moulinette/yunohost_tools.py

# -*- coding: utf-8 -*-

import os
import sys
import yaml
import re
import getpass
from yunohost import YunoHostError, YunoHostLDAP, validate, colorize, get_required_args, win_msg
from yunohost_domain import domain_add

def tools_ldapinit():
    """
    Initialize YunoHost LDAP scheme

    Returns:
        dict

    """
    with YunoHostLDAP() as yldap:

        with open('ldap_scheme.yml') as f:
            ldap_map = yaml.load(f)

        for rdn, attr_dict in ldap_map['parents'].items():
            yldap.add(rdn, attr_dict)

        for rdn, attr_dict in ldap_map['childs'].items():
            yldap.add(rdn, attr_dict)


        admin_dict = {
            'cn': 'admin',
            'uid': 'admin',
            'description': 'LDAP Administrator',
            'gidNumber': '1007',
            'uidNumber': '1007',
            'homeDirectory': '/home/admin',
            'loginShell': '/bin/bash',
            'objectClass': ['organizationalRole', 'posixAccount', 'simpleSecurityObject']
        }

        yldap.update('cn=admin', admin_dict)

    win_msg(_("LDAP has been successfully initialized"))


def tools_adminpw(old_password, new_password):
    """
    Change admin password

    Keyword arguments:
        old_password
        new_password

    Returns:
        dict

    """
    # Validate password length
    if len(new_password) < 4:
        raise YunoHostError(22, _("Password is too short"))

    result = os.system('ldappasswd -h localhost -D cn=admin,dc=yunohost,dc=org -w "'+ old_password +'" -a "'+ old_password +'" -s "' + new_password + '"')

    if result == 0:
        win_msg(_("Admin password has been changed"))
    else:
        raise YunoHostError(22, _("Invalid password"))


def tools_maindomain(old_domain, new_domain):
    """
    Change admin password

    Keyword arguments:
        old_domain
        new_domain

    Returns:
        dict

    """
    if not old_domain:
        with open('/etc/yunohost/current_host', 'r') as f:
            old_domain = f.readline().rstrip()

    validate(r'^([a-zA-Z0-9]{1}([a-zA-Z0-9\-]*[a-zA-Z0-9])*)(\.[a-zA-Z0-9]{1}([a-zA-Z0-9\-]*[a-zA-Z0-9])*)*(\.[a-zA-Z]{1}([a-zA-Z0-9\-]*[a-zA-Z0-9])*)$', old_domain)

    config_files = [
        '/etc/prosody/conf.avail/localhost.cfg.lua',
        '/etc/postfix/main.cf',
        '/etc/dovecot/dovecot.conf',
        '/etc/lemonldap-ng/lemonldap-ng.ini',
        '/etc/hosts',
        '/usr/share/yunohost/yunohost-config/others/startup',
    ]

    config_dir = []

    for dir in config_dir:
        for file in os.listdir(dir):
            config_files.append(dir + '/' + file)

    for file in config_files:
        with open(file, "r") as sources:
            lines = sources.readlines()
        with open(file, "w") as sources:
            for line in lines:
                sources.write(re.sub(r''+ old_domain +'', new_domain, line))

    domain_add([new_domain], web=True)

    lemon_tmp_conf = '/tmp/tmplemonconf'
    if os.path.exists(lemon_tmp_conf): os.remove(lemon_tmp_conf)

    lemon_conf_lines = [
        "$tmp->{'domain'} = '"+ new_domain +"';", # Replace Lemon domain
        "$tmp->{'ldapBase'} = 'dc=yunohost,dc=org';", # Set ldap basedn
        "$tmp->{'portal'} = 'https://"+ new_domain +"/sso/';", # Set SSO url
        "$tmp->{'locationRules'}->{'"+ new_domain +"'}->{'(?#0ynh_admin)^/ynh_admin/'} = '$uid eq \"admin\"';
    ]

    with open(lemon_tmp_conf,'a') as lemon_conf:
        for line in lemon_conf_lines:
            lemon_conf.write(line + '\n')


    os.system('rm /etc/yunohost/apache/domains/' + old_domain + '.d/*.fixed.conf') # remove SSO apache conf dir from old domain conf (fail if postinstall)

    tmp = '/usr/share/yunohost/yunohost-config'

    command_list = [
        'cp /etc/yunohost/apache/templates/sso.fixed.conf   /etc/yunohost/apache/domains/' + new_domain + '.d/sso.fixed.conf', # add SSO apache conf dir to new domain conf
        'cp /etc/yunohost/apache/templates/admin.fixed.conf /etc/yunohost/apache/domains/' + new_domain + '.d/admin.fixed.conf',
        '/usr/share/lemonldap-ng/bin/lmYnhMoulinette',
        '/etc/init.d/hostname.sh',
        'echo "01" > '+ tmp +'/ssl/yunoCA/serial',
        'rm '+ tmp +'/ssl/yunoCA/index.txt',
        'touch '+ tmp +'/ssl/yunoCA/index.txt',
        'sed -i "s/' + old_domain + '/' + new_domain + '/g" '+ tmp +'/ssl/yunoCA/openssl.cnf',
        'openssl req -x509 -new -config '+ tmp +'/ssl/yunoCA/openssl.cnf -days 3650 -out '+ tmp +'/ssl/yunoCA/ca/cacert.pem -keyout '+ tmp +'/ssl/yunoCA/ca/cakey.pem -nodes -batch',
        'openssl req -new -config '+ tmp +'/ssl/yunoCA/openssl.cnf -days 730 -out '+ tmp +'/ssl/yunoCA/certs/yunohost_csr.pem -keyout '+ tmp +'/ssl/yunoCA/certs/yunohost_key.pem -nodes -batch',
        'openssl ca -config '+ tmp +'/ssl/yunoCA/openssl.cnf -days 730 -in '+ tmp +'/ssl/yunoCA/certs/yunohost_csr.pem -out '+ tmp +'/ssl/yunoCA/certs/yunohost_crt.pem -batch',
        'cp '+ tmp +'/ssl/yunoCA/ca/cacert.pem /etc/ssl/certs/ca-yunohost_crt.pem',
        'cp '+ tmp +'/ssl/yunoCA/certs/yunohost_key.pem /etc/ssl/private/',
        'cp '+ tmp +'/ssl/yunoCA/newcerts/01.pem /etc/ssl/certs/yunohost_crt.pem',
        'echo '+ new_domain +' > /etc/yunohost/current_host',
        'service apache2 restart',
        'service postfix restart'
    ]

    for command in command_list:
        if os.system(command) != 0:
            raise YunoHostError(17, _("There were a problem during domain changing"))

    win_msg(_("Main domain has been successfully changed"))


def tools_postinstall(domain, password):
    """
    Post-install configuration

    Keyword arguments:
        domain -- Main domain
        password -- New admin password

    Returns:
        dict

    """
    with YunoHostLDAP(password='yunohost') as yldap:
        try:
            with open('/etc/yunohost/installed') as f: pass
        except IOError:
            print('Installing YunoHost')
        else:
            raise YunoHostError(17, _("YunoHost is already installed"))

        # Initialize YunoHost LDAP base
        tools_ldapinit()

        # New domain config
        tools_maindomain(old_domain='yunohost.org', new_domain=domain)

        # Change LDAP admin password
        tools_adminpw(old_password='yunohost', new_password=password)

        os.system('touch /etc/yunohost/installed')

    win_msg(_("YunoHost has been successfully configured"))
Init function init :p 2012-10-23 17:28:35 +02:00			`# -- coding: utf-8 --`

Almost done postinstall 2012-10-26 15:26:50 +02:00			`import os`
			`import sys`
Init function init :p 2012-10-23 17:28:35 +02:00			`import yaml`
Almost done postinstall 2012-10-26 15:26:50 +02:00			`import re`
Finish post-install function 2012-10-27 17:06:43 +02:00			`import getpass`
No prompt at first install 2012-10-29 16:25:40 +01:00			`from yunohost import YunoHostError, YunoHostLDAP, validate, colorize, get_required_args, win_msg`
domain fix 2012-10-25 21:15:37 +02:00			`from yunohost_domain import domain_add`
Finish post-install function 2012-10-27 17:06:43 +02:00
move web config functions to yunohost_domain.py 2013-02-27 22:11:10 +01:00			`def tools_ldapinit():`
Finish post-install function 2012-10-27 17:06:43 +02:00			`"""`
			`Initialize YunoHost LDAP scheme`
Maindomain NPZE's modifs 2013-02-26 20:36:37 +01:00
			`Returns:`
Finish post-install function 2012-10-27 17:06:43 +02:00			`dict`

			`"""`
Pattern matching + asking + bugfixes 2012-11-09 18:04:15 +01:00			`with YunoHostLDAP() as yldap:`
Almost done postinstall 2012-10-26 15:26:50 +02:00
Maindomain NPZE's modifs 2013-02-26 20:36:37 +01:00			`with open('ldap_scheme.yml') as f:`
Pattern matching + asking + bugfixes 2012-11-09 18:04:15 +01:00			`ldap_map = yaml.load(f)`
Init function init :p 2012-10-23 17:28:35 +02:00
Pattern matching + asking + bugfixes 2012-11-09 18:04:15 +01:00			`for rdn, attr_dict in ldap_map['parents'].items():`
			`yldap.add(rdn, attr_dict)`
Init function without admin mod 2012-10-23 18:10:39 +02:00
Pattern matching + asking + bugfixes 2012-11-09 18:04:15 +01:00			`for rdn, attr_dict in ldap_map['childs'].items():`
			`yldap.add(rdn, attr_dict)`
Maindomain NPZE's modifs 2013-02-26 20:36:37 +01:00
Pattern matching + asking + bugfixes 2012-11-09 18:04:15 +01:00
			`admin_dict = {`
			`'cn': 'admin',`
			`'uid': 'admin',`
			`'description': 'LDAP Administrator',`
			`'gidNumber': '1007',`
			`'uidNumber': '1007',`
			`'homeDirectory': '/home/admin',`
			`'loginShell': '/bin/bash',`
			`'objectClass': ['organizationalRole', 'posixAccount', 'simpleSecurityObject']`
			`}`

			`yldap.update('cn=admin', admin_dict)`
Init function complete 2012-10-23 19:55:40 +02:00
Pretify postinstall 2012-10-29 16:06:46 +01:00			`win_msg(_("LDAP has been successfully initialized"))`
Almost done postinstall 2012-10-26 15:26:50 +02:00
Finish post-install function 2012-10-27 17:06:43 +02:00
Maindomain NPZE's modifs 2013-02-26 20:36:37 +01:00			`def tools_adminpw(old_password, new_password):`
Finish post-install function 2012-10-27 17:06:43 +02:00			`"""`
			`Change admin password`
Maindomain NPZE's modifs 2013-02-26 20:36:37 +01:00
Finish post-install function 2012-10-27 17:06:43 +02:00			`Keyword arguments:`
Tools functions with arguments in a namespace 2012-11-29 15:00:33 +01:00			`old_password`
			`new_password`
Maindomain NPZE's modifs 2013-02-26 20:36:37 +01:00
			`Returns:`
Finish post-install function 2012-10-27 17:06:43 +02:00			`dict`

			`"""`
Almost done postinstall 2012-10-26 15:26:50 +02:00			`# Validate password length`
Tools functions with arguments in a namespace 2012-11-29 15:00:33 +01:00			`if len(new_password) < 4:`
Almost done postinstall 2012-10-26 15:26:50 +02:00			`raise YunoHostError(22, _("Password is too short"))`

Tools functions with arguments in a namespace 2012-11-29 15:00:33 +01:00			`result = os.system('ldappasswd -h localhost -D cn=admin,dc=yunohost,dc=org -w "'+ old_password +'" -a "'+ old_password +'" -s "' + new_password + '"')`
Finish post-install function 2012-10-27 17:06:43 +02:00
adminpw function 2012-10-25 21:17:26 +02:00			`if result == 0:`
Pretify postinstall 2012-10-29 16:06:46 +01:00			`win_msg(_("Admin password has been changed"))`
adminpw function 2012-10-25 21:17:26 +02:00			`else:`
			`raise YunoHostError(22, _("Invalid password"))`
Finish post-install function 2012-10-27 17:06:43 +02:00

Maindomain NPZE's modifs 2013-02-26 20:36:37 +01:00			`def tools_maindomain(old_domain, new_domain):`
Finish post-install function 2012-10-27 17:06:43 +02:00			`"""`
			`Change admin password`
Maindomain NPZE's modifs 2013-02-26 20:36:37 +01:00
Finish post-install function 2012-10-27 17:06:43 +02:00			`Keyword arguments:`
Tools functions with arguments in a namespace 2012-11-29 15:00:33 +01:00			`old_domain`
			`new_domain`
Maindomain NPZE's modifs 2013-02-26 20:36:37 +01:00
			`Returns:`
Finish post-install function 2012-10-27 17:06:43 +02:00			`dict`

			`"""`
Tools functions with arguments in a namespace 2012-11-29 15:00:33 +01:00			`if not old_domain:`
Update yunohost_tools.py 2013-04-29 11:54:57 +02:00			`with open('/etc/yunohost/current_host', 'r') as f:`
Tools functions with arguments in a namespace 2012-11-29 15:00:33 +01:00			`old_domain = f.readline().rstrip()`
Finish post-install function 2012-10-27 17:06:43 +02:00
Tools functions with arguments in a namespace 2012-11-29 15:00:33 +01:00			`validate(r'^([a-zA-Z0-9]{1}([a-zA-Z0-9\-][a-zA-Z0-9]))(\.[a-zA-Z0-9]{1}([a-zA-Z0-9\-][a-zA-Z0-9]))(\.[a-zA-Z]{1}([a-zA-Z0-9\-][a-zA-Z0-9])*)$', old_domain)`
Almost done postinstall 2012-10-26 15:26:50 +02:00
			`config_files = [`
Update yunohost_tools.py 2013-04-26 14:47:09 +02:00			`'/etc/prosody/conf.avail/localhost.cfg.lua',`
Almost done postinstall 2012-10-26 15:26:50 +02:00			`'/etc/postfix/main.cf',`
Finish post-install function 2012-10-27 17:06:43 +02:00			`'/etc/dovecot/dovecot.conf',`
Almost done postinstall 2012-10-26 15:26:50 +02:00			`'/etc/lemonldap-ng/lemonldap-ng.ini',`
			`'/etc/hosts',`
Update yunohost_tools.py 2013-05-03 12:10:39 +02:00			`'/usr/share/yunohost/yunohost-config/others/startup',`
Almost done postinstall 2012-10-26 15:26:50 +02:00			`]`

Update yunohost_tools.py 2013-02-28 11:24:48 +01:00			`config_dir = []`
Almost done postinstall 2012-10-26 15:26:50 +02:00
			`for dir in config_dir:`
			`for file in os.listdir(dir):`
			`config_files.append(dir + '/' + file)`

			`for file in config_files:`
			`with open(file, "r") as sources:`
			`lines = sources.readlines()`
			`with open(file, "w") as sources:`
			`for line in lines:`
Tools functions with arguments in a namespace 2012-11-29 15:00:33 +01:00			`sources.write(re.sub(r''+ old_domain +'', new_domain, line))`
Almost done postinstall 2012-10-26 15:26:50 +02:00
move web config functions to yunohost_domain.py 2013-02-27 22:29:31 +01:00			`domain_add([new_domain], web=True)`
move web config functions to yunohost_domain.py 2013-02-27 22:11:10 +01:00
Maindomain NPZE's modifs 2013-02-26 20:36:37 +01:00			`lemon_tmp_conf = '/tmp/tmplemonconf'`
			`if os.path.exists(lemon_tmp_conf): os.remove(lemon_tmp_conf)`

			`lemon_conf_lines = [`
fail 2013-02-28 15:26:35 +01:00			`"$tmp->{'domain'} = '"+ new_domain +"';", # Replace Lemon domain`
Maindomain NPZE's modifs 2013-02-26 20:36:37 +01:00			`"$tmp->{'ldapBase'} = 'dc=yunohost,dc=org';", # Set ldap basedn`
			`"$tmp->{'portal'} = 'https://"+ new_domain +"/sso/';", # Set SSO url`
Update yunohost_tools.py 2013-06-01 10:40:28 +02:00			`"$tmp->{'locationRules'}->{'"+ new_domain +"'}->{'(?#0ynh_admin)^/ynh_admin/'} = '$uid eq \"admin\"';`
Maindomain NPZE's modifs 2013-02-26 20:36:37 +01:00			`]`

			`with open(lemon_tmp_conf,'a') as lemon_conf:`
			`for line in lemon_conf_lines:`
			`lemon_conf.write(line + '\n')`


Update yunohost_tools.py 2013-05-30 16:38:42 +02:00			`os.system('rm /etc/yunohost/apache/domains/' + old_domain + '.d/*.fixed.conf') # remove SSO apache conf dir from old domain conf (fail if postinstall)`
Maindomain NPZE's modifs 2013-02-26 20:36:37 +01:00
Finish post-install function 2012-10-27 17:06:43 +02:00			`tmp = '/usr/share/yunohost/yunohost-config'`
Refactoring 2013-02-28 12:03:51 +01:00
			`command_list = [`
Update yunohost_tools.py 2013-05-30 16:41:42 +02:00			`'cp /etc/yunohost/apache/templates/sso.fixed.conf /etc/yunohost/apache/domains/' + new_domain + '.d/sso.fixed.conf', # add SSO apache conf dir to new domain conf`
			`'cp /etc/yunohost/apache/templates/admin.fixed.conf /etc/yunohost/apache/domains/' + new_domain + '.d/admin.fixed.conf',`
Exec lmYnhMoulinette 2nd time 2013-02-28 14:18:10 +01:00			`'/usr/share/lemonldap-ng/bin/lmYnhMoulinette',`
Refactoring 2013-02-28 12:03:51 +01:00			`'/etc/init.d/hostname.sh',`
			`'echo "01" > '+ tmp +'/ssl/yunoCA/serial',`
			`'rm '+ tmp +'/ssl/yunoCA/index.txt',`
			`'touch '+ tmp +'/ssl/yunoCA/index.txt',`
			`'sed -i "s/' + old_domain + '/' + new_domain + '/g" '+ tmp +'/ssl/yunoCA/openssl.cnf',`
			`'openssl req -x509 -new -config '+ tmp +'/ssl/yunoCA/openssl.cnf -days 3650 -out '+ tmp +'/ssl/yunoCA/ca/cacert.pem -keyout '+ tmp +'/ssl/yunoCA/ca/cakey.pem -nodes -batch',`
			`'openssl req -new -config '+ tmp +'/ssl/yunoCA/openssl.cnf -days 730 -out '+ tmp +'/ssl/yunoCA/certs/yunohost_csr.pem -keyout '+ tmp +'/ssl/yunoCA/certs/yunohost_key.pem -nodes -batch',`
			`'openssl ca -config '+ tmp +'/ssl/yunoCA/openssl.cnf -days 730 -in '+ tmp +'/ssl/yunoCA/certs/yunohost_csr.pem -out '+ tmp +'/ssl/yunoCA/certs/yunohost_crt.pem -batch',`
			`'cp '+ tmp +'/ssl/yunoCA/ca/cacert.pem /etc/ssl/certs/ca-yunohost_crt.pem',`
			`'cp '+ tmp +'/ssl/yunoCA/certs/yunohost_key.pem /etc/ssl/private/',`
			`'cp '+ tmp +'/ssl/yunoCA/newcerts/01.pem /etc/ssl/certs/yunohost_crt.pem',`
Update yunohost_tools.py 2013-04-29 11:54:57 +02:00			`'echo '+ new_domain +' > /etc/yunohost/current_host',`
Refactoring 2013-02-28 12:03:51 +01:00			`'service apache2 restart',`
			`'service postfix restart'`
			`]`

			`for command in command_list:`
			`if os.system(command) != 0:`
			`raise YunoHostError(17, _("There were a problem during domain changing"))`

			`win_msg(_("Main domain has been successfully changed"))`
Finish post-install function 2012-10-27 17:06:43 +02:00
Almost done postinstall 2012-10-26 15:26:50 +02:00
Tools functions with arguments in a namespace 2012-11-29 15:00:33 +01:00			`def tools_postinstall(domain, password):`
Finish post-install function 2012-10-27 17:06:43 +02:00			`"""`
			`Post-install configuration`
Maindomain NPZE's modifs 2013-02-26 20:36:37 +01:00
Finish post-install function 2012-10-27 17:06:43 +02:00			`Keyword arguments:`
Tools functions with arguments in a namespace 2012-11-29 15:00:33 +01:00			`domain -- Main domain`
			`password -- New admin password`
Maindomain NPZE's modifs 2013-02-26 20:36:37 +01:00
			`Returns:`
Finish post-install function 2012-10-27 17:06:43 +02:00			`dict`

			`"""`
Pattern matching + asking + bugfixes 2012-11-09 18:04:15 +01:00			`with YunoHostLDAP(password='yunohost') as yldap:`
			`try:`
Update yunohost_tools.py 2013-05-03 12:10:39 +02:00			`with open('/etc/yunohost/installed') as f: pass`
Pattern matching + asking + bugfixes 2012-11-09 18:04:15 +01:00			`except IOError:`
			`print('Installing YunoHost')`
			`else:`
			`raise YunoHostError(17, _("YunoHost is already installed"))`
\o/ 2012-10-25 19:50:14 +02:00
Pattern matching + asking + bugfixes 2012-11-09 18:04:15 +01:00			`# Initialize YunoHost LDAP base`
move web config functions to yunohost_domain.py 2013-02-27 22:11:10 +01:00			`tools_ldapinit()`
Almost done postinstall 2012-10-26 15:26:50 +02:00
fails 2013-02-27 22:34:16 +01:00			`# New domain config`
			`tools_maindomain(old_domain='yunohost.org', new_domain=domain)`

Pattern matching + asking + bugfixes 2012-11-09 18:04:15 +01:00			`# Change LDAP admin password`
Tools functions with arguments in a namespace 2012-11-29 15:00:33 +01:00			`tools_adminpw(old_password='yunohost', new_password=password)`
Almost done postinstall 2012-10-26 15:26:50 +02:00
Update yunohost_tools.py 2013-05-03 12:10:39 +02:00			`os.system('touch /etc/yunohost/installed')`
Maindomain NPZE's modifs 2013-02-26 20:36:37 +01:00
Pretify postinstall 2012-10-29 16:06:46 +01:00			`win_msg(_("YunoHost has been successfully configured"))`