def install(replica_config, options, dm_password): subject = dsinstance.DsInstance().find_subject_base() if replica_config is None: kra = krainstance.KRAInstance( api.env.realm, dogtag_constants=dogtag.install_constants) kra.configure_instance( api.env.host, api.env.domain, dm_password, dm_password, subject_base=subject) else: kra = krainstance.install_replica_kra(replica_config) service.print_msg("Restarting the directory server") ds = dsinstance.DsInstance() ds.restart() kra.enable_client_auth_to_db(kra.dogtag_constants.KRA_CS_CFG_PATH) # Update config file parser = RawConfigParser() parser.read(paths.IPA_DEFAULT_CONF) parser.set('global', 'enable_kra', 'True') with open(paths.IPA_DEFAULT_CONF, 'w') as f: parser.write(f)
def _run(self): super(KRAInstaller, self).run() print dedent(self.INSTALLER_START_MESSAGE) subject = dsinstance.DsInstance().find_subject_base() if not self.installing_replica: kra = krainstance.KRAInstance( api.env.realm, dogtag_constants=dogtag.install_constants) kra.configure_instance( api.env.host, api.env.domain, self.options.password, self.options.password, subject_base=subject) else: replica_config = create_replica_config( self.options.password, self.replica_file, self.options) if not read_replica_info_kra_enabled(replica_config.dir): raise admintool.ScriptError( "Either KRA is not installed on the master system or " "your replica file is out of date" ) kra = krainstance.install_replica_kra(replica_config) service.print_msg("Restarting the directory server") ds = dsinstance.DsInstance() ds.restart() kra.enable_client_auth_to_db(kra.dogtag_constants.KRA_CS_CFG_PATH) # Restart apache for new proxy config file services.knownservices.httpd.restart(capture_output=True) # Update config file parser = RawConfigParser() parser.read(paths.IPA_DEFAULT_CONF) parser.set('global', 'enable_kra', 'True') with open(paths.IPA_DEFAULT_CONF, 'w') as f: parser.write(f)
def _run(self): super(KRAInstaller, self).run() print dedent(self.INSTALLER_START_MESSAGE) subject = dsinstance.DsInstance().find_subject_base() if not self.installing_replica: kra = krainstance.KRAInstance( api.env.realm, dogtag_constants=dogtag.install_constants) kra.configure_instance(api.env.host, api.env.domain, self.options.password, self.options.password, subject_base=subject) else: replica_config = create_replica_config(self.options.password, self.replica_file, self.options) if not read_replica_info_kra_enabled(replica_config.dir): raise admintool.ScriptError( "Either KRA is not installed on the master system or " "your replica file is out of date") kra = krainstance.install_replica_kra(replica_config) service.print_msg("Restarting the directory server") ds = dsinstance.DsInstance() ds.restart() kra.enable_client_auth_to_db(kra.dogtag_constants.KRA_CS_CFG_PATH) # Restart apache for new proxy config file services.knownservices.httpd.restart(capture_output=True) # Update config file parser = RawConfigParser() parser.read(paths.IPA_DEFAULT_CONF) parser.set('global', 'enable_kra', 'True') with open(paths.IPA_DEFAULT_CONF, 'w') as f: parser.write(f)
def install(api, replica_config, options): subject = dsinstance.DsInstance().find_subject_base() if replica_config is None: kra = krainstance.KRAInstance( api.env.realm, dogtag_constants=dogtag.install_constants) kra.configure_instance( api.env.realm, api.env.host, api.env.domain, options.dm_password, options.dm_password, subject_base=subject) else: kra = krainstance.install_replica_kra(replica_config) service.print_msg("Restarting the directory server") ds = dsinstance.DsInstance() ds.restart() kra.ldap_enable('KRA', api.env.host, options.dm_password, api.env.basedn) kra.enable_client_auth_to_db(kra.dogtag_constants.KRA_CS_CFG_PATH)
def install(api, replica_config, options): subject = dsinstance.DsInstance().find_subject_base() if replica_config is None: kra = krainstance.KRAInstance(api.env.realm) kra.configure_instance(api.env.realm, api.env.host, options.dm_password, options.dm_password, subject_base=subject) else: if options.promote: ca_data = (os.path.join(replica_config.dir, 'kracert.p12'), replica_config.dirman_password) custodia = custodiainstance.CustodiaInstance( replica_config.host_name, replica_config.realm_name) custodia.get_kra_keys(replica_config.kra_host_name, ca_data[0], ca_data[1]) kra = krainstance.KRAInstance(replica_config.realm_name) kra.configure_replica(replica_config.host_name, replica_config.kra_host_name, replica_config.dirman_password, kra_cert_bundle=ca_data) return else: kra = krainstance.install_replica_kra(replica_config) service.print_msg("Restarting the directory server") ds = dsinstance.DsInstance() ds.restart() kra.ldap_enable('KRA', api.env.host, options.dm_password, api.env.basedn) kra.enable_client_auth_to_db(paths.KRA_CS_CFG_PATH) # Restart apache for new proxy config file services.knownservices.httpd.restart(capture_output=True)
def install(api, replica_config, options): subject = dsinstance.DsInstance().find_subject_base() if replica_config is None: kra = krainstance.KRAInstance(api.env.realm) kra.configure_instance( api.env.realm, api.env.host, options.dm_password, options.dm_password, subject_base=subject) else: if options.promote: ca_data = (os.path.join(replica_config.dir, 'kracert.p12'), replica_config.dirman_password) custodia = custodiainstance.CustodiaInstance( replica_config.host_name, replica_config.realm_name) custodia.get_kra_keys(replica_config.kra_host_name, ca_data[0], ca_data[1]) kra = krainstance.KRAInstance(replica_config.realm_name) kra.configure_replica(replica_config.host_name, replica_config.kra_host_name, replica_config.dirman_password, kra_cert_bundle=ca_data) return else: kra = krainstance.install_replica_kra(replica_config) service.print_msg("Restarting the directory server") ds = dsinstance.DsInstance() ds.restart() kra.ldap_enable('KRA', api.env.host, options.dm_password, api.env.basedn) kra.enable_client_auth_to_db(paths.KRA_CS_CFG_PATH) # Restart apache for new proxy config file services.knownservices.httpd.restart(capture_output=True)