Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
def get_existing_pip_installation():
""" returns current pip installation path """
if run("pip freeze|grep django-orchestra", valid_codes=(0,1)).exit_code == 0:
for lib_path in get_python_lib(), get_python_lib(prefix="/usr/local"):
existing_path = os.path.abspath(os.path.join(lib_path, "orchestra"))
if os.path.exists(existing_path):
return existing_path
return None
virtual_mailbox_maps = """user = %(db_user)s
password = %(db_password)s
hosts = %(db_host)s
dbname = %(db_name)s
query = SELECT 1 FROM mails_mailbox INNER JOIN names_domain ON (mails_mailbox.domain_id = names_domain.id) WHERE mails_mailbox.emailname='%%u' AND names_domain.name='%%d'
"""
f = open(file_name, 'w')
f.write(virtual_mailbox_maps % context)
f.close()
run("chown root:postfix %s" % file_name)
run("chmod 640 %s" % file_name)
#Dovecot
vmail_usename = run("id -u %(vmail_username)s" % context)
vmail_groupname = run("id -g %(vmail_groupname)s" % context)
if vmail_groupname != context["vmail_gid"]:
run("groupadd -g %(vmail_gid)s %(vmail_groupname)s" % context)
run("chown -R %(vmail_username)s:%(vmail_groupname)s %(vmail_home)s" % context)
if vmail_usename != context["vmail_uid"]:
run("useradd -g %(vmail_groupname)s -u %(vmail_uid)s %(vmail_username)s -d %(vmail_home)s -m" % context)
run("chmod u+w %(vmail_home)s" % context)
run("chown -R %(vmail_username)s:%(vmail_groupname)s %(vmail_home)s" % context)
run("chmod u+w %(vmail_home)s" % context)
file_name = "%(dovecot_dir)s/conf.d/10-auth.conf" % context
run("""sed -i "s/auth_mechanisms = plain$/auth_mechanisms = plain login/g" %s """ % file_name)
run("""sed -i "s/\#\!include auth-sql.conf.ext/\!include auth-sql.conf.ext/" %s """ % file_name)
file_name = "%(dovecot_dir)s/conf.d/auth-sql.conf.ext" % context
run("#Processing %s" % file_name)
# A list of all virtual domains serviced by this instance of postfix.
run("postconf -e virtual_mailbox_domains=pgsql:%(postfix_dir)s/pgsql-virtual-mailbox-domains.cf" % context)
# Look up the mailbox location based on the email address received.
run("postconf -e virtual_mailbox_maps=pgsql:%(postfix_dir)s/pgsql-virtual-mailbox-maps.cf" % context)
# Any aliases that are supported by this system
run("postconf -e virtual_alias_maps=pgsql:%(postfix_dir)s/pgsql-virtual-alias-maps.cf" % context)
#Dovecot:
run("postconf -e virtual_transport=dovecot")
run("postconf -e dovecot_destination_recipient_limit=1")
run("postconf -e smtpd_sasl_type=dovecot")
run("postconf -e smtpd_sasl_path=private/auth")
run("postconf -e smtpd_sasl_auth_enable=yes")
if os.path.isfile("/etc/ssl/certs/mailserver.pem"):
run("postconf -e smtpd_tls_security_level=may")
run("postconf -e smtpd_tls_auth_only=yes")
run("postconf -e smtpd_tls_cert_file=/etc/ssl/certs/mailserver.pem")
run("postconf -e smtpd_tls_key_file=/etc/ssl/private/mailserver.pem")
run("""postconf -e smtpd_recipient_restrictions=permit_mynetworks,permit_sasl_authenticated,reject_invalid_hostname,reject_non_fqdn_recipient,reject_unknown_sender_domain,reject_unknown_recipient_domain,reject_unauth_destination,permit""")
run("""postconf -e soft_bounce=no""")
run("""postconf -e content_filter=amavis:[127.0.0.1]:10024""")
#Amavis:
file_name = "%(amavis_dir)s/conf.d/15-content_filter_mode" % context
run("""sed -i "s/#@bypass_virus_checks_maps/@bypass_virus_checks_maps/g" %s""" % file_name)
run("""sed -i 's/# \\\\%%bypass_virus_checks, \\\@bypass_virus_checks_acl, \\\$bypass_virus_checks_re/ \\\\%%bypass_virus_checks, \\\@bypass_virus_checks_acl, \\\$bypass_virus_checks_re/g' %s""" % file_name)
run("""sed -i 's/# \\\\%%bypass_virus_checks/ \\\\%%bypass_virus_checks/g' %s""" % (file_name,) )
run("""sed -i "s/#@bypass_spam_checks_maps/@bypass_spam_checks_maps/g" %s""" % file_name)
# File is different, save the old one
if interactive:
if not confirm("\n\nFile %(file)s be updated, do you like to overide "
"it? (yes/no): " % context):
return
run(textwrap.dedent("""\
cp %(file)s %(file)s.save
cat << 'EOF' > %(file)s
%(conf)s
EOF""") % context, display=True
)
self.stdout.write("\033[1;31mA new version of %(file)s has been installed.\n "
"The old version has been placed at %(file)s.save\033[m" % context)
if server_name:
run('ln -s /etc/nginx/sites-available/%(server_name)s.conf /etc/nginx/sites-enabled/' % context,
valid_codes=[0,1], display=True)
else:
run('rm -f /etc/nginx/sites-enabled/default')
run('ln -s /etc/nginx/sites-available/%(project_name)s.conf /etc/nginx/sites-enabled/' % context,
valid_codes=[0,1], display=True)
run('ln -s /etc/uwsgi/apps-available/%(project_name)s.ini /etc/uwsgi/apps-enabled/' % context,
valid_codes=[0,1], display=True)
rotate = textwrap.dedent("""\
/var/log/nginx/*.log {
daily
missingok
rotate 30
compress
delaycompress
notifempty
run("postconf -e virtual_mailbox_base=%(vmail_home)s" % context)
# A list of all virtual domains serviced by this instance of postfix.
run("postconf -e virtual_mailbox_domains=pgsql:%(postfix_dir)s/pgsql-virtual-mailbox-domains.cf" % context)
# Look up the mailbox location based on the email address received.
run("postconf -e virtual_mailbox_maps=pgsql:%(postfix_dir)s/pgsql-virtual-mailbox-maps.cf" % context)
# Any aliases that are supported by this system
run("postconf -e virtual_alias_maps=pgsql:%(postfix_dir)s/pgsql-virtual-alias-maps.cf" % context)
#Dovecot:
run("postconf -e virtual_transport=dovecot")
run("postconf -e dovecot_destination_recipient_limit=1")
run("postconf -e smtpd_sasl_type=dovecot")
run("postconf -e smtpd_sasl_path=private/auth")
run("postconf -e smtpd_sasl_auth_enable=yes")
if os.path.isfile("/etc/ssl/certs/mailserver.pem"):
run("postconf -e smtpd_tls_security_level=may")
run("postconf -e smtpd_tls_auth_only=yes")
run("postconf -e smtpd_tls_cert_file=/etc/ssl/certs/mailserver.pem")
run("postconf -e smtpd_tls_key_file=/etc/ssl/private/mailserver.pem")
run("""postconf -e smtpd_recipient_restrictions=permit_mynetworks,permit_sasl_authenticated,reject_invalid_hostname,reject_non_fqdn_recipient,reject_unknown_sender_domain,reject_unknown_recipient_domain,reject_unauth_destination,permit""")
run("""postconf -e soft_bounce=no""")
run("""postconf -e content_filter=amavis:[127.0.0.1]:10024""")
#Amavis:
file_name = "%(amavis_dir)s/conf.d/15-content_filter_mode" % context
run("""sed -i "s/#@bypass_virus_checks_maps/@bypass_virus_checks_maps/g" %s""" % file_name)
run("""sed -i 's/# \\\\%%bypass_virus_checks, \\\@bypass_virus_checks_acl, \\\$bypass_virus_checks_re/ \\\\%%bypass_virus_checks, \\\@bypass_virus_checks_acl, \\\$bypass_virus_checks_re/g' %s""" % file_name)
run("""sed -i 's/# \\\\%%bypass_virus_checks/ \\\\%%bypass_virus_checks/g' %s""" % (file_name,) )
elif service == 'postgresql':
db_conn = connections['default']
try:
c = db_conn.cursor()
except OperationalError:
self.stdout.write(" * DB connection failed")
else:
self.stdout.write(" * DB connection succeeded")
elif service == 'uwsgi':
uwsgi_config = '/etc/uwsgi/apps-enabled/%(project_name)s.ini' % context
if os.path.isfile(uwsgi_config):
self.stdout.write(" * %s exists" % uwsgi_config)
else:
self.stdout.write(" * %s does not exist" % uwsgi_config)
cronbeat = 'crontab -l | grep "^.*/orchestra-beat %(site_dir)s/manage.py"' % context
if run(cronbeat, valid_codes=(0, 1)).exit_code == 0:
self.stdout.write(" cronbeat installed")
else:
self.stdout.write(" cronbeat not installed")
def generate_certificate(self, **options):
override = options.get('cert_override')
interactive = options.get('interactive')
cert = options.get('cert')
key = options.get('cert_key')
if bool(cert) != bool(key):
raise CommandError("--cert and --cert-key go in tandem")
cert_path = options.get('cert_path')
key_path = options.get('cert_key_path')
run('mkdir -p %s' % os.path.dirname(cert_path))
exists = os.path.isfile(cert_path)
if not override and exists:
self.stdout.write('Your cert and keys are already in place.')
self.stdout.write('Use --override in order to regenerate them.')
return cert_path, key_path
common_name = options.get('cert_common_name') or options.get('server_name') or 'orchestra.lan'
country = options.get('cert_country')
state = options.get('cert_state')
locality = options.get('cert_locality')
org_name = options.get('cert_org_name')
org_unit = options.get('cert_org_unit')
email = options.get('cert_email')
if interactive:
msg = ('-----\n'
def handle(self, *filenames, **options):
flake = run('flake8 {%s,%s} | grep -v "W293\|E501"' % (get_orchestra_dir(), get_site_dir()))
self.stdout.write(flake.stdout.decode('utf8'))
def run_postgres(self, cmd, *args, **kwargs):
return run('su postgres -c "psql -c \\"%s\\""' % cmd, *args, **kwargs)
base_path = os.path.abspath(os.path.join(current_path, '..'))
char_set = string.ascii_uppercase + string.digits
rand_name = ''.join(random.sample(char_set, 6))
backup = os.path.join(base_path, 'orchestra.' + rand_name)
run("mv %s %s" % (current_path, backup))
# collect existing eggs previous to the installation
eggs_regex = os.path.join(base_path, 'django_orchestra-*.egg-info')
eggs = run('ls -d %s' % eggs_regex)
eggs = eggs.stdout.splitlines()
try:
if desired_version:
r('pip install django-orchestra==%s' % desired_version)
else:
# Did I mentioned how I hate PIP?
if run('pip --version|cut -d" " -f2').stdout == '1.0':
r('pip install django-orchestra --upgrade')
else:
# (Fucking pip)^2, it returns exit code 0 even when fails
# because requirement already up-to-date
r('pip install django-orchestra --upgrade --force')
except CommandError:
# Restore backup
run('rm -rf %s' % current_path)
run('mv %s %s' % (backup, current_path))
raise CommandError("Problem runing pip upgrade, aborting...")
else:
# Some old versions of pip do not performe this cleaning ...
# Remove all backups
run('rm -fr %s' % os.path.join(base_path, 'orchestra\.*'))
# Clean old egg files, yeah, cleaning PIP shit :P
c_version = 'from orchestra import get_version; print get_version()'