VR CsApp: Expose config to classes, move vhost confs to proper location, allow for multiple IP's per intf, sanitize servername, don't open port 53 if no DNS is foreseen

2016-05-13 17:25:06 +02:00 · 2016-05-13 17:25:06 +02:00 · 6055ed6ed6
parent 748bf43530
commit 6055ed6ed6
1 changed files with 18 additions and 13 deletions
--- a/systemvm/patches/debian/config/opt/cloud/bin/cs/CsApp.py
+++ b/systemvm/patches/debian/config/opt/cloud/bin/cs/CsApp.py
@ -28,35 +28,37 @@ class CsApp:
        self.ip = ip.get_ip_address()
        self.type = ip.get_type()
        self.fw = ip.fw
+        self.config = ip.config


 class CsApache(CsApp):
    """ Set up Apache """

    def remove(self):
-        file = "/etc/apache2/conf.d/vhost%s.conf" % self.dev
+        file = "/etc/apache2/sites-enabled/vhost-%s.conf" % self.dev
        if os.path.isfile(file):
            os.remove(file)
            CsHelper.service("apache2", "restart")

    def setup(self):
        CsHelper.copy_if_needed("/etc/apache2/vhostexample.conf",
-                                "/etc/apache2/conf.d/vhost%s.conf" % self.dev)
+                                "/etc/apache2/sites-enabled/vhost-%s.conf" % self.ip)

-        file = CsFile("/etc/apache2/conf.d/vhost%s.conf" % (self.dev))
+        file = CsFile("/etc/apache2/sites-enabled/vhost-%s.conf" % (self.ip))
        file.search("<VirtualHost.*:80>", "\t<VirtualHost %s:80>" % (self.ip))
        file.search("<VirtualHost.*:80>", "\t<VirtualHost %s:80>" % (self.ip))
        file.search("<VirtualHost.*:443>", "\t<VirtualHost %s:443>" % (self.ip))
        file.search("Listen .*:80", "Listen %s:80" % (self.ip))
        file.search("Listen .*:443", "Listen %s:443" % (self.ip))
-        file.search("ServerName.*", "\tServerName vhost%s.cloudinternal.com" % (self.dev))
+        file.search("ServerName.*", "\tServerName %s.%s" % (self.config.cl.get_type(), self.config.get_domain()))
        if file.is_changed():
            file.commit()
            CsHelper.service("apache2", "restart")

-        self.fw.append(["", "front",
-                        "-A INPUT -i %s -d %s/32 -p tcp -m tcp -m state --state NEW --dport 80 -j ACCEPT" % (self.dev, self.ip)
-                        ])
+        self.fw.append([
+            "", "front",
+            "-A INPUT -i %s -d %s/32 -p tcp -m tcp -m state --state NEW --dport 80 -j ACCEPT" % (self.dev, self.ip)
+        ])


 class CsPasswdSvc():
@ -94,10 +96,13 @@ class CsDnsmasq(CsApp):
                        "-A INPUT -i %s -p udp -m udp --dport 67 -j ACCEPT" % self.dev
                        ])

-        self.fw.append(["", "front",
-                        "-A INPUT -i %s -d %s/32 -p udp -m udp --dport 53 -j ACCEPT" % (self.dev, self.ip)
-                        ])
+        if self.config.has_dns():
+            self.fw.append([
+                "", "front",
+                "-A INPUT -i %s -d %s/32 -p udp -m udp --dport 53 -j ACCEPT" % (self.dev, self.ip)
+            ])

-        self.fw.append(["", "front",
-                        "-A INPUT -i %s -d %s/32 -p tcp -m tcp --dport 53 -j ACCEPT" % (self.dev, self.ip)
-                        ])
+            self.fw.append([
+                "", "front",
+                "-A INPUT -i %s -d %s/32 -p tcp -m tcp --dport 53 -j ACCEPT" % (self.dev, self.ip)
+            ])