git://developer.intra2net.com / pyi2ncommon / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Clean up, remove compat with py < 3.6
[pyi2ncommon] / src / mk_config.py
CommitLineData
11cbb815
PD		 1# The software in this package is distributed under the GNU General
2# Public License version 2 (with a special exception described below).
3#
4# A copy of GNU General Public License (GPL) is included in this distribution,
5# in the file COPYING.GPL.
6#
7# As a special exception, if other files instantiate templates or use macros
8# or inline functions from this file, or you compile this file and link it
9# with other works to produce a work based on this file, this file
10# does not by itself cause the resulting work to be covered
11# by the GNU General Public License.
12#
13# However the source code for this file must still be made available
14# in accordance with section (3) of the GNU General Public License.
15#
16# This exception does not invalidate any other reasons why a work based
17# on this file might be covered by the GNU General Public License.
18#
19# Copyright (c) 2016-2018 Intra2net AG <info@intra2net.com>
20
f49f6323
PD		 21"""
22
23SUMMARY
24------------------------------------------------------
25Utility for one-step dynamic cnfvar configuration.
26
27Copyright: Intra2net AG
28
29
30CONTENTS
31------------------------------------------------------
32Contains general as well as specialized versions of some of the main
33configurations performed by our tests.
34
35INTERFACE
36------------------------------------------------------
37
38"""
39
40import time
41import logging
f49f6323
PD		 42
43# custom imports
30521dad
PD		 44from . import arnied_wrapper as aw
45from .arnied_wrapper import Delete, Update, Add, Child, batch_update_cnf, build_cnf
46from .cnfline import build_cnfvar, build_group, build_intraclient
47from .cnfline import build_nic, build_provider, build_user
f49f6323 48
7628bc48 49log = logging.getLogger('pyi2ncommon.mk_config')
f49f6323
PD		 50
51###############################################################################
52# MINOR CONFIGURATION
53###############################################################################
54
7628bc48 55
f49f6323
PD		 56def simple(varname, data, filename):
57 """
58 Generate and save a single-variable configuration file.
59
60 :param str varname: cnf variable name
61 :param str data: cnf variable data
62 :param str filename: config name
63 :returns: generated config filename
64 :rtype: str
65 """
66 log.info("Create single-variable configuration file")
67 tmp = build_cnfvar.BuildCnfVar(name=varname, data=data)
68 [filename] = aw.prep_config_paths([filename], aw.DUMP_CONFIG_DIR)
69 logging.info("Saving simple configuration to %s", filename)
70 tmp.save(filename)
71 return filename
72
73
74def user(username="admin", instance=1, suffix="host"):
75 """
76 Generate and save a user configuration file.
77
78 :param str username: username for the user variable
79 :param int instance: instance number (for multiple users, -1 for next available)
80 :param str suffix: optional suffix to use for config identification
81 :returns: generated config filename
82 :rtype: str
83 """
84 log.info("Create arnied user configuration")
7628bc48 85 user_obj = batch_update_cnf(
f49f6323
PD		 86 build_user.BuildUser(data=username, instance=instance, line_no=1),
87 [(Update, ("USER_FULLNAME", 0, username)),
88 (Update, ("USER_GROUP_MEMBER_REF", 0, "1")),
89 (Add, ("USER_GROUP_MEMBER_REF", 1, "2")),
90 (Delete, "USER_WEBMAIL_MESSAGES_PER_PAGE"),
91 (Delete, "USER_LOCALE"),
92 (Delete, "USER_TRASH_DELETEDAYS"),
93 (Delete, "USER_WEBMAIL_SIGNATURE")])
94 user_cnf = "user-%d-%s.cnf" % (time.time(), suffix)
95 [user_cnf] = aw.prep_config_paths([user_cnf], aw.DUMP_CONFIG_DIR)
96 logging.info("Saving user configuration to %s", user_cnf)
7628bc48 97 user_obj.save(user_cnf)
f49f6323
PD		 98 return user_cnf
99
100
93b19891 101def group_admins(proxy_profile="1", activesync_enable=False, xauth_enable=False, suffix="host"):
f49f6323
PD		 102 """
103 Generate and save an Administrators group configuration file.
104
93b19891 105 :param str proxy_profile: proxy profile instance reference
f49f6323
PD		 106 :param bool activesync_enable: whether to enable ActiveSync for the group
107 :param bool xauth_enable: whether to enable XAUTH for the group
108 :param str suffix: optional suffix to use for config identification
109 :returns: generated config filename
110 :rtype: str
111 """
112 log.info("Create arnied admin group configuration")
113 group = batch_update_cnf(build_group.BuildGroup(data="Administratoren",
114 instance=1),
115 [(Update, ("GROUP_ACCESS_REMOTE_ADMINISTRATION_ALLOWED", 0, "1")),
116 (Update, ("GROUP_EMAILFILTER_BAN_FILTERLIST_REF", 0, "-1")),
93b19891 117 (Update, ("GROUP_PROXY_PROFILE_REF", 0, proxy_profile)),
f49f6323
PD		 118 (Update, ("GROUP_ACCESS_GO_ONLINE_ALLOWED", 0, "1")),
119 (Update, ("GROUP_EMAIL_RELAY_RIGHTS", 0, "RELAY_FROM_INTRANET")),
120 (Update, ("GROUP_ACTIVESYNC_ENABLE", 0, "1" if activesync_enable else "0")),
121 (Update, ("GROUP_XAUTH_ENABLE", 0, "1" if xauth_enable else "0")),
7628bc48 122 (Delete, ("GROUP_COMMENT",))])
f49f6323
PD		 123 group_cnf = "group-%d-%s.cnf" % (time.time(), suffix)
124 [group_cnf] = aw.prep_config_paths([group_cnf], aw.DUMP_CONFIG_DIR)
125 logging.info("Saving group configuration to %s", group_cnf)
126 group.save(group_cnf)
127 return group_cnf
128
129
130def group_all(proxy_profile="1", suffix="host"):
131 """
7628bc48 132 Generate and save an "All" group configuration file.
f49f6323
PD		 133
134 :param str proxy_profile: proxy profile instance reference
135 :param str suffix: optional suffix to use for config identification
136 :returns: generated config filename
137 :rtype: str
138 """
139 log.info("Create arnied all group configuration")
140 group = batch_update_cnf(build_group.BuildGroup(data="Alle",
141 instance=2),
142 [(Update, ("GROUP_ACCESS_GO_ONLINE_ALLOWED", 0, "1")),
143 (Update, ("GROUP_ACCESS_INFORMATION_VERSION_ALLOWED", 0, "1")),
144 (Update, ("GROUP_ACCESS_MAINPAGE_ALLOWED", 0, "1")),
145 (Update, ("GROUP_ACCESS_USERMANAGER_OWN_PROFILE_FORWARDING_ALLOWED", 0, "1")),
146 (Update, ("GROUP_ACCESS_USERMANAGER_OWN_PROFILE_GROUPWARE_ALLOWED", 0, "1")),
147 (Update, ("GROUP_ACCESS_USERMANAGER_OWN_PROFILE_SETTINGS_ALLOWED", 0, "1")),
148 (Update, ("GROUP_ACCESS_USERMANAGER_OWN_PROFILE_SORTING_ALLOWED", 0, "1")),
149 (Update, ("GROUP_ACCESS_USERMANAGER_OWN_PROFILE_SPAMFILTER_ALLOWED", 0, "1")),
150 (Update, ("GROUP_ACCESS_USERMANAGER_OWN_PROFILE_VACATION_ALLOWED", 0, "1")),
151 (Update, ("GROUP_ACCESS_GROUPWARE_ALLOWED", 0, "1")),
152 (Update, ("GROUP_EMAILFILTER_BAN_FILTERLIST_REF", 0, "-1")),
153 (Update, ("GROUP_EMAIL_RELAY_RIGHTS", 0, "RELAY_FROM_EVERYWHERE")),
154 (Update, ("GROUP_PROXY_PROFILE_REF", 0, proxy_profile)),
7628bc48 155 (Delete, ("GROUP_COMMENT",))])
f49f6323
PD		 156
157 group_cnf = "group-%d-%s.cnf" % (time.time(), suffix)
158 [group_cnf] = aw.prep_config_paths([group_cnf], aw.DUMP_CONFIG_DIR)
159 logging.info("Saving group configuration to %s", group_cnf)
160 group.save(group_cnf)
161 return group_cnf
162
163
93b19891
PD		 164def nic(instance=0, nictype="NATLAN",
165 ip="1.2.3.4", netmask="255.255.0.0", mac="00:00:00:00:00:00",
166 suffix="host"):
f49f6323
PD		 167 """
168 Generate and save a nic configuration file.
169
93b19891
PD		 170 :param int instance: instance number (for multiple nics, -1 for next available)
171 :param str nictype: type of the nic
f49f6323
PD		 172 :param str ip: IP address of the nic
173 :param str netmask: network mask of the nic
174 :param str mac: MAC address of the nic
175 :param str suffix: optional suffix to use for config identification
176 :returns: generated config filename
177 :rtype: str
178 """
179 log.info("Create arnied nic configuration")
7628bc48 180 nic_obj = batch_update_cnf(
93b19891
PD		 181 build_nic.BuildNIC(data="", instance=instance, line_no=1),
182 [(Update, ("NIC_TYPE", 0, nictype)),
f49f6323
PD		 183 (Update, ("NIC_LAN_IP", 0, ip)),
184 (Update, ("NIC_LAN_NETMASK", 0, netmask)),
185 (Update, ("NIC_MAC", 0, mac))])
186 nic_cnf = "nic-%d-%s.cnf" % (time.time(), suffix)
187 [nic_cnf] = aw.prep_config_paths([nic_cnf], aw.DUMP_CONFIG_DIR)
188 logging.info("Saving nic configuration to %s", nic_cnf)
7628bc48 189 nic_obj.save(nic_cnf)
f49f6323
PD		 190 return nic_cnf
191
192
93b19891
PD		 193def intraclient(name="intraclient", instance=1,
194 ip="1.2.3.4", mac="00:00:00:00:00:00",
195 fwrules=5, suffix="host"):
f49f6323
PD		 196 """
197 Generate and save an intraclient configuration file.
198
93b19891
PD		 199 :param str name: name of the intraclient
200 :param int instance: instance number (for multiple clients, -1 for next available)
f49f6323
PD		 201 :param str ip: IP address of the intraclient
202 :param str mac: MAC address of the intraclient
203 :param int fwrules: instance of the firewall rules to use
204 :param str suffix: optional suffix to use for config identification
205 :returns: generated config filename
206 :rtype: str
207 """
208 log.info("Create arnied intraclient configuration")
7628bc48
CH		 209 intraclient_obj = batch_update_cnf(
210 build_intraclient.BuildIntraclient(data=name, instance=instance),
211 [(Update, ("INTRACLIENT_IP", 0, ip)),
212 (Update, ("INTRACLIENT_MAC", 0, mac)),
213 (Update, ("INTRACLIENT_FIREWALL_RULESET_REF", 0, fwrules))])
f49f6323
PD		 214
215 intraclient_cnf = "intraclient-%d-%s.cnf" % (time.time(), suffix)
216 [intraclient_cnf] = aw.prep_config_paths([intraclient_cnf], aw.DUMP_CONFIG_DIR)
217 logging.info("Saving intraclient configuration to %s", intraclient_cnf)
7628bc48 218 intraclient_obj.save(intraclient_cnf)
f49f6323
PD		 219 return intraclient_cnf
220
221
93b19891 222def provider(name="provider", instance=1, mode="ROUTER", ip="1.2.3.4", localip=None,
f49f6323 223 netmask="255.255.0.0", dnsmode="IP", dns="1.2.3.4", fwrules=5,
93b19891 224 dialretry=None, timeout="", mtumode="AUTO",
f49f6323
PD		 225 vlanid=None, mtusize=None, login=None, password=None,
226 modemip=None, providerid=None, localdhcp=None,
227 suffix="host"):
228 """
229 Generate and save a provider configuration file.
230
93b19891
PD		 231 :param str name: name of the provider
232 :param int instance: instance number (for multiple clients, -1 for next available)
f49f6323
PD		 233 :param str mode: provider mode
234 :param str ip: IP address of the provider
235 :param localip: IP address of the configured machine (valid for some configurations)
236 :type localip: str or None
93b19891
PD		 237 :param str netmask: netmask of the provider
238 :param str dnsmode: dnsmode of the provider
f49f6323
PD		 239 :param str dns: IP address of the DNS server
240 :param int fwrules: instance of the firewall rules to use
93b19891 241 :param any args: lots of detailed configuration
f49f6323
PD		 242 :param str suffix: optional suffix to use for config identification
243 :returns: generated config filename
244 :rtype: str
245 """
246 log.info("Create arnied provider configuration")
7628bc48 247
f49f6323
PD		 248 def add_or_del(var, field):
249 if var is not None:
7628bc48
CH		 250 return Add, (field, 0, str(var))
251 return Delete, field
252 provider_obj = batch_update_cnf(
253 build_provider.BuildProvider(data=name, instance=instance),
254 [(Update, ("PROVIDER_MODE", 0, mode)),
255 ip and (Update, ("PROVIDER_IP", 0, ip))
256 or (Delete, "PROVIDER_IP"),
257 localip
258 and (Update, ("PROVIDER_LOCALIP", 0, localip))
259 or (Delete, "PROVIDER_LOCALIP"),
260 netmask and (Update, ("PROVIDER_NETMASK", 0,
261 netmask))
262 or (Delete, "PROVIDER_NETMASK"),
263 (Update, ("PROVIDER_TIMEOUT", 0, timeout)),
264 (Update, ("PROVIDER_DNS_MODE", 0, dnsmode)),
265 (Update, ("PROVIDER_DNS", 0,
266 dns if dnsmode == "IP" else "")),
267 (Update, ("PROVIDER_MTU_MODE", 0, mtumode)),
268 (Update, ("PROVIDER_MTU_SIZE", 0,
269 mtusize if mtumode != "AUTO" else "")),
270 (Update, ("PROVIDER_FIREWALL_RULESET_REF", 0, str(fwrules))),
271 add_or_del(vlanid, "PROVIDER_VLAN_ID"),
272 add_or_del(dialretry, "PROVIDER_DIAL_RETRY"),
273 add_or_del(login, "PROVIDER_LOGIN"),
274 add_or_del(password, "PROVIDER_PASSWORD"),
275 add_or_del(modemip, "PROVIDER_MODEM_IP"),
276 add_or_del(providerid, "PROVIDER_PROVIDERID"),
277 add_or_del(localdhcp, "PROVIDER_LOCAL_DHCP")])
f49f6323
PD		 278 provider_cnf = "provider-%d-%s.cnf" % (time.time(), suffix)
279 [provider_cnf] = aw.prep_config_paths([provider_cnf], aw.DUMP_CONFIG_DIR)
280 logging.info("Saving provider configuration to %s", provider_cnf)
7628bc48 281 provider_obj.save(provider_cnf)
f49f6323
PD		 282 return provider_cnf
283
284
285def provider_proxy(mode="ROUTER", ip="1.2.3.4", localip=None, proxy_port=3128, fwrules=7, suffix="host"):
286 """
287 Generate and save a provider configuration file for proxy.
288
289 :param str mode: provider mode
290 :param str ip: IP address of the provider (and DNS server)
291 :param localip: IP address of the configured machine (valid for some configurations)
292 :type localip: str or None
293 :param int proxy_port: port for the provider proxy
294 :param int fwrules: instance of the firewall rules to use
295 :param str suffix: optional suffix to use for config identification
296 :returns: generated config filename
297 :rtype: str
298 """
299 log.info("Create arnied provider configuration.")
7628bc48
CH		 300 provider_obj = batch_update_cnf(
301 build_provider.BuildProvider(),
302 [(Update, ("PROVIDER_MODE", 0, mode)),
303 (Update, ("PROVIDER_DNS", 0, ip)),
304 (Update, ("PROVIDER_DYNDNS_ENABLE", 0, "0")),
305 (Update, ("PROVIDER_IP", 0, ip)),
306 (Update, ("PROVIDER_PROXY_SERVER", 0, ip)),
307 (Update, ("PROVIDER_PROXY_PORT", 0, str(proxy_port))),
308 localip
309 and (Update, ("PROVIDER_LOCALIP", 0, localip))
310 or (Delete, "PROVIDER_LOCALIP"),
311 (Update, ("PROVIDER_DNS_MODE", 0, "IP")),
312 (Update, ("PROVIDER_FIREWALL_RULESET_REF", 0, str(fwrules)))])
f49f6323
PD		 313 provider_cnf = "provider-%d-%s.cnf" % (time.time(), suffix)
314 [provider_cnf] = aw.prep_config_paths([provider_cnf], aw.DUMP_CONFIG_DIR)
315 logging.info("Saving provider configuration to %s", provider_cnf)
7628bc48 316 provider_obj.save(provider_cnf)
f49f6323
PD		 317 return provider_cnf
318
319
2d4e0297
PD		 320def port_forwarding(src_port="1234", src_port_end="",
321 dst_port="1234", dst_port_end="",
93b19891
PD		 322 dst_ip_ref="1", protocol_type="TCP",
323 suffix="host"):
f49f6323
PD		 324 """
325 Generate and save a port forwarding configuration file.
326
2d4e0297
PD		 327 :param str src_port: forwarded source port
328 :param str src_port_end: forwarded source port end for a port range
329 :param str dst_port: forwarded destination port
330 :param str dst_port_end: forwarded destination port end for a port range
93b19891 331 :param str dst_ip_ref: destination nic instance for a port range
f49f6323 332 :param str protocol_type: port forwarding protocol type
f49f6323
PD		 333 :param str suffix: optional suffix to use for config identification
334 :returns: generated config filename
335 :rtype: str
336 """
337 log.info("Create port forwarding configuration")
338 value_id = "test"
339 portforward_client_cnf = "portforward-%d-%s.cnf" % (time.time(), suffix)
340 return build_cnf("PORT_FORWARDING",
341 data=value_id,
342 filename=portforward_client_cnf,
93b19891 343 vals=[(Child, ("PORT_FORWARDING_DST_IP_REF", 0, dst_ip_ref)),
2d4e0297 344 (Child, ("PORT_FORWARDING_DST_PORT", 0, dst_port)),
f49f6323
PD		 345 (Child, ("PORT_FORWARDING_DST_PORT_END", 0, dst_port_end)),
346 (Child, ("PORT_FORWARDING_PROTOCOL_TYPE", 0, protocol_type)),
2d4e0297 347 (Child, ("PORT_FORWARDING_SRC_PORT", 0, src_port)),
f49f6323
PD		 348 (Child, ("PORT_FORWARDING_SRC_PORT_END", 0, src_port_end))])
349
350
351def firewall_ruleset_simple(suffix="host"):
352 """
353 Generate and save a simple firewall ruleset configuration file.
354
355 :param str suffix: optional suffix to use for config identification
356 :returns: generated config filename
357 :rtype: str
358 """
359 log.info("Create firewall ruleset")
360 fw_cnf = "fw-%d-%s.cnf" % (time.time(), suffix)
361 return build_cnf("FIREWALL_RULESET",
362 instance=101,
363 data="Port Forwarding libfirewall test",
364 filename=fw_cnf,
365 vals=[(Update, ("FIREWALL_RULESET_PROFILE_TYPE", 0, "SIMPLE_PROVIDER")),
366 (Update, ("FIREWALL_RULESET_PROVIDER_HTTPS_OPEN", 0, "0")),
367 (Update, ("FIREWALL_RULESET_PROVIDER_POP3SIMAPS_OPEN", 0, "0")),
368 (Update, ("FIREWALL_RULESET_PROVIDER_PORT_FORWARDING_ENABLE", 0, "1")),
369 (Update, ("FIREWALL_RULESET_PROVIDER_SMTP_OPEN", 0, "0")),
3156d622 370 (Update, ("FIREWALL_RULESET_PROVIDER_HTTP_OPEN", 0, "0")),
f49f6323
PD		 371 (Update, ("FIREWALL_RULESET_PROVIDER_VPN_OPEN", 0, "0"))])
372
373
374def firewall_ruleset_port(suffix="host"):
375 """
376 Generate and save a firewall ruleset configuration file for port forwarding.
377
378 :param str suffix: optional suffix to use for config identification
379 :returns: generated config filename
380 :rtype: str
381 """
382 log.info("Create firewall ruleset")
383 fw_portforward_cnf = "fw-portforward-%d-%s.cnf" % (time.time(), suffix)
384 return build_cnf("FIREWALL_RULESET",
385 instance=100,
386 data="Port forwarding only",
387 filename=fw_portforward_cnf,
388 vals=[(Update, ("FIREWALL_RULESET_AUTOMATIC_ANSWER_RULE", 0, "1")),
389 (Update, ("FIREWALL_RULESET_PROFILE_TYPE", 0, "FULL")),
390 (Add, ("FIREWALL_RULESET_RULE", 1, "")),
391 (Child, ("FIREWALL_RULESET_RULE_ACTION", 0, "ACCEPT")),
392 (Child, ("FIREWALL_RULESET_RULE_CHECK_CONNECTION_STATUS", 0, "PORTFORWARDING")),
393 (Child, ("FIREWALL_RULESET_RULE_CHECK_TCP_FLAGS", 0, "DISABLED")),
394 (Child, ("FIREWALL_RULESET_RULE_LIMIT_FOR_ACTION_ENABLE", 0, "0")),
395 (Child, ("FIREWALL_RULESET_RULE_LIMIT_FOR_LOG_ENABLE", 0, "0")),
396 (Child, ("FIREWALL_RULESET_RULE_LIMIT_PACKETS_AVERAGE_COUNT", 0, "")),
397 (Child, ("FIREWALL_RULESET_RULE_LIMIT_PACKETS_AVERAGE_PERIOD", 0, "SEC")),
398 (Child, ("FIREWALL_RULESET_RULE_LIMIT_PACKETS_PEAK_COUNT", 0, "")),
399 (Child, ("FIREWALL_RULESET_RULE_LOG_ENABLE", 0, "0")),
400 (Child, ("FIREWALL_RULESET_RULE_LOG_MESSAGE", 0, "")),
401 (Child, ("FIREWALL_RULESET_RULE_TIME_INCLUDE_TIME_REF", 0, "-1")),
402 (Update, ("FIREWALL_RULESET_USAGE", 0, "PROVIDER"))])
403
404
405def firewall_ruleset_dmz(suffix="host"):
406 """
407 Generate and save a firewall ruleset configuration file for DMZ.
408
409 :param str suffix: optional suffix to use for config identification
410 :returns: generated config filename
411 :rtype: str
412 """
413 log.info("Create firewall ruleset")
414 fw_dmz_cnf = "fw-dmz-%d-%s.cnf" % (time.time(), suffix)
415 return build_cnf("FIREWALL_RULESET",
416 instance=100,
417 data="DMZ firewall rules",
418 filename=fw_dmz_cnf,
419 vals=[(Update, ("FIREWALL_RULESET_AUTOMATIC_ANSWER_RULE", 0, "1")),
420 (Update, ("FIREWALL_RULESET_PROFILE_TYPE", 0, "FULL")),
421 (Add, ("FIREWALL_RULESET_RULE", 1, "")),
422 (Child, ("FIREWALL_RULESET_RULE_ACTION", 0, "ACCEPT")),
423 (Child, ("FIREWALL_RULESET_RULE_LIMIT_FOR_ACTION_ENABLE", 0, "0")),
424 (Child, ("FIREWALL_RULESET_RULE_LIMIT_FOR_LOG_ENABLE", 0, "0")),
425 (Child, ("FIREWALL_RULESET_RULE_LIMIT_PACKETS_AVERAGE_COUNT", 0, "")),
426 (Child, ("FIREWALL_RULESET_RULE_LIMIT_PACKETS_PEAK_COUNT", 0, "")),
427 (Child, ("FIREWALL_RULESET_RULE_LOG_ENABLE", 0, "0")),
428 (Child, ("FIREWALL_RULESET_RULE_LOG_MESSAGE", 0, "")),
429 (Child, ("FIREWALL_RULESET_RULE_SERVICE_INCLUDE_SERVICEGROUP_REF", 0, "6")),
430 (Child, ("FIREWALL_RULESET_RULE_DST_INCLUDE_CLIENT_REF", 0, "2")),
431 (Update, ("FIREWALL_RULESET_USAGE", 0, "LANVPN"))])
Common Intra2net python library