def _change_password(server_address, params): """ Changes the SQL connection pool's password. """ params_no_passwords = copy.deepcopy(params) params_no_passwords["password1"] = "***" params_no_passwords["password2"] = "***" logger.info("About to change an SQL connection pool password, server_address=[%s], params=[%s]" % (server_address, params_no_passwords)) config_pub_key = str(params["config_pub_key"]) encrypted_password1 = encrypt(params["password1"], config_pub_key) encrypted_password2 = encrypt(params["password2"], config_pub_key) zato_message = Element("{%s}zato_message" % zato_namespace) zato_message.pool_name = params["pool_name"] zato_message.password1 = encrypted_password1 zato_message.password2 = encrypted_password2 invoke_admin_service(server_address, "zato:pool.sql.change-password", etree.tostring(zato_message))
def execute(self, args, port=http_plain_server_port, show_output=True): engine = self._get_engine(args) session = self._get_session(engine) cluster = session.query(Cluster).\ filter(Cluster.name == args.cluster_name).\ first() if not cluster: msg = "Cluster [{}] doesn't exist in the ODB".format( args.cluster_name) self.logger.error(msg) return self.SYS_ERROR.NO_SUCH_CLUSTER server = Server() server.cluster_id = cluster.id server.name = args.server_name server.token = self.token server.last_join_status = SERVER_JOIN_STATUS.ACCEPTED server.last_join_mod_by = self._get_user_host() server.last_join_mod_date = datetime.utcnow() session.add(server) try: if not self.dirs_prepared: self.prepare_directories(show_output) repo_dir = os.path.join(self.target_dir, 'config', 'repo') self.copy_server_crypto(repo_dir, args) priv_key = open(os.path.join(repo_dir, 'zato-server-priv-key.pem')).read() if show_output: self.logger.debug( 'Created a Bazaar repo in {}'.format(repo_dir)) self.logger.debug('Creating files..') for file_name, contents in sorted(files.items()): file_name = os.path.join(self.target_dir, file_name) if show_output: self.logger.debug('Creating {}'.format(file_name)) f = file(file_name, 'w') f.write(contents) f.close() logging_conf_loc = os.path.join(self.target_dir, 'config/repo/logging.conf') logging_conf = open(logging_conf_loc).read() open(logging_conf_loc, 'w').write( logging_conf.format(log_path=os.path.join( self.target_dir, 'logs', 'zato.log'))) if show_output: self.logger.debug('Logging configuration stored in {}'.format( logging_conf_loc)) odb_engine = args.odb_type if odb_engine.startswith('postgresql'): odb_engine = 'postgresql+pg8000' server_conf_loc = os.path.join(self.target_dir, 'config/repo/server.conf') server_conf = open(server_conf_loc, 'w') server_conf.write( server_conf_template.format( port=port, gunicorn_workers=1, odb_db_name=args.odb_db_name or args.sqlite_path, odb_engine=odb_engine, odb_host=args.odb_host or '', odb_port=args.odb_port or '', odb_password=encrypt(args.odb_password, priv_key) if args.odb_password else '', odb_pool_size=default_odb_pool_size, odb_user=args.odb_user or '', token=self.token, kvdb_host=args.kvdb_host, kvdb_port=args.kvdb_port, kvdb_password=encrypt(args.kvdb_password, priv_key) if args.kvdb_password else '', initial_cluster_name=args.cluster_name, initial_server_name=args.server_name, jwt_secret=getattr(args, 'jwt_secret', Fernet.generate_key()), )) server_conf.close() pickup_conf_loc = os.path.join(self.target_dir, 'config/repo/pickup.conf') pickup_conf_file = open(pickup_conf_loc, 'w') pickup_conf_file.write(pickup_conf) pickup_conf_file.close() user_conf_loc = os.path.join(self.target_dir, 'config/repo/user.conf') user_conf = open(user_conf_loc, 'w') user_conf.write(user_conf_contents) user_conf.close() if show_output: self.logger.debug( 'Core configuration stored in {}'.format(server_conf_loc)) # Initial info self.store_initial_info(self.target_dir, self.COMPONENTS.SERVER.code) session.commit() except IntegrityError, e: msg = 'Server name [{}] already exists'.format(args.server_name) if self.verbose: msg += '. Caught an exception:[{}]'.format(format_exc(e)) self.logger.error(msg) self.logger.error(msg) session.rollback() return self.SYS_ERROR.SERVER_NAME_ALREADY_EXISTS
def execute(self, args, show_output=True, password=None, needs_admin_created_flag=False): os.chdir(self.target_dir) repo_dir = os.path.join(self.target_dir, 'config', 'repo') web_admin_conf_path = os.path.join(repo_dir, 'web-admin.conf') initial_data_json_path = os.path.join(repo_dir, 'initial-data.json') os.mkdir(os.path.join(self.target_dir, 'logs')) os.mkdir(os.path.join(self.target_dir, 'config')) os.mkdir(repo_dir) user_name = 'admin' password = password if password else generate_password() self.copy_web_admin_crypto(repo_dir, args) priv_key = open(os.path.join(repo_dir, 'web-admin-priv-key.pem')).read() config = { 'host': web_admin_host, 'port': web_admin_port, 'db_type': args.odb_type, 'log_config': 'logging.conf', 'DATABASE_NAME': args.odb_db_name or args.sqlite_path, 'DATABASE_USER': args.odb_user or '', 'DATABASE_PASSWORD': encrypt(args.odb_password, priv_key) if args.odb_password else '', 'DATABASE_HOST': args.odb_host or '', 'DATABASE_PORT': args.odb_port or '', 'SITE_ID': getrandbits(20), 'SECRET_KEY': encrypt(uuid.uuid4().hex, priv_key), 'ADMIN_INVOKE_NAME': 'admin.invoke', 'ADMIN_INVOKE_PASSWORD': encrypt( getattr(args, 'admin_invoke_password', None) or getattr(args, 'tech_account_password'), priv_key), } open(os.path.join(repo_dir, 'logging.conf'), 'w').write( common_logging_conf_contents.format( log_path='./logs/web-admin.log')) open(web_admin_conf_path, 'w').write(config_template.format(**config)) open(initial_data_json_path, 'w').write(initial_data_json.format(**config)) # Initial info self.store_initial_info(self.target_dir, self.COMPONENTS.WEB_ADMIN.code) config = json.loads( open(os.path.join(repo_dir, 'web-admin.conf')).read()) config['config_dir'] = self.target_dir update_globals(config, self.target_dir) os.environ['DJANGO_SETTINGS_MODULE'] = 'zato.admin.settings' import django django.setup() self.reset_logger(args, True) # Can't import these without DJANGO_SETTINGS_MODULE being set from django.contrib.auth.models import User from django.db import connection from django.db.utils import IntegrityError call_command('migrate', run_syncdb=True, interactive=False, verbosity=0) call_command('loaddata', initial_data_json_path, verbosity=0) try: call_command('createsuperuser', interactive=False, username=user_name, first_name='admin-first-name', last_name='admin-last-name', email='*****@*****.**') admin_created = True user = User.objects.get(username=user_name) user.set_password(password) user.save() except IntegrityError, e: admin_created = False connection._rollback() self.logger.info('Ignoring IntegrityError e:[%s]', format_exc(e).decode('utf-8'))
def execute(self, args, port=http_plain_server_port, show_output=True): engine = self._get_engine(args) session = self._get_session(engine) cluster = session.query(Cluster).\ filter(Cluster.name == args.cluster_name).\ first() if not cluster: msg = "Cluster [{}] doesn't exist in the ODB".format(args.cluster_name) self.logger.error(msg) return self.SYS_ERROR.NO_SUCH_CLUSTER server = Server() server.cluster_id = cluster.id server.name = args.server_name server.token = self.token server.last_join_status = SERVER_JOIN_STATUS.ACCEPTED server.last_join_mod_by = self._get_user_host() server.last_join_mod_date = datetime.utcnow() session.add(server) try: if not self.dirs_prepared: self.prepare_directories(show_output) repo_dir = os.path.join(self.target_dir, 'config', 'repo') self.copy_server_crypto(repo_dir, args) priv_key = open(os.path.join(repo_dir, 'zato-server-priv-key.pem')).read() if show_output: self.logger.debug('Created a Bazaar repo in {}'.format(repo_dir)) self.logger.debug('Creating files..') for file_name, contents in sorted(files.items()): file_name = os.path.join(self.target_dir, file_name) if show_output: self.logger.debug('Creating {}'.format(file_name)) f = file(file_name, 'w') f.write(contents) f.close() logging_conf_loc = os.path.join(self.target_dir, 'config/repo/logging.conf') logging_conf = open(logging_conf_loc).read() open(logging_conf_loc, 'w').write(logging_conf.format( log_path=os.path.join(self.target_dir, 'logs', 'zato.log'))) if show_output: self.logger.debug('Logging configuration stored in {}'.format(logging_conf_loc)) server_conf_loc = os.path.join(self.target_dir, 'config/repo/server.conf') server_conf = open(server_conf_loc, 'w') server_conf.write( server_conf_template.format( port=port, gunicorn_workers=cpu_count(), odb_db_name=args.odb_db_name, odb_engine=args.odb_type, odb_host=args.odb_host, odb_port=args.odb_port, odb_password=encrypt(args.odb_password, priv_key), odb_pool_size=default_odb_pool_size, odb_user=args.odb_user, token=self.token, kvdb_host=args.kvdb_host, kvdb_port=args.kvdb_port, kvdb_password=encrypt(args.kvdb_password, priv_key) if args.kvdb_password else '', initial_cluster_name=args.cluster_name, initial_server_name=args.server_name, )) server_conf.close() if show_output: self.logger.debug('Core configuration stored in {}'.format(server_conf_loc)) # Initial info self.store_initial_info(self.target_dir, self.COMPONENTS.SERVER.code) session.commit() except IntegrityError, e: msg = 'Server name [{}] already exists'.format(args.server_name) if self.verbose: msg += '. Caught an exception:[{}]'.format(format_exc(e)) self.logger.error(msg) self.logger.error(msg) session.rollback() return self.SYS_ERROR.SERVER_NAME_ALREADY_EXISTS
def execute(self, args, show_output=True, password=None): os.chdir(self.target_dir) repo_dir = os.path.join(self.target_dir, 'config', 'repo') zato_admin_conf_path = os.path.join(repo_dir, 'zato-admin.conf') initial_data_json_path = os.path.join(repo_dir, 'initial-data.json') os.mkdir(os.path.join(self.target_dir, 'logs')) os.mkdir(os.path.join(self.target_dir, 'config')) os.mkdir(os.path.join(self.target_dir, 'config', 'zdaemon')) os.mkdir(repo_dir) user_name = 'admin' password = password if password else generate_password() self.copy_zato_admin_crypto(repo_dir, args) pub_key = open(os.path.join(repo_dir, 'zato-admin-pub-key.pem')).read() config = { 'host': zato_admin_host, 'port': zato_admin_port, 'db_type': args.odb_type, 'log_config': 'logging.conf', 'DATABASE_NAME': args.odb_db_name, 'DATABASE_USER': args.odb_user, 'DATABASE_PASSWORD': encrypt(args.odb_password, pub_key), 'DATABASE_HOST': args.odb_host, 'DATABASE_PORT': args.odb_port, 'SITE_ID': getrandbits(20), 'SECRET_KEY': encrypt(uuid.uuid4().hex, pub_key), 'TECH_ACCOUNT_NAME':args.tech_account_name, 'TECH_ACCOUNT_PASSWORD':encrypt(args.tech_account_password, pub_key), } open(os.path.join(repo_dir, 'logging.conf'), 'w').write(common_logging_conf_contents.format(log_path='./logs/zato-admin.log')) open(zato_admin_conf_path, 'w').write(config_template.format(**config)) open(initial_data_json_path, 'w').write(initial_data_json.format(**config)) # Initial info self.store_initial_info(self.target_dir, self.COMPONENTS.ZATO_ADMIN.code) config = json.loads(open(os.path.join(repo_dir, 'zato-admin.conf')).read()) config['config_dir'] = self.target_dir update_globals(config, self.target_dir) os.environ['DJANGO_SETTINGS_MODULE'] = 'zato.admin.settings' # Can't import these without DJANGO_SETTINGS_MODULE being set from django.contrib.auth.models import User from django.db import connection from django.db.utils import IntegrityError call_command('syncdb', interactive=False, verbosity=0) call_command('loaddata', initial_data_json_path, verbosity=0) try: call_command('createsuperuser', interactive=False, username=user_name, first_name='admin-first-name', last_name='admin-last-name', email='*****@*****.**') admin_created = True except IntegrityError, e: admin_created = False connection._rollback() msg = 'Ignoring IntegrityError e:[{}]'.format(format_exc(e)) self.logger.info(msg)
def execute(self, args, show_output=True, password=None, needs_admin_created_flag=False): os.chdir(self.target_dir) repo_dir = os.path.join(self.target_dir, 'config', 'repo') web_admin_conf_path = os.path.join(repo_dir, 'web-admin.conf') initial_data_json_path = os.path.join(repo_dir, 'initial-data.json') os.mkdir(os.path.join(self.target_dir, 'logs')) os.mkdir(os.path.join(self.target_dir, 'config')) os.mkdir(repo_dir) user_name = 'admin' password = password if password else generate_password() self.copy_web_admin_crypto(repo_dir, args) priv_key = open(os.path.join(repo_dir, 'web-admin-priv-key.pem')).read() config = { 'host': web_admin_host, 'port': web_admin_port, 'db_type': args.odb_type, 'log_config': 'logging.conf', 'DATABASE_NAME': args.odb_db_name or args.sqlite_path, 'DATABASE_USER': args.odb_user or '', 'DATABASE_PASSWORD': encrypt(args.odb_password, priv_key) if args.odb_password else '', 'DATABASE_HOST': args.odb_host or '', 'DATABASE_PORT': args.odb_port or '', 'SITE_ID': getrandbits(20), 'SECRET_KEY': encrypt(uuid.uuid4().hex, priv_key), 'ADMIN_INVOKE_NAME':'admin.invoke', 'ADMIN_INVOKE_PASSWORD':encrypt(getattr(args, 'admin_invoke_password', None) or getattr(args, 'tech_account_password'), priv_key), } open(os.path.join(repo_dir, 'logging.conf'), 'w').write(common_logging_conf_contents.format(log_path='./logs/web-admin.log')) open(web_admin_conf_path, 'w').write(config_template.format(**config)) open(initial_data_json_path, 'w').write(initial_data_json.format(**config)) # Initial info self.store_initial_info(self.target_dir, self.COMPONENTS.WEB_ADMIN.code) config = json.loads(open(os.path.join(repo_dir, 'web-admin.conf')).read()) config['config_dir'] = self.target_dir update_globals(config, self.target_dir) os.environ['DJANGO_SETTINGS_MODULE'] = 'zato.admin.settings' # Can't import these without DJANGO_SETTINGS_MODULE being set from django.contrib.auth.models import User from django.db import connection from django.db.utils import IntegrityError call_command('syncdb', interactive=False, verbosity=0) call_command('loaddata', initial_data_json_path, verbosity=0) try: call_command( 'createsuperuser', interactive=False, username=user_name, first_name='admin-first-name', last_name='admin-last-name', email='*****@*****.**') admin_created = True user = User.objects.get(username=user_name) user.set_password(password) user.save() except IntegrityError, e: admin_created = False connection._rollback() self.logger.info('Ignoring IntegrityError e:[%s]', format_exc(e).decode('utf-8'))
def execute(self, args, show_output=True, password=None, needs_admin_created_flag=False): os.chdir(self.target_dir) repo_dir = os.path.join(self.target_dir, 'config', 'repo') web_admin_conf_path = os.path.join(repo_dir, 'web-admin.conf') initial_data_json_path = os.path.join(repo_dir, 'initial-data.json') os.mkdir(os.path.join(self.target_dir, 'logs')) os.mkdir(os.path.join(self.target_dir, 'config')) os.mkdir(repo_dir) user_name = 'admin' password = password if password else generate_password() self.copy_web_admin_crypto(repo_dir, args) priv_key = open(os.path.join(repo_dir, 'web-admin-priv-key.pem')).read() config = { 'host': web_admin_host, 'port': web_admin_port, 'db_type': args.odb_type, 'log_config': 'logging.conf', 'DATABASE_NAME': args.odb_db_name or args.sqlite_path, 'DATABASE_USER': args.odb_user or '', 'DATABASE_PASSWORD': encrypt(args.odb_password, priv_key) if args.odb_password else '', 'DATABASE_HOST': args.odb_host or '', 'DATABASE_PORT': args.odb_port or '', 'SITE_ID': getrandbits(20), 'SECRET_KEY': encrypt(uuid.uuid4().hex, priv_key), 'ADMIN_INVOKE_NAME': 'admin.invoke', 'ADMIN_INVOKE_PASSWORD': encrypt( getattr(args, 'admin_invoke_password', None) or getattr(args, 'tech_account_password'), priv_key), } open(os.path.join(repo_dir, 'logging.conf'), 'w').write( common_logging_conf_contents.format( log_path='./logs/web-admin.log')) open(web_admin_conf_path, 'w').write(config_template.format(**config)) open(initial_data_json_path, 'w').write(initial_data_json.format(**config)) # Initial info self.store_initial_info(self.target_dir, self.COMPONENTS.WEB_ADMIN.code) config = json.loads( open(os.path.join(repo_dir, 'web-admin.conf')).read()) config['config_dir'] = self.target_dir update_globals(config, self.target_dir) os.environ['DJANGO_SETTINGS_MODULE'] = 'zato.admin.settings' import django django.setup() self.reset_logger(args, True) # Can't import these without DJANGO_SETTINGS_MODULE being set from django.contrib.auth.models import User from django.db import connection from django.db.utils import IntegrityError call_command('migrate', run_syncdb=True, interactive=False, verbosity=0) call_command('loaddata', initial_data_json_path, verbosity=0) try: call_command('createsuperuser', interactive=False, username=user_name, first_name='admin-first-name', last_name='admin-last-name', email='*****@*****.**') admin_created = True user = User.objects.get(username=user_name) user.set_password(password) user.save() except IntegrityError: # This will happen if user 'admin' already exists, e.g. if this is not the first cluster in this database admin_created = False connection._rollback() # Needed because Django took over our logging config self.reset_logger(args, True) if show_output: if self.verbose: msg = """Successfully created a web admin instance. You can start it with the 'zato start {path}' command.""".format( path=os.path.abspath( os.path.join(os.getcwd(), self.target_dir))) self.logger.debug(msg) else: self.logger.info('OK') # We return it only when told to explicitly so when the command runs from CLI # it doesn't return a non-zero exit code. if needs_admin_created_flag: return admin_created
def execute(self, args, server_pub_key=None): # Service list 1) # We need to check if we're the first server to join the cluster. If we # are then we need to populate the ODB with a list of internal services # available in the server. At this point we only check what # the command-line parameters were and later on, in point 2), # the actual list gets added to the ODB. cluster_name = args.cluster if 'cluster' in args else self.cluster_name if not self.dirs_prepared: self.prepare_directories() repo_dir = os.path.join(self.target_dir, 'config/repo') pub_key = open(os.path.join(repo_dir, 'zs-pub-key.pem')).read() repo_manager = RepoManager(repo_dir) repo_manager.ensure_repo_consistency() print('\nCreated a Bazaar repo in {repo_dir}'.format(repo_dir=repo_dir)) print('') print('Creating files..') for file_name, contents in sorted(files.items()): file_name = os.path.join(self.target_dir, file_name) print('Creating {file_name}'.format(file_name=file_name)) f = file(file_name, 'w') f.write(contents) f.close() logging_conf_loc = os.path.join(self.target_dir, 'config/repo/logging.conf') logging_conf = open(logging_conf_loc).read() open(logging_conf_loc, 'w').write(logging_conf.format( log_path=os.path.join(self.target_dir, 'logs', 'zato.log'))) print('') print('Logging configuration stored in {logging_conf_loc}'.format(logging_conf_loc=logging_conf_loc)) server_conf_loc = os.path.join(self.target_dir, 'config/repo/server.conf') server_conf = open(server_conf_loc, 'w') server_conf.write(server_conf_template.format(odb_db_name=args.odb_dbname, odb_engine=args.odb_type, odb_host=args.odb_host, odb_password=encrypt(args.odb_password, pub_key), odb_pool_size=default_odb_pool_size, odb_user=args.odb_user, odb_token=self.odb_token)) server_conf.close() print('Core configuration stored in {server_conf_loc}'.format(server_conf_loc=server_conf_loc)) # Service list 2) # We'll need to add the list of services to the ODB depending on just # how many active servers there are in the cluster. engine = self._get_engine(args) session = self._get_session(engine) cluster = session.query(Cluster).filter(Cluster.name==cluster_name).first() if not cluster: should_add = True # A new cluster so it can't have any services yet. else: # .Need to add the list if there aren't any servers yet. should_add = not session.query(Server).\ filter(Server.cluster_id==cluster.id).\ filter(Server.last_join_status==ZATO_JOIN_REQUEST_ACCEPTED+'a').\ count() #if should_add msg = """\nSuccessfully created a new server. You can now start it with the 'zato start {path}' command. """.format(path=os.path.abspath(os.path.join(os.getcwd(), self.target_dir))) print(msg)
def execute(self, args, show_output=True, password=None, needs_created_flag=False): os.chdir(self.target_dir) repo_dir = os.path.join(self.target_dir, 'config', 'repo') conf_path = os.path.join(repo_dir, 'scheduler.conf') startup_jobs_conf_path = os.path.join(repo_dir, 'startup_jobs.conf') sql_conf_path = os.path.join(repo_dir, 'sql.conf') os.mkdir(os.path.join(self.target_dir, 'logs')) os.mkdir(os.path.join(self.target_dir, 'config')) os.mkdir(repo_dir) self.copy_scheduler_crypto(repo_dir, args) priv_key = open(os.path.join(repo_dir, 'zato-scheduler-priv-key.pem')).read() config = { 'odb_db_name': args.odb_db_name or args.sqlite_path, 'odb_engine': args.odb_type, 'odb_host': args.odb_host or '', 'odb_port': args.odb_port or '', 'odb_password': encrypt(args.odb_password, priv_key) if args.odb_password else '', 'odb_username': args.odb_user or '', 'broker_host': args.kvdb_host, 'broker_port': args.kvdb_port, 'broker_password': encrypt(args.kvdb_password, priv_key) if args.kvdb_password else '', 'user1_password': generate_password(), 'cluster_id': args.cluster_id, } open(os.path.join(repo_dir, 'logging.conf'), 'w').write( common_logging_conf_contents.format( log_path='./logs/scheduler.log')) open(conf_path, 'w').write(config_template.format(**config)) open(startup_jobs_conf_path, 'w').write(startup_jobs) open(sql_conf_path, 'w').write(sql_conf_contents) # Initial info self.store_initial_info(self.target_dir, self.COMPONENTS.SCHEDULER.code) if show_output: if self.verbose: msg = """Successfully created a scheduler instance. You can start it with the 'zato start {path}' command.""".format( path=os.path.abspath( os.path.join(os.getcwd(), self.target_dir))) self.logger.debug(msg) else: self.logger.info('OK') # We return it only when told to explicitly so when the command runs from CLI # it doesn't return a non-zero exit code. if needs_created_flag: return True