#!/usr/bin/python """ CryptoBottle v0.2 - minimalist webfrontend for cryptsetup prepare your Debian/squeeze: aptitude install python-bottle cryptsetup modprobe dm_crypt set all variables before the first run & create "mntpoint" run this script as root CryptoBottle is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 2 of the License, or (at your option) any later version. CryptoBottle is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this script. If not, see . """ from bottle import route, run, post, request, template, debug, TEMPLATES, static_file from subprocess import Popen, PIPE import os serverport = 83 cryptcmd = "/sbin/cryptsetup" mntcmd = "/bin/mount" umntcmd = "/bin/umount" cryptdevice = "/dev/vdc1" mapperpath = "/dev/mapper/" mappername = "vdc1" mntpoint = "/mnt" logo = "logo.png" basedir = os.getcwd() @route('/style/default.css') def server_static(): return static_file('default.css', root= basedir + '/style') @route(os.path.join('/style/', logo)) def server_static(): return static_file(logo, root= basedir + '/style') @route('/') def index(): output = {'passwd':'abschicken'} return template('generic', output=output) @route('/status') def cryptstatus(): shell = Popen([cryptcmd, "status", mappername], stdout=PIPE, stderr=PIPE) (cryptsetup, err) = shell.communicate() if err: return template('generic', output= {'cryptsetup':err}) if len(cryptsetup) == 0: cryptsetup = '"%s%s" is not mapped' % (mapperpath, mappername) shell = Popen(["df", "-h"], stdout=PIPE) (df, err) = shell.communicate() if err: return template('generic', output= {'df':err}) status = '' shell = Popen(["lsof", mntpoint], stdout=PIPE) lsof = shell.communicate()[0] output = {'cryptsetup': cryptsetup, 'df': df, 'lsof': lsof} return template('generic', output=output ) @route('/cryptopen', method='POST') def cryptopen(): cryptpw = request.forms.get('passwd') mount = '' if len(cryptpw) == 0: cryptsetup = 'kein Passwort angegeben' else: shell = Popen([cryptcmd, "luksOpen", cryptdevice, mappername], stdin=PIPE, stdout=PIPE,stderr=PIPE) (cryptsetup, err) = shell.communicate(cryptpw) if err: cryptsetup = err elif len(cryptsetup) == 0: cryptsetup = 'erfolgreich entschluesselt' shell = Popen([mntcmd, os.path.join(mapperpath, mappername), mntpoint], stdout=PIPE,stderr=PIPE) (mount, mount_err) = shell.communicate() if mount_err: mount = mount_err elif len(mount) == 0: mount = 'erfolgreich eingehangen' output = {'cryptsetup': cryptsetup, 'mount': mount} return template('generic', output=output ) @route('/cryptclose') def cryptclose(): output = {} umount = '' shell = Popen(["lsof", mntpoint], stdout=PIPE) lsof = shell.communicate()[0] if lsof: lsof += 'Aushaengen nicht moeglich. Verzeichnis wird noch benutzt.' output = {'lsof':lsof} else: shell = Popen([umntcmd, mntpoint], stdout=PIPE,stderr=PIPE) (umount, umount_err) = shell.communicate() if umount_err: output = {'mount':umount_err} elif len(umount) == 0: umount = 'erfolgreich ausgehangen' #try luksclose in any case shell = Popen([cryptcmd, "luksClose", mappername], stdout=PIPE,stderr=PIPE) (cryptsetup, err) = shell.communicate() if len(err) != 0: cryptsetup += err if len(cryptsetup) == 0: cryptsetup = 'erfolgreich verschluesselt' output = {'mount':umount, 'cryptsetup': cryptsetup} return template('generic', output=output) debug(True) run(host='', port=serverport, reloader=True)