Added ip address validation on saas and websites related settings
This commit is contained in:
parent
03e78ca593
commit
75b08f7216
|
@ -6,13 +6,13 @@ from orchestra.contrib.resources import ServiceMonitor
|
||||||
from .. import settings
|
from .. import settings
|
||||||
|
|
||||||
|
|
||||||
class SaaSWebTraffic(ServiceMonitor):
|
class ApacheTrafficByHost(ServiceMonitor):
|
||||||
"""
|
"""
|
||||||
Parses apache logs,
|
Parses apache logs,
|
||||||
looking for the size of each request on the last word of the log line.
|
looking for the size of each request on the last word of the log line.
|
||||||
|
|
||||||
Compatible log format:
|
Compatible log format:
|
||||||
<tt>LogFormat "%h %l %u %t \"%r\" %>s %O \"%{Host}i\"" host</tt>
|
<tt>LogFormat "%h %l %u %t \"%r\" %>s %O %{Host}i" host</tt>
|
||||||
<tt>CustomLog /home/pangea/logs/apache/host_blog.pangea.org.log host</tt>
|
<tt>CustomLog /home/pangea/logs/apache/host_blog.pangea.org.log host</tt>
|
||||||
"""
|
"""
|
||||||
model = 'saas.SaaS'
|
model = 'saas.SaaS'
|
||||||
|
@ -74,7 +74,6 @@ class SaaSWebTraffic(ServiceMonitor):
|
||||||
if host in {ignore_hosts}:
|
if host in {ignore_hosts}:
|
||||||
continue
|
continue
|
||||||
size, hostname = line[-2:]
|
size, hostname = line[-2:]
|
||||||
hostname = hostname.replace('"', '')
|
|
||||||
try:
|
try:
|
||||||
site = sites[hostname]
|
site = sites[hostname]
|
||||||
except KeyError:
|
except KeyError:
|
||||||
|
@ -85,7 +84,6 @@ class SaaSWebTraffic(ServiceMonitor):
|
||||||
year, hour, min, sec = date.split(':')
|
year, hour, min, sec = date.split(':')
|
||||||
date = year + months[month] + day + hour + min + sec
|
date = year + months[month] + day + hour + min + sec
|
||||||
if site[0] < int(date) < end_date:
|
if site[0] < int(date) < end_date:
|
||||||
status, size = response.split()
|
|
||||||
site[2] += int(size)
|
site[2] += int(size)
|
||||||
except IOError as e:
|
except IOError as e:
|
||||||
sys.stderr.write(str(e)+'\\n')
|
sys.stderr.write(str(e)+'\\n')
|
||||||
|
|
|
@ -7,7 +7,7 @@ from django.utils.translation import ugettext_lazy as _
|
||||||
from orchestra.contrib.orchestration import ServiceController
|
from orchestra.contrib.orchestration import ServiceController
|
||||||
from orchestra.utils.python import random_ascii
|
from orchestra.utils.python import random_ascii
|
||||||
|
|
||||||
from . import SaaSWebTraffic
|
from . import ApacheTrafficByHost
|
||||||
from .. import settings
|
from .. import settings
|
||||||
|
|
||||||
|
|
||||||
|
@ -67,8 +67,8 @@ class DokuWikiMuBackend(ServiceController):
|
||||||
return context
|
return context
|
||||||
|
|
||||||
|
|
||||||
class DokuWikiMuTraffic(SaaSWebTraffic):
|
class DokuWikiMuTraffic(ApacheTrafficByHost):
|
||||||
__doc__ = SaaSWebTraffic.__doc__
|
__doc__ = ApacheTrafficByHost.__doc__
|
||||||
verbose_name = _("DokuWiki MU Traffic")
|
verbose_name = _("DokuWiki MU Traffic")
|
||||||
default_route_match = "saas.service == 'dokuwiki'"
|
default_route_match = "saas.service == 'dokuwiki'"
|
||||||
doc_settings = (settings,
|
doc_settings = (settings,
|
||||||
|
|
|
@ -5,7 +5,7 @@ from django.utils.translation import ugettext_lazy as _
|
||||||
|
|
||||||
from orchestra.contrib.orchestration import ServiceController
|
from orchestra.contrib.orchestration import ServiceController
|
||||||
|
|
||||||
from . import SaaSWebTraffic
|
from . import ApacheTrafficByHost
|
||||||
from .. import settings
|
from .. import settings
|
||||||
|
|
||||||
|
|
||||||
|
@ -122,8 +122,8 @@ class WordpressMuBackend(ServiceController):
|
||||||
self.append(self.delete_blog, saas)
|
self.append(self.delete_blog, saas)
|
||||||
|
|
||||||
|
|
||||||
class WordpressMuTraffic(SaaSWebTraffic):
|
class WordpressMuTraffic(ApacheTrafficByHost):
|
||||||
__doc__ = SaaSWebTraffic.__doc__
|
__doc__ = ApacheTrafficByHost.__doc__
|
||||||
verbose_name = _("Wordpress MU Traffic")
|
verbose_name = _("Wordpress MU Traffic")
|
||||||
default_route_match = "saas.service == 'wordpress'"
|
default_route_match = "saas.service == 'wordpress'"
|
||||||
doc_settings = (settings,
|
doc_settings = (settings,
|
||||||
|
|
|
@ -1,6 +1,7 @@
|
||||||
from django.utils.translation import ugettext_lazy as _
|
from django.utils.translation import ugettext_lazy as _
|
||||||
|
|
||||||
from orchestra.contrib.settings import Setting
|
from orchestra.contrib.settings import Setting
|
||||||
|
from orchestra.core.validators import validate_ip_address
|
||||||
from orchestra.settings import ORCHESTRA_BASE_DOMAIN
|
from orchestra.settings import ORCHESTRA_BASE_DOMAIN
|
||||||
|
|
||||||
from .. import saas
|
from .. import saas
|
||||||
|
@ -24,49 +25,48 @@ SAAS_ENABLED_SERVICES = Setting('SAAS_ENABLED_SERVICES',
|
||||||
|
|
||||||
|
|
||||||
SAAS_TRAFFIC_IGNORE_HOSTS = Setting('SAAS_TRAFFIC_IGNORE_HOSTS',
|
SAAS_TRAFFIC_IGNORE_HOSTS = Setting('SAAS_TRAFFIC_IGNORE_HOSTS',
|
||||||
(),
|
('127.0.0.1',),
|
||||||
help_text=_("IP addresses to ignore during traffic accountability."),
|
help_text=_("IP addresses to ignore during traffic accountability."),
|
||||||
|
validators=[lambda hosts: (validate_ip_address(host) for host in hosts)]
|
||||||
)
|
)
|
||||||
|
|
||||||
|
|
||||||
|
# WordPress
|
||||||
|
|
||||||
SAAS_WORDPRESS_LOG_PATH = Setting('SAAS_WORDPRESS_LOG_PATH',
|
SAAS_WORDPRESS_LOG_PATH = Setting('SAAS_WORDPRESS_LOG_PATH',
|
||||||
'',
|
'',
|
||||||
help_text=_('Filesystem path for the webserver access logs.<br>'
|
help_text=_('Filesystem path for the webserver access logs.<br>'
|
||||||
'<tt>LogFormat "%h %l %u %t \"%r\" %>s %O \"%{Host}i\"" host</tt>'),
|
'<tt>LogFormat "%h %l %u %t \"%r\" %>s %O \"%{Host}i\"" host</tt>'),
|
||||||
)
|
)
|
||||||
|
|
||||||
|
|
||||||
SAAS_WORDPRESS_ADMIN_PASSWORD = Setting('SAAS_WORDPRESS_ADMIN_PASSWORD',
|
SAAS_WORDPRESS_ADMIN_PASSWORD = Setting('SAAS_WORDPRESS_ADMIN_PASSWORD',
|
||||||
'secret'
|
'secret'
|
||||||
)
|
)
|
||||||
|
|
||||||
|
|
||||||
SAAS_WORDPRESS_BASE_URL = Setting('SAAS_WORDPRESS_BASE_URL',
|
SAAS_WORDPRESS_BASE_URL = Setting('SAAS_WORDPRESS_BASE_URL',
|
||||||
'https://blogs.{}/'.format(ORCHESTRA_BASE_DOMAIN),
|
'https://blogs.{}/'.format(ORCHESTRA_BASE_DOMAIN),
|
||||||
help_text="Uses <tt>ORCHESTRA_BASE_DOMAIN</tt> by default.",
|
help_text="Uses <tt>ORCHESTRA_BASE_DOMAIN</tt> by default.",
|
||||||
)
|
)
|
||||||
|
|
||||||
|
|
||||||
SAAS_WORDPRESS_BASE_DOMAIN = Setting('SAAS_WORDPRESS_BASE_DOMAIN',
|
SAAS_WORDPRESS_BASE_DOMAIN = Setting('SAAS_WORDPRESS_BASE_DOMAIN',
|
||||||
'blogs.{}'.format(ORCHESTRA_BASE_DOMAIN),
|
'blogs.{}'.format(ORCHESTRA_BASE_DOMAIN),
|
||||||
)
|
)
|
||||||
|
|
||||||
|
|
||||||
|
# DokuWiki
|
||||||
|
|
||||||
SAAS_DOKUWIKI_TEMPLATE_PATH = Setting('SAAS_DOKUWIKI_TEMPLATE_PATH',
|
SAAS_DOKUWIKI_TEMPLATE_PATH = Setting('SAAS_DOKUWIKI_TEMPLATE_PATH',
|
||||||
'/home/httpd/htdocs/wikifarm/template.tar.gz'
|
'/home/httpd/htdocs/wikifarm/template.tar.gz'
|
||||||
)
|
)
|
||||||
|
|
||||||
|
|
||||||
SAAS_DOKUWIKI_FARM_PATH = Setting('WEBSITES_DOKUWIKI_FARM_PATH',
|
SAAS_DOKUWIKI_FARM_PATH = Setting('WEBSITES_DOKUWIKI_FARM_PATH',
|
||||||
'/home/httpd/htdocs/wikifarm/farm'
|
'/home/httpd/htdocs/wikifarm/farm'
|
||||||
)
|
)
|
||||||
|
|
||||||
|
|
||||||
SAAS_DOKUWIKI_BASE_DOMAIN = Setting('SAAS_DOKUWIKI_BASE_DOMAIN',
|
SAAS_DOKUWIKI_BASE_DOMAIN = Setting('SAAS_DOKUWIKI_BASE_DOMAIN',
|
||||||
'dokuwiki.{}'.format(ORCHESTRA_BASE_DOMAIN),
|
'dokuwiki.{}'.format(ORCHESTRA_BASE_DOMAIN),
|
||||||
)
|
)
|
||||||
|
|
||||||
|
|
||||||
SAAS_DOKUWIKI_TEMPLATE_PATH = Setting('SAAS_DOKUWIKI_TEMPLATE_PATH',
|
SAAS_DOKUWIKI_TEMPLATE_PATH = Setting('SAAS_DOKUWIKI_TEMPLATE_PATH',
|
||||||
'/var/www/wikifarm/template.tar.gz',
|
'/var/www/wikifarm/template.tar.gz',
|
||||||
)
|
)
|
||||||
|
@ -75,45 +75,43 @@ SAAS_DOKUWIKI_FARM_PATH = Setting('SAAS_DOKUWIKI_FARM_PATH',
|
||||||
'/var/www/wikifarm/farm'
|
'/var/www/wikifarm/farm'
|
||||||
)
|
)
|
||||||
|
|
||||||
|
|
||||||
SAAS_DOKUWIKI_USER = Setting('SAAS_DOKUWIKI_USER',
|
SAAS_DOKUWIKI_USER = Setting('SAAS_DOKUWIKI_USER',
|
||||||
'orchestra'
|
'orchestra'
|
||||||
)
|
)
|
||||||
|
|
||||||
|
|
||||||
SAAS_DOKUWIKI_GROUP = Setting('SAAS_DOKUWIKI_GROUP',
|
SAAS_DOKUWIKI_GROUP = Setting('SAAS_DOKUWIKI_GROUP',
|
||||||
'orchestra'
|
'orchestra'
|
||||||
)
|
)
|
||||||
|
|
||||||
|
|
||||||
SAAS_DOKUWIKI_LOG_PATH = Setting('SAAS_DOKUWIKI_LOG_PATH',
|
SAAS_DOKUWIKI_LOG_PATH = Setting('SAAS_DOKUWIKI_LOG_PATH',
|
||||||
'',
|
'',
|
||||||
)
|
)
|
||||||
|
|
||||||
|
|
||||||
|
# Drupal
|
||||||
|
|
||||||
SAAS_DRUPAL_SITES_PATH = Setting('WEBSITES_DRUPAL_SITES_PATH',
|
SAAS_DRUPAL_SITES_PATH = Setting('WEBSITES_DRUPAL_SITES_PATH',
|
||||||
'/home/httpd/htdocs/drupal-mu/sites/%(site_name)s',
|
'/home/httpd/htdocs/drupal-mu/sites/%(site_name)s',
|
||||||
)
|
)
|
||||||
|
|
||||||
|
|
||||||
|
# PhpList
|
||||||
|
|
||||||
SAAS_PHPLIST_DB_USER = Setting('SAAS_PHPLIST_DB_USER',
|
SAAS_PHPLIST_DB_USER = Setting('SAAS_PHPLIST_DB_USER',
|
||||||
'phplist_mu',
|
'phplist_mu',
|
||||||
help_text=_("Needed for password changing support."),
|
help_text=_("Needed for password changing support."),
|
||||||
)
|
)
|
||||||
|
|
||||||
|
|
||||||
SAAS_PHPLIST_DB_PASS = Setting('SAAS_PHPLIST_DB_PASS',
|
SAAS_PHPLIST_DB_PASS = Setting('SAAS_PHPLIST_DB_PASS',
|
||||||
'secret',
|
'secret',
|
||||||
help_text=_("Needed for password changing support."),
|
help_text=_("Needed for password changing support."),
|
||||||
)
|
)
|
||||||
|
|
||||||
|
|
||||||
SAAS_PHPLIST_DB_NAME = Setting('SAAS_PHPLIST_DB_NAME',
|
SAAS_PHPLIST_DB_NAME = Setting('SAAS_PHPLIST_DB_NAME',
|
||||||
'phplist_mu_%(site_name)s',
|
'phplist_mu_%(site_name)s',
|
||||||
help_text=_("Needed for password changing support."),
|
help_text=_("Needed for password changing support."),
|
||||||
)
|
)
|
||||||
|
|
||||||
|
|
||||||
SAAS_PHPLIST_DB_HOST = Setting('SAAS_PHPLIST_DB_HOST',
|
SAAS_PHPLIST_DB_HOST = Setting('SAAS_PHPLIST_DB_HOST',
|
||||||
'loclahost',
|
'loclahost',
|
||||||
help_text=_("Needed for password changing support."),
|
help_text=_("Needed for password changing support."),
|
||||||
|
@ -125,7 +123,6 @@ SAAS_PHPLIST_BASE_DOMAIN = Setting('SAAS_PHPLIST_BASE_DOMAIN',
|
||||||
help_text="Uses <tt>ORCHESTRA_BASE_DOMAIN</tt> by default.",
|
help_text="Uses <tt>ORCHESTRA_BASE_DOMAIN</tt> by default.",
|
||||||
)
|
)
|
||||||
|
|
||||||
|
|
||||||
SAAS_PHPLIST_VERIFY_SSL = Setting('SAAS_PHPLIST_VERIFY_SSL',
|
SAAS_PHPLIST_VERIFY_SSL = Setting('SAAS_PHPLIST_VERIFY_SSL',
|
||||||
True,
|
True,
|
||||||
help_text=_("Verify SSL certificate on the HTTP requests performed by the backend."),
|
help_text=_("Verify SSL certificate on the HTTP requests performed by the backend."),
|
||||||
|
@ -155,38 +152,40 @@ SAAS_PHPLIST_MAIL_LOG_PATH = Setting('SAAS_PHPLIST_MAIL_LOG_PATH',
|
||||||
)
|
)
|
||||||
|
|
||||||
|
|
||||||
|
# SeaFile
|
||||||
|
|
||||||
SAAS_SEAFILE_DOMAIN = Setting('SAAS_SEAFILE_DOMAIN',
|
SAAS_SEAFILE_DOMAIN = Setting('SAAS_SEAFILE_DOMAIN',
|
||||||
'seafile.{}'.format(ORCHESTRA_BASE_DOMAIN),
|
'seafile.{}'.format(ORCHESTRA_BASE_DOMAIN),
|
||||||
help_text="Uses <tt>ORCHESTRA_BASE_DOMAIN</tt> by default.",
|
help_text="Uses <tt>ORCHESTRA_BASE_DOMAIN</tt> by default.",
|
||||||
)
|
)
|
||||||
|
|
||||||
|
|
||||||
SAAS_SEAFILE_DEFAULT_QUOTA = Setting('SAAS_SEAFILE_DEFAULT_QUOTA',
|
SAAS_SEAFILE_DEFAULT_QUOTA = Setting('SAAS_SEAFILE_DEFAULT_QUOTA',
|
||||||
50
|
50
|
||||||
)
|
)
|
||||||
|
|
||||||
|
|
||||||
|
# BSCW
|
||||||
|
|
||||||
SAAS_BSCW_DOMAIN = Setting('SAAS_BSCW_DOMAIN',
|
SAAS_BSCW_DOMAIN = Setting('SAAS_BSCW_DOMAIN',
|
||||||
'bscw.{}'.format(ORCHESTRA_BASE_DOMAIN),
|
'bscw.{}'.format(ORCHESTRA_BASE_DOMAIN),
|
||||||
help_text="Uses <tt>ORCHESTRA_BASE_DOMAIN</tt> by default.",
|
help_text="Uses <tt>ORCHESTRA_BASE_DOMAIN</tt> by default.",
|
||||||
)
|
)
|
||||||
|
|
||||||
|
|
||||||
SAAS_BSCW_DEFAULT_QUOTA = Setting('SAAS_BSCW_DEFAULT_QUOTA',
|
SAAS_BSCW_DEFAULT_QUOTA = Setting('SAAS_BSCW_DEFAULT_QUOTA',
|
||||||
50,
|
50,
|
||||||
)
|
)
|
||||||
|
|
||||||
|
|
||||||
SAAS_BSCW_BSADMIN_PATH = Setting('SAAS_BSCW_BSADMIN_PATH',
|
SAAS_BSCW_BSADMIN_PATH = Setting('SAAS_BSCW_BSADMIN_PATH',
|
||||||
'/home/httpd/bscw/bin/bsadmin',
|
'/home/httpd/bscw/bin/bsadmin',
|
||||||
)
|
)
|
||||||
|
|
||||||
|
|
||||||
|
# GitLab
|
||||||
|
|
||||||
SAAS_GITLAB_ROOT_PASSWORD = Setting('SAAS_GITLAB_ROOT_PASSWORD',
|
SAAS_GITLAB_ROOT_PASSWORD = Setting('SAAS_GITLAB_ROOT_PASSWORD',
|
||||||
'secret',
|
'secret',
|
||||||
)
|
)
|
||||||
|
|
||||||
|
|
||||||
SAAS_GITLAB_DOMAIN = Setting('SAAS_GITLAB_DOMAIN',
|
SAAS_GITLAB_DOMAIN = Setting('SAAS_GITLAB_DOMAIN',
|
||||||
'gitlab.{}'.format(ORCHESTRA_BASE_DOMAIN),
|
'gitlab.{}'.format(ORCHESTRA_BASE_DOMAIN),
|
||||||
help_text="Uses <tt>ORCHESTRA_BASE_DOMAIN</tt> by default.",
|
help_text="Uses <tt>ORCHESTRA_BASE_DOMAIN</tt> by default.",
|
||||||
|
|
|
@ -1,6 +1,7 @@
|
||||||
from django.utils.translation import ugettext_lazy as _
|
from django.utils.translation import ugettext_lazy as _
|
||||||
|
|
||||||
from orchestra.contrib.settings import Setting
|
from orchestra.contrib.settings import Setting
|
||||||
|
from orchestra.core.validators import validate_ip_address
|
||||||
|
|
||||||
from .. import websites
|
from .. import websites
|
||||||
|
|
||||||
|
@ -89,7 +90,9 @@ WEBSITES_WEBSITE_WWW_ERROR_LOG_PATH = Setting('WEBSITES_WEBSITE_WWW_ERROR_LOG_PA
|
||||||
|
|
||||||
|
|
||||||
WEBSITES_TRAFFIC_IGNORE_HOSTS = Setting('WEBSITES_TRAFFIC_IGNORE_HOSTS',
|
WEBSITES_TRAFFIC_IGNORE_HOSTS = Setting('WEBSITES_TRAFFIC_IGNORE_HOSTS',
|
||||||
('127.0.0.1',)
|
('127.0.0.1',),
|
||||||
|
help_text=_("IP addresses to ignore during traffic accountability."),
|
||||||
|
validators=[lambda hosts: (validate_ip_address(host) for host in hosts)],
|
||||||
)
|
)
|
||||||
|
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue