Skip to content
Snippets Groups Projects
Commit 8050be13 authored by Stéphane Diemer's avatar Stéphane Diemer
Browse files

Cleaned history.

parents
No related branches found
No related tags found
No related merge requests found
Showing
with 687 additions and 0 deletions
*.py[cod]
# C extensions
*.so
# Packages
*.egg
*.egg-info
dist
build
eggs
parts
bin
var
sdist
develop-eggs
.installed.cfg
lib
lib64
__pycache__
# Installer logs
pip-log.txt
# Unit test / coverage reports
.coverage
.tox
nosetests.xml
local_conf.py
#!/usr/bin/python3
# -*- coding: utf-8 -*-
import os
import utils
def setup(interactive=True):
cmds = [
'apt-get update',
'apt-get install --yes make ipython ipython3 vim netcat git htop iotop bmon host munin munin-node pciutils ntp nfs-client smartmontools',
'[ -f ~/.vimrc ] || echo "color ron" > ~/.vimrc',
]
utils.run_commands(cmds)
# Add settings in bashrc
lines = '''
# Colors
alias ls='ls --color=auto'
alias grep='grep --color=auto'
alias fgrep='fgrep --color=auto'
alias egrep='egrep --color=auto'
# PS
PS1='${debian_chroot:+($debian_chroot)}\\[\\033[01;32m\\]\\u@\\h\\[\\033[00m\\]:\\[\\033[01;34m\\]\\w\\[\\033[00m\\]\\$ '
# ls
alias ll='ls -alF'
alias la='ls -A'
alias l='ls -CF'
# system
alias lskernels='dpkg --get-selections | grep linux'
alias lspackages='dpkg --get-selections'
alias swapclear='sudo swapoff -a && sudo swapon -a'
alias full-upgrade='sudo apt-get update && sudo apt-get dist-upgrade -y'
alias aptud='sudo apt-get update'
alias aptug='sudo apt-get upgrade'
# python
alias rmpyc='find . -name *.pyc -type f -delete && find . -name __pycache__ -type d -delete'
'''
bashrc_path = os.path.expanduser('~/.bashrc')
bashrc = ''
if os.path.exists(bashrc_path):
with open(bashrc_path, 'r') as fd:
bashrc = fd.read()
new_bashrc = bashrc.replace('#force_color_prompt=yes', 'force_color_prompt=yes')
for line in lines.split('\n'):
line = line.strip()
if '=' in line:
name = line.split('=')[0] + '='
if name not in new_bashrc:
new_bashrc += '\n' + line
if new_bashrc != bashrc:
new_bashrc += '\n'
with open(bashrc_path, 'w') as fd:
fd.write(new_bashrc)
utils.log('bashrc file updated: %s' % bashrc_path)
utils.log('bashrc file up to date.')
#!/bin/bash
source /root/envsetup/envsetup.conf
echo -e "
${RED}Customer parameters will be applied after rebooting. Note that you won't be able to login to the machine after this operation !${NC}"
# set customer IP (/etc/network/interfaces)
sed -i "s@192\.168\.40\.10.*@${CUST_IP}@" /etc/network/interfaces
sed -i "s@255\.255\.252\..*@${CUST_NETMASK}@" /etc/network/interfaces
sed -i "s@192\.168\.40\..*@${CUST_GATEWAY}@" /etc/network/interfaces
# backup-server specific
if ( test -f /usr/sbin/burp )
then
# changer burp status IP
sed -i "s@^CUST_BURP_MAIL_DEST=.*@CUST_BURP_MAIL_DEST=${CUST_BURP_MAIL_DEST}@" /root/burp-custom.sh
sed -i "s@admin: .*@admin: ${CUST_BURP_MAIL_DEST}" /etc/aliases
newaliases
fi
# set customer DNS
echo "nameserver ${CUST_NS1}" > /etc/resolv.conf
echo "nameserver ${CUST_NS2}" >> /etc/resolv.conf
# set customer NTP
sed -i "s@^server .*@@" /etc/ntp.conf
echo "" >> /etc/ntp.conf
echo "server ${CUST_NTP1}" >> /etc/ntp.conf
if ( ! test -z ${CUST_NTP2} )
then
echo "server ${CUST_NTP2}" >> /etc/ntp.conf
fi
if ( ! test -z ${CUST_NTP3} )
then
echo "server ${CUST_NTP3}" >> /etc/ntp.conf
fi
service ntp restart
# proxy
if [ ${PROXY} = "1" ]
then
if [ ${PROXY_AUTHENTICATION} = "1" ]
then
# APT
echo "Acquire::http::Proxy \"http://${PROXY_USER}:${PROXY_PASSWD}@${PROXY_HTTP}:${PROXY_PORT}\";" > /etc/apt/apt.conf.d/proxy
echo "Acquire::https::Proxy \"http://${PROXY_USER}:${PROXY_PASSWD}@${PROXY_HTTP}:${PROXY_PORT}\";" >> /etc/apt/apt.conf.d/proxy
# /etc/environment
echo "http_proxy=\"http://${PROXY_USER}:${PROXY_PASSWD}@${PROXY_HTTP}:${PROXY_PORT}\"" >> /etc/environment
echo "https_proxy=\"http://${PROXY_USER}:${PROXY_PASSWD}@${PROXY_HTTP}:${PROXY_PORT}\"" >> /etc/environment
else
# APT
echo "Acquire::http::Proxy \"http://${PROXY_HTTP}:${PROXY_PORT}\";" > /etc/apt/apt.conf.d/proxy
echo "Acquire::https::Proxy \"http://${PROXY_HTTP}:${PROXY_PORT}\";" >> /etc/apt/apt.conf.d/proxy
# /etc/environment
echo "http_proxy=\"http://${PROXY_HTTP}:${PROXY_PORT}\"" >> /etc/environment
echo "https_proxy=\"http://${PROXY_HTTP}:${PROXY_PORT}\"" >> /etc/environment
fi
fi
# MS specific
if ( test -d /usr/local/WowzaStreamingEngine )
then
if [ ${PROXY} = "1" ]
then
# wowza
NB=$(grep -n 'Properties defined here will be added to the IServer.getProperties()' /usr/local/WowzaStreamingEngine/conf/Server.xml | awk -F ":" '{print$1}')
NB_1=$(( ${NB} + 1 ))
NB_MAX=$(wc -l /usr/local/WowzaStreamingEngine/conf/Server.xml | awk '{print$1}')
if [ ${PROXY_AUTHENTICATION} = "1" ]
then
sed -i "${NB_1},${NB_MAX}d" /usr/local/WowzaStreamingEngine/conf/Server.xml
echo "<Properties>" >> /usr/local/WowzaStreamingEngine/conf/Server.xml
echo "<Property>" >> /usr/local/WowzaStreamingEngine/conf/Server.xml
echo "<Name>licenseServerProxyAddress</Name>" >> /usr/local/WowzaStreamingEngine/conf/Server.xml
echo "<Value>${PROXY_HTTP}</Value>" >> /usr/local/WowzaStreamingEngine/conf/Server.xml
echo "</Property>" >> /usr/local/WowzaStreamingEngine/conf/Server.xml
echo "<Property>" >> /usr/local/WowzaStreamingEngine/conf/Server.xml
echo "<Name>licenseServerProxyPort</Name>" >> /usr/local/WowzaStreamingEngine/conf/Server.xml
echo "<Value>${PROXY_PORT}</Value>" >> /usr/local/WowzaStreamingEngine/conf/Server.xml
echo "<Type>Integer</Type>" >> /usr/local/WowzaStreamingEngine/conf/Server.xml
echo "</Property>" >> /usr/local/WowzaStreamingEngine/conf/Server.xml
echo "<Property>" >> /usr/local/WowzaStreamingEngine/conf/Server.xml
echo "<Name>licenseServerProxyUsername</Name>" >> /usr/local/WowzaStreamingEngine/conf/Server.xml
echo "<Value>${PROXY_USER}</Value>" >> /usr/local/WowzaStreamingEngine/conf/Server.xml
echo "</Property>" >> /usr/local/WowzaStreamingEngine/conf/Server.xml
echo "<Property>" >> /usr/local/WowzaStreamingEngine/conf/Server.xml
echo "<Name>licenseServerProxyPassword</Name>" >> /usr/local/WowzaStreamingEngine/conf/Server.xml
echo "<Value>${PROXY_PASSWD}</Value>" >> /usr/local/WowzaStreamingEngine/conf/Server.xml
echo "</Property>" >> /usr/local/WowzaStreamingEngine/conf/Server.xml
echo "</Properties>" >> /usr/local/WowzaStreamingEngine/conf/Server.xml
echo "</Server>" >> /usr/local/WowzaStreamingEngine/conf/Server.xml
echo "</Root> " >> /usr/local/WowzaStreamingEngine/conf/Server.xml
else
sed -i "${NB_1},${NB_MAX}d" /usr/local/WowzaStreamingEngine/conf/Server.xml
echo "<Properties>" >> /usr/local/WowzaStreamingEngine/conf/Server.xml
echo "<Property>" >> /usr/local/WowzaStreamingEngine/conf/Server.xml
echo "<Name>licenseServerProxyAddress</Name>" >> /usr/local/WowzaStreamingEngine/conf/Server.xml
echo "<Value>${PROXY_HTTP}</Value>" >> /usr/local/WowzaStreamingEngine/conf/Server.xml
echo "</Property>" >> /usr/local/WowzaStreamingEngine/conf/Server.xml
echo "<Property>" >> /usr/local/WowzaStreamingEngine/conf/Server.xml
echo "<Name>licenseServerProxyPort</Name>" >> /usr/local/WowzaStreamingEngine/conf/Server.xml
echo "<Value>${PROXY_PORT}</Value>" >> /usr/local/WowzaStreamingEngine/conf/Server.xml
echo "<Type>Integer</Type>" >> /usr/local/WowzaStreamingEngine/conf/Server.xml
echo "</Property>" >> /usr/local/WowzaStreamingEngine/conf/Server.xml
echo "</Properties>" >> /usr/local/WowzaStreamingEngine/conf/Server.xml
echo "</Server>" >> /usr/local/WowzaStreamingEngine/conf/Server.xml
echo "</Root> " >> /usr/local/WowzaStreamingEngine/conf/Server.xml
fi
fi
fi
# set DEFAULT_FROM_EMAIL
if ( ! test -z ${DEFAULT_FROM_EMAIL} )
then
echo "#DEFAULT_FROM_EMAIL = '${DEFAULT_FROM_EMAIL}'" >> /etc/mediaserver/msconf.py
echo "#DEFAULT_FROM_EMAIL = '${DEFAULT_FROM_EMAIL}'" >> /home/skyreach/htdocs/skyreach_site/settings_override.py
fi
# set locale
if [ ${CUST_LOCALE} != 'FR' ]
then
echo -e "${CYAN}You will now change the locales.${NC}"
locale-gen en_GB
locale-gen en_GB.UTF-8
dpkg-reconfigure locales
#~dpkg-reconfigure console-data
dpkg-reconfigure keyboard-configuration
update-locale LANG=en_GB.UTF-8 LANGUAGE=en_GB.UTF-8 LC_ALL=en_GB.UTF-8 LC_MESSAGES=en_GB.UTF-8
fi
# set TZ
if [ ${CUST_TZ} != 'FR' ]
then
echo -e "${CYAN}You will now change the time zone.${NC}"
dpkg-reconfigure tzdata
fi
#!/bin/bash
source /root/envsetup/envsetup.conf
# generate post-deployment conf file
echo "SOURCES.LIST" > /root/deployment.results
cat /etc/apt/sources.list | grep ^deb >> /root/deployment.results
echo "" >> /root/deployment.results
echo "SOURCES.LIST - PANEL" >> /root/deployment.results
cat /etc/apt/sources.list.d/skyreach.list >> /root/deployment.results
echo "" >> /root/deployment.results
echo "NETWORK" >> /root/deployment.results
cat /etc/network/interfaces | grep -v '#' >> /root/deployment.results
echo "" >> /root/deployment.results
echo "RUNNING NETWORK" >> /root/deployment.results
ifconfig >> /root/deployment.results
echo "" >> /root/deployment.results
echo "DNS" >> /root/deployment.results
cat /etc/resolv.conf >> /root/deployment.results
echo "" >> /root/deployment.results
echo "NGINX" >> /root/deployment.results
grep server_name /etc/nginx/sites-enabled/* | uniq >> /root/deployment.results
echo "" >> /root/deployment.results
echo "RTMP" >> /root/deployment.results
cat /etc/hca/rtmp.ini | grep -v '#' >> /root/deployment.results
echo "" >> /root/deployment.results
echo "SERVICES" >> /root/deployment.results
echo "mediaserver $(service mediaserver status | grep Active)" >> /root/deployment.results
echo "WowzaStreamingEngine $(service WowzaStreamingEngine status | grep Active)" >> /root/deployment.results
echo "apt-cacher-ng $(service apt-cacher-ng status | grep Active)" >> /root/deployment.results
echo "campus-manager $(service campus-manager status | grep Active)" >> /root/deployment.results
echo "celerity-server $(service celerity-server status | grep Active)" >> /root/deployment.results
echo "msmonitor $(service msmonitor status | grep Active)" >> /root/deployment.results
echo "munin-node $(service munin-node status | grep Active)" >> /root/deployment.results
echo "mysql $(service mysql status | grep Active)" >> /root/deployment.results
echo "nginx $(service nginx status | grep Active)" >> /root/deployment.results
echo "postfix $(service postfix status | grep Active)" >> /root/deployment.results
echo "ssh $(service ssh status | grep Active)" >> /root/deployment.results
echo "uwsgi $(service uwsgi status | grep Active)" >> /root/deployment.results
echo "" >> /root/deployment.results
cat /root/deployment.results | mail -aFrom:${DEFAULT_FROM_EMAIL} -s "$(hostname) deployed configuration" deployment@ubicast.eu
echo -e "${CYAN}A mail has been sent to deployment@ubicast.eu${NC}"
#!/bin/bash
source /root/envsetup/envsetup.conf
# set SMTP
if ( ! test -z ${CUST_SMTP} )
then
sed -i "s@relayhost = .*@relayhost = ${CUST_SMTP}@" /etc/postfix/main.cf
fi
#!/bin/bash
source /root/envsetup/envsetup.conf
# apply MS default network parameters
sudo sed -i "s@address .*@address 192.168.1.10@" /etc/network/interfaces
sudo sed -i "s@netmask .*@netmask 255.255.255.0@" /etc/network/interfaces
sudo sed -i "s@gateway .*@gateway 192.168.1.1@" /etc/network/interfaces
# add a specific user
useradd -m msinstall
echo -e "msinstall\nmsinstall" | (passwd -q msinstall)
sed -i "s@/home/msinstall:@/home/msinstall:/bin/bash@" /etc/passwd
# sudo
usermod -aG sudo msinstall
echo 'msinstall ALL=(ALL) NOPASSWD: ALL' >> /etc/sudoers
# get MS_deploy
mv /var/tmp/MS_deploy.sh /home/msinstall/MS_deploy.sh
# correct rights
chown msinstall:msinstall /home/msinstall/MS_deploy.sh
echo "bash /home/msinstall/MS_deploy.sh" > /home/msinstall/.bash_profile
#!/bin/bash
source /root/envsetup/envsetup.conf
echo "Insert wowza license key :"
read WOWZA_LICENSE2
echo "${WOWZA_LICENSE2}" > /usr/local/WowzaStreamingEngine/conf/Server.license
service WowzaStreamingEngine restart
service WowzaStreamingEngineManager restart
#!/usr/bin/python3
# -*- coding: utf-8 -*-
import utils
def setup(interactive=True):
# TODO: setup IP
dir_path = utils.get_dir(__file__)
cmds = [
# Locale
'locale-gen en_GB.UTF-8',
'update-locale LANG=en_GB.UTF-8 LANGUAGE=en_GB.UTF-8 LC_ALL=en_GB.UTF-8 LC_MESSAGES=en_GB.UTF-8',
# NTP
'echo "Replacing /etc/ntp.conf"',
dict(line='write', template='%s/ntp.conf' % dir_path, target='/etc/ntp.conf', params=(
('{{ system_ntp }}', utils.get_conf('system_ntp', 'ntp.ubuntu.com')),
)),
]
# Create / update ubicast account
cmds.append('echo "Checking ubicast account"')
code, out = utils.exec_cmd(['id', 'ubicast'], get_out=True)
if code != 0:
cmds.append('useradd -m -s /bin/bash ubicast')
out = ''
if 'sudo' not in out:
cmds.append('usermod -aG sudo ubicast')
# Add SSH key
cmds.append('echo "Checking ubicast and root SSH keys"')
# root
cmds.append('mkdir -p /root/.ssh')
cmds.append('chmod 700 /root/.ssh')
if utils.exec_cmd(['rgrep', 'support@ubicast', '/root/.ssh']) != 0:
cmds.append('cat "%s/ubicast_support.pub" >> /root/.ssh/authorized_keys' % dir_path)
# ubicast
cmds.append('mkdir -p /home/ubicast/.ssh')
cmds.append('chmod 700 /home/ubicast/.ssh')
if utils.exec_cmd(['rgrep', 'support@ubicast', '/home/ubicast/.ssh']) != 0:
cmds.append('cat "%s/ubicast_support.pub" >> /home/ubicast/.ssh/authorized_keys' % dir_path)
cmds.append('chown -R ubicast:ubicast /home/ubicast/.ssh')
utils.run_commands(cmds)
# /etc/ntp.conf, configuration for ntpd; see ntp.conf(5) for help
driftfile /var/lib/ntp/ntp.drift
# Enable this if you want statistics to be logged.
#statsdir /var/log/ntpstats/
statistics loopstats peerstats clockstats
filegen loopstats file loopstats type day enable
filegen peerstats file peerstats type day enable
filegen clockstats file clockstats type day enable
# Specify one or more NTP servers.
# Use servers from the NTP Pool Project. Approved by Ubuntu Technical Board
# on 2011-02-08 (LP: #104525). See http://www.pool.ntp.org/join.html for
# more information.
server 0.ubuntu.pool.ntp.org
server 1.ubuntu.pool.ntp.org
server 2.ubuntu.pool.ntp.org
server 3.ubuntu.pool.ntp.org
# Use Ubuntu's ntp server as a fallback.
server {{ system_ntp }}
# Access control configuration; see /usr/share/doc/ntp-doc/html/accopt.html for
# details. The web page <http://support.ntp.org/bin/view/Support/AccessRestrictions>
# might also be helpful.
#
# Note that "restrict" applies to both servers and clients, so a configuration
# that might be intended to block requests from certain clients could also end
# up blocking replies from your own upstream servers.
# By default, exchange time with everybody, but don't allow configuration.
restrict -4 default kod notrap nomodify nopeer noquery
restrict -6 default kod notrap nomodify nopeer noquery
# Local users may interrogate the ntp server more closely.
restrict 127.0.0.1
restrict ::1
# Clients from this (example!) subnet have unlimited access, but only if
# cryptographically authenticated.
#restrict 192.168.123.0 mask 255.255.255.0 notrust
# If you want to provide time to your local subnet, change the next line.
# (Again, the address is an example only.)
#broadcast 192.168.123.255
# If you want to listen to time broadcasts on your local subnet, de-comment the
# next lines. Please do this only if you trust everybody on the network!
#disable auth
#broadcastclient
\ No newline at end of file
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCr2IJlzvLlLxa2PyGhydAlz/PAOj240g8anQmY58X+llirLHIOlkdJXBqf94jAeZkweWpoE41RdmKPUQEz4pCO09dGJaZD4lv1NtDhrhNwTmoOnyFckoPimR6DX6+UMM9wUmfti/ytljbVEVVo/pRacXmczeumDaci3uYTURyliuAR9h3zbIMQ6D2COESXjptWmEwawE9grsTfJi84Q+XIBPvXRHjjceB5hejUMWuf7xc6GH9WIo5REh3qTUvgtxHtIGLQ3ImOzrbCsEhENrBWds0qH0pIuH0lykWGR6pumpPxLzXcVho+e/UJgUrEg5u6/58aizqJTkxFJMa8ciYz support@ubicast
\ No newline at end of file
#!/usr/bin/python3
# -*- coding: utf-8 -*-
import os
import utils
def setup(interactive=True):
dir_path = utils.get_dir(__file__)
pwd_path = '/etc/pure-ftpd/pureftpd.passwd'
# Get passwords
ftpincoming = utils.get_conf('ftp_ftpincoming')
ftpmsuploader = utils.get_conf('ftp_ftpmsuploader')
ftpstorage = utils.get_conf('ftp_ftpstorage')
ftpadmin = utils.get_conf('ftp_ftpadmin')
if not ftpincoming or not ftpmsuploader or not ftpstorage or not ftpadmin:
raise Exception('Some passwords for FTP accounts are missing.\nPlease add them in the configuration file for EnvSetup script.')
# Run commands
cmds = [
'apt-get install --yes pure-ftpd python3-unidecode',
dict(line='adduser --disabled-login --gecos "" --shell /bin/false ftp', cond='id ftp', cond_neg=True, cond_skip=True),
'mkdir -p /home/ftp/storage',
'mkdir -p /home/ftp/storage/incoming',
'mkdir -p /home/ftp/storage/msuploads',
'mkdir -p /home/ftp/storage/www',
'chmod -R 775 /home/ftp/storage/incoming',
'chmod -R 777 /home/ftp/storage/msuploads',
'chmod -R 775 /home/ftp/storage/www',
'chown -R ftp:ftp /home/ftp/storage',
'mkdir -p /var/www',
'ln -sfn /home/ftp/storage/www /var/www/videos',
# Config
'echo "no" > /etc/pure-ftpd/conf/AllowDotFiles',
'echo "yes" > /etc/pure-ftpd/conf/CallUploadScript',
'echo "yes" > /etc/pure-ftpd/conf/ChrootEveryone',
'echo "yes" > /etc/pure-ftpd/conf/DontResolve',
'echo "no" > /etc/pure-ftpd/conf/PAMAuthentication',
# Post upload script
'cp "%s/on_ftp_upload.py" /home/ftp/on_ftp_upload.py' % dir_path,
'chown ftp:ftp /home/ftp/on_ftp_upload.py',
'chmod +x /home/ftp/on_ftp_upload.py',
'pure-uploadscript -p /home/ftp/.on_upload.pid -B -g $(id -g ftp) -r /home/ftp/on_ftp_upload.py -u $(id -u ftp)',
'cp "%s/pure-ftpd-common" /etc/default/pure-ftpd-common.tmp' % dir_path,
'sed "s/UPLOADUID=UID/UPLOADUID=$(id -u ftp)/g" /etc/default/pure-ftpd-common.tmp > /etc/default/pure-ftpd-common.tmp2',
'mv -f /etc/default/pure-ftpd-common.tmp2 /etc/default/pure-ftpd-common.tmp',
'sed "s/UPLOADGID=GID/UPLOADGID=$(id -g ftp)/g" /etc/default/pure-ftpd-common.tmp > /etc/default/pure-ftpd-common.tmp2',
'mv -f /etc/default/pure-ftpd-common.tmp2 /etc/default/pure-ftpd-common',
'rm -f /etc/default/pure-ftpd-common.tmp',
'cp "%s/remove_empty_dirs.py" /etc/cron.hourly/remove_empty_dirs.py' % dir_path,
# Create FTP accounts
'([ -f "%s" ] || [ -f "%s" ] && cp "%s" "%s") || true' % (pwd_path + '.back', pwd_path, pwd_path, pwd_path + '.back'),
'([ -f "%s" ] && mv -f "%s" pureftpd.passwd.tmp) || true' % (pwd_path, pwd_path),
'"%s/create_account.sh" ftpincoming "%s" /home/ftp/storage/incoming' % (dir_path, ftpincoming),
'"%s/create_account.sh" ftpmsuploader "%s" /home/ftp/storage/msuploads' % (dir_path, ftpmsuploader),
'"%s/create_account.sh" ftpstorage "%s" /home/ftp/storage/www' % (dir_path, ftpstorage),
'"%s/create_account.sh" ftpadmin "%s" /home/ftp/storage' % (dir_path, ftpadmin),
'rm -f pureftpd.passwd.tmp',
'pure-pw mkdb',
'ln -sfn /etc/pure-ftpd/conf/PureDB /etc/pure-ftpd/auth/50puredb',
'/etc/init.d/pure-ftpd force-reload',
]
try:
utils.run_commands(cmds)
except Exception:
raise
finally:
# Restore password conf if required
if os.path.exists('pureftpd.passwd.tmp'):
os.rename('pureftpd.passwd.tmp', pwd_path)
#!/bin/bash
# Usage: create_account.sh username password home
echo -e "$2\n$2" | pure-pw useradd $1 -u ftp -d $3
#!/usr/bin/env python3
# -*- coding: utf-8 -*-
import logging
import os
import shutil
import sys
import unicodedata
# command line
# pure-uploadscript -p /home/ftp/.on_ftp_upload.pid -B -g 1001 -r /home/ftp/on_ftp_upload.py -u 1001
BASE_DIR = '/home/ftp/storage/'
INCOMING_DIR = BASE_DIR + 'incoming/'
WWW_DIR = BASE_DIR + 'www/'
ALLOWED_CHARS = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789_-.'
LOG_FILE = '/home/ftp/on_ftp_upload.log'
LOG_LEVEL = 'INFO'
def clean_name(name):
# strip accents and replace non allowed characters
return ''.join((c if c in ALLOWED_CHARS else '_') for c in unicodedata.normalize('NFD', name) if unicodedata.category(c) != 'Mn')
if __name__ == '__main__':
# setup logging
logging.basicConfig(
filename=LOG_FILE,
format='%(asctime)s %(name)-12s %(levelname)-8s %(message)s',
level=getattr(logging, LOG_LEVEL),
)
try:
logging.debug('Starting script')
if len(sys.argv) < 2:
logging.info('Not enough arguments')
sys.exit(1)
src_path = sys.argv[1]
if not src_path.startswith(BASE_DIR):
logging.info('File %s will not be moved because it is not in base dir', src_path)
sys.exit(0)
# remove special characters
name = os.path.basename(src_path)
new_name = clean_name(name)
if name != new_name:
new_path = os.path.join(os.path.dirname(src_path), new_name)
os.rename(src_path, new_path)
logging.info('File %s has been renamed to %s', src_path, new_path)
src_path = new_path
# move file
if not src_path.startswith(INCOMING_DIR):
logging.info('File %s will not be moved because it is not in the incoming dir', src_path)
sys.exit(0)
dest_path = src_path.replace(INCOMING_DIR, WWW_DIR)
if not os.path.exists(os.path.dirname(dest_path)):
os.system('mkdir -p -m 775 "%s"' % os.path.dirname(dest_path))
shutil.move(src_path, dest_path)
logging.info('File moved %s', src_path)
except Exception as e:
logging.error('Failed to move file %s. Error: %s', src_path, e)
sys.exit(1)
else:
sys.exit(0)
# Configuration for pure-ftpd
# (this file is sourced by /bin/sh, edit accordingly)
# STANDALONE_OR_INETD
# valid values are "standalone" and "inetd".
# Any change here overrides the setting in debconf.
STANDALONE_OR_INETD=standalone
# VIRTUALCHROOT:
# whether to use binary with virtualchroot support
# valid values are "true" or "false"
# Any change here overrides the setting in debconf.
VIRTUALCHROOT=false
# UPLOADSCRIPT: if this is set and the daemon is run in standalone mode,
# pure-uploadscript will also be run to spawn the program given below
# for handling uploads. see /usr/share/doc/pure-ftpd/README.gz or
# pure-uploadscript(8)
# example: UPLOADSCRIPT=/usr/local/sbin/uploadhandler.pl
UPLOADSCRIPT=/home/ftp/on_ftp_upload.py
# if set, pure-uploadscript will spawn $UPLOADSCRIPT running as the
# given uid and gid
UPLOADUID=UID
UPLOADGID=GID
#!/usr/bin/env python3
# -*- coding: utf-8 -*-
'''
Script to remove empty dirs from FTP incoming dir.
'''
import datetime
import os
import shutil
import sys
import traceback
INCOMING_DIR = '/home/ftp/storage/incoming/'
DAYS_OLD = 1
def _can_be_removed(path):
if not os.path.isdir(path):
return False
for name in os.listdir(path):
subpath = os.path.join(path, name)
if not _can_be_removed(subpath):
return False
mtime = os.path.getmtime(path)
mtime = datetime.datetime.fromtimestamp(mtime)
if mtime < datetime.datetime.now() - datetime.timedelta(days=DAYS_OLD):
return True
return False
if __name__ == '__main__':
script_name = os.path.basename(__file__)
try:
if not os.path.isdir(INCOMING_DIR):
print('%s: The FTP incoming dir does not exist (%s).' % (script_name, INCOMING_DIR))
sys.exit(1)
for name in os.listdir(INCOMING_DIR):
path = os.path.join(INCOMING_DIR, name)
if _can_be_removed(path):
shutil.rmtree(path)
print('%s: Dir "%s" removed.' % (script_name, path))
except Exception:
print('%s: Script crashed:\n%s' % (script_name, traceback.format_exc()))
sys.exit(1)
#!/bin/bash
pwd
#!/bin/bash
source /root/envsetup/envsetup.conf
# hostname
echo "127.0.0.1 ${ETC_HOSTNAME}" >> /etc/hosts
echo ${ETC_HOSTNAME} > /etc/hostname
# DNS
cat > /etc/resolv.conf << EOF
search ubicast.net
nameserver 192.168.40.3
nameserver 192.168.40.2
nameserver 192.168.40.6
EOF
# set ubicast account pwd
echo -e "${UBICAST_PASSWD}\n${UBICAST_PASSWD}" | (passwd -q ubicast)
# create admin account
useradd -m admin --shell /bin/bash
echo -e "${SHELL_PWD}\n${SHELL_PWD}" | (passwd -q admin)
usermod -aG sudo admin
# migrate to Ubuntu 16.04 / apply sources.list
if [ $(cat /etc/lsb-release | grep DISTRIB_RELEASE | awk -F "=" '{print$2}') = "16.04" ]
then
cp sources16.list /etc/apt/sources.list
# Ubuntu 14.04
else
apt-get update && apt-get upgrade -y
cp sources16.list /etc/apt/sources.list
apt-get update
DEBIAN_FRONTEND=noninteractive /usr/bin/apt-get dist-upgrade -o Dpkg::Options::="--force-confold" --force-yes -y
fi
# màj
apt-get update && apt-get install -y aptitude && aptitude upgrade -y
aptitude install -y apt-transport-https pwgen ntpdate
# modify sources.list to use ubicast cache
grep ${CACHE} /etc/apt/sources.list
if [ $? = 1 ]
then
sed -i "s@http://@http://${CACHE}/@" /etc/apt/sources.list
fi
# APT panel
wget -q https://${PANEL}/media/public.gpg -O- | sudo apt-key add -
echo "deb https://${PANEL} packaging/apt/${API}/" > /etc/apt/sources.list.d/skyreach.list
aptitude update
# unattended-upgrades
aptitude install -y unattended-upgrades
sed -i 's@//Unattended-Upgrade::Mail "root";@Unattended-Upgrade::Mail "root";@' /etc/apt/apt.conf.d/50unattended-upgrades
sed -i 's@//*.*"vim";@"mysql-server";@' /etc/apt/apt.conf.d/50unattended-upgrades
sed -i 's@//*.*"libc6";@"mysql-client";@' /etc/apt/apt.conf.d/50unattended-upgrades
# configure frequence
cat > /etc/apt/apt.conf.d/10periodic << EOF
APT::Periodic::Update-Package-Lists "1";
APT::Periodic::Download-Upgradeable-Packages "1";
APT::Periodic::AutocleanInterval "7";
APT::Periodic::Unattended-Upgrade "1";
EOF
# resolvconf
aptitude purge -y resolvconf
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment