def install_nginx_service(options, conf=None):
if conf is None:
conf = waptserver.config.load_config(options.configfile)
print("register nginx frontend")
repository_path = os.path.join(wapt_root_dir, 'waptserver', 'repository')
for repo_path in ('wapt', 'wapt-host', 'waptwua'):
mkdir_p(os.path.join(repository_path, repo_path))
run(r'icacls "%s" /grant "*S-1-5-20":(OI)(CI)(M)' %
os.path.join(repository_path, repo_path))
mkdir_p(os.path.join(wapt_root_dir, 'waptserver', 'nginx', 'temp'))
run(r'icacls "%s" /grant "*S-1-5-20":(OI)(CI)(M)' %
(os.path.join(wapt_root_dir, 'waptserver', 'nginx', 'temp')))
run(r'icacls "%s" /grant "*S-1-5-20":(OI)(CI)(M)' %
os.path.join(wapt_root_dir, 'waptserver', 'nginx', 'logs'))
make_nginx_config(wapt_root_dir, conf['wapt_folder'], force=options.force)
service_binary = os.path.abspath(
os.path.join(wapt_root_dir, 'waptserver', 'nginx', 'nginx.exe'))
service_parameters = ''
service_logfile = os.path.join(log_directory, 'nssm_nginx.log')
service_name = 'WAPTNginx'
if setuphelpers.service_installed(
service_name) and setuphelpers.service_is_running(service_name):
setuphelpers.service_stop(service_name)
#print('Register "%s" in registry' % service_name)
install_windows_nssm_service(service_name, service_binary,
service_parameters, service_logfile)
time.sleep(5)
if setuphelpers.service_installed(
service_name
) and not setuphelpers.service_is_running(service_name):
setuphelpers.service_start(service_name)
def install_nginx_service(options,conf=None):
if conf is None:
conf = waptserver.config.load_config(options.configfile)
print("register nginx frontend")
repository_path = os.path.join(wapt_root_dir,'waptserver','repository')
for repo_path in ('wapt','wapt-host','waptwua'):
mkdir_p(os.path.join(repository_path,repo_path))
run(r'icacls "%s" /grant "*S-1-5-20":(OI)(CI)(M)' % os.path.join(repository_path,repo_path))
mkdir_p(os.path.join(wapt_root_dir,'waptserver','nginx','temp'))
run(r'icacls "%s" /grant "*S-1-5-20":(OI)(CI)(M)' % (os.path.join(wapt_root_dir,'waptserver','nginx','temp')))
run(r'icacls "%s" /grant "*S-1-5-20":(OI)(CI)(M)' % os.path.join(wapt_root_dir,'waptserver','nginx','logs'))
run(r'icacls "%s" /grant "*S-1-5-20":(OI)(CI)(M)' % os.path.join(wapt_root_dir,'log'))
make_nginx_config(wapt_root_dir, conf['wapt_folder'],force=options.force)
service_binary = os.path.abspath(os.path.join(wapt_root_dir,'waptserver','nginx','nginx.exe'))
service_parameters = ''
service_logfile = os.path.join(log_directory, 'nssm_nginx.log')
service_name = 'WAPTNginx'
if setuphelpers.service_installed(service_name) and setuphelpers.service_is_running(service_name):
setuphelpers.service_stop(service_name)
#print('Register "%s" in registry' % service_name)
install_windows_nssm_service(service_name,service_binary,service_parameters,service_logfile)
time.sleep(5)
if setuphelpers.service_installed(service_name) and not setuphelpers.service_is_running(service_name):
setuphelpers.service_start(service_name)
def install_wapttasks_service(options, conf=None):
if setuphelpers.service_installed('WAPTTasks'):
if setuphelpers.service_is_running('WAPTTasks'):
setuphelpers.service_stop('WAPTTasks')
setuphelpers.service_delete('WAPTTasks')
if conf is None:
conf = waptserver.config.load_config(options.configfile)
print("install wapttasks")
service_binary = os.path.abspath(
os.path.join(wapt_root_dir, 'waptpython.exe'))
service_parameters = '"%s" %s' % (os.path.join(
wapt_root_dir, 'waptserver', 'wapthuey.py'), 'tasks_common.huey -w 2')
service_logfile = os.path.join(log_directory, 'nssm_wapttasks.log')
service_dependencies = 'WAPTPostgresql'
install_windows_nssm_service('WAPTTasks', service_binary,
service_parameters, service_logfile,
service_dependencies)
tasks_db = os.path.join(wapt_root_dir, 'db')
setuphelpers.run(r'icacls "%s" /grant "*S-1-5-20":(OI)(CI)(M)' % tasks_db)
if setuphelpers.service_installed('WAPTTasks'):
if not setuphelpers.service_is_running('WAPTTasks'):
setuphelpers.service_start('WAPTTasks')
def install_windows_service():
"""Setup waptserver as a windows Service managed by nssm
>>> install_windows_service()
"""
import setuphelpers
from setuphelpers import registry_set, REG_DWORD, REG_EXPAND_SZ, REG_MULTI_SZ, REG_SZ
datatypes = {"dword": REG_DWORD, "sz": REG_SZ, "expand_sz": REG_EXPAND_SZ, "multi_sz": REG_MULTI_SZ}
if setuphelpers.service_installed("waptserver"):
if setuphelpers.service_is_running("waptserver"):
logger.info("Stop running waptserver")
setuphelpers.run("net stop waptserver")
while setuphelpers.service_is_running("waptserver"):
logger.debug("Waiting for waptserver to terminate")
time.sleep(2)
logger.info("Unregister existing waptserver")
setuphelpers.run("sc delete waptserver")
if setuphelpers.iswin64():
nssm = os.path.join(wapt_root_dir, "waptservice", "win64", "nssm.exe")
else:
nssm = os.path.join(wapt_root_dir, "waptservice", "win32", "nssm.exe")
logger.info("Register new waptserver with nssm")
setuphelpers.run(
'"{nssm}" install WAPTServer "{waptpython}" ""{waptserverpy}""'.format(
waptpython=os.path.abspath(os.path.join(wapt_root_dir, "waptpython.exe")),
nssm=nssm,
waptserverpy=os.path.abspath(__file__),
)
)
# fix some parameters (quotes for path with spaces...
params = {
"Description": "sz:Wapt test server",
"DelayedAutostart": 1,
"DisplayName": "sz:WAPTServer",
"AppStdout": r"expand_sz:{}".format(os.path.join(log_directory, "waptserver.log")),
"Parameters\\AppStderr": r"expand_sz:{}".format(os.path.join(log_directory, "waptserver.log")),
"Parameters\\AppParameters": r'expand_sz:"{}"'.format(os.path.abspath(__file__)),
}
root = setuphelpers.HKEY_LOCAL_MACHINE
base = r"SYSTEM\CurrentControlSet\services\WAPTServer"
for key in params:
if isinstance(params[key], int):
(valuetype, value) = ("dword", params[key])
elif ":" in params[key]:
(valuetype, value) = params[key].split(":", 1)
if valuetype == "dword":
value = int(value)
else:
(valuetype, value) = ("sz", params[key])
fullpath = base + "\\" + key
(path, keyname) = fullpath.rsplit("\\", 1)
if keyname == "@" or keyname == "":
keyname = None
registry_set(root, path, keyname, value, type=datatypes[valuetype])
def install_wapttasks_service(options,conf=None):
if setuphelpers.service_installed('WAPTTasks'):
if setuphelpers.service_is_running('WAPTTasks'):
setuphelpers.service_stop('WAPTTasks')
setuphelpers.service_delete('WAPTTasks')
if conf is None:
conf = waptserver.config.load_config(options.configfile)
print("install wapttasks")
service_binary = os.path.abspath(os.path.join(wapt_root_dir,'waptpython.exe'))
service_parameters = '"%s" %s' % (os.path.join(wapt_root_dir,'waptserver','wapthuey.py'),'waptenterprise.waptserver.wsus_tasks.huey -w 2')
service_logfile = os.path.join(log_directory, 'nssm_wapttasks.log')
service_dependencies = 'WAPTPostgresql'
install_windows_nssm_service('WAPTTasks',service_binary,service_parameters,service_logfile,service_dependencies)
tasks_db = os.path.join(wapt_root_dir,'db')
setuphelpers.run(r'icacls "%s" /grant "*S-1-5-20":(OI)(CI)(M)' % tasks_db)
if setuphelpers.service_installed('WAPTTasks'):
if not setuphelpers.service_is_running('WAPTTasks'):
setuphelpers.service_start('WAPTTasks')
def install_windows_nssm_service(service_name,
service_binary,
service_parameters,
service_logfile,
service_dependencies=None):
"""Setup a program as a windows Service managed by nssm
>>> install_windows_nssm_service("WAPTServer",
os.path.abspath(os.path.join(wapt_root_dir,'waptpython.exe')),
os.path.abspath(__file__),
os.path.join(log_directory,'nssm_waptserver.log'),
service_logfile,
'WAPTApache')
"""
import setuphelpers
from setuphelpers import registry_set, REG_DWORD, REG_EXPAND_SZ, REG_MULTI_SZ, REG_SZ
datatypes = {
'dword': REG_DWORD,
'sz': REG_SZ,
'expand_sz': REG_EXPAND_SZ,
'multi_sz': REG_MULTI_SZ,
}
if setuphelpers.service_installed(service_name):
if not setuphelpers.service_is_stopped(service_name):
logger.info('Stop running "%s"' % service_name)
setuphelpers.run('net stop "%s" /yes' % service_name)
while not setuphelpers.service_is_stopped(service_name):
logger.debug('Waiting for "%s" to terminate' % service_name)
time.sleep(2)
logger.info('Unregister existing "%s"' % service_name)
setuphelpers.run('sc delete "%s"' % service_name)
if not setuphelpers.iswin64():
raise Exception('Windows 32bit install not supported')
nssm = os.path.join(wapt_root_dir, 'waptservice', 'win64', 'nssm.exe')
logger.info('Register service "%s" with nssm' % service_name)
cmd = '"{nssm}" install "{service_name}" "{service_binary}" {service_parameters}'.format(
nssm=nssm,
service_name=service_name,
service_binary=service_binary,
service_parameters=service_parameters)
logger.info('running command : %s' % cmd)
setuphelpers.run(cmd)
# fix some parameters (quotes for path with spaces...
params = {
'Description': 'sz:%s' % service_name,
'DelayedAutostart': 1,
'DisplayName': 'sz:%s' % service_name,
'AppStdout': r'expand_sz:{}'.format(service_logfile),
'ObjectName': r'NT AUTHORITY\NetworkService',
'Parameters\\AppStderr': r'expand_sz:{}'.format(service_logfile),
'Parameters\\AppParameters':
r'expand_sz:{}'.format(service_parameters),
'Parameters\\AppNoConsole': 1,
}
root = setuphelpers.HKEY_LOCAL_MACHINE
base = r'SYSTEM\CurrentControlSet\services\%s' % service_name
for key in params:
if isinstance(params[key], int):
(valuetype, value) = ('dword', params[key])
elif ':' in params[key]:
(valuetype, value) = params[key].split(':', 1)
if valuetype == 'dword':
value = int(value)
else:
(valuetype, value) = ('sz', params[key])
fullpath = base + '\\' + key
(path, keyname) = fullpath.rsplit('\\', 1)
if keyname == '@' or keyname == '':
keyname = None
registry_set(root, path, keyname, value, type=datatypes[valuetype])
if service_dependencies:
logger.info('Register dependencies for service "%s" with nssm : %s ' %
(service_name, service_dependencies))
cmd = '"{nssm}" set "{service_name}" DependOnService {service_dependencies}'.format(
nssm=nssm,
service_name=service_name,
service_dependencies=service_dependencies)
logger.info('running command : %s' % cmd)
setuphelpers.run(cmd)
def install_postgresql_service(options, conf=None):
if conf is None:
conf = waptserver.config.load_config(options.configfile)
print("install postgres database")
pgsql_root_dir = r'%s\waptserver\pgsql-9.6' % wapt_root_dir
pgsql_data_dir = r'%s\waptserver\pgsql_data-9.6' % wapt_root_dir
pgsql_data_dir = pgsql_data_dir.replace('\\', '/')
print("build database directory")
if not os.path.exists(os.path.join(pgsql_data_dir, 'postgresql.conf')):
setuphelpers.mkdirs(pgsql_data_dir)
# need to have specific write acls for current user otherwise initdb fails...
setuphelpers.run(r'icacls "%s" /t /grant "%s":(OI)(CI)(M)' %
(pgsql_data_dir, GetUserName()))
setuphelpers.run(r'"%s\bin\initdb" -U postgres -E=UTF8 -D "%s"' %
(pgsql_root_dir, pgsql_data_dir))
setuphelpers.run(r'icacls "%s" /t /grant "*S-1-5-20":(OI)(CI)(M)' %
pgsql_data_dir)
print("start postgresql database")
if setuphelpers.service_installed('WaptPostgresql'):
if setuphelpers.service_is_running('WaptPostgresql'):
setuphelpers.service_stop('waptPostgresql')
setuphelpers.service_delete('waptPostgresql')
cmd = r'"%s\bin\pg_ctl" register -N WAPTPostgresql -U "nt authority\networkservice" -S auto -D "%s" ' % (
pgsql_root_dir, pgsql_data_dir)
print cmd
run(cmd)
setuphelpers.run(r'icacls "%s" /grant "*S-1-5-20":(OI)(CI)(M)' %
log_directory)
setuphelpers.run(r'icacls "%s" /grant "*S-1-5-20":(OI)(CI)(M)' %
pgsql_data_dir)
else:
print("database already instanciated, doing nothing")
# try to migrate from old version (pg 9.4, wapt 1.5)
old_pgsql_root_dir = r'%s\waptserver\pgsql' % wapt_root_dir
old_pgsql_data_dir = r'%s\waptserver\pgsql_data' % wapt_root_dir
old_pgsql_data_dir = old_pgsql_data_dir.replace('\\', '/')
if os.path.isdir(old_pgsql_data_dir) and os.path.isdir(old_pgsql_root_dir):
print('migrating database from previous postgresql DB')
migrate_pg_db(old_pgsql_root_dir, old_pgsql_data_dir, pgsql_root_dir,
pgsql_data_dir)
print('starting postgresql')
if not setuphelpers.service_is_running('waptpostgresql'):
setuphelpers.service_start('waptpostgresql')
# waiting for postgres to be ready
time.sleep(2)
print("creating wapt database")
import psycopg2
from psycopg2.extensions import ISOLATION_LEVEL_AUTOCOMMIT
conn = None
cur = None
try:
conn = psycopg2.connect('dbname=template1 user=postgres')
conn.set_isolation_level(ISOLATION_LEVEL_AUTOCOMMIT)
cur = conn.cursor()
cur.execute("select 1 from pg_roles where rolname='%(db_user)s'" %
conf)
val = cur.fetchone()
if val is None:
print(
"%(db_user)s pgsql user does not exists, creating %(db_user)s user"
% conf)
cur.execute("create user %(db_user)s" % conf)
cur.execute("select 1 from pg_database where datname='%(db_name)s'" %
conf)
val = cur.fetchone()
if val is None:
print(
"database %(db_name)s does not exists, creating %(db_name)s db"
% conf)
cur.execute("create database %(db_name)s owner %(db_user)s" % conf)
finally:
if cur:
cur.close()
if conn:
conn.close()
print("Creating/upgrading wapt tables")
run(r'"%s\waptpython.exe" "%s\waptserver\model.py" init_db -c "%s"' %
(wapt_root_dir, wapt_root_dir, options.configfile))
print("Done")
print('Import lcoal Packages data into database')
repo = WaptLocalRepo(conf['wapt_folder'])
load_db_config(conf)
Packages.update_from_repo(repo)
def install_windows_nssm_service(
service_name, service_binary, service_parameters, service_logfile, service_dependencies=None):
"""Setup a program as a windows Service managed by nssm
>>> install_windows_nssm_service("WAPTServer",
os.path.abspath(os.path.join(wapt_root_dir,'waptpython.exe')),
os.path.abspath(__file__),
os.path.join(log_directory,'nssm_waptserver.log'),
service_logfile,
'WAPTApache')
"""
import setuphelpers
from setuphelpers import registry_set, REG_DWORD, REG_EXPAND_SZ, REG_MULTI_SZ, REG_SZ
datatypes = {
'dword': REG_DWORD,
'sz': REG_SZ,
'expand_sz': REG_EXPAND_SZ,
'multi_sz': REG_MULTI_SZ,
}
if setuphelpers.service_installed(service_name):
if not setuphelpers.service_is_stopped(service_name):
logger.info('Stop running "%s"' % service_name)
setuphelpers.run('net stop "%s" /yes' % service_name)
while not setuphelpers.service_is_stopped(service_name):
logger.debug('Waiting for "%s" to terminate' % service_name)
time.sleep(2)
logger.info('Unregister existing "%s"' % service_name)
setuphelpers.run('sc delete "%s"' % service_name)
if not setuphelpers.iswin64():
raise Exception('Windows 32bit install not supported')
nssm = os.path.join(wapt_root_dir, 'waptservice', 'win64', 'nssm.exe')
logger.info('Register service "%s" with nssm' % service_name)
cmd = '"{nssm}" install "{service_name}" "{service_binary}" {service_parameters}'.format(
nssm=nssm,
service_name=service_name,
service_binary=service_binary,
service_parameters=service_parameters
)
logger.info('running command : %s' % cmd)
setuphelpers.run(cmd)
# fix some parameters (quotes for path with spaces...
params = {
'Description': 'sz:%s' % service_name,
'DelayedAutostart': 1,
'DisplayName': 'sz:%s' % service_name,
'AppStdout': r'expand_sz:{}'.format(service_logfile),
'ObjectName': r'NT AUTHORITY\NetworkService',
'Parameters\\AppStderr': r'expand_sz:{}'.format(service_logfile),
'Parameters\\AppParameters': r'expand_sz:{}'.format(service_parameters),
'Parameters\\AppNoConsole': 1,
}
root = setuphelpers.HKEY_LOCAL_MACHINE
base = r'SYSTEM\CurrentControlSet\services\%s' % service_name
for key in params:
if isinstance(params[key], int):
(valuetype, value) = ('dword', params[key])
elif ':' in params[key]:
(valuetype, value) = params[key].split(':', 1)
if valuetype == 'dword':
value = int(value)
else:
(valuetype, value) = ('sz', params[key])
fullpath = base + '\\' + key
(path, keyname) = fullpath.rsplit('\\', 1)
if keyname == '@' or keyname == '':
keyname = None
registry_set(root, path, keyname, value, type=datatypes[valuetype])
if service_dependencies:
logger.info(
'Register dependencies for service "%s" with nssm : %s ' %
(service_name, service_dependencies))
cmd = '"{nssm}" set "{service_name}" DependOnService {service_dependencies}'.format(
nssm=nssm,
service_name=service_name,
service_dependencies=service_dependencies
)
logger.info('running command : %s' % cmd)
setuphelpers.run(cmd)
def install_waptserver_service(options,conf=None):
if setuphelpers.service_installed('WAPTServer'):
if setuphelpers.service_is_running('WAPTServer'):
setuphelpers.service_stop('WAPTServer')
setuphelpers.service_delete('WAPTServer')
if conf is None:
conf = waptserver.config.load_config(options.configfile)
conf_dir = os.path.join(wapt_root_dir,'conf')
if not os.path.isdir(conf_dir):
os.makedirs(conf_dir)
run(r'icacls "%s" /t /grant "*S-1-5-20":(OI)(CI)(M)' % conf_dir)
print("install waptserver")
service_binary = os.path.abspath(os.path.join(wapt_root_dir,'waptpython.exe'))
service_parameters = '"%s"' % os.path.join(wapt_root_dir,'waptserver','server.py')
service_logfile = os.path.join(log_directory, 'nssm_waptserver.log')
service_dependencies = 'WAPTPostgresql'
install_windows_nssm_service('WAPTServer',service_binary,service_parameters,service_logfile,service_dependencies)
tasks_db = os.path.join(wapt_root_dir,'db')
mkdir_p(tasks_db)
setuphelpers.run(r'icacls "%s" /grant "*S-1-5-20":(OI)(CI)(M)' % tasks_db)
if not conf.get('secret_key'):
conf['secret_key'] = ''.join(random.SystemRandom().choice(string.letters + string.digits) for _ in range(64))
waptserver.config.write_config_file(options.configfile,conf)
if options.setpassword:
conf['wapt_password'] = pbkdf2_sha256.hash(base64.b64decode(options.setpassword).encode('utf8'))
waptserver.config.write_config_file(options.configfile,conf)
clients_signing_certificate = conf.get('clients_signing_certificate')
clients_signing_key = conf.get('clients_signing_key')
if not clients_signing_certificate or not clients_signing_key:
clients_signing_certificate = os.path.join(wapt_root_dir,'conf','ca-%s.crt' % fqdn())
clients_signing_key = os.path.join(wapt_root_dir,'conf','ca-%s.pem' % fqdn())
conf['clients_signing_certificate'] = clients_signing_certificate
conf['clients_signing_key'] = clients_signing_key
waptserver.config.write_config_file(options.configfile,conf)
if clients_signing_certificate is not None and clients_signing_key is not None and not os.path.isfile(clients_signing_certificate):
print('Create a certificate and key for clients certificate signing')
key = SSLPrivateKey(clients_signing_key)
if not os.path.isfile(clients_signing_key):
print('Create SSL RSA Key %s' % clients_signing_key)
key.create()
key.save_as_pem()
crt = key.build_sign_certificate(cn=fqdn(),is_code_signing=False,is_ca=True)
print('Create X509 cert %s' % clients_signing_certificate)
crt.save_as_pem(clients_signing_certificate)
# ensure Packages index
repo = WaptLocalRepo(conf['wapt_folder'])
repo.update_packages_index()
if setuphelpers.service_installed('WAPTServer'):
if not setuphelpers.service_is_running('WAPTServer'):
setuphelpers.service_start('WAPTServer')
def install_postgresql_service(options,conf=None):
if conf is None:
conf = waptserver.config.load_config(options.configfile)
print ("install postgres database")
pgsql_root_dir = r'%s\waptserver\pgsql-9.6' % wapt_root_dir
pgsql_data_dir = r'%s\waptserver\pgsql_data-9.6' % wapt_root_dir
pgsql_data_dir = pgsql_data_dir.replace('\\','/')
print ("about to build database directory")
if setuphelpers.service_installed('waptpostgresql') and setuphelpers.service_is_running('waptpostgresql'):
print('stopping postgresql')
setuphelpers.service_stop('waptpostgresql')
# waiting for postgres to be ready
time.sleep(2)
if not os.path.exists(os.path.join(pgsql_data_dir,'postgresql.conf')):
setuphelpers.mkdirs(pgsql_data_dir)
# need to have specific write acls for current user otherwise initdb fails...
setuphelpers.run(r'icacls "%s" /t /grant "%s":(OI)(CI)(M)' % (pgsql_data_dir,GetUserName()))
setuphelpers.run(r'"%s\bin\initdb" -U postgres -E=UTF8 -D "%s"' % (pgsql_root_dir,pgsql_data_dir))
setuphelpers.run(r'icacls "%s" /t /grant "*S-1-5-20":(OI)(CI)(M)' % pgsql_data_dir)
else:
print("database already instanciated, doing nothing")
print("start postgresql database")
if setuphelpers.service_installed('WaptPostgresql'):
if setuphelpers.service_is_running('WaptPostgresql'):
setuphelpers.service_stop('waptPostgresql')
setuphelpers.service_delete('waptPostgresql')
cmd = r'"%s\bin\pg_ctl" register -N WAPTPostgresql -U "nt authority\networkservice" -S auto -D "%s" ' % (pgsql_root_dir ,pgsql_data_dir)
run(cmd)
setuphelpers.run(r'icacls "%s" /grant "*S-1-5-20":(OI)(CI)(M)' % log_directory)
setuphelpers.run(r'icacls "%s" /grant "*S-1-5-20":(OI)(CI)(M)' % pgsql_data_dir)
# try to migrate from old version (pg 9.4, wapt 1.5)
old_pgsql_root_dir = r'%s\waptserver\pgsql' % wapt_root_dir
old_pgsql_data_dir = r'%s\waptserver\pgsql_data' % wapt_root_dir
old_pgsql_data_dir = old_pgsql_data_dir.replace('\\','/')
if os.path.isdir(old_pgsql_data_dir) and os.path.isdir(old_pgsql_root_dir):
print('migrating database from previous postgresql DB')
migrate_pg_db(old_pgsql_root_dir,old_pgsql_data_dir,pgsql_root_dir,pgsql_data_dir)
print('starting postgresql')
if not setuphelpers.service_is_running('waptpostgresql'):
setuphelpers.service_start('waptpostgresql')
# waiting for postgres to be ready
time.sleep(2)
print("checking wapt database")
import psycopg2
from psycopg2.extensions import ISOLATION_LEVEL_AUTOCOMMIT
conn = None
cur = None
try:
conn = psycopg2.connect('dbname=template1 user=postgres')
conn.set_isolation_level(ISOLATION_LEVEL_AUTOCOMMIT)
cur = conn.cursor()
cur.execute("select 1 from pg_roles where rolname='%(db_user)s'" % conf)
val = cur.fetchone()
if val is None:
print("%(db_user)s pgsql user does not exists, creating %(db_user)s user" % conf)
cur.execute("create user %(db_user)s" % conf)
cur.execute("select 1 from pg_database where datname='%(db_name)s'" % conf)
val = cur.fetchone()
if val is None:
print ("database %(db_name)s does not exists, creating %(db_name)s db" % conf)
cur.execute("create database %(db_name)s owner %(db_user)s" % conf)
finally:
if cur:
cur.close()
if conn:
conn.close()
print("Creating/upgrading wapt db tables")
run(r'"%s\waptpython.exe" "%s\waptserver\model.py" init_db -c "%s"' % (wapt_root_dir, wapt_root_dir, options.configfile ))
print("Done")
print('Import lcoal Packages data into database')
repo = WaptLocalRepo(conf['wapt_folder'])
load_db_config(conf)
Packages.update_from_repo(repo)
def install_waptserver_service(options,conf=None):
if setuphelpers.service_installed('WAPTServer'):
if setuphelpers.service_is_running('WAPTServer'):
setuphelpers.service_stop('WAPTServer')
setuphelpers.service_delete('WAPTServer')
if conf is None:
conf = waptserver.config.load_config(options.configfile)
conf_dir = os.path.join(wapt_root_dir,'conf')
if not os.path.isdir(conf_dir):
os.makedirs(conf_dir)
run(r'icacls "%s" /t /grant "*S-1-5-20":(OI)(CI)(M)' % conf_dir)
if not conf.get('server_uuid'):
conf['server_uuid'] = str(uuid.uuid1())
waptserver.config.write_config_file(options.configfile,conf)
print("install waptserver")
service_binary = os.path.abspath(os.path.join(wapt_root_dir,'waptpython.exe'))
service_parameters = '"%s"' % os.path.join(wapt_root_dir,'waptserver','server.py')
service_logfile = os.path.join(log_directory, 'nssm_waptserver.log')
service_dependencies = 'WAPTPostgresql'
install_windows_nssm_service('WAPTServer',service_binary,service_parameters,service_logfile,service_dependencies)
tasks_db = os.path.join(wapt_root_dir,'db')
mkdir_p(tasks_db)
setuphelpers.run(r'icacls "%s" /grant "*S-1-5-20":(OI)(CI)(M)' % tasks_db)
if not conf.get('secret_key'):
conf['secret_key'] = ''.join(random.SystemRandom().choice(string.letters + string.digits) for _ in range(64))
waptserver.config.write_config_file(options.configfile,conf)
if options.setpassword:
conf['wapt_password'] = pbkdf2_sha256.hash(base64.b64decode(options.setpassword).encode('utf8'))
waptserver.config.write_config_file(options.configfile,conf)
clients_signing_certificate = conf.get('clients_signing_certificate')
clients_signing_key = conf.get('clients_signing_key')
if not clients_signing_certificate or not clients_signing_key:
clients_signing_certificate = os.path.join(wapt_root_dir,'conf','ca-%s.crt' % fqdn())
clients_signing_key = os.path.join(wapt_root_dir,'conf','ca-%s.pem' % fqdn())
conf['clients_signing_certificate'] = clients_signing_certificate
conf['clients_signing_key'] = clients_signing_key
waptserver.config.write_config_file(options.configfile,conf)
if clients_signing_certificate is not None and clients_signing_key is not None and not os.path.isfile(clients_signing_certificate):
print('Create a certificate and key for clients certificate signing')
key = SSLPrivateKey(clients_signing_key)
if not os.path.isfile(clients_signing_key):
print('Create SSL RSA Key %s' % clients_signing_key)
key.create()
key.save_as_pem()
crt = key.build_sign_certificate(cn=fqdn(),is_code_signing=False,is_ca=True)
print('Create X509 cert %s' % clients_signing_certificate)
crt.save_as_pem(clients_signing_certificate)
# ensure Packages index
repo = WaptLocalRepo(conf['wapt_folder'])
repo.update_packages_index()
#Migrate file for new version waptwua
wuafolder = conf['waptwua_folder']
for (root,dirs,files) in list(os.walk(wuafolder,topdown=False)):
if root == os.path.join(wuafolder,'.stfolder'):
continue
for f in files:
oldpath = os.path.join(root,f)
newpath = os.path.join(wuafolder,f)
if os.path.isfile(newpath):
continue
print('Move %s --> %s' % (oldpath,newpath))
os.rename(oldpath,newpath)
for d in dirs:
if d == '.stfolder':
continue
print('Delete folder %s' % os.path.join(root,d))
shutil.rmtree(os.path.join(root,d))
if setuphelpers.service_installed('WAPTServer'):
if not setuphelpers.service_is_running('WAPTServer'):
setuphelpers.service_start('WAPTServer')
def install_postgresql_service():
print("install postgres database")
pgsql_root_dir = r'%s\waptserver\pgsql' % wapt_root_dir
pgsql_data_dir = r'%s\waptserver\pgsql_data' % wapt_root_dir
pgsql_data_dir = pgsql_data_dir.replace('\\', '/')
print("build database directory")
if os.path.exists(os.path.join(pgsql_data_dir, 'postgresql.conf')):
print("database already instanciated, doing nothing")
# TODO: check that database is fully working and up to date
# TODO: add a force option
return
print("init pgsql data directory")
pg_data_dir = os.path.join(wapt_root_dir, 'waptserver', 'pgsql_data')
setuphelpers.mkdirs(pg_data_dir)
# need to have specific write acls for current user otherwise initdb fails...
setuphelpers.run(r'icacls "%s" /t /grant "%s":(OI)(CI)(M)' %
(pg_data_dir, GetUserName()))
setuphelpers.run(
r'"%s\waptserver\pgsql\bin\initdb" -U postgres -E=UTF8 -D "%s\waptserver\pgsql_data"'
% (wapt_root_dir, wapt_root_dir))
setuphelpers.run(r'icacls "%s" /t /grant "*S-1-5-20":(OI)(CI)(M)' %
pg_data_dir)
print("start postgresql database")
if setuphelpers.service_installed('WaptPostgresql'):
if setuphelpers.service_is_running('WaptPostgresql'):
setuphelpers.service_stop('waptPostgresql')
setuphelpers.service_delete('waptPostgresql')
cmd = r'"%s\bin\pg_ctl" register -N WAPTPostgresql -U "nt authority\networkservice" -S auto -D "%s" ' % (
pgsql_root_dir, os.path.join(wapt_root_dir, 'waptserver',
'pgsql_data'))
print cmd
run(cmd)
setuphelpers.run(r'icacls "%s" /grant "*S-1-5-20":(OI)(CI)(M)' %
log_directory)
setuphelpers.run(r'icacls "%s" /grant "*S-1-5-20":(OI)(CI)(M)' %
pgsql_data_dir)
print('starting postgresql')
run('net start waptpostgresql')
#cmd = r"%s\bin\pg_ctl.exe -D %s start" % (pgsql_root_dir, pgsql_data_dir)
#devnull = open(os.devnull,'wb')
#print(subprocess.Popen(cmd,shell=True))
# waiting for postgres to be ready
time.sleep(1)
print("creating wapt database")
import psycopg2
from psycopg2.extensions import ISOLATION_LEVEL_AUTOCOMMIT
conn = psycopg2.connect('dbname=template1 user=postgres')
conn.set_isolation_level(ISOLATION_LEVEL_AUTOCOMMIT)
cur = conn.cursor()
cur.execute("select 1 from pg_roles where rolname='wapt'")
val = cur.fetchone()
if val != 1:
print("wapt pgsql user does not exists, creating wapt user")
cur.execute("create user wapt")
val = cur.execute("select 1 from pg_database where datname='wapt'")
if val != 1:
print("database wapt does not exists, creating wapt db")
cur.execute(r"create extension hstore")
cur.execute("create database wapt owner wapt")
cur.close()
conn.close()
run(r'"%s\waptpython.exe" "%s\waptserver\waptserver_model.py" init_db' %
(wapt_root_dir, wapt_root_dir))
time.sleep(1)
setuphelpers.service_stop('waptpostgresql')
