From 3e974166a8d5cc1c9efe6de2fb847e40fcb77fb2 Mon Sep 17 00:00:00 2001 From: Pavel Loginov Date: Mon, 10 Aug 2020 20:32:44 +0200 Subject: [PATCH] v4.4.2.0 Changelog: https://haproxy-wi.org/changelog.py#4_4_2 --- app/create_db.py | 2 +- app/haproxy-wi.db.sql | 2 +- app/servers.py | 11 +- app/sql.py | 132 +++++++++++++++++++--- app/templates/admin.html | 45 +------- app/templates/base.html | 1 + app/templates/include/admin_settings.html | 43 +++++++ app/templates/servers.html | 6 + inc/script.js | 17 ++- 9 files changed, 191 insertions(+), 68 deletions(-) create mode 100644 app/templates/include/admin_settings.html diff --git a/app/create_db.py b/app/create_db.py index cabb136..fc458b0 100644 --- a/app/create_db.py +++ b/app/create_db.py @@ -125,7 +125,7 @@ def create_table(**kwargs): CREATE TABLE IF NOT EXISTS `token` (`user_id` INTEGER, `token` varchar(64), `exp` timestamp default '0000-00-00 00:00:00'); CREATE TABLE IF NOT EXISTS `telegram` (`id` integer primary key autoincrement, `token` VARCHAR ( 64 ), `chanel_name` INTEGER NOT NULL DEFAULT 1, `groups` INTEGER NOT NULL DEFAULT 1); CREATE TABLE IF NOT EXISTS `metrics` (`serv` varchar(64), curr_con INTEGER, cur_ssl_con INTEGER, sess_rate INTEGER, max_sess_rate INTEGER,`date` timestamp default '0000-00-00 00:00:00'); - CREATE TABLE IF NOT EXISTS `settings` (`param` varchar(64) UNIQUE, value varchar(64), section varchar(64), `desc` varchar(100), `group` INTEGER NOT NULL DEFAULT 1); + CREATE TABLE IF NOT EXISTS `settings` (`param` varchar(64), value varchar(64), section varchar(64), `desc` varchar(100), `group` INTEGER NOT NULL DEFAULT 1, UNIQUE(param, `group`)); CREATE TABLE IF NOT EXISTS `version` (`version` varchar(64)); CREATE TABLE IF NOT EXISTS `options` ( `id` INTEGER NOT NULL, `options` VARCHAR ( 64 ), `groups` VARCHAR ( 120 ), PRIMARY KEY(`id`)); CREATE TABLE IF NOT EXISTS `saved_servers` ( `id` INTEGER NOT NULL, `server` VARCHAR ( 64 ), `description` VARCHAR ( 120 ), `groups` VARCHAR ( 120 ), PRIMARY KEY(`id`)); diff --git a/app/haproxy-wi.db.sql b/app/haproxy-wi.db.sql index f34e758..501b1a9 100644 --- a/app/haproxy-wi.db.sql +++ b/app/haproxy-wi.db.sql @@ -14,7 +14,7 @@ CREATE TABLE IF NOT EXISTS `token` (`user_id` INTEGER, `token` varchar(64), `exp CREATE TABLE IF NOT EXISTS `cred` (`id` integer primary key AUTO_INCREMENT, `name` VARCHAR ( 64 ), `enable` INTEGER NOT NULL DEFAULT 1, `username` VARCHAR ( 64 ) NOT NULL, `password` VARCHAR ( 64 ) NOT NULL, groups INTEGER NOT NULL DEFAULT 1, CREATE TABLE IF NOT EXISTS `cred` (`id` integer primary key AUTO_INCREMENT, `name` VARCHAR ( 64 ), `enable` INTEGER NOT NULL DEFAULT 1, `username` VARCHAR ( 64 ) NOT NULL, `password` VARCHAR ( 64 ) NOT NULL, groups INTEGER NOT NULL DEFAULT 1, UNIQUE(name,groups)); CREATE TABLE IF NOT EXISTS `telegram` (`id` integer primary key auto_increment, `token` VARCHAR ( 64 ), `chanel_name` INTEGER NOT NULL DEFAULT 1, `groups` INTEGER NOT NULL DEFAULT 1); CREATE TABLE IF NOT EXISTS `metrics` (`serv` varchar(64), curr_con INTEGER, cur_ssl_con INTEGER, sess_rate INTEGER, max_sess_rate INTEGER,`date` DATETIME default '0000-00-00 00:00:00'); -CREATE TABLE IF NOT EXISTS `settings` (`param` varchar(64) UNIQUE, value varchar(64), section varchar(64), `desc` varchar(100), `group` INTEGER NOT NULL DEFAULT 1); +CREATE TABLE IF NOT EXISTS `settings` (`param` varchar(64), value varchar(64), section varchar(64), `desc` varchar(100), `group` INTEGER NOT NULL DEFAULT 1, UNIQUE(param, `group`)); CREATE TABLE IF NOT EXISTS `version` (`version` varchar(64)); CREATE TABLE IF NOT EXISTS `options` ( `id` INTEGER NOT NULL, `options` VARCHAR ( 64 ), `groups` VARCHAR ( 120 ), PRIMARY KEY(`id`)); CREATE TABLE IF NOT EXISTS `saved_servers` ( `id` INTEGER NOT NULL, `server` VARCHAR ( 64 ), `description` VARCHAR ( 120 ), `groups` VARCHAR ( 120 ), PRIMARY KEY(`id`)); diff --git a/app/servers.py b/app/servers.py index 4d93cf6..20693de 100644 --- a/app/servers.py +++ b/app/servers.py @@ -1,6 +1,8 @@ #!/usr/bin/env python3 import funct import sql +import http.cookies +import os from jinja2 import Environment, FileSystemLoader env = Environment(extensions=["jinja2.ext.do"],loader=FileSystemLoader('templates/'), autoescape=True) template = env.get_template('servers.html') @@ -8,16 +10,16 @@ form = funct.form print('Content-type: text/html\n') funct.check_login() -funct.page_for_admin(level = 2) +funct.page_for_admin(level=2) try: user, user_id, role, token, servers = funct.get_users_params() ldap_enable = sql.get_setting('ldap_enable') grafana, stderr = funct.subprocess_execute("service grafana-server status |grep Active |awk '{print $1}'") - import http.cookies, os cookie = http.cookies.SimpleCookie(os.environ.get("HTTP_COOKIE")) group = cookie.get('group') user_group = group.value -except: + settings = sql.get_setting('', all=1) +except Exception as e: pass @@ -34,8 +36,9 @@ output_from_parsed_template = template.render(title = "Servers: ", telegrams = sql.get_user_telegram_by_group(user_group), token = token, versions = funct.versions(), + settings = settings, backups = sql.select_backups(), grafana = ''.join(grafana), - page = "servers.py", + page = "servers.py", ldap_enable = ldap_enable) print(output_from_parsed_template) diff --git a/app/sql.py b/app/sql.py index 1bc2715..d996f17 100644 --- a/app/sql.py +++ b/app/sql.py @@ -130,7 +130,7 @@ def delete_user(id): funct.out_error(e) con.rollback() return False - else: + else: return True cur.close() con.close() @@ -146,10 +146,92 @@ def add_group(name, description): con.rollback() return False else: + sql = """select last_insert_rowid()""" + try: + cur.execute(sql) + con.commit() + except sqltool.Error as e: + funct.out_error(e) + con.rollback() + else: + for g in cur.fetchall(): + group_id = g[0] + add_setting_for_new_group(group_id) + return True + cur.close() - con.close() - + con.close() + + +def add_setting_for_new_group(group_id): + con, cur = get_cur() + group_id = str(group_id) + sql = list() + sql.append("INSERT INTO settings (param, value, section, `desc`, `group`) values('time_zone', 'UTC', 'main', 'Time Zone','" + group_id + "');") + sql.append("INSERT INTO settings (param, value, section, `desc`, `group`) values('proxy', '', 'main', 'Proxy server. Use proto://ip:port','" + group_id + "');") + sql.append("INSERT INTO settings (param, value, section, `desc`, `group`) values('session_ttl', '5', 'main', 'Time to live users sessions. In days', '" + group_id + "')") + sql.append("INSERT INTO settings (param, value, section, `desc`, `group`) values('token_ttl', '5', 'main', 'Time to live users tokens. In days','" + group_id + "');") + sql.append("INSERT INTO settings (param, value, section, `desc`, `group`) values('tmp_config_path', '/tmp/', 'main', 'Temp store configs, for check. Path must exist','" + group_id + "');") + sql.append("INSERT INTO settings (param, value, section, `desc`, `group`) values('cert_path', '/etc/ssl/certs/', 'main', 'Path to SSL dir. Folder owner must be a user which set in the SSH settings. Path must exist','" + group_id + "');") + sql.append("INSERT INTO settings (param, value, section, `desc`, `group`) values('local_path_logs', '/var/log/haproxy.log', 'logs', 'Logs save locally, enabled by default','" + group_id + "');") + sql.append("INSERT INTO settings (param, value, section, `desc`, `group`) values('syslog_server_enable', '0', 'logs', 'If exist syslog server for HAproxy logs, enable this option','" + group_id + "');") + sql.append("INSERT INTO settings (param, value, section, `desc`, `group`) values('syslog_server', '0', 'logs', 'IP address syslog server','" + group_id + "');") + sql.append("INSERT INTO settings (param, value, section, `desc`, `group`) values('log_time_storage', '14', 'logs', 'Time of storage of logs of user activity, in days','" + group_id + "');") + sql.append("INSERT INTO settings (param, value, section, `desc`, `group`) values('stats_user', 'admin', 'haproxy', 'Username for Stats web page HAproxy','" + group_id + "');") + sql.append("INSERT INTO settings (param, value, section, `desc`, `group`) values('stats_password', 'password', 'haproxy', 'Password for Stats web page HAproxy','" + group_id + "');") + sql.append("INSERT INTO settings (param, value, section, `desc`, `group`) values('stats_port', '8085', 'haproxy', 'Port Stats web page HAproxy','" + group_id + "');") + sql.append("INSERT INTO settings (param, value, section, `desc`, `group`) values('stats_page', 'stats', 'haproxy', 'URI Stats web page HAproxy','" + group_id + "');") + sql.append("INSERT INTO settings (param, value, section, `desc`, `group`) values('haproxy_dir', '/etc/haproxy/', 'haproxy', 'Path to HAProxy dir','" + group_id + "');") + sql.append("INSERT INTO settings (param, value, section, `desc`, `group`) values('haproxy_config_path', '/etc/haproxy/haproxy.cfg', 'haproxy', 'Path to HAProxy config','" + group_id + "');") + sql.append("INSERT INTO settings (param, value, section, `desc`, `group`) values('server_state_file', '/etc/haproxy/haproxy.state', 'haproxy', 'Path to HAProxy state file','" + group_id + "');") + sql.append("INSERT INTO settings (param, value, section, `desc`, `group`) values('haproxy_sock', '/var/run/haproxy.sock', 'haproxy', 'Path to HAProxy sock file','" + group_id + "');") + sql.append("INSERT INTO settings (param, value, section, `desc`, `group`) values('haproxy_sock_port', '1999', 'haproxy', 'HAProxy sock port','" + group_id + "');") + sql.append("INSERT INTO settings (param, value, section, `desc`, `group`) values('firewall_enable', '0', 'haproxy', 'If enable this option Haproxy-wi will be configure firewalld based on config port','" + group_id + "');") + sql.append("INSERT INTO settings (param, value, section, `desc`, `group`) values('nginx_path_error_logs', '/var/log/nginx/error.log', 'nginx', 'Nginx error log','" + group_id + "');") + sql.append("INSERT INTO settings (param, value, section, `desc`, `group`) values('nginx_stats_user', 'admin', 'nginx', 'Username for Stats web page Nginx','" + group_id + "');") + sql.append("INSERT INTO settings (param, value, section, `desc`, `group`) values('nginx_stats_password', 'password', 'nginx', 'Password for Stats web page Nginx','" + group_id + "');") + sql.append("INSERT INTO settings (param, value, section, `desc`, `group`) values('nginx_stats_port', '8086', 'nginx', 'Stats port for web page Nginx','" + group_id + "');") + sql.append("INSERT INTO settings (param, value, section, `desc`, `group`) values('nginx_stats_page', 'stats', 'nginx', 'URI Stats for web page Nginx','" + group_id + "');") + sql.append("INSERT INTO settings (param, value, section, `desc`, `group`) values('nginx_dir', '/etc/nginx/conf.d/', 'nginx', 'Path to Nginx dir','" + group_id + "');") + sql.append("INSERT INTO settings (param, value, section, `desc`, `group`) values('nginx_config_path', '/etc/nginx/conf.d/default.conf', 'nginx', 'Path to Nginx config','" + group_id + "');") + sql.append("INSERT INTO settings (param, value, section, `desc`, `group`) values('ldap_enable', '0', 'ldap', 'If 1 ldap enabled', " + group_id + ");") + sql.append("INSERT INTO settings (param, value, section, `desc`, `group`) values('ldap_server', '', 'ldap', 'IP address ldap server', " + group_id + ");") + sql.append("INSERT INTO settings (param, value, section, `desc`, `group`) values('ldap_port', '389', 'ldap', 'Default port is 389 or 636', " + group_id + ");") + sql.append("INSERT INTO settings (param, value, section, `desc`, `group`) values('ldap_user', '', 'ldap', 'Login for connect to LDAP server. Enter: user@domain.com', " + group_id + ");") + sql.append("INSERT INTO settings (param, value, section, `desc`, `group`) values('ldap_password', '', 'ldap', 'Password for connect to LDAP server', " + group_id + ");") + sql.append("INSERT INTO settings (param, value, section, `desc`, `group`) values('ldap_base', '', 'ldap', 'Base domain. Example: dc=domain, dc=com', " + group_id + ");") + sql.append("INSERT INTO settings (param, value, section, `desc`, `group`) values('ldap_domain', '', 'ldap', 'Domain for login, that after @, like user@domain.com, without user@', " + group_id + ");") + sql.append("INSERT INTO settings (param, value, section, `desc`, `group`) values('ldap_class_search', 'user', 'ldap', 'Class to search user', " + group_id + ");") + sql.append("INSERT INTO settings (param, value, section, `desc`, `group`) values('ldap_user_attribute', 'sAMAccountName', 'ldap', 'User attribute for search', " + group_id + ");") + sql.append("INSERT INTO settings (param, value, section, `desc`, `group`) values('ldap_search_field', 'mail', 'ldap', 'Field where user e-mail saved', " + group_id + ");") + + for i in sql: + try: + cur.execute(i) + con.commit() + except sqltool.Error as e: + funct.out_error(e) + else: + return True + cur.close() + con.close() + + +def delete_group_settings(group_id): + con, cur = get_cur() + sql = """ delete from settings where `group` = '%s'""" % (group_id) + try: + cur.execute(sql) + con.commit() + except sqltool.Error as e: + funct.out_error(e) + con.rollback() + else: + return True + cur.close() + con.close() + def delete_group(id): con, cur = get_cur() @@ -160,7 +242,8 @@ def delete_group(id): except sqltool.Error as e: funct.out_error(e) con.rollback() - else: + else: + delete_group_settings(id) return True cur.close() con.close() @@ -312,10 +395,10 @@ def select_user_groups(id, **kwargs): else: if kwargs.get("check_id") is not None: for g in cur.fetchall(): - if g[0] is None: - return False - else: + if g[0]: return True + else: + return False elif kwargs.get("limit") is not None: for g in cur.fetchall(): return g[0] @@ -355,6 +438,7 @@ def select_groups(**kwargs): sql = """select * from groups where name='%s' """ % kwargs.get("group") if kwargs.get("id") is not None: sql = """select * from groups where id='%s' """ % kwargs.get("id") + try: cur.execute(sql) except sqltool.Error as e: @@ -696,6 +780,8 @@ def select_ssh(**kwargs): sql = """select * from cred where id = '%s' """ % kwargs.get("id") if kwargs.get("serv") is not None: sql = """select serv.cred, cred.* from servers as serv left join cred on cred.id = serv.cred where serv.ip = '%s' """ % kwargs.get("serv") + if kwargs.get("group") is not None: + sql = """select * from cred where groups = '%s' """ % kwargs.get("group") try: cur.execute(sql) except sqltool.Error as e: @@ -1316,9 +1402,11 @@ def select_metrics(serv, **kwargs): con.close() -def select_servers_metrics_for_master(): +def select_servers_metrics_for_master(**kwargs): con, cur = get_cur() sql = """select ip from servers where metrics = 1 """ + if kwargs.get('group') is not None: + sql = """select ip from servers where metrics = 1 and groups = '%s' """ % kwargs.get('group') try: cur.execute(sql) except sqltool.Error as e: @@ -1338,7 +1426,7 @@ def select_servers_metrics(uuid, **kwargs): group = cookie.get('group') group = group.value id = get_user_id_by_uuid(user_id.value) - if select_user_groups(id, check_id=group) is not None: + if select_user_groups(id, check_id=group): if group == '1': sql = """ select ip from servers where enable = 1 and metrics = '1' """ else: @@ -1362,11 +1450,11 @@ def select_table_metrics(uuid): group = cookie.get('group') group = group.value id = get_user_id_by_uuid(user_id.value) - if select_user_groups(id, check_id=group) is not None: + if select_user_groups(id, check_id=group): if group == '1': groups = "" else: - groups = "and servers.groups like '%{group}%' ".format(group=group) + groups = "and servers.groups = '{group}' ".format(group=group) if mysql_enable == '1': sql = """ select ip.ip, hostname, avg_sess_1h, avg_sess_24h, avg_sess_3d, max_sess_1h, max_sess_24h, max_sess_3d, avg_cur_1h, avg_cur_24h, avg_cur_3d, max_con_1h, max_con_24h, max_con_3d from @@ -1569,10 +1657,19 @@ def select_table_metrics(uuid): def get_setting(param, **kwargs): + import os + import http.cookies + cookie = http.cookies.SimpleCookie(os.environ.get("HTTP_COOKIE")) + group = cookie.get('group') + user_group = group.value + + if user_group == '' or param == 'lists_path': + user_group = '1' + con, cur = get_cur() - sql = """select value from `settings` where param='%s' """ % param + sql = """select value from `settings` where param='%s' and `group` = '%s'""" % (param, user_group) if kwargs.get('all'): - sql = """select * from `settings` order by section desc""" + sql = """select * from `settings` where `group` = '%s' order by section desc""" % user_group try: cur.execute(sql) except sqltool.Error as e: @@ -1588,8 +1685,13 @@ def get_setting(param, **kwargs): def update_setting(param, val): + import http.cookies + import os + cookie = http.cookies.SimpleCookie(os.environ.get("HTTP_COOKIE")) + group = cookie.get('group') + user_group = group.value con, cur = get_cur() - sql = """update `settings` set `value` = '%s' where param = '%s' """ % (val, param) + sql = """update `settings` set `value` = '%s' where param = '%s' and `group` = '%s' """ % (val, param, user_group) try: cur.execute(sql) con.commit() @@ -1634,6 +1736,8 @@ def select_roles(**kwargs): def select_alert(**kwargs): con, cur = get_cur() sql = """select ip from servers where alert = 1 """ + if kwargs.get("group") is not None: + sql = """select ip from servers where alert = 1 and `groups` = '%s' """ % kwargs.get("group") try: cur.execute(sql) except sqltool.Error as e: diff --git a/app/templates/admin.html b/app/templates/admin.html index 42f47a7..59aa6b8 100644 --- a/app/templates/admin.html +++ b/app/templates/admin.html @@ -316,50 +316,7 @@
- - - - - - - {% set section = namespace(section='') %} - {% for set in settings %} - {% if section.section|string() != set.2|string() %} - - {% endif %} - {% set section.section = set.2 %} - - - - - - {% endfor %} - -
- Parameter - - Value - - Description -

{{ set.2 }} section

- {{set.0}} - - {% if set.0 == 'ldap_password' %} - {% if set.1 == 'None' %} - - {% else %} - - {% endif %} - {% else %} - {% if set.1 == 'None' %} - - {% else %} - - {% endif %} - {% endif %} - - {{set.3}} -
+ {% include 'include/admin_settings.html' %}
diff --git a/app/templates/base.html b/app/templates/base.html index 257d5ff..0d0e7e8 100644 --- a/app/templates/base.html +++ b/app/templates/base.html @@ -110,6 +110,7 @@
  • Users
  • Servers
  • SSH credentials
    • +
  • Settings
  • Proxy installation
  • Monitoring installation
  • Backups
    • diff --git a/app/templates/include/admin_settings.html b/app/templates/include/admin_settings.html new file mode 100644 index 0000000..9c0b3e3 --- /dev/null +++ b/app/templates/include/admin_settings.html @@ -0,0 +1,43 @@ + + + + + + + {% set section = namespace(section='') %} + {% for set in settings %} + {% if section.section|string() != set.2|string() %} + + {% endif %} + {% set section.section = set.2 %} + + + + + + {% endfor %} +
    + Parameter + + Value + + Description +

    {{ set.2 }} section

    + {{set.0}} + + {% if set.0 == 'ldap_password' %} + {% if set.1 == 'None' %} + + {% else %} + + {% endif %} + {% else %} + {% if set.1 == 'None' %} + + {% else %} + + {% endif %} + {% endif %} + + {{set.3}} +
    \ No newline at end of file diff --git a/app/templates/servers.html b/app/templates/servers.html index 24a22d2..c32224b 100644 --- a/app/templates/servers.html +++ b/app/templates/servers.html @@ -18,6 +18,7 @@
  • Servers
  • SSH credentials
  • Checker
    • +
  • Settings
  • Proxy installation
  • Monitoring installation
  • Backup
    • @@ -237,6 +238,11 @@ You can read the description of all parameters here
    + +
    + {% include 'include/admin_settings.html' %} +
    +
    diff --git a/inc/script.js b/inc/script.js index 5d81985..98bcd80 100644 --- a/inc/script.js +++ b/inc/script.js @@ -941,7 +941,16 @@ $( function() { $(this).children(".admin").css('border-left', '4px solid #5D9CEB'); }); $( "#tabs" ).tabs( "option", "active", 2 ); - } ); + } ); + $( ".settings" ).on( "click", function() { + $('.menu li ul li').each(function () { + $(this).find('a').css('border-left', '0px solid #5D9CEB'); + $(this).find('a').css('padding-left', '20px') + $(this).children(".settings").css('padding-left', '30px'); + $(this).children(".settings").css('border-left', '4px solid #5D9CEB'); + }); + $( "#tabs" ).tabs( "option", "active", 4 ); + } ); $( ".hap" ).on( "click", function() { $('.menu li ul li').each(function () { $(this).find('a').css('padding-left', '20px') @@ -949,7 +958,7 @@ $( function() { $(this).children(".hap").css('padding-left', '30px'); $(this).children(".hap").css('border-left', '4px solid #5D9CEB'); }); - $( "#tabs" ).tabs( "option", "active", 4 ); + $( "#tabs" ).tabs( "option", "active", 5 ); } ); $( ".hap1" ).on( "click", function() { $('.menu li ul li').each(function () { @@ -958,7 +967,7 @@ $( function() { $(this).children(".hap1").css('padding-left', '30px'); $(this).children(".hap1").css('border-left', '4px solid #5D9CEB'); }); - $( "#tabs" ).tabs( "option", "active", 5 ); + $( "#tabs" ).tabs( "option", "active", 6 ); } ); $( ".backup" ).on( "click", function() { $('.menu li ul li').each(function () { @@ -967,7 +976,7 @@ $( function() { $(this).children(".backup").css('padding-left', '30px'); $(this).children(".backup").css('border-left', '4px solid #5D9CEB'); }); - $( "#tabs" ).tabs( "option", "active", 6 ); + $( "#tabs" ).tabs( "option", "active", 7 ); } ); } }

    Install HAProxy