From f68c24fff72b42d3870429a3f03b9a877715caca Mon Sep 17 00:00:00 2001 From: Paul Lecuq Date: Sun, 11 Jul 2021 17:37:42 +0200 Subject: [PATCH] updated molotov state --- states/_modules/dkron.py | 6 ++-- states/_modules/ovhapi.py | 8 +++++ states/_modules/pki.py | 49 +++++++++++++++++++++++++++++++ states/_modules/syncthing.py | 7 ++++- states/_states/pki.py | 41 ++++++++++++++++++++++++++ states/_states/syncthing.py | 2 +- states/acme/acmesh.sls | 2 +- states/acme/common.sls | 3 +- states/acme/defaults.yaml | 2 +- states/acme/pkic.sls | 28 ++++++------------ states/molotov/defaults.yaml | 8 +++++ states/molotov/init.sls | 42 ++------------------------ states/molotov/install.sls | 42 ++++++++++++++++++++++++++ states/molotov/map.jinja | 5 ++++ states/molotov/molotov.desktop.j2 | 9 +++--- 15 files changed, 183 insertions(+), 71 deletions(-) create mode 100644 states/_modules/pki.py create mode 100644 states/_states/pki.py create mode 100644 states/molotov/defaults.yaml create mode 100644 states/molotov/install.sls create mode 100644 states/molotov/map.jinja diff --git a/states/_modules/dkron.py b/states/_modules/dkron.py index 986732d..7c7fdca 100644 --- a/states/_modules/dkron.py +++ b/states/_modules/dkron.py @@ -2,12 +2,13 @@ import requests + def get_jobs(url="http://localhost:8898", verify=False): """get_jobs fetch jobs from dkron""" fullurl = f"{url}/v1/jobs" ret = dict() try: - req = requests.request("get", fullurl, verify=verify) + req = requests.request("GET", fullurl, verify=verify) except (requests.exceptions.RequestException) as exc: raise f"Exception {exc} occured" ret = req.json() @@ -15,12 +16,13 @@ def get_jobs(url="http://localhost:8898", verify=False): return ret return None + def set_jobs(url="http://localhost:8898", verify=False, job=None): """set_jobs set jobs on dkron""" fullurl = f"{url}/v1/jobs" ret = dict() try: - req = requests.request("post", fullurl, verify=verify, json=job) + req = requests.request("POST", fullurl, verify=verify, json=job) except (requests.exceptions.RequestException) as exc: raise f"Exception {exc} occured" ret = req.json() diff --git a/states/_modules/ovhapi.py b/states/_modules/ovhapi.py index 37a6a08..d57589d 100644 --- a/states/_modules/ovhapi.py +++ b/states/_modules/ovhapi.py @@ -6,9 +6,11 @@ import ovh from salt.exceptions import CommandExecutionError, ArgumentValueError from ovh.exceptions import ResourceNotFoundError, APIError + def __virtual__(): return True + def _config(): config = __salt__['config.get']('ovh') if not config: @@ -18,6 +20,7 @@ def _config(): return config + def _auth(): cfg = _config() client = ovh.Client( @@ -29,6 +32,7 @@ def _auth(): return client + def domain_get_zone(zone=""): ''' Get DNS zone extraction @@ -78,6 +82,7 @@ def domain_get_record(zone="", fieldType="", subDomain="", target=""): return "Query failed in OVH API" return None + def domain_post_record(zone="", fieldType="", subDomain="", @@ -112,6 +117,7 @@ def domain_post_record(zone="", return req + def domain_put_record(zone="", fieldType="", subDomain="", @@ -154,6 +160,7 @@ def domain_put_record(zone="", return None + def domain_delete_record(zone="", fieldType="", subDomain=""): ''' Delete a DNS record (Don't forget to refresh the zone) @@ -185,6 +192,7 @@ def domain_delete_record(zone="", fieldType="", subDomain=""): return results + def domain_refresh_zone(zone=""): ''' Apply zone modification on DNS servers diff --git a/states/_modules/pki.py b/states/_modules/pki.py new file mode 100644 index 0000000..7e55d63 --- /dev/null +++ b/states/_modules/pki.py @@ -0,0 +1,49 @@ +#!/usr/bin/python3 +# vim:syntax=python + +import os +import requests + + +def write_file_content(content=None, + file=None): + ret = None + + try: + with open(file, "w") as f: + ret = f.write(content) + except Exception as err: + pass + + return + + +def get_file_content(checkfile=None): + ret = None + + try: + with open(checkfile, 'r') as f: + ret = f.read() + except FileNotFoundError as err: + pass + + return ret + + +def get_pki_cert(url="http://pki", + username=None, + password=None, + domains=None): + ret = None + + try: + res = requests.request(method="GET", + url=f"{url}/domain/{domains}", + auth=(username, password)) + resj = res.json() + + return resj["certificate"], resj["privatekey"] + except Exception as err: + pass + + return None, None diff --git a/states/_modules/syncthing.py b/states/_modules/syncthing.py index cc71230..e2d45be 100644 --- a/states/_modules/syncthing.py +++ b/states/_modules/syncthing.py @@ -3,6 +3,7 @@ import xml.etree.ElementTree as ET import requests + def get_apikey(configfile="/root/.config/syncthing/config.xml"): try: tree = ET.parse(configfile) @@ -12,7 +13,8 @@ def get_apikey(configfile="/root/.config/syncthing/config.xml"): except (FileNotFoundError, ET.ParseError, AttributeError) as exc: raise f"Exception {exc} occured" - return "" + return None + def get_config(url, verify, apikey): fullurl = f"{url}/rest/system/config" @@ -30,6 +32,7 @@ def get_config(url, verify, apikey): return None + def set_config(url, verify, apikey, config): fullurl = f"{url}/rest/system/config" try: @@ -45,6 +48,7 @@ def set_config(url, verify, apikey, config): return None + def insync(url, verify, apikey): fullurl = f"{url}/rest/system/config/insync" try: @@ -60,6 +64,7 @@ def insync(url, verify, apikey): return None + def restart(url, verify, apikey): fullurl = f"{url}/rest/system/restart" try: diff --git a/states/_states/pki.py b/states/_states/pki.py new file mode 100644 index 0000000..4cabd80 --- /dev/null +++ b/states/_states/pki.py @@ -0,0 +1,41 @@ +#!/usr/bin/python3 + +def fetched(name=None, + url="http://pki", + username=None, + password=None, + domains=None, + certfile=None, + keyfile=None): + + ret = { + 'name': name, + 'changes': {}, + 'result': False, + 'comment': 'Config is up to date' + } + + currentcert = None + currentkey = None + domain_concat = domains.join(',') + + currentcert = __salt__['pki.get_file_content'](checkfile=certfile) + currentkey = __salt__['pki.get_file_content'](checkfile=keyfile) + + newcert, newkey = __salt__['pki.get_pki_cert'](url=url, + username=username, + password=password, + domains=domain_concat) + + if currentcert != newcert or currentkey != newkey: + wcert = __salt__['pki.write_file_content'](newcert, certfile) + wkey = __salt__['pki.write_file_content'](newkey, keyfile) + + ret["changes"]["old"] = [currentcert,currentkey].join("\n") + ret["changes"]["new"] = [newcert,newkey].join("\n") + ret["changes"]["diff"] = salt.utils.stringutils.get_diff([currentcert,currentkey].join("\n"), + [newcert,newkey].join("\n")) + ret["comment"] = "Updated certificates and keys" + ret["result"] = all([wcert, wkey]) + + return ret diff --git a/states/_states/syncthing.py b/states/_states/syncthing.py index 9661193..bde3684 100644 --- a/states/_states/syncthing.py +++ b/states/_states/syncthing.py @@ -8,7 +8,7 @@ def config(name, verify, url, cfg): ret = {'name': name, 'changes': {}, 'result': True, - 'comment': 'config is up to date'} + 'comment': 'Config is up to date'} cfg = dict(cfg) diff --git a/states/acme/acmesh.sls b/states/acme/acmesh.sls index 9d1ffbe..e4c6e35 100644 --- a/states/acme/acmesh.sls +++ b/states/acme/acmesh.sls @@ -1,6 +1,6 @@ # vim:syntax=yaml ---- {%- from "acme/map.jinja" import acme with context %} +--- acmesh-install: cmd.run: - name: "curl https://get.acme.sh | sh" diff --git a/states/acme/common.sls b/states/acme/common.sls index 3c7eb24..2e9df27 100644 --- a/states/acme/common.sls +++ b/states/acme/common.sls @@ -1,7 +1,6 @@ # vim:syntax=yaml ---- {%- from "acme/map.jinja" import acme with context %} - +--- {%- for dir in acme.directories %} acme-directories-{{ dir }}: file.directory: diff --git a/states/acme/defaults.yaml b/states/acme/defaults.yaml index 023cbba..67e0504 100644 --- a/states/acme/defaults.yaml +++ b/states/acme/defaults.yaml @@ -11,7 +11,7 @@ acme: keysize: 4096 domains: [] dns: "dns_provider" - fullcertfile: "/etc/acme/certs/certificate.crt" + certfile: "/etc/acme/certs/certificate.crt" keyfile: "/etc/acme/keys/private.key" provider: api: diff --git a/states/acme/pkic.sls b/states/acme/pkic.sls index 31b4b96..3abb7b4 100644 --- a/states/acme/pkic.sls +++ b/states/acme/pkic.sls @@ -1,22 +1,12 @@ # vim:syntax=yaml ---- {%- from "acme/map.jinja" import acme with context %} -pkic-install: - file.managed: +--- +pki-fetched: + pki.fetched: - name: /etc/acme/pkic.py - - template: jinja - - source: salt://acme/pkic.py.j2 - - mode: 755 - -pkic-run: - cmd.run: - - name: /etc/acme/pkic.py - - env: - - URL: '{{ acme.provider.pki.url }}' - - DOMAINS: '{{ acme.domains|join(',') }}' - - FULLCERTFILE: '{{ acme.fullcertfile }}' - - KEYFILE: '{{ acme.keyfile }}' - - USERNAME: '{{ acme.provider.pki.username }}' - - PASSWORD: '{{ acme.provider.pki.password }}' - - require: - - file: pkic-install + - url: '{{ acme.provider.pki.url }}' + - username: '{{ acme.provider.pki.username }}' + - password: '{{ acme.provider.pki.password }}' + - domains: '{{ acme.domains }}' + - certfile: '{{ acme.certfile }}' + - keyfile: '{{ acme.keyfile }}' diff --git a/states/molotov/defaults.yaml b/states/molotov/defaults.yaml new file mode 100644 index 0000000..baca4fd --- /dev/null +++ b/states/molotov/defaults.yaml @@ -0,0 +1,8 @@ +--- +molotov: + url: http://desktop-auto-upgrade.molotov.tv/linux + file: molotov.AppImage + version: 4.4.4 + dest_path: /usr/local/bin + icon_path: /usr/share/icons/molotov.png + desktop_entry_path: /usr/share/applications/molotov.desktop diff --git a/states/molotov/init.sls b/states/molotov/init.sls index 5e101e8..e39dc86 100644 --- a/states/molotov/init.sls +++ b/states/molotov/init.sls @@ -1,41 +1,3 @@ --- -molotov-install: - file.managed: - - name: {{ salt['pillar.get']('molotov:dest_path') }}/molotov.{{ salt['pillar.get']('molotov:version') }} - - source: {{ salt['pillar.get']('molotov:url') }}/{{ salt['pillar.get']('molotov:version') }}/{{ salt['pillar.get']('molotov:file') }} - - skip_verify: true - - user: root - - group: root - - mode: 755 - - if_missing: {{ salt['pillar.get']('molotov:dest_path') }}/molotov.{{ salt['pillar.get']('molotov:version') }} - -molotov-symlink: - file.symlink: - - name: {{ salt['pillar.get']('molotov:dest_path') }}/molotov - - target: {{ salt['pillar.get']('molotov:dest_path') }}/molotov.{{ salt['pillar.get']('molotov:version') }} - - user: root - - group: root - - mode: 755 - - require: - - file: molotov-install - -molotov-icon: - file.managed: - - name: /usr/share/icons/molotov.png - - source: salt://molotov/molotov.png - - user: root - - group: root - - mode: 644 - - require: - - file: molotov-install - -molotov-desktop-entry: - file.managed: - - name: /usr/share/applications/molotov.desktop - - source: salt://molotov/molotov.desktop.j2 - - template: jinja - - user: root - - group: root - - mode: 644 - - require: - - file: molotov-install +include: + - .install diff --git a/states/molotov/install.sls b/states/molotov/install.sls new file mode 100644 index 0000000..9a67c5a --- /dev/null +++ b/states/molotov/install.sls @@ -0,0 +1,42 @@ +--- +{%- from "molotov/map.jinja" import molotov with context %} +molotov-install: + file.managed: + - name: {{ molotov.dest_path }}/molotov.{{ molotov.version }} + - source: {{ molotov.url }}/{{ molotov.version }}/{{ molotov.file }} + - skip_verify: true + - user: root + - group: root + - mode: 755 + - if_missing: {{ molotov.dest_path }}/molotov.{{ molotov.version }} + +molotov-symlink: + file.symlink: + - name: {{ molotov.dest_path }}/molotov + - target: {{ molotov.dest_path }}/molotov.{{ molotov.version }} + - user: root + - group: root + - mode: 755 + - require: + - file: molotov-install + +molotov-icon: + file.managed: + - name: {{ molotov.icon_path }} + - source: salt://molotov/molotov.png + - user: root + - group: root + - mode: 644 + - require: + - file: molotov-install + +molotov-desktop-entry: + file.managed: + - name: {{ molotov.desktop_entry_path }} + - source: salt://molotov/molotov.desktop.j2 + - template: jinja + - user: root + - group: root + - mode: 644 + - require: + - file: molotov-install diff --git a/states/molotov/map.jinja b/states/molotov/map.jinja new file mode 100644 index 0000000..5c82afc --- /dev/null +++ b/states/molotov/map.jinja @@ -0,0 +1,5 @@ +{%- import_yaml "molotov/defaults.yaml" as default_settings -%} + +{%- set defaults = salt['grains.filter_by'](default_settings, default='molotov') -%} + +{%- set molotov = salt['pillar.get']('molotov', default=defaults, merge=True) -%} \ No newline at end of file diff --git a/states/molotov/molotov.desktop.j2 b/states/molotov/molotov.desktop.j2 index ddd45de..a4f30a7 100644 --- a/states/molotov/molotov.desktop.j2 +++ b/states/molotov/molotov.desktop.j2 @@ -1,12 +1,13 @@ +{%- from "molotov/map.jinja" import molotov with context %} [Desktop Entry] Name=Molotov Encoding=UTF-8 -Version=1.0 +Version={{ molotov.version }} Comment=The app to watch TV, for free -Exec={{ salt['pillar.get']('molotov:dest_path') }}/molotov -Icon=/usr/share/icons/molotov.png +Exec={{ molotov.dest_path }}/molotov +Icon={{ molotov.icon_path }} Terminal=false StartupWMClass=Molotov Type=Application Categories=AudioVideo;Player; -X-Desktop-File-Install-Version=0.22 +X-Desktop-File-Install-Version=0.22 \ No newline at end of file