erikbeckers/Link11
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

first commit

Browse Source
This commit is contained in:
ebeckers
2025-12-05 16:06:05 +01:00
commit d3adfcf32d
39 changed files with 1458 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

122
sync_security_policies_link11.py Executable file
View File

@@ -0,0 +1,122 @@
#!/bin/python
from env import *
import requests
import json
import pprint
# === Konfiguration ===
CONFIG_ID = "prod"
# Proxy Templates nur einen aktiv lassen
PROXY_TEMPLATE = "f4bf25a205a5"
# PROXY_TEMPLATE = "andere_template_id"
# Security Policies nur einen aktiv lassen, dieses dient als Vorlage
SECURITY_POLICY = "secpol-p414-jtl-hosting-de" # z.B. Shop022
# SECURITY_POLICY = "3f7a521c6570" # Shop023
# SECURITY_POLICY = "9cc8dd695d5c" # Shop024
# SECURITY_POLICY = "1f707fb18483" # Shop028
# Backend Services, nur einen aktiv lassen
# === Header für alle Requests ===
HEADERS = {
"Authorization": f"Bearer {API_TOKEN}",
"Content-Type": "application/json"
}
def domain_to_id(domain):
return domain.replace(".", "-")
def domain_to_secpol_id(domain):
return f"secpol-{domain_to_id(domain)}"
def domain_to_backend_id(domain):
return f"backend-{domain_to_id(domain)}"
def get_all_security_policies():
url = f"https://jtlwaap.app.reblaze.io/api/v4.0/conf/{CONFIG_ID}/security-policies"
response = requests.get(url, headers=HEADERS,)
if response.status_code == 200:
print(f"[✓] Abfrage von Security policies erfolgreich.")
else:
print(f"[✗] Fehler bei ({policy}): {response.status_code}{response.text}")
return
res=json.loads(response.text)
#pprint.pp(res)
policies=[]
for item in res['items']:
policies+={item['id']}
#pprint.pp(policies)
return(policies)
def sync_security_policies(policy, destination):
url = f"https://jtlwaap.app.reblaze.io/api/v4.0/conf/{CONFIG_ID}/security-policies/{policy}"
response = requests.get(url, headers=HEADERS,)
if response.status_code == 200:
print(f"[✓] Abfrage von Security policy '{policy}' erfolgreich.")
else:
print(f"[✗] Fehler bei ({policy}): {response.status_code}{response.text}")
return
#print(response.text)
# Hier ist die Source Security Policy
template=json.loads(response.text)
# Nun wird die Ziel-Security-Policy eingelesen
url = f"https://jtlwaap.app.reblaze.io/api/v4.0/conf/{CONFIG_ID}/security-policies/{destination}"
response = requests.get(url, headers=HEADERS,)
if response.status_code == 200:
print(f"[✓] Abfrage von Security policy '{destination}' erfolgreich.")
else:
print(f"[✗] Fehler bei ({destination}): {response.status_code}{response.text}")
return
target=json.loads(response.text)
# die Pfad-Mappings werden auf die vom Template gesetzt, alles andere bleibt wie es war
target['map'] = template['map']
backendservice = domain_to_backend_id(target['name'])
# Neuen Backend-Service in allen Pfaden der Security Policy setzen
for mapitem in target['map']:
if (mapitem['id'] != "__site_level__"):
mapitem['backend_service'] = backendservice
#print(target)
# Speichern der Target Security Policy
url = f"https://jtlwaap.app.reblaze.io/api/v4.0/conf/{CONFIG_ID}/security-policies/{destination}"
response = requests.put(url, headers=HEADERS,data=json.dumps(target))
if response.status_code == 200:
print(f"[✓] Security Policy '{destination}' erfolgreich gespeichert.")
else:
print(f"[✗] Fehler bei {destination}: {response.status_code}{response.text} {response.json()}")
def main():
#sync_security_policies(SECURITY_POLICY, 'secpol-shop051-jtl-hosting-de')
policies=get_all_security_policies()
print(f"The following security policies are synced to {SECURITY_POLICY}. Is this what you want?")
for policy in policies:
if ( policy != '__default__' ) and ( policy != SECURITY_POLICY ):
print(policy)
yesno = input("Enter yes or no:")
if ( yesno == "yes" ):
for policy in policies:
if ( policy != '__default__' ) and ( policy != SECURITY_POLICY ):
sync_security_policies(SECURITY_POLICY, policy)
# === CSV-Datei einlesen ===
if __name__ == "__main__":
main()