uncloud/uncloud_net/tasks.py

from celery import shared_task
from .models import *

from uncloud.models import UncloudTask

import os
import subprocess
import logging
import uuid


log = logging.getLogger(__name__)

@shared_task
def configure_wireguard_server_on_host(wg_name, config):
    """
    - Create wireguard config (DB query -> string)
    - Submit config to cdist worker
    - Change config locally on worker / commit / shared
    """

    # Write config
    fname = f"/etc/wireguard/{wg_name}.conf"
    with open(fname, "w") as fd:
        fd.write(config)

    # Ensure the device exists
    subprocess.run(f"ip link show {wg_name} || sudo ip link add {{wg_name}} type wireguard",
                   shell=True, check=True)

    # Ensure the config is correct
    subprocess.run(f"sudo wg setconf {wg_name} {fname}",
                   shell=True, check=True)


def configure_wireguard_server_via_cdist(wireguardvpnpool):
    """
    - Create wireguard config (DB query -> string)
    - Submit config to cdist worker
    - Change config locally on worker / commit / shared

    """

    config = wireguardvpnpool.wireguard_config
    server = wireguardvpnpool.vpn_server_hostname

    log.info(f"Configuring VPN server {server} (async)")

    task_id = uuid.UUID(cdist_configure_wireguard_server.apply_async((config, server)).id)
    UncloudTask.objects.create(task_id=task_id)


@shared_task
def cdist_configure_wireguard_server(config, server):
    """
    Create config and configure server.

    To be executed on the cdist worker.
    """

    dirname= "/home/app/.cdist/type/__ungleich_wireguard/files/"
    fname = os.path.join(dirname,server)

    log.info(f"Configuring VPN server {server} (on cdist host)")
    with open(fname, "w") as fd:
        fd.write(config)

    log.debug("git committing wireguard changes")
    subprocess.run(f"cd {dirname} && git pull && git add {server} && git commit -m 'Updating config for {server}' && git push",
                   shell=True, check=True)

    log.debug(f"Configuring VPN server {server} with cdist")
    subprocess.run(f"cdist config {server}", shell=True, check=True)

    # FIXME:
    # ensure logs are on the server
    # ensure exit codes are known
    return True
phasing in celery for configuring the vpn server 2020-12-13 17:34:43 +00:00			`from celery import shared_task`
			`from .models import *`

++celery/tasks 2020-12-20 17:36:46 +00:00			`from uncloud.models import UncloudTask`

celery test 2020-12-13 18:50:36 +00:00			`import os`
++config vpn server 2020-12-20 12:00:36 +00:00			`import subprocess`
++celery/tasks 2020-12-20 17:36:46 +00:00			`import logging`
			`import uuid`

moving vpn to direct configuration 2020-12-26 13:42:53 +00:00
++celery/tasks 2020-12-20 17:36:46 +00:00			`log = logging.getLogger(__name__)`
celery test 2020-12-13 18:50:36 +00:00
moving vpn to direct configuration 2020-12-26 13:42:53 +00:00			`@shared_task`
			`def configure_wireguard_server_on_host(wg_name, config):`
			`"""`
			`- Create wireguard config (DB query -> string)`
			`- Submit config to cdist worker`
			`- Change config locally on worker / commit / shared`
			`"""`

			`# Write config`
fix templating 2020-12-26 13:45:28 +00:00			`fname = f"/etc/wireguard/{wg_name}.conf"`
moving vpn to direct configuration 2020-12-26 13:42:53 +00:00			`with open(fname, "w") as fd:`
			`fd.write(config)`

			`# Ensure the device exists`
fix templating 2020-12-26 13:45:28 +00:00			`subprocess.run(f"ip link show {wg_name} \|\| sudo ip link add {{wg_name}} type wireguard",`
moving vpn to direct configuration 2020-12-26 13:42:53 +00:00			`shell=True, check=True)`

			`# Ensure the config is correct`
fix templating 2020-12-26 13:45:28 +00:00			`subprocess.run(f"sudo wg setconf {wg_name} {fname}",`
moving vpn to direct configuration 2020-12-26 13:42:53 +00:00			`shell=True, check=True)`



			`def configure_wireguard_server_via_cdist(wireguardvpnpool):`
begin phasing in config of vpn via cdist 2020-12-20 11:20:54 +00:00			`"""`
			`- Create wireguard config (DB query -> string)`
			`- Submit config to cdist worker`
			`- Change config locally on worker / commit / shared`

			`"""`

			`config = wireguardvpnpool.wireguard_config`
			`server = wireguardvpnpool.vpn_server_hostname`

++celery/tasks 2020-12-20 17:36:46 +00:00			`log.info(f"Configuring VPN server {server} (async)")`

			`task_id = uuid.UUID(cdist_configure_wireguard_server.apply_async((config, server)).id)`
test cleaning tasks in a task fails: [2020-12-20 18:01:50,264: WARNING/ForkPoolWorker-7] Pruning UncloudTask object (571ffc76-8b40-4cb6-9658-87030834bc6c)... [2020-12-20 18:01:50,265: ERROR/ForkPoolWorker-7] Task uncloud.tasks.cleanup_tasks[f9fb1480-f122-41c9-bec1-3d6d0f92a22e] raised unexpected: RuntimeError('Never call result.get() within a task!\nSee http://docs.celeryq.org/en/latest/userguide/tasks.html#task-synchronous-subtasks\n') Traceback (most recent call last): File "/home/nico/vcs/uncloud/venv/lib/python3.8/site-packages/celery/app/trace.py", line 405, in trace_task R = retval = fun(args, kwargs) File "/home/nico/vcs/uncloud/venv/lib/python3.8/site-packages/celery/app/trace.py", line 697, in __protected_call__ return self.run(args, **kwargs) File "/home/nico/vcs/uncloud/uncloud/tasks.py", line 13, in cleanup_tasks print(res.get()) File "/home/nico/vcs/uncloud/venv/lib/python3.8/site-packages/celery/result.py", line 209, in get assert_will_not_block() File "/home/nico/vcs/uncloud/venv/lib/python3.8/site-packages/celery/result.py", line 37, in assert_will_not_block raise RuntimeError(E_WOULDBLOCK) RuntimeError: Never call result.get() within a task! See http://docs.celeryq.org/en/latest/userguide/tasks.html#task-synchronous-subtasks 2020-12-20 18:01:37 +00:00			`UncloudTask.objects.create(task_id=task_id)`
++celery/tasks 2020-12-20 17:36:46 +00:00
begin phasing in config of vpn via cdist 2020-12-20 11:20:54 +00:00
phasing in celery for configuring the vpn server 2020-12-13 17:34:43 +00:00			`@shared_task`
begin phasing in config of vpn via cdist 2020-12-20 11:20:54 +00:00			`def cdist_configure_wireguard_server(config, server):`
			`"""`
			`Create config and configure server.`

moving vpn to direct configuration 2020-12-26 13:42:53 +00:00			`To be executed on the cdist worker.`
begin phasing in config of vpn via cdist 2020-12-20 11:20:54 +00:00			`"""`

++config vpn server 2020-12-20 12:00:36 +00:00			`dirname= "/home/app/.cdist/type/__ungleich_wireguard/files/"`
			`fname = os.path.join(dirname,server)`
begin phasing in config of vpn via cdist 2020-12-20 11:20:54 +00:00
++celery/tasks 2020-12-20 17:36:46 +00:00			`log.info(f"Configuring VPN server {server} (on cdist host)")`
begin phasing in config of vpn via cdist 2020-12-20 11:20:54 +00:00			`with open(fname, "w") as fd:`
			`fd.write(config)`
wireguard/celery fixes 2020-12-20 11:45:36 +00:00
++celery/tasks 2020-12-20 17:36:46 +00:00			`log.debug("git committing wireguard changes")`
[vpn/doc] update docs 2020-12-20 18:37:12 +00:00			`subprocess.run(f"cd {dirname} && git pull && git add {server} && git commit -m 'Updating config for {server}' && git push",`
++celery/tasks 2020-12-20 17:36:46 +00:00			`shell=True, check=True)`
++config vpn server 2020-12-20 12:00:36 +00:00
++celery/tasks 2020-12-20 17:36:46 +00:00			`log.debug(f"Configuring VPN server {server} with cdist")`
			`subprocess.run(f"cdist config {server}", shell=True, check=True)`
++config vpn server 2020-12-20 12:00:36 +00:00
			`# FIXME:`
			`# ensure logs are on the server`
			`# ensure exit codes are known`
Fix the config task 2020-12-20 18:17:03 +00:00			`return True`