#!/usr/bin/python #coding:utf-8 from xml.dom.minidom import Document import json,requests,hashlib,re from config import * def add_host(user,hostname,protocol,ip,port,host_username,host_password,os_family): h = hostname p = protocol connection = config.createElement(‘connection’) connection.setAttribute(‘name’, h) user.appendChild(connection) protocol = config.createElement(‘protocol’) protocol_text = config.createTextNode(p) protocol.appendChild(protocol_text) connection.appendChild(protocol) param = config.createElement(‘param’) param.setAttribute(‘name’, ‘hostname’) param_text = config.createTextNode(ip) param.appendChild(param_text) connection.appendChild(param) param = config.createElement(‘param’) param.setAttribute(‘name’, ‘port’) param_text = config.createTextNode(port) param.appendChild(param_text) connection.appendChild(param) param = config.createElement(‘param’) param.setAttribute(‘name’, ‘username’) param_text = config.createTextNode(host_username) param.appendChild(param_text) connection.appendChild(param) param = config.createElement(‘param’) param.setAttribute(‘name’, ‘password’) param_text = config.createTextNode(host_password) param.appendChild(param_text) connection.appendChild(param) if os_family == ‘win’: param = config.createElement(‘param’) param.setAttribute(‘name’, ‘enable-drive’) param_text = config.createTextNode(‘true’) param.appendChild(param_text) connection.appendChild(param) param = config.createElement(‘param’) param.setAttribute(‘name’, ‘create-drive-path’) param_text = config.createTextNode(‘true’) param.appendChild(param_text) connection.appendChild(param) param = config.createElement(‘param’) param.setAttribute(‘name’, ‘drive-path’) param_text = config.createTextNode(‘/var/ftp/pub/upload’) param.appendChild(param_text) connection.appendChild(param) else: param = config.createElement(‘param’) param.setAttribute(‘name’, ‘color-scheme’) param_text = config.createTextNode(‘white-black’) param.appendChild(param_text) connection.appendChild(param) return connection def add_user(map,guac_username,guac_password): user = config.createElement(‘authorize’) user.setAttribute(‘password’, guac_password) user.setAttribute(‘username’, guac_username) user.setAttribute(‘encoding’, ‘md5’) result = map.appendChild(user) return result def init_host(host): one_host = {} one_host[‘ip’] = host[‘ip’] one_host[‘hostname’] = host[‘name’] one_host[‘os’] = host[‘osfamily’] one_host[‘env’] = host[‘env’] one_host[‘tag’] = host[‘tag’] # _tmp = re.match(r’^[a-zA-Z]{3,10}’, host[‘tag’]) # one_host[‘tag’] = _tmp.group() return one_host def get_url(hostname): import base64 name = hostname + ‘\x00c\x00default’ init_name = base64.b64encode(name) ##guacamole服务器的公网ip url = ‘http://ip:8081/#/client/’ + init_name return url def create_md5(pwd): m = hashlib.md5() m.update(pwd) password = m.hexdigest() #print password return password if __name__==’__main__’: config = Document() map = config.createElement(‘user-mapping’) config.appendChild(map) ##用户是从CMDB API获取的 url = ‘http://cmdb.beyondhost.com/api/user/get/’ r = requests.get(url) users = json.loads(r.text) ##服务器列表也是cmdb中获取的 url = ‘http://cmdb.beyondhost.com/api/get_uhost/’ r = requests.get(url) hosts = json.loads(r.text) #print json.dumps(hosts,indent=4) host_set = [] for host in hosts: if host[‘env’]==’test’: _tmp = init_host(host) host_set.append(_tmp) for user in users: guac_username = user[‘username’] guac_password = user[‘password’] guac_group = user[‘group’] guac_additionalgroup = user[‘additionalgroupname’] user = add_user(map, guac_username, guac_password) for host in host_set: if guac_group == ‘OPS’: if host[‘os’] == ‘win’: port = ‘13040’ protocol = ‘rdp’ hostname = host[‘hostname’] ip = host[‘ip’] host_username = ‘administrator’ host_password = admin_passwd_test add_host(user, hostname, protocol, ip, port, host_username, host_password,host[‘os’]) elif host[‘os’] == ‘linux’: port = ’22’ protocol = ‘ssh’ hostname = host[‘hostname’] ip = host[‘ip’] host_username = ‘ansible’ host_password = ansible_passwd_test add_host(user, hostname, protocol, ip, port, host_username, host_password,host[‘os’]) else: if len(guac_additionalgroup) > 0: if host[‘tag’] in guac_additionalgroup : if host[‘os’] == ‘win’: port = ‘13040’ protocol = ‘rdp’ hostname = host[‘hostname’] ip = host[‘ip’] host_username = ‘dev’ host_password = dev_passwd_test add_host(user, hostname, protocol, ip, port, host_username, host_password,host[‘os’]) elif host[‘os’] == ‘linux’: port = ’22’ protocol = ‘ssh’ hostname = host[‘hostname’] ip = host[‘ip’] host_username = ‘ansible’ host_password = ansible_passwd_test add_host(user, hostname, protocol, ip, port, host_username, host_password,host[‘os’]) file_object = open(‘/etc/guacamole/user-mapping.xml’,’w’) file_object.write(config.toprettyxml(encoding=’utf-8′)) file_object.close()