uncloud-mravi/uncloud_net/tasks.py

80 lines
2.2 KiB
Python
Raw Normal View History

from celery import shared_task
from .models import *
2020-12-20 17:36:46 +00:00
from uncloud.models import UncloudTask
2020-12-13 18:50:36 +00:00
import os
2020-12-20 12:00:36 +00:00
import subprocess
2020-12-20 17:36:46 +00:00
import logging
import uuid
2020-12-26 13:42:53 +00:00
2020-12-20 17:36:46 +00:00
log = logging.getLogger(__name__)
2020-12-13 18:50:36 +00:00
2020-12-26 13:42:53 +00:00
@shared_task
def configure_wireguard_server_on_host(wg_name, config):
"""
- Create wireguard config (DB query -> string)
- Submit config to cdist worker
- Change config locally on worker / commit / shared
"""
# Write config
2020-12-26 13:45:28 +00:00
fname = f"/etc/wireguard/{wg_name}.conf"
2020-12-26 13:42:53 +00:00
with open(fname, "w") as fd:
fd.write(config)
# Ensure the device exists
2020-12-26 13:48:10 +00:00
subprocess.run(f"ip link show {wg_name} >/dev/null || sudo ip link add {{wg_name}} type wireguard",
2020-12-26 13:42:53 +00:00
shell=True, check=True)
# Ensure the config is correct
2020-12-26 13:45:28 +00:00
subprocess.run(f"sudo wg setconf {wg_name} {fname}",
2020-12-26 13:42:53 +00:00
shell=True, check=True)
def configure_wireguard_server_via_cdist(wireguardvpnpool):
"""
- Create wireguard config (DB query -> string)
- Submit config to cdist worker
- Change config locally on worker / commit / shared
"""
config = wireguardvpnpool.wireguard_config
server = wireguardvpnpool.vpn_server_hostname
2020-12-20 17:36:46 +00:00
log.info(f"Configuring VPN server {server} (async)")
task_id = uuid.UUID(cdist_configure_wireguard_server.apply_async((config, server)).id)
UncloudTask.objects.create(task_id=task_id)
2020-12-20 17:36:46 +00:00
@shared_task
def cdist_configure_wireguard_server(config, server):
"""
Create config and configure server.
2020-12-26 13:42:53 +00:00
To be executed on the cdist worker.
"""
2020-12-20 12:00:36 +00:00
dirname= "/home/app/.cdist/type/__ungleich_wireguard/files/"
fname = os.path.join(dirname,server)
2020-12-20 17:36:46 +00:00
log.info(f"Configuring VPN server {server} (on cdist host)")
with open(fname, "w") as fd:
fd.write(config)
2020-12-20 11:45:36 +00:00
2020-12-20 17:36:46 +00:00
log.debug("git committing wireguard changes")
2020-12-20 18:37:12 +00:00
subprocess.run(f"cd {dirname} && git pull && git add {server} && git commit -m 'Updating config for {server}' && git push",
2020-12-20 17:36:46 +00:00
shell=True, check=True)
2020-12-20 12:00:36 +00:00
2020-12-20 17:36:46 +00:00
log.debug(f"Configuring VPN server {server} with cdist")
subprocess.run(f"cdist config {server}", shell=True, check=True)
2020-12-20 12:00:36 +00:00
# FIXME:
# ensure logs are on the server
# ensure exit codes are known
2020-12-20 18:17:03 +00:00
return True