diff --git a/passhport/connections_utils/scp.py b/passhport/connections_utils/scp.py index 1b45c6b6..736c6f17 100644 --- a/passhport/connections_utils/scp.py +++ b/passhport/connections_utils/scp.py @@ -12,9 +12,17 @@ def parse(originalcmd): """Parse the original scp command written by the user. Obtain the target, create the command to pass""" # We wait a command like : - #scp [option] /path/to/my/file user@bastion:targetname//path/on/destination + #scp file user@bastion:player//~ + #ssh user@bastion player scp file user@ip:/path/to/file + #ssh user@bastion player rm file + #scp [option] /path/to/my/file user@bastion:targetname[//user//ip]//path/on/destination + # Specific players : 1. If targetname//user//ip//path then it's a scp on a server behind a target + # 2. We retrive the file on the target (targetname) + # 3. We execute a scp on the target (ssh passhport@target scp file user@ip + # 4. We execure a rm on the target (ssh passhport@target rm file # or #scp [option] user@bastion:targetname//path/on/destination/file /local/path + # and we should obtain the target name a line like # scp -t /path/on/destination/file # scp -f /path/on/destination/file /local/path diff --git a/passhport/passhport b/passhport/passhport index f8287b27..8123fc27 100755 --- a/passhport/passhport +++ b/passhport/passhport @@ -60,7 +60,6 @@ def post(url, data): This is used to connect to passhportd, to log access""" try: if SSL: - print(data) r = requests.post(url_passhport + url, data=data, verify=SSL_CERTIFICAT) else: @@ -109,7 +108,7 @@ def checkandconnect(indexed_target_list, choice, username, originalcmd, login + "@" + target + "-" + username filelog = pathlog + filename port = get(url_passhport + "target" + "/port/" + - target) + targetname) sshoptions = get(url_passhport + "target" + \ "/sshoptions/" + targetname) diff --git a/passhport/passhport.ini b/passhport/passhport.ini index d0f89858..20c24653 100644 --- a/passhport/passhport.ini +++ b/passhport/passhport.ini @@ -3,7 +3,6 @@ [SSL] SSL = True SSL_CERTIFICAT = /home/passhport/certs/cert.pem -SSL_KEY = /home/passhport/certs/key.pem [Network] # Passhportd hostname should always be localhost since both diff --git a/passhportd/wsgi.py b/passhportd/wsgi.py deleted file mode 100644 index 6449e68a..00000000 --- a/passhportd/wsgi.py +++ /dev/null @@ -1,6 +0,0 @@ -from app import app - - -application = app -if __name__ == "__main__": - application.run() diff --git a/tools/apache.conf b/tools/apache.conf new file mode 100644 index 00000000..892cfdc1 --- /dev/null +++ b/tools/apache.conf @@ -0,0 +1,18 @@ + + servername passhportd + + WSGIDaemonProcess passhportd user=passhport group=passhport threads=5 + WSGIScriptAlias / /home/passhport/passhportd.wsgi + + + WSGIProcessGroup passhportd + WSGIApplicationGroup %{GLOBAL} + Require all granted + Order deny,allow + Allow from all + + + LogLevel warn + CustomLog /var/log/apache2/passhportd.librit.fr-access.log combined + ErrorLog /var/log/apache2/passhportd.librit.fr-error.log + diff --git a/tools/passhportd.wsgi b/tools/passhportd.wsgi new file mode 100755 index 00000000..c6d3d9bc --- /dev/null +++ b/tools/passhportd.wsgi @@ -0,0 +1,8 @@ +activate_this = '/home/passhport/passhport-run-env/bin/activate_this.py' +with open(activate_this) as file_: + exec(file_.read(), dict(__file__=activate_this)) + +import sys +sys.path.insert(0, '/home/passhport/passhport/passhportd') + +from app import app as application