def __init__(self, *args, **kwargs): super(DbObject, self).__init__(*args, **kwargs) if self.db_type == "mysql": database_server = get_mysql_server()[0] if not self.app.db_server else self.app.db_server self.script = Script(database_server) elif self.db_type == "pgsql": database_server = get_pgsql_server()[0] if not self.app.db_server else self.app.db_server self.script = Script(database_server) if not self.app.db_server: self.app.db_server = database_server self.app.save()
class VirtMachineBackend(VirtMachine): class Meta: proxy = True def __init__(self, *args, **kwargs): super(VirtMachineBackend, self).__init__(*args, **kwargs) self.connection = VirtMachineConnection.objects.get(id=self.id) self.script = Script(self.core_server) def gen_token_config(self, exclude=None): content = [] for server in VirtMachineConnection.objects.filter(server=self.server): if exclude and server.id != exclude.id: content.append(("%s: 127.0.0.1:%d" % (server.token, server.vnc_port))) return content def install(self): self.gen_token_config() self.script.add_cmd("supervisorctl restart websockify") def uninstall(self): self.gen_token_config(self.id) self.script.add_cmd("supervisorctl restart websockify")
class VirtMachineBackend(VirtMachine): class Meta: proxy = True def __init__(self, *args, **kwargs): super(VirtMachineBackend, self).__init__(*args, **kwargs) self.connection = VirtMachineConnection.objects.get(id=self.id) self.script = Script(self.core_server) def gen_token_config(self, exclude=None): content = [] for server in VirtMachineConnection.objects.filter(server=self.server): if exclude and server.id != exclude.id: content.append( ("%s: 127.0.0.1:%d" % (server.token, server.vnc_port))) return content def install(self): self.gen_token_config() self.script.add_cmd("supervisorctl restart websockify") def uninstall(self): self.gen_token_config(self.id) self.script.add_cmd("supervisorctl restart websockify")
def handle(self, *args, **options): scripts = [Script(server) for server in get_load_balancers()] server = self.choose_server() for app in UserSite.objects.all(): print "...", app.main_domain.name app.core_server = server if app.ssl_mode == "both": for script in scripts: self.save_ssl_cert_key(server, app, script) script.commit(no_thread=True) for script in scripts: script.add_cmd("mkdir -p /etc/nginx/proxy.d/") script.add_file("/etc/nginx/proxy.d/oldapp_%.5d.conf" % app.id, "\n".join(self.gen_config(app, script.server_object.os) + self.gen_ssl_config(app, script.server_object.os))) for script in scripts: script.reload_nginx() script.commit(no_thread=True)
def __init__(self): self.script = Script(get_mail_server())
def __init__(self, *args, **kwargs): super(VirtMachineBackend, self).__init__(*args, **kwargs) self.connection = VirtMachineConnection.objects.get(id=self.id) self.script = Script(self.core_server)
def __init__(self, *args, **kwargs): super(DomainObject, self).__init__(*args, **kwargs) self.script_master = Script(get_primary_ns_server()) self.scripts_slaves = [] for ns in get_secondary_ns_servers(): self.scripts_slaves.append(Script(ns))
class DomainObject(object): class Meta: proxy = True def __init__(self, *args, **kwargs): super(DomainObject, self).__init__(*args, **kwargs) self.script_master = Script(get_primary_ns_server()) self.scripts_slaves = [] for ns in get_secondary_ns_servers(): self.scripts_slaves.append(Script(ns)) def commit(self): self.script_master.commit() for slave in self.scripts_slaves: slave.commit() def reload(self): self.script_master.add_cmd("/etc/init.d/bind9 reload") for slave in self.scripts_slaves: slave.add_cmd("/etc/init.d/bind9 reload") def update(self, domain=None): if domain: self.script_master.add_file("%s/%s.zone" % (config.bind_master_zones_dir, domain.name), self.gen_zone(domain)) self.script_master.add_file(config.bind_master_config_file, self.gen_master_config()) for slave in self.scripts_slaves: slave.add_file(config.bind_slave_config_file, self.gen_slave_config()) def uninstall(self, domain): self.script_master.add_cmd("rm %s/%s.zone" % (config.bind_master_zones_dir, domain.name)) for slave in self.scripts_slaves: slave.add_cmd("rm %s/%s.zone" % (config.bind_slave_zones_dir, domain.name)) def gen_zone(self, domain): domain.new_serial() records = [] for ns in [get_primary_ns_server().domain] + [x.domain for x in get_secondary_ns_servers()]: records.append({"name": "@", "TTL": domain.ttl if domain.ttl else 86400, "type": "NS", "prio": "", "value": "%s." % ns}) for record in domain.record_set.order_by("order_num"): records.append({ "name": record.name, "TTL": record.ttl if record.ttl else 86400, "type": record.record_type, "prio": record.prio if record.prio else "", "value": record.value, }) return render_to_string("dns/zone.txt", { "records": records, "TTL": domain.ttl if domain.ttl else 86400, "ns1": get_primary_ns_server().domain, "rname": domain.rname.replace("@", "."), "serial": domain.serial, "refresh": config.dns_refresh, "retry": config.dns_retry, "expire": config.dns_expire, "minimum": config.dns_minimum, }) def gen_master_config(self): domains = [] for domain in Domain.objects.all(): domains.append(render_to_string("dns/master_config.txt", { "domain": domain.name, "slaves_ips": ";".join([x.ip for x in get_secondary_ns_servers()]), })) return "\n".join(domains) def gen_slave_config(self): domains = [] for domain in Domain.objects.all(): domains.append(render_to_string("dns/slave_config.txt", { "domain": domain.name, "msters_ips": get_primary_ns_server().ip, })) return "\n".join(domains)
def handle(self, *args, **options): print "... removing old config and ssl certificates/keys" for server in get_load_balancers(): script = Script(server) script.add_cmd("rm -f /etc/nginx/ssl/*") script.add_cmd("rm -f /etc/nginx/proxy.d/*") script.commit(no_thread=True) print "%s cleaned" % server.ip print "... generating new config" for app in App.objects.filter(disabled=False): if not app.domains: continue print "proxy for %s app set" % ("app_%.5d" % app.id) balancer = ProxyObject(app) balancer.setup(reload_nginx=False, no_thread=True) print "... reloading nginxes" for server in get_load_balancers(): script = Script(server) script.reload_nginx() script.commit(no_thread=True) print "nginx on %s reloaded" % server.ip
class AppBackend(App): class Meta: proxy = True def __init__(self, *args, **kwargs): super(AppBackend, self).__init__(*args, **kwargs) self.script = Script(self.core_server) self.proxy = ProxyObject(self) def get_user(self): return "app_%.5d" % self.id def get_group(self): return "app_%.5d" % self.id def get_home(self): home = os.path.join(settings.APPS_HOME, self.get_user()) if home != settings.APPS_HOME: return home raise AppException("Wrong home directory") def get_parmameters(self): parms = {} if self.parameters: parms.update(self.parameters) parms.update( { "user": self.get_user(), "group": self.get_group(), "home": self.get_home(), "main_domain": self.main_domain, "misc_domains": " ".join(self.misc_domains_list), "domains": " ".join(self.domains_list) } ) return parms def install(self): parms = self.get_parmameters() self.script.add_cmd("/usr/sbin/groupadd %(group)s" % parms) self.script.add_cmd("/usr/sbin/useradd -m -d %(home)s -g %(group)s %(user)s -s /bin/bash" % parms) self.script.add_cmd("/usr/sbin/usermod -G %(group)s -a www-data" % parms) self.script.add_cmd("mkdir -p %(home)s/logs" % parms, user=self.get_user()) self.script.add_cmd("mkdir -p %(home)s/app" % parms, user=self.get_user()) self.script.add_cmd("mkdir -p %(home)s/.ssh" % parms, user=self.get_user()) self.script.add_cmd("chmod 770 %(home)s/logs" % parms) self.script.add_cmd("chmod 750 %(home)s" % parms) self.installed = True self.save() self.proxy.setup() def commit(self, no_thread=False): self.script.commit(no_thread) def disable(self): parms = self.get_parmameters() self.script.add_cmd("chmod 000 %(home)s" % parms, user=self.get_user()) self.proxy.setdown() def enable(self): parms = self.get_parmameters() self.script.add_cmd("chmod 750 %(home)s" % parms, user=self.get_user()) self.proxy.setup() def uninstall(self): parms = self.get_parmameters() self.script.add_cmd("/usr/sbin/userdel %(user)s" % parms) self.script.add_cmd("/usr/sbin/groupdel %(group)s" % parms) self.script.add_cmd("rm -rf %(home)s" % parms) self.script.add_cmd("rm /etc/security/limits.d/%(user)s.conf" % parms) self.proxy.setdown() def update(self): parms = self.get_parmameters() limits = "%(user)s hard nproc 64\n" limits += "%(user)s hard as 393216\n" self.script.add_file("/etc/security/limits.d/%(user)s.conf" % parms, limits) self.proxy.setup() def get_logs(self): parms = self.get_parmameters() logfiles = [] for logfile in self.script.run("ls \"%(home)s/logs/\"" % parms)["stdout"].split(): if re.match(".*\.log$", logfile): path = os.path.join("%(home)s/logs/" % parms, logfile.strip()) logfiles.append((path, self.script.run("tail -n 60 %s" % path)["stdout"])) return logfiles def get_directories(self): parms = self.get_parmameters() return [x.strip()[len(parms.get("home"))+1:] for x in self.script.run("find -L %s -maxdepth %d -type d" % (parms.get("home"), 3))["stdout"].split("\n")] def get_uid(self): return int(self.script.run("id -u %s" % self.get_user())["stdout"].strip()) def get_gid(self): return int(self.script.run("id -g %s" % self.get_user())["stdout"].strip()) def passwd(self, password): self.script.add_cmd("/usr/sbin/chpasswd", stdin="%s:%s" % (self.get_user(), password))
class EmailBackend(object): def __init__(self): self.script = Script(get_mail_server()) def install(self, email): homedir = join(config.maildir, email.domain.name) maildir = join(homedir, email.login) self.script.add_cmd("mkdir -p '%s'" % homedir) self.script.add_cmd("chown email:email '%s' -R" % homedir) # Good for courier, not for dovecot #self.script.add_cmd("maildirmake '%s'" % maildir) #self.script.add_cmd("chown email:email '%s' -R" % maildir) #self.script.add_cmd("maildirmake '%s'" % join(maildir, '.Spam')) #self.script.add_cmd("chown email:email '%s' -R" % join(maildir, '.Spam')) self.script.add_cmd("mkdir -p '%s'" % maildir) self.script.add_cmd("chown email:email '%s' -R" % maildir) def commit(self): self.script.commit() def uninstall(self, email): maildir = join(config.maildir, email.domain.name, email.login) self.script.add_cmd("rm -rf '%s'" % maildir) def uninstall_domain(self, domain): for email in domain.email_set.all(): self.uninstall(email) homedir = join(config.maildir, domain.name) self.script.add_cmd("rm -rf '%s'" % homedir)
def setup_scripts(self): for server in self.get_servers(): self.scripts.append((Script(server), server.os))
def __init__(self, *args, **kwargs): super(AppBackend, self).__init__(*args, **kwargs) self.script = Script(self.core_server) self.proxy = ProxyObject(self)
class DbObject(Db): class Meta: proxy = True def __init__(self, *args, **kwargs): super(DbObject, self).__init__(*args, **kwargs) if self.db_type == "mysql": database_server = get_mysql_server()[0] if not self.app.db_server else self.app.db_server self.script = Script(database_server) elif self.db_type == "pgsql": database_server = get_pgsql_server()[0] if not self.app.db_server else self.app.db_server self.script = Script(database_server) if not self.app.db_server: self.app.db_server = database_server self.app.save() def install(self): if self.db_type == "mysql": self.script.add_cmd("mysql -u root", stdin="CREATE DATABASE %s;" % self.name) self.script.add_cmd("mysql -u root", stdin="CREATE USER '%s'@'%%' IDENTIFIED BY '%s';" % (self.name, self.password)) self.script.add_cmd("mysql -u root", stdin="GRANT ALL PRIVILEGES ON %s.* TO '%s'@'%%' WITH GRANT OPTION;" % (self.name, self.name)) elif self.db_type == "pgsql": self.script.add_cmd("createuser -D -R -S %s" % self.name) if self.pg_postgis: self.script.add_cmd("createdb -T template_postgis -O %s %s" % (self.name, self.name)) else: self.script.add_cmd("createdb -O %s %s" % (self.name, self.name)) self.passwd(self.password) def passwd(self, password): if self.db_type == "mysql": self.script.add_cmd("mysql -u root", stdin="UPDATE mysql.user SET Password=PASSWORD('%s') WHERE User = '******';" % (password, self.name)) self.script.add_cmd("mysql -u root", stdin="FLUSH PRIVILEGES;") elif self.db_type == "pgsql": sql = "ALTER USER %s WITH PASSWORD '%s';" % (self.name, password) self.script.add_cmd("psql template1", stdin=sql) def uninstall(self): if self.db_type == "mysql": self.script.add_cmd("mysql -u root", stdin="DROP DATABASE %s;" % self.name) self.script.add_cmd("mysql -u root", stdin="DROP USER %s;" % self.name) elif self.db_type == "pgsql": self.script.add_cmd("dropdb %s" % self.name) self.script.add_cmd("dropuser %s" % self.name) def commit(self, no_thread=False): self.script.commit(no_thread)
def get_cert_key(self, server, crtfile, keyfile): script = Script(server) crt = script.run("cat %s" % crtfile)["stdout"] key = script.run("cat %s" % keyfile)["stdout"] return crt, key
class DomainObject(object): class Meta: proxy = True def __init__(self, *args, **kwargs): super(DomainObject, self).__init__(*args, **kwargs) self.script_master = Script(get_primary_ns_server()) self.scripts_slaves = [] for ns in get_secondary_ns_servers(): self.scripts_slaves.append(Script(ns)) def commit(self): self.script_master.commit() for slave in self.scripts_slaves: slave.commit() def reload(self): self.script_master.add_cmd("/etc/init.d/bind9 reload") for slave in self.scripts_slaves: slave.add_cmd("/etc/init.d/bind9 reload") def update(self, domain=None): if domain: self.script_master.add_file( "%s/%s.zone" % (config.bind_master_zones_dir, domain.name), self.gen_zone(domain)) self.script_master.add_file(config.bind_master_config_file, self.gen_master_config()) for slave in self.scripts_slaves: slave.add_file(config.bind_slave_config_file, self.gen_slave_config()) def uninstall(self, domain): self.script_master.add_cmd("rm %s/%s.zone" % (config.bind_master_zones_dir, domain.name)) for slave in self.scripts_slaves: slave.add_cmd("rm %s/%s.zone" % (config.bind_slave_zones_dir, domain.name)) def gen_zone(self, domain): domain.new_serial() records = [] for ns in [get_primary_ns_server().domain ] + [x.domain for x in get_secondary_ns_servers()]: records.append({ "name": "@", "TTL": domain.ttl if domain.ttl else 86400, "type": "NS", "prio": "", "value": "%s." % ns }) for record in domain.record_set.order_by("order_num"): records.append({ "name": record.name, "TTL": record.ttl if record.ttl else 86400, "type": record.record_type, "prio": record.prio if record.prio else "", "value": record.value, }) return render_to_string( "dns/zone.txt", { "records": records, "TTL": domain.ttl if domain.ttl else 86400, "ns1": get_primary_ns_server().domain, "rname": domain.rname.replace("@", "."), "serial": domain.serial, "refresh": config.dns_refresh, "retry": config.dns_retry, "expire": config.dns_expire, "minimum": config.dns_minimum, }) def gen_master_config(self): domains = [] for domain in Domain.objects.all(): domains.append( render_to_string( "dns/master_config.txt", { "domain": domain.name, "slaves_ips": ";".join([x.ip for x in get_secondary_ns_servers()]), })) return "\n".join(domains) def gen_slave_config(self): domains = [] for domain in Domain.objects.all(): domains.append( render_to_string( "dns/slave_config.txt", { "domain": domain.name, "msters_ips": get_primary_ns_server().ip, })) return "\n".join(domains)