示例#1
0
def get_secret_key(pathname):
    """
    Get Django secret key value from a file _or_ generate it on first use
    """
    try:
        return ConfigFile.load(pathname).SECRET_KEY
    except (AttributeError, IOError, ValueError) as ex:
        _write_secret_key(pathname, _make_secret_key())
    return ConfigFile.load(pathname).SECRET_KEY
示例#2
0
    def default_database(self):
        """
        See: http://docs.djangoproject.com/en/1.2/ref/settings/#databases

        The returned value is suitable for the "default" database. The actual
        values are obtained from the "default_database" configuration file that
        is generated by dbconfig-common as requested by lava_server in one of
        the maintainer scripts

        Expects:
        {'ENGINE': "django.db.backends.postgresql_psycopg2",
        'NAME': $(LAVA_DB_NAME),
        'USER': $(LAVA_DB_USER),
        'PASSWORD': $(LAVA_DB_PASSWORD),
        'HOST': '',
        'PORT': $(LAVA_DB_PORT)

        """
        pathname = self._get_pathname("instance")
        config = ConfigFile.load(pathname)
        pgengine = "django.db.backends.postgresql_psycopg2"  # FIXME
        dbname = config.LAVA_DB_NAME if hasattr(config, 'LAVA_DB_NAME') else ''
        dbuser = config.LAVA_DB_USER if hasattr(config, 'LAVA_DB_USER') else ''
        dbpass = config.LAVA_DB_PASSWORD if hasattr(config, 'LAVA_DB_PASSWORD') else ''
        dbhost = config.LAVA_DB_SERVER if (hasattr(config, 'LAVA_DB_SERVER') and
                                           config.LAVA_DB_SERVER is not "") else '127.0.0.1'
        dbport = config.LAVA_DB_PORT if hasattr(config, 'LAVA_DB_PORT') else ''
        return {
            'ENGINE': pgengine,
            'NAME': dbname,
            'USER': dbuser,
            'PASSWORD': dbpass,
            'HOST': dbhost,
            'PORT': dbport
        }
示例#3
0
def lava(request):
    try:
        instance_name = os.environ["LAVA_INSTANCE"]
    except KeyError:
        try:
            instance_name = os.path.basename(os.environ["VIRTUAL_ENV"])
        except KeyError:
            instance_name = None
            from lava_server.settings.config_file import ConfigFile
            instance_path = "/etc/lava-server/instance.conf"
            if os.path.exists(instance_path):
                instance_config = ConfigFile.load(instance_path)
                instance_name = instance_config.LAVA_INSTANCE

    return {
        'lava': {
            'extension_list': loader.extensions,
            'instance_name': instance_name,
            'branding_url': settings.BRANDING_URL,
            'branding_icon': settings.BRANDING_ICON,
            'branding_alt': settings.BRANDING_ALT,
            'branding_height': settings.BRANDING_HEIGHT,
            'branding_width': settings.BRANDING_WIDTH
        }
    }
示例#4
0
def get_heartbeat_timeout():
    """Returns the HEARTBEAT_TIMEOUT value specified in worker.conf

    If there is no value found, we return a default timeout value 300.
    """
    settings = Settings("lava-server")
    worker_config_path = settings._get_pathname("worker")
    try:
        worker_config = ConfigFile.load(worker_config_path)
        if worker_config and worker_config.HEARTBEAT_TIMEOUT != '':
            return int(worker_config.HEARTBEAT_TIMEOUT)
        else:
            return 300
    except (IOError, AttributeError):
        return 300
示例#5
0
def get_software_info():
    """Returns git status and version information for LAVA related software.
    """
    sw_info = {}

    # Populate the git status of server code from exports directory.
    settings = Settings("lava-server")
    instance_config_path = settings._get_pathname("instance")
    instance_config = ConfigFile.load(instance_config_path)
    prefix = os.path.join(instance_config.LAVA_PREFIX,
                          instance_config.LAVA_INSTANCE)

    # Populate installed packages.
    sw_info.update(installed_packages(package_name='lava'))
    sw_info.update(installed_packages(package_name='linaro'))
    sw_info.update(installed_packages(prefix=prefix))

    # Summary of local build outs, if any.
    if instance_config.LAVA_DEV_MODE == 'yes':
        sw_info.update(local_diffstat(prefix))

    return simplejson.dumps(format_sw_info_to_html(sw_info))
示例#6
0
if distro_settings.get_setting("SERVER_EMAIL"):
    SERVER_EMAIL = distro_settings.get_setting("SERVER_EMAIL")

# Atlassian Crowd authentication config
AUTH_CROWD_SERVER_REST_URI = distro_settings.get_setting("AUTH_CROWD_SERVER_REST_URI")
if AUTH_CROWD_SERVER_REST_URI:
    # If Crowd server URL is configured, disable OpenID and
    # enable Crowd auth backend
    INSTALLED_APPS.append('crowdrest')
    AUTHENTICATION_BACKENDS = ['crowdrest.backend.CrowdRestBackend'] + \
        [x for x in AUTHENTICATION_BACKENDS if "OpenID" not in x]

    # Load credentials from a separate file
    from lava_server.settings.config_file import ConfigFile
    pathname = distro_settings._get_pathname("crowd")
    crowd_config = ConfigFile.load(pathname)
    AUTH_CROWD_APPLICATION_USER = crowd_config.AUTH_CROWD_APPLICATION_USER
    AUTH_CROWD_APPLICATION_PASSWORD = crowd_config.AUTH_CROWD_APPLICATION_PASSWORD
    if distro_settings.get_setting("AUTH_CROWD_GROUP_MAP"):
        AUTH_CROWD_GROUP_MAP = distro_settings.get_setting("AUTH_CROWD_GROUP_MAP")

AUTH_DEBIAN_SSO = distro_settings.get_setting("AUTH_DEBIAN_SSO")

# LDAP authentication config
AUTH_LDAP_SERVER_URI = distro_settings.get_setting("AUTH_LDAP_SERVER_URI")
if AUTH_LDAP_SERVER_URI:
    INSTALLED_APPS.append('ldap')
    INSTALLED_APPS.append('django_auth_ldap')
    import ldap
    from django_auth_ldap.config import (LDAPSearch, LDAPSearchUnion)
示例#7
0
MOUNT_POINT = (MOUNT_POINT.rstrip("/") + "/").lstrip("/")

# Fix ADMINS and MANAGERS variables
# In Django < 1.9, this is a tuple of tuples
# In Django >= 1.9 this is a list of tuples
# See https://docs.djangoproject.com/en/1.8/ref/settings/#admins
# and https://docs.djangoproject.com/en/1.9/ref/settings/#admins
if django.VERSION < (1, 9):
    ADMINS = tuple(tuple(v) for v in ADMINS)
    MANAGERS = tuple(tuple(v) for v in MANAGERS)
else:
    ADMINS = [tuple(v) for v in ADMINS]
    MANAGERS = [tuple(v) for v in MANAGERS]

# Load default database from distro integration
config = ConfigFile.load("/etc/lava-server/instance.conf")
DATABASES = {
    "default": {
        "ENGINE": "django.db.backends.postgresql_psycopg2",
        "NAME": getattr(config, "LAVA_DB_NAME", ""),
        "USER": getattr(config, "LAVA_DB_USER", ""),
        "PASSWORD": getattr(config, "LAVA_DB_PASSWORD", ""),
        "HOST": getattr(config, "LAVA_DB_SERVER", "127.0.0.1"),
        "PORT": getattr(config, "LAVA_DB_PORT", ""),
    }
}

# Load secret key from distro integration
SECRET_KEY = get_secret_key("/etc/lava-server/secret_key.conf")

# LDAP authentication config
示例#8
0
        "OPENID_LAUNCHPAD_TEAMS_MAPPING")

# Atlassian Crowd authentication config
AUTH_CROWD_SERVER_REST_URI = distro_settings.get_setting(
    "AUTH_CROWD_SERVER_REST_URI")
if AUTH_CROWD_SERVER_REST_URI:
    # If Crowd server URL is configured, disable OpenID and
    # enable Crowd auth backend
    INSTALLED_APPS.append('crowdrest')
    AUTHENTICATION_BACKENDS = ['crowdrest.backend.CrowdRestBackend'] + \
        [x for x in AUTHENTICATION_BACKENDS if "OpenID" not in x]

    # Load credentials from a separate file
    from lava_server.settings.config_file import ConfigFile
    pathname = distro_settings._get_pathname("crowd")
    crowd_config = ConfigFile.load(pathname)
    AUTH_CROWD_APPLICATION_USER = crowd_config.AUTH_CROWD_APPLICATION_USER
    AUTH_CROWD_APPLICATION_PASSWORD = crowd_config.AUTH_CROWD_APPLICATION_PASSWORD
    if distro_settings.get_setting("AUTH_CROWD_GROUP_MAP"):
        AUTH_CROWD_GROUP_MAP = distro_settings.get_setting(
            "AUTH_CROWD_GROUP_MAP")

# Load extensions
loader.contribute_to_settings(locals(), distro_settings)

from django.db.backends.signals import connection_created


def set_timeout(connection, **kw):
    connection.cursor().execute("SET statement_timeout to 30000")
示例#9
0
# along with LAVA.  If not, see <http://www.gnu.org/licenses/>.

import contextlib
from pathlib import Path
import yaml

from lava_server.settings.common import *
from lava_server.settings.config_file import ConfigFile

############################
# Load configuration files #
############################

# instance.conf
with contextlib.suppress(FileNotFoundError):
    config = ConfigFile.load("/etc/lava-server/instance.conf")
    DATABASES = {
        "default": {
            "ENGINE": "django.db.backends.postgresql",
            "NAME": getattr(config, "LAVA_DB_NAME", ""),
            "USER": getattr(config, "LAVA_DB_USER", ""),
            "PASSWORD": getattr(config, "LAVA_DB_PASSWORD", ""),
            "HOST": getattr(config, "LAVA_DB_SERVER", "127.0.0.1"),
            "PORT": getattr(config, "LAVA_DB_PORT", "5432"),
        }
    }
    INSTANCE_NAME = config.LAVA_INSTANCE

# secret_key.conf
with contextlib.suppress(FileNotFoundError):
    SECRET_KEY = ConfigFile.load("/etc/lava-server/secret_key.conf").SECRET_KEY
示例#10
0
EMAIL_BACKEND = 'django.core.mail.backends.console.EmailBackend'

# default branding details
BRANDING_ALT = "Linaro logo"
BRANDING_ICON = 'lava_server/images/logo.png'
BRANDING_URL = 'http://www.linaro.org'
BRANDING_HEIGHT = "BRANDING_HEIGHT", 22
BRANDING_WIDTH = "BRANDING_WIDTH", 22
BRANDING_BUG_URL = "https://lists.linaro.org/mailman/listinfo/lava-users"
BRANDING_SOURCE_URL = "https://git.linaro.org/lava"
BRANDING_MESSAGE = ''

instance_name = 'default'
instance_path = "/etc/lava-server/instance.conf"
if os.path.exists(instance_path):
    instance_config = ConfigFile.load(instance_path)
    instance_name = instance_config.LAVA_INSTANCE

INSTANCE_NAME = instance_name

# Logging

LOGGING = {
    'version': 1,
    'disable_existing_loggers': False,
    'filters': {
        'require_debug_false': {
            '()': 'django.utils.log.RequireDebugFalse'
        }
    },
    'formatters': {
示例#11
0
def configure():

    if os.path.exists(INSTANCE_CONF) and os.path.isfile(INSTANCE_CONF):
        config_path = INSTANCE_CONF
    else:
        config_path = INSTANCE_TEMPLATE_CONF

    config = ConfigFile.load(config_path)

    config.LAVA_DB_SERVER = LAVA_DB_SERVER

    if not hasattr(config, 'LAVA_SYS_USER'):
        config.LAVA_SYS_USER = "******"

    if not hasattr(config, 'LAVA_INSTANCE') or \
       config.LAVA_INSTANCE == '$LAVA_INSTANCE':
        config.LAVA_INSTANCE = "default"

    if not hasattr(config, 'LAVA_DB_NAME') or \
       config.LAVA_DB_NAME == '$LAVA_DB_NAME':
        config.LAVA_DB_NAME = "lavaserver"

    if not hasattr(config, 'LAVA_DB_USER') or \
       config.LAVA_DB_USER == '$LAVA_DB_USER':
        config.LAVA_DB_USER = "******"

    if not hasattr(config, 'LAVA_DB_PORT') or \
       config.LAVA_DB_PORT == '$LAVA_DB_PORT':
        config.LAVA_DB_PORT = 5432

    if not hasattr(config, 'LAVA_DB_PASSWORD') or \
       config.LAVA_DB_PASSWORD == '$LAVA_DB_PASSWORD':
        config.LAVA_DB_PASSWORD = "******" % random.getrandbits(48)

    ConfigFile.serialize(INSTANCE_CONF, config.__dict__)

    os.makedirs("%s/media/job-output/" % LAVA_SYS_MOUNTDIR, exist_ok=True)

    run([
        "adduser", "--quiet", "--system", "--group",
        "--home=%s" % LAVA_SYS_HOME, config.LAVA_SYS_USER, "--shell=/bin/sh"
    ], 'adduser')

    shutil.chown(LAVA_SYS_MOUNTDIR, config.LAVA_SYS_USER, config.LAVA_SYS_USER)
    shutil.chown("%s/media/" % LAVA_SYS_MOUNTDIR, config.LAVA_SYS_USER,
                 config.LAVA_SYS_USER)
    shutil.chown("%s/media/job-output/" % LAVA_SYS_MOUNTDIR,
                 config.LAVA_SYS_USER, config.LAVA_SYS_USER)

    # fixup bug from date based subdirectories - allowed to be missing.
    try:
        shutil.chown("%s/media/job-output/2017" % LAVA_SYS_MOUNTDIR,
                     config.LAVA_SYS_USER, config.LAVA_SYS_USER)
    except FileNotFoundError:
        print("legacy directory is missing, skip..")

    # support changes in xml-rpc API for 2017.6
    shutil.chown("/etc/lava-server/dispatcher.d/", config.LAVA_SYS_USER,
                 config.LAVA_SYS_USER)

    shutil.chown(DISPATCHER_CONFIG, config.LAVA_SYS_USER, config.LAVA_SYS_USER)

    shutil.chown("%s/devices/" % DISPATCHER_CONFIG, config.LAVA_SYS_USER,
                 config.LAVA_SYS_USER)

    shutil.chown("%s/device-types/" % DISPATCHER_CONFIG, config.LAVA_SYS_USER,
                 config.LAVA_SYS_USER)

    # user may not have been removed but the directory has, after purge.
    if not os.path.isdir(LAVA_SYS_HOME):
        os.mkdir(LAVA_SYS_HOME)
        shutil.chown(LAVA_SYS_HOME, config.LAVA_SYS_USER, config.LAVA_SYS_USER)

    # Fix permissions of /etc/lava-server/instance.conf
    shutil.chown(INSTANCE_CONF, config.LAVA_SYS_USER, config.LAVA_SYS_USER)
    os.chmod(INSTANCE_CONF, 0o640)

    os.makedirs(os.path.dirname(LAVA_LOGS), exist_ok=True)

    # Allow lavaserver to write to all the log files
    # setgid on LAVA_LOGS directory
    os.chmod(LAVA_LOGS, 0o2775)  # nosec - group permissive.

    # Allow users in the adm group to read all logs
    with open("%s/django.log" % LAVA_LOGS, 'w+') as logfile:
        logfile.write('')
    shutil.chown(LAVA_LOGS, user=config.LAVA_SYS_USER, group='adm')
    for file in glob.glob("%s/*" % LAVA_LOGS):
        if 'lava-scheduler.log' in file:
            # skip changes to old logs.
            continue
        shutil.chown(file, user=config.LAVA_SYS_USER, group='adm')
        # allow users in the adm group to run lava-server commands
        os.chmod(file, 0o0664)

    # tidy up old logrotate config to allow logrotate cron to complete.
    if os.path.exists('/etc/logrotate.d/lava-scheduler-log'):
        os.unlink('/etc/logrotate.d/lava-scheduler-log')

    # Allow lava user to write the secret key
    with open(SECRET_KEY, 'w+') as key:
        key.write('')
    shutil.chown(SECRET_KEY, config.LAVA_SYS_USER, config.LAVA_SYS_USER)
    os.chmod(SECRET_KEY, 0o640)

    # Allow lavaserver to write dispatcher-config files for XMLRPC API
    os.makedirs("%s/devices/" % DISPATCHER_CONFIG, exist_ok=True)
    shutil.chown("%s/devices/" % DISPATCHER_CONFIG, config.LAVA_SYS_USER,
                 config.LAVA_SYS_USER)
    for filename in glob.glob("%s/devices/*" % DISPATCHER_CONFIG):
        shutil.chown(filename, config.LAVA_SYS_USER, config.LAVA_SYS_USER)
    shutil.chown("%s/health-checks/" % DISPATCHER_CONFIG, config.LAVA_SYS_USER,
                 config.LAVA_SYS_USER)
    for filename in glob.glob("%s/health-checks/*" % DISPATCHER_CONFIG):
        shutil.chown(filename, config.LAVA_SYS_USER, config.LAVA_SYS_USER)
    shutil.chown("%s/device-types/" % DISPATCHER_CONFIG, config.LAVA_SYS_USER,
                 config.LAVA_SYS_USER)
    for filename in glob.glob("%s/device-types/*" % DISPATCHER_CONFIG):
        shutil.chown(filename, config.LAVA_SYS_USER, config.LAVA_SYS_USER)

    # Create temporary database role for db operations.
    pg_admin_username = "******" % random.getrandbits(48)
    pg_admin_password = "******" % random.getrandbits(48)

    result = psql_run([
        "psql", "-c",
        "CREATE ROLE %s PASSWORD '%s' SUPERUSER CREATEDB CREATEROLE INHERIT LOGIN;"
        % (pg_admin_username, pg_admin_password)
    ], "Failed to create temporary superuser role")

    if result != 0:
        print("Failed to create postgres superuser.")
        return

    try:
        db_setup(config, pg_admin_username, pg_admin_password)
    finally:
        # Removing temprorary user from postgres.
        result = psql_run(
            ["psql", "-c", "DROP ROLE %s ;" % pg_admin_username],
            "Failed to drop temporary superuser role.")
        if result != 0:
            print(
                "Temporary user %s was not properly removed from postgres. Please do so manually."
                % pg_admin_username)
示例#12
0
EMAIL_BACKEND = 'django.core.mail.backends.console.EmailBackend'

# default branding details
BRANDING_ALT = "Linaro logo"
BRANDING_ICON = 'lava_server/images/logo.png'
BRANDING_URL = 'http://www.linaro.org'
BRANDING_HEIGHT = "BRANDING_HEIGHT", 22
BRANDING_WIDTH = "BRANDING_WIDTH", 22
BRANDING_BUG_URL = "https://lists.linaro.org/mailman/listinfo/lava-users"
BRANDING_SOURCE_URL = "https://git.linaro.org/lava"
BRANDING_MESSAGE = ''

instance_name = 'default'
instance_path = "/etc/lava-server/instance.conf"
if os.path.exists(instance_path):
    instance_config = ConfigFile.load(instance_path)
    instance_name = instance_config.LAVA_INSTANCE

INSTANCE_NAME = instance_name

# Logging

LOGGING = {
    'version': 1,
    'disable_existing_loggers': False,
    'filters': {
        'require_debug_false': {
            '()': 'django.utils.log.RequireDebugFalse'
        }
    },
    'formatters': {
示例#13
0
MOUNT_POINT = (MOUNT_POINT.rstrip("/") + "/").lstrip("/")

# Fix ADMINS and MANAGERS variables
# In Django < 1.9, this is a tuple of tuples
# In Django >= 1.9 this is a list of tuples
# See https://docs.djangoproject.com/en/1.8/ref/settings/#admins
# and https://docs.djangoproject.com/en/1.9/ref/settings/#admins
if django.VERSION < (1, 9):
    ADMINS = tuple(tuple(v) for v in ADMINS)
    MANAGERS = tuple(tuple(v) for v in MANAGERS)
else:
    ADMINS = [tuple(v) for v in ADMINS]
    MANAGERS = [tuple(v) for v in MANAGERS]

# Load default database from distro integration
config = ConfigFile.load("/etc/lava-server/instance.conf")
DATABASES = {"default": {"ENGINE": "django.db.backends.postgresql_psycopg2",
                         "NAME": getattr(config, "LAVA_DB_NAME", ""),
                         "USER": getattr(config, "LAVA_DB_USER", ""),
                         "PASSWORD": getattr(config, "LAVA_DB_PASSWORD", ""),
                         "HOST": getattr(config, "LAVA_DB_SERVER", "127.0.0.1"),
                         "PORT": getattr(config, "LAVA_DB_PORT", ""), }}

# Load secret key from distro integration
SECRET_KEY = get_secret_key("/etc/lava-server/secret_key.conf")

# LDAP authentication config
if AUTH_LDAP_SERVER_URI:
    INSTALLED_APPS.append('ldap')
    INSTALLED_APPS.append('django_auth_ldap')
    import ldap