def install_nginx_service(options, conf=None): if conf is None: conf = waptserver.config.load_config(options.configfile) print("register nginx frontend") repository_path = os.path.join(wapt_root_dir, 'waptserver', 'repository') for repo_path in ('wapt', 'wapt-host', 'waptwua'): mkdir_p(os.path.join(repository_path, repo_path)) run(r'icacls "%s" /grant "*S-1-5-20":(OI)(CI)(M)' % os.path.join(repository_path, repo_path)) mkdir_p(os.path.join(wapt_root_dir, 'waptserver', 'nginx', 'temp')) run(r'icacls "%s" /grant "*S-1-5-20":(OI)(CI)(M)' % (os.path.join(wapt_root_dir, 'waptserver', 'nginx', 'temp'))) run(r'icacls "%s" /grant "*S-1-5-20":(OI)(CI)(M)' % os.path.join(wapt_root_dir, 'waptserver', 'nginx', 'logs')) make_nginx_config(wapt_root_dir, conf['wapt_folder'], force=options.force) service_binary = os.path.abspath( os.path.join(wapt_root_dir, 'waptserver', 'nginx', 'nginx.exe')) service_parameters = '' service_logfile = os.path.join(log_directory, 'nssm_nginx.log') service_name = 'WAPTNginx' if setuphelpers.service_installed( service_name) and setuphelpers.service_is_running(service_name): setuphelpers.service_stop(service_name) #print('Register "%s" in registry' % service_name) install_windows_nssm_service(service_name, service_binary, service_parameters, service_logfile) time.sleep(5) if setuphelpers.service_installed( service_name ) and not setuphelpers.service_is_running(service_name): setuphelpers.service_start(service_name)
def install_nginx_service(options,conf=None): if conf is None: conf = waptserver.config.load_config(options.configfile) print("register nginx frontend") repository_path = os.path.join(wapt_root_dir,'waptserver','repository') for repo_path in ('wapt','wapt-host','waptwua'): mkdir_p(os.path.join(repository_path,repo_path)) run(r'icacls "%s" /grant "*S-1-5-20":(OI)(CI)(M)' % os.path.join(repository_path,repo_path)) mkdir_p(os.path.join(wapt_root_dir,'waptserver','nginx','temp')) run(r'icacls "%s" /grant "*S-1-5-20":(OI)(CI)(M)' % (os.path.join(wapt_root_dir,'waptserver','nginx','temp'))) run(r'icacls "%s" /grant "*S-1-5-20":(OI)(CI)(M)' % os.path.join(wapt_root_dir,'waptserver','nginx','logs')) run(r'icacls "%s" /grant "*S-1-5-20":(OI)(CI)(M)' % os.path.join(wapt_root_dir,'log')) make_nginx_config(wapt_root_dir, conf['wapt_folder'],force=options.force) service_binary = os.path.abspath(os.path.join(wapt_root_dir,'waptserver','nginx','nginx.exe')) service_parameters = '' service_logfile = os.path.join(log_directory, 'nssm_nginx.log') service_name = 'WAPTNginx' if setuphelpers.service_installed(service_name) and setuphelpers.service_is_running(service_name): setuphelpers.service_stop(service_name) #print('Register "%s" in registry' % service_name) install_windows_nssm_service(service_name,service_binary,service_parameters,service_logfile) time.sleep(5) if setuphelpers.service_installed(service_name) and not setuphelpers.service_is_running(service_name): setuphelpers.service_start(service_name)
def install_wapttasks_service(options, conf=None): if setuphelpers.service_installed('WAPTTasks'): if setuphelpers.service_is_running('WAPTTasks'): setuphelpers.service_stop('WAPTTasks') setuphelpers.service_delete('WAPTTasks') if conf is None: conf = waptserver.config.load_config(options.configfile) print("install wapttasks") service_binary = os.path.abspath( os.path.join(wapt_root_dir, 'waptpython.exe')) service_parameters = '"%s" %s' % (os.path.join( wapt_root_dir, 'waptserver', 'wapthuey.py'), 'tasks_common.huey -w 2') service_logfile = os.path.join(log_directory, 'nssm_wapttasks.log') service_dependencies = 'WAPTPostgresql' install_windows_nssm_service('WAPTTasks', service_binary, service_parameters, service_logfile, service_dependencies) tasks_db = os.path.join(wapt_root_dir, 'db') setuphelpers.run(r'icacls "%s" /grant "*S-1-5-20":(OI)(CI)(M)' % tasks_db) if setuphelpers.service_installed('WAPTTasks'): if not setuphelpers.service_is_running('WAPTTasks'): setuphelpers.service_start('WAPTTasks')
def install_windows_service(): """Setup waptserver as a windows Service managed by nssm >>> install_windows_service() """ import setuphelpers from setuphelpers import registry_set, REG_DWORD, REG_EXPAND_SZ, REG_MULTI_SZ, REG_SZ datatypes = {"dword": REG_DWORD, "sz": REG_SZ, "expand_sz": REG_EXPAND_SZ, "multi_sz": REG_MULTI_SZ} if setuphelpers.service_installed("waptserver"): if setuphelpers.service_is_running("waptserver"): logger.info("Stop running waptserver") setuphelpers.run("net stop waptserver") while setuphelpers.service_is_running("waptserver"): logger.debug("Waiting for waptserver to terminate") time.sleep(2) logger.info("Unregister existing waptserver") setuphelpers.run("sc delete waptserver") if setuphelpers.iswin64(): nssm = os.path.join(wapt_root_dir, "waptservice", "win64", "nssm.exe") else: nssm = os.path.join(wapt_root_dir, "waptservice", "win32", "nssm.exe") logger.info("Register new waptserver with nssm") setuphelpers.run( '"{nssm}" install WAPTServer "{waptpython}" ""{waptserverpy}""'.format( waptpython=os.path.abspath(os.path.join(wapt_root_dir, "waptpython.exe")), nssm=nssm, waptserverpy=os.path.abspath(__file__), ) ) # fix some parameters (quotes for path with spaces... params = { "Description": "sz:Wapt test server", "DelayedAutostart": 1, "DisplayName": "sz:WAPTServer", "AppStdout": r"expand_sz:{}".format(os.path.join(log_directory, "waptserver.log")), "Parameters\\AppStderr": r"expand_sz:{}".format(os.path.join(log_directory, "waptserver.log")), "Parameters\\AppParameters": r'expand_sz:"{}"'.format(os.path.abspath(__file__)), } root = setuphelpers.HKEY_LOCAL_MACHINE base = r"SYSTEM\CurrentControlSet\services\WAPTServer" for key in params: if isinstance(params[key], int): (valuetype, value) = ("dword", params[key]) elif ":" in params[key]: (valuetype, value) = params[key].split(":", 1) if valuetype == "dword": value = int(value) else: (valuetype, value) = ("sz", params[key]) fullpath = base + "\\" + key (path, keyname) = fullpath.rsplit("\\", 1) if keyname == "@" or keyname == "": keyname = None registry_set(root, path, keyname, value, type=datatypes[valuetype])
def install_wapttasks_service(options,conf=None): if setuphelpers.service_installed('WAPTTasks'): if setuphelpers.service_is_running('WAPTTasks'): setuphelpers.service_stop('WAPTTasks') setuphelpers.service_delete('WAPTTasks') if conf is None: conf = waptserver.config.load_config(options.configfile) print("install wapttasks") service_binary = os.path.abspath(os.path.join(wapt_root_dir,'waptpython.exe')) service_parameters = '"%s" %s' % (os.path.join(wapt_root_dir,'waptserver','wapthuey.py'),'waptenterprise.waptserver.wsus_tasks.huey -w 2') service_logfile = os.path.join(log_directory, 'nssm_wapttasks.log') service_dependencies = 'WAPTPostgresql' install_windows_nssm_service('WAPTTasks',service_binary,service_parameters,service_logfile,service_dependencies) tasks_db = os.path.join(wapt_root_dir,'db') setuphelpers.run(r'icacls "%s" /grant "*S-1-5-20":(OI)(CI)(M)' % tasks_db) if setuphelpers.service_installed('WAPTTasks'): if not setuphelpers.service_is_running('WAPTTasks'): setuphelpers.service_start('WAPTTasks')
def install_windows_nssm_service(service_name, service_binary, service_parameters, service_logfile, service_dependencies=None): """Setup a program as a windows Service managed by nssm >>> install_windows_nssm_service("WAPTServer", os.path.abspath(os.path.join(wapt_root_dir,'waptpython.exe')), os.path.abspath(__file__), os.path.join(log_directory,'nssm_waptserver.log'), service_logfile, 'WAPTApache') """ import setuphelpers from setuphelpers import registry_set, REG_DWORD, REG_EXPAND_SZ, REG_MULTI_SZ, REG_SZ datatypes = { 'dword': REG_DWORD, 'sz': REG_SZ, 'expand_sz': REG_EXPAND_SZ, 'multi_sz': REG_MULTI_SZ, } if setuphelpers.service_installed(service_name): if not setuphelpers.service_is_stopped(service_name): logger.info('Stop running "%s"' % service_name) setuphelpers.run('net stop "%s" /yes' % service_name) while not setuphelpers.service_is_stopped(service_name): logger.debug('Waiting for "%s" to terminate' % service_name) time.sleep(2) logger.info('Unregister existing "%s"' % service_name) setuphelpers.run('sc delete "%s"' % service_name) if not setuphelpers.iswin64(): raise Exception('Windows 32bit install not supported') nssm = os.path.join(wapt_root_dir, 'waptservice', 'win64', 'nssm.exe') logger.info('Register service "%s" with nssm' % service_name) cmd = '"{nssm}" install "{service_name}" "{service_binary}" {service_parameters}'.format( nssm=nssm, service_name=service_name, service_binary=service_binary, service_parameters=service_parameters) logger.info('running command : %s' % cmd) setuphelpers.run(cmd) # fix some parameters (quotes for path with spaces... params = { 'Description': 'sz:%s' % service_name, 'DelayedAutostart': 1, 'DisplayName': 'sz:%s' % service_name, 'AppStdout': r'expand_sz:{}'.format(service_logfile), 'ObjectName': r'NT AUTHORITY\NetworkService', 'Parameters\\AppStderr': r'expand_sz:{}'.format(service_logfile), 'Parameters\\AppParameters': r'expand_sz:{}'.format(service_parameters), 'Parameters\\AppNoConsole': 1, } root = setuphelpers.HKEY_LOCAL_MACHINE base = r'SYSTEM\CurrentControlSet\services\%s' % service_name for key in params: if isinstance(params[key], int): (valuetype, value) = ('dword', params[key]) elif ':' in params[key]: (valuetype, value) = params[key].split(':', 1) if valuetype == 'dword': value = int(value) else: (valuetype, value) = ('sz', params[key]) fullpath = base + '\\' + key (path, keyname) = fullpath.rsplit('\\', 1) if keyname == '@' or keyname == '': keyname = None registry_set(root, path, keyname, value, type=datatypes[valuetype]) if service_dependencies: logger.info('Register dependencies for service "%s" with nssm : %s ' % (service_name, service_dependencies)) cmd = '"{nssm}" set "{service_name}" DependOnService {service_dependencies}'.format( nssm=nssm, service_name=service_name, service_dependencies=service_dependencies) logger.info('running command : %s' % cmd) setuphelpers.run(cmd)
def install_postgresql_service(options, conf=None): if conf is None: conf = waptserver.config.load_config(options.configfile) print("install postgres database") pgsql_root_dir = r'%s\waptserver\pgsql-9.6' % wapt_root_dir pgsql_data_dir = r'%s\waptserver\pgsql_data-9.6' % wapt_root_dir pgsql_data_dir = pgsql_data_dir.replace('\\', '/') print("build database directory") if not os.path.exists(os.path.join(pgsql_data_dir, 'postgresql.conf')): setuphelpers.mkdirs(pgsql_data_dir) # need to have specific write acls for current user otherwise initdb fails... setuphelpers.run(r'icacls "%s" /t /grant "%s":(OI)(CI)(M)' % (pgsql_data_dir, GetUserName())) setuphelpers.run(r'"%s\bin\initdb" -U postgres -E=UTF8 -D "%s"' % (pgsql_root_dir, pgsql_data_dir)) setuphelpers.run(r'icacls "%s" /t /grant "*S-1-5-20":(OI)(CI)(M)' % pgsql_data_dir) print("start postgresql database") if setuphelpers.service_installed('WaptPostgresql'): if setuphelpers.service_is_running('WaptPostgresql'): setuphelpers.service_stop('waptPostgresql') setuphelpers.service_delete('waptPostgresql') cmd = r'"%s\bin\pg_ctl" register -N WAPTPostgresql -U "nt authority\networkservice" -S auto -D "%s" ' % ( pgsql_root_dir, pgsql_data_dir) print cmd run(cmd) setuphelpers.run(r'icacls "%s" /grant "*S-1-5-20":(OI)(CI)(M)' % log_directory) setuphelpers.run(r'icacls "%s" /grant "*S-1-5-20":(OI)(CI)(M)' % pgsql_data_dir) else: print("database already instanciated, doing nothing") # try to migrate from old version (pg 9.4, wapt 1.5) old_pgsql_root_dir = r'%s\waptserver\pgsql' % wapt_root_dir old_pgsql_data_dir = r'%s\waptserver\pgsql_data' % wapt_root_dir old_pgsql_data_dir = old_pgsql_data_dir.replace('\\', '/') if os.path.isdir(old_pgsql_data_dir) and os.path.isdir(old_pgsql_root_dir): print('migrating database from previous postgresql DB') migrate_pg_db(old_pgsql_root_dir, old_pgsql_data_dir, pgsql_root_dir, pgsql_data_dir) print('starting postgresql') if not setuphelpers.service_is_running('waptpostgresql'): setuphelpers.service_start('waptpostgresql') # waiting for postgres to be ready time.sleep(2) print("creating wapt database") import psycopg2 from psycopg2.extensions import ISOLATION_LEVEL_AUTOCOMMIT conn = None cur = None try: conn = psycopg2.connect('dbname=template1 user=postgres') conn.set_isolation_level(ISOLATION_LEVEL_AUTOCOMMIT) cur = conn.cursor() cur.execute("select 1 from pg_roles where rolname='%(db_user)s'" % conf) val = cur.fetchone() if val is None: print( "%(db_user)s pgsql user does not exists, creating %(db_user)s user" % conf) cur.execute("create user %(db_user)s" % conf) cur.execute("select 1 from pg_database where datname='%(db_name)s'" % conf) val = cur.fetchone() if val is None: print( "database %(db_name)s does not exists, creating %(db_name)s db" % conf) cur.execute("create database %(db_name)s owner %(db_user)s" % conf) finally: if cur: cur.close() if conn: conn.close() print("Creating/upgrading wapt tables") run(r'"%s\waptpython.exe" "%s\waptserver\model.py" init_db -c "%s"' % (wapt_root_dir, wapt_root_dir, options.configfile)) print("Done") print('Import lcoal Packages data into database') repo = WaptLocalRepo(conf['wapt_folder']) load_db_config(conf) Packages.update_from_repo(repo)
def install_windows_nssm_service( service_name, service_binary, service_parameters, service_logfile, service_dependencies=None): """Setup a program as a windows Service managed by nssm >>> install_windows_nssm_service("WAPTServer", os.path.abspath(os.path.join(wapt_root_dir,'waptpython.exe')), os.path.abspath(__file__), os.path.join(log_directory,'nssm_waptserver.log'), service_logfile, 'WAPTApache') """ import setuphelpers from setuphelpers import registry_set, REG_DWORD, REG_EXPAND_SZ, REG_MULTI_SZ, REG_SZ datatypes = { 'dword': REG_DWORD, 'sz': REG_SZ, 'expand_sz': REG_EXPAND_SZ, 'multi_sz': REG_MULTI_SZ, } if setuphelpers.service_installed(service_name): if not setuphelpers.service_is_stopped(service_name): logger.info('Stop running "%s"' % service_name) setuphelpers.run('net stop "%s" /yes' % service_name) while not setuphelpers.service_is_stopped(service_name): logger.debug('Waiting for "%s" to terminate' % service_name) time.sleep(2) logger.info('Unregister existing "%s"' % service_name) setuphelpers.run('sc delete "%s"' % service_name) if not setuphelpers.iswin64(): raise Exception('Windows 32bit install not supported') nssm = os.path.join(wapt_root_dir, 'waptservice', 'win64', 'nssm.exe') logger.info('Register service "%s" with nssm' % service_name) cmd = '"{nssm}" install "{service_name}" "{service_binary}" {service_parameters}'.format( nssm=nssm, service_name=service_name, service_binary=service_binary, service_parameters=service_parameters ) logger.info('running command : %s' % cmd) setuphelpers.run(cmd) # fix some parameters (quotes for path with spaces... params = { 'Description': 'sz:%s' % service_name, 'DelayedAutostart': 1, 'DisplayName': 'sz:%s' % service_name, 'AppStdout': r'expand_sz:{}'.format(service_logfile), 'ObjectName': r'NT AUTHORITY\NetworkService', 'Parameters\\AppStderr': r'expand_sz:{}'.format(service_logfile), 'Parameters\\AppParameters': r'expand_sz:{}'.format(service_parameters), 'Parameters\\AppNoConsole': 1, } root = setuphelpers.HKEY_LOCAL_MACHINE base = r'SYSTEM\CurrentControlSet\services\%s' % service_name for key in params: if isinstance(params[key], int): (valuetype, value) = ('dword', params[key]) elif ':' in params[key]: (valuetype, value) = params[key].split(':', 1) if valuetype == 'dword': value = int(value) else: (valuetype, value) = ('sz', params[key]) fullpath = base + '\\' + key (path, keyname) = fullpath.rsplit('\\', 1) if keyname == '@' or keyname == '': keyname = None registry_set(root, path, keyname, value, type=datatypes[valuetype]) if service_dependencies: logger.info( 'Register dependencies for service "%s" with nssm : %s ' % (service_name, service_dependencies)) cmd = '"{nssm}" set "{service_name}" DependOnService {service_dependencies}'.format( nssm=nssm, service_name=service_name, service_dependencies=service_dependencies ) logger.info('running command : %s' % cmd) setuphelpers.run(cmd)
def install_waptserver_service(options,conf=None): if setuphelpers.service_installed('WAPTServer'): if setuphelpers.service_is_running('WAPTServer'): setuphelpers.service_stop('WAPTServer') setuphelpers.service_delete('WAPTServer') if conf is None: conf = waptserver.config.load_config(options.configfile) conf_dir = os.path.join(wapt_root_dir,'conf') if not os.path.isdir(conf_dir): os.makedirs(conf_dir) run(r'icacls "%s" /t /grant "*S-1-5-20":(OI)(CI)(M)' % conf_dir) print("install waptserver") service_binary = os.path.abspath(os.path.join(wapt_root_dir,'waptpython.exe')) service_parameters = '"%s"' % os.path.join(wapt_root_dir,'waptserver','server.py') service_logfile = os.path.join(log_directory, 'nssm_waptserver.log') service_dependencies = 'WAPTPostgresql' install_windows_nssm_service('WAPTServer',service_binary,service_parameters,service_logfile,service_dependencies) tasks_db = os.path.join(wapt_root_dir,'db') mkdir_p(tasks_db) setuphelpers.run(r'icacls "%s" /grant "*S-1-5-20":(OI)(CI)(M)' % tasks_db) if not conf.get('secret_key'): conf['secret_key'] = ''.join(random.SystemRandom().choice(string.letters + string.digits) for _ in range(64)) waptserver.config.write_config_file(options.configfile,conf) if options.setpassword: conf['wapt_password'] = pbkdf2_sha256.hash(base64.b64decode(options.setpassword).encode('utf8')) waptserver.config.write_config_file(options.configfile,conf) clients_signing_certificate = conf.get('clients_signing_certificate') clients_signing_key = conf.get('clients_signing_key') if not clients_signing_certificate or not clients_signing_key: clients_signing_certificate = os.path.join(wapt_root_dir,'conf','ca-%s.crt' % fqdn()) clients_signing_key = os.path.join(wapt_root_dir,'conf','ca-%s.pem' % fqdn()) conf['clients_signing_certificate'] = clients_signing_certificate conf['clients_signing_key'] = clients_signing_key waptserver.config.write_config_file(options.configfile,conf) if clients_signing_certificate is not None and clients_signing_key is not None and not os.path.isfile(clients_signing_certificate): print('Create a certificate and key for clients certificate signing') key = SSLPrivateKey(clients_signing_key) if not os.path.isfile(clients_signing_key): print('Create SSL RSA Key %s' % clients_signing_key) key.create() key.save_as_pem() crt = key.build_sign_certificate(cn=fqdn(),is_code_signing=False,is_ca=True) print('Create X509 cert %s' % clients_signing_certificate) crt.save_as_pem(clients_signing_certificate) # ensure Packages index repo = WaptLocalRepo(conf['wapt_folder']) repo.update_packages_index() if setuphelpers.service_installed('WAPTServer'): if not setuphelpers.service_is_running('WAPTServer'): setuphelpers.service_start('WAPTServer')
def install_postgresql_service(options,conf=None): if conf is None: conf = waptserver.config.load_config(options.configfile) print ("install postgres database") pgsql_root_dir = r'%s\waptserver\pgsql-9.6' % wapt_root_dir pgsql_data_dir = r'%s\waptserver\pgsql_data-9.6' % wapt_root_dir pgsql_data_dir = pgsql_data_dir.replace('\\','/') print ("about to build database directory") if setuphelpers.service_installed('waptpostgresql') and setuphelpers.service_is_running('waptpostgresql'): print('stopping postgresql') setuphelpers.service_stop('waptpostgresql') # waiting for postgres to be ready time.sleep(2) if not os.path.exists(os.path.join(pgsql_data_dir,'postgresql.conf')): setuphelpers.mkdirs(pgsql_data_dir) # need to have specific write acls for current user otherwise initdb fails... setuphelpers.run(r'icacls "%s" /t /grant "%s":(OI)(CI)(M)' % (pgsql_data_dir,GetUserName())) setuphelpers.run(r'"%s\bin\initdb" -U postgres -E=UTF8 -D "%s"' % (pgsql_root_dir,pgsql_data_dir)) setuphelpers.run(r'icacls "%s" /t /grant "*S-1-5-20":(OI)(CI)(M)' % pgsql_data_dir) else: print("database already instanciated, doing nothing") print("start postgresql database") if setuphelpers.service_installed('WaptPostgresql'): if setuphelpers.service_is_running('WaptPostgresql'): setuphelpers.service_stop('waptPostgresql') setuphelpers.service_delete('waptPostgresql') cmd = r'"%s\bin\pg_ctl" register -N WAPTPostgresql -U "nt authority\networkservice" -S auto -D "%s" ' % (pgsql_root_dir ,pgsql_data_dir) run(cmd) setuphelpers.run(r'icacls "%s" /grant "*S-1-5-20":(OI)(CI)(M)' % log_directory) setuphelpers.run(r'icacls "%s" /grant "*S-1-5-20":(OI)(CI)(M)' % pgsql_data_dir) # try to migrate from old version (pg 9.4, wapt 1.5) old_pgsql_root_dir = r'%s\waptserver\pgsql' % wapt_root_dir old_pgsql_data_dir = r'%s\waptserver\pgsql_data' % wapt_root_dir old_pgsql_data_dir = old_pgsql_data_dir.replace('\\','/') if os.path.isdir(old_pgsql_data_dir) and os.path.isdir(old_pgsql_root_dir): print('migrating database from previous postgresql DB') migrate_pg_db(old_pgsql_root_dir,old_pgsql_data_dir,pgsql_root_dir,pgsql_data_dir) print('starting postgresql') if not setuphelpers.service_is_running('waptpostgresql'): setuphelpers.service_start('waptpostgresql') # waiting for postgres to be ready time.sleep(2) print("checking wapt database") import psycopg2 from psycopg2.extensions import ISOLATION_LEVEL_AUTOCOMMIT conn = None cur = None try: conn = psycopg2.connect('dbname=template1 user=postgres') conn.set_isolation_level(ISOLATION_LEVEL_AUTOCOMMIT) cur = conn.cursor() cur.execute("select 1 from pg_roles where rolname='%(db_user)s'" % conf) val = cur.fetchone() if val is None: print("%(db_user)s pgsql user does not exists, creating %(db_user)s user" % conf) cur.execute("create user %(db_user)s" % conf) cur.execute("select 1 from pg_database where datname='%(db_name)s'" % conf) val = cur.fetchone() if val is None: print ("database %(db_name)s does not exists, creating %(db_name)s db" % conf) cur.execute("create database %(db_name)s owner %(db_user)s" % conf) finally: if cur: cur.close() if conn: conn.close() print("Creating/upgrading wapt db tables") run(r'"%s\waptpython.exe" "%s\waptserver\model.py" init_db -c "%s"' % (wapt_root_dir, wapt_root_dir, options.configfile )) print("Done") print('Import lcoal Packages data into database') repo = WaptLocalRepo(conf['wapt_folder']) load_db_config(conf) Packages.update_from_repo(repo)
def install_waptserver_service(options,conf=None): if setuphelpers.service_installed('WAPTServer'): if setuphelpers.service_is_running('WAPTServer'): setuphelpers.service_stop('WAPTServer') setuphelpers.service_delete('WAPTServer') if conf is None: conf = waptserver.config.load_config(options.configfile) conf_dir = os.path.join(wapt_root_dir,'conf') if not os.path.isdir(conf_dir): os.makedirs(conf_dir) run(r'icacls "%s" /t /grant "*S-1-5-20":(OI)(CI)(M)' % conf_dir) if not conf.get('server_uuid'): conf['server_uuid'] = str(uuid.uuid1()) waptserver.config.write_config_file(options.configfile,conf) print("install waptserver") service_binary = os.path.abspath(os.path.join(wapt_root_dir,'waptpython.exe')) service_parameters = '"%s"' % os.path.join(wapt_root_dir,'waptserver','server.py') service_logfile = os.path.join(log_directory, 'nssm_waptserver.log') service_dependencies = 'WAPTPostgresql' install_windows_nssm_service('WAPTServer',service_binary,service_parameters,service_logfile,service_dependencies) tasks_db = os.path.join(wapt_root_dir,'db') mkdir_p(tasks_db) setuphelpers.run(r'icacls "%s" /grant "*S-1-5-20":(OI)(CI)(M)' % tasks_db) if not conf.get('secret_key'): conf['secret_key'] = ''.join(random.SystemRandom().choice(string.letters + string.digits) for _ in range(64)) waptserver.config.write_config_file(options.configfile,conf) if options.setpassword: conf['wapt_password'] = pbkdf2_sha256.hash(base64.b64decode(options.setpassword).encode('utf8')) waptserver.config.write_config_file(options.configfile,conf) clients_signing_certificate = conf.get('clients_signing_certificate') clients_signing_key = conf.get('clients_signing_key') if not clients_signing_certificate or not clients_signing_key: clients_signing_certificate = os.path.join(wapt_root_dir,'conf','ca-%s.crt' % fqdn()) clients_signing_key = os.path.join(wapt_root_dir,'conf','ca-%s.pem' % fqdn()) conf['clients_signing_certificate'] = clients_signing_certificate conf['clients_signing_key'] = clients_signing_key waptserver.config.write_config_file(options.configfile,conf) if clients_signing_certificate is not None and clients_signing_key is not None and not os.path.isfile(clients_signing_certificate): print('Create a certificate and key for clients certificate signing') key = SSLPrivateKey(clients_signing_key) if not os.path.isfile(clients_signing_key): print('Create SSL RSA Key %s' % clients_signing_key) key.create() key.save_as_pem() crt = key.build_sign_certificate(cn=fqdn(),is_code_signing=False,is_ca=True) print('Create X509 cert %s' % clients_signing_certificate) crt.save_as_pem(clients_signing_certificate) # ensure Packages index repo = WaptLocalRepo(conf['wapt_folder']) repo.update_packages_index() #Migrate file for new version waptwua wuafolder = conf['waptwua_folder'] for (root,dirs,files) in list(os.walk(wuafolder,topdown=False)): if root == os.path.join(wuafolder,'.stfolder'): continue for f in files: oldpath = os.path.join(root,f) newpath = os.path.join(wuafolder,f) if os.path.isfile(newpath): continue print('Move %s --> %s' % (oldpath,newpath)) os.rename(oldpath,newpath) for d in dirs: if d == '.stfolder': continue print('Delete folder %s' % os.path.join(root,d)) shutil.rmtree(os.path.join(root,d)) if setuphelpers.service_installed('WAPTServer'): if not setuphelpers.service_is_running('WAPTServer'): setuphelpers.service_start('WAPTServer')
def install_postgresql_service(): print("install postgres database") pgsql_root_dir = r'%s\waptserver\pgsql' % wapt_root_dir pgsql_data_dir = r'%s\waptserver\pgsql_data' % wapt_root_dir pgsql_data_dir = pgsql_data_dir.replace('\\', '/') print("build database directory") if os.path.exists(os.path.join(pgsql_data_dir, 'postgresql.conf')): print("database already instanciated, doing nothing") # TODO: check that database is fully working and up to date # TODO: add a force option return print("init pgsql data directory") pg_data_dir = os.path.join(wapt_root_dir, 'waptserver', 'pgsql_data') setuphelpers.mkdirs(pg_data_dir) # need to have specific write acls for current user otherwise initdb fails... setuphelpers.run(r'icacls "%s" /t /grant "%s":(OI)(CI)(M)' % (pg_data_dir, GetUserName())) setuphelpers.run( r'"%s\waptserver\pgsql\bin\initdb" -U postgres -E=UTF8 -D "%s\waptserver\pgsql_data"' % (wapt_root_dir, wapt_root_dir)) setuphelpers.run(r'icacls "%s" /t /grant "*S-1-5-20":(OI)(CI)(M)' % pg_data_dir) print("start postgresql database") if setuphelpers.service_installed('WaptPostgresql'): if setuphelpers.service_is_running('WaptPostgresql'): setuphelpers.service_stop('waptPostgresql') setuphelpers.service_delete('waptPostgresql') cmd = r'"%s\bin\pg_ctl" register -N WAPTPostgresql -U "nt authority\networkservice" -S auto -D "%s" ' % ( pgsql_root_dir, os.path.join(wapt_root_dir, 'waptserver', 'pgsql_data')) print cmd run(cmd) setuphelpers.run(r'icacls "%s" /grant "*S-1-5-20":(OI)(CI)(M)' % log_directory) setuphelpers.run(r'icacls "%s" /grant "*S-1-5-20":(OI)(CI)(M)' % pgsql_data_dir) print('starting postgresql') run('net start waptpostgresql') #cmd = r"%s\bin\pg_ctl.exe -D %s start" % (pgsql_root_dir, pgsql_data_dir) #devnull = open(os.devnull,'wb') #print(subprocess.Popen(cmd,shell=True)) # waiting for postgres to be ready time.sleep(1) print("creating wapt database") import psycopg2 from psycopg2.extensions import ISOLATION_LEVEL_AUTOCOMMIT conn = psycopg2.connect('dbname=template1 user=postgres') conn.set_isolation_level(ISOLATION_LEVEL_AUTOCOMMIT) cur = conn.cursor() cur.execute("select 1 from pg_roles where rolname='wapt'") val = cur.fetchone() if val != 1: print("wapt pgsql user does not exists, creating wapt user") cur.execute("create user wapt") val = cur.execute("select 1 from pg_database where datname='wapt'") if val != 1: print("database wapt does not exists, creating wapt db") cur.execute(r"create extension hstore") cur.execute("create database wapt owner wapt") cur.close() conn.close() run(r'"%s\waptpython.exe" "%s\waptserver\waptserver_model.py" init_db' % (wapt_root_dir, wapt_root_dir)) time.sleep(1) setuphelpers.service_stop('waptpostgresql')