diff --git a/config.py b/config.py index d83d099..c807682 100644 --- a/config.py +++ b/config.py @@ -2,6 +2,7 @@ from os import environ # Proxstar VM_EXPIRE_MONTHS = int(environ.get('PROXSTAR_VM_EXPIRE_MONTHS', '3')) +VNC_CLEANUP_TOKEN = environ.get('PROXSTAR_VNC_CLEANUP_TOKEN', '') # Flask IP = environ.get('PROXSTAR_IP', '0.0.0.0') diff --git a/proxstar/__init__.py b/proxstar/__init__.py index a12a264..96cf7c9 100644 --- a/proxstar/__init__.py +++ b/proxstar/__init__.py @@ -75,6 +75,13 @@ if 'process_expiring_vms' not in scheduler: scheduler.cron( '0 5 * * *', id='process_expiring_vms', func=process_expiring_vms_task) +if 'cleanup_vnc' not in scheduler: + scheduler.schedule( + id='cleanup_vnc', + scheduled_time=datetime.datetime.utcnow(), + func=cleanup_vnc_task, + interval=3600) + @app.route("/") @app.route("/user/") @@ -457,10 +464,9 @@ def allowed_users(user): return '', 403 -@app.route("/console/cleanup") -@auth.oidc_auth +@app.route("/console/cleanup", methods=['POST']) def cleanup_vnc(): - if 'rtp' in session['userinfo']['groups']: + if request.form['token'] == app.config['VNC_CLEANUP_TOKEN']: for target in get_vnc_targets(): tunnel = next((tunnel for tunnel in ssh_tunnels if tunnel.local_bind_port == int(target['port'])), diff --git a/proxstar/tasks.py b/proxstar/tasks.py index f695f16..7628d12 100644 --- a/proxstar/tasks.py +++ b/proxstar/tasks.py @@ -1,4 +1,5 @@ import os +import requests import paramiko from flask import Flask from sqlalchemy import create_engine @@ -161,3 +162,10 @@ def setup_template(template_id, name, user, password, cores, memory): exit_status = stdout.channel.recv_exit_status() client.close() print("[{}] Template successfully provisioned.".format(name)) + + +def cleanup_vnc_task(): + requests.post( + 'https://proxstar.csh.rit.edu/console/cleanup', + data={'token': app.config['VNC_CLEANUP_TOKEN']}, + verify=False) diff --git a/requirements.txt b/requirements.txt index 2346181..7738f82 100644 --- a/requirements.txt +++ b/requirements.txt @@ -13,3 +13,4 @@ paramiko websockify sshtunnel psutil +requests