git://developer.intra2net.com / pyi2ncommon / blob
? search:


d2ae7cb3cb314d8e4162c8b4259ea32223ee7696
[pyi2ncommon] / src / cnfvar / templates.py
1 # The software in this package is distributed under the GNU General
2 # Public License version 2 (with a special exception described below).
3 #
4 # A copy of GNU General Public License (GPL) is included in this distribution,
5 # in the file COPYING.GPL.
6 #
7 # As a special exception, if other files instantiate templates or use macros
8 # or inline functions from this file, or you compile this file and link it
9 # with other works to produce a work based on this file, this file
10 # does not by itself cause the resulting work to be covered
11 # by the GNU General Public License.
12 #
13 # However the source code for this file must still be made available
14 # in accordance with section (3) of the GNU General Public License.
15 #
16 # This exception does not invalidate any other reasons why a work based
17 # on this file might be covered by the GNU General Public License.
18 #
19 # Copyright (c) 2016-2018 Intra2net AG <info@intra2net.com>
20
21 """
22
23 summary
24 ------------------------------------------------------
25 Module for one-step dynamic cnfvar generation from default value templates.
26
27 .. codeauthor:: Intra2net
28
29
30 contents
31 -------------------------------------------------------
32 These templates contain the bare defaults the UI adds upon
33 creation of each major and frequently used cnfvar.
34
35
36 interface
37 ------------------------------------------------------
38
39 """
40
41 import time
42 import logging
43
44 # custom imports
45 from .model import Cnf, CnfList
46
47
48 log = logging.getLogger('pyi2ncommon.cnfvar.templates')
49
50
51 ###############################################################################
52 # MAJOR CNF DEFAULTS
53 ###############################################################################
54
55
56 #: UI defaults for a user instance
57 user_defaults = {
58     "USER_DISABLED": "0",
59     "USER_FULLNAME": "",
60     "USER_GROUPWARE_FOLDER_CALENDAR": "INBOX/Calendar",
61     "USER_GROUPWARE_FOLDER_CONTACTS": "INBOX/Contacts",
62     "USER_GROUPWARE_FOLDER_DRAFTS": "INBOX/Drafts",
63     "USER_GROUPWARE_FOLDER_NOTES": "INBOX/Notes",
64     "USER_GROUPWARE_FOLDER_OUTBOX": "INBOX/Sent Items",
65     "USER_GROUPWARE_FOLDER_TASKS": "INBOX/Tasks",
66     "USER_GROUPWARE_FOLDER_TRASH": "INBOX/Deleted Items",
67     # always a member of the 'Alle' group
68     "USER_GROUP_MEMBER_REF": "2",
69     "USER_LOCALE": "",
70     "USER_PASSWORD": "test1234",
71     "USER_TRASH_DELETEDAYS": "30",
72     "USER_WEBMAIL_MESSAGES_PER_PAGE": "25",
73     "USER_WEBMAIL_SIGNATURE": "",
74 }
75 #: UI defaults for a group instance
76 group_defaults = {
77     "GROUP_COMMENT": "",
78     "GROUP_ACCESS_GO_ONLINE_ALLOWED": "1",
79     "GROUP_EMAILFILTER_BAN_FILTERLIST_REF": "-1",
80     "GROUP_EMAIL_RELAY_RIGHTS": "RELAY_FROM_INTRANET",
81     "GROUP_PROXY_PROFILE_REF": "1",
82 }
83 #: UI defaults for an intraclient instance
84 intraclient_defaults = {
85     "INTRACLIENT_COMMENT": "",
86     "INTRACLIENT_DNS_RELAYING_ALLOWED": "1",
87     "INTRACLIENT_EMAIL_RELAYING_ALLOWED": "1",
88     "INTRACLIENT_FIREWALL_RULESET_REF": "5",
89     "INTRACLIENT_IP": None,
90     "INTRACLIENT_MAC": None,
91     "INTRACLIENT_PROXY_PROFILE_REF": "-1",
92 }
93 #: UI defaults for a NIC instance
94 nic_defaults = {
95     "NIC_COMMENT": "",
96     "NIC_DRIVER": "virtio_net",
97     "NIC_LAN_DNS_RELAYING_ALLOWED": "0",
98     "NIC_LAN_EMAIL_RELAYING_ALLOWED": "0",
99     "NIC_LAN_FIREWALL_RULESET_REF": "1",
100     "NIC_LAN_IP": "192.168.1.1",
101     "NIC_LAN_NAT_INTO": "0",
102     "NIC_LAN_NETMASK": "255.255.255.0",
103     "NIC_LAN_PROXY_PROFILE_REF": "-1",
104     "NIC_MAC": "02:00:00:00:20:00",
105     "NIC_TYPE": "DSLROUTER",
106 }
107 #: UI defaults for a provider instance
108 provider_defaults = {
109     "PROVIDER_PROXY_SERVER": "",
110     "PROVIDER_PROXY_PORT": "",
111     "PROVIDER_PROXY_PASSWORD": "",
112     "PROVIDER_PROXY_LOGIN": "",
113     "PROVIDER_NIC_REF": "1",
114     "PROVIDER_NETMASK": "255.255.0.0",
115     "PROVIDER_MTU_SIZE": "1500",
116     "PROVIDER_MODE": "ROUTER",
117     "PROVIDER_MAILTRANSFER_MODE": "IMMEDIATE",
118     "PROVIDER_LOCALIP": "",
119     "PROVIDER_IP": "",
120     "PROVIDER_FIREWALL_RULESET_REF": "7",
121     "PROVIDER_FALLBACK_TIMEOUT": "60",
122     "PROVIDER_FALLBACK_PROVIDER_REF": "-1",
123     "PROVIDER_EMAIL_RELAY_REF": "-1",
124     "PROVIDER_DYNDNS_WEBCHECKIP": "0",
125     "PROVIDER_DYNDNS_ENABLE": "1",
126     "PROVIDER_DNS_MODE": "IP",
127     "PROVIDER_DNS": "",
128     "PROVIDER_BWIDTH_MANAGEMENT_UPSTREAM_SPEED": "",
129     "PROVIDER_BWIDTH_MANAGEMENT_ENABLE": "0",
130     "PROVIDER_BWIDTH_MANAGEMENT_DOWNSTREAM_SPEED": "",
131     "PROVIDER_PINGCHECK_SERVERLIST_REF": "-2",
132 }
133 #: UI defaults for a port forwarding instance
134 port_forwarding_defaults = {
135     "PORT_FORWARDING_DST_IP_REF": "1",
136     "PORT_FORWARDING_DST_PORT": "",
137     "PORT_FORWARDING_DST_PORT_END": "",
138     "PORT_FORWARDING_PROTOCOL_TYPE": "TCP",
139     "PORT_FORWARDING_SRC_PORT": "",
140     "PORT_FORWARDING_SRC_PORT_END": "",
141 }
142 #: UI defaults for a firewall ruleset instance
143 firewall_ruleset_defaults = {
144     "FIREWALL_RULESET_PROFILE_TYPE": "FULL",
145 }
146 #: UI defaults for a proxy accesslist instance
147 proxy_accesslist_defaults = {
148     "PROXY_ACCESSLIST_ENTRY_COUNT": "123",
149     "PROXY_ACCESSLIST_MODE": "1",
150     "PROXY_ACCESSLIST_SIZETYPE": "1",
151     "PROXY_ACCESSLIST_TYPE": "0",
152 }
153 #: UI defaults for a key instance
154 key_own_defaults = {
155     "KEY_OWN_FINGERPRINT_MD5": "76:3B:CF:8E:CB:BF:A5:7D:CC:87:39:FA:CE:99:2E:96",
156     "KEY_OWN_FINGERPRINT_SHA1": "ED:5A:C6:D9:5B:BE:47:1F:B9:4F:CF:A3:80:3B:42:08:F4:00:16:96",
157     "KEY_OWN_ID_X509": "CN=some.net.lan",
158     "KEY_OWN_ISSUER": "CN=ab, C=fd, L=ab, ST=ab, O=ab, OU=ab/emailAddress=ab@ab.com",
159     "KEY_OWN_KEYSIZE": "2048",
160     "KEY_OWN_HASH_ALGO": "SHA2_256",
161     "KEY_OWN_PRIVATE_KEY": "-----BEGIN PRIVATE KEY-----\\nMIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKk" +
162                            "ZTzqHXg41RZMiY+ywRZ037pBq8J3BkH\\n-----END PRIVATE KEY-----\\n",
163     "KEY_OWN_PUBLIC_KEY": "-----BEGIN CERTIFICATE-----\\nMIIFCTCCAvGgAwIBAgIEVBGDuTANBgkqhkiG" +
164                           "9w0BAQsFADCBgTEPMA0GA1UEAwwG\\n-----END CERTIFICATE-----\\n",
165     "KEY_OWN_REQUEST": "-----BEGIN CERTIFICATE REQUEST-----\\nMIIDCzCCAfMCAQAwIjEgMB4GA1UEAww" +
166                        "XaW50cmFkZXYtYWllc\\n-----END CERTIFICATE REQUEST-----\\n",
167     "KEY_OWN_SUBJECT": "CN=some.net.lan",
168     "KEY_OWN_VALIDFROM": "20140911T111257",
169     "KEY_OWN_VALIDTILL": "20160731T134608",
170     "KEY_OWN_TYPE": "SELF",
171     # the ones bellow should be set when using 'generate' to create the key
172     "KEY_OWN_CREATE_CN": "somehost",
173     "KEY_OWN_CREATE_EMAIL": "default@intra2net.com"
174 }
175 #: UI defaults for a VPN connection instance
176 vpnconn_defaults = {
177     "VPNCONN_ACTIVATION": "ALWAYS",
178     "VPNCONN_DISABLED": "0",
179     "VPNCONN_DNS_RELAYING_ALLOWED": "1",
180     "VPNCONN_EMAIL_RELAYING_ALLOWED": "1",
181     "VPNCONN_ENCRYPTION_PROFILE_REF": "0",
182     "VPNCONN_FIREWALL_RULESET_REF": "5",
183     "VPNCONN_IKE_VERSION": "1",
184     "VPNCONN_KEY_FOREIGN_REF": "1",
185     "VPNCONN_KEY_OWN_REF": "1",
186     "VPNCONN_KEY_TYPE": "PUBLIC",
187     "VPNCONN_LAN_NAT_IP": "",
188     "VPNCONN_LAN_NAT_MODE": "UNMODIFIED",
189     "VPNCONN_LAN_NAT_NETWORK": "",
190     "VPNCONN_LAN_NIC_REF": "2",
191     "VPNCONN_LAN_NET": "172.17.0.0",
192     "VPNCONN_LAN_NETMASK": "255.255.0.0",
193     "VPNCONN_LAN_TYPE": "NIC",
194     "VPNCONN_LIFETIME_IKE": "480",
195     "VPNCONN_LIFETIME_IPSECSA": "60",
196     "VPNCONN_OFFLINE_DETECTION_SEC": "60",
197     "VPNCONN_PEER_DNS": "",
198     "VPNCONN_PEER_IP": None,
199     "VPNCONN_PEER_TYPE": "IP",
200     "VPNCONN_PROXY_PROFILE_REF": "-2",
201     "VPNCONN_PSK": "",
202     "VPNCONN_PSK_FOREIGN_ID": "",
203     "VPNCONN_PSK_FOREIGN_ID_TYPE": "IP",
204     "VPNCONN_PSK_OWN_ID": "",
205     "VPNCONN_PSK_OWN_ID_TYPE": "IP",
206     "VPNCONN_REMOTE_INET_NAT": "1",
207     "VPNCONN_REMOTE_MODECONFIG_IP": "192.168.99.1",
208     "VPNCONN_REMOTE_NAT_ENABLE": "0",
209     "VPNCONN_REMOTE_NAT_NETWORK": "",
210     "VPNCONN_REMOTE_NET": "172.18.0.0",
211     "VPNCONN_REMOTE_NETMASK": "255.255.0.0",
212     "VPNCONN_REMOTE_TYPE": "CUSTOM",
213     "VPNCONN_RETRIES": "3",
214     "VPNCONN_SECURED": "ESP",
215     "VPNCONN_XAUTH_SERVER_ENABLE": "0"
216 }
217
218
219 ###############################################################################
220 # MINOR CONFIGURATION
221 ###############################################################################
222
223
224 def template(name, value, instance=-1, defaults=None, **kwargs):
225     """
226     Generate a template cnf variable from provided defaults.
227
228     :param str name: cnf variable name
229     :param str value: cnf variable data value
230     :param int instance: cnf variable instance number
231     :param defaults: default child variables to populate the cnf variable with
232     :type defaults: {str, str or {}} or None
233     :returns: generated cnf variable
234     :rtype: :py:class:`Cnf`
235
236     All additional keyword arguments will be used to overwrite the defaults.
237     """
238     log.info(f"Generating a template {name} cnfvar")
239     cnf = Cnf(name, value=value, instance=instance)
240     defaults = {} if defaults is None else defaults
241     cnf.add_children(*[(key, value) for key, value in defaults.items()])
242     for key in kwargs.keys():
243         cnf.children.single_with_name(f"{name}_{key}").value = kwargs[key]
244     return cnf
245
246
247 def user(name, password, instance=-1, **kwargs):
248     """
249     Generate a user cnf variable.
250
251     :param str name: username for the user
252     :param str password: password for the user
253     :param int instance: instance number for the user
254     :returns: generated cnf variable
255     :rtype: :py:class:`Cnf`
256     """
257     log.info(f"Generating a user {name} cnfvar")
258     user_cnf = template("user", name, instance=instance, defaults=user_defaults, **kwargs)
259     user_cnf.children.single_with_name("user_fullname").value = name.capitalize()
260     user_cnf.children.single_with_name("user_password").value = password
261     return user_cnf
262
263
264 def group(name, instance=-1, **kwargs):
265     """
266     Generate a group cnf variable.
267
268     :param str name: name for the group
269     :param int instance: instance number for the group
270     :returns: generated cnf variable
271     :rtype: :py:class:`Cnf`
272     """
273     log.info(f"Generating a group {name} cnfvar")
274     group_cnf = template("group", name, instance=instance, defaults=group_defaults, **kwargs)
275     return group_cnf
276
277
278 def nic(instance=-1, **kwargs):
279     """
280     Generate a nic cnf variable.
281
282     :param int instance: instance number for the nic
283     :returns: generated cnf variable
284     :rtype: :py:class:`Cnf`
285     """
286     log.info(f"Generating a nic cnfvar")
287     nic_cnf = template("nic", "", instance=instance, defaults=nic_defaults, **kwargs)
288     return nic_cnf
289
290
291 def intraclient(name, instance=-1, **kwargs):
292     """
293     Generate an intraclient cnf variable.
294
295     :param str name: name for the intraclient
296     :param int instance: instance number for the intraclient
297     :returns: generated cnf variable
298     :rtype: :py:class:`Cnf`
299     """
300     log.info(f"Generating an intraclient {name} cnfvar")
301     intraclient_cnf = template("intraclient", name, instance=instance,
302                                defaults=intraclient_defaults, **kwargs)
303     return intraclient_cnf
304
305
306 def provider(name, ip, dns, instance=-1, **kwargs):
307     """
308     Generate a provider cnf variable.
309
310     :param str name: name for the provider
311     :param str ip: IP address of the provider
312     :param str dns: IP address of the DNS server
313     :param int instance: instance number for the provider
314     :returns: generated cnf variable
315     :rtype: :py:class:`Cnf`
316     """
317     log.info(f"Generating a provider {name} cnfvar")
318     provider_cnf = template("provider", name, instance=instance,
319                             defaults=provider_defaults, **kwargs)
320     provider_cnf.children.single_with_name("provider_ip").value = ip
321     provider_cnf.children.single_with_name("provider_dns").value = dns
322     return provider_cnf
323
324
325 def port_forwarding(name, src_port="1234", dst_port="1234", instance=-1, **kwargs):
326     """
327     Generate a port forwarding cnf variable.
328
329     :param str name: name for the port forwarding mapping
330     :param str src_port: forwarded source port
331     :param str dst_port: forwarded destination port
332     :param int instance: instance number for the port forwarding mapping
333     :returns: generated cnf variable
334     :rtype: :py:class:`Cnf`
335     """
336     log.info(f"Generating a port forwarding {name} cnfvar")
337     port_forwarding_cnf = template("port_forwarding", name, instance=instance,
338                                    defaults=port_forwarding_defaults, **kwargs)
339     port_forwarding_cnf.children.single_with_name("port_forwarding_src_port").value = src_port
340     port_forwarding_cnf.children.single_with_name("port_forwarding_dst_port").value = dst_port
341     return port_forwarding_cnf
342
343
344 def firewall_ruleset(name, instance=-1, **kwargs):
345     """
346     Generate a firewall ruleset cnf variable.
347
348     :param str name: name for the firewall ruleset
349     :param int instance: instance number for the firewall ruleset
350     :returns: generated cnf variable
351     :rtype: :py:class:`Cnf`
352     """
353     log.info(f"Generating a firewall ruleset {name} cnfvar")
354     firewall_ruleset_cnf = template("firewall_ruleset", name, instance=instance,
355                                     defaults=firewall_ruleset_defaults, **kwargs)
356     return firewall_ruleset_cnf
357
358
359 def proxy_accesslist(name, instance=-1, **kwargs):
360     """
361     Generate a proxy accesslist cnf variable.
362
363     :param str name: name for the proxy accesslist
364     :param int instance: instance number for the proxy accesslist
365     :returns: generated cnf variable
366     :rtype: :py:class:`Cnf`
367     """
368     log.info(f"Generating a proxy accesslist {name} cnfvar")
369     proxy_accesslist_cnf = template("proxy_accesslist", name, instance=instance,
370                                     defaults=proxy_accesslist_defaults, **kwargs)
371     return proxy_accesslist_cnf
372
373
374 def key_own(name, instance=-1, **kwargs):
375     """
376     Generate an own key cnf variable.
377
378     :param str name: name for the own key
379     :param int instance: instance number for the own key
380     :returns: generated cnf variable
381     :rtype: :py:class:`Cnf`
382     """
383     log.info(f"Generating an own key {name} cnfvar")
384     key_own_cnf = template("key_own", name, instance=instance,
385                            defaults=key_own_defaults, **kwargs)
386     return key_own_cnf
387
388
389 def vpnconn(name, instance=-1, **kwargs):
390     """
391     Generate a vpn connection cnf variable.
392
393     :param str name: name for the vpn connection
394     :param int instance: instance number for the vpn connection
395     :returns: generated cnf variable
396     :rtype: :py:class:`Cnf`
397     """
398     log.info(f"Generating a vpn connection {name} cnfvar")
399     vpnconn_cnf = template("vpnconn", name, instance=instance,
400                            defaults=vpnconn_defaults, **kwargs)
401     return vpnconn_cnf
Common Intra2net python library