def run(outdir, diff, no_write, no_exec, no_git): kwargs = {'diff': diff, 'dry_run': no_write, 'remove_empty': True} if any([ util.write_file(outdir, ff_ssl_catchall_file, ff_ssl_catchall_output, **kwargs), util.write_file(outdir, ff_app_file, ff_app_output, **kwargs), util.write_file(outdir, ff_redirect_file, ff_redirect_output, **kwargs), util.write_file(outdir, appnode_catchall_file, appnode_catchall_output, **kwargs), util.write_file(outdir, appnode_app_file, appnode_app_output, **kwargs), ]): if os.geteuid() == 0: util.cmd(('service', 'nginx', 'reload'), no_exec) elif pwd.getpwuid(os.getuid())[0] == 'appctl': util.cmd(('sudo', 'service', 'nginx', 'reload'), no_exec) util.git_commit(outdir, 'nginx/caretakr.d/', no_git, 'nginx')
def run(outdir, diff, no_write, no_exec, no_git): if util.write_file(outdir, 'ipsec-tools.conf', _render_ipsec_tools(tunnels), no_write, diff): if os.geteuid() == 0: util.cmd(('/etc/ipsec-tools.conf',), no_exec) if any([ util.write_file(outdir, 'racoon/psk.txt', _render_racoon_psk(tunnels), no_write, diff), util.write_file(outdir, 'racoon/racoon.conf', _render_racoon(tunnels), no_write, diff), ]): if os.geteuid() == 0: util.cmd(('racoonctl', 'reload-config'), no_exec) if util.write_file(outdir, 'network/interfaces.d/caretakr.ipsec.conf', _render_interfaces(internal_interfaces), no_write, diff=True): logger.warn("Automatic activation of interface changes not implemented!") util.git_commit(outdir, ['ipsec-tools.conf', 'racoon/psk.txt', 'racoon/racoon.conf', 'network/interfaces.d/caretakr.ipsec.conf'], no_git, 'ipsec')
def run(outdir, diff, no_write, no_exec, no_git): if any([ util.write_file(outdir, 'network/firewall', firewall_lines, no_write, diff), util.write_file(outdir, 'network/firewall6', firewall6_lines, no_write, diff), util.write_file(outdir, 'hosts.allow', hosts_allow_lines, no_write, diff), ]): if os.geteuid() == 0: if no_exec is True: util.cmd(('/sbin/iptables-restore', '-t'), dry_run=False, stdin=firewall_lines) util.cmd(('/sbin/ip6tables-restore', '-t'), dry_run=False, stdin=firewall6_lines) else: util.cmd(('/sbin/iptables-restore'), dry_run=False, stdin=firewall_lines) util.cmd(('/sbin/ip6tables-restore'), dry_run=False, stdin=firewall6_lines) util.git_commit(outdir, ['network/firewall', 'network/firewall6', 'hosts.allow'], no_git, 'firewall')
def run(outdir, diff, no_write, no_exec, no_git): if util.write_file(outdir, 'keepalived/keepalived.conf', ze_output, no_write, diff): if os.geteuid() == 0: util.cmd(['service', 'keepalived', 'reload'], no_exec) util.git_commit(outdir, 'keepalived/keepalived.conf', no_git, 'keepalived')