def apply_config(config):
logger.debug("Checking configuration for php_options")
common.check_vars(config, ["php_options"])
options = None
extensions = {}
logger.debug("Checking configuration for php_options.options")
# Options is dict, and template determines which keys are valid
if "options" in config["php_options"]:
logger.debug("php_options.options found")
options = config["php_options"]["options"]
logger.debug("Checking configuration for php_options.extensions")
# Extensions is a list. We'll map it to a dict here, to give it to the template
if "extensions" in config["php_options"]:
logger.debug("php_options.extensions found")
for item in config["php_options"]["extensions"]:
logger.debug("Enabling extension '%s'" % item)
extensions[item] = True
logger.info("Writing /etc/php5/mods-available/hypernode.ini")
common.write_file("/etc/php5/mods-available/hypernode.ini",
common.fill_template("/etc/hypernode/templates/20.phpini",
{"options": options,
"extensions": extensions}))
logger.info("Enabling hypernode.ini using php5enmod")
subprocess.call(["php5enmod", "hypernode/99"])
logger.info("Restarting PHP5-FPM daemon")
subprocess.call(["service", "php5-fpm", "restart"])
def test_write_file_sets_supplied_umask_and_restores_afterwards(self):
with mock.patch("os.umask", mock.Mock(return_value=0022)) as mock_umask:
write_file("no-file", "data", umask=0077)
self.assertIs(len(mock_umask.mock_calls), 2)
self.assertEqual(mock_umask.mock_calls[0], mock.call(0077))
self.assertEqual(mock_umask.mock_calls[1], mock.call(0022))
def apply_config(config):
common.check_vars(config, ["public_keys"])
contents = PREAMBLE + "".join([("%s\n\n" % key) for key in config["public_keys"]])
# do not handle any errors here
if not os.path.isdir(DOTSSH):
logging.info("Creating .ssh directory")
os.mkdir(DOTSSH, 0755)
logging.info("Setting .ssh dir owner")
os.chown(DOTSSH, 1000, 1000)
logging.info("Write authorized_keys file")
common.write_file(AUTHKEYS, contents, umask=0022)
def apply_config(config):
common.check_vars(config, ["hostnames", "app_name"])
logger.debug("Setting hostname to %s" % config["app_name"])
logger.info("Writing /etc/hostname")
common.write_file("/etc/hostname", config["app_name"])
logger.info("Writing /etc/hosts from template /etc/hypernode/templates/03.hostname.hosts")
common.write_file("/etc/hosts",
common.fill_template("/etc/hypernode/templates/03.hostname.hosts",
{"hostnames": config["hostnames"],
"app_name": config["app_name"]}))
logger.info("Calling `hostname`")
subprocess.call(["hostname", config["app_name"]])
logger.info("Restarting rsyslog")
subprocess.call(["service", "rsyslog", "restart"])
def apply_config(config):
# There are three cases that we might expect:
# 1. All ssl-fields are present, filled out and represent a certificate
# that passes the openssl-check.
# 2. None of the ssl-fields are present.
# 3. Other cases: not all of the ssl-fields are present, or they don't pass
# the openssl-check
#
# These cases yield the following actions
# 1. The certificate is written to disk, apache is restarted
# 2. Any certificate present on disk will be removed, the apache-
# configuration for the SSL-vhost will be removed, and apache will be
# restarted
# 3. This is an exception, and means that there is an error in the
# configuration
# We always need an app_name. Not found => exception
common.check_vars(config, ["app_name"])
if "ssl_common_name" in config and "ssl_body" in config and "ssl_certificate" in config and "ssl_key_chain" in config:
logger.debug("Configuring SSL")
logger.debug("Verifying SSL key and certificate")
verify_ssl(config["ssl_certificate"], config["ssl_body"], config["ssl_key_chain"])
template_vars = {'app_name': config['app_name'],
'servername': config['ssl_common_name'],
'crtpath': CRTPATH}
if 'ssl_key_chain' in config and config['ssl_key_chain']:
logger.info("Writing %s", CAPATH)
common.write_file(CAPATH,
config["ssl_key_chain"],
umask=0077)
template_vars['capath'] = CAPATH
logger.info("Writing %s", CRTPATH)
common.write_file(CRTPATH,
"%s\n\n%s" % (config["ssl_certificate"], config["ssl_body"]),
umask=0077)
logger.info("Writing /etc/apache2/sites-enabled/default-ssl")
common.write_file("/etc/apache2/sites-enabled/default-ssl",
common.fill_template("/etc/hypernode/templates/05.ssl.default-ssl-vhost",
vars=template_vars))
logger.info("Restarting apache2")
subprocess.call(["service", "apache2", "restart"])
return
elif "ssl_common_name" not in config and "ssl_body" not in config and "ssl_certificate" not in config and "ssl_key_chain" not in config:
logger.debug("Disabling SSL")
disable_ssl()
return
else:
raise RuntimeError("Incomplete SSL parameters in configuration")
def test_write_file_writes_given_data(self):
write_file("my-file", "my-data")
self.mock_open.assert_called_once_with("my-file", "w")
fd = self.mock_open()
fd.write.assert_called_once_with("my-data")
def test_write_file_sets_no_umask_if_none_supplied(self):
write_file("no-file", "data")
fd = self.mock_open()
fd.write.assert_called_once_with("data")
assert not self.mock_umask.called
