diff --git a/api/api.py b/api/api.py index 0becf4ea..08eff8d6 100644 --- a/api/api.py +++ b/api/api.py @@ -55,46 +55,27 @@ def index(): 'haproxy//action/stop': 'stop HAProxy service by id or hostname or ip. METHOD: GET', 'haproxy//action/restart': 'restart HAProxy service by id or hostname or ip. METHOD: GET', 'haproxy//config': 'get HAProxy config from a server by id or hostname or ip. METHOD: GET', - 'haproxy//config': 'upload HAProxy config to a server by id or hostname or ip. Headers: action: ' - 'save/reload/restart. Body must consist a whole HAProxy config. METHOD: POST', - 'haproxy//log': 'show HAProxy logs by id or hostname or ip. May to have config next Headers: rows(format INT) ' - 'default: 10 grep, waf(if needs WAF log) default: 0, start_hour(format: 24) default: 00, ' - 'start_minute, end_hour(format: 24) default: 24, end_minute. METHOD: GET', + 'haproxy//config': 'upload HAProxy config to a server by id or hostname or ip. Headers: action: save/reload/restart. Body must consist a whole HAProxy config. METHOD: POST', + 'haproxy//log': 'show HAProxy logs by id or hostname or ip. May to have config next Headers: rows(format INT) default: 10 grep, waf(if needs WAF log) default: 0, start_hour(format: 24) default: 00, start_minute, end_hour(format: 24) default: 24, end_minute. METHOD: GET', 'haproxy//section': 'show a certain section, headers: section-name. METHOD: GET', - 'haproxy//section/add': 'add a section to the HAProxy config by id or hostname or ip. Has to have ' - 'config header with section and action header for action after upload. ' - 'Section header must consist type: listen, frontend, etc. Action header ' - 'accepts next value: save, test, reload and restart. Can be empty for just save. METHOD: POST', - 'haproxy//section/edit': 'edit a section in the HAProxy config by id or hostname or ip. Has to have ' - 'config header with section, action header for action after upload and body ' - 'of a new section configuration. Section header must consist type: listen, ' - 'frontend, etc. Action header accepts next value: save, test, reload and restart. Can be empty for just save. METHOD: POST', - 'haproxy//acl': 'add an acl to certain section. Must be JSON body: "section-name", "if", "then", ' - '"if_value", "then_value" and "action" for action after upload. Action accepts next ' - 'value: "save", "test", "reload" and "restart". METHOD: POST', - 'haproxy//acl': 'delete an acl to certain section. Must be JSON body: "section-name", "if", "then", ' - '"if_value", "then_value" and "action" for action after upload. Action accepts next ' - 'value: "save", "test", "reload" and "restart". METHOD: DELETE', + 'haproxy//section/add': 'add a section to the HAProxy config by id or hostname or ip. Has to have config header with section and action header for action after upload. Section header must consist type: listen, frontend, etc. Action header accepts next value: save, test, reload and restart. Can be empty for just save. METHOD: POST', + 'haproxy//section/edit': 'edit a section in the HAProxy config by id or hostname or ip. Has to have config header with section, action header for action after upload and body of a new section configuration. Section header must consist type: listen, frontend, etc. Action header accepts next value: save, test, reload and restart. Can be empty for just save. METHOD: POST', + 'haproxy//acl': 'add an acl to certain section. Must be JSON body: "section-name", "if", "then", "if_value", "then_value" and "action" for action after upload. Action accepts next value: "save", "test", "reload" and "restart". METHOD: POST', + 'haproxy//acl': 'delete an acl to certain section. Must be JSON body: "section-name", "if", "then", "if_value", "then_value" and "action" for action after upload. Action accepts next value: "save", "test", "reload" and "restart". METHOD: DELETE', 'nginx/': 'show info about the NGINX by id or hostname or ip. METHOD: GET', 'nginx//status': 'show NGINX status by id or hostname or ip. METHOD: GET', 'nginx//action/start': 'start NGINX service by id or hostname or ip. METHOD: GET', 'nginx//action/stop': 'stop NGINX service by id or hostname or ip. METHOD: GET', 'nginx//action/restart': 'restart NGINX service by id or hostname or ip. METHOD: GET', - 'nginx//config': 'get NGINX config from a server by id or hostname or ip. Headers: The full path to a config file, ' - 'like: /etc/nginx/conf.d/default.conf. METHOD: GET', - 'nginx//config': 'upload NGINX config to a server by id or hostname or ip. Headers: action: save/reload/restart, ' - 'config-file: the full path to the config, like /etc/nginx/conf.d/example.com.conf. ' - 'Body must consist a whole HAProxy config. METHOD: POST', + 'nginx//config': 'get NGINX config from a server by id or hostname or ip. Headers: The full path to a config file, like: /etc/nginx/conf.d/default.conf. METHOD: GET', + 'nginx//config': 'upload NGINX config to a server by id or hostname or ip. Headers: action: save/reload/restart, config-file: the full path to the config, like /etc/nginx/conf.d/example.com.conf. Body must consist a whole HAProxy config. METHOD: POST', 'apache/': 'show info about the Apache by id or hostname or ip. METHOD: GET', 'apache//status': 'show Apache status by id or hostname or ip. METHOD: GET', 'apache//action/start': 'start Apache service by id or hostname or ip. METHOD: GET', 'apache//action/stop': 'stop Apache service by id or hostname or ip. METHOD: GET', 'apache//action/restart': 'restart Apache service by id or hostname or ip. METHOD: GET', - 'apache//config': 'get Apache config from a server by id or hostname or ip. Headers: The full path to a config file, ' - 'like: /etc/httpd/conf.d/default.conf. METHOD: GET', - 'apache//config': 'upload Apache config to a server by id or hostname or ip. Headers: action: save/reload/restart, config-file: ' - 'the full path to the config, like /etc/httpd/conf.d/example.com.conf. ' - 'Body must consist a whole HAProxy config. METHOD: POST', + 'apache//config': 'get Apache config from a server by id or hostname or ip. Headers: The full path to a config file, like: /etc/httpd/conf.d/default.conf. METHOD: GET', + 'apache//config': 'upload Apache config to a server by id or hostname or ip. Headers: action: save/reload/restart, config-file: the full path to the config, like /etc/httpd/conf.d/example.com.conf. Body must consist a whole HAProxy config. METHOD: POST', } return dict(help=data) diff --git a/app/create_db.py b/app/create_db.py index 2d18a0d6..6a2b486c 100644 --- a/app/create_db.py +++ b/app/create_db.py @@ -723,7 +723,7 @@ def update_db_v_6_0_1(**kwargs): def update_ver(): - query = Version.update(version='6.0.2.0') + query = Version.update(version='6.0.3.0') try: query.execute() except Exception: diff --git a/app/funct.py b/app/funct.py index 9f073d07..7e929d40 100644 --- a/app/funct.py +++ b/app/funct.py @@ -251,8 +251,8 @@ def slack_send_mess(mess, **kwargs): proxy = sql.get_setting('proxy') for slack in slacks: - slack_token = slack[1] - channel_name = slack[2] + slack_token = slack.token + channel_name = slack.chanel_name if proxy is not None and proxy != '' and proxy != 'None': proxies = dict(https=proxy, http=proxy) @@ -422,7 +422,7 @@ def get_config(server_ip, cfg, **kwargs): import sql if kwargs.get("keepalived") or kwargs.get("service") == 'keepalived': - config_path = "/etc/keepalived/keepalived.conf" + config_path = sql.get_setting('keepalived_config_path') elif ( kwargs.get("nginx") or kwargs.get("service") == 'nginx' or kwargs.get("apache") or kwargs.get("service") == 'apache' @@ -921,7 +921,7 @@ def upload_and_restart(server_ip, cfg, **kwargs): tmp_file = sql.get_setting('tmp_config_path') + "/" + get_data('config') + ".conf" elif kwargs.get("keepalived"): service = 'keepalived' - config_path = "/etc/keepalived/keepalived.conf" + config_path = sql.get_setting('keepalived_config_path') tmp_file = sql.get_setting('tmp_config_path') + "/" + get_data('config') + ".cfg" else: service = 'haproxy' @@ -1232,7 +1232,7 @@ def show_haproxy_log(serv, rows=10, waf='0', grep=None, hour='00', minut='00', h else: exgrep_act = '' - if service == 'nginx' or service == 'haproxy' or service == 'apache': + if service in ('nginx', 'haproxy', 'apache', 'keepalived'): syslog_server_enable = sql.get_setting('syslog_server_enable') if syslog_server_enable is None or syslog_server_enable == 0: if service == 'nginx': @@ -1240,7 +1240,15 @@ def show_haproxy_log(serv, rows=10, waf='0', grep=None, hour='00', minut='00', h commands = ["sudo cat %s/%s |tail -%s %s %s" % (local_path_logs, log_file, rows, grep_act, exgrep_act)] elif service == 'apache': local_path_logs = sql.get_setting('apache_path_logs') - commands = ["sudo cat %s/%s| awk -F\"/|:\" '$3>\"%s:00\" && $3<\"%s:00\"' |tail -%s %s %s" % (local_path_logs, log_file, date, date1, rows, grep_act, exgrep_act)] + commands = [ + "sudo cat %s/%s| awk -F\"/|:\" '$3>\"%s:00\" && $3<\"%s:00\"' |tail -%s %s %s" % (local_path_logs, log_file, date, date1, rows, grep_act, exgrep_act) + ] + elif service == 'keepalived': + local_path_logs = sql.get_setting('keepalived_path_logs') + commands = [ + "sudo cat %s/%s| awk '$3>\"%s:00\" && $3<\"%s:00\"' |tail -%s %s %s" % ( + local_path_logs, log_file, date, date1, rows, grep_act, exgrep_act) + ] else: local_path_logs = sql.get_setting('haproxy_path_logs') commands = ["sudo cat %s/%s| awk '$3>\"%s:00\" && $3<\"%s:00\"' |tail -%s %s %s" % (local_path_logs, log_file, date, date1, rows, grep_act, exgrep_act)] @@ -1262,7 +1270,7 @@ def show_haproxy_log(serv, rows=10, waf='0', grep=None, hour='00', minut='00', h apache_log_path = sql.get_setting('apache_log_path') if serv == 'roxy-wi.access.log': - cmd = "sudo cat {}| awk -F\"/|:\" '$3>\"{}:00\" && $3<\"{}:00\"' |tail -{} {} {}".format(apache_log_path + "/" + serv, date, date1, rows, grep_act, exgrep_act) + cmd = 'sudo cat {}| awk -F"/|:" \'$3>"{}:00" && $3<"{}:00"\' |tail -{} {} {}'.format(apache_log_path + "/" + serv, date, date1, rows, grep_act, exgrep_act) elif serv == 'roxy-wi.error.log': cmd = "sudo cat {}| awk '$4>\"{}:00\" && $4<\"{}:00\"' |tail -{} {} {}".format(apache_log_path + "/" + serv, date, date1, rows, grep_act, exgrep_act) elif serv == 'fail2ban.log': @@ -1319,7 +1327,8 @@ def haproxy_wi_log(**kwargs): group_grep = '|grep "group: ' + user_group + '"' else: group_grep = '' - cmd = "find " + log_path + "/roxy-wi-* -type f -exec stat --format '%Y :%y %n' '{}' \; | sort -nr | cut -d: -f2- | head -1 |awk '{print $4}' |xargs tail" + group_grep + "|sort -r" + cmd = "find " + log_path + "/roxy-wi-* -type f -exec stat --format '%Y :%y %n' '{}' \; | sort -nr | cut -d: -f2- " \ + "| head -1 |awk '{print $4}' |xargs tail" + group_grep + "|sort -r" try: output, stderr = subprocess_execute(cmd) return output @@ -1465,6 +1474,7 @@ def return_nice_path(return_path: str) -> str: and 'haproxy' not in return_path and 'apache2' not in return_path and 'httpd' not in return_path + and 'keepalived' not in return_path ): return 'error: The path must contain the name of the service. Check it in Roxy-WI settings' if return_path[-1] != '/': diff --git a/app/login.py b/app/login.py index d78aa268..c2f305db 100644 --- a/app/login.py +++ b/app/login.py @@ -3,13 +3,15 @@ import os import sys -import funct import http.cookies -import sql -import create_db import datetime import uuid import distro + +import sql +import create_db +import funct + from jinja2 import Environment, FileSystemLoader env = Environment(loader=FileSystemLoader('templates/'), autoescape=True) template = env.get_template('login.html') @@ -74,7 +76,7 @@ def send_cookie(login): try: user_name = sql.get_user_name_by_uuid(user_uuid) - funct.logging('localhost', ' user: ' + user_name + ', group: ' + user_group + ' log in', haproxywi=1) + funct.logging('localhost', ' user: ' + user_name + ', group: ' + user_group + ' login', haproxywi=1) except Exception: pass print("Content-type: text/html\n") diff --git a/app/options.py b/app/options.py index e6634476..7f3f702d 100644 --- a/app/options.py +++ b/app/options.py @@ -148,15 +148,24 @@ if form.getvalue('backend_ip') is not None: MASTERS = sql.is_master(serv) for master in MASTERS: if master[0] is not None: - cmd = 'echo "set server %s/%s addr %s port %s check-port %s" |nc %s %s' % (backend_backend, backend_server, backend_ip, backend_port, backend_port, master[0], haproxy_sock_port) + cmd = 'echo "set server %s/%s addr %s port %s check-port %s" |nc %s %s' % ( + backend_backend, backend_server, backend_ip, backend_port, backend_port, master[0], haproxy_sock_port) output, stderr = funct.subprocess_execute(cmd) print(output[0]) - funct.logging(master[0], 'IP address and port have been changed. On: {}/{} to {}:{}'.format(backend_backend, backend_server, backend_ip, backend_port), - login=1, keep_history=1, service='haproxy') + funct.logging( + master[0], 'IP address and port have been changed. On: {}/{} to {}:{}'.format( + backend_backend, backend_server, backend_ip, backend_port + ), + login=1, keep_history=1, service='haproxy' + ) - cmd = 'echo "set server %s/%s addr %s port %s check-port %s" |nc %s %s' % (backend_backend, backend_server, backend_ip, backend_port, backend_port, serv, haproxy_sock_port) - funct.logging(serv, 'IP address and port have been changed. On: {}/{} to {}:{}'.format(backend_backend, backend_server, backend_ip, backend_port), - login=1, keep_history=1, service='haproxy') + cmd = 'echo "set server %s/%s addr %s port %s check-port %s" |nc %s %s' % ( + backend_backend, backend_server, backend_ip, backend_port, backend_port, serv, haproxy_sock_port) + funct.logging( + serv, + 'IP address and port have been changed. On: {}/{} to {}:{}'.format(backend_backend, backend_server, backend_ip, backend_port), + login=1, keep_history=1, service='haproxy' + ) output, stderr = funct.subprocess_execute(cmd) if stderr != '': @@ -167,7 +176,9 @@ if form.getvalue('backend_ip') is not None: cfg = configs_dir + serv + "-" + funct.get_data('config') + ".cfg" error = funct.get_config(serv, cfg) - cmd = 'string=`grep %s %s -n -A25 |grep "server %s" |head -1|awk -F"-" \'{print $1}\'` && sed -Ei "$( echo $string)s/((1?[0-9][0-9]?|2[0-4][0-9]|25[0-5])\.){3}(1?[0-9][0-9]?|2[0-4][0-9]|25[0-5]):[0-9]+/%s:%s/g" %s' % (backend_backend, cfg, backend_server, backend_ip, backend_port, cfg) + cmd = 'string=`grep %s %s -n -A25 |grep "server %s" |head -1|awk -F"-" \'{print $1}\'` ' \ + '&& sed -Ei "$( echo $string)s/((1?[0-9][0-9]?|2[0-4][0-9]|25[0-5])\.){3}(1?[0-9][0-9]?|2[0-4][0-9]|25[0-5]):[0-9]+/%s:%s/g" %s' % \ + (backend_backend, cfg, backend_server, backend_ip, backend_port, cfg) output, stderr = funct.subprocess_execute(cmd) stderr = funct.master_slave_upload_and_restart(serv, cfg, just_save='save') @@ -210,7 +221,8 @@ if form.getvalue('maxconn_frontend') is not None: cfg = configs_dir + serv + "-" + funct.get_data('config') + ".cfg" error = funct.get_config(serv, cfg) - cmd = 'string=`grep %s %s -n -A5 |grep maxcon -n |awk -F":" \'{print $2}\'|awk -F"-" \'{print $1}\'` && sed -Ei "$( echo $string)s/[0-9]+/%s/g" %s' % (frontend, cfg, maxconn, cfg) + cmd = 'string=`grep %s %s -n -A5 |grep maxcon -n |awk -F":" \'{print $2}\'|awk -F"-" \'{print $1}\'` ' \ + '&& sed -Ei "$( echo $string)s/[0-9]+/%s/g" %s' % (frontend, cfg, maxconn, cfg) output, stderr = funct.subprocess_execute(cmd) stderr = funct.master_slave_upload_and_restart(serv, cfg, just_save='save') print('success: Maxconn for %s has been set to %s ' % (frontend, maxconn)) @@ -495,12 +507,14 @@ if form.getvalue('action_service') is not None: elif action == "start": cmd = "sudo systemctl enable %s --now" % serv if not sql.select_user_status(): - print('warning: The service is disabled because you are not subscribed. Read here about subscriptions') + print('warning: The service is disabled because you are not subscribed. Read here about subscriptions') sys.exit() elif action == "restart": cmd = "sudo systemctl restart %s --now" % serv if not sql.select_user_status(): - print('warning: The service is disabled because you are not subscribed. Read here about subscriptions') + print('warning: The service is disabled because you are not subscribed. Read here about subscriptions') sys.exit() if is_in_docker: cmd = "sudo supervisorctl " + action + " " + serv @@ -1277,14 +1291,17 @@ if form.getvalue('master'): master = form.getvalue('master') slave = form.getvalue('slave') ETH = form.getvalue('interface') + ETH_SLAVE = form.getvalue('slave_interface') IP = form.getvalue('vrrpip') syn_flood = form.getvalue('syn_flood') virt_server = form.getvalue('virt_server') return_to_master = form.getvalue('return_to_master') haproxy = form.getvalue('hap') nginx = form.getvalue('nginx') + router_id = form.getvalue('router_id') script = "install_keepalived.sh" proxy = sql.get_setting('proxy') + keepalived_path_logs = sql.get_setting('keepalived_path_logs') ssh_port = 22 ssh_enable, ssh_user_name, ssh_user_password, ssh_key_name = funct.return_ssh_keys_path(master) @@ -1303,9 +1320,9 @@ if form.getvalue('master'): os.system("cp scripts/%s ." % script) commands = [ - "chmod +x " + script + " && ./" + script + " PROXY=" + proxy_serv + " SSH_PORT=" + ssh_port - + " ETH=" + ETH + " IP=" + str(IP) + " MASTER=MASTER" + " RETURN_TO_MASTER=" + return_to_master - + " SYN_FLOOD=" + syn_flood + " HOST=" + str(master) + "chmod +x " + script + " && ./" + script + " PROXY=" + proxy_serv + " SSH_PORT=" + ssh_port + " router_id=" + router_id + + " ETH=" + ETH + " IP=" + str(IP) + " MASTER=MASTER" + " ETH_SLAVE=" + ETH_SLAVE + " keepalived_path_logs=" + keepalived_path_logs + + " RETURN_TO_MASTER=" + return_to_master + " SYN_FLOOD=" + syn_flood + " HOST=" + str(master) + " USER=" + str(ssh_user_name) + " PASS='" + str(ssh_user_password) + "' KEY=" + str(ssh_key_name) ] @@ -1324,10 +1341,13 @@ if form.getvalue('master_slave'): master = form.getvalue('master_slave') slave = form.getvalue('slave') ETH = form.getvalue('interface') + ETH_SLAVE = form.getvalue('slave_interface') IP = form.getvalue('vrrpip') syn_flood = form.getvalue('syn_flood') + router_id = form.getvalue('router_id') script = "install_keepalived.sh" proxy = sql.get_setting('proxy') + keepalived_path_logs = sql.get_setting('keepalived_path_logs') ssh_port = 22 ssh_enable, ssh_user_name, ssh_user_password, ssh_key_name = funct.return_ssh_keys_path(slave) @@ -1346,9 +1366,10 @@ if form.getvalue('master_slave'): os.system("cp scripts/%s ." % script) commands = [ - "chmod +x " + script + " && ./" + script + " PROXY=" + proxy_serv + " SSH_PORT=" + ssh_port - + " ETH=" + ETH + " IP=" + IP + " MASTER=BACKUP" + " HOST=" + str(slave) - + " USER=" + str(ssh_user_name) + " PASS='" + str(ssh_user_password) + "' KEY=" + str(ssh_key_name) + "chmod +x " + script + " && ./" + script + " PROXY=" + proxy_serv + " SSH_PORT=" + ssh_port + " router_id=" + router_id + + " ETH=" + ETH + " IP=" + IP + " MASTER=BACKUP" + " ETH_SLAVE=" + ETH_SLAVE + " keepalived_path_logs=" + keepalived_path_logs + + " HOST=" + str(slave) + " USER=" + str(ssh_user_name) + " PASS='" + str(ssh_user_password) + + "' KEY=" + str(ssh_key_name) ] output, error = funct.subprocess_execute(commands[0]) @@ -1363,11 +1384,14 @@ if form.getvalue('masteradd'): master = form.getvalue('masteradd') slave = form.getvalue('slaveadd') ETH = form.getvalue('interfaceadd') + SLAVE_ETH = form.getvalue('slave_interfaceadd') IP = form.getvalue('vrrpipadd') + router_id = form.getvalue('router_id') kp = form.getvalue('kp') return_to_master = form.getvalue('return_to_master') script = "install_keepalived.sh" proxy = sql.get_setting('proxy') + keepalived_path_logs = sql.get_setting('keepalived_path_logs') ssh_port = 22 ssh_enable, ssh_user_name, ssh_user_password, ssh_key_name = funct.return_ssh_keys_path(master) @@ -1386,9 +1410,9 @@ if form.getvalue('masteradd'): ssh_port = str(server[10]) commands = [ - "chmod +x " + script + " && ./" + script + " PROXY=" + proxy_serv - + " SSH_PORT=" + ssh_port + " ETH=" + ETH + " RETURN_TO_MASTER=" + return_to_master - + " IP=" + str(IP) + " MASTER=MASTER" + " RESTART=" + kp + " ADD_VRRP=1 HOST=" + str(master) + "chmod +x " + script + " && ./" + script + " PROXY=" + proxy_serv + " SSH_PORT=" + ssh_port + " ETH=" + ETH + + " SLAVE_ETH=" + SLAVE_ETH + " keepalived_path_logs=" + keepalived_path_logs + " RETURN_TO_MASTER=" + return_to_master + + " IP=" + str(IP) + " MASTER=MASTER" + " RESTART=" + kp + " ADD_VRRP=1 HOST=" + str(master) + " router_id=" + router_id + " USER=" + str(ssh_user_name) + " PASS='" + str(ssh_user_password) + "' KEY=" + str(ssh_key_name) ] @@ -1400,10 +1424,13 @@ if form.getvalue('masteradd_slave'): master = form.getvalue('masteradd_slave') slave = form.getvalue('slaveadd') ETH = form.getvalue('interfaceadd') + SLAVE_ETH = form.getvalue('slave_interfaceadd') IP = form.getvalue('vrrpipadd') + router_id = form.getvalue('router_id') kp = form.getvalue('kp') script = "install_keepalived.sh" proxy = sql.get_setting('proxy') + keepalived_path_logs = sql.get_setting('keepalived_path_logs') ssh_port = 22 ssh_enable, ssh_user_name, ssh_user_password, ssh_key_name = funct.return_ssh_keys_path(slave) @@ -1423,8 +1450,8 @@ if form.getvalue('masteradd_slave'): commands = [ "chmod +x " + script + " && ./" + script + " PROXY=" + proxy_serv - + " SSH_PORT=" + ssh_port + " ETH=" + ETH - + " IP=" + str(IP) + " MASTER=BACKUP" + " RESTART=" + kp + " ADD_VRRP=1 HOST=" + str(slave) + + " SSH_PORT=" + ssh_port + " ETH=" + ETH + " SLAVE_ETH=" + SLAVE_ETH + " keepalived_path_logs=" + keepalived_path_logs + + " IP=" + str(IP) + " MASTER=BACKUP" + " RESTART=" + kp + " ADD_VRRP=1 HOST=" + str(slave) + " router_id=" + router_id + " USER=" + str(ssh_user_name) + " PASS='" + str(ssh_user_password) + "' KEY=" + str(ssh_key_name) ] @@ -2556,7 +2583,7 @@ if form.getvalue('slackdel') is not None: slack = sql.select_slack(id=slackdel) slack_name = '' for t in slack: - slack_name = t[1] + slack_name = t.chanel_name if sql.delete_slack(slackdel): print("Ok") funct.logging('localhost', 'The Slack channel ' + slack_name + ' has been deleted ', haproxywi=1, login=1) @@ -3889,7 +3916,7 @@ if form.getvalue('loadservices'): if form.getvalue('loadchecker'): from jinja2 import Environment, FileSystemLoader - env = Environment(loader=FileSystemLoader('templates')) + env = Environment(loader=FileSystemLoader('templates'), autoescape=True) template = env.get_template('ajax/load_telegram.html') services = funct.get_services_status() groups = sql.select_groups() diff --git a/app/scripts/ansible/roles/keepalived/handlers/main.yml b/app/scripts/ansible/roles/keepalived/handlers/main.yml index 217f9063..cacb44d5 100644 --- a/app/scripts/ansible/roles/keepalived/handlers/main.yml +++ b/app/scripts/ansible/roles/keepalived/handlers/main.yml @@ -1,3 +1,6 @@ --- - name: restart keepalived - service: name=keepalived state=restarted \ No newline at end of file + service: name=keepalived state=restarted + +- name: restart rsyslog + service: name=restart state=restarted diff --git a/app/scripts/ansible/roles/keepalived/tasks/install.yml b/app/scripts/ansible/roles/keepalived/tasks/install.yml index b723461a..438d5ec8 100644 --- a/app/scripts/ansible/roles/keepalived/tasks/install.yml +++ b/app/scripts/ansible/roles/keepalived/tasks/install.yml @@ -3,7 +3,6 @@ package_facts: manager: "auto" - - name: install EPEL Repository yum: name: epel-release @@ -16,10 +15,23 @@ http_proxy: "{{PROXY}}" https_proxy: "{{PROXY}}" +- name: Creates log directory + file: + path: "{{keepalived_path_logs}}" + state: directory + +- name: Copy keepalived configuration for rsyslog. + template: + src: rsyslog.conf.j2 + dest: /etc/rsyslog.d/50-keepalived.conf + mode: 0644 + notify: restart rsyslog - name: Install the latest version of Keepalived package: - name: keepalived + name: + - keepalived + - psmisc state: present when: "'keepalived' not in ansible_facts.packages" environment: diff --git a/app/scripts/ansible/roles/keepalived/templates/add_vrrp.conf.j2 b/app/scripts/ansible/roles/keepalived/templates/add_vrrp.conf.j2 index 28e5c8f1..2303a8f0 100644 --- a/app/scripts/ansible/roles/keepalived/templates/add_vrrp.conf.j2 +++ b/app/scripts/ansible/roles/keepalived/templates/add_vrrp.conf.j2 @@ -1,6 +1,6 @@ vrrp_instance VI_{{IP}} { state {{MASTER}} - interface {{ETH}} + interface {% if MASTER == 'MASTER' %}{{ETH}} {% else %} {{ETH_SLAVE}} {% endif %} virtual_router_id {{ router_id }} priority {% if RETURN_TO_MASTER == 1 and MASTER == 'MASTER' %}152{% elif MASTER == 'MASTER' and RETURN_TO_MASTER == 0 %}102{% else %}101{%endif%} diff --git a/app/scripts/ansible/roles/keepalived/templates/keepalived.conf.j2 b/app/scripts/ansible/roles/keepalived/templates/keepalived.conf.j2 index 994de418..c373937b 100644 --- a/app/scripts/ansible/roles/keepalived/templates/keepalived.conf.j2 +++ b/app/scripts/ansible/roles/keepalived/templates/keepalived.conf.j2 @@ -9,7 +9,8 @@ vrrp_script chk_haproxy { } vrrp_instance VI_1 { state {{MASTER}} - interface {{ETH}} + interface {% if MASTER == 'MASTER' %}{{ETH}} {% else %} {{ETH_SLAVE}} {% endif %} + virtual_router_id {{router_id}} priority {% if RETURN_TO_MASTER == '1' and MASTER == 'MASTER' %}152{% elif MASTER == 'MASTER' and RETURN_TO_MASTER == '0' %}102{% else %}101{%endif%} diff --git a/app/scripts/ansible/roles/keepalived/templates/rsyslog.conf.j2 b/app/scripts/ansible/roles/keepalived/templates/rsyslog.conf.j2 new file mode 100644 index 00000000..a909505c --- /dev/null +++ b/app/scripts/ansible/roles/keepalived/templates/rsyslog.conf.j2 @@ -0,0 +1,15 @@ +$ModLoad imudp +$UDPServerAddress 127.0.0.1 +$UDPServerRun 514 + +if $programname startswith 'Keepalived_vrrp' then { + if $syslogseverity == 6 then + action(type="omfile" file="{{keepalived_path_logs}}/status.log") + stop + if $syslogseverity <= 3 then + action(type="omfile" file="{{keepalived_path_logs}}/error.log") + stop + if $syslogseverity <= 5 then + action(type="omfile" file="{{keepalived_path_logs}}/status.log") + stop +} diff --git a/app/scripts/install_keepalived.sh b/app/scripts/install_keepalived.sh index ac63ecf7..23bbf17a 100644 --- a/app/scripts/install_keepalived.sh +++ b/app/scripts/install_keepalived.sh @@ -5,19 +5,22 @@ do VALUE=$(echo $ARGUMENT | cut -f2 -d=) case "$KEY" in - PROXY) PROXY=${VALUE} ;; - MASTER) MASTER=${VALUE} ;; - ETH) ETH=${VALUE} ;; - IP) IP=${VALUE} ;; - HOST) HOST=${VALUE} ;; - USER) USER=${VALUE} ;; - PASS) PASS=${VALUE} ;; - KEY) KEY=${VALUE} ;; + PROXY) PROXY=${VALUE} ;; + MASTER) MASTER=${VALUE} ;; + ETH) ETH=${VALUE} ;; + ETH_SLAVE) ETH_SLAVE=${VALUE} ;; + keepalived_path_logs) keepalived_path_logs=${VALUE} ;; + IP) IP=${VALUE} ;; + HOST) HOST=${VALUE} ;; + USER) USER=${VALUE} ;; + router_id) router_id=${VALUE} ;; + PASS) PASS=${VALUE} ;; + KEY) KEY=${VALUE} ;; SYN_FLOOD) SYN_FLOOD=${VALUE} ;; - RESTART) RESTART=${VALUE} ;; + RESTART) RESTART=${VALUE} ;; RETURN_TO_MASTER) RETURN_TO_MASTER=${VALUE} ;; - ADD_VRRP) ADD_VRRP=${VALUE} ;; - SSH_PORT) SSH_PORT=${VALUE} ;; + ADD_VRRP) ADD_VRRP=${VALUE} ;; + SSH_PORT) SSH_PORT=${VALUE} ;; *) esac done @@ -31,12 +34,11 @@ export COMMAND_WARNINGS=False PWD=`pwd` PWD=$PWD/scripts/ansible/ echo "$HOST ansible_port=$SSH_PORT" > $PWD/$HOST -router_id=`echo $((1 + $RANDOM % 255))` if [[ $KEY == "" ]]; then - ansible-playbook $PWD/roles/keepalived.yml -e "ansible_user=$USER ansible_ssh_pass='$PASS' variable_host=$HOST SYN_FLOOD=$SYN_FLOOD PROXY=$PROXY MASTER=$MASTER ETH=$ETH IP=$IP RESTART=$RESTART RETURN_TO_MASTER=$RETURN_TO_MASTER ADD_VRRP=$ADD_VRRP router_id=$router_id SSH_PORT=$SSH_PORT" -i $PWD/$HOST + ansible-playbook $PWD/roles/keepalived.yml -e "ansible_user=$USER ansible_ssh_pass='$PASS' variable_host=$HOST SYN_FLOOD=$SYN_FLOOD PROXY=$PROXY MASTER=$MASTER ETH=$ETH ETH_SLAVE=$ETH_SLAVE keepalived_path_logs=$keepalived_path_logs IP=$IP RESTART=$RESTART RETURN_TO_MASTER=$RETURN_TO_MASTER ADD_VRRP=$ADD_VRRP router_id=$router_id SSH_PORT=$SSH_PORT" -i $PWD/$HOST else - ansible-playbook $PWD/roles/keepalived.yml --key-file $KEY -e "ansible_user=$USER variable_host=$HOST SYN_FLOOD=$SYN_FLOOD PROXY=$PROXY MASTER=$MASTER ETH=$ETH IP=$IP RESTART=$RESTART RETURN_TO_MASTER=$RETURN_TO_MASTER ADD_VRRP=$ADD_VRRP router_id=$router_id SSH_PORT=$SSH_PORT" -i $PWD/$HOST + ansible-playbook $PWD/roles/keepalived.yml --key-file $KEY -e "ansible_user=$USER variable_host=$HOST SYN_FLOOD=$SYN_FLOOD PROXY=$PROXY MASTER=$MASTER ETH=$ETH ETH_SLAVE=$ETH_SLAVE keepalived_path_logs=$keepalived_path_logs IP=$IP RESTART=$RESTART RETURN_TO_MASTER=$RETURN_TO_MASTER ADD_VRRP=$ADD_VRRP router_id=$router_id SSH_PORT=$SSH_PORT" -i $PWD/$HOST fi if [ $? -gt 0 ] diff --git a/app/sql.py b/app/sql.py index 71befcc7..5a8c1375 100755 --- a/app/sql.py +++ b/app/sql.py @@ -1038,9 +1038,9 @@ def select_telegram(**kwargs): return query_res -def insert_new_telegram(token, chanel, group): +def insert_new_telegram(token, channel, group): try: - Telegram.insert(token=token, chanel_name=chanel, groups=group).execute() + Telegram.insert(token=token, chanel_name=channel, groups=group).execute() except Exception as e: out_error(e) return False @@ -1048,8 +1048,8 @@ def insert_new_telegram(token, chanel, group): return True -def update_telegram(token, chanel, group, telegram_id): - telegram_update = Telegram.update(token=token, chanel_name=chanel, groups=group).where(Telegram.id == telegram_id) +def update_telegram(token, channel, group, telegram_id): + telegram_update = Telegram.update(token=token, chanel_name=channel, groups=group).where(Telegram.id == telegram_id) try: telegram_update.execute() except Exception as e: diff --git a/app/templates/base.html b/app/templates/base.html index 17d13216..56a80e4f 100644 --- a/app/templates/base.html +++ b/app/templates/base.html @@ -119,6 +119,7 @@
  • Overview
  • HA
  • Configs
    • +
  • Logs
  • Versions
    • diff --git a/app/templates/ha.html b/app/templates/ha.html index c15b9e96..c6812bfe 100644 --- a/app/templates/ha.html +++ b/app/templates/ha.html @@ -17,9 +17,9 @@ Master Current installation Slave - Interface + Master Interface + Slave Interface VRRP IP - Add VIRT @@ -41,13 +41,13 @@ {% endfor %} - {{ input('interface', size='7', title='Interface for VRRP address') }} + {{ input('interface', size='7', title='Interface for VRRP address on a Master server') }} + {{ input('slave_interface', size='7', title='Interface for VRRP address a Slave server') }} {{ input('vrrp-ip', size='14') }} - {{ checkbox('virt_server', title='Roxy-WI will add VRRP address as a separated server', checked='checked') }} - + Add VIRT Return to Master state SYN-flood protection HAProxy @@ -59,7 +59,7 @@ - + {{ checkbox('virt_server', title='Roxy-WI will add VRRP address as a separated server', checked='checked') }} {{ checkbox('return_to_master', checked='checked') }} {{ checkbox('syn_flood') }} {{ checkbox('hap', title='Roxy-WI will try to install HAProxy') }} @@ -80,11 +80,9 @@ Master Current installation Slave - Interface + Master Interface + Slave Interface VRRP IP - Restart - Return to Master state - @@ -106,8 +104,24 @@ {{ input('interface-add', size='7', title='Interface for VRRP address') }} + {{ input('slave_interface-add', size='7', title='Interface for VRRP address') }} {{ input('vrrp-ip-add', size='14') }} - {{ checkbox('kp', title='If checked Roxy-WI will restart Keepalived') }} + + + + + + + Restart + Return to Master state + + + + + + + + {{ checkbox('kp', title='If checked Roxy-WI will restart Keepalived') }} {{ checkbox('add_return_to_master', checked='checked') }} diff --git a/app/templates/hapservers.html b/app/templates/hapservers.html index e331cac1..f0b3cb65 100644 --- a/app/templates/hapservers.html +++ b/app/templates/hapservers.html @@ -278,9 +278,7 @@ {% if service != 'keepalived' and service != 'apache' %} Stat {% endif %} - {% if service != 'keepalived' %} Logs - {% endif %} {% if role <= 2 %} Versions {% endif %} diff --git a/app/templates/include/add_proxy.html b/app/templates/include/add_proxy.html index b746847d..abecaa97 100644 --- a/app/templates/include/add_proxy.html +++ b/app/templates/include/add_proxy.html @@ -17,7 +17,7 @@
    - Create Listen + Create Listener
    A "listen" section defines a complete proxy with its frontend and backend parts combined in one section. It is generally useful for TCP-only traffic. @@ -27,7 +27,7 @@
    - Create HTTP Listen + Create HTTP Listener
    Create HTTP proxy @@ -37,7 +37,7 @@
    - Create SSL Listen + Create SSL Listener
    Create HTTPS Proxy with the SSL termination on HAProxy and SSL offload. @@ -48,7 +48,7 @@
    - Create HTTPS Listen + Create HTTPS Listener
    Create HTTPS Proxy without the SSL termination on HAProxy and SSL offload. HAProxy will send to backends HTTPS traffic diff --git a/app/templates/servers.html b/app/templates/servers.html index 5172a8bd..b4ce63f9 100644 --- a/app/templates/servers.html +++ b/app/templates/servers.html @@ -59,8 +59,8 @@ {% set values = dict() %} {% set values = {'2.0.5-1':'2.0.5-1','2.2.4-1':'2.2.4-1','2.3.0-1':'2.3.0-1','2.3.10-1':'2.3.10-1', - '2.4.0-1':'2.4.0-1','2.4.9-1':'2.4.9-1','2.4.15-1':'2.4.15-1','2.5.1-1':'2.5.1-1'} %} - {{ select('hapver', values=values, selected='2.5.1-1', required='required') }} + '2.4.0-1':'2.4.0-1','2.4.9-1':'2.4.9-1','2.4.15-1':'2.4.15-1','2.5.1-1':'2.5.1-1','2.6.0-1':'2.6.0-1'} %} + {{ select('hapver', values=values, selected='2.6.0-1', required='required') }}