Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
import textwrap
from django.utils.translation import ugettext_lazy as _
from orchestra.contrib.orchestration import ServiceController, replace
from orchestra.contrib.resources import ServiceMonitor
from . import settings
class MySQLController(ServiceController):
"""
Simple backend for creating MySQL databases using <tt>CREATE DATABASE</tt> statement.
"""
verbose_name = "MySQL database"
model = 'databases.Database'
default_route_match = "database.type == 'mysql'"
doc_settings = (settings,
('DATABASES_DEFAULT_HOST',)
)
def save(self, database):
if database.type != database.MYSQL:
return
context = self.get_context(database)
# Not available on delete()
context['owner'] = database.owner
import os
import textwrap
from collections import OrderedDict
from django.template import Template, Context
from django.utils.translation import ugettext_lazy as _
from orchestra.contrib.orchestration import ServiceController
from . import WebAppServiceMixin
from .. import settings, utils
class PHPController(WebAppServiceMixin, ServiceController):
"""
PHP support for apache-mod-fcgid and php-fpm.
It handles switching between these two PHP process management systemes.
"""
MERGE = settings.WEBAPPS_MERGE_PHP_WEBAPPS
verbose_name = _("PHP FPM/FCGID")
default_route_match = "webapp.type.endswith('php')"
doc_settings = (settings, (
'WEBAPPS_MERGE_PHP_WEBAPPS',
'WEBAPPS_FPM_DEFAULT_MAX_CHILDREN',
'WEBAPPS_PHP_CGI_BINARY_PATH',
'WEBAPPS_PHP_CGI_RC_DIR',
'WEBAPPS_PHP_CGI_INI_SCAN_DIR',
'WEBAPPS_FCGID_CMD_OPTIONS_PATH',
'WEBAPPS_PHPFPM_POOL_PATH',
import fnmatch
import os
import textwrap
from django.utils.translation import ugettext_lazy as _
from orchestra.contrib.orchestration import ServiceController, replace
from orchestra.contrib.resources import ServiceMonitor
from . import settings
class UNIXUserController(ServiceController):
"""
Basic UNIX system user/group support based on <tt>useradd</tt>, <tt>usermod</tt>, <tt>userdel</tt> and <tt>groupdel</tt>.
Autodetects and uses ACL if available, for better permission management.
"""
verbose_name = _("UNIX user")
model = 'systemusers.SystemUser'
actions = ('save', 'delete', 'set_permission', 'validate_paths_exist', 'create_link')
doc_settings = (settings, (
'SYSTEMUSERS_DEFAULT_GROUP_MEMBERS',
'SYSTEMUSERS_MOVE_ON_DELETE_PATH',
'SYSTEMUSERS_FORBIDDEN_PATHS'
))
def save(self, user):
context = self.get_context(user)
if not context['user']:
import os
import textwrap
from django.utils.translation import ugettext_lazy as _
from orchestra.contrib.orchestration import ServiceController, replace
from .. import settings
from . import WebAppServiceMixin
# Based on https://github.com/mtomic/wordpress-install/blob/master/wpinstall.php
class WordPressController(WebAppServiceMixin, ServiceController):
"""
Installs the latest version of WordPress available on www.wordpress.org
It fully configures the wp-config.php (keys included) and sets up the database with initial admin password.
"""
verbose_name = _("Wordpress")
model = 'webapps.WebApp'
default_route_match = "webapp.type == 'wordpress-php'"
script_executable = '/usr/bin/php'
doc_settings = (settings,
('WEBAPPS_DEFAULT_MYSQL_DATABASE_HOST',)
)
def prepare(self):
self.append(textwrap.dedent("""\
# Create and compile orchestra sieve filtering
su - %(user)s --shell /bin/bash << 'EOF'
mkdir -p $(dirname "%(filtering_path)s")
cat << ' EOF' > %(filtering_path)s
%(filtering)s
EOF
sievec %(filtering_path)s
EOF
""") % context
)
else:
self.append("echo '' > %(filtering_path)s" % context)
self.append('chown %(user)s:%(group)s %(filtering_path)s' % context)
class UNIXUserMaildirController(SieveFilteringMixin, ServiceController):
"""
Assumes that all system users on this servers all mail accounts.
If you want to have system users AND mailboxes on the same server you should consider using virtual mailboxes.
Supports quota allocation via <tt>resources.disk.allocated</tt>.
"""
SHELL = '/dev/null'
verbose_name = _("UNIX maildir user")
model = 'mailboxes.Mailbox'
def save(self, mailbox):
context = self.get_context(mailbox)
self.append(textwrap.dedent("""
# Update/create %(user)s user state
if id %(user)s ; then
old_password=$(getent shadow %(user)s | cut -d':' -f2)
import json
import requests
from django.utils.translation import ugettext_lazy as _
from orchestra.contrib.orchestration import ServiceController
from .. import settings
class GitLabSaaSController(ServiceController):
verbose_name = _("GitLab SaaS")
model = 'saas.SaaS'
default_route_match = "saas.service == 'gitlab'"
serialize = True
actions = ('save', 'delete', 'validate_creation')
doc_settings = (settings,
('SAAS_GITLAB_DOMAIN', 'SAAS_GITLAB_ROOT_PASSWORD', 'SAAS_GITLAB_VERIFY_SSL'),
)
verify = settings.SAAS_GITLAB_VERIFY_SSL
def get_base_url(self):
return 'https://%s/api/v3' % settings.SAAS_GITLAB_DOMAIN
def get_user_url(self, saas):
user_id = saas.data['user_id']
return self.get_base_url() + '/users/%i' % user_id
import crypt
import os
import textwrap
from urllib.parse import urlparse
from django.utils.translation import ugettext_lazy as _
from orchestra.contrib.orchestration import ServiceController
from orchestra.utils.python import random_ascii
from . import ApacheTrafficByHost
from .. import settings
class DokuWikiMuController(ServiceController):
"""
Creates a DokuWiki site on a DokuWiki multisite installation.
"""
name = 'dokuwiki'
verbose_name = _("DokuWiki multisite")
model = 'saas.SaaS'
default_route_match = "saas.service == 'dokuwiki'"
doc_settings = (settings, (
'SAAS_DOKUWIKI_TEMPLATE_PATH',
'SAAS_DOKUWIKI_FARM_PATH',
'SAAS_DOKUWIKI_USER',
'SAAS_DOKUWIKI_GROUP',
))
def save(self, saas):
context = self.get_context(saas)
import os
import textwrap
from django.utils.translation import ugettext_lazy as _
from orchestra.contrib.orchestration import ServiceController, replace
from .. import settings
class DrupalMuController(ServiceController):
"""
Creates a Drupal site on a Drupal multisite installation
"""
verbose_name = _("Drupal multisite")
model = 'saas.SaaS'
default_route_match = "saas.service == 'drupal'"
doc_settings = (settings,
('SAAS_DRUPAL_SITES_PATH',)
)
def save(self, webapp):
context = self.get_context(webapp)
# TODO set password
self.append(textwrap.dedent("""\
mkdir %(drupal_path)s
chown -R www-data %(drupal_path)s
import os
import textwrap
from django.utils.translation import ugettext_lazy as _
from orchestra.contrib.orchestration import ServiceController
from .. import settings
class WebalizerController(ServiceController):
"""
Creates webalizer conf file for each time a webalizer webapp is mounted on a website.
"""
verbose_name = _("Webalizer Content")
model = 'websites.Content'
default_route_match = "content.webapp.type == 'webalizer'"
doc_settings = (settings,
('WEBSITES_WEBALIZER_PATH',)
)
def save(self, content):
context = self.get_context(content)
self.append(textwrap.dedent("""\
mkdir -p %(webalizer_path)s
if [[ ! -e %(webalizer_path)s/index.html ]]; then
echo 'Webstats are coming soon' > %(webalizer_path)s/index.html
context = self.get_context(content)
self.append(textwrap.dedent("""\
mysql %(db_name)s -e 'UPDATE wp_options
SET option_value="http:"
WHERE option_id IN (1, 2);'
""") % context
)
def get_context(self, content):
return {
'url': content.get_absolute_url(),
'db_name': content.webapp.data.get('db_name'),
}
class WordPressForceSSLController(ServiceController):
""" sets FORCE_SSL_ADMIN to true when website supports HTTPS """
verbose_name = "WordPress Force SSL"
model = 'websites.Content'
related_models = (
('websites.Website', 'content_set'),
)
default_route_match = "content.webapp.type == 'wordpress-php'"
def save(self, content):
context = self.get_context(content)
site = content.website
if site.protocol in (site.HTTP_AND_HTTPS, site.HTTPS_ONLY, site.HTTPS):
self.append(textwrap.dedent("""
if [[ ! $(grep FORCE_SSL_ADMIN %(wp_conf_path)s) ]]; then
echo "Enabling FORCE_SSL_ADMIN for %(webapp_name)s webapp"
sed -i -E "s#^(define\('NONCE_SALT.*)#\\1\\n\\ndefine\('FORCE_SSL_ADMIN', true\);#" \\