Skip to content
Snippets Groups Projects
Commit d58514ed authored by Václav Bartoš's avatar Václav Bartoš
Browse files

configuration variables taken from local files

The UI should run from a directory directly under soctools root (or the "SOCTOOLS_BASE" must be modified)
parent c552f7f7
No related branches found
No related tags found
No related merge requests found
...@@ -5,18 +5,36 @@ from wtforms import StringField ...@@ -5,18 +5,36 @@ from wtforms import StringField
from wtforms.validators import DataRequired, Email from wtforms.validators import DataRequired, Email
import requests import requests
from datetime import datetime import yaml
from datetime import datetime
import os.path
import re
import subprocess import subprocess
app = Flask(__name__) app = Flask(__name__)
app.secret_key = "ASDF1234 - CHANGE ME!" app.secret_key = "ASDF1234 - CHANGE ME!"
# *** Configuration *** # *** Configuration of file paths ***
# TODO get this from config/environment SOCTOOLS_BASE = ".." # path to the root of soctools files
CA_CERT = "" # path to secrets/CA/ca.crt VARIABLES_FILE = os.path.join(SOCTOOLS_BASE, "group_vars/all/variables.yml")
KEYCLOAK_BASE_URL = "" # https://{{soctoolsproxy}}:12443 CA_CERT_FILE = os.path.join(SOCTOOLS_BASE, "secrets/CA/ca.crt")
KEYCLOAK_ADMIN_PASSWORD = "" # take from secrets/passwords/keykloak_admin (Note: should be keycloak, not keykloak) KEYCLOAK_ADMIN_PASSWORD_FILE = os.path.join(SOCTOOLS_BASE, "secrets/passwords/keykloak_admin") # Note: should be keycloak, not keykloak
@app.before_first_request
def load_config():
"""Load various variables, api keys, etc. and set configuration parameters"""
global SOCTOOLSPROXY, KEYCLOAK_BASE_URL, KEYCLOAK_ADMIN_PASSWORD
variables = yaml.safe_load(open(VARIABLES_FILE, "r"))
print(variables)
# Get FQDN of the main server
SOCTOOLSPROXY = variables["soctoolsproxy"]
assert re.match('[a-zA-Z0-9.-]+', SOCTOOLSPROXY), f"ERROR: The 'soctoolsproxy' variable loaded from '{VARIABLES_FILE}' is not a valid domain name."
# Set base URL to Keycloak
KEYCLOAK_BASE_URL = f"https://{SOCTOOLSPROXY}:12443"
# Load API key for Keycloak
KEYCLOAK_ADMIN_PASSWORD = open(KEYCLOAK_ADMIN_PASSWORD_FILE, "r").read(100) # read max 100 B, the key should never be so long
# *** Custom Jinja filters *** # *** Custom Jinja filters ***
def ts_to_str(ts): def ts_to_str(ts):
...@@ -37,7 +55,7 @@ def get_token(): ...@@ -37,7 +55,7 @@ def get_token():
"grant_type": "password" "grant_type": "password"
} }
try: try:
resp = requests.post(url, data, verify=CA_CERT) resp = requests.post(url, data, verify=CA_CERT_FILE)
if resp.status_code != 200: if resp.status_code != 200:
flash(f"ERROR: Can't get token for API access: ({resp.status_code}) {resp.text[:200]}", "error") flash(f"ERROR: Can't get token for API access: ({resp.status_code}) {resp.text[:200]}", "error")
return None return None
...@@ -52,7 +70,7 @@ def get_users(): ...@@ -52,7 +70,7 @@ def get_users():
token = get_token() token = get_token()
if token is None: if token is None:
return [] # can't get token, error message is already flashed by get_token function return [] # can't get token, error message is already flashed by get_token function
resp = requests.get(url, headers={'Authorization': 'Bearer ' + token}, verify=CA_CERT) resp = requests.get(url, headers={'Authorization': 'Bearer ' + token}, verify=CA_CERT_FILE)
if not resp.ok: if not resp.ok:
flash(f"ERROR: Can't get list of users: ({resp.status_code}) {resp.text[:200]}", "error") flash(f"ERROR: Can't get list of users: ({resp.status_code}) {resp.text[:200]}", "error")
return [] return []
......
...@@ -3,4 +3,5 @@ flask_wtf~=1.0.0 ...@@ -3,4 +3,5 @@ flask_wtf~=1.0.0
wtforms~=3.0.1 wtforms~=3.0.1
email-validator~=1.1.3 email-validator~=1.1.3
requests~=2.27.1 requests~=2.27.1
jinja2~=3.1.1 jinja2~=3.1.1
\ No newline at end of file PyYAML~=5.2
\ No newline at end of file
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment