Commit 577a6af7 authored by Iliya Manolov's avatar Iliya Manolov

Added password monitoring for the jupyter service and it now randomly...

Added password monitoring for the jupyter service and it now randomly generates a password when one does not exist.
parent 3d31bf86
[buildout] [buildout]
parts = parts =
instance instance
ipython_notebook
read-knowledge0
publish-connection-parameter publish-connection-parameter
erp5-kernel erp5-kernel
kernel-json kernel-json
custom-js custom-js
monitor-base
extends =
{{ monitor_template_rendered }}/template-monitor.cfg
eggs-directory = {{ eggs_directory }} eggs-directory = {{ eggs_directory }}
...@@ -94,6 +99,26 @@ ipython_dir = ${:home}/ipython ...@@ -94,6 +99,26 @@ ipython_dir = ${:home}/ipython
ipython_kernel_dir = ${:ipython_dir}/kernels ipython_kernel_dir = ${:ipython_dir}/kernels
erp5_kernel_dir = ${:ipython_kernel_dir}/ERP5 erp5_kernel_dir = ${:ipython_kernel_dir}/ERP5
[ipython_notebook]
# This part is called like this because knowledge0.write uses the part name for
# the section name in the config file.
recipe = slapos.cookbook:zero-knowledge.write
password =
filename = knowledge0.cfg
[read-knowledge0]
recipe = slapos.cookbook:zero-knowledge.read
filename = knowledge0.cfg
[monitor-instance-parameter]
monitor-base-url = ${monitor-frontend-promise:url}
# In case you're using a developer instance you should edit these in:
# monitor-base-url = ${monitor-httpd-conf-parameter:url}
# cors-domains = softinstXXXXX.host.vifib.net (or equivalent)
# interface-url = https://softinstXXXXX.host.vifib.net/erp5/web_site_module/monitoring_rjs_unsafe
instance-configuration =
raw jupyter-password ${read-knowledge0:password}
[publish-connection-parameter] [publish-connection-parameter]
recipe = slapos.cookbook:publish.serialised recipe = slapos.cookbook:publish.serialised
url = https://[${instance-parameter:host}]:${instance-parameter:port} url = https://[${instance-parameter:host}]:${instance-parameter:port}
......
...@@ -8,6 +8,7 @@ extends = ...@@ -8,6 +8,7 @@ extends =
../../component/pandas/buildout.cfg ../../component/pandas/buildout.cfg
../../component/openssl/buildout.cfg ../../component/openssl/buildout.cfg
../../component/seaborn/buildout.cfg ../../component/seaborn/buildout.cfg
../../stack/monitor/buildout.cfg
parts = parts =
slapos-cookbook slapos-cookbook
ipython-notebook ipython-notebook
...@@ -36,7 +37,7 @@ mode = 0644 ...@@ -36,7 +37,7 @@ mode = 0644
[ipython-notebook-config] [ipython-notebook-config]
<= download-file-base <= download-file-base
filename = ipython_notebook_config.py.jinja filename = ipython_notebook_config.py.jinja
md5sum = a5bc4ee8539109d1de7ab33b4c2c97ea md5sum = 95a76a80718e2a933dd4854dcf9a4a65
[ipython-notebook-set-password] [ipython-notebook-set-password]
<= download-file-base <= download-file-base
...@@ -63,7 +64,7 @@ recipe = slapos.recipe.template:jinja2 ...@@ -63,7 +64,7 @@ recipe = slapos.recipe.template:jinja2
template = ${:_profile_base_location_}/instance.cfg.in template = ${:_profile_base_location_}/instance.cfg.in
rendered = ${buildout:directory}/template.cfg rendered = ${buildout:directory}/template.cfg
mode = 0644 mode = 0644
md5sum = 26a28b74c8b18c92108c751b87abe80c md5sum = b6555d25fd89bf92f47eda60a29c2b44
context = context =
key bin_directory buildout:bin-directory key bin_directory buildout:bin-directory
key develop_eggs_directory buildout:develop-eggs-directory key develop_eggs_directory buildout:develop-eggs-directory
...@@ -80,6 +81,7 @@ context = ...@@ -80,6 +81,7 @@ context =
key kernel_json_filename kernel-json:filename key kernel_json_filename kernel-json:filename
key custom_js_location custom-js:location key custom_js_location custom-js:location
key custom_js_filename custom-js:filename key custom_js_filename custom-js:filename
key monitor_template_rendered buildout:directory
[versions] [versions]
Pygments = 2.2.0 Pygments = 2.2.0
......
'''
This script initializes Jupyter's configuration such as passwords and other
things. It is run by IPython hence why it can use functions like get_config().
'''
import ConfigParser import ConfigParser
import random
from notebook.auth import passwd
import os
def random_password(length = 10):
result = ""
for i in range(0, length):
result = result + chr(random.randint(0, 25) + ord('a'))
return result
knowledge_0 = '{{ config_cfg }}' knowledge_0 = '{{ config_cfg }}'
if not os.path.exists(knowledge_0):
print "Your software does <b>not</b> embed 0-knowledge. \
This interface is useless in this case</body></html>"
exit(0)
c = get_config() c = get_config()
parser = ConfigParser.ConfigParser() parser = ConfigParser.ConfigParser()
parser.read(knowledge_0) parser.read(knowledge_0)
if parser.has_option("ipython_notebook", "password"): if not parser.has_section("ipython_notebook"):
c.NotebookApp.password = parser.get("ipython_notebook", "password") parser.add_section("ipython_notebook")
if not parser.has_option("ipython_notebook", "password") or \
parser.get("ipython_notebook", "password") == "":
parser.set("ipython_notebook", "password", random_password())
c.NotebookApp.password = passwd(parser.get("ipython_notebook", "password"))
with open(knowledge_0, 'w') as file:
parser.write(file)
\ No newline at end of file
...@@ -103,6 +103,7 @@ recipe = slapos.recipe.template:jinja2 ...@@ -103,6 +103,7 @@ recipe = slapos.recipe.template:jinja2
filename = template-monitor.cfg filename = template-monitor.cfg
template = ${:_profile_base_location_}/instance-monitor.cfg.jinja2.in template = ${:_profile_base_location_}/instance-monitor.cfg.jinja2.in
rendered = ${buildout:directory}/template-monitor.cfg rendered = ${buildout:directory}/template-monitor.cfg
md5sum = 10882264627a9605036391b17efc0e3d
context = context =
key apache_location apache:location key apache_location apache:location
key gzip_location gzip:location key gzip_location gzip:location
......
...@@ -396,7 +396,7 @@ depends = ...@@ -396,7 +396,7 @@ depends =
[monitor-publish] [monitor-publish]
monitor-base-url = ${publish:monitor-base-url} monitor-base-url = ${publish:monitor-base-url}
monitor-setup-url = ${monitor-instance-parameter:interface-url}/#page=settings_configurator&url=${publish:monitor-url}&username=$${publish:monitor-user}&password=${publish:monitor-password} monitor-setup-url = ${monitor-instance-parameter:interface-url}/#page=settings_configurator&url=${publish:monitor-url}&username=${publish:monitor-user}&password=${publish:monitor-password}
[buildout] [buildout]
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment