add code to extract all resolving domains from the containers

2016-04-07 08:03:13 +02:00 · 2016-04-07 08:03:13 +02:00 · 27ba704ee6
commit 27ba704ee6
parent a57fa08340
4 changed files with 81 additions and 5 deletions
--- a/4
+++ b/4
@ -9,13 +9,15 @@ RUN apt-get update; \
    git clone https://github.com/letsencrypt/letsencrypt ;\
    cd /letsencrypt ;\
    ./letsencrypt-auto --help
+RUN pip3 install docker-py

 ADD haproxy_ssl.conf /haproxy_ssl.conf
 ADD haproxy.conf /haproxy.conf
 ADD letencrypt.conf /letencrypt.conf

 ADD start.py /start.py
-RUN chmod +x /start.py
+ADD list_domains.py /list_domains.py
+RUN chmod +x /*.py

 VOLUME ["/data"]

--- a/6
+++ b/6
@ -1,12 +1,14 @@

 # Nach start von haproxy ohne ssl:
 /letsencrypt/letsencrypt-auto --config letencrypt.conf certonly -d lusiardi.de
-cat /data/config/live/lusiardi.de/fullchain.pem /data/config/live/lusiardi.de/privkey.pem > /data/haproxy/cert.pem
+DIR=`ls -td /data/config/live/*/ | head -1`
+cat ${DIR}/fullchain.pem ${DIR}/privkey.pem > /data/haproxy/cert.pem


 # Nach start von haproxy mit ssl:
 /letsencrypt/letsencrypt-auto --config letencrypt.conf certonly  --standalone-supported-challenges http-01 --http-01-port 54321 --expand -d lusiardi.de -d ps.lusiardi.de
-cat /data/config/live/lusiardi.de/fullchain.pem /data/config/live/lusiardi.de/privkey.pem > /data/haproxy/cert.pem
+DIR=`ls -td /data/config/live/*/ | head -1`
+cat ${DIR}/fullchain.pem ${DIR}/privkey.pem > /data/haproxy/cert.pem

 # aufräumen
 rm -rf /data/*
--- a/list_domains.py
+++ b/list_domains.py
@ -0,0 +1,71 @@
+#!/usr/bin/python3.4
+
+from docker import Client
+from docker.errors import APIError
+from string import Template
+import json
+import signal
+import os
+from socket import getaddrinfo
+
+def get_if_available(dict, key, defValue):
+    if key in dict:
+        return dict[key]
+    else:
+        return defValue
+
+def analyse_proxy_data(data):
+    """Extracts the data for the proxy configuration (envrionment variable
+        'PROXY_DATA' and converts it to a dictionary."""
+    proxy_data = {}
+    for proxy_var in data['PROXY_DATA'].split(','):
+        t = proxy_var.split(":",1)
+        proxy_data[t[0]] = t[1]
+    return proxy_data
+
+def analyse_env_vars(inspect_data):
+    """Extracts the environment variables from the given result of an 'inspect
+        container' call."""
+    env_data = {}
+    if not 'Env' in inspect_data['Config'] or inspect_data['Config']['Env'] is None:
+        return env_data
+    for env_var in inspect_data['Config']['Env']:
+        t = env_var.split("=")
+        env_data[t[0]] = t[1]
+    return env_data
+
+def handle_container(id):
+    """This function take a container's id and collects all data required
+        to create a proper proxy configuration. The configuration is then
+        written to the directory of temporary nginx files"""
+    inspect_data = client.inspect_container(id)
+    env_vars = analyse_env_vars(inspect_data)
+    if 'PROXY_DATA' in env_vars:
+        proxy_data = analyse_proxy_data(env_vars)
+        names = get_if_available(proxy_data, 'server_names', '').split(';')
+        return names
+    return []
+
+def get_resolving_domains_from_containers(docker_client):
+    container_ids = client.containers(quiet=True)
+    domains = []
+    for container_id in container_ids:
+        domains.extend(handle_container(container_id['Id']))
+
+    resolved_domains = []
+    for domain in domains:
+        try:
+            getaddrinfo(domain, None)
+            resolved_domains.append(domain)
+        except Exception:
+            pass
+
+    return resolved_domains
+
+if __name__ == '__main__':
+
+    client = Client(base_url='unix://var/run/docker.sock', version='1.15')
+
+    resolved_domains = get_resolving_domains_from_containers(client)
+
+    print(str(resolved_domains))
--- a/start.py
+++ b/start.py
@ -12,6 +12,9 @@ pid_file='/haproxy.pid'


 def hash_cert_file():
+    """Creates the sha256 hash of the certifcate file for haproxy. If the file
+    does not exist, an empty string is returned.
+    """
    if not os.path.isfile(cert_file):
        return ''
    aFile = open(cert_file, 'rb')
@ -109,5 +112,3 @@ if __name__ == '__main__':
                start_haproxy()
                logging.info('SSL -> NON SSL')
                SSL_RUNNING=False
-#        logging.info('haproxy is running: %s', str(is_haproxy_running()))
-#        logging.info('haproxy is running with SSL: %s', str(SSL_RUNNING))