Пример #1
0
 def run(outdir, diff, no_write, no_exec, no_git):
     kwargs = {'diff': diff, 'dry_run': no_write, 'remove_empty': True}
     if any([
         util.write_file(outdir, ff_ssl_catchall_file, ff_ssl_catchall_output, **kwargs),
         util.write_file(outdir, ff_app_file, ff_app_output, **kwargs),
         util.write_file(outdir, ff_redirect_file, ff_redirect_output, **kwargs),
         util.write_file(outdir, appnode_catchall_file, appnode_catchall_output, **kwargs),
         util.write_file(outdir, appnode_app_file, appnode_app_output, **kwargs),
     ]):
         if os.geteuid() == 0:
             util.cmd(('service', 'nginx', 'reload'), no_exec)
         elif pwd.getpwuid(os.getuid())[0] == 'appctl':
             util.cmd(('sudo', 'service', 'nginx', 'reload'), no_exec)
         util.git_commit(outdir, 'nginx/caretakr.d/', no_git, 'nginx')
Пример #2
0
 def run(outdir, diff, no_write, no_exec, no_git):
     if util.write_file(outdir, 'ipsec-tools.conf',
                        _render_ipsec_tools(tunnels), no_write, diff):
         if os.geteuid() == 0:
             util.cmd(('/etc/ipsec-tools.conf',), no_exec)
     if any([
         util.write_file(outdir, 'racoon/psk.txt', _render_racoon_psk(tunnels), no_write, diff),
         util.write_file(outdir, 'racoon/racoon.conf', _render_racoon(tunnels), no_write, diff),
     ]):
         if os.geteuid() == 0:
             util.cmd(('racoonctl', 'reload-config'), no_exec)
     if util.write_file(outdir, 'network/interfaces.d/caretakr.ipsec.conf',
                        _render_interfaces(internal_interfaces), no_write, diff=True):
         logger.warn("Automatic activation of interface changes not implemented!")
     util.git_commit(outdir, ['ipsec-tools.conf',
                              'racoon/psk.txt', 'racoon/racoon.conf',
                              'network/interfaces.d/caretakr.ipsec.conf'], no_git, 'ipsec')
Пример #3
0
 def run(outdir, diff, no_write, no_exec, no_git):
     if any([
         util.write_file(outdir, 'network/firewall', firewall_lines, no_write, diff),
         util.write_file(outdir, 'network/firewall6', firewall6_lines, no_write, diff),
         util.write_file(outdir, 'hosts.allow', hosts_allow_lines, no_write, diff),
     ]):
         if os.geteuid() == 0:
             if no_exec is True:
                 util.cmd(('/sbin/iptables-restore', '-t'), dry_run=False, stdin=firewall_lines)
                 util.cmd(('/sbin/ip6tables-restore', '-t'),
                          dry_run=False, stdin=firewall6_lines)
             else:
                 util.cmd(('/sbin/iptables-restore'), dry_run=False, stdin=firewall_lines)
                 util.cmd(('/sbin/ip6tables-restore'), dry_run=False, stdin=firewall6_lines)
         util.git_commit(outdir, ['network/firewall', 'network/firewall6', 'hosts.allow'],
                         no_git, 'firewall')
Пример #4
0
 def run(outdir, diff, no_write, no_exec, no_git):
     if util.write_file(outdir, 'keepalived/keepalived.conf', ze_output, no_write, diff):
         if os.geteuid() == 0:
             util.cmd(['service', 'keepalived', 'reload'], no_exec)
         util.git_commit(outdir, 'keepalived/keepalived.conf', no_git, 'keepalived')