initial commit

.gitignore

@@ -0,0 +1,11 @@
+.ropeproject
+*~
+semantic.cache
+*.pyc
+*.pyo
+deploy/openmanage*
+docs/_build*
+*.key*
+*.crt*
+*.csr*
+*.tar.bz2

bin/backup_omva.sh

@@ -0,0 +1,25 @@
+#!/bin/bash
+
+# Backup script for the OpenManage Virtual Appliance.
+# Today: Generates a tarball with the important-to-backup data.
+# Tomorrow: This will eventually send the tarball automatically for secure offsite backup.
+
+. /etc/default/openmanage
+
+backup_workspace=$HOME/omva-backup
+backup_date=`date -u +%Y%m%d_%H%M`
+# Stage one: prepare the destination
+mkdir -p $backup_workspace
+
+# Stage two: Collect the trivial stuff.
+cp $OPENMANAGE_CONFIGDIR/agent_config.json $backup_workspace
+cp -r $SPIDEROAK_ESCROW_KEYS_PATH $backup_workspace
+cp -r $SPIDEROAK_ESCROW_LAYERS_PATH $backup_workspace
+
+# Stage three: collect the DB contents.
+su postgres -c "pg_dump openmanage" > $backup_workspace/db_dump.sql
+
+pushd $HOME
+tar czf $HOME/omva-backup-$backup_date.tar.gz ./omva-backup
+rm -r $backup_workspace
+popd

bin/directory_agent_main.py

@@ -0,0 +1,132 @@
+#!/usr/bin/env python
+
+'''
+directory_agent_main.py
+
+Directory Agent main program.
+
+(c) 2011 SpiderOak, Inc.
+'''
+import fcntl
+import json
+import logging
+from optparse import OptionParser, OptionGroup
+import os
+import psycopg2
+import sys
+
+from common import DATA_DIR, read_config_file, merge_config, set_config
+from account_mgr.user_source import group_manager
+
+class StartupException(Exception):
+    pass
+
+def _initialize_logging():
+    handler = logging.FileHandler("%s/directory_agent" %
+                                  (os.environ['OPENMANAGE_LOGS'],))
+    formatter = logging.Formatter(
+        '%(asctime)s %(levelname)-8s %(name)-20s: %(message)s')
+    handler.setFormatter(formatter)
+    logging.root.addHandler(handler)
+    logging.root.setLevel(logging.DEBUG)
+
+def parse_cmdline():
+    parser = OptionParser()
+
+    parser.add_option("--config", dest="config_file", default=None,
+                      help="The location of the JSON configuration file.",
+                      metavar="FILE")
+    parser.add_option("--dir-uri", dest="dir_uri", 
+                      help="The LDAP URI to the directory.",
+                      metavar="URI")
+    parser.add_option("--dir-base-dn", dest="dir_base_dn", 
+                      help="The LDAP base DN to use for searches.",
+                      metavar="DN")
+    parser.add_option("--dir-user", dest="dir_user", 
+                      help="The user to bind to LDAP as.",
+                      metavar="USER")
+    parser.add_option("--api-root", dest="api_root", 
+                      help="API Root for SpiderOak.",
+                      metavar="API_ROOT")
+    parser.add_option("--api-code", dest="promo_code",
+                      help="Promo code for SpiderOak plans.",
+                      metavar="API_CODE")
+
+    dangerous = OptionGroup(parser, "Dangerous Repair Commands",
+                            "These commands should only be used to repair a broken instance, and should never be used normally.  Refer to documentation!")
+    dangerous.add_option("--rebuild-db", dest="rebuild_database", default=False,
+                      action="store_true",
+                      help="Rebuild the local user DB.")
+    parser.add_option_group(dangerous)
+    options, _ = parser.parse_args()
+
+    # Prune it up a bit and return it as a dict.
+    optdict = vars(options)
+    for key in optdict.keys():
+        if optdict[key] is None:
+            del optdict[key]
+
+    return optdict
+
+def process_config():
+    cmdline_opts = parse_cmdline()
+
+    config = read_config_file(cmdline_opts.get('config_file', None))
+    config = merge_config(config, cmdline_opts)
+
+    if 'groups' not in config:
+        raise StartupException("Lacking an LDAP mapping group in the config file.  Check your docs!")
+
+    log = logging.getLogger('process_config')
+    log.debug('%s' % config['api_root'])
+    return config
+
+def get_lock():
+    lockfile = open(os.path.join("%s/lock" % (DATA_DIR,)), 'w')
+    fcntl.flock(lockfile, fcntl.LOCK_EX | fcntl.LOCK_NB)
+    return lockfile
+
+def release_lock(lockfile):
+    if lockfile is not None:
+        fcntl.flock(lockfile, fcntl.LOCK_UN)
+        lockfile.close()
+
+
+def main():
+    _initialize_logging()
+    # Read our configuration, and process errors from it.
+    log = logging.getLogger('main')
+    try:
+        config = process_config()
+    except (IOError, ValueError,):
+        return '''Cannot find, open, or understand your config file.  Lacking options 
+otherwise, it should be at:
+
+/home/openmanage/openmanage/conf/agent_config.json
+
+Run %s -h for help.''' % (sys.argv[0],)
+    except StartupException as e:
+        return str(e)
+
+    set_config(config)
+    lockfile = get_lock()
+    # Moving along, open the database
+    db_conn = psycopg2.connect(database=config['db_db'],
+                               user=config['db_user'],
+                               password=config['db_pass'],
+                               host=config['db_host'])
+
+    if config['rebuild_database']:
+        log.info("DB repair requested, beginning rebuild")
+        group_manager.run_db_repair(config, db_conn)
+        log.info("DB repair complete")
+
+
+    log.info("LDAP -> SpiderOak sync starting")
+    group_manager.run_group_management(config, db_conn)
+
+    release_lock(lockfile)
+    return 0
+
+if __name__ == "__main__":
+    sys.exit(main())

bin/finish_setup.sh

@@ -0,0 +1,22 @@
+#!/bin/bash
+# Openmanage service finalization script.
+# Running this will start your services, so make sure you're configured!
+# (c) 2011 SpiderOak, Inc.
+
+. /etc/default/openmanage
+
+if [ -e $OPENMANAGE_ROOT/netkes/account_mgr/user_source ]; then
+    sudo ln -s $OPENMANAGE_ROOT/bin/run_openmanage.sh /etc/cron.hourly/run_openmanage || exit 1
+fi
+
+sudo mkdir -p /etc/service/openmanage/supervise
+sudo ln -s $OPENMANAGE_ROOT/etc/service/openmanage/run /etc/service/openmanage/run
+sudo sv start openmanage
+
+if [ -e $OPENMANAGE_ROOT/netkes/account_mgr/user_source/ldap_source.py ]; then
+    echo "Now we're going to start the initial LDAP->SpiderOak account sync.
+This may take a while.
+"
+    sudo $OPENMANAGE_ROOT/bin/run_openmanage.sh
+fi
+

bin/first_setup.sh

@@ -0,0 +1,22 @@
+#!/bin/bash
+
+if [ -e ~/.ran_firstlogin ]; then
+    exit 0
+fi
+
+. /etc/default/openmanage
+
+sudo dpkg-reconfigure tzdata
+
+touch ~/.ran_firstlogin
+
+echo "PATH=$OPENMANAGE_ROOT/bin:\$PATH" >> ~/.bashrc
+
+echo "Great, all done!
+
+To setup the directory agent, please configure your settings, and then run
+'finish_setup.sh' to start services.
+
+Please see the documentation for more detail.
+
+"

bin/make_keys.sh

@@ -0,0 +1,6 @@
+#!/bin/bash
+
+. /etc/default/openmanage
+
+python $OPENMANAGE_ROOT/netkes/key_escrow/admin.py create_base
+python $OPENMANAGE_ROOT/netkes/key_escrow/admin.py setup_brand $1