File: privileged.py

package info (click to toggle)
freedombox 26.2
  • links: PTS, VCS
  • area: main
  • in suites: forky, sid
  • size: 82,976 kB
  • sloc: python: 48,504; javascript: 1,736; xml: 481; makefile: 290; sh: 167; php: 32
file content (87 lines) | stat: -rw-r--r-- 2,975 bytes parent folder | download | duplicates (4) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
 
# SPDX-License-Identifier: AGPL-3.0-or-later
"""Configure Shadowsocks Server."""

import json
import os
import pathlib
import random
import string

from plinth import action_utils
from plinth.actions import privileged, secret_str

SHADOWSOCKS_CONFIG_SYMLINK = '/etc/shadowsocks-libev/fbxserver.json'
SHADOWSOCKS_CONFIG_ACTUAL = \
    '/var/lib/private/shadowsocks-libev/fbxserver/fbxserver.json'


@privileged
def setup():
    """Perform initial setup steps."""
    # Disable the default service, and use the templated service instead, so
    # that the configuration can be customized.
    action_utils.service_disable('shadowsocks-libev')

    os.makedirs('/var/lib/private/shadowsocks-libev/fbxserver/', exist_ok=True)

    if not os.path.islink(SHADOWSOCKS_CONFIG_SYMLINK):
        os.symlink(SHADOWSOCKS_CONFIG_ACTUAL, SHADOWSOCKS_CONFIG_SYMLINK)

    if not os.path.isfile(SHADOWSOCKS_CONFIG_ACTUAL):
        password = ''.join(
            random.choice(string.ascii_letters) for _ in range(12))
        initial_config = {
            'server': ['::0', '0.0.0.0'],  # As recommended in man page
            'mode': 'tcp_and_udp',
            'server_port': 8388,
            'password': password,
            'timeout': 86400,
            'method': 'chacha20-ietf-poly1305'
        }
        _merge_config(initial_config)

    from plinth.modules.shadowsocksserver import ShadowsocksServerApp
    if action_utils.service_is_enabled(ShadowsocksServerApp.DAEMON):
        action_utils.service_restart(ShadowsocksServerApp.DAEMON)


@privileged
def get_config() -> dict[str, int | str]:
    """Read and print Shadowsocks Server configuration."""
    config = open(SHADOWSOCKS_CONFIG_SYMLINK, 'r', encoding='utf-8').read()
    return json.loads(config)


def _merge_config(config):
    """Write merged configuration into file."""
    try:
        current_config = open(SHADOWSOCKS_CONFIG_SYMLINK, 'r',
                              encoding='utf-8').read()
        current_config = json.loads(current_config)
    except (OSError, json.JSONDecodeError):
        current_config = {}

    new_config = current_config
    new_config.update(config)
    new_config = json.dumps(new_config, indent=4, sort_keys=True)
    open(SHADOWSOCKS_CONFIG_SYMLINK, 'w', encoding='utf-8').write(new_config)


@privileged
def merge_config(password: secret_str, method: str):
    """Configure Shadowsocks Server."""
    config = {'password': password, 'method': method}
    _merge_config(config)

    # Don't try_restart because initial configuration may not be valid so
    # shadowsocks will not be running even when enabled.
    from . import ShadowsocksServerApp
    if action_utils.service_is_enabled(ShadowsocksServerApp.DAEMON):
        action_utils.service_restart(ShadowsocksServerApp.DAEMON)


@privileged
def uninstall():
    """Remove configuration files."""
    for path in SHADOWSOCKS_CONFIG_SYMLINK, SHADOWSOCKS_CONFIG_ACTUAL:
        pathlib.Path(path).unlink(missing_ok=True)