Merge branch 'feature-environment' into 'master'

Added environment support Closes #1 See merge request !1

Merge branch 'feature-environment' into 'master'
Added environment support Closes #1 See merge request !1
2cd63104 · Frederik Enste · f9f8cc1d · f4ae5b10 · 2cd63104
Commit 2cd63104 authored Jan 04, 2021 by Frederik Enste
--- a/root/usr/share/teco/pve-ldap-sync
+++ b/root/usr/share/teco/pve-ldap-sync
 #!/bin/python3
 # This script is maintained by https://gitlab.teco.edu/it/debian/teco-pve-autoremove-subscription-message

-from argparse import ArgumentParser
+from argparse import ArgumentParser, Action
+from os import environ
 from pprint import PrettyPrinter
+
 from ldap import initialize, SCOPE_SUBTREE
 from ldap.ldapobject import LDAPObject
 from proxmoxer import ProxmoxAPI
@@ -16,6 +18,9 @@ ldap_groups = 'ou=Group'

 proxmox_host = 'proxmox.teco.edu'
 proxmox_port = '443'
+proxmox_user = None
+proxmox_realm = None
+proxmox_password = None
 proxmox_ssl_check = True
 proxmox_ldap_realm = 'ldap'
 proxmox_ldap_managed_groups = ['IT', 'Staff', 'Students']
@@ -39,6 +44,20 @@ dry_run = False
 be_verbose = False


+# for parsing environment variables as parameters
+class EnvDefault(Action):
+    def __init__(self, envvar, required=True, default=None, **kwargs):
+        if not default and envvar:
+            if envvar in environ:
+                default = environ[envvar]
+        if required and default:
+            required = False
+        super(EnvDefault, self).__init__(default=default, required=required, **kwargs)
+
+    def __call__(self, parser, namespace, values, option_string=None):
+        setattr(namespace, self.dest, values)
+
+
 def log(msg):
    if isinstance(msg, str):
        print(msg)
@@ -51,23 +70,32 @@ def verbose(msg):
        log(msg)


-def login():
-    global dry_run, be_verbose
+def parse_arguments():
+    global dry_run, be_verbose, proxmox_user, proxmox_realm, proxmox_password
    parser = ArgumentParser(description='Synchronizes the TECO LDAP to the Proxmox User database.')
    parser.add_argument('-u', '--user',
+                        envvar='LDAP_SYNC_PROXMOX_USER',
+                        action=EnvDefault,
                        dest='user',
                        required=True,
                        help='Required argument. Specify the user for Proxmox. '
-                             'The user needs at least PVEUserAdmin role for /access.')
+                             'The user needs at least PVEUserAdmin role for /access. '
+                             'You can also pass this value via LDAP_SYNC_PROXMOX_USER environment variable.')
    parser.add_argument('-r', '--realm',
+                        envvar='LDAP_SYNC_PROXMOX_REALM',
+                        action=EnvDefault,
                        dest='realm',
                        required=True,
-                        help='The Login Realm of the previously specified user')
+                        help='The Login Realm of the previously specified user'
+                             'You can also pass this value via LDAP_SYNC_PROXMOX_REALM environment variable.')
    parser.add_argument('-p', '--password',
+                        envvar='LDAP_SYNC_PROXMOX_PASSWORD',
+                        action=EnvDefault,
                        dest='password',
                        metavar='PASS',
                        required=True,
-                        help='The password for the previously specified user')
+                        help='The password for the previously specified user'
+                             'You can also pass this value via LDAP_SYNC_PROXMOX_PASSWORD environment variable.')
    parser.add_argument('-n', '--dry-run',
                        dest='dry_run',
                        action='store_const',
@@ -83,6 +111,12 @@ def login():
    args = parser.parse_args()
    dry_run = args.dry_run
    be_verbose = args.verbose
+    proxmox_user = args.user
+    proxmox_realm = args.realm
+    proxmox_password = args.password
+
+
+def login():
    verbose('Connecting to LDAP...')
    ldap = initialize(ldap_uri,
                      bytes_mode=False)
@@ -91,8 +125,8 @@ def login():
    proxmox = ProxmoxAPI(host=proxmox_host,
                         backend='https',
                         port=proxmox_port,
-                         user='{}@{}'.format(args.user, args.realm),
-                         password=args.password,
+                         user='{}@{}'.format(proxmox_user, proxmox_realm),
+                         password=proxmox_password,
                         verify_ssl=proxmox_ssl_check)
    verbose('done.')
    return ldap, proxmox
@@ -243,6 +277,7 @@ def sync(proxmox: ProxmoxAPI, ldap_user_dict: dict, proxmox_user_dict: dict):


 def main():
+    parse_arguments()
    (ldap, proxmox) = login()
    ldap_group_dict: dict = get_ldap_groups(ldap)
    ldap_user_dict: dict = get_ldap_users(ldap, ldap_group_dict)