From a22e4a89a06bda681ba329bf73e05a7d9196efe3 Mon Sep 17 00:00:00 2001 From: Corentin LABBE Date: Mon, 4 Jun 2018 15:02:00 +0200 Subject: Permit to access LAVA webadmin via https This patch permits to access LAVA webadmin via HTTPS. Resolve SPEC-1493 --- README.md | 1 + lava-master/settings.conf | 16 ---------------- lavalab-gen.py | 31 +++++++++++++++++++++++++++++++ 3 files changed, 32 insertions(+), 16 deletions(-) delete mode 100644 lava-master/settings.conf diff --git a/README.md b/README.md index 5580f06..2ea9773 100644 --- a/README.md +++ b/README.md @@ -214,6 +214,7 @@ This file describe how the DUTs are connected and powered. masters: - name: lava-master name of the master host: name name of the host running lava-master (default to "local") + webadmin_https: Does the LAVA webadmin is accessed via https users: - name: LAVA username token: The token of this user diff --git a/lava-master/settings.conf b/lava-master/settings.conf deleted file mode 100644 index c809e2c..0000000 --- a/lava-master/settings.conf +++ /dev/null @@ -1,16 +0,0 @@ -{ - "DEBUG": false, - "STATICFILES_DIRS": [ - ["lava-server", "/usr/share/pyshared/lava_server/htdocs/"] - ], - "MEDIA_ROOT": "/var/lib/lava-server/default/media", - "ARCHIVE_ROOT": "/var/lib/lava-server/default/archive", - "STATIC_ROOT": "/usr/share/lava-server/static", - "STATIC_URL": "/static/", - "MOUNT_POINT": "/", - "HTTPS_XML_RPC": false, - "LOGIN_URL": "/accounts/login/", - "LOGIN_REDIRECT_URL": "/", - "CSRF_COOKIE_SECURE": false, - "SESSION_COOKIE_SECURE": false -} diff --git a/lavalab-gen.py b/lavalab-gen.py index 7645d08..13677c8 100755 --- a/lavalab-gen.py +++ b/lavalab-gen.py @@ -43,6 +43,25 @@ template_udev_devpath = string.Template("""# SUBSYSTEM=="tty", ATTRS{idVendor}=="${idvendor}", ATTRS{idProduct}=="${idproduct}", ATTRS{devpath}=="${devpath}", MODE="0664", OWNER="uucp", SYMLINK+="${board}" """) +template_settings_conf = string.Template(""" +{ + "DEBUG": false, + "STATICFILES_DIRS": [ + ["lava-server", "/usr/share/pyshared/lava_server/htdocs/"] + ], + "MEDIA_ROOT": "/var/lib/lava-server/default/media", + "ARCHIVE_ROOT": "/var/lib/lava-server/default/archive", + "STATIC_ROOT": "/usr/share/lava-server/static", + "STATIC_URL": "/static/", + "MOUNT_POINT": "/", + "HTTPS_XML_RPC": false, + "LOGIN_URL": "/accounts/login/", + "LOGIN_REDIRECT_URL": "/", + "CSRF_COOKIE_SECURE": $cookie_secure, + "SESSION_COOKIE_SECURE": $session_cookie_secure +} +""") + def main(): fp = open(boards_yaml, "r") workers = yaml.load(fp) @@ -83,6 +102,18 @@ def main(): userdir = "%s/users" % workerdir os.mkdir(userdir) worker = master + webadmin_https = False + if "webadmin_https" in worker: + webadmin_https = worker["webadmin_https"] + if webadmin_https: + cookie_secure = "true" + session_cookie_secure = "true" + else: + cookie_secure = "false" + session_cookie_secure = "false" + fsettings = open("%s/settings.conf" % workerdir, 'w') + fsettings.write(template_settings_conf.substitute(cookie_secure=cookie_secure, session_cookie_secure=session_cookie_secure)) + fsettings.close() if "users" in worker: for user in worker["users"]: username = user["name"] -- cgit 1.2.3-korg