pedro
/
django-orchestra-test
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Added some comments on backend generated code

This commit is contained in:
Marc Aymerich 2015-05-21 14:32:06 +00:00
parent eec571d56f
commit f60376ab1d
5 changed files with 54 additions and 31 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
TODO.md
View File

@ -379,3 +379,6 @@ http://wiki2.dovecot.org/Pigeonhole/Sieve/Examples
# orders ignorign default filter is not very effective, because of selecting all orders for billing will select ignored too # orders ignorign default filter is not very effective, because of selecting all orders for billing will select ignored too
# mail system users group? which one is more convinient? if main group does not exists, backend will fail!

48
orchestra/contrib/mailboxes/backends.py
View File

@ -23,6 +23,7 @@ class SieveFilteringMixin(object):
# create mailboxes if fileinfo is provided witout ':create' option # create mailboxes if fileinfo is provided witout ':create' option
context['box'] = box context['box'] = box
self.append(textwrap.dedent(""" self.append(textwrap.dedent("""
# Create %(box)s mailbox
mkdir -p %(maildir)s/.%(box)s mkdir -p %(maildir)s/.%(box)s
chown %(user)s:%(group)s %(maildir)s/.%(box)s chown %(user)s:%(group)s %(maildir)s/.%(box)s
if [[ ! $(grep '%(box)s' %(maildir)s/subscriptions) ]]; then if [[ ! $(grep '%(box)s' %(maildir)s/subscriptions) ]]; then
@ -34,13 +35,15 @@ class SieveFilteringMixin(object):
context['filtering_cpath'] = re.sub(r'\.sieve$', '.svbin', context['filtering_path']) context['filtering_cpath'] = re.sub(r'\.sieve$', '.svbin', context['filtering_path'])
if content: if content:
context['filtering'] = ('# %(banner)s\n' + content) % context context['filtering'] = ('# %(banner)s\n' + content) % context
self.append(textwrap.dedent(""" self.append(textwrap.dedent("""\
# Create and compile orchestra sieve filtering
mkdir -p $(dirname '%(filtering_path)s') mkdir -p $(dirname '%(filtering_path)s')
cat << 'EOF' > %(filtering_path)s cat << 'EOF' > %(filtering_path)s
%(filtering)s %(filtering)s
EOF EOF
sievec %(filtering_path)s sievec %(filtering_path)s
chown %(user)s:%(group)s {%(filtering_path)s,%(filtering_cpath)s} chown %(user)s:%(group)s %(filtering_path)s
chown %(user)s:%(group)s %(filtering_cpath)s
""") % context """) % context
) )
else: else:
@ -64,15 +67,20 @@ class UNIXUserMaildirBackend(SieveFilteringMixin, ServiceController):
def save(self, mailbox): def save(self, mailbox):
context = self.get_context(mailbox) context = self.get_context(mailbox)
self.append(textwrap.dedent(""" self.append(textwrap.dedent("""
# Update/create %(user)s user state
if [[ $( id %(user)s ) ]]; then if [[ $( id %(user)s ) ]]; then
# Fucking postfix SASL caches credentials old_password=$(getent shadow %(user)s | cut -d':' -f2)
old_password=$(grep "^%(user)s:" /etc/shadow|cut -d':' -f2) usermod %(user)s \\
usermod %(user)s --password '%(password)s' --shell %(initial_shell)s --shell %(initial_shell)s \\
if [[ "$old_password" != "%(password)s" ]]; then --password '%(password)s'
if [[ "$old_password" != '%(password)s' ]]; then
# Postfix SASL caches passwords
RESTART_POSTFIX=1 RESTART_POSTFIX=1
fi fi
else else
useradd %(user)s --home %(home)s --password '%(password)s' useradd %(user)s \\
--home %(home)s \\
--password '%(password)s'
fi fi
mkdir -p %(home)s mkdir -p %(home)s
chmod 751 %(home)s chmod 751 %(home)s
@ -86,6 +94,7 @@ class UNIXUserMaildirBackend(SieveFilteringMixin, ServiceController):
context['quota'] = mailbox.resources.disk.allocated * mailbox.resources.disk.resource.get_scale() context['quota'] = mailbox.resources.disk.allocated * mailbox.resources.disk.resource.get_scale()
#unit_to_bytes(mailbox.resources.disk.unit) #unit_to_bytes(mailbox.resources.disk.unit)
self.append(textwrap.dedent(""" self.append(textwrap.dedent("""
# Set Maildir quota for %(user)s
mkdir -p %(maildir)s mkdir -p %(maildir)s
chown %(user)s:%(group)s %(maildir)s chown %(user)s:%(group)s %(maildir)s
if [[ ! -f %(maildir)s/maildirsize ]]; then if [[ ! -f %(maildir)s/maildirsize ]]; then
@ -137,7 +146,7 @@ class DovecotPostfixPasswdVirtualUserBackend(SieveFilteringMixin, ServiceControl
def set_user(self, context): def set_user(self, context):
self.append(textwrap.dedent(""" self.append(textwrap.dedent("""
if [[ $( grep "^%(user)s:" %(passwd_path)s ) ]]; then if [[ $( grep '^%(user)s:' %(passwd_path)s ) ]]; then
sed -i 's#^%(user)s:.*#%(passwd)s#' %(passwd_path)s sed -i 's#^%(user)s:.*#%(passwd)s#' %(passwd_path)s
else else
echo '%(passwd)s' >> %(passwd_path)s echo '%(passwd)s' >> %(passwd_path)s
@ -148,7 +157,7 @@ class DovecotPostfixPasswdVirtualUserBackend(SieveFilteringMixin, ServiceControl
def set_mailbox(self, context): def set_mailbox(self, context):
self.append(textwrap.dedent(""" self.append(textwrap.dedent("""
if [[ ! $(grep "^%(user)s@%(mailbox_domain)s\s" %(virtual_mailbox_maps)s) ]]; then if [[ ! $(grep '^%(user)s@%(mailbox_domain)s\s' %(virtual_mailbox_maps)s) ]]; then
echo "%(user)s@%(mailbox_domain)s\tOK" >> %(virtual_mailbox_maps)s echo "%(user)s@%(mailbox_domain)s\tOK" >> %(virtual_mailbox_maps)s
UPDATED_VIRTUAL_MAILBOX_MAPS=1 UPDATED_VIRTUAL_MAILBOX_MAPS=1
fi""") % context fi""") % context
@ -240,6 +249,7 @@ class PostfixAddressVirtualDomainBackend(ServiceController):
domain = context['domain'] domain = context['domain']
if domain.name != context['local_domain'] and self.is_local_domain(domain): if domain.name != context['local_domain'] and self.is_local_domain(domain):
self.append(textwrap.dedent(""" self.append(textwrap.dedent("""
# %(domain)s is a virtual domain belonging to this server
if [[ ! $(grep '^\s*%(domain)s\s*$' %(virtual_alias_domains)s) ]]; then if [[ ! $(grep '^\s*%(domain)s\s*$' %(virtual_alias_domains)s) ]]; then
echo '%(domain)s' >> %(virtual_alias_domains)s echo '%(domain)s' >> %(virtual_alias_domains)s
UPDATED_VIRTUAL_ALIAS_DOMAINS=1 UPDATED_VIRTUAL_ALIAS_DOMAINS=1
@ -253,6 +263,7 @@ class PostfixAddressVirtualDomainBackend(ServiceController):
domain = context['domain'] domain = context['domain']
if self.is_last_domain(domain): if self.is_last_domain(domain):
self.append(textwrap.dedent(""" self.append(textwrap.dedent("""
# Delete %(domain)s virtual domain
if [[ $(grep '^%(domain)s\s*$' %(virtual_alias_domains)s) ]]; then if [[ $(grep '^%(domain)s\s*$' %(virtual_alias_domains)s) ]]; then
sed -i '/^%(domain)s\s*/d' %(virtual_alias_domains)s sed -i '/^%(domain)s\s*/d' %(virtual_alias_domains)s
UPDATED_VIRTUAL_ALIAS_DOMAINS=1 UPDATED_VIRTUAL_ALIAS_DOMAINS=1
@ -271,7 +282,7 @@ class PostfixAddressVirtualDomainBackend(ServiceController):
def commit(self): def commit(self):
context = self.get_context_files() context = self.get_context_files()
self.append(textwrap.dedent("""\ self.append(textwrap.dedent("""
[[ $UPDATED_VIRTUAL_ALIAS_DOMAINS == 1 ]] && { [[ $UPDATED_VIRTUAL_ALIAS_DOMAINS == 1 ]] && {
service postfix reload service postfix reload
} }
@ -309,6 +320,7 @@ class PostfixAddressBackend(PostfixAddressVirtualDomainBackend):
if destination: if destination:
context['destination'] = destination context['destination'] = destination
self.append(textwrap.dedent(""" self.append(textwrap.dedent("""
# Set virtual alias entry for %(email)s
LINE='%(email)s\t%(destination)s' LINE='%(email)s\t%(destination)s'
if [[ ! $(grep '^%(email)s\s' %(virtual_alias_maps)s) ]]; then if [[ ! $(grep '^%(email)s\s' %(virtual_alias_maps)s) ]]; then
# Add new line # Add new line
@ -323,12 +335,7 @@ class PostfixAddressBackend(PostfixAddressVirtualDomainBackend):
fi""") % context) fi""") % context)
else: else:
logger.warning("Address %i is empty" % address.pk) logger.warning("Address %i is empty" % address.pk)
self.append(textwrap.dedent(""" self.exclude_virtual_alias_maps(context)
if [[ $(grep '^%(email)s\s' %(virtual_alias_maps)s) ]]; then
sed -i '/^%(email)s\s/d' %(virtual_alias_maps)s
UPDATED_VIRTUAL_ALIAS_MAPS=1
fi""") % context
)
# Virtual mailbox stuff # Virtual mailbox stuff
# destination = [] # destination = []
# for mailbox in address.get_mailboxes(): # for mailbox in address.get_mailboxes():
@ -340,10 +347,12 @@ class PostfixAddressBackend(PostfixAddressVirtualDomainBackend):
def exclude_virtual_alias_maps(self, context): def exclude_virtual_alias_maps(self, context):
self.append(textwrap.dedent(""" self.append(textwrap.dedent("""
sed -i '/^%(email)s\s.*$/d;{!q0;q1}' %(virtual_alias_maps)s && \\ # Remove %(email)s virtual alias entry
if [[ $(grep '^%(email)s\s' %(virtual_alias_maps)s) ]]; then
sed -i '/^%(email)s\s/d' %(virtual_alias_maps)s
UPDATED_VIRTUAL_ALIAS_MAPS=1 UPDATED_VIRTUAL_ALIAS_MAPS=1
""") % context fi""") % context
) )
def save(self, address): def save(self, address):
context = super(PostfixAddressBackend, self).save(address) context = super(PostfixAddressBackend, self).save(address)
@ -356,6 +365,7 @@ class PostfixAddressBackend(PostfixAddressVirtualDomainBackend):
def commit(self): def commit(self):
context = self.get_context_files() context = self.get_context_files()
self.append(textwrap.dedent("""\ self.append(textwrap.dedent("""\
# Apply changes if needed
[[ $UPDATED_VIRTUAL_ALIAS_DOMAINS == 1 ]] && { [[ $UPDATED_VIRTUAL_ALIAS_DOMAINS == 1 ]] && {
service postfix reload service postfix reload
} }

5
orchestra/contrib/systemusers/backends.py
View File

@ -31,6 +31,7 @@ class UNIXUserBackend(ServiceController):
context['groups_arg'] = '--groups %s' % groups if groups else '' context['groups_arg'] = '--groups %s' % groups if groups else ''
# TODO userd add will fail if %(user)s group already exists # TODO userd add will fail if %(user)s group already exists
self.append(textwrap.dedent(""" self.append(textwrap.dedent("""
# Update/create %(user)s user state
if [[ $( id %(user)s ) ]]; then if [[ $( id %(user)s ) ]]; then
usermod %(user)s --home %(home)s \\ usermod %(user)s --home %(home)s \\
--password '%(password)s' \\ --password '%(password)s' \\
@ -58,6 +59,7 @@ class UNIXUserBackend(ServiceController):
) )
if context['home'] != context['base_home']: if context['home'] != context['base_home']:
self.append(textwrap.dedent(""" self.append(textwrap.dedent("""
# Set extra permissions since %(user)s home is inside %(mainuser)s home
if [[ $(mount | grep "^$(df %(home)s|grep '^/')\s" | grep acl) ]]; then if [[ $(mount | grep "^$(df %(home)s|grep '^/')\s" | grep acl) ]]; then
# Accountn group as the owner # Accountn group as the owner
chown %(mainuser)s:%(mainuser)s %(home)s chown %(mainuser)s:%(mainuser)s %(home)s
@ -83,7 +85,8 @@ class UNIXUserBackend(ServiceController):
context = self.get_context(user) context = self.get_context(user)
if not context['user']: if not context['user']:
return return
self.append(textwrap.dedent("""\ self.append(textwrap.dedent("""
# Delete %(user)s user
nohup bash -c 'sleep 2 && killall -u %(user)s -s KILL' &> /dev/null & nohup bash -c 'sleep 2 && killall -u %(user)s -s KILL' &> /dev/null &
killall -u %(user)s || true killall -u %(user)s || true
userdel %(user)s || exit_code=$? userdel %(user)s || exit_code=$?

3
orchestra/contrib/webapps/backends/php.py
View File

@ -126,7 +126,7 @@ class PHPBackend(WebAppServiceMixin, ServiceController):
service php5-fpm reload service php5-fpm reload
fi fi
# Coordinate Apache restart with other concurrent backends (i.e. Apache2Backend) # Coordinate Apache restart with other concurrent backends (e.g. Apache2Backend)
is_last=0 is_last=0
mv /dev/shm/restart.apache2 /dev/shm/restart.apache2.locked || { mv /dev/shm/restart.apache2 /dev/shm/restart.apache2.locked || {
sleep 0.2 sleep 0.2
@ -144,6 +144,7 @@ class PHPBackend(WebAppServiceMixin, ServiceController):
else else
echo -n "$state" > /dev/shm/restart.apache2.locked echo -n "$state" > /dev/shm/restart.apache2.locked
if [[ $UPDATED_APACHE -eq 1 ]]; then if [[ $UPDATED_APACHE -eq 1 ]]; then
echo -e "Apache will be restarted by another backend:\\n${state}"
echo "$backend RESTART" >> /dev/shm/restart.apache2.locked echo "$backend RESTART" >> /dev/shm/restart.apache2.locked
fi fi
mv /dev/shm/restart.apache2.locked /dev/shm/restart.apache2 mv /dev/shm/restart.apache2.locked /dev/shm/restart.apache2

26
orchestra/contrib/websites/backends/apache.py
View File

@ -67,8 +67,7 @@ class Apache2Backend(ServiceController):
SuexecUserGroup {{ user }} {{ group }}\ SuexecUserGroup {{ user }} {{ group }}\
{% for line in extra_conf.splitlines %} {% for line in extra_conf.splitlines %}
{{ line | safe }}{% endfor %} {{ line | safe }}{% endfor %}
</VirtualHost> </VirtualHost>""")
""")
).render(Context(context)) ).render(Context(context))
def render_redirect_https(self, context): def render_redirect_https(self, context):
@ -85,8 +84,7 @@ class Apache2Backend(ServiceController):
RewriteEngine On RewriteEngine On
RewriteCond %{HTTPS} off RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
</VirtualHost> </VirtualHost>""")
""")
).render(Context(context)) ).render(Context(context))
def save(self, site): def save(self, site):
@ -99,8 +97,9 @@ class Apache2Backend(ServiceController):
apache_conf += self.render_virtual_host(site, context, ssl=True) apache_conf += self.render_virtual_host(site, context, ssl=True)
if site.protocol == site.HTTPS_ONLY: if site.protocol == site.HTTPS_ONLY:
apache_conf += self.render_redirect_https(context) apache_conf += self.render_redirect_https(context)
context['apache_conf'] = apache_conf context['apache_conf'] = apache_conf.strip()
self.append(textwrap.dedent("""\ self.append(textwrap.dedent("""
# Generate %(site_name)s Apache site config
read -r -d '' apache_conf << 'EOF' || true read -r -d '' apache_conf << 'EOF' || true
%(apache_conf)s %(apache_conf)s
EOF EOF
@ -113,6 +112,7 @@ class Apache2Backend(ServiceController):
) )
if context['server_name'] and site.active: if context['server_name'] and site.active:
self.append(textwrap.dedent("""\ self.append(textwrap.dedent("""\
# Enable %(site_name)s site
if [[ ! -f %(sites_enabled)s ]]; then if [[ ! -f %(sites_enabled)s ]]; then
a2ensite %(site_unique_name)s.conf a2ensite %(site_unique_name)s.conf
UPDATED_APACHE=1 UPDATED_APACHE=1
@ -120,6 +120,7 @@ class Apache2Backend(ServiceController):
) )
else: else:
self.append(textwrap.dedent("""\ self.append(textwrap.dedent("""\
# Disable %(site_name)s site
if [[ -f %(sites_enabled)s ]]; then if [[ -f %(sites_enabled)s ]]; then
a2dissite %(site_unique_name)s.conf; a2dissite %(site_unique_name)s.conf;
UPDATED_APACHE=1 UPDATED_APACHE=1
@ -128,22 +129,26 @@ class Apache2Backend(ServiceController):
def delete(self, site): def delete(self, site):
context = self.get_context(site) context = self.get_context(site)
self.append("a2dissite %(site_unique_name)s.conf && UPDATED_APACHE=1" % context) self.append(textwrap.dedent("""
self.append("rm -f %(sites_available)s" % context) # Remove %(site_name)s site configuration
a2dissite %(site_unique_name)s.conf && UPDATED_APACHE=1
rm -f %(sites_available)s\
""") % context
)
def prepare(self): def prepare(self):
super(Apache2Backend, self).prepare() super(Apache2Backend, self).prepare()
# Coordinate apache restart with php backend in order not to overdo it # Coordinate apache restart with php backend in order not to overdo it
self.append(textwrap.dedent("""\ self.append(textwrap.dedent("""\
backend="Apache2Backend" backend="Apache2Backend"
echo "$backend" >> /dev/shm/restart.apache2 echo "$backend" >> /dev/shm/restart.apache2\
""") """)
) )
def commit(self): def commit(self):
""" reload Apache2 if necessary """ """ reload Apache2 if necessary """
self.append(textwrap.dedent(""" self.append(textwrap.dedent("""
# Coordinate Apache restart with other concurrent backends (i.e. Apache2Backend) # Coordinate Apache restart with other concurrent backends (e.g. PHPBackend)
is_last=0 is_last=0
mv /dev/shm/restart.apache2 /dev/shm/restart.apache2.locked || { mv /dev/shm/restart.apache2 /dev/shm/restart.apache2.locked || {
sleep 0.2 sleep 0.2
@ -161,6 +166,7 @@ class Apache2Backend(ServiceController):
else else
echo -n "$state" > /dev/shm/restart.apache2.locked echo -n "$state" > /dev/shm/restart.apache2.locked
if [[ $UPDATED_APACHE -eq 1 ]]; then if [[ $UPDATED_APACHE -eq 1 ]]; then
echo -e "Apache will be restarted by another backend:\\n${state}"
echo "$backend RESTART" >> /dev/shm/restart.apache2.locked echo "$backend RESTART" >> /dev/shm/restart.apache2.locked
fi fi
mv /dev/shm/restart.apache2.locked /dev/shm/restart.apache2 mv /dev/shm/restart.apache2.locked /dev/shm/restart.apache2