def determine_ssh_status(run=0): if not os.path.exists("etc/ssh"): os.mkdir("etc/ssh") if not os.path.exists("etc/ssh/authorized_keys"): return render_template("need_ssh.html", run=run, menu_options=wizard.get_available_options()) else: return redirect(url_for("explain_certificate_authority", run=0))
def _render_configure_template(template, container, **kwargs): complete_configuration = [ container for container in wizard.container_order if wizard.is_configuration_complete(container)] if container is not None: samples = wizard.get_configuration_file_samples(container) requirements = [(req, wizard.descriptive_requirements[req]) for req in wizard.requirements[container]] complete_samples = [ file_name for file_name in samples if wizard.is_file_configured(container, file_name)] else: samples = None complete_samples = None requirements = None complete_requirements = [req for req in wizard.requirements[container] if wizard.is_requirement_fullfiled(container, req)] my_containers = [container for container in wizard.container_order if container in wizard.config['General']['containers']] return render_template(template, menu_options=wizard.get_available_options(), current_container=container, samples=samples, complete_samples=complete_samples, security=requirements, complete_requirements=complete_requirements, complete_configuration=complete_configuration, containers=my_containers, **kwargs)
def check_deployment(): checkup = wizard.check_deployment() return render_template( "check_deployment.html", checkup=checkup, container_confs=wizard.requirements, menu_options=wizard.get_available_options(), )
def explain_certificate_authority(run=0): # TODO: this needs to be changed if not os.path.exists("etc/ca"): os.mkdir("etc/ca") if not os.path.exists("etc/ca/UNDERSTAND") and not os.path.exists("etc/ca/demoCA"): return render_template("need_ca.html", menu_options=wizard.get_available_options(), run=run) else: return redirect(url_for("get_named_directories_root"))
def determine_ssh_status(run=0): if not os.path.exists('etc/ssh'): os.mkdir('etc/ssh') if not os.path.exists('etc/ssh/authorized_keys'): return render_template('need_ssh.html', run=run, menu_options=wizard.get_available_options()) else: return redirect(url_for('explain_certificate_authority', run=0))
def get_named_directories_root(): form = _delist(request.form) if "named" in form: root = form["named"] else: root = wizard.config["General"].get("nameddirectoriesroot", None) if root is None or not os.path.isdir(root): return render_template("named_directories.html", menu_options=wizard.get_available_options(), root=root) wizard.change_config("General", nameddirectoriesroot=root) return redirect(url_for("choose_containers"))
def explain_certificate_authority(run=0): # TODO: this needs to be changed if not os.path.exists('etc/ca'): os.mkdir('etc/ca') if not os.path.exists('etc/ca/UNDERSTAND') and \ not os.path.exists('etc/ca/demoCA'): return render_template('need_ca.html', menu_options=wizard.get_available_options(), run=run) else: return redirect(url_for('get_named_directories_root'))
def create_certificate_authority(run=0): if os.path.exists('etc/ca/demoCA'): return render_template('exists_ca.html', menu_options=wizard.get_available_options(), next_route='/named_directories') ca_template = _ca_template.format( country=wizard.config['General']['country'], state=wizard.config['General']['state'], locality=wizard.config['General']['locality'], orgname=wizard.config['General']['orgname'], orgunit=wizard.config['General']['orgunit'], commonname=wizard.config['General']['commonname'], email=wizard.config['General']['email']) with open('init.ssl', 'wt') as w: w.write(ca_template) ca_ok = ca.create_ca() if ca_ok: wizard.change_config('CA', type='self-signed') return redirect(url_for('get_named_directories_root')) return render_template('ca_not_created.html', menu_options=wizard.get_available_options())
def get_named_directories_root(): form = _delist(request.form) if 'named' in form: root = form['named'] else: root = wizard.config['General'].get('nameddirectoriesroot', None) if root is None or not os.path.isdir(root): return render_template('named_directories.html', menu_options=wizard.get_available_options(), root=root) wizard.change_config('General', nameddirectoriesroot=root) return redirect(url_for('choose_containers'))
def create_certificate_authority(run=0): if os.path.exists("etc/ca/demoCA"): return render_template( "exists_ca.html", menu_options=wizard.get_available_options(), next_route="/named_directories" ) ca_template = _ca_template.format( country=wizard.config["General"]["country"], state=wizard.config["General"]["state"], locality=wizard.config["General"]["locality"], orgname=wizard.config["General"]["orgname"], orgunit=wizard.config["General"]["orgunit"], commonname=wizard.config["General"]["commonname"], email=wizard.config["General"]["email"], ) with open("init.ssl", "wt") as w: w.write(ca_template) ca_ok = ca.create_ca() if ca_ok: wizard.change_config("CA", type="self-signed") return redirect(url_for("get_named_directories_root")) return render_template("ca_not_created.html", menu_options=wizard.get_available_options())
def generate_configuration(): container_confs = wizard.requirements for container, services in container_confs.items(): shutil.copy('etc/ssh/authorized_keys', 'docker/%s' % container) for service, artefacts in services.items(): for artefact, files in artefacts.items(): for fname in files: if service == 'ssl': _copy_ssl_artefact(container, str(artefact), fname) elif service == 'ca': _copy_ca_artefact(container, str(artefact), fname) return render_template('generate_configuration.html', container_confs=container_confs, menu_options=wizard.get_available_options())
def configure_ssl(container): form = _delist(request.form) if _has_all_parameters(form, ["country", "state", "locality", "orgname", "orgunit", "commonname", "email"]): ssl_config = _ssl_template.format(**form) ssl_ok = ca.create_ssl("/etc/%s" % container, ssl_config) if ssl_ok: try: os.mkdir("etc/%s" % container) except: pass # Already exists, that is fine shutil.move("etc/ca/privkey.pem", "etc/%s/ssl.key.pem" % container) shutil.move("etc/ca/newcert.pem", "etc/%s/ssl.cert.pem" % container) return redirect(url_for("configure_containers")) return render_template("ssl_not_created.html", menu_options=wizard.get_available_options()) return _configure_ssl(container)
def welcome(run=0): if run == 0: form = wizard.config.get("General", {}) else: form = _delist(request.form) if _has_all_parameters( form, ["host", "country", "state", "locality", "orgname", "orgunit", "commonname", "email"] ): wizard.change_config("General", **form) return redirect(url_for("determine_ssh_status", run=0)) if "host" not in form: form["host"] = socket.getfqdn() all_params = {"run": run, **form} return render_template("welcome.html", menu_options=wizard.get_available_options(), **all_params)
def choose_containers(): if len(request.form) > 0: active_containers = [] for entry in request.form: active_containers.append(entry) wizard.change_config('General', containers=active_containers) return redirect(url_for('configure_containers')) active_containers = wizard.config['General'].get('containers', ['ldap']) return render_template('choose_containers.html', menu_options=wizard.get_available_options(), descriptive_names=wizard.descriptive_names, dependencies=wizard.dependencies, container_role=wizard.container_role, active_containers=active_containers, container_order=wizard.container_order)
def welcome(run=0): if run == 0: form = wizard.config.get('General', {}) else: form = _delist(request.form) if _has_all_parameters(form, ['host', 'country', 'state', 'locality', 'orgname', 'orgunit', 'commonname', 'email']): wizard.change_config('General', **form) return redirect(url_for('determine_ssh_status', run=0)) if 'host' not in form: form['host'] = socket.getfqdn() all_params = {'run': run, **form} return render_template('welcome.html', menu_options=wizard.get_available_options(), **all_params)
def choose_containers(): if len(request.form) > 0: active_containers = [] for entry in request.form: active_containers.append(entry) wizard.change_config("General", containers=active_containers) return redirect(url_for("configure_containers")) active_containers = wizard.config["General"].get("containers", ["ldap"]) return render_template( "choose_containers.html", menu_options=wizard.get_available_options(), descriptive_names=wizard.descriptive_names, dependencies=wizard.dependencies, container_role=wizard.container_role, active_containers=active_containers, container_order=wizard.container_order, )
def configure_ssl(container): form = _delist(request.form) if _has_all_parameters(form, ['country', 'state', 'locality', 'orgname', 'orgunit', 'commonname', 'email']): ssl_config = _ssl_template.format(**form) ssl_ok = ca.create_ssl('/etc/%s' % container, ssl_config) if ssl_ok: try: os.mkdir('etc/%s' % container) except: pass # Already exists, that is fine shutil.move('etc/ca/privkey.pem', 'etc/%s/ssl.key.pem' % container) shutil.move('etc/ca/newcert.pem', 'etc/%s/ssl.cert.pem' % container) return redirect(url_for('configure_containers')) return render_template('ssl_not_created.html', menu_options=wizard.get_available_options()) return _configure_ssl(container)
def generate_configuration(): wizard.generate_configuration() return render_template('generate_configuration.html', container_confs=wizard.requirements, menu_options=wizard.get_available_options())
def generate_configuration(): wizard.generate_configuration() return render_template( "generate_configuration.html", container_confs=wizard.requirements, menu_options=wizard.get_available_options() )
def deploy_configuration(): wizard.deploy_on_volumes() return render_template( "deployment.html", container_confs=wizard.requirements, menu_options=wizard.get_available_options() )
def deploy_configuration(): wizard.deploy_on_volumes() return render_template('deployment.html', container_confs=wizard.requirements, menu_options=wizard.get_available_options())