mit-scripts
diff --git a/‎check_dns.py
+57-28 b/‎check_dns.py
+57-28
diff --git a/‎find_expiring_certs.py
+11-8 b/‎find_expiring_certs.py
+11-8
diff --git a/‎handle_cert_mail.py
+44-27 b/‎handle_cert_mail.py
+44-27
diff --git a/‎handle_mail.py
+41-24 b/‎handle_mail.py
+41-24
@@ -1,15 +1,17 @@
 #!/usr/bin/python
 
-import site,os.path
+import site, os.path
+
 site.addsitedir(os.path.dirname(__file__))
 
 import urllib2
 
 import transaction
 
 from scriptspony.model import queue
-from scriptspony import mail,vhosts
-from scripts import hosts,keytab,log,auth
+from scriptspony import mail, vhosts
+from scripts import hosts, keytab, log, auth
+
 
 @log.exceptions
 def check_dns():
@@ -18,36 +20,57 @@ def check_dns():
 
     # Use a list so all the ids are resolved early and transactions aren't
     # a problem
-    for tid in [t.id for t in queue.Ticket.query.filter(queue.Ticket.state.in_([u'moira', u'dns'])).all()]:
+    for tid in [
+        t.id
+        for t in queue.Ticket.query.filter(
+            queue.Ticket.state.in_([u"moira", u"dns"])
+        ).all()
+    ]:
         t = queue.Ticket.get(tid)
-        
+
         if hosts.points_at_scripts(t.hostname):
-            path = '/mit/%s/web_scripts/%s' % (t.locker,
-                                               vhosts.get_path(t.locker,t.hostname))
-            wordpress = "This site looks like a WordPress blog; for the new URL to work properly, you'll need to access the WordPress admin interface via your old URL, go to General Settings, and change the WordPress address and Blog address to 'http://%s'." % t.hostname
-            
+            path = "/mit/%s/web_scripts/%s" % (
+                t.locker,
+                vhosts.get_path(t.locker, t.hostname),
+            )
+            wordpress = (
+                "This site looks like a WordPress blog; for the new URL to work properly, you'll need to access the WordPress admin interface via your old URL, go to General Settings, and change the WordPress address and Blog address to 'http://%s'."
+                % t.hostname
+            )
+
             # Try to figure out what's up with the hostname currently
             try:
-                page = urllib2.urlopen('http://%s/'%t.hostname)
+                page = urllib2.urlopen("http://%s/" % t.hostname)
                 content = page.read()
-                if ('<meta name="generator" content="WordPress' in content
-                    or 'wp-login' in page.geturl()):
+                if (
+                    '<meta name="generator" content="WordPress' in content
+                    or "wp-login" in page.geturl()
+                ):
                     sitestatus = wordpress
                 else:
                     sitestatus = "Your site appears to be working properly.  Have fun!"
             except urllib2.HTTPError as e:
-                if 'wp-login' in e.geturl():
+                if "wp-login" in e.geturl():
                     sitestatus = wordpress
                 elif e.code == 404:
-                    sitestatus = "There doesn't seem to be any content currently at %s; make sure that directory exists and has an index.html, index.cgi, or similar, or change this hostname to point somewhere else at http://pony.scripts.mit.edu." % path
+                    sitestatus = (
+                        "There doesn't seem to be any content currently at %s; make sure that directory exists and has an index.html, index.cgi, or similar, or change this hostname to point somewhere else at http://pony.scripts.mit.edu."
+                        % path
+                    )
                 elif e.code == 403:
-                    sitestatus = "Visiting that page yields a Forbidden error; this is often caused by a lack of valid content at %s.  Putting an index.html, index.cgi, or similar there may solve this.  Alternately, you may just have your site password-protected or cert-protected." % path
+                    sitestatus = (
+                        "Visiting that page yields a Forbidden error; this is often caused by a lack of valid content at %s.  Putting an index.html, index.cgi, or similar there may solve this.  Alternately, you may just have your site password-protected or cert-protected."
+                        % path
+                    )
                 elif e.code == 401:
                     sitestatus = "Visiting that page yields an Unauthorized error.  This generally means that you have your site password-protected or cert-protected, so we can't confirm whether it's working."
                 else:
-                    sitestatus = "Visiting that page yields a %s error, suggesting a problem with the content at %s.  Email us at [email protected] if you need help resolving this." % (e.code, path)
-        
-            subject = u"Re: Request for hostname %s"%t.hostname
+                    sitestatus = (
+                        "Visiting that page yields a %s error, suggesting a problem with the content at %s.  Email us at [email protected] if you need help resolving this."
+                        % (e.code, path)
+                    )
+
+            subject = u"Re: Request for hostname %s" % t.hostname
             body = u"""Hello,
 
 Just wanted to let you know that the hostname %(hostname)s is now configured and working.  It currently points to %(path)s.  Visit http://%(hostname)s/ to check it out.
@@ -60,19 +83,25 @@ def check_dns():
 http://scripts.mit.edu/
 
 /set status=resolved
-""" % dict(hostname=t.hostname,locker=t.locker,path=path,sitestatus=sitestatus)
-            mail.send_correspondence(subject,body,
-                                     rtid=t.rtid)
-            t.addEvent(type=u'mail',state=u'resolved',by=u'dns',
-                       target=u'user',
-                       subject=subject,
-                       body=body)
+""" % dict(
+                hostname=t.hostname, locker=t.locker, path=path, sitestatus=sitestatus
+            )
+            mail.send_correspondence(subject, body, rtid=t.rtid)
+            t.addEvent(
+                type=u"mail",
+                state=u"resolved",
+                by=u"dns",
+                target=u"user",
+                subject=subject,
+                body=body,
+            )
 
             transaction.commit()
 
-if __name__ == '__main__':
+
+if __name__ == "__main__":
     auth.set_user_from_parent_process()
     from paste.deploy import loadapp
-    loadapp('config:development.ini',
-            relative_to=os.path.dirname(__file__))
+
+    loadapp("config:development.ini", relative_to=os.path.dirname(__file__))
     check_dns()
@@ -7,21 +7,23 @@
 from scripts import cert
 from scriptspony import vhosts
 
+
 def main():
     now = datetime.utcnow()
 
     res = vhosts.conn.search_s(
-        'ou=VirtualHosts,dc=scripts,dc=mit,dc=edu',
+        "ou=VirtualHosts,dc=scripts,dc=mit,dc=edu",
         ldap.SCOPE_ONELEVEL,
-        '(&(objectClass=scriptsVhost)(scriptsVhostCertificate=*))',
-        ['scriptsVhostName', 'scriptsVhostAlias', 'uid', 'scriptsVhostCertificate'])
+        "(&(objectClass=scriptsVhost)(scriptsVhostCertificate=*))",
+        ["scriptsVhostName", "scriptsVhostAlias", "uid", "scriptsVhostCertificate"],
+    )
 
     expiring = []
     for dn, attrs in res:
-        vhost, = attrs['scriptsVhostName']
-        aliases = attrs.get('scriptsVhostAlias', [])
-        uid, = attrs['uid']
-        scripts, = attrs['scriptsVhostCertificate']
+        vhost, = attrs["scriptsVhostName"]
+        aliases = attrs.get("scriptsVhostAlias", [])
+        uid, = attrs["uid"]
+        scripts, = attrs["scriptsVhostCertificate"]
         chain = cert.scripts_to_chain(scripts)
         expires = cert.chain_notAfter(chain) - now
         if expires < timedelta(days=14):
@@ -30,5 +32,6 @@ def main():
     for expires, uid, hostnames in expiring:
         print(expires, uid, *hostnames)
 
-if __name__ == '__main__':
+
+if __name__ == "__main__":
     main()
@@ -6,57 +6,74 @@
 from scripts import cert, log
 from scriptspony import vhosts
 
-BLACKLIST = ['scripts.mit.edu', 'notfound.example.com']
+BLACKLIST = ["scripts.mit.edu", "notfound.example.com"]
+
 
 @log.exceptions
 def main():
     msg = sys.stdin.read()
     pem = cert.msg_to_pem(msg)
     if pem is None:
-        log.info('handle_cert_mail.py: No certificate')
+        log.info("handle_cert_mail.py: No certificate")
         return
     chain = cert.pem_to_chain(pem)
     names = cert.chain_subject_names(chain)
 
     filter = ldap.filter.filter_format(
-        '(&(objectClass=scriptsVhost)(|' +
-        ''.join('(scriptsVhostName=%s)' for name in names) +
-        ''.join('(scriptsVhostAlias=%s)' for name in names) +
-        ')' +
-        ''.join('(!(scriptsVhostName=%s))' for name in BLACKLIST) +
-        ')',
-        list(names) +
-        list(names) +
-        BLACKLIST)
+        "(&(objectClass=scriptsVhost)(|"
+        + "".join("(scriptsVhostName=%s)" for name in names)
+        + "".join("(scriptsVhostAlias=%s)" for name in names)
+        + ")"
+        + "".join("(!(scriptsVhostName=%s))" for name in BLACKLIST)
+        + ")",
+        list(names) + list(names) + BLACKLIST,
+    )
 
     res = vhosts.conn.search_s(
-        'ou=VirtualHosts,dc=scripts,dc=mit,dc=edu',
+        "ou=VirtualHosts,dc=scripts,dc=mit,dc=edu",
         ldap.SCOPE_ONELEVEL,
         filter,
-        ['scriptsVhostName', 'scriptsVhostAccount', 'scriptsVhostCertificate'])
+        ["scriptsVhostName", "scriptsVhostAccount", "scriptsVhostCertificate"],
+    )
     if res:
         for dn, attrs in res:
-            vhost, = attrs['scriptsVhostName']
-            account, = attrs['scriptsVhostAccount']
-            if 'scriptsVhostCertificate' in attrs:
-                old_scripts, = attrs['scriptsVhostCertificate']
+            vhost, = attrs["scriptsVhostName"]
+            account, = attrs["scriptsVhostAccount"]
+            if "scriptsVhostCertificate" in attrs:
+                old_scripts, = attrs["scriptsVhostCertificate"]
                 old_chain = cert.scripts_to_chain(old_scripts)
             else:
                 old_chain = None
             if cert.chain_should_install(chain, old_chain):
-                log.info('handle_cert_mail.py: Installing certificate for %s on %s' % (vhost, account))
+                log.info(
+                    "handle_cert_mail.py: Installing certificate for %s on %s"
+                    % (vhost, account)
+                )
                 vhosts.conn.modify_s(
                     dn,
-                    [(ldap.MOD_REPLACE,
-                      'scriptsVhostCertificate',
-                      cert.chain_to_scripts(chain)),
-                     (ldap.MOD_REPLACE,
-                      'scriptsVhostCertificateKeyFile',
-                      'scripts-2048.key')])
+                    [
+                        (
+                            ldap.MOD_REPLACE,
+                            "scriptsVhostCertificate",
+                            cert.chain_to_scripts(chain),
+                        ),
+                        (
+                            ldap.MOD_REPLACE,
+                            "scriptsVhostCertificateKeyFile",
+                            "scripts-2048.key",
+                        ),
+                    ],
+                )
             else:
-                log.info('handle_cert_mail.py: IGNORING certificate for %s on %s' % (vhost, account))
+                log.info(
+                    "handle_cert_mail.py: IGNORING certificate for %s on %s"
+                    % (vhost, account)
+                )
     else:
-        log.error('handle_cert_mail.py: Certificate for %s matches no vhost' % list(names))
+        log.error(
+            "handle_cert_mail.py: Certificate for %s matches no vhost" % list(names)
+        )
+
 
-if __name__ == '__main__':
+if __name__ == "__main__":
     main()
@@ -1,6 +1,7 @@
 #!/usr/bin/python
 
-import site,os.path
+import site, os.path
+
 site.addsitedir(os.path.dirname(__file__))
 
 import transaction
@@ -14,57 +15,73 @@
 from email.header import make_header, decode_header
 from email.utils import parseaddr
 
+
 @log.exceptions
 def handle_mail():
-    
+
     message = email.message_from_file(sys.stdin)
 
     if keytab.exists():
         keytab.auth()
 
-    if ('subject' not in message
-        or 'delivered-to' not in message
-        or 'from' not in message):
+    if (
+        "subject" not in message
+        or "delivered-to" not in message
+        or "from" not in message
+    ):
         return
 
-    ID_PATTERN = re.compile(r'pony\+(\d+)\@')
-    toname, to = parseaddr(unicode(make_header(decode_header(message['delivered-to']))))
+    ID_PATTERN = re.compile(r"pony\+(\d+)\@")
+    toname, to = parseaddr(unicode(make_header(decode_header(message["delivered-to"]))))
     m = ID_PATTERN.search(to)
     if m is None:
         return
     id = int(m.group(1))
 
-    byname, by = parseaddr(unicode(make_header(decode_header(message['from']))))
+    byname, by = parseaddr(unicode(make_header(decode_header(message["from"]))))
     by = by.lower()
-    if by.endswith(u'@mit.edu'):
-        by = by[:-len(u'@mit.edu')]
+    if by.endswith(u"@mit.edu"):
+        by = by[: -len(u"@mit.edu")]
 
     t = queue.Ticket.get(id)
 
-    RTID_PATTERN = re.compile(r'\[help.mit.edu\s+\#(\d+)\]')
-    subject = unicode(make_header(decode_header(message['subject'])))
+    RTID_PATTERN = re.compile(r"\[help.mit.edu\s+\#(\d+)\]")
+    subject = unicode(make_header(decode_header(message["subject"])))
     m = RTID_PATTERN.search(subject)
     if m:
         if t.rtid is None:
-            by = u'rt'
+            by = u"rt"
         t.rtid = int(m.group(1))
-    
+
     newstate = t.state
     # TODO: blanche accounts-internal
-    if by in (u'aswayze', u'bowser', u'jtravers', u'kwitt', u'mannys', u'mwollman', u'ovidio', u'thorn'):
-        newstate = u'dns'
-    body = u''
+    if by in (
+        u"aswayze",
+        u"bowser",
+        u"jtravers",
+        u"kwitt",
+        u"mannys",
+        u"mwollman",
+        u"ovidio",
+        u"thorn",
+    ):
+        newstate = u"dns"
+    body = u""
     for part in message.walk():
-        if (part.get_content_maintype() == 'text'):
-            body += unicode(part.get_payload(decode=True), part.get_content_charset('us-ascii'))
-    t.addEvent(type=u'mail',state=newstate,by=by,target=u'us',
-               subject=subject, body=body)
+        if part.get_content_maintype() == "text":
+            body += unicode(
+                part.get_payload(decode=True), part.get_content_charset("us-ascii")
+            )
+    t.addEvent(
+        type=u"mail", state=newstate, by=by, target=u"us", subject=subject, body=body
+    )
 
     transaction.commit()
 
-if __name__ == '__main__':
+
+if __name__ == "__main__":
     auth.set_user_from_parent_process()
     from paste.deploy import loadapp
-    loadapp('config:development.ini',
-            relative_to=os.path.dirname(__file__))
+
+    loadapp("config:development.ini", relative_to=os.path.dirname(__file__))
     handle_mail()