YunoHost/moulinette
1
0
Fork 0
mirror of https://github.com/YunoHost/moulinette.git synced 2024-09-03 20:06:31 +02:00
Code Issues Projects Releases Packages Wiki Activity

Remove apache & lemon stuffs

Browse source
This commit is contained in:
Kload 2013-10-17 09:38:55 +00:00
parent 4902c1d34d
commit 654eb0d99a
4 changed files with 13 additions and 168 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

27
action_map.yml
View file

@ -637,30 +637,3 @@ tools:
--dyndns: --dyndns:
help: Subscribe domain to a DynDNS service help: Subscribe domain to a DynDNS service
action: store_true action: store_true
### tools_lemonrule()
lemonrule:
action_help: Add/remove LemonLDAP location rule
api: PUT /lemonrule
arguments:
-k:
full: --key
help: Key of the rule to write to the configuration file (tuple)
-v:
full: --value
help: Value of the rule to write to the configuration file
-u:
full: --url
help: URL of the rule
-p:
full: --priority
help: Priority of the rule
-d:
full: --delete
help: Delete the rule
action: store_true
-a:
full: --apply
help: Apply the LemonLDAP configuration and reload Apache
action: store_true

28
yunohost_app.py
View file

@ -33,13 +33,10 @@ import time
from yunohost import YunoHostError, YunoHostLDAP, win_msg, random_password, is_true from yunohost import YunoHostError, YunoHostLDAP, win_msg, random_password, is_true
from yunohost_domain import domain_list, domain_add from yunohost_domain import domain_list, domain_add
from yunohost_user import user_info from yunohost_user import user_info
from yunohost_tools import tools_lemonrule
repo_path = '/var/cache/yunohost/repo' repo_path = '/var/cache/yunohost/repo'
apps_path = '/usr/share/yunohost/apps' apps_path = '/usr/share/yunohost/apps'
apps_setting_path= '/etc/yunohost/apps/' apps_setting_path= '/etc/yunohost/apps/'
a2_settings_path = '/etc/yunohost/apache/domains'
a2_template_path = '/etc/yunohost/apache/templates'
install_tmp = '/tmp/yunohost/install' install_tmp = '/tmp/yunohost/install'
app_tmp_folder = install_tmp + '/from_file' app_tmp_folder = install_tmp + '/from_file'
@ -303,8 +300,8 @@ def app_install(app, label=None):
label label
""" """
#TODO: Create tool for lemon #TODO: Create tool for ssowat
#TODO: Create tool for apache (check path availability & stuff) #TODO: Create tool for nginx (check path availability & stuff)
#TODO: Create tool for MySQL DB ? #TODO: Create tool for MySQL DB ?
with YunoHostLDAP() as yldap: with YunoHostLDAP() as yldap:
@ -408,7 +405,7 @@ def app_addaccess(apps, users):
apps apps
""" """
#TODO: fix that #TODO: Adapt to SSOwat
if not isinstance(users, list): users = [users] if not isinstance(users, list): users = [users]
if not isinstance(apps, list): apps = [apps] if not isinstance(apps, list): apps = [apps]
@ -426,22 +423,19 @@ def app_addaccess(apps, users):
new_users = '' new_users = ''
for allowed_user in users: for allowed_user in users:
if allowed_user not in new_users.split(' '): if allowed_user not in new_users.split(','):
try: try:
user_info(allowed_user) user_info(allowed_user)
except YunoHostError: except YunoHostError:
continue continue
new_users = new_users +' '+ allowed_user new_users = new_users +','+ allowed_user
app_settings['allowed_users'] = new_users.strip() app_settings['allowed_users'] = new_users.strip()
with open(apps_setting_path + app +'/settings.yml', 'w') as f: with open(apps_setting_path + app +'/settings.yml', 'w') as f:
yaml.safe_dump(app_settings, f, default_flow_style=False) yaml.safe_dump(app_settings, f, default_flow_style=False)
win_msg(_("App setting file updated")) win_msg(_("App setting file updated"))
#TODO: create lemon tool #TODO: Regenerate SSOwat conf
tools_lemonrule(url=app_settings['domain']+app_settings['path'], value='grep( /^$uid$/, qw('+ new_users.strip() +'))')
tools_lemon(apply=True)
def app_removeaccess(apps, users): def app_removeaccess(apps, users):
@ -453,7 +447,7 @@ def app_removeaccess(apps, users):
apps apps
""" """
#TODO: fix that #TODO: Remove access
if not isinstance(users, list): users = [users] if not isinstance(users, list): users = [users]
if not isinstance(apps, list): apps = [apps] if not isinstance(apps, list): apps = [apps]
@ -468,18 +462,16 @@ def app_removeaccess(apps, users):
if 'mode' in app_settings and app_settings['mode'] == 'private': if 'mode' in app_settings and app_settings['mode'] == 'private':
if 'allowed_users' in app_settings: if 'allowed_users' in app_settings:
for allowed_user in app_settings['allowed_users'].split(' '): for allowed_user in app_settings['allowed_users'].split(','):
if allowed_user not in users: if allowed_user not in users:
new_users = new_users +' '+ allowed_user new_users = new_users +','+ allowed_user
app_settings['allowed_users'] = new_users.strip() app_settings['allowed_users'] = new_users.strip()
with open(apps_setting_path + app +'/settings.yml', 'w') as f: with open(apps_setting_path + app +'/settings.yml', 'w') as f:
yaml.safe_dump(app_settings, f, default_flow_style=False) yaml.safe_dump(app_settings, f, default_flow_style=False)
win_msg(_("App setting file updated")) win_msg(_("App setting file updated"))
tools_lemonrule(url=app_settings['domain']+app_settings['path'], value='grep( /^$uid$/, qw('+ new_users.strip() +'))') #TODO: Regenerate SSOwat conf
tools_lemon(apply=True)
def _extract_app_from_file(path): def _extract_app_from_file(path):

42
yunohost_domain.py
View file

@ -30,7 +30,6 @@ import re
import shutil import shutil
from urllib import urlopen from urllib import urlopen
from yunohost import YunoHostError, YunoHostLDAP, win_msg, colorize, validate, get_required_args from yunohost import YunoHostError, YunoHostLDAP, win_msg, colorize, validate, get_required_args
from yunohost_tools import tools_lemonrule
a2_template_path = '/etc/yunohost/apache/templates' a2_template_path = '/etc/yunohost/apache/templates'
a2_app_conf_path = '/etc/yunohost/apache/domains' a2_app_conf_path = '/etc/yunohost/apache/domains'
@ -112,24 +111,6 @@ def domain_add(domains, raw=False, main=False):
if os.system(command) != 0: if os.system(command) != 0:
raise YunoHostError(17, _("An error occurred during certificate generation")) raise YunoHostError(17, _("An error occurred during certificate generation"))
if not raw:
lemonrules = [
(('exportedHeaders', domain, 'Auth-User'), '$uid'),
(('exportedHeaders', domain, 'Remote-User'), '$uid'),
(('exportedHeaders', domain, 'Desc'), '$description'),
(('exportedHeaders', domain, 'Email'), "(ref($mail) eq 'ARRAY' ? $mail[0] : $mail)"),
(('exportedHeaders', domain, 'Name'), '$cn'),
(('exportedHeaders', domain, 'Authorization'), '"Basic ".encode_base64("$uid:$_password")'),
(('vhostOptions', domain, 'vhostMaintenance'), 0),
(('vhostOptions', domain, 'vhostPort'), -1),
(('vhostOptions', domain, 'vhostHttps'), -1),
(('locationRules', domain, 'default'), 'accept')
]
for lemonrule in lemonrules:
tools_lemonrule(*lemonrule)
tools_lemonrule(apply=True)
_apache_config(domain)
try: try:
yldap.validate_uniqueness({ 'virtualdomain' : domain }) yldap.validate_uniqueness({ 'virtualdomain' : domain })
except YunoHostError: except YunoHostError:
@ -266,26 +247,3 @@ def domain_remove(domains):
win_msg(_("Domain(s) successfully deleted")) win_msg(_("Domain(s) successfully deleted"))
return { 'Domains' : result } return { 'Domains' : result }
def _apache_config(domain):
"""
Fill Apache configuration templates
Keyword arguments:
domain -- Domain to configure Apache around
"""
try: os.listdir(a2_app_conf_path +'/'+ domain +'.d/')
except OSError: os.makedirs(a2_app_conf_path +'/'+ domain +'.d/')
with open(a2_app_conf_path +'/'+ domain +'.conf', 'w') as a2_conf:
for line in open(a2_template_path +'/template.conf.tmp'):
line = line.replace('[domain]',domain)
a2_conf.write(line)
if os.system('service apache2 reload') == 0:
win_msg(_("Apache configured"))
else:
raise YunoHostError(1, _("An error occured during Apache configuration"))

84
yunohost_tools.py
View file

@ -36,7 +36,6 @@ from yunohost_domain import domain_add
from yunohost_dyndns import dyndns_subscribe from yunohost_dyndns import dyndns_subscribe
from yunohost_backup import backup_init from yunohost_backup import backup_init
lemon_tmp_conf = '/tmp/tmplemonconf'
def tools_ldapinit(password=None): def tools_ldapinit(password=None):
""" """
@ -146,7 +145,6 @@ def tools_maindomain(old_domain, new_domain, dyndns=False):
'/etc/postfix/main.cf', '/etc/postfix/main.cf',
'/etc/metronome/metronome.cfg.lua', '/etc/metronome/metronome.cfg.lua',
'/etc/dovecot/dovecot.conf', '/etc/dovecot/dovecot.conf',
'/etc/lemonldap-ng/lemonldap-ng.ini',
'/usr/share/yunohost/yunohost-config/others/startup', '/usr/share/yunohost/yunohost-config/others/startup',
'/home/yunohost.backup/tahoe/tahoe.cfg' '/home/yunohost.backup/tahoe/tahoe.cfg'
] ]
@ -166,32 +164,18 @@ def tools_maindomain(old_domain, new_domain, dyndns=False):
domain_add([new_domain], raw=False, main=True) domain_add([new_domain], raw=False, main=True)
tools_lemonrule('domain', new_domain) # Replace Lemon domain # TODO: Generate SSOwat conf
tools_lemonrule('ldapBase', 'dc=yunohost,dc=org') # Set ldap basedn
tools_lemonrule('portal', 'https://'+ new_domain +'/sso/') # Set SSO url
tools_lemonrule(url=new_domain+'/ynh-admin/', value='$uid eq "admin"')
tools_lemonrule(url=new_domain+'/ynh-user/', value='$uid ne "admin"')
if old_domain is 'yunohost.org':
tools_lemonrule(url=old_domain+'/ynh-admin/', delete=True)
tools_lemonrule(url=old_domain+'/ynh-user/', delete=True)
os.system('rm /etc/yunohost/apache/domains/' + old_domain + '.d/*.fixed.conf') # remove SSO apache conf dir from old domain conf (fail if postinstall)
os.system('rm /etc/ssl/private/yunohost_key.pem') os.system('rm /etc/ssl/private/yunohost_key.pem')
os.system('rm /etc/ssl/certs/yunohost_crt.pem') os.system('rm /etc/ssl/certs/yunohost_crt.pem')
command_list = [ command_list = [
'cp /etc/yunohost/apache/templates/sso.fixed.conf /etc/yunohost/apache/domains/' + new_domain + '.d/sso.fixed.conf', # add SSO apache conf dir to new domain conf
'cp /etc/yunohost/apache/templates/admin.fixed.conf /etc/yunohost/apache/domains/' + new_domain + '.d/admin.fixed.conf',
'cp /etc/yunohost/apache/templates/user.fixed.conf /etc/yunohost/apache/domains/' + new_domain + '.d/user.fixed.conf',
'/usr/share/lemonldap-ng/bin/lmYnhMoulinette',
'echo "" > /tmp/tmplemonconf',
'cp /etc/yunohost/certs/'+ new_domain +'/key.pem /etc/metronome/certs/yunohost_key.pem', 'cp /etc/yunohost/certs/'+ new_domain +'/key.pem /etc/metronome/certs/yunohost_key.pem',
'chown metronome: /etc/metronome/certs/yunohost_key.pem', 'chown metronome: /etc/metronome/certs/yunohost_key.pem',
'ln -s /etc/yunohost/certs/'+ new_domain +'/key.pem /etc/ssl/private/yunohost_key.pem', 'ln -s /etc/yunohost/certs/'+ new_domain +'/key.pem /etc/ssl/private/yunohost_key.pem',
'ln -s /etc/yunohost/certs/'+ new_domain +'/crt.pem /etc/ssl/certs/yunohost_crt.pem', 'ln -s /etc/yunohost/certs/'+ new_domain +'/crt.pem /etc/ssl/certs/yunohost_crt.pem',
'echo '+ new_domain +' > /etc/yunohost/current_host', 'echo '+ new_domain +' > /etc/yunohost/current_host',
'service apache2 restart', 'service nginx restart',
'service metronome restart', 'service metronome restart',
'service postfix restart', 'service postfix restart',
'service dovecot restart', 'service dovecot restart',
@ -210,6 +194,7 @@ def tools_maindomain(old_domain, new_domain, dyndns=False):
dyndomain = '.'.join(new_domain.split('.')[1:]) dyndomain = '.'.join(new_domain.split('.')[1:])
if dyndomain in dyndomains: if dyndomain in dyndomains:
dyndns_subscribe(domain=new_domain) dyndns_subscribe(domain=new_domain)
os.system('yunohost dyndns update | at now + 2 minutes')
win_msg(_("Main domain has been successfully changed")) win_msg(_("Main domain has been successfully changed"))
@ -293,66 +278,3 @@ def tools_postinstall(domain, password, dyndns=False):
os.system('service samba restart') os.system('service samba restart')
win_msg(_("YunoHost has been successfully configured")) win_msg(_("YunoHost has been successfully configured"))
def tools_lemonrule(key=None, value=None, url=None, priority=None, delete=False, apply=False):
"""
"""
conf_lines = []
if delete: line = "delete $tmp"
else: line = "$tmp"
# locationRule formatter
if url is not None:
# Remove potential "http://" or "https://"
if '://' in url:
url = url[url.index('://') + 3:]
# Split domain and path properly
if '/' in url:
domain = url[:url.index('/')]
path = url[url.index('/'):]
if path[-1:] is not '/':
path = path +'/'
else:
domain = url
path = '/'
line = line +"->{'locationRules'}->{'"+ domain +"'}"
if priority is not None:
line = line +"->{'(?#"+ priority + domain +")^"+ path +"'}"
else:
line = line +"->{'(?#"+ domain +"Z)^"+ path +"'}"
# Free key formatter from tuple
elif key is not None:
if not isinstance(key, tuple): key = (key,)
for level in key:
line = line +"->{'"+ level +"'}"
if line != '$tmp':
if value is None:
line = line +';'
elif isinstance(value, int):
line = line +' = '+ str(value) +';'
else:
line = line +' = \''+ value +'\';'
# Write configuration
with open(lemon_tmp_conf,'a+') as lemon_conf:
lemon_conf.write(line + '\n')
# Apply & reload configuration
if apply:
os.system('chown www-data '+ lemon_tmp_conf)
if os.system('/usr/share/lemonldap-ng/bin/lmYnhMoulinette') == 0:
os.system('service apache2 reload')
win_msg(_("LemonLDAP configured"))
else:
raise YunoHostError(1, _("An error occured during LemonLDAP configuration"))
os.system("echo '' > "+ lemon_tmp_conf)