core-extra/daemon/core/configservices/sercurityservices/services.py

from typing import Any, Dict

from core.configservice.base import ConfigService, ConfigServiceMode

GROUP_NAME = "Security"


class VpnClient(ConfigService):
    name = "VPNClient"
    group = GROUP_NAME
    directories = []
    files = ["vpnclient.sh"]
    executables = ["openvpn", "ip", "killall"]
    dependencies = []
    startup = ["sh vpnclient.sh"]
    validate = ["pidof openvpn"]
    shutdown = ["killall openvpn"]
    validation_mode = ConfigServiceMode.BLOCKING
    default_configs = []
    modes = {}


class VPNServer(ConfigService):
    name = "VPNServer"
    group = GROUP_NAME
    directories = []
    files = ["vpnserver.sh"]
    executables = ["openvpn", "ip", "killall"]
    dependencies = []
    startup = ["sh vpnserver.sh"]
    validate = ["pidof openvpn"]
    shutdown = ["killall openvpn"]
    validation_mode = ConfigServiceMode.BLOCKING
    default_configs = []
    modes = {}


class IPsec(ConfigService):
    name = "IPsec"
    group = GROUP_NAME
    directories = []
    files = ["ipsec.sh"]
    executables = ["racoon", "ip", "setkey", "killall"]
    dependencies = []
    startup = ["sh ipsec.sh"]
    validate = ["pidof racoon"]
    shutdown = ["killall racoon"]
    validation_mode = ConfigServiceMode.BLOCKING
    default_configs = []
    modes = {}


class Firewall(ConfigService):
    name = "Firewall"
    group = GROUP_NAME
    directories = []
    files = ["firewall.sh"]
    executables = ["iptables"]
    dependencies = []
    startup = ["sh firewall.sh"]
    validate = []
    shutdown = []
    validation_mode = ConfigServiceMode.BLOCKING
    default_configs = []
    modes = {}


class Nat(ConfigService):
    name = "NAT"
    group = GROUP_NAME
    directories = []
    files = ["nat.sh"]
    executables = ["iptables"]
    dependencies = []
    startup = ["sh nat.sh"]
    validate = []
    shutdown = []
    validation_mode = ConfigServiceMode.BLOCKING
    default_configs = []
    modes = {}

    def data(self) -> Dict[str, Any]:
        ifnames = []
        for ifc in self.node.netifs():
            if getattr(ifc, "control", False):
                continue
            ifnames.append(ifc.name)
        return dict(ifnames=ifnames)
updated config services to account for files that have a path, basename will be used for template rendering, converted all current utility/security services to config service format 2020-01-23 00:54:45 +00:00			`from typing import Any, Dict`

updates naming for built in config services, broke out current example script to examples dir, broke out config service manager to separate file 2020-01-17 21:47:55 +00:00			`from core.configservice.base import ConfigService, ConfigServiceMode`

			`GROUP_NAME = "Security"`


			`class VpnClient(ConfigService):`
			`name = "VPNClient"`
			`group = GROUP_NAME`
			`directories = []`
added files to config services, added default logic for creating files from templates, added new method to provide extra data to templates, updated gui to display templates raw 2020-01-20 23:02:04 +00:00			`files = ["vpnclient.sh"]`
updates naming for built in config services, broke out current example script to examples dir, broke out config service manager to separate file 2020-01-17 21:47:55 +00:00			`executables = ["openvpn", "ip", "killall"]`
			`dependencies = []`
			`startup = ["sh vpnclient.sh"]`
			`validate = ["pidof openvpn"]`
			`shutdown = ["killall openvpn"]`
			`validation_mode = ConfigServiceMode.BLOCKING`
			`default_configs = []`
added modes to config services that allows them to decide sets of configurations 2020-01-21 22:00:55 +00:00			`modes = {}`
updated config services to account for files that have a path, basename will be used for template rendering, converted all current utility/security services to config service format 2020-01-23 00:54:45 +00:00

			`class VPNServer(ConfigService):`
			`name = "VPNServer"`
			`group = GROUP_NAME`
			`directories = []`
			`files = ["vpnserver.sh"]`
			`executables = ["openvpn", "ip", "killall"]`
			`dependencies = []`
			`startup = ["sh vpnserver.sh"]`
			`validate = ["pidof openvpn"]`
			`shutdown = ["killall openvpn"]`
			`validation_mode = ConfigServiceMode.BLOCKING`
			`default_configs = []`
			`modes = {}`


			`class IPsec(ConfigService):`
			`name = "IPsec"`
			`group = GROUP_NAME`
			`directories = []`
			`files = ["ipsec.sh"]`
			`executables = ["racoon", "ip", "setkey", "killall"]`
			`dependencies = []`
			`startup = ["sh ipsec.sh"]`
			`validate = ["pidof racoon"]`
			`shutdown = ["killall racoon"]`
			`validation_mode = ConfigServiceMode.BLOCKING`
			`default_configs = []`
			`modes = {}`


			`class Firewall(ConfigService):`
			`name = "Firewall"`
			`group = GROUP_NAME`
			`directories = []`
			`files = ["firewall.sh"]`
			`executables = ["iptables"]`
			`dependencies = []`
			`startup = ["sh firewall.sh"]`
			`validate = []`
			`shutdown = []`
			`validation_mode = ConfigServiceMode.BLOCKING`
			`default_configs = []`
			`modes = {}`


			`class Nat(ConfigService):`
			`name = "NAT"`
			`group = GROUP_NAME`
			`directories = []`
			`files = ["nat.sh"]`
			`executables = ["iptables"]`
			`dependencies = []`
			`startup = ["sh nat.sh"]`
			`validate = []`
			`shutdown = []`
			`validation_mode = ConfigServiceMode.BLOCKING`
			`default_configs = []`
			`modes = {}`

			`def data(self) -> Dict[str, Any]:`
			`ifnames = []`
			`for ifc in self.node.netifs():`
updated config services to use getattr instead of hasattr to simplify code 2020-01-23 19:27:05 +00:00			`if getattr(ifc, "control", False):`
updated config services to account for files that have a path, basename will be used for template rendering, converted all current utility/security services to config service format 2020-01-23 00:54:45 +00:00			`continue`
			`ifnames.append(ifc.name)`
			`return dict(ifnames=ifnames)`