2017-10-05 23:38:33 +02:00
from flask import Flask
from flask_restful import Resource , Api
2017-10-06 10:20:40 +02:00
from flask import jsonify
2018-10-23 21:12:37 +02:00
from flask import Response
2017-11-03 20:26:09 +01:00
from flask import request
2017-10-27 11:22:39 +02:00
from threading import Thread
[Docker API] Use TLS encryption for communication with "on-the-fly" created key paris (non-exposed)
[Docker API] Create pipe to pass Rspamd UI worker password
[Dovecot] Pull Spamassassin ruleset to be read by Rspamd (MANY THANKS to Peer Heinlein!)
[Dovecot] Garbage collector for deleted maildirs (set keep time via MAILDIR_GC_TIME which defaults to 1440 minutes)
[Web] Flush memcached after mailbox item changes, fixes #1808
[Web] Fix duplicate IDs, fixes #1792
[Compose] Use SQL sockets
[PHP-FPM] Update APCu and Redis libs
[Dovecot] Encrypt maildir with global key pair in crypt-vol-1 (BACKUP!), also fixes #1791
[Web] Fix deletion of spam aliases
[Helper] Add "crypt" to backup script
[Helper] Override file for external SQL socket (not supported!)
[Compose] New images for Rspamd, PHP-FPM, SOGo, Dovecot, Docker API, Watchdog, ACME, Postfix
2018-09-29 22:01:23 +02:00
from OpenSSL import crypto
2017-10-06 10:20:40 +02:00
import docker
[Docker API] Use TLS encryption for communication with "on-the-fly" created key paris (non-exposed)
[Docker API] Create pipe to pass Rspamd UI worker password
[Dovecot] Pull Spamassassin ruleset to be read by Rspamd (MANY THANKS to Peer Heinlein!)
[Dovecot] Garbage collector for deleted maildirs (set keep time via MAILDIR_GC_TIME which defaults to 1440 minutes)
[Web] Flush memcached after mailbox item changes, fixes #1808
[Web] Fix duplicate IDs, fixes #1792
[Compose] Use SQL sockets
[PHP-FPM] Update APCu and Redis libs
[Dovecot] Encrypt maildir with global key pair in crypt-vol-1 (BACKUP!), also fixes #1791
[Web] Fix deletion of spam aliases
[Helper] Add "crypt" to backup script
[Helper] Override file for external SQL socket (not supported!)
[Compose] New images for Rspamd, PHP-FPM, SOGo, Dovecot, Docker API, Watchdog, ACME, Postfix
2018-09-29 22:01:23 +02:00
import uuid
2017-10-27 11:22:39 +02:00
import signal
import time
2017-12-09 13:15:24 +01:00
import os
import re
import sys
[Docker API] Use TLS encryption for communication with "on-the-fly" created key paris (non-exposed)
[Docker API] Create pipe to pass Rspamd UI worker password
[Dovecot] Pull Spamassassin ruleset to be read by Rspamd (MANY THANKS to Peer Heinlein!)
[Dovecot] Garbage collector for deleted maildirs (set keep time via MAILDIR_GC_TIME which defaults to 1440 minutes)
[Web] Flush memcached after mailbox item changes, fixes #1808
[Web] Fix duplicate IDs, fixes #1792
[Compose] Use SQL sockets
[PHP-FPM] Update APCu and Redis libs
[Dovecot] Encrypt maildir with global key pair in crypt-vol-1 (BACKUP!), also fixes #1791
[Web] Fix deletion of spam aliases
[Helper] Add "crypt" to backup script
[Helper] Override file for external SQL socket (not supported!)
[Compose] New images for Rspamd, PHP-FPM, SOGo, Dovecot, Docker API, Watchdog, ACME, Postfix
2018-09-29 22:01:23 +02:00
import ssl
import socket
2017-10-05 23:38:33 +02:00
2017-12-01 23:41:37 +01:00
docker_client = docker . DockerClient ( base_url = ' unix://var/run/docker.sock ' , version = ' auto ' )
2017-10-05 23:38:33 +02:00
app = Flask ( __name__ )
api = Api ( app )
2017-10-06 10:20:40 +02:00
class containers_get ( Resource ) :
2017-10-27 11:22:39 +02:00
def get ( self ) :
containers = { }
2017-11-03 20:26:09 +01:00
try :
2017-12-11 09:43:01 +01:00
for container in docker_client . containers . list ( all = True ) :
2017-11-03 20:26:09 +01:00
containers . update ( { container . attrs [ ' Id ' ] : container . attrs } )
return containers
except Exception as e :
2018-02-01 13:38:42 +01:00
return jsonify ( type = ' danger ' , msg = str ( e ) )
2017-10-05 23:38:33 +02:00
2017-10-06 10:20:40 +02:00
class container_get ( Resource ) :
2017-10-27 11:22:39 +02:00
def get ( self , container_id ) :
if container_id and container_id . isalnum ( ) :
2017-11-03 20:26:09 +01:00
try :
2017-12-11 09:43:01 +01:00
for container in docker_client . containers . list ( all = True , filters = { " id " : container_id } ) :
2017-11-03 20:26:09 +01:00
return container . attrs
except Exception as e :
2018-02-01 13:38:42 +01:00
return jsonify ( type = ' danger ' , msg = str ( e ) )
2017-10-27 11:22:39 +02:00
else :
2017-11-03 20:26:09 +01:00
return jsonify ( type = ' danger ' , msg = ' no or invalid id defined ' )
2017-10-05 23:38:33 +02:00
2017-10-06 10:20:40 +02:00
class container_post ( Resource ) :
2017-10-27 11:22:39 +02:00
def post ( self , container_id , post_action ) :
if container_id and container_id . isalnum ( ) and post_action :
if post_action == ' stop ' :
try :
2017-12-11 09:43:01 +01:00
for container in docker_client . containers . list ( all = True , filters = { " id " : container_id } ) :
2017-10-27 11:22:39 +02:00
container . stop ( )
2017-11-03 20:26:09 +01:00
return jsonify ( type = ' success ' , msg = ' command completed successfully ' )
except Exception as e :
2018-02-01 13:38:42 +01:00
return jsonify ( type = ' danger ' , msg = str ( e ) )
2017-11-03 20:26:09 +01:00
2017-10-27 11:22:39 +02:00
elif post_action == ' start ' :
try :
2017-12-11 09:43:01 +01:00
for container in docker_client . containers . list ( all = True , filters = { " id " : container_id } ) :
2017-10-27 11:22:39 +02:00
container . start ( )
2017-11-03 20:26:09 +01:00
return jsonify ( type = ' success ' , msg = ' command completed successfully ' )
except Exception as e :
2018-02-01 13:38:42 +01:00
return jsonify ( type = ' danger ' , msg = str ( e ) )
2017-11-03 20:26:09 +01:00
2017-10-27 11:22:39 +02:00
elif post_action == ' restart ' :
try :
2017-12-11 09:43:01 +01:00
for container in docker_client . containers . list ( all = True , filters = { " id " : container_id } ) :
2017-10-27 11:22:39 +02:00
container . restart ( )
2017-11-03 20:26:09 +01:00
return jsonify ( type = ' success ' , msg = ' command completed successfully ' )
except Exception as e :
2018-02-01 13:38:42 +01:00
return jsonify ( type = ' danger ' , msg = str ( e ) )
2017-11-03 20:26:09 +01:00
2018-10-27 13:25:18 +02:00
elif post_action == ' top ' :
try :
for container in docker_client . containers . list ( all = True , filters = { " id " : container_id } ) :
return jsonify ( type = ' success ' , msg = container . top ( ) )
except Exception as e :
return jsonify ( type = ' danger ' , msg = str ( e ) )
elif post_action == ' stats ' :
try :
for container in docker_client . containers . list ( all = True , filters = { " id " : container_id } ) :
return jsonify ( type = ' success ' , msg = container . stats ( decode = True , stream = False ) )
except Exception as e :
return jsonify ( type = ' danger ' , msg = str ( e ) )
2017-11-03 20:26:09 +01:00
elif post_action == ' exec ' :
if not request . json or not ' cmd ' in request . json :
return jsonify ( type = ' danger ' , msg = ' cmd is missing ' )
2018-10-23 21:12:37 +02:00
if request . json [ ' cmd ' ] == ' mailq ' :
if ' items ' in request . json :
r = re . compile ( " ^[0-9a-fA-F]+$ " )
filtered_qids = filter ( r . match , request . json [ ' items ' ] )
if filtered_qids :
if request . json [ ' task ' ] == ' delete ' :
flagged_qids = [ ' -d %s ' % i for i in filtered_qids ]
sanitized_string = str ( ' ' . join ( flagged_qids ) ) ;
try :
for container in docker_client . containers . list ( filters = { " id " : container_id } ) :
postsuper_r = container . exec_run ( [ " /bin/bash " , " -c " , " /usr/sbin/postsuper " + sanitized_string ] )
2018-10-25 22:34:31 +02:00
return exec_run_handler ( ' generic ' , postsuper_r )
2018-10-23 21:12:37 +02:00
except Exception as e :
return jsonify ( type = ' danger ' , msg = str ( e ) )
if request . json [ ' task ' ] == ' hold ' :
flagged_qids = [ ' -h %s ' % i for i in filtered_qids ]
sanitized_string = str ( ' ' . join ( flagged_qids ) ) ;
try :
for container in docker_client . containers . list ( filters = { " id " : container_id } ) :
postsuper_r = container . exec_run ( [ " /bin/bash " , " -c " , " /usr/sbin/postsuper " + sanitized_string ] )
2018-10-25 22:34:31 +02:00
return exec_run_handler ( ' generic ' , postsuper_r )
2018-10-23 21:12:37 +02:00
except Exception as e :
return jsonify ( type = ' danger ' , msg = str ( e ) )
if request . json [ ' task ' ] == ' unhold ' :
flagged_qids = [ ' -H %s ' % i for i in filtered_qids ]
sanitized_string = str ( ' ' . join ( flagged_qids ) ) ;
try :
for container in docker_client . containers . list ( filters = { " id " : container_id } ) :
postsuper_r = container . exec_run ( [ " /bin/bash " , " -c " , " /usr/sbin/postsuper " + sanitized_string ] )
2018-10-25 22:34:31 +02:00
return exec_run_handler ( ' generic ' , postsuper_r )
2018-10-23 21:12:37 +02:00
except Exception as e :
return jsonify ( type = ' danger ' , msg = str ( e ) )
if request . json [ ' task ' ] == ' deliver ' :
flagged_qids = [ ' -i %s ' % i for i in filtered_qids ]
try :
for container in docker_client . containers . list ( filters = { " id " : container_id } ) :
for i in flagged_qids :
postqueue_r = container . exec_run ( [ " /bin/bash " , " -c " , " /usr/sbin/postqueue " + i ] , user = ' postfix ' )
# todo: check each exit code
return jsonify ( type = ' success ' , msg = str ( " Scheduled immediate delivery " ) )
except Exception as e :
return jsonify ( type = ' danger ' , msg = str ( e ) )
elif request . json [ ' task ' ] == ' list ' :
try :
for container in docker_client . containers . list ( filters = { " id " : container_id } ) :
mailq_return = container . exec_run ( [ " /usr/sbin/postqueue " , " -j " ] , user = ' postfix ' )
2018-10-25 22:34:31 +02:00
return exec_run_handler ( ' utf8_text_only ' , mailq_return )
2018-10-23 21:12:37 +02:00
except Exception as e :
return jsonify ( type = ' danger ' , msg = str ( e ) )
elif request . json [ ' task ' ] == ' flush ' :
try :
for container in docker_client . containers . list ( filters = { " id " : container_id } ) :
postqueue_r = container . exec_run ( [ " /usr/sbin/postqueue " , " -f " ] , user = ' postfix ' )
2018-10-25 22:34:31 +02:00
return exec_run_handler ( ' generic ' , postqueue_r )
2018-10-23 21:12:37 +02:00
except Exception as e :
return jsonify ( type = ' danger ' , msg = str ( e ) )
elif request . json [ ' task ' ] == ' super_delete ' :
try :
for container in docker_client . containers . list ( filters = { " id " : container_id } ) :
postsuper_r = container . exec_run ( [ " /usr/sbin/postsuper " , " -d " , " ALL " ] )
2018-10-25 22:34:31 +02:00
return exec_run_handler ( ' generic ' , postsuper_r )
2018-10-23 21:12:37 +02:00
except Exception as e :
return jsonify ( type = ' danger ' , msg = str ( e ) )
elif request . json [ ' cmd ' ] == ' system ' :
if request . json [ ' task ' ] == ' df ' :
if ' dir ' in request . json :
try :
for container in docker_client . containers . list ( filters = { " id " : container_id } ) :
2018-10-25 22:34:31 +02:00
df_return = container . exec_run ( [ " /bin/bash " , " -c " , " /bin/df -H ' " + request . json [ ' dir ' ] . replace ( " ' " , " ' \\ ' ' " ) + " ' | /usr/bin/tail -n1 | /usr/bin/tr -s [:blank:] | /usr/bin/tr ' ' ' , ' " ] , user = ' nobody ' )
2018-10-23 21:12:37 +02:00
if df_return . exit_code == 0 :
return df_return . output . rstrip ( )
else :
return " 0,0,0,0,0,0 "
except Exception as e :
return jsonify ( type = ' danger ' , msg = str ( e ) )
2018-12-10 13:24:07 +01:00
elif request . json [ ' task ' ] == ' mysql_upgrade ' :
try :
for container in docker_client . containers . list ( filters = { " id " : container_id } ) :
sql_shell = container . exec_run ( [ " /bin/bash " ] , stdin = True , socket = True , user = ' mysql ' )
upgrade_cmd = " /usr/bin/mysql_upgrade -uroot -p ' " + os . environ [ ' DBROOT ' ] . replace ( " ' " , " ' \\ ' ' " ) + " ' \n "
sql_socket = sql_shell . output ;
try :
sql_socket . sendall ( upgrade_cmd . encode ( ' utf-8 ' ) )
sql_socket . shutdown ( socket . SHUT_WR )
except socket . error :
return jsonify ( type = ' danger ' , msg = str ( ' socket error ' ) )
worker_response = recv_socket_data ( sql_socket )
matched = False
for line in worker_response . split ( " \n " ) :
if ' is already upgraded to ' in line :
matched = True
if matched :
return jsonify ( type = ' success ' , msg = ' mysql_upgrade: already upgraded ' )
else :
container . restart ( )
return jsonify ( type = ' warning ' , msg = ' mysql_upgrade: upgrade was applied ' )
except Exception as e :
return jsonify ( type = ' danger ' , msg = str ( e ) )
2018-10-23 21:12:37 +02:00
2018-10-24 20:14:59 +02:00
elif request . json [ ' cmd ' ] == ' reload ' :
if request . json [ ' task ' ] == ' dovecot ' :
try :
for container in docker_client . containers . list ( filters = { " id " : container_id } ) :
reload_return = container . exec_run ( [ " /bin/bash " , " -c " , " /usr/local/sbin/dovecot reload " ] )
2018-10-25 22:34:31 +02:00
return exec_run_handler ( ' generic ' , reload_return )
2018-10-24 20:14:59 +02:00
except Exception as e :
return jsonify ( type = ' danger ' , msg = str ( e ) )
if request . json [ ' task ' ] == ' postfix ' :
try :
for container in docker_client . containers . list ( filters = { " id " : container_id } ) :
reload_return = container . exec_run ( [ " /bin/bash " , " -c " , " /usr/sbin/postfix reload " ] )
2018-10-25 22:34:31 +02:00
return exec_run_handler ( ' generic ' , reload_return )
2018-10-24 20:14:59 +02:00
except Exception as e :
return jsonify ( type = ' danger ' , msg = str ( e ) )
if request . json [ ' task ' ] == ' nginx ' :
try :
for container in docker_client . containers . list ( filters = { " id " : container_id } ) :
reload_return = container . exec_run ( [ " /bin/sh " , " -c " , " /usr/sbin/nginx -s reload " ] )
2018-10-25 22:34:31 +02:00
return exec_run_handler ( ' generic ' , reload_return )
2018-10-24 20:14:59 +02:00
except Exception as e :
return jsonify ( type = ' danger ' , msg = str ( e ) )
2018-10-23 21:12:37 +02:00
elif request . json [ ' cmd ' ] == ' sieve ' :
if request . json [ ' task ' ] == ' list ' :
if ' username ' in request . json :
try :
for container in docker_client . containers . list ( filters = { " id " : container_id } ) :
sieve_return = container . exec_run ( [ " /bin/bash " , " -c " , " /usr/local/bin/doveadm sieve list -u ' " + request . json [ ' username ' ] . replace ( " ' " , " ' \\ ' ' " ) + " ' " ] )
2018-10-25 22:34:31 +02:00
return exec_run_handler ( ' utf8_text_only ' , sieve_return )
2018-10-23 21:12:37 +02:00
except Exception as e :
return jsonify ( type = ' danger ' , msg = str ( e ) )
elif request . json [ ' task ' ] == ' print ' :
if ' username ' in request . json and ' script_name ' in request . json :
try :
for container in docker_client . containers . list ( filters = { " id " : container_id } ) :
sieve_return = container . exec_run ( [ " /bin/bash " , " -c " , " /usr/local/bin/doveadm sieve get -u ' " + request . json [ ' username ' ] . replace ( " ' " , " ' \\ ' ' " ) + " ' ' " + request . json [ ' script_name ' ] . replace ( " ' " , " ' \\ ' ' " ) + " ' " ] )
2018-10-25 22:34:31 +02:00
return exec_run_handler ( ' utf8_text_only ' , sieve_return )
2018-10-23 21:12:37 +02:00
except Exception as e :
return jsonify ( type = ' danger ' , msg = str ( e ) )
elif request . json [ ' cmd ' ] == ' maildir ' :
if request . json [ ' task ' ] == ' cleanup ' :
if ' maildir ' in request . json :
try :
for container in docker_client . containers . list ( filters = { " id " : container_id } ) :
sane_name = re . sub ( r ' \ W+ ' , ' ' , request . json [ ' maildir ' ] )
maildir_cleanup = container . exec_run ( [ " /bin/bash " , " -c " , " if [[ -d ' /var/vmail/ " + request . json [ ' maildir ' ] . replace ( " ' " , " ' \\ ' ' " ) + " ' ]]; then /bin/mv ' /var/vmail/ " + request . json [ ' maildir ' ] . replace ( " ' " , " ' \\ ' ' " ) + " ' ' /var/vmail/_garbage/ " + str ( int ( time . time ( ) ) ) + " _ " + sane_name + " ' ; fi " ] , user = ' vmail ' )
2018-10-25 22:34:31 +02:00
return exec_run_handler ( ' generic ' , maildir_cleanup )
2018-10-23 21:12:37 +02:00
except Exception as e :
return jsonify ( type = ' danger ' , msg = str ( e ) )
elif request . json [ ' cmd ' ] == ' rspamd ' :
if request . json [ ' task ' ] == ' worker_password ' :
if ' raw ' in request . json :
try :
for container in docker_client . containers . list ( filters = { " id " : container_id } ) :
worker_shell = container . exec_run ( [ " /bin/bash " ] , stdin = True , socket = True , user = ' _rspamd ' )
worker_cmd = " /usr/bin/rspamadm pw -e -p ' " + request . json [ ' raw ' ] . replace ( " ' " , " ' \\ ' ' " ) + " ' 2> /dev/null \n "
worker_socket = worker_shell . output ;
try :
worker_socket . sendall ( worker_cmd . encode ( ' utf-8 ' ) )
worker_socket . shutdown ( socket . SHUT_WR )
except socket . error :
return jsonify ( type = ' danger ' , msg = str ( ' socket error ' ) )
worker_response = recv_socket_data ( worker_socket )
matched = False
for line in worker_response . split ( " \n " ) :
if ' $2$ ' in line :
matched = True
hash = line . strip ( )
hash_out = re . search ( ' \ $2 \ $.+$ ' , hash ) . group ( 0 )
f = open ( " /access.inc " , " w " )
f . write ( ' enable_password = " ' + re . sub ( ' [^0-9a-zA-Z \ $]+ ' , ' ' , hash_out . rstrip ( ) ) + ' " ; \n ' )
f . close ( )
container . restart ( )
if matched :
return jsonify ( type = ' success ' , msg = ' command completed successfully ' )
else :
return jsonify ( type = ' danger ' , msg = ' command did not complete ' )
except Exception as e :
return jsonify ( type = ' danger ' , msg = str ( e ) )
2017-12-09 13:15:24 +01:00
2017-10-05 23:38:33 +02:00
else :
2017-11-03 20:26:09 +01:00
return jsonify ( type = ' danger ' , msg = ' Unknown command ' )
2017-10-27 11:22:39 +02:00
else :
2017-11-03 20:26:09 +01:00
return jsonify ( type = ' danger ' , msg = ' invalid action ' )
2017-10-27 11:22:39 +02:00
else :
2017-11-03 20:26:09 +01:00
return jsonify ( type = ' danger ' , msg = ' invalid container id or missing action ' )
2017-10-27 11:22:39 +02:00
class GracefulKiller :
kill_now = False
def __init__ ( self ) :
signal . signal ( signal . SIGINT , self . exit_gracefully )
signal . signal ( signal . SIGTERM , self . exit_gracefully )
[Docker API] Use TLS encryption for communication with "on-the-fly" created key paris (non-exposed)
[Docker API] Create pipe to pass Rspamd UI worker password
[Dovecot] Pull Spamassassin ruleset to be read by Rspamd (MANY THANKS to Peer Heinlein!)
[Dovecot] Garbage collector for deleted maildirs (set keep time via MAILDIR_GC_TIME which defaults to 1440 minutes)
[Web] Flush memcached after mailbox item changes, fixes #1808
[Web] Fix duplicate IDs, fixes #1792
[Compose] Use SQL sockets
[PHP-FPM] Update APCu and Redis libs
[Dovecot] Encrypt maildir with global key pair in crypt-vol-1 (BACKUP!), also fixes #1791
[Web] Fix deletion of spam aliases
[Helper] Add "crypt" to backup script
[Helper] Override file for external SQL socket (not supported!)
[Compose] New images for Rspamd, PHP-FPM, SOGo, Dovecot, Docker API, Watchdog, ACME, Postfix
2018-09-29 22:01:23 +02:00
def exit_gracefully ( self , signum , frame ) :
2017-10-27 11:22:39 +02:00
self . kill_now = True
def startFlaskAPI ( ) :
[Docker API] Use TLS encryption for communication with "on-the-fly" created key paris (non-exposed)
[Docker API] Create pipe to pass Rspamd UI worker password
[Dovecot] Pull Spamassassin ruleset to be read by Rspamd (MANY THANKS to Peer Heinlein!)
[Dovecot] Garbage collector for deleted maildirs (set keep time via MAILDIR_GC_TIME which defaults to 1440 minutes)
[Web] Flush memcached after mailbox item changes, fixes #1808
[Web] Fix duplicate IDs, fixes #1792
[Compose] Use SQL sockets
[PHP-FPM] Update APCu and Redis libs
[Dovecot] Encrypt maildir with global key pair in crypt-vol-1 (BACKUP!), also fixes #1791
[Web] Fix deletion of spam aliases
[Helper] Add "crypt" to backup script
[Helper] Override file for external SQL socket (not supported!)
[Compose] New images for Rspamd, PHP-FPM, SOGo, Dovecot, Docker API, Watchdog, ACME, Postfix
2018-09-29 22:01:23 +02:00
create_self_signed_cert ( )
try :
ctx = ssl . create_default_context ( ssl . Purpose . CLIENT_AUTH )
ctx . check_hostname = False
ctx . load_cert_chain ( certfile = ' /cert.pem ' , keyfile = ' /key.pem ' )
except :
print " Cannot initialize TLS, retrying in 5s... "
time . sleep ( 5 )
app . run ( debug = False , host = ' 0.0.0.0 ' , port = 443 , threaded = True , ssl_context = ctx )
def recv_socket_data ( c_socket , timeout = 10 ) :
c_socket . setblocking ( 0 )
total_data = [ ] ;
data = ' ' ;
begin = time . time ( )
while True :
if total_data and time . time ( ) - begin > timeout :
break
elif time . time ( ) - begin > timeout * 2 :
break
try :
data = c_socket . recv ( 8192 )
if data :
total_data . append ( data )
#change the beginning time for measurement
begin = time . time ( )
else :
#sleep for sometime to indicate a gap
time . sleep ( 0.1 )
break
except :
pass
return ' ' . join ( total_data )
2018-10-25 22:34:31 +02:00
def exec_run_handler ( type , output ) :
if type == ' generic ' :
if output . exit_code == 0 :
return jsonify ( type = ' success ' , msg = ' command completed successfully ' )
else :
return jsonify ( type = ' danger ' , msg = ' command failed: ' + output . output )
if type == ' utf8_text_only ' :
r = Response ( response = output . output , status = 200 , mimetype = " text/plain " )
r . headers [ " Content-Type " ] = " text/plain; charset=utf-8 "
return r
[Docker API] Use TLS encryption for communication with "on-the-fly" created key paris (non-exposed)
[Docker API] Create pipe to pass Rspamd UI worker password
[Dovecot] Pull Spamassassin ruleset to be read by Rspamd (MANY THANKS to Peer Heinlein!)
[Dovecot] Garbage collector for deleted maildirs (set keep time via MAILDIR_GC_TIME which defaults to 1440 minutes)
[Web] Flush memcached after mailbox item changes, fixes #1808
[Web] Fix duplicate IDs, fixes #1792
[Compose] Use SQL sockets
[PHP-FPM] Update APCu and Redis libs
[Dovecot] Encrypt maildir with global key pair in crypt-vol-1 (BACKUP!), also fixes #1791
[Web] Fix deletion of spam aliases
[Helper] Add "crypt" to backup script
[Helper] Override file for external SQL socket (not supported!)
[Compose] New images for Rspamd, PHP-FPM, SOGo, Dovecot, Docker API, Watchdog, ACME, Postfix
2018-09-29 22:01:23 +02:00
def create_self_signed_cert ( ) :
2018-10-25 22:34:31 +02:00
success = False
while not success :
try :
pkey = crypto . PKey ( )
pkey . generate_key ( crypto . TYPE_RSA , 2048 )
cert = crypto . X509 ( )
cert . get_subject ( ) . O = " mailcow "
cert . get_subject ( ) . CN = " dockerapi "
cert . set_serial_number ( int ( uuid . uuid4 ( ) ) )
cert . gmtime_adj_notBefore ( 0 )
cert . gmtime_adj_notAfter ( 10 * 365 * 24 * 60 * 60 )
cert . set_issuer ( cert . get_subject ( ) )
cert . set_pubkey ( pkey )
cert . sign ( pkey , ' sha512 ' )
cert = crypto . dump_certificate ( crypto . FILETYPE_PEM , cert )
pkey = crypto . dump_privatekey ( crypto . FILETYPE_PEM , pkey )
with os . fdopen ( os . open ( ' /cert.pem ' , os . O_WRONLY | os . O_CREAT , 0o644 ) , ' w ' ) as handle :
handle . write ( cert )
with os . fdopen ( os . open ( ' /key.pem ' , os . O_WRONLY | os . O_CREAT , 0o600 ) , ' w ' ) as handle :
handle . write ( pkey )
success = True
except :
time . sleep ( 1 )
try :
os . remove ( ' /cert.pem ' )
os . remove ( ' /key.pem ' )
except OSError :
pass
2017-10-05 23:38:33 +02:00
2017-10-06 10:20:40 +02:00
api . add_resource ( containers_get , ' /containers/json ' )
api . add_resource ( container_get , ' /containers/<string:container_id>/json ' )
api . add_resource ( container_post , ' /containers/<string:container_id>/<string:post_action> ' )
2017-10-05 23:38:33 +02:00
if __name__ == ' __main__ ' :
2017-10-27 11:22:39 +02:00
api_thread = Thread ( target = startFlaskAPI )
api_thread . daemon = True
api_thread . start ( )
killer = GracefulKiller ( )
while True :
time . sleep ( 1 )
if killer . kill_now :
break
print " Stopping dockerapi-mailcow "
2017-12-11 09:43:01 +01:00