Verified Commit f4ae5b10 authored by Frederik Enste's avatar Frederik Enste
Browse files

#1 added environment support

parent f9f8cc1d
Pipeline #105 passed with stage
#!/bin/python3
# This script is maintained by https://gitlab.teco.edu/it/debian/teco-pve-autoremove-subscription-message
from argparse import ArgumentParser
from argparse import ArgumentParser, Action
from os import environ
from pprint import PrettyPrinter
from ldap import initialize, SCOPE_SUBTREE
from ldap.ldapobject import LDAPObject
from proxmoxer import ProxmoxAPI
......@@ -16,6 +18,9 @@ ldap_groups = 'ou=Group'
proxmox_host = 'proxmox.teco.edu'
proxmox_port = '443'
proxmox_user = None
proxmox_realm = None
proxmox_password = None
proxmox_ssl_check = True
proxmox_ldap_realm = 'ldap'
proxmox_ldap_managed_groups = ['IT', 'Staff', 'Students']
......@@ -39,6 +44,20 @@ dry_run = False
be_verbose = False
# for parsing environment variables as parameters
class EnvDefault(Action):
def __init__(self, envvar, required=True, default=None, **kwargs):
if not default and envvar:
if envvar in environ:
default = environ[envvar]
if required and default:
required = False
super(EnvDefault, self).__init__(default=default, required=required, **kwargs)
def __call__(self, parser, namespace, values, option_string=None):
setattr(namespace, self.dest, values)
def log(msg):
if isinstance(msg, str):
print(msg)
......@@ -51,23 +70,32 @@ def verbose(msg):
log(msg)
def login():
global dry_run, be_verbose
def parse_arguments():
global dry_run, be_verbose, proxmox_user, proxmox_realm, proxmox_password
parser = ArgumentParser(description='Synchronizes the TECO LDAP to the Proxmox User database.')
parser.add_argument('-u', '--user',
envvar='LDAP_SYNC_PROXMOX_USER',
action=EnvDefault,
dest='user',
required=True,
help='Required argument. Specify the user for Proxmox. '
'The user needs at least PVEUserAdmin role for /access.')
'The user needs at least PVEUserAdmin role for /access. '
'You can also pass this value via LDAP_SYNC_PROXMOX_USER environment variable.')
parser.add_argument('-r', '--realm',
envvar='LDAP_SYNC_PROXMOX_REALM',
action=EnvDefault,
dest='realm',
required=True,
help='The Login Realm of the previously specified user')
help='The Login Realm of the previously specified user'
'You can also pass this value via LDAP_SYNC_PROXMOX_REALM environment variable.')
parser.add_argument('-p', '--password',
envvar='LDAP_SYNC_PROXMOX_PASSWORD',
action=EnvDefault,
dest='password',
metavar='PASS',
required=True,
help='The password for the previously specified user')
help='The password for the previously specified user'
'You can also pass this value via LDAP_SYNC_PROXMOX_PASSWORD environment variable.')
parser.add_argument('-n', '--dry-run',
dest='dry_run',
action='store_const',
......@@ -83,6 +111,12 @@ def login():
args = parser.parse_args()
dry_run = args.dry_run
be_verbose = args.verbose
proxmox_user = args.user
proxmox_realm = args.realm
proxmox_password = args.password
def login():
verbose('Connecting to LDAP...')
ldap = initialize(ldap_uri,
bytes_mode=False)
......@@ -91,8 +125,8 @@ def login():
proxmox = ProxmoxAPI(host=proxmox_host,
backend='https',
port=proxmox_port,
user='{}@{}'.format(args.user, args.realm),
password=args.password,
user='{}@{}'.format(proxmox_user, proxmox_realm),
password=proxmox_password,
verify_ssl=proxmox_ssl_check)
verbose('done.')
return ldap, proxmox
......@@ -243,6 +277,7 @@ def sync(proxmox: ProxmoxAPI, ldap_user_dict: dict, proxmox_user_dict: dict):
def main():
parse_arguments()
(ldap, proxmox) = login()
ldap_group_dict: dict = get_ldap_groups(ldap)
ldap_user_dict: dict = get_ldap_users(ldap, ldap_group_dict)
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment