codekasten/CryptoBottle/CryptoBottle.py

104 lines
3.4 KiB
Python
Raw Normal View History

2012-07-20 00:22:12 +02:00
#!/usr/bin/python
""" CryptoBottle - minimalistic webfrontend for cryptsetup
prepare your Debian/squeeze:
aptitude install python-bottle cryptsetup
modprobe dm_crypt
set all variables before the first run & create "mntpoint"
run this script as root
"""
2012-07-21 22:49:48 +02:00
from bottle import route, run, post, request, template, debug, TEMPLATES, static_file
2012-07-20 10:22:08 +02:00
from subprocess import Popen, PIPE
from os.path import join
2012-07-20 00:22:12 +02:00
serverport = 83
cryptcmd = "/sbin/cryptsetup"
mntcmd = "/bin/mount"
umntcmd = "/bin/umount"
cryptdevice = "/dev/vdc1"
mapperpath = "/dev/mapper/"
2012-07-21 22:49:48 +02:00
mappername = "vdc1"
2012-07-20 00:22:12 +02:00
mntpoint = "/mnt"
2012-07-21 22:49:48 +02:00
@route('/style/default.css')
def server_static():
return static_file('default.css', root='/data/cryptobottle-dev/style')
2012-07-20 00:22:12 +02:00
@route('/')
def index():
2012-07-21 22:49:48 +02:00
output = {'passwd':'Datenhafen oeffnen'}
return template('generic', output=output)
2012-07-20 00:22:12 +02:00
@route('/status')
def cryptstatus():
shell = Popen([cryptcmd, "status", mappername], stdout=PIPE, stderr=PIPE)
2012-07-21 22:49:48 +02:00
(cryptsetup, err) = shell.communicate()
2012-07-20 10:22:08 +02:00
if err:
2012-07-21 22:49:48 +02:00
return template('generic', output= {'cryptsetup':err})
if len(cryptsetup) == 0:
cryptsetup = '"%s%s" is not mapped' % (mapperpath, mappername)
2012-07-20 00:22:12 +02:00
shell = Popen(["df", "-h"], stdout=PIPE)
2012-07-21 22:49:48 +02:00
(df, err) = shell.communicate()
if err:
return template('generic', output= {'df':err})
status = ''
shell = Popen(["lsof", mntpoint], stdout=PIPE)
lsof = shell.communicate()[0]
output = {'cryptsetup': cryptsetup, 'df': df, 'lsof': lsof}
return template('generic', output=output )
2012-07-20 00:22:12 +02:00
@route('/cryptopen', method='POST')
def cryptopen():
cryptpw = request.forms.get('passwd')
2012-07-21 22:49:48 +02:00
mount = ''
2012-07-20 00:22:12 +02:00
if len(cryptpw) == 0:
2012-07-21 22:49:48 +02:00
cryptsetup = 'kein Passwort angegeben'
else:
shell = Popen([cryptcmd, "luksOpen", cryptdevice, mappername], stdin=PIPE, stdout=PIPE,stderr=PIPE)
(cryptsetup, err) = shell.communicate(cryptpw)
if err:
cryptsetup = err
elif len(cryptsetup) == 0:
cryptsetup = 'erfolgreich entschluesselt'
shell = Popen([mntcmd, join(mapperpath, mappername), mntpoint], stdout=PIPE,stderr=PIPE)
(mount, mount_err) = shell.communicate()
if mount_err:
mount = mount_err
elif len(mount) == 0:
mount = 'erfolgreich eingehangen'
output = {'cryptsetup': cryptsetup, 'mount': mount}
return template('generic', output=output )
2012-07-20 00:22:12 +02:00
@route('/cryptclose')
def cryptclose():
2012-07-21 22:49:48 +02:00
output = {}
umount = ''
2012-07-20 10:22:08 +02:00
shell = Popen(["lsof", mntpoint], stdout=PIPE)
2012-07-21 22:49:48 +02:00
lsof = shell.communicate()[0]
if lsof:
lsof += 'Aushaengen nicht moeglich. Verzeichnis wird noch benutzt.'
output = {'lsof':lsof}
else:
shell = Popen([umntcmd, mntpoint], stdout=PIPE,stderr=PIPE)
(umount, umount_err) = shell.communicate()
if umount_err:
output = {'mount':umount_err}
elif len(umount) == 0:
umount = 'erfolgreich ausgehangen'
#try luksclose in any case
2012-07-20 00:22:12 +02:00
shell = Popen([cryptcmd, "luksClose", mappername], stdout=PIPE,stderr=PIPE)
2012-07-21 22:49:48 +02:00
(cryptsetup, err) = shell.communicate()
2012-07-20 00:22:12 +02:00
if len(err) != 0:
2012-07-21 22:49:48 +02:00
cryptsetup += err
if len(cryptsetup) == 0:
cryptsetup = 'erfolgreich verschluesselt'
output = {'mount':umount, 'cryptsetup': cryptsetup}
return template('generic', output=output)
2012-07-20 00:22:12 +02:00
debug(True)
run(host='', port=serverport, reloader=True)