Unverified Commit 50c1b3ed authored by 老广's avatar 老广 Committed by GitHub

[Update] 统一coco host key (#2336)

parent 131e588d
# -*- coding: utf-8 -*-
#
import json
from django.dispatch import receiver
from django.db.models.signals import post_save, pre_save
from django.conf import LazySettings, empty
......@@ -8,7 +10,7 @@ from django.core.cache import cache
from jumpserver.utils import current_request
from .models import Setting
from .utils import get_logger
from .utils import get_logger, ssh_key_gen
from .signals import django_ready
logger = get_logger(__file__)
......@@ -62,6 +64,15 @@ def refresh_all_settings_on_django_ready(sender, **kwargs):
pass
@receiver(django_ready)
def auto_generate_terminal_host_key(sender, **kwargs):
if Setting.objects.filter(name='TERMINAL_HOST_KEY').exists():
return
private_key, public_key = ssh_key_gen()
value = json.dumps(private_key)
Setting.objects.create(name='TERMINAL_HOST_KEY', value=value)
@receiver(pre_save, dispatch_uid="my_unique_identifier")
def on_create_set_created_by(sender, instance=None, **kwargs):
if getattr(instance, '_ignore_auto_created_by', False) is True:
......
......@@ -321,6 +321,7 @@ defaults = {
'TERMINAL_ASSET_LIST_SORT_BY': 'hostname',
'TERMINAL_ASSET_LIST_PAGE_SIZE': 'auto',
'TERMINAL_SESSION_KEEP_DURATION': 9999,
'TERMINAL_HOST_KEY': '',
'SECURITY_MFA_AUTH': False,
'SECURITY_LOGIN_LIMIT_COUNT': 7,
'SECURITY_LOGIN_LIMIT_TIME': 30,
......
......@@ -504,6 +504,7 @@ TERMINAL_HEARTBEAT_INTERVAL = CONFIG.TERMINAL_HEARTBEAT_INTERVAL
TERMINAL_ASSET_LIST_SORT_BY = CONFIG.TERMINAL_ASSET_LIST_SORT_BY
TERMINAL_ASSET_LIST_PAGE_SIZE = CONFIG.TERMINAL_ASSET_LIST_PAGE_SIZE
TERMINAL_SESSION_KEEP_DURATION = CONFIG.TERMINAL_SESSION_KEEP_DURATION
TERMINAL_HOST_KEY = CONFIG.TERMINAL_HOST_KEY
# Django bootstrap3 setting, more see http://django-bootstrap3.readthedocs.io/en/latest/settings.html
BOOTSTRAP3 = {
......
......@@ -2989,7 +2989,7 @@ msgstr "一个月内历史汇总"
#: templates/index.html:277 templates/index.html:301
msgid "Login count"
msgstr "登次数"
msgstr "登次数"
#: templates/index.html:277 templates/index.html:308
msgid "Active users"
......@@ -3009,7 +3009,7 @@ msgstr "禁用用户"
#: templates/index.html:342 templates/index.html:394
msgid "Month not logged in user"
msgstr "月未登用户"
msgstr "月未登用户"
#: templates/index.html:368 templates/index.html:444
msgid "Access to the source"
......@@ -3017,7 +3017,7 @@ msgstr "访问来源"
#: templates/index.html:418 templates/index.html:468
msgid "Month is logged into the host"
msgstr "月被登主机"
msgstr "月被登主机"
#: templates/index.html:418 templates/index.html:469
msgid "Disable host"
......@@ -3025,7 +3025,7 @@ msgstr "禁用主机"
#: templates/index.html:418 templates/index.html:470
msgid "Month not logged on host"
msgstr "月未登主机"
msgstr "月未登主机"
#: templates/rest_framework/base.html:128
msgid "Filters"
......@@ -3583,7 +3583,7 @@ msgstr "更新ssh密钥"
#: users/templates/users/first_login.html:19
#: users/templates/users/first_login_done.html:19
msgid "First Login"
msgstr "首次登"
msgstr "首次登"
#: users/templates/users/first_login.html:72
msgid "I agree with the terms and conditions."
......@@ -4326,7 +4326,7 @@ msgstr "* 您的密码不符合要求"
#: users/views/login.py:349
msgid "First login"
msgstr "首次登"
msgstr "首次登"
#: users/views/user.py:145
msgid "Bulk update user success"
......
......@@ -61,8 +61,9 @@ class Terminal(models.Model):
def config(self):
configs = {}
for k in dir(settings):
if k.startswith('TERMINAL'):
configs[k] = getattr(settings, k)
if not k.startswith('TERMINAL'):
continue
configs[k] = getattr(settings, k)
configs.update(self.get_common_storage())
configs.update(self.get_replay_storage())
configs.update({
......
......@@ -19,6 +19,7 @@ from orgs.utils import current_org
from ..serializers import UserSerializer, UserPKUpdateSerializer, \
UserUpdateGroupSerializer, ChangeUserPasswordSerializer
from ..models import User
from ..signals import post_user_create
logger = get_logger(__name__)
......@@ -37,6 +38,10 @@ class UserViewSet(IDInFilterMixin, BulkModelViewSet):
permission_classes = (IsOrgAdmin,)
pagination_class = LimitOffsetPagination
def perform_create(self, serializer):
user = serializer.save()
post_user_create.send(self.__class__, user=user)
def get_queryset(self):
queryset = current_org.get_org_users()
return queryset
......
# SECURITY WARNING: keep the secret key used in production secret!
# 加密秘钥 生产环境中请修改为随机字符串,请勿外泄
# 加密秘钥 生产环境中请修改为随机字符串,请勿外泄, 可使用命令生成
# $ cat /dev/urandom | tr -dc A-Za-z0-9 | head -c 49;echo
SECRET_KEY:
# SECURITY WARNING: keep the bootstrap token used in production secret!
......@@ -64,4 +65,4 @@ REDIS_PORT: 6379
# OTP settings
# OTP/MFA 配置
# OTP_VALID_WINDOW: 0
# OTP_ISSUER_NAME: Jumpserver
\ No newline at end of file
# OTP_ISSUER_NAME: Jumpserver
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment