Pavel Loginov 2021-05-16 11:27:47 +06:00
parent fd784a9e82
commit 15257c92ce
9 changed files with 182 additions and 25 deletions

View File

@ -1230,9 +1230,30 @@ def update_db_v_5_1_2(**kwargs):
con.close()
def update_db_v_5_1_3(**kwargs):
con, cur = get_cur()
sql = """
ALTER TABLE `servers` ADD COLUMN protected INTEGER NOT NULL DEFAULT 0;
"""
try:
cur.execute(sql)
con.commit()
except sqltool.Error as e:
if kwargs.get('silent') != 1:
if e.args[0] == 'duplicate column name: protected' or e == " 1060 (42S21): Duplicate column name 'protected' ":
print('Updating... DB has been updated to version 5.1.3')
else:
print("An error occurred:", e)
else:
print("DB has been updated to version 5.1.3")
cur.close()
con.close()
def update_ver():
con, cur = get_cur()
sql = """update version set version = '5.1.2.0'; """
sql = """update version set version = '5.1.3.0'; """
try:
cur.execute(sql)
con.commit()
@ -1274,6 +1295,7 @@ def update_all():
update_db_v_5_1_0_1()
update_db_v_5_1_1()
update_db_v_5_1_2()
update_db_v_5_1_3()
update_ver()
@ -1309,6 +1331,7 @@ def update_all_silent():
update_db_v_5_1_0_1(silent=1)
update_db_v_5_1_1(silent=1)
update_db_v_5_1_2(silent=1)
update_db_v_5_1_3(silent=1)
update_ver()

View File

@ -918,6 +918,12 @@ if serv is not None and form.getvalue('right') is not None:
print(stderr)
if serv is not None and act == "configShow":
import http.cookies
cookie = http.cookies.SimpleCookie(os.environ.get("HTTP_COOKIE"))
user_uuid = cookie.get('uuid')
role_id = sql.get_user_role_by_uuid(user_uuid.value)
if form.getvalue('service') == 'keepalived':
configs_dir = funct.get_config_var('configs', 'kp_save_configs_dir')
cfg = '.conf'
@ -940,6 +946,8 @@ if serv is not None and act == "configShow":
conf = open(cfg, "r")
except IOError:
print('<div class="alert alert-danger">Can\'t read config file</div>')
is_serv_protected = sql.is_serv_protected(serv)
from jinja2 import Environment, FileSystemLoader
@ -950,8 +958,9 @@ if serv is not None and act == "configShow":
template = template.render(conf=conf,
serv=serv,
configver=form.getvalue('configver'),
role=funct.is_admin(level=3),
service=form.getvalue('service'))
role=role_id,
service=form.getvalue('service'),
is_serv_protected=is_serv_protected)
print(template)
if form.getvalue('configver') is None:
@ -1786,12 +1795,13 @@ if form.getvalue('updateserver') is not None:
serv_id = form.getvalue('id')
cred = form.getvalue('cred')
port = form.getvalue('port')
protected = form.getvalue('protected')
desc = form.getvalue('desc')
if name is None or port is None:
print(error_mess)
else:
sql.update_server(name, group, typeip, enable, master, serv_id, cred, port, desc, haproxy, nginx, firewall)
sql.update_server(name, group, typeip, enable, master, serv_id, cred, port, desc, haproxy, nginx, firewall, protected)
funct.logging('the server ' + name, ' has been updated ', haproxywi=1, login=1)
if form.getvalue('serverdel') is not None:

View File

@ -365,7 +365,7 @@ def update_hapwi_server(server_id, alert, metrics, active, service_name):
con.close()
def update_server(hostname, group, typeip, enable, master, id, cred, port, desc, haproxy, nginx, firewall):
def update_server(hostname, group, typeip, enable, master, id, cred, port, desc, haproxy, nginx, firewall, protected):
con, cur = get_cur()
sql = """ update servers set
hostname = '%s',
@ -378,8 +378,9 @@ def update_server(hostname, group, typeip, enable, master, id, cred, port, desc,
`desc` = '%s',
haproxy = '%s',
nginx = '%s',
firewall_enable = '%s'
where id = '%s'""" % (hostname, group, typeip, enable, master, cred, port, desc, haproxy, nginx, firewall, id)
firewall_enable = '%s',
protected = '%s'
where id = '%s'""" % (hostname, group, typeip, enable, master, cred, port, desc, haproxy, nginx, firewall, protected, id)
try:
cur.execute(sql)
con.commit()
@ -1367,7 +1368,7 @@ def delete_savedserver(id):
con.close()
def insert_mentrics(serv, curr_con, cur_ssl_con, sess_rate, max_sess_rate):
def insert_metrics(serv, curr_con, cur_ssl_con, sess_rate, max_sess_rate):
con, cur = get_cur()
if mysql_enable == '1':
sql = """ insert into metrics (serv, curr_con, cur_ssl_con, sess_rate, max_sess_rate, date) values('%s', '%s', '%s', '%s', '%s', now()) """ % (serv, curr_con, cur_ssl_con, sess_rate, max_sess_rate)
@ -1383,6 +1384,35 @@ def insert_mentrics(serv, curr_con, cur_ssl_con, sess_rate, max_sess_rate):
con.close()
def insert_metrics_http(serv, http_2xx, http_3xx, http_4xx, http_5xx):
con, cur = get_cur()
if mysql_enable == '1':
sql = """ insert into metrics_http_status (serv, `2xx`, `3xx`, `4xx`, `5xx`, date) values('%s', '%s', '%s', '%s', '%s', now()) """ % (serv, http_2xx, http_3xx, http_4xx, http_5xx)
else:
sql = """ insert into metrics_http_status (serv, `2xx`, `3xx`, `4xx`, `5xx`, date) values('%s', '%s', '%s', '%s', '%s', datetime('now', 'localtime')) """ % (serv, http_2xx, http_3xx, http_4xx, http_5xx)
try:
cur.execute(sql)
con.commit()
except sqltool.Error as e:
funct.out_error(e)
con.rollback()
cur.close()
con.close()
# def select_waf_metrics_enable(id):
# con, cur = get_cur()
# sql = """ select waf.metrics from waf left join servers as serv on waf.server_id = serv.id where server_id = '%s' """ % id
# try:
# cur.execute(sql)
# except sqltool.Error as e:
# funct.out_error(e)
# else:
# return cur.fetchall()
# cur.close()
# con.close()
def select_waf_metrics_enable_server(ip):
con, cur = get_cur()
sql = """ select waf.metrics from waf left join servers as serv on waf.server_id = serv.id where ip = '%s' """ % ip
@ -1601,7 +1631,7 @@ def delete_waf_server(id):
con.close()
def insert_waf_mentrics(serv, conn):
def insert_waf_metrics(serv, conn):
con, cur = get_cur()
if mysql_enable == '1':
sql = """ insert into waf_metrics (serv, conn, date) values('%s', '%s', now()) """ % (serv, conn)
@ -1617,7 +1647,7 @@ def insert_waf_mentrics(serv, conn):
con.close()
def delete_waf_mentrics():
def delete_waf_metrics():
con, cur = get_cur()
if mysql_enable == '1':
sql = """ delete from metrics where date < now() - INTERVAL 3 day """
@ -1646,7 +1676,7 @@ def update_waf_metrics_enable(name, enable):
con.close()
def delete_mentrics():
def delete_metrics():
con, cur = get_cur()
if mysql_enable == '1':
sql = """ delete from metrics where date < now() - INTERVAL 3 day """
@ -1662,6 +1692,21 @@ def delete_mentrics():
con.close()
def delete_http_metrics():
con, cur = get_cur()
if mysql_enable == '1':
sql = """ delete from metrics_http_status where date < now() - INTERVAL 3 day """
else:
sql = """ delete from metrics_http_status where date < datetime('now', '-3 days') """
try:
cur.execute(sql)
con.commit()
except sqltool.Error as e:
funct.out_error(e)
con.rollback()
cur.close()
con.close()
def select_metrics(serv, **kwargs):
con, cur = get_cur()
@ -1703,6 +1748,46 @@ def select_metrics(serv, **kwargs):
con.close()
def select_metrics_http(serv, **kwargs):
con, cur = get_cur()
if mysql_enable == '1':
if kwargs.get('time_range') == '60':
date_from = "and date > now() - INTERVAL 60 minute and rowid % 2 = 0"
elif kwargs.get('time_range') == '180':
date_from = "and date > now() - INTERVAL 180 minute and rowid % 5 = 0"
elif kwargs.get('time_range') == '360':
date_from = "and date > now() - INTERVAL 360 minute and rowid % 7 = 0"
elif kwargs.get('time_range') == '720':
date_from = "and date > now() - INTERVAL 720 minute and rowid % 9 = 0"
else:
date_from = "and date > now() - INTERVAL 30 minute"
sql = """ select * from metrics_http_status where serv = '{serv}' {date_from} order by `date` desc """.format(serv=serv, date_from=date_from)
else:
if kwargs.get('time_range') == '60':
date_from = "and date > datetime('now', '-60 minutes', 'localtime') and rowid % 2 = 0"
elif kwargs.get('time_range') == '180':
date_from = "and date > datetime('now', '-180 minutes', 'localtime') and rowid % 5 = 0"
elif kwargs.get('time_range') == '360':
date_from = "and date > datetime('now', '-360 minutes', 'localtime') and rowid % 7 = 0"
elif kwargs.get('time_range') == '720':
date_from = "and date > datetime('now', '-720 minutes', 'localtime') and rowid % 9 = 0"
else:
date_from = "and date > datetime('now', '-30 minutes', 'localtime')"
sql = """ select * from (select * from metrics_http_status where serv = '{serv}' {date_from} order by `date`) order by `date` """.format(serv=serv, date_from=date_from)
try:
cur.execute(sql)
except sqltool.Error as e:
funct.out_error(e)
else:
return cur.fetchall()
cur.close()
con.close()
def select_servers_metrics_for_master(**kwargs):
con, cur = get_cur()
sql = """select ip from servers where metrics = 1 """
@ -3332,6 +3417,23 @@ def update_aws_provider(new_name, new_key, new_secret, provider_id):
con.close()
def is_serv_protected(serv):
con, cur = get_cur()
sql = """ select protected from servers where ip = '%s'""" % serv
try:
cur.execute(sql)
except sqltool.Error as e:
cur.close()
con.close()
return ""
else:
for p in cur.fetchall():
return True if p[0] else False
cur.close()
con.close()
form = funct.form
error_mess = 'error: All fields must be completed'

View File

@ -1,14 +1,16 @@
<center>
<div style="text-align: center;">
<h4>Config from {{serv}}</h4>
<p class="accordion-expand-holder">
{% if role %}
{% if role <= 3 %}
{% if not is_serv_protected or role <= 2 %}
<a class="ui-button ui-widget ui-corner-all" title="Edit this run config" href="config.py?service={{service}}&serv={{serv}}&open=open">Edit</a>
{% endif %}
{% endif %}
<a class="accordion-expand-all ui-button ui-widget ui-corner-all" href="#">Expand all</a>
<a class="accordion-expand-all ui-button ui-widget ui-corner-all" href="#">Expand all</a>
<button id="raw">Raw</button>
<button id="according" style="display: none;">According</button>
</p>
</center>
</div>
<div style="margin-left: 16%" class="configShow">
{% set i = 0 -%}
@ -222,6 +224,8 @@
{% if configver %}
<br>
<center>
{% if role <= 3 %}
{% if not is_serv_protected or role <= 2 %}
<form action="versions.py?service={{service}}" method="post">
<input type="hidden" value="{{serv}}" name="serv">
<input type="hidden" value="{{configver}}" name="configver">
@ -232,6 +236,8 @@
<button type='submit' value='reload' name='save' class='btn btn-default'>Upload and reload</button>
{% endif %}
</form>
{% endif %}
{% endif %}
<div class="alert alert-info"><b>Note:</b> If you reconfigure Master server, Slave will reconfigured automatically</div>
</center>
{% endif %}

View File

@ -15,9 +15,12 @@
</th>
<th class="checkbox-head" style="width: 5%">HAProxy</th>
<th style="width: 5%">Nginx</th>
<th style="width: 15%;">
<th style="width: 10%;">
<span title="If the server has a firewall enabled, enable this option">Firewalld</span>
</th>
<th class="checkbox-head" style="width: 5%">
<span title="If protection is enabled, then the server is inaccessible for editing by everyone except the admin role">Protected</span>
</th>
<th style="width: 10%">
<span title="Actions with the master config will automatically apply on the slave">Slave for</span>
</th>
@ -102,6 +105,14 @@
<button onclick="viewFirewallRules('{{server.2}}')" title="View firewall rules on server {{server.1}}">view</button>
</div>
</td>
<td class="checkbox" style="padding-left: 15px;">
{% set id = 'protected-' + server.0|string() %}
{% if server.20 == 1 %}
{{ checkbox(id, checked='checked') }}
{% else %}
{{ checkbox(id) }}
{% endif %}
</td>
<td>
<select id="slavefor-{{server.0}}">
<option value="0" selected>Not slave</option>

View File

@ -4,7 +4,7 @@
<script src="/inc/codemirror/codemirror.js"></script>
<script src="/inc/codemirror/nginx.js"></script>
<script src="/inc/codemirror/haproxy.js"></script>
<center>
<div style="text-align: center;">
<p>
<form action="{{ action }}" method="post">
<select autofocus required name="section" id="{{ select_id }}">
@ -27,16 +27,15 @@
{% if role <= 3 %}
<div id="config">
<h4>You are editing "{{section}}" section from server {{ serv }}</h4>
</center>
<form action="{{ action }}" name="saveconfig" method="post">
<input type="hidden" value="{{ serv }}" name="serv">
<input type="hidden" value="{{ start_line }}" name="start_line">
<input type="hidden" value="{{ end_line }}" name="end_line">
<input type="hidden" value="{{ cfg }}.old" name="oldconfig">
<div style="margin-left: 23%;width: 60%;">
<div style="margin-left: 23%;width: 60%; text-align: left">
<textarea name="config" class="config" id="config_text_area" rows="35" cols="80" style="height: 40%">{{ config }}</textarea>
</div>
<center>
{% if not is_serv_protected or role <= 2 %}
<p>
<button type="submit" value="test" name="save" class="btn btn-default">Just test</button>
<button type="submit" value="save" name="save" class="btn btn-default">Just save</button>
@ -46,6 +45,7 @@
<button type="submit" value="delete" name="save" class="btn btn-default">Delete this section</button>
{% endif %}
</p>
{% endif %}
</form>
<script>
var myCodeMirror = CodeMirror.fromTextArea(document.getElementById("config_text_area"), {mode: "haproxy", lineNumbers: true});
@ -59,7 +59,6 @@
<script>
myCodeMirror.refresh();
</script>
</center>
{% endif %}
{% endif %}
{% if aftersave %}
@ -73,5 +72,6 @@
{% endif %}
<script>window.history.pushState("Config", "Config", cur_url[0])</script>
{% endif %}
</center>
</div>
</div>
{% endblock %}

View File

@ -14,7 +14,7 @@ function escapeHtml(unsafe) {
.replace(/"/g, "&quot;")
.replace(/'/g, "&#039;");
}
var wait_mess = '<div class="alert alert-warning">Please don\'t close and don\'t represh page. Wait until the work is completed. This may take some time </div>'
var wait_mess = '<div class="alert alert-warning">Please do not close or refresh the page. Wait until the job is completed. This may take some time</div>'
$( function() {
$('.menu li ul li').each(function () {
var link = $(this).find('a').attr('href');

View File

@ -1669,6 +1669,7 @@ function updateServer(id) {
var haproxy = 0;
var nginx = 0;
var firewall = 0;
var protected_serv = 0;
if ($('#typeip-'+id).is(':checked')) {
typeip = '1';
}
@ -1684,6 +1685,9 @@ function updateServer(id) {
if ($('#firewall-'+id).is(':checked')) {
firewall = '1';
}
if ($('#protected-'+id).is(':checked')) {
protected_serv = '1';
}
var servergroup = $('#servergroup-'+id+' option:selected' ).val();
if (cur_url[0].split('#')[0] == "servers.py") {
servergroup = $('#new-server-group-add').val();
@ -1703,6 +1707,7 @@ function updateServer(id) {
cred: $('#credentials-'+id+' option:selected').val(),
id: id,
desc: $('#desc-'+id).val(),
protected: protected_serv,
token: $('#token').val()
},
type: "POST",
@ -2142,7 +2147,7 @@ function ajaxActionServies(action, service) {
}
function updateService(service) {
$("#ajax-update").html('')
$("#ajax-update").html('<div class="alert alert-warning">Please don\'t close and don\'t represh page. Wait until the work is completed. This may take some time </div>');
$("#ajax-update").html(wait_mess);
$.ajax( {
url: "options.py",
data: {

View File

@ -55,7 +55,7 @@ function metrics_waf(name) {
}
function installWaf(ip1) {
$("#ajax").html('')
$("#ajax").html('<div class="alert alert-warning">Please don\'t close and don\'t represh page. Wait until the work is completed. This may take some time </div>');
$("#ajax").html(wait_mess);
$.ajax( {
url: "options.py",
data: {