Add random password setting on server creation

4cc50dd2 · Szabolcs Gelencsér · 76bd4c77 · 4cc50dd2 · 4cc50dd2 · 4cc50dd2
Commit 4cc50dd2 authored Aug 19, 2018 by Szabolcs Gelencsér
Showing with 51 additions and 4 deletions

circle/dashboard/models.py
+2 -1

circle/dashboard/views/vm.py
+19 -3

circle/vm/migrations/0020_serverpassword.py
+23 -0

circle/vm/models/instance.py
+5 -0

circle/vm/operations.py
+1 -0

requirements/circlestack.txt
+1 -0

No files found.
--- a/circle/dashboard/models.py
+++ b/circle/dashboard/models.py
@@ -23,6 +23,7 @@ from hashlib import md5
 from logging import getLogger
 from django.conf import settings
+from django.contrib.auth.base_user import BaseUserManager
 from django.contrib.auth.models import Group
 from django.contrib.auth.signals import user_logged_in
 from django.core.urlresolvers import reverse
@@ -57,7 +58,7 @@ logger = getLogger(__name__)
 def pwgen():
-    return "TODO: pwgen"#User.objects.make_random_password()
+    return BaseUserManager().make_random_password()
 class Message(TimeStampedModel, TimeFramedModel):

--- a/circle/dashboard/views/vm.py
+++ b/circle/dashboard/views/vm.py
@@ -16,12 +16,13 @@
 # with CIRCLE.  If not, see <http://www.gnu.org/licenses/>.
 from __future__ import unicode_literals, absolute_import
+import base64
 import json
 import logging
 from collections import OrderedDict
 import openstack_api
-from dashboard.models import Favourite
+from dashboard.models import Favourite, pwgen
 from django.conf import settings
 from django.contrib import messages
 from django.contrib.auth.mixins import LoginRequiredMixin
@@ -48,6 +49,7 @@ from common.models import (
 )
 from firewall.models import Vlan, Host, Rule
 # from manager.scheduler import SchedulerError
+from vm.models.instance import ServerPassword
 from network.models import DefaultPublicRouter, DefaultPublicRoutedNet, DefaultPublicSecurityGroup
 from openstack_api.nova import Server
 from request.forms import TemplateRequestForm, LeaseRequestForm
@@ -66,6 +68,8 @@ from ..forms import (
    AclUserOrGroupAddForm, VmResourcesForm, VmCustomizeForm, VmDeployForm, VmFromPlainImageForm, VmRemoveInterfaceForm,
    VmAddInterfaceForm, VmSaveForm, VmPortAddForm, VmPublicIpAddForm, VmPublicIpRemoveForm, VmRenewForm)
+from passlib.hash import sha512_crypt
 logger = logging.getLogger(__name__)
@@ -1089,9 +1093,16 @@ class VmPlainImageCreate(LoginRequiredMixin, TemplateView):
        return self.render_to_response(context)
    def post(self, request, *args, **kwargs):
+        password = pwgen()
+        init_script = "#cloud-config\n" \
+                      "users:\n" \
+                      "  - name: cloud\n" \
+                      "    lock_passwd: false\n" \
+                      "    passwd: {}".format(sha512_crypt.hash(password, rounds=4096))
+        security_group = DefaultPublicSecurityGroup.get(request)
        if request.POST.get("internet_access") or not settings.IS_NET_OMISSION_SUPPORTED:
            default_public_routed_net_id = DefaultPublicRoutedNet.get_id(request)
-            security_group = DefaultPublicSecurityGroup.get(request)
            server_created = openstack_api.nova.server_create(
                request,
                request.POST.get("name"),
@@ -1100,7 +1111,8 @@ class VmPlainImageCreate(LoginRequiredMixin, TemplateView):
                nics=({
                    'net-id': default_public_routed_net_id,
                },),
-                security_groups=[security_group.id]
+                security_groups=[security_group.id],
+                user_data=init_script
            )
        else:
            server_created = openstack_api.nova.server_create(
@@ -1108,10 +1120,14 @@ class VmPlainImageCreate(LoginRequiredMixin, TemplateView):
                request.POST.get("name"),
                request.POST.get("image"),
                request.POST.get("flavor"),
+                security_groups=[security_group.id],
+                user_data=init_script
            )
+        ServerPassword(os_server_id=server_created.id, password=password).save()
        return HttpResponseRedirect("vm/%s#activity" % server_created.id)
 class VmCreate(LoginRequiredMixin, TemplateView):
    form_class = VmCustomizeForm

--- a/circle/vm/migrations/0020_serverpassword.py
+++ b/circle/vm/migrations/0020_serverpassword.py
+# -*- coding: utf-8 -*-
+# Generated by Django 1.11.6 on 2018-08-19 16:15
+from __future__ import unicode_literals
+from django.db import migrations, models
+class Migration(migrations.Migration):
+    dependencies = [
+        ('vm', '0019_auto_20180531_1809'),
+    ]
+    operations = [
+        migrations.CreateModel(
+            name='ServerPassword',
+            fields=[
+                ('id', models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
+                ('os_server_id', models.CharField(max_length=100, unique=True)),
+                ('password', models.CharField(max_length=20)),
+            ],
+        ),
+    ]
--- a/circle/vm/models/instance.py
+++ b/circle/vm/models/instance.py
@@ -68,6 +68,11 @@ ACCESS_METHODS = [(key, name) for key, (name, port, transport)
                  in ACCESS_PROTOCOLS.iteritems()]
+class ServerPassword(Model):
+    os_server_id = CharField(unique=True, blank=False, max_length=100)
+    password = CharField(blank=False, max_length=20)
 def find_unused_port(port_range, used_ports=[]):
    """Find an unused port in the specified range.

--- a/circle/vm/operations.py
+++ b/circle/vm/operations.py
@@ -330,6 +330,7 @@ class DestroyOperation(InstanceOperation):
    os_policy_actions = (("compute", "compute:delete"),)
    def _operation(self, request):
        openstack_api.nova.server_delete(request, self.instance.id)

--- a/requirements/circlestack.txt
+++ b/requirements/circlestack.txt
@@ -135,3 +135,4 @@ wcwidth==0.1.7
 WebOb==1.7.4
 wrapt==1.10.11
 zope.interface==4.4.3
+passlib==1.7.1