mirror of
https://github.com/thannaske/rspamd-influxdb.git
synced 2023-10-10 13:36:59 +02:00
Adding --config parameter to provide a path to a configuration file for security reasons (issue #2)
This commit is contained in:
parent
57c69cf072
commit
6ed06a53ac
15
README.md
15
README.md
@ -2,7 +2,20 @@
|
|||||||
Quick and dirty approach to get stats of rspamd out of the webinterface's API into InfluxDB for visualizing using Grafana.
|
Quick and dirty approach to get stats of rspamd out of the webinterface's API into InfluxDB for visualizing using Grafana.
|
||||||
|
|
||||||
## Usage
|
## Usage
|
||||||
`python3 rspamd-influxdb.py https://example.com:1337/ superSecretPassword`
|
`python3 rspamd-influxdb.py --url "https://example.com:1337" --password "superSecretPassword"`
|
||||||
|
|
||||||
|
You may provide the URL and password by defining the path to a configuration file in order to prevent other users from reading the password in clear text from the process list. To do so you need to provide the `--config $path` argument, e.g.
|
||||||
|
|
||||||
|
`python3 rspamd-influxdb.py --config "~/config.json"`
|
||||||
|
|
||||||
|
The configuration file needs to contain the fields `url` and `password` as valid JSON. An example file could look like this:
|
||||||
|
|
||||||
|
```json
|
||||||
|
{
|
||||||
|
"url": "https://example.com",
|
||||||
|
"password": "superSecretPassword"
|
||||||
|
}
|
||||||
|
```
|
||||||
|
|
||||||
## Utilization
|
## Utilization
|
||||||
Use this script call within InfluxData's Telegraf
|
Use this script call within InfluxData's Telegraf
|
||||||
|
@ -5,16 +5,58 @@ import json
|
|||||||
import urllib.request
|
import urllib.request
|
||||||
|
|
||||||
parser = argparse.ArgumentParser(description="rspamd web interface statistic fetcher for InfluxDB usage")
|
parser = argparse.ArgumentParser(description="rspamd web interface statistic fetcher for InfluxDB usage")
|
||||||
parser.add_argument("url", action="store", help="URL to rspamd web interface installation")
|
parser.add_argument("--url", action="store", help="URL to rspamd web interface installation")
|
||||||
parser.add_argument("password", action="store", help="Password for API authentication (same as for graphical login)")
|
parser.add_argument("--password", action="store", help="Password for API authentication (same as for graphical login)")
|
||||||
|
parser.add_argument("--config", action="store", help="Path to the configuration file for the application to use")
|
||||||
|
|
||||||
args = parser.parse_args()
|
args = parser.parse_args()
|
||||||
|
|
||||||
# Make sure we got the trailing slash at the URL
|
# Perform some stupid basic validation on the arguments
|
||||||
if str.endswith(args.url, "/"):
|
if (args.url is None and args.password is None) and args.config is None:
|
||||||
fetch_url = args.url + "stat?password=" + urllib.parse.quote_plus(args.password)
|
parser.error("Please provide --url and --password arguments or the path to a configuration file using --config")
|
||||||
|
|
||||||
|
if (args.url is None and args.password is not None) or (args.url is not None and args.password is None):
|
||||||
|
parser.error("Please use --url with the --password argument and way round. You may provide the path to a "
|
||||||
|
"configuration file by only using the --config argument.")
|
||||||
|
|
||||||
|
if args.url is not None and args.password is not None and args.config is not None:
|
||||||
|
parser.error("Please provide whether --url and --password arguments *or* --config argument.")
|
||||||
|
|
||||||
|
if args.config is not None and (args.url is not None or args.password is not None):
|
||||||
|
parser.error("Please provide whether --url and --password arguments *or* --config argument.")
|
||||||
|
|
||||||
|
# Basic variable initialization
|
||||||
|
url = None
|
||||||
|
password = None
|
||||||
|
|
||||||
|
# Read variables from file if necessary
|
||||||
|
if args.config is not None:
|
||||||
|
data = None
|
||||||
|
|
||||||
|
try:
|
||||||
|
fh = open(args.config, "r")
|
||||||
|
data = json.load(fh)
|
||||||
|
except IOError as e:
|
||||||
|
parser.error("Could not read JSON config from file. Received IOError: " + str(e))
|
||||||
|
|
||||||
|
if data is not None and ("url" not in data or "password" not in data):
|
||||||
|
parser.error("Could not read URL and password from JSON configuration. Please see documentation for correct "
|
||||||
|
"configuration file formatting.")
|
||||||
|
elif data is None:
|
||||||
|
parser.error("Something went wrong during parsing of JSON configuration file. Please check your configuration!")
|
||||||
else:
|
else:
|
||||||
fetch_url = args.url + "/stat?password=" + urllib.parse.quote_plus(args.password)
|
url = data['url']
|
||||||
|
password = data['password']
|
||||||
|
else:
|
||||||
|
# Read variable from args
|
||||||
|
url = args.url
|
||||||
|
password = args.password
|
||||||
|
|
||||||
|
# Make sure we got the trailing slash at the URL
|
||||||
|
if str.endswith(url, "/"):
|
||||||
|
fetch_url = url + "stat?password=" + urllib.parse.quote_plus(password)
|
||||||
|
else:
|
||||||
|
fetch_url = url + "/stat?password=" + urllib.parse.quote_plus(password)
|
||||||
|
|
||||||
try:
|
try:
|
||||||
resp = urllib.request.urlopen(fetch_url)
|
resp = urllib.request.urlopen(fetch_url)
|
||||||
|
Loading…
Reference in New Issue
Block a user