Loading services/webapp/code/rosetta/core_app/utils.py +77 −74 Original line number Diff line number Diff line Loading @@ -559,10 +559,49 @@ def setup_tunnel_and_proxy(task): task.tcp_tunnel_port = tcp_tunnel_port task.save() # Setup the proxy now. # Some info about the various SSL switches: https://serverfault.com/questions/577616/using-https-between-apache-loadbalancer-and-backends # Esnure conf directory exists # Check if the tunnel is (still) active, if not create it logger.debug('Checking if task "{}" has a running tunnel'.format(task)) out = os_shell('ps -ef | grep ":{}:{}:{}" | grep -v grep'.format(task.tcp_tunnel_port, task.interface_ip, task.interface_port), capture=True) if out.exit_code == 0: logger.debug('Task "{}" has a running tunnel, using it'.format(task)) else: logger.debug('Task "{}" has no running tunnel, creating it'.format(task)) # Get user keys user_keys = KeyPair.objects.get(user=task.user, default=True) # Tunnel command if task.computing.type == 'remotehop': # Get computing params first_host = task.computing.conf.get('first_host') first_user = task.computing.conf.get('first_user') #second_host = task.computing.conf.get('second_host') #second_user = task.computing.conf.get('second_user') #setup_command = task.computing.conf.get('setup_command') #base_port = task.computing.conf.get('base_port') tunnel_command= 'ssh -4 -i {} -o StrictHostKeyChecking=no -nNT -L 0.0.0.0:{}:{}:{} {}@{} & '.format(user_keys.private_key_file, task.tcp_tunnel_port, task.interface_ip, task.interface_port, first_user, first_host) else: tunnel_command= 'ssh -4 -o StrictHostKeyChecking=no -nNT -L 0.0.0.0:{}:{}:{} localhost & '.format(task.tcp_tunnel_port, task.interface_ip, task.interface_port) background_tunnel_command = 'nohup {} >/dev/null 2>&1 &'.format(tunnel_command) # Log logger.debug('Opening tunnel with command: {}'.format(background_tunnel_command)) # Execute subprocess.Popen(background_tunnel_command, shell=True) # Setup the proxy now (if required.) if task.requires_proxy: # Ensure conf directory exists if not os.path.exists('/shared/etc_apache2_sites_enabled'): os.makedirs('/shared/etc_apache2_sites_enabled') Loading @@ -573,8 +612,8 @@ def setup_tunnel_and_proxy(task): if not os.path.exists(apache_conf_file): # Write conf file # Some info about the various SSL switches: https://serverfault.com/questions/577616/using-https-between-apache-loadbalancer-and-backends logger.debug('Writing task proxy conf to {}'.format(apache_conf_file)) websocket_protocol = 'wss' if task.container.interface_protocol == 'https' else 'ws' task_proxy_host = get_task_proxy_host() apache_conf_content = ''' Loading Loading @@ -640,7 +679,7 @@ Listen '''+str(task.tcp_tunnel_port)+''' with open(apache_conf_file, 'w') as f: f.write(apache_conf_content) # Now check conf exist on proxy # Now check if conf exist on proxy logger.debug('Checking if conf is enabled on proxy service') out = os_shell('ssh -o StrictHostKeyChecking=no proxy "[ -e /etc/apache2/sites-enabled/{}.conf ]"'.format(task.uuid), capture=True) Loading @@ -661,42 +700,6 @@ Listen '''+str(task.tcp_tunnel_port)+''' raise ErrorMessage('Somthing went wrong when loading the task proxy conf') # Check if the tunnel is (still) active and if not create it logger.debug('Checking if task "{}" has a running tunnel'.format(task)) out = os_shell('ps -ef | grep ":{}:{}:{}" | grep -v grep'.format(task.tcp_tunnel_port, task.interface_ip, task.interface_port), capture=True) if out.exit_code == 0: logger.debug('Task "{}" has a running tunnel, using it'.format(task)) else: logger.debug('Task "{}" has no running tunnel, creating it'.format(task)) # Get user keys user_keys = KeyPair.objects.get(user=task.user, default=True) # Tunnel command if task.computing.type == 'remotehop': # Get computing params first_host = task.computing.conf.get('first_host') first_user = task.computing.conf.get('first_user') #second_host = task.computing.conf.get('second_host') #second_user = task.computing.conf.get('second_user') #setup_command = task.computing.conf.get('setup_command') #base_port = task.computing.conf.get('base_port') tunnel_command= 'ssh -4 -i {} -o StrictHostKeyChecking=no -nNT -L 0.0.0.0:{}:{}:{} {}@{} & '.format(user_keys.private_key_file, task.tcp_tunnel_port, task.interface_ip, task.interface_port, first_user, first_host) else: tunnel_command= 'ssh -4 -o StrictHostKeyChecking=no -nNT -L 0.0.0.0:{}:{}:{} localhost & '.format(task.tcp_tunnel_port, task.interface_ip, task.interface_port) background_tunnel_command = 'nohup {} >/dev/null 2>&1 &'.format(tunnel_command) # Log logger.debug('Opening tunnel with command: {}'.format(background_tunnel_command)) # Execute subprocess.Popen(background_tunnel_command, shell=True) Loading Loading
services/webapp/code/rosetta/core_app/utils.py +77 −74 Original line number Diff line number Diff line Loading @@ -559,10 +559,49 @@ def setup_tunnel_and_proxy(task): task.tcp_tunnel_port = tcp_tunnel_port task.save() # Setup the proxy now. # Some info about the various SSL switches: https://serverfault.com/questions/577616/using-https-between-apache-loadbalancer-and-backends # Esnure conf directory exists # Check if the tunnel is (still) active, if not create it logger.debug('Checking if task "{}" has a running tunnel'.format(task)) out = os_shell('ps -ef | grep ":{}:{}:{}" | grep -v grep'.format(task.tcp_tunnel_port, task.interface_ip, task.interface_port), capture=True) if out.exit_code == 0: logger.debug('Task "{}" has a running tunnel, using it'.format(task)) else: logger.debug('Task "{}" has no running tunnel, creating it'.format(task)) # Get user keys user_keys = KeyPair.objects.get(user=task.user, default=True) # Tunnel command if task.computing.type == 'remotehop': # Get computing params first_host = task.computing.conf.get('first_host') first_user = task.computing.conf.get('first_user') #second_host = task.computing.conf.get('second_host') #second_user = task.computing.conf.get('second_user') #setup_command = task.computing.conf.get('setup_command') #base_port = task.computing.conf.get('base_port') tunnel_command= 'ssh -4 -i {} -o StrictHostKeyChecking=no -nNT -L 0.0.0.0:{}:{}:{} {}@{} & '.format(user_keys.private_key_file, task.tcp_tunnel_port, task.interface_ip, task.interface_port, first_user, first_host) else: tunnel_command= 'ssh -4 -o StrictHostKeyChecking=no -nNT -L 0.0.0.0:{}:{}:{} localhost & '.format(task.tcp_tunnel_port, task.interface_ip, task.interface_port) background_tunnel_command = 'nohup {} >/dev/null 2>&1 &'.format(tunnel_command) # Log logger.debug('Opening tunnel with command: {}'.format(background_tunnel_command)) # Execute subprocess.Popen(background_tunnel_command, shell=True) # Setup the proxy now (if required.) if task.requires_proxy: # Ensure conf directory exists if not os.path.exists('/shared/etc_apache2_sites_enabled'): os.makedirs('/shared/etc_apache2_sites_enabled') Loading @@ -573,8 +612,8 @@ def setup_tunnel_and_proxy(task): if not os.path.exists(apache_conf_file): # Write conf file # Some info about the various SSL switches: https://serverfault.com/questions/577616/using-https-between-apache-loadbalancer-and-backends logger.debug('Writing task proxy conf to {}'.format(apache_conf_file)) websocket_protocol = 'wss' if task.container.interface_protocol == 'https' else 'ws' task_proxy_host = get_task_proxy_host() apache_conf_content = ''' Loading Loading @@ -640,7 +679,7 @@ Listen '''+str(task.tcp_tunnel_port)+''' with open(apache_conf_file, 'w') as f: f.write(apache_conf_content) # Now check conf exist on proxy # Now check if conf exist on proxy logger.debug('Checking if conf is enabled on proxy service') out = os_shell('ssh -o StrictHostKeyChecking=no proxy "[ -e /etc/apache2/sites-enabled/{}.conf ]"'.format(task.uuid), capture=True) Loading @@ -661,42 +700,6 @@ Listen '''+str(task.tcp_tunnel_port)+''' raise ErrorMessage('Somthing went wrong when loading the task proxy conf') # Check if the tunnel is (still) active and if not create it logger.debug('Checking if task "{}" has a running tunnel'.format(task)) out = os_shell('ps -ef | grep ":{}:{}:{}" | grep -v grep'.format(task.tcp_tunnel_port, task.interface_ip, task.interface_port), capture=True) if out.exit_code == 0: logger.debug('Task "{}" has a running tunnel, using it'.format(task)) else: logger.debug('Task "{}" has no running tunnel, creating it'.format(task)) # Get user keys user_keys = KeyPair.objects.get(user=task.user, default=True) # Tunnel command if task.computing.type == 'remotehop': # Get computing params first_host = task.computing.conf.get('first_host') first_user = task.computing.conf.get('first_user') #second_host = task.computing.conf.get('second_host') #second_user = task.computing.conf.get('second_user') #setup_command = task.computing.conf.get('setup_command') #base_port = task.computing.conf.get('base_port') tunnel_command= 'ssh -4 -i {} -o StrictHostKeyChecking=no -nNT -L 0.0.0.0:{}:{}:{} {}@{} & '.format(user_keys.private_key_file, task.tcp_tunnel_port, task.interface_ip, task.interface_port, first_user, first_host) else: tunnel_command= 'ssh -4 -o StrictHostKeyChecking=no -nNT -L 0.0.0.0:{}:{}:{} localhost & '.format(task.tcp_tunnel_port, task.interface_ip, task.interface_port) background_tunnel_command = 'nohup {} >/dev/null 2>&1 &'.format(tunnel_command) # Log logger.debug('Opening tunnel with command: {}'.format(background_tunnel_command)) # Execute subprocess.Popen(background_tunnel_command, shell=True) Loading
