# FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
# OTHER DEALINGS IN THE SOFTWARE.
+import os
import os.path
+import shutil
import subprocess
import yaml
j = '/etc/onionbalance/config-dsa-snippet.yaml'
-outfile = '/etc/onionbalance/config.yaml-NEW'
+outfile = '/etc/onionbalance/config.yaml'
relkeydir = 'private_keys'
keydir = os.path.join('/etc/onionbalance', relkeydir)
-data = yaml.safe_load(open(j))
+with open(j) as conf:
+ data = yaml.safe_load(conf)
service_instances = {}
for entry in data:
for s in service_instances:
keyfile = os.path.join(keydir, s+'.key')
relkeyfile = os.path.join(relkeydir, s+'.key')
- if (not os.path.exists(keyfile)):
- subprocess.check_call('umask 0027 && openssl genrsa -out %s 1024 && chgrp onionbalance %s'%(keyfile, keyfile), shell=True)
+ if not os.path.exists(keyfile):
+ subprocess.check_call(['openssl', 'genrsa', '-out', keyfile, '1024'],
+ preexec_fn=lambda: os.umask(0o027))
+ shutil.chown(keyfile, group='onionbalance')
+ os.chmod(keyfile, 0o640)
service = {
'key': relkeyfile,
config = {}
-config['service'] = services
+config['services'] = services
with open(outfile, 'w') as f:
yaml.dump(config, f, indent=4)