certidude/certidude/const.py


import click
import os
import socket
import sys

KEY_SIZE = 1024 if os.getenv("TRAVIS") else 4096
RUN_DIR = "/run/certidude"
CONFIG_DIR = "/etc/certidude"
CONFIG_PATH = os.path.join(CONFIG_DIR, "server.conf")
CLIENT_CONFIG_PATH = os.path.join(CONFIG_DIR, "client.conf")
SERVICES_CONFIG_PATH = os.path.join(CONFIG_DIR, "services.conf")
SERVER_PID_PATH = os.path.join(RUN_DIR, "server.pid")
SERVER_LOG_PATH = "/var/log/certidude-server.log"
SIGNER_SOCKET_PATH = "/run/certidude/signer.sock"
SIGNER_PID_PATH = os.path.join(RUN_DIR, "signer.pid")
SIGNER_LOG_PATH = "/var/log/certidude-signer.log"
STORAGE_PATH = "/var/lib/certidude"

try:
    FQDN = socket.getaddrinfo(socket.gethostname(), 0, socket.AF_INET, 0, 0, socket.AI_CANONNAME)[0][3]
except socket.gaierror:
    click.echo("Failed to resolve fully qualified hostname of this machine, make sure hostname -f works")
    sys.exit(254)

if "." in FQDN:
    HOSTNAME, DOMAIN = FQDN.split(".", 1)
else:
    HOSTNAME, DOMAIN = FQDN, "local"
    click.echo("Unable to determine domain of this computer, falling back to local")

# TODO: lazier, otherwise gets evaluated before installing package
if os.path.exists("/etc/strongswan/ipsec.conf"): # fedora dafuq?!
    STRONGSWAN_PREFIX = "/etc/strongswan"
else:
    STRONGSWAN_PREFIX = "/etc"
Refactor codebase * Replace PyOpenSSL with cryptography.io * Rename constants to const * Drop support for uwsgi * Use systemd to launch certidude server * Signer automatically spawned as part of server * Update requirements.txt * Clean up certidude client configuration handling * Add automatic enroll with Kerberos machine cerdentials 2016-09-17 21:00:14 +00:00
			`import click`
			`import os`
			`import socket`
Various fixes 2017-04-13 20:30:28 +00:00			`import sys`
Refactor codebase * Replace PyOpenSSL with cryptography.io * Rename constants to const * Drop support for uwsgi * Use systemd to launch certidude server * Signer automatically spawned as part of server * Update requirements.txt * Clean up certidude client configuration handling * Add automatic enroll with Kerberos machine cerdentials 2016-09-17 21:00:14 +00:00
tests: Cleanups 2017-05-01 22:32:55 +00:00			`KEY_SIZE = 1024 if os.getenv("TRAVIS") else 4096`
Attempt to run client as part of unittests 2017-05-01 16:20:50 +00:00			`RUN_DIR = "/run/certidude"`
tests: Handle forking 2017-05-03 07:04:52 +00:00			`CONFIG_DIR = "/etc/certidude"`
Refactor codebase * Replace PyOpenSSL with cryptography.io * Rename constants to const * Drop support for uwsgi * Use systemd to launch certidude server * Signer automatically spawned as part of server * Update requirements.txt * Clean up certidude client configuration handling * Add automatic enroll with Kerberos machine cerdentials 2016-09-17 21:00:14 +00:00			`CONFIG_PATH = os.path.join(CONFIG_DIR, "server.conf")`
			`CLIENT_CONFIG_PATH = os.path.join(CONFIG_DIR, "client.conf")`
			`SERVICES_CONFIG_PATH = os.path.join(CONFIG_DIR, "services.conf")`
tests: Handle forking 2017-05-03 07:04:52 +00:00			`SERVER_PID_PATH = os.path.join(RUN_DIR, "server.pid")`
			`SERVER_LOG_PATH = "/var/log/certidude-server.log"`
			`SIGNER_SOCKET_PATH = "/run/certidude/signer.sock"`
			`SIGNER_PID_PATH = os.path.join(RUN_DIR, "signer.pid")`
			`SIGNER_LOG_PATH = "/var/log/certidude-signer.log"`
tests: Better code coverage 2017-05-03 21:03:51 +00:00			`STORAGE_PATH = "/var/lib/certidude"`
Refactor codebase * Replace PyOpenSSL with cryptography.io * Rename constants to const * Drop support for uwsgi * Use systemd to launch certidude server * Signer automatically spawned as part of server * Update requirements.txt * Clean up certidude client configuration handling * Add automatic enroll with Kerberos machine cerdentials 2016-09-17 21:00:14 +00:00
Attempt to run client as part of unittests 2017-05-01 16:20:50 +00:00			`try:`
			`FQDN = socket.getaddrinfo(socket.gethostname(), 0, socket.AF_INET, 0, 0, socket.AI_CANONNAME)[0][3]`
			`except socket.gaierror:`
			`click.echo("Failed to resolve fully qualified hostname of this machine, make sure hostname -f works")`
			`sys.exit(254)`
Refactor codebase * Replace PyOpenSSL with cryptography.io * Rename constants to const * Drop support for uwsgi * Use systemd to launch certidude server * Signer automatically spawned as part of server * Update requirements.txt * Clean up certidude client configuration handling * Add automatic enroll with Kerberos machine cerdentials 2016-09-17 21:00:14 +00:00
			`if "." in FQDN:`
			`HOSTNAME, DOMAIN = FQDN.split(".", 1)`
			`else:`
			`HOSTNAME, DOMAIN = FQDN, "local"`
			`click.echo("Unable to determine domain of this computer, falling back to local")`

StrongSwan gateway setup script cleanups 2017-04-14 17:21:31 +00:00			`# TODO: lazier, otherwise gets evaluated before installing package`
StrongSwan client setup fixes 2017-04-13 23:49:11 +00:00			`if os.path.exists("/etc/strongswan/ipsec.conf"): # fedora dafuq?!`
			`STRONGSWAN_PREFIX = "/etc/strongswan"`
			`else:`
			`STRONGSWAN_PREFIX = "/etc"`