def top_pro_add(request): if request.method == "POST": name = request.POST.get('name') hosts = request.POST.get('servers') filename = request.POST.get('filename') rule = request.POST.get('rule') limit = request.POST.get('limit') exception = request.POST.get('exception') globalip = request.POST.get('globalip') hook = request.POST.get('hook') remark = request.POST.get('remark') if dsACL_TopProject.objects.filter(name=name): return JsonResponse({'code': 1, 'msg': "该项目已存在", 'count': 1}) if hosts: for i in strIp_to_listIp(hosts): if not isValidIp(i): return JsonResponse({ 'code': 1, 'msg': "目标服务器IP格式错误", 'count': 1 }) if exception: for i in strIp_to_listIp(exception): if not isValidIp(i): return JsonResponse({ 'code': 1, 'msg': "无限制IP格式错误", 'count': 1 }) if globalip: for i in strIp_to_listIp(globalip): if not isValidIp(i): return JsonResponse({ 'code': 1, 'msg': "默认添加IP格式错误", 'count': 1 }) if not limit: limit = 0 data = dsACL_TopProject(name=name, servers=hosts, filename=filename, rule=rule, limit=limit, exception=exception, globalip=globalip, hook=hook, remark=remark) data.save() return JsonResponse({'code': 0, 'msg': "添加成功", 'count': 1}) return render(request, 'allow_list/top_pro_add.html', locals())
def api_white_table_add(request, id): conf = api_access_authorized_conf.objects.get(pk=id) if request.method == 'POST': host = request.POST.get('host') if not isValidIp(host): return JsonResponse({ "status": "Failed", "info": "IP格式错误" }, safe=False) List = [ i.host_ip for i in conf.api_access_authorized_table_set.all() if i ] if conf.api_access_authorized_table_set.filter(host_ip=host): return JsonResponse({ "status": "Failed", "info": "IP已存在" }, safe=False) key = request.POST.get('key') memo = request.POST.get('memo') print memo print host print key api_access_authorized_table.objects.get_or_create(host_key=key, host_ip=host, memo=memo, user=request.user, apiConf=conf) return JsonResponse({"status": "OK", "info": "已添加"}) return render(request, 'allow_list/pingtai_api_white_table_add.html', locals())
def get_host(message): try: ip = message.text.split()[1] if not isValidIp(ip): text = "IP:%s 格式错误" % ip bot.sendMessage(chat_id=message.chat.id, text=text) return 9 except IndexError: text = "缺少参数!/get_host IP地址" bot.sendMessage(chat_id=message.chat.id, text=text) return 9 try: server = Server.objects.get(ssh_host=ip) text = 'IP: %s \nUSER: %s \nPORT: %s \n PASSWD: %s \n' % ( ip, server.ssh_user, server.ssh_port, server.ssh_password) except: text = "此IP不在CMDB记录中" bot.sendMessage(chat_id=message.chat.id, text=text)
def iptables(request): choice_data = [a for a in Business.objects.filter(platform='现金网')] if request.method == 'POST': ip = request.POST.get('ipaddr').strip() comment = request.POST.get('customer').strip() remark = "only_new" host_group = u"新平台" chain = "INPUT" comment = u"WEB_PORT_%s" % comment user = request.user if not isValidIp(ip): return JsonResponse({"res": "falid","info": "IP格式错误"},safe=False) if Iptables.objects.filter(i_source_ip=ip): return JsonResponse({"res": "falid","info": "此IP已存在"},safe=False) i = Iptables(i_comment=comment,i_chain=chain,i_source_ip=ip,i_user=user,i_remark=remark,i_tag=host_group) i.save() task = "/etc/ansible/insertip.yml" job = do_ansible.delay(task,ip,remark,comment) task_id = job.id return JsonResponse({"res": "OK","info": "已添加成功"},safe=False) return render(request,'allow_list/iptables.html',locals())
def api_white_conf_edit(request, id): data = api_access_authorized_conf.objects.get(pk=id) if request.method == 'POST': name = request.POST.get('name') servers = request.POST.get('servers') file_path = request.POST.get('file_path') default_ip = request.POST.get('default_ip') #验证名称是否唯一 if name != data.name: if api_access_authorized_conf.objects.filter(name=name): Errors.append("NAME已存在") return JsonResponse({'status': "Failed", 'info': "NAME已存在!"}) #验证servers是否存在cmdb中 servers = strIp_to_listIp(servers) for i in servers: if not Server.objects.filter(ssh_host=i): Errors.append("CMDB中没有%s的信息" % i) return JsonResponse({ 'status': "Failed", 'info': "CMDB中没有%s的信息" % i }) #验证default_ip的有效性 if default_ip: default_ip_list = strIp_to_listIp(default_ip) for i in default_ip_list: if not isValidIp(i): Errors.append("%s格式错误" % i) return JsonResponse({ 'status': "Failed", 'info': "%s格式错误" % i }) default_ip = " ".join(default_ip_list) data.name = name data.servers = " ".join(servers) data.file_path = file_path data.default_ip = default_ip data.save() return JsonResponse({'status': "OK", 'info': "修改成功"}) return render(request, 'allow_list/pingtai_api_white_conf_edit.html', locals())
def shell(message): try: ip = message.text.split()[1].split('@')[0] cmd = message.text.split('@')[-1] if not isValidIp(ip): text = "IP格式错误" bot.sendMessage(chat_id=message.chat.id, text=text) return 9 except IndexError: text = "缺少参数!/shell IP地址@命令" bot.sendMessage(chat_id=message.chat.id, text=text) return 9 path = "[root@localhost ~]# " try: Server.objects.get(ssh_host=ip) except: text = "此IP:%s 不在CMDB记录中" % ip bot.sendMessage(chat_id=message.chat.id, text=text) return 8 try: res = ssh_cmd(ip, cmd) print res res = " ".join(res) text = path + '\r\n' + res except: text = "连接超时!" num = len(text) / 4096 if num == 0: bot.sendMessage(chat_id=message.chat.id, text=text) else: start = 0 for i in num: end = start + 4096 bot.sendMessage(chat_id=message.chat.id, text=text[start:end]) start += 4096 if len(text) % 4096 == 0: pass else: end = start + len(text) % 4096 bot.sendMessage(chat_id=message.chat.id, text=text[start:end])
def black_add(request): #添加现金网后台黑名单 if request.method == 'POST': ip = request.POST.get('ipaddr').strip() if not isValidIp(ip): return JsonResponse({"res": "falid","info": "IP格式错误"},safe=False) classify = request.POST.get('classify') conf = white_conf.objects.get(name=classify) if not conf.servers: return JsonResponse({"res": "falid","info": "项目没有配置服务器"},safe=False) for i in conf.servers.split('\r\n'): if Server.objects.filter(ssh_host=i).count() != 1: return JsonResponse({"res": "falid","info": "请检查CMDB中服务器配置是否正确!"},safe=False) obj,created = white_list.objects.get_or_create(host_ip=ip,white_conf=conf,defaults={'host_key':"deny",'user':request.user}) if not created: return JsonResponse({"res": "falid","info": "此IP已存在黑名单中"},safe=False) if white_list.objects.filter(white_conf=conf,host_ip=ip).count() > 1: return JsonResponse({"res": "OK","info": "已添加成功"},safe=False) if classify == "MONEY-Black": template_file="kg_jdc_white.conf" ips = "" for i in white_list.objects.filter(white_conf=conf): ips += i.host_key+" "+i.host_ip+";\n" nginx_white_copy.delay(conf.servers,template_file,conf.file_path,ips,conf.is_reload) return JsonResponse({"res": "OK","info": "已添加成功"},safe=False) return render(request,'allow_list/black_add.html',locals())
def sub_pro_add(request, tid): toppro = dsACL_TopProject.objects.get(pk=tid) if request.method == "POST": name = request.POST.get('name') useParentConf = request.POST.get('useParentConf') if useParentConf: useParentConf = False else: useParentConf = True hosts = request.POST.get('servers') filename = request.POST.get('filename') rule = request.POST.get('rule') hook = request.POST.get('hook') remark = request.POST.get('remark') if dsACL_SubProject.objects.filter(parentPro=toppro, name=name): return JsonResponse({'code': 1, 'msg': "该项目已存在", 'count': 1}) if hosts: for i in strIp_to_listIp(hosts): if not isValidIp(i): return JsonResponse({ 'code': 1, 'msg': "目标服务器IP格式错误", 'count': 1 }) data = dsACL_SubProject(name=name, parentPro=toppro, useParentConf=useParentConf, servers=hosts, filename=filename, rule=rule, hook=hook, remark=remark) data.save() return JsonResponse({'code': 0, 'msg': "子项目添加成功", 'count': 1}) return render(request, 'allow_list/sub_pro_add.html', locals())
def white_add(request,uuid): conf = white_conf.objects.get(pk=uuid) if conf.name in ["KG-JDC","MONEY-Backend","DT-GFC","MONEY-Black"]: data = git_deploy.objects.filter(platform="现金网",classify="online",isops=True,islog=True) #根据线上的siteid来添加 newAsiteid=[i for i in data if "a" in i.name ] for i in data: if i.name[-1] not in ['a','b','c','d','f']: newAsiteid.append(i) data = newAsiteid elif conf.name in ["MN-JDC","MN-Backend","MN-GFC","MN-Black"]: data = git_deploy.objects.filter(platform="VUE蛮牛",classify="huidu",isops=True,islog=True) #根据灰度的siteid来添加 if request.method == 'POST': ip = request.POST.get('ipaddr').strip() method = request.POST.get('method').strip() classify = conf.name uuid = request.POST.get('uuid') memo = request.POST.get('memo') deploy = git_deploy.objects.get(id=uuid) if conf.exception_ip: exception = conf.exception_ip else: exception = "" if not isValidIp(ip): return JsonResponse({"res": "falid","info": "IP格式错误"},safe=False) if not conf.servers: return JsonResponse({"res": "falid","info": "项目没有配置服务器"},safe=False) for i in conf.servers.split('\r\n'): if Server.objects.filter(ssh_host=i).count() != 1: return JsonResponse({"res": "falid","info": "请检查CMDB中服务器配置是否正确!"},safe=False) #判断该IP是否添加了5次,如果是特赦IP则不进行判断 if ip not in exception: if white_list.objects.filter(white_conf=conf,host_ip=ip).count() >= 5: return JsonResponse({"res": "falid","info": "此IP已绑定超过5个网站"},safe=False) obj,created = white_list.objects.get_or_create(host_ip=ip,git_deploy=deploy,white_conf=conf,memo=memo,defaults={'host_key':method,'user':request.user}) if not created: return JsonResponse({"res": "falid","info": "此项目的IP已存在"},safe=False) if white_list.objects.filter(white_conf=conf,git_deploy=deploy,host_ip=ip).count() > 1: return JsonResponse({"res": "OK","info": "已添加成功"},safe=False) ips = "" if classify in ["KG-JDC","MN-JDC","DT-GFC","MN-GFC"]: template_file="kg_jdc_white.conf" for i in white_list.objects.filter(white_conf=conf): ips += i.host_key+" "+i.host_ip+"; #"+i.git_deploy.name+" \n" print "添加%s"% classify job = nginx_white_copy.delay(conf.servers,template_file,conf.file_path,ips,conf.is_reload) elif classify in ["MONEY-Black","MONEY-Backend","MN-Backend"]: template_file="kg_jdc_white.conf" try: filename = filter(str.isdigit,deploy.name) except: filename = filter(unicode.isdigit,deploy.name) file_path = conf.file_path+"/"+filename+"_white_list" for i in white_list.objects.filter(white_conf=conf,git_deploy=deploy): ips += i.host_key+" "+i.host_ip+";\n" # platform = "VUE蛮牛" # huidu_deploy = git_deploy.objects.filter(platform=platform,name=deploy.name,classify="huidu",isops=True,islog=True) # if huidu_deploy: # for i in white_list.objects.filter(white_conf=conf,git_deploy=huidu_deploy[0]): # ips += i.host_key+" "+i.host_ip+";\n" #print "找到灰度后台白名单:\n%s"% ips job = nginx_white_copy.delay(conf.servers,template_file,file_path,ips,conf.is_reload) # template_file="mn_backend.conf" # file_path = conf.file_path+"/"+deploy.name+".conf" # huidu_deploy = git_deploy.objects.filter(platform=platform,name=deploy.name,classify="huidu",islog=True) # online_deploy = git_deploy.objects.filter(platform=platform,name=deploy.name,classify="online",islog=True) # if huidu_deploy: # for i in white_list.objects.filter(white_conf=conf,git_deploy=huidu_deploy[0]): # ips += i.host_key+" "+i.host_ip+";\n " # #print "找到灰度后台白名单:\n%s"% ips # if online_deploy: # for i in white_list.objects.filter(white_conf=conf,git_deploy=online_deploy[0]): # ips += i.host_key+" "+i.host_ip+";\n " # #print "所有后台白名单:\n%s"% ips # business = Business.objects.get(nic_name=deploy.name,platform=platform) #蛮牛项目 # front_data = business.domain.filter(use=2,classify="online") #蛮牛线上在用的后台域名对象 # if not front_data: # front_data = business.domain.filter(use=2,classify="huidu") # front_domain = " ".join([i.name for i in front_data if i]) #提取域名组成列表 # job = nginx_white_copy.delay(conf.servers,template_file,file_path,ips,conf.is_reload,server_name=front_domain,siteid=deploy.name) # else: # platform = "现金网" #现金网后台反代节点nginx配置文件不统一,没法做文件模板覆盖 # template_file="kg_jdc_white.conf" # file_path = conf.file_path+"/"+deploy.name+"_white_list" # online_deploy = git_deploy.objects.filter(platform=platform,name=deploy.name,classify="online",isops=True,islog=True) # for i in white_list.objects.filter(white_conf=conf,git_deploy=online_deploy[0]): # ips += i.host_key+" "+i.host_ip+";\n" # # print "所有现金网后台白名单:\n%s"% ips # job = nginx_white_copy.delay(conf.servers,template_file,file_path,ips,conf.is_reload) #将白名单推到后台反代节点1001_white_list return JsonResponse({"res": "OK","info": "已添加成功"},safe=False) return render(request,'allow_list/white_add.html',locals())
def sub_pro_api(request): action = request.GET.get('action') sid = request.GET.get('id') tid = request.GET.get('tid') project_name = request.GET.get('project_name') toppro = dsACL_TopProject.objects.get(pk=tid) value = request.GET.get('value') res = {'code': 1, 'msg': "错误", 'count': 0} if action == "get": page = request.GET.get('page') limit = request.GET.get('limit') if page == 1: start_line = 0 end_line = limit else: start_line = int(page) * int(limit) - int(limit) end_line = int(page) * int(limit) keyword = request.GET.get('keyword') if keyword: data = dsACL_SubProject.objects.filter(parentPro=toppro, name__contains=keyword) else: data = dsACL_SubProject.objects.filter(parentPro=toppro) count = len(data) data = data[start_line:end_line] res = { 'code': 0, 'msg': "", 'count': count, 'data': [eval(i.toJSON(), { 'true': 1, 'false': 0 }) for i in data if i] } elif action == "getAll": data = dsACL_SubProject.objects.filter(parentPro=toppro) res = { 'code': 0, 'msg': "所有sub项目", 'count': len(data), 'data': [eval(i.toJSON(), { 'true': 1, 'false': 0 }) for i in data if i] } elif action == "get_All": line_table = { "cache_ips": [], "cow_ips": [], } toppros = dsACL_TopProject.objects.filter( id__in=line_table[project_name]) toppros_id = [top.id for top in toppros if top] data = dsACL_SubProject.objects.filter(parentPro__in=toppros_id) res = { 'code': 0, 'msg': "所有sub项目", 'count': len(data), 'data': [eval(i.toJSON(), { 'true': 1, 'false': 0 }) for i in data if i] } elif action == "edit_name": if dsACL_SubProject.objects.filter(parentPro=toppro, name=value): return JsonResponse({'code': 1, 'msg': "项目名已存在", 'count': 1}) data = dsACL_SubProject.objects.get(pk=sid) data.name = value data.save() res = {'code': 0, 'msg': "修改成功", 'count': 1} elif action == "edit_filename": data = dsACL_SubProject.objects.get(pk=sid) data.filename = value data.save() res = {'code': 0, 'msg': "修改成功", 'count': 1} elif action == "edit_rule": data = dsACL_SubProject.objects.get(pk=sid) data.rule = value data.save() res = {'code': 0, 'msg': "修改成功", 'count': 1} elif action == 'edit_hook': data = dsACL_SubProject.objects.get(pk=sid) data.hook = value data.save() res = {'code': 0, 'msg': "修改成功", 'count': 1} elif action == 'edit_remark': data = dsACL_SubProject.objects.get(pk=sid) data.remark = value data.save() res = {'code': 0, 'msg': "修改成功", 'count': 1} elif action == "del": for delID in eval(sid): data = dsACL_SubProject.objects.get(pk=delID) data.delete() res = {'code': 0, 'msg': "删除sub项目成功", 'count': 1} elif action == "check_servers": data = dsACL_SubProject.objects.get(pk=sid) hosts = data.servers server_List = [] servers = [] if hosts: servers = strIp_to_listIp(hosts) for i in servers: if Server.objects.filter(ssh_host=i): server_List.append({ "host": i, "isexists": True, "status": ssh_check(i) }) else: server_List.append({ "host": i, "isexists": False, "status": False }) res = { 'code': 0, 'msg': "目标服务器检测", 'count': len(servers), 'data': server_List } elif action == "add_servers": if not isValidIp(value): return JsonResponse({'code': 1, 'msg': "IP格式错误", 'count': 1}) data = dsACL_SubProject.objects.get(pk=sid) hosts = [] if data.servers: hosts = strIp_to_listIp(data.servers) if value in hosts: return JsonResponse({'code': 1, 'msg': "此IP已存在", 'count': 1}) hosts.append(value) servers = "\n".join(hosts) data.servers = servers data.save() res = {'code': 0, 'msg': "添加目标服务器成功", 'count': 1} elif action == "del_servers": data = dsACL_SubProject.objects.get(pk=sid) hosts = strIp_to_listIp(data.servers) hosts = [x for x in hosts if x != value] if hosts: servers = "\n".join(hosts) else: servers = "" data.servers = servers data.save() res = {'code': 0, 'msg': "删除目标服务器成功", 'count': 1} elif action == "edit_servers": value = value.split('@') before_host = value[0] after_host = value[1] if not isValidIp(after_host): return JsonResponse({'code': 1, 'msg': "IP格式错误", 'count': 1}) data = dsACL_SubProject.objects.get(pk=sid) servers = "\n".join([ after_host if x == before_host else x for x in strIp_to_listIp(data.servers) ]) data.servers = servers data.save() res = {'code': 0, 'msg': "修改成功", 'count': 1} elif action == "edit_useParentConf": data = dsACL_SubProject.objects.get(pk=sid) if value == "True": value = True print "使用top配置" else: value = False print "使用sub配置" data.useParentConf = value data.save() res = {'code': 0, 'msg': "修改成功", 'count': 1} return JsonResponse(res)
def top_pro_api(request): """ id: id action: get 获取字段 value为搜索条件keyword,另外有limit和page参数 action: del 删除 action: edit_name 编辑名字 action: edit_servers 编辑服务器信息 action: check_servers 检测服务器状态 action: add_servers 添加 action: del_servers 删除目标服务器 action: edit_filename 编辑文件路径信息 action: edit_rule 编辑匹配规则 action: edit_limit 编辑限制条目 action: edit_exception 编辑特权IP action: get_exception 获取特权ip action: add_exception 添加特权ip action: del_exception 删除特权ip action: edit_global 编辑默认IP action: get_global 获取默认ip action: add_global 添加默认ip action: del_global 删除默认ip action: edit_hook 编辑钩子 action: edit_remark 编辑备注 value: 对应值 """ action = request.GET.get('action') tid = request.GET.get('id') value = request.GET.get('value') if action == "get": page = request.GET.get('page') limit = request.GET.get('limit') if page == 1: start_line = 0 end_line = limit else: start_line = int(page) * int(limit) - int(limit) end_line = int(page) * int(limit) keyword = request.GET.get('keyword') if keyword: data = dsACL_TopProject.objects.filter( name__contains=keyword)[start_line:end_line] count = len(data) else: data = dsACL_TopProject.objects.all()[start_line:end_line] count = dsACL_TopProject.objects.count() res = { 'code': 0, 'msg': "", 'count': count, 'data': [eval(i.toJSON()) for i in data if i] } elif action == "getAll": data = dsACL_TopProject.objects.all() res = { 'code': 0, 'msg': "所有top项目", 'count': len(data), 'data': [eval(i.toJSON()) for i in data if i] } elif action == "edit_name": if dsACL_TopProject.objects.filter(name=value): return JsonResponse({'code': 1, 'msg': "该项目已存在", 'count': 1}) data = dsACL_TopProject.objects.get(pk=tid) data.name = value data.save() res = {'code': 0, 'msg': "修改成功", 'count': 1} elif action == "edit_filename": data = dsACL_TopProject.objects.get(pk=tid) data.filename = value data.save() res = {'code': 0, 'msg': "修改成功", 'count': 1} elif action == "edit_rule": data = dsACL_TopProject.objects.get(pk=tid) data.rule = value data.save() res = {'code': 0, 'msg': "修改成功", 'count': 1} elif action == "edit_limit": if not value: value = 0 data = dsACL_TopProject.objects.get(pk=tid) data.limit = value data.save() res = {'code': 0, 'msg': "修改成功", 'count': 1} elif action == "edit_hook": data = dsACL_TopProject.objects.get(pk=tid) data.hook = value data.save() res = {'code': 0, 'msg': "修改成功", 'count': 1} elif action == "edit_remark": data = dsACL_TopProject.objects.get(pk=tid) data.remark = value data.save() res = {'code': 0, 'msg': "修改成功", 'count': 1} elif action == "edit_servers": value = value.split('@') before_host = value[0] after_host = value[1] if not isValidIp(after_host): return JsonResponse({'code': 1, 'msg': "IP格式错误", 'count': 1}) data = dsACL_TopProject.objects.get(pk=tid) servers = "\n".join([ after_host if x == before_host else x for x in strIp_to_listIp(data.servers) ]) data.servers = servers data.save() res = {'code': 0, 'msg': "修改成功", 'count': 1} elif action == "edit_exception": value = value.split('@') before_host = value[0] after_host = value[1] if not isValidIp(after_host): return JsonResponse({'code': 1, 'msg': "IP格式错误", 'count': 1}) data = dsACL_TopProject.objects.get(pk=tid) exception = "\n".join([ after_host if x == before_host else x for x in strIp_to_listIp(data.exception) ]) data.exception = exception data.save() res = {'code': 0, 'msg': "修改成功", 'count': 1} elif action == "del": for delID in eval(tid): data = dsACL_TopProject.objects.get(pk=delID) data.delete() res = {'code': 0, 'msg': "删除成功", 'count': 1} elif action == "check_servers": data = dsACL_TopProject.objects.get(pk=tid) hosts = data.servers server_List = [] servers = [] if hosts: servers = strIp_to_listIp(hosts) for i in servers: if Server.objects.filter(ssh_host=i): server_List.append({ "host": i, "isexists": True, "status": ssh_check(i) }) else: server_List.append({ "host": i, "isexists": False, "status": False }) res = { 'code': 0, 'msg': "目标服务器检测", 'count': len(servers), 'data': server_List } elif action == "add_servers": if not isValidIp(value): return JsonResponse({'code': 1, 'msg': "IP格式错误", 'count': 1}) data = dsACL_TopProject.objects.get(pk=tid) hosts = [] if data.servers: hosts = strIp_to_listIp(data.servers) if value in hosts: return JsonResponse({'code': 1, 'msg': "此IP已存在", 'count': 1}) hosts.append(value) servers = "\n".join(hosts) data.servers = servers data.save() res = {'code': 0, 'msg': "添加目标服务器成功", 'count': 1} elif action == "del_servers": data = dsACL_TopProject.objects.get(pk=tid) hosts = strIp_to_listIp(data.servers) hosts = [x for x in hosts if x != value] if hosts: servers = "\n".join(hosts) else: servers = "" data.servers = servers data.save() res = {'code': 0, 'msg': "删除目标服务器成功", 'count': 1} elif action == "get_exception": data = dsACL_TopProject.objects.get(pk=tid) hosts = data.exception server_List = [] servers = [] if hosts: servers = strIp_to_listIp(hosts) for i in servers: server_List.append({"host": i}) res = { 'code': 0, 'msg': "特权IP查看", 'count': len(servers), 'data': server_List } elif action == "add_exception": if not isValidIp(value): return JsonResponse({'code': 1, 'msg': "IP格式错误", 'count': 1}) data = dsACL_TopProject.objects.get(pk=tid) hosts = [] if data.exception: hosts = strIp_to_listIp(data.exception) if value in hosts: return JsonResponse({'code': 1, 'msg': "此IP已存在", 'count': 1}) hosts.append(value) exception = "\n".join(hosts) data.exception = exception data.save() res = {'code': 0, 'msg': "添加特权IP成功", 'count': 1} elif action == "del_exception": data = dsACL_TopProject.objects.get(pk=tid) hosts = strIp_to_listIp(data.exception) hosts = [x for x in hosts if x != value] if hosts: exception = "\n".join(hosts) else: exception = "" data.exception = exception data.save() res = {'code': 0, 'msg': "删除特权IP成功", 'count': 1} elif action == "get_global": data = dsACL_TopProject.objects.get(pk=tid) hosts = data.globalip server_List = [] servers = [] if hosts: servers = strIp_to_listIp(hosts) for i in servers: server_List.append({"host": i}) res = { 'code': 0, 'msg': "默认IP查看", 'count': len(servers), 'data': server_List } elif action == "add_global": if not isValidIp(value): return JsonResponse({'code': 1, 'msg': "IP格式错误", 'count': 1}) data = dsACL_TopProject.objects.get(pk=tid) hosts = [] if data.globalip: hosts = strIp_to_listIp(data.globalip) if value in hosts: return JsonResponse({'code': 1, 'msg': "此IP已存在", 'count': 1}) hosts.append(value) globalip = "\n".join(hosts) data.globalip = globalip data.save() res = {'code': 0, 'msg': "添加全局默认IP成功", 'count': 1} elif action == "del_global": data = dsACL_TopProject.objects.get(pk=tid) hosts = strIp_to_listIp(data.globalip) hosts = [x for x in hosts if x != value] if hosts: globalip = "\n".join(hosts) else: globalip = "" data.globalip = globalip data.save() res = {'code': 0, 'msg': "删除默认IP成功", 'count': 1} elif action == "edit_global": value = value.split('@') before_host = value[0] after_host = value[1] if not isValidIp(after_host): return JsonResponse({'code': 1, 'msg': "IP格式错误", 'count': 1}) data = dsACL_TopProject.objects.get(pk=tid) globalip = "\n".join([ after_host if x == before_host else x for x in strIp_to_listIp(data.globalip) ]) data.globalip = globalip data.save() res = {'code': 0, 'msg': "修改成功", 'count': 1} return JsonResponse(res)
def nginx_acl_adds(request): if request.method == 'POST': host = request.POST.get('host') host_list = strIp_to_listIp(host) for ip in host_list: if not isValidIp(ip): return JsonResponse({'code': 1, 'msg': 'IP格式错误!', 'count': 0}) tids = request.POST.get('topproject').split("_") name = request.POST.get('project') deltask = request.POST.get('delTask') delDateTime = request.POST.get('delDateTime') delDateTime = beijing2utc(delDateTime) remark = request.POST.get('remark') for tid in tids: top_obj = dsACL_TopProject.objects.get(pk=tid) sub_obj = dsACL_SubProject.objects.filter( parentPro=top_obj).filter(name=name)[0] # 判断添加限制,特权IP limit = top_obj.limit exception = top_obj.exception if limit != 0: subps = dsACL_SubProject.objects.filter(parentPro=top_obj) for ip in host_list: ipNum = 0 for subpro in subps: ipNum += dsACL_ngx.objects.filter(project=subpro, host=ip).count() if ipNum >= limit and ip not in exception: return JsonResponse({ 'code': 1, 'msg': 'IP: %s 添加次数大于 %s' % (ip, limit), 'count': 0 }) if not deltask: deltask = False delDateTime = None else: deltask = True for ipaddr in host_list: if dsACL_ngx.objects.filter(project=sub_obj, host=ipaddr): continue data = dsACL_ngx(host=ipaddr, zone=get_ip_zone(ipaddr), project=sub_obj, user=request.user, remark=remark, delTask=deltask, delDateTime=delDateTime) data.save() if deltask: schedule, _ = ClockedSchedule.objects.get_or_create( clocked_time=data.delDateTime) PeriodicTask.objects.create( name="acl_delIp_%s" % data.host, task="Allow_list.tasks.nginx_acl_del", clocked=schedule, args=json.dumps([data.id]), one_off=True, enabled=True) # 调用异步任务同步文件 nginx_acl_scp.delay(sub_obj.id) return JsonResponse({'code': 0, 'msg': 'IP添加完成'}) return render(request, 'allow_list/nginx_acl_adds.html', locals())
def acceleration_api(request): """api参数 id: 字段id value: 值 action: change_status 修改字段online action: change_name 修改字段name action: change_group 修改字段platfrom action: change_date 修改字段stop_date action: change_remark 修改字段remark action: init 初始化 id为list action: zabbix 监控 id为list action: sync 同步 id为list 返回 code: 0成功1失败 rid: 字段id msg: 信息 data: 数据 count: 数据统计 """ action = request.GET.get('action') field_id = request.GET.get('id') value = request.GET.get('value') result = {"code": 1, "rid": field_id, "msg": "Error"} if action == "change_status": data = accelerated_server_manager.objects.get(pk=field_id) if value == "True": value = True else: value = False data.online = value data.save() jiasu_conf_rsync() #本地同步配置文件 result = {"code": 0, "rid": field_id, "msg": "状态变更成功"} elif action == "change_group": data = accelerated_server_manager.objects.get(pk=field_id) data.platfrom = value data.save() result = {"code": 0, "rid": field_id, "msg": "属组变更成功"} elif action == "change_name": data = accelerated_server_manager.objects.get(pk=field_id) data.name = value data.save() result = {"code": 0, "rid": field_id, "msg": "名称已变更为:%s" % value} elif action == "change_date": try: data = accelerated_server_manager.objects.get(pk=field_id) data.stop_date = value data.save() result = {"code": 0, "rid": field_id, "msg": "到期时间已变更为:%s" % value} except: result["msg"] = "时间格式错误,请遵循: YYYY-MM-DD 格式" elif action == "change_remark": data = accelerated_server_manager.objects.get(pk=field_id) data.remark = value data.save() result = {"code": 0, "rid": field_id, "msg": "备注已变更"} elif action == "change_master": if not isValidIp(value): result["msg"] = "IP格式错误" return JsonResponse(result) if accelerated_server_manager.objects.filter(host_master=value): result["msg"] = "IP地址已存在" return JsonResponse(result) data = accelerated_server_manager.objects.get(pk=field_id) data.host_master = value data.save() jiasu_conf_rsync() #本地同步配置文件 result = {"code": 0, "rid": field_id, "msg": "地址一变更为:%s" % value} elif action == "change_slave": if not isValidIp(value): result["msg"] = "IP格式错误" return JsonResponse(result) data = accelerated_server_manager.objects.get(pk=field_id) data.host_slave = value data.save() result = {"code": 0, "rid": field_id, "msg": "地址二变更为:%s" % value} elif action == "init": ids = eval(field_id) if ids: for i in ids: data = accelerated_server_manager.objects.get(pk=i) try: host = Server.objects.get(ssh_host=data.host_master) jiasu_init_task.delay(host.ssh_host, host.ssh_port, host.ssh_user, host.ssh_password) result = { "code": 1, "rid": ids, "msg": "%s 初始化完成!" % data.host_master } except: result = { "code": 1, "rid": ids, "msg": "%s 没有在CMDB中发现,停止初始化!" % data.host_master } elif action == "zabbix": ids = eval(field_id) if ids: zbx = zabbixtools(settings.ZABBIX_URL, "zbxuser", "zbxpass") if zbx.authID == 0: return JsonResponse({ "code": 1, "rid": ids, "msg": "zabbix认证失败!" }) for i in ids: data = accelerated_server_manager.objects.get(pk=i) zbx.jiasu_host_create( data.host_master, "%s-加速-%s" % (data.name, data.host_master)) zbx.jiasu_host_create( data.host_slave, "%s-加速-%s" % (data.name, data.host_slave)) result = {"code": 0, "rid": ids, "msg": "IP已加入zabbix监控列表"} elif action == "sync": ids = eval(field_id) if ids: for i in ids: data = accelerated_server_manager.objects.get(pk=i) data.online = True data.save() jiasu_conf_rsync() #本地同步配置文件 result = {"code": 0, "rid": ids, "msg": "IP已加入同步列表"} else: pass return JsonResponse(result)
def dnsname_add_records(request, id): """给域名多条记录""" obj = dnsmanage_name.objects.get(pk=id) user_obj = obj.user error_msgs = [] success_msgs = [] domain_type = ['A', 'CNAME', 'MX', 'NS'] if request.method == 'POST': getrecords = request.POST.get('records', '') if not getrecords: error_msgs.append("你没有填写任何数据!") return render(request, 'business/dnsname_record_add.html', locals()) records = getrecords.split('\r\n') records_list = [] if len(records) == 1 and len(records[0].split()) < 3: error_msgs.append("缺少关键数据!") return render(request, 'business/dnsname_record_add.html', locals()) for i in records: if i.split()[1] == "A": if not isValidIp(i.split()[2]): error_msgs.append("IP格式错误:%s" % i.split()[2]) if i.split()[1] not in domain_type: error_msgs.append("记录类型只能是:A、CNAME、MX、NS,不支持:%s" % i.split()[1]) records_list.append({ "subdomain": i.split()[0], "type": i.split()[1], "value": i.split()[2] }) if len(error_msgs) > 0: return render(request, 'business/dnsname_record_add.html', locals()) status = True if user_obj.platform_name == "CLOUDXNS": api_key = user_obj.keyone secret_key = user_obj.keytwo dns = Api(api_key=api_key, secret_key=secret_key) for i in records_list: result = json.loads( dns.record_add(obj.name_id, i["subdomain"], i["value"], i["type"], 55, 600, 1)) #cloudxns添加记录 print result if result["code"] == 1: record_id = result["record_id"] result = { 'retu': "OK", 'info': "%s --> %s 添加成功!" % (i["subdomain"], i["value"]) } success_msgs.append(result) update_record_to_db(record_id[0], i["subdomain"], obj, i["type"], i["value"], 600, status) #数据库保存 else: error_msgs.append( "%s --> %s 添加失败!原因:%s" % (i["subdomain"], i["value"], result["message"])) else: user_token = user_obj.keyone + "," + user_obj.keytwo dns = DNSPod(user_obj.user, user_obj.passwd, user_obj.platform_name, user_token) for i in records_list: res = dns.pod_record_add(str(obj.name_id), i["subdomain"], i["type"], i["value"], ttl='600') #在dnspod上添加记录 print res if res["status"]["code"] == "1": if res.has_key('record'): record_id = res["record"]["id"] update_record_to_db(record_id, i["subdomain"], obj, i["type"], i["value"], 600, status) #数据库保存 result = { 'retu': "OK", 'info': "%s --> %s 添加成功!" % (i["subdomain"], i["value"]) } success_msgs.append(result) else: error_msgs.append( "%s --> %s 添加失败!原因:%s" % (i["subdomain"], i["value"], res["status"]["message"])) return render(request, 'business/dnsname_record_add.html', locals())