0_setup.py

#!/usr/bin/env python3
# -*- coding: utf-8 -*-
import os
import re

import utils


def vhost_write_cmds(dir_path, name, server_name, **data):
    params = [('{{ server_name }}', server_name)]
    for k, v in data.items():
        params.append(('{{ %s }}' % k, v))
    return [
        dict(
            line='write',
            template='%s/vhost_%s.conf' % (dir_path, name),
            target='/etc/nginx/sites-available/%s.conf' % name,
            params=params,
        ),
        'ln -sfn ../sites-available/%s.conf /etc/nginx/sites-enabled/%s.conf' % (name, name),
        'echo "Vhost %s updated (domain: %s)."' % (name, server_name),
    ]


def setup(interactive=True):
    dir_path = utils.get_dir(__file__)
    cmds = [
        'apt-get remove -y apache2',
        'apt-get install -y nginx',
        'rm -f /etc/nginx/sites-enabled/default',
        'rm -f /etc/nginx/sites-enabled/default.conf',
    ]
    hosts = list()
    need_uwsgi = False
    # FTP vhost (deprecated)
    if os.path.exists('/var/www/videos'):
        cmds.append('cp %s/crossdomain.xml /var/www/videos/crossdomain.xml' % dir_path)
        server_name = utils.get_conf('FTP_SERVER_NAME') or 'videos'
        cmds.extend(vhost_write_cmds(dir_path, 'videos', server_name))
        hosts.append(server_name)
    # Wowza vhost (deprecated)
    if os.path.exists('/var/www/streaming'):
        cmds.append('cp %s/crossdomain.xml /var/www/streaming/crossdomain.xml' % dir_path)
        server_name = utils.get_conf('WOWZA_SERVER_NAME') or 'streaming'
        cmds.extend(vhost_write_cmds(dir_path, 'streaming', server_name))
        hosts.append(server_name)
    # MediaServer vhost (mediaserver-msuser)
    if os.path.exists('/home/msuser/msinstance'):
        need_uwsgi = True
        server_name = utils.get_conf('MS_SERVER_NAME') or 'mediaserver'
        worker_ips = utils.get_conf('CELERITY_WORKER_IP') or ''
        whitelist = ''
        for worker_ip in worker_ips.split(','):
            worker_ip = worker_ip.strip()
            if worker_ip and worker_ip != '127.0.0.1':
                whitelist += '\n\t%s 1;' % worker_ip
        cmds.extend(vhost_write_cmds(dir_path, 'mediaserver-msuser', server_name,
            secret=utils.get_conf('MS_SECRET') or 'secret', whitelist=whitelist))
        hosts.append(server_name)
    # Monitor vhost
    if os.path.exists('/home/msmonitor/msmonitor'):
        need_uwsgi = True
        server_name = utils.get_conf('MONITOR_SERVER_NAME') or 'msmonitor'
        cmds.extend(vhost_write_cmds(dir_path, 'msmonitor', server_name))
        hosts.append(server_name)
    # SkyReach vhost
    if os.path.exists('/home/skyreach/htdocs'):
        need_uwsgi = True
        server_name = utils.get_conf('CM_SERVER_NAME') or 'campusmanager'
        cmds.extend(vhost_write_cmds(dir_path, 'skyreach', server_name))
        hosts.append(server_name)
    # Cache vhost
    if os.path.exists('/var/www/cache'):
        cmds.append('cp %s/crossdomain.xml /var/www/cache/crossdomain.xml' % dir_path)
        server_name = utils.get_conf('CACHE_SERVER_NAME') or 'cache'
        cmds.extend(vhost_write_cmds(dir_path, 'cache', server_name, source_server=utils.get_conf('CACHE_SOURCE') or 'http://undefined'))
        hosts.append(server_name)
    if need_uwsgi:
        cmds.append('apt-get install -y uwsgi uwsgi-plugin-python3')
    utils.run_commands(cmds)
    # Update hosts file
    rc, hostname = utils.exec_cmd('hostname')
    if rc == 0 and hostname not in hosts:
        hosts.insert(0, hostname)
    with open('/etc/hosts', 'r') as fo:
        content = fo.read()
    new_content = list()
    found_127 = False
    for line in content.split('\n'):
        if not found_127 and line.startswith('127.0.0.1'):
            found_127 = True
            for host in hosts:
                if ' ' + host not in line:
                    line += ' ' + host
                    utils.log('Adding host %s to /etc/hosts 127.0.0.1 aliases.' % host)
        new_content.append(line)
    if not found_127:
        new_content.append('127.0.0.1 %s' % ' '.join(hosts))
    new_content = '\n'.join(new_content)
    if new_content != content:
        with open('/etc/hosts', 'w') as fo:
            fo.write(new_content)
        utils.log('/etc/hosts updated.')
    else:
        utils.log('/etc/hosts is already up to date.')
    # Move ssl.conf
    ssl_conf = '/etc/nginx/conf.d/ssl.conf'
    if os.path.exists(ssl_conf):
        utils.run_commands([
            'grep ssl_certificate /etc/nginx/conf.d/ssl.conf > /etc/nginx/conf.d/ssl_certificate.conf',
            'mv /etc/nginx/conf.d/ssl.conf /etc/nginx/conf.d/ssl.conf.old',
        ])
    # Update certificate in ssl_certificate.conf
    ssl_conf = '/etc/nginx/conf.d/ssl_certificate.conf'
    if not os.path.exists(ssl_conf):
        utils.log('The SSL configuration file "%s" does not exist, SSL certificate not updated.' % ssl_conf)
    else:
        default_cert = '/etc/ssl/certs/ssl-cert-snakeoil.pem'
        ssl_cert = utils.get_conf('SSL_CERTIFICATE') or default_cert
        ssl_key = utils.get_conf('SSL_CERTIFICATE_KEY') or '/etc/ssl/private/ssl-cert-snakeoil.key'
        if ssl_cert == default_cert:
            utils.log('The configuration uses the default certificate, no modification will be made in "%s".' % ssl_conf)
        else:
            with open(ssl_conf, 'r') as fo:
                content = fo.read()
            new_content = content
            new_content = re.sub(r'ssl_certificate\s+([\w/\-\_\.]+);', 'ssl_certificate %s;' % ssl_cert, new_content)
            new_content = re.sub(r'ssl_certificate_key\s+([\w/\-\_\.]+);', 'ssl_certificate_key %s;' % ssl_key, new_content)
            if new_content != content:
                with open(ssl_conf, 'w') as fo:
                    fo.write(new_content)
                utils.log('SSL configuration file "%s" updated.' % ssl_conf)
            else:
                utils.log('SSL configuration file "%s" already up to date.' % ssl_conf)
    utils.run_commands(['nginx -t', 'service nginx restart'])