def archive_setup_real_data():
"""Set up cnxarchive database with real data
"""
if not _postgres_user_exists('cnxarchive'):
prompts = []
prompts += fexpect.expect('Enter password for new role:', 'cnxarchive')
prompts += fexpect.expect('Enter it again:', 'cnxarchive')
with fexpect.expecting(prompts):
fexpect.sudo(
'createuser --no-createdb --no-createrole --superuser --pwprompt cnxarchive',
user='******')
if _postgres_db_exists('cnxarchive'):
sudo('dropdb cnxarchive', user='******')
sudo('createdb -O cnxarchive cnxarchive', user='******')
sudo('createlang plpythonu cnxarchive', user='******')
run('zcat cnx-archive/repo_test_data.sql.gz >cnx-archive/repo_test_data.sql'
)
prompts = fexpect.expect('Password for user cnxarchive:', 'cnxarchive')
with fexpect.expecting(prompts):
fexpect.run(
'psql -U cnxarchive cnxarchive -f cnx-archive/repo_test_data.sql')
run('rm -rf cnx-archive/repo_test_data.sql')
run('cnx-upgrade v1')
def generate_vhost_ssl_cert(servername, password):
# Create self-signed certificates
runcmd('mkdir -p ~/cert-temp')
with cd('~/cert-temp'):
# generate private key
privatekey = []
privatekey += expect('Enter pass phrase for server.key:', password)
privatekey += expect('Verifying - Enter pass phrase for server.key:',
password)
with expecting(privatekey):
eruncmd('openssl genrsa -des3 -out server.key 2048')
csr = []
csr += expect('Enter pass phrase for server.key:', password)
csr += expect('Country Name \(2 letter code\) \[.*\]:', 'US')
csr += expect('State or Province Name \(full name\) \[.*\]:',
'Florida')
csr += expect('Locality Name \(eg, city\) \[.*\]:', 'Miami')
csr += expect('Organization Name \(eg, company\)', 'Miami')
csr += expect('Organizational Unit Name \(eg, section\) \[\]:',
'Miami')
csr += expect('Common Name', servername)
csr += expect('Email Address \[\]:', '*****@*****.**')
csr += expect('A challenge password \[\]:', password)
csr += expect('An optional company name \[\]:', '')
with expecting(csr):
eruncmd('openssl req -new -key server.key -out server.csr')
runcmd('cp server.key server.key.org')
serverkey = []
serverkey += expect('Enter pass phrase', password)
with expecting(serverkey):
eruncmd('openssl rsa -in server.key.org -out server.key')
runcmd(
'openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt'
)
if not exists('/etc/httpd/ssl'):
runcmd('mkdir -p /etc/httpd/ssl')
runcmd('cp server.crt /etc/httpd/ssl/{server}.crt'.format(
server=servername))
runcmd('cp server.key /etc/httpd/ssl/{server}.key'.format(
server=servername))
runcmd('rm -fr ~/cert-temp')
def test_one_expectation(self):
cmd = 'echo "Hello" && read NAME && echo "Hi $NAME."'
from ilogue.fexpect import expect, expecting, run
expectation = expect('Hello','answer')
with expecting(expectation):
output = run(cmd)
self.assertIn('answer',output)
def python_ss():
prompts = []
prompts += expect('>>>', 'print \"Hello World\"')
prompts += expect('>>>', 'exit()')
with expecting(prompts):
run('python:')
def test_one_expectation_local(self):
cmd = 'echo "Hello" && read NAME && echo "Hi $NAME."'
from ilogue.fexpect import expect, expecting, local
expectation = expect('Hello','answer')
with expecting(expectation):
output = local(cmd,capture=True)
self.assertIn('answer',output)
def python_ss():
prompts = []
prompts += expect('>>>', 'print \"Hello World\"')
prompts += expect('>>>', 'exit()')
with expecting(prompts):
run('python:')
def test_one_expectation_local(self):
cmd = 'echo "Hello" && read NAME && echo "Hi $NAME."'
from ilogue.fexpect import expect, expecting, local
expectation = expect('Hello','answer')
with expecting(expectation):
output = local(cmd,capture=True)
self.assertIn('answer',output)
def test_one_expectation(self):
cmd = 'echo "Hello" && read NAME && echo "Hi $NAME."'
from ilogue.fexpect import expect, expecting, run
expectation = expect('Hello','answer')
with expecting(expectation):
output = run(cmd)
self.assertIn('answer',output)
def prueba_local():
prompts = []
prompts += expect('is your.*', 'Jaime')
prompts += expect('you at stack.*', 'si')
with expecting(prompts):
run("python /root/prueba_local.py")
def prueba_local():
prompts = []
prompts += expect('is your.*','Jaime')
prompts += expect('you at stack.*','si')
with expecting(prompts):
run("python /root/prueba_local.py")
def deploy():
with prefix('source $(which virtualenvwrapper.sh) && workon remote'):
settings_file = '--settings=haxclub.settings.base'
env_vars = config.get('env_vars')
if not exists('~/haxclub'):
with cd('~/'):
run('git clone https://github.com/jsalva/haxclub')
with cd('~/haxclub/haxclub'):
if not exists('logs'):
run('mkdir logs')
run('git pull origin master')
with shell_env(**env_vars):
prompts = []
prompts += expect("Type 'yes' to continue","yes")
with expecting(prompts):
erun('python manage.py collectstatic %s' % settings_file)
erun('python manage.py migrate %s' % settings_file)
erun('python manage.py syncdb %s' % settings_file)
if exists('supervisord.pid'):
erun('python manage.py supervisor reload %s' % settings_file)
else:
erun('python manage.py supervisor --daemonize %s' % settings_file)
if not exists('/tmp/nginx'):
run('mkdir /tmp/nginx')
put('nginx.conf','/etc/nginx/nginx.conf',use_sudo=True)
put('nginx_haxclub.conf','/etc/nginx/conf.d/nginx_haxclub.conf',use_sudo=True)
put('ssl/haxclub.key.nopass','/etc/ssl/certs/haxclub.key.nopass',use_sudo=True)
put('ssl/haxclub.crt','/etc/ssl/certs/haxclub.crt',use_sudo=True)
put('nginx_haxclub.conf','/etc/nginx/conf.d/nginx_haxclub.conf',use_sudo=True)
sudo('service nginx stop; service nginx start;')
def test_two_expectations(self):
cmd = 'echo "Hello" && read ONE && echo "bladiebla" && read TWO && echo "First $ONE than $TWO."'
from ilogue.fexpect import expect, expecting, run
exp1 = expect('Hello','111')
exp2 = expect('bladiebla','222')
with expecting(exp1+exp2):
output = run(cmd)
self.assertIn('111',output)
self.assertIn('222',output)
def test_two_expectations(self):
cmd = 'echo "Hello" && read ONE && echo "bladiebla" && read TWO && echo "First $ONE than $TWO."'
from ilogue.fexpect import expect, expecting, run
exp1 = expect('Hello','111')
exp2 = expect('bladiebla','222')
with expecting(exp1+exp2):
output = run(cmd)
self.assertIn('111',output)
self.assertIn('222',output)
def test_two_expectations(self):
cmd = 'echo "Hello" && read ONE && echo "bladiebla" && read TWO && echo "First $ONE than $TWO."'
from ilogue.fexpect import expect, expecting, run
exp1 = expect("Hello", "111")
exp2 = expect("bladiebla", "222")
with expecting(exp1 + exp2):
output = run(cmd)
self.assertIn("111", output)
self.assertIn("222", output)
def setup_centos():
sudo("yum install python-pip python-dev build-essential")
sudo("yum install screen")
sudo("pip install pexpect")
if exists(code_dir):
sudo("rm -rf " + code_dir)
with expecting(prompts):
sudo("git clone https://github.com/dbjnbnrj/ramsey_search.git")
with cd(code_dir):
sudo("make clean")
def test_order_inconsequential(self):
#sequence shouldn't matter
cmd = 'echo "Hello" && read ONE && echo "bladiebla" && read TWO && echo "First $ONE than $TWO."'
from ilogue.fexpect import expect, expecting, run
exp1 = expect('Hello','111')
exp2 = expect('bladiebla','222')
with expecting(exp2+exp1):
output = run(cmd)
self.assertIn('111',output)
self.assertIn('222',output)
def test_order_inconsequential(self):
#sequence shouldn't matter
cmd = 'echo "Hello" && read ONE && echo "bladiebla" && read TWO && echo "First $ONE than $TWO."'
from ilogue.fexpect import expect, expecting, run
exp1 = expect('Hello','111')
exp2 = expect('bladiebla','222')
with expecting(exp2+exp1):
output = run(cmd)
self.assertIn('111',output)
self.assertIn('222',output)
def setup_centos():
sudo("yum install python-pip python-dev build-essential")
sudo("yum install screen")
sudo("pip install pexpect")
if exists(code_dir):
sudo("rm -rf " + code_dir)
with expecting(prompts):
sudo("git clone https://github.com/dbjnbnrj/ramsey_search.git")
with cd(code_dir):
sudo("make clean")
def generate_vhost_ssl_cert(servername, password):
# Create self-signed certificates
runcmd('mkdir -p ~/cert-temp')
with cd('~/cert-temp'):
# generate private key
privatekey = []
privatekey += expect('Enter pass phrase for server.key:', password)
privatekey += expect('Verifying - Enter pass phrase for server.key:', password)
with expecting(privatekey):
eruncmd('openssl genrsa -des3 -out server.key 2048')
csr = []
csr += expect('Enter pass phrase for server.key:', password)
csr += expect('Country Name \(2 letter code\) \[.*\]:', 'US')
csr += expect('State or Province Name \(full name\) \[.*\]:', 'Florida')
csr += expect('Locality Name \(eg, city\) \[.*\]:', 'Miami')
csr += expect('Organization Name \(eg, company\)', 'Miami')
csr += expect('Organizational Unit Name \(eg, section\) \[\]:', 'Miami')
csr += expect('Common Name', servername);
csr += expect('Email Address \[\]:', '*****@*****.**')
csr += expect('A challenge password \[\]:', password)
csr += expect('An optional company name \[\]:', '')
with expecting(csr):
eruncmd('openssl req -new -key server.key -out server.csr')
runcmd('cp server.key server.key.org')
serverkey = []
serverkey += expect('Enter pass phrase', password)
with expecting(serverkey):
eruncmd('openssl rsa -in server.key.org -out server.key')
runcmd('openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt')
if not exists('/etc/httpd/ssl'):
runcmd('mkdir -p /etc/httpd/ssl')
runcmd('cp server.crt /etc/httpd/ssl/{server}.crt'.format(server=servername))
runcmd('cp server.key /etc/httpd/ssl/{server}.key'.format(server=servername))
runcmd('rm -fr ~/cert-temp')
def test_can_change_shell(self):
cmd = 'ps c && echo "Hello" && read NAME && echo "Hi $NAME."'
from ilogue.fexpect import expect, expecting, run
import fabric
expectation = expect('Hello','answer')
backupenv = dict(fabric.state.env)
fabric.state.env.shell = 'sh -c'
with expecting(expectation):
output = run(cmd)
fabric.state.env.update(backupenv)
self.assertIn('00 sh',output)
def test_can_change_shell(self):
cmd = 'ps c && echo "Hello" && read NAME && echo "Hi $NAME."'
from ilogue.fexpect import expect, expecting, run
import fabric
expectation = expect('Hello','answer')
backupenv = dict(fabric.state.env)
fabric.state.env.shell = 'sh -c'
with expecting(expectation):
output = run(cmd)
fabric.state.env.update(backupenv)
self.assertIn('00 sh',output)
def setup_postgres_user(userpwd, adminpwd):
# set the postgres user password
prompts = []
prompts += expect('Enter new UNIX password:'******'Retype new UNIX password:'******'passwd postgres')
# set the postgres db user password
sudo("sudo -u postgres psql -d template1 -c \"ALTER USER postgres WITH PASSWORD '%s';\"" % adminpwd)
# generate an ssh-key
sudo("ssh-keygen -t rsa -b 4096 -N \"\" -f ~postgres/.ssh/id_rsa", user="******")
def import_mediawiki(url=None):
import_prompts = []
if url:
import_prompts += fexpect.expect('Enter the address of a MediaWiki site (ex: http://arborwiki.org/):',
url)
import_prompts += fexpect.expect('Continue import? (yes/no)', 'yes')
with ec2_instance(ami_id=get_ami('ubuntu10.04')):
sudo('apt-get -y install python-software-properties')
sudo('yes | apt-add-repository ppa:localwiki')
sudo('apt-get update')
with fexpect.expecting(prompts):
fexpect.sudo('apt-get -y --force-yes install localwiki')
with cd('/usr/share/localwiki'):
sudo('git clone git://github.com/mivanov/localwiki-importers.git')
with cd('localwiki-importers/mediawiki'):
sudo('source /usr/share/localwiki/env/bin/activate')
sudo('pip install -r requirements.txt')
sudo('deactivate')
with fexpect.expecting(import_prompts):
fexpect.sudo('python import_mediawiki.py')
def test_can_change_shell(self):
cmd = 'ps && echo "Hello" && read NAME && echo "Hi $NAME."'
from ilogue.fexpect import expect, expecting, run
import fabric
expectation = expect("Hello", "answer")
backupenv = fabric.state.env
fabric.state.env.shell = "sh -c"
with expecting(expectation):
output = run(cmd)
fabric.state.env = backupenv
self.assertIn("00 sh", output)
def test_controlchar(self):
cmd = 'python'
from ilogue.fexpect import controlchar, expect, expecting, run
import fabric
expectation = []
expectation += expect(">>>", controlchar('C'))
expectation += expect('KeyboardInterrupt', controlchar('D'))
with expecting(expectation):
output = run(cmd)
self.assertIn('KeyboardInterrupt',output)
def test_controlchar(self):
cmd = "python"
from ilogue.fexpect import controlchar, expect, expecting, run
import fabric
expectation = []
expectation += expect(">>>", controlchar("C"))
expectation += expect("KeyboardInterrupt", controlchar("D"))
with expecting(expectation):
output = run(cmd)
self.assertIn("KeyboardInterrupt", output)
def setup_postgres_user_connectivity():
if env.host == env.db_master:
srcIp = env.db_master
destIp = env.db_slave
else:
srcIp = env.db_slave
destIp = env.db_master
prompts = []
prompts += expect("Are you sure you want to continue connecting (yes/no)?", "yes")
prompts += expect("postgres@%s's password:"******"ssh-copy-id -i ~postgres/.ssh/id_rsa.pub postgres@%s" % destIp, user="******")
def test_controlchar(self):
cmd = 'python'
from ilogue.fexpect import controlchar, expect, expecting, run
import fabric
expectation = []
expectation += expect(">>>", controlchar('C'))
expectation += expect('KeyboardInterrupt', controlchar('D'))
with expecting(expectation):
output = run(cmd)
self.assertIn('KeyboardInterrupt',output)
def archive_setup_real_data():
"""Set up cnxarchive database with real data
"""
if not _postgres_user_exists('cnxarchive'):
prompts = []
prompts += fexpect.expect('Enter password for new role:', 'cnxarchive')
prompts += fexpect.expect('Enter it again:', 'cnxarchive')
with fexpect.expecting(prompts):
fexpect.sudo('createuser --no-createdb --no-createrole --superuser --pwprompt cnxarchive', user='******')
if _postgres_db_exists('cnxarchive'):
sudo('dropdb cnxarchive', user='******')
sudo('createdb -O cnxarchive cnxarchive', user='******')
sudo('createlang plpythonu cnxarchive', user='******')
run('zcat cnx-archive/repo_test_data.sql.gz >cnx-archive/repo_test_data.sql')
prompts = fexpect.expect('Password for user cnxarchive:', 'cnxarchive')
with fexpect.expecting(prompts):
fexpect.run('psql -U cnxarchive cnxarchive -f cnx-archive/repo_test_data.sql')
run('rm -rf cnx-archive/repo_test_data.sql')
run('cnx-upgrade v1')
def setup_postgres_user(userpwd, adminpwd):
# set the postgres user password
prompts = []
prompts += expect('Enter new UNIX password:'******'Retype new UNIX password:'******'passwd postgres')
# set the postgres db user password
sudo(
"sudo -u postgres psql -d template1 -c \"ALTER USER postgres WITH PASSWORD '%s';\""
% adminpwd)
# generate an ssh-key
sudo("ssh-keygen -t rsa -b 4096 -N \"\" -f ~postgres/.ssh/id_rsa",
user="******")
def generate_client_credentials(cluster_name, public_key, verify_code):
"""Generate the client credentials"""
prompts = []
prompts += expect('Enter a name for this cluster:', cluster_name)
prompts += expect("Input the server's public key:", public_key)
prompts += expect("Input the server verify code: ", verify_code)
with expecting(prompts):
output = run('cstar_perf_client --get-credentials')
lines = output.split('\n')
client_public_key = [line for line in lines if line.startswith("Your public key is")][0]
fab.run("echo '{}' > ~/credentials.txt".format(client_public_key))
def test_install(image_name):
with temporary_ec2_instance(ami_id=get_ami(image_name)):
sudo('apt-get -y install python-software-properties')
sudo('yes | apt-add-repository ppa:localwikidev/testing')
sudo('apt-get update')
with fexpect.expecting(prompts):
fexpect.sudo('apt-get -y --force-yes install localwiki')
# On Ubuntu 11.10, downgrade to psycopg2 v2.4.1 or else tests can't run
# See https://code.djangoproject.com/ticket/16250
if image_name in ['ubuntu11.10', 'ubuntu12.04']:
sudo('apt-get -y install python-dev libpq-dev')
sudo('pip install psycopg2==2.4.1')
# Give localwiki db user permission to create a database, for tests
sudo('psql -c "ALTER ROLE localwiki WITH CREATEDB;"', user='******')
sudo('localwiki-manage test pages maps tags versioning diff ckeditor redirects users')
def generate_client_credentials(cluster_name, public_key, verify_code):
"""Generate the client credentials"""
prompts = []
prompts += expect('Enter a name for this cluster:', cluster_name)
prompts += expect("Input the server's public key:", public_key)
prompts += expect("Input the server verify code: ", verify_code)
with expecting(prompts):
output = run('cstar_perf_client --get-credentials')
lines = output.split('\n')
client_public_key = [
line for line in lines if line.startswith("Your public key is")
][0]
fab.run("echo '{}' > ~/credentials.txt".format(client_public_key))
def setup_postgres_user_connectivity():
if env.host == env.db_master:
srcIp = env.db_master
destIp = env.db_slave
else:
srcIp = env.db_slave
destIp = env.db_master
prompts = []
prompts += expect("Are you sure you want to continue connecting (yes/no)?",
"yes")
prompts += expect("postgres@%s's password:"******"ssh-copy-id -i ~postgres/.ssh/id_rsa.pub postgres@%s" %
destIp,
user="******")
def test_exit_after_expectation(self):
import time
from StringIO import StringIO
#sequence shouldn't matter
script = "#!/usr/bin/python\nimport time\nfor i in range(1,8):\n\tprint(i)\n\ttime.sleep(1)"
cmd = 'python /tmp/test.py'
put(StringIO(script),'/tmp/test.py')
from ilogue.fexpect import expect, expecting, run
exp1 = expect('Hello','111')
exp2 = expect('3','expected',exitAfter=0)
t = time.time()
with expecting(exp1+exp2):
output = run(cmd)
elapsed = time.time() - t
self.assertGreater(elapsed,2)
self.assertLess(elapsed,4)
def test_multimatch(self):
""" Match same prompt but with different responses """
cmd = 'echo "name" && read NAME1 && echo "name is $NAME1" && echo "name" && read NAME2 && echo "name is $NAME2"'
from ilogue.fexpect import expecting, expect, run
expectation = []
expectation += expect('name', 'Ford')
expectation += expect('name', 'Arthur')
with expecting(expectation):
output = run(cmd)
self.assertIn('Ford', output)
self.assertIn('Arthur', output)
def test_exit_after_expectation(self):
import time
from StringIO import StringIO
#sequence shouldn't matter
script = "#!/usr/bin/python\nimport time\nfor i in range(1,8):\n\tprint(i)\n\ttime.sleep(1)"
cmd = 'python /tmp/test.py'
put(StringIO(script),'/tmp/test.py')
from ilogue.fexpect import expect, expecting, run
exp1 = expect('Hello','111')
exp2 = expect('3','expected',exitAfter=0)
t = time.time()
with expecting(exp1+exp2):
output = run(cmd)
elapsed = time.time() - t
self.assertGreater(elapsed,2)
self.assertLess(elapsed,4)
def test_multimatch(self):
""" Match same prompt but with different responses """
cmd = 'echo "name" && read NAME1 && echo "name is $NAME1" && echo "name" && read NAME2 && echo "name is $NAME2"'
from ilogue.fexpect import expecting, expect, run
expectation = []
expectation += expect('name', 'Ford')
expectation += expect('name', 'Arthur')
with expecting(expectation):
output = run(cmd)
self.assertIn('Ford', output)
self.assertIn('Arthur', output)
def test_mixed_case(self):
cmd1 = "expr 5 + 5"
cmd2 = "read -p Name: NAME && echo Hi $NAME."
cmd3 = "expr 18 / 3"
from ilogue.fexpect import expect, expecting, run
import fabric
output1 = run(cmd1)
expectation = expect("Name:", "Bill")
with expecting(expectation):
output2 = run(cmd2)
output3 = run(cmd3)
self.assertIn("10", output1)
self.assertIn("Hi Bill.", output2)
self.assertIn("6", output3)
def initdb():
"""initialize Tripwire database"""
prompts = []
# retrieve digits
n = ''.join(x for x in env.host if x.isdigit())
# reverse n and get the last 2 digits
passwd = n[::-1][:2] + 'tripwire'
prompts += expect('Please enter your local passphrase:', passwd)
with expecting(prompts):
ilogue.fexpect.sudo('/usr/local/tripwire/tfs/bin/tripwire --init')
# cleanup
fabric.api.run('rm /tmp/fexpect_*')
def test_mixed_case(self):
cmd1 = 'expr 5 + 5'
cmd2 = 'read -p Name: NAME && echo Hi $NAME.'
cmd3 = 'expr 18 / 3'
from ilogue.fexpect import expect, expecting, run
import fabric
output1 = run(cmd1)
expectation = expect('Name:','Bill')
with expecting(expectation):
output2 = run(cmd2)
output3 = run(cmd3)
self.assertIn('10',output1)
self.assertIn('Hi Bill.',output2)
self.assertIn('6',output3)
def user_setup():
"""Set up cnx-user
"""
_setup()
_install_postgresql()
if not _postgres_user_exists('cnxuser'):
prompts = []
prompts += fexpect.expect('Enter password for new role:', 'cnxuser')
prompts += fexpect.expect('Enter it again:', 'cnxuser')
with fexpect.expecting(prompts):
fexpect.sudo(
'createuser --no-createdb --no-createrole --no-superuser --pwprompt cnxuser',
user='******')
if _postgres_db_exists('cnxuser'):
sudo('dropdb cnxuser', user='******')
sudo('createdb -O cnxuser cnxuser', user='******')
if not fabric.contrib.files.exists('cnx-user'):
run('git clone https://github.com/Connexions/cnx-user.git')
if not fabric.contrib.files.exists('velruse'):
run('git clone -b cnx-master https://github.com/pumazi/velruse.git')
with cd('velruse'):
sudo('python setup.py install')
sudo('pip install -e .')
_install_nodejs()
sudo('apt-get install --yes npm')
sudo('rm -rf ~/tmp') # ~/tmp is needed for npm
sudo('npm install -g grunt-cli bower')
# remove ~/tmp after a system npm install as ~/tmp is owned by root and
# cannot be written as the user in the next step
sudo('rm -rf ~/tmp')
with cd('cnx-user/cnxuser/assets'):
run('npm install')
with cd('cnx-user'):
# change velruse to use 1.0.3 which is the version from pumazmi/veruse
if not fabric.contrib.files.contains('setup.py', 'velruse==1.0.3'):
fabric.contrib.files.sed('setup.py', 'velruse', 'velruse==1.0.3')
sudo('python setup.py install')
sudo('pip install -e .')
# httplib2 top_level.txt is not readable by the user for some reason
# (while other top_level.txt are). This causes initialize_cnx-user_db
# to fail with IOError permission denied
sudo(
'chmod 644 /usr/local/lib/python2.7/dist-packages/httplib2-0.8-py2.7.egg/EGG-INFO/top_level.txt'
)
run('initialize_cnx-user_db development.ini')
def test_mixed_case(self):
cmd1 = 'expr 5 + 5'
cmd2 = 'read -p Name: NAME && echo Hi $NAME.'
cmd3 = 'expr 18 / 3'
from ilogue.fexpect import expect, expecting, run
import fabric
output1 = run(cmd1)
expectation = expect('Name:','Bill')
with expecting(expectation):
output2 = run(cmd2)
output3 = run(cmd3)
self.assertIn('10',output1)
self.assertIn('Hi Bill.',output2)
self.assertIn('6',output3)
def repo_setup():
"""Set up rhaptos2.repo
"""
_setup()
_install_postgresql()
sudo('apt-get install --yes libxml2-dev libxslt1-dev')
_install_nodejs()
sudo('apt-get install --yes npm')
if not _postgres_user_exists('rhaptos2repo'):
prompts = []
prompts += fexpect.expect('Enter password for new role:',
'rhaptos2repo')
prompts += fexpect.expect('Enter it again:', 'rhaptos2repo')
with fexpect.expecting(prompts):
fexpect.sudo('createuser --pwprompt --superuser rhaptos2repo',
user='******')
if _postgres_db_exists('rhaptos2repo'):
sudo('dropdb rhaptos2repo', user='******')
if _postgres_db_exists('rhaptos2users'):
sudo('dropdb rhaptos2users', user='******')
sudo('createdb -O rhaptos2repo rhaptos2repo', user='******')
sudo('createdb -O rhaptos2repo rhaptos2users', user='******')
if not fabric.contrib.files.exists('rhaptos2.common'):
run('git clone [email protected]:Connexions/rhaptos2.common.git')
with cd('rhaptos2.common'):
sudo('python setup.py install')
sudo('pip install -e .')
if not fabric.contrib.files.exists('rhaptos2.repo'):
run('git clone -b fix-install [email protected]:Connexions/rhaptos2.repo.git'
)
with cd('rhaptos2.repo'):
sudo('pip install -e .')
if fabric.contrib.files.exists('repo-error.log'):
sudo('chown karen:karen repo-error.log')
sudo('rhaptos2repo-initdb develop.ini')
with cd('rhaptos2.repo'):
if not fabric.contrib.files.exists('atc'):
run('git clone [email protected]:Connexions/atc.git')
with cd('rhaptos2.repo/atc'):
sudo('npm update -g bower', warn_only=True)
run('npm install')
sudo('easy_install-2.7 PasteScript PasteDeploy waitress')
def install_mysql(password):
if not check_package_installed('mysql-server'):
runcmd('yum -y update')
runcmd('yum -y install mysql-server')
runcmd('chkconfig --levels 235 mysqld on')
runcmd('service start mysqld')
# Secure mysql
setup = []
setup += expect('Enter current password for root (enter for none):', '')
setup += expect('Set root password? \[Y/n\]', 'y')
setup += expect('New password:'******'Re-enter new password:'******'Remove anonymous users? \[Y/n\]', 'y')
setup += expect('Disallow root login remotely? \[Y/n\]', 'y')
setup += expect('Remove test database and access to it? \[Y/n\]', 'y')
setup += expect('Reload privilege tables now? \[Y/n\]', 'y')
with expecting(setup):
eruncmd('mysql_secure_installation')
def repo_setup():
"""Set up rhaptos2.repo
"""
_setup()
_install_postgresql()
sudo('apt-get install --yes libxml2-dev libxslt1-dev')
_install_nodejs()
sudo('apt-get install --yes npm')
if not _postgres_user_exists('rhaptos2repo'):
prompts = []
prompts += fexpect.expect('Enter password for new role:', 'rhaptos2repo')
prompts += fexpect.expect('Enter it again:', 'rhaptos2repo')
with fexpect.expecting(prompts):
fexpect.sudo('createuser --pwprompt --superuser rhaptos2repo', user='******')
if _postgres_db_exists('rhaptos2repo'):
sudo('dropdb rhaptos2repo', user='******')
if _postgres_db_exists('rhaptos2users'):
sudo('dropdb rhaptos2users', user='******')
sudo('createdb -O rhaptos2repo rhaptos2repo', user='******')
sudo('createdb -O rhaptos2repo rhaptos2users', user='******')
if not fabric.contrib.files.exists('rhaptos2.common'):
run('git clone [email protected]:Connexions/rhaptos2.common.git')
with cd('rhaptos2.common'):
sudo('python setup.py install')
sudo('pip install -e .')
if not fabric.contrib.files.exists('rhaptos2.repo'):
run('git clone -b fix-install [email protected]:Connexions/rhaptos2.repo.git')
with cd('rhaptos2.repo'):
sudo('pip install -e .')
if fabric.contrib.files.exists('repo-error.log'):
sudo('chown karen:karen repo-error.log')
sudo('rhaptos2repo-initdb develop.ini')
with cd('rhaptos2.repo'):
if not fabric.contrib.files.exists('atc'):
run('git clone [email protected]:Connexions/atc.git')
with cd('rhaptos2.repo/atc'):
sudo('npm update -g bower', warn_only=True)
run('npm install')
sudo('easy_install-2.7 PasteScript PasteDeploy waitress')
def install_mysql(password):
if not check_package_installed('mysql-server'):
runcmd('yum -y update')
runcmd('yum -y install mysql-server')
runcmd('chkconfig --levels 235 mysqld on')
runcmd('service start mysqld')
# Secure mysql
setup = []
setup += expect('Enter current password for root (enter for none):','')
setup += expect('Set root password? \[Y/n\]','y')
setup += expect('New password:'******'Re-enter new password:'******'Remove anonymous users? \[Y/n\]', 'y')
setup += expect('Disallow root login remotely? \[Y/n\]', 'y')
setup += expect('Remove test database and access to it? \[Y/n\]', 'y')
setup += expect('Reload privilege tables now? \[Y/n\]', 'y')
with expecting(setup):
eruncmd('mysql_secure_installation')
def _setup_postgres():
# start at boot
filename = "/tmp/foo_%s" % _a_bit_of_random()
sudo("cat /etc/rc.conf | grep -v postgresql > %s" % filename)
sudo("echo 'postgresql_enable=\"YES\"' >> %s" % filename)
sudo("mv %s /etc/rc.conf" % filename)
# init the db
sudo("/usr/local/etc/rc.d/postgresql initdb")
#start the db
sudo("/usr/local/etc/rc.d/postgresql start")
# create the user
prompts = []
prompts += expect("Enter password for new role:", DB_PASSWORD)
prompts += expect("Enter it again:", DB_PASSWORD)
with expecting(prompts):
expectsudo("createuser -d -S -R -P %s" % DB_ADMIN, user="******")
def user_setup():
"""Set up cnx-user
"""
_setup()
_install_postgresql()
if not _postgres_user_exists('cnxuser'):
prompts = []
prompts += fexpect.expect('Enter password for new role:', 'cnxuser')
prompts += fexpect.expect('Enter it again:', 'cnxuser')
with fexpect.expecting(prompts):
fexpect.sudo('createuser --no-createdb --no-createrole --no-superuser --pwprompt cnxuser', user='******')
if _postgres_db_exists('cnxuser'):
sudo('dropdb cnxuser', user='******')
sudo('createdb -O cnxuser cnxuser', user='******')
if not fabric.contrib.files.exists('cnx-user'):
run('git clone https://github.com/Connexions/cnx-user.git')
if not fabric.contrib.files.exists('velruse'):
run('git clone -b cnx-master https://github.com/pumazi/velruse.git')
with cd('velruse'):
sudo('python setup.py install')
sudo('pip install -e .')
_install_nodejs()
sudo('apt-get install --yes npm')
sudo('rm -rf ~/tmp') # ~/tmp is needed for npm
sudo('npm install -g grunt-cli bower')
# remove ~/tmp after a system npm install as ~/tmp is owned by root and
# cannot be written as the user in the next step
sudo('rm -rf ~/tmp')
with cd('cnx-user/cnxuser/assets'):
run('npm install')
with cd('cnx-user'):
# change velruse to use 1.0.3 which is the version from pumazmi/veruse
if not fabric.contrib.files.contains('setup.py', 'velruse==1.0.3'):
fabric.contrib.files.sed('setup.py', 'velruse', 'velruse==1.0.3')
sudo('python setup.py install')
sudo('pip install -e .')
# httplib2 top_level.txt is not readable by the user for some reason
# (while other top_level.txt are). This causes initialize_cnx-user_db
# to fail with IOError permission denied
sudo('chmod 644 /usr/local/lib/python2.7/dist-packages/httplib2-0.8-py2.7.egg/EGG-INFO/top_level.txt')
run('initialize_cnx-user_db development.ini')
def install():
"""install Tripwire"""
# retrieve hostname digits
n = ''.join(x for x in env.host if x.isdigit())
# reverse n and get the last 2 digits
local_passphrase = n[::-1][:2] + 'tripwire'
site_passphrase = '00tripwire'
# answers for tripwire install
prompts = []
prompts += expect('Please enter your site passphrase:', site_passphrase)
prompts += expect('The local key file: \\"/usr/local/tripwire/tfs/key/local.key\\" exists. Overwrite (Y/N)?', 'Y')
prompts += expect('Enter the local keyfile passphrase:', local_passphrase)
prompts += expect('Verify the local keyfile passphrase:', local_passphrase)
prompts += expect('Please enter your local passphrase:', local_passphrase)
# get remote id and home
Rid=fabric.api.run('id -un').splitlines()[-1]
Rhome=fabric.api.run('pwd').splitlines()[-1]
# upload tarball containing tripwire
tarball = 'tripwire-pci.tgz'
src = os.path.join(DATA_DIR, 'tripwire', tarball)
dst = os.path.join(Rhome, tarball)
upload_template(src, dst)
# extract tarball
fabric.api.run('tar zxvf %s' % dst)
# install pexpect for dependency
fabric.api.sudo('yum -y install pexpect')
with expecting(prompts):
ilogue.fexpect.sudo(Rhome+'/tripwire-pci/install_tripwire.sh')
if Rid !='system':
fabric.api.sudo('chown -R system:system /usr/local/tripwire/')
# cleanup
fabric.api.run('rm -rf '+Rhome+'/tripwire-pci*')
fabric.api.run('rm /tmp/fexpect_*')
def dbinit():
"""
Creates a default database and user with appropriate privileges
for local development
"""
mysql_cmd = "create database {0};"+\
"create user {1}@\"{2}\" identified by \"{3}\";"+\
"create user {1}@localhost identified by \"{3}\";"+\
"grant all privileges on {0}.* to {1}@localhost;"+\
"grant all privileges on {0}.* to {1}@\"{2}\";exit;"
mysql_prompts = []
mysql_prompts += expect('mysql>',mysql_cmd.format(
config.get('env_vars').get("DATABASE_NAME"),
config.get('env_vars').get("DATABASE_USER"),
config.get('env_vars').get("DATABASE_CONSUMER",'%'),
config.get('env_vars').get("DATABASE_PASSWORD")))
with expecting(mysql_prompts):
erun('mysql -u root')
def test_quotes(self):
cmd1 = 'read -p "Prompt1:" RESP1 && echo Received $RESP1.'
cmd2 = "read -p 'Prompt2:' RESP2 && echo Received $RESP2."
cmd3 = """read -p 'Prompt3:' -n "20" RESP3 && echo Received $RESP3."""
from ilogue.fexpect import expect, expecting, run
import fabric
expectation = []
expectation += expect('Prompt1:','Foo')
expectation += expect('Prompt2:','Bar')
expectation += expect('Prompt3:','Baz')
with expecting(expectation):
output1 = run(cmd1)
output2 = run(cmd2)
output3 = run(cmd3)
self.assertIn('Received Foo',output1)
self.assertIn('Received Bar',output2)
self.assertIn('Received Baz',output3)
def test_quotes(self):
cmd1 = 'read -p "Prompt1:" RESP1 && echo Received $RESP1.'
cmd2 = "read -p 'Prompt2:' RESP2 && echo Received $RESP2."
cmd3 = """read -p 'Prompt3:' -n "20" RESP3 && echo Received $RESP3."""
from ilogue.fexpect import expect, expecting, run
import fabric
expectation = []
expectation += expect('Prompt1:','Foo')
expectation += expect('Prompt2:','Bar')
expectation += expect('Prompt3:','Baz')
with expecting(expectation):
output1 = run(cmd1)
output2 = run(cmd2)
output3 = run(cmd3)
self.assertIn('Received Foo',output1)
self.assertIn('Received Bar',output2)
self.assertIn('Received Baz',output3)
def deploy():
with prefix('source $(which virtualenvwrapper.sh) && workon remote'):
settings_file = '--settings=haxclub.settings.base'
env_vars = config.get('env_vars')
if not exists('~/haxclub'):
with cd('~/'):
run('git clone https://github.com/jsalva/haxclub')
with cd('~/haxclub/haxclub'):
if not exists('logs'):
run('mkdir logs')
run('git pull origin master')
with shell_env(**env_vars):
prompts = []
prompts += expect("Type 'yes' to continue", "yes")
with expecting(prompts):
erun('python manage.py collectstatic %s' % settings_file)
erun('python manage.py migrate %s' % settings_file)
erun('python manage.py syncdb %s' % settings_file)
if exists('supervisord.pid'):
erun('python manage.py supervisor reload %s' %
settings_file)
else:
erun('python manage.py supervisor --daemonize %s' %
settings_file)
if not exists('/tmp/nginx'):
run('mkdir /tmp/nginx')
put('nginx.conf', '/etc/nginx/nginx.conf', use_sudo=True)
put('nginx_haxclub.conf',
'/etc/nginx/conf.d/nginx_haxclub.conf',
use_sudo=True)
put('ssl/haxclub.key.nopass',
'/etc/ssl/certs/haxclub.key.nopass',
use_sudo=True)
put('ssl/haxclub.crt', '/etc/ssl/certs/haxclub.crt', use_sudo=True)
put('nginx_haxclub.conf',
'/etc/nginx/conf.d/nginx_haxclub.conf',
use_sudo=True)
sudo('service nginx stop; service nginx start;')
def dbinit():
"""
Creates a default database and user with appropriate privileges
for local development
"""
mysql_cmd = "create database {0};"+\
"create user {1}@\"{2}\" identified by \"{3}\";"+\
"create user {1}@localhost identified by \"{3}\";"+\
"grant all privileges on {0}.* to {1}@localhost;"+\
"grant all privileges on {0}.* to {1}@\"{2}\";exit;"
mysql_prompts = []
mysql_prompts += expect(
'mysql>',
mysql_cmd.format(
config.get('env_vars').get("DATABASE_NAME"),
config.get('env_vars').get("DATABASE_USER"),
config.get('env_vars').get("DATABASE_CONSUMER", '%'),
config.get('env_vars').get("DATABASE_PASSWORD")))
with expecting(mysql_prompts):
erun('mysql -u root')
def instalar_pxp():
question = raw_input("La conexion se realizara por un proxy? (s/n) : ")
if question == 's':
question = raw_input(
"Ingrese la cadena de conexion del servidor proxy (proxyuser:proxypwd@server:port o server:port) : "
)
proxy = question
else:
proxy = ""
run("yum -y install wget")
version = run("grep -o release.. /etc/redhat-release")
if (version == 'release 7'):
# postgres de rpm de postgres 9.5#
run("wget http://yum.postgresql.org/9.5/redhat/rhel-7-x86_64/pgdg-centos95-9.5-2.noarch.rpm"
)
else:
# postgres de rpm de postgres 9.5#
run("wget http://yum.postgresql.org/9.5/redhat/rhel-6-x86_64/pgdg-redhat95-9.5-2.noarch.rpm"
)
# configuraicon de archivos de centos-base.repo agregando una linea #
s = open("/etc/yum.repos.d/CentOS-Base.repo", 'a')
s.write("exclude=postgresql*\n\n")
s.close()
if (version == 'release 7'):
run("rpm -Uvh --replacepkgs pgdg-centos95-9.5-2.noarch.rpm")
else:
run("rpm -Uvh --replacepkgs pgdg-redhat95-9.5-2.noarch.rpm")
# instalacion de postgres y la primera corrida #
S_pgsql = "service postgresql-9.5"
I_pgsql = "postgresql95"
sudo(
"yum -y install postgresql95-server postgresql95-docs postgresql95-contrib postgresql95-plperl postgresql95-plpython postgresql95-pltcl postgresql95-test rhdb-utils gcc-objc postgresql95-devel "
)
if (version == 'release 7'):
run("/usr/pgsql-9.5/bin/postgresql95-setup initdb")
run("systemctl start postgresql-9.5")
run("systemctl enable postgresql-9.5")
else:
run("service postgresql-9.5 initdb")
run("service postgresql-9.5 start")
run("chkconfig postgresql-9.5 on")
# instalacion del php y apache mas la primera corrida #
sudo(
"yum -y install httpd php mod_ssl mod_auth_pgsql php-pear php-bcmath php-mbstring php-cli php-ldap php-pdo php-pgsql php-gd"
)
if (version == 'release 7'):
run("systemctl start httpd")
run("systemctl enable httpd")
else:
run("service httpd start")
run("chkconfig httpd on")
#Creacion de archivos para bitacoras
archi = open("/usr/local/lib/phx.c", 'w')
archi.write('#include "postgres.h"\n')
archi.write('#include <string.h>\n')
archi.write('#include "fmgr.h"\n')
archi.write('#include "utils/geo_decls.h"\n')
archi.write('#include <stdio.h>\n')
archi.write('#ifdef PG_MODULE_MAGIC\n')
archi.write('PG_MODULE_MAGIC;\n')
archi.write('#endif\n')
archi.write('/* by value */\n')
archi.write('PG_FUNCTION_INFO_V1(monitor_phx);\n')
archi.write('Datum\n')
archi.write('monitor_phx(PG_FUNCTION_ARGS)\n')
archi.write('{\n')
archi.write(' int32 arg = PG_GETARG_INT32(0);\n')
archi.write(' system("sudo /usr/local/lib/./phxbd.sh");\n')
archi.write(' PG_RETURN_INT32(arg);\n')
archi.write('}')
archi.close()
run("gcc -I /usr/local/include -I /usr/pgsql-9.5/include/server/ -fpic -c /usr/local/lib/phx.c"
)
run("gcc -I /usr/local/include -I /usr/pgsql-9.5/include/server/ -shared -o /usr/local/lib/phx.so phx.o"
)
run("chown root.postgres /usr/local/lib/phx.so")
run("chmod 750 /usr/local/lib/phx.so")
archi = open("/usr/local/lib/phxbd.sh", 'w')
archi.write('!/bin/bash\n')
archi.write(
'top -b -n 1 | grep -e postgres -e httpd | awk \'{print $1","$12","$2","$9","$10","$5""""}\' > /tmp/procesos.csv\n'
)
archi.write('chown root.postgres /tmp/procesos.csv\n')
archi.write('chmod 740 /tmp/procesos.csv')
sudo("chown root.postgres /usr/local/lib/phxbd.sh")
sudo("sudo chmod 700 /usr/local/lib/phxbd.sh")
f = open("/etc/sudoers", 'r')
chain = f.read()
chain = chain.replace("Defaults requiretty", "#Defaults requiretty")
chain = chain.replace(
"root ALL=(ALL) ALL",
"root ALL=(ALL) ALL\n postgres ALL=NOPASSWD: /usr/local/lib/phxbd.sh"
)
f.close()
f = open("/etc/sudoers", 'w')
f.write(chain)
f.close()
#Instalacion de mcrypt para servicios rest
if (version == 'release 7'):
run("wget http://dl.fedoraproject.org/pub/epel/7/x86_64/e/epel-release-7-9.noarch.rpm"
)
run("wget http://rpms.remirepo.net/enterprise/remi-release-7.rpm")
run("rpm -Uvh remi-release-7*.rpm epel-release-7*.rpm")
else:
run("wget http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm"
)
run("wget http://rpms.famillecollet.com/enterprise/remi-release-6.rpm")
sudo("rpm -Uvh remi-release-6*.rpm epel-release-6*.rpm")
run("yum -y update")
run("yum -y install php-mcrypt*")
# cambio de los archivos pg_hba y postgres.config#
archi = open("/var/lib/pgsql/9.5/data/pg_hba.conf", 'w')
archi.write(
"# TYPE DATABASE USER ADDRESS METHOD\n\n"
)
archi.write("# 'local' is for Unix domain socket connections only\n")
archi.write(
"local all postgres,dbkerp_conexion trust\n")
archi.write(
"local all all md5\n"
)
archi.write("# IPv4 local connections:\n")
archi.write(
"host all all 127.0.0.1/32 md5\n"
)
archi.write(
"host all all 192.168.0.0/16 md5\n"
)
archi.write("# IPv6 local connections:\n")
archi.write(
"host all all ::1/128 md5\n"
)
archi.close()
f = open("/var/lib/pgsql/9.5/data/postgresql.conf", 'r')
chain = f.read()
chain = chain.replace("pg_catalog.english", "pg_catalog.spanish")
chain = chain.replace("log_destination = 'stderr'",
"log_destination = 'csvlog'")
chain = chain.replace("log_filename = 'postgresql-%a.log'",
"log_filename = 'postgresql-%Y-%m-%d.log'")
chain = chain.replace("log_truncate_on_rotation = on",
"log_truncate_on_rotation = off")
chain = chain.replace("#log_error_verbosity = default",
"log_error_verbosity = verbose")
chain = chain.replace("#log_statement = 'none'", "log_statement = 'mod'")
chain = chain.replace("iso, mdy", "iso, dmy")
f.close()
otro = open("/var/lib/pgsql/9.5/data/postgresql.conf", 'w')
otro.write(chain)
otro.close()
s = open("/var/lib/pgsql/9.5/data/postgresql.conf", 'a')
s.write("listen_addresses = '*'\n")
s.write("bytea_output = 'escape'\n")
s.close()
db_pass = "******"
sudo('psql -c "ALTER USER postgres WITH ENCRYPTED PASSWORD E\'%s\'"' %
(db_pass),
user='******')
sudo('psql -c "CREATE DATABASE dbkerp WITH ENCODING=\'UTF-8\';"',
user='******')
sudo(
'psql -c "CREATE USER dbkerp_conexion WITH PASSWORD \'dbkerp_conexion\';"',
user='******')
sudo('psql -c "ALTER ROLE dbkerp_conexion SUPERUSER;"', user='******')
sudo(
'psql -c "CREATE USER dbkerp_admin WITH PASSWORD \'a1a69c4e834c5aa6cce8c6eceee84295\';"',
user='******')
sudo('psql -c "ALTER ROLE dbkerp_admin SUPERUSER;"', user='******')
if (version == 'release 7'):
run('systemctl restart postgresql-9.5')
else:
run('service postgresql-9.5 restart')
# instalacion de git para poder bajar el repositoriio pxp y moviendo a la carpeta /var/www/html/kerp/#
sudo("yum -y install git-core")
run("mkdir /var/www/html/kerp")
run("mkdir /var/www/html/kerp/pxp")
#Si existe proxy se configura github para el proxy
if (proxy != ""):
run("git config --global http.proxy http://" + proxy)
run("git config --global https.proxy https://" + proxy)
run("git clone https://github.com/kplian/pxp.git /var/www/html/kerp/pxp")
run("chown -R apache.apache /var/www/html/kerp/")
run("chmod 700 -R /var/www/html/kerp/")
# haciendo una copia de datosgenerales.samples.php y modificando archivo#
f = open("/var/www/html/kerp/pxp/lib/DatosGenerales.sample.php")
g = open("/var/www/html/kerp/pxp/lib/DatosGenerales.php", "w")
linea = f.readline()
while linea != "":
g.write(linea)
linea = f.readline()
g.close()
f.close()
#TODO VOLVER VARIABLE LA CARPETA PRINCIPAL KERP
f = open("/var/www/html/kerp/pxp/lib/DatosGenerales.php", 'r')
chain = f.read()
chain = chain.replace("/web/lib/lib_control/",
"/kerp/pxp/lib/lib_control/")
chain = chain.replace("/kerp-boa/", "/kerp/")
chain = chain.replace("/var/lib/pgsql/9.1/data/pg_log/",
"/var/lib/pgsql/9.5/data/pg_log/")
f.close()
otro = open("/var/www/html/kerp/pxp/lib/DatosGenerales.php", 'w')
otro.write(chain)
otro.close()
run("ln -s /var/www/html/kerp/pxp/lib /var/www/html/kerp/lib")
run("ln -s /var/www/html/kerp/pxp/index.php /var/www/html/kerp/index.php")
run("ln -s /var/www/html/kerp/pxp/sis_generador /var/www/html/kerp/sis_generador"
)
run("ln -s /var/www/html/kerp/pxp/sis_organigrama /var/www/html/kerp/sis_organigrama"
)
run("ln -s /var/www/html/kerp/pxp/sis_parametros /var/www/html/kerp/sis_parametros"
)
run("ln -s /var/www/html/kerp/pxp/sis_seguridad /var/www/html/kerp/sis_seguridad"
)
run("ln -s /var/www/html/kerp/pxp/sis_workflow /var/www/html/kerp/sis_workflow"
)
archi = open('/var/www/html/kerp/sistemas.txt', 'w')
archi.close()
run("mkdir /var/www/html/kerp/reportes_generados")
sudo("setfacl -R -m u:apache:wrx /var/www/html/kerp/reportes_generados")
# sudo("yum -y install rpm-build")
sudo("setfacl -R -m u:postgres:wrx /var/www/html")
sudo("chcon -Rv --type=httpd_sys_rw_content_t /var/www/html/kerp/")
sudo("setsebool -P httpd_can_network_connect_db=1")
# iptables
if (version == 'release 6'):
run("iptables --flush")
run("iptables -P INPUT ACCEPT")
run("iptables -P OUTPUT ACCEPT")
run("iptables -P FORWARD ACCEPT")
#Interfaz local aceptar
run("iptables -A INPUT -i lo -j ACCEPT")
#Comunicaciones establecidas aceptar
run("iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT")
#Ping Aceptar
run("iptables -A INPUT -p icmp --icmp-type echo-request -j ACCEPT")
#Ssh Aceptar
run("iptables -A INPUT -p tcp --dport 22 -m state --state NEW,ESTABLISHED -j ACCEPT"
)
#http y https aceptar
run("iptables -A INPUT -p tcp --dport 80 -m state --state NEW,ESTABLISHED -j ACCEPT"
)
run("iptables -A INPUT -p tcp --dport 443 -m state --state NEW,ESTABLISHED -j ACCEPT"
)
#postgres aceptar
run("iptables -A INPUT -p tcp --dport 5432 -m state --state NEW,ESTABLISHED -j ACCEPT"
)
run("iptables -P INPUT DROP")
run("service iptables save")
run("service iptables restart")
else:
run("firewall-cmd --permanent --add-port=22/tcp")
run("firewall-cmd --permanent --add-port=80/tcp")
run("firewall-cmd --permanent --add-port=5432/tcp")
run("firewall-cmd --reload")
prompts = []
prompts += expect('Ingrese una opcion.*', '1')
prompts += expect('Ingrese el nombre de la BD.*', 'dbkerp')
prompts += expect('Desea obtener un backup de la BD.*', 'NO')
prompts += expect('los datos de prueba.*', 'n')
with expecting(prompts):
sudo(
"/var/www/html/kerp/pxp/utilidades/restaurar_bd/./restaurar_todo.py",
user="******")