Infra
/
lemur
5
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

fixing some pep8 issues (#764)

This commit is contained in:
kevgliss 2017-04-27 09:44:39 -07:00 committed by GitHub
parent 5fb6753445
commit ca9f120988
2 changed files with 21 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
lemur/plugins/lemur_linuxdst/plugin.py
View File

@ -4,7 +4,6 @@ from lemur.plugins.lemur_linuxdst import remote_host
class LinuxDstPlugin(DestinationPlugin): class LinuxDstPlugin(DestinationPlugin):
title = 'Linux Destination Plugin' title = 'Linux Destination Plugin'
slug = 'linux-destination' slug = 'linux-destination'
description = 'Allow the distribution of certificates to a Linux host' description = 'Allow the distribution of certificates to a Linux host'
@ -70,14 +69,15 @@ class LinuxDstPlugin(DestinationPlugin):
requires_key = False requires_key = False
def upload(self, name, body, private_key, cert_chain, options, **kwargs): def upload(self, name, body, private_key, cert_chain, options, **kwargs):
export_type = self.get_option('exportType', options) export_type = self.get_option('exportType', options)
dst_host = self.get_option('dstHost', options) dst_host = self.get_option('dstHost', options)
dst_host_port = self.get_option('dstPort', options) dst_host_port = self.get_option('dstPort', options)
dst_user = self.get_option('dstUser', options) dst_user = self.get_option('dstUser', options)
dst_priv = self.get_option('dstPriv', options) dst_priv = self.get_option('dstPriv', options)
dst_priv_key = self.get_option('dstPrivKey', options) dst_priv_key = self.get_option('dstPrivKey', options)
if dst_priv_key: if dst_priv_key:
dst_priv_key = None dst_priv_key = None
dst_dir = self.get_option('dstDir', options) dst_dir = self.get_option('dstDir', options)
remote_host.create_cert(name, dst_dir, export_type, dst_user, dst_priv, dst_priv_key, dst_host, int(dst_host_port)) remote_host.create_cert(name, dst_dir, export_type, dst_user, dst_priv, dst_priv_key, dst_host, int(dst_host_port))

30
lemur/plugins/lemur_linuxdst/remote_host.py
View File

@ -5,22 +5,24 @@ import stat
def copy_cert(cert_cn, dst_user, dst_priv, dst_priv_key, dst_host, dst_port, dst_dir, dst_file, dst_data): def copy_cert(cert_cn, dst_user, dst_priv, dst_priv_key, dst_host, dst_port, dst_dir, dst_file, dst_data):
ssh = paramiko.SSHClient() ssh = paramiko.SSHClient()
ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy()) ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
#include the private key password if required
# include the private key password if required
if dst_priv_key is None: if dst_priv_key is None:
priv_key = paramiko.RSAKey.from_private_key_file(dst_priv) priv_key = paramiko.RSAKey.from_private_key_file(dst_priv)
else: else:
priv_key = paramiko.RSAKey.from_private_key_file(dst_priv, dst_priv_key) priv_key = paramiko.RSAKey.from_private_key_file(dst_priv, dst_priv_key)
#open the sftp connection
# open the sftp connection
ssh.connect(dst_host, username=dst_user, port=dst_port, pkey=priv_key) ssh.connect(dst_host, username=dst_user, port=dst_port, pkey=priv_key)
sftp = ssh.open_sftp() sftp = ssh.open_sftp()
#make the directory on the desitination server
#files will be in a a folder based on the cert_cn # make the directory on the destination server
#example: # files will be in a a folder based on the cert_cn
#destination folder: /etc/nginx/certs/ # example:
#files will go in: /etc/nginx/certs/your.cn.com/cert.pem # destination folder: /etc/nginx/certs/
# files will go in: /etc/nginx/certs/your.cn.com/cert.pem
try: try:
sftp.mkdir(dst_dir) sftp.mkdir(dst_dir)
except IOError: except IOError:
@ -30,6 +32,7 @@ def copy_cert(cert_cn, dst_user, dst_priv, dst_priv_key, dst_host, dst_port, dst
sftp.mkdir(dst_dir_cn) sftp.mkdir(dst_dir_cn)
except IOError: except IOError:
pass pass
cert_out = sftp.open(dst_dir_cn + '/' + dst_file, 'w') cert_out = sftp.open(dst_dir_cn + '/' + dst_file, 'w')
cert_out.write(dst_data) cert_out.write(dst_data)
cert_out.close() cert_out.close()
@ -38,28 +41,33 @@ def copy_cert(cert_cn, dst_user, dst_priv, dst_priv_key, dst_host, dst_port, dst
def create_cert(name, dst_dir, export_type, dst_user, dst_priv, dst_priv_key, dst_host, dst_host_port): def create_cert(name, dst_dir, export_type, dst_user, dst_priv, dst_priv_key, dst_host, dst_host_port):
lem_cert = service.get_by_name(name) lem_cert = service.get_by_name(name)
dst_file = 'cert.pem' dst_file = 'cert.pem'
chain_req = False chain_req = False
if export_type == 'NGINX': if export_type == 'NGINX':
#This process will result in a cert.pem file with the body and chain in a single file # This process will result in a cert.pem file with the body and chain in a single file
if lem_cert.chain is None: if lem_cert.chain is None:
dst_data = lem_cert.body dst_data = lem_cert.body
else: else:
dst_data = lem_cert.body + '\n' + lem_cert.chain dst_data = lem_cert.body + '\n' + lem_cert.chain
chain_req = False chain_req = False
elif export_type == '3File': elif export_type == '3File':
#This process will results in three files. cert.pem, priv.key, chain.pem # This process will results in three files. cert.pem, priv.key, chain.pem
dst_data = lem_cert.body dst_data = lem_cert.body
chain_req = True chain_req = True
else: else:
dst_data = lem_cert.body dst_data = lem_cert.body
copy_cert(lem_cert.cn, dst_user, dst_priv, dst_priv_key, dst_host, dst_host_port, dst_dir, dst_file, dst_data) copy_cert(lem_cert.cn, dst_user, dst_priv, dst_priv_key, dst_host, dst_host_port, dst_dir, dst_file, dst_data)
if chain_req is True: if chain_req is True:
dst_file = 'chain.pem' dst_file = 'chain.pem'
dst_data = lem_cert.chain_req dst_data = lem_cert.chain_req
copy_cert(lem_cert.cn, dst_user, dst_priv, dst_priv_key, dst_host, dst_host_port, dst_dir, dst_file, dst_data) copy_cert(lem_cert.cn, dst_user, dst_priv, dst_priv_key, dst_host, dst_host_port, dst_dir, dst_file, dst_data)
dst_file = 'priv.key' dst_file = 'priv.key'
dst_data = lem_cert.private_key dst_data = lem_cert.private_key
copy_cert(lem_cert.cn, dst_user, dst_priv, dst_priv_key, dst_host, dst_host_port, dst_dir, dst_file, dst_data) copy_cert(lem_cert.cn, dst_user, dst_priv, dst_priv_key, dst_host, dst_host_port, dst_dir, dst_file, dst_data)