#!/usr/bin/env python3 from flask import Flask, jsonify, request, json from flask_restful import Resource, Api, reqparse import base64 import pandas as pd import ast import subprocess import os app = Flask(__name__) api = Api(app) @app.route("/systemVersion", methods=["GET"]) def uname(): uname = subprocess.check_output(["uname", "-arm"]) return jsonify(uname) @app.route("/getDKIM", methods=["GET"]) def getDkimKey(): with open("/var/domain") as domainFile: domain = domainFile.readline() domain = domain.rstrip("\n") catProcess = subprocess.Popen(["cat", "/var/dkim/" + domain + ".selector.txt"], stdout=subprocess.PIPE) dkim = catProcess.communicate()[0] dkim = base64.b64encode(dkim) dkim = str(dkim, 'utf-8') print(dkim) response = app.response_class( response=json.dumps(dkim), status=200, mimetype='application/json' ) return response @app.route("/pythonVersion", methods=["GET"]) def getPythonVersion(): pythonVersion = subprocess.check_output(["python","--version"]) return jsonify(pythonVersion) @app.route("/apply", methods=["GET"]) def rebuildSystem(): rebuildResult = subprocess.Popen(["nixos-rebuild","switch"]) rebuildResult.communicate()[0] return jsonify(rebuildResult.returncode) @app.route("/rollback", methods=["GET"]) def rollbackSystem(): rollbackResult = subprocess.Popen(["nixos-rebuild","switch","--rollback"]) rollbackResult.communicate()[0] return jsonify(rollbackResult.returncode) @app.route("/upgrade", methods=["GET"]) def upgradeSystem(): upgradeResult = subprocess.Popen(["nixos-rebuild","switch","--upgrade"]) upgradeResult.communicate()[0] return jsonify(upgradeResult.returncode) @app.route("/createUser", methods=["GET"]) def createUser(): with open("users.nix", "r+") as file: appendData = " #--- \"" + request.headers["X-User"] + "\" = {\n isNormalUser = true;\n hashedPassword = \"" + request.headers["X-HashedPassword"] + "\";\n };" for i, line in enumerate(file): if line.startswith("#---"): file[i] = file[i].strip + appendData + "\n" file.seek(0) for line in file: file.write(line) @app.route("/deleteUser", methods=["DELETE"]) def deleteUser(): user = subprocess.Popen(["userdel",request.headers.get("X-User")]) user.communicate()[0] return jsonify(user.returncode) @app.route("/serviceStatus", methods=["GET"]) def getServiceStatus(): imapService = subprocess.Popen(["systemctl", "status", "dovecot2.service"]) imapService.communicate()[0] smtpService = subprocess.Popen(["systemctl", "status", "postfix.service"]) smtpService.communicate()[0] httpService = subprocess.Popen(["systemctl", "status", "nginx.service"]) httpService.communicate()[0] return jsonify( imap=imapService.returncode, smtp=smtpService.returncode, http=httpService.returncode ) @app.route("/decryptDisk", methods=["POST"]) def requestDiskDecryption(): decryptionService = subprocess.Popen(["echo", "-n", request.headers['X-Decryption-Key'], "|", "cryptsetup", "luksOpen", "/dev/sdb", "decryptedVar"], stdout=subprocess.PIPE, shell=False) decryptionService.communicate()[0] return jsonify( status=decryptionService.returncode ) @app.route("/enableSSH", methods=["POST"]) def enableSSH(): readOnlyFileDescriptor = open("/etc/nixos/configuration.nix", "rt") readWriteFileDescriptor = open("/etc/nixos/configuration.nix", "wt") for line in readOnlyFileDescriptor: readWriteFileDescriptor.write(line.replace("services.openssh.enable = false;", "services.openssh.enable = true;")) readWriteFileDescriptor.close() readOnlyFileDescriptor.close() return jsonify( status=0 ) if __name__ == '__main__': app.run(port=5050, debug=False)