Commit | Line | Data |
---|---|---|
11cbb815 PD |
1 | # The software in this package is distributed under the GNU General |
2 | # Public License version 2 (with a special exception described below). | |
3 | # | |
4 | # A copy of GNU General Public License (GPL) is included in this distribution, | |
5 | # in the file COPYING.GPL. | |
6 | # | |
7 | # As a special exception, if other files instantiate templates or use macros | |
8 | # or inline functions from this file, or you compile this file and link it | |
9 | # with other works to produce a work based on this file, this file | |
10 | # does not by itself cause the resulting work to be covered | |
11 | # by the GNU General Public License. | |
12 | # | |
13 | # However the source code for this file must still be made available | |
14 | # in accordance with section (3) of the GNU General Public License. | |
15 | # | |
16 | # This exception does not invalidate any other reasons why a work based | |
17 | # on this file might be covered by the GNU General Public License. | |
18 | # | |
19 | # Copyright (c) 2016-2018 Intra2net AG <info@intra2net.com> | |
20 | ||
f49f6323 PD |
21 | """ |
22 | ||
b5abc93a | 23 | summary |
f49f6323 | 24 | ------------------------------------------------------ |
188605ae | 25 | Module for one-step dynamic cnfvar generation from default value templates. |
f49f6323 | 26 | |
b5abc93a | 27 | .. codeauthor:: Intra2net |
b7e04a3e | 28 | |
f49f6323 | 29 | |
188605ae PD |
30 | contents |
31 | ------------------------------------------------------- | |
32 | These templates contain the bare defaults the UI adds upon | |
33 | creation of each major and frequently used cnfvar. | |
34 | ||
35 | ||
b5abc93a | 36 | interface |
f49f6323 PD |
37 | ------------------------------------------------------ |
38 | ||
39 | """ | |
40 | ||
41 | import time | |
42 | import logging | |
f49f6323 PD |
43 | |
44 | # custom imports | |
b5abc93a PD |
45 | from .model import Cnf, CnfList |
46 | ||
47 | ||
48 | log = logging.getLogger('pyi2ncommon.cnfvar.templates') | |
f49f6323 PD |
49 | |
50 | ||
51 | ############################################################################### | |
188605ae PD |
52 | # MAJOR CNF DEFAULTS |
53 | ############################################################################### | |
54 | ||
55 | ||
56 | #: UI defaults for a user instance | |
57 | user_defaults = { | |
58 | "USER_DISABLED": "0", | |
59 | "USER_FULLNAME": "", | |
4fef584f PD |
60 | "USER_GROUPWARE_FOLDER_CALENDAR": "INBOX/Kalender", |
61 | "USER_GROUPWARE_FOLDER_CONTACTS": "INBOX/Kontakte", | |
62 | "USER_GROUPWARE_FOLDER_DRAFTS": "INBOX/Entwürfe", | |
63 | "USER_GROUPWARE_FOLDER_NOTES": "INBOX/Notizen", | |
64 | "USER_GROUPWARE_FOLDER_OUTBOX": "INBOX/Gesendete Elemente", | |
65 | "USER_GROUPWARE_FOLDER_TASKS": "INBOX/Aufgaben", | |
66 | "USER_GROUPWARE_FOLDER_TRASH": "INBOX/Gelöschte Elemente", | |
188605ae PD |
67 | # always a member of the 'Alle' group |
68 | "USER_GROUP_MEMBER_REF": "2", | |
69 | "USER_LOCALE": "", | |
70 | "USER_PASSWORD": "test1234", | |
71 | "USER_TRASH_DELETEDAYS": "30", | |
72 | "USER_WEBMAIL_MESSAGES_PER_PAGE": "25", | |
73 | "USER_WEBMAIL_SIGNATURE": "", | |
74 | } | |
b358e4cb PD |
75 | #: UI defaults for a group instance |
76 | group_defaults = { | |
77 | "GROUP_COMMENT": "", | |
78 | "GROUP_ACCESS_GO_ONLINE_ALLOWED": "1", | |
79 | "GROUP_EMAILFILTER_BAN_FILTERLIST_REF": "-1", | |
80 | "GROUP_EMAIL_RELAY_RIGHTS": "RELAY_FROM_INTRANET", | |
81 | "GROUP_PROXY_PROFILE_REF": "1", | |
82 | } | |
13abc7d0 PD |
83 | #: UI defaults for an intraclient instance |
84 | intraclient_defaults = { | |
85 | "INTRACLIENT_COMMENT": "", | |
86 | "INTRACLIENT_DNS_RELAYING_ALLOWED": "1", | |
87 | "INTRACLIENT_EMAIL_RELAYING_ALLOWED": "1", | |
88 | "INTRACLIENT_FIREWALL_RULESET_REF": "5", | |
df3ad4c0 PD |
89 | "INTRACLIENT_IP": "", |
90 | "INTRACLIENT_MAC": "", | |
13abc7d0 PD |
91 | "INTRACLIENT_PROXY_PROFILE_REF": "-1", |
92 | } | |
93 | #: UI defaults for a NIC instance | |
94 | nic_defaults = { | |
95 | "NIC_COMMENT": "", | |
96 | "NIC_DRIVER": "virtio_net", | |
13abc7d0 | 97 | "NIC_MAC": "02:00:00:00:20:00", |
4fef584f | 98 | "NIC_TYPE": "UNUSED", |
13abc7d0 PD |
99 | } |
100 | #: UI defaults for a provider instance | |
101 | provider_defaults = { | |
102 | "PROVIDER_PROXY_SERVER": "", | |
103 | "PROVIDER_PROXY_PORT": "", | |
104 | "PROVIDER_PROXY_PASSWORD": "", | |
105 | "PROVIDER_PROXY_LOGIN": "", | |
106 | "PROVIDER_NIC_REF": "1", | |
107 | "PROVIDER_NETMASK": "255.255.0.0", | |
108 | "PROVIDER_MTU_SIZE": "1500", | |
109 | "PROVIDER_MODE": "ROUTER", | |
110 | "PROVIDER_MAILTRANSFER_MODE": "IMMEDIATE", | |
111 | "PROVIDER_LOCALIP": "", | |
112 | "PROVIDER_IP": "", | |
113 | "PROVIDER_FIREWALL_RULESET_REF": "7", | |
114 | "PROVIDER_FALLBACK_TIMEOUT": "60", | |
115 | "PROVIDER_FALLBACK_PROVIDER_REF": "-1", | |
116 | "PROVIDER_EMAIL_RELAY_REF": "-1", | |
117 | "PROVIDER_DYNDNS_WEBCHECKIP": "0", | |
118 | "PROVIDER_DYNDNS_ENABLE": "1", | |
4fef584f | 119 | "PROVIDER_DNS_MODE": "ROOT", |
13abc7d0 PD |
120 | "PROVIDER_DNS": "", |
121 | "PROVIDER_BWIDTH_MANAGEMENT_UPSTREAM_SPEED": "", | |
122 | "PROVIDER_BWIDTH_MANAGEMENT_ENABLE": "0", | |
123 | "PROVIDER_BWIDTH_MANAGEMENT_DOWNSTREAM_SPEED": "", | |
124 | "PROVIDER_PINGCHECK_SERVERLIST_REF": "-2", | |
125 | } | |
126 | #: UI defaults for a port forwarding instance | |
127 | port_forwarding_defaults = { | |
128 | "PORT_FORWARDING_DST_IP_REF": "1", | |
129 | "PORT_FORWARDING_DST_PORT": "", | |
130 | "PORT_FORWARDING_DST_PORT_END": "", | |
131 | "PORT_FORWARDING_PROTOCOL_TYPE": "TCP", | |
132 | "PORT_FORWARDING_SRC_PORT": "", | |
133 | "PORT_FORWARDING_SRC_PORT_END": "", | |
134 | } | |
135 | #: UI defaults for a firewall ruleset instance | |
136 | firewall_ruleset_defaults = { | |
137 | "FIREWALL_RULESET_PROFILE_TYPE": "FULL", | |
138 | } | |
139 | #: UI defaults for a proxy accesslist instance | |
140 | proxy_accesslist_defaults = { | |
141 | "PROXY_ACCESSLIST_ENTRY_COUNT": "123", | |
142 | "PROXY_ACCESSLIST_MODE": "1", | |
143 | "PROXY_ACCESSLIST_SIZETYPE": "1", | |
144 | "PROXY_ACCESSLIST_TYPE": "0", | |
145 | } | |
146 | #: UI defaults for a key instance | |
147 | key_own_defaults = { | |
148 | "KEY_OWN_FINGERPRINT_MD5": "76:3B:CF:8E:CB:BF:A5:7D:CC:87:39:FA:CE:99:2E:96", | |
149 | "KEY_OWN_FINGERPRINT_SHA1": "ED:5A:C6:D9:5B:BE:47:1F:B9:4F:CF:A3:80:3B:42:08:F4:00:16:96", | |
150 | "KEY_OWN_ID_X509": "CN=some.net.lan", | |
151 | "KEY_OWN_ISSUER": "CN=ab, C=fd, L=ab, ST=ab, O=ab, OU=ab/emailAddress=ab@ab.com", | |
152 | "KEY_OWN_KEYSIZE": "2048", | |
153 | "KEY_OWN_HASH_ALGO": "SHA2_256", | |
154 | "KEY_OWN_PRIVATE_KEY": "-----BEGIN PRIVATE KEY-----\\nMIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKk" + | |
155 | "ZTzqHXg41RZMiY+ywRZ037pBq8J3BkH\\n-----END PRIVATE KEY-----\\n", | |
156 | "KEY_OWN_PUBLIC_KEY": "-----BEGIN CERTIFICATE-----\\nMIIFCTCCAvGgAwIBAgIEVBGDuTANBgkqhkiG" + | |
157 | "9w0BAQsFADCBgTEPMA0GA1UEAwwG\\n-----END CERTIFICATE-----\\n", | |
158 | "KEY_OWN_REQUEST": "-----BEGIN CERTIFICATE REQUEST-----\\nMIIDCzCCAfMCAQAwIjEgMB4GA1UEAww" + | |
159 | "XaW50cmFkZXYtYWllc\\n-----END CERTIFICATE REQUEST-----\\n", | |
160 | "KEY_OWN_SUBJECT": "CN=some.net.lan", | |
161 | "KEY_OWN_VALIDFROM": "20140911T111257", | |
162 | "KEY_OWN_VALIDTILL": "20160731T134608", | |
163 | "KEY_OWN_TYPE": "SELF", | |
164 | # the ones bellow should be set when using 'generate' to create the key | |
165 | "KEY_OWN_CREATE_CN": "somehost", | |
166 | "KEY_OWN_CREATE_EMAIL": "default@intra2net.com" | |
167 | } | |
168 | #: UI defaults for a VPN connection instance | |
169 | vpnconn_defaults = { | |
170 | "VPNCONN_ACTIVATION": "ALWAYS", | |
171 | "VPNCONN_DISABLED": "0", | |
172 | "VPNCONN_DNS_RELAYING_ALLOWED": "1", | |
173 | "VPNCONN_EMAIL_RELAYING_ALLOWED": "1", | |
174 | "VPNCONN_ENCRYPTION_PROFILE_REF": "0", | |
175 | "VPNCONN_FIREWALL_RULESET_REF": "5", | |
176 | "VPNCONN_IKE_VERSION": "1", | |
177 | "VPNCONN_KEY_FOREIGN_REF": "1", | |
178 | "VPNCONN_KEY_OWN_REF": "1", | |
179 | "VPNCONN_KEY_TYPE": "PUBLIC", | |
180 | "VPNCONN_LAN_NAT_IP": "", | |
181 | "VPNCONN_LAN_NAT_MODE": "UNMODIFIED", | |
182 | "VPNCONN_LAN_NAT_NETWORK": "", | |
183 | "VPNCONN_LAN_NIC_REF": "2", | |
184 | "VPNCONN_LAN_NET": "172.17.0.0", | |
185 | "VPNCONN_LAN_NETMASK": "255.255.0.0", | |
186 | "VPNCONN_LAN_TYPE": "NIC", | |
187 | "VPNCONN_LIFETIME_IKE": "480", | |
188 | "VPNCONN_LIFETIME_IPSECSA": "60", | |
189 | "VPNCONN_OFFLINE_DETECTION_SEC": "60", | |
190 | "VPNCONN_PEER_DNS": "", | |
df3ad4c0 | 191 | "VPNCONN_PEER_IP": "", |
13abc7d0 PD |
192 | "VPNCONN_PEER_TYPE": "IP", |
193 | "VPNCONN_PROXY_PROFILE_REF": "-2", | |
194 | "VPNCONN_PSK": "", | |
195 | "VPNCONN_PSK_FOREIGN_ID": "", | |
196 | "VPNCONN_PSK_FOREIGN_ID_TYPE": "IP", | |
197 | "VPNCONN_PSK_OWN_ID": "", | |
198 | "VPNCONN_PSK_OWN_ID_TYPE": "IP", | |
199 | "VPNCONN_REMOTE_INET_NAT": "1", | |
200 | "VPNCONN_REMOTE_MODECONFIG_IP": "192.168.99.1", | |
201 | "VPNCONN_REMOTE_NAT_ENABLE": "0", | |
202 | "VPNCONN_REMOTE_NAT_NETWORK": "", | |
203 | "VPNCONN_REMOTE_NET": "172.18.0.0", | |
204 | "VPNCONN_REMOTE_NETMASK": "255.255.0.0", | |
205 | "VPNCONN_REMOTE_TYPE": "CUSTOM", | |
206 | "VPNCONN_RETRIES": "3", | |
207 | "VPNCONN_SECURED": "ESP", | |
208 | "VPNCONN_XAUTH_SERVER_ENABLE": "0" | |
209 | } | |
188605ae PD |
210 | |
211 | ||
212 | ############################################################################### | |
f49f6323 PD |
213 | # MINOR CONFIGURATION |
214 | ############################################################################### | |
215 | ||
7628bc48 | 216 | |
188605ae | 217 | def template(name, value, instance=-1, defaults=None, **kwargs): |
f49f6323 | 218 | """ |
188605ae | 219 | Generate a template cnf variable from provided defaults. |
f49f6323 | 220 | |
188605ae PD |
221 | :param str name: cnf variable name |
222 | :param str value: cnf variable data value | |
b5abc93a | 223 | :param int instance: cnf variable instance number |
188605ae PD |
224 | :param defaults: default child variables to populate the cnf variable with |
225 | :type defaults: {str, str or {}} or None | |
b5abc93a PD |
226 | :returns: generated cnf variable |
227 | :rtype: :py:class:`Cnf` | |
188605ae PD |
228 | |
229 | All additional keyword arguments will be used to overwrite the defaults. | |
f49f6323 | 230 | """ |
188605ae PD |
231 | log.info(f"Generating a template {name} cnfvar") |
232 | cnf = Cnf(name, value=value, instance=instance) | |
233 | defaults = {} if defaults is None else defaults | |
234 | cnf.add_children(*[(key, value) for key, value in defaults.items()]) | |
235 | for key in kwargs.keys(): | |
236 | cnf.children.single_with_name(f"{name}_{key}").value = kwargs[key] | |
237 | return cnf | |
f49f6323 PD |
238 | |
239 | ||
188605ae | 240 | def user(name, password, instance=-1, **kwargs): |
f49f6323 | 241 | """ |
188605ae | 242 | Generate a user cnf variable. |
f49f6323 | 243 | |
188605ae | 244 | :param str name: username for the user |
b5abc93a PD |
245 | :param str password: password for the user |
246 | :param int instance: instance number for the user | |
247 | :returns: generated cnf variable | |
248 | :rtype: :py:class:`Cnf` | |
f49f6323 | 249 | """ |
188605ae PD |
250 | log.info(f"Generating a user {name} cnfvar") |
251 | user_cnf = template("user", name, instance=instance, defaults=user_defaults, **kwargs) | |
252 | user_cnf.children.single_with_name("user_fullname").value = name.capitalize() | |
253 | user_cnf.children.single_with_name("user_password").value = password | |
f49f6323 PD |
254 | return user_cnf |
255 | ||
256 | ||
b358e4cb | 257 | def group(name, instance=-1, **kwargs): |
f49f6323 | 258 | """ |
b358e4cb | 259 | Generate a group cnf variable. |
f49f6323 | 260 | |
b358e4cb PD |
261 | :param str name: name for the group |
262 | :param int instance: instance number for the group | |
263 | :returns: generated cnf variable | |
264 | :rtype: :py:class:`Cnf` | |
f49f6323 | 265 | """ |
b358e4cb PD |
266 | log.info(f"Generating a group {name} cnfvar") |
267 | group_cnf = template("group", name, instance=instance, defaults=group_defaults, **kwargs) | |
f49f6323 PD |
268 | return group_cnf |
269 | ||
270 | ||
13abc7d0 | 271 | def nic(instance=-1, **kwargs): |
f49f6323 | 272 | """ |
13abc7d0 PD |
273 | Generate a nic cnf variable. |
274 | ||
275 | :param int instance: instance number for the nic | |
276 | :returns: generated cnf variable | |
277 | :rtype: :py:class:`Cnf` | |
f49f6323 | 278 | """ |
13abc7d0 PD |
279 | log.info(f"Generating a nic cnfvar") |
280 | nic_cnf = template("nic", "", instance=instance, defaults=nic_defaults, **kwargs) | |
f49f6323 PD |
281 | return nic_cnf |
282 | ||
283 | ||
13abc7d0 | 284 | def intraclient(name, instance=-1, **kwargs): |
f49f6323 | 285 | """ |
13abc7d0 PD |
286 | Generate an intraclient cnf variable. |
287 | ||
288 | :param str name: name for the intraclient | |
289 | :param int instance: instance number for the intraclient | |
290 | :returns: generated cnf variable | |
291 | :rtype: :py:class:`Cnf` | |
f49f6323 | 292 | """ |
13abc7d0 PD |
293 | log.info(f"Generating an intraclient {name} cnfvar") |
294 | intraclient_cnf = template("intraclient", name, instance=instance, | |
295 | defaults=intraclient_defaults, **kwargs) | |
f49f6323 PD |
296 | return intraclient_cnf |
297 | ||
298 | ||
13abc7d0 | 299 | def provider(name, ip, dns, instance=-1, **kwargs): |
f49f6323 | 300 | """ |
13abc7d0 | 301 | Generate a provider cnf variable. |
f49f6323 | 302 | |
13abc7d0 | 303 | :param str name: name for the provider |
f49f6323 | 304 | :param str ip: IP address of the provider |
f49f6323 | 305 | :param str dns: IP address of the DNS server |
13abc7d0 PD |
306 | :param int instance: instance number for the provider |
307 | :returns: generated cnf variable | |
308 | :rtype: :py:class:`Cnf` | |
f49f6323 | 309 | """ |
13abc7d0 PD |
310 | log.info(f"Generating a provider {name} cnfvar") |
311 | provider_cnf = template("provider", name, instance=instance, | |
312 | defaults=provider_defaults, **kwargs) | |
313 | provider_cnf.children.single_with_name("provider_ip").value = ip | |
314 | provider_cnf.children.single_with_name("provider_dns").value = dns | |
f49f6323 PD |
315 | return provider_cnf |
316 | ||
317 | ||
13abc7d0 | 318 | def port_forwarding(name, src_port="1234", dst_port="1234", instance=-1, **kwargs): |
f49f6323 | 319 | """ |
13abc7d0 PD |
320 | Generate a port forwarding cnf variable. |
321 | ||
322 | :param str name: name for the port forwarding mapping | |
323 | :param str src_port: forwarded source port | |
324 | :param str dst_port: forwarded destination port | |
325 | :param int instance: instance number for the port forwarding mapping | |
326 | :returns: generated cnf variable | |
327 | :rtype: :py:class:`Cnf` | |
f49f6323 | 328 | """ |
13abc7d0 PD |
329 | log.info(f"Generating a port forwarding {name} cnfvar") |
330 | port_forwarding_cnf = template("port_forwarding", name, instance=instance, | |
331 | defaults=port_forwarding_defaults, **kwargs) | |
332 | port_forwarding_cnf.children.single_with_name("port_forwarding_src_port").value = src_port | |
333 | port_forwarding_cnf.children.single_with_name("port_forwarding_dst_port").value = dst_port | |
334 | return port_forwarding_cnf | |
f49f6323 PD |
335 | |
336 | ||
13abc7d0 | 337 | def firewall_ruleset(name, instance=-1, **kwargs): |
f49f6323 | 338 | """ |
13abc7d0 | 339 | Generate a firewall ruleset cnf variable. |
f49f6323 | 340 | |
13abc7d0 PD |
341 | :param str name: name for the firewall ruleset |
342 | :param int instance: instance number for the firewall ruleset | |
343 | :returns: generated cnf variable | |
344 | :rtype: :py:class:`Cnf` | |
f49f6323 | 345 | """ |
13abc7d0 PD |
346 | log.info(f"Generating a firewall ruleset {name} cnfvar") |
347 | firewall_ruleset_cnf = template("firewall_ruleset", name, instance=instance, | |
348 | defaults=firewall_ruleset_defaults, **kwargs) | |
349 | return firewall_ruleset_cnf | |
350 | ||
351 | ||
352 | def proxy_accesslist(name, instance=-1, **kwargs): | |
f49f6323 | 353 | """ |
13abc7d0 | 354 | Generate a proxy accesslist cnf variable. |
f49f6323 | 355 | |
13abc7d0 PD |
356 | :param str name: name for the proxy accesslist |
357 | :param int instance: instance number for the proxy accesslist | |
358 | :returns: generated cnf variable | |
359 | :rtype: :py:class:`Cnf` | |
f49f6323 | 360 | """ |
13abc7d0 PD |
361 | log.info(f"Generating a proxy accesslist {name} cnfvar") |
362 | proxy_accesslist_cnf = template("proxy_accesslist", name, instance=instance, | |
363 | defaults=proxy_accesslist_defaults, **kwargs) | |
364 | return proxy_accesslist_cnf | |
365 | ||
366 | ||
367 | def key_own(name, instance=-1, **kwargs): | |
f49f6323 | 368 | """ |
13abc7d0 | 369 | Generate an own key cnf variable. |
f49f6323 | 370 | |
13abc7d0 PD |
371 | :param str name: name for the own key |
372 | :param int instance: instance number for the own key | |
373 | :returns: generated cnf variable | |
374 | :rtype: :py:class:`Cnf` | |
f49f6323 | 375 | """ |
13abc7d0 PD |
376 | log.info(f"Generating an own key {name} cnfvar") |
377 | key_own_cnf = template("key_own", name, instance=instance, | |
378 | defaults=key_own_defaults, **kwargs) | |
379 | return key_own_cnf | |
380 | ||
381 | ||
382 | def vpnconn(name, instance=-1, **kwargs): | |
f49f6323 | 383 | """ |
13abc7d0 | 384 | Generate a vpn connection cnf variable. |
f49f6323 | 385 | |
13abc7d0 PD |
386 | :param str name: name for the vpn connection |
387 | :param int instance: instance number for the vpn connection | |
388 | :returns: generated cnf variable | |
389 | :rtype: :py:class:`Cnf` | |
f49f6323 | 390 | """ |
13abc7d0 PD |
391 | log.info(f"Generating a vpn connection {name} cnfvar") |
392 | vpnconn_cnf = template("vpnconn", name, instance=instance, | |
393 | defaults=vpnconn_defaults, **kwargs) | |
394 | return vpnconn_cnf |