"
198 | ],
199 | "boot_wait": "10s",
200 | "disk_size": "{{user `disk-size`}}",
201 | "output_directory":"{{user `name`}}-vbox",
202 | "type": "virtualbox-iso",
203 | "name": "virtualbox-windows-iso",
204 | "headless":"False",
205 | "iso_checksum": "376be7d4855ad6281cb139430606a782fd6189dcb01d7b61448e915802cc350f",
206 | "iso_checksum_type": "sha256",
207 | "iso_url": "https://archive.fedoraproject.org/pub/archive/fedora/linux/releases/20/Fedora/x86_64/iso/Fedora-20-x86_64-netinst.iso",
208 | "ssh_username": "root",
209 | "ssh_password":"eosplus",
210 | "ssh_port":"22",
211 | "ssh_wait_timeout": "20m",
212 | "guest_os_type": "Fedora_64",
213 | "vm_name":"{{user `name`}}",
214 | "vboxmanage": [
215 | [
216 | "modifyvm",
217 | "{{.Name}}",
218 | "--memory",
219 | "{{user `ram`}}"
220 | ],
221 | [
222 | "modifyvm",
223 | "{{.Name}}",
224 | "--cpus",
225 | "1"
226 | ],
227 | [
228 | "modifyvm",
229 | "{{.Name}}",
230 | "--pae",
231 | "off"
232 | ],
233 | [
234 | "modifyvm",
235 | "{{.Name}}",
236 | "--hwvirtex",
237 | "on"
238 | ],
239 | [
240 | "modifyvm",
241 | "{{.Name}}",
242 | "--vtxux",
243 | "on"
244 | ],
245 | [
246 | "modifyvm",
247 | "{{.Name}}",
248 | "--vtxvpid",
249 | "on"
250 | ],
251 | [
252 | "modifyvm",
253 | "{{.Name}}",
254 | "--rtcuseutc",
255 | "on"
256 | ],
257 | [
258 | "modifyvm",
259 | "{{.Name}}",
260 | "--bioslogodisplaytime",
261 | "1"
262 | ],
263 | [
264 | "modifyvm",
265 | "{{.Name}}",
266 | "--nic1",
267 | "nat"
268 | ],
269 | [
270 | "modifyvm",
271 | "{{.Name}}",
272 | "--nic2",
273 | "hostonly"
274 | ],
275 | [
276 | "modifyvm",
277 | "{{.Name}}",
278 | "--hostonlyadapter2",
279 | "VirtualBox Host-Only Ethernet Adapter #2"
280 | ]
281 | ],
282 | "shutdown_command": "/sbin/shutdown -h now",
283 | "http_directory":"http/"
284 | }
285 | ],
286 | "provisioners": [
287 | {
288 | "source": "conf",
289 | "destination": "/tmp/packer",
290 | "type":"file"
291 | },
292 | {
293 | "source": "files",
294 | "destination": "/tmp/packer",
295 | "type":"file"
296 | },
297 | {
298 | "scripts": [
299 | "scripts/setup.sh"
300 | ],
301 | "type" : "shell"
302 | }
303 | ]
304 | }
305 |
--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
1 | #Automatically Create a Full-Featured ZTPServer
2 |
3 | ##Introduction
4 | This project uses [Packer](https://packer.io) to automatically create a
5 | full-featured ZTPServer VM.
6 | By using this method, you can be sure that all of the required packages and
7 | dependencies are installed right out of the gate.
8 | This setup will include some extra services like XMPP, Syslog, NTP, DHCP, DNS,
9 | LLDPAD and others to help you get a complete testing environment running quickly.
10 |
11 | You can also use Packer to automate the setup of [vEOS nodes](https://github.com/arista-eosplus/packer-veos).
12 |
13 | ###What's Supported
14 | * **Host Operating Systems**
15 | * Windows
16 | * Mac Osx
17 | * EOS (run as a 32-bit Fedora 20 VM on EOS)
18 | * **Host Hypervisors**
19 | * VirtualBox
20 | * VMware Fusion
21 | * VMware Workstation
22 | * VMware [ESXi](#how-the-esxi-builder-works)
23 | * **VM Remote Operating Systems**
24 | * Fedora 20
25 | * Ubuntu 12.04
26 |
27 | ##Getting Started
28 | There is a nice, shiny [python script](https://github.com/arista-eosplus/packer-ztpserver/blob/master/create-ztpserver.py)
29 | that will make your life very easy!
30 |
31 | Here's what it's going to do:
32 | * Download and install [Packer](https://packer.io) to ~/packer-bin (~80MB)
33 | * Create some virtual networks. It might also change existing settings,
34 | but we'll create a backup just in case you want to revert. Check out the
35 | [details](#the-minor-details) for more information. We won't disturb **vmnet0**(Workstation), **vmnet1** and **vmnet8** in VMware which are
36 | the default networks.
37 | * Create a ZTPServer VM with the hypervisor you choose.
38 |
39 | ###Requirements
40 | * Python (this has been tested on Python 2.7.x)
41 | * [Get Python 2.7.x for Windows](https://www.python.org/downloads/windows/)
42 | * Git (technically optional but makes life easier)
43 | * [Get Git](http://git-scm.com/downloads)
44 | * User running script has sudo privileges (NIX-based)
45 |
46 | ###Go Time
47 | ####Script Arguments
48 |
49 | arista:packer-ztpserver arista$ ./create-ztpserver.py -h
50 | usage: create-ztpserver.py [-h] -H {vmware,esxi,virtualbox} -o
51 | {fedora,ubuntu,eos} [-n VMNAME] [-d DISK_SIZE]
52 | [-u ESXI_USER] [-e ESXI_HOST] [-p DATASTORE_PATH]
53 | [-i ESXI_NETWORK]
54 |
55 | Automatically install the ZTPServer Demo
56 |
57 | optional arguments:
58 | -h, --help show this help message and exit
59 | -H {vmware,esxi,virtualbox}, --hypervisor {vmware,esxi,virtualbox}
60 | Hypervisor to create VM in
61 | -o {fedora,ubuntu,eos}, --os {fedora,ubuntu,eos}
62 | Desired OS to use for VM
63 | -n VMNAME, --vmname VMNAME
64 | The Virtual Machine name
65 | -d DISK_SIZE, --disk-size DISK_SIZE
66 | VM Disk size in MB
67 | -u ESXI_USER, --esxi-user ESXI_USER
68 | The ESXi username
69 | -e ESXI_HOST, --esxi-host ESXI_HOST
70 | The IP or hostname of the ESXi host
71 | -p DATASTORE_PATH, --datastore-path DATASTORE_PATH
72 | The ESXi path to save the VM
73 | -i ESXI_NETWORK, --esxi-network ESXI_NETWORK
74 | vSphere network assigned to VM that allows
75 | communication with local builder
76 |
77 |
78 | 1. Retrieve the ZTPServer Packer files [here](https://github.com/arista-eosplus/packer-ztpserver/archive/master.zip) or run from a shell on your local machine.
79 |
80 | git clone https://github.com/arista-eosplus/packer-ztpserver.git
81 | cd packer-ztpserver
82 |
83 | 2. Fire in the hole
84 |
85 | **NIX-based Terminal**
86 |
87 | python ./create-ztpserver.py -H [vmware|virtualbox|esxi] -o [fedora|ubuntu|eos] --vmname VMNAME-PREFIX
88 |
89 | > **IMPORTANT:** You will have to enter your sudo password so keep an eye on it.
90 |
91 | **Windows-based Command-Prompt**
92 | > **IMPORTANT:** Open the command prompt as an Administrator so you don't have to authorize every command
93 |
94 |
95 | C:\> C:\Python27\python.exe ./create-ztpserver.py -H [vmware|virtualbox|esxi] -o [fedora|ubuntu|eos] --vmname VMNAME-PREFIX
96 |
97 | > **Note:** Your Python executable might be somewhere else, or part of your
98 | %PATH% in which case you could just type ```python```, but this is just
99 | meant to be a general idea.
100 |
101 | **Examples:**
102 |
103 | Create an Ubuntu ZTPServer VM for Fusion with VM name prefix "my-demo"
104 |
105 | create-ztpserver.py -H vmware -o ubuntu --vmname my-demo
106 |
107 | Create a Fedora ZTPServer VM for Workstation with VM name prefix "my-demo"
108 |
109 | create-ztpserver.py -H vmware -o fedora --vmname my-demo
110 |
111 | Create a Fedora ZTPServer VM for Fusion with 10GB disk
112 |
113 | create-ztpserver.py -H vmware -o fedora -d 10000
114 |
115 | Create a ZTPServer VM that runs on an EOS device
116 |
117 | create-ztpserver.py -H vmware -o eos
118 |
119 | Create a Fedora ZTPServer VM that runs on an ESXi host
120 |
121 | create-ztpserver.py -H esxi -o fedora -u esxiUser -e esxi-host.example.com -p Datastore1/ztpservers -i net_vlan100
122 |
123 |
124 | 3. When the script exits successfully you will have a full-featured ZTPServer. We've gone ahead and placed some demo files from [GitHub](https://github.com/arista-eosplus/ztpserver-demo) to make life a little easier. All of the interesting files are in ```/usr/share/ztpserver``` and ```/etc/ztpserver/```.
125 | 4. Log into the server with user ```ztpsadmin``` and password ```eosplus```. Simply type the following to start the standalone ztpserver:
126 |
127 | ztps
128 |
129 | or to send all console output to a file:
130 | ```
131 | ztps --debug ~/ztps-console.log 2>&1 &
132 | ```
133 | You can stop the ztps process anytime by typing
134 |
135 | pkill ztps
136 |
137 | You can also run the ZTPServer as an Apache Web Server Gateway Interface. All of the necessary config is already in place. Just start Apache:
138 | > **Note:** The ZTPServer can only run in Standalone mode OR as an WSGI App. Kill the ztps process first if you would like to run the WSGI App.
139 |
140 |
141 | systemctl start httpd
142 | systemctl enable httpd
143 |
144 | WSGI related logs will be in ```/var/log/messages``` and ```/var/log/httpd/error.log```
145 | Refer to the [ZTPServer Documentation](http://ztpserver.readthedocs.org/en/develop/) to learn how to customize your ZTPServer. You can create some [vEOS](https://github.com/arista-eosplus/packer-veos) nodes using Packer to help get your demo working even faster.
146 |
147 | ###Post-Installation Tips
148 | ####Set the PATH Variable
149 | If Packer is installed via the script above, the packer binary path wasn't permanently
150 | added to your system ```PATH``` variable. If you intend on using Packer again, you might consider
151 | updating your ```PATH``` variable.
152 |
153 | **NIX-Based Terminal**
154 |
155 | echo "export PATH=$PATH:~/packer-bin" >> ~/.bash_profile
156 |
157 | and then restart your bash.
158 |
159 | **Windows-Based Command Prompt**
160 |
161 | setx PATH "%PATH%;%USERPROFILE%\packer-bin"
162 |
163 | and then restart your ```cmd.exe```.
164 |
165 | ####Upload the EOS VM to an Arista Switch
166 | **Step 1:** First SCP the resulting .vmdk file to your Arista switch
167 | ```
168 | scp disk.vmdk admin@eos-switch-1:/mnt/dst/path
169 | ```
170 | **Step 2:** Create Virtual-Machine entry. Log into your EOS switch:
171 | ```
172 | eos-switch-1#conf
173 | eos-switch-1(config)#virtual-machine ztps
174 | eos-switch-1(config-ztps)#disk-image usb1:/path/disk.vmdk image-format vmdk
175 | eos-switch-1(config-ztps)#memory-size 1024 ! Choose a desired size
176 | eos-switch-1(config-ztps)#enable
177 | ```
178 | **Step 3:** Confirm the VM is running
179 | ```
180 | eos-switch-1#show virtual-machine
181 | VM Name Enabled State
182 | ------- ------- -----
183 | ztps Yes Running
184 | ```
185 | **Step 4:** Console into the ZTPServer VM
186 | ```
187 | eos-switch-1#bash
188 | [admin@eos-switch-1 ~]$ sudo virsh
189 | virsh # list
190 | Id Name State
191 | ----------------------------------
192 | 1 ztps running
193 |
194 | virsh # console 1
195 | error: Failed to get local hostname
196 | error: Failed to get connection hostname
197 | Connected to domain ztps
198 | Escape character is ^]
199 |
200 | [root@ztps ~]# echo hello world
201 | ```
202 |
203 | ##The Minor Details
204 | ###How the ESXi Builder Works
205 | Packer provides built-in support for VM creation on VMware ESXi. In this case,
206 | you still execute the ```create-ztpserver``` script on your local machine, but
207 | you provide details for Packer to upload and create the VM on your ESXi host.
208 |
209 | ####Require Parameters
210 | * ```-u``` ESXi Username: This is the username used to log into your ESXi host
211 | * ```-e``` ESXi Host: The IP or resolvable hostname of your ESXi host
212 | * ```-p``` ESXi Datastore path: This is where the script will copy your VM to. Typically it looks something like ```Datastore-1/path/to/dir```
213 | * ```-i``` ESXi Network Name: Your local machine and the VM must be able to communicate. So this must be the network that provides that network connectivity.
214 |
215 | ###Virtual Networks
216 | Host-only virtual networks will be created:
217 | * vboxnet2/vmnet2
218 | * Used for Eth1 on the ZTPServer. This is the internal management network
219 | * DHCP off
220 | * NAT off
221 | * vboxnet3/vmnet3
222 | * Proactively created for use with vEOS demo - data network
223 | * DHCP off
224 | * NAT off
225 | * vboxnet4/vmnet4
226 | * Proactively created for use with vEOS demo - data network
227 | * DHCP off
228 | * NAT off
229 | * vboxnet5/vmnet5
230 | * Proactively created for use with vEOS demo - data network
231 | * DHCP off
232 | * NAT off
233 | * vboxnet6/vmnet6
234 | * Proactively created for use with vEOS demo - data network
235 | * DHCP off
236 | * NAT off
237 | * vboxnet7/vmnet7
238 | * Proactively created for use with vEOS demo - data network
239 | * DHCP off
240 | * NAT off
241 | * vboxnet9/vmnet9
242 | * Proactively created for use with vEOS demo - data network
243 | * DHCP off
244 | * NAT off
245 | * vboxnet10/vmnet10
246 | * Proactively created for use with vEOS demo - data network
247 | * DHCP off
248 | * NAT off
249 |
250 | ###The ZTPServer VM
251 | * 7GB Hard Drive
252 | * 2GB RAM
253 | * Python 2.7.x with Pip
254 | * Hostname ztps.ztps-test.com
255 | * eth0 (NAT) DHCP
256 | * eth1 (vboxnet2/vmnet2) 172.16.130.10/24
257 | * Firewall disabled.
258 | * Users
259 | * root/eosplus and ztpsadmin/eosplus
260 | * DHCP installed with Option 67 configured (eth1 only)
261 | * BIND DNS server installed with zone ztps-test.com
262 | * wildcard forward rule to 8.8.8.8 for all other queries
263 | * rsyslog-ng installed; Listening on UDP and TCP (port 514)
264 | * XMPP server configured for im.ztps-test.com
265 | * XMPP admin user ztpsadmin@im.ztps-test.com, passwd eosplus
266 | * httpd installed and configured for ZTPServer (mod_wsgi). The configuration files are in place, but httpd is not running by default.
267 | * ZTPServer installed (with [sample files](https://github.com/arista-eosplus/ztpserver-demo) to get you up and running)
268 |
269 | If you run into any snags, please feel free to raise an issue and attach the
270 | logs.
271 |
--------------------------------------------------------------------------------
/Ubuntu/ztps-ubuntu-12.04.4_amd64.json:
--------------------------------------------------------------------------------
1 | {
2 | "variables": {
3 | "ram": "2048",
4 | "disk-size": "7000",
5 | "name": "ztps-ubuntu-12.04_amd64",
6 | "esxi-user": "",
7 | "esxi-passwd": "",
8 | "esxi-host": "",
9 | "esxi-path": "",
10 | "esxi-network": ""
11 | },
12 | "builders": [
13 | {
14 | "boot_command": [
15 | "",
16 | "",
17 | "",
18 | "/install/vmlinuz",
19 | " auto",
20 | " console-setup/ask_detect=false",
21 | " console-setup/layoutcode=us",
22 | " console-setup/modelcode=pc105",
23 | " debconf/frontend=noninteractive",
24 | " debian-installer=en_US",
25 | " fb=false",
26 | " initrd=/install/initrd.gz",
27 | " kbd-chooser/method=us",
28 | " keyboard-configuration/layout=USA",
29 | " keyboard-configuration/variant=USA",
30 | " locale=en_US",
31 | " netcfg/choose_interface=eth0",
32 | " netcfg/get_hostname=ztps",
33 | " netcfg/get_domain=ztps-test.com",
34 | " noapic",
35 | " preseed/url=http://{{ .HTTPIP }}:{{ .HTTPPort }}/preseed.cfg",
36 | " -- ",
37 | ""
38 | ],
39 | "boot_wait": "10s",
40 | "disk_size": "{{user `disk-size`}}",
41 | "output_directory":"{{user `name`}}-vmware",
42 | "type": "vmware-iso",
43 | "headless":"False",
44 | "iso_checksum": "af224223de99e2a730b67d7785b657f549be0d63221188e105445f75fb8305c9",
45 | "iso_checksum_type": "sha256",
46 | "iso_url": "http://releases.ubuntu.com/12.04/ubuntu-12.04.5-server-amd64.iso",
47 | "ssh_username": "root",
48 | "ssh_password":"eosplus",
49 | "ssh_port":"22",
50 | "ssh_wait_timeout": "20m",
51 | "guest_os_type": "linux",
52 | "vm_name":"{{user `name`}}",
53 | "vmx_data": {
54 | "memsize": "{{user `ram`}}",
55 | "numvcpus": "1",
56 | "cpuid.coresPerSocket": "1",
57 | "ethernet0.present" : "TRUE",
58 | "ethernet0.virtualdev" : "e1000",
59 | "ethernet0.connectionType" : "nat",
60 | "ethernet0.startConnected" : "TRUE",
61 | "ethernet0.pcislotnumber" : "32",
62 | "ethernet1.pcislotnumber" : "33",
63 | "ethernet1.virtualdev" : "e1000",
64 | "ethernet1.present" : "TRUE",
65 | "ethernet1.startConnected" : "TRUE",
66 | "ethernet1.connectionType" : "custom",
67 | "ethernet1.vnet":"vmnet2"
68 | },
69 | "shutdown_command": "/sbin/shutdown -h now",
70 | "http_directory":"http/"
71 | },
72 | {
73 | "boot_command": [
74 | "",
75 | "",
76 | "",
77 | "/install/vmlinuz",
78 | " auto",
79 | " console-setup/ask_detect=false",
80 | " console-setup/layoutcode=us",
81 | " console-setup/modelcode=pc105",
82 | " debconf/frontend=noninteractive",
83 | " debian-installer=en_US",
84 | " fb=false",
85 | " initrd=/install/initrd.gz",
86 | " kbd-chooser/method=us",
87 | " keyboard-configuration/layout=USA",
88 | " keyboard-configuration/variant=USA",
89 | " locale=en_US",
90 | " netcfg/choose_interface=eth0",
91 | " netcfg/get_hostname=ztps",
92 | " netcfg/get_domain=ztps-test.com",
93 | " noapic",
94 | " preseed/url=http://{{ .HTTPIP }}:{{ .HTTPPort }}/preseed.cfg",
95 | " -- ",
96 | ""
97 | ],
98 | "boot_wait": "10s",
99 | "disk_size": "{{user `disk-size`}}",
100 | "disk_type_id": "thin",
101 | "output_directory":"{{user `name`}}-vmware",
102 | "type": "vmware-iso",
103 | "name": "esxi-iso",
104 | "headless":"False",
105 | "iso_checksum": "af224223de99e2a730b67d7785b657f549be0d63221188e105445f75fb8305c9",
106 | "iso_checksum_type": "sha256",
107 | "iso_url": "http://releases.ubuntu.com/12.04/ubuntu-12.04.5-server-amd64.iso",
108 | "ssh_username": "root",
109 | "ssh_password":"eosplus",
110 | "ssh_port":"22",
111 | "ssh_wait_timeout": "20m",
112 | "guest_os_type": "ubuntu-64",
113 | "vm_name":"{{user `name`}}",
114 | "remote_host":"{{user `esxi-host`}}",
115 | "remote_datastore":"{{user `esxi-path`}}",
116 | "remote_type":"esx5",
117 | "remote_username":"{{user `esxi-user`}}",
118 | "remote_password":"{{user `esxi-passwd`}}",
119 | "vmx_data": {
120 | "memsize": "{{user `ram`}}",
121 | "numvcpus": "1",
122 | "cpuid.coresPerSocket": "1",
123 | "RemoteDisplay.vnc.enabled" : "TRUE",
124 | "ethernet0.startConnected": "TRUE",
125 | "ethernet0.connectiontype" : "custom",
126 | "ethernet0.virtualDev" : "e1000",
127 | "ethernet0.networkName" : "{{user `esxi-network`}}",
128 | "ethernet0.linkstatepropagation.enable" : "TRUE",
129 | "ethernet0.present" : "TRUE",
130 | "ethernet0.pcislotnumber" : "32",
131 | "ethernet1.pcislotnumber" : "33",
132 | "ethernet1.startConnected": "FALSE",
133 | "ethernet1.virtualDev" : "e1000",
134 | "ethernet1.present" : "TRUE"
135 | },
136 | "vmx_data_post": {
137 | "ethernet1.startConnected": "TRUE"
138 | },
139 | "shutdown_command": "/sbin/shutdown -h now",
140 | "http_directory":"http/"
141 | },
142 | {
143 | "boot_command": [
144 | "",
145 | "",
146 | "",
147 | "/install/vmlinuz",
148 | " auto",
149 | " console-setup/ask_detect=false",
150 | " console-setup/layoutcode=us",
151 | " console-setup/modelcode=pc105",
152 | " debconf/frontend=noninteractive",
153 | " debian-installer=en_US",
154 | " fb=false",
155 | " initrd=/install/initrd.gz",
156 | " kbd-chooser/method=us",
157 | " keyboard-configuration/layout=USA",
158 | " keyboard-configuration/variant=USA",
159 | " locale=en_US",
160 | " netcfg/choose_interface=eth0",
161 | " netcfg/get_hostname=ztps",
162 | " netcfg/get_domain=ztps-test.com",
163 | " noapic",
164 | " preseed/url=http://{{ .HTTPIP }}:{{ .HTTPPort }}/preseed.cfg",
165 | " -- ",
166 | ""
167 | ],
168 | "boot_wait": "10s",
169 | "disk_size": "{{user `disk-size`}}",
170 | "output_directory":"{{user `name`}}-vbox",
171 | "type": "virtualbox-iso",
172 | "headless":"False",
173 | "iso_checksum": "af224223de99e2a730b67d7785b657f549be0d63221188e105445f75fb8305c9",
174 | "iso_checksum_type": "sha256",
175 | "iso_url": "http://releases.ubuntu.com/12.04/ubuntu-12.04.5-server-amd64.iso",
176 | "ssh_username": "root",
177 | "ssh_password":"eosplus",
178 | "ssh_port":"22",
179 | "ssh_wait_timeout": "20m",
180 | "guest_os_type": "Ubuntu_64",
181 | "vm_name":"{{user `name`}}",
182 | "vboxmanage": [
183 | [
184 | "modifyvm",
185 | "{{.Name}}",
186 | "--memory",
187 | "{{user `ram`}}"
188 | ],
189 | [
190 | "modifyvm",
191 | "{{.Name}}",
192 | "--cpus",
193 | "1"
194 | ],
195 | [
196 | "modifyvm",
197 | "{{.Name}}",
198 | "--rtcuseutc",
199 | "on"
200 | ],
201 | [
202 | "modifyvm",
203 | "{{.Name}}",
204 | "--bioslogodisplaytime",
205 | "1"
206 | ],
207 | [
208 | "modifyvm",
209 | "{{.Name}}",
210 | "--nic1",
211 | "nat"
212 | ],
213 | [
214 | "modifyvm",
215 | "{{.Name}}",
216 | "--nic2",
217 | "hostonly"
218 | ],
219 | [
220 | "modifyvm",
221 | "{{.Name}}",
222 | "--hostonlyadapter2",
223 | "vboxnet2"
224 | ]
225 | ],
226 | "shutdown_command": "/sbin/shutdown -h now",
227 | "http_directory":"http/"
228 | },
229 | {
230 | "boot_command": [
231 | "",
232 | "",
233 | "",
234 | "/install/vmlinuz",
235 | " auto",
236 | " console-setup/ask_detect=false",
237 | " console-setup/layoutcode=us",
238 | " console-setup/modelcode=pc105",
239 | " debconf/frontend=noninteractive",
240 | " debian-installer=en_US",
241 | " fb=false",
242 | " initrd=/install/initrd.gz",
243 | " kbd-chooser/method=us",
244 | " keyboard-configuration/layout=USA",
245 | " keyboard-configuration/variant=USA",
246 | " locale=en_US",
247 | " netcfg/choose_interface=eth0",
248 | " netcfg/get_hostname=ztps",
249 | " netcfg/get_domain=ztps-test.com",
250 | " noapic",
251 | " preseed/url=http://{{ .HTTPIP }}:{{ .HTTPPort }}/preseed.cfg",
252 | " -- ",
253 | ""
254 | ],
255 | "boot_wait": "10s",
256 | "disk_size": "{{user `disk-size`}}",
257 | "output_directory":"{{user `name`}}-vbox",
258 | "type": "virtualbox-iso",
259 | "name": "virtualbox-windows-iso",
260 | "headless":"False",
261 | "iso_checksum": "af224223de99e2a730b67d7785b657f549be0d63221188e105445f75fb8305c9",
262 | "iso_checksum_type": "sha256",
263 | "iso_url": "http://releases.ubuntu.com/12.04/ubuntu-12.04.5-server-amd64.iso",
264 | "ssh_username": "root",
265 | "ssh_password":"eosplus",
266 | "ssh_port":"22",
267 | "ssh_wait_timeout": "20m",
268 | "guest_os_type": "Ubuntu_64",
269 | "vm_name":"{{user `name`}}",
270 | "vboxmanage": [
271 | [
272 | "modifyvm",
273 | "{{.Name}}",
274 | "--memory",
275 | "{{user `ram`}}"
276 | ],
277 | [
278 | "modifyvm",
279 | "{{.Name}}",
280 | "--cpus",
281 | "1"
282 | ],
283 | [
284 | "modifyvm",
285 | "{{.Name}}",
286 | "--rtcuseutc",
287 | "on"
288 | ],
289 | [
290 | "modifyvm",
291 | "{{.Name}}",
292 | "--bioslogodisplaytime",
293 | "1"
294 | ],
295 | [
296 | "modifyvm",
297 | "{{.Name}}",
298 | "--hwvirtex",
299 | "on"
300 | ],
301 | [
302 | "modifyvm",
303 | "{{.Name}}",
304 | "--vtxux",
305 | "on"
306 | ],
307 | [
308 | "modifyvm",
309 | "{{.Name}}",
310 | "--vtxvpid",
311 | "on"
312 | ],
313 | [
314 | "modifyvm",
315 | "{{.Name}}",
316 | "--nic1",
317 | "nat"
318 | ],
319 | [
320 | "modifyvm",
321 | "{{.Name}}",
322 | "--nic2",
323 | "hostonly"
324 | ],
325 | [
326 | "modifyvm",
327 | "{{.Name}}",
328 | "--hostonlyadapter2",
329 | "VirtualBox Host-Only Ethernet Adapter #2"
330 | ]
331 | ],
332 | "shutdown_command": "/sbin/shutdown -h now",
333 | "http_directory":"http/"
334 | }
335 | ],
336 | "provisioners": [
337 | {
338 | "source": "conf",
339 | "destination": "/tmp/packer",
340 | "type":"file"
341 | },
342 | {
343 | "source": "files",
344 | "destination": "/tmp/packer",
345 | "type":"file"
346 | },
347 | {
348 | "scripts": [
349 | "scripts/setup.sh"
350 | ],
351 | "type" : "shell"
352 | }
353 | ]
354 | }
355 |
--------------------------------------------------------------------------------
/Fedora/conf/httpd.conf:
--------------------------------------------------------------------------------
1 | #
2 | # This is the main Apache HTTP server configuration file. It contains the
3 | # configuration directives that give the server its instructions.
4 | # See for detailed information.
5 | # In particular, see
6 | #
7 | # for a discussion of each configuration directive.
8 | #
9 | # Do NOT simply read the instructions in here without understanding
10 | # what they do. They're here only as hints or reminders. If you are unsure
11 | # consult the online docs. You have been warned.
12 | #
13 | # Configuration and logfile names: If the filenames you specify for many
14 | # of the server's control files begin with "/" (or "drive:/" for Win32), the
15 | # server will use that explicit path. If the filenames do *not* begin
16 | # with "/", the value of ServerRoot is prepended -- so 'log/access_log'
17 | # with ServerRoot set to '/www' will be interpreted by the
18 | # server as '/www/log/access_log', where as '/log/access_log' will be
19 | # interpreted as '/log/access_log'.
20 |
21 | #
22 | # ServerRoot: The top of the directory tree under which the server's
23 | # configuration, error, and log files are kept.
24 | #
25 | # Do not add a slash at the end of the directory path. If you point
26 | # ServerRoot at a non-local disk, be sure to specify a local disk on the
27 | # Mutex directive, if file-based mutexes are used. If you wish to share the
28 | # same ServerRoot for multiple httpd daemons, you will need to change at
29 | # least PidFile.
30 | #
31 | ServerRoot "/etc/httpd"
32 |
33 | #
34 | # Listen: Allows you to bind Apache to specific IP addresses and/or
35 | # ports, instead of the default. See also the
36 | # directive.
37 | #
38 | # Change this to Listen on specific IP addresses as shown below to
39 | # prevent Apache from glomming onto all bound IP addresses.
40 | #
41 | #Listen 12.34.56.78:80
42 | Listen 80
43 | Listen 8080
44 |
45 | #
46 | # Dynamic Shared Object (DSO) Support
47 | #
48 | # To be able to use the functionality of a module which was built as a DSO you
49 | # have to place corresponding `LoadModule' lines at this location so the
50 | # directives contained in it are actually available _before_ they are used.
51 | # Statically compiled modules (those listed by `httpd -l') do not need
52 | # to be loaded here.
53 | #
54 | # Example:
55 | # LoadModule foo_module modules/mod_foo.so
56 | #
57 | Include conf.modules.d/*.conf
58 |
59 | #
60 | # If you wish httpd to run as a different user or group, you must run
61 | # httpd as root initially and it will switch.
62 | #
63 | # User/Group: The name (or #number) of the user/group to run httpd as.
64 | # It is usually good practice to create a dedicated user and group for
65 | # running httpd, as with most system services.
66 | #
67 | User apache
68 | Group apache
69 |
70 | # 'Main' server configuration
71 | #
72 | # The directives in this section set up the values used by the 'main'
73 | # server, which responds to any requests that aren't handled by a
74 | # definition. These values also provide defaults for
75 | # any containers you may define later in the file.
76 | #
77 | # All of these directives may appear inside containers,
78 | # in which case these default settings will be overridden for the
79 | # virtual host being defined.
80 | #
81 |
82 | #
83 | # ServerAdmin: Your address, where problems with the server should be
84 | # e-mailed. This address appears on some server-generated pages, such
85 | # as error documents. e.g. admin@your-domain.com
86 | #
87 | ServerAdmin root@ztps-test.com
88 |
89 | #
90 | # ServerName gives the name and port that the server uses to identify itself.
91 | # This can often be determined automatically, but we recommend you specify
92 | # it explicitly to prevent problems during startup.
93 | #
94 | # If your host doesn't have a registered DNS name, enter its IP address here.
95 | #
96 | #ServerName www.example.com:80
97 |
98 | #
99 | # Deny access to the entirety of your server's filesystem. You must
100 | # explicitly permit access to web content directories in other
101 | # blocks below.
102 | #
103 |
104 | AllowOverride none
105 | Require all denied
106 |
107 |
108 | #
109 | # Note that from this point forward you must specifically allow
110 | # particular features to be enabled - so if something's not working as
111 | # you might expect, make sure that you have specifically enabled it
112 | # below.
113 | #
114 |
115 | #
116 | # DocumentRoot: The directory out of which you will serve your
117 | # documents. By default, all requests are taken from this directory, but
118 | # symbolic links and aliases may be used to point to other locations.
119 | #
120 | DocumentRoot "/var/www/html"
121 |
122 | #
123 | # Relax access to content within /var/www.
124 | #
125 |
126 | AllowOverride None
127 | # Allow open access:
128 | Require all granted
129 |
130 |
131 | # Further relax access to the default document root:
132 |
133 | #
134 | # Possible values for the Options directive are "None", "All",
135 | # or any combination of:
136 | # Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews
137 | #
138 | # Note that "MultiViews" must be named *explicitly* --- "Options All"
139 | # doesn't give it to you.
140 | #
141 | # The Options directive is both complicated and important. Please see
142 | # http://httpd.apache.org/docs/2.4/mod/core.html#options
143 | # for more information.
144 | #
145 | Options Indexes FollowSymLinks
146 |
147 | #
148 | # AllowOverride controls what directives may be placed in .htaccess files.
149 | # It can be "All", "None", or any combination of the keywords:
150 | # Options FileInfo AuthConfig Limit
151 | #
152 | AllowOverride None
153 |
154 | #
155 | # Controls who can get stuff from this server.
156 | #
157 | Require all granted
158 |
159 |
160 | #
161 | # DirectoryIndex: sets the file that Apache will serve if a directory
162 | # is requested.
163 | #
164 |
165 | DirectoryIndex index.html
166 |
167 |
168 | #
169 | # The following lines prevent .htaccess and .htpasswd files from being
170 | # viewed by Web clients.
171 | #
172 |
173 | Require all denied
174 |
175 |
176 | #
177 | # ErrorLog: The location of the error log file.
178 | # If you do not specify an ErrorLog directive within a
179 | # container, error messages relating to that virtual host will be
180 | # logged here. If you *do* define an error logfile for a
181 | # container, that host's errors will be logged there and not here.
182 | #
183 | ErrorLog "logs/error_log"
184 |
185 | #
186 | # LogLevel: Control the number of messages logged to the error_log.
187 | # Possible values include: debug, info, notice, warn, error, crit,
188 | # alert, emerg.
189 | #
190 | LogLevel warn
191 |
192 |
193 | #
194 | # The following directives define some format nicknames for use with
195 | # a CustomLog directive (see below).
196 | #
197 | LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
198 | LogFormat "%h %l %u %t \"%r\" %>s %b" common
199 |
200 |
201 | # You need to enable mod_logio.c to use %I and %O
202 | LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio
203 |
204 |
205 | #
206 | # The location and format of the access logfile (Common Logfile Format).
207 | # If you do not define any access logfiles within a
208 | # container, they will be logged here. Contrariwise, if you *do*
209 | # define per- access logfiles, transactions will be
210 | # logged therein and *not* in this file.
211 | #
212 | #CustomLog "logs/access_log" common
213 |
214 | #
215 | # If you prefer a logfile with access, agent, and referer information
216 | # (Combined Logfile Format) you can use the following directive.
217 | #
218 | CustomLog "logs/access_log" combined
219 |
220 |
221 |
222 | #
223 | # Redirect: Allows you to tell clients about documents that used to
224 | # exist in your server's namespace, but do not anymore. The client
225 | # will make a new request for the document at its new location.
226 | # Example:
227 | # Redirect permanent /foo http://www.example.com/bar
228 |
229 | #
230 | # Alias: Maps web paths into filesystem paths and is used to
231 | # access content that does not live under the DocumentRoot.
232 | # Example:
233 | # Alias /webpath /full/filesystem/path
234 | #
235 | # If you include a trailing / on /webpath then the server will
236 | # require it to be present in the URL. You will also likely
237 | # need to provide a section to allow access to
238 | # the filesystem path.
239 |
240 | #
241 | # ScriptAlias: This controls which directories contain server scripts.
242 | # ScriptAliases are essentially the same as Aliases, except that
243 | # documents in the target directory are treated as applications and
244 | # run by the server when requested rather than as documents sent to the
245 | # client. The same rules about trailing "/" apply to ScriptAlias
246 | # directives as to Alias.
247 | #
248 | ScriptAlias /cgi-bin/ "/var/www/cgi-bin/"
249 |
250 |
251 |
252 | #
253 | # "/var/www/cgi-bin" should be changed to whatever your ScriptAliased
254 | # CGI directory exists, if you have that configured.
255 | #
256 |
257 | AllowOverride None
258 | Options None
259 | Require all granted
260 |
261 |
262 |
263 | #
264 | # TypesConfig points to the file containing the list of mappings from
265 | # filename extension to MIME-type.
266 | #
267 | TypesConfig /etc/mime.types
268 |
269 | #
270 | # AddType allows you to add to or override the MIME configuration
271 | # file specified in TypesConfig for specific file types.
272 | #
273 | #AddType application/x-gzip .tgz
274 | #
275 | # AddEncoding allows you to have certain browsers uncompress
276 | # information on the fly. Note: Not all browsers support this.
277 | #
278 | #AddEncoding x-compress .Z
279 | #AddEncoding x-gzip .gz .tgz
280 | #
281 | # If the AddEncoding directives above are commented-out, then you
282 | # probably should define those extensions to indicate media types:
283 | #
284 | AddType application/x-compress .Z
285 | AddType application/x-gzip .gz .tgz
286 |
287 | #
288 | # AddHandler allows you to map certain file extensions to "handlers":
289 | # actions unrelated to filetype. These can be either built into the server
290 | # or added with the Action directive (see below)
291 | #
292 | # To use CGI scripts outside of ScriptAliased directories:
293 | # (You will also need to add "ExecCGI" to the "Options" directive.)
294 | #
295 | #AddHandler cgi-script .cgi
296 |
297 | # For type maps (negotiated resources):
298 | #AddHandler type-map var
299 |
300 | #
301 | # Filters allow you to process content before it is sent to the client.
302 | #
303 | # To parse .shtml files for server-side includes (SSI):
304 | # (You will also need to add "Includes" to the "Options" directive.)
305 | #
306 | AddType text/html .shtml
307 | AddOutputFilter INCLUDES .shtml
308 |
309 |
310 | #
311 | # Specify a default charset for all content served; this enables
312 | # interpretation of all content as UTF-8 by default. To use the
313 | # default browser choice (ISO-8859-1), or to allow the META tags
314 | # in HTML content to override this choice, comment out this
315 | # directive:
316 | #
317 | AddDefaultCharset UTF-8
318 |
319 |
320 | #
321 | # The mod_mime_magic module allows the server to use various hints from the
322 | # contents of the file itself to determine its type. The MIMEMagicFile
323 | # directive tells the module where the hint definitions are located.
324 | #
325 | MIMEMagicFile conf/magic
326 |
327 |
328 | #
329 | # Customizable error responses come in three flavors:
330 | # 1) plain text 2) local redirects 3) external redirects
331 | #
332 | # Some examples:
333 | #ErrorDocument 500 "The server made a boo boo."
334 | #ErrorDocument 404 /missing.html
335 | #ErrorDocument 404 "/cgi-bin/missing_handler.pl"
336 | #ErrorDocument 402 http://www.example.com/subscription_info.html
337 | #
338 |
339 | #
340 | # EnableMMAP and EnableSendfile: On systems that support it,
341 | # memory-mapping or the sendfile syscall may be used to deliver
342 | # files. This usually improves server performance, but must
343 | # be turned off when serving from networked-mounted
344 | # filesystems or if support for these functions is otherwise
345 | # broken on your system.
346 | # Defaults if commented: EnableMMAP On, EnableSendfile Off
347 | #
348 | #EnableMMAP off
349 | EnableSendfile on
350 |
351 | # Supplemental configuration
352 | #
353 | # Load config files in the "/etc/httpd/conf.d" directory, if any.
354 | IncludeOptional conf.d/*.conf
355 |
356 |
357 | ##########################################
358 | # ZTPSERVER-RELATED CONFIGURATION
359 | ##########################################
360 |
361 | LoadModule wsgi_module modules/mod_wsgi.so
362 |
363 |
364 | WSGIDaemonProcess ztpserver user=ztpsadmin group=ztpsadmin threads=25
365 | WSGIScriptAlias / /etc/ztpserver/ztpserver.wsgi
366 |
367 |
368 | WSGIProcessGroup ztpserver
369 | WSGIApplicationGroup %{GLOBAL}
370 | Require all granted
371 |
372 |
--------------------------------------------------------------------------------
/Fedora/conf/ejabberd.cfg:
--------------------------------------------------------------------------------
1 | %%%
2 | %%% ejabberd configuration file
3 | %%%
4 | %%%'
5 |
6 | %%% The parameters used in this configuration file are explained in more detail
7 | %%% in the ejabberd Installation and Operation Guide.
8 | %%% Please consult the Guide in case of doubts, it is included with
9 | %%% your copy of ejabberd, and is also available online at
10 | %%% http://www.process-one.net/en/ejabberd/docs/
11 |
12 | %%% This configuration file contains Erlang terms.
13 | %%% In case you want to understand the syntax, here are the concepts:
14 | %%%
15 | %%% - The character to comment a line is %
16 | %%%
17 | %%% - Each term ends in a dot, for example:
18 | %%% override_global.
19 | %%%
20 | %%% - A tuple has a fixed definition, its elements are
21 | %%% enclosed in {}, and separated with commas:
22 | %%% {loglevel, 4}.
23 | %%%
24 | %%% - A list can have as many elements as you want,
25 | %%% and is enclosed in [], for example:
26 | %%% [http_poll, web_admin, tls]
27 | %%%
28 | %%% - A keyword of ejabberd is a word in lowercase.
29 | %%% Strings are enclosed in "" and can contain spaces, dots, ...
30 | %%% {language, "en"}.
31 | %%% {ldap_rootdn, "dc=example,dc=com"}.
32 | %%%
33 | %%% - This term includes a tuple, a keyword, a list, and two strings:
34 | %%% {hosts, ["jabber.example.net", "im.example.com"]}.
35 | %%%
36 |
37 |
38 | %%%. =======================
39 | %%%' OVERRIDE STORED OPTIONS
40 |
41 | %%
42 | %% Override the old values stored in the database.
43 | %%
44 |
45 | %%
46 | %% Override global options (shared by all ejabberd nodes in a cluster).
47 | %%
48 | %%override_global.
49 |
50 | %%
51 | %% Override local options (specific for this particular ejabberd node).
52 | %%
53 | %%override_local.
54 |
55 | %%
56 | %% Remove the Access Control Lists before new ones are added.
57 | %%
58 | %%override_acls.
59 |
60 |
61 | %%%. =========
62 | %%%' DEBUGGING
63 |
64 | %%
65 | %% loglevel: Verbosity of log files generated by ejabberd.
66 | %% 0: No ejabberd log at all (not recommended)
67 | %% 1: Critical
68 | %% 2: Error
69 | %% 3: Warning
70 | %% 4: Info
71 | %% 5: Debug
72 | %%
73 | {loglevel, 5}.
74 |
75 | %%
76 | %% watchdog_admins: Only useful for developers: if an ejabberd process
77 | %% consumes a lot of memory, send live notifications to these XMPP
78 | %% accounts.
79 | %%
80 | %%{watchdog_admins, ["bob@example.com"]}.
81 |
82 |
83 | %%%. ================
84 | %%%' SERVED HOSTNAMES
85 |
86 | %%
87 | %% hosts: Domains served by ejabberd.
88 | %% You can define one or several, for example:
89 | %% {hosts, ["example.net", "example.com", "example.org"]}.
90 | %%
91 | {hosts, ["im.ztps-test.com"]}.
92 |
93 | %%
94 | %% route_subdomains: Delegate subdomains to other XMPP servers.
95 | %% For example, if this ejabberd serves example.org and you want
96 | %% to allow communication with an XMPP server called im.example.org.
97 | %%
98 | %%{route_subdomains, s2s}.
99 |
100 |
101 | %%%. ===============
102 | %%%' LISTENING PORTS
103 |
104 | %%
105 | %% listen: The ports ejabberd will listen on, which service each is handled
106 | %% by and what options to start it with.
107 | %%
108 | {listen,
109 | [
110 |
111 | {5222, ejabberd_c2s, [
112 |
113 | %%
114 | %% If TLS is compiled in and you installed a SSL
115 | %% certificate, specify the full path to the
116 | %% file and uncomment this line:
117 | %%
118 | %%{certfile, "/etc/ejabberd/ejabberd.pem"}, starttls,
119 |
120 | {access, c2s},
121 | {shaper, c2s_shaper},
122 | {max_stanza_size, 65536}
123 | ]},
124 |
125 | %%
126 | %% To enable the old SSL connection method on port 5223:
127 | %%
128 | %%{5223, ejabberd_c2s, [
129 | %% {access, c2s},
130 | %% {shaper, c2s_shaper},
131 | %% {certfile, "/etc/ejabberd/ejabberd.pem"}, tls,
132 | %% {max_stanza_size, 65536}
133 | %% ]},
134 |
135 | {5269, ejabberd_s2s_in, [
136 | {shaper, s2s_shaper},
137 | {max_stanza_size, 131072}
138 | ]},
139 |
140 | %%
141 | %% ejabberd_service: Interact with external components (transports, ...)
142 | %%
143 | %%{8888, ejabberd_service, [
144 | %% {access, all},
145 | %% {shaper_rule, fast},
146 | %% {ip, {127, 0, 0, 1}},
147 | %% {hosts, ["icq.example.org", "sms.example.org"],
148 | %% [{password, "secret"}]
149 | %% }
150 | %% ]},
151 |
152 | %%
153 | %% ejabberd_stun: Handles STUN Binding requests
154 | %%
155 | %%{{3478, udp}, ejabberd_stun, []},
156 |
157 | {5280, ejabberd_http, [
158 | %% %%{request_handlers,
159 | %% %% [
160 | %% %% {["pub", "archive"], mod_http_fileserver}
161 | %% %% ]},
162 | %%captcha,
163 | http_bind,
164 | http_poll,
165 | %%register,
166 | web_admin
167 | ]}
168 |
169 | ]}.
170 |
171 | %%
172 | %% s2s_use_starttls: Enable STARTTLS + Dialback for S2S connections.
173 | %% Allowed values are: false optional required required_trusted
174 | %% You must specify a certificate file.
175 | %%
176 | %%{s2s_use_starttls, optional}.
177 |
178 | %%
179 | %% s2s_certfile: Specify a certificate file.
180 | %%
181 | %%{s2s_certfile, "/etc/ejabberd/ejabberd.pem"}.
182 |
183 | %%
184 | %% domain_certfile: Specify a different certificate for each served hostname.
185 | %%
186 | %%{domain_certfile, "example.org", "/path/to/example_org.pem"}.
187 | %%{domain_certfile, "example.com", "/path/to/example_com.pem"}.
188 |
189 | %%
190 | %% S2S whitelist or blacklist
191 | %%
192 | %% Default s2s policy for undefined hosts.
193 | %%
194 | %%{s2s_default_policy, allow}.
195 |
196 | %%
197 | %% Allow or deny communication with specific servers.
198 | %%
199 | %%{{s2s_host, "goodhost.org"}, allow}.
200 | %%{{s2s_host, "badhost.org"}, deny}.
201 |
202 | %%
203 | %% Outgoing S2S options
204 | %%
205 | %% Preferred address families (which to try first) and connect timeout
206 | %% in milliseconds.
207 | %%
208 | %%{outgoing_s2s_options, [ipv4, ipv6], 10000}.
209 |
210 |
211 | %%%. ==============
212 | %%%' AUTHENTICATION
213 |
214 | %%
215 | %% auth_method: Method used to authenticate the users.
216 | %% The default method is the internal.
217 | %% If you want to use a different method,
218 | %% comment this line and enable the correct ones.
219 | %%
220 | {auth_method, internal}.
221 | %%
222 | %% Store the plain passwords or hashed for SCRAM:
223 | %%{auth_password_format, plain}.
224 | %%{auth_password_format, scram}.
225 | %%
226 | %% Define the FQDN if ejabberd doesn't detect it:
227 | %%{fqdn, "server3.example.com"}.
228 |
229 | %%
230 | %% Authentication using external script
231 | %% Make sure the script is executable by ejabberd.
232 | %%
233 | %%{auth_method, external}.
234 | %%{extauth_program, "/path/to/authentication/script"}.
235 |
236 | %%
237 | %% Authentication using ODBC
238 | %% Remember to setup a database in the next section.
239 | %%
240 | %%{auth_method, odbc}.
241 |
242 | %%
243 | %% Authentication using PAM
244 | %%
245 | %%{auth_method, pam}.
246 | %%{pam_service, "ejabberd"}.
247 |
248 | %%
249 | %% Authentication using LDAP
250 | %%
251 | %%{auth_method, ldap}.
252 | %%
253 | %% List of LDAP servers:
254 | %%{ldap_servers, ["localhost"]}.
255 | %%
256 | %% Encryption of connection to LDAP servers:
257 | %%{ldap_encrypt, none}.
258 | %%{ldap_encrypt, tls}.
259 | %%
260 | %% Port to connect to on LDAP servers:
261 | %%{ldap_port, 389}.
262 | %%{ldap_port, 636}.
263 | %%
264 | %% LDAP manager:
265 | %%{ldap_rootdn, "dc=example,dc=com"}.
266 | %%
267 | %% Password of LDAP manager:
268 | %%{ldap_password, "******"}.
269 | %%
270 | %% Search base of LDAP directory:
271 | %%{ldap_base, "dc=example,dc=com"}.
272 | %%
273 | %% LDAP attribute that holds user ID:
274 | %%{ldap_uids, [{"mail", "%u@mail.example.org"}]}.
275 | %%
276 | %% LDAP filter:
277 | %%{ldap_filter, "(objectClass=shadowAccount)"}.
278 |
279 | %%
280 | %% Anonymous login support:
281 | %% auth_method: anonymous
282 | %% anonymous_protocol: sasl_anon | login_anon | both
283 | %% allow_multiple_connections: true | false
284 | %%
285 | %%{host_config, "public.example.org", [{auth_method, anonymous},
286 | %% {allow_multiple_connections, false},
287 | %% {anonymous_protocol, sasl_anon}]}.
288 | %%
289 | %% To use both anonymous and internal authentication:
290 | %%
291 | %%{host_config, "public.example.org", [{auth_method, [internal, anonymous]}]}.
292 |
293 |
294 | %%%. ==============
295 | %%%' DATABASE SETUP
296 |
297 | %% ejabberd by default uses the internal Mnesia database,
298 | %% so you do not necessarily need this section.
299 | %% This section provides configuration examples in case
300 | %% you want to use other database backends.
301 | %% Please consult the ejabberd Guide for details on database creation.
302 |
303 | %%
304 | %% MySQL server:
305 | %%
306 | %%{odbc_server, {mysql, "server", "database", "username", "password"}}.
307 | %%
308 | %% If you want to specify the port:
309 | %%{odbc_server, {mysql, "server", 1234, "database", "username", "password"}}.
310 |
311 | %%
312 | %% PostgreSQL server:
313 | %%
314 | %%{odbc_server, {pgsql, "server", "database", "username", "password"}}.
315 | %%
316 | %% If you want to specify the port:
317 | %%{odbc_server, {pgsql, "server", 1234, "database", "username", "password"}}.
318 | %%
319 | %% If you use PostgreSQL, have a large database, and need a
320 | %% faster but inexact replacement for "select count(*) from users"
321 | %%
322 | %%{pgsql_users_number_estimate, true}.
323 |
324 | %%
325 | %% ODBC compatible or MSSQL server:
326 | %%
327 | %%{odbc_server, "DSN=ejabberd;UID=ejabberd;PWD=ejabberd"}.
328 |
329 | %%
330 | %% Number of connections to open to the database for each virtual host
331 | %%
332 | %%{odbc_pool_size, 10}.
333 |
334 | %%
335 | %% Interval to make a dummy SQL request to keep the connections to the
336 | %% database alive. Specify in seconds: for example 28800 means 8 hours
337 | %%
338 | %%{odbc_keepalive_interval, undefined}.
339 |
340 |
341 | %%%. ===============
342 | %%%' TRAFFIC SHAPERS
343 |
344 | %%
345 | %% The "normal" shaper limits traffic speed to 1000 B/s
346 | %%
347 | {shaper, normal, {maxrate, 1000}}.
348 |
349 | %%
350 | %% The "fast" shaper limits traffic speed to 50000 B/s
351 | %%
352 | {shaper, fast, {maxrate, 50000}}.
353 |
354 | %%
355 | %% This option specifies the maximum number of elements in the queue
356 | %% of the FSM. Refer to the documentation for details.
357 | %%
358 | {max_fsm_queue, 1000}.
359 |
360 |
361 | %%%. ====================
362 | %%%' ACCESS CONTROL LISTS
363 |
364 | %%
365 | %% The 'admin' ACL grants administrative privileges to XMPP accounts.
366 | %% You can put here as many accounts as you want.
367 | %%
368 | {acl, admin, {user, "ztpsadmin", "im.ztps-test.com"}}.
369 | {acl, admin, {user, "bootstrap", "im.ztps-test.com"}}.
370 | %%{acl, admin, {user, "ermine", "example.org"}}.
371 |
372 | %%
373 | %% Blocked users
374 | %%
375 | %%{acl, blocked, {user, "baduser", "example.org"}}.
376 | %%{acl, blocked, {user, "test"}}.
377 |
378 | %%
379 | %% Local users: don't modify this line.
380 | %%
381 | {acl, local, {user_regexp, ""}}.
382 |
383 | %%
384 | %% More examples of ACLs
385 | %%
386 | %%{acl, jabberorg, {server, "jabber.org"}}.
387 | %%{acl, aleksey, {user, "aleksey", "jabber.ru"}}.
388 | %%{acl, test, {user_regexp, "^test"}}.
389 | %%{acl, test, {user_glob, "test*"}}.
390 |
391 | %%
392 | %% Define specific ACLs in a virtual host.
393 | %%
394 | %%{host_config, "localhost",
395 | %% [
396 | %% {acl, admin, {user, "bob-local", "localhost"}}
397 | %% ]
398 | %%}.
399 |
400 |
401 | %%%. ============
402 | %%%' ACCESS RULES
403 |
404 | %% Maximum number of simultaneous sessions allowed for a single user:
405 | {access, max_user_sessions, [{10, all}]}.
406 |
407 | %% Maximum number of offline messages that users can have:
408 | {access, max_user_offline_messages, [{5000, admin}, {100, all}]}.
409 |
410 | %% This rule allows access only for local users:
411 | {access, local, [{allow, local}]}.
412 |
413 | %% Only non-blocked users can use c2s connections:
414 | {access, c2s, [{deny, blocked},
415 | {allow, all}]}.
416 |
417 | %% For C2S connections, all users except admins use the "normal" shaper
418 | {access, c2s_shaper, [{none, admin},
419 | {normal, all}]}.
420 |
421 | %% All S2S connections use the "fast" shaper
422 | {access, s2s_shaper, [{fast, all}]}.
423 |
424 | %% Only admins can send announcement messages:
425 | {access, announce, [{allow, admin}]}.
426 |
427 | %% Only admins can use the configuration interface:
428 | {access, configure, [{allow, admin}]}.
429 |
430 | %% Admins of this server are also admins of the MUC service:
431 | {access, muc_admin, [{allow, admin}]}.
432 |
433 | %% Only accounts of the local ejabberd server can create rooms:
434 | {access, muc_create, [{allow, all}]}.
435 |
436 | %% All users are allowed to use the MUC service:
437 | {access, muc, [{allow, all}]}.
438 |
439 | %% Only accounts on the local ejabberd server can create Pubsub nodes:
440 | {access, pubsub_createnode, [{allow, local}]}.
441 |
442 | %% In-band registration allows registration of any possible username.
443 | %% To disable in-band registration, replace 'allow' with 'deny'.
444 | {access, register, [{allow, all}]}.
445 |
446 | %% By default the frequency of account registrations from the same IP
447 | %% is limited to 1 account every 10 minutes. To disable, specify: infinity
448 | %%{registration_timeout, 600}.
449 |
450 | %%
451 | %% Define specific Access Rules in a virtual host.
452 | %%
453 | %%{host_config, "localhost",
454 | %% [
455 | %% {access, c2s, [{allow, admin}, {deny, all}]},
456 | %% {access, register, [{deny, all}]}
457 | %% ]
458 | %%}.
459 |
460 |
461 | %%%. ================
462 | %%%' DEFAULT LANGUAGE
463 |
464 | %%
465 | %% language: Default language used for server messages.
466 | %%
467 | {language, "en"}.
468 |
469 | %%
470 | %% Set a different default language in a virtual host.
471 | %%
472 | %%{host_config, "localhost",
473 | %% [{language, "ru"}]
474 | %%}.
475 |
476 |
477 | %%%. =======
478 | %%%' CAPTCHA
479 |
480 | %%
481 | %% Full path to a script that generates the image.
482 | %%
483 | %%{captcha_cmd, "/usr/lib64/ejabberd/priv/bin/captcha.sh"}.
484 |
485 | %%
486 | %% Host for the URL and port where ejabberd listens for CAPTCHA requests.
487 | %%
488 | %%{captcha_host, "example.org:5280"}.
489 |
490 | %%
491 | %% Limit CAPTCHA calls per minute for JID/IP to avoid DoS.
492 | %%
493 | %%{captcha_limit, 5}.
494 |
495 | %%%. =======
496 | %%%' MODULES
497 |
498 | %%
499 | %% Modules enabled in all ejabberd virtual hosts.
500 | %%
501 | {modules,
502 | [
503 | {mod_adhoc, []},
504 | {mod_announce, [{access, announce}]}, % recommends mod_adhoc
505 | {mod_blocking,[]}, % requires mod_privacy
506 | {mod_caps, []},
507 | {mod_configure,[]}, % requires mod_adhoc
508 | {mod_disco, []},
509 | %%{mod_echo, [{host, "echo.localhost"}]},
510 | {mod_irc, []},
511 | {mod_http_bind, []},
512 | %%{mod_http_fileserver, [
513 | %% {docroot, "/var/www"},
514 | %% {accesslog, "/var/log/ejabberd/access.log"}
515 | %% ]},
516 | {mod_last, []},
517 | {mod_muc, [
518 | %%{host, "conference.@HOST@"},
519 | {access, muc},
520 | {access_create, muc_create},
521 | {access_persistent, muc_create},
522 | {access_admin, muc_admin}
523 | ]},
524 | %%{mod_muc_log,[]},
525 | {mod_offline, [{access_max_user_messages, max_user_offline_messages}]},
526 | {mod_ping, []},
527 | %%{mod_pres_counter,[{count, 5}, {interval, 60}]},
528 | {mod_privacy, []},
529 | {mod_private, []},
530 | %%{mod_proxy65,[]},
531 | {mod_pubsub, [
532 | {access_createnode, pubsub_createnode},
533 | {ignore_pep_from_offline, true}, % reduces resource comsumption, but XEP incompliant
534 | %%{ignore_pep_from_offline, false}, % XEP compliant, but increases resource comsumption
535 | {last_item_cache, false},
536 | {plugins, ["flat", "hometree", "pep"]} % pep requires mod_caps
537 | ]},
538 | {mod_register, [
539 | %%
540 | %% Protect In-Band account registrations with CAPTCHA.
541 | %%
542 | %%{captcha_protected, true},
543 |
544 | %%
545 | %% Set the minimum informational entropy for passwords.
546 | %%
547 | %%{password_strength, 32},
548 |
549 | %%
550 | %% After successful registration, the user receives
551 | %% a message with this subject and body.
552 | %%
553 | {welcome_message, {"Welcome!",
554 | "Hi.\nWelcome to this XMPP server."}},
555 |
556 | %%
557 | %% When a user registers, send a notification to
558 | %% these XMPP accounts.
559 | %%
560 | %%{registration_watchers, ["admin1@example.org"]},
561 |
562 | %%
563 | %% Only clients in the server machine can register accounts
564 | %%
565 | {ip_access, [{allow, "127.0.0.0/8"},
566 | {deny, "0.0.0.0/0"}]},
567 |
568 | %%
569 | %% Local c2s or remote s2s users cannot register accounts
570 | %%
571 | %%{access_from, deny},
572 |
573 | {access, register}
574 | ]},
575 | %%{mod_register_web, [
576 | %%
577 | %% When a user registers, send a notification to
578 | %% these XMPP accounts.
579 | %%
580 | %%{registration_watchers, ["admin1@example.org"]}
581 | %% ]},
582 | {mod_roster, []},
583 | %%{mod_service_log,[]},
584 | {mod_shared_roster,[]},
585 | {mod_stats, []},
586 | {mod_time, []},
587 | {mod_vcard, []},
588 | {mod_version, []}
589 | ]}.
590 |
591 | %%
592 | %% Enable modules with custom options in a specific virtual host
593 | %%
594 | %%{host_config, "localhost",
595 | %% [{{add, modules},
596 | %% [
597 | %% {mod_echo, [{host, "mirror.localhost"}]}
598 | %% ]
599 | %% }
600 | %% ]}.
601 |
602 |
603 | %%%.
604 | %%%'
605 |
606 | %%% $Id$
607 |
608 | %%% Local Variables:
609 | %%% mode: erlang
610 | %%% End:
611 | %%% vim: set filetype=erlang tabstop=8 foldmarker=%%%',%%%. foldmethod=marker:
612 |
--------------------------------------------------------------------------------
/Ubuntu/conf/ejabberd.cfg:
--------------------------------------------------------------------------------
1 | %%%
2 | %%% ejabberd configuration file
3 | %%%
4 | %%%'
5 |
6 | %%% The parameters used in this configuration file are explained in more detail
7 | %%% in the ejabberd Installation and Operation Guide.
8 | %%% Please consult the Guide in case of doubts, it is included with
9 | %%% your copy of ejabberd, and is also available online at
10 | %%% http://www.process-one.net/en/ejabberd/docs/
11 |
12 | %%% This configuration file contains Erlang terms.
13 | %%% In case you want to understand the syntax, here are the concepts:
14 | %%%
15 | %%% - The character to comment a line is %
16 | %%%
17 | %%% - Each term ends in a dot, for example:
18 | %%% override_global.
19 | %%%
20 | %%% - A tuple has a fixed definition, its elements are
21 | %%% enclosed in {}, and separated with commas:
22 | %%% {loglevel, 4}.
23 | %%%
24 | %%% - A list can have as many elements as you want,
25 | %%% and is enclosed in [], for example:
26 | %%% [http_poll, web_admin, tls]
27 | %%%
28 | %%% - A keyword of ejabberd is a word in lowercase.
29 | %%% Strings are enclosed in "" and can contain spaces, dots, ...
30 | %%% {language, "en"}.
31 | %%% {ldap_rootdn, "dc=example,dc=com"}.
32 | %%%
33 | %%% - This term includes a tuple, a keyword, a list, and two strings:
34 | %%% {hosts, ["jabber.example.net", "im.example.com"]}.
35 | %%%
36 |
37 |
38 | %%%. =======================
39 | %%%' OVERRIDE STORED OPTIONS
40 |
41 | %%
42 | %% Override the old values stored in the database.
43 | %%
44 |
45 | %%
46 | %% Override global options (shared by all ejabberd nodes in a cluster).
47 | %%
48 | %%override_global.
49 |
50 | %%
51 | %% Override local options (specific for this particular ejabberd node).
52 | %%
53 | %%override_local.
54 |
55 | %%
56 | %% Remove the Access Control Lists before new ones are added.
57 | %%
58 | %%override_acls.
59 |
60 |
61 | %%%. =========
62 | %%%' DEBUGGING
63 |
64 | %%
65 | %% loglevel: Verbosity of log files generated by ejabberd.
66 | %% 0: No ejabberd log at all (not recommended)
67 | %% 1: Critical
68 | %% 2: Error
69 | %% 3: Warning
70 | %% 4: Info
71 | %% 5: Debug
72 | %%
73 | {loglevel, 5}.
74 |
75 | %%
76 | %% watchdog_admins: Only useful for developers: if an ejabberd process
77 | %% consumes a lot of memory, send live notifications to these XMPP
78 | %% accounts.
79 | %%
80 | %%{watchdog_admins, ["bob@example.com"]}.
81 |
82 |
83 | %%%. ================
84 | %%%' SERVED HOSTNAMES
85 |
86 | %%
87 | %% hosts: Domains served by ejabberd.
88 | %% You can define one or several, for example:
89 | %% {hosts, ["example.net", "example.com", "example.org"]}.
90 | %%
91 | {hosts, ["im.ztps-test.com"]}.
92 |
93 | %%
94 | %% route_subdomains: Delegate subdomains to other XMPP servers.
95 | %% For example, if this ejabberd serves example.org and you want
96 | %% to allow communication with an XMPP server called im.example.org.
97 | %%
98 | %%{route_subdomains, s2s}.
99 |
100 |
101 | %%%. ===============
102 | %%%' LISTENING PORTS
103 |
104 | %%
105 | %% listen: The ports ejabberd will listen on, which service each is handled
106 | %% by and what options to start it with.
107 | %%
108 | {listen,
109 | [
110 |
111 | {5222, ejabberd_c2s, [
112 |
113 | %%
114 | %% If TLS is compiled in and you installed a SSL
115 | %% certificate, specify the full path to the
116 | %% file and uncomment this line:
117 | %%
118 | %%{certfile, "/etc/ejabberd/ejabberd.pem"}, starttls,
119 |
120 | {access, c2s},
121 | {shaper, c2s_shaper},
122 | {max_stanza_size, 65536}
123 | ]},
124 |
125 | %%
126 | %% To enable the old SSL connection method on port 5223:
127 | %%
128 | %%{5223, ejabberd_c2s, [
129 | %% {access, c2s},
130 | %% {shaper, c2s_shaper},
131 | %% {certfile, "/etc/ejabberd/ejabberd.pem"}, tls,
132 | %% {max_stanza_size, 65536}
133 | %% ]},
134 |
135 | {5269, ejabberd_s2s_in, [
136 | {shaper, s2s_shaper},
137 | {max_stanza_size, 131072}
138 | ]},
139 |
140 | %%
141 | %% ejabberd_service: Interact with external components (transports, ...)
142 | %%
143 | %%{8888, ejabberd_service, [
144 | %% {access, all},
145 | %% {shaper_rule, fast},
146 | %% {ip, {127, 0, 0, 1}},
147 | %% {hosts, ["icq.example.org", "sms.example.org"],
148 | %% [{password, "secret"}]
149 | %% }
150 | %% ]},
151 |
152 | %%
153 | %% ejabberd_stun: Handles STUN Binding requests
154 | %%
155 | %%{{3478, udp}, ejabberd_stun, []},
156 |
157 | {5280, ejabberd_http, [
158 | %% %%{request_handlers,
159 | %% %% [
160 | %% %% {["pub", "archive"], mod_http_fileserver}
161 | %% %% ]},
162 | %%captcha,
163 | http_bind,
164 | http_poll,
165 | %%register,
166 | web_admin
167 | ]}
168 |
169 | ]}.
170 |
171 | %%
172 | %% s2s_use_starttls: Enable STARTTLS + Dialback for S2S connections.
173 | %% Allowed values are: false optional required required_trusted
174 | %% You must specify a certificate file.
175 | %%
176 | %%{s2s_use_starttls, optional}.
177 |
178 | %%
179 | %% s2s_certfile: Specify a certificate file.
180 | %%
181 | %%{s2s_certfile, "/etc/ejabberd/ejabberd.pem"}.
182 |
183 | %%
184 | %% domain_certfile: Specify a different certificate for each served hostname.
185 | %%
186 | %%{domain_certfile, "example.org", "/path/to/example_org.pem"}.
187 | %%{domain_certfile, "example.com", "/path/to/example_com.pem"}.
188 |
189 | %%
190 | %% S2S whitelist or blacklist
191 | %%
192 | %% Default s2s policy for undefined hosts.
193 | %%
194 | %%{s2s_default_policy, allow}.
195 |
196 | %%
197 | %% Allow or deny communication with specific servers.
198 | %%
199 | %%{{s2s_host, "goodhost.org"}, allow}.
200 | %%{{s2s_host, "badhost.org"}, deny}.
201 |
202 | %%
203 | %% Outgoing S2S options
204 | %%
205 | %% Preferred address families (which to try first) and connect timeout
206 | %% in milliseconds.
207 | %%
208 | %%{outgoing_s2s_options, [ipv4, ipv6], 10000}.
209 |
210 |
211 | %%%. ==============
212 | %%%' AUTHENTICATION
213 |
214 | %%
215 | %% auth_method: Method used to authenticate the users.
216 | %% The default method is the internal.
217 | %% If you want to use a different method,
218 | %% comment this line and enable the correct ones.
219 | %%
220 | {auth_method, internal}.
221 | %%
222 | %% Store the plain passwords or hashed for SCRAM:
223 | %%{auth_password_format, plain}.
224 | %%{auth_password_format, scram}.
225 | %%
226 | %% Define the FQDN if ejabberd doesn't detect it:
227 | %%{fqdn, "server3.example.com"}.
228 |
229 | %%
230 | %% Authentication using external script
231 | %% Make sure the script is executable by ejabberd.
232 | %%
233 | %%{auth_method, external}.
234 | %%{extauth_program, "/path/to/authentication/script"}.
235 |
236 | %%
237 | %% Authentication using ODBC
238 | %% Remember to setup a database in the next section.
239 | %%
240 | %%{auth_method, odbc}.
241 |
242 | %%
243 | %% Authentication using PAM
244 | %%
245 | %%{auth_method, pam}.
246 | %%{pam_service, "ejabberd"}.
247 |
248 | %%
249 | %% Authentication using LDAP
250 | %%
251 | %%{auth_method, ldap}.
252 | %%
253 | %% List of LDAP servers:
254 | %%{ldap_servers, ["localhost"]}.
255 | %%
256 | %% Encryption of connection to LDAP servers:
257 | %%{ldap_encrypt, none}.
258 | %%{ldap_encrypt, tls}.
259 | %%
260 | %% Port to connect to on LDAP servers:
261 | %%{ldap_port, 389}.
262 | %%{ldap_port, 636}.
263 | %%
264 | %% LDAP manager:
265 | %%{ldap_rootdn, "dc=example,dc=com"}.
266 | %%
267 | %% Password of LDAP manager:
268 | %%{ldap_password, "******"}.
269 | %%
270 | %% Search base of LDAP directory:
271 | %%{ldap_base, "dc=example,dc=com"}.
272 | %%
273 | %% LDAP attribute that holds user ID:
274 | %%{ldap_uids, [{"mail", "%u@mail.example.org"}]}.
275 | %%
276 | %% LDAP filter:
277 | %%{ldap_filter, "(objectClass=shadowAccount)"}.
278 |
279 | %%
280 | %% Anonymous login support:
281 | %% auth_method: anonymous
282 | %% anonymous_protocol: sasl_anon | login_anon | both
283 | %% allow_multiple_connections: true | false
284 | %%
285 | %%{host_config, "public.example.org", [{auth_method, anonymous},
286 | %% {allow_multiple_connections, false},
287 | %% {anonymous_protocol, sasl_anon}]}.
288 | %%
289 | %% To use both anonymous and internal authentication:
290 | %%
291 | %%{host_config, "public.example.org", [{auth_method, [internal, anonymous]}]}.
292 |
293 |
294 | %%%. ==============
295 | %%%' DATABASE SETUP
296 |
297 | %% ejabberd by default uses the internal Mnesia database,
298 | %% so you do not necessarily need this section.
299 | %% This section provides configuration examples in case
300 | %% you want to use other database backends.
301 | %% Please consult the ejabberd Guide for details on database creation.
302 |
303 | %%
304 | %% MySQL server:
305 | %%
306 | %%{odbc_server, {mysql, "server", "database", "username", "password"}}.
307 | %%
308 | %% If you want to specify the port:
309 | %%{odbc_server, {mysql, "server", 1234, "database", "username", "password"}}.
310 |
311 | %%
312 | %% PostgreSQL server:
313 | %%
314 | %%{odbc_server, {pgsql, "server", "database", "username", "password"}}.
315 | %%
316 | %% If you want to specify the port:
317 | %%{odbc_server, {pgsql, "server", 1234, "database", "username", "password"}}.
318 | %%
319 | %% If you use PostgreSQL, have a large database, and need a
320 | %% faster but inexact replacement for "select count(*) from users"
321 | %%
322 | %%{pgsql_users_number_estimate, true}.
323 |
324 | %%
325 | %% ODBC compatible or MSSQL server:
326 | %%
327 | %%{odbc_server, "DSN=ejabberd;UID=ejabberd;PWD=ejabberd"}.
328 |
329 | %%
330 | %% Number of connections to open to the database for each virtual host
331 | %%
332 | %%{odbc_pool_size, 10}.
333 |
334 | %%
335 | %% Interval to make a dummy SQL request to keep the connections to the
336 | %% database alive. Specify in seconds: for example 28800 means 8 hours
337 | %%
338 | %%{odbc_keepalive_interval, undefined}.
339 |
340 |
341 | %%%. ===============
342 | %%%' TRAFFIC SHAPERS
343 |
344 | %%
345 | %% The "normal" shaper limits traffic speed to 1000 B/s
346 | %%
347 | {shaper, normal, {maxrate, 1000}}.
348 |
349 | %%
350 | %% The "fast" shaper limits traffic speed to 50000 B/s
351 | %%
352 | {shaper, fast, {maxrate, 50000}}.
353 |
354 | %%
355 | %% This option specifies the maximum number of elements in the queue
356 | %% of the FSM. Refer to the documentation for details.
357 | %%
358 | {max_fsm_queue, 1000}.
359 |
360 |
361 | %%%. ====================
362 | %%%' ACCESS CONTROL LISTS
363 |
364 | %%
365 | %% The 'admin' ACL grants administrative privileges to XMPP accounts.
366 | %% You can put here as many accounts as you want.
367 | %%
368 | {acl, admin, {user, "ztpsadmin", "im.ztps-test.com"}}.
369 | {acl, admin, {user, "bootstrap", "im.ztps-test.com"}}.
370 | %%{acl, admin, {user, "ermine", "example.org"}}.
371 |
372 | %%
373 | %% Blocked users
374 | %%
375 | %%{acl, blocked, {user, "baduser", "example.org"}}.
376 | %%{acl, blocked, {user, "test"}}.
377 |
378 | %%
379 | %% Local users: don't modify this line.
380 | %%
381 | {acl, local, {user_regexp, ""}}.
382 |
383 | %%
384 | %% More examples of ACLs
385 | %%
386 | %%{acl, jabberorg, {server, "jabber.org"}}.
387 | %%{acl, aleksey, {user, "aleksey", "jabber.ru"}}.
388 | %%{acl, test, {user_regexp, "^test"}}.
389 | %%{acl, test, {user_glob, "test*"}}.
390 |
391 | %%
392 | %% Define specific ACLs in a virtual host.
393 | %%
394 | %%{host_config, "localhost",
395 | %% [
396 | %% {acl, admin, {user, "bob-local", "localhost"}}
397 | %% ]
398 | %%}.
399 |
400 |
401 | %%%. ============
402 | %%%' ACCESS RULES
403 |
404 | %% Maximum number of simultaneous sessions allowed for a single user:
405 | {access, max_user_sessions, [{10, all}]}.
406 |
407 | %% Maximum number of offline messages that users can have:
408 | {access, max_user_offline_messages, [{5000, admin}, {100, all}]}.
409 |
410 | %% This rule allows access only for local users:
411 | {access, local, [{allow, local}]}.
412 |
413 | %% Only non-blocked users can use c2s connections:
414 | {access, c2s, [{deny, blocked},
415 | {allow, all}]}.
416 |
417 | %% For C2S connections, all users except admins use the "normal" shaper
418 | {access, c2s_shaper, [{none, admin},
419 | {normal, all}]}.
420 |
421 | %% All S2S connections use the "fast" shaper
422 | {access, s2s_shaper, [{fast, all}]}.
423 |
424 | %% Only admins can send announcement messages:
425 | {access, announce, [{allow, admin}]}.
426 |
427 | %% Only admins can use the configuration interface:
428 | {access, configure, [{allow, admin}]}.
429 |
430 | %% Admins of this server are also admins of the MUC service:
431 | {access, muc_admin, [{allow, admin}]}.
432 |
433 | %% Only accounts of the local ejabberd server can create rooms:
434 | {access, muc_create, [{allow, all}]}.
435 |
436 | %% All users are allowed to use the MUC service:
437 | {access, muc, [{allow, all}]}.
438 |
439 | %% Only accounts on the local ejabberd server can create Pubsub nodes:
440 | {access, pubsub_createnode, [{allow, local}]}.
441 |
442 | %% In-band registration allows registration of any possible username.
443 | %% To disable in-band registration, replace 'allow' with 'deny'.
444 | {access, register, [{allow, all}]}.
445 |
446 | %% By default the frequency of account registrations from the same IP
447 | %% is limited to 1 account every 10 minutes. To disable, specify: infinity
448 | %%{registration_timeout, 600}.
449 |
450 | %%
451 | %% Define specific Access Rules in a virtual host.
452 | %%
453 | %%{host_config, "localhost",
454 | %% [
455 | %% {access, c2s, [{allow, admin}, {deny, all}]},
456 | %% {access, register, [{deny, all}]}
457 | %% ]
458 | %%}.
459 |
460 |
461 | %%%. ================
462 | %%%' DEFAULT LANGUAGE
463 |
464 | %%
465 | %% language: Default language used for server messages.
466 | %%
467 | {language, "en"}.
468 |
469 | %%
470 | %% Set a different default language in a virtual host.
471 | %%
472 | %%{host_config, "localhost",
473 | %% [{language, "ru"}]
474 | %%}.
475 |
476 |
477 | %%%. =======
478 | %%%' CAPTCHA
479 |
480 | %%
481 | %% Full path to a script that generates the image.
482 | %%
483 | %%{captcha_cmd, "/usr/lib64/ejabberd/priv/bin/captcha.sh"}.
484 |
485 | %%
486 | %% Host for the URL and port where ejabberd listens for CAPTCHA requests.
487 | %%
488 | %%{captcha_host, "example.org:5280"}.
489 |
490 | %%
491 | %% Limit CAPTCHA calls per minute for JID/IP to avoid DoS.
492 | %%
493 | %%{captcha_limit, 5}.
494 |
495 | %%%. =======
496 | %%%' MODULES
497 |
498 | %%
499 | %% Modules enabled in all ejabberd virtual hosts.
500 | %%
501 | {modules,
502 | [
503 | {mod_adhoc, []},
504 | {mod_announce, [{access, announce}]}, % recommends mod_adhoc
505 | {mod_blocking,[]}, % requires mod_privacy
506 | {mod_caps, []},
507 | {mod_configure,[]}, % requires mod_adhoc
508 | {mod_disco, []},
509 | %%{mod_echo, [{host, "echo.localhost"}]},
510 | {mod_irc, []},
511 | {mod_http_bind, []},
512 | %%{mod_http_fileserver, [
513 | %% {docroot, "/var/www"},
514 | %% {accesslog, "/var/log/ejabberd/access.log"}
515 | %% ]},
516 | {mod_last, []},
517 | {mod_muc, [
518 | %%{host, "conference.@HOST@"},
519 | {access, muc},
520 | {access_create, muc_create},
521 | {access_persistent, muc_create},
522 | {access_admin, muc_admin}
523 | ]},
524 | %%{mod_muc_log,[]},
525 | {mod_offline, [{access_max_user_messages, max_user_offline_messages}]},
526 | {mod_ping, []},
527 | %%{mod_pres_counter,[{count, 5}, {interval, 60}]},
528 | {mod_privacy, []},
529 | {mod_private, []},
530 | %%{mod_proxy65,[]},
531 | {mod_pubsub, [
532 | {access_createnode, pubsub_createnode},
533 | {ignore_pep_from_offline, true}, % reduces resource comsumption, but XEP incompliant
534 | %%{ignore_pep_from_offline, false}, % XEP compliant, but increases resource comsumption
535 | {last_item_cache, false},
536 | {plugins, ["flat", "hometree", "pep"]} % pep requires mod_caps
537 | ]},
538 | {mod_register, [
539 | %%
540 | %% Protect In-Band account registrations with CAPTCHA.
541 | %%
542 | %%{captcha_protected, true},
543 |
544 | %%
545 | %% Set the minimum informational entropy for passwords.
546 | %%
547 | %%{password_strength, 32},
548 |
549 | %%
550 | %% After successful registration, the user receives
551 | %% a message with this subject and body.
552 | %%
553 | {welcome_message, {"Welcome!",
554 | "Hi.\nWelcome to this XMPP server."}},
555 |
556 | %%
557 | %% When a user registers, send a notification to
558 | %% these XMPP accounts.
559 | %%
560 | %%{registration_watchers, ["admin1@example.org"]},
561 |
562 | %%
563 | %% Only clients in the server machine can register accounts
564 | %%
565 | {ip_access, [{allow, "127.0.0.0/8"},
566 | {deny, "0.0.0.0/0"}]},
567 |
568 | %%
569 | %% Local c2s or remote s2s users cannot register accounts
570 | %%
571 | %%{access_from, deny},
572 |
573 | {access, register}
574 | ]},
575 | %%{mod_register_web, [
576 | %%
577 | %% When a user registers, send a notification to
578 | %% these XMPP accounts.
579 | %%
580 | %%{registration_watchers, ["admin1@example.org"]}
581 | %% ]},
582 | {mod_roster, []},
583 | %%{mod_service_log,[]},
584 | {mod_shared_roster,[]},
585 | {mod_stats, []},
586 | {mod_time, []},
587 | {mod_vcard, []},
588 | {mod_version, []}
589 | ]}.
590 |
591 | %%
592 | %% Enable modules with custom options in a specific virtual host
593 | %%
594 | %%{host_config, "localhost",
595 | %% [{{add, modules},
596 | %% [
597 | %% {mod_echo, [{host, "mirror.localhost"}]}
598 | %% ]
599 | %% }
600 | %% ]}.
601 |
602 |
603 | %%%.
604 | %%%'
605 |
606 | %%% $Id$
607 |
608 | %%% Local Variables:
609 | %%% mode: erlang
610 | %%% End:
611 | %%% vim: set filetype=erlang tabstop=8 foldmarker=%%%',%%%. foldmethod=marker:
612 |
--------------------------------------------------------------------------------
/lib/eosplusvnets.py:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env python
2 |
3 | ##############################################
4 | # Library for creating ZTPServer-related Demos
5 | # Author: eosplus-dev@arista.com
6 | # Date: 20150113
7 | ##############################################
8 |
9 | import sys
10 | import os
11 | import re
12 | import platform
13 | import argparse
14 | import subprocess
15 | import datetime
16 | import urllib
17 | import zipfile
18 | import getpass
19 |
20 |
21 | packerURL = "https://releases.hashicorp.com/packer/1.1.3"
22 | packerVersion = "1.1.3"
23 |
24 | class bcolors:
25 | HEADER = '\033[95m'
26 | OKBLUE = '\033[94m'
27 | OKGREEN = '\033[92m'
28 | WARNING = '\033[93m'
29 | FAIL = '\033[91m'
30 | ENDC = '\033[0m'
31 | BOLD = '\033[1m'
32 | UNDERLINE = '\033[4m'
33 |
34 | def getHostOS():
35 | return platform.system().lower()
36 |
37 | def getHostArch():
38 | is_64bits = sys.maxsize > 2**32
39 | return 64 if is_64bits else 32
40 |
41 | def which(program):
42 | def is_exe(fpath):
43 | return os.path.isfile(fpath) and os.access(fpath, os.X_OK)
44 |
45 | fpath, fname = os.path.split(program)
46 | if fpath:
47 | if is_exe(program):
48 | return program
49 | else:
50 | for path in os.environ["PATH"].split(os.pathsep):
51 | path = path.strip('"')
52 | exe_file = os.path.join(path, program)
53 | if is_exe(exe_file):
54 | return exe_file
55 |
56 | return False
57 |
58 | def find(path, name):
59 | print "Searching %s for %s..." % (path, name)
60 | # Look recursively through OS for files
61 | for root, dirs, files in os.walk(path):
62 | #print files
63 | if name in files:
64 | print "Found file here:%s" % root
65 | return root
66 | if name in dirs:
67 | print "Found file here:%s" % root
68 | return os.path.join(root, name)
69 |
70 | # File wasn't found, return false
71 | return False
72 |
73 | def getUnzipped(url, dest, fn):
74 | name = os.path.join(dest, fn)
75 | try:
76 | if find(dest, fn.split(".zip")[0]):
77 | print "%s already exists, no need to download again." % fn.split(".zip")[0]
78 | else:
79 | print "Downloading Packer binaries to %s" % name
80 | print "This may take a few minutes (~85MB)..."
81 | name, hdrs = urllib.urlretrieve(url, name)
82 | print "Download successful!"
83 | except IOError, e:
84 | print "Can't retrieve %r to %r: %s" % (url, name, e)
85 | raise
86 |
87 | try:
88 | print "Unzipping %s..." % name
89 | with zipfile.ZipFile(name, "r") as z:
90 | bin = os.path.join(dest, "packer-bin")
91 | z.extractall(bin)
92 | except zipfile.error, e:
93 | print "Bad zipfile (from %r): %s" % (url, e)
94 | raise
95 | print "Unzipped successfully to %s" % bin
96 | return bin
97 |
98 | def installPacker(hostOS, hostArch):
99 | if hostArch == 64:
100 | arch = "amd64"
101 | else:
102 | arch = "386"
103 |
104 | url = "%s/packer_%s_%s_%s.zip" % (packerURL, packerVersion, hostOS, arch)
105 |
106 | installPath = os.path.expanduser('~')
107 | packerZipDir = getUnzipped(url, installPath, "packer-bin.zip")
108 | packerDir = os.path.join(installPath, "packer-bin")
109 |
110 | # Make all Packer binaries executable
111 | for file in os.listdir(packerDir):
112 | file = os.path.join(packerDir, file)
113 | os.chmod(file, 0o777)
114 |
115 | # Add packer-bin to path
116 | os.environ["PATH"] += os.pathsep + packerDir
117 | print "Updated path to be:%s" % os.environ["PATH"]
118 | print "Packer installed!"
119 | return os.path.join(packerDir, "packer")
120 |
121 | def getActiveNets(cmd, regex):
122 | # Get existing networks and return array of numbers
123 | try:
124 | ifconfig = subprocess.check_output(cmd)
125 | return re.findall(r"%s" % regex, ifconfig)
126 | except OSError as e:
127 | if e.errno == os.errno.ENOENT:
128 | print "vboxnet creation failed. Check output above"
129 | raise
130 | else:
131 | print "Something else went wrong"
132 | raise
133 |
134 | def createVBoxNets(hostOS, hostArch, libDir):
135 | print "Creating virtual networks for Virtual Box"
136 |
137 | if hostOS == "darwin":
138 | # Open VirtualBox App
139 | print "Opening VirtualBox application..."
140 | cmd = ["open", "-a", "VirtualBox"]
141 | process = subprocess.Popen(cmd)
142 |
143 | #Get list of current networks
144 | cmd = ["ifconfig", "-a"]
145 | regex = "vboxnet(\d+)"
146 | activeNets = getActiveNets(cmd, regex)
147 |
148 | print "\nAnalyzing Host-Only Networks..."
149 |
150 | # Create vmnets
151 | vmnets = (0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10)
152 | if len(activeNets) < len(vmnets):
153 | if len(activeNets) > 0:
154 | print "Existing Host-Only networks found:"
155 | for n in activeNets:
156 | print " - %s" % n
157 | else:
158 | print "No existing Host-Only networks found."
159 |
160 | numCreate = len(vmnets) - len(activeNets)
161 | for i in range(0, numCreate):
162 | try:
163 | cmd = "%s/vboxmanage" % libDir
164 | subprocess.call([cmd, "hostonlyif", "create"])
165 | except OSError as e:
166 | if e.errno == os.errno.ENOENT:
167 | print "vboxnet creation failed. Check output above"
168 | raise
169 | else:
170 | print "Something else went wrong"
171 | raise
172 | else:
173 | print "Enough existing virtual networks exist. Let's just reconfigure them."
174 |
175 | try:
176 | for net in vmnets:
177 |
178 | print "Creating/modifying vboxnet%s" % net
179 | network = int(net) + 128
180 | print " - Assigning vboxnet%s to 172.16.%s.1/24" % (net, network)
181 |
182 | cmd = "%s/vboxmanage" % libDir
183 | vboxnet = "vboxnet%s" % net
184 | ip = "172.16.%s.1" % network
185 | subprocess.call([cmd, "hostonlyif", "ipconfig", vboxnet,
186 | "-ip", ip, "-netmask", "255.255.255.0"])
187 | except OSError as e:
188 | if e.errno == os.errno.ENOENT:
189 | print "vboxnet creation failed. Check output above"
190 | raise
191 | else:
192 | print "Something else went wrong"
193 | raise
194 |
195 | # Remove any DHCP Servers from virtual networks
196 | try:
197 | cmd = "%s/vboxmanage" % libDir
198 | dhcpList = subprocess.check_output([cmd, "list", "dhcpservers"])
199 | regex = "NetworkName:\s+(\S+)"
200 | hostOnlyDHCPSrvs = re.findall(r"%s" % regex, dhcpList)
201 |
202 | print "Disabling DHCP Servers"
203 | for srv in hostOnlyDHCPSrvs:
204 | print "Disabling HostOnlyIf DHCP Server %s" % srv
205 | subprocess.call([cmd, "dhcpserver", "remove", "--netname", srv])
206 |
207 | return True
208 |
209 | except OSError as e:
210 | if e.errno == os.errno.ENOENT:
211 | print "vboxnet creation failed. Check output above"
212 | raise
213 | else:
214 | print "Something else went wrong"
215 | raise
216 |
217 | elif hostOS == "windows":
218 | # Open VirtualBox App
219 | print "Opening VirtualBox application..."
220 | cmd = ["%s/VirtualBox.exe" % libDir]
221 | process = subprocess.Popen(cmd)
222 |
223 | #Get list of current networks
224 | cmd = ["ipconfig"]
225 | regex = "Ethernet.*(VirtualBox Host-Only.*):"
226 | activeNets = getActiveNets(cmd, regex)
227 |
228 | print "\nAnalyzing Host-Only Networks..."
229 |
230 | # Create vmnets
231 | vmnets = ("", " #2", " #3", " #4", " #5", " #6", " #7", " #8", " #9", " #10")
232 | if len(activeNets) < len(vmnets):
233 | if len(activeNets) > 0:
234 | print "Existing Host-Only networks found:"
235 | for n in activeNets:
236 | print " - %s" % n
237 | else:
238 | print "No existing Host-Only networks found."
239 |
240 | numCreate = len(vmnets) - len(activeNets)
241 | print "Creating %s new Host-Only Networks" % numCreate
242 | for i in range(0, numCreate):
243 | try:
244 | cmd = "%s/vboxmanage" % libDir
245 | subprocess.call([cmd, "hostonlyif", "create"])
246 | except OSError as e:
247 | if e.errno == os.errno.ENOENT:
248 | print "vboxnet creation failed. Check output above"
249 | raise
250 | else:
251 | print "Something else went wrong"
252 | raise
253 | else:
254 | print "Enough existing virtual networks exist. Let's just reconfigure them."
255 | print "Existing Host-Only networks found:"
256 | for n in activeNets:
257 | print " - %s" % n
258 |
259 | try:
260 | network = 128
261 | for net in vmnets:
262 |
263 | print "Modifying VirtualBox Host-Only Ethernet Adapter%s" % net
264 | print " - Assigning VirtualBox Host-Only Ethernet Adapter%s to 172.16.%s.1/24\n" % (net, network)
265 |
266 | cmd = "%s/vboxmanage" % libDir
267 | vboxnet = "VirtualBox Host-Only Ethernet Adapter%s" % net
268 | ip = "172.16.%s.1" % network
269 | subprocess.call([cmd, "hostonlyif", "ipconfig", vboxnet,
270 | "-ip", ip, "-netmask", "255.255.255.0"])
271 | network += 1
272 |
273 | except OSError as e:
274 | if e.errno == os.errno.ENOENT:
275 | print "vboxnet creation failed. Check output above"
276 | raise
277 | else:
278 | print "Something else went wrong"
279 | raise
280 |
281 | # Remove any DHCP Servers from virtual networks
282 | try:
283 | cmd = "%s/vboxmanage" % libDir
284 | dhcpList = subprocess.check_output([cmd, "list", "dhcpservers"])
285 | regex = "NetworkName:\s+(\S+.*)"
286 | hostOnlyDHCPSrvs = re.findall(r"%s" % regex, dhcpList)
287 |
288 | print "Disabling DHCP Servers"
289 | for srv in hostOnlyDHCPSrvs:
290 | print " - Disabling DHCP Server %s" % srv
291 | subprocess.call([cmd, "dhcpserver", "remove", "--netname", "%s" % srv], shell=True)
292 | except OSError as e:
293 | if e.errno == os.errno.ENOENT:
294 | print "vboxnet creation failed. Check output above"
295 | raise
296 | else:
297 | print "Something else went wrong"
298 | raise
299 | return True
300 |
301 | def createVmNets(hostOS, hostArch, libDir):
302 | print "Creating virtual networks for VMware"
303 |
304 | if hostOS == "darwin":
305 | # Open VMware Fusion App
306 | cmd = ["open", "-a", "VMware Fusion"]
307 | process = subprocess.Popen(cmd)
308 |
309 | #Get list of current networks
310 | cmd = ["ifconfig"]
311 | regex = "vmnet(\d+)"
312 | activeNets = getActiveNets(cmd, regex)
313 |
314 | print "\nAnalyzing Host-Only Networks..."
315 |
316 | # Create/modify vmnets
317 | vmnets = (2, 3, 4, 5, 6, 7, 9, 10, 11)
318 | try:
319 | if len(activeNets) > 0:
320 | print "Existing vmnets found:"
321 | for n in activeNets:
322 | print " - VMnet%s" % n
323 | else:
324 | print "No existing vmnets found."
325 |
326 | print "Creating/modifying vmnets"
327 | for net in vmnets:
328 |
329 | print "Creating/modifying vmnet%s" % net
330 | print "---------------------------"
331 |
332 | network = int(net) + 128
333 | netcfgCmd = r"%s/vmnet-cfgcli" % libDir
334 | cfgCmd = r"%s/vmnet-cli" % libDir
335 | dhcpCmd = "VNET_%s_DHCP" % net
336 | subnetCmd = "VNET_%s_HOSTONLY_SUBNET" % net
337 | subnet = "172.16.%s.0" % network
338 | netmaskCmd = "VNET_%s_HOSTONLY_NETMASK" % net
339 | virtualCmd = "VNET_%s_VIRTUAL_ADAPTER" % net
340 | subprocess.call(["sudo", netcfgCmd, "vnetcfgadd", dhcpCmd, "no"])
341 | subprocess.call(["sudo", netcfgCmd, "vnetcfgadd", subnetCmd, subnet])
342 | subprocess.call(["sudo", netcfgCmd, "vnetcfgadd", netmaskCmd, "255.255.255.0"])
343 | subprocess.call(["sudo", netcfgCmd, "vnetcfgadd", virtualCmd, "yes"])
344 |
345 | # Configure and restart to take effect
346 | print "Committing vmware network services"
347 | print "----------------------------------"
348 | subprocess.call(["sudo", cfgCmd, "--configure"])
349 |
350 | print "Stopping vmware network services"
351 | print "--------------------------------"
352 | subprocess.call(["sudo", cfgCmd, "--stop"])
353 |
354 | print "Starting vmware network services"
355 | print "--------------------------------"
356 | subprocess.call(["sudo", cfgCmd, "--start"])
357 |
358 | print "VMNets Installed!"
359 |
360 | except OSError as e:
361 | if e.errno == os.errno.ENOENT:
362 | print "vmnet creation failed. Check output above"
363 | raise
364 | else:
365 | print "Something else went wrong"
366 | raise
367 |
368 | return True
369 |
370 | elif hostOS == "windows":
371 | # Open VMware Fusion App
372 | cmd = ["%s/vmware.exe" % libDir]
373 | process = subprocess.Popen(cmd)
374 |
375 | #Get list of current networks
376 | cmd = ["ipconfig"]
377 | regex = "VMnet(\d+)"
378 | activeNets = getActiveNets(cmd, regex)
379 |
380 | print "\nAnalyzing Host-Only Networks..."
381 |
382 | # Create/modify vmnets
383 | vmnets = ["2", "3", "4", "5", "6", "7", "9", "10", "11"]
384 |
385 | try:
386 | if len(activeNets) > 0:
387 | print "Existing vmnets found:"
388 | for n in activeNets:
389 | print " - VMnet%s" % n
390 | else:
391 | print "No existing vmnets found."
392 |
393 | # Trim vmnets
394 | createNets = [x for x in vmnets if x not in activeNets]
395 |
396 | netcfgCmd = r"%s/vnetlib.exe" % libDir
397 | print netcfgCmd
398 |
399 | # Stop Workstation services - nat dhcp
400 | print "Stopping VMware Workstation NAT service"
401 | rc = subprocess.call([netcfgCmd, "--", "stop", "nat"])
402 | print "Stopping VMware Workstation DHCP service"
403 | rc = subprocess.call([netcfgCmd, "--", "stop", "dhcp"])
404 |
405 | # create networks that dont already exist
406 | for net in createNets:
407 | netName = "vmnet%s" % net
408 | print " - Creating new virtual network %s" % netName
409 | rc = subprocess.call([netcfgCmd, "--", "add",
410 | "adapter", netName])
411 | rc = subprocess.call([netcfgCmd, "--", "update",
412 | "adapter", netName])
413 |
414 | # Configure ALL of the networks in vmnets list
415 | for net in vmnets:
416 | network = 128 + int(net)
417 | netName = "vmnet%s" % net
418 | mask = "255.255.255.0"
419 | addr = "172.16.%s.0" % network
420 | print "Modifying virtual network %s" % netName
421 | print " - setting netmask to %s" % mask
422 | rc = subprocess.call([netcfgCmd, "--", "set", "vnet",
423 | netName, "mask", mask])
424 | print " - setting address to %s" % addr
425 | rc = subprocess.call([netcfgCmd, "--", "set", "vnet",
426 | netName, "addr", addr])
427 | print " - disabling DHCP server on vmnet%s" % net
428 | rc = subprocess.call([netcfgCmd, "--", "remove",
429 | "dhcp", netName])
430 | print " - disabling NAT on vmnet%s" % net
431 | rc = subprocess.call([netcfgCmd, "--", "remove",
432 | "nat", netName])
433 | print " - saving changes for vmnet%s" % net
434 | rc = subprocess.call([netcfgCmd, "--", "update",
435 | "dhcp", netName])
436 | rc = subprocess.call([netcfgCmd, "--", "update",
437 | "nat", netName])
438 | rc = subprocess.call([netcfgCmd, "--", "update",
439 | "adapter", netName])
440 |
441 | # Start DHCP and NAT
442 | print "Starting VMware Workstation NAT service"
443 | rc = subprocess.call([netcfgCmd, "--", "start", "nat"])
444 | print "Starting VMware Workstation DHCP service"
445 | rc = subprocess.call([netcfgCmd, "--", "start", "dhcp"])
446 |
447 | print "VMNets Installed!"
448 | except OSError as e:
449 | if e.errno == os.errno.ENOENT:
450 | print "vmnet creation failed. Check output above"
451 | raise
452 | else:
453 | print "Something else went wrong"
454 | raise
455 |
456 | return True
457 |
--------------------------------------------------------------------------------