Infra/cucchiaiata
9
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Compare commits

base: Infra:pkg/dev/risotto-risotto-2.8.0/0.0.1-9
Branches Tags
Infra:master Infra:develop Infra:dist/risotto/risotto-2.8.0/develop Infra:dist/risotto/risotto-2.7.1/develop
Infra:pkg/dev/risotto-risotto-2.8.0/0.0.1-15 Infra:pkg/dev/risotto-risotto-2.8.0/0.0.1-14 Infra:pkg/dev/risotto-risotto-2.8.0/0.0.1-13 Infra:pkg/dev/risotto-risotto-2.8.0/0.0.1-12 Infra:pkg/dev/risotto-risotto-2.8.0/0.0.1-11 Infra:pkg/dev/risotto-risotto-2.8.0/0.0.1-10 Infra:pkg/dev/risotto-risotto-2.8.0/0.0.1-9 Infra:pkg/dev/risotto-risotto-2.8.0/0.0.1-8 Infra:pkg/dev/risotto-risotto-2.8.0/0.0.1-7 Infra:pkg/dev/risotto-risotto-2.8.0/0.0.1-6 Infra:pkg/dev/risotto-risotto-2.8.0/0.0.1-5 Infra:pkg/dev/risotto-risotto-2.8.0/0.0.1-4 Infra:pkg/dev/risotto-risotto-2.8.0/0.0.1-3 Infra:pkg/dev/risotto-risotto-2.8.0/0.0.1-2 Infra:pkg/dev/risotto-risotto-2.8.0/0.0.1-1 Infra:pkg/dev/risotto-risotto-2.8.0/0.0.1-0 Infra:pkg/dev/risotto-risotto-2.7.1/0.0.1-1 Infra:pkg/dev/risotto-risotto-2.7.1/0.0.1-0 Infra:release/0.0.1
...
compare: Infra:develop
Branches Tags
Infra:develop Infra:dist/risotto/risotto-2.8.0/develop Infra:dist/risotto/risotto-2.7.1/develop Infra:master
Infra:pkg/dev/risotto-risotto-2.8.0/0.0.1-15 Infra:pkg/dev/risotto-risotto-2.8.0/0.0.1-14 Infra:pkg/dev/risotto-risotto-2.8.0/0.0.1-13 Infra:pkg/dev/risotto-risotto-2.8.0/0.0.1-12 Infra:pkg/dev/risotto-risotto-2.8.0/0.0.1-11 Infra:pkg/dev/risotto-risotto-2.8.0/0.0.1-10 Infra:pkg/dev/risotto-risotto-2.8.0/0.0.1-9 Infra:pkg/dev/risotto-risotto-2.8.0/0.0.1-8 Infra:pkg/dev/risotto-risotto-2.8.0/0.0.1-7 Infra:pkg/dev/risotto-risotto-2.8.0/0.0.1-6 Infra:pkg/dev/risotto-risotto-2.8.0/0.0.1-5 Infra:pkg/dev/risotto-risotto-2.8.0/0.0.1-4 Infra:pkg/dev/risotto-risotto-2.8.0/0.0.1-3 Infra:pkg/dev/risotto-risotto-2.8.0/0.0.1-2 Infra:pkg/dev/risotto-risotto-2.8.0/0.0.1-1 Infra:pkg/dev/risotto-risotto-2.8.0/0.0.1-0 Infra:pkg/dev/risotto-risotto-2.7.1/0.0.1-1 Infra:pkg/dev/risotto-risotto-2.7.1/0.0.1-0 Infra:release/0.0.1

9 Commits
pkg/dev/ri ... develop

Author SHA1 Message Date
Emmanuel Garette
1f5a371c38 add role to nsd.cadoles.com 2021-05-24 09:06:43 +02:00
Emmanuel Garette
c6aed1043d force config_file creation if not exists 2021-05-24 08:38:05 +02:00
Emmanuel Garette
c52586c570 nsd and unbound dataset 2021-05-23 21:39:44 +02:00
Emmanuel Garette
05af5b14ba add ouputter 2021-05-22 18:07:09 +02:00
Emmanuel Garette
addb90f6c3 update dataset 2021-05-18 19:04:24 +02:00
Emmanuel Garette
e961491e54 host.network => network 2021-05-16 06:59:19 +02:00
Emmanuel Garette
97f3250e2e memory is Mb size 2021-05-11 08:20:03 +02:00
Emmanuel Garette
9cf64d8238 cucchiaiata improvment 2021-04-26 17:57:31 +02:00
Emmanuel Garette
1b5ef5021e error is in json format 2021-04-24 12:57:07 +02:00
10 changed files with 240 additions and 85 deletions
Expand all files Collapse all files

55
provisioning.yaml
View File

@ -2,13 +2,13 @@ zones:
- name: internet - name: internet
settings: settings:
configuration: configuration:
network: 192.168.0.0/24
host: host:
network: 192.168.1.0/24 start: 192.168.0.150
start: 192.168.1.10 stop: 192.168.0.200
stop: 192.168.1.100 dns: [192.168.0.1]
dns: [192.168.1.2] vlan_id: 0
vlan_id: 192 gateway: 192.168.0.1
gateway: 192.168.1.254
clusters: clusters:
- name: hapy.ac-test.fr - name: hapy.ac-test.fr
@ -33,27 +33,12 @@ servermodels:
unbound_allowed_client_cidr: 192.168.1.0/24 unbound_allowed_client_cidr: 192.168.1.0/24
reseau: reseau:
unbound_route_address: 192.168.1.254 unbound_route_address: 192.168.1.254
unbound:
unbound_zone_cadoles_com:
hostname_cadoles_com:
hostname_cadoles_com:
- toto
- titi
ip_cadoles_com:
- index: 0
value: 192.168.1.25
type_cadoles_com:
- index: 1
value: CNAME
cname_cadoles_com:
- index: 1
value: toto.cadoles.com
- name: aca - name: aca
applicationservices: [openssh-server] applicationservices: [openssh-server]
settings: settings:
configuration: configuration:
serveur_ssh: ssh_server:
ssh_allow_networks: admin.cadoles.com ssh_allow_cidr: 192.168.0.0/24
children: children:
- name: etb1 - name: etb1
children: children:
@ -61,8 +46,21 @@ servermodels:
other_parents: [unbound] other_parents: [unbound]
settings: settings:
configuration: configuration:
reseau: unbound:
unbound_domain_name: dns.cadoles.com unbound_zone_cadoles_com:
hostname_cadoles_com:
hostname_cadoles_com:
- toto
- titi
ip_cadoles_com:
- index: 0
value: 192.168.1.25
type_cadoles_com:
- index: 1
value: CNAME
cname_cadoles_com:
- index: 1
value: toto.cadoles.com
organizations: organizations:
- name: cadoles.com - name: cadoles.com
@ -71,16 +69,13 @@ organizations:
zones: [internet] zones: [internet]
servers: servers:
- name: dns.cadoles.com - name: dns.cadoles.com
cluster: cluster.cadoles.com cluster: hapy.ac-test.fr
zones: [internet] zones: [internet]
servermodel: unbound_etab1 servermodel: unbound_etab1
settings: settings:
configuration:
reseau:
unbound_ip_address_cidr: 192.168.1.2/24
opennebula: opennebula:
cpu: 0.2 cpu: 0.2
vcpu: 2 vcpu: 2
memory: 2 memory: 2048
- name: etab2 - name: etab2
zones: [internet] zones: [internet]

58
provisioning_example.sh
View File

@ -25,6 +25,10 @@ cucchiaiata-cli v1.user.role.create --user_login gnunux \
--role_name 'server_rw' \ --role_name 'server_rw' \
--role_attribute 'Server.ServerName' \ --role_attribute 'Server.ServerName' \
--role_attribute_value dns.cadoles.com --role_attribute_value dns.cadoles.com
cucchiaiata-cli v1.user.role.create --user_login gnunux \
--role_name 'server_rw' \
--role_attribute 'Server.ServerName' \
--role_attribute_value nsd.cadoles.com
# Zone # Zone
# +~~~~~~~~~~+ # +~~~~~~~~~~+
@ -34,12 +38,12 @@ cucchiaiata-cli v1.user.role.create --user_login gnunux \
cucchiaiata-cli v1.infra.zone.create --zone_name internet cucchiaiata-cli v1.infra.zone.create --zone_name internet
# zone configuration # zone configuration
S=$(get_id "cucchiaiata-cli v1.setting.session.zone.start --zone_name internet") S=$(get_id "cucchiaiata-cli v1.setting.session.zone.start --zone_name internet")
cucchiaiata-cli v1.setting.session.configure --session_id "$S" --configuration.host.network "192.168.1.0/24" \ cucchiaiata-cli v1.setting.session.configure --session_id "$S" --configuration.network "192.168.0.0/24" \
--configuration.host.start "192.168.1.10" \ --configuration.host.start "192.168.0.150" \
--configuration.host.stop "192.168.1.100" \ --configuration.host.stop "192.168.0.200" \
--configuration.dns 192.168.1.2 \ --configuration.dns 192.168.0.1 \
--configuration.vlan_id 192 \ --configuration.vlan_id 0 \
--configuration.gateway 192.168.1.254 --configuration.gateway 192.168.0.1
cucchiaiata-cli v1.setting.session.validate --session_id $S cucchiaiata-cli v1.setting.session.validate --session_id $S
cucchiaiata-cli v1.setting.session.stop --session_id "$S" --save cucchiaiata-cli v1.setting.session.stop --session_id "$S" --save
@ -59,7 +63,7 @@ cucchiaiata-cli v1.infra.cluster.node.create --node_name node1.cadoles.com \
# configuration # configuration
S=$(get_id "cucchiaiata-cli v1.setting.session.cluster.start --cluster_name hapy.ac-test.fr") S=$(get_id "cucchiaiata-cli v1.setting.session.cluster.start --cluster_name hapy.ac-test.fr")
cucchiaiata-cli v1.setting.session.configure --session_id "$S" --configuration.virtual_ip "192.168.1.1" cucchiaiata-cli v1.setting.session.configure --session_id "$S" --configuration.virtual_ip "192.168.0.115"
# FIXME endpoint == https://<cluster_name>/RPC2 # FIXME endpoint == https://<cluster_name>/RPC2
cucchiaiata-cli v1.setting.session.configure --session_id "$S" --configuration.opennebula.one_user "eoleone" cucchiaiata-cli v1.setting.session.configure --session_id "$S" --configuration.opennebula.one_user "eoleone"
cucchiaiata-cli v1.setting.session.configure --session_id "$S" --configuration.opennebula.one_password "eole" cucchiaiata-cli v1.setting.session.configure --session_id "$S" --configuration.opennebula.one_password "eole"
@ -96,29 +100,24 @@ cucchiaiata-cli v1.setting.servermodel.create --servermodel_name unbound --appli
cucchiaiata-cli v1.setting.servermodel.create --servermodel_name aca --applicationservices_name openssh-server cucchiaiata-cli v1.setting.servermodel.create --servermodel_name aca --applicationservices_name openssh-server
cucchiaiata-cli v1.setting.servermodel.create --servermodel_name etab1 --parents_name aca cucchiaiata-cli v1.setting.servermodel.create --servermodel_name etab1 --parents_name aca
cucchiaiata-cli v1.setting.servermodel.create --servermodel_name unbound_etab1 --parents_name etab1 unbound cucchiaiata-cli v1.setting.servermodel.create --servermodel_name unbound_etab1 --parents_name etab1 unbound
cucchiaiata-cli v1.setting.servermodel.create --servermodel_name nsd_etab1 --parents_name etab1 --applicationservices_name nsd
# configuration # configuration
# Servermodel ACA # Servermodel ACA
S=$(get_id "cucchiaiata-cli v1.setting.session.servermodel.start --servermodel_name aca") S=$(get_id "cucchiaiata-cli v1.setting.session.servermodel.start --servermodel_name aca")
cucchiaiata-cli v1.setting.session.configure --session_id "$S" --configuration.serveur_ssh.ssh_allow_networks admin.cadoles.com cucchiaiata-cli v1.setting.session.configure --session_id "$S" --configuration.ssh_server.ssh_allow_cidr 192.168.0.0/24
cucchiaiata-cli v1.setting.session.stop --session_id "$S" --save cucchiaiata-cli v1.setting.session.stop --session_id "$S" --save
# Servermodel unbound # Servermodel unbound
S=$(get_id "cucchiaiata-cli v1.setting.session.servermodel.start --servermodel_name unbound") S=$(get_id "cucchiaiata-cli v1.setting.session.servermodel.start --servermodel_name unbound")
cucchiaiata-cli v1.setting.session.configure --session_id "$S" --configuration.serveur_dns.unbound_local_zones cadoles.com \ cucchiaiata-cli v1.setting.session.configure --session_id "$S" --configuration.dns_resolver.unbound_allowed_client_cidr 192.168.0.0/24
--configuration.reseau.unbound_route_address 192.168.1.254 \
--configuration.serveur_dns.unbound_allowed_client_cidr 192.168.1.0/24
cucchiaiata-cli v1.setting.session.filter --session_id "$S" --namespace unbound
cucchiaiata-cli v1.setting.session.configure --session_id "$S" --unbound.unbound_zone_cadoles_com.hostname_cadoles_com.hostname_cadoles_com toto titi \
--unbound.unbound_zone_cadoles_com.hostname_cadoles_com.ip_cadoles_com 0 192.168.1.25 \
--unbound.unbound_zone_cadoles_com.hostname_cadoles_com.type_cadoles_com 1 CNAME \
--unbound.unbound_zone_cadoles_com.hostname_cadoles_com.cname_cadoles_com 1 toto.cadoles.com
cucchiaiata-cli v1.setting.session.stop --session_id "$S" --save cucchiaiata-cli v1.setting.session.stop --session_id "$S" --save
# Servermodel unbound_etab1 # Servermodel unbound_etab1
S=$(get_id "cucchiaiata-cli v1.setting.session.servermodel.start --servermodel_name unbound_etab1") S=$(get_id "cucchiaiata-cli v1.setting.session.servermodel.start --servermodel_name unbound_etab1")
cucchiaiata-cli v1.setting.session.configure --session_id "$S" --configuration.reseau.unbound_domain_name dns.cadoles.com cucchiaiata-cli v1.setting.session.configure --session_id "$S" --configuration.dns_resolver.unbound_forward_zones.unbound_forward_zones cadoles.com \
--configuration.dns_resolver.unbound_forward_zones.unbound_forward_addresses 0 192.168.0.151
cucchiaiata-cli v1.setting.session.stop --session_id "$S" --save cucchiaiata-cli v1.setting.session.stop --session_id "$S" --save
# Server # Server
@ -135,14 +134,31 @@ cucchiaiata-cli v1.infra.server.create --server_name dns.cadoles.com \
--cluster_name hapy.ac-test.fr \ --cluster_name hapy.ac-test.fr \
--zones_name internet \ --zones_name internet \
--servermodel_name unbound_etab1 --servermodel_name unbound_etab1
cucchiaiata-cli v1.infra.server.create --server_name nsd.cadoles.com \
--site_name etab1 \
--cluster_name hapy.ac-test.fr \
--zones_name internet \
--servermodel_name nsd_etab1
# configuration # configuration
sleep 1 sleep 1
S=$(get_id "cucchiaiata-cli v1.setting.session.server.start --server nsd.cadoles.com")
#FIXME IP en dure ?
cucchiaiata-cli v1.setting.session.configure --session_id "$S" --configuration.dns_server.nsd_allowed_client_cidr 192.168.0.150/32 \
--configuration.dns_zone.nsd_zones cadoles.com
cucchiaiata-cli v1.setting.session.filter --session_id "$S" --namespace nsd
cucchiaiata-cli v1.setting.session.configure --session_id "$S" --nsd.nsd_zone_cadoles_com.hostname_cadoles_com.hostname_cadoles_com toto titi \
--nsd.nsd_zone_cadoles_com.hostname_cadoles_com.ip_cadoles_com 0 192.168.0.25 \
--nsd.nsd_zone_cadoles_com.hostname_cadoles_com.type_cadoles_com 1 CNAME \
--nsd.nsd_zone_cadoles_com.hostname_cadoles_com.cname_cadoles_com 1 toto.cadoles.com
cucchiaiata-cli v1.setting.session.validate --session_id $S
cucchiaiata-cli v1.setting.session.stop --session_id "$S" --save
S=$(get_id "cucchiaiata-cli v1.setting.session.server.start --server dns.cadoles.com") S=$(get_id "cucchiaiata-cli v1.setting.session.server.start --server dns.cadoles.com")
cucchiaiata-cli v1.setting.session.configure --session_id "$S" --configuration.reseau.unbound_ip_address_cidr 192.168.1.2/24 cucchiaiata-cli v1.setting.session.configure --session_id "$S" --configuration.dns_resolver.unbound_default_forwards 192.168.0.1
cucchiaiata-cli v1.setting.session.configure --session_id "$S" --configuration.dns_resolver.unbound_local_authority "nsd.cadoles.com"
cucchiaiata-cli v1.setting.session.filter --session_id "$S" --namespace opennebula cucchiaiata-cli v1.setting.session.filter --session_id "$S" --namespace opennebula
cucchiaiata-cli v1.setting.session.configure --session_id "$S" --opennebula.cpu 0.2 \ cucchiaiata-cli v1.setting.session.configure --session_id "$S" --opennebula.cpu 0.2 \
--opennebula.vcpu 2 \ --opennebula.vcpu 2
--opennebula.memory 2
cucchiaiata-cli v1.setting.session.validate --session_id $S cucchiaiata-cli v1.setting.session.validate --session_id $S
cucchiaiata-cli v1.setting.session.stop --session_id "$S" --save cucchiaiata-cli v1.setting.session.stop --session_id "$S" --save
@ -153,6 +169,6 @@ cucchiaiata-cli v1.setting.session.stop --session_id "$S" --save
# Generate configuration # Generate configuration
cucchiaiata-cli v1.infra.cluster.deploy --cluster_name hapy.ac-test.fr cucchiaiata-cli v1.infra.cluster.deploy --cluster_name hapy.ac-test.fr
cucchiaiata-cli v1.infra.zone.deploy --zone_name internet cucchiaiata-cli v1.infra.zone.deploy --zone_name internet
cucchiaiata-cli v1.infra.server.deploy --server_name nsd.cadoles.com
cucchiaiata-cli v1.infra.server.deploy --server_name dns.cadoles.com cucchiaiata-cli v1.infra.server.deploy --server_name dns.cadoles.com
echo "fin" echo "fin"

27
scripts/cucchiaiata-cli
View File

@ -1,23 +1,42 @@
#!/usr/bin/python3 #!/usr/bin/python3
"""Zephir-cmd-input script """Zephir-cmd-input script
""" """
from os import environ
from sys import exit, argv from sys import exit, argv
from json import dumps
from traceback import print_exc from traceback import print_exc
from cucchiaiata import Parser, config, Configuration from json import dumps
from cucchiaiata import Parser, config, Configuration, JsonError
from cucchiaiata.i18n import _ from cucchiaiata.i18n import _
from cucchiaiata.output.interactive import get as interactive_get
from cucchiaiata.output.json import get as json_get
def main(): def main():
dico = {'interactive': interactive_get,
'json': json_get,
}
default_outputs = ','.join(dico.keys())
outputs = [dico[output] for output in environ.get('RISOTTO_OUTPUT', default_outputs).split(',')]
try: try:
if len(argv) > 2 and argv[1] == 'v1.setting.session.configure': if len(argv) > 2 and argv[1] == 'v1.setting.session.configure':
Configuration().get() Configuration().get()
else: else:
parser = Parser() parser = Parser()
print(dumps(parser.get(), message = parser.remote_config.option('message').value.get()
indent=config.indent)) for output in outputs:
func = output(message)
if func:
func(parser.get(),
config,
)
break
except KeyboardInterrupt: except KeyboardInterrupt:
pass pass
except JsonError as err:
print(dumps(err.message,
indent=config.indent),
)
exit(1)
except Exception as err: except Exception as err:
if config.debug: if config.debug:
print_exc() print_exc()

33
scripts/cucchiaiata-import
View File

@ -5,8 +5,9 @@ from sys import exit, argv
from yaml import load, SafeLoader, YAMLError from yaml import load, SafeLoader, YAMLError
from time import sleep from time import sleep
from os.path import isfile from os.path import isfile
from json import dumps
from cucchiaiata import Configuration from cucchiaiata import Configuration, JsonError, config
from cucchiaiata.common import Common from cucchiaiata.common import Common
from cucchiaiata.i18n import _ from cucchiaiata.i18n import _
@ -43,13 +44,13 @@ class Import(Common):
'cluster', 'cluster',
cluster, cluster,
zone_name=cluster['zone'], zone_name=cluster['zone'],
zones_name=cluster['zones'],
) )
for node in cluster.get('nodes', []): for node in cluster.get('nodes', []):
self.configuration('infra', self.configuration('infra',
'cluster.node', 'cluster.node',
node, node,
cluster_name=cluster['name'], cluster_name=cluster['name'],
zones_name=node['zones'],
) )
self.send('v1.infra.cluster.deploy', self.send('v1.infra.cluster.deploy',
cluster_name=cluster['name'], cluster_name=cluster['name'],
@ -99,9 +100,12 @@ class Import(Common):
if 'settings' in dico: if 'settings' in dico:
#FIXME #FIXME
sleep(1) sleep(1)
self.apply_settings(element, try:
dico, self.apply_settings(element,
) dico,
)
except JsonError as err:
raise Exception(f'unable to configure {element} "{dico["name"]}": {err.message["reason"]}')
def apply_settings(self, def apply_settings(self,
element: str, element: str,
@ -138,10 +142,10 @@ class Import(Common):
value = [value] value = [value]
tiramisu.option(key).value.set(value) tiramisu.option(key).value.set(value)
except ValueError as err: except ValueError as err:
print(_(f'error when setting "{domain}" "{dico["name"]}": "{key}" with value "{value}": {err}')) print(_(f'error when setting "{element}" "{dico["name"]}": "{key}" with value "{value}": {err}'))
exit(1) exit(1)
except Exception as err: except Exception as err:
print(_(f'unexpected error when setting "{domain}" "{dico["name"]}": "{key}" with value "{value}": {err}')) print(_(f'unexpected error when setting "{element}" "{dico["name"]}": "{key}" with value "{value}": {err}'))
exit(1) exit(1)
self.send_configuration(tiramisu, self.send_configuration(tiramisu,
session_id, session_id,
@ -215,7 +219,14 @@ if __name__ == "__main__":
print(_(f'usage: {argv[0]} filename.yaml')) print(_(f'usage: {argv[0]} filename.yaml'))
exit(1) exit(1)
imp = Import(argv[1]) imp = Import(argv[1])
imp.parse_zones() try:
imp.parse_clusters() imp.parse_zones()
imp.parse_servermodels() imp.parse_clusters()
imp.parse_organizations() imp.parse_servermodels()
imp.parse_organizations()
except JsonError as err:
print(err.message['reason'])
exit(1)
except Exception as err:
print(err)
exit(1)

2
setup.py
View File

@ -3,6 +3,6 @@ from setuptools import setup, find_packages
setup( setup(
name='cucchiaiata', name='cucchiaiata',
version='0.1', version='0.1',
packages=['cucchiaiata' ], packages=['cucchiaiata', 'cucchiaiata.output'],
package_dir={"": "src"}, package_dir={"": "src"},
) )

3
src/cucchiaiata/__init__.py
View File

@ -1,6 +1,7 @@
from .parser import Parser from .parser import Parser
from .configuration import Configuration from .configuration import Configuration
from .config import config from .config import config
from .common import JsonError
__all__ = ('Parser', 'config') __all__ = ('Parser', 'config', 'Configuration', 'JsonError')
__version__ = "0.0.1" __version__ = "0.0.1"

47
src/cucchiaiata/common.py
View File

@ -1,11 +1,14 @@
from os import environ
from os.path import isfile from os.path import isfile
from requests import get, post from requests import get, post
from json import dumps from json import dumps
from typing import Dict from typing import Dict
from .config import config
from tiramisu_api import Config from tiramisu_api import Config
from .config import config
from .i18n import _
if config.allow_insecure_https: if config.allow_insecure_https:
import warnings import warnings
@ -13,15 +16,14 @@ if config.allow_insecure_https:
warnings.simplefilter('ignore', InsecureRequestWarning) warnings.simplefilter('ignore', InsecureRequestWarning)
class JsonError(Exception):
pass
class Common: class Common:
def __init__(self): def __init__(self):
self.cucchiaiata_config = config self.cucchiaiata_config = config
def get_token(self):
if isfile(self.cucchiaiata_config.token_file):
return open(self.cucchiaiata_config.token_file).read()
return ''
def get_error_from_http(self, def get_error_from_http(self,
req): req):
try: try:
@ -36,8 +38,7 @@ class Common:
config_type=Config, config_type=Config,
): ):
"retrieves the remote config from the distant api description" "retrieves the remote config from the distant api description"
token = self.get_token() headers = get_headers()
headers = {'Authorization':'Bearer {}'.format(token)}
req = get(url, req = get(url,
headers=headers, headers=headers,
verify=config.allow_insecure_https, verify=config.allow_insecure_https,
@ -78,12 +79,22 @@ class Common:
self.send('v1.setting.session.validate', self.send('v1.setting.session.validate',
session_id=session_id, session_id=session_id,
) )
except Exception as err: except JsonError as err:
self.send('v1.setting.session.stop', self.send('v1.setting.session.stop',
session_id=session_id, session_id=session_id,
) )
print(_(f'error when validate setting to "{name}" "{dico["name"]}": {err}')) raise err from err
exit(1)
def get_headers():
headers = {}
if isfile(config.token_file):
with open(config.token_file) as token_file:
token = token_file.read()
headers['Authorization'] = f'Bearer {token}'
if 'FORCE_RISOTTO_USER' in environ:
headers['username'] = environ['FORCE_RISOTTO_USER']
return headers
def send_data(uri: str, def send_data(uri: str,
@ -96,12 +107,14 @@ def send_data(uri: str,
) )
ret = post(final_url, ret = post(final_url,
data=dumps(payload), data=dumps(payload),
headers=get_headers(),
verify=config.allow_insecure_https) verify=config.allow_insecure_https)
if ret.status_code != 200: try:
response = ret.json()
except:
raise Exception(ret.text) raise Exception(ret.text)
response = ret.json() if response['type'] == 'error':
if 'error' in response: err = JsonError()
if 'reason' in response['error']['kwargs']: err.message = response['response']
raise Exception("{}".format(response['error']['kwargs']['reason'])) raise err
raise Exception('erreur inconnue')
return response['response'] return response['response']

0
src/cucchiaiata/output/__init__.py Normal file
View File

90
src/cucchiaiata/output/interactive.py Normal file
View File

@ -0,0 +1,90 @@
from paramiko.config import SSHConfig
from os.path import expandvars, isdir, isfile, join
from os import open as os_open, write, close, truncate, makedirs, O_WRONLY, O_CREAT
def setting_pki_openssh_client(dico, config):
config_dir = expandvars('$HOME/.ssh')
config_file = join(config_dir, 'config')
identityfile = join(expandvars('$HOME/.ssh'), f'risotto_{dico["organization_name"]}')
known_hosts = expandvars('$HOME/.ssh/known_hosts')
hostname = f'*.{dico["organization_name"]}'
new_data = {'identityfile': [identityfile],
'stricthostkeychecking': 'yes',
'hostname': hostname,
'user': dico['cn'],
}
ssh = SSHConfig()
if isfile(config_file):
ssh.parse(open(config_file))
if hostname not in ssh.get_hostnames():
print(f'\n\nIl faudrait ajouter dans le fichier "{config_file}" :')
print(f'Host {hostname}')
for key, value in new_data.items():
if key == 'hostname':
continue
print(f' {key} {value}')
print('\n')
else:
current_data = dict(ssh.lookup(hostname))
if current_data != new_data:
current = set(current_data)
new = set(new_data)
add = new - current
modify = [key for key in new if key in current and current_data[key] != new_data[key]]
if add or modify:
print(f'\n\nModifications suggérées de la section "Host {hostname}" du fichier "{config_file}" :')
for line in add:
value = new_data[line]
if isinstance(value, list):
value = ','.join(value)
print(f' - ajouter "{line} {value}"')
for line in modify:
value = new_data[line]
if isinstance(value, list):
value = ','.join(value)
print(f' - modifier "{line} {current_data[line]}" en "{line} {value}"')
print('\n')
else:
if not isdir(config_dir):
makedirs(config_dir, 0o700)
fh = os_open(config_file, O_WRONLY | O_CREAT, 0o400)
truncate(fh, 0)
write(fh, f'Host {hostname}\n'.encode())
for key, value in new_data.items():
if key == 'hostname':
continue
if isinstance(value, list):
value = ','.join(value)
write(fh, f' {key} {value}\n'.encode())
close(fh)
fh = os_open(f'{identityfile}.pub', O_WRONLY | O_CREAT, 0o400)
truncate(fh, 0)
write(fh, dico['certificate'].encode())
write(fh, b'\n')
close(fh)
if 'private_key' in dico:
fh = os_open(identityfile, O_WRONLY | O_CREAT, 0o400)
truncate(fh, 0)
write(fh, dico['private_key'].encode())
write(fh, b'\n')
close(fh, )
content = [f'@cert-authority *.cadoles.com {dico["chain"]}']
if isfile(known_hosts):
with open(known_hosts) as fh:
old = fh.read().strip()
for line in old.split('\n'):
if line.startswith(f'@cert-authority {hostname} '):
continue
content.append(line)
fh = os_open(known_hosts, O_WRONLY | O_CREAT, 0o400)
truncate(fh, 0)
for line in content:
write(fh, f'{line}\n'.encode())
close(fh)
print('Certificat mise à jour')
def get(message):
if message == 'v1.setting.pki.openssh.client.get':
return setting_pki_openssh_client

10
src/cucchiaiata/output/json.py Normal file
View File

@ -0,0 +1,10 @@
from json import dumps
def print_json(dico, config):
indent = config.indent
print(dumps(dico, indent = indent))
def get(message):
return print_json