一、背景
最近在做一個django 主機管理項目,想在django web上實現執行主機指令,查了一下可以通過gateone實現,和大家分享一下。
二、步驟
1.安裝gateone
sudo yum -y install epel-release
sudo yum -y install python-pip
wget https://github.com/liftoff/GateOne/archive/master.zip
#也可訪問github git clone
#解壓
unzip master.zip -d /opt
pip3 install --upgrade pip
pip3 install tornado
#此處python3 tornado最好下載4.5.3版本
pip3 install --upgrade setuptools
pip3 install html5lib
cd /opt/GateOne-master
python3 setip.py install
#默認配置文件會在/etc/gateone
2.修改訪問配置
"disable_ssl": true, #改成http方式
"origins": ["localhost:8000", "127.0.0.1:8000", "xxxxx:8000", "django的外網IP:django端口"], #添加django的地址和端口
3.http://ip:port 訪問gateone是否正常
4.配置gateone api
gateone --new_api_key #生成api
#此時,通過http://ip:port 訪問會出現unauthenticated
5.gateone集成到django
#此處不多說直接上代碼,可直接複製粘貼,修改一些參數爲自己的參數
import time,hmac,hashlib,json
#web交互界面gateone
def gateone(request):
id = 1 #這裏暫時寫死只要id爲1的服務器
svr = server.objects.get(id = id)
ip = svr.outIP
port = svr.port
username = svr.username #寫死端口和用戶名
return render(request,'aggateone.html',locals()) #返回aggateone.html頁面
#gateone認證
def create_signature(secret,*parts):
hash = hmac.new(secret, digestmod=hashlib.sha1)
for part in parts:
hash.update(str(part).encode("utf-8"))
return hash.hexdigest()
def get_auth_obj(request):
# 安裝gateone的服務器以及端口.
gateone_server = 'http://121.41.37.251:8008' #本地gateone的訪問地址,注意http格式
# 生成的api_key 和secret
api_key = 'OGQxZGM5OGM1MGNlNDZkNmEwMTNmM2IyY2NlMGZlNjA3Z' #這裏是30api_keys.conf文件裏的key
secret = b'MDIzOWQyN2Y2MmU0NDdhMWIwN2Q3MjIzODU1MGFjYWVkY' #這裏是30api_keys.conf文件裏的secret
authobj = {
'api_key':api_key,
'upn':'gateone',
'timestamp':str(int(time.time() * 1000)),
'signature_method':'HMAC-SHA1',
'api_version':'1.2'
}
authobj['signature'] = create_signature(secret,authobj['api_key'],authobj['upn'],authobj['timestamp'])
auth_info_and_server = {'url':gateone_server,'auth':authobj}
return JsonResponse(auth_info_and_server)
6.添加路由
path(r'gateone.html', views.gateone),
path(r'get_auth_obj.html',views.get_auth_obj,name="get_auth_obj"),
7.添加前端展示界面,gateone.html
{% extends 'agbase.html' %}
{% load staticfiles %}
{% block title %}Gateone遠程連接{% endblock %}
{% block css %}
<script src = "/static/jquery-3.3.1.min.js"></script>
<script src = "/static/gateone/gateone.js"></script> <!-- 這裏需要手動複製一下gateone.js文件到django的靜態文件夾裏 -->
{% endblock %}
{% block content %}
<script>
$(function () {
<!--添加參數-->
var ip = '{{ ip }}';
var user = '{{ username }}';
var port = '{{ port }}';
var ssh_url = 'ssh://'+user+'@'+ip+':'+port;
//請求認證信息
<!--發起認證請求-->
$.ajax({
url:'{% url 'get_auth_obj' %}',
type:'GET',
dataType:'json',
success:function (data) {
var auth_message = data.auth;
var auth_url = data.url;
GateOne.init({
auth:auth_message,
url:auth_url,
theme:'solarized',
goDiv:'#gateone',
disableTermTransitions:'true',
autoConnectURL:ssh_url
});
}
});
<!--狀態記錄-->
GateOne.Base.superSandbox("GateOne.SomePlugin", ["GateOne", "GateOne.Net", "GateOne.Terminal.Input", "GateOne.Terminal"], function(window, undefined) {
var location = ip;
GateOne.prefs.autoConnectURL=ssh_url;
GateOne.prefs.fontSize="100%";
GateOne.prefs.scrollback = 10000; // scrollback buffer up to 10,000 lines
GateOne.Terminal.loadFont("Source Code Pro", "150%");
GateOne.Net.setLocation(location);
<!--記錄登錄狀態-->
});
})
</script>
<div id = "gateone_container" style = "position:relative; width: 110em; height: 55em;">
<div id = "gateone">
</div>
</div>
{% endblock %}
8.重啓django,刷新瀏覽器
三、問題總結
1.hmac.new/base64.b64encode(‘value’) TypeError: key: expected bytes or bytearray, but got ‘str’
此處爲value應爲byte,因此改成secret = b’MDIzOWQyN2Y2MmU0NDdhMWIwN2Q3MjIzODU1MGFjYWVkY’
2.此處gateone接入時還得輸入密碼,之後看看怎麼實現免密,再更新。