparse.ArgumentParser(description="smtp....") # DB ID parser.add_argument('-u', '--mailuser', required=False) #63 parser.add_argument('-pw', '--mailuserpassword', required=False) #64 parser.add_argument('-srv', '--mailserver', required=False) #65 parser.add_argument('-pssl', '--mailserverport_ssl', required=False) #66 parser.add_argument('-pstls', '--mailserverport_starttls', required=False) #67 parser.add_argument('-pplain', '--mailserverport_plaintext', required=False) #68 parser.add_argument('-subject', '--subject', required=False) #69 parser.add_argument('-to', '--to', action='append', required=False) #70 parser.add_argument('-cc', '--cc', action='append', required=False) #74 parser.add_argument('-bcc', '--bcc', action='append', required=False) #75 parser.add_argument('-from', '--fromalias', required=False) #71 parser.add_argument('-msgtext', '--messagetext', required=False) #NONE parser.add_argument('-msghtml', '--messagehtml', required=False) #NONE parser.add_argument('-time', '--timeout', required=False) #72 parser.add_argument('-a', '--attachment', action='append', required=False) #NONE parser.add_argument('-test', '--testmail', action='store_true', required=False) #NONE args = parser.parse_args() # send a test mail with default value if args.testmail != None: smtp_para['messagetext'] = "Dit is een test mail van de P1 monitor en mag genegeert worden. De mail is op " + makeLocalTimeString() + " verzonden." + \ "\n\n" + getQuote() + "\n\nBezoek https://www.ztatz.nl voor meer informatie over de P1 monitor." smtp_para[ 'subject'] = "P1 monitor test email van " + makeLocalTimeString( ) + "." if args.mailuser != None: smtp_para['mailuser'] = args.mailuser if args.mailuserpassword != None: smtp_para['mailuserpassword'] = args.mailuserpassword else: #decode password try: smtp_para['mailuserpassword'] = base64.standard_b64decode( crypto3.p1Decrypt(smtp_para['mailuserpassword'], 'mailpw')).decode('utf-8') except Exception as e: flog.error(inspect.stack()[0][3]+": password decodering gefaald. Decoded password="******" Gestopt. melding:" + str(e.args[0]) ) sys.exit(16) flog.info("Password decryptie ok.") flog.debug("Decoded password = "******"P1 monitor version " + const.P1_VERSIE if args.messagehtml != None: smtp_para['messagehtml'] = args.messagehtml if args.messagetext != None: smtp_para['messagetext'] = args.messagetext if args.timeout != None: smtp_para['timeout'] = int(args.timeout) if args.attachment != None: #print ( args.attachment ) for a in args.attachment: smtp_para['attachments'].append(a) flog.debug(inspect.stack()[0][3] + ": parameters na CLI parsing:" + str(smtp_para)) #check if at least one reciever is given. cnt_valid_senders = 0 for x in [smtp_para['to'], smtp_para['cc'], smtp_para['bcc']]: if len(x) > 0: cnt_valid_senders += 1 if cnt_valid_senders == 0: flog.critical(inspect.stack()[0][3] + ": geen TO,CC of BCC ontvangers opgegeven.") sys.exit(1) # 1 Start an SMTP connection that is secured from the beginning using SMTP_SSL(). # 2 Start an unsecured SMTP connection that can then be encrypted using .starttls() # 3 Fallback to unsecure plaintext email. if sendSmtpMail('ssl') == False: flog.info(inspect.stack()[0][3] + ": SSL/TSL verbinding is niet gelukt.") if sendSmtpMail('starttls') == False: flog.info(inspect.stack()[0][3] + ": STARTTLS verbinding is niet gelukt.") if sendSmtpMail('plaintext') == False: flog.error("plaintext is mislukt gestopt.") sys.exit(1) #print ( sendSmtpMail('plaintext') ) #print ( sendSmtpMail( 'starttls' ) ) #print ( sendSmtpMail('ssl') ) flog.info(inspect.stack()[0][3] + ": Programma is succesvol gestopt.") rt_status_db.timestamp(82, flog) sys.exit(0) # all is well.
def Main(argv): my_pid = os.getpid() flog.info("Start van programma met process id " + str(my_pid)) flog.info(inspect.stack()[0][3] + ": wordt uitgevoerd als user -> " + pwd.getpwuid(os.getuid()).pw_name) parser = argparse.ArgumentParser(description='help informatie') parser = argparse.ArgumentParser( add_help=False) # suppress default UK help text parser.add_argument('-h', '--help', action='help', default=argparse.SUPPRESS, help='Laat dit bericht zien en stop.') parser.add_argument( '-u', '--update', required=False, action="store_true", help="start de automatische update van publiek IP en DNS naam.") args = parser.parse_args() #################################### # open van config status database # #################################### try: config_db.init(const.FILE_DB_CONFIG, const.DB_CONFIG_TAB) except Exception as e: flog.critical(inspect.stack()[0][3] + ": database niet te openen(1)." + const.FILE_DB_CONFIG + ") melding:" + str(e.args[0])) sys.exit(1) flog.debug(inspect.stack()[0][3] + ": database tabel " + const.DB_CONFIG_TAB + " succesvol geopend.") ######################################################## # update the local IP adres with the FQDN name from # # the config database # ######################################################## if args.update == True: # read en decode the DuckDNS token try: _id, dynamic_dns, _label = config_db.strget(150, flog) _id, duckdns_token_encoded, _label = config_db.strget(151, flog) #print ( duckdns_token_encoded ) duckdns_token = base64.standard_b64decode( crypto3.p1Decrypt(duckdns_token_encoded, 'dckdckdns')).decode('utf-8') except Exception as e: flog.critical(inspect.stack()[0][3] + ": configuratie gegevens fout (DuckDNS token) -> ." + str(e.args[0])) sys.exit(1) # remove older status file when it exist. try: if os.path.exists(const.FILE_DUCKDNS_STATUS): os.remove(const.FILE_DUCKDNS_STATUS) except Exception as e: flog.warning(inspect.stack()[0][3] + ": status file " + const.FILE_DUCKDNS_STATUS + " probleem. " + str(e.args[0])) #duckdns_token = duckdns_token + "x" # execute the curl command to update the DuckDNS IP try: flog.debug(inspect.stack()[0][3] + ": Parameters token=" + duckdns_token + " dns_name=" + dynamic_dns) cmd = 'echo url="https://www.duckdns.org/update?domains=' + dynamic_dns + '&token=' + duckdns_token + '&ip=" | curl -s -k -o ' + const.FILE_DUCKDNS_STATUS + ' -K -' if os.system(cmd) > 0: flog.error(inspect.stack()[0][3] + " update gefaald") except Exception as e: flog.critical(inspect.stack()[0][3] + ": update gefaald door -> " + str(e.args[0])) sys.exit(1) # check if the command was excuted OK (KO) is not ok. try: f = open(const.FILE_DUCKDNS_STATUS, "r") if f.mode == 'r': status = f.read().strip() if status == "OK": flog.info(inspect.stack()[0][3] + ": DNS naam naar IP update is succesvol.") else: flog.warning(inspect.stack()[0][3] + ": DNS naam naar IP update is gefaald.") f.close() except Exception as e: flog.warning(inspect.stack()[0][3] + ": status check probleem -> " + str(e.args[0])) sys.exit(1) sys.exit(0) flog.warning(inspect.stack()[0][3] + ": geen command line opties opgeven!") sys.exit(1)
def read_api_key(db, flog=None): #raise Exception("test exception.") _id, encoded_api_key, _label = db.strget(139, flog) decoded_api_key = base64.standard_b64decode( crypto3.p1Decrypt(encoded_api_key, 'solaredgeapikey')).decode('utf-8') return decoded_api_key
def Main(argv): my_pid = os.getpid() flog.info("Start van programma met process id " + str(my_pid)) flog.info(inspect.stack()[0][3] + ": wordt uitgevoerd als user -> " + pwd.getpwuid(os.getuid()).pw_name) parser = argparse.ArgumentParser(description='help informatie') parser = argparse.ArgumentParser( add_help=False) # suppress default UK help text parser.add_argument('-ac', '--activatecert', required=False, action="store_true", help="maak een Lets Encrypt certificaat aan") parser.add_argument( '-arn', '--autorenewon', required=False, action="store_true", help="activeer het automatisch updaten van certificaten.") parser.add_argument( '-arf', '--autorenewoff', required=False, action="store_true", help="deactiveer het automatisch updaten van certificaten.") parser.add_argument( '-at', '--apitokens', required=False, action="store_true", help="configureerde de API tokens, uit de configuratie database.") parser.add_argument( '-ci', '--certinfo', required=False, action="store_true", help= "geeft de certificaat informatie weer en update de status database.") parser.add_argument( '-ch', '--createhttpconfigfile', type=pathvalidate.argparse.sanitize_filepath_arg, required=False, help= "schrijft een http config bestand naar het opgegeven path bv: /etc/nginx/sites-enabled/p1mon_80" ) parser.add_argument( '-dc', '--deactivatecert', required=False, action="store_true", help="verwijder alle bestaande Lets Encrypt certificaten") parser.add_argument('-h', '--help', action='help', default=argparse.SUPPRESS, help='Laat dit bericht zien en stop.') parser.add_argument( '-hs', '--https', required=False, action="store_true", help= "maak een HTTP en HTTPS configuratie bestand aan en herstart de webserver." ) parser.add_argument( '-ht', '--http', required=False, action="store_true", help= "maak een basis configuratie bestand met alleen HTTP (fabrieks instelling) en herstart de webserver." ) parser.add_argument( '-g', '--gateway', required=False, action="store_true", help= "configureer het config file voor de router/gatway. Nodig voor http naar https redirection." ) parser.add_argument('-r', '--renewcerts', required=False, action="store_true", help="renew alle certificaten die aangemaakt zijn") args = parser.parse_args() ################################### # init stuff # ################################### #################################### # open van config status database # #################################### try: config_db.init(const.FILE_DB_CONFIG, const.DB_CONFIG_TAB) except Exception as e: flog.critical(inspect.stack()[0][3] + ": database niet te openen(1)." + const.FILE_DB_CONFIG + ") melding:" + str(e.args[0])) sys.exit(1) flog.info(inspect.stack()[0][3] + ": database tabel " + const.DB_CONFIG_TAB + " succesvol geopend.") try: rt_status_db.init(const.FILE_DB_STATUS, const.DB_STATUS_TAB) except Exception as e: flog.critical(inspect.stack()[0][3] + ": Database niet te openen(2)." + const.FILE_DB_STATUS + ") melding:" + str(e.args[0])) sys.exit(1) flog.info(inspect.stack()[0][3] + ": database tabel " + const.DB_STATUS_TAB + " succesvol geopend.") if args.createhttpconfigfile != None: filename = str(args.createhttpconfigfile) flog.info(inspect.stack()[0][3] + ": http config bestand " + str(filename) + " wordt aangemaakt:") create_default_p80_config_file(filename) ####################################### # display and log cert info and write # # expire date to status file # ####################################### if args.certinfo == True: if cert_info() == False: sys.exit(1) sys.exit(0) ####################################### # update the certificates when needed # ####################################### if args.renewcerts == True: flog.info(inspect.stack()[0][3] + ": update van certificaten gestart.") try: cmd = '/usr/bin/sudo certbot renew' proc = subprocess.Popen([cmd], shell=True, stdout=subprocess.PIPE, stderr=subprocess.STDOUT) stdout, stderr = proc.communicate(timeout=60) exit_code = int(proc.wait()) if exit_code == 0: # last succesfull try to renew the certificate. rt_status_db.strset(makeLocalTimeString.makeLocalTimeString(), 120, flog) cert_info() # update database with how long the cert is valid. except Exception as e: flog.critical(inspect.stack()[0][3] + ": update van certificaten gefaald " + str(e.args)) sys.exit(1) flog.info(inspect.stack()[0][3] + ": antwoord van LetsEncrypt: " + str(stdout.decode('utf-8').replace('\n', ' '))) nginx_restart( ) # needed to read in a new recieved cert after an true renew. sys.exit(0) ################################################# # change crontab to start auto update off certs # ################################################# if args.autorenewon == True: if set_cert_auto_renew(mode='on', flog=flog) == False: flog.error(inspect.stack()[0][3] + ": Automatische update activeren gefaald.") sys.exit(1) sys.exit(0) ################################################# # change crontab to stop auto update off certs # ################################################# if args.autorenewoff == True: if set_cert_auto_renew(mode='off', flog=flog) == False: flog.error(inspect.stack()[0][3] + ": Automatische update deactiveren gefaald.") sys.exit(1) sys.exit(0) ###################################################### # create cert, update nginx config and reload NGINX # ###################################################### if args.activatecert == True: fqdn = None try: _id, fqdn, _label = config_db.strget(150, flog) if len(fqdn.strip()) == 0: raise Exception("geen domain naam ingesteld.") except Exception as e: flog.critical( inspect.stack()[0][3] + ": FQDN (domain naam) is niet te lezen of niet gezet: " + str(e.args)) sys.exit(1) # things went wrong. email = None try: _id, email, _label = config_db.strget(159, flog) if len(email.strip()) == 0: raise Exception("geen email ingsteld voor LetsEncrypt!") except Exception as e: flog.critical(inspect.stack()[0][3] + ": e-mail is niet te lezen of niet gezet: " + str(e.args)) sys.exit(1) # things went wrong. certbot_exit_code = 0 try: #cmd = '/usr/bin/sudo certbot certonly -n --email '+ email + ' --agree-tos --no-eff-email --webroot -w /p1mon/www -d ' + fqdn cmd = '/usr/bin/sudo certbot certonly -v -n --email ' + email + ' --agree-tos --no-eff-email --webroot -w /p1mon/www/ -d ' + fqdn proc = subprocess.Popen([cmd], shell=True, stdout=subprocess.PIPE, stderr=subprocess.STDOUT) stdout, stderr = proc.communicate(timeout=60) certbot_exit_code = int(proc.wait()) except Exception as e: if stderr != None: flog.critical( inspect.stack()[0][3] + ": creatie van certificaat voor " + fqdn + " gefaald " +\ str( e.args) + " fout melding " + str( stderr.decode('utf-8').replace('\n', ' ') )) sys.exit(1) flog.info(inspect.stack()[0][3] + ": antwoord van LetsEncrypt: " + str(stdout.decode('utf-8').replace('\n', ' '))) ############################################### # set nginx config files with new certifcate # # and reload NGINX # ############################################### if certbot_exit_code == 0: # only make change after en succesfull cerbot run. set_nginx_https_config() # normal exit sys.exit(0) ###################################################### # delete cert, update nginx config and reload NGINX # ###################################################### if args.deactivatecert == True: fqdn_set = set() # set has unique values. try: cmd = '/usr/bin/sudo certbot certificates' proc = subprocess.Popen([cmd], shell=True, stdout=subprocess.PIPE, stderr=subprocess.STDOUT) buf = proc.stdout.readlines() for item in buf: value = item.decode('utf-8').strip() if value.find('Domains:') == 0: #print( item.split()[1].decode('utf-8') ) fqdn_set.add(item.split()[1].decode('utf-8').strip()) except Exception as e: flog.warning(inspect.stack()[0][3] + ": certifcaat is niet te lezen of niet gezet: " + str(e.args)) sys.exit(1) # things went wrong. for fqdn in fqdn_set: #print ( fqdn ) try: cmd = '/usr/bin/sudo certbot delete -n --cert-name ' + fqdn proc = subprocess.Popen([cmd], shell=True, stdout=subprocess.PIPE, stderr=subprocess.STDOUT) stdout, stderr = proc.communicate(timeout=60) except Exception as e: flog.warning(inspect.stack()[0][3] + ": verwijderen van het certificaat voor " + fqdn + "gefaald " + str(e.args)) flog.info(inspect.stack()[0][3] + ": antwoord van LetsEncrypt: " + str(stdout.decode('utf-8').replace('\n', ' '))) if (len(fqdn_set) == 0): flog.info(inspect.stack()[0][3] + ": geen geïnstalleerde certificaten gevonden.") ############################################### # set nginx config file # # and reload NGINX also handles the exit code # ############################################### set_default_p80_config() ###################################################### # maken default gateway nginx map file for https # # redirect # ###################################################### if args.gateway == True: make_nginx_conf() if check_nginx_configuration(flog=flog) == False: flog.error(inspect.stack()[0][3] + ": gateway config bestands fout, gestopt!") sys.exit(1) nginx_restart() sys.exit(0) ######################################################## # add the api tokens to the nginx configuration file # ######################################################## if args.apitokens == True: try: _id, crypto_data, _label = config_db.strget(160, flog) full_json = base64.standard_b64decode( crypto3.p1Decrypt(crypto_data, '20210731apikey')) flog.debug(inspect.stack()[0][3] + ": decrypted json = " + full_json.decode('utf-8')) tokens = [] json_dict = json.loads(full_json) for item in json_dict: tokens.append(item['TOKEN']) except Exception as e: flog.warning(inspect.stack()[0][3] + ": inlezen van versleutelde tokens, Fout=" + str(e.args[0])) flog.debug(inspect.stack()[0][3] + ": API token list = " + str(tokens)) buffer = generate_header_string() buffer += '\nmap $http_x_apikey $api_realm {\n' buffer += ' default "";\n' for token in tokens: buffer += ' "' + token + '" "p1mon_api";\n' buffer += '}\n' #print( buffer ) flog.debug(inspect.stack()[0][3] + ": api tokens:\n" + str(buffer)) if write_buffer(buffer=buffer, file=nginx_lib.APIKEYFILE, flog=flog) == False: sys.exit(1) # things went wrong. if check_nginx_configuration(flog=flog) == False: flog.error(inspect.stack()[0][3] + ": api tokens bestands fout, gestopt!") sys.exit(0) nginx_restart() sys.exit(0) ######################################################## # reset all the setting to factory setting and remove # # https (443) settings # ######################################################## if args.http == True: make_nginx_conf() set_default_p80_config() ########################################################### # change port 80 and 443 config so the lets encrypt certs # # are used and the redirection for de UI is in place. # ########################################################### if args.https == True: make_nginx_conf() set_nginx_https_config() flog.info( inspect.stack()[0][3] + ": gestopt zonder uitgevoerde acties, geef commandline opties op.") sys.exit(1) # should be an error when there are no options given.
def restore(): flog.info("Herstellen van gegevens gestart.") # check of there is a USB drive with data usb_drive = checkForExistingUsedDrive() data_is_processed_flag = False if usb_drive != None: # we have a backup flog.info("Drive " + str(usb_drive) + " bevat mogelijke backup data.") # copy data to folder with .p1ua extention. # this is done te make sure we can erease the data on the USB stick. # after the succesfull erease the extention is remove try: # process WIFI config data flog.info("Wifi data verwerken.") for name in glob.glob(const.DIR_UPGRADE_ASSIST_USB_MOUNT + const.DIR_UPGRADE_ASSIST_WIFI + "/*.p1ua"): #print (name) # read en decode with open(name, 'r') as w_file: data = w_file.read() #print ('crypted data' ) #print ( data ) result_decrypt = crypto3.p1Decrypt(data, CRYPTO_SEED) #print ('result_decrypt' ) #print ( result_decrypt ) #print ( 'wifi_config_file') #print ( wifi_config_file ) wifi_fp = open(wifi_config_file, "w") wifi_fp.write(result_decrypt) wifi_fp.write('\n') wifi_fp.close() flog.info("Wifi bestand " + wifi_config_file + P1UAEXT + " gekopierd.") #sys.exit(0) subprocess.run(['sudo', 'chmod', '0660', wifi_config_file], stdout=subprocess.DEVNULL, stderr=subprocess.DEVNULL) flog.info("Wifi bestand " + wifi_config_file + " verwerkt") if isVerfiedRemoveOfFile(name) == True: flog.info("Wifi bestand " + name + " is gewist.") data_is_processed_flag = True # we have processed some data and removed the file to prevent endless loop/reboot except Exception as e: data_is_processed_flag = False flog.error(inspect.stack()[0][3] + ": probleem met het verwerken van de wifi data: " + str(e)) try: flog.info("Database SQL data verwerken.") # process Database data # if there is a SQL export we don't use the *.db files # print ( glob.glob( const.DIR_UPGRADE_ASSIST_USB_MOUNT + const.DIR_UPGRADE_ASSIST_DATA + "/" + const.EXPORT_PREFIX + "*.p1ua") ) for name in glob.glob(const.DIR_UPGRADE_ASSIST_USB_MOUNT + const.DIR_UPGRADE_ASSIST_DATA + "/" + const.EXPORT_PREFIX + "*.p1ua"): _path, file = os.path.split(name) copyFile(name, const.DIR_FILEDISK) # to p1mon normal data folder flog.info("SQL export bestand " + file + " gekopierd.") if isVerfiedRemoveOfFile(name) == True: flog.info("SQL export bestand " + name + " gewist.") # set file rights subprocess.run( ['sudo', 'chmod', '0664', const.DIR_FILEDISK + file], stdout=subprocess.DEVNULL, stderr=subprocess.DEVNULL) flog.info("Data bestand " + const.DIR_FILEDISK + file + " verwerkt.") #data_is_processed_flag = True # we have processed some data flog.info("Database datafiles verwerken.") for name in glob.glob(const.DIR_UPGRADE_ASSIST_USB_MOUNT + const.DIR_UPGRADE_ASSIST_DATA + "/*db.p1ua"): _path, file = os.path.split(name) source = const.DIR_UPGRADE_ASSIST_USB_MOUNT + const.DIR_UPGRADE_ASSIST_DATA + '/' + file copyFile(source, const.DIR_FILEDISK) flog.info("Database bestand " + source + " gekopierd.") if isVerfiedRemoveOfFile(source) == True: # rename file filename_no_ext, _file_extension = os.path.splitext(source) _path, source_filename = os.path.split(source) #print ( const.DIR_FILEDISK + source_filename ) #print ( const.DIR_FILEDISK + source_filename ) #print ( filename_no_ext ) _path, dest_filename = os.path.split(filename_no_ext) #print ( dest_filename ) #print ( const.DIR_FILEDISK + dest_filename ) os.rename(const.DIR_FILEDISK + source_filename, const.DIR_FILEDISK + dest_filename) # set file rights subprocess.run([ 'sudo', 'chmod', '0664', const.DIR_FILEDISK + dest_filename ], stdout=subprocess.DEVNULL, stderr=subprocess.DEVNULL) flog.info("Data bestand " + const.DIR_FILEDISK + dest_filename + " verwerkt.") data_is_processed_flag = True # we have processed some data except Exception as e: flog.error(inspect.stack()[0][3] + ": probleem met het verwerken van de database data: " + str(e)) data_is_processed_flag = False umountUSB(usb_drive) if data_is_processed_flag == False: flog.info("Geen data gevonden op de USB drive(s) niets uitgevoerd.") else: flog.info("cron jobs worden aangemaakt uit de database.") # const.FILE_DB_CONFIG split for filename _head, tail = os.path.split(const.FILE_DB_CONFIG) copyFile(const.DIR_FILEDISK + tail, const.DIR_RAMDISK) #disk to ram, scripts uses ram location if os.system('sudo -u p1mon /p1mon/scripts/P1Scheduler.py') > 0: flog.error(inspect.stack()[0][3] + " cron jobs update gefaald.") time.sleep(2) flog.info( "Filesysteem wordt vergroot naar de maximale ruimte van de SDHC kaart." ) _cp = subprocess.run(['sudo raspi-config --expand-rootfs'], shell=True, check=True) #print( _cp.stdout ) #print( _cp.stderr ) #print( _cp.returncode ) time.sleep(2) ############################################################################ # make a (possible empty) api tokens file. this is needed if the p1mon_443 # # file exist nginx fails if the token file is missing. This also makes # # sure that nginx is reloaded or restarted if it is not running # ############################################################################ if os.system( 'sudo -u p1mon /p1mon/scripts/P1NginxConfig.py --apitokens' ) > 0: msg = "Nginx API tokens update gefaald." flog.error(inspect.stack()[0][3] + ": " + msg) if os.system( 'sudo -u p1mon /p1mon/scripts/P1NginxConfig.py --gateway') > 0: msg = "Nginx gateway update gefaald." flog.error(inspect.stack()[0][3] + ": " + msg) flog.info("file system sync uitvoeren.") if os.system('sudo sync') > 0: flog.warning(inspect.stack()[0][3] + " file system sync gefaald.") flog.info( "Data herstelt vanaf de USB drive. Er wordt een reboot uitgevoerd." ) time.sleep(5) subprocess.run(['sudo', '/sbin/reboot'], stdout=subprocess.DEVNULL, stderr=subprocess.DEVNULL) time.sleep( 30 ) # failsave to make sure the reboot is done and no other scripts are started.
def Main(argv): flog.info("Start van programma.") global ftp_para # open van status database try: rt_status_db.init(const.FILE_DB_STATUS, const.DB_STATUS_TAB) except Exception as e: flog.critical(inspect.stack()[0][3] + ": Database niet te openen(1)." + const.FILE_DB_STATUS + ") melding:" + str(e.args[0])) sys.exit(1) flog.debug(inspect.stack()[0][3] + ": database tabel " + const.DB_STATUS_TAB + " succesvol geopend.") # open van config database try: config_db.init(const.FILE_DB_CONFIG, const.DB_CONFIG_TAB) except Exception as e: flog.critical(inspect.stack()[0][3] + ": database niet te openen(2)." + const.FILE_DB_CONFIG + ") melding:" + str(e.args[0])) sys.exit(1) flog.debug(inspect.stack()[0][3] + ": database tabel " + const.DB_CONFIG_TAB + " succesvol geopend.") rt_status_db.timestamp(47, flog) # update field from database, the cli switches overwrite the DB values! _id, ftp_para['user'], _label = config_db.strget(28, flog) _id, ftp_para['password'], _label = config_db.strget(29, flog) _id, ftp_para['directory'], _label = config_db.strget(30, flog) _id, ftp_para['server'], _label = config_db.strget(31, flog) _id, ftp_para['port'], _label = config_db.strget(32, flog) _id, ftp_para['filename'], _label = config_db.strget(33, flog) _id, ftp_para['maxfilecount'], _label = config_db.strget(34, flog) _id, ftp_para['ftps'], _label = config_db.strget(35, flog) # was secure _id, ftp_para['ftp'], _label = config_db.strget(76, flog) _id, ftp_para['sftp'], _label = config_db.strget(77, flog) # sftp toevoegen. ftp toevoegen flog.debug(inspect.stack()[0][3] + ": parameters uit de DB:" + str(ftp_para)) parser = argparse.ArgumentParser(description="ftp....") parser.add_argument('-u', '--user', required=False) parser.add_argument('-pw', '--password', required=False) parser.add_argument('-dir', '--directory', required=False) parser.add_argument('-srv', '--server', required=False) parser.add_argument('-fname', '--filename', required=False) parser.add_argument('-mfcnt', '--maxfilecount', required=False) parser.add_argument('-pt', '--port', required=False) parser.add_argument('-ftps', '--ftps', required=False, action="store_true") # flag only parser.add_argument('-sftp', '--sftp', required=False, action="store_true") # flag only parser.add_argument('-ftp', '--ftp', required=False, action="store_true") # flag only args = parser.parse_args() if args.user != None: ftp_para['user'] = args.user if args.password != None: ftp_para['password'] = args.password flog.debug("password van commandline ontvangen -> " + ftp_para['password']) else: #decode password from database try: ftp_para['password'] = base64.standard_b64decode( crypto3.p1Decrypt(ftp_para['password'], 'ftppw')).decode('utf-8') # added by Aad if ftp_para['password'] == '': ftp_para['password'] = "******" raise Exception(" wachtwoord is niet ingesteld.") except Exception as e: flog.error(inspect.stack()[0][3]+": password decodering gefaald. Decoded password="******" Gestopt. melding:" + str(e.args[0]) ) sys.exit(16) flog.info("Password decryptie ok.") flog.debug("Decoded password = "******"''" raise Exception( "server adres (IP adres of url) is niet ingesteld.") except Exception as e: flog.error(inspect.stack()[0][3] + ": Gestopt, melding: " + str(e.args[0])) sys.exit(17) if args.filename != None: ftp_para['filename'] = args.filename if args.maxfilecount != None: ftp_para['maxfilecount'] = int(args.maxfilecount) if args.port != None: ftp_para['port'] = int(args.port) if args.ftp == True: ftp_para['ftp'] = 1 ftp_para['ftps'] = 0 ftp_para['sftp'] = 0 if args.ftps == True: ftp_para['ftp'] = 0 ftp_para['ftps'] = 1 ftp_para['sftp'] = 0 if args.sftp == True: ftp_para['ftp'] = 0 ftp_para['ftps'] = 0 ftp_para['sftp'] = 1 flog.debug(inspect.stack()[0][3] + ": parameters na CLI parsing:" + str(ftp_para)) if int(ftp_para['ftp']) == 0 and int(ftp_para['ftps']) == 0 and int( ftp_para['sftp']) == 0: flog.warning(inspect.stack()[0][3] + ": geen ftp, ftps of sftp opties geslecteerd!") if os.path.isfile(ftp_para['filename']) == False: rt_status_db.strset( 'fout: te kopieren bestand niet gevonden. Gestopt.', 48, flog) flog.error(inspect.stack()[0][3] + ": te kopieren bestand niet gevonden. Gestopt.") sys.exit(17) # do normal plain text FTP if int(ftp_para['ftp']) == 1: flog.info(inspect.stack()[0][3] + ": probeer bestand " + ftp_para['filename'] + " te kopieren via ftp.") try: ftpConnection = ftpConnect() if len(ftp_para['directory']) > 0: ftpChangeDirectory(ftpConnection, ftp_para['directory']) ftpCopy(ftpConnection, ftp_para['filename']) flog.info(inspect.stack()[0][3] + ": bestand " + ftp_para['filename'] + " succesvol gekopierd via ftp.") ftpConnection.quit() # be polite to ftp servers except Exception as e: rt_status_db.strset( 'fout: server antwoord: ' + str(e.args[0]) + ' Gestopt.', 48, flog) flog.error(inspect.stack()[0][3] + ": FTP server antwoord: " + str(e.args[0]) + " Gestopt.") sys.exit(11) rt_status_db.strset("FTP transfer is succesvol gestopt.", 48, flog) rt_status_db.timestamp(49, flog) flog.info("FTP transfer is succesvol gestopt.") sys.exit(0) # all is well. # TODO ftps en sftp aanpassen zodat ze poort meenemen. # do ftps FTP with SSL if int(ftp_para['ftps']) == 1: ################################################################# # STEP 1 copy the file # ################################################################# try: # copying file #flog.setLevel( logging.DEBUG ) _head, tail = os.path.split(ftp_para['filename']) changed_filename = '//p1mon/mnt/ramdisk/' + fileprefix + str( getUtcTime()) + '-' + tail #server = "ftps://"+ftp_para['server'] server = "ftp://" + ftp_para['server'] #+ ":990" if len(ftp_para['directory']) > 0: server = server + "/" + ftp_para[ 'directory'] + "/" # checked can handle // and / in path. flog.debug(inspect.stack()[0][3] + ": server path is=" + str(server)) shutil.copy(ftp_para['filename'], changed_filename) flog.info(inspect.stack()[0][3] + ": probeer bestand " + ftp_para['filename'] + " te kopieren via ftps.") """ cp = subprocess.run([ "curl", "--ssl-reqd", "--ftp-ssl-control", "-ssl", "--globoff", "--insecure", "-sSv", server, "--user", ftp_para['user']+":"+ftp_para['password'], "-T", changed_filename ], \ universal_newlines=True, stdout=subprocess.PIPE, stderr=subprocess.PIPE, timeout=60 ) """ cp = subprocess.run([ "curl", "--ftp-ssl-control", "--ftp-ssl" ,"--globoff", "--insecure", "-sSv", server, "--user", ftp_para['user']+":"+ftp_para['password'], "-T", changed_filename ], \ universal_newlines=True, stdout=subprocess.PIPE, stderr=subprocess.PIPE, timeout=60 ) flog.debug(inspect.stack()[0][3] + ": cp.stdout=" + str(cp.stdout)) flog.debug(inspect.stack()[0][3] + ": cp.stderr=" + str(cp.stderr)) flog.debug(inspect.stack()[0][3] + ": cp.returncode=" + str(cp.returncode)) # Added by Aad. saveDelete(changed_filename) # remove tmp copy of file. if cp.returncode == 0: flog.info(inspect.stack()[0][3] + ": bestand " + ftp_para['filename'] + " succesvol gekopierd via ftps als " + changed_filename) else: raise Exception(cp.stderr.replace("\n", "")) except Exception as e: rt_status_db.strset( 'fout: server antwoord: ' + str(e.args[0]) + ' Gestopt.', 48, flog) flog.error(inspect.stack()[0][3] + ": SFTP server antwoord: " + str(e.args[0]) + " Gestopt.") sys.exit(11) ################################################################# # STEP 2 checking if we have reached the maxium number of files # ################################################################# try: # checkin if max files are reached _head, tail = os.path.split(ftp_para['filename']) changed_filename = '//p1mon/mnt/ramdisk/' + fileprefix + str( getUtcTime()) + tail server = "ftp://" + ftp_para['server'] if len(ftp_para['directory']) > 0: server = server + "/" + ftp_para[ 'directory'] + "/" # checked can handle // and / in path. flog.debug(inspect.stack()[0][3] + ": server path is=" + str(server)) cp = subprocess.run([ "curl", "--ftp-ssl-control", "--ftp-ssl", "--globoff", "--insecure", "-sS", server, "--user", ftp_para['user']+":"+ftp_para['password'], "--list-only" ], \ universal_newlines=True, stdout=subprocess.PIPE, stderr=subprocess.PIPE, timeout=60 ) #flog.debug( inspect.stack()[0][3]+": cp.stdout=" + str(cp.stdout) ) #flog.debug( inspect.stack()[0][3]+": cp.stderr=" + str(cp.stderr) ) #flog.debug( inspect.stack()[0][3]+": cp.returncode=" + str(cp.returncode ) ) if cp.returncode == 0: # process output, proces files based on epoch value in filename filtered_file_list = grep("\AP1BU-\d+", cp.stdout.split('\n')) if len(filtered_file_list) < int(ftp_para['maxfilecount']) - 1: flog.info(inspect.stack()[0][3] + ": maximale aantal van files " + str(ftp_para['maxfilecount']) + " niet gehaald (" + str(len(filtered_file_list)) + ")") else: flog.info(inspect.stack()[0][3] + ": maximale aantal van files overschreden " + str(ftp_para['maxfilecount'])) ftpsRemoveOldFiles(filtered_file_list) else: raise Exception(cp.stderr.replace("\n", "")) except Exception as e: rt_status_db.strset( 'fout: directory list server : ' + str(e.args[0]) + ' Gestopt.', 48, flog) flog.error(inspect.stack()[0][3] + ": SFTP directory list server fout: " + str(e.args[0]) + " Gestopt.") sys.exit(13) rt_status_db.strset("FTPS transfer is succesvol gestopt.", 48, flog) rt_status_db.timestamp(49, flog) flog.info("FTPS transfer is succesvol gestopt.") sys.exit(0) # all is well. # do sftp FTP with SSH if int(ftp_para['sftp']) == 1: ################################################################# # STEP 1 copy the file # ################################################################# try: # copying file _head, tail = os.path.split(ftp_para['filename']) tmp_path = '/var/log/p1monitor/' changed_filename = tmp_path + fileprefix + str( getUtcTime()) + '-' + tail server = "sftp://" + ftp_para['server'] + "/" if len(ftp_para['directory']) > 0: server = server + ftp_para[ 'directory'] + "/" # checked can handle // and / in path. else: server = server + "home/" flog.debug(inspect.stack()[0][3] + ": server path is=" + str(server)) #print ( "changed_filename " + changed_filename + " filename " + ftp_para['filename'] ) shutil.copy(ftp_para['filename'], changed_filename) flog.info(inspect.stack()[0][3] + ": probeer bestand " + ftp_para['filename'] + " te kopieren via sftp.") cp = subprocess.run([ "curl","--globoff", "--insecure", "-sSv", server, "--user", ftp_para['user']+":"+ftp_para['password'], "-T", changed_filename ], \ universal_newlines=True, stdout=subprocess.PIPE, stderr=subprocess.PIPE, timeout=60 ) flog.debug(inspect.stack()[0][3] + ": cp.stdout=" + str(cp.stdout)) flog.debug(inspect.stack()[0][3] + ": cp.stderr=" + str(cp.stderr)) flog.debug(inspect.stack()[0][3] + ": cp.returncode=" + str(cp.returncode)) #Added by Aad. saveDelete(changed_filename) # remove tmp copy of file. if cp.returncode == 0: flog.info(inspect.stack()[0][3] + ": bestand " + ftp_para['filename'] + " succesvol gekopierd via ftps als " + changed_filename) else: raise Exception(cp.stderr.replace("\n", "")) except Exception as e: rt_status_db.strset( 'fout: server antwoord: ' + str(e.args[0]) + ' Gestopt.', 48, flog) flog.error(inspect.stack()[0][3] + ": SFTP server antwoord: " + str(e.args[0]) + " Gestopt.") sys.exit(11) ################################################################# # STEP 2 checking if we have reached the maxium number of files # ################################################################# try: # checkin if max files are reached #_head,tail = os.path.split( ftp_para['filename'] ) #changed_filename = '//p1mon/mnt/ramdisk/' + fileprefix + str(getUtcTime()) + '-' + tail server = "sftp://" + ftp_para['server'] + "/" if len(ftp_para['directory']) > 0: server = server + ftp_para[ 'directory'] + "/" # checked can handle // and / in path. else: server = server + "home/" flog.debug(inspect.stack()[0][3] + ": server path is=" + str(server)) # Modified by Aad: for clarity, conform curl params: --list-only parameter added. cp = subprocess.run([ "curl", "--globoff", "--insecure", "-sSv", server, "--user", ftp_para['user']+":"+ftp_para['password'], "--list-only" ], \ universal_newlines=True, stdout=subprocess.PIPE, stderr=subprocess.PIPE, timeout=60 ) flog.debug(inspect.stack()[0][3] + ": cp.stdout=" + str(cp.stdout)) flog.debug(inspect.stack()[0][3] + ": cp.stderr=" + str(cp.stderr)) flog.debug(inspect.stack()[0][3] + ": cp.returncode=" + str(cp.returncode)) # pre-process output that could have a unspecified layout. filtered_file_list = [] matched_lines = [ line for line in cp.stdout.split('\n') if fileprefix in line ] for line in matched_lines: #filtered_file_list.append ( line[ line.find('P1BU-'): ] ) #modified by Aad: absolute find filter replaced by variable. filtered_file_list.append(line[line.find(fileprefix):]) if cp.returncode == 0: # process output, proces files based on epoch value in filename if len(filtered_file_list) < int(ftp_para['maxfilecount']) - 1: flog.info(inspect.stack()[0][3] + ": maximale aantal van files " + str(ftp_para['maxfilecount']) + " niet gehaald (" + str(len(filtered_file_list)) + ")") else: flog.info(inspect.stack()[0][3] + ": maximale aantal van files overschreden " + str(ftp_para['maxfilecount'])) # sftpRemoveOldFiles( filtered_file_list ) # orignal if sftpRemoveOldFiles(filtered_file_list) == False: flog.info(inspect.stack()[0][3] + " Een of meerdere bestanden >" + str(ftp_para['maxfilecount']) + " zijn niet gewist.") else: raise Exception(cp.stderr.replace("\n", "")) except Exception as e: rt_status_db.strset( 'fout: directory list server : ' + str(e.args[0]) + ' Gestopt.', 48, flog) flog.error(inspect.stack()[0][3] + ": SFTP directory list server fout: " + str(e.args[0]) + " Gestopt.") sys.exit(13) rt_status_db.strset("SFTP transfer is succesvol gestopt.", 48, flog) rt_status_db.timestamp(49, flog) flog.info("SFTP transfer is succesvol gestopt.") sys.exit(0) # all is well.
def Main(argv): global config_db flog.info("Start van programma.") parser = argparse.ArgumentParser(description="Set het wpa wachtwoord voor een essid ESSID (\"MIJN WIFI\")") parser.add_argument('-e', '--essid', required=False) parser.add_argument('-k', '--key', required=False) args = parser.parse_args() essid = args.essid key = args.key #try to read from database if ( essid == None or key == None ): flog.info(inspect.stack()[0][3]+": Lees essid en wpa key uit database.") # open van config database try: config_db.init(const.FILE_DB_CONFIG,const.DB_CONFIG_TAB) except Exception as e: flog.critical(inspect.stack()[0][3]+": database niet te openen(2)."+const.FILE_DB_CONFIG+") melding:"+str(e.args[0])) sys.exit(1) flog.info(inspect.stack()[0][3]+": database tabel "+const.DB_CONFIG_TAB+" succesvol geopend.") # open van status database try: rt_status_db.init(const.FILE_DB_STATUS,const.DB_STATUS_TAB) except Exception as e: flog.critical(inspect.stack()[0][3]+": database niet te openen(1)."+const.FILE_DB_STATUS+") melding:"+str(e.args[0])) sys.exit(1) flog.info(inspect.stack()[0][3]+": database tabel: "+const.DB_STATUS_TAB+" succesvol geopend.") sqlstr = "select id, parameter from "+const.DB_CONFIG_TAB+" where id >=11 and id <=12 order by id asc" sqlstr=" ".join(sqlstr.split()) flog.debug(inspect.stack()[0][3]+": sql(1)="+sqlstr) wifi_config=config_db.select_rec(sqlstr) essid = str(wifi_config[0][1]) crypto_key = str(wifi_config[1][1]) flog.debug(inspect.stack()[0][3]+": essid = "+essid+" crypto key = "+crypto_key) key = base64.standard_b64decode( crypto3.p1Decrypt(crypto_key,'wifipw') ) flog.debug( inspect.stack()[0][3]+": decrypted key = " + key.decode( 'utf-8' ) ) flog.info(inspect.stack()[0][3]+": Essid ("+essid+") en key uit database gehaald ") flog.info(inspect.stack()[0][3]+": ESSID = "+essid) if ( len(key.strip()) == 0 or len(essid.strip()) == 0 ): flog.info(inspect.stack()[0][3]+": ESSID en/of PSK ontbreekt, wifi wordt gestopt. ") stopWifi() sys.exit(0) # change wpa_supplicant file writeWpaSupplicantConfig( essid, key ) reconfigureWifi() sec_count = 0 flog.debug(inspect.stack()[0][3]+": start van ip actief controle.") while (sec_count < 180): # try for maximum of 3 minutes (sleep is 5) buf = network_lib.get_nic_info( 'wlan0' ) if buf['ip4'] != None: flog.info(inspect.stack()[0][3]+": Wifi actief op IP adres "+buf['ip4']) rt_status_db.strset(buf['ip4'],42,flog) sys.exit(0) # up and running wifi sec_count+=5 time.sleep(5) flog.debug(inspect.stack()[0][3]+": wacht op activering van wifi voor "+str(sec_count)+" seconden.") flog.warning(inspect.stack()[0][3]+": Wifi is niet actief.") rt_status_db.strset('onbekend',42,flog)