mirror of
https://github.com/YunoHost/moulinette.git
synced 2024-09-03 20:06:31 +02:00
Remove apache & lemon stuffs
This commit is contained in:
Kload
parent
4902c1d34d
commit
654eb0d99a
4 changed files with 13 additions and 168 deletions
|
|
@ -637,30 +637,3 @@ tools:
|
|||
--dyndns:
|
||||
help: Subscribe domain to a DynDNS service
|
||||
action: store_true
|
||||
|
||||
### tools_lemonrule()
|
||||
lemonrule:
|
||||
action_help: Add/remove LemonLDAP location rule
|
||||
api: PUT /lemonrule
|
||||
arguments:
|
||||
-k:
|
||||
full: --key
|
||||
help: Key of the rule to write to the configuration file (tuple)
|
||||
-v:
|
||||
full: --value
|
||||
help: Value of the rule to write to the configuration file
|
||||
-u:
|
||||
full: --url
|
||||
help: URL of the rule
|
||||
-p:
|
||||
full: --priority
|
||||
help: Priority of the rule
|
||||
-d:
|
||||
full: --delete
|
||||
help: Delete the rule
|
||||
action: store_true
|
||||
-a:
|
||||
full: --apply
|
||||
help: Apply the LemonLDAP configuration and reload Apache
|
||||
action: store_true
|
||||
|
||||
|
|
|
|||
|
|
@ -33,13 +33,10 @@ import time
|
|||
from yunohost import YunoHostError, YunoHostLDAP, win_msg, random_password, is_true
|
||||
from yunohost_domain import domain_list, domain_add
|
||||
from yunohost_user import user_info
|
||||
from yunohost_tools import tools_lemonrule
|
||||
|
||||
repo_path = '/var/cache/yunohost/repo'
|
||||
apps_path = '/usr/share/yunohost/apps'
|
||||
apps_setting_path= '/etc/yunohost/apps/'
|
||||
a2_settings_path = '/etc/yunohost/apache/domains'
|
||||
a2_template_path = '/etc/yunohost/apache/templates'
|
||||
install_tmp = '/tmp/yunohost/install'
|
||||
app_tmp_folder = install_tmp + '/from_file'
|
||||
|
||||
|
|
@ -303,8 +300,8 @@ def app_install(app, label=None):
|
|||
label
|
||||
|
||||
"""
|
||||
#TODO: Create tool for lemon
|
||||
#TODO: Create tool for apache (check path availability & stuff)
|
||||
#TODO: Create tool for ssowat
|
||||
#TODO: Create tool for nginx (check path availability & stuff)
|
||||
#TODO: Create tool for MySQL DB ?
|
||||
|
||||
with YunoHostLDAP() as yldap:
|
||||
|
|
@ -408,7 +405,7 @@ def app_addaccess(apps, users):
|
|||
apps
|
||||
|
||||
"""
|
||||
#TODO: fix that
|
||||
#TODO: Adapt to SSOwat
|
||||
if not isinstance(users, list): users = [users]
|
||||
if not isinstance(apps, list): apps = [apps]
|
||||
|
||||
|
|
@ -426,22 +423,19 @@ def app_addaccess(apps, users):
|
|||
new_users = ''
|
||||
|
||||
for allowed_user in users:
|
||||
if allowed_user not in new_users.split(' '):
|
||||
if allowed_user not in new_users.split(','):
|
||||
try:
|
||||
user_info(allowed_user)
|
||||
except YunoHostError:
|
||||
continue
|
||||
new_users = new_users +' '+ allowed_user
|
||||
new_users = new_users +','+ allowed_user
|
||||
|
||||
app_settings['allowed_users'] = new_users.strip()
|
||||
with open(apps_setting_path + app +'/settings.yml', 'w') as f:
|
||||
yaml.safe_dump(app_settings, f, default_flow_style=False)
|
||||
win_msg(_("App setting file updated"))
|
||||
|
||||
#TODO: create lemon tool
|
||||
tools_lemonrule(url=app_settings['domain']+app_settings['path'], value='grep( /^$uid$/, qw('+ new_users.strip() +'))')
|
||||
|
||||
tools_lemon(apply=True)
|
||||
#TODO: Regenerate SSOwat conf
|
||||
|
||||
|
||||
def app_removeaccess(apps, users):
|
||||
|
|
@ -453,7 +447,7 @@ def app_removeaccess(apps, users):
|
|||
apps
|
||||
|
||||
"""
|
||||
#TODO: fix that
|
||||
#TODO: Remove access
|
||||
if not isinstance(users, list): users = [users]
|
||||
if not isinstance(apps, list): apps = [apps]
|
||||
|
||||
|
|
@ -468,18 +462,16 @@ def app_removeaccess(apps, users):
|
|||
|
||||
if 'mode' in app_settings and app_settings['mode'] == 'private':
|
||||
if 'allowed_users' in app_settings:
|
||||
for allowed_user in app_settings['allowed_users'].split(' '):
|
||||
for allowed_user in app_settings['allowed_users'].split(','):
|
||||
if allowed_user not in users:
|
||||
new_users = new_users +' '+ allowed_user
|
||||
new_users = new_users +','+ allowed_user
|
||||
|
||||
app_settings['allowed_users'] = new_users.strip()
|
||||
with open(apps_setting_path + app +'/settings.yml', 'w') as f:
|
||||
yaml.safe_dump(app_settings, f, default_flow_style=False)
|
||||
win_msg(_("App setting file updated"))
|
||||
|
||||
tools_lemonrule(url=app_settings['domain']+app_settings['path'], value='grep( /^$uid$/, qw('+ new_users.strip() +'))')
|
||||
|
||||
tools_lemon(apply=True)
|
||||
#TODO: Regenerate SSOwat conf
|
||||
|
||||
|
||||
def _extract_app_from_file(path):
|
||||
|
|
|
|||
|
|
@ -30,7 +30,6 @@ import re
|
|||
import shutil
|
||||
from urllib import urlopen
|
||||
from yunohost import YunoHostError, YunoHostLDAP, win_msg, colorize, validate, get_required_args
|
||||
from yunohost_tools import tools_lemonrule
|
||||
|
||||
a2_template_path = '/etc/yunohost/apache/templates'
|
||||
a2_app_conf_path = '/etc/yunohost/apache/domains'
|
||||
|
|
@ -112,24 +111,6 @@ def domain_add(domains, raw=False, main=False):
|
|||
if os.system(command) != 0:
|
||||
raise YunoHostError(17, _("An error occurred during certificate generation"))
|
||||
|
||||
if not raw:
|
||||
lemonrules = [
|
||||
(('exportedHeaders', domain, 'Auth-User'), '$uid'),
|
||||
(('exportedHeaders', domain, 'Remote-User'), '$uid'),
|
||||
(('exportedHeaders', domain, 'Desc'), '$description'),
|
||||
(('exportedHeaders', domain, 'Email'), "(ref($mail) eq 'ARRAY' ? $mail[0] : $mail)"),
|
||||
(('exportedHeaders', domain, 'Name'), '$cn'),
|
||||
(('exportedHeaders', domain, 'Authorization'), '"Basic ".encode_base64("$uid:$_password")'),
|
||||
(('vhostOptions', domain, 'vhostMaintenance'), 0),
|
||||
(('vhostOptions', domain, 'vhostPort'), -1),
|
||||
(('vhostOptions', domain, 'vhostHttps'), -1),
|
||||
(('locationRules', domain, 'default'), 'accept')
|
||||
]
|
||||
for lemonrule in lemonrules:
|
||||
tools_lemonrule(*lemonrule)
|
||||
tools_lemonrule(apply=True)
|
||||
_apache_config(domain)
|
||||
|
||||
try:
|
||||
yldap.validate_uniqueness({ 'virtualdomain' : domain })
|
||||
except YunoHostError:
|
||||
|
|
@ -266,26 +247,3 @@ def domain_remove(domains):
|
|||
win_msg(_("Domain(s) successfully deleted"))
|
||||
|
||||
return { 'Domains' : result }
|
||||
|
||||
|
||||
def _apache_config(domain):
|
||||
"""
|
||||
Fill Apache configuration templates
|
||||
|
||||
Keyword arguments:
|
||||
domain -- Domain to configure Apache around
|
||||
|
||||
"""
|
||||
try: os.listdir(a2_app_conf_path +'/'+ domain +'.d/')
|
||||
except OSError: os.makedirs(a2_app_conf_path +'/'+ domain +'.d/')
|
||||
|
||||
with open(a2_app_conf_path +'/'+ domain +'.conf', 'w') as a2_conf:
|
||||
for line in open(a2_template_path +'/template.conf.tmp'):
|
||||
line = line.replace('[domain]',domain)
|
||||
a2_conf.write(line)
|
||||
|
||||
if os.system('service apache2 reload') == 0:
|
||||
win_msg(_("Apache configured"))
|
||||
else:
|
||||
raise YunoHostError(1, _("An error occured during Apache configuration"))
|
||||
|
||||
|
|
|
|||
|
|
@ -36,7 +36,6 @@ from yunohost_domain import domain_add
|
|||
from yunohost_dyndns import dyndns_subscribe
|
||||
from yunohost_backup import backup_init
|
||||
|
||||
lemon_tmp_conf = '/tmp/tmplemonconf'
|
||||
|
||||
def tools_ldapinit(password=None):
|
||||
"""
|
||||
|
|
@ -146,7 +145,6 @@ def tools_maindomain(old_domain, new_domain, dyndns=False):
|
|||
'/etc/postfix/main.cf',
|
||||
'/etc/metronome/metronome.cfg.lua',
|
||||
'/etc/dovecot/dovecot.conf',
|
||||
'/etc/lemonldap-ng/lemonldap-ng.ini',
|
||||
'/usr/share/yunohost/yunohost-config/others/startup',
|
||||
'/home/yunohost.backup/tahoe/tahoe.cfg'
|
||||
]
|
||||
|
|
@ -166,32 +164,18 @@ def tools_maindomain(old_domain, new_domain, dyndns=False):
|
|||
|
||||
domain_add([new_domain], raw=False, main=True)
|
||||
|
||||
tools_lemonrule('domain', new_domain) # Replace Lemon domain
|
||||
tools_lemonrule('ldapBase', 'dc=yunohost,dc=org') # Set ldap basedn
|
||||
tools_lemonrule('portal', 'https://'+ new_domain +'/sso/') # Set SSO url
|
||||
tools_lemonrule(url=new_domain+'/ynh-admin/', value='$uid eq "admin"')
|
||||
tools_lemonrule(url=new_domain+'/ynh-user/', value='$uid ne "admin"')
|
||||
# TODO: Generate SSOwat conf
|
||||
|
||||
if old_domain is 'yunohost.org':
|
||||
tools_lemonrule(url=old_domain+'/ynh-admin/', delete=True)
|
||||
tools_lemonrule(url=old_domain+'/ynh-user/', delete=True)
|
||||
|
||||
os.system('rm /etc/yunohost/apache/domains/' + old_domain + '.d/*.fixed.conf') # remove SSO apache conf dir from old domain conf (fail if postinstall)
|
||||
os.system('rm /etc/ssl/private/yunohost_key.pem')
|
||||
os.system('rm /etc/ssl/certs/yunohost_crt.pem')
|
||||
|
||||
command_list = [
|
||||
'cp /etc/yunohost/apache/templates/sso.fixed.conf /etc/yunohost/apache/domains/' + new_domain + '.d/sso.fixed.conf', # add SSO apache conf dir to new domain conf
|
||||
'cp /etc/yunohost/apache/templates/admin.fixed.conf /etc/yunohost/apache/domains/' + new_domain + '.d/admin.fixed.conf',
|
||||
'cp /etc/yunohost/apache/templates/user.fixed.conf /etc/yunohost/apache/domains/' + new_domain + '.d/user.fixed.conf',
|
||||
'/usr/share/lemonldap-ng/bin/lmYnhMoulinette',
|
||||
'echo "" > /tmp/tmplemonconf',
|
||||
'cp /etc/yunohost/certs/'+ new_domain +'/key.pem /etc/metronome/certs/yunohost_key.pem',
|
||||
'chown metronome: /etc/metronome/certs/yunohost_key.pem',
|
||||
'ln -s /etc/yunohost/certs/'+ new_domain +'/key.pem /etc/ssl/private/yunohost_key.pem',
|
||||
'ln -s /etc/yunohost/certs/'+ new_domain +'/crt.pem /etc/ssl/certs/yunohost_crt.pem',
|
||||
'echo '+ new_domain +' > /etc/yunohost/current_host',
|
||||
'service apache2 restart',
|
||||
'service nginx restart',
|
||||
'service metronome restart',
|
||||
'service postfix restart',
|
||||
'service dovecot restart',
|
||||
|
|
@ -210,6 +194,7 @@ def tools_maindomain(old_domain, new_domain, dyndns=False):
|
|||
dyndomain = '.'.join(new_domain.split('.')[1:])
|
||||
if dyndomain in dyndomains:
|
||||
dyndns_subscribe(domain=new_domain)
|
||||
os.system('yunohost dyndns update | at now + 2 minutes')
|
||||
|
||||
win_msg(_("Main domain has been successfully changed"))
|
||||
|
||||
|
|
@ -293,66 +278,3 @@ def tools_postinstall(domain, password, dyndns=False):
|
|||
os.system('service samba restart')
|
||||
|
||||
win_msg(_("YunoHost has been successfully configured"))
|
||||
|
||||
|
||||
def tools_lemonrule(key=None, value=None, url=None, priority=None, delete=False, apply=False):
|
||||
"""
|
||||
|
||||
"""
|
||||
conf_lines = []
|
||||
|
||||
if delete: line = "delete $tmp"
|
||||
else: line = "$tmp"
|
||||
|
||||
# locationRule formatter
|
||||
if url is not None:
|
||||
# Remove potential "http://" or "https://"
|
||||
if '://' in url:
|
||||
url = url[url.index('://') + 3:]
|
||||
|
||||
# Split domain and path properly
|
||||
if '/' in url:
|
||||
domain = url[:url.index('/')]
|
||||
path = url[url.index('/'):]
|
||||
if path[-1:] is not '/':
|
||||
path = path +'/'
|
||||
else:
|
||||
domain = url
|
||||
path = '/'
|
||||
|
||||
line = line +"->{'locationRules'}->{'"+ domain +"'}"
|
||||
if priority is not None:
|
||||
line = line +"->{'(?#"+ priority + domain +")^"+ path +"'}"
|
||||
else:
|
||||
line = line +"->{'(?#"+ domain +"Z)^"+ path +"'}"
|
||||
|
||||
# Free key formatter from tuple
|
||||
elif key is not None:
|
||||
if not isinstance(key, tuple): key = (key,)
|
||||
for level in key:
|
||||
line = line +"->{'"+ level +"'}"
|
||||
|
||||
if line != '$tmp':
|
||||
if value is None:
|
||||
line = line +';'
|
||||
elif isinstance(value, int):
|
||||
line = line +' = '+ str(value) +';'
|
||||
else:
|
||||
line = line +' = \''+ value +'\';'
|
||||
|
||||
# Write configuration
|
||||
with open(lemon_tmp_conf,'a+') as lemon_conf:
|
||||
lemon_conf.write(line + '\n')
|
||||
|
||||
# Apply & reload configuration
|
||||
if apply:
|
||||
os.system('chown www-data '+ lemon_tmp_conf)
|
||||
if os.system('/usr/share/lemonldap-ng/bin/lmYnhMoulinette') == 0:
|
||||
os.system('service apache2 reload')
|
||||
win_msg(_("LemonLDAP configured"))
|
||||
else:
|
||||
raise YunoHostError(1, _("An error occured during LemonLDAP configuration"))
|
||||
|
||||
os.system("echo '' > "+ lemon_tmp_conf)
|
||||
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue