[HOWTO] Installing Ajenti Server Administration Pannel

Here you'll find a place for solutions and hints.

Please use one of the support subforums below for questions or if you have any issues and need support.

[HOWTO] Installing Ajenti Server Administration Pannel

Postby intika » Aug 11th, '14, 00:45

Hello every one...

Here is how to install Ajenti (http://ajenti.org/) on any mageia release version
Tested on Mageia v3

1. From command line "sudo mcc &"

2. Go to install packages

3. Install those packages :

Code: Select all
python-2.7.6-1.2.mga3
python3-3.3.0-4.9.mga3
python3-cairo-1.10.0-6.mga3
python3-httplib2-0.7.7-4.mga3
python3-pip-1.3.1-2.2.mga3
python3-py-1.4.12-2.mga3
python3-setuptools-0.9.8-2.2.mga3
python-cairo-1.10.0-6.mga3
python-cpuinfo-1.0-0.20090313.10.mga3
python-cups-1.9.62-2.mga3
python-curl-7.19.0-8.mga3
python-daemon-1.6-1.mga3
python-dateutil-1.5-3.mga3
python-dbus-1.1.1-2.mga3
python-ethtool-0.7-2.mga3
python-gevent-0.13.8-2.mga3
python-httplib2-0.7.7-4.mga3
python-iptables-0.1.1-0.23052012.1.mga3
python-ldap-2.4.10-2.mga3
python-lockfile-0.9.1-2.mga3
python-lxml-3.0.1-2.1.mga3
python-OpenSSL-0.13-2.1.mga3
python-passlib-1.5.3-4.mga3
python-psutil-0.6.1-2.mga3
python-pycrypto-2.6-2.1.mga3
python-requests-0.13.5-2.2.mga3
python-rpm-4.11.0.1-1.mga3
python-setuptools-0.9.8-2.2.mga3
python-systemd-dbus-0.1-2.mga3
python-translate-1.9.0-2.mga3
python-urllib3-1.7.1-1.1.mga3


4. From command line run the following :
su
pip install requests
pip install reconfigure
pip install python-ldap
pip install python-gevent
pip install gevent
pip install gevent-websocket
pip install gevent-socketio
pip install python-exconsole
pip install python-daemon
pip install passlib
pip install python-catcher
pip install pillow
pip install lxml
pip install pyopenssl
pip install psutil
pip install ajenti

5. if the last command does not work try this
sudo pip-2.7 install ajenti
or
sudo pip install ajenti --no-deps
or
sudo pip-2.7 install ajenti --no-deps

6. Run from terminal :
sudo chmod 755 /etc/init.d/ajenti
or
sudo chmod 755 /etc/rc.d/init.d/ajenti

7. Run from terminal :
sudo systemctl --system daemon-reload

8. Run from terminal :
"sudo ajenti-ssl-gen YOUR.SERVER.IP" exemple "sudo ajenti-ssl-gen 127.0.0.1"

9. Run from terminal :
"sudo systemctl start ajenti"

10. Browse :
Open your broswer and go to https://127.0.0.1:8000 replace the ip if needed
login root - password admin

Thats it :)

Enjoy
User avatar
intika
 
Posts: 61
Joined: Jul 4th, '13, 03:16
Location: Belgium

Re: [HOWTO] Installing Ajenti Server Administration Pannel

Postby intika » Aug 11th, '14, 00:46

from mcc add ajenti service to boot ;)
User avatar
intika
 
Posts: 61
Joined: Jul 4th, '13, 03:16
Location: Belgium

Re: [HOWTO] Installing Ajenti Server Administration Pannel

Postby intika » Aug 11th, '14, 00:53

Ajenti package from mageia will be available on mageia v5 it's already available under alpha, but it ruin your current install if it's alpha
User avatar
intika
 
Posts: 61
Joined: Jul 4th, '13, 03:16
Location: Belgium

Re: [HOWTO] Installing Ajenti Server Administration Pannel

Postby doktor5000 » Aug 11th, '14, 01:31

Thanks for sharing, moved to tips&tricks subforum.

FWIW, starting with Mageia 5, ajenti will be available from the repositories.
Cauldron is not for the faint of heart!
Caution: Hot, bubbling magic inside. May explode or cook your kittens!
----
Disclaimer: Beware of allergic reactions in answer to unconstructive complaint-type posts
User avatar
doktor5000
 
Posts: 17630
Joined: Jun 4th, '11, 10:10
Location: Leipzig, Germany

Re: [HOWTO] Installing Ajenti Server Administration Pannel

Postby intika » Aug 11th, '14, 02:38

for this tutorial after the install you can check
cat /var/log/ajenti/ajenti.log
to see if you miss a package

otherwise you can use
"ajenti-pannel -v"
to start ajenti in debug mode to see every thing
User avatar
intika
 
Posts: 61
Joined: Jul 4th, '13, 03:16
Location: Belgium

Re: [HOWTO] Installing Ajenti Server Administration Pannel

Postby intika » Aug 11th, '14, 05:12

BUG - INCOMPATIBILITY - AND FIX
The firewall plugin is not working on mageia, even with the package ajenti-1.2.22-2.mga5.noarch.rpm


Here is the solution :


1 Command under su :
systemctl stop ajenti

2 Command under su :
"rm /usr/lib/python2.7/site-packages/ajenti/plugins/iptables/main.pyc" or "rm /usr/lib/python3.3/site-packages/ajenti/plugins/iptables/main.pyc"

3 Command under su :
"gedit /usr/lib/python2.7/site-packages/ajenti/plugins/iptables/main.py" or "gedit /usr/lib/python3.3/site-packages/ajenti/plugins/iptables/main.pyc"
replace any 'centos' with 'mageia' and save
my edited file is down the post if needed

3 Command under su :
compile it with
"python2.7 -m compileall main.py" or "python3.3 -m compileall main.py"

4 Command under su :
systemctl start ajenti


ENNNJJOOOYYYYYYYYY !!!!!!!!!! :D

Note : this bug have to be reported for mageia 5, can some one do it please

main.py
Code: Select all
import os
import stat
import itertools
import subprocess

from ajenti.api import *
from ajenti.plugins.main.api import SectionPlugin
from ajenti.ui import on
from ajenti.ui.inflater import TemplateNotFoundError
from ajenti.ui.binder import Binder, CollectionAutoBinding

from ajenti.plugins.network.api import NetworkManager

from reconfigure.configs import IPTablesConfig
from reconfigure.items.iptables import TableData, ChainData, RuleData, OptionData


@interface
class FirewallManager (object):
    iptables_binary = 'iptables'
    iptables_save_binary = 'iptables-save'
    iptables_restore_binary = 'iptables-restore'

    def get_autostart_state(self):
        pass

    def set_autostart_state(self, state):
        pass


@plugin
class DebianFirewallManager (FirewallManager, BasePlugin):
    platforms = ['debian']
    autostart_script_path = '/etc/network/if-up.d/iptables'
    config_path = '/etc/iptables.up.rules'
    config_path_ajenti = '/etc/iptables.up.rules.ajenti'

    def get_autostart_state(self):
        return os.path.exists(self.autostart_script_path)

    def set_autostart_state(self, state):
        if state and not self.get_autostart_state():
            open(self.autostart_script_path, 'w').write("""#!/bin/sh
            %s < %s
            """ % (self.iptables_restore_binary, self.config_path))
            os.chmod(self.autostart_script_path, stat.S_IRWXU | stat.S_IRWXO)
        if not state and self.get_autostart_state():
            os.unlink(self.autostart_script_path)


@plugin
class CentOSFirewallManager (FirewallManager, BasePlugin):
    platforms = ['mageia']
    config_path = '/etc/sysconfig/iptables'
    config_path_ajenti = '/etc/iptables.up.rules.ajenti'

    def get_autostart_state(self):
        return True

    def set_autostart_state(self, state):
        self.context.notify('info', _('You can\'t disable firewall autostart on this platform'))


@plugin
class ArchFirewallManager (FirewallManager, BasePlugin):
    platforms = ['arch']
    config_path = '/etc/iptables/iptables.rules'
    config_path_ajenti = '/etc/iptables/iptables-ajenti.rules'


@plugin
class Firewall (SectionPlugin):
    platforms = ['mageia', 'debian', 'arch']
    manager_class = FirewallManager

    def init(self):
        self.title = _('Firewall')
        self.icon = 'fire'
        self.category = _('System')

        self.append(self.ui.inflate('iptables:main'))

        self.fw_mgr = self.manager_class.get()
        self.config = IPTablesConfig(path=self.fw_mgr.config_path_ajenti)
        self.binder = Binder(None, self.find('config'))

        self.find('tables').new_item = lambda c: TableData()
        self.find('chains').new_item = lambda c: ChainData()
        self.find('rules').new_item = lambda c: RuleData()
        self.find('options').new_item = lambda c: OptionData()
        self.find('options').binding = OptionsBinding
        self.find('options').filter = lambda i: not i.name in ['j', 'jump']

        def post_rule_bind(o, c, i, u):
            u.find('add-option').on('change', self.on_add_option, c, i, u)
            action = ''
            j_option = i.get_option('j', 'jump')
            if j_option:
                action = j_option.arguments[0].value
            u.find('action').text = action
            u.find('action').style = 'iptables-action iptables-%s' % action
            u.find('action-select').value = action
            u.find('title').text = i.comment if i.comment else i.summary

        def post_rule_update(o, c, i, u):
            action = u.find('action-select').value
            j_option = i.get_option('j', 'jump')
            if j_option:
                j_option.arguments[0].value = action
            else:
                if action:
                    o = OptionData.create_destination()
                    o.arguments[0].value = action
                    i.options.append(o)

        self.find('rules').post_item_bind = post_rule_bind
        self.find('rules').post_item_update = post_rule_update

        self.find('add-option').values = self.find('add-option').labels = [_('Add option')] + sorted(OptionData.templates.keys())

    def on_page_load(self):
        if not os.path.exists(self.fw_mgr.config_path_ajenti):
            if not os.path.exists(self.fw_mgr.config_path):
                open(self.fw_mgr.config_path, 'w').write("""
*mangle
:PREROUTING ACCEPT [0:0]
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
COMMIT
*nat
:PREROUTING ACCEPT [0:0]
:INPUT ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
COMMIT
*filter
:INPUT DROP [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -i lo -j ACCEPT
-A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p tcp -m tcp --dport 22 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 8000 -j ACCEPT
COMMIT
                """)
            open(self.fw_mgr.config_path_ajenti, 'w').write(open(self.fw_mgr.config_path).read())
        self.config.load()
        self.refresh()

    @on('load-current', 'click')
    def on_load_current(self):
        subprocess.call('%s > %s' % (self.fw_mgr.iptables_save_binary, self.fw_mgr.config_path), shell=True)
        self.config.load()
        self.refresh()

    def refresh(self):
        self.find('autostart').text = (_('Disable') if self.fw_mgr.get_autostart_state() else _('Enable')) + _(' autostart')

        actions = ['ACCEPT', 'DROP', 'REJECT', 'LOG', 'MASQUERADE', 'DNAT', 'SNAT'] + \
            list(set(itertools.chain.from_iterable([[c.name for c in t.chains] for t in self.config.tree.tables])))
        self.find('action-select').labels = actions
        self.find('action-select').values = actions
        self.find('chain-action-select').labels = actions
        self.find('chain-action-select').values = actions
        self.binder.setup(self.config.tree).populate()

    @on('autostart', 'click')
    def on_autostart_change(self):
        self.fw_mgr.set_autostart_state(not self.fw_mgr.get_autostart_state())
        self.refresh()

    def on_add_option(self, options, rule, ui):
        self.binder.update()
        o = OptionData.create(ui.find('add-option').value)
        ui.find('add-option').value = ''
        rule.options.append(o)
        self.binder.populate()

    @on('save', 'click')
    def save(self):
        self.binder.update()

        for t in self.config.tree.tables:
            for c in t.chains:
                for r in c.rules:
                    r.verify()

        self.config.save()

        open(self.fw_mgr.config_path, 'w').write(
            ''.join(
                l.split('#')[0] + '\n'
                for l in
                open(self.fw_mgr.config_path_ajenti).read().splitlines()
            )
        )
        self.refresh()
        self.context.notify('info', _('Saved'))

    @on('edit', 'click')
    def raw_edit(self):
        self.context.launch('notepad', path=self.fw_mgr.config_path_ajenti)

    @on('apply', 'click')
    def apply(self):
        self.save()
        cmd = 'cat %s | %s' % (self.fw_mgr.config_path, self.fw_mgr.iptables_restore_binary)
        if subprocess.call(cmd, shell=True) != 0:
            self.context.launch('terminal', command=cmd)
        else:
            self.context.notify('info', _('Applied successfully'))


class OptionsBinding (CollectionAutoBinding):
    option_map = {
        's': 'source',
        'src': 'source',
        'i': 'in-interface',
        'o': 'out-interface',
        'sport': 'source-port',
        'dport': 'destination-port',
        'sports': 'source-ports',
        'dports': 'destination-ports',
        'm': 'match',
        'p': 'protocol',
    }

    template_map = {
        'source': 'address',
        'destination': 'address',
        'mac-source': 'address',
        'in-interface': 'interface',
        'out-interface': 'interface',
        'source-port': 'port',
        'destination-port': 'port',
        'source-ports': 'ports',
        'destination-ports': 'ports',
    }

    def get_template(self, item, ui):
        root = ui.ui.inflate('iptables:option')

        option = item.name
        if option in OptionsBinding.option_map:
            option = OptionsBinding.option_map[option]
        item.name = option
        item.cmdline = '--%s' % option

        if option in OptionsBinding.template_map:
            template = OptionsBinding.template_map[option]
        else:
            template = option

        try:
            option_ui = ui.ui.inflate('iptables:option-%s' % template)
        except TemplateNotFoundError:
            option_ui = ui.ui.inflate('iptables:option-custom')

        if option_ui.find('device'):
            device = option_ui.find('device')
            device.values = device.labels = NetworkManager.get().get_devices()
        root.find('slot').append(option_ui)
        return root



if subprocess.call(['which', 'ip6tables']) == 0:
    @interface
    class IPv6FirewallManager (object):
        iptables_binary = 'ip6tables'
        iptables_save_binary = 'ip6tables-save'
        iptables_restore_binary = 'ip6tables-restore'

    @plugin
    class DebianIPv6FirewallManager (DebianFirewallManager, IPv6FirewallManager):
        autostart_script_path = '/etc/network/if-up.d/ip6tables'
        config_path = '/etc/ip6tables.up.rules'
        config_path_ajenti = '/etc/ip6tables.up.rules.ajenti'
   
    @plugin
    class CentOSIPv6FirewallManager (CentOSFirewallManager, IPv6FirewallManager):
        config_path = '/etc/sysconfig/ip6tables'
        config_path_ajenti = '/etc/ip6tables.up.rules.ajenti'

    @plugin
    class ArchIPv6FirewallManager (ArchFirewallManager, IPv6FirewallManager):
        config_path = '/etc/iptables/ip6tables.rules'
        config_path_ajenti = '/etc/iptables/ip6tables-ajenti.rules'

    @plugin
    class IPv6Firewall (Firewall):
        platforms = ['mageia', 'debian', 'arch']
        manager_class = IPv6FirewallManager

        def init(self):
            self.title += ' (IPv6)'
User avatar
intika
 
Posts: 61
Joined: Jul 4th, '13, 03:16
Location: Belgium

Re: [HOWTO] Installing Ajenti Server Administration Pannel

Postby joequant » Aug 11th, '14, 15:24

Thanks for the fix. I'll add it to the ajenti code.

Also, all of the fixes needed to get Mageia an official supported distro in ajenti have been added to
the upstream github repo for ajenti.
joequant
 
Posts: 2
Joined: Aug 11th, '14, 15:21

Re: [HOWTO] Installing Ajenti Server Administration Pannel

Postby joequant » Aug 11th, '14, 17:30

ajenti-1.2.22-6.mga5 has the firewall fixes

1.2.23 has all of the mageia fixes

Also I'm staging mageia changes from this github repo

https://github.com/joequant/ajenti

This includes packages to integrate urpmi with ajenti

Feel free to fork.
joequant
 
Posts: 2
Joined: Aug 11th, '14, 15:21

Re: [HOWTO] Installing Ajenti Server Administration Pannel

Postby intika » Aug 12th, '14, 02:28

nice that was quick :)
cool, ajenti is really useful.
User avatar
intika
 
Posts: 61
Joined: Jul 4th, '13, 03:16
Location: Belgium


Return to The magician suggests...

Who is online

Users browsing this forum: No registered users and 1 guest

cron