pinecrypt/pinecrypt-gateway-backend
2
1
Fork 0
Code Issues 10 Pull Requests Projects Activity

Init mongo, load mongo replicas from Mongo URI

Browse Source
This commit is contained in:
Marvin Martinson 2021-06-21 19:50:41 +00:00
parent b935a26961
commit ce0eb1a400
2 changed files with 34 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

43
pinecrypt/server/cli.py
View File

@ -16,6 +16,7 @@ import pymongo
import signal import signal
import sys import sys
import pytz import pytz
import ipaddress
from asn1crypto import pem, x509 from asn1crypto import pem, x509
from certbuilder import CertificateBuilder, pem_armor_certificate from certbuilder import CertificateBuilder, pem_armor_certificate
from datetime import datetime, timedelta from datetime import datetime, timedelta
@ -215,6 +216,35 @@ def pinecone_serve_builder():
@click.command("provision", help="Provision keys") @click.command("provision", help="Provision keys")
def pinecone_provision(): def pinecone_provision():
#First thing init mongo db
click.echo("Provisioning MongoDB replicaset")
# WTF https://github.com/docker-library/mongo/issues/339
c = pymongo.MongoClient("localhost", 27017)
if const.INIT_MONGO:
mongo_uri = pymongo.uri_parser.parse_uri(const.MONGO_URI)
for ip_port in mongo_uri["nodelist"]:
try:
ipaddress.ip_address(ip_port[0])
except ValueError:
click.echo("Right now mongo address must be IP, no domin names allowed")
raise ValueError("Right now mongo address must be IP, no domin names allowed like %s" % ip_port[0])
config = {"_id": "rs0", "members": [
{"_id": index, "host": "%s:%s" % (ip_port[0], ip_port[1])} for index, ip_port in enumerate(mongo_uri["nodelist"])]}
# config = {"_id":"rs0", "members": [
# {"_id": 0, "host": "127.0.0.1:27017"}]}
print("Provisioning MongoDB replicaset: %s" % repr(config))
try:
c.admin.command("replSetInitiate", config)
except pymongo.errors.OperationFailure:
print("Looks like it's already initialized")
pass
# Expand variables # Expand variables
distinguished_name = cn_to_dn(const.AUTHORITY_COMMON_NAME) distinguished_name = cn_to_dn(const.AUTHORITY_COMMON_NAME)
@ -357,19 +387,6 @@ def pinecone_provision():
const.SELF_KEY_PATH const.SELF_KEY_PATH
)) ))
if const.REPLICAS:
click.echo("Provisioning MongoDB replicaset")
# WTF https://github.com/docker-library/mongo/issues/339
c = pymongo.MongoClient("localhost", 27017)
config = {"_id": "rs0", "members": [
{"_id": index, "host": "%s:27017" % hostname} for index, hostname in enumerate(const.REPLICAS)]}
print("Provisioning MongoDB replicaset: %s" % repr(config))
try:
c.admin.command("replSetInitiate", config)
except pymongo.errors.OperationFailure:
print("Looks like it's already initialized")
pass
# TODO: use this task to send notification emails maybe? # TODO: use this task to send notification emails maybe?
click.echo("Finished starting up") click.echo("Finished starting up")
sleep(999999999) sleep(999999999)

9
pinecrypt/server/const.py
View File

@ -31,11 +31,8 @@ SERVICE_PROTOCOLS = ["ikev2", "openvpn"]
MONGO_URI = os.getenv("MONGO_URI") MONGO_URI = os.getenv("MONGO_URI")
REPLICAS = [j for j in os.getenv("REPLICAS", "").split(",") if j] REPLICAS = [j for j in os.getenv("REPLICAS", "").split(",") if j]
if REPLICAS:
if MONGO_URI: if not MONGO_URI:
raise ValueError("Simultanously specifying MONGO_URI and REPLICAS doesn't make sense")
MONGO_URI = "mongodb://%s/default?replicaSet=rs0" % (",".join(["%s:27017" % j for j in REPLICAS]))
elif not MONGO_URI:
MONGO_URI = "mongodb://127.0.0.1:27017/default?replicaSet=rs0" MONGO_URI = "mongodb://127.0.0.1:27017/default?replicaSet=rs0"
KEY_SIZE = 4096 KEY_SIZE = 4096
@ -170,6 +167,8 @@ if "%s" not in LDAP_ADMIN_FILTER:
AUDIT_EMAIL = os.getenv("AUDIT_EMAIL") AUDIT_EMAIL = os.getenv("AUDIT_EMAIL")
DEBUG = bool(os.getenv("DEBUG")) DEBUG = bool(os.getenv("DEBUG"))
INIT_MONGO = bool(os.getenv("INIT_MONGO"))
SESSION_COOKIE = "sha512brownies" SESSION_COOKIE = "sha512brownies"
SESSION_AGE = 3600 SESSION_AGE = 3600