예제 #1
0
 def post(self, request):
     """
     Updates the application to the latest code.
     :return: Response
     """
     bash.run("make", "update", cwd=settings.BASE_DIR)
     return Response(status=status.HTTP_204_NO_CONTENT)
예제 #2
0
 def handle(self, *args, **options):
     """
     Runs the application installation.
     :return: None
     """
     self.title()
     self.header("Running the Mangle VPN installer...")
     pki.create_certificate_authority()
     self.ok("  - certificate authority keys created.")
     tasks.create_crl()
     self.ok("  - crl created.")
     openvpn.create_server_keys()
     self.ok("  - openvpn keys created.")
     create_web_keys()
     self.ok("  - ssl keys created.")
     create_web_vhost()
     self.ok("  - nginx vhost created.")
     create_web_unit()
     self.ok("  - web systemd unit created.")
     create_vpn_unit()
     self.ok("  - vpn systemd unit created.")
     create_tasks_unit()
     self.ok("  - tasks systemd unit created.")
     bash.run("systemctl", "daemon-reload")
     self.newline()
     self.ok("Installation finished!")
     self.print(
         "Please visit the web UI at https://{} to complete the application "
         "setup process",
         net.ip_addresses()[0],
     )
     self.newline()
예제 #3
0
def _create_unit_from_template(path, template, data=None):
    """
    Creates and enables a systemd unit service file at the given path for the
    given Django template.
    :return: None
    """
    fs.write_file(path, render_to_string(template, data), 0o755)
    bash.run("systemctl", "enable", path)
예제 #4
0
def create_web_vhost():
    """
    Creates the web application Nginx virtual host file.
    :return: None
    """
    content = render_to_string(
        "install/nginx/mangle-web.conf", {
            "hostname": config.get("app_hostname"),
            "http_port": config.get("app_http_port", 80),
            "https_port": config.get("app_https_port", 443),
            "root_dir": settings.BASE_DIR,
            "ssl_crt": settings.WEB_SSL_CRT_FILE,
            "ssl_key": settings.WEB_SSL_KEY_FILE,
            "ssl_dh": settings.WEB_SSL_DH_FILE,
            "wsgi_socket": settings.WEB_WSGI_SOCKET,
        })

    fs.write_file(settings.WEB_VHOST_FILE, content, 0o755)
    bash.run("systemctl", "restart", "nginx")
예제 #5
0
    def save(self, **kwargs):
        """
        Updates the application settings and SSL certificate and private key
        if provided.
        :return: None
        """
        old_http_port = config.get("app_http_port")
        old_https_port = config.get("app_https_port")

        # the SSL certificate and private key should not be stored in the
        # database as settings so remove them from the validated_data dict
        # prior to saving
        ssl_crt = self.initial_data.pop("app_ssl_crt", None)
        ssl_key = self.initial_data.pop("app_ssl_key", None)

        super().save(**kwargs)

        if ssl_crt and ssl_key:
            fs.write_file(settings.WEB_SSL_CRT_FILE, ssl_crt, 0o600)
            fs.write_file(settings.WEB_SSL_KEY_FILE, ssl_key, 0o600)
            bash.run("systemctl", "reload", "nginx")

        if (old_http_port != self.validated_data["app_http_port"] or
                old_https_port != self.validated_data["app_https_port"]):
            # update HTTP and HTTPs listen directives
            http = "sed -i 's/{} default_server/{} default_server/g' /etc/nginx/conf.d/mangle.conf"
            bash.run(http.format(old_http_port, self.validated_data["app_http_port"]))

            https = "sed -i 's/{} ssl/{} ssl/g' /etc/nginx/conf.d/mangle.conf"
            bash.run(https.format(old_https_port, self.validated_data["app_https_port"]))

            # update the port number in redirect directive
            bash.run("sed -i 's/$host:{}/$host:{}/g' /etc/nginx/conf.d/mangle.conf".format(
                old_https_port,
                self.validated_data["app_https_port"]
            ))

            # restart Nginx and web application
            bash.run("systemctl", "restart", "nginx")
            bash.run("systemctl", "restart", "mangle-web")
예제 #6
0
def is_running():
    """
    Returns whether the OpenVPN server is running.
    :return: bool
    """
    return bash.run("systemctl", "status", "mangle-vpn")
예제 #7
0
def restart():
    """
    Restarts the OpenVPN server.
    :return: bool
    """
    return bash.run("systemctl", "restart", "mangle-vpn")
예제 #8
0
def stop():
    """
    Stops the OpenVPN server.
    :return: bool
    """
    return bash.run("systemctl", "stop", "mangle-vpn")