From 0371f730b1e6b3da69cb043a0ecc38dea72d82f7 Mon Sep 17 00:00:00 2001 From: Pavel Loginov Date: Sun, 25 Sep 2022 21:20:46 +0300 Subject: [PATCH] v6.2.0.0 Changelog: https://roxy-wi.org/changelog#6_2_0 --- api/api_funct.py | 2 +- app/config.py | 4 +- app/create_db.py | 204 +++++++++---------------- app/funct.py | 138 ++++++++--------- app/hapservers.py | 3 + app/history.py | 2 +- app/login.py | 24 ++- app/{ => modules}/db_model.py | 20 ++- app/options.py | 10 +- app/smon.py | 23 ++- app/sql.py | 4 +- app/templates/ajax/alerts_history.html | 2 +- app/templates/hapservers.html | 9 +- app/templates/ovw.html | 2 +- config_other/requirements_deb.txt | 1 + config_other/requirements_el7.txt | 1 + config_other/requirements_el8.txt | 1 + config_other/requirements_el9.txt | 1 + inc/css/style.css | 7 +- roxy-wi.cfg | 2 +- 20 files changed, 199 insertions(+), 261 deletions(-) rename app/{ => modules}/db_model.py (96%) diff --git a/api/api_funct.py b/api/api_funct.py index 4a5fe6d6..d7ba44bc 100644 --- a/api/api_funct.py +++ b/api/api_funct.py @@ -524,7 +524,7 @@ def show_log(server_id): data[server_id] = {"error": "Cannot find the server"} return dict(error=data) - out = funct.show_haproxy_log(ip, rows=rows, waf=str(waf), grep=grep, hour=str(hour), minut=str(minute), hour1=str(hour1), minut1=str(minute1), html=0) + out = funct.show_roxy_log(ip, rows=rows, waf=str(waf), grep=grep, hour=str(hour), minut=str(minute), hour1=str(hour1), minut1=str(minute1), html=0) data = {server_id: out} return dict(log=data) diff --git a/app/config.py b/app/config.py index f40dd91e..c42d54d7 100644 --- a/app/config.py +++ b/app/config.py @@ -32,7 +32,7 @@ except Exception as e: if service in ('haproxy', 'nginx', 'keepalived', 'apache'): service_desc = sql.select_service(service) if funct.check_login(service=service_desc.service_id): - title = f"{service_desc.service} config view page" + title = f"Working with {service_desc.service} configuration files" action = f"config.py?service={service_desc.slug}" configs_dir = funct.get_config_var('configs', 'kp_save_configs_dir') file_format = 'conf' @@ -60,8 +60,6 @@ if serv is not None and form.getvalue('open') is not None and form.getvalue('new is_serv_protected = sql.is_serv_protected(serv) server_id = sql.select_server_id_by_ip(serv) is_restart = sql.select_service_setting(server_id, service, 'restart') - service_desc = sql.select_service(service) - title = f'{service_desc.service} config edit page' if service == 'keepalived': error = funct.get_config(serv, cfg, keepalived=1) diff --git a/app/create_db.py b/app/create_db.py index 4e3df8ce..5682d373 100644 --- a/app/create_db.py +++ b/app/create_db.py @@ -1,7 +1,7 @@ #!/usr/bin/env python3 import distro -from db_model import * -from funct import check_ver + +from modules.db_model import * def default_values(): @@ -58,7 +58,7 @@ def default_values(): 'desc': 'Socket port for HAProxy', 'group': '1'}, {'param': 'haproxy_sock_port', 'value': '1999', 'section': 'haproxy', 'desc': 'HAProxy sock port', 'group': '1'}, - {'param': 'apache_log_path', 'value': '/var/log/' + apache_dir + '/', 'section': 'logs', + {'param': 'apache_log_path', 'value': f'/var/log/{apache_dir}/', 'section': 'logs', 'desc': 'Path to Apache logs. Apache service for Roxy-WI', 'group': '1'}, {'param': 'nginx_path_logs', 'value': '/var/log/nginx/', 'section': 'nginx', 'desc': 'The path for NGINX logs', 'group': '1'}, @@ -656,95 +656,68 @@ def default_values(): print(str(e)) -def update_db_v_3_4_5_22(): - try: - Version.insert(version='3.4.5.2').execute() - except Exception as e: - print('Cannot insert version %s' % e) - - # Needs for updating user_group. Do not delete -def update_db_v_4_3_0(**kwargs): +def update_db_v_4_3_0(): try: UserGroups.insert_from( User.select(User.user_id, User.groups), fields=[UserGroups.user_id, UserGroups.user_group_id] ).on_conflict_ignore().execute() except Exception as e: - if kwargs.get('silent') != 1: - if e.args[0] == 'duplicate column name: haproxy' or str(e) == '(1060, "Duplicate column name \'haproxy\'")': - print('Updating... go to version 4.3.1') - else: - print("An error occurred:", e) + if e.args[0] == 'duplicate column name: haproxy' or str(e) == '(1060, "Duplicate column name \'haproxy\'")': + print('Updating... go to version 4.3.1') + else: + print("An error occurred:", e) -def update_db_v_5_1_3(**kwargs): - cursor = conn.cursor() - sql = """ALTER TABLE `servers` ADD COLUMN protected INTEGER NOT NULL DEFAULT 0;""" - try: - cursor.execute(sql) - except Exception as e: - if kwargs.get('silent') != 1: - if str(e) == 'duplicate column name: protected' or str(e) == '(1060, "Duplicate column name \'protected\'")': - print('Updating... DB has been updated to version 5.1.3') - else: - print("An error occurred:", e) - else: - print("DB has been updated to version 5.1.3") - - -def update_db_v_5_2_4(**kwargs): +def update_db_v_5_2_4(): cursor = conn.cursor() sql = """ALTER TABLE `user` ADD COLUMN user_services varchar(20) DEFAULT '1 2 3 4';""" try: cursor.execute(sql) except Exception as e: - if kwargs.get('silent') != 1: - if str(e) == 'duplicate column name: user_services' or str(e) == '(1060, "Duplicate column name \'user_services\'")': - print('Updating... DB has been updated to version 5.2.4') - else: - print("An error occurred:", e) + if str(e) == 'duplicate column name: user_services' or str(e) == '(1060, "Duplicate column name \'user_services\'")': + print('Updating... DB has been updated to version 5.2.4') + else: + print("An error occurred:", e) else: print("Updating... DB has been updated to version 5.2.4") -def update_db_v_5_2_4_1(**kwargs): +def update_db_v_5_2_4_1(): cursor = conn.cursor() sql = """ALTER TABLE `servers` ADD COLUMN nginx_metrics integer DEFAULT 0;""" try: cursor.execute(sql) except Exception as e: - if kwargs.get('silent') != 1: - if str(e) == 'duplicate column name: nginx_metrics' or str(e) == '(1060, "Duplicate column name \'nginx_metrics\'")': - print('Updating... DB has been updated to version 5.2.4-1') - else: - print("An error occurred:", e) + if str(e) == 'duplicate column name: nginx_metrics' or str(e) == '(1060, "Duplicate column name \'nginx_metrics\'")': + print('Updating... DB has been updated to version 5.2.4-1') + else: + print("An error occurred:", e) else: print("Updating... DB has been updated to version 5.2.4-1") -def update_db_v_5_2_5_1(**kwargs): +def update_db_v_5_2_5_1(): query = User.update(role='user').where(User.role == 'editor') try: query.execute() except Exception as e: print("An error occurred:", e) else: - if kwargs.get('silent') != 1: - print("Updating... DB has been updated to version 5.2.5-1") + print("Updating... DB has been updated to version 5.2.5-1") -def update_db_v_5_2_5_2(**kwargs): +def update_db_v_5_2_5_2(): query = Role.delete().where(Role.name == 'editor') try: query.execute() except Exception as e: print("An error occurred:", e) else: - if kwargs.get('silent') != 1: - print("Updating... DB has been updated to version 5.2.5-2") + print("Updating... DB has been updated to version 5.2.5-2") -def update_db_v_5_2_5_3(**kwargs): +def update_db_v_5_2_5_3(): cursor = conn.cursor() sql = list() sql.append("alter table user add column last_login_date timestamp default '0000-00-00 00:00:00'") @@ -755,22 +728,20 @@ def update_db_v_5_2_5_3(**kwargs): except Exception: pass else: - if kwargs.get('silent') != 1: - print('Updating... DB has been updated to version 5.2.5-3') + print('Updating... DB has been updated to version 5.2.5-3') -def update_db_v_5_2_6(**kwargs): +def update_db_v_5_2_6(): query = Setting.delete().where(Setting.param == 'haproxy_enterprise') try: query.execute() except Exception as e: print("An error occurred:", e) else: - if kwargs.get('silent') != 1: - print("Updating... DB has been updated to version 5.2.6") + print("Updating... DB has been updated to version 5.2.6") -def update_db_v_5_3_0(**kwargs): +def update_db_v_5_3_0(): groups = '' query = Groups.select() @@ -816,24 +787,22 @@ def update_db_v_5_3_0(**kwargs): try: Setting.insert_many(data_source).on_conflict_ignore().execute() except Exception as e: - if kwargs.get('silent') != 1: - if str(e) == 'columns param, group are not unique': - pass - else: - print("An error occurred:", e) - except Exception as e: - if kwargs.get('silent') != 1: - if ( - str(e) == 'columns param, group are not unique' - or str(e) == '(1062, "Duplicate entry \'nginx_container_name\' for key \'param\'")' - or str(e) == 'UNIQUE constraint failed: settings.param, settings.group' - ): + if str(e) == 'columns param, group are not unique': pass else: print("An error occurred:", e) + except Exception as e: + if ( + str(e) == 'columns param, group are not unique' + or str(e) == '(1062, "Duplicate entry \'nginx_container_name\' for key \'param\'")' + or str(e) == 'UNIQUE constraint failed: settings.param, settings.group' + ): + pass + else: + print("An error occurred:", e) -def update_db_v_5_3_1(**kwargs): +def update_db_v_5_3_1(): cursor = conn.cursor() sql = """ ALTER TABLE `servers` ADD COLUMN keepalived_active INTEGER NOT NULL DEFAULT 0; @@ -841,16 +810,15 @@ def update_db_v_5_3_1(**kwargs): try: cursor.execute(sql) except Exception as e: - if kwargs.get('silent') != 1: - if e.args[0] == 'duplicate column name: keepalived_active' or str(e) == '(1060, "Duplicate column name \'keepalived_active\'")': - print('Updating... DB has been updated to version 5.3.1') - else: - print("An error occurred:", e) + if e.args[0] == 'duplicate column name: keepalived_active' or str(e) == '(1060, "Duplicate column name \'keepalived_active\'")': + print('Updating... DB has been updated to version 5.3.1') + else: + print("An error occurred:", e) else: print("Updating... DB has been updated to version 5.3.1") -def update_db_v_5_3_2_2(**kwargs): +def update_db_v_5_3_2_2(): cursor = conn.cursor() sql = """ ALTER TABLE `servers` ADD COLUMN keepalived_alert INTEGER NOT NULL DEFAULT 0; @@ -858,53 +826,49 @@ def update_db_v_5_3_2_2(**kwargs): try: cursor.execute(sql) except Exception as e: - if kwargs.get('silent') != 1: - if e.args[0] == 'duplicate column name: keepalived_alert' or str(e) == '(1060, "Duplicate column name \'keepalived_alert\'")': - print('Updating... DB has been updated to version 5.3.2') - else: - print("An error occurred:", e) + if e.args[0] == 'duplicate column name: keepalived_alert' or str(e) == '(1060, "Duplicate column name \'keepalived_alert\'")': + print('Updating... DB has been updated to version 5.3.2') + else: + print("An error occurred:", e) else: print("Updating... DB has been updated to version 5.3.2") -def update_db_v_5_4_2(**kwargs): +def update_db_v_5_4_2(): cursor = conn.cursor() sql = """ALTER TABLE `smon` ADD COLUMN slack_channel_id integer DEFAULT '0';""" try: cursor.execute(sql) except Exception as e: - if kwargs.get('silent') != 1: - if str(e) == 'duplicate column name: slack_channel_id' or str(e) == '(1060, "Duplicate column name \'slack_channel_id\'")': - print('Updating... DB has been updated to version 5.4.2') - else: - print("An error occurred:", e) + if str(e) == 'duplicate column name: slack_channel_id' or str(e) == '(1060, "Duplicate column name \'slack_channel_id\'")': + print('Updating... DB has been updated to version 5.4.2') + else: + print("An error occurred:", e) else: print("Updating... DB has been updated to version 5.4.2") -def update_db_v_5_4_3(**kwargs): +def update_db_v_5_4_3(): query = Setting.update(param='nginx_path_logs', value='/var/log/nginx/').where(Setting.param == 'nginx_path_error_logs') try: query.execute() except Exception as e: print("An error occurred:", e) else: - if kwargs.get('silent') != 1: - print("Updating... DB has been updated to version 5.4.3") + print("Updating... DB has been updated to version 5.4.3") -def update_db_v_5_4_3_1(**kwargs): +def update_db_v_5_4_3_1(): query = Setting.update(value='/etc/nginx/').where(Setting.param == 'nginx_dir') try: query.execute() except Exception as e: print("An error occurred:", e) else: - if kwargs.get('silent') != 1: - print("Updating... DB has been updated to version 5.4.3-1") + print("Updating... DB has been updated to version 5.4.3-1") -def update_db_v_6_0(**kwargs): +def update_db_v_6_0(): cursor = conn.cursor() sql = list() sql.append("alter table servers add column apache integer default 0") @@ -917,22 +881,20 @@ def update_db_v_6_0(**kwargs): except Exception: pass else: - if kwargs.get('silent') != 1: - print('Updating... DB has been updated to version 6.0.0.0') + print('Updating... DB has been updated to version 6.0.0.0') -def update_db_v_6_0_1(**kwargs): +def update_db_v_6_0_1(): query = Groups.update(name='Default').where(Groups.group_id == '1') try: query.execute() except Exception as e: print("An error occurred:", e) else: - if kwargs.get('silent') != 1: - print("Updating... DB has been updated to version 6.0.0.0-1") + print("Updating... DB has been updated to version 6.0.0.0-1") -def update_db_v_6_1_0(**kwargs): +def update_db_v_6_1_0(): for service_id in range(1, 5): try: servers_id = Server.select(Server.server_id).where(Server.type_ip == 0).execute() @@ -941,14 +903,13 @@ def update_db_v_6_1_0(**kwargs): server_id=server_id, service_id=service_id ).on_conflict_ignore().execute() except Exception as e: - if kwargs.get('silent') != 1: - if e.args[0] == 'duplicate column name: haproxy' or str(e) == '(1060, "Duplicate column name \'haproxy\'")': - print('Updating... go to version 6.1.0') - else: - print("An error occurred:", e) + if e.args[0] == 'duplicate column name: haproxy' or str(e) == '(1060, "Duplicate column name \'haproxy\'")': + print('Updating... go to version 6.1.0') + else: + print("An error occurred:", e) -def update_db_v_6_1_3(**kwargs): +def update_db_v_6_1_3(): if mysql_enable == '1': cursor = conn.cursor() sql = list() @@ -961,8 +922,7 @@ def update_db_v_6_1_3(**kwargs): except Exception: pass else: - if kwargs.get('silent') != 1: - print('Updating... DB has been updated to version 6.1.3.0') + print('Updating... DB has been updated to version 6.1.3.0') else: pass @@ -988,18 +948,14 @@ def update_db_v_6_1_4(): def update_ver(): - query = Version.update(version='6.2.0.0') try: - query.execute() + Version.update(version='6.2.0.0').execute() except Exception: print('Cannot update version') def update_all(): - if check_ver() is None: - update_db_v_3_4_5_22() update_db_v_4_3_0() - update_db_v_5_1_3() update_db_v_5_2_4() update_db_v_5_2_4_1() update_db_v_5_2_5_1() @@ -1020,30 +976,6 @@ def update_all(): update_ver() -def update_all_silent(): - if check_ver() is None: - update_db_v_3_4_5_22() - update_db_v_4_3_0(silent=1) - update_db_v_5_1_3(silent=1) - update_db_v_5_2_4(silent=1) - update_db_v_5_2_4_1(silent=1) - update_db_v_5_2_5_1(silent=1) - update_db_v_5_2_5_2(silent=1) - update_db_v_5_2_5_3(silent=1) - update_db_v_5_2_6(silent=1) - update_db_v_5_3_0(silent=1) - update_db_v_5_3_1(silent=1) - update_db_v_5_3_2_2(silent=1) - update_db_v_5_4_2(silent=1) - update_db_v_5_4_3(silent=1) - update_db_v_5_4_3_1(silent=1) - update_db_v_6_0(silent=1) - update_db_v_6_0_1(silent=1) - update_db_v_6_1_3(silent=1) - update_db_v_6_1_4() - update_ver() - - if __name__ == "__main__": create_tables() default_values() diff --git a/app/funct.py b/app/funct.py index 1b10875a..f5b0759c 100644 --- a/app/funct.py +++ b/app/funct.py @@ -108,7 +108,7 @@ def get_data(log_type, **kwargs): return now_utc.strftime(fmt) -def get_user_group(**kwargs): +def get_user_group(**kwargs) -> str: import sql user_group = '' @@ -129,21 +129,23 @@ def get_user_group(**kwargs): return user_group -def logging(server_ip, action, **kwargs): +def logging(server_ip: str, action: str, **kwargs) -> None: import sql import distro login = '' - + cur_date = get_data('logs') + cur_date_in_log = get_data('date_in_log') log_path = get_config_var('main', 'log_path') + + if not os.path.exists(log_path): + os.makedirs(log_path) + try: user_group = get_user_group() except Exception: user_group = '' - if not os.path.exists(log_path): - os.makedirs(log_path) - try: ip = cgi.escape(os.environ["REMOTE_ADDR"]) except Exception: @@ -171,33 +173,30 @@ def logging(server_ip, action, **kwargs): if kwargs.get('haproxywi') == 1: if kwargs.get('login'): - mess = get_data('date_in_log') + " from " + ip + " user: " + login + ", group: " + user_group + ", " + \ - action + " for: " + server_ip + "\n" + mess = f"{cur_date_in_log} from {ip} user: {login}, group: {user_group}, {action} for: {server_ip}\n" if kwargs.get('keep_history'): try: keep_action_history(kwargs.get('service'), action, server_ip, login, ip) except Exception as e: print(str(e)) else: - mess = get_data('date_in_log') + " " + action + " from " + ip + "\n" - log = open(log_path + "/roxy-wi-" + get_data('logs') + ".log", "a") + mess = f"{cur_date_in_log} {action} from {ip}\n" + log_file = f"{log_path}/roxy-wi-{cur_date}.log" elif kwargs.get('provisioning') == 1: - mess = get_data('date_in_log') + " from " + ip + " user: " + login + ", group: " + user_group + ", " + \ - action + "\n" - log = open(log_path + "/provisioning-" + get_data('logs') + ".log", "a") + mess = f"{cur_date_in_log} from {ip} user: {login}, group: {user_group}, {action}\n" + log_file = f"{log_path}/provisioning-{cur_date}.log" else: - mess = get_data('date_in_log') + " from " + ip + " user: " + login + ", group: " + user_group + ", " + \ - action + " for: " + server_ip + "\n" - log = open(log_path + "/config_edit-" + get_data('logs') + ".log", "a") + mess = f"{cur_date_in_log} from {ip} user: {login}, group: {user_group}, {action} for: {server_ip}\n" + log_file = f"{log_path}/config_edit-{cur_date}.log" if kwargs.get('keep_history'): keep_action_history(kwargs.get('service'), action, server_ip, login, ip) try: - log.write(mess) - log.close() + with open(log_file, 'a') as log: + log.write(mess) except IOError as e: - print('
Cannot write log. Please check log_path in config %e
' % e) + print(f'
Cannot write log. Please check log_path in config {str(e)}
') def keep_action_history(service: str, action: str, server_ip: str, login: str, user_ip: str): @@ -213,7 +212,7 @@ def keep_action_history(service: str, action: str, server_ip: str, login: str, u sql.insert_action_history(service, action, server_id, user_id, user_ip) except Exception as e: - logging('localhost', 'Cannot save a history: ' + str(e), haproxywi=1) + logging('localhost', f'Cannot save a history: {str(e)}', haproxywi=1) def telegram_send_mess(mess, **kwargs): @@ -239,7 +238,6 @@ def telegram_send_mess(mess, **kwargs): if token_bot == '' or channel_name == '': mess = " Can't send message. Add Telegram channel before use alerting at this servers group" - print(mess) logging('localhost', mess, haproxywi=1) if proxy is not None and proxy != '' and proxy != 'None': @@ -248,7 +246,6 @@ def telegram_send_mess(mess, **kwargs): bot = telebot.TeleBot(token=token_bot) bot.send_message(chat_id=channel_name, text=mess) except Exception as e: - print(str(e)) logging('localhost', str(e), haproxywi=1) @@ -282,7 +279,6 @@ def slack_send_mess(mess, **kwargs): try: client.chat_postMessage(channel='#' + channel_name, text=mess) except SlackApiError as e: - print('error: ' + str(e)) logging('localhost', str(e), haproxywi=1) @@ -1178,44 +1174,36 @@ def show_log(stdout, **kwargs): if kwargs.get('grep'): grep = kwargs.get('grep') grep = re.sub(r'[?|$|.|!|^|*|\]|\[|,| |]', r'', grep) - for line in stdout: - if kwargs.get("html") != 0: - i = i + 1 - if kwargs.get('grep'): - line = line.replace(grep, '' + grep + '') - line_class = "line3" if i % 2 == 0 else "line" - out += '
' + line + '
' - else: - out += line + i = i + 1 + if kwargs.get('grep'): + line = line.replace(grep, f'{grep}') + line_class = "line3" if i % 2 == 0 else "line" + out += f'
{line}
' return out def show_finding_in_config(stdout: str, **kwargs) -> str: - i = 0 - out = '' grep = '' - line_class = 'line' + out = '
--
' if kwargs.get('grep'): grep = kwargs.get('grep') grep = re.sub(r'[?|$|!|^|*|\]|\[|,| |]', r'', grep) - out += '
--
' for line in stdout: - i = i + 1 if kwargs.get('grep'): - line = line.replace(grep, '' + grep + '') - line_class = "line" if '--' in line else "line3" - out += '
' + line + '
' + line = line.replace(grep, f'{grep}') + line_class = "line" if '--' in line else "line3" + out += f'
{line}
' out += '
--
' return out -def show_haproxy_log( +def show_roxy_log( serv, rows='10', waf='0', grep=None, hour='00', minut='00', hour1='24', minut1='00', service='haproxy', **kwargs ) -> str: @@ -1227,6 +1215,7 @@ def show_haproxy_log( rows = checkAjaxInput(rows) waf = checkAjaxInput(waf) cmd = '' + awk_column = 3 if grep is not None: grep_act = '|egrep "%s"' % checkAjaxInput(grep) @@ -1282,21 +1271,19 @@ def show_haproxy_log( elif serv == 'roxy-wi.error.log': cmd = "sudo cat {}| awk '$4>\"{}:00\" && $4<\"{}:00\"' |tail -{} {} {}".format(apache_log_path + "/" + serv, date, date1, rows, grep_act, exgrep_act) elif serv == 'fail2ban.log': - cmd = "sudo cat {}| awk -F\"/|:\" '$3>\"{}:00\" && $3<\"{}:00\"' |tail -{} {} {}".format("/var/log/" + serv, date, date1, rows, grep_act, exgrep_act) + cmd = 'sudo cat {}| awk -F"/|:" \'$3>"{}:00" && $3<"{}:00\' |tail -{} {} {}'.format("/var/log/" + serv, date, date1, rows, grep_act, exgrep_act) output, stderr = subprocess_execute(cmd) return show_log(output, grep=grep) elif service == 'internal': + log_path = get_config_var('main', 'log_path') + logs_files = get_files(log_path, "log") user_group = get_user_group() + user_grep = '' if user_group != '' and user_group != 'Default': user_grep = "|grep 'group: " + user_group + "'" - else: - user_grep = '' - - log_path = get_config_var('main', 'log_path') - logs_files = get_files(log_path, "log") for key, value in logs_files: if int(serv) == key: @@ -1307,16 +1294,16 @@ def show_haproxy_log( sys.exit() if serv == 'backup.log': - cmd = "cat %s| awk '$2>\"%s:00\" && $2<\"%s:00\"' %s %s %s |tail -%s" % (log_path + serv, date, date1, user_grep, grep_act, exgrep_act, rows) - else: - cmd = "cat %s| awk '$3>\"%s:00\" && $3<\"%s:00\"' %s %s %s |tail -%s" % (log_path + serv, date, date1, user_grep, grep_act, exgrep_act, rows) + awk_column = 2 + + cmd = f"cat {log_path}/{serv}| awk '${awk_column}>\"{date}:00\" && ${awk_column}<\"{date1}:00\"' {user_grep} {grep_act} {exgrep_act} |tail -{rows}" output, stderr = subprocess_execute(cmd) return show_log(output, grep=grep) -def roxy_wi_log(**kwargs): +def roxy_wi_log(**kwargs) -> str: log_path = get_config_var('main', 'log_path') if kwargs.get('log_id'): @@ -1364,27 +1351,22 @@ def server_status(stdout): return proc_count -def ssh_command(server_ip, commands, **kwargs): +def ssh_command(server_ip: str, commands: list, **kwargs): with ssh_connect(server_ip) as ssh: for command in commands: try: stdin, stdout, stderr = ssh.run_command(command) except Exception as e: - logging('localhost', ' ' + str(e), haproxywi=1) + logging('localhost', f' {str(e)}', haproxywi=1) return str(e) - if kwargs.get('raw'): - return stdout try: + if kwargs.get('raw'): + return stdout.readlines() if kwargs.get("ip") == "1": show_ip(stdout) elif kwargs.get("show_log") == "1": return show_log(stdout, grep=kwargs.get("grep")) - elif kwargs.get("server_status") == "1": - server_status(stdout) - elif kwargs.get('print_out'): - print(stdout.read().decode(encoding='UTF-8')) - return stdout.read().decode(encoding='UTF-8') elif kwargs.get('return_err') == 1: return stderr.read().decode(encoding='UTF-8') else: @@ -1392,10 +1374,10 @@ def ssh_command(server_ip, commands, **kwargs): except Exception as e: logging('localhost', str(e), haproxywi=1) - for line in stderr.read().decode(encoding='UTF-8'): + for line in stderr.readlines(): if line: - print("
" + line + "
") - logging('localhost', ' ' + line, haproxywi=1) + print(f'error: {line}') + logging('localhost', f' {line}', haproxywi=1) def subprocess_execute(cmd): @@ -1432,7 +1414,7 @@ def show_backends(server_ip, **kwargs): return ret -def get_files(folder=get_config_var('configs', 'haproxy_save_configs_dir'), file_format='cfg'): +def get_files(folder=get_config_var('configs', 'haproxy_save_configs_dir'), file_format='cfg') -> list: import glob if file_format == 'log': file = [] @@ -1442,7 +1424,10 @@ def get_files(folder=get_config_var('configs', 'haproxy_save_configs_dir'), file i = 0 for files in sorted(glob.glob(os.path.join(folder, '*.' + file_format + '*'))): if file_format == 'log': - file += [(i, files.split('/')[5])] + try: + file += [(i, files.split('/')[4])] + except Exception as e: + print(e) else: file.add(files.split('/')[-1]) i += 1 @@ -1496,11 +1481,12 @@ def check_new_version(service): import requests from requests.adapters import HTTPAdapter from requests.packages.urllib3.util.retry import Retry + import sql + current_ver = check_ver() proxy = sql.get_setting('proxy') res = '' - user_name = sql.select_user_name() retry_strategy = Retry( total=3, @@ -1614,10 +1600,11 @@ def get_users_params(**kwargs): def check_user_group(**kwargs): + import sql + if kwargs.get('token') is not None: return True - import sql if kwargs.get('user_uuid'): group_id = kwargs.get('user_group_id') user_uuid = kwargs.get('user_uuid') @@ -1738,15 +1725,15 @@ def get_services_status(): return services -def is_file_exists(server_ip: str, file: str): - cmd = ['[ -f ' + file + ' ] && echo yes || echo no'] +def is_file_exists(server_ip: str, file: str) -> bool: + cmd = [f'[ -f {file} ] && echo yes || echo no'] out = ssh_command(server_ip, cmd) return True if 'yes' in out else False -def is_service_active(server_ip: str, service_name: str): - cmd = ['systemctl is-active ' + service_name] +def is_service_active(server_ip: str, service_name: str) -> bool: + cmd = [f'systemctl is-active {service_name}'] out = ssh_command(server_ip, cmd) out = out.strip() @@ -2009,7 +1996,7 @@ def send_message_to_rabbit(message: str, **kwargs) -> None: connection.close() -def is_restarted(server_ip, action): +def is_restarted(server_ip: str, action: str) -> None: import sql cookie = http.cookies.SimpleCookie(os.environ.get("HTTP_COOKIE")) @@ -2017,7 +2004,7 @@ def is_restarted(server_ip, action): user_role = sql.get_user_role_by_uuid(user_uuid.value) if sql.is_serv_protected(server_ip) and int(user_role) > 2: - print('error: This server is protected. You cannot ' + action + ' it') + print(f'error: This server is protected. You cannot {action} it') sys.exit() @@ -2045,7 +2032,10 @@ def get_correct_apache_service_name(server_ip=0, server_id=0) -> str: if server_id == 0: server_id = sql.select_server_id_by_ip(server_ip) - os_info = sql.select_os_info(server_id) + try: + os_info = sql.select_os_info(server_id) + except Exception: + return 'error: cannot get server info' if "CentOS" in os_info or "Redhat" in os_info: return 'httpd' diff --git a/app/hapservers.py b/app/hapservers.py index d7661bc0..c9657d47 100644 --- a/app/hapservers.py +++ b/app/hapservers.py @@ -1,4 +1,6 @@ #!/usr/bin/env python3 +import sys + import distro import funct @@ -44,6 +46,7 @@ if service in ('haproxy', 'nginx', 'keepalived', 'apache'): restart_settings = sql.select_restart_services_settings(service_desc.slug) else: print('') + sys.exit() services_name = {'roxy-wi-checker': 'Master backends checker service', 'roxy-wi-keep_alive': 'Auto start service', diff --git a/app/history.py b/app/history.py index 1639dba1..def3613d 100644 --- a/app/history.py +++ b/app/history.py @@ -32,7 +32,7 @@ if service in ('haproxy', 'nginx', 'keepalived', 'apache'): ) elif service == 'server': if serv: - title = serv + ' history' + title = f'{serv} history' if funct.check_is_server_in_group(serv): server_id = sql.select_server_id_by_ip(serv) history = sql.select_action_history_by_server_id(server_id) diff --git a/app/login.py b/app/login.py index c8845796..444e0437 100644 --- a/app/login.py +++ b/app/login.py @@ -1,15 +1,14 @@ #!/usr/bin/env python3 # -*- coding: utf-8 -*- - import os import sys import http.cookies + import datetime import uuid import distro import sql -import create_db import funct from jinja2 import Environment, FileSystemLoader @@ -27,15 +26,14 @@ except Exception: ref = '' login = '' password = '' -db_create = "" error_log = "" error = "" def send_cookie(login): - session_ttl = sql.get_setting('session_ttl') - session_ttl = int(session_ttl) + session_ttl = int(sql.get_setting('session_ttl')) expires = datetime.datetime.utcnow() + datetime.timedelta(days=session_ttl) + user_group = '' user_uuid = str(uuid.uuid4()) user_token = str(uuid.uuid4()) sql.write_user_uuid(login, user_uuid) @@ -76,7 +74,7 @@ def send_cookie(login): try: user_name = sql.get_user_name_by_uuid(user_uuid) - funct.logging('localhost', ' user: ' + user_name + ', group: ' + user_group + ' login', haproxywi=1) + funct.logging('localhost', f' user: {user_name}, group: {user_group} login', haproxywi=1) except Exception: pass print("Content-type: text/html\n") @@ -116,12 +114,13 @@ def ban(): c["ban"]["Secure"] = "True" c["ban"]["expires"] = expires.strftime("%a, %d %b %Y %H:%M:%S GMT") try: - funct.logging('localhost', login + ' failed log in', haproxywi=1, login=1) + funct.logging('localhost', f'{login} failed log in', haproxywi=1, login=1) except Exception: funct.logging('localhost', ' Failed log in. Wrong username', haproxywi=1) print(c.output()) print("Content-type: text/html\n") print('ban') + sys.exit() def check_in_ldap(user, password): @@ -168,8 +167,8 @@ def check_in_ldap(user, password): print("Content-type: text/html\n") print('
Other LDAP error: %s


' % e) sys.exit() - - send_cookie(user) + else: + send_cookie(user) if ref is None: @@ -191,7 +190,6 @@ try: except Exception: role = "" user = "" - pass if form.getvalue('logout'): @@ -222,19 +220,15 @@ if login is not None and password is not None: break else: ban() - sys.exit() else: ban() - sys.exit() print("Content-type: text/html\n") if login is None: print("Content-type: text/html\n") -create_db.update_all_silent() - output_from_parsed_template = template.render( h2=0, title="Login page", role=role, user=user, error_log=error_log, error=error, ref=ref, - versions=funct.versions(), db_create=db_create + versions=funct.versions() ) print(output_from_parsed_template) diff --git a/app/db_model.py b/app/modules/db_model.py similarity index 96% rename from app/db_model.py rename to app/modules/db_model.py index 0305c2d4..578fb14d 100644 --- a/app/db_model.py +++ b/app/modules/db_model.py @@ -1,6 +1,24 @@ from peewee import * from datetime import datetime -from funct import get_config_var +from configparser import ConfigParser, ExtendedInterpolation + + +def get_config_var(sec, var): + try: + path_config = "/etc/roxy-wi/roxy-wi.cfg" + config = ConfigParser(interpolation=ExtendedInterpolation()) + config.read(path_config) + except Exception as e: + print('error: ' + str(e)) + return + + try: + return config.get(sec, var) + except Exception: + print('Content-type: text/html\n') + print(f'
Check the config file. Presence section {sec} and parameter {var}
') + return + mysql_enable = get_config_var('mysql', 'enable') diff --git a/app/options.py b/app/options.py index ce745d2c..3e01a332 100644 --- a/app/options.py +++ b/app/options.py @@ -967,7 +967,7 @@ if serv is not None and form.getvalue('show_log') is not None: hour1 = form.getvalue('hour1') minut1 = form.getvalue('minut1') service = form.getvalue('service') - out = funct.show_haproxy_log(serv, rows=rows, waf=waf, grep=grep, hour=hour, minut=minut, hour1=hour1, + out = funct.show_roxy_log(serv, rows=rows, waf=waf, grep=grep, hour=hour, minut=minut, hour1=hour1, minut1=minut1, service=service) print(out) @@ -978,7 +978,7 @@ if serv is not None and form.getvalue('rows1') is not None: minut = form.getvalue('minut') hour1 = form.getvalue('hour1') minut1 = form.getvalue('minut1') - out = funct.show_haproxy_log(serv, rows=rows, waf='0', grep=grep, hour=hour, minut=minut, hour1=hour1, + out = funct.show_roxy_log(serv, rows=rows, waf='0', grep=grep, hour=hour, minut=minut, hour1=hour1, minut1=minut1, service='apache_internal') print(out) @@ -991,7 +991,7 @@ if form.getvalue('viewlogs') is not None: hour1 = form.getvalue('hour1') minut1 = form.getvalue('minut1') if funct.check_user_group(): - out = funct.show_haproxy_log(serv=viewlog, rows=rows, waf='0', grep=grep, hour=hour, minut=minut, hour1=hour1, + out = funct.show_roxy_log(serv=viewlog, rows=rows, waf='0', grep=grep, hour=hour, minut=minut, hour1=hour1, minut1=minut1, service='internal') print(out) @@ -4466,8 +4466,8 @@ if act == 'findInConfigs': service = form.getvalue('service') log_path = sql.get_setting(service + '_dir') log_path = funct.return_nice_path(log_path) - commands = ['sudo grep "%s" %s*/*.conf -C 2 -Rn' % (finding_words, log_path)] - return_find = funct.ssh_command(server_ip, commands, raw='1') + commands = [f'sudo grep "{finding_words}" {log_path}*/*.conf -C 2 -Rn'] + return_find = funct.ssh_command(server_ip, commands, raw=1) return_find = funct.show_finding_in_config(return_find, grep=finding_words) if 'error: ' in return_find: diff --git a/app/smon.py b/app/smon.py index 7186e72e..dfa64891 100644 --- a/app/smon.py +++ b/app/smon.py @@ -4,39 +4,34 @@ import sql from jinja2 import Environment, FileSystemLoader env = Environment(loader=FileSystemLoader('templates/'), autoescape=True) template = env.get_template('smon.html') -smon_status = '' -stderr = '' form = funct.form action = form.getvalue('action') sort = form.getvalue('sort') +autorefresh = 0 print('Content-type: text/html\n') funct.check_login() -try: - user, user_id, role, token, servers, user_services = funct.get_users_params() - user_group = funct.get_user_group(id=1) - cmd = "systemctl is-active roxy-wi-smon" - smon_status, stderr = funct.subprocess_execute(cmd) -except Exception as e: - print(str(e)) +user, user_id, role, token, servers, user_services = funct.get_users_params() +user_group = funct.get_user_group(id=1) +cmd = "systemctl is-active roxy-wi-smon" +smon_status, stderr = funct.subprocess_execute(cmd) + if action == 'add': smon = sql.select_smon(user_group, action='add') funct.page_for_admin(level=3) title = "SMON Admin" - autorefresh = 0 elif action == 'history': if form.getvalue('host'): - smon = sql.alerts_history('SMON', user_group, host=form.getvalue('host')) + needed_host = funct.is_ip_or_dns(form.getvalue('host')) + smon = sql.alerts_history('SMON', user_group, host=needed_host) else: smon = sql.alerts_history('SMON', user_group) title = "SMON History" - autorefresh = 0 elif action == 'checker_history': smon = sql.alerts_history('Checker', user_group) title = "Checker History" - autorefresh = 0 else: smon = sql.smon_list(user_group) title = "SMON Dashboard" @@ -46,7 +41,7 @@ try: user_status, user_plan = funct.return_user_status() except Exception as e: user_status, user_plan = 0, 0 - funct.logging('localhost', 'Cannot get a user plan: ' + str(e), haproxywi=1) + funct.logging('localhost', f'Cannot get a user plan: {str(e)}', haproxywi=1) rendered_template = template.render( h2=1, title=title, autorefresh=autorefresh, role=role, user=user, group=user_group, diff --git a/app/sql.py b/app/sql.py index dacee80c..fa856d59 100755 --- a/app/sql.py +++ b/app/sql.py @@ -5,9 +5,7 @@ import sys import os import funct -from db_model import * - -mysql_enable = funct.get_config_var('mysql', 'enable') +from modules.db_model import * def out_error(error): diff --git a/app/templates/ajax/alerts_history.html b/app/templates/ajax/alerts_history.html index 931ccec1..af26fec6 100644 --- a/app/templates/ajax/alerts_history.html +++ b/app/templates/ajax/alerts_history.html @@ -47,7 +47,7 @@ {% endif %} {{t.1 |upper}} - {{t.2}} + {{t.2}} {% if action != "checker_history" %} {{t.3}} {% endif %} diff --git a/app/templates/hapservers.html b/app/templates/hapservers.html index 6f05498d..e42a4eec 100644 --- a/app/templates/hapservers.html +++ b/app/templates/hapservers.html @@ -279,14 +279,14 @@
{{s.5.0.2}} {% else %} - Cannot get information about HAProxy - {% endif %} + Cannot get information about HAProxy + {% endif %} {% endif %} Last edit: - -
+ +
IP: {{ copy_to_clipboard(value=s.2, style='font-weight: bold') }} {% if s.7.0.0 != None %} Master for: {{ copy_to_clipboard(value=s.7.0.1, style='font-weight: bold') }} @@ -300,6 +300,7 @@ {% endif %} {% endif %} +