github
/
jumpserver
mirror of https://github.com/jumpserver/jumpserver
1
0
Fork 0
Code Issues Releases Wiki Activity

feat: automation windows pyrdp ping (#10602) 

* feat: automation windows pyrdp ping

* perf: add pyfreerdp deps

---------

Co-authored-by: feng <1304903146@qq.com>
Co-authored-by: Eric <xplzv@126.com>
pull/10647/head
fit2bot 2023-06-07 17:28:35 +08:00 committed by GitHub
parent cc57fcacce
commit bfd77aa1b0
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
13 changed files with 123 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

0
apps/accounts/automations/verify_account/custom/main.yml → apps/accounts/automations/verify_account/custom/rdp/main.yml
View File

13
apps/accounts/automations/verify_account/custom/rdp/manifest.yml Normal file
View File

@ -0,0 +1,13 @@
id: verify_account_by_rdp
name: "{{ 'Windows rdp account verify' | trans }}"
category:
- host
type:
- windows
method: verify_account
i18n:
Windows rdp account verify:
zh: 使用 Python 模块 pyfreerdp 验证账号
ja: Python モジュール pyfreerdp を使用してアカウントを検証する
en: Using Python module pyfreerdp to verify account

14
apps/accounts/automations/verify_account/custom/ssh/main.yml Normal file
View File

@ -0,0 +1,14 @@
- hosts: custom
gather_facts: no
vars:
ansible_connection: local
tasks:
- name: Verify account
ssh_ping:
login_host: "{{ jms_asset.address }}"
login_port: "{{ jms_asset.port }}"
login_user: "{{ account.username }}"
login_password: "{{ account.secret }}"
login_secret_type: "{{ account.secret_type }}"
login_private_key_path: "{{ account.private_key_path }}"

0
apps/accounts/automations/verify_account/custom/manifest.yml → apps/accounts/automations/verify_account/custom/ssh/manifest.yml
View File

4
apps/ops/ansible/modules/custom_command.py
View File

@ -64,7 +64,7 @@ name:
from ansible.module_utils.basic import AnsibleModule from ansible.module_utils.basic import AnsibleModule
from ops.ansible.modules_utils.custom_common import ( from ops.ansible.modules_utils.custom_common import (
SSHClient, ssh_common_argument_spec SSHClient, common_argument_spec
) )
@ -85,7 +85,7 @@ def get_commands(module):
def main(): def main():
argument_spec = ssh_common_argument_spec() argument_spec = common_argument_spec()
argument_spec.update( argument_spec.update(
name=dict(required=True, aliases=['user']), name=dict(required=True, aliases=['user']),
password=dict(aliases=['pass'], no_log=True), password=dict(aliases=['pass'], no_log=True),

86
apps/ops/ansible/modules/rdp_ping.py Normal file
View File

@ -0,0 +1,86 @@
#!/usr/bin/python
from __future__ import absolute_import, division, print_function
__metaclass__ = type
DOCUMENTATION = '''
---
module: custom_rdp_ping
short_description: Use rdp to probe whether an asset is connectable
description:
- Use rdp to probe whether an asset is connectable
'''
EXAMPLES = '''
- name: >
Ping asset server.
custom_rdp_ping:
login_host: 127.0.0.1
login_port: 3389
login_user: jms
login_password: password
'''
RETURN = '''
is_available:
description: Windows server availability.
returned: always
type: bool
sample: true
conn_err_msg:
description: Connection error message.
returned: always
type: str
sample: ''
'''
import pyfreerdp
from typing import NamedTuple
from ansible.module_utils.basic import AnsibleModule
from ops.ansible.modules_utils.custom_common import (
common_argument_spec
)
# =========================================
# Module execution.
#
class Param(NamedTuple):
hostname: str
port: int
username: str
password: str
def main():
options = common_argument_spec()
module = AnsibleModule(argument_spec=options, supports_check_mode=True)
result = {'changed': False, 'is_available': False}
secret_type = module.params['login_secret_type']
if secret_type != 'password':
module.fail_json(
msg=f'The current ansible does not support \
the verification method for {secret_type} types.'
)
return module.exit_json(**result)
params = Param(
hostname=module.params['login_host'],
port=module.params['login_port'],
username=module.params['login_user'],
password=module.params['login_password']
)
is_available = pyfreerdp.check_connectivity(*params, '', 0)
result['is_available'] = is_available
if not is_available:
module.fail_json(msg='Unable to connect to asset.')
return module.exit_json(**result)
if __name__ == '__main__':
main()

4
apps/ops/ansible/modules/ssh_ping.py
View File

@ -40,7 +40,7 @@ conn_err_msg:
from ansible.module_utils.basic import AnsibleModule from ansible.module_utils.basic import AnsibleModule
from ops.ansible.modules_utils.custom_common import ( from ops.ansible.modules_utils.custom_common import (
SSHClient, ssh_common_argument_spec SSHClient, common_argument_spec
) )
@ -50,7 +50,7 @@ from ops.ansible.modules_utils.custom_common import (
def main(): def main():
options = ssh_common_argument_spec() options = common_argument_spec()
module = AnsibleModule(argument_spec=options, supports_check_mode=True,) module = AnsibleModule(argument_spec=options, supports_check_mode=True,)
result = { result = {

3
apps/ops/ansible/modules_utils/custom_common.py
View File

@ -1,11 +1,10 @@
import time import time
import paramiko import paramiko
from paramiko.ssh_exception import SSHException, NoValidConnectionsError from paramiko.ssh_exception import SSHException, NoValidConnectionsError
def ssh_common_argument_spec(): def common_argument_spec():
options = dict( options = dict(
login_host=dict(type='str', required=False, default='localhost'), login_host=dict(type='str', required=False, default='localhost'),
login_port=dict(type='int', required=False, default=22), login_port=dict(type='int', required=False, default=22),

2
requirements/apk_pkg.sh
View File

@ -3,4 +3,4 @@ apk add \
gcc make python3-dev python3 libffi-dev mariadb-dev \ gcc make python3-dev python3 libffi-dev mariadb-dev \
libc-dev krb5-dev openldap-dev jpeg-dev linux-headers sshpass \ libc-dev krb5-dev openldap-dev jpeg-dev linux-headers sshpass \
openssh-client build-base libressl libffi-dev libressl-dev \ openssh-client build-base libressl libffi-dev libressl-dev \
libxslt-dev libxml2-dev xmlsec-dev xmlsec libxslt-dev libxml2-dev xmlsec-dev xmlsec freerdp-dev

2
requirements/deb_pkg.sh
View File

@ -2,4 +2,4 @@
apt install \ apt install \
g++ make iputils-ping default-libmysqlclient-dev libpq-dev \ g++ make iputils-ping default-libmysqlclient-dev libpq-dev \
libffi-dev libldap2-dev libsasl2-dev openssh-client sshpass pkg-config libxml2-dev \ libffi-dev libldap2-dev libsasl2-dev openssh-client sshpass pkg-config libxml2-dev \
libxmlsec1-dev libxmlsec1-openssl libaio-dev freetds-dev libxmlsec1-dev libxmlsec1-openssl libaio-dev freetds-dev freerdp2-dev

2
requirements/mac_pkg.sh
View File

@ -5,7 +5,7 @@ PROJECT_DIR=$(dirname "$BASE_DIR")
echo "1. 安装依赖" echo "1. 安装依赖"
brew install libtiff libjpeg webp little-cms2 openssl gettext git \ brew install libtiff libjpeg webp little-cms2 openssl gettext git \
git-lfs mysql libxml2 libxmlsec1 pkg-config postgresql freetds openssl \ git-lfs mysql libxml2 libxmlsec1 pkg-config postgresql freetds openssl \
libffi libffi freerdp
echo "2. 下载 IP 数据库" echo "2. 下载 IP 数据库"
ip_db_path="${PROJECT_DIR}/apps/common/utils/geoip/GeoLite2-City.mmdb" ip_db_path="${PROJECT_DIR}/apps/common/utils/geoip/GeoLite2-City.mmdb"

1
requirements/requirements.txt
View File

@ -126,6 +126,7 @@ pyOpenSSL==22.0.0
redis==4.5.4 redis==4.5.4
pyOpenSSL==22.0.0 pyOpenSSL==22.0.0
pymongo==4.2.0 pymongo==4.2.0
pyfreerdp==0.0.1
# Debug # Debug
ipython==8.10.0 ipython==8.10.0
ForgeryPy3==0.3.1 ForgeryPy3==0.3.1

2
requirements/rpm_pkg.sh
View File

@ -2,4 +2,4 @@
yum -y install \ yum -y install \
gcc-c++ sshpass mariadb-devel openldap-devel openssh-clients libxml2-devel \ gcc-c++ sshpass mariadb-devel openldap-devel openssh-clients libxml2-devel \
xmlsec1-devel xmlsec1-openssl-devel libtool-ltdl-devel \ xmlsec1-devel xmlsec1-openssl-devel libtool-ltdl-devel \
postgresql-devel postgresql-devel freerdp-devel