8
0
Fork 0
mirror of https://gitlab2.federez.net/re2o/re2o synced 2024-11-23 11:53:12 +00:00

Mode de provision sftp

This commit is contained in:
Gabriel Detraz 2018-07-12 17:33:26 +02:00 committed by grizzly
parent 3c22ea4e89
commit 8a22dc1e02
3 changed files with 65 additions and 5 deletions

View file

@ -353,7 +353,10 @@ class OptionalTopologieSerializer(NamespacedHMSerializer):
class Meta: class Meta:
model = preferences.OptionalTopologie model = preferences.OptionalTopologie
fields = ('radius_general_policy', 'vlan_decision_ok', fields = ('radius_general_policy', 'vlan_decision_ok',
'vlan_decision_nok') 'vlan_decision_nok', 'switchs_ip_type', 'switchs_web_management',
'switchs_web_management_ssl', 'switchs_rest_management',
'switchs_management_utils', 'switchs_management_interface_ip',
'provision_switchs_enabled', 'switchs_provision', 'switchs_management_sftp_creds')
class GeneralOptionSerializer(NamespacedHMSerializer): class GeneralOptionSerializer(NamespacedHMSerializer):

View file

@ -35,11 +35,8 @@ from django.utils.translation import ugettext_lazy as _
import machines.models import machines.models
from re2o.mixins import AclMixin from re2o.mixins import AclMixin
<<<<<<< HEAD
=======
from re2o.aes_field import AESEncryptedField from re2o.aes_field import AESEncryptedField
from datetime import timedelta from datetime import timedelta
>>>>>>> 3d881c4f... Gestion de la clef radius, et serialisation
class PreferencesModel(models.Model): class PreferencesModel(models.Model):
@ -185,6 +182,10 @@ class OptionalTopologie(AclMixin, PreferencesModel):
(MACHINE, _("On the IP range's VLAN of the machine")), (MACHINE, _("On the IP range's VLAN of the machine")),
(DEFINED, _("Preset in 'VLAN for machines accepted by RADIUS'")), (DEFINED, _("Preset in 'VLAN for machines accepted by RADIUS'")),
) )
CHOICE_PROVISION = (
('sftp', 'sftp'),
('tftp', 'tftp'),
)
radius_general_policy = models.CharField( radius_general_policy = models.CharField(
max_length=32, max_length=32,
@ -224,6 +225,24 @@ class OptionalTopologie(AclMixin, PreferencesModel):
null=True, null=True,
help_text="Plage d'ip de management des switchs" help_text="Plage d'ip de management des switchs"
) )
switchs_provision = models.CharField(
max_length=32,
choices=CHOICE_PROVISION,
default='tftp',
help_text="Mode de récupération des confs par les switchs"
)
sftp_login = models.CharField(
max_length=32,
null=True,
blank=True,
help_text="Login sftp des switchs"
)
sftp_pass = AESEncryptedField(
max_length=63,
null=True,
blank=True,
help_text="Mot de passe sftp"
)
@cached_property @cached_property
def provisioned_switchs(self): def provisioned_switchs(self):
@ -247,11 +266,37 @@ class OptionalTopologie(AclMixin, PreferencesModel):
return None return None
return self.switchs_management_interface.ipv4 return self.switchs_management_interface.ipv4
@cached_property
def switchs_management_sftp_creds(self):
"""Credentials des switchs pour provion sftp"""
if self.sftp_login and self.sftp_pass:
return {'login' : self.sftp_login, 'pass' : self.sftp_pass}
else:
return None
@cached_property
def switchs_management_utils(self):
"""Used for switch_conf, return a list of ip on vlans"""
from machines.models import Role, Ipv6List, Interface
def return_ips_dict(interfaces):
return {'ipv4' : [str(interface.ipv4) for interface in interfaces], 'ipv6' : Ipv6List.objects.filter(interface__in=interfaces).values_list('ipv6', flat=True)}
ntp_servers = Role.all_interfaces_for_roletype("ntp-server").filter(type__ip_type=self.switchs_ip_type)
log_servers = Role.all_interfaces_for_roletype("log-server").filter(type__ip_type=self.switchs_ip_type)
radius_servers = Role.all_interfaces_for_roletype("radius-server").filter(type__ip_type=self.switchs_ip_type)
dhcp_servers = Role.all_interfaces_for_roletype("dhcp-server")
subnet = None
subnet6 = None
if self.switchs_ip_type:
subnet = self.switchs_ip_type.ip_set_full_info
subnet6 = self.switchs_ip_type.ip6_set_full_info
return {'ntp_servers': return_ips_dict(ntp_servers), 'log_servers': return_ips_dict(log_servers), 'radius_servers': return_ips_dict(radius_servers), 'dhcp_servers': return_ips_dict(dhcp_servers), 'subnet': subnet, 'subnet6': subnet6}
@cached_property @cached_property
def provision_switchs_enabled(self): def provision_switchs_enabled(self):
"""Return true if all settings are ok : switchs on automatic provision, """Return true if all settings are ok : switchs on automatic provision,
ip_type""" ip_type"""
return bool(self.provisioned_switchs and self.switchs_ip_type and SwitchManagementCred.objects.filter(default_switch=True).exists() and self.switchs_management_interface_ip) return bool(self.provisioned_switchs and self.switchs_ip_type and SwitchManagementCred.objects.filter(default_switch=True).exists() and self.switchs_management_interface_ip and bool(self.switchs_provision != 'sftp' or self.switchs_management_sftp_creds))
class Meta: class Meta:
permissions = ( permissions = (

View file

@ -156,6 +156,18 @@ with this program; if not, write to the Free Software Foundation, Inc.,
<th>Serveur des config des switchs</th> <th>Serveur des config des switchs</th>
<td>{{ topologieoptions.switchs_management_interface }} {% if topologieoptions.switchs_management_interface %} - {{ topologieoptions.switchs_management_interface_ip }} <span class="label label-success"> OK{% else %}<span class="label label-danger">Manquant{% endif %}</span></td> <td>{{ topologieoptions.switchs_management_interface }} {% if topologieoptions.switchs_management_interface %} - {{ topologieoptions.switchs_management_interface_ip }} <span class="label label-success"> OK{% else %}<span class="label label-danger">Manquant{% endif %}</span></td>
</tr> </tr>
<tr>
<th>Mode de provision des switchs</th>
<td>{{ topologieoptions.switchs_provision }}</td>
</tr>
<tr>
<th>Mode TFTP</th>
<td><span class="label label-success"> OK</span></td>
</tr>
<tr>
<th>Mode SFTP</th>
<td>{% if topologieoptions.switchs_management_sftp_creds %}<span class="label label-success"> OK{% else %}<span class="label label-danger">Creds manquants{% endif %}</span></td>
</tr>
</table> </table>
<h6>Creds de management des switchs</h6> <h6>Creds de management des switchs</h6>