Интеграция Imunify 360 WAF с ispmanager 6

#!/usr/bin/env python3
"""
Imunify integration script for ISPManager.
Collects users and domains with mgrctl and
prints data appropriate to be consumed by imunify on stdout.

integration.conf example:
[integration_scripts]
...
users = /etc/sysconfig/imunify360/ispmanager_integration.py users
domains = /etc/sysconfig/imunify360/ispmanager_integration.py domains
...

Return codes:
0 - ok
1 - runtime error (e.g. mgrctl is missing, or can't parse its output, ...),
   see more in metadata['error'] and metadata['message']
2 - script usage error (e.g. wrong args)
"""
from subprocess import check_output
import argparse
import json
import pwd
import re
import sys

def get_ispmgr_data(section):
   assert section in ('user', 'webdomain')
   ispmgr_output = check_output([
       '/usr/local/mgr5/sbin/mgrctl',
       '-m',
       'ispmgr',
       section,
   ]).decode().split('\n')
   return [
       dict(re.findall(r'(\w+)=(\S*)', line))
       for line in ispmgr_output
       if len(line) > 0
   ]

def get_domains():
   domains = {}
   data = get_ispmgr_data('webdomain')
   for entry in data:
       domain = entry['name']
       domain_info = {
           'document_root': entry['docroot'],
           'owner': entry['owner'],
       }
       domains[domain] = domain_info
   return domains

def get_users():
   users = []
   data = get_ispmgr_data('user')
   for entry in data:
       username = entry['name']
       users.append({
           'id': pwd.getpwnam(username).pw_uid,
           'username': username,
       })
   return users

def main():
   parser = argparse.ArgumentParser()
   parser.add_argument(
       dest='cmd', choices=(
           'users',
           'domains'
       )
   )
   args = parser.parse_args()
   result = {
       'data': {},
       'metadata': {
           'result': 'ok'
       }
   }
   try:
       retval = 0
       if args.cmd == 'domains':
           cmd_result = get_domains()
       elif args.cmd == 'users':
           cmd_result = get_users()
   except Exception as e:
       result['metadata']['result'] = e.__class__.__name__
       result['metadata']['message'] = str(e)
       retval = 1
   else:
       result['data'] = cmd_result
   finally:
       print(json.dumps(result))
       return retval

if __name__ == "__main__":
   sys.exit(main()) 

#This is integration.conf example that requires adjustments, oterwise IM360 may not work.
#Values are given purely as an example and may not represent your environment.

#The path to the WEB server directory for Imunify360 files
[paths]
ui_path = /var/www/imunifyui/data/www/imunify360.example.com/im360
ui_path_owner = imunifyui:imunifyui

#which PAM service Imunify360 should use
[pam]
service_name = system-auth

#Malware Scanner base directory and patterns
[malware]
basedir = /var/www/
pattern_to_watch = ^/var/www/(vhosts|html)(/.*)?$
#basedir = /home
#pattern_to_watch = ^/home/.+?/(public_html|public_ftp|private_html)(/.*)?$

#WEB server type and commands
[web_server]
#server type apache/nginx/litespeed
server_type = apache
graceful_restart_script = /usr/bin/systemctl restart lsws
config_test_script = /usr/sbin/apachectl -t
#path to ModSecurity audit logs
modsec_audit_log = /var/log/httpd/modsec_audit.log
modsec_audit_logdir = /var/log/modsec_audit

#Limiting users and provide context for IM360 mechanisms
[integration_scripts]
admins = /etc/sysconfig/imunify360/get-admins-script.sh
users = /etc/sysconfig/imunify360/ispmanager_integration.py users
domains = /etc/sysconfig/imunify360/ispmanager_integration.py domains
#Domain-specific ModSecurity configuration (to disable rules using CLI)
#modsec_domain_config_script = /path/to/inject/domain/specific/config/script.sh