def _send_data(self, data, length):
self.response.headers['Content-Type'] = 'application/octet-stream'
self.response.headers['Content-Length'] = str(length)
crypto = self._cfg['crypto'].getcrypto(self._cfg['siteKey'])
info, headers, data = data
self.response.out.write(info)
if headers:
self.response.out.write(crypto.encrypt(headers))
self.response.out.write(crypto.encrypt(data))
def user_add(request):
adduser_form = AddUserForm(request.POST)
if adduser_form.is_valid():
log_user = request.session.get('username')
name = adduser_form.cleaned_data.get('name')
username = adduser_form.cleaned_data.get('username')
password = adduser_form.cleaned_data.get('password')
domain = adduser_form.cleaned_data.get('domain', None)
memo = adduser_form.cleaned_data.get('memo')
enabled = adduser_form.cleaned_data.get('enabled')
superusername = adduser_form.cleaned_data.get('superusername', None)
superpassword = adduser_form.cleaned_data.get('superpassword', None)
if enabled:
if not superusername or not superpassword:
error_message = '超级用户或者超级密码不能为空!'
return JsonResponse({"code": 400, "err": error_message})
data = {
'name':
name,
'username':
username,
'password':
encrypt(password),
'domain':
domain,
'memo':
memo,
'enabled':
enabled,
'superusername':
superusername,
'superpassword':
encrypt(superpassword) if superpassword else superpassword,
}
try:
if RemoteUser.objects.filter(name=name).count() > 0:
error_message = '主机用户已存在'
return JsonResponse({"code": 401, "err": error_message})
user = User.objects.get(username=log_user)
update_user = RemoteUser.objects.create(**data)
event_log(user, 15, '主机用户 [{}] 添加成功'.format(update_user.name),
request.META.get('REMOTE_ADDR', None),
request.META.get('HTTP_USER_AGENT', None))
return JsonResponse({"code": 200, "err": ""})
except Exception:
# print(traceback.format_exc())
error_message = '未知错误!'
return JsonResponse({"code": 402, "err": error_message})
else:
error_message = '请检查填写的内容!'
return JsonResponse({"code": 403, "err": error_message})
def user_update(request):
changeuser_form = ChangeUserForm(request.POST)
if changeuser_form.is_valid():
log_user = request.session.get('username')
userid = changeuser_form.cleaned_data.get('userid')
username = changeuser_form.cleaned_data.get('username')
password = changeuser_form.cleaned_data.get('password')
domain = changeuser_form.cleaned_data.get('domain', None)
memo = changeuser_form.cleaned_data.get('memo')
enabled = changeuser_form.cleaned_data.get('enabled')
superusername = changeuser_form.cleaned_data.get('superusername', None)
superpassword = changeuser_form.cleaned_data.get('superpassword', None)
if enabled:
if not superusername or not superpassword:
error_message = '超级用户或者超级密码不能为空!'
return JsonResponse({"code": 400, "err": error_message})
data = {
'username':
username,
'password':
encrypt(password),
'domain':
domain,
'memo':
memo,
'enabled':
enabled,
'superusername':
superusername,
'superpassword':
encrypt(superpassword) if superpassword else superpassword,
}
try:
user = User.objects.get(username=log_user)
RemoteUser.objects.filter(id=userid).update(**data)
event_log(
user, 17, '主机用户 [{}] 更新成功'.format(
RemoteUser.objects.get(id=userid).name),
request.META.get('REMOTE_ADDR', None),
request.META.get('HTTP_USER_AGENT', None))
return JsonResponse({"code": 200, "err": ""})
except Exception:
# print(traceback.format_exc())
error_message = '主机用户不存在!'
return JsonResponse({"code": 401, "err": error_message})
else:
error_message = '请检查填写的内容!'
return JsonResponse({"code": 402, "err": error_message})
def _pack_data(self, code, headers, data):
crypto = self._cfg['crypto']
ct = headers.get('Content-Type', '').lower()
headers = self.dump_data(headers.__getstate__())
zip = 0
if ct.find('text')>=0 or ct.find('application')>=0:
cdata = crypto.paddata(zlib.compress(headers+data))
if len(cdata) < (crypto.getsize(len(headers)) +
crypto.getsize(len(data))): zip = 1
if zip == 0:
headers = crypto.paddata(headers)
data = crypto.paddata(data)
info = struct.pack('>BHI', zip, code, len(headers))
crypto = crypto.getcrypto(self._cfg['siteKey'])
if zip == 1: return info + crypto.encrypt(cdata)
return '%s%s%s' % (info, crypto.encrypt(headers), crypto.encrypt(data))
def write(self, filename, password=None, zip=True):
data = self.toxml()
if password:
data = crypto.encrypt(data, password)
if zip:
gzip.open(filename, "wb").write(data)
else:
open(filename, "wb").write(data)
def encrypt(self, data):
return encrypt(self.db_encryption_key, data, "")
def main():
# 使用django配置文件进行设置
os.environ.setdefault('DJANGO_SETTINGS_MODULE', 'devops.settings')
# 让django初始化
import django
django.setup()
from user.models import User
from server.models import RemoteUser, RemoteUserBindHost
from util.tool import hash_code
from util.crypto import encrypt
print('初始化开始...')
username = '******'
nickname = '超级管理员'
password = hash_code('123456')
email = '*****@*****.**'
sex = 'male'
enabled = True
role = 1
if User.objects.filter(username=username).count() > 0:
print('已存在 {} 账号,无需初始化,退出...'.format(username))
else:
user = User()
user.username = username
user.nickname = nickname
user.password = password
user.email = email
user.sex = sex
user.enabled = enabled
user.role = role
user.save()
print('已创建管理员账号:root,密码:123456')
data = {
'username': '******',
'password': hash_code('123456'),
'nickname': '运维工程师',
'email': '*****@*****.**',
'sex': 'male',
'enabled': True,
'role': 2,
}
User.objects.create(**data)
print('已创建普通账号:leffss,密码:123456')
data = {
'name': '通用root账号',
'username': '******',
'password': encrypt('123456'),
'enabled': False,
}
remote_user = RemoteUser.objects.create(**data)
print('已创建远程账号:root,密码:123456')
hosts = {
'k8s1': '192.168.223.111',
'k8s2': '192.168.223.112',
'k8s3': '192.168.223.113',
'k8s4': '192.168.223.114',
'k8s5': '192.168.223.115',
'k8s6': '192.168.223.116',
'k8s7': '192.168.223.117',
'k8s8': '192.168.223.118',
}
for k, v in hosts.items():
data = {
'hostname': k,
'type': 6,
'ip': v,
'protocol': 1,
'env': 2,
'platform': 1,
'port': 22,
'release': 'CentOS 7',
'remote_user': remote_user
}
RemoteUserBindHost.objects.create(**data)
print('已创建远程主机:{}_{}'.format(k, v))
print('初始化结束...')
def encrypt(self, data):
return encrypt(self.db_encryption_key, data, "")
a = 'xxsadasdasd'
print(_de.encrypt(a))
b = '37fbd0f8f39a462e39fef72852061f35'
print(_de.decrypt(b))
a = 'WAF@ADmin#Sql$719'
print(_de.encrypt(a))
# 使用django配置文件进行设置
os.environ.setdefault('DJANGO_SETTINGS_MODULE', 'devops.settings')
# 让django初始化
import django
django.setup()
from util.crypto import encrypt, decrypt
passwd = '1213'
en = encrypt(passwd)
print(en)
print(decrypt(en))
x = 'gAAAAABduSzufr3De6SKUdjF44QSU8khLWO1V2n7et1if5pYjUsJ6hxn30sYlXEfiP-JWt5ADjtrx6vI_tE7ZNCwniBX0xWSjQ=='
print(decrypt(x))
x = 'gAAAAABduSzujDu0XLd0sy1FvNgd2Ttf9id_YKTG4P2XySMxRM9CFk6qOiAKEnMY1PMByervIGUoDVcK1HuxYIOHYOWU7T115w=='
print(decrypt(x))
hosts = {
'k8s1': '192.168.223.111',
'k8s2': '192.168.223.111',
'k8s3': '192.168.223.111',
'k8s4': '192.168.223.111',
'k8s5': '192.168.223.111',