9451d4b05ed6ba0ce732ab6153fb6a434bff7c1d
[x2gobroker.git] / x2gobroker / defaults.py
1 # -*- coding: utf-8 -*-
2
3 # Copyright (C) 2012-2014 by Mike Gabriel <mike.gabriel@das-netzwerkteam.de>
4 #
5 # X2Go Session Broker is free software; you can redistribute it and/or modify
6 # it under the terms of the GNU Affero General Public License as published by
7 # the Free Software Foundation; either version 3 of the License, or
8 # (at your option) any later version.
9 #
10 # X2Go Session Broker is distributed in the hope that it will be useful,
11 # but WITHOUT ANY WARRANTY; without even the implied warranty of
12 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
13 # GNU Affero General Public License for more details.
14 #
15 # You should have received a copy of the GNU Affero General Public License
16 # along with this program; if not, write to the
17 # Free Software Foundation, Inc.,
18 # 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA.
19
20 # modules
21 import os
22 import sys
23 import uuid
24 import getpass
25 import socket
26 import ConfigParser
27 import pwd, grp
28
29 import logging
30 from loggers import logger_broker, logger_access, logger_error, X2GOBROKER_DAEMON_USER
31
32 X2GOBROKER_USER =  pwd.getpwuid(os.geteuid())[0]
33 X2GOBROKER_GROUP =  grp.getgrgid(pwd.getpwuid(os.geteuid())[3])[0]
34 os.environ['HOME'] = pwd.getpwuid(os.geteuid())[5]
35
36 PROG_NAME = os.path.basename(sys.argv[0])
37
38 iniconfig_loaded = None
39 iniconfig_section = '-'.join(PROG_NAME.split('-')[1:])
40 X2GOBROKER_DEFAULTS = "/etc/x2go/broker/defaults.conf"
41 if os.path.isfile(X2GOBROKER_DEFAULTS) and os.access(X2GOBROKER_DEFAULTS, os.R_OK):
42     iniconfig = ConfigParser.SafeConfigParser()
43     iniconfig.optionxform = str
44     iniconfig_loaded = iniconfig.read(X2GOBROKER_DEFAULTS)
45
46 if os.environ.has_key('X2GOBROKER_DAEMON_GROUP'):
47     X2GOBROKER_DAEMON_GROUP=os.environ['X2GOBROKER_DAEMON_GROUP']
48 elif iniconfig_loaded and iniconfig.has_option(iniconfig_section, 'X2GOBROKER_DAEMON_GROUP'):
49     X2GOBROKER_DAEMON_GROUP=iniconfig.get(iniconfig_section, 'X2GOBROKER_DAEMON_GROUP')
50 elif iniconfig_loaded and iniconfig.has_option('common', 'X2GOBROKER_DAEMON_GROUP'):
51     X2GOBROKER_DAEMON_GROUP=iniconfig.get('common', 'X2GOBROKER_DAEMON_GROUP')
52 else:
53     X2GOBROKER_DAEMON_GROUP="x2gobroker"
54 if os.environ.has_key('X2GOBROKER_AGENT_USER'):
55     X2GOBROKER_AGENT_USER=os.environ['X2GOBROKER_AGENT_USER']
56 elif iniconfig_loaded and iniconfig.has_option(iniconfig_section, 'X2GOBROKER_AGENT_USER'):
57     X2GOBROKER_AGENT_USER=iniconfig.get(iniconfig_section, 'X2GOBROKER_AGENT_USER')
58 elif iniconfig_loaded and iniconfig.has_option('common', 'X2GOBROKER_AGENT_USER'):
59     X2GOBROKER_AGENT_USER=iniconfig.get('common', 'X2GOBROKER_AGENT_USER')
60 else:
61     X2GOBROKER_AGENT_USER="x2gobroker"
62
63 ###
64 ### dynamic default values, influencable through os.environ...
65 ###
66
67 if os.environ.has_key('X2GOBROKER_DEBUG'):
68     X2GOBROKER_DEBUG = ( os.environ['X2GOBROKER_DEBUG'].lower() in ('1', 'on', 'true', 'yes', ) )
69 elif iniconfig_loaded and iniconfig.has_option(iniconfig_section, 'X2GOBROKER_DEBUG'):
70     X2GOBROKER_DEBUG=iniconfig.get(iniconfig_section, 'X2GOBROKER_DEBUG')
71 elif iniconfig_loaded and iniconfig.has_option('common', 'X2GOBROKER_DEBUG'):
72     X2GOBROKER_DEBUG=iniconfig.get('common', 'X2GOBROKER_DEBUG')
73 else:
74     X2GOBROKER_DEBUG = False
75 if os.environ.has_key('X2GOBROKER_DEBUG_INTERACTIVELY'):
76     X2GOBROKER_DEBUG_INTERACTIVELY = ( os.environ['X2GOBROKER_DEBUG_INTERACTIVELY'].lower() in ('1', 'on', 'true', 'yes', ) )
77 elif iniconfig_loaded and iniconfig.has_option(iniconfig_section, 'X2GOBROKER_DEBUG_INTERACTIVELY'):
78     X2GOBROKER_DEBUG_INTERACTIVELY=iniconfig.get(iniconfig_section, 'X2GOBROKER_DEBUG_INTERACTIVELY')
79 elif iniconfig_loaded and iniconfig.has_option('common', 'X2GOBROKER_DEBUG_INTERACTIVELY'):
80     X2GOBROKER_DEBUG_INTERACTIVELY=iniconfig.get('common', 'X2GOBROKER_DEBUG_INTERACTIVELY')
81 else:
82     X2GOBROKER_DEBUG_INTERACTIVELY = False
83 if os.environ.has_key('X2GOBROKER_TESTSUITE'):
84     X2GOBROKER_TESTSUITE = ( os.environ['X2GOBROKER_TESTSUITE'].lower() in ('1', 'on', 'true', 'yes', ) )
85 elif iniconfig_loaded and iniconfig.has_option(iniconfig_section, 'X2GOBROKER_TESTSUITE'):
86     X2GOBROKER_TESTSUITE=iniconfig.get(iniconfig_section, 'X2GOBROKER_TESTSUITE')
87 elif iniconfig_loaded and iniconfig.has_option('common', 'X2GOBROKER_TESTSUITE'):
88     X2GOBROKER_TESTSUITE=iniconfig.get('common', 'X2GOBROKER_TESTSUITE')
89 else:
90     X2GOBROKER_TESTSUITE = False
91
92 # enforce debugging for interactive usage
93 if X2GOBROKER_USER != X2GOBROKER_DAEMON_USER:
94     X2GOBROKER_DEBUG = True
95
96 # raise log levels to CRITICAL if we are running the unittests...
97 if X2GOBROKER_TESTSUITE:
98     logger_broker.setLevel(logging.CRITICAL)
99     logger_access.setLevel(logging.CRITICAL)
100     logger_error.setLevel(logging.CRITICAL)
101
102 if os.environ.has_key('X2GOBROKER_CONFIG'):
103     X2GOBROKER_CONFIG = os.environ['X2GOBROKER_CONFIG']
104 elif iniconfig_loaded and iniconfig.has_option(iniconfig_section, 'X2GOBROKER_CONFIG'):
105     X2GOBROKER_CONFIG=iniconfig.get(iniconfig_section, 'X2GOBROKER_CONFIG')
106 elif iniconfig_loaded and iniconfig.has_option('common', 'X2GOBROKER_CONFIG'):
107     X2GOBROKER_CONFIG=iniconfig.get('common', 'X2GOBROKER_CONFIG')
108 else:
109     X2GOBROKER_CONFIG = "/etc/x2go/x2gobroker.conf"
110
111 if os.environ.has_key('X2GOBROKER_SESSIONPROFILES'):
112     X2GOBROKER_SESSIONPROFILES = os.environ['X2GOBROKER_SESSIONPROFILES']
113 elif iniconfig_loaded and iniconfig.has_option(iniconfig_section, 'X2GOBROKER_SESSIONPROFILES'):
114     X2GOBROKER_SESSIONPROFILES=iniconfig.get(iniconfig_section, 'X2GOBROKER_SESSIONPROFILES')
115 elif iniconfig_loaded and iniconfig.has_option('common', 'X2GOBROKER_SESSIONPROFILES'):
116     X2GOBROKER_SESSIONPROFILES=iniconfig.get('common', 'X2GOBROKER_SESSIONPROFILES')
117 else:
118     X2GOBROKER_SESSIONPROFILES = "/etc/x2go/broker/x2gobroker-sessionprofiles.conf"
119
120 if os.environ.has_key('X2GOBROKER_AGENT_CMD'):
121     X2GOBROKER_AGENT_CMD = os.environ['X2GOBROKER_AGENT_CMD']
122 elif iniconfig_loaded and iniconfig.has_option(iniconfig_section, 'X2GOBROKER_AGENT_CMD'):
123     X2GOBROKER_AGENT_CMD=iniconfig.get(iniconfig_section, 'X2GOBROKER_AGENT_CMD')
124 elif iniconfig_loaded and iniconfig.has_option('common', 'X2GOBROKER_AGENT_CMD'):
125     X2GOBROKER_AGENT_CMD=iniconfig.get('common', 'X2GOBROKER_AGENT_CMD')
126 else:
127     X2GOBROKER_AGENT_CMD = "/usr/lib/x2go/x2gobroker-agent"
128
129 if os.environ.has_key('X2GOBROKER_AUTHSERVICE_SOCKET'):
130     X2GOBROKER_AUTHSERVICE_SOCKET=os.environ['X2GOBROKER_AUTHSERVICE_SOCKET']
131 elif iniconfig_loaded and iniconfig.has_option(iniconfig_section, 'X2GOBROKER_AUTHSERVICE_SOCKET'):
132     X2GOBROKER_AUTHSERVICE_SOCKET=iniconfig.get(iniconfig_section, 'X2GOBROKER_AUTHSERVICE_SOCKET')
133 elif iniconfig_loaded and iniconfig.has_option('common', 'X2GOBROKER_AUTHSERVICE_SOCKET'):
134     X2GOBROKER_AUTHSERVICE_SOCKET=iniconfig.get('common', 'X2GOBROKER_AUTHSERVICE_SOCKET')
135 else:
136     if os.path.isdir('/run'):
137         RUNDIR = '/run'
138     else:
139         RUNDIR = '/var/run'
140     X2GOBROKER_AUTHSERVICE_SOCKET="{run}/x2gobroker/x2gobroker-authservice.socket".format(run=RUNDIR)
141
142 if os.environ.has_key('X2GOBROKER_DEFAULT_BACKEND'):
143     X2GOBROKER_DEFAULT_BACKEND = os.environ['X2GOBROKER_DEFAULT_BACKEND']
144 elif iniconfig_loaded and iniconfig.has_option(iniconfig_section, 'X2GOBROKER_DEFAULT_BACKEND'):
145     X2GOBROKER_DEFAULT_BACKEND=iniconfig.get(iniconfig_section, 'X2GOBROKER_DEFAULT_BACKEND')
146 elif iniconfig_loaded and iniconfig.has_option('common', 'X2GOBROKER_DEFAULT_BACKEND'):
147     X2GOBROKER_DEFAULT_BACKEND=iniconfig.get('common', 'X2GOBROKER_DEFAULT_BACKEND')
148 else:
149     X2GOBROKER_DEFAULT_BACKEND = "inifile"
150
151 if os.environ.has_key('DAEMON_BIND_ADDRESS'):
152     DAEMON_BIND_ADDRESS = os.environ['DAEMON_BIND_ADDRESS']
153 elif iniconfig_loaded and iniconfig.has_option(iniconfig_section, 'DAEMON_BIND_ADDRESS'):
154     DAEMON_BIND_ADDRESS = iniconfig.get(iniconfig_section, 'DAEMON_BIND_ADDRESS')
155 elif iniconfig_loaded and iniconfig.has_option('daemon', 'DAEMON_BIND_ADDRESS'):
156     DAEMON_BIND_ADDRESS = iniconfig.get('daemon', 'DAEMON_BIND_ADDRESS')
157 else:
158     DAEMON_BIND_ADDRESS = ""
159
160 if os.environ.has_key('X2GOBROKER_SSL_CERTFILE'):
161     X2GOBROKER_SSL_CERTFILE = os.environ['X2GOBROKER_SSL_CERTFILE']
162 elif iniconfig_loaded and iniconfig.has_option(iniconfig_section, 'X2GOBROKER_SSL_CERTFILE'):
163     X2GOBROKER_SSL_CERTFILE = iniconfig.get(iniconfig_section, 'X2GOBROKER_SSL_CERTFILE')
164 elif iniconfig_loaded and iniconfig.has_option('daemon', 'X2GOBROKER_SSL_CERTFILE'):
165     X2GOBROKER_SSL_CERTFILE = iniconfig.get('daemon', 'X2GOBROKER_SSL_CERTFILE')
166 else:
167     X2GOBROKER_SSL_CERTFILE = ""
168
169 if os.environ.has_key('X2GOBROKER_SSL_KEYFILE'):
170     X2GOBROKER_SSL_KEYFILE = os.environ['X2GOBROKER_SSL_KEYFILE']
171 elif iniconfig_loaded and iniconfig.has_option(iniconfig_section, 'X2GOBROKER_SSL_KEYFILE'):
172     X2GOBROKER_SSL_KEYFILE = iniconfig.get(iniconfig_section, 'X2GOBROKER_SSL_KEYFILE')
173 elif iniconfig_loaded and iniconfig.has_option('daemon', 'X2GOBROKER_SSL_KEYFILE'):
174     X2GOBROKER_SSL_KEYFILE = iniconfig.get('daemon', 'X2GOBROKER_SSL_KEYFILE')
175 else:
176     X2GOBROKER_SSL_KEYFILE = ""
177
178 ###
179 ### static / hard-coded defaults
180 ###
181
182 if socket.gethostname().find('.') >= 0:
183     X2GOBROKER_HOSTNAME = socket.gethostname()
184 else:
185     X2GOBROKER_HOSTNAME = socket.gethostbyaddr(socket.gethostname())[0]
186
187 # the home directory of the user that the daemon/cgi runs as
188 X2GOBROKER_HOME = os.path.normpath(os.path.expanduser('~{broker_uid}'.format(broker_uid=X2GOBROKER_DAEMON_USER)))
189
190 # defaults for X2Go Sessino Broker configuration file
191 X2GOBROKER_CONFIG_DEFAULTS = {
192     'global': {
193         u'require-password': True,
194         u'require-cookie': False,
195         u'use-static-cookie': True,
196         u'auth-timeout': 36000,
197         u'cookie-directory': '/var/lib/x2gobroker/cookies',
198         u'verify-ip': True,
199         u'pre_auth_scripts': [],
200         u'post_auth_scripts': [],
201         u'select_session_scripts': [],
202         u'my-cookie': uuid.uuid4(),
203         u'my-cookie-file': '/etc/x2go/broker/x2gobroker.authid',
204         u'enable-plain-output': True,
205         u'enable-json-output': True,
206         u'enable-uccs-output': False,
207         u'my-uccs-url-base': 'http://localhost:8080/',
208         u'default-auth-mech': u'pam',
209         u'default-user-db': u'libnss',
210         u'default-group-db': u'libnss',
211         u'ignore-primary-group-memberships': True,
212         u'default-session-autologin': False,
213         u'default-authorized-keys': u'%h/.x2go/authorized_keys',
214         u'default-sshproxy-authorized-keys': u'%h/.x2go/authorized_keys',
215         u'default-agent-query-mode': u'NONE',
216     },
217     'broker_base': {
218         u'enable': False,
219     },
220     'broker_zeroconf': {
221         u'enable': False,
222         u'auth-mech': u'pam',
223         u'user-db': u'libnss',
224         u'group-db': u'libnss',
225         u'desktop-shell': u'KDE',
226     },
227     'broker_inifile': {
228         u'enable': True,
229         u'session-profiles': u'/etc/x2go/broker/x2gobroker-sessionprofiles.conf',
230         u'auth-mech': u'',
231         u'user-db': u'',
232         u'group-db': u'',
233     },
234     'broker_ldap': {
235         u'enable': False,
236         u'auth-mech': u'ldap',
237         u'user-db': u'ldap',
238         u'group-db': u'ldap',
239         u'uri': u'ldap://localhost:389',
240         u'base': u'dc=example,dc=org',
241         u'user-search-filter': u'(&(objectClass=posixAccount)(uid=*))',
242         u'host-search-filter': u'(&(objectClass=ipHost)(serial=X2GoServer)(cn=*))',
243         u'group-search-filter': u'(&(objectClass=posifxGroup)(cn=*))',
244         u'starttls': False,
245         u'agent-query-mode': u'SSH',
246     },
247 }
248
249 X2GO_DESKTOP_SESSIONS= [
250     'KDE',
251     'GNOME',
252     'XFCE',
253     'CINNAMON',
254     'MATE',
255     'XFCE',
256     'LXDE',
257     'TRINITY',
258     'UNITY',
259     'XDMCP',
260 ]
261
262 # defaults for X2Go Sessino Broker session profiles file
263 X2GOBROKER_SESSIONPROFILE_DEFAULTS = {
264     u'DEFAULT': {
265         u'command': u'TERMINAL',
266         u'defsndport': True,
267         u'useiconv': False,
268         u'iconvfrom': u'UTF-8',
269         u'height': 600,
270         u'export': u'',
271         u'quality': 9,
272         u'fullscreen': False,
273         u'layout': u'',
274         u'useexports': True,
275         u'width': 800,
276         u'speed': 2,
277         u'soundsystem': u'pulse',
278         u'print': True,
279         u'type': u'auto',
280         u'sndport': 4713,
281         u'xinerama': True,
282         u'variant': u'',
283         u'usekbd': True,
284         u'fstunnel': True,
285         u'applications': [u'TERMINAL',u'WWWBROWSER',u'MAILCLIENT',u'OFFICE'],
286         u'multidisp': False,
287         u'sshproxyport': 22,
288         u'sound': True,
289         u'rootless': True,
290         u'iconvto': u'UTF-8',
291         u'soundtunnel': True,
292         u'dpi': 96,
293         u'sshport': 22,
294         u'setdpi': 0,
295         u'pack': u'16m-jpeg',
296         u'user': 'BROKER_USER',
297         u'host': [ u'localhost', ],
298         u'directrdp': False,
299         u'acl-users-allow': [],
300         u'acl-users-deny': [],
301         u'acl-users-order': '',
302         u'acl-groups-allow': [],
303         u'acl-groups-deny': [],
304         u'acl-groups-order': '',
305         u'acl-clients-allow': [],
306         u'acl-clients-deny': [],
307         u'acl-clients-order': '',
308         u'acl-any-order': u'deny-allow',
309     },
310 }