def repopulate_objectclass():
server = Server.query.filter_by(primary_server=True).first()
appconf = AppConfiguration.query.first()
setup_prop = get_setup_properties()
inumOrg = setup_prop['inumOrg']
inumOrgFN = inumOrg.replace('@', '').replace('!', '').replace('.', '')
ldp = getLdapConn(server.hostname, "cn=directory manager",
server.ldap_password)
ldp = getLdapConn(server.hostname, "cn=directory manager",
server.ldap_password)
attrib_list_in_class = []
objcl_s = ldp.getObjectClass(appconf.object_class_base)
attrib_list_s = ldp.getCustomAttributes()
attrib_list = [AttributeType(str(a)) for a in attrib_list_s]
attrib_name_list = [a.names[0] for a in attrib_list]
r = ldp.addAtributeToObjectClass(appconf.object_class_base,
attrib_name_list)
if not r[0]:
flash(r[1], 'danger')
else:
flash("Object Class re-populated", 'success')
return redirect(url_for('attributes.home'))
def get_server_status():
servers = Server.query.all()
services = {
'oxauth': '.well-known/openid-configuration',
'identity': 'identity/restv1/scim-configuration',
'shib': 'idp/shibboleth',
'passport': 'passport'
}
status = {}
active_services = ['oxauth', 'identity']
prop = get_setup_properties()
if prop['installSaml']:
active_services.append('shib')
if prop['installPassport']:
active_services.append('passport')
for server in servers:
status[server.id] = {}
for service in active_services:
try:
url = 'https://{0}/{1}'.format(server.hostname,
services[service])
r = requests.get(url, verify=False)
status[server.id][service] = r.ok
except:
pass
return jsonify(status)
def get_custom_schema_path():
setup_prop = get_setup_properties()
inumOrg = setup_prop['inumOrg']
inumOrgFN = inumOrg.replace('@', '').replace('!', '').replace('.', '')
custom_schema_file = '102-{}.ldif'.format(inumOrgFN)
custom_schema_path = os.path.join(app.config["DATA_DIR"],
custom_schema_file)
return custom_schema_path
def getCustomAttributes(self):
setup_prop = get_setup_properties()
inumOrg = setup_prop['inumOrg']
inumOrgFN = inumOrg.replace('@','').replace('!','').replace('.','')
x_origin = "X-ORIGIN '{}'".format(inumOrgFN)
atrributes = self.getAttributes()
ret_list = []
for ats in atrributes[0]['attributes']['attributeTypes']:
if x_origin in ats:
ret_list.append(ats)
return ret_list
def remove_server(server_id):
appconfig = AppConfiguration.query.first()
server = Server.query.filter_by(id=server_id).first()
all_servers = Server.query.all()
if len(all_servers) > 1:
if server.primary_server:
flash("Please first remove non-primary servers ", "danger")
return redirect(url_for('index.home'))
if request.args.get('removefromdashboard') == 'true':
db.session.delete(server)
db.session.commit()
return redirect(url_for('index.home'))
provider_addr = server.ip if appconfig.use_ip else server.hostname
setup_prop = get_setup_properties()
disable_replication = True if request.args.get('disablereplication') == \
'true' else False
if setup_prop['ldap_type'] == 'openldap':
if server.mmr:
# remove its corresponding syncrepl configs from other servers
consumers = Server.query.filter(Server.id.isnot(server_id)).all()
for consumer in consumers:
remove_provider_from_consumer_f(consumer.id, provider_addr)
else:
print url_for(
'cluster.remove_server_from_cluster_view',
server_id=server_id,
removeserver=True,
disablereplication=disable_replication,
next='dashboard',
)
return redirect(
url_for(
'cluster.remove_server_from_cluster_view',
server_id=server_id,
removeserver=True,
disablereplication=disable_replication,
next='dashboard',
))
# TODO LATER perform checks on ther flags and add their cleanup tasks
flash("Server {0} is removed.".format(server.hostname), "success")
return redirect(url_for('index.home'))
def get_server_status():
servers = Server.query.all()
services = {
'oxauth': '.well-known/openid-configuration',
'identity': 'identity/restv1/scim-configuration',
'shib': 'idp/shibboleth',
'passport': 'passport'
}
status = {}
active_services = ['oxauth', 'identity']
prop = get_setup_properties()
if prop['installSaml']:
active_services.append('shib')
if prop['installPassport']:
active_services.append('passport')
for server in servers:
status[server.id] = {}
c = RemoteClient(server.hostname)
c.ok = False
try:
c.startup()
c.ok = True
except Exception as e:
pass
for service in active_services:
status[server.id][service] = False
if c.ok:
try:
result = c.run("curl -kLI https://localhost/" +
services[service] +
" -o /dev/null -w '%{http_code}\n' -s")
if result[1].strip() == '200':
status[server.id][service] = True
except Exception as e:
print "Error getting service status of {0} for {1}. ERROR: {2}".format(
server.hostname, service, e)
return jsonify(status)
def replication_status():
"""This view displays replication status of ldap servers"""
prop = get_setup_properties()
rep_status = get_opendj_replication_status()
stat = ''
if not rep_status[0]:
flash(rep_status[1], "warning")
else:
stat = rep_status[1]
return render_template(
'monitoring_replication_status.html',
left_menu=left_menu,
stat=stat,
items=items,
)
def confirm_setup_properties(server_id):
setup_prop = get_setup_properties()
appconf = AppConfiguration.query.first()
server = Server.query.get(server_id)
setup_prop['hostname'] = appconf.nginx_host
setup_prop['ip'] = server.ip
setup_prop['ldapPass'] = server.ldap_password
keys = setup_prop.keys()
keys.sort()
return render_template(
'server_confirm_properties.html',
server_id=server_id,
setup_prop=setup_prop,
keys=keys,
)
def __init__(self, hostname, port, password, ssl=True, ip=None):
self.server = Server(hostname, port=port, use_ssl=ssl)
setup_prop = get_setup_properties()
ldap_user = "******"
if setup_prop['ldap_type'] == "openldap":
ldap_user += ",o=gluu"
self.conn = Connection(self.server,
ldap_user,
password=password)
result = self.conn.bind()
if not result:
self.server = Server(ip, port=port, use_ssl=ssl)
self.conn = Connection(
self.server, ldap_user,
password=password)
self.conn.bind()
def registerObjectClass(self, obcls):
setup_prop = get_setup_properties()
inumAppliance = setup_prop['inumAppliance']
dn='ou=oxtrust,ou=configuration,inum={},ou=appliances,o=gluu'.format(inumAppliance)
print dn
r = self.conn.search(dn,
search_filter='(objectclass=*)',
search_scope=BASE,
attributes=["oxTrustConfApplication"],
)
print r, self.conn.result
jstr = self.conn.response[0]['attributes']['oxTrustConfApplication'][0]
jdata = json.loads(jstr)
change = False
if not obcls in jdata["personObjectClassTypes"]:
jdata["personObjectClassTypes"].append(obcls)
change = True
if not obcls in jdata["personObjectClassDisplayNames"]:
jdata["personObjectClassDisplayNames"].append(obcls)
change = True
if change:
print "changing"
jstr = json.dumps(jdata)
r = self.conn.modify(dn, {'oxTrustConfApplication': [MODIFY_REPLACE, jstr]})
if not r:
return False, self.conn.result['description']
return True, ''
def wizard_step2(self):
tid = self.request.id
setup_prop = get_setup_properties()
server = Server.query.filter_by(primary_server=True).first()
app_conf = AppConfiguration.query.first()
c = RemoteClient(server.hostname, ip=server.ip)
wlogger.log(tid, "Making SSH Connection")
try:
c.startup()
wlogger.log(tid, "SSH connection established", 'success')
except:
wlogger.log(tid, "Can't establish SSH connection", 'fail')
wlogger.log(tid, "Ending changing name.", 'error')
return
name_changer = ChangeGluuHostname(
old_host=server.hostname,
new_host=app_conf.nginx_host,
cert_city=setup_prop['city'],
cert_mail=setup_prop['admin_email'],
cert_state=setup_prop['state'],
cert_country=setup_prop['countryCode'],
server=server.hostname,
ip_address=server.ip,
ldap_password=setup_prop['ldapPass'],
os_type=server.os,
gluu_version=app_conf.gluu_version,
local=False,
)
name_changer.logger_tid = tid
r = name_changer.startup()
if not r:
wlogger.log(tid, "Name changer can't be started", 'fail')
wlogger.log(tid, "Ending changing name.", 'error')
return
wlogger.log(tid, "Cahnging LDAP Applience configurations")
name_changer.change_appliance_config()
wlogger.log(tid, "LDAP Applience configurations were changed", 'success')
wlogger.log(tid, "Cahnging LDAP Clients entries")
name_changer.change_clients()
wlogger.log(tid, "LDAP Applience Clients entries were changed", 'success')
wlogger.log(tid, "Cahnging LDAP Uma entries")
name_changer.change_uma()
wlogger.log(tid, "LDAP Applience Uma entries were changed", 'success')
wlogger.log(tid, "Modifying SAML & Passport")
name_changer.modify_saml_passport()
wlogger.log(tid, "SAML & Passport were changed", 'success')
wlogger.log(tid, "Reconfiguring http")
name_changer.change_httpd_conf()
wlogger.log(tid, " LDAP Applience Uma entries were changed", 'success')
wlogger.log(tid, "Creating certificates")
name_changer.create_new_certs()
wlogger.log(tid, "Changing /etc/hostname")
name_changer.change_host_name()
wlogger.log(tid, "/etc/hostname was changed", 'success')
wlogger.log(tid, "Modifying /etc/hosts")
name_changer.modify_etc_hosts()
wlogger.log(tid, "/etc/hosts was modified", 'success')
name_changer.installer.restart_gluu()
def install_gluu(server_id):
"""Gluu server installation view. This function creates setup.properties
file and redirects to install_gluu_server which does actual installation.
"""
# If current server is not primary server, first we should identify
# primary server. If primary server is not installed then redirect
# to home to install primary.
pserver = Server.query.filter_by(primary_server=True).first()
if not pserver:
flash(
"Please identify primary server before starting to install Gluu "
"Server.", "warning")
return redirect(url_for('index.home'))
server = Server.query.get(server_id)
# We need os type to perform installation. If it was not identified,
# return to home and wait until it is identifed.
if not server.os:
flash("Server OS version hasn't been identified yet. Checking Now",
"warning")
collect_server_details.delay(server_id)
return redirect(url_for('index.home'))
# If current server is not primary server, and primary server was installed,
# start installation by redirecting to cluster.install_gluu_server
if not server.primary_server:
return redirect(
url_for('cluster.install_gluu_server', server_id=server_id))
# If we come up here, it is primary server and we will ask admin which
# components will be installed. So prepare form by InstallServerForm
appconf = AppConfiguration.query.first()
form = InstallServerForm()
# We don't require these for server installation. These fields are required
# for adding new server.
del form.hostname
del form.ip_address
del form.ldap_password
header = 'Install Gluu Server on {0}'.format(server.hostname)
# Get default setup properties.
setup_prop = get_setup_properties()
setup_prop['hostname'] = appconf.nginx_host
setup_prop['ip'] = server.ip
setup_prop['ldapPass'] = server.ldap_password
#required for inum fields
#if request.method == 'POST':
# if not form.inumOrg.data.strip():
# inumOrg, inumAppliance = get_inums()
# form.inumOrg.data = inumOrg
# form.inumAppliance.data = inumAppliance
# If form is submitted and validated, create setup.properties file.
if form.validate_on_submit():
setup_prop['countryCode'] = form.countryCode.data.strip()
setup_prop['state'] = form.state.data.strip()
setup_prop['city'] = form.city.data.strip()
setup_prop['orgName'] = form.orgName.data.strip()
setup_prop['admin_email'] = form.admin_email.data.strip()
setup_prop['application_max_ram'] = str(form.application_max_ram.data)
setup_prop['inumOrg'], setup_prop['inumAppliance'] = get_inums()
#setup_prop['inumOrg'] = form.inumOrg.data.strip()
#setup_prop['inumAppliance'] = form.inumAppliance.data.strip()
for o in (
'installOxAuth',
'installOxTrust',
'installLDAP',
'installHTTPD',
'installJce',
'installSaml',
'installOxAuthRP',
'installPassport',
'ldap_type',
'application_max_ram',
):
setup_prop[o] = getattr(form, o).data
write_setup_properties_file(setup_prop)
# Redirect to cluster.install_gluu_server to start installation.
return redirect(
url_for('server.confirm_setup_properties', server_id=server_id))
#return redirect(url_for('cluster.install_gluu_server',
# server_id=server_id))
# If this view is requested, rather than post, display form to
# admin to determaine which elements to be installed.
if request.method == 'GET':
form.countryCode.data = setup_prop['countryCode']
form.state.data = setup_prop['state']
form.city.data = setup_prop['city']
form.orgName.data = setup_prop['orgName']
form.admin_email.data = setup_prop['admin_email']
form.application_max_ram.data = setup_prop['application_max_ram']
#form.inumOrg.data = setup_prop['inumOrg']
#form.inumAppliance.data = setup_prop['inumAppliance']
for o in (
'installOxAuth',
'installOxTrust',
'installLDAP',
'installHTTPD',
'installJce',
'installSaml',
'installOxAuthRP',
'installPassport',
'ldap_type',
'application_max_ram',
):
getattr(form, o).data = setup_prop.get(o, '')
# if appconf.gluu_version < '3.1.2':
# print "removeing opendj"
# form.ldap_type.choices.remove(('opendj', 'OpenDJ'))
# form.ldap_type.data = 'openldap'
setup_properties_form = SetupPropertiesLastForm()
return render_template('new_server.html',
form=form,
server_id=server_id,
setup_properties_form=setup_properties_form,
header=header)
def edit_attribute():
server = Server.query.filter_by(primary_server=True).first()
appconf = AppConfiguration.query.first()
editing = request.args.get('oid')
syntax_file = os.path.join(app.config["DATA_DIR"], 'syntaxes.json')
setup_prop = get_setup_properties()
inumOrg = setup_prop['inumOrg']
inumOrgFN = inumOrg.replace('@', '').replace('!', '').replace('.', '')
ldp = getLdapConn(server.hostname, "cn=directory manager",
server.ldap_password)
if not os.path.exists(syntax_file):
ldap_response = ldp.getSyntaxes()
attr_list = []
for ats in ldap_response[0]['attributes']['ldapSyntaxes']:
a = AttributeType(str(ats))
attr_list.append((a.oid, a.desc))
with open(syntax_file, 'w') as sf:
json.dump(attr_list, sf)
else:
attr_list = json.loads(open(syntax_file).read())
form = LdapSchema()
form.syntax.choices = attr_list
if request.method == 'GET':
if editing:
a_s = ldp.getAttributebyOID(editing)
if a_s:
a = AttributeType(str(a_s))
form.oid.data = a.oid
form.names.data = ' '.join(a.names)
form.desc.data = a.desc
form.syntax_len.data = a.syntax_len
form.syntax.data = a.syntax
form.single_value.data = a.single_value
form.collective.data = a.collective
if a.substr:
form.substr.data = a.substr
if a.equality:
form.equality.data = a.equality
if a.ordering:
form.ordering.data = a.ordering
if request.method == 'POST':
if form.validate_on_submit():
oid = form.oid.data
if not oid:
if not appconf.attribute_oid:
appconf.attribute_oid = 100
oid_postfix = appconf.attribute_oid
oid = '1.3.6.1.4.1.48710.1.5.{}'.format(oid_postfix)
appconf.attribute_oid += 1
db.session.commit()
names = form.names.data.strip().replace(' ', '')
x_origin = inumOrgFN
desc = form.desc.data.strip()
syntax_len = form.syntax_len.data
syntax = form.syntax.data
substr = form.substr.data
single_value = form.single_value.data
collective = form.collective.data
equality = form.equality.data
ordering = form.ordering.data
a = AttributeType()
a = AttributeType()
a.oid = str(oid)
a.names = (str(names), )
a.syntax = str(syntax)
a.x_origin = str(x_origin)
a.desc = str(desc)
a.sup = ()
a.equality = str(equality)
a.substr = str(substr)
a.single_value = single_value
a.x_ordered = ''
a.ordering = str(ordering)
a.syntax_len = syntax_len
a.collective = collective
a.no_user_mod = False
a.usage = False
a.obsolete = False
result = ldp.addAttribute(a, editing, appconf.object_class_base)
if not result[0]:
flash(result[1], 'danger')
else:
flash('Attribute {} was added'.format(names), 'success')
r = ldp.addAtributeToObjectClass(appconf.object_class_base,
names)
if r[0]:
flash(
'Attribute {} was added to object class {}'.format(
names, appconf.object_class_base), 'success')
return redirect(url_for('attributes.home'))
else:
flash(
'Could not add attribute {} to object class {}. Reason: {}'
.format(names, appconf.object_class_base,
r[1]), 'danger')
return render_template('schema_form.html', form=form)
def home():
cfg_file = app.config["AUTH_CONFIG_FILE"]
oxd_file_config = app.config["OXD_CLIENT_CONFIG_FILE"]
if not os.path.exists(cfg_file):
if not os.path.exists(oxd_file_config):
return redirect(url_for('auth.signup'))
if not current_user.is_authenticated:
return redirect(url_for("auth.login", next='/'))
"""This is the home view --dashboard--"""
if 'nongluuldapinfo' in session:
del session['nongluuldapinfo']
try:
appconf = AppConfiguration.query.first()
except:
return render_template('index_nodb.html')
if not appconf:
return render_template('intro.html', setup='cluster')
servers = Server.query.all()
if not servers:
return render_template('intro.html', setup='server')
ask_passphrase = False
logger.debug("Checking if primary server is reachable with ssh")
c = RemoteClient(servers[0].ip, servers[0].hostname)
try:
c.startup()
except ClientNotSetupException as e:
if str(e) == 'Pubkey is encrypted.':
ask_passphrase = True
flash(
"Pubkey seems to password protected. "
"Please set passphrase.", 'warning')
elif str(e) == 'Could not deserialize key data.':
ask_passphrase = True
flash(
"Password you provided for pubkey did not work. "
"Please set valid passphrase.", 'warning')
else:
flash(
"SSH connection to {} failed. Please check if your pub key is "
"added to /root/.ssh/authorized_keys on this server. Reason: {}"
.format(servers[0].hostname, e), 'error')
if ask_passphrase:
return render_template(
'index_passphrase.html',
e=e,
ask_passphrase=ask_passphrase,
next='/',
warning_text="Error accessing primary server")
server_id_list = [str(server.id) for server in servers]
services = ['oxauth', 'identity']
prop = get_setup_properties()
if as_boolean(prop['installSaml']):
services.append('shib')
if as_boolean(prop['installPassport']):
services.append('passport')
service_update_period = 300
if appconf.ldap_update_period:
service_update_period = appconf.ldap_update_period
if appconf.ldap_update_period_unit != 's':
service_update_period = service_update_period * 60
return render_template('dashboard.html',
servers=servers,
app_conf=appconf,
services=services,
server_id_list=server_id_list,
service_update_period=service_update_period)
def wizard_step1(self):
"""Celery task that collects information about server.
:param self: the celery task
:return: the number of servers where both stunnel and redis were installed
successfully
"""
tid = self.request.id
wlogger.log(tid, "Analayzing Current Server")
server = Server.query.filter_by(primary_server=True).first()
app_conf = AppConfiguration.query.first()
c = RemoteClient(server.hostname, ip=server.ip)
try:
c.startup()
wlogger.log(tid, "SSH connection established", 'success')
except:
wlogger.log(tid, "Can't establish SSH connection", 'fail')
wlogger.log(tid, "Ending analyzation of server.", 'error')
return
os_type = get_os_type(c)
server.os = os_type
wlogger.log(tid, "OS type was determined as {}".format(os_type), 'debug')
gluu_version = None
#Determine if a version of gluu server was installed.
r = c.listdir("/opt")
if r[0]:
for s in r[1]:
m = re.search(
'gluu-server-(?P<gluu_version>(\d+).(\d+).(\d+)(.\d+)?)$', s)
if m:
gluu_version = m.group("gluu_version")
app_conf.gluu_version = gluu_version
wlogger.log(
tid,
"Gluu version was determined as {}".format(gluu_version),
'debug')
if not gluu_version:
wlogger.log(tid, "Gluu server was not installed on this server",
'fail')
wlogger.log(tid, "Ending analyzation of server.", 'error')
return
gluu_path = '/opt/gluu-server-{}'.format(gluu_version)
server.gluu_server = True
setup_properties_last = os.path.join(
gluu_path, 'install/community-edition-setup/setup.properties.last')
setup_properties_local = os.path.join(Config.DATA_DIR, 'setup.properties')
result = c.download(setup_properties_last, setup_properties_local)
prop = get_setup_properties()
prop['hostname'] = app_conf.nginx_host
write_setup_properties_file(prop)
if not result.startswith('Download successful'):
wlogger.log(tid, result, 'fail')
wlogger.log(tid, "Ending analyzation of server.", 'error')
return
wlogger.log(tid, "setup.properties file was downloaded", 'debug')
server.ldap_password = prop['ldapPass']
wlogger.log(tid, "LDAP Bind password was identifed", 'success')
db.session.commit()
def multi_master_replication():
"""Multi Master Replication view for OpenLDAP"""
# Check if replication user (dn) and password has been configured
app_config = AppConfiguration.query.first()
ldaps = Server.query.all()
primary_server = Server.query.filter_by(primary_server=True).first()
if not app_config:
flash(
"Repication user and/or password has not been defined."
" Please go to 'Configuration' and set these before proceed.",
"warning")
return redirect(url_for('index.home'))
if not ldaps:
flash("Servers has not been added. " "Please add servers", "warning")
return redirect(url_for('index.home'))
ldap_errors = []
prop = get_setup_properties()
if prop['ldap_type'] == 'openldap':
serverStats = {}
# Collect replication information for all configured servers
for ldp in ldaps:
s = LdapOLC("ldaps://{0}:1636".format(ldp.hostname), "cn=config",
ldp.ldap_password)
r = None
try:
r = s.connect()
except Exception as e:
ldap_errors.append(
"Connection to LDAPserver {0} at port 1636 was failed:"
" {1}".format(ldp.hostname, e))
if r:
sstat = s.getMMRStatus()
if sstat['server_id']:
serverStats[ldp.hostname] = sstat
# If there is no ldap server, return to home
if not ldaps:
flash("Please add ldap servers.", "warning")
return redirect(url_for('index.home'))
return render_template(
'multi_master.html',
ldapservers=ldaps,
serverStats=serverStats,
ldap_errors=ldap_errors,
replication_status=sstat[primary_server.id],
)
else:
rep_status = get_opendj_replication_status()
stat = ''
if not rep_status[0]:
flash(rep_status[1], "warning")
else:
stat = rep_status[1]
return render_template(
'opendjmmr.html',
servers=ldaps,
stat=stat,
app_conf=app_config,
)
def wizard_step1(self):
"""Celery task that collects information about server.
:param self: the celery task
:return: the number of servers where both stunnel and redis were installed
successfully
"""
tid = self.request.id
wlogger.log(tid, "Analayzing Current Server")
server = Server.query.filter_by(primary_server=True).first()
app_conf = AppConfiguration.query.first()
c = RemoteClient(server.hostname, ip=server.ip)
try:
c.startup()
wlogger.log(tid, "SSH connection established", 'success')
except:
wlogger.log(tid, "Can't establish SSH connection",'fail')
wlogger.log(tid, "Ending analyzation of server.", 'error')
return
os_type = get_os_type(c)
server.os = os_type
wlogger.log(tid, "OS type was determined as {}".format(os_type), 'debug')
gluu_path_version = None
oxauth_version = None
#Determine if a version of gluu server was installed.
r = c.listdir("/opt")
if r[0]:
for s in r[1]:
m=re.search('gluu-server-(?P<gluu_version>(\d+).(\d+).(\d+)(.\d+)?)$',s)
if m:
gluu_path_version = m.group("gluu_version")
wlogger.log(tid, "Gluu path was determined as gluu-server-{}".format(
gluu_path_version), 'debug')
oxauth_path = '/opt/gluu-server-{0}/opt/gluu/jetty/oxauth/webapps/oxauth.war'.format(gluu_path_version)
try:
result = c.run('''python -c "import zipfile;zf=zipfile.ZipFile('{}','r');print zf.read('META-INF/MANIFEST.MF')"'''.format(oxauth_path))
menifest = result[1]
for l in menifest.split('\n'):
ls = l.strip()
if 'Implementation-Version:' in ls:
version = ls.split(':')[1].strip()
oxauth_version = '.'.join(version.split('.')[:3])
wlogger.log(tid, "oxauth version was determined as {}".format(
oxauth_version), 'debug')
app_conf.gluu_version = oxauth_version
break
except:
pass
if not oxauth_version:
wlogger.log(tid, "Error determining oxauth version.", 'debug')
wlogger.log(tid, "Setting gluu version to path version", 'debug')
app_conf.gluu_version = gluu_path_version
if not gluu_path_version:
wlogger.log(tid, "Gluu server was not installed on this server",'fail')
wlogger.log(tid, "Ending analyzation of server.", 'error')
return
gluu_path = '/opt/gluu-server-{}'.format(gluu_path_version)
server.gluu_server = True
setup_properties_last = os.path.join(gluu_path,
'install/community-edition-setup/setup.properties.last')
setup_properties_local = os.path.join(Config.DATA_DIR, 'setup.properties')
result = c.download(setup_properties_last, setup_properties_local)
prop = get_setup_properties()
prop['hostname'] = app_conf.nginx_host
write_setup_properties_file(prop)
if not result.startswith('Download successful'):
wlogger.log(tid, result,'fail')
wlogger.log(tid, "Ending analyzation of server.", 'error')
return
wlogger.log(tid, "setup.properties file was downloaded", 'debug')
server.ldap_password = prop['ldapPass']
wlogger.log(tid, "LDAP Bind password was identifed", 'success')
db.session.commit()
def wizard_step2(self):
tid = self.request.id
setup_prop = get_setup_properties()
server = Server.query.filter_by(primary_server=True).first()
app_conf = AppConfiguration.query.first()
gluu_path_version = None
c = RemoteClient(server.hostname, ip=server.ip)
wlogger.log(tid, "Making SSH Connection")
try:
c.startup()
wlogger.log(tid, "SSH connection established", 'success')
except:
wlogger.log(tid, "Can't establish SSH connection",'fail')
wlogger.log(tid, "Ending changing name.", 'error')
return
r = c.listdir("/opt")
if r[0]:
for s in r[1]:
m=re.search('gluu-server-(?P<gluu_version>(\d+).(\d+).(\d+)(.\d+)?)$',s)
if m:
gluu_path_version = m.group("gluu_version")
if not gluu_path_version:
wlogger.log(tid, "Error determining version from path", 'error')
if gluu_path_version != app_conf.gluu_version:
wlogger.log(tid, "Changing path to match oxauth version")
if server.os in ('CentOS 7', 'RHEL 7'):
server_bin = '/sbin/gluu-serverd-{0}'.format(gluu_path_version)
cmd = server_bin + ' stop'
wlogger.log(tid, "Executing " + cmd, 'debug')
c.run(cmd)
time.sleep(10)
cmd_list = [
server_bin + ' disable',
'mv /sbin/gluu-serverd-{0} /sbin/gluu-serverd-{1}'.format(gluu_path_version, app_conf.gluu_version),
'sed -i "s/GLUU_VERSION={0}/GLUU_VERSION={1}/" /sbin/gluu-serverd-{1}'.format(gluu_path_version, app_conf.gluu_version),
'cd /var/lib/container/ && ln -s /opt/gluu-server-{1} gluu_server_{1} && rm gluu_server_{0}'.format(gluu_path_version, app_conf.gluu_version),
'mv /usr/lib/systemd/system/systemd-nspawn\@gluu_server_{0}.service /usr/lib/systemd/system/systemd-nspawn\@gluu_server_{1}.service'.format(gluu_path_version, app_conf.gluu_version),
'mv /opt/gluu-server-{0} /opt/gluu-server-{1}'.format(gluu_path_version, app_conf.gluu_version),
'/sbin/gluu-serverd-{0} enable'.format(app_conf.gluu_version),
'/sbin/gluu-serverd-{0} start'.format(app_conf.gluu_version),
]
for cmd in cmd_list:
wlogger.log(tid, "Executing " + cmd, 'debug')
c.run(cmd)
#wait server to start
time.sleep(30)
run_cmd , cmd_chroot = get_run_cmd(server)
makeOpenDjListenIpAddr(tid, c, cmd_chroot, run_cmd, server)
name_changer = ChangeGluuHostname(
old_host = server.hostname,
new_host = app_conf.nginx_host,
cert_city = setup_prop['city'],
cert_mail = setup_prop['admin_email'],
cert_state = setup_prop['state'],
cert_country = setup_prop['countryCode'],
server = server.hostname,
ip_address = server.ip,
ldap_password = setup_prop['ldapPass'],
os_type = server.os,
gluu_version = app_conf.gluu_version,
local=False,
)
name_changer.logger_tid = tid
r = name_changer.startup()
if not r:
wlogger.log(tid, "Name changer can't be started",'fail')
wlogger.log(tid, "Ending changing name.", 'error')
return
wlogger.log(tid, "Cahnging LDAP Applience configurations")
name_changer.change_appliance_config()
wlogger.log(tid, "LDAP Applience configurations were changed", 'success')
wlogger.log(tid, "Cahnging LDAP Clients entries")
name_changer.change_clients()
wlogger.log(tid, "LDAP Applience Clients entries were changed", 'success')
wlogger.log(tid, "Cahnging LDAP Uma entries")
name_changer.change_uma()
wlogger.log(tid, "LDAP Applience Uma entries were changed", 'success')
wlogger.log(tid, "Modifying SAML & Passport")
name_changer.modify_saml_passport()
wlogger.log(tid, "SAML & Passport were changed", 'success')
wlogger.log(tid, "Reconfiguring http")
name_changer.change_httpd_conf()
wlogger.log(tid, " LDAP Applience Uma entries were changed", 'success')
wlogger.log(tid, "Creating certificates")
name_changer.create_new_certs()
wlogger.log(tid, "Changing /etc/hostname")
name_changer.change_host_name()
wlogger.log(tid, "/etc/hostname was changed", 'success')
wlogger.log(tid, "Modifying /etc/hosts")
name_changer.modify_etc_hosts()
wlogger.log(tid, "/etc/hosts was modified", 'success')
name_changer.installer.restart_gluu()
