[Update] 修改配置文件格式 (#171)

.gitignore

@@ -9,3 +9,4 @@ conf.py
 host_rsa_key
 sessions/*
 coco.pid
+config.yml

coco/app.py

@@ -9,7 +9,7 @@ import threading
 import json
 import signal
 
-from .config import config
+from .conf import config
 from .sshd import SSHServer
 from .httpd import HttpServer
 from .tasks import TaskHandler

coco/config.py

-#!/usr/bin/env python3
-# -*- coding: utf-8 -*-
-#
-
-"""
-    coco.config
-    ~~~~~~~~~~~~
-
-    the configuration related objects.
-    copy from flask
-
-    :copyright: (c) 2015 by Armin Ronacher.
-    :license: BSD, see LICENSE for more details.
-"""
-
-import os
-import types
-import errno
-import json
-import socket
-
-from werkzeug.utils import import_string
-
-
-BASE_DIR = os.path.dirname(os.path.dirname(__file__))
-root_path = os.environ.get("COCO_PATH")
-if not root_path:
-    root_path = BASE_DIR
-
-
-class ConfigAttribute(object):
-    """Makes an attribute forward to the config"""
-
-    def __init__(self, name, get_converter=None):
-        self.__name__ = name
-        self.get_converter = get_converter
-
-    def __get__(self, obj, type=None):
-        if obj is None:
-            return self
-        rv = obj.config[self.__name__]
-        if self.get_converter is not None:
-            rv = self.get_converter(rv)
-        return rv
-
-    def __set__(self, obj, value):
-        obj.config[self.__name__] = value
-
-
-class Config(dict):
-    """Works exactly like a dict but provides ways to fill it from files
-    or special dictionaries.  There are two common patterns to populate the
-    config.
-
-    Either you can fill the config from a config file::
-
-        app.config.from_pyfile('yourconfig.cfg')
-
-    Or alternatively you can define the configuration options in the
-    module that calls :meth:`from_object` or provide an import path to
-    a module that should be loaded.  It is also possible to tell it to
-    use the same module and with that provide the configuration values
-    just before the call::
-
-        DEBUG = True
-        SECRET_KEY = 'development key'
-        app.config.from_object(__name__)
-
-    In both cases (loading from any Python file or loading from modules),
-    only uppercase keys are added to the config.  This makes it possible to use
-    lowercase values in the config file for temporary values that are not added
-    to the config or to define the config keys in the same file that implements
-    the application.
-
-    Probably the most interesting way to load configurations is from an
-    environment variable pointing to a file::
-
-        app.config.from_envvar('YOURAPPLICATION_SETTINGS')
-
-    In this case before launching the application you have to set this
-    environment variable to the file you want to use.  On Linux and OS X
-    use the export statement::
-
-        export YOURAPPLICATION_SETTINGS='/path/to/config/file'
-
-    On windows use `set` instead.
-
-    :param root_path: path to which files are read relative from.  When the
-                      config object is created by the application, this is
-                      the application's :attr:`~flask.Flask.root_path`.
-    :param defaults: an optional dictionary of default values
-    """
-
-    def __init__(self, root_path, defaults=None):
-        self.defaults = defaults or {}
-        self.root_path = root_path
-        super(Config, self).__init__({})
-
-    def from_envvar(self, variable_name, silent=False):
-        """Loads a configuration from an environment variable pointing to
-        a configuration file.  This is basically just a shortcut with nicer
-        error messages for this line of code::
-
-            app.config.from_pyfile(os.environ['YOURAPPLICATION_SETTINGS'])
-
-        :param variable_name: name of the environment variable
-        :param silent: set to ``True`` if you want silent failure for missing
-                       files.
-        :return: bool. ``True`` if able to load config, ``False`` otherwise.
-        """
-        rv = os.environ.get(variable_name)
-        if not rv:
-            if silent:
-                return False
-            raise RuntimeError('The environment variable %r is not set '
-                               'and as such configuration could not be '
-                               'loaded.  Set this variable and make it '
-                               'point to a configuration file' %
-                               variable_name)
-        return self.from_pyfile(rv, silent=silent)
-
-    def from_pyfile(self, filename, silent=False):
-        """Updates the values in the config from a Python file.  This function
-        behaves as if the file was imported as module with the
-        :meth:`from_object` function.
-
-        :param filename: the filename of the config.  This can either be an
-                         absolute filename or a filename relative to the
-                         root path.
-        :param silent: set to ``True`` if you want silent failure for missing
-                       files.
-
-        .. versionadded:: 0.7
-           `silent` parameter.
-        """
-        filename = os.path.join(self.root_path, filename)
-        d = types.ModuleType('config')
-        d.__file__ = filename
-        try:
-            with open(filename, mode='rb') as config_file:
-                exec(compile(config_file.read(), filename, 'exec'), d.__dict__)
-        except IOError as e:
-            if silent and e.errno in (errno.ENOENT, errno.EISDIR):
-                return False
-            e.strerror = 'Unable to load configuration file (%s)' % e.strerror
-            raise
-        self.from_object(d)
-        return True
-
-    def from_object(self, obj):
-        """Updates the values from the given object.  An object can be of one
-        of the following two types:
-
-        -   a string: in this case the object with that name will be imported
-        -   an actual object reference: that object is used directly
-
-        Objects are usually either modules or classes. :meth:`from_object`
-        loads only the uppercase attributes of the module/class. A ``dict``
-        object will not work with :meth:`from_object` because the keys of a
-        ``dict`` are not attributes of the ``dict`` class.
-
-        Example of module-based configuration::
-
-            app.config.from_object('yourapplication.default_config')
-            from yourapplication import default_config
-            app.config.from_object(default_config)
-
-        You should not use this function to load the actual configuration but
-        rather configuration defaults.  The actual config should be loaded
-        with :meth:`from_pyfile` and ideally from a location not within the
-        package because the package might be installed system wide.
-
-        See :ref:`config-dev-prod` for an example of class-based configuration
-        using :meth:`from_object`.
-
-        :param obj: an import name or object
-        """
-        if isinstance(obj, str):
-            obj = import_string(obj)
-        for key in dir(obj):
-            if key.isupper():
-                self[key] = getattr(obj, key)
-
-    def from_json(self, filename, silent=False):
-        """Updates the values in the config from a JSON file. This function
-        behaves as if the JSON object was a dictionary and passed to the
-        :meth:`from_mapping` function.
-
-        :param filename: the filename of the JSON file.  This can either be an
-                         absolute filename or a filename relative to the
-                         root path.
-        :param silent: set to ``True`` if you want silent failure for missing
-                       files.
-
-        .. versionadded:: 0.11
-        """
-        filename = os.path.join(self.root_path, filename)
-
-        try:
-            with open(filename) as json_file:
-                obj = json.loads(json_file.read())
-        except IOError as e:
-            if silent and e.errno in (errno.ENOENT, errno.EISDIR):
-                return False
-            e.strerror = 'Unable to load configuration file (%s)' % e.strerror
-            raise
-        return self.from_mapping(obj)
-
-    def from_mapping(self, *mapping, **kwargs):
-        """Updates the config like :meth:`update` ignoring items with non-upper
-        keys.
-
-        .. versionadded:: 0.11
-        """
-        mappings = []
-        if len(mapping) == 1:
-            if hasattr(mapping[0], 'items'):
-                mappings.append(mapping[0].items())
-            else:
-                mappings.append(mapping[0])
-        elif len(mapping) > 1:
-            raise TypeError(
-                'expected at most 1 positional argument, got %d' % len(mapping)
-            )
-        mappings.append(kwargs.items())
-        for mapping in mappings:
-            for (key, value) in mapping:
-                if key.isupper():
-                    self[key] = value
-        return True
-
-    def get_namespace(self, namespace, lowercase=True, trim_namespace=True):
-        """Returns a dictionary containing a subset of configuration options
-        that match the specified namespace/prefix. Example usage::
-
-            app.config['IMAGE_STORE_TYPE'] = 'fs'
-            app.config['IMAGE_STORE_PATH'] = '/var/app/images'
-            app.config['IMAGE_STORE_BASE_URL'] = 'http://img.website.com'
-            image_store_config = app.config.get_namespace('IMAGE_STORE_')
-
-        The resulting dictionary `image_store_config` would look like::
-
-            {
-                'types': 'fs',
-                'path': '/var/app/images',
-                'base_url': 'http://img.website.com'
-            }
-
-        This is often useful when configuration options map directly to
-        keyword arguments in functions or class constructors.
-
-        :param namespace: a configuration namespace
-        :param lowercase: a flag indicating if the keys of the resulting
-                          dictionary should be lowercase
-        :param trim_namespace: a flag indicating if the keys of the resulting
-                          dictionary should not include the namespace
-
-        .. versionadded:: 0.11
-        """
-        rv = {}
-        for k, v in self.items():
-            if not k.startswith(namespace):
-                continue
-            if trim_namespace:
-                key = k[len(namespace):]
-            else:
-                key = k
-            if lowercase:
-                key = key.lower()
-            rv[key] = v
-        return rv
-
-    def __getitem__(self, item):
-        try:
-            value = super(Config, self).__getitem__(item)
-        except KeyError:
-            value = None
-        if value is not None:
-            return value
-        value = os.environ.get(item, None)
-        if value is not None:
-            return value
-        return self.defaults.get(item)
-
-    def __getattr__(self, item):
-        return self.__getitem__(item)
-
-    def __repr__(self):
-        return '<%s %s>' % (self.__class__.__name__, dict.__repr__(self))
-
-
-access_key_path = os.path.abspath(os.path.join(root_path, 'keys', '.access_key'))
-default_config = {
-    'NAME': socket.gethostname(),
-    'CORE_HOST': 'http://127.0.0.1:8080',
-    'BOOTSTRAP_TOKEN': os.environ.get("BOOTSTRAP_TOKEN") or 'PleaseChangeMe',
-    'ROOT_PATH': root_path,
-    'DEBUG': True,
-    'BIND_HOST': '0.0.0.0',
-    'SSHD_PORT': 2222,
-    'HTTPD_PORT': 5000,
-    'COCO_ACCESS_KEY': '',
-    'ACCESS_KEY_FILE': access_key_path,
-    'SECRET_KEY': 'SDK29K03%MM0ksf&#2',
-    'LOG_LEVEL': 'DEBUG',
-    'LOG_DIR': os.path.join(root_path, 'logs'),
-    'SESSION_DIR': os.path.join(root_path, 'sessions'),
-    'ASSET_LIST_SORT_BY': 'hostname',  # hostname, ip
-    'PASSWORD_AUTH': True,
-    'PUBLIC_KEY_AUTH': True,
-    'SSH_TIMEOUT': 10,
-    'ALLOW_SSH_USER': [],
-    'BLOCK_SSH_USER': [],
-    'HEARTBEAT_INTERVAL': 5,
-    'MAX_CONNECTIONS': 500,  # Not use now
-    'ADMINS': '',
-    'COMMAND_STORAGE': {'TYPE': 'server'},   # server
-    'REPLAY_STORAGE': {'TYPE': 'server'},
-    'LANGUAGE_CODE': 'zh',
-    'SECURITY_MAX_IDLE_TIME': 60,
-    'ASSET_LIST_PAGE_SIZE': 'auto',
-}
-
-config = Config(root_path, default_config)
-config.from_pyfile('conf.py')
-
-try:
-    from conf import config as _conf
-    config.from_object(_conf)
-except ImportError:
-    pass
-
-if not config['NAME']:
-    config['NAME'] = default_config['NAME']

coco/connection.py

@@ -14,7 +14,7 @@ except ImportError:
 import paramiko
 
 from .service import app_service
-from .config import config
+from .conf import config
 from .utils import get_logger, get_private_key_fingerprint
 
 logger = get_logger(__file__)

coco/httpd/app.py

@@ -6,7 +6,7 @@ from flask_socketio import SocketIO
 from flask import Flask
 
 from coco.utils import get_logger
-from coco.config import config
+from coco.conf import config
 from coco.httpd.ws import ProxyNamespace, ElfinderNamespace
 
 logger = get_logger(__file__)

coco/httpd/base.py

@@ -10,7 +10,7 @@ from ..models import Connection, WSProxy
 from ..proxy import ProxyServer
 from ..utils import get_logger
 from ..service import app_service
-from ..config import config
+from ..conf import config
 
 BASE_DIR = os.path.dirname(os.path.dirname(__file__))
 logger = get_logger(__file__)

coco/interactive.py

@@ -11,7 +11,7 @@ import time
 from treelib import Tree
 
 from . import char
-from .config import config
+from .conf import config
 from .utils import wrap_with_line_feed as wr, wrap_with_title as title, \
     wrap_with_warning as warning, is_obj_attr_has, is_obj_attr_eq, \
     sort_assets, ugettext as _, get_logger, net_input, format_with_zh, \

coco/interface.py

@@ -7,7 +7,7 @@ import threading
 from collections import Iterable
 
 from .utils import get_logger
-from .config import config
+from .conf import config
 from .service import app_service
 
 logger = get_logger(__file__)

coco/logger.py

@@ -5,7 +5,7 @@
 import os
 import logging
 from logging.config import dictConfig
-from .config import config as app_config
+from .conf import config as app_config
 
 
 def create_logger():

coco/proxy.py

@@ -9,7 +9,7 @@ from .session import Session
 from .models import Server, TelnetServer
 from .connection import SSHConnection, TelnetConnection
 from .service import app_service
-from .config import config
+from .conf import config
 from .utils import wrap_with_line_feed as wr, wrap_with_warning as warning, \
      get_logger, net_input, ugettext as _, ignore_error
 

coco/recorder.py

@@ -12,7 +12,7 @@ from copy import deepcopy
 
 import jms_storage
 
-from .config import config
+from .conf import config
 from .utils import get_logger, Singleton
 from .struct import MemoryQueue
 from .service import app_service

coco/service.py

@@ -2,7 +2,7 @@
 #
 
 from jms.service import AppService
-from .config import config
+from .conf import config
 
 
 inited = False

coco/sftp.py

@@ -8,7 +8,7 @@ from paramiko.sftp import SFTP_PERMISSION_DENIED, SFTP_NO_SUCH_FILE, \
     SFTP_FAILURE, SFTP_EOF, SFTP_CONNECTION_LOST
 
 from coco.utils import get_logger
-from .config import config
+from .conf import config
 from .service import app_service
 from .connection import SSHConnection
 

coco/sshd.py

@@ -14,7 +14,7 @@ from coco.interface import SSHInterface
 from coco.interactive import InteractiveServer
 from coco.models import Connection
 from coco.sftp import SFTPServer
-from coco.config import config
+from coco.conf import config
 
 logger = get_logger(__file__)
 BACKLOG = 5

coco/utils.py

@@ -17,7 +17,7 @@ import paramiko
 import pyte
 
 from . import char
-from .config import config
+from .conf import config
 
 BASE_DIR = os.path.abspath(os.path.dirname(os.path.dirname(__file__)))
 

cocod

@@ -25,9 +25,8 @@ for d in dirs:
 from coco import Coco
 
 try:
-    from conf import config
+    from coco.conf import config
 except ImportError:
-    print("Please prepare config file `cp conf_example.py conf.py`")
     sys.exit(1)
 
 

conf_example.py

-#!/usr/bin/env python3
-# -*- coding: utf-8 -*-
-#
-
-import os
-
-BASE_DIR = os.path.dirname(__file__)
-
-
-class Config:
-    """
-    Coco config file, coco also load config from server update setting below
-    """
-    # 项目名称, 会用来向Jumpserver注册, 识别而已, 不能重复
-    # NAME = "localhost"
-
-    # Jumpserver项目的url, api请求注册会使用
-    # CORE_HOST = os.environ.get("CORE_HOST") or 'http://127.0.0.1:8080'
-
-    # Bootstrap Token, 预共享秘钥, 用来注册coco使用的service account和terminal
-    # 请和jumpserver 配置文件中保持一致，注册完成后可以删除
-    # BOOTSTRAP_TOKEN = "PleaseChangeMe"
-
-    # 启动时绑定的ip, 默认 0.0.0.0
-    # BIND_HOST = '0.0.0.0'
-
-    # 监听的SSH端口号, 默认2222
-    # SSHD_PORT = 2222
-
-    # 监听的HTTP/WS端口号，默认5000
-    # HTTPD_PORT = 5000
-
-    # 项目使用的ACCESS KEY, 默认会注册,并保存到 ACCESS_KEY_STORE中,
-    # 如果有需求, 可以写到配置文件中, 格式 access_key_id:access_key_secret
-    # ACCESS_KEY = None
-
-    # ACCESS KEY 保存的地址, 默认注册后会保存到该文件中
-    # ACCESS_KEY_STORE = os.path.join(BASE_DIR, 'keys', '.access_key')
-
-    # 加密密钥
-    # SECRET_KEY = None
-
-    # 设置日志级别 ['DEBUG', 'INFO', 'WARN', 'ERROR', 'FATAL', 'CRITICAL']
-    # LOG_LEVEL = 'INFO'
-
-    # 日志存放的目录
-    # LOG_DIR = os.path.join(BASE_DIR, 'logs')
-
-    # Session录像存放目录
-    # SESSION_DIR = os.path.join(BASE_DIR, 'sessions')
-
-    # 资产显示排序方式, ['ip', 'hostname']
-    # ASSET_LIST_SORT_BY = 'ip'
-
-    # 登录是否支持密码认证
-    # PASSWORD_AUTH = True
-
-    # 登录是否支持秘钥认证
-    # PUBLIC_KEY_AUTH = True
-    
-    # SSH白名单
-    # ALLOW_SSH_USER = 'all'  # ['test', 'test2']
-
-    # SSH黑名单, 如果用户同时在白名单和黑名单，黑名单优先生效
-    # BLOCK_SSH_USER = []
-
-    # 和Jumpserver 保持心跳时间间隔
-    # HEARTBEAT_INTERVAL = 5
-
-    # Admin的名字，出问题会提示给用户
-    # ADMINS = ''
-    COMMAND_STORAGE = {
-        "TYPE": "server"
-    }
-    REPLAY_STORAGE = {
-        "TYPE": "server"
-    }
-
-    # SSH连接超时时间 (default 15 seconds)
-    # SSH_TIMEOUT = 15
-
-    # 语言 = en
-    LANGUAGE_CODE = 'zh'
-
-
-config = Config()

config_example.yml

+# 项目名称, 会用来向Jumpserver注册, 识别而已, 不能重复
+# NAME: {{ Hostname }}
+
+# Jumpserver项目的url, api请求注册会使用
+CORE_HOST: http://127.0.0.1:8080
+
+# Bootstrap Token, 预共享秘钥, 用来注册coco使用的service account和terminal
+# 请和jumpserver 配置文件中保持一致，注册完成后可以删除
+BOOTSTRAP_TOKEN: <ChangeIT>
+
+# 启动时绑定的ip, 默认 0.0.0.0
+# BIND_HOST: 0.0.0.0
+
+# 监听的SSH端口号, 默认2222
+# SSHD_PORT: 2222
+
+# 监听的HTTP/WS端口号，默认5000
+# HTTPD_PORT: 5000
+
+# 项目使用的ACCESS KEY, 默认会注册,并保存到 ACCESS_KEY_STORE中,
+# 如果有需求, 可以写到配置文件中, 格式 access_key_id:access_key_secret
+# ACCESS_KEY: null
+
+# ACCESS KEY 保存的地址, 默认注册后会保存到该文件中
+# ACCESS_KEY_STORE: keys/.access_key
+
+# 加密密钥
+# SECRET_KEY: null
+
+# 设置日志级别 ['DEBUG', 'INFO', 'WARN', 'ERROR', 'FATAL', 'CRITICAL']
+# LOG_LEVEL: INFO
+
+# 日志存放的目录
+# LOG_DIR: logs
+
+# SSH白名单
+# ALLOW_SSH_USER: 'all'
+
+# SSH黑名单, 如果用户同时在白名单和黑名单，黑名单优先生效
+# BLOCK_SSH_USER:
+#   -
+
+# 和Jumpserver 保持心跳时间间隔
+# HEARTBEAT_INTERVAL: 5
+
+# Admin的名字，出问题会提示给用户
+# ADMINS: ''
+
+# SSH连接超时时间 (default 15 seconds)
+# SSH_TIMEOUT: 15
+
+# 语言 = en
+# LANGUAGE_CODE: zh