From acbf965f94ae54dd4cc922baf8bf34088c7d2563 Mon Sep 17 00:00:00 2001 From: Mr Chen Date: Mon, 22 Apr 2019 11:33:29 +0800 Subject: [PATCH] uu --- plugins/op_acl/ico.png | Bin 0 -> 344 bytes plugins/op_acl/index.html | 17 +++ plugins/op_acl/index.py | 299 ++++++++++++++++++++++++++++++++++++++ plugins/op_acl/info.json | 15 ++ plugins/op_acl/install.sh | 37 +++++ 5 files changed, 368 insertions(+) create mode 100644 plugins/op_acl/ico.png create mode 100755 plugins/op_acl/index.html create mode 100755 plugins/op_acl/index.py create mode 100755 plugins/op_acl/info.json create mode 100755 plugins/op_acl/install.sh diff --git a/plugins/op_acl/ico.png b/plugins/op_acl/ico.png new file mode 100644 index 0000000000000000000000000000000000000000..39d56b20c4e900a33ec16d8f4b5e2d1b4909a512 GIT binary patch literal 344 zcmeAS@N?(olHy`uVBq!ia0vp^20*OA!3-q(BRicz0s%fDuK)l4_ulSJJTg-~<_Xj* zP!i-9%pmygze~s6wB4(ejAxdIo=N<$@di-txTlL_NX4zUmoM@)EAX^FJk;3K@%iul zGCjkf8cp?9`g^xTGy3S}e)Pyr0c@UQ&=_kb(sTRhtu{Zs% z)#g_}v(sF}vleSdUUr-zcJ@*&cf+p-Kl%CICJL9;*9l8KnIa*1N1DT$W9#}m>;DS1 zrj*C6Y*=yc{+!niFViPJi`821oL+r)+5Xqhti09EtBKF^;mKQDR+}2*M2-tTp8 z!XAdnmC5SA{z=b&ze>Kg`KkN;#0^t_DVtT+GNw;qZ?k00j0Sp%!PC{xWt~$(69BOQ Bk&yrZ literal 0 HcmV?d00001 diff --git a/plugins/op_acl/index.html b/plugins/op_acl/index.html new file mode 100755 index 000000000..4dd9fbcec --- /dev/null +++ b/plugins/op_acl/index.html @@ -0,0 +1,17 @@ +
+
+
+

服务

+

自启动

+

配置修改

+ +
+
+
+
+
+ +
+ \ No newline at end of file diff --git a/plugins/op_acl/index.py b/plugins/op_acl/index.py new file mode 100755 index 000000000..e27d33911 --- /dev/null +++ b/plugins/op_acl/index.py @@ -0,0 +1,299 @@ +# coding:utf-8 + +import sys +import io +import os +import time +import subprocess + +sys.path.append(os.getcwd() + "/class/core") +import public + + +app_debug = False + +if public.isAppleSystem(): + app_debug = True + + +def getPluginName(): + return 'op_firewall' + + +def getPluginDir(): + return public.getPluginDir() + '/' + getPluginName() + + +def getServerDir(): + return public.getServerDir() + '/' + getPluginName() + + +def getInitDFile(): + if app_debug: + return '/tmp/' + getPluginName() + return '/etc/init.d/' + getPluginName() + + +def getArgs(): + args = sys.argv[2:] + tmp = {} + args_len = len(args) + + if args_len == 1: + t = args[0].strip('{').strip('}') + t = t.split(':') + tmp[t[0]] = t[1] + elif args_len > 1: + for i in range(len(args)): + t = args[i].split(':') + tmp[t[0]] = t[1] + + return tmp + + +def clearTemp(): + path_bin = getServerDir() + "/nginx" + public.execShell('rm -rf ' + path_bin + '/client_body_temp') + public.execShell('rm -rf ' + path_bin + '/fastcgi_temp') + public.execShell('rm -rf ' + path_bin + '/proxy_temp') + public.execShell('rm -rf ' + path_bin + '/scgi_temp') + public.execShell('rm -rf ' + path_bin + '/uwsgi_temp') + + +def getConf(): + path = getServerDir() + "/nginx/conf/nginx.conf" + return path + + +def getConfTpl(): + path = getPluginDir() + '/conf/nginx.conf' + return path + + +def getOs(): + data = {} + data['os'] = public.getOs() + ng_exe_bin = getServerDir() + "/nginx/sbin/nginx" + if checkAuthEq(ng_exe_bin, 'root'): + data['auth'] = True + else: + data['auth'] = False + return public.getJson(data) + + +def getInitDTpl(): + path = getPluginDir() + "/init.d/nginx.tpl" + return path + + +def makeConf(): + vhost = getServerDir() + '/nginx/conf/vhost' + if not os.path.exists(vhost): + os.mkdir(vhost) + php_status = getServerDir() + '/nginx/conf/php_status' + if not os.path.exists(php_status): + os.mkdir(php_status) + + +def getFileOwner(filename): + import pwd + stat = os.lstat(filename) + uid = stat.st_uid + pw = pwd.getpwuid(uid) + return pw.pw_name + + +def checkAuthEq(file, owner='root'): + fowner = getFileOwner(file) + if (fowner == owner): + return True + return False + + +def confReplace(): + service_path = os.path.dirname(os.getcwd()) + content = public.readFile(getConfTpl()) + content = content.replace('{$SERVER_PATH}', service_path) + + user = 'www' + user_group = 'www' + + if public.getOs() == 'darwin': + # macosx do + user = public.execShell( + "who | sed -n '2, 1p' |awk '{print $1}'")[0].strip() + # user = 'root' + user_group = 'staff' + content = content.replace('{$EVENT_MODEL}', 'kqueue') + else: + content = content.replace('{$EVENT_MODEL}', 'epoll') + + content = content.replace('{$OS_USER}', user) + content = content.replace('{$OS_USER_GROUP}', user_group) + + public.writeFile(getServerDir() + '/nginx/conf/nginx.conf', content) + + # give nginx root permission + ng_exe_bin = getServerDir() + "/nginx/sbin/nginx" + if not checkAuthEq(ng_exe_bin, 'root'): + args = getArgs() + sudoPwd = args['pwd'] + cmd_own = 'chown -R ' + 'root:' + user_group + ' ' + ng_exe_bin + os.system('echo %s|sudo -S %s' % (sudoPwd, cmd_own)) + cmd_mod = 'chmod 755 ' + ng_exe_bin + os.system('echo %s|sudo -S %s' % (sudoPwd, cmd_mod)) + cmd_s = 'chmod u+s ' + ng_exe_bin + os.system('echo %s|sudo -S %s' % (sudoPwd, cmd_s)) + + +def initDreplace(): + + file_tpl = getInitDTpl() + service_path = os.path.dirname(os.getcwd()) + + initD_path = getServerDir() + '/init.d' + if not os.path.exists(initD_path): + os.mkdir(initD_path) + file_bin = initD_path + '/' + getPluginName() + + # initd replace + content = public.readFile(file_tpl) + content = content.replace('{$SERVER_PATH}', service_path) + public.writeFile(file_bin, content) + public.execShell('chmod +x ' + file_bin) + + # config replace + confReplace() + + # make nginx vhost or other + makeConf() + + return file_bin + + +def status(): + data = public.execShell( + "ps -ef|grep nginx |grep -v grep | grep -v python | awk '{print $2}'") + if data[0] == '': + return 'stop' + return 'start' + + +def start(): + file = initDreplace() + data = public.execShell(file + ' start') + if data[1] == '': + return 'ok' + return data[1] + + +def stop(): + file = initDreplace() + data = public.execShell(file + ' stop') + clearTemp() + if data[1] == '': + return 'ok' + return data[1] + + +def restart(): + file = initDreplace() + data = public.execShell(file + ' restart') + if data[1] == '': + return 'ok' + return data[1] + + +def reload(): + file = initDreplace() + data = public.execShell(file + ' reload') + if data[1] == '': + return 'ok' + return data[1] + + +def initdStatus(): + if not app_debug: + if public.isAppleSystem(): + return "Apple Computer does not support" + initd_bin = getInitDFile() + if os.path.exists(initd_bin): + return 'ok' + return 'fail' + + +def initdInstall(): + import shutil + if not app_debug: + if public.isAppleSystem(): + return "Apple Computer does not support" + + source_bin = initDreplace() + initd_bin = getInitDFile() + shutil.copyfile(source_bin, initd_bin) + public.execShell('chmod +x ' + initd_bin) + public.execShell('chkconfig --add ' + getPluginName()) + return 'ok' + + +def initdUinstall(): + if not app_debug: + if public.isAppleSystem(): + return "Apple Computer does not support" + + public.execShell('chkconfig --del ' + getPluginName()) + initd_bin = getInitDFile() + os.remove(initd_bin) + return 'ok' + + +def runInfo(): + # 取Openresty负载状态 + try: + result = public.httpGet('http://127.0.0.1/nginx_status') + tmp = result.split() + data = {} + data['active'] = tmp[2] + data['accepts'] = tmp[9] + data['handled'] = tmp[7] + data['requests'] = tmp[8] + data['Reading'] = tmp[11] + data['Writing'] = tmp[13] + data['Waiting'] = tmp[15] + return public.getJson(data) + except Exception as e: + return 'oprenresty not started' + + +def errorLogPath(): + return getServerDir() + '/nginx/logs/error.log' + + +if __name__ == "__main__": + func = sys.argv[1] + if func == 'status': + print status() + elif func == 'start': + print start() + elif func == 'stop': + print stop() + elif func == 'restart': + print restart() + elif func == 'reload': + print reload() + elif func == 'initd_status': + print initdStatus() + elif func == 'initd_install': + print initdInstall() + elif func == 'initd_uninstall': + print initdUinstall() + elif func == 'conf': + print getConf() + elif func == 'get_os': + print getOs() + elif func == 'run_info': + print runInfo() + elif func == 'error_log': + print errorLogPath() + else: + print 'error' diff --git a/plugins/op_acl/info.json b/plugins/op_acl/info.json new file mode 100755 index 000000000..8a76c8f19 --- /dev/null +++ b/plugins/op_acl/info.json @@ -0,0 +1,15 @@ +{ + "title":"OP文件访问权限[dev]", + "tip":"soft", + "name":"op_acl", + "type":"其他插件", + "ps":"控制访问权限,用于静态文件管理。", + "shell":"install.sh", + "checks":"server/op_acl", + "path":"server/op_acl", + "author":"loveshell", + "home":"", + "date":"2019-04-22", + "pid": "5", + "versions": ["0.1"] +} \ No newline at end of file diff --git a/plugins/op_acl/install.sh b/plugins/op_acl/install.sh new file mode 100755 index 000000000..7271177a7 --- /dev/null +++ b/plugins/op_acl/install.sh @@ -0,0 +1,37 @@ +#!/bin/bash +PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin:~/bin +export PATH + +curPath=`pwd` +rootPath=$(dirname "$curPath") +rootPath=$(dirname "$rootPath") +serverPath=$(dirname "$rootPath") + + +install_tmp=${rootPath}/tmp/mw_install.pl + + +Install_of(){ + + + echo '正在安装脚本文件...' > $install_tmp + mkdir -p $serverPath/op_firewall + + echo '0.1' > $serverPath/op_firewall/version.pl + echo 'install ok' > $install_tmp +} + +Uninstall_of(){ + rm -rf $serverPath/op_firewall +} + + +action=$1 +type=$2 + +action=$1 +if [ "${1}" == 'install' ];then + Install_of +else + Uninstall_of +fi