一、背景
最近在做一个django 主机管理项目,想在django web上实现执行主机指令,查了一下可以通过gateone实现,和大家分享一下。
二、步骤
1.安装gateone
sudo yum -y install epel-release
sudo yum -y install python-pip
wget https://github.com/liftoff/GateOne/archive/master.zip
#也可访问github git clone
#解压
unzip master.zip -d /opt
pip3 install --upgrade pip
pip3 install tornado
#此处python3 tornado最好下载4.5.3版本
pip3 install --upgrade setuptools
pip3 install html5lib
cd /opt/GateOne-master
python3 setip.py install
#默认配置文件会在/etc/gateone
2.修改访问配置
"disable_ssl": true, #改成http方式
"origins": ["localhost:8000", "127.0.0.1:8000", "xxxxx:8000", "django的外网IP:django端口"], #添加django的地址和端口
3.http://ip:port 访问gateone是否正常
4.配置gateone api
gateone --new_api_key #生成api
#此时,通过http://ip:port 访问会出现unauthenticated
5.gateone集成到django
#此处不多说直接上代码,可直接复制粘贴,修改一些参数为自己的参数
import time,hmac,hashlib,json
#web交互界面gateone
def gateone(request):
id = 1 #这里暂时写死只要id为1的服务器
svr = server.objects.get(id = id)
ip = svr.outIP
port = svr.port
username = svr.username #写死端口和用户名
return render(request,'aggateone.html',locals()) #返回aggateone.html页面
#gateone认证
def create_signature(secret,*parts):
hash = hmac.new(secret, digestmod=hashlib.sha1)
for part in parts:
hash.update(str(part).encode("utf-8"))
return hash.hexdigest()
def get_auth_obj(request):
# 安装gateone的服务器以及端口.
gateone_server = 'http://121.41.37.251:8008' #本地gateone的访问地址,注意http格式
# 生成的api_key 和secret
api_key = 'OGQxZGM5OGM1MGNlNDZkNmEwMTNmM2IyY2NlMGZlNjA3Z' #这里是30api_keys.conf文件里的key
secret = b'MDIzOWQyN2Y2MmU0NDdhMWIwN2Q3MjIzODU1MGFjYWVkY' #这里是30api_keys.conf文件里的secret
authobj = {
'api_key':api_key,
'upn':'gateone',
'timestamp':str(int(time.time() * 1000)),
'signature_method':'HMAC-SHA1',
'api_version':'1.2'
}
authobj['signature'] = create_signature(secret,authobj['api_key'],authobj['upn'],authobj['timestamp'])
auth_info_and_server = {'url':gateone_server,'auth':authobj}
return JsonResponse(auth_info_and_server)
6.添加路由
path(r'gateone.html', views.gateone),
path(r'get_auth_obj.html',views.get_auth_obj,name="get_auth_obj"),
7.添加前端展示界面,gateone.html
{% extends 'agbase.html' %}
{% load staticfiles %}
{% block title %}Gateone远程连接{% endblock %}
{% block css %}
<script src = "/static/jquery-3.3.1.min.js"></script>
<script src = "/static/gateone/gateone.js"></script> <!-- 这里需要手动复制一下gateone.js文件到django的静态文件夹里 -->
{% endblock %}
{% block content %}
<script>
$(function () {
<!--添加参数-->
var ip = '{{ ip }}';
var user = '{{ username }}';
var port = '{{ port }}';
var ssh_url = 'ssh://'+user+'@'+ip+':'+port;
//请求认证信息
<!--发起认证请求-->
$.ajax({
url:'{% url 'get_auth_obj' %}',
type:'GET',
dataType:'json',
success:function (data) {
var auth_message = data.auth;
var auth_url = data.url;
GateOne.init({
auth:auth_message,
url:auth_url,
theme:'solarized',
goDiv:'#gateone',
disableTermTransitions:'true',
autoConnectURL:ssh_url
});
}
});
<!--状态记录-->
GateOne.Base.superSandbox("GateOne.SomePlugin", ["GateOne", "GateOne.Net", "GateOne.Terminal.Input", "GateOne.Terminal"], function(window, undefined) {
var location = ip;
GateOne.prefs.autoConnectURL=ssh_url;
GateOne.prefs.fontSize="100%";
GateOne.prefs.scrollback = 10000; // scrollback buffer up to 10,000 lines
GateOne.Terminal.loadFont("Source Code Pro", "150%");
GateOne.Net.setLocation(location);
<!--记录登录状态-->
});
})
</script>
<div id = "gateone_container" style = "position:relative; width: 110em; height: 55em;">
<div id = "gateone">
</div>
</div>
{% endblock %}
8.重启django,刷新浏览器
三、问题总结
1.hmac.new/base64.b64encode(‘value’) TypeError: key: expected bytes or bytearray, but got ‘str’
此处为value应为byte,因此改成secret = b’MDIzOWQyN2Y2MmU0NDdhMWIwN2Q3MjIzODU1MGFjYWVkY’
2.此处gateone接入时还得输入密码,之后看看怎么实现免密,再更新。
扫一扫
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
