diff --git a/action_map.yml b/action_map.yml index cb921a27..9a1df261 100644 --- a/action_map.yml +++ b/action_map.yml @@ -443,6 +443,24 @@ tools: connections: - ldap + ### tools_adminpw() + adminpw: + action_help: Change admin password + arguments: + -o: + full: --old-password + -n: + full: --new-password + + ### tools_maindomain() + maindomain: + action_help: Main domain change tool + arguments: + -o: + full: --old-domain + -n: + full: --new-domain + ### tools_postinstall() postinstall: action_help: YunoHost post-install diff --git a/yunohost_tools.py b/yunohost_tools.py index 4c4ae8d5..ce0d9457 100644 --- a/yunohost_tools.py +++ b/yunohost_tools.py @@ -4,13 +4,24 @@ import os import sys import yaml import re +import getpass from yunohost import validate, colorize, get_required_args + def tools_ldapinit(args, connections): + """ + Initialize YunoHost LDAP scheme + + Keyword arguments: + args + connections + + Returns: + dict + + """ yldap = connections['ldap'] - # TODO: Check if LDAP is already initialized - with open('ldap_scheme.yml') as f: ldap_map = yaml.load(f) @@ -35,17 +46,61 @@ def tools_ldapinit(args, connections): return { 'Success' : _("LDAP has been successfully initialized") } -def tools_adminpw(args, connections): #FIX + +def tools_adminpw(args): + """ + Change admin password + + Keyword arguments: + args + + Returns: + dict + + """ + if not args['old']: + args['old'] = getpass.getpass(colorize('Actual admin password: ', 'cyan')) + + if not args['new']: + args['new'] = getpass.getpass(colorize('New admin password: ', 'cyan')) + pwd2 = getpass.getpass(colorize('Retype new password: ', 'cyan')) + if args['new'] != pwd2: + raise YunoHostError(22, _("Passwords doesn't match")) + # Validate password length if len(args['new']) < 4: raise YunoHostError(22, _("Password is too short")) - print args -def tools_maindomain(args): #FIX - validate({ args['new'] : r'^([a-zA-Z0-9]{1}([a-zA-Z0-9\-]*[a-zA-Z0-9])*)(\.[a-zA-Z0-9]{1}([a-zA-Z0-9\-]*[a-zA-Z0-9])*)*(\.[a-zA-Z]{1}([a-zA-Z0-9\-]*[a-zA-Z0-9])*)$' }) + os.system('ldappasswd -h localhost -D cn=admin,dc=yunohost,dc=org -w "'+ args['old'] +'" -a "'+ args['old'] +'" -s "' + args['new'] + '"') + + return { 'Success' : _("Admin password has been changed") } + + +def tools_maindomain(args): + """ + Change admin password + + Keyword arguments: + args + + Returns: + dict + + """ + args = get_required_args(args, {'new' : _('New main domain name')) + + if not args['old']: + with open('/usr/share/yunohost/yunohost-config/others/current_host', 'r') as f: + args['old'] = f.readline() + + validate({ + args['new'] : r'^([a-zA-Z0-9]{1}([a-zA-Z0-9\-]*[a-zA-Z0-9])*)(\.[a-zA-Z0-9]{1}([a-zA-Z0-9\-]*[a-zA-Z0-9])*)*(\.[a-zA-Z]{1}([a-zA-Z0-9\-]*[a-zA-Z0-9])*)$', + args['old'] : r'^([a-zA-Z0-9]{1}([a-zA-Z0-9\-]*[a-zA-Z0-9])*)(\.[a-zA-Z0-9]{1}([a-zA-Z0-9\-]*[a-zA-Z0-9])*)*(\.[a-zA-Z]{1}([a-zA-Z0-9\-]*[a-zA-Z0-9])*)$' + }) config_files = [ '/etc/postfix/main.cf', + '/etc/dovecot/dovecot.conf', '/etc/mailname', '/etc/ejabberd/ejabberd.cfg', '/etc/lemonldap-ng/lemonldap-ng.ini', @@ -66,23 +121,63 @@ def tools_maindomain(args): #FIX lines = sources.readlines() with open(file, "w") as sources: for line in lines: - sources.write(re.sub(r'yunohost.org', args['domain'], line)) + sources.write(re.sub(r''+ args['old'] +'', args['new'], line)) os.system('/etc/init.d/hostname.sh') - # TODO: Regenerate certificate - return { 'Success' : _("YunoHost main domain has been successfully configured") } + + # Regenerate certificate + tmp = '/usr/share/yunohost/yunohost-config' + os.system('echo "01" > '+ tmp +'/ssl/yunoCA/serial') + os.system('rm '+ tmp +'/ssl/yunoCA/index.txt') + os.system('touch '+ tmp +'/ssl/yunoCA/index.txt') + os.system('sed -i "s/' + args['old'] + '/' + args['new'] + '/g" '+ tmp +'/ssl/yunoCA/openssl.cnf') + os.system('openssl req -x509 -new -config '+ tmp +'/ssl/yunoCA/openssl.cnf -days 3650 -out '+ tmp +'/ssl/yunoCA/ca/cacert.pem -keyout '+ tmp +'/ssl/yunoCA/ca/cakey.pem -nodes -batch') + os.system('openssl req -new -config '+ tmp +'/ssl/yunoCA/openssl.cnf -days 730 -out '+ tmp +'/ssl/yunoCA/certs/yunohost_csr.pem -keyout '+ tmp +'/ssl/yunoCA/certs/yunohost_key.pem -nodes -batch') + os.system('openssl ca -config '+ tmp +'/ssl/yunoCA/openssl.cnf -days 730 -in '+ tmp +'/ssl/yunoCA/certs/yunohost_csr.pem -out '+ tmp +'/ssl/yunoCA/certs/yunohost_crt.pem -batch') + os.system('cp '+ tmp +'/ssl/yunoCA/ca/cacert.pem /etc/ssl/certs/ca-yunohost_crt.pem') + os.system('cp '+ tmp +'/ssl/yunoCA/certs/yunohost_key.pem /etc/ssl/private/') + os.system('cp '+ tmp +'/ssl/yunoCA/newcerts/01.pem /etc/ssl/certs/yunohost_crt.pem') + os.system('cp '+ tmp +'/ssl/yunoCA/newcerts/01.pem /etc/ejabberd/ejabberd.pem') + os.system('echo '+ args['new'] +' > /usr/share/yunohost/yunohost-config/others/current_host') + + # Restart services + os.system('/etc/init.d/apache2 restart') + os.system('/etc/init.d/postfix restart') + os.system('/etc/init.d/ejabberd restart') + + return { 'Success' : _("YunoHost main domain has been successfully changed") } + def tools_postinstall(args, connections): + """ + Post-install configuration + + Keyword arguments: + args + connection + + Returns: + dict - args = get_required_args(args, {'domain' : _('Domain name'), 'password' : _('Admin new password') }, True) + """ + args = get_required_args(args, {'domain' : _('Main domain name'), 'password' : _('New admin password') }, True) + + try: + with open('/usr/share/yunohost/yunohost-config/others/installed') as f: pass + except IOError: + print 'Installing YunoHost' + else: + raise YunoHostError(17, _("YunoHost is already installed") # Initialize YunoHost LDAP base - #tools_ldapinit(None, connections) + tools_ldapinit(None, connections) # Change LDAP admin password - #tools_adminpw({ 'old' : 'yunohost', 'new' : args['password']}) + tools_adminpw({ 'old' : 'yunohost', 'new' : args['password']}) # New domain config - #tools_maindomain({ 'old' : 'yunohost.org', 'new' : args['domain']}) + tools_maindomain({ 'old' : 'yunohost.org', 'new' : args['domain']}) + + os.system('touch /usr/share/yunohost/yunohost-config/others/installed') return { 'Success' : _("YunoHost has been successfully configured") }