2012-07-20 00:22:12 +02:00
|
|
|
#!/usr/bin/python
|
2012-07-22 21:10:44 +02:00
|
|
|
""" CryptoBottle v0.2 - minimalist webfrontend for cryptsetup
|
2012-07-20 00:22:12 +02:00
|
|
|
|
|
|
|
prepare your Debian/squeeze:
|
|
|
|
aptitude install python-bottle cryptsetup
|
|
|
|
modprobe dm_crypt
|
|
|
|
set all variables before the first run & create "mntpoint"
|
|
|
|
run this script as root
|
2012-07-22 21:10:44 +02:00
|
|
|
|
|
|
|
|
|
|
|
CryptoBottle is free software: you can redistribute it and/or modify
|
|
|
|
it under the terms of the GNU General Public License as published by
|
|
|
|
the Free Software Foundation, either version 2 of the License, or
|
|
|
|
(at your option) any later version.
|
|
|
|
|
|
|
|
CryptoBottle is distributed in the hope that it will be useful,
|
|
|
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
GNU General Public License for more details.
|
|
|
|
|
|
|
|
You should have received a copy of the GNU General Public License
|
|
|
|
along with this script. If not, see <http://www.gnu.org/licenses/>.
|
2012-07-20 00:22:12 +02:00
|
|
|
"""
|
2012-07-22 21:10:44 +02:00
|
|
|
|
2012-07-21 22:49:48 +02:00
|
|
|
from bottle import route, run, post, request, template, debug, TEMPLATES, static_file
|
2012-07-20 10:22:08 +02:00
|
|
|
from subprocess import Popen, PIPE
|
2012-11-28 15:17:42 +01:00
|
|
|
import os
|
2012-07-20 00:22:12 +02:00
|
|
|
|
|
|
|
serverport = 83
|
|
|
|
cryptcmd = "/sbin/cryptsetup"
|
|
|
|
mntcmd = "/bin/mount"
|
|
|
|
umntcmd = "/bin/umount"
|
|
|
|
cryptdevice = "/dev/vdc1"
|
|
|
|
mapperpath = "/dev/mapper/"
|
2012-07-21 22:49:48 +02:00
|
|
|
mappername = "vdc1"
|
2012-07-20 00:22:12 +02:00
|
|
|
mntpoint = "/mnt"
|
2012-07-22 21:10:44 +02:00
|
|
|
logo = "logo.png"
|
2012-11-28 15:17:42 +01:00
|
|
|
basedir = os.getcwd()
|
2012-07-20 00:22:12 +02:00
|
|
|
|
2012-07-21 22:49:48 +02:00
|
|
|
@route('/style/default.css')
|
|
|
|
def server_static():
|
2012-11-28 15:17:42 +01:00
|
|
|
return static_file('default.css', root= basedir + '/style')
|
|
|
|
@route(os.path.join('/style/', logo))
|
2012-07-22 21:10:44 +02:00
|
|
|
def server_static():
|
2012-11-28 15:17:42 +01:00
|
|
|
return static_file(logo, root= basedir + '/style')
|
2012-07-21 22:49:48 +02:00
|
|
|
|
2012-07-20 00:22:12 +02:00
|
|
|
@route('/')
|
|
|
|
def index():
|
2012-07-22 21:10:44 +02:00
|
|
|
output = {'passwd':'abschicken'}
|
2012-07-21 22:49:48 +02:00
|
|
|
return template('generic', output=output)
|
2012-07-20 00:22:12 +02:00
|
|
|
|
|
|
|
@route('/status')
|
|
|
|
def cryptstatus():
|
|
|
|
shell = Popen([cryptcmd, "status", mappername], stdout=PIPE, stderr=PIPE)
|
2012-07-21 22:49:48 +02:00
|
|
|
(cryptsetup, err) = shell.communicate()
|
2012-07-20 10:22:08 +02:00
|
|
|
if err:
|
2012-07-21 22:49:48 +02:00
|
|
|
return template('generic', output= {'cryptsetup':err})
|
|
|
|
if len(cryptsetup) == 0:
|
|
|
|
cryptsetup = '"%s%s" is not mapped' % (mapperpath, mappername)
|
2012-07-20 00:22:12 +02:00
|
|
|
|
|
|
|
shell = Popen(["df", "-h"], stdout=PIPE)
|
2012-07-21 22:49:48 +02:00
|
|
|
(df, err) = shell.communicate()
|
|
|
|
if err:
|
|
|
|
return template('generic', output= {'df':err})
|
|
|
|
status = ''
|
|
|
|
shell = Popen(["lsof", mntpoint], stdout=PIPE)
|
|
|
|
lsof = shell.communicate()[0]
|
|
|
|
output = {'cryptsetup': cryptsetup, 'df': df, 'lsof': lsof}
|
|
|
|
return template('generic', output=output )
|
2012-07-20 00:22:12 +02:00
|
|
|
|
|
|
|
@route('/cryptopen', method='POST')
|
|
|
|
def cryptopen():
|
|
|
|
cryptpw = request.forms.get('passwd')
|
2012-07-21 22:49:48 +02:00
|
|
|
mount = ''
|
2012-07-20 00:22:12 +02:00
|
|
|
if len(cryptpw) == 0:
|
2012-07-21 22:49:48 +02:00
|
|
|
cryptsetup = 'kein Passwort angegeben'
|
|
|
|
else:
|
|
|
|
shell = Popen([cryptcmd, "luksOpen", cryptdevice, mappername], stdin=PIPE, stdout=PIPE,stderr=PIPE)
|
|
|
|
(cryptsetup, err) = shell.communicate(cryptpw)
|
|
|
|
if err:
|
|
|
|
cryptsetup = err
|
|
|
|
elif len(cryptsetup) == 0:
|
|
|
|
cryptsetup = 'erfolgreich entschluesselt'
|
2012-11-28 15:17:42 +01:00
|
|
|
shell = Popen([mntcmd, os.path.join(mapperpath, mappername), mntpoint], stdout=PIPE,stderr=PIPE)
|
2012-07-21 22:49:48 +02:00
|
|
|
(mount, mount_err) = shell.communicate()
|
|
|
|
if mount_err:
|
|
|
|
mount = mount_err
|
|
|
|
elif len(mount) == 0:
|
|
|
|
mount = 'erfolgreich eingehangen'
|
|
|
|
|
|
|
|
output = {'cryptsetup': cryptsetup, 'mount': mount}
|
|
|
|
return template('generic', output=output )
|
2012-07-20 00:22:12 +02:00
|
|
|
|
|
|
|
@route('/cryptclose')
|
|
|
|
def cryptclose():
|
2012-07-21 22:49:48 +02:00
|
|
|
output = {}
|
|
|
|
umount = ''
|
2012-07-20 10:22:08 +02:00
|
|
|
shell = Popen(["lsof", mntpoint], stdout=PIPE)
|
2012-07-21 22:49:48 +02:00
|
|
|
lsof = shell.communicate()[0]
|
|
|
|
if lsof:
|
|
|
|
lsof += 'Aushaengen nicht moeglich. Verzeichnis wird noch benutzt.'
|
|
|
|
output = {'lsof':lsof}
|
|
|
|
else:
|
|
|
|
shell = Popen([umntcmd, mntpoint], stdout=PIPE,stderr=PIPE)
|
|
|
|
(umount, umount_err) = shell.communicate()
|
|
|
|
if umount_err:
|
|
|
|
output = {'mount':umount_err}
|
|
|
|
|
|
|
|
elif len(umount) == 0:
|
|
|
|
umount = 'erfolgreich ausgehangen'
|
|
|
|
#try luksclose in any case
|
2012-07-20 00:22:12 +02:00
|
|
|
shell = Popen([cryptcmd, "luksClose", mappername], stdout=PIPE,stderr=PIPE)
|
2012-07-21 22:49:48 +02:00
|
|
|
(cryptsetup, err) = shell.communicate()
|
2012-07-20 00:22:12 +02:00
|
|
|
if len(err) != 0:
|
2012-07-21 22:49:48 +02:00
|
|
|
cryptsetup += err
|
|
|
|
if len(cryptsetup) == 0:
|
|
|
|
cryptsetup = 'erfolgreich verschluesselt'
|
|
|
|
output = {'mount':umount, 'cryptsetup': cryptsetup}
|
|
|
|
return template('generic', output=output)
|
2012-07-20 00:22:12 +02:00
|
|
|
|
|
|
|
debug(True)
|
|
|
|
run(host='', port=serverport, reloader=True)
|
|
|
|
|