diff options
| author | Jonas Lindstad <jonaslindstad@gmail.com> | 2015-03-17 21:30:23 +0100 |
|---|---|---|
| committer | Jonas Lindstad <jonaslindstad@gmail.com> | 2015-03-17 21:30:23 +0100 |
| commit | dff222fbec7e95fa19ae822141a58d5ca46d233d (patch) | |
| tree | ebfdb3bd2f63fbb053893f857162b552fad8291b /fap/httpd | |
| parent | 939b606944b6892d26581bce598c66c790786de9 (diff) | |
foobar apache+PHP funker nĂ¥..
Diffstat (limited to 'fap/httpd')
| -rw-r--r-- | fap/httpd/README.md | 26 | ||||
| -rw-r--r-- | fap/httpd/ex2200.template | 29 | ||||
| -rw-r--r-- | fap/httpd/files/.gitignore | 3 | ||||
| -rw-r--r-- | fap/httpd/httpd_root/.htaccess | 3 | ||||
| -rw-r--r-- | fap/httpd/httpd_root/ex2200.template | 226 | ||||
| -rw-r--r-- | fap/httpd/httpd_root/x.php | 52 | ||||
| -rw-r--r-- | fap/httpd/server_http.py | 5 |
7 files changed, 317 insertions, 27 deletions
diff --git a/fap/httpd/README.md b/fap/httpd/README.md new file mode 100644 index 0000000..73c5634 --- /dev/null +++ b/fap/httpd/README.md @@ -0,0 +1,26 @@ +# HTTPD + +Well, not working out quite as I've hoped (at least for now). + +Resorted to Apache2, PHP and Postgres for the HTTP. Apache starts at boot, so no action required to get the stack up and after installation. + +``` +j@lappie:~/git/tgmanage$ cat /etc/apache2/sites-enabled/000-default.conf +<VirtualHost *:80> + ServerAdmin webmaster@localhost + + DocumentRoot /home/j/git/tgmanage/fap/httpd/httpd_root/ + + <Directory /home/j/git/tgmanage/fap/httpd/httpd_root> + Options Indexes FollowSymLinks MultiViews + AllowOverride All + Order allow,deny + allow from all + </Directory> + + ErrorLog ${APACHE_LOG_DIR}/error.log + LogLevel warn + + CustomLog ${APACHE_LOG_DIR}/access.log combined +</VirtualHost> +``` diff --git a/fap/httpd/ex2200.template b/fap/httpd/ex2200.template index aa62ff2..3adcdf9 100644 --- a/fap/httpd/ex2200.template +++ b/fap/httpd/ex2200.template @@ -82,9 +82,8 @@ interfaces { family ethernet-switching { port-mode trunk; vlan { - members deltagere; + members [deltagere mgmt]; } - native-vlan-id mgmt; } } } @@ -101,6 +100,7 @@ interfaces { filter { input v6-mgmt; } + address $mgmt_v6_addr/$mgmt_v6_cidr; } } } @@ -162,29 +162,6 @@ firewall { } } -ethernet-switching-options { - secure-access-port { - interface edge-ports { - no-dhcp-trusted; - } - vlan deltagere { - arp-inspection; - examine-dhcp; - examine-dhcpv6; - neighbor-discovery-inspection; - ip-source-guard; - ipv6-source-guard; - dhcp-option82; - dhcpv6-option18 { - use-option-82; - } - } - ipv6-source-guard-sessions { - max-number 128; - } - } -} - protocols { sflow { sample-rate { @@ -240,7 +217,7 @@ routing-options { rib inet6.0 { static { route ::/0 { - next-hop 20a0:dead::beef; + next-hop $mgmt_v6_gw; } } } diff --git a/fap/httpd/files/.gitignore b/fap/httpd/files/.gitignore new file mode 100644 index 0000000..cec9082 --- /dev/null +++ b/fap/httpd/files/.gitignore @@ -0,0 +1,3 @@ +* + +!.gitignore diff --git a/fap/httpd/httpd_root/.htaccess b/fap/httpd/httpd_root/.htaccess new file mode 100644 index 0000000..17add11 --- /dev/null +++ b/fap/httpd/httpd_root/.htaccess @@ -0,0 +1,3 @@ +RewriteEngine on +RewriteRule ^files/(.+)$ x.php?mode=image&file=$1 [L] +RewriteRule ^tg-edge/(.+)$ x.php?mode=config&hostname=$1 [L] diff --git a/fap/httpd/httpd_root/ex2200.template b/fap/httpd/httpd_root/ex2200.template new file mode 100644 index 0000000..e7c99f7 --- /dev/null +++ b/fap/httpd/httpd_root/ex2200.template @@ -0,0 +1,226 @@ +system { + host-name <?php echo $c['hostname']; ?>; + auto-snapshot; + time-zone Europe/Oslo; + authentication-order [ tacplus password ]; + root-authentication { + encrypted-password "$1$v1xWD3zI$OhStP6PnpgIUO3RLtMmIJ/"; + } + name-server { + 1.1.1.1; + 2.2.2.2; + } + login { + user technet{ + uid 2000; + class super-user; + authentication { + encrypted-password "$1$v1xWD3zI$OhStP6PnpgIUO3RLtMmIJ/"; + } + } + } + services { + ssh { + root-login deny; + } + netconf { + ssh; + } + } + syslog { + user * { + any emergency; + } + file messages { + any notice; + authorization info; + } + file interactive-commands { + interactive-commands any; + } + } + ntp { + server 1.2.3.4; + server 2.3.4.5; + } +} + +chassis { + aggregated-devices { + ethernet { + device-count 1; + } + } +} + +interfaces { + interface-range edge-ports { + member-range ge-0/0/0 to ge-0/0/43; + unit 0 { + family ethernet-switching { + port-mode access; + vlan { + members deltagere; + } + } + } + } + interface-range core-ports { + member-range ge-0/0/44 to ge-0/0/47; + ether-options { + 802.3ad ae0; + } + } + ae0 { + description "Til <?php echo $c['distro_name']; ?> <?php echo $c['distro_phy_port']; ?>"; + aggregated-ether-options { + lacp { + active; + } + } + unit 0 { + family ethernet-switching { + port-mode trunk; + vlan { + members [deltagere mgmt]; + } + } + } + } + vlan { + unit <?php echo $c['mgmt_vlan']; ?> { + description "MGMT L3 interface"; + family inet { + filter { + input v4-mgmt; + } + address <?php echo $c['mgmt_addr'] . '/' . $c['mgmt_cidr']; ?>; + } + family inet6 { + filter { + input v6-mgmt; + } + address <?php echo $c['mgmt_v6_addr'] . '/' . $c['mgmt_v6_cidr']; ?>; + } + } + } +} +firewall { + family inet { + filter v4-mgmt { + term accept-noc { + from { + source-address { + 0.0.0.0/0; + } + } + then accept; + } + term accept-icmp { + from { + protocol icmp; + } + then { + accept; + } + } + term reject-all { + then { + log; + syslog; + reject; + } + } + } + } + family inet6 { + filter v6-mgmt { + term accept-noc { + from { + source-address { + ::/0; + } + } + then accept; + } + term accept-icmp { + from { + next-header icmp6; + } + then { + accept; + } + } + term reject-all { + then { + log; + syslog; + reject; + } + } + } + } +} + +protocols { + sflow { + sample-rate { + ingress 10000; + egress 10000; + } + collector 91.209.30.12; + interfaces edge-ports; + interfaces core-ports; + } + igmp-snooping { + vlan all { + version 3; + immediate-leave; + } + } + mld-snooping { + vlan all { + version 2; + immediate-leave; + } + } + rstp { + bridge-priority 8k; + interface edge-ports { + edge; + no-root-port; + } + } + lldp { + interface ae0.0 + } +} + +vlans { + deltagere { + vlan-id <?php echo $c['traffic_vlan']; ?>; + } + mgmt { + vlan-id <?php echo $c['mgmt_vlan']; ?>; + l3-interface vlan.<?php echo $c['mgmt_vlan']; ?>; + } +} + +routing-options { + rib inet.0 { + static { + route 0.0.0.0/0 { + next-hop <?php echo $c['mgmt_gw']; ?>; + } + } + } + rib inet6.0 { + static { + route ::/0 { + next-hop <?php echo $c['mgmt_v6_gw']; ?>; + } + } + } +} + + diff --git a/fap/httpd/httpd_root/x.php b/fap/httpd/httpd_root/x.php new file mode 100644 index 0000000..70607cc --- /dev/null +++ b/fap/httpd/httpd_root/x.php @@ -0,0 +1,52 @@ +<?php + if(isset($_GET['mode'])){ + if($_GET['mode'] === 'config'){ + # LASTE NED CONFIG + /* + header('Content-Description: File Transfer'); + header('Content-Type: application/octet-stream'); + header('Content-Disposition: attachment; filename='.basename($file)); + header('Content-Length: ' . filesize('../files/' . $_GET['file'])); + + + */ + + $dbconn = pg_connect("host=localhost dbname=bootstrap user=bootstrap password=asdf") + or die('Could not connect: ' . pg_last_error()); + + // Performing SQL query + $query = 'SELECT * FROM switches WHERE hostname = \'' . $_GET['hostname'] . '\''; + $result = pg_query($query) or die('Query failed: ' . pg_last_error()); + if(pg_num_rows($result) == 1){ + $c = pg_fetch_assoc($result); + include 'ex2200.template'; + }else{ + header("HTTP/1.0 404 Not Found"); + die(); + } + + }elseif($_GET['mode'] === 'image'){ + if(isset($_GET['file']) && is_readable('../files/' . $_GET['file'])){ + # SEND IMAGE + header('Content-Description: File Transfer'); + header('Content-Type: application/octet-stream'); + header('Content-Disposition: attachment; filename='.basename($file)); + header('Content-Length: ' . filesize('../files/' . $_GET['file'])); + readfile('../files/' . $_GET['file']); + }else{ + header("HTTP/1.1 404 Not Found"); + die(); + } + + } + } + /* + if(substr($_SERVER['REQUEST_URI'], 0, 7 === '/files/'){ + # Laste ned JunOS-fil + echo 'henter fil'; + }elseif(substr($_SERVER['REQUEST_URI'], 0, 9 === '/tg-edge/'){ + # Hente config fra Postgres + echo 'henter config'; + } + */ +?> diff --git a/fap/httpd/server_http.py b/fap/httpd/server_http.py index bc9ceea..a9ae74c 100644 --- a/fap/httpd/server_http.py +++ b/fap/httpd/server_http.py @@ -62,7 +62,10 @@ def main(): 'mgmt_cidr': row['mgmt_cidr'], 'mgmt_gw': row['mgmt_gw'], 'mgmt_vlan': row['mgmt_vlan'], - 'traffic_vlan': row['traffic_vlan'] + 'traffic_vlan': row['traffic_vlan'], + 'mgmt_v6_addr': row['mgmt_v6_addr'], + 'mgmt_v6_cidr': row['mgmt_v6_cidr'], + 'mgmt_v6_gw': row['mgmt_v6_gw'] } cur.execute("UPDATE switches SET last_config_fetch = '%s' WHERE hostname = '%s'" % (str(time.time()).split('.')[0], hostname)) # updated DB with last config fetch conn.commit() |