Merge pull request #6 from sequenceiq/chgpass

Marton Sereg · web-flow · commit b9d711c486f6 · 2016-08-25T10:02:54.000+02:00
Ability to setup saltuser with pass
diff --git a/Makefile b/Makefile
@@ -1,6 +1,6 @@
 BINARY=salt-bootstrap
 
-VERSION=0.1.2
+VERSION=0.2.0
 BUILD_TIME=$(shell date +%FT%T)
 LDFLAGS=-ldflags "-X github.com/sequenceiq/salt-bootstrap/saltboot.Version=${VERSION} -X github.com/sequenceiq/salt-bootstrap/saltboot.BuildTime=${BUILD_TIME}"
 
diff --git a/main.go b/main.go
@@ -1,18 +1,28 @@
 package main
 
 import (
-    "fmt"
-    "log"
-    "os"
-    "strings"
-    "github.com/sequenceiq/salt-bootstrap/saltboot"
+	"fmt"
+	"log"
+	"os"
+	"strings"
+	"github.com/sequenceiq/salt-bootstrap/saltboot"
+	"io"
 )
 
 func main() {
-    if len(os.Args) > 1 && strings.HasSuffix(os.Args[1], "version") {
-        fmt.Printf("Version: %s-%s", saltboot.Version, saltboot.BuildTime)
-        return
-    }
-    log.Println("[main] Launch salt-bootstrap application")
-    saltboot.NewCloudbreakBootstrapWeb()
+
+	if len(os.Args) > 1 && strings.HasSuffix(os.Args[1], "version") {
+		fmt.Printf("Version: %s-%s", saltboot.Version, saltboot.BuildTime)
+		return
+	}
+
+	logFile, err := os.OpenFile("/var/log/saltboot.log", os.O_APPEND | os.O_CREATE | os.O_RDWR, 0666)
+	if err != nil {
+		log.Printf("Error opening log file: %v", err)
+	}
+	defer logFile.Close()
+	log.SetOutput(io.MultiWriter(os.Stdout, logFile))
+
+	log.Println("[main] Launch salt-bootstrap application")
+	saltboot.NewCloudbreakBootstrapWeb()
 }
diff --git a/saltboot/netutil.go b/saltboot/netutil.go
@@ -1,39 +1,12 @@
 package saltboot
 
 import (
-	"io/ioutil"
 	"log"
 	"os"
-	"regexp"
 	"strconv"
 	"strings"
 )
 
-func DetermineDNSRecursors(fallbackDNSRecursors []string) []string {
-	var dnsRecursors []string
-	if dat, err := ioutil.ReadFile("/etc/resolv.conf"); err == nil {
-		resolvContent := string(dat)
-		log.Printf("[determineDNSRecursors] Loaded /etc/resolv.conf file: %s.", resolvContent)
-		r, _ := regexp.Compile("nameserver .*")
-		if nameserverLines := r.FindAllString(resolvContent, -1); nameserverLines != nil {
-			for _, nameserverLine := range nameserverLines {
-				log.Printf("[determineDNSRecursors] Found nameserverline: %s.", nameserverLine)
-				dnsRecursor := strings.TrimSpace(strings.Split(nameserverLine, " ")[1])
-				log.Printf("[determineDNSRecursors] Parsed DNS recursor: %s.", dnsRecursor)
-				if !strings.Contains(dnsRecursor, "127.0.0.1") {
-					dnsRecursors = append(dnsRecursors, dnsRecursor)
-				}
-			}
-		}
-	} else {
-		log.Printf("[containerhandler] Failed to load /etc/resolv.conf")
-	}
-	if fallbackDNSRecursors != nil {
-		dnsRecursors = append(dnsRecursors, fallbackDNSRecursors...)
-	}
-	return dnsRecursors
-}
-
 func DetermineBootstrapPort() int {
 
 	portStr := os.Getenv("SALTBOOT_PORT")
diff --git a/saltboot/salt.go b/saltboot/salt.go
@@ -13,16 +13,21 @@ import (
 	"gopkg.in/yaml.v2"
 )
 
-type SaltServerSetupRequest struct {
-	Password string `json:"password,omitempty"`
-}
-
 type SaltActionRequest struct {
+	Master  SaltMaster   `json:"master,omitempty"`
 	Minions []SaltMinion `json:"minions,omitempty"`
-	Server  string       `json:"server,omitempty"`
 	Action  string       `json:"action"`
 }
 
+type SaltAuth struct {
+	Password string `json:"password,omitempty"`
+}
+
+type SaltMaster struct {
+	Address string     `json:"address"`
+	Auth    SaltAuth   `json:"auth,omitempty"`
+}
+
 type SaltMinion struct {
 	Address   string   `json:"address"`
 	Roles     []string `json:"roles,omitempty"`
@@ -40,6 +45,11 @@ func (saltMinion SaltMinion) AsByteArray() []byte {
 	return b
 }
 
+func (saltMaster SaltMaster) AsByteArray() []byte {
+	b, _ := json.Marshal(saltMaster)
+	return b
+}
+
 type GrainConfig struct {
 	HostGroup string   `json:"hostgroup" yaml:"hostgroup"`
 	Roles     []string `json:"roles" yaml:"roles"`
@@ -52,21 +62,22 @@ func (r SaltActionRequest) String() string {
 
 func (r SaltActionRequest) distributeAction(user string, pass string) (result []model.Response) {
 	log.Printf("[distributeAction] distribute salt state command to targets: %s", r.String())
+
 	var targets []string
-	var payloads []Payload
+	var minionPayload []Payload
 	for _, minion := range r.Minions {
 		targets = append(targets, minion.Address)
 		if minion.Server == "" {
-			minion.Server = r.Server
+			minion.Server = r.Master.Address
 		}
-		payloads = append(payloads, minion)
+		minionPayload = append(minionPayload, minion)
 	}
 
-	for res := range DistributePayload(targets, payloads, SaltMinionEp+"/"+r.Action, user, pass) {
+	for res := range DistributePayload(targets, minionPayload, SaltMinionEp + "/" + r.Action, user, pass) {
 		result = append(result, res)
 	}
-	if len(r.Server) > 0 {
-		result = append(result, <-Distribute([]string{r.Server}, nil, SaltServerEp+"/"+r.Action, user, pass))
+	if len(r.Master.Address) > 0 {
+		result = append(result, <-DistributePayload([]string{r.Master.Address}, []Payload{r.Master}, SaltServerEp + "/" + r.Action, user, pass))
 	}
 	return result
 }
@@ -135,11 +146,29 @@ func SaltMinionStopRequestHandler(w http.ResponseWriter, req *http.Request) {
 
 func SaltServerRunRequestHandler(w http.ResponseWriter, req *http.Request) {
 	log.Printf("[SaltServerRunRequestHandler] execute salt run request")
-	resp, err := LaunchService("salt-master")
+
+	decoder := json.NewDecoder(req.Body)
+	var saltMaster SaltMaster
+	err := decoder.Decode(&saltMaster)
+	if err != nil {
+		log.Printf("[SaltServerRunRequestHandler] [ERROR] couldn't decode json: %s", err)
+		model.Response{Status: err.Error()}.WriteBadRequestHttp(w)
+		return
+	}
+
+	resp, err := CreateUser(saltMaster)
+	resp.WriteHttp(w)
+	if err != nil {
+		return
+	}
+
+	resp, err = LaunchService("salt-master")
 	resp.WriteHttp(w)
+
 	if err != nil {
 		return
 	}
+
 	resp, _ = LaunchService("salt-api")
 	resp.WriteHttp(w)
 }
@@ -155,10 +184,6 @@ func SaltServerStopRequestHandler(w http.ResponseWriter, req *http.Request) {
 	resp.WriteHttp(w)
 }
 
-func SaltServerSetupRequestHandler(w http.ResponseWriter, req *http.Request) {
-
-}
-
 func (pillar SaltPillar) WritePillar() (outStr string, err error) {
 	file := "/srv/pillar" + pillar.Path
 	dir := file[0:strings.LastIndex(file, "/")]
diff --git a/saltboot/user.go b/saltboot/user.go
@@ -0,0 +1,63 @@
+package saltboot
+
+import (
+	"log"
+	"github.com/sequenceiq/salt-bootstrap/saltboot/model"
+	"github.com/kless/osutil/user/crypt/sha512_crypt"
+	"net/http"
+	"time"
+	"math/rand"
+)
+
+const SALT_USER = "saltuser"
+
+func init() {
+	rand.Seed(time.Now().UnixNano())
+}
+
+func randStringRunes(n int) string {
+	LETTER_RUNES := []rune("abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ")
+	b := make([]rune, n)
+	for i := range b {
+		b[i] = LETTER_RUNES[rand.Intn(len(LETTER_RUNES))]
+	}
+	return string(b)
+}
+
+func CreateUser(saltMaster SaltMaster) (resp model.Response, err error) {
+	log.Printf("[CreateUser] execute salt run request")
+
+	result := "OK"
+
+	//saltUser, _ := user.Lookup(SALT_USER) //requires cgo
+	_, err = ExecCmd("grep", SALT_USER, "/etc/passwd")
+
+	if err != nil {
+		log.Printf("[CreateUser] user: %s does not exsist and will be created", SALT_USER)
+
+		c := sha512_crypt.New()
+
+		// Password needs to be "salted" and must start with a magic prefix
+		salt := "$6$" + randStringRunes(20)
+
+		hash, err := c.Generate([]byte(saltMaster.Auth.Password), []byte(salt))
+		if err != nil {
+			return model.Response{ErrorText: err.Error(), StatusCode: http.StatusInternalServerError}, err
+		}
+		result, err = ExecCmd("adduser", "--password", hash, SALT_USER)
+
+		if err != nil {
+			return model.Response{ErrorText: err.Error(), StatusCode: http.StatusInternalServerError}, err
+		}
+		result, err = ExecCmd("usermod", "-G", "wheel", SALT_USER)
+		if err != nil {
+			return model.Response{ErrorText: err.Error(), StatusCode: http.StatusInternalServerError}, err
+		}
+	} else {
+		log.Printf("[CreateUser] user: %s exsist", SALT_USER)
+	}
+
+	resp = model.Response{Status: result, StatusCode: http.StatusOK}
+	return resp, nil
+
+}
diff --git a/saltboot/web.go b/saltboot/web.go
@@ -2,10 +2,8 @@ package saltboot
 
 import (
 	"fmt"
-	"io"
 	"log"
 	"net/http"
-	"os"
 
 	"github.com/gorilla/mux"
 )
@@ -22,7 +20,6 @@ const (
 	SaltMinionStopEP       = SaltMinionEp + "/stop"
 	SaltServerRunEP        = SaltServerEp + "/run"
 	SaltServerStopEP       = SaltServerEp + "/stop"
-	SaltServerSetupEP      = RootPath + "/salt/server/setup"
 	SaltPillarEP           = RootPath + "/salt/server/pillar"
 	HostnameDistributeEP   = RootPath + "/hostname/distribute"
 	HostnameEP             = RootPath + "/hostname"
@@ -31,13 +28,6 @@ const (
 
 func NewCloudbreakBootstrapWeb() {
 
-	logFile, err := os.OpenFile("/var/log/saltboot.log", os.O_APPEND|os.O_CREATE|os.O_RDWR, 0666)
-	if err != nil {
-		log.Printf("Error opening log file: %v", err)
-	}
-	defer logFile.Close()
-	log.SetOutput(io.MultiWriter(os.Stdout, logFile))
-
 	address := fmt.Sprintf(":%d", DetermineBootstrapPort())
 	username, password := DetermineAuthCredentials()
 
@@ -55,7 +45,6 @@ func NewCloudbreakBootstrapWeb() {
 	r.Handle(SaltMinionStopEP, authenticator.Wrap(SaltMinionStopRequestHandler)).Methods("POST")
 	r.Handle(SaltServerRunEP, authenticator.Wrap(SaltServerRunRequestHandler)).Methods("POST")
 	r.Handle(SaltServerStopEP, authenticator.Wrap(SaltServerStopRequestHandler)).Methods("POST")
-	r.Handle(SaltServerSetupEP, authenticator.Wrap(SaltServerSetupRequestHandler)).Methods("POST")
 	r.Handle(SaltPillarEP, authenticator.Wrap(SaltPillarRequestHandler)).Methods("POST")
 
 	r.Handle(HostnameDistributeEP, authenticator.Wrap(ClientHostnameDistributionHandler)).Methods("POST")
