From 9e6b8c1e217615683005df5c9740769027f7bf02 Mon Sep 17 00:00:00 2001 From: Pete Vander Giessen Date: Tue, 29 Oct 2019 20:13:29 +0000 Subject: [PATCH] Allow off-host access to horizon dashboard by default. Added a question which allows off host access to horizon dashboard. Activated it by default, as that's probably what people are going to actually want. Change-Id: I0d5bccb3b2eb2b409072d8ae5f8b923942386119 --- snap/hooks/install | 1 + tests/test_basic.py | 17 ----------------- tools/init/init/main.py | 1 + tools/init/init/questions/__init__.py | 26 ++++++++++++++++++++++++++ 4 files changed, 28 insertions(+), 17 deletions(-) diff --git a/snap/hooks/install b/snap/hooks/install index fc09d03..af39678 100755 --- a/snap/hooks/install +++ b/snap/hooks/install @@ -18,6 +18,7 @@ snapctl set \ config.network.compute-ip=10.20.20.1 \ config.network.ext-cidr=10.20.20.1/24 \ config.network.security-rules=true \ + config.network.dashboard-allowed-hosts="*" \ ; # Passwords, certs, etc. diff --git a/tests/test_basic.py b/tests/test_basic.py index cd7fc17..c3b01e4 100755 --- a/tests/test_basic.py +++ b/tests/test_basic.py @@ -117,23 +117,6 @@ class TestBasics(Framework): # TODO: get rid of this, when we drop the ping tests back int. time.sleep(10) - if 'multipass' in self.PREFIX: - print("Opening {}:80 up to the outside world".format( - self.HORIZON_IP)) - - with open('/tmp/_10_hosts.py', 'w') as hosts: - hosts.write("""\ -# Allow all hosts to connect to this machine -ALLOWED_HOSTS = ['*',] -""") - check('multipass', 'copy-files', '/tmp/_10_hosts.py', - '{}:/tmp/_10_hosts.py'.format(self.MACHINE)) - check( - *self.PREFIX, 'sudo', 'cp', '/tmp/_10_hosts.py', - '/var/snap/microstack/common/etc/horizon/local_settings.d/' - ) - check(*self.PREFIX, 'sudo', 'snap', 'restart', 'microstack') - print('Verifying GUI for (IP: {})'.format(self.HORIZON_IP)) # Verify that our GUI is working properly self.driver.get("http://{}/".format(self.HORIZON_IP)) diff --git a/tools/init/init/main.py b/tools/init/init/main.py index 69d2409..df19cf8 100644 --- a/tools/init/init/main.py +++ b/tools/init/init/main.py @@ -103,6 +103,7 @@ def main() -> None: # The following are not yet implemented: # questions.VmSwappiness(), # questions.FileHandleLimits(), + questions.DashboardAccess(), questions.RabbitMq(), questions.DatabaseSetup(), questions.NovaHypervisor(), diff --git a/tools/init/init/questions/__init__.py b/tools/init/init/questions/__init__.py index d4d91dc..cfab02e 100644 --- a/tools/init/init/questions/__init__.py +++ b/tools/init/init/questions/__init__.py @@ -275,6 +275,32 @@ class FileHandleLimits(Question): pass +class DashboardAccess(Question): + + _type = 'string' + config_key = 'config.network.dashboard-allowed-hosts' + + def yes(self, answer): + log.info("Opening horizon dashboard up to {hosts}".format( + hosts=answer)) + + path_ = ('{SNAP_COMMON}/etc/horizon/local_settings.d' + '/_10_hosts.py'.format(**_env)) + + allowed_hosts = answer.split(',') + + # TODO: move to template. + # TODO: sanitize (since we're writing to executable Python!) + with open(path_, 'w') as hosts: + hosts.write("""\ +ALLOWED_HOSTS = {hosts} +""".format(hosts=allowed_hosts)) + + # Restart if needed. + if check_output('snapctl', 'get', 'initialized'): + check('snapctl', 'restart', 'microstack.horizon-uwsgi') + + class RabbitMq(Question): """Wait for Rabbit to start, then setup permissions."""