Skip to content
Projects
Groups
Snippets
Help
Loading...
Sign in
Toggle navigation
C
coco
Project
Project
Details
Activity
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
ops
coco
Commits
60545fcd
Unverified
Commit
60545fcd
authored
Jan 08, 2019
by
老广
Committed by
GitHub
Jan 08, 2019
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
[Update] 修改配置文件格式 (#171)
parent
ada52cc9
Show whitespace changes
Inline
Side-by-side
Showing
18 changed files
with
68 additions
and
435 deletions
+68
-435
.gitignore
.gitignore
+1
-0
app.py
coco/app.py
+1
-1
config.py
coco/config.py
+0
-334
connection.py
coco/connection.py
+1
-1
app.py
coco/httpd/app.py
+1
-1
base.py
coco/httpd/base.py
+1
-1
interactive.py
coco/interactive.py
+1
-1
interface.py
coco/interface.py
+1
-1
logger.py
coco/logger.py
+1
-1
proxy.py
coco/proxy.py
+1
-1
recorder.py
coco/recorder.py
+1
-1
service.py
coco/service.py
+1
-1
sftp.py
coco/sftp.py
+1
-1
sshd.py
coco/sshd.py
+1
-1
utils.py
coco/utils.py
+1
-1
cocod
cocod
+1
-2
conf_example.py
conf_example.py
+0
-86
config_example.yml
config_example.yml
+53
-0
No files found.
.gitignore
View file @
60545fcd
...
...
@@ -9,3 +9,4 @@ conf.py
host_rsa_key
sessions/*
coco.pid
config.yml
coco/app.py
View file @
60545fcd
...
...
@@ -9,7 +9,7 @@ import threading
import
json
import
signal
from
.conf
ig
import
config
from
.conf
import
config
from
.sshd
import
SSHServer
from
.httpd
import
HttpServer
from
.tasks
import
TaskHandler
...
...
coco/config.py
deleted
100644 → 0
View file @
ada52cc9
#!/usr/bin/env python3
# -*- coding: utf-8 -*-
#
"""
coco.config
~~~~~~~~~~~~
the configuration related objects.
copy from flask
:copyright: (c) 2015 by Armin Ronacher.
:license: BSD, see LICENSE for more details.
"""
import
os
import
types
import
errno
import
json
import
socket
from
werkzeug.utils
import
import_string
BASE_DIR
=
os
.
path
.
dirname
(
os
.
path
.
dirname
(
__file__
))
root_path
=
os
.
environ
.
get
(
"COCO_PATH"
)
if
not
root_path
:
root_path
=
BASE_DIR
class
ConfigAttribute
(
object
):
"""Makes an attribute forward to the config"""
def
__init__
(
self
,
name
,
get_converter
=
None
):
self
.
__name__
=
name
self
.
get_converter
=
get_converter
def
__get__
(
self
,
obj
,
type
=
None
):
if
obj
is
None
:
return
self
rv
=
obj
.
config
[
self
.
__name__
]
if
self
.
get_converter
is
not
None
:
rv
=
self
.
get_converter
(
rv
)
return
rv
def
__set__
(
self
,
obj
,
value
):
obj
.
config
[
self
.
__name__
]
=
value
class
Config
(
dict
):
"""Works exactly like a dict but provides ways to fill it from files
or special dictionaries. There are two common patterns to populate the
config.
Either you can fill the config from a config file::
app.config.from_pyfile('yourconfig.cfg')
Or alternatively you can define the configuration options in the
module that calls :meth:`from_object` or provide an import path to
a module that should be loaded. It is also possible to tell it to
use the same module and with that provide the configuration values
just before the call::
DEBUG = True
SECRET_KEY = 'development key'
app.config.from_object(__name__)
In both cases (loading from any Python file or loading from modules),
only uppercase keys are added to the config. This makes it possible to use
lowercase values in the config file for temporary values that are not added
to the config or to define the config keys in the same file that implements
the application.
Probably the most interesting way to load configurations is from an
environment variable pointing to a file::
app.config.from_envvar('YOURAPPLICATION_SETTINGS')
In this case before launching the application you have to set this
environment variable to the file you want to use. On Linux and OS X
use the export statement::
export YOURAPPLICATION_SETTINGS='/path/to/config/file'
On windows use `set` instead.
:param root_path: path to which files are read relative from. When the
config object is created by the application, this is
the application's :attr:`~flask.Flask.root_path`.
:param defaults: an optional dictionary of default values
"""
def
__init__
(
self
,
root_path
,
defaults
=
None
):
self
.
defaults
=
defaults
or
{}
self
.
root_path
=
root_path
super
(
Config
,
self
)
.
__init__
({})
def
from_envvar
(
self
,
variable_name
,
silent
=
False
):
"""Loads a configuration from an environment variable pointing to
a configuration file. This is basically just a shortcut with nicer
error messages for this line of code::
app.config.from_pyfile(os.environ['YOURAPPLICATION_SETTINGS'])
:param variable_name: name of the environment variable
:param silent: set to ``True`` if you want silent failure for missing
files.
:return: bool. ``True`` if able to load config, ``False`` otherwise.
"""
rv
=
os
.
environ
.
get
(
variable_name
)
if
not
rv
:
if
silent
:
return
False
raise
RuntimeError
(
'The environment variable
%
r is not set '
'and as such configuration could not be '
'loaded. Set this variable and make it '
'point to a configuration file'
%
variable_name
)
return
self
.
from_pyfile
(
rv
,
silent
=
silent
)
def
from_pyfile
(
self
,
filename
,
silent
=
False
):
"""Updates the values in the config from a Python file. This function
behaves as if the file was imported as module with the
:meth:`from_object` function.
:param filename: the filename of the config. This can either be an
absolute filename or a filename relative to the
root path.
:param silent: set to ``True`` if you want silent failure for missing
files.
.. versionadded:: 0.7
`silent` parameter.
"""
filename
=
os
.
path
.
join
(
self
.
root_path
,
filename
)
d
=
types
.
ModuleType
(
'config'
)
d
.
__file__
=
filename
try
:
with
open
(
filename
,
mode
=
'rb'
)
as
config_file
:
exec
(
compile
(
config_file
.
read
(),
filename
,
'exec'
),
d
.
__dict__
)
except
IOError
as
e
:
if
silent
and
e
.
errno
in
(
errno
.
ENOENT
,
errno
.
EISDIR
):
return
False
e
.
strerror
=
'Unable to load configuration file (
%
s)'
%
e
.
strerror
raise
self
.
from_object
(
d
)
return
True
def
from_object
(
self
,
obj
):
"""Updates the values from the given object. An object can be of one
of the following two types:
- a string: in this case the object with that name will be imported
- an actual object reference: that object is used directly
Objects are usually either modules or classes. :meth:`from_object`
loads only the uppercase attributes of the module/class. A ``dict``
object will not work with :meth:`from_object` because the keys of a
``dict`` are not attributes of the ``dict`` class.
Example of module-based configuration::
app.config.from_object('yourapplication.default_config')
from yourapplication import default_config
app.config.from_object(default_config)
You should not use this function to load the actual configuration but
rather configuration defaults. The actual config should be loaded
with :meth:`from_pyfile` and ideally from a location not within the
package because the package might be installed system wide.
See :ref:`config-dev-prod` for an example of class-based configuration
using :meth:`from_object`.
:param obj: an import name or object
"""
if
isinstance
(
obj
,
str
):
obj
=
import_string
(
obj
)
for
key
in
dir
(
obj
):
if
key
.
isupper
():
self
[
key
]
=
getattr
(
obj
,
key
)
def
from_json
(
self
,
filename
,
silent
=
False
):
"""Updates the values in the config from a JSON file. This function
behaves as if the JSON object was a dictionary and passed to the
:meth:`from_mapping` function.
:param filename: the filename of the JSON file. This can either be an
absolute filename or a filename relative to the
root path.
:param silent: set to ``True`` if you want silent failure for missing
files.
.. versionadded:: 0.11
"""
filename
=
os
.
path
.
join
(
self
.
root_path
,
filename
)
try
:
with
open
(
filename
)
as
json_file
:
obj
=
json
.
loads
(
json_file
.
read
())
except
IOError
as
e
:
if
silent
and
e
.
errno
in
(
errno
.
ENOENT
,
errno
.
EISDIR
):
return
False
e
.
strerror
=
'Unable to load configuration file (
%
s)'
%
e
.
strerror
raise
return
self
.
from_mapping
(
obj
)
def
from_mapping
(
self
,
*
mapping
,
**
kwargs
):
"""Updates the config like :meth:`update` ignoring items with non-upper
keys.
.. versionadded:: 0.11
"""
mappings
=
[]
if
len
(
mapping
)
==
1
:
if
hasattr
(
mapping
[
0
],
'items'
):
mappings
.
append
(
mapping
[
0
]
.
items
())
else
:
mappings
.
append
(
mapping
[
0
])
elif
len
(
mapping
)
>
1
:
raise
TypeError
(
'expected at most 1 positional argument, got
%
d'
%
len
(
mapping
)
)
mappings
.
append
(
kwargs
.
items
())
for
mapping
in
mappings
:
for
(
key
,
value
)
in
mapping
:
if
key
.
isupper
():
self
[
key
]
=
value
return
True
def
get_namespace
(
self
,
namespace
,
lowercase
=
True
,
trim_namespace
=
True
):
"""Returns a dictionary containing a subset of configuration options
that match the specified namespace/prefix. Example usage::
app.config['IMAGE_STORE_TYPE'] = 'fs'
app.config['IMAGE_STORE_PATH'] = '/var/app/images'
app.config['IMAGE_STORE_BASE_URL'] = 'http://img.website.com'
image_store_config = app.config.get_namespace('IMAGE_STORE_')
The resulting dictionary `image_store_config` would look like::
{
'types': 'fs',
'path': '/var/app/images',
'base_url': 'http://img.website.com'
}
This is often useful when configuration options map directly to
keyword arguments in functions or class constructors.
:param namespace: a configuration namespace
:param lowercase: a flag indicating if the keys of the resulting
dictionary should be lowercase
:param trim_namespace: a flag indicating if the keys of the resulting
dictionary should not include the namespace
.. versionadded:: 0.11
"""
rv
=
{}
for
k
,
v
in
self
.
items
():
if
not
k
.
startswith
(
namespace
):
continue
if
trim_namespace
:
key
=
k
[
len
(
namespace
):]
else
:
key
=
k
if
lowercase
:
key
=
key
.
lower
()
rv
[
key
]
=
v
return
rv
def
__getitem__
(
self
,
item
):
try
:
value
=
super
(
Config
,
self
)
.
__getitem__
(
item
)
except
KeyError
:
value
=
None
if
value
is
not
None
:
return
value
value
=
os
.
environ
.
get
(
item
,
None
)
if
value
is
not
None
:
return
value
return
self
.
defaults
.
get
(
item
)
def
__getattr__
(
self
,
item
):
return
self
.
__getitem__
(
item
)
def
__repr__
(
self
):
return
'<
%
s
%
s>'
%
(
self
.
__class__
.
__name__
,
dict
.
__repr__
(
self
))
access_key_path
=
os
.
path
.
abspath
(
os
.
path
.
join
(
root_path
,
'keys'
,
'.access_key'
))
default_config
=
{
'NAME'
:
socket
.
gethostname
(),
'CORE_HOST'
:
'http://127.0.0.1:8080'
,
'BOOTSTRAP_TOKEN'
:
os
.
environ
.
get
(
"BOOTSTRAP_TOKEN"
)
or
'PleaseChangeMe'
,
'ROOT_PATH'
:
root_path
,
'DEBUG'
:
True
,
'BIND_HOST'
:
'0.0.0.0'
,
'SSHD_PORT'
:
2222
,
'HTTPD_PORT'
:
5000
,
'COCO_ACCESS_KEY'
:
''
,
'ACCESS_KEY_FILE'
:
access_key_path
,
'SECRET_KEY'
:
'SDK29K03
%
MM0ksf'
,
'LOG_LEVEL'
:
'DEBUG'
,
'LOG_DIR'
:
os
.
path
.
join
(
root_path
,
'logs'
),
'SESSION_DIR'
:
os
.
path
.
join
(
root_path
,
'sessions'
),
'ASSET_LIST_SORT_BY'
:
'hostname'
,
# hostname, ip
'PASSWORD_AUTH'
:
True
,
'PUBLIC_KEY_AUTH'
:
True
,
'SSH_TIMEOUT'
:
10
,
'ALLOW_SSH_USER'
:
[],
'BLOCK_SSH_USER'
:
[],
'HEARTBEAT_INTERVAL'
:
5
,
'MAX_CONNECTIONS'
:
500
,
# Not use now
'ADMINS'
:
''
,
'COMMAND_STORAGE'
:
{
'TYPE'
:
'server'
},
# server
'REPLAY_STORAGE'
:
{
'TYPE'
:
'server'
},
'LANGUAGE_CODE'
:
'zh'
,
'SECURITY_MAX_IDLE_TIME'
:
60
,
'ASSET_LIST_PAGE_SIZE'
:
'auto'
,
}
config
=
Config
(
root_path
,
default_config
)
config
.
from_pyfile
(
'conf.py'
)
try
:
from
conf
import
config
as
_conf
config
.
from_object
(
_conf
)
except
ImportError
:
pass
if
not
config
[
'NAME'
]:
config
[
'NAME'
]
=
default_config
[
'NAME'
]
coco/connection.py
View file @
60545fcd
...
...
@@ -14,7 +14,7 @@ except ImportError:
import
paramiko
from
.service
import
app_service
from
.conf
ig
import
config
from
.conf
import
config
from
.utils
import
get_logger
,
get_private_key_fingerprint
logger
=
get_logger
(
__file__
)
...
...
coco/httpd/app.py
View file @
60545fcd
...
...
@@ -6,7 +6,7 @@ from flask_socketio import SocketIO
from
flask
import
Flask
from
coco.utils
import
get_logger
from
coco.conf
ig
import
config
from
coco.conf
import
config
from
coco.httpd.ws
import
ProxyNamespace
,
ElfinderNamespace
logger
=
get_logger
(
__file__
)
...
...
coco/httpd/base.py
View file @
60545fcd
...
...
@@ -10,7 +10,7 @@ from ..models import Connection, WSProxy
from
..proxy
import
ProxyServer
from
..utils
import
get_logger
from
..service
import
app_service
from
..conf
ig
import
config
from
..conf
import
config
BASE_DIR
=
os
.
path
.
dirname
(
os
.
path
.
dirname
(
__file__
))
logger
=
get_logger
(
__file__
)
...
...
coco/interactive.py
View file @
60545fcd
...
...
@@ -11,7 +11,7 @@ import time
from
treelib
import
Tree
from
.
import
char
from
.conf
ig
import
config
from
.conf
import
config
from
.utils
import
wrap_with_line_feed
as
wr
,
wrap_with_title
as
title
,
\
wrap_with_warning
as
warning
,
is_obj_attr_has
,
is_obj_attr_eq
,
\
sort_assets
,
ugettext
as
_
,
get_logger
,
net_input
,
format_with_zh
,
\
...
...
coco/interface.py
View file @
60545fcd
...
...
@@ -7,7 +7,7 @@ import threading
from
collections
import
Iterable
from
.utils
import
get_logger
from
.conf
ig
import
config
from
.conf
import
config
from
.service
import
app_service
logger
=
get_logger
(
__file__
)
...
...
coco/logger.py
View file @
60545fcd
...
...
@@ -5,7 +5,7 @@
import
os
import
logging
from
logging.config
import
dictConfig
from
.conf
ig
import
config
as
app_config
from
.conf
import
config
as
app_config
def
create_logger
():
...
...
coco/proxy.py
View file @
60545fcd
...
...
@@ -9,7 +9,7 @@ from .session import Session
from
.models
import
Server
,
TelnetServer
from
.connection
import
SSHConnection
,
TelnetConnection
from
.service
import
app_service
from
.conf
ig
import
config
from
.conf
import
config
from
.utils
import
wrap_with_line_feed
as
wr
,
wrap_with_warning
as
warning
,
\
get_logger
,
net_input
,
ugettext
as
_
,
ignore_error
...
...
coco/recorder.py
View file @
60545fcd
...
...
@@ -12,7 +12,7 @@ from copy import deepcopy
import
jms_storage
from
.conf
ig
import
config
from
.conf
import
config
from
.utils
import
get_logger
,
Singleton
from
.struct
import
MemoryQueue
from
.service
import
app_service
...
...
coco/service.py
View file @
60545fcd
...
...
@@ -2,7 +2,7 @@
#
from
jms.service
import
AppService
from
.conf
ig
import
config
from
.conf
import
config
inited
=
False
...
...
coco/sftp.py
View file @
60545fcd
...
...
@@ -8,7 +8,7 @@ from paramiko.sftp import SFTP_PERMISSION_DENIED, SFTP_NO_SUCH_FILE, \
SFTP_FAILURE
,
SFTP_EOF
,
SFTP_CONNECTION_LOST
from
coco.utils
import
get_logger
from
.conf
ig
import
config
from
.conf
import
config
from
.service
import
app_service
from
.connection
import
SSHConnection
...
...
coco/sshd.py
View file @
60545fcd
...
...
@@ -14,7 +14,7 @@ from coco.interface import SSHInterface
from
coco.interactive
import
InteractiveServer
from
coco.models
import
Connection
from
coco.sftp
import
SFTPServer
from
coco.conf
ig
import
config
from
coco.conf
import
config
logger
=
get_logger
(
__file__
)
BACKLOG
=
5
...
...
coco/utils.py
View file @
60545fcd
...
...
@@ -17,7 +17,7 @@ import paramiko
import
pyte
from
.
import
char
from
.conf
ig
import
config
from
.conf
import
config
BASE_DIR
=
os
.
path
.
abspath
(
os
.
path
.
dirname
(
os
.
path
.
dirname
(
__file__
)))
...
...
cocod
View file @
60545fcd
...
...
@@ -25,9 +25,8 @@ for d in dirs:
from
coco
import
Coco
try
:
from
conf
import
config
from
co
co.co
nf
import
config
except
ImportError
:
print
(
"Please prepare config file `cp conf_example.py conf.py`"
)
sys
.
exit
(
1
)
...
...
conf_example.py
deleted
100644 → 0
View file @
ada52cc9
#!/usr/bin/env python3
# -*- coding: utf-8 -*-
#
import
os
BASE_DIR
=
os
.
path
.
dirname
(
__file__
)
class
Config
:
"""
Coco config file, coco also load config from server update setting below
"""
# 项目名称, 会用来向Jumpserver注册, 识别而已, 不能重复
# NAME = "localhost"
# Jumpserver项目的url, api请求注册会使用
# CORE_HOST = os.environ.get("CORE_HOST") or 'http://127.0.0.1:8080'
# Bootstrap Token, 预共享秘钥, 用来注册coco使用的service account和terminal
# 请和jumpserver 配置文件中保持一致,注册完成后可以删除
# BOOTSTRAP_TOKEN = "PleaseChangeMe"
# 启动时绑定的ip, 默认 0.0.0.0
# BIND_HOST = '0.0.0.0'
# 监听的SSH端口号, 默认2222
# SSHD_PORT = 2222
# 监听的HTTP/WS端口号,默认5000
# HTTPD_PORT = 5000
# 项目使用的ACCESS KEY, 默认会注册,并保存到 ACCESS_KEY_STORE中,
# 如果有需求, 可以写到配置文件中, 格式 access_key_id:access_key_secret
# ACCESS_KEY = None
# ACCESS KEY 保存的地址, 默认注册后会保存到该文件中
# ACCESS_KEY_STORE = os.path.join(BASE_DIR, 'keys', '.access_key')
# 加密密钥
# SECRET_KEY = None
# 设置日志级别 ['DEBUG', 'INFO', 'WARN', 'ERROR', 'FATAL', 'CRITICAL']
# LOG_LEVEL = 'INFO'
# 日志存放的目录
# LOG_DIR = os.path.join(BASE_DIR, 'logs')
# Session录像存放目录
# SESSION_DIR = os.path.join(BASE_DIR, 'sessions')
# 资产显示排序方式, ['ip', 'hostname']
# ASSET_LIST_SORT_BY = 'ip'
# 登录是否支持密码认证
# PASSWORD_AUTH = True
# 登录是否支持秘钥认证
# PUBLIC_KEY_AUTH = True
# SSH白名单
# ALLOW_SSH_USER = 'all' # ['test', 'test2']
# SSH黑名单, 如果用户同时在白名单和黑名单,黑名单优先生效
# BLOCK_SSH_USER = []
# 和Jumpserver 保持心跳时间间隔
# HEARTBEAT_INTERVAL = 5
# Admin的名字,出问题会提示给用户
# ADMINS = ''
COMMAND_STORAGE
=
{
"TYPE"
:
"server"
}
REPLAY_STORAGE
=
{
"TYPE"
:
"server"
}
# SSH连接超时时间 (default 15 seconds)
# SSH_TIMEOUT = 15
# 语言 = en
LANGUAGE_CODE
=
'zh'
config
=
Config
()
config_example.yml
0 → 100644
View file @
60545fcd
# 项目名称, 会用来向Jumpserver注册, 识别而已, 不能重复
# NAME: {{ Hostname }}
# Jumpserver项目的url, api请求注册会使用
CORE_HOST
:
http://127.0.0.1:8080
# Bootstrap Token, 预共享秘钥, 用来注册coco使用的service account和terminal
# 请和jumpserver 配置文件中保持一致,注册完成后可以删除
BOOTSTRAP_TOKEN
:
<ChangeIT>
# 启动时绑定的ip, 默认 0.0.0.0
# BIND_HOST: 0.0.0.0
# 监听的SSH端口号, 默认2222
# SSHD_PORT: 2222
# 监听的HTTP/WS端口号,默认5000
# HTTPD_PORT: 5000
# 项目使用的ACCESS KEY, 默认会注册,并保存到 ACCESS_KEY_STORE中,
# 如果有需求, 可以写到配置文件中, 格式 access_key_id:access_key_secret
# ACCESS_KEY: null
# ACCESS KEY 保存的地址, 默认注册后会保存到该文件中
# ACCESS_KEY_STORE: keys/.access_key
# 加密密钥
# SECRET_KEY: null
# 设置日志级别 ['DEBUG', 'INFO', 'WARN', 'ERROR', 'FATAL', 'CRITICAL']
# LOG_LEVEL: INFO
# 日志存放的目录
# LOG_DIR: logs
# SSH白名单
# ALLOW_SSH_USER: 'all'
# SSH黑名单, 如果用户同时在白名单和黑名单,黑名单优先生效
# BLOCK_SSH_USER:
# -
# 和Jumpserver 保持心跳时间间隔
# HEARTBEAT_INTERVAL: 5
# Admin的名字,出问题会提示给用户
# ADMINS: ''
# SSH连接超时时间 (default 15 seconds)
# SSH_TIMEOUT: 15
# 语言 = en
# LANGUAGE_CODE: zh
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment