diff --git a/README.md b/README.md index 5835a05b..8e09a1bb 100644 --- a/README.md +++ b/README.md @@ -14,7 +14,6 @@ Web interface(user-friendly web GUI, alerting, monitoring and secure) for managi 2. Installing and updating HAProxy and Nginx with Roxy-WI as a Docker service 3. Installing and updating Grafana, Prometheus servers with Roxy-WI 4. Installing and updating HAProxy, Nginx, Apache, Keepalived and Node exporters with Roxy-WI -5. Server provisioning on AWS, DigitalOcean and G-Core Labs 6. Downloading, updating and formatting GeoIP to the acceptable format for HAProxy with Roxy-WI 7. Dynamic change of Maxconn, Black/white lists and backend's IP address and port with saving changes to the config file 8. Configuring HAProxy, Nginx, Apache and Keepalived in a jiffy with Roxy-WI diff --git a/app/__init__.py b/app/__init__.py new file mode 100644 index 00000000..ba70c2e0 --- /dev/null +++ b/app/__init__.py @@ -0,0 +1,56 @@ +from datetime import timedelta + +from flask import Flask +from flask_caching import Cache +from flask_login import LoginManager + +app = Flask(__name__) +app.secret_key = 'some secret salt' +app.jinja_env.add_extension('jinja2.ext.do') +app.jinja_env.add_extension('jinja2.ext.loopcontrols') + +cache = Cache(config={'CACHE_TYPE': 'SimpleCache', "CACHE_DEFAULT_TIMEOUT": 3000}) +cache.init_app(app) +login_manager = LoginManager(app) + +app.config['SITEMAP_INCLUDE_RULES_WITHOUT_PARAMS'] = True +app.config['PERMANENT_SESSION_LIFETIME'] = timedelta(days=3) + +from app.routes.add import bp as add_bp +app.register_blueprint(add_bp, url_prefix='/add') + +from app.routes.service import bp as service_bp +app.register_blueprint(service_bp, url_prefix='/service') + +from app.routes.config import bp as config_bp +app.register_blueprint(config_bp, url_prefix='/config') + +from app.routes.metric import bp as metric_bp +app.register_blueprint(metric_bp, url_prefix='/metrics') + +from app.routes.waf import bp as waf_bp +app.register_blueprint(waf_bp, url_prefix='/waf') + +from app.routes.runtime import bp as runtime_bp +app.register_blueprint(runtime_bp, url_prefix='/runtimeapi') + +from app.routes.smon import bp as smon_bp +app.register_blueprint(smon_bp, url_prefix='/smon') + +from app.routes.checker import bp as checker_bp +app.register_blueprint(checker_bp, url_prefix='/checker') + +from app.routes.install import bp as install_bp +app.register_blueprint(install_bp, url_prefix='/install') + +from app.routes.user import bp as user_bp +app.register_blueprint(user_bp, url_prefix='/user') + +from app.routes.server import bp as server_bp +app.register_blueprint(server_bp, url_prefix='/server') + +from app.routes.admin import bp as admin_bp +app.register_blueprint(admin_bp, url_prefix='/admin') + +from app import views +from app import ajax_views diff --git a/app/add.py b/app/add.py deleted file mode 100644 index f45b4b57..00000000 --- a/app/add.py +++ /dev/null @@ -1,436 +0,0 @@ -#!/usr/bin/env python3 -# -*- coding: utf-8 -*- -import os -import sys -import http.cookies - -from jinja2 import Environment, FileSystemLoader - -import modules.db.sql as sql -import modules.common.common as common -import modules.config.config as config_mod -import modules.roxy_wi_tools as roxy_wi_tools -import modules.roxywi.common as roxywi_common -import modules.roxywi.auth as roxywi_auth - -time_zone = sql.get_setting('time_zone') -get_date = roxy_wi_tools.GetDate(time_zone) -get_config_var = roxy_wi_tools.GetConfigVar() -env = Environment(loader=FileSystemLoader('templates/'), autoescape=True) -template = env.get_template('add.html') -form = common.form -serv = common.is_ip_or_dns(form.getvalue('serv')) - -print('Content-type: text/html\n') - -user_params = roxywi_common.get_users_params(haproxy=1) - -try: - roxywi_auth.check_login(user_params['user_uuid'], user_params['token'], service=1) -except Exception: - print('error: your session is expired') - sys.exit() - -roxywi_auth.page_for_admin(level=3) - -if all(v is None for v in [ - form.getvalue('mode'), form.getvalue('new_userlist'), - form.getvalue('peers-name'), form.getvalue('generateconfig') -]): - try: - cookie = http.cookies.SimpleCookie(os.environ.get("HTTP_COOKIE")) - group = cookie.get('group') - user_group = group.value - except Exception as e: - print(str(e)) - - lib_path = get_config_var.get_config_var('main', 'lib_path') - dir = lib_path + "/lists" - white_dir = lib_path + "/lists/" + user_group + "/white" - black_dir = lib_path + "/lists/" + user_group + "/black" - - if not os.path.exists(dir): - os.makedirs(dir) - if not os.path.exists(dir + "/" + user_group): - os.makedirs(dir + "/" + user_group) - if not os.path.exists(white_dir): - os.makedirs(white_dir) - if not os.path.exists(black_dir): - os.makedirs(black_dir) - - white_lists = roxywi_common.get_files(folder=white_dir, file_format="lst") - black_lists = roxywi_common.get_files(folder=black_dir, file_format="lst") - maps = roxywi_common.get_files(folder=f'{lib_path}/maps/{user_group}', file_format="map") - - template = template.render( - h2=1, role=user_params['role'], user=user_params['user'], selects=user_params['servers'], add=form.getvalue('add'), - conf_add=form.getvalue('conf'), group=user_group, options=sql.select_options(), saved_servers=sql.select_saved_servers(), - white_lists=white_lists, black_lists=black_lists, user_services=user_params['user_services'], token=user_params['token'], - lang=user_params['lang'], maps=maps - ) - print(template) - -elif form.getvalue('mode') is not None: - haproxy_dir = sql.get_setting('haproxy_dir') - port = form.getlist('port') - bind = "" - ip = "" - force_close = form.getvalue('force_close') - balance = "" - mode = f" mode {form.getvalue('mode')}\n" - maxconn = "" - options_split = "" - ssl = "" - ssl_check = "" - backend = "" - headers = '' - acl = "" - servers_split = "" - new_listener = form.getvalue('listener') - new_frontend = form.getvalue('frontend') - new_backend = form.getvalue('new_backend') - - if form.getvalue('balance') is not None: - balance = " balance " + form.getvalue('balance') + "\n" - - if form.getvalue('health_check') is not None: - health_check = form.getvalue('health_check') - if health_check == 'option httpchk' and form.getvalue('checks_http_domain') is not None: - health_check = health_check + ' GET ' + form.getvalue('checks_http_path') + ' "HTTP/1.0\\r\\nHost: ' + form.getvalue('checks_http_domain') + '"' - balance += f" {health_check}\n" - - if form.getvalue('ip') is not None: - ip = form.getlist('ip') - - if new_listener is not None: - name = f"listen {new_listener}" - end_name = new_listener - elif new_frontend is not None: - name = f"frontend {new_frontend}" - end_name = new_frontend - elif new_backend is not None: - name = f"backend {new_backend}" - end_name = new_backend - else: - print('error: The name cannot be empty') - sys.exit() - - if form.getvalue('backends') is not None: - backend = f" default_backend { form.getvalue('backends')}\n" - - if form.getvalue('maxconn'): - maxconn = f" maxconn {form.getvalue('maxconn')}\n" - - if form.getvalue('ssl') == "https" and form.getvalue('mode') != "tcp": - cert_path = sql.get_setting('cert_path') - if form.getvalue('cert') is not None: - ssl = f"ssl crt {cert_path}{form.getvalue('cert')}" - if form.getvalue('ssl-dis-check') is None: - if form.getvalue('ssl-check') == "ssl-check": - ssl_check = " ssl verify none" - else: - ssl_check = " ssl verify" - - if ip or port: - if type(port) is list: - i = 0 - for p in port: - if ip[i] == 'IsEmptY': - if ip[i] == 'IsEmptY' and port[i] == 'IsEmptY': - i += 1 - continue - else: - port_value = port[i] - bind += f" bind *:{port_value} {ssl}\n" - else: - if port[i] == 'IsEmptY': - print('error: IP cannot be bind without a port') - sys.exit() - else: - port_value = port[i] - bind += f" bind {ip[i]}:{port_value} {ssl}\n" - i += 1 - - if form.getvalue('default-check') == "1": - if form.getvalue('check-servers') == "1": - check = f" check inter {form.getvalue('inter')} rise {form.getvalue('rise')} fall {form.getvalue('fall')}{ssl_check}" - else: - check = "" - else: - if form.getvalue('check-servers') != "1": - check = "" - else: - check = f" check{ssl_check}" - - if form.getvalue('option') is not None: - options = form.getvalue('option') - i = options.split("\n") - for j in i: - options_split += f" {j}\n" - - if force_close == "1": - options_split += " option http-server-close\n" - elif force_close == "2": - options_split += " option forceclose\n" - elif force_close == "3": - options_split += " option http-pretend-keepalive\n" - - if form.getvalue('whitelist') is not None: - options_split += " tcp-request connection accept if { src -f " + haproxy_dir + "/white/" + form.getvalue( - 'whitelist') + " }\n" - - if form.getvalue('blacklist') is not None: - options_split += " tcp-request connection reject if { src -f " + haproxy_dir + "/black/" + form.getvalue( - 'blacklist') + " }\n" - - if form.getvalue('cookie'): - cookie = f" cookie {form.getvalue('cookie_name')}" - if form.getvalue('cookie_domain'): - cookie += f" domain {form.getvalue('cookie_domain')}" - if form.getvalue('rewrite'): - rewrite = form.getvalue('rewrite') - else: - rewrite = "" - if form.getvalue('prefix'): - prefix = form.getvalue('prefix') - else: - prefix = "" - if form.getvalue('nocache'): - nocache = form.getvalue('nocache') - else: - nocache = "" - if form.getvalue('postonly'): - postonly = form.getvalue('postonly') - else: - postonly = "" - if form.getvalue('dynamic'): - dynamic = form.getvalue('dynamic') - else: - dynamic = "" - cookie += f" {rewrite} {prefix} {nocache} {postonly} {dynamic}\n" - options_split += cookie - if form.getvalue('dynamic'): - options_split += f" dynamic-cookie-key {form.getvalue('dynamic-cookie-key')}\n" - - if form.getvalue('headers_res'): - headers_res = form.getlist('headers_res') - headers_method = form.getlist('headers_method') - header_name = form.getlist('header_name') - header_value = form.getlist('header_value') - i = 0 - - for h in headers_method: - if headers_method[i] != 'del-header': - headers += f' {headers_res[i]} {headers_method[i]} {header_name[i]} {header_value[i]}\n' - else: - headers += f' {headers_res[i]} {headers_method[i]} {header_name[i]}\n' - i += 1 - - if form.getvalue('acl_if'): - acl_if = form.getlist('acl_if') - acl_value = form.getlist('acl_value') - acl_then = form.getlist('acl_then') - acl_then_values = form.getlist('acl_then_value') - i = 0 - - for a in acl_if: - - acl_then_value = '' if acl_then_values[i] == 'IsEmptY' else acl_then_values[i] - - try: - if a == '1': - acl_if_word = 'hdr_beg(host) -i ' - if form.getvalue('ssl') == "https" and form.getvalue('mode') != "tcp": - acl_if_word = 'ssl_fc_sni -i ' - if form.getvalue('mode') == "tcp": - acl_if_word = 'req.ssl_sni -i ' - elif a == '2': - acl_if_word = 'hdr_end(host) -i ' - if form.getvalue('ssl') == "https" and form.getvalue('mode') != "tcp": - acl_if_word = 'ssl_fc_sni -i ' - if form.getvalue('mode') == "tcp": - acl_if_word = 'req.ssl_sni -i ' - elif a == '3': - acl_if_word = 'path_beg -i ' - elif a == '4': - acl_if_word = 'path_end -i ' - elif a == '6': - acl_if_word = 'src ip ' - else: - acl_if_word = '' - - if acl_then[i] == '5': - acl += ' use_backend ' - elif acl_then[i] == '2': - acl += ' http-request redirect location ' - elif acl_then[i] == '3': - acl += ' http-request allow' - acl_then_value = '' - elif acl_then[i] == '4': - acl += ' http-request deny' - acl_then_value = '' - elif acl_then[i] == '6': - acl += f' acl return_{acl_value[i]} {acl_if_word} {acl_value[i]}\n' - acl += f' http-request return if return_{acl_value[i]}\n' - elif acl_then[i] == '7': - acl += f' acl set_header_{acl_value[i]} {acl_if_word} {acl_value[i]}\n' - acl += f' http-request set-header if set_header_{acl_value[i]}\n' - - if acl_then[i] in ('2', '3', '4', '5'): - acl += acl_then_value + ' if { ' + acl_if_word + acl_value[i] + ' } \n' - except Exception: - acl = '' - - i += 1 - - if form.getvalue('circuit_breaking') == "1": - observe = 'observe ' + form.getvalue('circuit_breaking_observe') - error_limit = ' error-limit ' + form.getvalue('circuit_breaking_error_limit') - circuit_breaking_on_error = ' on-error ' + form.getvalue('circuit_breaking_on_error') - default_server = ' default-server ' + observe + error_limit + circuit_breaking_on_error + '\n' - servers_split += default_server - - if form.getvalue('servers') is not None: - servers = form.getlist('servers') - server_port = form.getlist('server_port') - send_proxy = form.getlist('send_proxy') - backup = form.getlist('backup') - server_maxconn = form.getlist('server_maxconn') - port_check = form.getvalue('port_check') - i = 0 - for server in servers: - if form.getvalue('template') is None: - try: - if send_proxy[i] == '1': - send_proxy_param = 'send-proxy' - else: - send_proxy_param = '' - except Exception: - send_proxy_param = '' - - try: - if backup[i] == '1': - backup_param = 'backup' - else: - backup_param = '' - except Exception: - backup_param = '' - - try: - maxconn_val = server_maxconn[i] - except Exception: - maxconn_val = '200' - - try: - port_check_val = port_check[i] - except Exception: - port_check_val = server_port[i] - - servers_split += " server {0} {0}:{1}{2} port {6} maxconn {5} {3} {4} \n".format( - server, server_port[i], check, send_proxy_param, backup_param, maxconn_val, port_check_val - ) - else: - servers_split += " server-template {0} {1} {2}:{3} {4} \n".format( - form.getvalue('prefix'), form.getvalue('template-number'), server, server_port[i], check - ) - i += 1 - - compression = form.getvalue("compression") - cache = form.getvalue("cache") - compression_s = "" - cache_s = "" - cache_set = "" - filter_com = "" - if compression == "1" or cache == "2": - filter_com = " filter compression\n" - if cache == "2": - cache_s = f" http-request cache-use {end_name}\n http-response cache-store {end_name}\n" - cache_set = f"cache {end_name}\n total-max-size 4\n max-age 240\n" - if compression == "1": - compression_s = " compression algo gzip\n compression type text/html text/plain text/css\n" - - waf = "" - if form.getvalue('waf') is not None: - waf = f" filter spoe engine modsecurity config {haproxy_dir}/waf.conf\n" - waf += " http-request deny if { var(txn.modsec.code) -m int gt 0 }\n" - - config_add = f"\n{name}\n{bind}{mode}{maxconn}{balance}{options_split}{cache_s}{filter_com}{compression_s}" \ - f"{waf}{headers}{acl}{backend}{servers_split}\n{cache_set}\n" - -if form.getvalue('new_userlist') is not None: - name = f"userlist {form.getvalue('new_userlist')}\n" - - new_userlist_groups = "" - if form.getvalue('userlist-group') is not None: - groups = form.getlist('userlist-group') - for group in groups: - new_userlist_groups += f" group {group}\n" - - new_users_list = "" - if form.getvalue('userlist-user') is not None: - users = form.getlist('userlist-user') - passwords = form.getlist('userlist-password') - userlist_user_group = form.getlist('userlist-user-group') - i = 0 - - for user in users: - try: - group = f' groups {userlist_user_group[i]}' - except Exception: - group = '' - new_users_list += f" user {user} insecure-password { passwords[i]} {group}\n" - i += 1 - - config_add = "\n" + name + new_userlist_groups + new_users_list - -if form.getvalue('peers-name') is not None: - name = "peers " + form.getvalue('peers-name') + "\n" - servers_split = '' - - if form.getvalue('servers') is not None: - servers = form.getlist('servers') - server_port = form.getlist('server_port') - servers_name = form.getlist('servers_name') - i = 0 - for server in servers: - servers_split += " peer {0} {1}:{2} \n".format(servers_name[i], server, server_port[i]) - - i += 1 - - config_add = "\n" + name + servers_split - -if form.getvalue('generateconfig') is None and serv is not None: - slave_output = '' - try: - server_name = sql.get_hostname_by_server_ip(serv) - except Exception: - server_name = serv - - try: - roxywi_common.check_is_server_in_group(serv) - if config_add: - hap_configs_dir = get_config_var.get_config_var('configs', 'haproxy_save_configs_dir') - cfg = hap_configs_dir + serv + "-" + get_date.return_date('config') + ".cfg" - - config_mod.get_config(serv, cfg) - try: - with open(cfg, "a") as conf: - conf.write(config_add) - except IOError as e: - print(f"error: Can't read import config file {e}") - - output = config_mod.master_slave_upload_and_restart(serv, cfg, just_save="save") - - if output: - print(output) - else: - print(name) - - try: - roxywi_common.logging(serv, f"add.py add new {name}") - except Exception: - pass - except Exception: - pass -else: - print(config_add) diff --git a/app/add_nginx.py b/app/add_nginx.py deleted file mode 100755 index d4b40b55..00000000 --- a/app/add_nginx.py +++ /dev/null @@ -1,118 +0,0 @@ -#!/usr/bin/env python3 -# -*- coding: utf-8 -*- -import sys - -from jinja2 import Environment, FileSystemLoader - -import modules.db.sql as sql -import modules.common.common as common -import modules.config.config as config_mod -import modules.roxy_wi_tools as roxy_wi_tools -import modules.roxywi.auth as roxywi_auth -import modules.roxywi.common as roxywi_common - -get_config_var = roxy_wi_tools.GetConfigVar() -form = common.form -serv = form.getvalue('serv') - -print('Content-type: text/html\n') - -user_params = roxywi_common.get_users_params(service='nginx') - -try: - roxywi_auth.check_login(user_params['user_uuid'], user_params['token'], service=2) -except Exception as e: - print(f'error {e}') - sys.exit() - -roxywi_auth.page_for_admin(level=3) - -if all(v is None for v in [form.getvalue('upstream'), form.getvalue('generateconfig')]): - env = Environment(loader=FileSystemLoader('templates/'), autoescape=True) - template = env.get_template('add_nginx.html') - template = template.render( - h2=1, role=user_params['role'], user=user_params['user'], selects=user_params['servers'], add=form.getvalue('add'), - conf_add=form.getvalue('conf'), user_services=user_params['user_services'], token=user_params['token'], lang=user_params['lang'] - ) - print(template) -elif form.getvalue('upstream') is not None: - nginx_dir = sql.get_setting('nginx_dir') - name = form.getlist('name') - new_upstream = form.getvalue('upstream') - balance = form.getvalue("balance") - ip = '' - port = '' - config_add = '' - servers_split = '' - - if balance == 'round_robin': - balance = '' - else: - balance = f' {balance};\n' - - if new_upstream is not None: - config_add = f'upstream {new_upstream} {{\n' - config_add += balance - config_name = f'upstream_{new_upstream}' - - if form.getvalue('keepalive') is not None: - config_add += f' keepalive {form.getvalue("keepalive")};\n' - - if form.getvalue('servers') is not None: - servers = form.getlist('servers') - server_port = form.getlist('server_port') - max_fails = form.getlist('max_fails') - fail_timeout = form.getlist('fail_timeout') - i = 0 - for server in servers: - try: - max_fails_val = f'max_fails={max_fails[i]}' - except Exception: - max_fails_val = 'max_fails=1' - - try: - fail_timeout_val = f'fail_timeout={fail_timeout[i]}' - except Exception: - fail_timeout_val = 'fail_timeout=1' - - servers_split += f" server {server}:{server_port[i]} {max_fails_val} {fail_timeout_val}s; \n" - i += 1 - config_add += f'{servers_split} }}\n' - -if form.getvalue('generateconfig') is None and serv is not None: - slave_output = '' - try: - server_name = sql.get_hostname_by_server_ip(serv) - except Exception: - server_name = serv - - try: - roxywi_common.check_is_server_in_group(serv) - if config_add: - sub_folder = 'conf.d' if 'upstream' in config_name else 'sites-enabled' - - service_configs_dir = get_config_var.get_config_var('configs', 'nginx_save_configs_dir') - cfg = f'{service_configs_dir}{serv}-{config_name}.conf' - nginx_dir = common.return_nice_path(sql.get_setting('nginx_dir')) - - config_file_name = f'{nginx_dir}{sub_folder}/{config_name}.conf' - - try: - with open(cfg, "w") as conf: - conf.write(config_add) - except IOError: - print("error: Cannot save a new config") - - roxywi_common.logging(serv, "add_nginx.py add new %s" % config_name) - - output = config_mod.master_slave_upload_and_restart(serv, cfg, just_save="save", nginx=1, config_file_name=config_file_name) - - if output: - print(output) - else: - print(config_name) - - except Exception: - pass -else: - print(config_add) diff --git a/app/ajax_views.py b/app/ajax_views.py new file mode 100644 index 00000000..8fbea176 --- /dev/null +++ b/app/ajax_views.py @@ -0,0 +1,192 @@ +import os +import sys + +from flask import render_template, request +from flask_login import login_required + +from app import app, login_manager, cache + +sys.path.append(os.path.join(sys.path[0], '/var/www/haproxy-wi/app')) + +import modules.db.sql as sql +import modules.common.common as common +import modules.server.server as server_mod +import modules.service.action as service_action +import modules.service.common as service_common +import modules.service.haproxy as service_haproxy +import modules.roxywi.roxy as roxy +import modules.roxywi.logs as roxy_logs +import modules.roxywi.nettools as nettools +import modules.roxywi.common as roxywi_common +import modules.roxywi.overview as roxy_overview + + + +@app.route('/overview/services') +@login_required +def show_services_overview(): + return roxy_overview.show_services_overview() + + +@app.route('/overview/server/') +@login_required +def overview_server(server_ip): + return roxy_overview.show_overview(server_ip) + + +@app.route('/overview/users') +@login_required +def overview_users(): + return roxy_overview.user_owv() + + +@app.route('/overview/sub') +@login_required +@cache.cached() +def overview_sub(): + return roxy_overview.show_sub_ovw() + + +@app.route('/logs//', methods=['GET', 'POST']) +@login_required +def show_remote_log_files(service, serv): + service = common.checkAjaxInput(service) + serv = common.checkAjaxInput(serv) + log_path = sql.get_setting(f'{service}_path_logs') + return_files = server_mod.get_remote_files(serv, log_path, 'log') + + if 'error: ' in return_files: + return return_files + + lang = roxywi_common.get_user_lang_for_flask() + + return render_template( + 'ajax/show_log_files.html', serv=serv, return_files=return_files, path_dir=log_path, lang=lang + ) + + +@app.route('/logs///', defaults={'waf': '0'}, methods=['GET', 'POST']) +@app.route('/logs//waf//', defaults={'waf': '1'}, methods=['GET', 'POST']) +@login_required +def show_logs(service, serv, rows, waf): + if request.method == 'GET': + grep = request.args.get('grep') + exgrep = request.args.get('exgrep') + hour = request.args.get('hour') + minute = request.args.get('minute') + hour1 = request.args.get('hour1') + minute1 = request.args.get('minute1') + log_file = request.args.get('file') + else: + grep = request.form.get('grep') + exgrep = request.form.get('exgrep') + hour = request.form.get('hour') + minute = request.form.get('minute') + hour1 = request.form.get('hour1') + minute1 = request.form.get('minute1') + log_file = request.form.get('file') + + if roxywi_common.check_user_group_for_flask(): + try: + out = roxy_logs.show_roxy_log(serv=serv, rows=rows, waf=waf, grep=grep, exgrep=exgrep, hour=hour, minute=minute, + hour1=hour1, minute1=minute1, service=service, log_file=log_file) + except Exception as e: + return str(e) + else: + return out + + +@app.route('/internal/show_version') +@cache.cached() +def show_roxywi_version(): + return render_template('ajax/check_version.html', versions=roxy.versions()) + + +@app.route('/stats/view//') +def show_stats(service, server_ip): + server_ip = common.is_ip_or_dns(server_ip) + + if service in ('nginx', 'apache'): + return service_common.get_stat_page(server_ip, service) + else: + return service_haproxy.stat_page_action(server_ip) + + +@app.route('/portscanner/history/') +@login_required +def portscanner_history(server_ip): + try: + user_params = roxywi_common.get_users_params() + user = user_params['user'] + except Exception: + return redirect(url_for('login_page')) + + history = sql.select_port_scanner_history(server_ip) + user_subscription = roxywi_common.return_user_subscription() + + return render_template( + 'include/port_scan_history.html', h2=1, autorefresh=0, role=user_params['role'], user=user, servers=user_params['servers'], + history=history, user_services=user_params['user_services'], token=user_params['token'], + user_status=user_subscription['user_status'], user_plan=user_subscription['user_plan'], lang=user_params['lang'] + ) + + +@app.post('/portscanner/settings') +def change_settings_portscanner(): + server_id = common.checkAjaxInput(request.form.get('server_id')) + enabled = common.checkAjaxInput(request.form.get('enabled')) + notify = common.checkAjaxInput(request.form.get('notify')) + history = common.checkAjaxInput(request.form.get('history')) + user_group_id = [server[3] for server in sql.select_servers(id=server_id)] + + try: + if sql.insert_port_scanner_settings(server_id, user_group_id[0], enabled, notify, history): + return 'ok' + else: + if sql.update_port_scanner_settings(server_id, user_group_id[0], enabled, notify, history): + return 'ok' + except Exception as e: + return f'error: Cannot save settings: {e}' + else: + return 'ok' + + +@app.route('/portscanner/scan/') +def scan_port(server_id): + server = sql.select_servers(id=server_id) + ip = '' + + for s in server: + ip = s[2] + + cmd = f"sudo nmap -sS {ip} |grep -E '^[[:digit:]]'|sed 's/ */ /g'" + cmd1 = f"sudo nmap -sS {ip} |head -5|tail -2" + + stdout, stderr = server_mod.subprocess_execute(cmd) + stdout1, stderr1 = server_mod.subprocess_execute(cmd1) + + if stderr != '': + return f'error: {stderr}' + else: + lang = roxywi_common.get_user_lang_for_flask() + return render_template('ajax/scan_ports.html', ports=stdout, info=stdout1, lang=lang) + + +@app.post('/nettols/') +def nettols_check(check): + server_from = common.checkAjaxInput(request.form.get('server_from')) + server_to = common.is_ip_or_dns(request.form.get('server_to')) + action = common.checkAjaxInput(request.form.get('nettools_action')) + port_to = common.checkAjaxInput(request.form.get('nettools_telnet_port_to')) + dns_name = common.checkAjaxInput(request.form.get('nettools_nslookup_name')) + dns_name = common.is_ip_or_dns(dns_name) + record_type = common.checkAjaxInput(request.form.get('nettools_nslookup_record_type')) + + if check == 'icmp': + return nettools.ping_from_server(server_from, server_to, action) + elif check == 'tcp': + return nettools.telnet_from_server(server_from, server_to, port_to) + elif check == 'dns': + return nettools.nslookup_from_server(server_from, dns_name, record_type) + else: + return 'error: Wrong check' diff --git a/app/app.wsgi b/app/app.wsgi new file mode 100644 index 00000000..c7c3bca5 --- /dev/null +++ b/app/app.wsgi @@ -0,0 +1,4 @@ +import sys +sys.path.insert(0,"/var/www/haproxy-wi/") + +from app import app as application diff --git a/app/config.py b/app/config.py deleted file mode 100644 index 5e862ed8..00000000 --- a/app/config.py +++ /dev/null @@ -1,158 +0,0 @@ -#!/usr/bin/env python3 -import os -import sys - -from jinja2 import Environment, FileSystemLoader - -import modules.db.sql as sql -import modules.common.common as common -import modules.roxywi.auth as roxywi_auth -import modules.config.config as config_mod -import modules.roxy_wi_tools as roxy_wi_tools -import modules.roxywi.common as roxywi_common - -time_zone = sql.get_setting('time_zone') -get_date = roxy_wi_tools.GetDate(time_zone) -get_config_var = roxy_wi_tools.GetConfigVar() -env = Environment(loader=FileSystemLoader('templates/'), autoescape=True) -template = env.get_template('config.html') - -print('Content-type: text/html\n') - -form = common.form -serv = common.is_ip_or_dns(form.getvalue('serv')) -try: - service = common.checkAjaxInput(form.getvalue('service')) -except Exception: - print('') - -is_serv_protected = False - -try: - config_file_name = form.getvalue('config_file_name').replace('92', '/') -except Exception: - config_file_name = '' - -config_read = "" -cfg = "" -stderr = "" -error = "" -aftersave = "" -is_restart = '' -service_desc = '' - -user_params = roxywi_common.get_users_params(service='nginx') - -if service in ('haproxy', 'nginx', 'keepalived', 'apache'): - service_desc = sql.select_service(service) - if roxywi_auth.check_login(user_params['user_uuid'], user_params['token'], service=service_desc.service_id): - if user_params['lang'] == 'ru': - title = f"Работа с конфигурационным файлом {service_desc.service}" - else: - title = f"Working with {service_desc.service} configuration files" - action = f"config.py?service={service_desc.slug}" - configs_dir = get_config_var.get_config_var('configs', 'kp_save_configs_dir') - file_format = 'conf' - servers = roxywi_common.get_dick_permit(service=service_desc.slug) - - if service in ('haproxy', 'nginx', 'apache'): - configs_dir = get_config_var.get_config_var('configs', f'{service_desc.service}_save_configs_dir') - else: - configs_dir = get_config_var.get_config_var('configs', 'kp_save_configs_dir') - - if service == 'haproxy': - file_format = 'cfg' -else: - print('') - -if serv is not None: - if service == 'nginx' or service == 'apache': - conf_file_name_short = config_file_name.split('/')[-1] - cfg = f"{configs_dir}{serv}-{conf_file_name_short}-{get_date.return_date('config')}.{file_format}" - else: - cfg = f"{configs_dir}{serv}-{get_date.return_date('config')}.{file_format}" - -if serv is not None and form.getvalue('open') is not None and form.getvalue('new_config') is None: - roxywi_common.check_is_server_in_group(serv) - is_serv_protected = sql.is_serv_protected(serv) - server_id = sql.select_server_id_by_ip(serv) - is_restart = sql.select_service_setting(server_id, service, 'restart') - - if service == 'keepalived': - error = config_mod.get_config(serv, cfg, keepalived=1) - try: - roxywi_common.logging(serv, " Keepalived config has been opened for ") - except Exception: - pass - elif service == 'nginx': - error = config_mod.get_config(serv, cfg, nginx=1, config_file_name=config_file_name) - try: - roxywi_common.logging(serv, " NGINX config has been opened ") - except Exception: - pass - elif service == 'apache': - error = config_mod.get_config(serv, cfg, apache=1, config_file_name=config_file_name) - try: - roxywi_common.logging(serv, " Apache config has been opened ") - except Exception: - pass - else: - error = config_mod.get_config(serv, cfg) - try: - roxywi_common.logging(serv, " HAProxy config has been opened ") - except Exception: - pass - - try: - conf = open(cfg, "r") - config_read = conf.read() - conf.close() - except IOError: - error += '
Cannot read imported config file' - - os.system("/bin/mv %s %s.old" % (cfg, cfg)) - -if form.getvalue('new_config') is not None: - config_read = ' ' - -if serv is not None and form.getvalue('config') is not None: - roxywi_common.check_is_server_in_group(serv) - - config = form.getvalue('config') - oldcfg = form.getvalue('oldconfig') - save = form.getvalue('save') - - try: - with open(cfg, "a") as conf: - conf.write(config) - except IOError: - print("error: Cannot read imported config file") - - if service == 'keepalived': - stderr = config_mod.upload_and_restart(serv, cfg, just_save=save, keepalived=1, oldcfg=oldcfg) - elif service == 'nginx': - stderr = config_mod.master_slave_upload_and_restart(serv, cfg, just_save=save, nginx=1, oldcfg=oldcfg, config_file_name=config_file_name) - elif service == 'apache': - stderr = config_mod.master_slave_upload_and_restart(serv, cfg, just_save=save, apache=1, oldcfg=oldcfg, config_file_name=config_file_name) - else: - stderr = config_mod.master_slave_upload_and_restart(serv, cfg, just_save=save, oldcfg=oldcfg) - - config_mod.diff_config(oldcfg, cfg) - - try: - os.system("/bin/rm -f " + configs_dir + "*.old") - except Exception as e: - print('error: ' + str(e)) - - if stderr: - print(stderr) - - sys.exit() - -template = template.render( - h2=1, role=user_params['role'], action=action, user=user_params['user'], select_id="serv", serv=serv, aftersave=aftersave, - config=config_read, cfg=cfg, selects=servers, stderr=stderr, error=error, service=service, is_restart=is_restart, - user_services=user_params['user_services'], config_file_name=config_file_name, is_serv_protected=is_serv_protected, - token=user_params['token'], lang=user_params['lang'], service_desc=service_desc -) -print(template) diff --git a/app/create_db.py b/app/create_db.py index 603cc4ce..cbe10832 100644 --- a/app/create_db.py +++ b/app/create_db.py @@ -159,194 +159,6 @@ def default_values(): except Exception as e: print(str(e)) - data_source = [ - {'param': 'aws', 'name': 'AWS', 'optgroup': 'aws', 'section': 'provider', 'provider': 'aws', 'image': '/inc/images/provisioning/providers/aws.svg'}, - {'param': 'do', 'name': 'DigitalOcearn', 'optgroup': 'do', 'section': 'provider', 'provider': 'do', 'image': '/inc/images/provisioning/providers/do.svg'}, - {'param': 'gcore', 'name': 'G-Core Labs', 'optgroup': 'gcore', 'section': 'provider', 'provider': 'gcore', 'image': '/inc/images/provisioning/providers/gcore.svg'}, - {'param': 'us-east-1', 'name': 'N. Virginia', 'optgroup': 'US East', 'section': 'region', 'provider': 'aws', - 'image': '/inc/images/provisioning/flags/us.svg'}, - {'param': 'us-east-2', 'name': 'Ohio', 'optgroup': 'US East', 'section': 'region', 'provider': 'aws', 'image': '/inc/images/provisioning/flags/us.svg'}, - {'param': 'us-west-1', 'name': 'N. California', 'optgroup': 'US West', 'section': 'region', 'provider': 'aws', - 'image': '/inc/images/provisioning/flags/us.svg'}, - {'param': 'us-west-2', 'name': 'Oregon', 'optgroup': 'US West', 'section': 'region', 'provider': 'aws', - 'image': '/inc/images/provisioning/flags/us.svg'}, - {'param': 'af-south-1', 'name': 'Cape Town', 'optgroup': 'Africa', 'section': 'region', 'provider': 'aws', - 'image': '/inc/images/provisioning/flags/za.svg'}, - {'param': 'ap-east-1', 'name': 'Hong Kong', 'optgroup': 'Asia Pacific', 'section': 'region', 'provider': 'aws', - 'image': '/inc/images/provisioning/flags/hk.svg'}, - {'param': 'ap-south-1', 'name': 'Mumbai', 'optgroup': 'Asia Pacific', 'section': 'region', 'provider': 'aws', - 'image': '/inc/images/provisioning/flags/in.svg'}, - {'param': 'ap-northeast-2', 'name': 'Seoul', 'optgroup': 'Asia Pacific', 'section': 'region', 'provider': 'aws', - 'image': '/inc/images/provisioning/flags/kr.svg'}, - {'param': 'ap-southeast-1', 'name': 'Singapore', 'optgroup': 'Asia Pacific', 'section': 'region', 'provider': 'aws', - 'image': '/inc/images/provisioning/flags/sg.svg'}, - {'param': 'ap-southeast-2', 'name': 'Sydney', 'optgroup': 'Asia Pacific', 'section': 'region', 'provider': 'aws', - 'image': '/inc/images/provisioning/flags/au.svg'}, - {'param': 'ap-northeast-1', 'name': 'Tokyo', 'optgroup': 'Asia Pacific', 'section': 'region', 'provider': 'aws', - 'image': '/inc/images/provisioning/flags/jp.svg'}, - {'param': 'ca-central-1', 'name': 'Central', 'optgroup': 'Canada', 'section': 'region', 'provider': 'aws', - 'image': '/inc/images/provisioning/flags/ca.svg'}, - {'param': 'eu-central-1', 'name': 'Frankfurt', 'optgroup': 'Europe', 'section': 'region', 'provider': 'aws', - 'image': '/inc/images/provisioning/flags/de.svg'}, - {'param': 'eu-west-1', 'name': 'Ireland', 'optgroup': 'Europe', 'section': 'region', 'provider': 'aws', 'image': '/inc/images/provisioning/flags/ie.svg'}, - {'param': 'eu-west-2', 'name': 'London', 'optgroup': 'Europe', 'section': 'region', 'provider': 'aws', 'image': '/inc/images/provisioning/flags/gb.svg'}, - {'param': 'eu-south-1', 'name': 'Milan', 'optgroup': 'Europe', 'section': 'region', 'provider': 'aws', 'image': '/inc/images/provisioning/flags/fr.svg'}, - {'param': 'eu-west-3', 'name': 'Paris', 'optgroup': 'Europe', 'section': 'region', 'provider': 'aws', 'image': '/inc/images/provisioning/flags/fr.svg'}, - {'param': 'eu-north-1', 'name': 'Stockholm', 'optgroup': 'Europe', 'section': 'region', 'provider': 'aws', 'image': '/inc/images/provisioning/flags/se.svg'}, - {'param': 'me-south-1', 'name': 'Bahrain', 'optgroup': 'Middle East', 'section': 'region', 'provider': 'aws', 'image': '/inc/images/provisioning/flags/bh.svg'}, - {'param': 'sa-east-1', 'name': 'São Paulo', 'optgroup': 'South America', 'section': 'region', 'provider': 'aws', 'image': '/inc/images/provisioning/flags/br.svg'}, - {'param': 'nyc1', 'name': 'New York 1', 'optgroup': 'USA', 'section': 'region', 'provider': 'do', 'image': '/inc/images/provisioning/flags/us.svg'}, - {'param': 'nyc2', 'name': 'New York 2', 'optgroup': 'USA', 'section': 'region', 'provider': 'do', 'image': '/inc/images/provisioning/flags/us.svg'}, - {'param': 'nyc3', 'name': 'New York 3', 'optgroup': 'USA', 'section': 'region', 'provider': 'do', 'image': '/inc/images/provisioning/flags/us.svg'}, - {'param': 'sfo1', 'name': 'San Francisco 1', 'optgroup': 'USA', 'section': 'region', 'provider': 'do', 'image': '/inc/images/provisioning/flags/us.svg'}, - {'param': 'sfo2', 'name': 'San Francisco 2', 'optgroup': 'USA', 'section': 'region', 'provider': 'do', 'image': '/inc/images/provisioning/flags/us.svg'}, - {'param': 'sfo3', 'name': 'San Francisco 3', 'optgroup': 'USA', 'section': 'region', 'provider': 'do', 'image': '/inc/images/provisioning/flags/us.svg'}, - {'param': 'tor1', 'name': 'Toronto 1', 'optgroup': 'Canada', 'section': 'region', 'provider': 'do', 'image': '/inc/images/provisioning/flags/ca.svg'}, - {'param': 'ams2', 'name': 'Amsterdam 2', 'optgroup': 'Europe', 'section': 'region', 'provider': 'do', 'image': '/inc/images/provisioning/flags/nl.svg'}, - {'param': 'ams3', 'name': 'Amsterdam 3', 'optgroup': 'Europe', 'section': 'region', 'provider': 'do', 'image': '/inc/images/provisioning/flags/nl.svg'}, - {'param': 'fra1', 'name': 'Frankfurt 1', 'optgroup': 'Europe', 'section': 'region', 'provider': 'do', 'image': '/inc/images/provisioning/flags/de.svg'}, - {'param': 'lon1', 'name': 'London 1', 'optgroup': 'Europe', 'section': 'region', 'provider': 'do', 'image': '/inc/images/provisioning/flags/gb.svg'}, - {'param': 'sgp1', 'name': 'Singapore 1', 'optgroup': 'Asia', 'section': 'region', 'provider': 'do', 'image': '/inc/images/provisioning/flags/sg.svg'}, - {'param': 'blr1', 'name': 'Bangalore 1', 'optgroup': 'Asia', 'section': 'region', 'provider': 'do', 'image': '/inc/images/provisioning/flags/bh.svg'}, - {'param': '68', 'name': 'Chicago', 'optgroup': 'Americas', 'section': 'region', 'provider': 'gcore', 'image': '/inc/images/provisioning/flags/us.svg'}, - {'param': '14', 'name': 'Manassas', 'optgroup': 'Americas', 'section': 'region', 'provider': 'gcore', 'image': '/inc/images/provisioning/flags/us.svg'}, - {'param': '35', 'name': 'Santa-Clara', 'optgroup': 'Americas', 'section': 'region', 'provider': 'gcore', 'image': '/inc/images/provisioning/flags/us.svg'}, - {'param': '91', 'name': 'Sao Paulo', 'optgroup': 'Americas', 'section': 'region', 'provider': 'gcore', 'image': '/inc/images/provisioning/flags/br.svg'}, - {'param': '64', 'name': 'Hong-Kong', 'optgroup': 'Asia-Pacific', 'section': 'region', 'provider': 'gcore', 'image': '/inc/images/provisioning/flags/hk.svg'}, - {'param': '18', 'name': 'Singapore', 'optgroup': 'Asia-Pacific', 'section': 'region', 'provider': 'gcore', 'image': '/inc/images/provisioning/flags/sg.svg'}, - {'param': '88', 'name': 'Sydney', 'optgroup': 'Asia-Pacific', 'section': 'region', 'provider': 'gcore', 'image': '/inc/images/provisioning/flags/au.svg'}, - {'param': '29', 'name': 'Tokyo', 'optgroup': 'Asia-Pacific', 'section': 'region', 'provider': 'gcore', 'image': '/inc/images/provisioning/flags/jp.svg'}, - {'param': '46', 'name': 'Almaty', 'optgroup': 'EMEA', 'section': 'region', 'provider': 'gcore', 'image': '/inc/images/provisioning/flags/kz.svg'}, - {'param': '26', 'name': 'Amsterdam', 'optgroup': 'EMEA', 'section': 'region', 'provider': 'gcore', 'image': '/inc/images/provisioning/flags/nl.svg'}, - {'param': '51', 'name': 'Amsterdam-2', 'optgroup': 'EMEA', 'section': 'region', 'provider': 'gcore', 'image': '/inc/images/provisioning/flags/nl.svg'}, - {'param': '38', 'name': 'Frankfurt', 'optgroup': 'EMEA', 'section': 'region', 'provider': 'gcore', 'image': '/inc/images/provisioning/flags/de.svg'}, - {'param': '120', 'name': 'Darmstadt', 'optgroup': 'EMEA', 'section': 'region', 'provider': 'gcore', 'image': '/inc/images/provisioning/flags/de.svg'}, - {'param': '50', 'name': 'Istanbul', 'optgroup': 'EMEA', 'section': 'region', 'provider': 'gcore', 'image': '/inc/images/provisioning/flags/tr.svg'}, - {'param': '84', 'name': 'Johannesburg', 'optgroup': 'EMEA', 'section': 'region', 'provider': 'gcore', 'image': '/inc/images/provisioning/flags/za.svg'}, - {'param': '6', 'name': 'Luxembourg', 'optgroup': 'EMEA', 'section': 'region', 'provider': 'gcore', 'image': '/inc/images/provisioning/flags/lu.svg'}, - {'param': '76', 'name': 'Luxembourg-2', 'optgroup': 'EMEA', 'section': 'region', 'provider': 'gcore', 'image': '/inc/images/provisioning/flags/lu.svg'}, - {'param': '56', 'name': 'Paris', 'optgroup': 'EMEA', 'section': 'region', 'provider': 'gcore', 'image': '/inc/images/provisioning/flags/fr.svg'}, - {'param': '100', 'name': 'Paris-2', 'optgroup': 'EMEA', 'section': 'region', 'provider': 'gcore', 'image': '/inc/images/provisioning/flags/fr.svg'}, - {'param': '80', 'name': 'Warsaw', 'optgroup': 'EMEA', 'section': 'region', 'provider': 'gcore', 'image': '/inc/images/provisioning/flags/pl.svg'}, - {'param': '116', 'name': 'Dubai', 'optgroup': 'EMEA', 'section': 'region', 'provider': 'gcore', 'image': '/inc/images/provisioning/flags/ae.svg'}, - {'param': '22', 'name': 'Khabarovsk', 'optgroup': 'Russia and CIS', 'section': 'region', 'provider': 'edge', 'image': '/inc/images/provisioning/flags/ru.svg'}, - {'param': '10', 'name': 'Moscow', 'optgroup': 'Russia and CIS', 'section': 'region', 'provider': 'edge', 'image': '/inc/images/provisioning/flags/ru.svg'}, - {'param': '42', 'name': 'Saint Petersburg', 'optgroup': 'Russia and CIS', 'section': 'region', 'provider': 'edge', 'image': '/inc/images/provisioning/flags/ru.svg'}, - {'param': '60', 'name': 'Yekaterinburg', 'optgroup': 'Russia and CIS', 'section': 'region', 'provider': 'edge', 'image': '/inc/images/provisioning/flags/ru.svg'}, - {'param': '72', 'name': 'Novosibirsk', 'optgroup': 'Russia and CIS', 'section': 'region', 'provider': 'edge', 'image': '/inc/images/provisioning/flags/ru.svg'}, - {'param': 'ubuntu-18-04', 'name': 'Ubuntu 18.04', 'optgroup': 'Ubuntu', 'section': 'image', 'provider': 'aws', 'image': '/inc/images/provisioning/oss/ubuntu.svg'}, - {'param': 'ubuntu-20-04', 'name': 'Ubuntu 20.04', 'optgroup': 'Ubuntu', 'section': 'image', 'provider': 'aws', 'image': '/inc/images/provisioning/oss/ubuntu.svg'}, - {'param': 'ubuntu-20-14', 'name': 'Ubuntu 20.14', 'optgroup': 'Ubuntu', 'section': 'image', 'provider': 'aws', 'image': '/inc/images/provisioning/oss/ubuntu.svg'}, - {'param': 'ubuntu-22-04', 'name': 'Ubuntu 22.04', 'optgroup': 'Ubuntu', 'section': 'image', 'provider': 'aws', 'image': '/inc/images/provisioning/oss/ubuntu.svg'}, - {'param': 'ubuntu-23-04', 'name': 'Ubuntu 23.04', 'optgroup': 'Ubuntu', 'section': 'image', 'provider': 'aws', 'image': '/inc/images/provisioning/oss/ubuntu.svg'}, - {'param': 'centos-7', 'name': 'CentOS 7', 'optgroup': 'CentOS', 'section': 'image', 'provider': 'aws', 'image': '/inc/images/provisioning/oss/centos.svg'}, - {'param': 'centos-8', 'name': 'CentOS 8', 'optgroup': 'CentOS', 'section': 'image', 'provider': 'aws', 'image': '/inc/images/provisioning/oss/centos.svg'}, - {'param': 'centos-9', 'name': 'CentOS 9', 'optgroup': 'CentOS', 'section': 'image', 'provider': 'aws', 'image': '/inc/images/provisioning/oss/centos.svg'}, - {'param': 'debian-9', 'name': 'Debian 9', 'optgroup': 'Debian', 'section': 'image', 'provider': 'aws', 'image': '/inc/images/provisioning/oss/debian.svg'}, - {'param': 'debian-10', 'name': 'Debian 10', 'optgroup': 'Debian', 'section': 'image', 'provider': 'aws', 'image': '/inc/images/provisioning/oss/debian.svg'}, - {'param': 'debian-11', 'name': 'Debian 11', 'optgroup': 'Debian', 'section': 'image', 'provider': 'aws', 'image': '/inc/images/provisioning/oss/debian.svg'}, - {'param': 'amazon-2_lts', 'name': 'Amazon Linux 2', 'optgroup': 'Amazon Linux', 'section': 'image', 'provider': 'aws', 'image': '/inc/images/provisioning/providers/aws.svg'}, - {'param': 'ubuntu-18-04-x64', 'name': 'Ubuntu 18.04', 'optgroup': 'Ubuntu', 'section': 'image', 'provider': 'do', 'image': '/inc/images/provisioning/oss/ubuntu.svg'}, - {'param': 'ubuntu-20-04-x64', 'name': 'Ubuntu 20.04', 'optgroup': 'Ubuntu', 'section': 'image', 'provider': 'do', 'image': '/inc/images/provisioning/oss/ubuntu.svg'}, - {'param': 'ubuntu-20-14-x64', 'name': 'Ubuntu 20.14', 'optgroup': 'Ubuntu', 'section': 'image', 'provider': 'do', 'image': '/inc/images/provisioning/oss/ubuntu.svg'}, - {'param': 'ubuntu-22-04-x64', 'name': 'Ubuntu 22.04', 'optgroup': 'Ubuntu', 'section': 'image', 'provider': 'do', 'image': '/inc/images/provisioning/oss/ubuntu.svg'}, - {'param': 'ubuntu-23-04-x64', 'name': 'Ubuntu 23.04', 'optgroup': 'Ubuntu', 'section': 'image', 'provider': 'do', 'image': '/inc/images/provisioning/oss/ubuntu.svg'}, - {'param': 'centos-7-x64', 'name': 'CentOS 7', 'optgroup': 'CentOS', 'section': 'image', 'provider': 'do', 'image': '/inc/images/provisioning/oss/centos.svg'}, - {'param': 'centos-stream-8-x64', 'name': 'CentOS 8 Stream', 'optgroup': 'CentOS', 'section': 'image', 'provider': 'do', 'image': '/inc/images/provisioning/oss/centos.svg'}, - {'param': 'centos-stream-9-x64', 'name': 'CentOS 9 Stream', 'optgroup': 'CentOS', 'section': 'image', 'provider': 'do', 'image': '/inc/images/provisioning/oss/centos.svg'}, - {'param': 'rockylinux-8-4-x64', 'name': 'RockyLinux 8.4', 'optgroup': 'RockyLinux', 'section': 'image', 'provider': 'do', 'image': '/inc/images/provisioning/oss/rocky-linux.svg'}, - {'param': 'rockylinux-8-x64', 'name': 'RockyLinux 8.5', 'optgroup': 'RockyLinux', 'section': 'image', 'provider': 'do', 'image': '/inc/images/provisioning/oss/rocky-linux.svg'}, - {'param': 'debian-9-x64', 'name': 'Debian 9', 'optgroup': 'Debian', 'section': 'image', 'provider': 'do', 'image': '/inc/images/provisioning/oss/debian.svg'}, - {'param': 'debian-10-x64', 'name': 'Debian 10', 'optgroup': 'Debian', 'section': 'image', 'provider': 'do', 'image': '/inc/images/provisioning/oss/debian.svg'}, - {'param': 'debian-11-x64', 'name': 'Debian 11', 'optgroup': 'Debian', 'section': 'image', 'provider': 'do', 'image': '/inc/images/provisioning/oss/debian.svg'}, - {'param': 'ubuntu-18.04-x64', 'name': 'Ubuntu 18.04', 'optgroup': 'Ubuntu', 'section': 'image', 'provider': 'gcore', 'image': '/inc/images/provisioning/oss/ubuntu.svg'}, - {'param': 'ubuntu-20.04-x64', 'name': 'Ubuntu 20.04', 'optgroup': 'Ubuntu', 'section': 'image', 'provider': 'gcore', 'image': '/inc/images/provisioning/oss/ubuntu.svg'}, - {'param': 'ubuntu-20.10-x64', 'name': 'Ubuntu 20.10', 'optgroup': 'Ubuntu', 'section': 'image', 'provider': 'gcore', 'image': '/inc/images/provisioning/oss/ubuntu.svg'}, - {'param': 'ubuntu-22.04-x64', 'name': 'Ubuntu 22.04', 'optgroup': 'Ubuntu', 'section': 'image', 'provider': 'gcore', 'image': '/inc/images/provisioning/oss/ubuntu.svg'}, - {'param': 'ubuntu-22.10-x64', 'name': 'Ubuntu 22.10', 'optgroup': 'Ubuntu', 'section': 'image', 'provider': 'gcore', 'image': '/inc/images/provisioning/oss/ubuntu.svg'}, - {'param': 'ubuntu-23.04-x64', 'name': 'Ubuntu 23.04', 'optgroup': 'Ubuntu', 'section': 'image', 'provider': 'gcore', 'image': '/inc/images/provisioning/oss/ubuntu.svg'}, - {'param': 'centos-7-1811-x64-qcow2', 'name': 'CentOS 7.6', 'optgroup': 'CentOS', 'section': 'image', 'provider': 'gcore', 'image': '/inc/images/provisioning/oss/centos.svg'}, - {'param': 'centos-7-2003-x64-qcow2', 'name': 'CentOS 7.8', 'optgroup': 'CentOS', 'section': 'image', 'provider': 'gcore', 'image': '/inc/images/provisioning/oss/centos.svg'}, - {'param': 'centos8-stream-0210-x64', 'name': 'CentOS 8.4', 'optgroup': 'CentOS', 'section': 'image', 'provider': 'gcore', 'image': '/inc/images/provisioning/oss/centos.svg'}, - {'param': 'centos9-stream-0330-x64', 'name': 'CentOS 9', 'optgroup': 'CentOS', 'section': 'image', 'provider': 'gcore', 'image': '/inc/images/provisioning/oss/centos.svg'}, - {'param': 'fedora-33-x64-qcow2', 'name': 'Fedora 33', 'optgroup': 'Fedora', 'section': 'image', 'provider': 'gcore', 'image': '/inc/images/provisioning/oss/fedora.svg'}, - {'param': 'fedora-34-x64-qcow2', 'name': 'Fedora 34', 'optgroup': 'Fedora', 'section': 'image', 'provider': 'gcore', 'image': '/inc/images/provisioning/oss/fedora.svg'}, - {'param': 'fedora-35-x64-qcow2', 'name': 'Fedora 35', 'optgroup': 'Fedora', 'section': 'image', 'provider': 'gcore', 'image': '/inc/images/provisioning/oss/fedora.svg'}, - {'param': 'debian-9.7-x64-qcow2', 'name': 'Debian 9.7', 'optgroup': 'Debian', 'section': 'image', 'provider': 'gcore', 'image': '/inc/images/provisioning/oss/debian.svg'}, - {'param': 'debian-10.1-x64-qcow2', 'name': 'Debian 10.1', 'optgroup': 'Debian', 'section': 'image', 'provider': 'gcore', 'image': '/inc/images/provisioning/oss/debian.svg'}, - {'param': 'debian-10.3-x64-qcow2', 'name': 'Debian 10.3', 'optgroup': 'Debian', 'section': 'image', 'provider': 'gcore', 'image': '/inc/images/provisioning/oss/debian.svg'}, - {'param': 'debian-11.generic-x64-qcow2', 'name': 'Debian 11', 'optgroup': 'Debian', 'section': 'image', 'provider': 'gcore', 'image': '/inc/images/provisioning/oss/debian.svg'}, - {'param': 'windows-server-2019', 'name': 'Windows 2019', 'optgroup': 'Windows', 'section': 'image', 'provider': 'gcore', 'image': '/inc/images/provisioning/oss/windows.svg'}, - {'param': 'windows-server-2022', 'name': 'Windows 2022', 'optgroup': 'Windows', 'section': 'image', 'provider': 'gcore', 'image': '/inc/images/provisioning/oss/windows.svg'}, - {'param': 'sles15-SP2', 'name': 'SLES 15-SP2', 'optgroup': 'SUSE', 'section': 'image', 'provider': 'gcore', 'image': '/inc/images/provisioning/oss/suse.svg'}, - {'param': 's-1vcpu-1gb', 'name': 's-1vcpu-1gb', 'optgroup': 'Base', 'section': 'size', 'provider': 'do'}, - {'param': 's-2vcpu-2gb', 'name': 's-2vcpu-2gb', 'optgroup': 'Base', 'section': 'size', 'provider': 'do'}, - {'param': 's-2vcpu-4gb', 'name': 's-2vcpu-4gb', 'optgroup': 'Base', 'section': 'size', 'provider': 'do'}, - {'param': 's-4vcpu-8gb', 'name': 's-4vcpu-8gb', 'optgroup': 'Base', 'section': 'size', 'provider': 'do'}, - {'param': 's-8vcpu-16gb', 'name': 's-8vcpu-16gb', 'optgroup': 'Base', 'section': 'size', 'provider': 'do'}, - {'param': 's-1vcpu-1gb-intel', 'name': 's-1vcpu-1gb-intel', 'optgroup': 'Premium Intel', 'section': 'size', 'provider': 'do'}, - {'param': 's-2vcpu-2gb-intel', 'name': 's-2vcpu-2gb-intel', 'optgroup': 'Premium Intel', 'section': 'size', 'provider': 'do'}, - {'param': 's-2vcpu-4gb-intel', 'name': 's-2vcpu-4gb-intel', 'optgroup': 'Premium Intel', 'section': 'size', 'provider': 'do'}, - {'param': 's-4vcpu-8gb-intel', 'name': 's-4vcpu-8gb-intel', 'optgroup': 'Premium Intel', 'section': 'size', 'provider': 'do'}, - {'param': 's-8vcpu-16gb-intel', 'name': 's-8vcpu-16gb-intel', 'optgroup': 'Premium Intel', 'section': 'size', 'provider': 'do'}, - {'param': 's-1vcpu-1gb-amd', 'name': 's-1vcpu-1gb-amd', 'optgroup': 'Premium AMD', 'section': 'size', 'provider': 'do'}, - {'param': 's-2vcpu-2gb-amd', 'name': 's-2vcpu-2gb-amd', 'optgroup': 'Premium AMD', 'section': 'size', 'provider': 'do'}, - {'param': 's-2vcpu-4gb-amd', 'name': 's-2vcpu-4gb-amd', 'optgroup': 'Premium AMD', 'section': 'size', 'provider': 'do'}, - {'param': 's-4vcpu-8gb-amd', 'name': 's-4vcpu-8gb-amd', 'optgroup': 'Premium AMD', 'section': 'size', 'provider': 'do'}, - {'param': 's-8vcpu-16gb-amd', 'name': 's-8vcpu-16gb-amd', 'optgroup': 'Premium AMD', 'section': 'size', 'provider': 'do'}, - {'param': 'g-2vcpu-8gb', 'name': 'g-2vcpu-8gb', 'optgroup': 'General Purpose', 'section': 'size', 'provider': 'do'}, - {'param': 'g-4vcpu-16gb', 'name': 'g-4vcpu-16gb', 'optgroup': 'General Purpose', 'section': 'size', 'provider': 'do'}, - {'param': 'g-8vcpu-32gb', 'name': 'g-8vcpu-32gb', 'optgroup': 'General Purpose', 'section': 'size', 'provider': 'do'}, - {'param': 'g-32vcpu-128gb', 'name': 'g-32vcpu-128gb', 'optgroup': 'General Purpose', 'section': 'size', 'provider': 'do'}, - {'param': 'g-40vcpu-160gb', 'name': 'g-40vcpu-160gb', 'optgroup': 'General Purpose', 'section': 'size', 'provider': 'do'}, - {'param': 'c-4-8gib', 'name': 'c-4-8gib', 'optgroup': 'CPU-Optimized', 'section': 'size', 'provider': 'do'}, - {'param': 'c-8-16gib', 'name': 'c-8-16gib', 'optgroup': 'CPU-Optimized', 'section': 'size', 'provider': 'do'}, - {'param': 'c-16-32gib', 'name': 'c-16-32gib', 'optgroup': 'CPU-Optimized', 'section': 'size', 'provider': 'do'}, - {'param': 'c-32-64gib', 'name': 'c-32-64gib', 'optgroup': 'CPU-Optimized', 'section': 'size', 'provider': 'do'}, - {'param': 'm-2vcpu-16gb', 'name': 'm-2vcpu-16gb', 'optgroup': 'Memory-Optimized', 'section': 'size', 'provider': 'do'}, - {'param': 'm-4vcpu-32gb', 'name': 'm-4vcpu-32gb', 'optgroup': 'Memory-Optimized', 'section': 'size', 'provider': 'do'}, - {'param': 'm-8vcpu-64gb', 'name': 'm-8vcpu-64gb', 'optgroup': 'Memory-Optimized', 'section': 'size', 'provider': 'do'}, - {'param': 'm-16vcpu-128gb', 'name': 'm-16vcpu-128gb', 'optgroup': 'Memory-Optimized', 'section': 'size', 'provider': 'do'}, - {'param': 'm-24vcpu-192gb', 'name': 'm-24vcpu-192gb', 'optgroup': 'Memory-Optimized', 'section': 'size', 'provider': 'do'}, - {'param': 'm-32vcpu-256gb', 'name': 'm-32vcpu-256gb', 'optgroup': 'Memory-Optimized', 'section': 'size', 'provider': 'do'}, - {'param': 'm-32vcpu-256gb', 'name': 'm-32vcpu-256gb', 'optgroup': 'Memory-Optimized', 'section': 'size', 'provider': 'do'}, - {'param': 'g1-standard-1-2', 'name': 'g1-standard-1-2', 'optgroup': 'Standard', 'section': 'size', 'provider': 'gcore'}, - {'param': 'g1-standard-2-4', 'name': 'g1-standard-2-4', 'optgroup': 'Standard', 'section': 'size', 'provider': 'gcore'}, - {'param': 'g1-standard-2-8', 'name': 'g1-standard-2-8', 'optgroup': 'Standard', 'section': 'size', 'provider': 'gcore'}, - {'param': 'g1-standard-4-8', 'name': 'g1-standard-4-8', 'optgroup': 'Standard', 'section': 'size', 'provider': 'gcore'}, - {'param': 'g1-standard-4-16', 'name': 'g1-standard-4-16', 'optgroup': 'Standard', 'section': 'size', 'provider': 'gcore'}, - {'param': 'g1-standard-8-16', 'name': 'g1-standard-8-16', 'optgroup': 'Standard', 'section': 'size', 'provider': 'gcore'}, - {'param': 'g1-standard-8-32', 'name': 'g1-standard-8-32', 'optgroup': 'Standard', 'section': 'size', 'provider': 'gcore'}, - {'param': 'g1-standard-16-32', 'name': 'g1-standard-16-32', 'optgroup': 'Standard', 'section': 'size', 'provider': 'gcore'}, - {'param': 'g1-standard-16-64', 'name': 'g1-standard-16-64', 'optgroup': 'Standard', 'section': 'size', 'provider': 'gcore'}, - {'param': 'g1-standard-32-64', 'name': 'g1-standard-32-64', 'optgroup': 'Standard', 'section': 'size', 'provider': 'gcore'}, - {'param': 'g1-standard-32-128', 'name': 'g1-standard-32-128', 'optgroup': 'Standard', 'section': 'size', 'provider': 'gcore'}, - {'param': 'g1-cpu-2-2', 'name': 'g1-cpu-2-2', 'optgroup': 'vCPU', 'section': 'size', 'provider': 'gcore'}, - {'param': 'g1-cpu-4-4', 'name': 'g1-cpu-4-4', 'optgroup': 'vCPU', 'section': 'size', 'provider': 'gcore'}, - {'param': 'g1-cpu-8-8', 'name': 'g1-cpu-8-8', 'optgroup': 'vCPU', 'section': 'size', 'provider': 'gcore'}, - {'param': 'g1-cpu-16-16', 'name': 'g1-cpu-16-16', 'optgroup': 'vCPU', 'section': 'size', 'provider': 'gcore'}, - {'param': 'g1-cpu-32-32', 'name': 'g1-cpu-32-32', 'optgroup': 'vCPU', 'section': 'size', 'provider': 'gcore'}, - {'param': 'g1-memory-4-32', 'name': 'g1-memory-4-32', 'optgroup': 'Memory', 'section': 'size', 'provider': 'gcore'}, - {'param': 'g1-memory-8-64', 'name': 'g1-memory-8-64', 'optgroup': 'Memory', 'section': 'size', 'provider': 'gcore'}, - {'param': 'g1-memory-16-128', 'name': 'g1-memory-16-128', 'optgroup': 'Memory', 'section': 'size', 'provider': 'gcore'}, - {'param': 'g1-memory-32-256', 'name': 'g1-memory-32-256', 'optgroup': 'Memory', 'section': 'size', 'provider': 'gcore'}, - {'param': 'gp2', 'name': 'gp2', 'optgroup': 'General Purpose SSD', 'section': 'volume_type', 'provider': 'aws'}, - {'param': 'gp3', 'name': 'gp3', 'optgroup': 'General Purpose SSD', 'section': 'volume_type', 'provider': 'aws'}, - {'param': 'standard', 'name': 'standard', 'optgroup': 'Magnetic', 'section': 'volume_type', 'provider': 'aws'}, - {'param': 'io1', 'name': 'io1', 'optgroup': 'Provisioned IOPS SSD', 'section': 'volume_type', 'provider': 'aws'}, - {'param': 'io2', 'name': 'io2', 'optgroup': 'Provisioned IOPS SSD', 'section': 'volume_type', 'provider': 'aws'}, - {'param': 'sc1', 'name': 'sc1', 'optgroup': 'Cold HDD', 'section': 'volume_type', 'provider': 'aws'}, - {'param': 'st1', 'name': 'st1', 'optgroup': 'Throughput Optimized HDD', 'section': 'volume_type', 'provider': 'aws'}, - {'param': 'standard', 'name': 'standard', 'optgroup': 'Standard network SSD', 'section': 'volume_type', 'provider': 'gcore'}, - {'param': 'ssd_hiiops', 'name': 'ssd_hiiops', 'optgroup': 'High IOPS SSD', 'section': 'volume_type', 'provider': 'gcore'}, - {'param': 'cold', 'name': 'cold', 'optgroup': 'HDD disk', 'section': 'volume_type', 'provider': 'gcore'}, - ] - - try: - ProvisionParam.insert_many(data_source).on_conflict_ignore().execute() - except Exception as e: - print(str(e)) - data_source = [ {'code': 'RW', 'name': 'Rwanda'}, {'code': 'SO', 'name': 'Somalia'}, @@ -731,18 +543,6 @@ def update_db_v_6_3_11(): print("Updating... DB has been updated to version 6.3.11") -def update_db_v_6_3_12(): - try: - ProvisionParam.delete().where( - (ProvisionParam.provider == 'gcore') & - (ProvisionParam.optgroup == 'Russia and CIS') - ).execute() - except Exception as e: - print("An error occurred:", e) - else: - print("Updating... DB has been updated to version 6.3.12") - - def update_db_v_6_3_13(): cursor = conn.cursor() sql = """ @@ -849,7 +649,7 @@ def update_db_v_6_3_18(): def update_ver(): try: - Version.update(version='6.3.18.0').execute() + Version.update(version='7.0.0.0').execute() except Exception: print('Cannot update version') @@ -874,7 +674,6 @@ def update_all(): update_db_v_6_3_8() update_db_v_6_3_9() update_db_v_6_3_11() - update_db_v_6_3_12() update_db_v_6_3_13() update_db_v_6_3_13_1() update_db_v_6_3_13_2() diff --git a/app/ha.py b/app/ha.py deleted file mode 100644 index 7871d59c..00000000 --- a/app/ha.py +++ /dev/null @@ -1,39 +0,0 @@ -#!/usr/bin/env python3 -import sys - -import modules.common.common as common -import modules.roxywi.auth as roxywi_auth -import modules.roxywi.common as roxywi_common - -from jinja2 import Environment, FileSystemLoader -env = Environment(loader=FileSystemLoader('templates/'), autoescape=True) -template = env.get_template('ha.html') - -print('Content-type: text/html\n') - -form = common.form -serv = form.getvalue('serv') - -user_params = roxywi_common.get_users_params() - -try: - roxywi_auth.check_login(user_params['user_uuid'], user_params['token'], service=3) -except Exception as e: - print(f'error {e}') - sys.exit() - -roxywi_auth.page_for_admin(level=2) -is_needed_tool = common.is_tool('ansible') - -try: - user_subscription = roxywi_common.return_user_status() -except Exception as e: - user_subscription = roxywi_common.return_unsubscribed_user_status() - roxywi_common.logging('Roxy-WI server', f'Cannot get a user plan: {e}', roxywi=1) - -parsed_template = template.render( - h2=1, role=user_params['role'], user=user_params['user'], serv=serv, selects=user_params['servers'], - user_services=user_params['user_services'], user_status=user_subscription['user_status'], lang=user_params['lang'], - user_plan=user_subscription['user_plan'], is_needed_tool=is_needed_tool, token=user_params['token'] -) -print(parsed_template) diff --git a/app/hapservers.py b/app/hapservers.py deleted file mode 100644 index c2945ba6..00000000 --- a/app/hapservers.py +++ /dev/null @@ -1,188 +0,0 @@ -#!/usr/bin/env python3 -import sys - -import distro -from jinja2 import Environment, FileSystemLoader - -import modules.db.sql as sql -import modules.common.common as common -import modules.server.server as server_mod -import modules.roxywi.auth as roxywi_auth -import modules.roxywi.common as roxywi_common - -env = Environment(loader=FileSystemLoader('templates/'), autoescape=True) -template = env.get_template('hapservers.html') - -print('Content-type: text/html\n') - -user_params = roxywi_common.get_users_params() - -services = [] -servers: object -form = common.form -serv = common.is_ip_or_dns(form.getvalue('serv')) -service = common.checkAjaxInput(form.getvalue('service')) -autorefresh = 0 -servers_waf = () -title = '' -cmd = "ps ax |grep -e 'keep_alive.py' |grep -v grep |wc -l" -keep_alive, stderr = server_mod.subprocess_execute(cmd) -is_restart = '' -service_desc = '' -restart_settings = '' - -if service in ('haproxy', 'nginx', 'keepalived', 'apache'): - service_desc = sql.select_service(service) - if roxywi_auth.check_login(user_params['user_uuid'], user_params['token'], service=service_desc.service_id): - if serv: - if roxywi_common.check_is_server_in_group(serv): - servers = sql.select_servers(server=serv) - autorefresh = 1 - server_id = sql.select_server_id_by_ip(serv) - docker_settings = sql.select_docker_service_settings(server_id, service_desc.slug) - restart_settings = sql.select_restart_service_settings(server_id, service_desc.slug) - else: - servers = roxywi_common.get_dick_permit(virt=1, service=service_desc.slug) - docker_settings = sql.select_docker_services_settings(service_desc.slug) - restart_settings = sql.select_restart_services_settings(service_desc.slug) -else: - print('') - sys.exit() - -services_name = {'roxy-wi-checker': 'Master backends checker service', - 'roxy-wi-keep_alive': 'Auto start service', - 'roxy-wi-metrics': 'Master metrics service'} -for s, v in services_name.items(): - if distro.id() == 'ubuntu': - if s == 'roxy-wi-keep_alive': - s = 'roxy-wi-keep-alive' - cmd = "apt list --installed 2>&1 |grep " + s - else: - cmd = "rpm --query " + s + "-* |awk -F\"" + s + "\" '{print $2}' |awk -F\".noa\" '{print $1}' |sed 's/-//1' |sed 's/-/./'" - service_ver, stderr = server_mod.subprocess_execute(cmd) - try: - services.append([s, service_ver[0]]) - except Exception: - services.append([s, '']) - -haproxy_sock_port = sql.get_setting('haproxy_sock_port') -servers_with_status1 = [] -out1 = '' -if len(servers) == 1: - serv = servers[0][2] -for s in servers: - servers_with_status = list() - servers_with_status.append(s[0]) - servers_with_status.append(s[1]) - servers_with_status.append(s[2]) - servers_with_status.append(s[11]) - if service == 'nginx': - h = (['', ''],) - cmd = [ - "/usr/sbin/nginx -v 2>&1|awk '{print $3}' && systemctl status nginx |grep -e 'Active' |awk " - "'{print $2, $9$10$11$12$13}' && ps ax |grep nginx:|grep -v grep |wc -l"] - for service_set in docker_settings: - if service_set.server_id == s[0] and service_set.setting == 'dockerized' and service_set.value == '1': - container_name = sql.get_setting('nginx_container_name') - cmd = [ - "docker exec -it " + container_name + " /usr/sbin/nginx -v 2>&1|awk '{print $3}' && " - "docker ps -a -f name=" + container_name + " --format '{{.Status}}'|tail -1 && ps ax |grep nginx:" - "|grep -v grep |wc -l" - ] - try: - out = server_mod.ssh_command(s[2], cmd) - h = () - out1 = [] - for k in out.split(): - out1.append(k) - h = (out1,) - servers_with_status.append(h) - servers_with_status.append(h) - servers_with_status.append(s[17]) - except Exception: - servers_with_status.append(h) - servers_with_status.append(h) - servers_with_status.append(s[17]) - elif service == 'keepalived': - h = (['', ''],) - cmd = [ - "/usr/sbin/keepalived -v 2>&1|head -1|awk '{print $2}' && systemctl status keepalived |" - "grep -e 'Active' |awk '{print $2, $9$10$11$12$13}' && ps ax |grep keepalived|grep -v grep |wc -l" - ] - try: - out = server_mod.ssh_command(s[2], cmd) - out1 = [] - for k in out.split(): - out1.append(k) - h = (out1,) - servers_with_status.append(h) - servers_with_status.append(h) - servers_with_status.append(s[22]) - except Exception: - servers_with_status.append(h) - servers_with_status.append(h) - servers_with_status.append(s[22]) - elif service == 'apache': - h = (['', ''],) - apache_stats_user = sql.get_setting('apache_stats_user') - apache_stats_password = sql.get_setting('apache_stats_password') - apache_stats_port = sql.get_setting('apache_stats_port') - apache_stats_page = sql.get_setting('apache_stats_page') - cmd = "curl -s -u %s:%s http://%s:%s/%s?auto |grep 'ServerVersion\|Processes\|ServerUptime:'" % ( - apache_stats_user, apache_stats_password, s[2], apache_stats_port, apache_stats_page - ) - try: - out = server_mod.subprocess_execute(cmd) - if out != '': - for k in out: - servers_with_status.append(k) - servers_with_status.append(s[22]) - except Exception: - servers_with_status.append(h) - servers_with_status.append(h) - servers_with_status.append(s[22]) - else: - cmd = 'echo "show info" |nc %s %s -w 1 -v|grep -e "Ver\|Uptime:\|Process_num"' % (s[2], haproxy_sock_port) - out = server_mod.subprocess_execute(cmd) - for k in out: - if "Connection refused" not in k: - out1 = out - else: - out1 = False - servers_with_status.append(out1) - - servers_with_status.append(s[12]) - - servers_with_status.append(sql.is_master(s[2])) - servers_with_status.append(sql.select_servers(server=s[2])) - - is_keepalived = sql.select_keepalived(s[2]) - - if is_keepalived: - try: - cmd = ['sudo kill -USR1 `cat /var/run/keepalived.pid` && sudo grep State /tmp/keepalived.data -m 1 |' - 'awk -F"=" \'{print $2}\'|tr -d \'[:space:]\' && sudo rm -f /tmp/keepalived.data'] - out = server_mod.ssh_command(s[2], cmd) - out1 = ('1', out) - servers_with_status.append(out1) - except Exception as e: - servers_with_status.append(str(e)) - else: - servers_with_status.append('') - - servers_with_status1.append(servers_with_status) - -try: - user_subscription = roxywi_common.return_user_status() -except Exception as e: - user_subscription = roxywi_common.return_unsubscribed_user_status() - roxywi_common.logging('Roxy-WI server', f'Cannot get a user plan: {e}', roxywi=1) - -template = template.render( - h2=1, autorefresh=autorefresh, role=user_params['role'], user=user_params['user'], servers=servers_with_status1, - keep_alive=''.join(keep_alive), serv=serv, service=service, services=services, user_services=user_params['user_services'], - docker_settings=docker_settings, user_status=user_subscription['user_status'], user_plan=user_subscription['user_plan'], - servers_waf=servers_waf, restart_settings=restart_settings, service_desc=service_desc, token=user_params['token'], - lang=user_params['lang'] -) -print(template) diff --git a/app/history.py b/app/history.py deleted file mode 100644 index 4edbdade..00000000 --- a/app/history.py +++ /dev/null @@ -1,53 +0,0 @@ -#!/usr/bin/env python3 -import modules.db.sql as sql -import modules.common.common as common -import modules.roxywi.auth as roxywi_auth -import modules.roxywi.common as roxywi_common - -from jinja2 import Environment, FileSystemLoader - -env = Environment(loader=FileSystemLoader('templates/'), autoescape=True) -template = env.get_template('history.html') - -print('Content-type: text/html\n') - -user_params = roxywi_common.get_users_params(service='keepalived') - -form = common.form -serv = common.is_ip_or_dns(form.getvalue('serv')) -service = form.getvalue('service') -user_id_history = form.getvalue('user_id') - -if service in ('haproxy', 'nginx', 'keepalived', 'apache'): - service_desc = sql.select_service(service) - if roxywi_auth.check_login(user_params['user_uuid'], user_params['token'], service=service_desc.service_id): - server_id = sql.select_server_id_by_ip(serv) - history = sql.select_action_history_by_server_id_and_service(server_id, service_desc.service) -elif service == 'server': - if serv: - if roxywi_common.check_is_server_in_group(serv): - server_id = sql.select_server_id_by_ip(serv) - history = sql.select_action_history_by_server_id(server_id) -elif service == 'user': - if user_id_history: - history = sql.select_action_history_by_user_id(user_id_history) - -users = sql.select_users() - -try: - user_subscription = roxywi_common.return_user_status() -except Exception as e: - user_subscription = roxywi_common.return_unsubscribed_user_status() - roxywi_common.logging('Roxy-WI server', f'Cannot get a user plan: {e}', roxywi=1) - -try: - sql.delete_action_history_for_period() -except Exception as e: - print(e) - -rendered_template = template.render( - h2=1, autorefresh=0, role=user_params['role'], user=user_params['user'], users=users, serv=serv, - service=service, history=history, user_services=user_params['user_services'], token=user_params['token'], - user_status=user_subscription['user_status'], user_plan=user_subscription['user_plan'], lang=user_params['lang'] -) -print(rendered_template) diff --git a/app/login.py b/app/login.py deleted file mode 100644 index ee85c303..00000000 --- a/app/login.py +++ /dev/null @@ -1,238 +0,0 @@ -#!/usr/bin/env python3 -# -*- coding: utf-8 -*- -import os -import sys -import http.cookies - -import datetime -import uuid -import distro - -import modules.db.sql as sql -import modules.common.common as common -import modules.server.server as server_mod -import modules.roxy_wi_tools as roxy_wi_tools -import modules.roxywi.common as roxywi_common - -from jinja2 import Environment, FileSystemLoader -env = Environment(loader=FileSystemLoader('templates/'), autoescape=True) -template = env.get_template('login.html') -form = common.form - -cookie = http.cookies.SimpleCookie(os.environ.get("HTTP_COOKIE")) -user_id = cookie.get('uuid') -try: - ref = form.getvalue('ref') - login = form.getvalue('login') - password = form.getvalue('pass') -except Exception: - ref = '' - login = '' - password = '' -error_log = "" -error = "" - - -def send_cookie(login): - session_ttl = int(sql.get_setting('session_ttl')) - expires = datetime.datetime.utcnow() + datetime.timedelta(days=session_ttl) - user_group = '' - user_uuid = str(uuid.uuid4()) - user_token = str(uuid.uuid4()) - sql.write_user_uuid(login, user_uuid) - sql.write_user_token(login, user_token) - - user_id = sql.get_user_id_by_uuid(user_uuid) - try: - cookie = http.cookies.SimpleCookie(os.environ.get("HTTP_COOKIE")) - user_group_id = cookie.get('group') - user_group_id = user_group_id.value - if sql.check_user_group(user_id, user_group_id): - user_groups = user_group_id - else: - user_groups = sql.select_user_groups(user_id, limit=1) - except Exception: - user_groups = sql.select_user_groups(user_id, limit=1) - - c = http.cookies.SimpleCookie(os.environ.get("HTTP_COOKIE")) - c["uuid"] = user_uuid - c["uuid"]["path"] = "/app" - # c["uuid"]["samesite"] = "Strict" - c["uuid"]["Secure"] = "True" - c["uuid"]["expires"] = expires.strftime("%a, %d %b %Y %H:%M:%S GMT") - c["group"] = user_groups - c["group"]["path"] = "/app" - # c["group"]["samesite"] = "Strict" - c["group"]["Secure"] = "True" - c["group"]["expires"] = expires.strftime("%a, %d %b %Y %H:%M:%S GMT") - print(c.output()) - - try: - groups = sql.select_groups(id=user_groups) - for g in groups: - if g[0] == int(user_groups): - user_group = g[1] - except Exception: - user_group = '' - - try: - user_name = sql.get_user_name_by_uuid(user_uuid) - roxywi_common.logging('Roxy-WI server', f' user: {user_name}, group: {user_group} login', roxywi=1) - except Exception: - pass - print("Content-type: text/html\n") - print('ok') - - try: - if distro.id() == 'ubuntu': - if os.path.exists('/etc/apt/auth.conf.d/roxy-wi.conf'): - cmd = "grep login /etc/apt/auth.conf.d/roxy-wi.conf |awk '{print $2}'" - get_user_name, stderr = server_mod.subprocess_execute(cmd) - user_name = get_user_name[0] - else: - user_name = 'git' - else: - if os.path.exists('/etc/yum.repos.d/roxy-wi.repo'): - cmd = "grep base /etc/yum.repos.d/roxy-wi.repo |awk -F\":\" '{print $2}'|awk -F\"/\" '{print $3}'" - get_user_name, stderr = server_mod.subprocess_execute(cmd) - user_name = get_user_name[0] - else: - user_name = 'git' - if sql.select_user_name(): - sql.update_user_name(user_name) - else: - sql.insert_user_name(user_name) - except Exception as e: - roxywi_common.logging('Cannot update subscription: ', str(e), roxywi=1) - - sys.exit() - - -def ban(): - c = http.cookies.SimpleCookie(os.environ.get("HTTP_COOKIE")) - expires = datetime.datetime.utcnow() + datetime.timedelta(seconds=10) - c["ban"] = "1" - c["ban"]["path"] = "/" - # c["ban"]["samesite"] = "Strict" - c["ban"]["Secure"] = "True" - c["ban"]["expires"] = expires.strftime("%a, %d %b %Y %H:%M:%S GMT") - try: - roxywi_common.logging('Roxy-WI server', f'{login} failed log in', roxywi=1, login=1) - except Exception: - roxywi_common.logging('Roxy-WI server', ' Failed log in. Wrong username', roxywi=1) - print(c.output()) - print("Content-type: text/html\n") - print('ban') - sys.exit() - - -def check_in_ldap(user, password): - import ldap - - server = sql.get_setting('ldap_server') - port = sql.get_setting('ldap_port') - ldap_class_search = sql.get_setting('ldap_class_search') - root_user = sql.get_setting('ldap_user') - root_password = sql.get_setting('ldap_password') - ldap_base = sql.get_setting('ldap_base') - ldap_search_field = sql.get_setting('ldap_search_field') - ldap_user_attribute = sql.get_setting('ldap_user_attribute') - ldap_type = sql.get_setting('ldap_type') - - ldap_proto = 'ldap' if ldap_type == "0" else 'ldaps' - - ldap_bind = ldap.initialize('{}://{}:{}/'.format(ldap_proto, server, port)) - try: - ldap_bind.protocol_version = ldap.VERSION3 - ldap_bind.set_option(ldap.OPT_REFERRALS, 0) - - bind = ldap_bind.simple_bind_s(root_user, root_password) - - criteria = "(&(objectClass=" + ldap_class_search + ")(" + ldap_user_attribute + "=" + user + "))" - attributes = [ldap_search_field] - result = ldap_bind.search_s(ldap_base, ldap.SCOPE_SUBTREE, criteria, attributes) - - bind = ldap_bind.simple_bind_s(result[0][0], password) - except ldap.INVALID_CREDENTIALS: - ban() - except ldap.SERVER_DOWN: - print("Content-type: text/html\n") - print('error: LDAP server is down') - sys.exit() - except ldap.LDAPError as e: - if type(e.message) == dict and 'desc' in e.message: - print("Content-type: text/html\n") - print(f'error: {e.message["desc"]}') - sys.exit() - else: - print("Content-type: text/html\n") - print(f'error: {e}') - sys.exit() - else: - send_cookie(user) - - -if ref is None: - ref = "/index.html" - -if form.getvalue('error'): - error_log = 'Something wrong. Try again' - -try: - if sql.get_setting('session_ttl'): - session_ttl = sql.get_setting('session_ttl') -except Exception as e: - error = f'error: {e}' - -try: - role = sql.get_user_role_by_uuid(user_id.value, user_group_id) - user = sql.get_user_name_by_uuid(user_id.value) -except Exception: - role = "" - user = "" - - -if form.getvalue('logout'): - try: - sql.delete_uuid(user_id.value) - except Exception: - pass - print("Set-cookie: uuid=; expires=Wed, May 18 03:33:20 2003; path=/app; httponly") - print("Content-type: text/html\n") - print('') - sys.exit() - -if login is not None and password is not None: - USERS = sql.select_users(user=login) - - for users in USERS: - if users.activeuser == 0: - print("Content-type: text/html\n") - print('Your login is disabled') - sys.exit() - if users.ldap_user == 1: - if login in users.username: - check_in_ldap(login, password) - else: - passwordHashed = roxy_wi_tools.Tools.get_hash(password) - if login in users.username and passwordHashed == users.password: - send_cookie(login) - break - else: - ban() - else: - ban() - print("Content-type: text/html\n") - -if login is None: - print("Content-type: text/html\n") - -try: - lang = roxywi_common.get_user_lang() -except Exception: - lang = 'en' - -parsed_template = template.render( - h2=0, title="Login page", role=role, user=user, error_log=error_log, error=error, ref=ref, lang=lang -) -print(parsed_template) diff --git a/app/logs.py b/app/logs.py deleted file mode 100644 index fee5ea16..00000000 --- a/app/logs.py +++ /dev/null @@ -1,57 +0,0 @@ -#!/usr/bin/env python3 -import modules.db.sql as sql -import modules.common.common as common -import modules.roxywi.auth as roxywi_auth -import modules.roxywi.common as roxywi_common - -from jinja2 import Environment, FileSystemLoader -env = Environment(loader=FileSystemLoader('templates/'), autoescape=True) -template = env.get_template('logs.html') -form = common.form -print('Content-type: text/html\n') - -user_params = roxywi_common.get_users_params() - -if form.getvalue('grep') is None: - grep = "" -else: - grep = form.getvalue('grep') - -exgrep = form.getvalue('exgrep') if form.getvalue('exgrep') else '' - -if form.getvalue('rows') is None: - rows = 10 -else: - if form.getvalue('rows1') is not None: - rows = form.getvalue('rows1') - else: - rows = form.getvalue('rows') - -hour = form.getvalue('hour') -hour1 = form.getvalue('hour1') -minut = form.getvalue('minut') -minut1 = form.getvalue('minut1') -waf = form.getvalue('waf') -service = common.checkAjaxInput(form.getvalue('service')) -remote_file = form.getvalue('file') -service_name = '' - -if service in ('haproxy', 'nginx', 'keepalived', 'apache') and waf != '1': - service_desc = sql.select_service(service) - service_name = service_desc.service - if roxywi_auth.check_login(user_params['user_uuid'], user_params['token'], service=service_desc.service_id): - servers = roxywi_common.get_dick_permit(service=service_desc.slug) -elif waf == '1': - service_name = 'WAF' - if roxywi_auth.check_login(user_params['user_uuid'], user_params['token'], service=1): - servers = roxywi_common.get_dick_permit(haproxy=1) -else: - print('') - -template = template.render( - h2=1, autorefresh=1, role=user_params['role'], user=user_params['user'], select_id="serv", - selects=servers, serv=form.getvalue('serv'), rows=rows, grep=grep, exgrep=exgrep, hour=hour, hour1=hour1, - minut=minut, minut1=minut1, waf=waf, service=service, user_services=user_params['user_services'], - token=user_params['token'], remote_file=remote_file, lang=user_params['lang'], service_name=service_name -) -print(template) diff --git a/app/metrics.py b/app/metrics.py deleted file mode 100644 index 63231cbe..00000000 --- a/app/metrics.py +++ /dev/null @@ -1,63 +0,0 @@ -#!/usr/bin/env python3 -import distro - -import modules.db.sql as sql -import modules.common.common as common -import modules.server.server as server_mod -import modules.roxywi.auth as roxywi_auth -import modules.roxywi.common as roxywi_common - -from jinja2 import Environment, FileSystemLoader -env = Environment(loader=FileSystemLoader('templates/'), autoescape=True) -template = env.get_template('metrics.html') -form = common.form -service = form.getvalue('service') -service_desc = '' - -print('Content-type: text/html\n') - -user_params = roxywi_common.get_users_params() - -roxywi_common.check_user_group() - -try: - if distro.id() == 'ubuntu': - cmd = "apt list --installed 2>&1 |grep roxy-wi-metrics" - else: - cmd = "rpm -q roxy-wi-metrics-* |awk -F\"metrics\" '{print $2}' |awk -F\".noa\" '{print $1}' |sed 's/-//1' |sed 's/-/./'" - service_ver, stderr = server_mod.subprocess_execute(cmd) - services = '0' - - if not stderr: - if service_ver[0] == ' is not installed' or service_ver == '': - servers = '' - else: - service_desc = sql.select_service(service) - - if service == 'nginx': - if roxywi_auth.check_login(user_params['user_uuid'], user_params['token'], service=2): - user_params['servers'] = sql.select_nginx_servers_metrics_for_master() - elif service == 'apache': - if roxywi_auth.check_login(user_params['user_uuid'], user_params['token'], service=4): - user_params['servers'] = sql.select_apache_servers_metrics_for_master() - else: - if roxywi_auth.check_login(user_params['user_uuid'], user_params['token'], service=1): - group_id = roxywi_common.get_user_group(id=1) - user_params['servers'] = sql.select_servers_metrics(group_id) - service = 'haproxy' - services = '1' -except Exception: - pass - -try: - user_subscription = roxywi_common.return_user_status() -except Exception as e: - user_subscription = roxywi_common.return_unsubscribed_user_status() - roxywi_common.logging('Roxy-WI server', f'Cannot get a user plan: {e}', roxywi=1) - -template = template.render( - h2=1, autorefresh=1, role=user_params['role'], user=user_params['user'], servers=user_params['servers'], - services=services, user_services=user_params['user_services'], service=service, user_status=user_subscription['user_status'], - user_plan=user_subscription['user_plan'], token=user_params['token'], lang=user_params['lang'], service_desc=service_desc -) -print(template) diff --git a/app/modules/alerting/__init__.py b/app/modules/alerting/__init__.py deleted file mode 100644 index ec8976af..00000000 --- a/app/modules/alerting/__init__.py +++ /dev/null @@ -1 +0,0 @@ -NAME = 'roxy-wi-alerting-module' diff --git a/app/modules/common/common.py b/app/modules/common/common.py index 3337ce9a..5e2de6eb 100644 --- a/app/modules/common/common.py +++ b/app/modules/common/common.py @@ -1,5 +1,6 @@ import re import cgi +import cgitb form = cgi.FieldStorage() error_mess = 'error: All fields must be completed' diff --git a/app/modules/config/add.py b/app/modules/config/add.py index 3324c493..508c4a4b 100644 --- a/app/modules/config/add.py +++ b/app/modules/config/add.py @@ -1,5 +1,6 @@ import os -import json + +from flask import render_template, request import modules.db.sql as sql import modules.server.ssh as ssh_mod @@ -14,6 +15,69 @@ get_date = roxy_wi_tools.GetDate(time_zone) get_config = roxy_wi_tools.GetConfigVar() +def save_to_haproxy_config(config: str, server_ip) -> str: + roxywi_common.check_is_server_in_group(server_ip) + hap_configs_dir = get_config.get_config_var('configs', 'haproxy_save_configs_dir') + cfg = hap_configs_dir + server_ip + "-" + get_date.return_date('config') + ".cfg" + + config_mod.get_config(server_ip, cfg) + + try: + with open(cfg, "a") as conf: + conf.write(config) + except IOError as e: + raise Exception(f"error: Cannot read import config file {e}") + + try: + output = config_mod.master_slave_upload_and_restart(server_ip, cfg, "save", 'haproxy') + except Exception as e: + raise Exception(e) + + try: + roxywi_common.logging(server_ip, f"Add has been added a new {name}") + except Exception: + pass + + if output: + return output + else: + return name + + +def save_nginx_config(config_add: str, server_ip: str, config_name: str) -> str: + try: + server_name = sql.get_hostname_by_server_ip(server_ip) + except Exception: + server_name = server_ip + + roxywi_common.check_is_server_in_group(server_ip) + sub_folder = 'conf.d' if 'upstream' in config_name else 'sites-enabled' + + service_configs_dir = get_config.get_config_var('configs', 'nginx_save_configs_dir') + cfg = f'{service_configs_dir}{server_ip}-{config_name}.conf' + nginx_dir = common.return_nice_path(sql.get_setting('nginx_dir')) + + config_file_name = f'{nginx_dir}{sub_folder}/{config_name}.conf' + + try: + with open(cfg, "w") as conf: + conf.write(config_add) + except IOError: + return "error: Cannot save a new config" + + try: + roxywi_common.logging(server_ip, "add/nginx add new %s" % config_name) + except Exception: + pass + + output = config_mod.master_slave_upload_and_restart(server_ip, cfg, "save", 'nginx', config_file_name=config_file_name) + + if output: + return output + else: + return config_name + + def get_userlists(config): return_config = '' with open(config, 'r') as f: @@ -25,7 +89,7 @@ def get_userlists(config): return return_config -def show_userlist(server_ip: str) -> None: +def show_userlist(server_ip: str) -> str: configs_dir = get_config.get_config_var('configs', 'haproxy_save_configs_dir') format_file = 'cfg' @@ -47,55 +111,100 @@ def show_userlist(server_ip: str) -> None: roxywi_common.logging('Roxy-WI server', f' Cannot get Userlists from the config file {e}', roxywi=1) sections = 'error: Cannot get Userlists' - print(sections) + return sections -def get_bwlist(color: str, group: str, list_name: str) -> None: +def add_userlist() -> str: + generate = request.form.get('generateconfig') + server_ip = request.form.get('serv') + name = f"userlist {request.form.get('new_userlist')}\n" + + new_userlist_groups = "" + if request.form.get('userlist-group') is not None: + groups = request.form.getlist('userlist-group') + for group in groups: + if group == '': + continue + new_userlist_groups += f" group {group}\n" + + new_users_list = "" + if request.form.get('userlist-user') is not None: + users = request.form.getlist('userlist-user') + passwords = request.form.getlist('userlist-password') + userlist_user_group = request.form.getlist('userlist-user-group') + i = 0 + + for user in users: + if user == '': + continue + try: + group = f' groups {userlist_user_group[i]}' + except Exception: + group = '' + new_users_list += f" user {user} insecure-password {passwords[i]} {group}\n" + i += 1 + + config_add = "\n" + name + new_userlist_groups + new_users_list + + if generate: + return config_add + else: + try: + return save_to_haproxy_config(config_add, server_ip) + except Exception as e: + return str(e) + + +def get_bwlist(color: str, group: str, list_name: str) -> str: lib_path = get_config.get_config_var('main', 'lib_path') list_path = f"{lib_path}/lists/{group}/{color}/{list_name}" try: with open(list_path, 'r') as f: - print(f.read()) + return f.read() except IOError as e: - print(f"error: Cannot read {color} list: {e}") + return f"error: Cannot read {color} list: {e}" -def get_bwlists_for_autocomplete(color: str, group: str) -> None: +def get_bwlists_for_autocomplete(color: str, group: str) -> str: lib_path = get_config.get_config_var('main', 'lib_path') list_path = f"{lib_path}/lists/{group}/{color}" lists = roxywi_common.get_files(list_path, "lst") + lines = '' for line in lists: - print(line) + lines += line + ' ' + + return lines -def create_bwlist(server_ip: str, list_name: str, color: str, group: str) -> None: +def create_bwlist(server_ip: str, list_name: str, color: str, group: str) -> str: lib_path = get_config.get_config_var('main', 'lib_path') list_name = f"{list_name.split('.')[0]}.lst" list_path = f"{lib_path}/lists/{group}/{color}/{list_name}" try: open(list_path, 'a').close() - print('success: ') try: roxywi_common.logging(server_ip, f'A new list {color} {list_name} has been created', roxywi=1, login=1) except Exception: pass + return 'success: ' except IOError as e: - print(f'error: Cannot create a new {color} list. {e}, ') + return f'error: Cannot create a new {color} list. {e}, ' -def save_bwlist(list_name: str, list_con: str, color: str, group: str, server_ip: str, action: str) -> None: +def save_bwlist(list_name: str, list_con: str, color: str, group: str, server_ip: str, action: str) -> str: lib_path = get_config.get_config_var('main', 'lib_path') list_path = f"{lib_path}/lists/{group}/{color}/{list_name}" + path = sql.get_setting('haproxy_dir') + "/" + color + servers = [] + output = '' + try: with open(list_path, "w") as file: file.write(list_con) except IOError as e: - print(f'error: Cannot save {color} list. {e}') - - path = sql.get_setting('haproxy_dir') + "/" + color - servers = [] + return f'error: Cannot save {color} list. {e}' if server_ip != 'all': servers.append(server_ip) @@ -112,12 +221,12 @@ def save_bwlist(list_name: str, list_con: str, color: str, group: str, server_ip for serv in servers: server_mod.ssh_command(serv, [f"sudo mkdir {path}"]) server_mod.ssh_command(serv, [f"sudo chown $(whoami) {path}"]) - error = config_mod.upload(serv, f'{path}/{list_name}', list_path, dir='fullpath') + error = config_mod.upload(serv, f'{path}/{list_name}', list_path) if error: - print(f'error: Upload fail: {error} , ') + output += f'error: Upload fail: {error} , ' else: - print(f'success: Edited {color} list was uploaded to {serv} , ') + output += f'success: Edited {color} list was uploaded to {serv} , ' try: roxywi_common.logging(serv, f'Has been edited the {color} list {list_name}', roxywi=1, login=1) except Exception: @@ -135,17 +244,20 @@ def save_bwlist(list_name: str, list_con: str, color: str, group: str, server_ip elif action == 'reload': server_mod.ssh_command(serv, [f"sudo systemctl reload {haproxy_service_name}"]) + return output -def delete_bwlist(list_name: str, color: str, group: str, server_ip: str) -> None: + +def delete_bwlist(list_name: str, color: str, group: str, server_ip: str) -> str: servers = [] lib_path = get_config.get_config_var('main', 'lib_path') list_path = f"{lib_path}/lists/{group}/{color}/{list_name}" path = f"{sql.get_setting('haproxy_dir')}/{color}" + output = '' try: os.remove(list_path) except IOError as e: - print(f'error: Cannot delete {color} list from Roxy-WI server. {e} , ') + return f'error: Cannot delete {color} list from Roxy-WI server. {e} , ' if server_ip != 'all': servers.append(server_ip) @@ -163,27 +275,30 @@ def delete_bwlist(list_name: str, color: str, group: str, server_ip: str) -> Non error = server_mod.ssh_command(serv, [f"sudo rm {path}/{list_name}"], return_err=1) if error: - print(f'error: Deleting fail: {error} , ') + return f'error: Deleting fail: {error} , ' else: - print(f'success: the {color} list has been deleted on {serv} , ') + output += f'success: the {color} list has been deleted on {serv} , ' try: roxywi_common.logging(serv, f'has been deleted the {color} list {list_name}', roxywi=1, login=1) except Exception: pass + return output -def edit_map(map_name: str, group: str) -> None: +def edit_map(map_name: str, group: str) -> str: lib_path = get_config.get_config_var('main', 'lib_path') list_path = f"{lib_path}/maps/{group}/{map_name}" try: with open(list_path, 'r') as f: - print(f.read()) + read_map = f.read() except IOError as e: - print(f"error: Cannot read {map_name} list: {e}") + return f"error: Cannot read {map_name} list: {e}" + else: + return read_map -def create_map(server_ip: str, map_name: str, group: str) -> None: +def create_map(server_ip: str, map_name: str, group: str) -> str: lib_path = get_config.get_config_var('main', 'lib_path') map_name = f"{map_name.split('.')[0]}.map" map_path = f'{lib_path}/maps/{group}/' @@ -195,23 +310,26 @@ def create_map(server_ip: str, map_name: str, group: str) -> None: assert Exception(f'error: cannot create a local folder for maps: {e}') try: open(full_path, 'a').close() - print('success: ') try: roxywi_common.logging(server_ip, f'A new map {map_name} has been created', roxywi=1, login=1) except Exception: pass except IOError as e: assert Exception(f'error: Cannot create a new {map_name} map. {e}, ') + else: + return 'success: ' -def save_map(map_name: str, list_con: str, group: str, server_ip: str, action: str) -> None: +def save_map(map_name: str, list_con: str, group: str, server_ip: str, action: str) -> str: lib_path = get_config.get_config_var('main', 'lib_path') map_path = f"{lib_path}/maps/{group}/{map_name}" + output = '' + try: with open(map_path, "w") as file: file.write(list_con) except IOError as e: - print(f'error: Cannot save {map_name} list. {e}') + return f'error: Cannot save {map_name} list. {e}' path = sql.get_setting('haproxy_dir') + "/maps" servers = [] @@ -231,12 +349,11 @@ def save_map(map_name: str, list_con: str, group: str, server_ip: str, action: s for serv in servers: server_mod.ssh_command(serv, [f"sudo mkdir {path}"]) server_mod.ssh_command(serv, [f"sudo chown $(whoami) {path}"]) - error = config_mod.upload(serv, f'{path}/{map_name}', map_path, dir='fullpath') + error = config_mod.upload(serv, f'{path}/{map_name}', map_path) if error: - print(f'error: Upload fail: {error} , ') + return f'error: Upload fail: {error} , ' else: - print(f'success: Edited {map_name} map was uploaded to {serv} , ') try: roxywi_common.logging(serv, f'Has been edited the map {map_name}', roxywi=1, login=1) except Exception: @@ -254,17 +371,22 @@ def save_map(map_name: str, list_con: str, group: str, server_ip: str, action: s elif action == 'reload': server_mod.ssh_command(serv, [f"sudo systemctl reload {haproxy_service_name}"]) + output += f'success: Edited {map_name} map was uploaded to {serv} , ' -def delete_map(map_name: str, group: str, server_ip: str) -> None: + return output + + +def delete_map(map_name: str, group: str, server_ip: str) -> str: servers = [] lib_path = get_config.get_config_var('main', 'lib_path') list_path = f"{lib_path}/maps/{group}/{map_name}" path = f"{sql.get_setting('haproxy_dir')}/maps" + output = '' try: os.remove(list_path) except IOError as e: - print(f'error: Cannot delete {map_name} map from Roxy-WI server. {e} , ') + return f'error: Cannot delete {map_name} map from Roxy-WI server. {e} , ' if server_ip != 'all': servers.append(server_ip) @@ -282,47 +404,49 @@ def delete_map(map_name: str, group: str, server_ip: str) -> None: error = server_mod.ssh_command(serv, [f"sudo rm {path}/{map_name}"], return_err=1) if error: - print(f'error: Deleting fail: {error} , ') + return f'error: Deleting fail: {error} , ' else: - print(f'success: the {map_name} map has been deleted on {serv} , ') try: roxywi_common.logging(serv, f'has been deleted the {map_name} map', roxywi=1, login=1) except Exception: pass + output += f'success: the {map_name} map has been deleted on {serv} , ' + + return output -def create_saved_option(option: str, group: int) -> None: +def create_saved_option(option: str, group: int) -> str: if sql.insert_new_option(option, group): - from jinja2 import Environment, FileSystemLoader - env = Environment(loader=FileSystemLoader('templates/ajax'), autoescape=True) - template = env.get_template('/new_option.html') - template = template.render(options=sql.select_options(option=option)) - print(template) + return render_template('ajax/new_option.html', options=sql.select_options(option=option)) -def get_saved_option(group: str, term: str) -> None: +def get_saved_option(group: str, term: str) -> dict: options = sql.select_options(group=group, term=term) - a = {} v = 0 + for i in options: a[v] = i.options v = v + 1 - print(json.dumps(a)) + return a -def create_saved_server(server: str, group: str, desc: str) -> None: +def update_saved_option(option, option_id) -> bool: + try: + sql.update_options(option, option_id) + except Exception as e: + raise Exception(e) + else: + return True + + +def create_saved_server(server: str, group: str, desc: str) -> str: if sql.insert_new_savedserver(server, desc, group): - from jinja2 import Environment, FileSystemLoader - env = Environment(loader=FileSystemLoader('templates/ajax'), autoescape=True) - template = env.get_template('/new_saved_servers.html') - - template = template.render(server=sql.select_saved_servers(server=server)) - print(template) + return render_template('ajax/new_saved_servers.html', server=sql.select_saved_servers(server=server)) -def get_saved_servers(group: str, term: str) -> None: +def get_saved_servers(group: str, term: str) -> str: servers = sql.select_saved_servers(group=group, term=term) a = {} @@ -335,10 +459,10 @@ def get_saved_servers(group: str, term: str) -> None: a[v]['desc'] = i.description v = v + 1 - print(json.dumps(a)) + return a -def get_le_cert(server_ip: str, lets_domain: str, lets_email: str) -> None: +def get_le_cert(server_ip: str, lets_domain: str, lets_email: str) -> str: proxy = sql.get_setting('proxy') ssl_path = common.return_nice_path(sql.get_setting('cert_path'), is_service=0) haproxy_dir = sql.get_setting('haproxy_dir') @@ -361,94 +485,90 @@ def get_le_cert(server_ip: str, lets_domain: str, lets_email: str) -> None: if error: roxywi_common.logging('Roxy-WI server', error, roxywi=1) - print(error) + return error else: for line in output: if any(s in line for s in ("msg", "FAILED")): try: line = line.split(':')[1] line = line.split('"')[1] - print(line + "
") - break + return line + "
" except Exception: - print(output) - break + return output else: - print('success: Certificate has been created') - - os.remove(script) + os.remove(script) + return 'success: Certificate has been created' -def get_ssl_cert(server_ip: str, cert_id: int) -> None: +def get_ssl_cert(server_ip: str, cert_id: int) -> str: cert_path = sql.get_setting('cert_path') commands = [f"openssl x509 -in {cert_path}/{cert_id} -text"] try: - server_mod.ssh_command(server_ip, commands, ip="1") + return server_mod.ssh_command(server_ip, commands) except Exception as e: - print(f'error: Cannot connect to the server {e.args[0]}') + return f'error: Cannot connect to the server {e.args[0]}' -def get_ssl_raw_cert(server_ip: str, cert_id: int) -> None: +def get_ssl_raw_cert(server_ip: str, cert_id: int) -> str: cert_path = sql.get_setting('cert_path') commands = [f"cat {cert_path}/{cert_id}"] try: - server_mod.ssh_command(server_ip, commands, ip="1") + return server_mod.ssh_command(server_ip, commands) except Exception as e: - print(f'error: Cannot connect to the server {e.args[0]}') + return f'error: Cannot connect to the server {e.args[0]}' -def get_ssl_certs(server_ip: str) -> None: +def get_ssl_certs(server_ip: str) -> str: cert_path = sql.get_setting('cert_path') commands = [f"sudo ls -1t {cert_path} |grep -E 'pem|crt|key'"] try: - server_mod.ssh_command(server_ip, commands, ip="1") + return server_mod.ssh_command(server_ip, commands) except Exception as e: - print(f'error: Cannot connect to the server: {e.args[0]}') + return f'error: Cannot connect to the server: {e.args[0]}' -def del_ssl_cert(server_ip: str, cert_id: str) -> None: +def del_ssl_cert(server_ip: str, cert_id: str) -> str: cert_path = sql.get_setting('cert_path') commands = [f"sudo rm -f {cert_path}/{cert_id}"] try: - server_mod.ssh_command(server_ip, commands, ip="1") + return server_mod.ssh_command(server_ip, commands) except Exception as e: - print(f'error: Cannot delete the certificate {e.args[0]}') + return f'error: Cannot delete the certificate {e.args[0]}' -def upload_ssl_cert(server_ip: str, ssl_name: str, ssl_cont: str) -> None: +def upload_ssl_cert(server_ip: str, ssl_name: str, ssl_cont: str) -> str: cert_path = sql.get_setting('cert_path') - name = '' + tmp_path = sql.get_setting('tmp_config_path') + slave_output = '' if ssl_name is None: - print('error: Please enter a desired name') + return 'error: Please enter a desired name' else: name = f"{ssl_name}.pem" + path_to_file = f"{tmp_path}/{ssl_name}.pem" try: - with open(name, "w") as ssl_cert: + with open(path_to_file, "w") as ssl_cert: ssl_cert.write(ssl_cont) except IOError as e: - print(f'error: Cannot save the SSL key file: {e.args[0]}') - return + return f'error: Cannot save the SSL key file: {e}' masters = sql.is_master(server_ip) for master in masters: if master[0] is not None: - error = config_mod.upload(master[0], cert_path, name) + error = config_mod.upload(master[0], f'{cert_path}/{name}', path_to_file) if not error: - print(f'success: the SSL file has been uploaded to {master[0]} into: {cert_path}/{name}
') + slave_output += f'success: the SSL file has been uploaded to {master[0]} into: {cert_path}/{name} \n' try: - error = config_mod.upload(server_ip, cert_path, name) - if not error: - print(f'success: the SSL file has been uploaded to {server_ip} into: {cert_path}/{name}') + error = config_mod.upload(server_ip, f'{cert_path}/{name}', path_to_file) except Exception as e: - roxywi_common.logging('Roxy-WI server', e.args[0], roxywi=1) - # try: - # os.rename(name, cert_local_dir) - # except OSError as e: - # roxywi_common.logging('Roxy-WI server', e.args[0], roxywi=1) + roxywi_common.logging('Roxy-WI server', str(e), roxywi=1) + return f'error: cannot upload SSL cert: {e}' - roxywi_common.logging(server_ip, f"add.py#ssl uploaded a new SSL cert {name}", roxywi=1, login=1) + roxywi_common.logging(server_ip, f"add#ssl uploaded a new SSL cert {name}", roxywi=1, login=1) + + if not error: + return f'success: the SSL file has been uploaded to {server_ip} into: {cert_path}/{name} \n {slave_output}' diff --git a/app/modules/config/config.py b/app/modules/config/config.py index fbc9e9fb..99ffb0bf 100644 --- a/app/modules/config/config.py +++ b/app/modules/config/config.py @@ -1,8 +1,7 @@ import os import re -import http.cookies -from jinja2 import Environment, FileSystemLoader +from flask import render_template, request import modules.db.sql as sql import modules.server.ssh as mod_ssh @@ -12,7 +11,6 @@ import modules.roxywi.common as roxywi_common import modules.roxy_wi_tools as roxy_wi_tools import modules.service.common as service_common -form = common.form time_zone = sql.get_setting('time_zone') get_date = roxy_wi_tools.GetDate(time_zone) get_config_var = roxy_wi_tools.GetConfigVar() @@ -28,6 +26,7 @@ def get_config(server_ip, cfg, **kwargs): or kwargs.get("apache") or kwargs.get("service") == 'apache' ): config_path = common.checkAjaxInput(kwargs.get('config_file_name')) + config_path = config_path.replace('92', '/') elif kwargs.get("waf") or kwargs.get("service") == 'waf': if kwargs.get("waf") == 'haproxy': config_path = f'{sql.get_setting("haproxy_dir")}/waf/rules/{kwargs.get("waf_rule_file")}' @@ -44,51 +43,42 @@ def get_config(server_ip, cfg, **kwargs): ssh.get_sftp(config_path, cfg) except Exception as e: roxywi_common.logging('Roxy-WI server', f'error: cannot get config: {e}', roxywi=1) + raise Exception(f'error: cannot get config: {e}') -def upload(server_ip, path, file, **kwargs): - full_path = path + file - if kwargs.get('dir') == "fullpath": - full_path = path - +def upload(server_ip, path, file): try: with mod_ssh.ssh_connect(server_ip) as ssh: - ssh.put_sftp(file, full_path) + ssh.put_sftp(file, path) except Exception as e: error = str(e.args) - roxywi_common.logging('Roxy-WI server', error, roxywi=1) - print(f' Cannot upload {file} to {full_path} to server: {server_ip} error: {error}') - return error + roxywi_common.logging('Roxy-WI server', f'error: Cannot upload {file} to {path} to server: {server_ip}: {error}', roxywi=1) + print(f'error: Cannot upload {file} to {path} to server: {server_ip}: {error}') + raise Exception(error) -def upload_and_restart(server_ip: str, cfg: str, **kwargs): - error = '' +def upload_and_restart(server_ip: str, cfg: str, just_save: str, service: str, **kwargs): + file_format = 'conf' + config_path = kwargs.get('config_file_name') service_name = '' container_name = '' reload_or_restart_command = '' - file_format = 'conf' - config_path = kwargs.get('config_file_name') config_date = get_date.return_date('config') server_id = sql.select_server_id_by_ip(server_ip=server_ip) - if kwargs.get("nginx"): - service = 'nginx' - elif kwargs.get("apache"): - service = 'apache' - elif kwargs.get("keepalived"): - service = 'keepalived' - config_path = sql.get_setting('keepalived_config_path') - file_format = 'cfg' - elif kwargs.get('waf'): - service = 'waf' - else: - service = 'haproxy' + if config_path and config_path != 'undefined': + config_path = kwargs.get('config_file_name').replace('92', '/') + + if service == 'haproxy': config_path = sql.get_setting('haproxy_config_path') file_format = 'cfg' + if service == 'keepalived': + config_path = sql.get_setting('keepalived_config_path') + file_format = 'cfg' + if '..' in config_path: - print('error: nice try') - return None + raise Exception('error: nice try') tmp_file = f"{sql.get_setting('tmp_config_path')}/{config_date}.{file_format}" is_dockerized = sql.select_service_setting(server_id, service, 'dockerized') @@ -105,20 +95,22 @@ def upload_and_restart(server_ip: str, cfg: str, **kwargs): if haproxy_enterprise == '1': service_name = "hapee-2.0-lb" if service == 'apache': - service_name = service_common.get_correct_apache_service_name(server_ip, 0) + service_name = service_common.get_correct_apache_service_name(0, server_id) reload_command = f" && sudo systemctl reload {service_name}" restart_command = f" && sudo systemctl restart {service_name}" - if kwargs.get("just_save") == 'save': - action = 'save' - elif kwargs.get("just_save") == 'test': - action = 'test' - elif kwargs.get("just_save") == 'reload': + if just_save in ('save', 'test'): + action = just_save + elif just_save == 'reload': action = 'reload' reload_or_restart_command = reload_command else: - service_common.is_not_allowed_to_restart(server_id, service) + try: + service_common.is_not_allowed_to_restart(server_id, service) + except Exception as e: + return str(e) + action = 'restart' reload_or_restart_command = restart_command @@ -130,7 +122,7 @@ def upload_and_restart(server_ip: str, cfg: str, **kwargs): try: os.system(f"dos2unix -q {cfg}") except OSError: - return 'error: there is no dos2unix' + raise Exception('error: there is no dos2unix') if service == "keepalived": move_config = f"sudo mv -f {tmp_file} {config_path}" @@ -189,62 +181,68 @@ def upload_and_restart(server_ip: str, cfg: str, **kwargs): commands[0] += open_port_firewalld(cfg, server_ip=server_ip) try: - upload(server_ip, tmp_file, cfg, dir='fullpath') + upload(server_ip, tmp_file, cfg) + except Exception as e: + roxywi_common.logging('Roxy-WI server', f'error: Cannot upload config: {e}', roxywi=1) + raise Exception(f'error: Cannot upload config: {e}') + + try: + if action != 'test': + roxywi_common.logging(server_ip, 'A new config file has been uploaded', login=login, keep_history=1, service=service) + except Exception as e: + roxywi_common.logging('Roxy-WI server', str(e), roxywi=1) + + # If master then save version of config in a new way + if not kwargs.get('slave') and service != 'waf': + from pathlib import Path + + diff = '' try: - if action != 'test': - roxywi_common.logging(server_ip, 'A new config file has been uploaded', login=login, keep_history=1, service=service) + old_cfg = kwargs.get('oldcfg') + path = Path(old_cfg) + except Exception: + old_cfg = '' + path = Path(old_cfg) + + if not path.is_file(): + old_cfg = f'{tmp_file}.old' + try: + get_config(server_ip, old_cfg, service=service, config_file_name=config_path) + except Exception: + roxywi_common.logging('Roxy-WI server', 'Cannot download config for diff', roxywi=1) + try: + diff = diff_config(old_cfg, cfg, return_diff=1) except Exception as e: roxywi_common.logging('Roxy-WI server', str(e), roxywi=1) - # If master then save version of config in a new way - if not kwargs.get('slave') and service != 'waf': - from pathlib import Path - - diff = '' - try: - old_cfg = kwargs.get('oldcfg') - path = Path(old_cfg) - except Exception: - old_cfg = '' - path = Path(old_cfg) - - if not path.is_file(): - old_cfg = f'{tmp_file}.old' - try: - get_config(server_ip, old_cfg, service=service, config_file_name=config_path) - except Exception: - roxywi_common.logging('Roxy-WI server', 'Cannot download config for diff', roxywi=1) - try: - diff = diff_config(old_cfg, cfg, return_diff=1) - except Exception as e: - roxywi_common.logging('Roxy-WI server', str(e), roxywi=1) - - try: - user_id = roxywi_common.get_user_id(login=kwargs.get('login')) - sql.insert_config_version(server_id, user_id, service, cfg, config_path, diff) - except Exception as e: - roxywi_common.logging('Roxy-WI server', str(e), roxywi=1) - except Exception as e: - roxywi_common.logging('Roxy-WI server', str(e), roxywi=1) - return error + try: + user_id = roxywi_common.get_user_id(login=kwargs.get('login')) + sql.insert_config_version(server_id, user_id, service, cfg, config_path, diff) + except Exception as e: + roxywi_common.logging('Roxy-WI server', str(e), roxywi=1) try: error = server_mod.ssh_command(server_ip, commands) - try: - if action == 'reload' or action == 'restart': - roxywi_common.logging(server_ip, f'Service has been {action}ed', login=login, keep_history=1, service=service) - except Exception as e: - roxywi_common.logging('Roxy-WI server', str(e), roxywi=1) except Exception as e: roxywi_common.logging('Roxy-WI server', str(e), roxywi=1) - return e + raise Exception(f'{e}') + + try: + if action == 'reload' or action == 'restart': + roxywi_common.logging(server_ip, f'Service has been {action}ed', login=login, keep_history=1, service=service) + except Exception as e: + roxywi_common.logging('Roxy-WI server', str(e), roxywi=1) if error.strip() != 'haproxy' and error.strip() != 'nginx': return error.strip() -def master_slave_upload_and_restart(server_ip, cfg, just_save, **kwargs): +def master_slave_upload_and_restart(server_ip, cfg, just_save, service, **kwargs): slave_output = '' + masters = sql.is_master(server_ip) + config_file_name = kwargs.get('config_file_name') + oldcfg = kwargs.get('oldcfg') + waf = kwargs.get('waf') try: server_name = sql.get_hostname_by_server_ip(server_ip) @@ -256,25 +254,25 @@ def master_slave_upload_and_restart(server_ip, cfg, just_save, **kwargs): else: login = '' - masters = sql.is_master(server_ip) - for master in masters: if master[0] is not None: - slv_output = upload_and_restart( - master[0], cfg, just_save=just_save, nginx=kwargs.get('nginx'), - apache=kwargs.get('apache'), config_file_name=kwargs.get('config_file_name'), slave=1 - ) - slave_output += f'
slave_server:\n{slv_output}' - - output = upload_and_restart( - server_ip, cfg, just_save=just_save, nginx=kwargs.get('nginx'), waf=kwargs.get('waf'), - apache=kwargs.get('apache'), config_file_name=kwargs.get('config_file_name'), - oldcfg=kwargs.get('oldcfg'), login=login - ) + try: + slv_output = upload_and_restart( + master[0], cfg, just_save, service, waf=waf, config_file_name=config_file_name, slave=1 + ) + slave_output += f'
slave_server:\n{slv_output}' + except Exception as e: + return f'{e}' + try: + output = upload_and_restart( + server_ip, cfg, just_save, service, waf=waf, config_file_name=config_file_name, oldcfg=oldcfg, login=login + ) + except Exception as e: + return f'{e}' output = server_name + ':\n' + output - output = output + slave_output + return output @@ -325,7 +323,6 @@ def open_port_firewalld(cfg, server_ip, **kwargs): def diff_config(oldcfg, cfg, **kwargs): - cookie = http.cookies.SimpleCookie(os.environ.get("HTTP_COOKIE")) log_path = get_config_var.get_config_var('main', 'log_path') user_group = roxywi_common.get_user_group() diff = "" @@ -334,8 +331,8 @@ def diff_config(oldcfg, cfg, **kwargs): cmd = "/bin/diff -ub %s %s" % (oldcfg, cfg) try: - user_uuid = cookie.get('uuid') - login = sql.get_user_name_by_uuid(user_uuid.value) + user_uuid = request.cookies.get('uuid') + login = sql.get_user_name_by_uuid(user_uuid) except Exception: login = '' @@ -377,164 +374,149 @@ def show_finding_in_config(stdout: str, **kwargs) -> str: return out -def show_compare_config(server_ip: str) -> None: - env = Environment(loader=FileSystemLoader('templates/'), autoescape=True) - template = env.get_template('ajax/show_compare_configs.html') - left = form.getvalue('left') - right = form.getvalue('right') - service = form.getvalue('service') - lang = roxywi_common.get_user_lang() +def show_compare_config(server_ip: str, service: str) -> str: + lang = roxywi_common.get_user_lang_for_flask() + config_dir = get_config_var.get_config_var('configs', f'{service}_save_configs_dir') - if service == 'nginx': - return_files = roxywi_common.get_files(get_config_var.get_config_var('configs', 'nginx_save_configs_dir'), 'conf') - elif service == 'apache': - return_files = roxywi_common.get_files(get_config_var.get_config_var('configs', 'apache_save_configs_dir'), 'conf') - elif service == 'keepalived': - return_files = roxywi_common.get_files(get_config_var.get_config_var('configs', 'kp_save_configs_dir'), 'conf') + if service in ('nginx', 'apache', 'keepalived'): + return_files = roxywi_common.get_files(config_dir, 'conf', server_ip=server_ip) + elif service == 'haproxy': + return_files = roxywi_common.get_files(config_dir, 'cfg', server_ip=server_ip) else: - return_files = roxywi_common.get_files() + return 'error: Wrong service' - template = template.render(serv=server_ip, right=right, left=left, return_files=return_files, lang=lang) - print(template) + return render_template('ajax/show_compare_configs.html', serv=server_ip, return_files=return_files, lang=lang) -def compare_config() -> None: - left = common.checkAjaxInput(form.getvalue('left')) - right = common.checkAjaxInput(form.getvalue('right')) - lang = roxywi_common.get_user_lang() +def compare_config(service: str, left: str, right: str) -> str: + lang = roxywi_common.get_user_lang_for_flask() - if form.getvalue('service') == 'nginx': - configs_dir = get_config_var.get_config_var('configs', 'nginx_save_configs_dir') - elif form.getvalue('service') == 'apache': - configs_dir = get_config_var.get_config_var('configs', 'apache_save_configs_dir') - elif form.getvalue('service') == 'keepalived': - configs_dir = get_config_var.get_config_var('configs', 'kp_save_configs_dir') + if service in ('haproxy', 'nginx', 'apache', 'keepalived'): + configs_dir = get_config_var.get_config_var('configs', f'{service}_save_configs_dir') else: - configs_dir = get_config_var.get_config_var('configs', 'haproxy_save_configs_dir') + return 'error: Wrong service' cmd = f'diff -pub {configs_dir}{left} {configs_dir}{right}' - env = Environment(loader=FileSystemLoader('templates/'), autoescape=True, - extensions=["jinja2.ext.loopcontrols", "jinja2.ext.do"]) - template = env.get_template('ajax/compare.html') - output, stderr = server_mod.subprocess_execute(cmd) - template = template.render(stdout=output, lang=lang) - print(template) - print(stderr) + return render_template('ajax/compare.html', stdout=output, lang=lang) -def show_config(server_ip: str) -> None: - cookie = http.cookies.SimpleCookie(os.environ.get("HTTP_COOKIE")) - user_uuid = cookie.get('uuid') - group_id = cookie.get('group') - group_id = int(group_id.value) - role_id = sql.get_user_role_by_uuid(user_uuid.value, group_id) - service = form.getvalue('service') +def show_config(server_ip: str, service: str, config_file_name: str, configver: str) -> str: + user_uuid = request.cookies.get('uuid') + group_id = int(request.cookies.get('group')) + role_id = sql.get_user_role_by_uuid(user_uuid, group_id) + try: - config_file_name = form.getvalue('config_file_name').replace('/', '92') + config_file_name = config_file_name.replace('/', '92') except Exception: config_file_name = '' - if service == 'keepalived': - configs_dir = get_config_var.get_config_var('configs', 'kp_save_configs_dir') - cfg = '.conf' - elif service == 'nginx': - configs_dir = get_config_var.get_config_var('configs', 'nginx_save_configs_dir') - cfg = '.conf' - elif service == 'apache': - configs_dir = get_config_var.get_config_var('configs', 'apache_save_configs_dir') + if service in ('nginx', 'apache', 'keepalived'): + configs_dir = get_config_var.get_config_var('configs', f'{service}_save_configs_dir') cfg = '.conf' else: configs_dir = get_config_var.get_config_var('configs', 'haproxy_save_configs_dir') cfg = '.cfg' if '..' in configs_dir: - print('error: nice try') - return None + raise Exception('error: nice try') - if form.getvalue('configver') is None: + if configver is None: cfg = f"{configs_dir}{server_ip}-{get_date.return_date('config')}{cfg}" try: - get_config(server_ip, cfg, service=service, config_file_name=form.getvalue('config_file_name')) + get_config(server_ip, cfg, service=service, config_file_name=config_file_name) except Exception as e: - print(e) - return + raise Exception(e) else: - cfg = configs_dir + form.getvalue('configver') + cfg = configs_dir + configver + try: - conf = open(cfg, "r") - except IOError: - print('
Cannot read config file
') + with open(cfg, 'r') as file: + conf = file.readlines() + except Exception as e: + raise Exception(f'error: Cannot read config file: {e}') + + if configver is None: + os.remove(cfg) is_serv_protected = sql.is_serv_protected(server_ip) server_id = sql.select_server_id_by_ip(server_ip) hostname = sql.get_hostname_by_server_ip(server_ip) is_restart = sql.select_service_setting(server_id, service, 'restart') - lang = roxywi_common.get_user_lang() - env = Environment(loader=FileSystemLoader('templates/'), autoescape=True, trim_blocks=True, lstrip_blocks=True, - extensions=["jinja2.ext.loopcontrols", "jinja2.ext.do"]) - template = env.get_template('ajax/config_show.html') + lang = roxywi_common.get_user_lang_for_flask() - template = template.render(conf=conf, serv=server_ip, configver=form.getvalue('configver'), role=role_id, - service=service, config_file_name=config_file_name, is_serv_protected=is_serv_protected, - is_restart=is_restart, lang=lang, hostname=hostname) - print(template) - conf.close() - - if form.getvalue('configver') is None: - os.remove(cfg) + return render_template( + 'ajax/config_show.html', conf=conf, serv=server_ip, configver=configver, role=role_id, service=service, + config_file_name=config_file_name, is_serv_protected=is_serv_protected, is_restart=is_restart, lang=lang, + hostname=hostname + ) -def show_config_files(server_ip: str) -> None: - service = form.getvalue('service') +def show_config_files(server_ip: str, service: str, config_file_name: str) -> str: service_config_dir = sql.get_setting(f'{service}_dir') return_files = server_mod.get_remote_files(server_ip, service_config_dir, 'conf') if 'error: ' in return_files: - print(return_files) - return + raise Exception(return_files) try: - config_file_name = form.getvalue('config_file_name').replace('92', '/') + config_file_name = config_file_name.replace('92', '/') except Exception: config_file_name = '' return_files += ' ' + sql.get_setting(f'{service}_config_path') - lang = roxywi_common.get_user_lang() - env = Environment(loader=FileSystemLoader('templates/'), autoescape=True) - template = env.get_template('ajax/show_configs_files.html') - template = template.render(serv=server_ip, service=service, return_files=return_files, lang=lang, - config_file_name=config_file_name, path_dir=service_config_dir) - print(template) + lang = roxywi_common.get_user_lang_for_flask() + + return render_template( + 'ajax/show_configs_files.html', serv=server_ip, service=service, return_files=return_files, lang=lang, + config_file_name=config_file_name, path_dir=service_config_dir + ) -def list_of_versions(server_ip: str, service: str) -> None: +def list_of_versions(server_ip: str, service: str, configver: str, for_delver: int) -> str: if service not in ('haproxy', 'nginx', 'keepalived', 'apache'): - print('error: wrong service') - return None + raise Exception('error: wrong service') - configver = common.checkAjaxInput(form.getvalue('configver')) - for_delver = common.checkAjaxInput(form.getvalue('for_delver')) users = sql.select_users() service_desc = sql.select_service(service) configs = sql.select_config_version(server_ip, service_desc.slug) - lang = roxywi_common.get_user_lang() - action = f'versions.py?service={service_desc.slug}' - - if service in ('haproxy', 'nginx', 'apache'): - configs_dir = get_config_var.get_config_var('configs', f'{service_desc.service}_save_configs_dir') - else: - configs_dir = get_config_var.get_config_var('configs', 'kp_save_configs_dir') + lang = roxywi_common.get_user_lang_for_flask() + action = f'/app/config/versions/{service_desc.slug}/{server_ip}' + configs_dir = get_config_var.get_config_var('configs', f'{service_desc.service}_save_configs_dir') if service == 'haproxy': - files = roxywi_common.get_files() + files = roxywi_common.get_files(configs_dir, 'cfg', server_ip) else: - files = roxywi_common.get_files(configs_dir, 'conf') + files = roxywi_common.get_files(configs_dir, 'conf', server_ip) - env = Environment(loader=FileSystemLoader('templates/'), autoescape=True, extensions=["jinja2.ext.loopcontrols", "jinja2.ext.do"]) - template = env.get_template('ajax/show_list_version.html') + return render_template( + 'ajax/show_list_version.html', server_ip=server_ip, service=service, action=action, return_files=files, + configver=configver, for_delver=for_delver, configs=configs, users=users, lang=lang + ) - template = template.render(serv=server_ip, service=service, action=action, return_files=files, configver=configver, - for_delver=for_delver, configs=configs, users=users, lang=lang) - print(template) + +def return_cfg(service: str, server_ip: str, config_file_name: str) -> str: + if service == 'haproxy': + file_format = 'cfg' + else: + file_format = 'conf' + + if service in ('haproxy', 'nginx', 'apache', 'keepalived'): + configs_dir = get_config_var.get_config_var('configs', f'{service}_save_configs_dir') + else: + raise Exception('error: Wrong service') + + if service in ('nginx', 'apache'): + config_file_name = config_file_name.replace('92', '/') + conf_file_name_short = config_file_name.split('/')[-1] + cfg = f"{configs_dir}{server_ip}-{conf_file_name_short}-{get_date.return_date('config')}.{file_format}" + else: + cfg = f"{configs_dir}{server_ip}-{get_date.return_date('config')}.{file_format}" + + try: + os.system(f"/bin/rm -f {configs_dir}*.old") + except Exception: + pass + + return cfg diff --git a/app/modules/config/runtime.py b/app/modules/config/runtime.py index 99365887..2b7df89a 100644 --- a/app/modules/config/runtime.py +++ b/app/modules/config/runtime.py @@ -1,49 +1,47 @@ import json +from flask import render_template + import modules.db.sql as sql -import modules.common.common as common import modules.config.config as config_mod import modules.server.server as server_mod import modules.roxywi.common as roxywi_common import modules.roxy_wi_tools as roxy_wi_tools -form = common.form -serv = common.is_ip_or_dns(form.getvalue('serv')) time_zone = sql.get_setting('time_zone') get_date = roxy_wi_tools.GetDate(time_zone) get_config_var = roxy_wi_tools.GetConfigVar() -def show_frontend_backend() -> None: +def show_frontend_backend(serv: str, backend: str) -> str: haproxy_sock_port = int(sql.get_setting('haproxy_sock_port')) - backend = common.checkAjaxInput(form.getvalue('ipbackend')) cmd = 'echo "show servers state"|nc %s %s |grep "%s" |awk \'{print $4}\'' % (serv, haproxy_sock_port, backend) output, stderr = server_mod.subprocess_execute(cmd) + lines = '' for i in output: if i == ' ': continue i = i.strip() - print(i + '
') + lines += i + '
' + return lines -def show_server() -> None: +def show_server(serv: str, backend: str, backend_server: str) -> str: haproxy_sock_port = int(sql.get_setting('haproxy_sock_port')) - backend = common.checkAjaxInput(form.getvalue('ipbackend')) - backend_server = common.checkAjaxInput(form.getvalue('backend_server')) cmd = 'echo "show servers state"|nc %s %s |grep "%s" |grep "%s" |awk \'{print $5":"$19}\' |head -1' % ( serv, haproxy_sock_port, backend, backend_server) output, stderr = server_mod.subprocess_execute(cmd) - print(output[0]) + return output[0] -def get_all_stick_table(): +def get_all_stick_table(serv: str): hap_sock_p = sql.get_setting('haproxy_sock_port') cmd = 'echo "show table"|nc %s %s |awk \'{print $3}\' | tr -d \'\n\' | tr -d \'[:space:]\'' % (serv, hap_sock_p) output, stderr = server_mod.subprocess_execute(cmd) return output[0] -def get_stick_table(table): +def get_stick_table(serv: str, table: str): hap_sock_p = sql.get_setting('haproxy_sock_port') cmd = 'echo "show table %s"|nc %s %s |awk -F"#" \'{print $2}\' |head -1 | tr -d \'\n\'' % (table, serv, hap_sock_p) output, stderr = server_mod.subprocess_execute(cmd) @@ -62,6 +60,7 @@ def show_backends(server_ip, **kwargs): hap_sock_p = sql.get_setting('haproxy_sock_port') cmd = f'echo "show backend" |nc {server_ip} {hap_sock_p}' output, stderr = server_mod.subprocess_execute(cmd) + lines = '' if stderr: roxywi_common.logging('Roxy-WI server', ' ' + stderr, roxywi=1) if kwargs.get('ret'): @@ -76,16 +75,19 @@ def show_backends(server_ip, **kwargs): if kwargs.get('ret'): ret.append(back[1]) else: - print(back[1], end="
") + lines += back[1] + "
" if kwargs.get('ret'): return ret + return lines -def get_backends_from_config(server_ip: str, backends='') -> None: + +def get_backends_from_config(server_ip: str, backends='') -> str: config_date = get_date.return_date('config') configs_dir = get_config_var.get_config_var('configs', 'haproxy_save_configs_dir') format_cfg = 'cfg' + lines = '' try: cfg = configs_dir + roxywi_common.get_files(configs_dir, format_cfg)[0] @@ -93,39 +95,34 @@ def get_backends_from_config(server_ip: str, backends='') -> None: roxywi_common.logging('Roxy-WI server', str(e), roxywi=1) try: cfg = f'{configs_dir}{server_ip}-{config_date}.{format_cfg}' - except Exception: - roxywi_common.logging('Roxy-WI server', ' Cannot generate cfg path', roxywi=1) - return + except Exception as e: + roxywi_common.logging('Roxy-WI server', f'error: Cannot generate cfg path: {e}', roxywi=1) + return f'error: Cannot generate cfg path: {e}' try: config_mod.get_config(server_ip, cfg) - except Exception: - roxywi_common.logging('Roxy-WI server', ' Cannot download config', roxywi=1) - print('error: Cannot get backends') - return + except Exception as e: + roxywi_common.logging('Roxy-WI server', f'error: Cannot download config: {e}', roxywi=1) + return f'error: Cannot download config: {e}' with open(cfg, 'r') as f: for line in f: if backends == 'frontend': if (line.startswith('listen') or line.startswith('frontend')) and 'stats' not in line: line = line.strip() - print(line.split(' ')[1], end="
") + lines += line.split(' ')[1] + '
' + + return lines -def change_ip_and_port() -> None: - backend_backend = common.checkAjaxInput(form.getvalue('backend_backend')) - backend_server = common.checkAjaxInput(form.getvalue('backend_server')) - backend_ip = common.checkAjaxInput(form.getvalue('backend_ip')) - backend_port = common.checkAjaxInput(form.getvalue('backend_port')) +def change_ip_and_port(serv, backend_backend, backend_server, backend_ip, backend_port) -> str: + if backend_ip is None: + return 'error: Backend IP must be IP and not 0' - if form.getvalue('backend_ip') is None: - print('error: Backend IP must be IP and not 0') - return - - if form.getvalue('backend_port') is None: - print('error: The backend port must be integer and not 0') - return + if backend_port is None: + return 'error: The backend port must be integer and not 0' haproxy_sock_port = sql.get_setting('haproxy_sock_port') + lines = '' masters = sql.is_master(serv) for master in masters: @@ -133,7 +130,7 @@ def change_ip_and_port() -> None: cmd = 'echo "set server %s/%s addr %s port %s check-port %s" |nc %s %s' % ( backend_backend, backend_server, backend_ip, backend_port, backend_port, master[0], haproxy_sock_port) output, stderr = server_mod.subprocess_execute(cmd) - print(output[0]) + lines += output[0] roxywi_common.logging( master[0], 'IP address and port have been changed. On: {}/{} to {}:{}'.format( backend_backend, backend_server, backend_ip, backend_port @@ -151,9 +148,9 @@ def change_ip_and_port() -> None: output, stderr = server_mod.subprocess_execute(cmd) if stderr != '': - print('error: ' + stderr[0]) + lines += 'error: ' + stderr[0] else: - print(output[0]) + lines += output[0] configs_dir = get_config_var.get_config_var('configs', 'haproxy_save_configs_dir') cfg = f"{configs_dir}{serv}-{get_date.return_date('config')}.cfg" @@ -162,15 +159,16 @@ def change_ip_and_port() -> None: '&& sed -Ei "$( echo $string)s/((1?[0-9][0-9]?|2[0-4][0-9]|25[0-5])\.){3}(1?[0-9][0-9]?|2[0-4][0-9]|25[0-5]):[0-9]+/%s:%s/g" %s' % \ (backend_backend, cfg, backend_server, backend_ip, backend_port, cfg) server_mod.subprocess_execute(cmd) - config_mod.master_slave_upload_and_restart(serv, cfg, just_save='save') + config_mod.master_slave_upload_and_restart(serv, cfg, 'save', 'haproxy') + + return lines -def change_maxconn_global() -> None: - if form.getvalue('maxconn_global') is None: - print('error: Maxconn must be integer and not 0') - return +def change_maxconn_global(serv: str, maxconn: int) -> str: + if maxconn is None: + return 'error: Maxconn must be integer and not 0' + - maxconn = common.checkAjaxInput(form.getvalue('maxconn_global')) haproxy_sock_port = sql.get_setting('haproxy_sock_port') masters = sql.is_master(serv) @@ -181,12 +179,11 @@ def change_maxconn_global() -> None: roxywi_common.logging(master[0], f'Maxconn has been changed. Globally to {maxconn}', login=1, keep_history=1, service='haproxy') cmd = f'echo "set maxconn global {maxconn}" |nc {serv} {haproxy_sock_port}' - print(cmd) roxywi_common.logging(serv, f'Maxconn has been changed. Globally to {maxconn}', login=1, keep_history=1, service='haproxy') output, stderr = server_mod.subprocess_execute(cmd) if stderr != '': - print(stderr[0]) + return stderr[0] elif output[0] == '': configs_dir = get_config_var.get_config_var('configs', 'haproxy_save_configs_dir') cfg = f"{configs_dir}{serv}-{get_date.return_date('config')}.cfg" @@ -195,19 +192,16 @@ def change_maxconn_global() -> None: cmd = 'string=`grep global %s -n -A5 |grep maxcon -n |awk -F":" \'{print $2}\'|awk -F"-" \'{print $1}\'` ' \ '&& sed -Ei "$( echo $string)s/[0-9]+/%s/g" %s' % (cfg, maxconn, cfg) server_mod.subprocess_execute(cmd) - config_mod.master_slave_upload_and_restart(serv, cfg, just_save='save') - print(f'success: Maxconn globally has been set to {maxconn} ') + config_mod.master_slave_upload_and_restart(serv, cfg, 'save', 'haproxy') + return f'success: Maxconn globally has been set to {maxconn} ' else: - print(f'error: {output[0]}') + return f'error: {output[0]}' -def change_maxconn_frontend() -> None: - if form.getvalue('maxconn_int') is None: - print('error: Maxconn must be integer and not 0') - return +def change_maxconn_frontend(serv, maxconn, frontend) -> str: + if maxconn is None: + return 'error: Maxconn must be integer and not 0' - frontend = common.checkAjaxInput(form.getvalue('maxconn_frontend')) - maxconn = common.checkAjaxInput(form.getvalue('maxconn_int')) haproxy_sock_port = sql.get_setting('haproxy_sock_port') masters = sql.is_master(serv) @@ -222,7 +216,7 @@ def change_maxconn_frontend() -> None: output, stderr = server_mod.subprocess_execute(cmd) if stderr != '': - print(stderr[0]) + return stderr[0] elif output[0] == '': configs_dir = get_config_var.get_config_var('configs', 'haproxy_save_configs_dir') cfg = f"{configs_dir}{serv}-{get_date.return_date('config')}.cfg" @@ -231,20 +225,16 @@ def change_maxconn_frontend() -> None: cmd = 'string=`grep %s %s -n -A5 |grep maxcon -n |awk -F":" \'{print $2}\'|awk -F"-" \'{print $1}\'` ' \ '&& sed -Ei "$( echo $string)s/[0-9]+/%s/g" %s' % (frontend, cfg, maxconn, cfg) server_mod.subprocess_execute(cmd) - config_mod.master_slave_upload_and_restart(serv, cfg, just_save='save') - print(f'success: Maxconn for {frontend} has been set to {maxconn} ') + config_mod.master_slave_upload_and_restart(serv, cfg, 'save', 'haproxy') + return f'success: Maxconn for {frontend} has been set to {maxconn} ' else: - print(f'error: {output[0]}') + return f'error: {output[0]}' -def change_maxconn_backend() -> None: - if form.getvalue('maxconn_int') is None: - print('error: Maxconn must be integer and not 0') - return +def change_maxconn_backend(serv, backend, backend_server, maxconn) -> str: + if maxconn is None: + return 'error: Maxconn must be integer and not 0' - backend = common.checkAjaxInput(form.getvalue('maxconn_backend')) - backend_server = common.checkAjaxInput(form.getvalue('maxconn_backend_server')) - maxconn = common.checkAjaxInput(form.getvalue('maxconn_int')) haproxy_sock_port = sql.get_setting('haproxy_sock_port') masters = sql.is_master(serv) @@ -255,12 +245,11 @@ def change_maxconn_backend() -> None: roxywi_common.logging(master[0], f'Maxconn has been changed. On: {backend}/{backend_server} to {maxconn}', login=1, keep_history=1, service='haproxy') cmd = f'echo "set maxconn server {backend}/{backend_server} {maxconn}" |nc {serv} {haproxy_sock_port}' - print(cmd) roxywi_common.logging(serv, f'Maxconn has been changed. On: {backend} to {maxconn}', login=1, keep_history=1, service='haproxy') output, stderr = server_mod.subprocess_execute(cmd) if stderr != '': - print(stderr[0]) + return stderr[0] elif output[0] == '': configs_dir = get_config_var.get_config_var('configs', 'haproxy_save_configs_dir') cfg = f"{configs_dir}{serv}-{get_date.return_date('config')}.cfg" @@ -269,180 +258,169 @@ def change_maxconn_backend() -> None: cmd = 'string=`grep %s %s -n -A10 |grep maxcon -n|grep %s |awk -F":" \'{print $2}\'|awk -F"-" \'{print $1}\'` ' \ '&& sed -Ei "$( echo $string)s/maxconn [0-9]+/maxconn %s/g" %s' % (backend, cfg, backend_server, maxconn, cfg) server_mod.subprocess_execute(cmd) - config_mod.master_slave_upload_and_restart(serv, cfg, just_save='save') - print(f'success: Maxconn for {backend}/{backend_server} has been set to {maxconn} ') + config_mod.master_slave_upload_and_restart(serv, cfg, 'save', 'haproxy') + return f'success: Maxconn for {backend}/{backend_server} has been set to {maxconn} ' else: - print(f'error: {output[0]}') + return f'error: {output[0]}' -def table_select(): - from jinja2 import Environment, FileSystemLoader - env = Environment(loader=FileSystemLoader('templates'), autoescape=True, - extensions=['jinja2.ext.loopcontrols', 'jinja2.ext.do'], trim_blocks=True, lstrip_blocks=True) - table = form.getvalue('table_select') - lang = roxywi_common.get_user_lang() +def table_select(serv: str, table: str): + lang = roxywi_common.get_user_lang_for_flask() if table == 'All': - template = env.get_template('ajax/stick_tables.html') - tables = get_all_stick_table() + tables = get_all_stick_table(serv) table = [] for t in tables.split(','): if t != '': table_id = [] - tables_head1, table1 = get_stick_table(t) + tables_head1, table1 = get_stick_table(serv, t) table_id.append(tables_head1) table_id.append(table1) table.append(table_id) - template = template.render(table=table, lang=lang) + return render_template('ajax/stick_tables.html', table=table, lang=lang) else: - template = env.get_template('ajax/stick_table.html') - tables_head, table = get_stick_table(table) - template = template.render(tables_head=tables_head, table=table, lang=lang) - - print(template) + tables_head, table = get_stick_table(serv, table) + return render_template('ajax/stick_table.html', tables_head=tables_head, table=table, lang=lang) -def delete_ip_from_stick_table() -> None: +def delete_ip_from_stick_table(serv, ip, table) -> str: haproxy_sock_port = sql.get_setting('haproxy_sock_port') - ip = common.checkAjaxInput(form.getvalue('ip_for_delete')) - table = common.checkAjaxInput(form.getvalue('table_for_delete')) cmd = f'echo "clear table {table} key {ip}" |nc {serv} {haproxy_sock_port}' output, stderr = server_mod.subprocess_execute(cmd) - if stderr[0] != '': - print(f'error: {stderr[0]}') + try: + if stderr[0] != '': + return f'error: {stderr[0]}' + except Exception: + return 'ok' -def clear_stick_table() -> None: +def clear_stick_table(serv, table) -> str: haproxy_sock_port = sql.get_setting('haproxy_sock_port') - table = common.checkAjaxInput(form.getvalue('table_for_clear')) cmd = f'echo "clear table {table} " |nc {serv} {haproxy_sock_port}' output, stderr = server_mod.subprocess_execute(cmd) - if stderr[0] != '': - print(f'error: {stderr[0]}') + try: + if stderr[0] != '': + return f'error: {stderr[0]}' + except Exception: + return 'ok' -def list_of_lists() -> None: +def list_of_lists(serv) -> str: haproxy_sock_port = sql.get_setting('haproxy_sock_port') cmd = f'echo "show acl"|nc {serv} {haproxy_sock_port} |grep "loaded from" |awk \'{{print $1,$2}}\'' output, stderr = server_mod.subprocess_execute(cmd) - print(output) + try: + return output[0] + except Exception: + return '------' -def show_lists() -> None: - from jinja2 import Environment, FileSystemLoader - env = Environment(loader=FileSystemLoader('templates/'), autoescape=True, - extensions=['jinja2.ext.loopcontrols', 'jinja2.ext.do'], trim_blocks=True, lstrip_blocks=True) - template = env.get_template('ajax/list.html') - list_id = common.checkAjaxInput(form.getvalue('list_select_id')) - list_name = common.checkAjaxInput(form.getvalue('list_select_name')) - +def show_lists(serv, list_id, list_name) -> None: haproxy_sock_port = sql.get_setting('haproxy_sock_port') cmd = f'echo "show acl #{list_id}"|nc {serv} {haproxy_sock_port}' output, stderr = server_mod.subprocess_execute(cmd) - template = template.render(list=output, list_id=list_id, list_name=list_name) - print(template) + return render_template('ajax/list.html', list=output, list_id=list_id, list_name=list_name) -def delete_ip_from_list() -> None: +def delete_ip_from_list(serv, ip_id, ip, list_id, list_name) -> str: haproxy_sock_port = sql.get_setting('haproxy_sock_port') lib_path = get_config_var.get_config_var('main', 'lib_path') - ip_id = common.checkAjaxInput(form.getvalue('list_ip_id_for_delete')) - ip = common.is_ip_or_dns(form.getvalue('list_ip_for_delete')) - list_id = common.checkAjaxInput(form.getvalue('list_id_for_delete')) - list_name = common.checkAjaxInput(form.getvalue('list_name')) user_group = roxywi_common.get_user_group(id=1) cmd = f"sed -i 's!{ip}$!!' {lib_path}/lists/{user_group}/{list_name}" cmd1 = f"sed -i '/^$/d' {lib_path}/lists/{user_group}/{list_name}" output, stderr = server_mod.subprocess_execute(cmd) output1, stderr1 = server_mod.subprocess_execute(cmd1) if output: - print(f'error: {output}') + return f'error: {output}' if stderr: - print(f'error: {stderr}') + return f'error: {stderr}' if output1: - print(f'error: {output1}') + return f'error: {output1}' if stderr1: - print(f'error: {stderr}') + return f'error: {stderr}' cmd = f'echo "del acl #{list_id} #{ip_id}" |nc {serv} {haproxy_sock_port}' output, stderr = server_mod.subprocess_execute(cmd) - if output[0] != '': - print(f'error: {output[0]}') - if stderr != '': - print(f'error: {stderr[0]}') roxywi_common.logging(serv, f'{ip_id} has been delete from list {list_id}', login=1, keep_history=1, service='haproxy') + try: + if output[0] != '': + return f'error: {output[0]}' + except Exception: + pass + try: + if stderr != '': + return f'error: {stderr[0]}' + except Exception: + pass -def add_ip_to_list() -> None: +def add_ip_to_list(serv, ip, list_id, list_name) -> str: haproxy_sock_port = sql.get_setting('haproxy_sock_port') - lib_path = get_config_var.get_config_var('main', 'lib_path') - ip = form.getvalue('list_ip_for_add') - ip = ip.strip() - ip = common.is_ip_or_dns(ip) - list_id = common.checkAjaxInput(form.getvalue('list_id_for_add')) - list_name = common.checkAjaxInput(form.getvalue('list_name')) user_group = roxywi_common.get_user_group(id=1) cmd = f'echo "add acl #{list_id} {ip}" |nc {serv} {haproxy_sock_port}' output, stderr = server_mod.subprocess_execute(cmd) - if output[0]: - print(f'error: {output[0]}') - if stderr: - print(f'error: {stderr[0]}') + try: + if output[0]: + return f'error: {output[0]}' + except Exception: + pass + try: + if stderr: + print(f'error: {stderr[0]}') + except Exception: + pass if 'is not a valid IPv4 or IPv6 address' not in output[0]: cmd = f'echo "{ip}" >> {lib_path}/lists/{user_group}/{list_name}' output, stderr = server_mod.subprocess_execute(cmd) + roxywi_common.logging(serv, f'{ip} has been added to list {list_id}', login=1, keep_history=1, service='haproxy') if output: - print(f'error: {output}') + return f'error: {output}' if stderr: - print(f'error: {stderr}') - - roxywi_common.logging(serv, f'{ip} has been added to list {list_id}', login=1, keep_history=1, service='haproxy') + return f'error: {stderr}' -def select_session() -> None: - from jinja2 import Environment, FileSystemLoader - env = Environment(loader=FileSystemLoader('templates'), autoescape=True, - extensions=['jinja2.ext.loopcontrols', 'jinja2.ext.do'], trim_blocks=True, lstrip_blocks=True) - session = common.checkAjaxInput(form.getvalue('sessions_select')) - lang = roxywi_common.get_user_lang() +def select_session(server_ip: str) -> str: + lang = roxywi_common.get_user_lang_for_flask() haproxy_sock_port = sql.get_setting('haproxy_sock_port') - - cmd = f'echo "show sess" |nc {session} {haproxy_sock_port}' + cmd = f'echo "show sess" |nc {server_ip} {haproxy_sock_port}' output, stderr = server_mod.subprocess_execute(cmd) - template = env.get_template('ajax/sessions_table.html') - template = template.render(sessions=output, lang=lang) - - print(template) + return render_template('ajax/sessions_table.html', sessions=output, lang=lang) -def show_session() -> None: - session = common.checkAjaxInput(form.getvalue('sessions_select_show')) - sess_id = common.checkAjaxInput(form.getvalue('sessions_select_id')) +def show_session(server_ip, sess_id) -> str: haproxy_sock_port = sql.get_setting('haproxy_sock_port') - cmd = f'echo "show sess {sess_id}" |nc {session} {haproxy_sock_port}' - + cmd = f'echo "show sess {sess_id}" |nc {server_ip} {haproxy_sock_port}' output, stderr = server_mod.subprocess_execute(cmd) + lines = '' if stderr: - print('error: ' + stderr[0]) + return 'error: ' + stderr[0] else: for o in output: - print(f'{o}
') + lines += f'{o}
' + return lines -def delete_session() -> None: +def delete_session(server_ip, sess_id) -> str: haproxy_sock_port = sql.get_setting('haproxy_sock_port') - sess_id = common.checkAjaxInput(form.getvalue('session_delete_id')) - cmd = 'echo "shutdown session %s" |nc %s %s' % (sess_id, serv, haproxy_sock_port) + cmd = f'echo "shutdown session {sess_id}" |nc {server_ip} {haproxy_sock_port}' output, stderr = server_mod.subprocess_execute(cmd) - if output[0] != '': - print('error: ' + output[0]) - if stderr[0] != '': - print('error: ' + stderr[0]) + try: + if output[0] != '': + return 'error: ' + output[0] + except Exception: + pass + try: + if stderr[0] != '': + return 'error: ' + stderr[0] + except Exception: + pass + + return 'ok' diff --git a/app/modules/db/db_model.py b/app/modules/db/db_model.py index 01324df6..ee028beb 100644 --- a/app/modules/db/db_model.py +++ b/app/modules/db/db_model.py @@ -1,6 +1,7 @@ from peewee import * from playhouse.migrate import * from datetime import datetime +from flask_login import UserMixin import modules.roxy_wi_tools as roxy_wi_tools @@ -26,7 +27,7 @@ class BaseModel(Model): database = conn -class User(BaseModel): +class User(BaseModel, UserMixin): user_id = AutoField(column_name='id') username = CharField(constraints=[SQL('UNIQUE')]) email = CharField(constraints=[SQL('UNIQUE')]) @@ -354,66 +355,6 @@ class PortScannerHistory(BaseModel): primary_key = False -class ProvidersCreds(BaseModel): - id = AutoField() - name = CharField() - type = CharField() - group = CharField() - key = CharField() - secret = CharField(null=True) - create_date = DateTimeField(default=datetime.now) - edit_date = DateTimeField(default=datetime.now) - - class Meta: - table_name = 'providers_creds' - - -class ProvisionParam(BaseModel): - id = AutoField() - param = CharField() - name = CharField() - optgroup = CharField() - section = CharField() - provider = CharField() - image = CharField(null=True) - - class Meta: - table_name = 'provision_param' - constraints = [SQL('UNIQUE (param, section, provider)')] - - -class ProvisionedServers(BaseModel): - id = AutoField() - region = CharField() - instance_type = CharField() - public_ip = IntegerField(null=True) - floating_ip = IntegerField(null=True) - volume_size = IntegerField(null=True) - backup = IntegerField(null=True) - monitoring = IntegerField(null=True) - private_networking = IntegerField(null=True) - ssh_key_name = CharField(null=True) - ssh_ids = CharField(null=True) - name = CharField() - os = CharField() - firewall = IntegerField() - provider_id = IntegerField() - type = CharField() - status = CharField() - group_id = IntegerField() - date = DateTimeField(default=datetime.now) - IP = CharField(null=True) - last_error = CharField(null=True) - delete_on_termination = IntegerField(null=True) - project = CharField(null=True) - network_name = CharField(null=True) - volume_type = CharField(null=True) - name_template = CharField(null=True) - - class Meta: - table_name = 'provisioned_servers' - - class MetricsHttpStatus(BaseModel): serv = CharField() ok_ans = IntegerField(column_name='2xx') @@ -679,8 +620,7 @@ def create_tables(): with conn: conn.create_tables([User, Server, Role, Telegram, Slack, UUID, Token, ApiToken, Groups, UserGroups, ConfigVersion, Setting, Cred, Backup, Metrics, WafMetrics, Version, Option, SavedServer, Waf, ActionHistory, - PortScannerSettings, PortScannerPorts, PortScannerHistory, ProvidersCreds, ServiceSetting, - ProvisionedServers, MetricsHttpStatus, SMON, WafRules, Alerts, GeoipCodes, NginxMetrics, - SystemInfo, Services, UserName, GitSetting, CheckerSetting, ApacheMetrics, ProvisionParam, - WafNginx, ServiceStatus, KeepaliveRestart, PD, SmonHistory, SmonTcpCheck, SmonHttpCheck, - SmonPingCheck, SmonDnsCheck, S3Backup]) + PortScannerSettings, PortScannerPorts, PortScannerHistory, ServiceSetting, MetricsHttpStatus, + SMON, WafRules, Alerts, GeoipCodes, NginxMetrics, SystemInfo, Services, UserName, GitSetting, + CheckerSetting, ApacheMetrics, WafNginx, ServiceStatus, KeepaliveRestart, PD, SmonHistory, + SmonTcpCheck, SmonHttpCheck, SmonPingCheck, SmonDnsCheck, S3Backup]) diff --git a/app/modules/db/sql.py b/app/modules/db/sql.py index 5df0052e..07b30473 100755 --- a/app/modules/db/sql.py +++ b/app/modules/db/sql.py @@ -1,13 +1,23 @@ #!/usr/bin/env python3 # -*- coding: utf-8 -*- -import traceback -import sys import os +import sys +import traceback from modules.db.db_model import * import modules.roxy_wi_tools as roxy_wi_tools +def out_error(error): + error = str(error) + exc_type, exc_obj, exc_tb = sys.exc_info() + file_name = os.path.split(exc_tb.tb_frame.f_code.co_filename)[1] + stk = traceback.extract_tb(exc_tb, 1) + function_name = stk[0][2] + error = f'{error} in function: {function_name} in file: {file_name}' + raise Exception(f'error: {error}') + + def get_setting(param, **kwargs): import http.cookies @@ -59,16 +69,6 @@ time_zone = get_setting('time_zone') get_date = roxy_wi_tools.GetDate(time_zone) -def out_error(error): - error = str(error) - exc_type, exc_obj, exc_tb = sys.exc_info() - file_name = os.path.split(exc_tb.tb_frame.f_code.co_filename)[1] - stk = traceback.extract_tb(exc_tb, 1) - function_name = stk[0][2] - error = f'{error} in function: {function_name} in file: {file_name}' - raise Exception(f'error: {error}') - - def add_user(user, email, password, role, activeuser, group): if password != 'aduser': try: @@ -702,21 +702,13 @@ def delete_old_uuid(): out_error(e) -def update_last_act_user(uuid, token): +def update_last_act_user(uuid: str, token: str, ip: str) -> None: session_ttl = int(get_setting('session_ttl')) token_ttl = int(get_setting('token_ttl')) cur_date_session = get_date.return_date('regular', timedelta=session_ttl) cur_date_token = get_date.return_date('regular', timedelta=token_ttl) cur_date = get_date.return_date('regular') user_id = get_user_id_by_uuid(uuid) - - try: - import cgi - import os - ip = cgi.escape(os.environ["REMOTE_ADDR"]) - except Exception: - ip = '' - query = UUID.update(exp=cur_date_session).where(UUID.uuid == uuid) query1 = Token.update(exp=cur_date_token).where(Token.token == token) query2 = User.update(last_login_date=cur_date, last_login_ip=ip).where(User.user_id == user_id) @@ -767,6 +759,7 @@ def get_user_role_by_uuid(uuid, group_id): (UserGroups.user_group_id == group_id) ) ) + try: query_res = query.execute() except Exception as e: @@ -866,19 +859,7 @@ def get_pd_by_id(pd_id): return query_res -def get_dick_permit(**kwargs): - if kwargs.get('username'): - grp = kwargs.get('group_id') - else: - try: - import http.cookies - cookie = http.cookies.SimpleCookie(os.environ.get("HTTP_COOKIE")) - group = cookie.get('group') - grp = group.value - except Exception: - print('') - return - +def get_dick_permit(group_id, **kwargs): only_group = kwargs.get('only_group') disable = 'enable = 1' haproxy = '' @@ -907,21 +888,15 @@ def get_dick_permit(**kwargs): cursor = conn.cursor() try: if mysql_enable == '1': - if grp == '1' and not only_group: - sql = """ select * from `servers` where {} {} {} {} {} {} {} order by `pos` asc""".format( - disable, type_ip, nginx, haproxy, keepalived, apache, ip - ) + if group_id == '1' and not only_group: + sql = f" select * from `servers` where {disable} {type_ip} {nginx} {haproxy} {keepalived} {apache} {ip} order by `pos` asc" else: - sql = """ select * from `servers` where `groups` = {group} and ({disable}) {type_ip} {ip} {haproxy} {nginx} {keepalived} {apache} order by `pos` asc - """.format( - group=grp, disable=disable, type_ip=type_ip, ip=ip, haproxy=haproxy, nginx=nginx, keepalived=keepalived, apache=apache - ) + sql = f" select * from `servers` where `groups` = {group_id} and ({disable}) {type_ip} {ip} {haproxy} {nginx} {keepalived} {apache} order by `pos` asc" else: - if grp == '1' and not only_group: - sql = """ select * from servers where {} {} {} {} {} {} {} order by pos""".format(disable, type_ip, nginx, haproxy, keepalived, apache, ip) + if group_id == '1' and not only_group: + sql = f" select * from servers where {disable} {type_ip} {nginx} {haproxy} {keepalived} {apache} {ip} order by pos" else: - sql = """ select * from servers where groups = '{group}' and ({disable}) {type_ip} {ip} {haproxy} {nginx} {keepalived} {apache} order by pos - """.format(group=grp, disable=disable, type_ip=type_ip, ip=ip, haproxy=haproxy, nginx=nginx, keepalived=keepalived, apache=apache) + sql = f" select * from servers where groups = '{group_id}' and ({disable}) {type_ip} {ip} {haproxy} {nginx} {keepalived} {apache} order by pos" except Exception as e: raise Exception(f'error: {e}') @@ -1737,6 +1712,8 @@ def update_waf_metrics_enable(name, enable): Waf.update(metrics=enable).where(Waf.server_id == server_id).execute() except Exception as e: out_error(e) + else: + return 'ok' def delete_metrics(): @@ -2492,14 +2469,14 @@ def update_firewall(serv): return False -def update_server_pos(pos, server_id): +def update_server_pos(pos, server_id) -> str: query = Server.update(pos=pos).where(Server.server_id == server_id) try: query.execute() - return True + return 'ok' except Exception as e: out_error(e) - return False + return 'not_ok' def check_token_exists(token): @@ -2915,6 +2892,7 @@ def select_one_smon(smon_id: int, check_id: int) -> object: query = SmonDnsCheck.select(SmonDnsCheck, SMON).join_from(SmonDnsCheck, SMON).where(SMON.id == smon_id) else: query = SmonPingCheck.select(SmonPingCheck, SMON).join_from(SmonPingCheck, SMON).where(SMON.id == smon_id) + try: query_res = query.execute() except Exception as e: @@ -3345,300 +3323,6 @@ def delete_provider(provider_id): return False -def add_server_aws( - region, instance_type, public_ip, floating_ip, volume_size, ssh_key_name, name, os, firewall, - provider_id, group_id, status, delete_on_termination, volume_type -): - cur_date = get_date.return_date('regular') - try: - ProvisionedServers.insert( - region=region, instance_type=instance_type, public_ip=public_ip, floating_ip=floating_ip, - volume_size=volume_size, volume_type=volume_type, ssh_key_name=ssh_key_name, name=name, os=os, - firewall=firewall, provider_id=provider_id, group_id=group_id, delete_on_termination=delete_on_termination, - type='aws', status=status, date=cur_date - ).execute() - return True - except Exception as e: - out_error(e) - return False - - -def add_server_gcore( - project, region, instance_type, network_type, network_name, volume_size, ssh_key_name, name, os, - firewall, provider_id, group_id, status, delete_on_termination, volume_type -): - cur_date = get_date.return_date('regular') - try: - ProvisionedServers.insert( - region=region, instance_type=instance_type, public_ip=network_type, network_name=network_name, - volume_size=volume_size, volume_type=volume_type, ssh_key_name=ssh_key_name, name=name, - os=os, firewall=firewall, provider_id=provider_id, group_id=group_id, type='gcore', - delete_on_termination=delete_on_termination, project=project, status=status, date=cur_date - ).execute() - return True - except Exception as e: - out_error(e) - return False - - -def add_server_do( - region, size, privet_net, floating_ip, ssh_ids, ssh_key_name, name, oss, firewall, monitoring, backup, - provider_id, group_id, status -): - cur_date = get_date.return_date('regular') - try: - ProvisionedServers.insert( - region=region, instance_type=size, private_networking=privet_net, floating_ip=floating_ip, - ssh_ids=ssh_ids, ssh_key_name=ssh_key_name, name=name, os=oss, firewall=firewall, - monitoring=monitoring, backup=backup, provider_id=provider_id, group_id=group_id, - type='do', status=status, date=cur_date - ).execute() - return True - except Exception as e: - out_error(e) - return False - - -def select_aws_server(server_id): - prov_serv = ProvisionedServers.alias() - query = ( - prov_serv.select( - prov_serv.region, prov_serv.instance_type, prov_serv.public_ip, prov_serv.floating_ip, prov_serv.volume_size, - prov_serv.ssh_key_name, prov_serv.name, prov_serv.os, prov_serv.firewall, prov_serv.provider_id, - prov_serv.group_id, prov_serv.id, prov_serv.delete_on_termination, prov_serv.volume_type - ).where(prov_serv.id == server_id)) - try: - query_res = query.execute() - except Exception as e: - out_error(e) - else: - return query_res - - -def select_gcore_server(server_id): - prov_serv = ProvisionedServers.alias() - query = ( - prov_serv.select( - prov_serv.region, prov_serv.instance_type, prov_serv.public_ip, prov_serv.floating_ip, prov_serv.volume_size, - prov_serv.ssh_key_name, prov_serv.name, prov_serv.os, prov_serv.firewall, prov_serv.provider_id, - prov_serv.group_id, prov_serv.id, prov_serv.delete_on_termination, prov_serv.project, prov_serv.network_name, - prov_serv.volume_type, prov_serv.name_template - ).where(prov_serv.id == server_id)) - try: - query_res = query.execute() - except Exception as e: - out_error(e) - else: - return query_res - - -def select_do_server(server_id): - prov_serv = ProvisionedServers.alias() - query = ( - prov_serv.select( - prov_serv.region, prov_serv.instance_type, prov_serv.private_networking, prov_serv.floating_ip, - prov_serv.ssh_ids, prov_serv.ssh_key_name, prov_serv.name, prov_serv.os, prov_serv.firewall, prov_serv.backup, - prov_serv.monitoring, prov_serv.provider_id, prov_serv.group_id, prov_serv.id - ).where(prov_serv.id == server_id)) - try: - query_res = query.execute() - except Exception as e: - out_error(e) - else: - return query_res - - -def update_provisioning_server_status(status, user_group_id, name, provider_id, **kwargs): - if kwargs.get('update_ip'): - query = ProvisionedServers.update(status=status, IP=kwargs.get('update_ip')).where( - (ProvisionedServers.name == name) & (ProvisionedServers.group_id == user_group_id) & (ProvisionedServers.provider_id == provider_id) - ) - else: - query = ProvisionedServers.update(status=status).where( - (ProvisionedServers.name == name) - & (ProvisionedServers.group_id == user_group_id) - & (ProvisionedServers.provider_id == provider_id) - ) - try: - query.execute() - except Exception as e: - out_error(e) - - -def update_provisioning_server_gcore_name(name, template_name, user_group_id, provider_id): - query = ProvisionedServers.update(name_template=template_name).where( - (ProvisionedServers.name == name) - & (ProvisionedServers.group_id == user_group_id) - & (ProvisionedServers.provider_id == provider_id) - ) - try: - query.execute() - except Exception as e: - out_error(e) - - -def update_provisioning_server_error(status, user_group_id, name, provider_id): - query = ProvisionedServers.update(last_error=status).where( - (ProvisionedServers.name == name) - & (ProvisionedServers.group_id == user_group_id) - & (ProvisionedServers.provider_id == provider_id) - ) - try: - query.execute() - except Exception as e: - out_error(e) - - -def update_server_aws( - region, size, public_ip, floating_ip, volume_size, ssh_name, workspace, oss, firewall, provider, - group, status, server_id, delete_on_termination, volume_type -): - query = ProvisionedServers.update( - region=region, instance_type=size, public_ip=public_ip, floating_ip=floating_ip, volume_size=volume_size, - ssh_key_name=ssh_name, name=workspace, os=oss, firewall=firewall, provider_id=provider, group_id=group, - status=status, delete_on_termination=delete_on_termination, volume_type=volume_type - ).where(ProvisionedServers.id == server_id) - try: - query.execute() - return True - except Exception as e: - out_error(e) - return False - - -def update_server_gcore( - region, size, network_type, network_name, volume_size, ssh_name, workspace, oss, firewall, - provider, group, status, server_id, delete_on_termination, volume_type, project -): - query = ProvisionedServers.update( - region=region, instance_type=size, public_ip=network_type, network_name=network_name, volume_size=volume_size, - ssh_key_name=ssh_name, name=workspace, os=oss, firewall=firewall, provider_id=provider, group_id=group, - status=status, delete_on_termination=delete_on_termination, volume_type=volume_type, project=project - ).where(ProvisionedServers.id == server_id) - try: - query.execute() - return True - except Exception as e: - out_error(e) - return False - - -def update_server_do( - size, privet_net, floating_ip, ssh_ids, ssh_name, oss, firewall, monitoring, backup, provider, group, - status, server_id -): - query = ProvisionedServers.update( - instance_type=size, private_networking=privet_net, floating_ip=floating_ip, ssh_ids=ssh_ids, - ssh_key_name=ssh_name, os=oss, firewall=firewall, monitoring=monitoring, backup=backup, provider_id=provider, - group_id=group, status=status - ).where(ProvisionedServers.id == server_id) - try: - query.execute() - return True - except Exception as e: - out_error(e) - return False - - -def delete_provisioned_servers(server_id): - query = ProvisionedServers.delete().where(ProvisionedServers.id == server_id) - try: - query.execute() - except Exception as e: - out_error(e) - - -def select_provisioned_servers(**kwargs): - prov_serv = ProvisionedServers.alias() - if kwargs.get('new'): - query = ( - prov_serv.select( - prov_serv.id, prov_serv.name, prov_serv.provider_id, prov_serv.type, prov_serv.group_id, - prov_serv.instance_type, prov_serv.status, prov_serv.date, prov_serv.region, prov_serv.os, - prov_serv.IP, prov_serv.last_error, prov_serv.name_template - ).where( - (prov_serv.name == kwargs.get('new')) - & (prov_serv.group_id == kwargs.get('group')) - & (prov_serv.type == kwargs.get('type')) - ) - ) - else: - query = prov_serv.select( - prov_serv.id, prov_serv.name, prov_serv.provider_id, prov_serv.type, prov_serv.group_id, - prov_serv.instance_type, prov_serv.status, prov_serv.date, prov_serv.region, prov_serv.os, - prov_serv.IP, prov_serv.last_error, prov_serv.name_template - ) - try: - query_res = query.execute() - except Exception as e: - out_error(e) - else: - return query_res - - -def select_aws_provider(provider_id): - try: - query_res = ProvidersCreds.get(ProvidersCreds.id == provider_id) - except Exception: - return "" - else: - return query_res.key, query_res.secret - - -def select_gcore_provider(provider_id): - try: - query_res = ProvidersCreds.get(ProvidersCreds.id == provider_id) - except Exception: - return "" - else: - return query_res.key, query_res.secret - - -def select_do_provider(provider_id): - try: - query_res = ProvidersCreds.get(ProvidersCreds.id == provider_id) - except Exception: - return "" - else: - return query_res.key - - -def update_do_provider(new_name, new_token, provider_id): - cur_date = get_date.return_date('regular') - try: - ProvidersCreds.update( - name=new_name, key=new_token, edit_date=cur_date - ).where(ProvidersCreds.id == provider_id).execute() - return True - except Exception as e: - out_error(e) - return False - - -def update_gcore_provider(new_name, new_user, new_pass, provider_id): - cur_date = get_date.return_date('regular') - try: - ProvidersCreds.update( - name=new_name, key=new_user, secret=new_pass, edit_date=cur_date - ).where(ProvidersCreds.id == provider_id).execute() - return True - except Exception as e: - out_error(e) - return False - - -def update_aws_provider(new_name, new_key, new_secret, provider_id): - cur_date = get_date.return_date('regular') - try: - ProvidersCreds.update( - name=new_name, key=new_key, secret=new_secret, edit_date=cur_date - ).where(ProvidersCreds.id == provider_id).execute() - return True - except Exception as e: - out_error(e) - return False - - def is_serv_protected(serv): try: query_res = Server.get(Server.ip == serv) @@ -4219,18 +3903,6 @@ def update_service_checker_settings( return True -def select_provisioning_params(): - query = ProvisionParam.select() - - try: - query_res = query.execute() - except Exception as e: - out_error(e) - return - else: - return query_res - - def select_service(slug: str) -> str: try: query_res = Services.get(Services.slug == slug) diff --git a/app/modules/provisioning/__init__.py b/app/modules/provisioning/__init__.py deleted file mode 100644 index c44b825b..00000000 --- a/app/modules/provisioning/__init__.py +++ /dev/null @@ -1 +0,0 @@ -NAME = 'roxy-wi-provisioning-modules' diff --git a/app/modules/provisioning/aws.py b/app/modules/provisioning/aws.py deleted file mode 100644 index e9f51004..00000000 --- a/app/modules/provisioning/aws.py +++ /dev/null @@ -1,133 +0,0 @@ -import modules.db.sql as sql -import modules.common.common as common -import modules.server.server as server_mod -import modules.provisioning.common as prov_common - -form = common.form - - -def validate() -> None: - if form.getvalue('awsvalidate'): - workspace = form.getvalue('awsvalidate') - group = form.getvalue('aws_create_group') - else: - workspace = form.getvalue('awseditvalidate') - group = form.getvalue('aws_edit_group') - - cmd = f'cd scripts/terraform/ && sudo terraform plan -no-color -input=false -target=module.aws_module -var-file vars/{workspace}_{group}_aws.tfvars' - output, stderr = server_mod.subprocess_execute(cmd) - if stderr != '': - print('error: ' + stderr) - else: - print('ok') - - -def new_workspace() -> None: - workspace = form.getvalue('awsworkspace') - group = form.getvalue('aws_create_group') - provider = form.getvalue('aws_create_provider') - region = form.getvalue('aws_create_regions') - size = form.getvalue('aws_create_size') - oss = form.getvalue('aws_create_oss') - ssh_name = form.getvalue('aws_create_ssh_name') - volume_size = form.getvalue('aws_create_volume_size') - volume_type = form.getvalue('aws_create_volume_type') - delete_on_termination = form.getvalue('aws_create_delete_on_termination') - floating_ip = form.getvalue('aws_create_floating_net') - firewall = form.getvalue('aws_create_firewall') - public_ip = form.getvalue('aws_create_public_ip') - - cmd = f'cd scripts/terraform/ && sudo terraform workspace new {workspace}_{group}_aws' - output, stderr = server_mod.subprocess_execute(cmd) - - if stderr != '': - prov_common.show_error(stderr, group, workspace, provider) - else: - try: - if sql.add_server_aws( - region, size, public_ip, floating_ip, volume_size, ssh_name, workspace, oss, firewall, - provider, group, 'Creating', delete_on_termination, volume_type - ): - prov_common.show_new_server(workspace, group, 'aws') - except Exception as e: - print(e) - - -def edit_workspace() -> None: - workspace = form.getvalue('awseditworkspace') - group = form.getvalue('aws_editing_group') - provider = form.getvalue('aws_editing_provider') - region = form.getvalue('aws_editing_regions') - size = form.getvalue('aws_editing_size') - oss = form.getvalue('aws_editing_oss') - ssh_name = form.getvalue('aws_editing_ssh_name') - volume_size = form.getvalue('aws_editing_volume_size') - volume_type = form.getvalue('aws_editing_volume_type') - delete_on_termination = form.getvalue('aws_editing_delete_on_termination') - floating_ip = form.getvalue('aws_editing_floating_net') - firewall = form.getvalue('aws_editing_firewall') - public_ip = form.getvalue('aws_editing_public_ip') - server_id = form.getvalue('server_id') - - try: - if sql.update_server_aws( - region, size, public_ip, floating_ip, volume_size, ssh_name, workspace, oss, firewall, - provider, group, 'Editing', server_id, delete_on_termination, volume_type - ): - - try: - cmd = f'cd scripts/terraform/ && sudo terraform workspace select {workspace}_{group}_aws' - output, stderr = server_mod.subprocess_execute(cmd) - except Exception as e: - print(f'error: {e}') - - if stderr != '': - prov_common.show_error(stderr, group, workspace, provider) - else: - print('ok') - except Exception as e: - print(e) - - -def create_vars() -> None: - if form.getvalue('awsvars'): - awsvars = common.checkAjaxInput(form.getvalue('awsvars')) - group = common.checkAjaxInput(form.getvalue('aws_create_group')) - provider = common.checkAjaxInput(form.getvalue('aws_create_provider')) - region = common.checkAjaxInput(form.getvalue('aws_create_regions')) - size = common.checkAjaxInput(form.getvalue('aws_create_size')) - oss = common.checkAjaxInput(form.getvalue('aws_create_oss')) - ssh_name = common.checkAjaxInput(form.getvalue('aws_create_ssh_name')) - volume_size = common.checkAjaxInput(form.getvalue('aws_create_volume_size')) - volume_type = common.checkAjaxInput(form.getvalue('aws_create_volume_type')) - delete_on_termination = common.checkAjaxInput(form.getvalue('aws_create_delete_on_termination')) - floating_ip = common.checkAjaxInput(form.getvalue('aws_create_floating_net')) - firewall = common.checkAjaxInput(form.getvalue('aws_create_firewall')) - public_ip = common.checkAjaxInput(form.getvalue('aws_create_public_ip')) - else: - awsvars = common.checkAjaxInput(form.getvalue('awseditvars')) - group = common.checkAjaxInput(form.getvalue('aws_editing_group')) - provider = common.checkAjaxInput(form.getvalue('aws_editing_provider')) - region = common.checkAjaxInput(form.getvalue('aws_editing_regions')) - size = common.checkAjaxInput(form.getvalue('aws_editing_size')) - oss = common.checkAjaxInput(form.getvalue('aws_editing_oss')) - ssh_name = common.checkAjaxInput(form.getvalue('aws_editing_ssh_name')) - volume_size = common.checkAjaxInput(form.getvalue('aws_editing_volume_size')) - volume_type = common.checkAjaxInput(form.getvalue('aws_editing_volume_type')) - delete_on_termination = common.checkAjaxInput(form.getvalue('aws_editing_delete_on_termination')) - floating_ip = common.checkAjaxInput(form.getvalue('aws_editing_floating_net')) - firewall = common.checkAjaxInput(form.getvalue('aws_editing_firewall')) - public_ip = common.checkAjaxInput(form.getvalue('aws_editing_public_ip')) - - aws_key, aws_secret = sql.select_aws_provider(provider) - - cmd = f'cd scripts/terraform/ && sudo ansible-playbook var_generator.yml -i inventory -e "region={region} ' \ - f'group={group} size={size} os={oss} floating_ip={floating_ip} volume_size={volume_size} server_name={awsvars} ' \ - f'AWS_ACCESS_KEY={aws_key} AWS_SECRET_KEY={aws_secret} firewall={firewall} public_ip={public_ip} ' \ - f'ssh_name={ssh_name} delete_on_termination={delete_on_termination} volume_type={volume_type} cloud=aws"' - - output, stderr = server_mod.subprocess_execute(cmd) - if stderr != '': - print(f'error: {stderr}') - else: - print('ok') diff --git a/app/modules/provisioning/common.py b/app/modules/provisioning/common.py deleted file mode 100644 index 6b727040..00000000 --- a/app/modules/provisioning/common.py +++ /dev/null @@ -1,31 +0,0 @@ -from jinja2 import Environment, FileSystemLoader - -import modules.db.sql as sql -import modules.common.common as common -import modules.roxywi.common as roxywi_common - -form = common.form - - -def show_error(stderr: str, group: str, workspace: str, provider: str) -> None: - stderr = stderr.strip() - stderr = repr(stderr) - stderr = stderr.replace("'", "") - stderr = stderr.replace("\'", "") - sql.update_provisioning_server_status('Error', group, workspace, provider) - sql.update_provisioning_server_error(stderr, group, workspace, provider) - print('error: ' + stderr) - - -def show_new_server(workspace: str, group: str, cloud: str) -> None: - user_params = roxywi_common.get_users_params() - new_server = sql.select_provisioned_servers(new=workspace, group=group, type=cloud) - params = sql.select_provisioning_params() - lang = roxywi_common.get_user_lang() - providers = sql.select_providers(group) - - env = Environment(extensions=["jinja2.ext.do"], loader=FileSystemLoader('templates')) - template = env.get_template('ajax/provisioning/provisioned_servers.html') - template = template.render(servers=new_server, groups=sql.select_groups(), user_group=group, providers=providers, - role=user_params['role'], adding=1, params=params, lang=lang) - print(template) diff --git a/app/modules/provisioning/do.py b/app/modules/provisioning/do.py deleted file mode 100644 index 66673d73..00000000 --- a/app/modules/provisioning/do.py +++ /dev/null @@ -1,124 +0,0 @@ -import modules.db.sql as sql -import modules.common.common as common -import modules.server.server as server_mod -import modules.provisioning.common as prov_common - -form = common.form - - -def validate() -> None: - if form.getvalue('dovalidate'): - workspace = form.getvalue('dovalidate') - group = form.getvalue('do_create_group') - else: - workspace = form.getvalue('doeditvalidate') - group = form.getvalue('do_edit_group') - - cmd = f'cd scripts/terraform/ && sudo terraform plan -no-color -input=false -target=module.do_module -var-file vars/{workspace}_{group}_do.tfvars' - output, stderr = server_mod.subprocess_execute(cmd) - if stderr != '': - print(f'error: {stderr}') - else: - print('ok') - - -def new_workspace() -> None: - workspace = form.getvalue('doworkspace') - group = form.getvalue('do_create_group') - provider = form.getvalue('do_create_provider') - region = form.getvalue('do_create_regions') - size = form.getvalue('do_create_size') - oss = form.getvalue('do_create_oss') - ssh_name = form.getvalue('do_create_ssh_name') - ssh_ids = form.getvalue('do_create_ssh_ids') - backup = form.getvalue('do_create_backup') - privet_net = form.getvalue('do_create_private_net') - floating_ip = form.getvalue('do_create_floating_net') - monitoring = form.getvalue('do_create_monitoring') - firewall = form.getvalue('do_create_firewall') - - cmd = f'cd scripts/terraform/ && sudo terraform workspace new {workspace}_{group}_do' - output, stderr = server_mod.subprocess_execute(cmd) - - if stderr != '': - prov_common.show_error(stderr, group, workspace, provider) - else: - if sql.add_server_do( - region, size, privet_net, floating_ip, ssh_ids, ssh_name, workspace, oss, firewall, monitoring, - backup, provider, group, 'Creating' - ): - prov_common.show_new_server(workspace, group, 'do') - - -def edit_workspace() -> None: - workspace = form.getvalue('doeditworkspace') - group = form.getvalue('do_edit_group') - provider = form.getvalue('do_edit_provider') - size = form.getvalue('do_edit_size') - oss = form.getvalue('do_edit_oss') - ssh_name = form.getvalue('do_edit_ssh_name') - ssh_ids = form.getvalue('do_edit_ssh_ids') - backup = form.getvalue('do_edit_backup') - privet_net = form.getvalue('do_edit_private_net') - floating_ip = form.getvalue('do_edit_floating_net') - monitoring = form.getvalue('do_edit_monitoring') - firewall = form.getvalue('do_edit_firewall') - server_id = form.getvalue('server_id') - try: - if sql.update_server_do( - size, privet_net, floating_ip, ssh_ids, ssh_name, oss, firewall, monitoring, backup, provider, - group, 'Creating', server_id - ): - - cmd = f'cd scripts/terraform/ && sudo terraform workspace select {workspace}_{group}_do' - output, stderr = server_mod.subprocess_execute(cmd) - - if stderr != '': - prov_common.show_error(stderr, group, workspace, provider) - else: - print('ok') - except Exception as e: - print(e) - - -def create_vars() -> None: - if form.getvalue('dovars'): - dovars = form.getvalue('dovars') - group = form.getvalue('do_create_group') - provider = form.getvalue('do_create_provider') - region = form.getvalue('do_create_regions') - size = form.getvalue('do_create_size') - oss = form.getvalue('do_create_oss') - ssh_name = form.getvalue('do_create_ssh_name') - ssh_ids = form.getvalue('do_create_ssh_ids') - backup = form.getvalue('do_create_backup') - privet_net = form.getvalue('do_create_private_net') - floating_ip = form.getvalue('do_create_floating_net') - monitoring = form.getvalue('do_create_monitoring') - firewall = form.getvalue('do_create_firewall') - else: - dovars = form.getvalue('doeditvars') - group = form.getvalue('do_edit_group') - provider = form.getvalue('do_edit_provider') - region = form.getvalue('do_edit_regions') - size = form.getvalue('do_edit_size') - oss = form.getvalue('do_edit_oss') - ssh_name = form.getvalue('do_edit_ssh_name') - ssh_ids = form.getvalue('do_edit_ssh_ids') - backup = form.getvalue('do_edit_backup') - privet_net = form.getvalue('do_edit_private_net') - floating_ip = form.getvalue('do_edit_floating_net') - monitoring = form.getvalue('do_edit_monitoring') - firewall = form.getvalue('do_edit_firewall') - - token = sql.select_do_provider(provider) - - cmd = f'cd scripts/terraform/ && sudo ansible-playbook var_generator.yml -i inventory -e "region={region} ' \ - f'group={group} size={size} os={oss} floating_ip={floating_ip} ssh_ids={ssh_ids} server_name={dovars} ' \ - f'token={token} backup={backup} monitoring={monitoring} privet_net={privet_net} firewall={firewall} ' \ - f'floating_ip={floating_ip} ssh_name={ssh_name} cloud=do"' - output, stderr = server_mod.subprocess_execute(cmd) - if stderr != '': - print(f'error: {stderr}') - else: - print('ok') diff --git a/app/modules/provisioning/gcore.py b/app/modules/provisioning/gcore.py deleted file mode 100644 index 0e407d97..00000000 --- a/app/modules/provisioning/gcore.py +++ /dev/null @@ -1,141 +0,0 @@ -import modules.db.sql as sql -import modules.common.common as common -import modules.server.server as server_mod -import modules.provisioning.common as prov_common - -form = common.form - - -def create_vars() -> None: - if form.getvalue('gcorevars'): - gcorevars = form.getvalue('gcorevars') - group = form.getvalue('gcore_create_group') - provider = form.getvalue('gcore_create_provider') - region = form.getvalue('gcore_create_regions') - project = form.getvalue('gcore_create_project') - size = form.getvalue('gcore_create_size') - oss = form.getvalue('gcore_create_oss') - ssh_name = form.getvalue('gcore_create_ssh_name') - volume_size = form.getvalue('gcore_create_volume_size') - volume_type = form.getvalue('gcore_create_volume_type') - delete_on_termination = form.getvalue('gcore_create_delete_on_termination') - network_name = form.getvalue('gcore_create_network_name') - firewall = form.getvalue('gcore_create_firewall') - network_type = form.getvalue('gcore_create_network_type') - elif form.getvalue('gcoreeditvars'): - gcorevars = form.getvalue('gcoreeditvars') - group = form.getvalue('gcore_edit_group') - provider = form.getvalue('gcore_edit_provider') - region = form.getvalue('gcore_edit_regions') - project = form.getvalue('gcore_edit_project') - size = form.getvalue('gcore_edit_size') - oss = form.getvalue('gcore_edit_oss') - ssh_name = form.getvalue('gcore_edit_ssh_name') - volume_size = form.getvalue('gcore_edit_volume_size') - volume_type = form.getvalue('gcore_edit_volume_type') - delete_on_termination = form.getvalue('gcore_edit_delete_on_termination') - network_name = form.getvalue('gcore_edit_network_name') - firewall = form.getvalue('gcore_edit_firewall') - network_type = form.getvalue('gcore_edit_network_type') - - try: - gcore_user, gcore_pass = sql.select_gcore_provider(provider) - except Exception as e: - print(e) - - cmd = 'cd scripts/terraform/ && sudo ansible-playbook var_generator.yml -i inventory -e "region={} ' \ - 'group={} size={} os={} network_name={} volume_size={} server_name={} username={} ' \ - 'pass={} firewall={} network_type={} ssh_name={} delete_on_termination={} project={} volume_type={} ' \ - 'cloud=gcore"'.format(region, group, size, oss, network_name, volume_size, gcorevars, gcore_user, gcore_pass, - firewall, network_type, ssh_name, delete_on_termination, project, volume_type) - - output, stderr = server_mod.subprocess_execute(cmd) - if stderr != '': - print(f'error: {stderr}') - else: - print('ok') - - -def validate() -> None: - if form.getvalue('gcorevalidate'): - workspace = form.getvalue('gcorevalidate') - group = form.getvalue('gcore_create_group') - else: - workspace = form.getvalue('gcoreeditvalidate') - group = form.getvalue('gcore_edit_group') - - cmd = f'cd scripts/terraform/ && sudo terraform plan -no-color -input=false -target=module.gcore_module -var-file vars/{workspace}_{group}_gcore.tfvars' - output, stderr = server_mod.subprocess_execute(cmd) - if stderr != '': - print(f'error: {stderr}') - else: - print('ok') - - -def new_workspace() -> None: - workspace = form.getvalue('gcoreworkspace') - group = form.getvalue('gcore_create_group') - provider = form.getvalue('gcore_create_provider') - region = form.getvalue('gcore_create_regions') - project = form.getvalue('gcore_create_project') - size = form.getvalue('gcore_create_size') - oss = form.getvalue('gcore_create_oss') - ssh_name = form.getvalue('gcore_create_ssh_name') - volume_size = form.getvalue('gcore_create_volume_size') - volume_type = form.getvalue('gcore_create_volume_type') - delete_on_termination = form.getvalue('gcore_create_delete_on_termination') - network_type = form.getvalue('gcore_create_network_type') - firewall = form.getvalue('gcore_create_firewall') - network_name = form.getvalue('gcore_create_network_name') - - cmd = f'cd scripts/terraform/ && sudo terraform workspace new {workspace}_{group}_gcore' - output, stderr = server_mod.subprocess_execute(cmd) - - if stderr != '': - prov_common.show_error(stderr, group, workspace, provider) - else: - try: - if sql.add_server_gcore( - project, region, size, network_type, network_name, volume_size, ssh_name, workspace, oss, firewall, - provider, group, 'Creating', delete_on_termination, volume_type - ): - prov_common.show_new_server(workspace, group, 'gcore') - except Exception as e: - print(e) - - -def edit_workspace() -> None: - workspace = form.getvalue('gcoreeditworkspace') - group = form.getvalue('gcore_edit_group') - provider = form.getvalue('gcore_edit_provider') - region = form.getvalue('gcore_edit_regions') - project = form.getvalue('gcore_edit_project') - size = form.getvalue('gcore_edit_size') - oss = form.getvalue('gcore_edit_oss') - ssh_name = form.getvalue('gcore_edit_ssh_name') - volume_size = form.getvalue('gcore_edit_volume_size') - volume_type = form.getvalue('gcore_edit_volume_type') - delete_on_termination = form.getvalue('gcore_edit_delete_on_termination') - network_type = form.getvalue('gcore_edit_network_type') - firewall = form.getvalue('gcore_edit_firewall') - network_name = form.getvalue('gcore_edit_network_name') - server_id = form.getvalue('server_id') - - try: - if sql.update_server_gcore( - region, size, network_type, network_name, volume_size, ssh_name, workspace, oss, firewall, - provider, group, 'Editing', server_id, delete_on_termination, volume_type, project - ): - - try: - cmd = f'cd scripts/terraform/ && sudo terraform workspace select {workspace}_{group}_gcore' - output, stderr = server_mod.subprocess_execute(cmd) - except Exception as e: - print('error: ' + str(e)) - - if stderr != '': - prov_common.show_error(stderr, group, workspace, provider) - else: - print('ok') - except Exception as e: - print(e) diff --git a/app/modules/provisioning/provider.py b/app/modules/provisioning/provider.py deleted file mode 100644 index 4d62badf..00000000 --- a/app/modules/provisioning/provider.py +++ /dev/null @@ -1,106 +0,0 @@ -import os -import http.cookies - -from jinja2 import Environment, FileSystemLoader - -import modules.db.sql as sql -import modules.common.common as common -import modules.roxywi.common as roxywi_common - -form = common.form - - -def create_provider() -> None: - roxywi_common.check_user_group() - is_add = False - provider_name = common.checkAjaxInput(form.getvalue('new_provider_name')) - provider_group = common.checkAjaxInput(form.getvalue('new_provider_group')) - provider_token = common.checkAjaxInput(form.getvalue('new_provider_token')) - cloud = common.checkAjaxInput(form.getvalue('new_provider_cloud')) - - if cloud == 'do': - if sql.add_provider_do(provider_name, provider_group, provider_token): - is_add = True - - elif cloud == 'aws': - provider_secret = common.checkAjaxInput(form.getvalue('aws_new_secret')) - - if sql.add_provider_aws(provider_name, provider_group, provider_token, provider_secret): - is_add = True - - elif cloud == 'gcore': - provider_pass = common.checkAjaxInput(form.getvalue('gcore_new_pass')) - - if sql.add_provider_gcore(provider_name, provider_group, provider_token, provider_pass): - is_add = True - - if is_add: - cookie = http.cookies.SimpleCookie(os.environ.get("HTTP_COOKIE")) - user_uuid = cookie.get('uuid') - group_id = roxywi_common.get_user_group(id=1) - role_id = sql.get_user_role_by_uuid(user_uuid.value, group_id) - params = sql.select_provisioning_params() - providers = sql.select_providers(provider_group, key=provider_token) - - if role_id == 1: - groups = sql.select_groups() - else: - groups = '' - - lang = roxywi_common.get_user_lang() - env = Environment(loader=FileSystemLoader('templates'), autoescape=True) - template = env.get_template('ajax/provisioning/providers.html') - template = template.render(providers=providers, role=role_id, groups=groups, user_group=provider_group, - adding=1, params=params, lang=lang) - print(template) - - -def delete_provider() -> None: - roxywi_common.check_user_group() - try: - if sql.delete_provider(common.checkAjaxInput(form.getvalue('providerdel'))): - print('Ok') - roxywi_common.logging('Roxy-WI server', 'Provider has been deleted', provisioning=1) - except Exception as e: - print(e) - - -def edit_DO_provider(provider_id: int) -> None: - roxywi_common.check_user_group() - new_name = form.getvalue('edit_do_provider_name') - new_token = form.getvalue('edit_do_provider_token') - - try: - if sql.update_do_provider(new_name, new_token, provider_id): - print('ok') - roxywi_common.logging('Roxy-WI server', f'Provider has been edited. New name is {new_name}', provisioning=1) - except Exception as e: - print(e) - - -def edit_gcore_provider(provider_id: int) -> None: - roxywi_common.check_user_group() - new_name = form.getvalue('edit_gcore_provider_name') - new_user = form.getvalue('edit_gcore_provider_user') - new_pass = form.getvalue('edit_gcore_provider_pass') - - try: - if sql.update_gcore_provider(new_name, new_user, new_pass, provider_id): - print('ok') - roxywi_common.logging('Roxy-WI server', f'Provider has been edited. New name is {new_name}', provisioning=1) - except Exception as e: - print(e) - - -def edit_aws_provider(provider_id: int) -> None: - roxywi_common.check_user_group() - new_name = form.getvalue('edit_aws_provider_name') - new_key = form.getvalue('edit_aws_provider_key') - new_secret = form.getvalue('edit_aws_provider_secret') - - try: - if sql.update_aws_provider(new_name, new_key, new_secret, provider_id): - print('ok') - roxywi_common.logging('Roxy-WI server', f'Provider has been edited. New name is {new_name}', provisioning=1) - except Exception as e: - print(e) diff --git a/app/modules/provisioning/server.py b/app/modules/provisioning/server.py deleted file mode 100644 index 85627881..00000000 --- a/app/modules/provisioning/server.py +++ /dev/null @@ -1,133 +0,0 @@ -from jinja2 import Environment, FileSystemLoader - -import modules.db.sql as sql -import modules.common.common as common -import modules.roxywi.common as roxywi_common -import modules.server.server as server_mod -import modules.provisioning.common as prov_common - -form = common.form - - -def init_server() -> None: - roxywi_common.check_user_group() - cmd = 'cd scripts/terraform/ && sudo terraform init -upgrade -no-color' - output, stderr = server_mod.subprocess_execute(cmd) - if stderr != '': - print(f'error: {stderr}') - else: - if "Terraform initialized in an empty directory" in output[0]: - print('error: There is not need module') - elif "mkdir .terraform: permission denied" in output[0]: - print('error: Cannot init. Check permission to folder') - - print(output[0]) - - -def edit_server() -> None: - roxywi_common.check_user_group() - server_id = form.getvalue('editServerId') - user_group = form.getvalue('editGroup') - provider_name = form.getvalue('editProviderName') - params = sql.select_provisioning_params() - providers = sql.select_providers(int(user_group)) - lang = roxywi_common.get_user_lang() - show_editing_server = { - 'aws': sql.select_aws_server, - 'do': sql.select_do_server, - 'gcore': sql.select_gcore_server, - } - server = show_editing_server[provider_name](server_id=server_id) - env = Environment(extensions=["jinja2.ext.do"], loader=FileSystemLoader('templates')) - template = env.get_template(f'ajax/provisioning/{provider_name}_edit_dialog.html') - template = template.render(server=server, providers=providers, params=params, lang=lang) - print(template) - - -def create_server() -> None: - roxywi_common.check_user_group() - workspace = form.getvalue('provisioning_workspace') - group = form.getvalue('provisioning_group') - provider_id = form.getvalue('provisioning_provider_id') - action = form.getvalue('provisioning_action') - cloud = form.getvalue('provisioning_cloud') - state_name = '' - - if cloud == 'aws': - state_name = 'aws_instance' - elif cloud == 'do': - state_name = 'digitalocean_droplet' - elif cloud == 'gcore': - state_name = 'gcore_instance' - - tfvars = f'{workspace}_{group}_{cloud}.tfvars' - cmd = f'cd scripts/terraform/ && sudo terraform apply -auto-approve -no-color -input=false -target=module.{cloud}_module -var-file vars/{tfvars}' - output, stderr = server_mod.subprocess_execute(cmd) - - if stderr != '': - prov_common.show_error(stderr, group, workspace, provider_id) - else: - if cloud == 'aws': - cmd = 'cd scripts/terraform/ && sudo terraform state show module.aws_module.aws_eip.floating_ip[0]|grep -Eo "[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}"' - output, stderr = server_mod.subprocess_execute(cmd) - if stderr != '': - cmd = 'cd scripts/terraform/ && sudo terraform state show module.' + cloud + '_module.' + state_name + '.hapwi|grep -Eo "[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}"' - else: - cmd = 'cd scripts/terraform/ && sudo terraform state show module.' + cloud + '_module.' + state_name + '.hapwi|grep -Eo "[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}"' - - output, stderr = server_mod.subprocess_execute(cmd) - ips = '' - for ip in output: - ips += ip - ips += ' ' - - if cloud == 'gcore': - ips = ips.split(' ')[0] - - print(ips) - try: - sql.update_provisioning_server_status('Created', group, workspace, provider_id, update_ip=ips) - except Exception as e: - print(e) - - if cloud == 'gcore': - cmd = 'cd scripts/terraform/ && sudo terraform state show module.gcore_module.gcore_instance.hapwi|grep "name"|grep -v -e "_name\|name_" |head -1 |awk -F"\\\"" \'{print $2}\'' - output, stderr = server_mod.subprocess_execute(cmd) - print(':' + output[0]) - try: - sql.update_provisioning_server_gcore_name(workspace, output[0], group, provider_id) - except Exception as e: - print(e) - - roxywi_common.logging('Roxy-WI server', f'Server {workspace} has been {action}', provisioning=1) - - -def destroy_server() -> None: - roxywi_common.check_user_group() - server_id = form.getvalue('provisiningdestroyserver') - workspace = form.getvalue('servername') - group = form.getvalue('group') - cloud_type = form.getvalue('type') - provider_id = form.getvalue('provider_id') - tf_workspace = f'{workspace}_{group}_{cloud_type}' - cmd = f'cd scripts/terraform/ && sudo terraform init -upgrade -no-color && sudo terraform workspace select {tf_workspace}' - output, stderr = server_mod.subprocess_execute(cmd) - - if stderr != '': - prov_common.show_error(stderr, group, workspace, provider_id) - else: - cmd = f'cd scripts/terraform/ && sudo terraform destroy -auto-approve -no-color -target=module.{cloud_type}_module -var-file vars/{tf_workspace}.tfvars' - output, stderr = server_mod.subprocess_execute(cmd) - - if stderr != '': - print(f'error: {stderr}') - else: - cmd = f'cd scripts/terraform/ && sudo terraform workspace select default && sudo terraform workspace delete -force {tf_workspace}' - output, stderr = server_mod.subprocess_execute(cmd) - - print('ok') - roxywi_common.logging('Roxy-WI server', 'Server has been destroyed', provisioning=1) - try: - sql.delete_provisioned_servers(server_id) - except Exception as e: - print(e) diff --git a/app/modules/roxywi/auth.py b/app/modules/roxywi/auth.py index 5012ddff..e04a410d 100644 --- a/app/modules/roxywi/auth.py +++ b/app/modules/roxywi/auth.py @@ -1,14 +1,14 @@ import os import http.cookies +from flask import request, redirect, make_response, url_for + import modules.db.sql as sql -def check_login(user_uuid, token, **kwargs): +def check_login(user_uuid, token, **kwargs) -> str: if user_uuid is None: - print('') - - ref = os.environ.get("REQUEST_URI") + return 'login_page' try: sql.delete_old_uuid() @@ -16,48 +16,85 @@ def check_login(user_uuid, token, **kwargs): raise Exception(f'error: cannot connect to DB {e}') if user_uuid is not None: - if sql.get_user_name_by_uuid(user_uuid.value) is None: - print(f'') - return False + if sql.get_user_name_by_uuid(user_uuid) is None: + return 'login_page' if kwargs.get('service'): required_service = str(kwargs.get('service')) - user_id = sql.get_user_id_by_uuid(user_uuid.value) + user_id = sql.get_user_id_by_uuid(user_uuid) user_services = sql.select_user_services(user_id) if required_service in user_services: - return True + return 'ok' else: - print('') - return False + return 'index' - sql.update_last_act_user(user_uuid.value, token) - else: - print(f'') - return False + try: + ip = request.remote_addr + except Exception: + ip = '' + + sql.update_last_act_user(user_uuid, token, ip) + + return 'login_page' def is_admin(level=1, **kwargs): if kwargs.get('role_id'): role = kwargs.get('role_id') else: - cookie = http.cookies.SimpleCookie(os.environ.get("HTTP_COOKIE")) - user_id = cookie.get('uuid') - user_id = user_id.value - group_id = cookie.get('group') - group_id = int(group_id.value) + user_id = request.cookies.get('uuid') + group_id = request.cookies.get('group') try: role = sql.get_user_role_by_uuid(user_id, group_id) except Exception: role = 4 pass - try: - return True if role <= level else False + return True if int(role) <= int(level) else False except Exception: return False def page_for_admin(level=1) -> None: if not is_admin(level=level): - print('') - return + return redirect(url_for('index')) + + +def check_in_ldap(user, password): + import ldap + + server = sql.get_setting('ldap_server') + port = sql.get_setting('ldap_port') + ldap_class_search = sql.get_setting('ldap_class_search') + root_user = sql.get_setting('ldap_user') + root_password = sql.get_setting('ldap_password') + ldap_base = sql.get_setting('ldap_base') + ldap_search_field = sql.get_setting('ldap_search_field') + ldap_user_attribute = sql.get_setting('ldap_user_attribute') + ldap_type = sql.get_setting('ldap_type') + + ldap_proto = 'ldap' if ldap_type == "0" else 'ldaps' + + ldap_bind = ldap.initialize('{}://{}:{}/'.format(ldap_proto, server, port)) + try: + ldap_bind.protocol_version = ldap.VERSION3 + ldap_bind.set_option(ldap.OPT_REFERRALS, 0) + + bind = ldap_bind.simple_bind_s(root_user, root_password) + + criteria = "(&(objectClass=" + ldap_class_search + ")(" + ldap_user_attribute + "=" + user + "))" + attributes = [ldap_search_field] + result = ldap_bind.search_s(ldap_base, ldap.SCOPE_SUBTREE, criteria, attributes) + + bind = ldap_bind.simple_bind_s(result[0][0], password) + except ldap.INVALID_CREDENTIALS: + return False + except ldap.SERVER_DOWN: + raise Exception('error: LDAP server is down') + except ldap.LDAPError as e: + if type(e.message) == dict and 'desc' in e.message: + raise Exception(f'error: {e.message["desc"]}') + else: + raise Exception (f'error: {e}') + else: + return True diff --git a/app/modules/roxywi/common.py b/app/modules/roxywi/common.py index 07827130..a71f41e4 100644 --- a/app/modules/roxywi/common.py +++ b/app/modules/roxywi/common.py @@ -4,6 +4,7 @@ import glob import http.cookies import distro +from flask import request, redirect, make_response, url_for import modules.db.sql as sql import modules.common.common as common @@ -24,18 +25,16 @@ def get_user_group(**kwargs) -> str: user_group = '' try: - cookie = http.cookies.SimpleCookie(os.environ.get("HTTP_COOKIE")) - user_group_id = cookie.get('group') - user_group_id1 = user_group_id.value - groups = sql.select_groups(id=user_group_id1) + user_group_id = request.cookies.get('group') + groups = sql.select_groups(id=user_group_id) for g in groups: - if g.group_id == int(user_group_id1): + if g.group_id == int(user_group_id): if kwargs.get('id'): user_group = g.group_id else: user_group = g.name - except Exception: - check_user_group() + except Exception as e: + raise Exception(f'error: {e}') return user_group @@ -44,27 +43,41 @@ def check_user_group(**kwargs): if kwargs.get('token') is not None: return True + cookie = http.cookies.SimpleCookie(os.environ.get("HTTP_COOKIE")) + if kwargs.get('user_uuid'): group_id = kwargs.get('user_group_id') user_uuid = kwargs.get('user_uuid') user_id = sql.get_user_id_by_uuid(user_uuid) else: - cookie = http.cookies.SimpleCookie(os.environ.get("HTTP_COOKIE")) user_uuid = cookie.get('uuid') - group = cookie.get('group') - group_id = group.value - user_id = sql.get_user_id_by_uuid(user_uuid.value) + group_id = cookie.get('group') + user_id = sql.get_user_id_by_uuid(user_uuid) + + if sql.check_user_group(user_id, group_id): + return True + else: + logging('Roxy-WI server', ' has tried to actions in not his group ', roxywi=1, login=1) + return False + + +def check_user_group_for_flask(**kwargs): + if kwargs.get('token') is not None: + return True + + if kwargs.get('user_uuid'): + group_id = kwargs.get('user_group_id') + user_uuid = kwargs.get('user_uuid') + user_id = sql.get_user_id_by_uuid(user_uuid) + else: + user_uuid = request.cookies.get('uuid') + group_id = request.cookies.get('group') + user_id = sql.get_user_id_by_uuid(user_uuid) if sql.check_user_group(user_id, group_id): return True else: logging('Roxy-WI server', ' has tried to actions in not his group ', roxywi=1, login=1) - try: - ref = os.environ.get("REQUEST_URI").split('&')[0] - except Exception: - ref = os.environ.get("REQUEST_URI") - ref = common.checkAjaxInput(ref) - print(f'') return False @@ -72,11 +85,10 @@ def get_user_id(**kwargs): if kwargs.get('login'): return sql.get_user_id_by_username(kwargs.get('login')) - cookie = http.cookies.SimpleCookie(os.environ.get("HTTP_COOKIE")) - user_uuid = cookie.get('uuid') + user_uuid = request.cookies.get('uuid') if user_uuid is not None: - user_id = sql.get_user_id_by_uuid(user_uuid.value) + user_id = sql.get_user_id_by_uuid(user_uuid) return user_id @@ -89,18 +101,10 @@ def check_is_server_in_group(server_ip: str) -> bool: return True else: logging('Roxy-WI server', ' has tried to actions in not his group server ', roxywi=1, login=1) - try: - ref = os.environ.get("REQUEST_URI").split('&')[0] - except Exception: - ref = os.environ.get("REQUEST_URI") - ref = common.checkAjaxInput(ref) - print(f'') return False -def get_files(folder=None, file_format='cfg') -> list: - if folder is None: - folder = get_config_var.get_config_var('configs', 'haproxy_save_configs_dir') +def get_files(folder, file_format, server_ip=None) -> list: if file_format == 'log': file = [] else: @@ -120,7 +124,7 @@ def get_files(folder=None, file_format='cfg') -> list: if file_format == 'cfg' or file_format == 'conf': for file in files: ip = file.split("-") - if serv == ip[0]: + if server_ip == ip[0]: return_files.add(file) return sorted(return_files, reverse=True) else: @@ -147,9 +151,8 @@ def logging(server_ip: str, action: str, **kwargs) -> None: ip = '' try: - cookie = http.cookies.SimpleCookie(os.environ.get("HTTP_COOKIE")) - user_uuid = cookie.get('uuid') - login = sql.get_user_name_by_uuid(user_uuid.value) + user_uuid = request.cookies.get('uuid') + login = sql.get_user_name_by_uuid(user_uuid) except Exception: login_name = kwargs.get('login') try: @@ -219,9 +222,17 @@ def get_dick_permit(**kwargs): else: token = '' - if check_user_group(token=token): + if not kwargs.get('group_id'): try: - servers = sql.get_dick_permit(**kwargs) + group_id = get_user_group(id=1) + except Exception as e: + return str(e) + else: + group_id = kwargs.get('group_id') + + if check_user_group_for_flask(token=token): + try: + servers = sql.get_dick_permit(group_id, **kwargs) except Exception as e: raise Exception(e) else: @@ -231,33 +242,30 @@ def get_dick_permit(**kwargs): def get_users_params(**kwargs): - cookie = http.cookies.SimpleCookie(os.environ.get("HTTP_COOKIE")) - try: - user_uuid = cookie.get('uuid') - user = sql.get_user_name_by_uuid(user_uuid.value) + user_uuid = request.cookies.get('uuid') + user = sql.get_user_name_by_uuid(user_uuid) except Exception: - print('') + make_response(redirect(url_for('login_page'))) return try: - group_id = cookie.get('group') - group_id = int(group_id.value) + group_id = int(request.cookies.get('group')) except Exception: - print('') + make_response(redirect(url_for('login_page'))) return try: - role = sql.get_user_role_by_uuid(user_uuid.value, group_id) + role = sql.get_user_role_by_uuid(user_uuid, group_id) except Exception: - print('') + make_response(redirect(url_for('login_page'))) return try: - user_id = sql.get_user_id_by_uuid(user_uuid.value) + user_id = sql.get_user_id_by_uuid(user_uuid) user_services = sql.select_user_services(user_id) - token = sql.get_token(user_uuid.value) + token = sql.get_token(user_uuid) except Exception: - print('') + make_response(redirect(url_for('login_page'))) return if kwargs.get('virt') and kwargs.get('haproxy'): @@ -273,7 +281,7 @@ def get_users_params(**kwargs): else: servers = get_dick_permit() - user_lang = get_user_lang() + user_lang = get_user_lang_for_flask() user_params = { 'user': user, @@ -297,6 +305,21 @@ def get_user_lang() -> str: except Exception: return 'en' + if user_lang is None: + user_lang = 'en' + + return user_lang + + +def get_user_lang_for_flask() -> str: + try: + user_lang = request.cookies.get('lang') + except Exception: + return 'en' + + if user_lang is None: + user_lang = 'en' + return user_lang @@ -312,3 +335,13 @@ def return_unsubscribed_user_status() -> dict: user_subscription = {'user_status': 0, 'user_plan': 0} return user_subscription + + +def return_user_subscription(): + try: + user_subscription = return_user_status() + except Exception as e: + user_subscription = return_unsubscribed_user_status() + roxywi_common.logging('Roxy-WI server', f'Cannot get a user plan: {e}', roxywi=1) + + return user_subscription diff --git a/app/modules/roxywi/group.py b/app/modules/roxywi/group.py index 460b186e..33aa7a0f 100644 --- a/app/modules/roxywi/group.py +++ b/app/modules/roxywi/group.py @@ -2,19 +2,19 @@ import modules.db.sql as sql import modules.roxywi.common as roxywi_common -def update_group(group_id: int, group_name: str, desc: str) -> None: - print(group_name) +def update_group(group_id: int, group_name: str, desc: str) -> str: if group_name == '': - print(roxywi_common.return_error_message()) + return roxywi_common.return_error_message() else: try: sql.update_group(group_name, desc, group_id) roxywi_common.logging('Roxy-WI server', f'The {group_name} has been updated', roxywi=1, login=1) + return 'ok' except Exception as e: - print(f'error: {e}') + return f'error: {e}' -def delete_group(group_id: int) -> None: +def delete_group(group_id: int) -> str: group = sql.select_groups(id=group_id) group_name = '' @@ -22,5 +22,5 @@ def delete_group(group_id: int) -> None: group_name = g.name if sql.delete_group(group_id): - print("Ok") roxywi_common.logging('Roxy-WI server', f'The {group_name} has been deleted', roxywi=1, login=1) + return 'ok' diff --git a/app/modules/roxywi/logs.py b/app/modules/roxywi/logs.py index 3490484b..d2e6aae9 100644 --- a/app/modules/roxywi/logs.py +++ b/app/modules/roxywi/logs.py @@ -54,33 +54,29 @@ def show_log(stdout, **kwargs): def show_roxy_log( - serv, rows='10', waf='0', grep=None, hour='00', - minute='00', hour1='24', minute1='00', service='haproxy', **kwargs + serv, rows='10', waf='0', grep=None, exgrep=None, hour='00', + minute='00', hour1='24', minute1='00', service='haproxy', log_file='123', **kwargs ) -> str: - exgrep = form.getvalue('exgrep') - log_file = form.getvalue('file') date = checkAjaxInput(hour) + ':' + checkAjaxInput(minute) date1 = checkAjaxInput(hour1) + ':' + checkAjaxInput(minute1) rows = checkAjaxInput(rows) waf = checkAjaxInput(waf) cmd = '' awk_column = 3 + grep_act = '' + exgrep_act = '' - if grep is not None: + if grep: grep_act = '|egrep "%s"' % checkAjaxInput(grep) - else: - grep_act = '' - if exgrep is not None: + if exgrep: exgrep_act = '|egrep -v "%s"' % checkAjaxInput(exgrep) - else: - exgrep_act = '' if log_file is not None: log_file = checkAjaxInput(log_file) - if '..' in log_file: return 'error: nice try' + if '..' in log_file: raise Exception('error: nice try') else: - if '..' in serv: return 'error: nice try' + if '..' in serv: raise Exception('error: nice try') if service in ('nginx', 'haproxy', 'apache', 'keepalived'): syslog_server_enable = sql.get_setting('syslog_server_enable') @@ -102,9 +98,10 @@ def show_roxy_log( else: local_path_logs = sql.get_setting('haproxy_path_logs') commands = ["sudo cat %s/%s| awk '$3>\"%s:00\" && $3<\"%s:00\"' |tail -%s %s %s" % (local_path_logs, log_file, date, date1, rows, grep_act, exgrep_act)] + syslog_server = serv else: - if '..' in serv: return 'error: nice try' + if '..' in serv: raise Exception('error: nice try') commands = ["sudo cat /var/log/%s/syslog.log | sed '/ %s:00/,/ %s:00/! d' |tail -%s %s %s %s" % (serv, date, date1, rows, grep_act, grep, exgrep_act)] syslog_server = sql.get_setting('syslog_server') @@ -112,6 +109,7 @@ def show_roxy_log( if waf == "1": local_path_logs = '/var/log/waf.log' commands = ["sudo cat %s |tail -%s %s %s" % (local_path_logs, rows, grep_act, exgrep_act)] + if kwargs.get('html') == 0: a = server_mod.ssh_command(syslog_server, commands) return show_log(a, html=0, grep=grep) diff --git a/app/modules/roxywi/metrics.py b/app/modules/roxywi/metrics.py index af15fa1d..dcaeeac5 100644 --- a/app/modules/roxywi/metrics.py +++ b/app/modules/roxywi/metrics.py @@ -1,12 +1,10 @@ -import json - import psutil import modules.db.sql as sql import modules.server.server as server_mod -def show_ram_metrics(metrics_type: str) -> None: +def show_ram_metrics(metrics_type: str) -> dict: metrics = {'chartData': {}} rams = '' @@ -27,10 +25,10 @@ def show_ram_metrics(metrics_type: str) -> None: metrics['chartData']['rams'] = rams - print(json.dumps(metrics)) + return metrics -def show_cpu_metrics(metrics_type: str) -> None: +def show_cpu_metrics(metrics_type: str) -> dict: metrics = {'chartData': {}} cpus = '' @@ -54,10 +52,10 @@ def show_cpu_metrics(metrics_type: str) -> None: metrics['chartData']['cpus'] = cpus - print(json.dumps(metrics)) + return metrics -def haproxy_metrics(server_ip: str, hostname: str, time_range: str) -> None: +def haproxy_metrics(server_ip: str, hostname: str, time_range: str) -> dict: metric = sql.select_metrics(server_ip, 'haproxy', time_range=time_range) metrics = {'chartData': {}} metrics['chartData']['labels'] = {} @@ -82,10 +80,10 @@ def haproxy_metrics(server_ip: str, hostname: str, time_range: str) -> None: metrics['chartData']['sess_rate'] = sess_rate metrics['chartData']['server'] = hostname + ' (' + server + ')' - print(json.dumps(metrics)) + return metrics -def haproxy_http_metrics(server_ip: str, hostname: str, time_range: str) -> None: +def haproxy_http_metrics(server_ip: str, hostname: str, time_range: str) -> dict: metric = sql.select_metrics(server_ip, 'http_metrics', time_range=time_range) metrics = {'chartData': {}} metrics['chartData']['labels'] = {} @@ -113,10 +111,10 @@ def haproxy_http_metrics(server_ip: str, hostname: str, time_range: str) -> None metrics['chartData']['http_5xx'] = http_5xx metrics['chartData']['server'] = f'{hostname} ({server})' - print(json.dumps(metrics)) + return metrics -def service_metrics(server_ip: str, hostname: str, service: str, time_range: str) -> None: +def service_metrics(server_ip: str, hostname: str, service: str, time_range: str) -> dict: metric = sql.select_metrics(server_ip, service, time_range=time_range) metrics = {'chartData': {}} @@ -134,4 +132,4 @@ def service_metrics(server_ip: str, hostname: str, service: str, time_range: str metrics['chartData']['curr_con'] = curr_con metrics['chartData']['server'] = f'{hostname} ({server_ip})' - print(json.dumps(metrics)) + return metrics diff --git a/app/modules/roxywi/nettools.py b/app/modules/roxywi/nettools.py index 740fd90d..1889c751 100644 --- a/app/modules/roxywi/nettools.py +++ b/app/modules/roxywi/nettools.py @@ -1,20 +1,13 @@ -import modules.common.common as common import modules.server.server as server_mod -form = common.form - -def ping_from_server() -> None: - server_from = common.checkAjaxInput(form.getvalue('nettools_icmp_server_from')) - server_to = common.checkAjaxInput(form.getvalue('nettools_icmp_server_to')) - server_to = common.is_ip_or_dns(server_to) - action = common.checkAjaxInput(form.getvalue('nettools_action')) +def ping_from_server(server_from: str, server_to: str, action: str) -> str: stderr = '' action_for_sending = '' + output1 = '' if server_to == '': - print('warning: enter a correct IP or DNS name') - return + return 'warning: enter a correct IP or DNS name' if action == 'nettools_ping': action_for_sending = 'ping -c 4 -W 1 -s 56 -O ' @@ -30,35 +23,32 @@ def ping_from_server() -> None: output = server_mod.ssh_command(server_from, action_for_sending, raw=1, timeout=15) if stderr != '': - print(f'error: {stderr}') - return + return f'error: {stderr}' for i in output: if i == ' ' or i == '': continue i = i.strip() if 'PING' in i: - print('') + output1 += '' elif 'no reply' in i or 'no answer yet' in i or 'Too many hops' in i or '100% packet loss' in i: - print('') + output1 += '' elif 'ms' in i and '100% packet loss' not in i: - print('') + output1 += '' else: - print('') + output1 += '' - print(i + '
') + output1 += i + '
' + + return output1 -def telnet_from_server() -> None: - server_from = common.checkAjaxInput(form.getvalue('nettools_telnet_server_from')) - server_to = common.checkAjaxInput(form.getvalue('nettools_telnet_server_to')) - server_to = common.is_ip_or_dns(server_to) - port_to = common.checkAjaxInput(form.getvalue('nettools_telnet_port_to')) +def telnet_from_server(server_from: str, server_to: str, port_to: str) -> str: count_string = 0 stderr = '' + output1 = '' if server_to == '': - print('warning: enter a correct IP or DNS name') - return + return 'warning: enter a correct IP or DNS name' if server_from == 'localhost': action_for_sending = f'echo "exit"|nc {server_to} {port_to} -t -w 1s' @@ -68,33 +58,27 @@ def telnet_from_server() -> None: output = server_mod.ssh_command(server_from, action_for_sending, raw=1) if stderr != '': - print(f'error: {stderr[5:]}') - return + return f'error: {stderr[5:]}' for i in output: if i == ' ': continue i = i.strip() if i == 'Ncat: Connection timed out.': - print(f'error: {i[5:]}') - break - print(i + '
') + return f'error: {i[5:]}' + output1 += i + '
' count_string += 1 if count_string > 1: break + return output1 - -def nslookup_from_server() -> None: - server_from = common.checkAjaxInput(form.getvalue('nettools_nslookup_server_from')) - dns_name = common.checkAjaxInput(form.getvalue('nettools_nslookup_name')) - dns_name = common.is_ip_or_dns(dns_name) - record_type = common.checkAjaxInput(form.getvalue('nettools_nslookup_record_type')) +def nslookup_from_server(server_from: str, dns_name: str, record_type: str) -> str: count_string = 0 stderr = '' + output1 = '' if dns_name == '': - print('warning: enter a correct DNS name') - return + return 'warning: enter a correct DNS name' action_for_sending = f'dig {dns_name} {record_type} |grep -e "SERVER\|{dns_name}"' @@ -105,23 +89,21 @@ def nslookup_from_server() -> None: output = server_mod.ssh_command(server_from, action_for_sending, raw=1) if stderr != '': - print('error: ' + stderr[5:-1]) - return + return 'error: ' + stderr[5:-1] - print( - f'The {dns_name} domain has the following records:') + output1 += f'The {dns_name} domain has the following records:' for i in output: if 'dig: command not found.' in i: - print('error: Install bind-utils before using NSLookup') - break + return 'error: Install bind-utils before using NSLookup' if ';' in i and ';; SERVER:' not in i: continue if 'SOA' in i and record_type != 'SOA': - print('There are not any records for this type') - break + return 'There are not any records for this type' if ';; SERVER:' in i: i = i[10:] - print('
From NS server:
') + output1 += '
From NS server:
' i = i.strip() - print('' + i + '
') + output1 += '' + i + '
' count_string += 1 + + return output1 diff --git a/app/modules/roxywi/overview.py b/app/modules/roxywi/overview.py index 55c3f143..ac25b718 100644 --- a/app/modules/roxywi/overview.py +++ b/app/modules/roxywi/overview.py @@ -1,7 +1,8 @@ import os -import http.cookies +import psutil import requests +from flask import render_template, request from jinja2 import Environment, FileSystemLoader import modules.db.sql as sql @@ -12,11 +13,8 @@ import modules.server.server as server_mod import modules.service.common as service_common -def user_ovw() -> None: - env = Environment(loader=FileSystemLoader('templates/'), autoescape=True) - template = env.get_template('ajax/show_users_ovw.html') - - lang = roxywi_common.get_user_lang() +def user_owv(): + lang = roxywi_common.get_user_lang_for_flask() roles = sql.select_roles() user_params = roxywi_common.get_users_params() users_groups = sql.select_user_groups_with_names(1, all=1) @@ -27,109 +25,77 @@ def user_ovw() -> None: else: users = sql.select_users() - template = template.render(users=users, users_groups=users_groups, lang=lang, roles=roles) - print(template) + return render_template('ajax/show_users_ovw.html', users=users, users_groups=users_groups, lang=lang, roles=roles) def show_sub_ovw() -> None: - env = Environment(loader=FileSystemLoader('templates/'), autoescape=True) - lang = roxywi_common.get_user_lang() - template = env.get_template('ajax/show_sub_ovw.html') - template = template.render(sub=sql.select_user_all(), lang=lang) - print(template) + lang = roxywi_common.get_user_lang_for_flask() + + return render_template('ajax/show_sub_ovw.html', sub=sql.select_user_all(), lang=lang) def show_overview(serv) -> None: - import asyncio + servers = [] + user_uuid = request.cookies.get('uuid') + group_id = request.cookies.get('group') + lang = roxywi_common.get_user_lang_for_flask() + role = sql.get_user_role_by_uuid(user_uuid, group_id) + server = [server for server in sql.select_servers(server=serv)] + user_id = sql.get_user_id_by_uuid(user_uuid) + user_services = sql.select_user_services(user_id) - async def async_get_overview(serv1, serv2, user_uuid, server_id): - user_id = sql.get_user_id_by_uuid(user_uuid) - user_services = sql.select_user_services(user_id) + haproxy = sql.select_haproxy(serv) if '1' in user_services else 0 + nginx = sql.select_nginx(serv) if '2' in user_services else 0 + keepalived = sql.select_keepalived(serv) if '3' in user_services else 0 + apache = sql.select_apache(serv) if '4' in user_services else 0 - haproxy = sql.select_haproxy(serv) if '1' in user_services else 0 - nginx = sql.select_nginx(serv) if '2' in user_services else 0 - keepalived = sql.select_keepalived(serv) if '3' in user_services else 0 - apache = sql.select_apache(serv) if '4' in user_services else 0 + waf = sql.select_waf_servers(server[0][2]) + haproxy_process = '' + keepalived_process = '' + nginx_process = '' + apache_process = '' + waf_process = '' - waf = sql.select_waf_servers(serv2) - haproxy_process = '' - keepalived_process = '' - nginx_process = '' - apache_process = '' - waf_process = '' + try: + waf_len = len(waf) + except Exception: + waf_len = 0 + if haproxy: + cmd = f'echo "show info" |nc {server[0][2]} {sql.get_setting("haproxy_sock_port")} -w 1|grep -e "Process_num"' + haproxy_process = service_common.server_status(server_mod.subprocess_execute(cmd)) + + if nginx: + nginx_cmd = f'echo "something" |nc {server[0][2]} {sql.get_setting("nginx_stats_port")} -w 1' + nginx_process = service_common.server_status(server_mod.subprocess_execute(nginx_cmd)) + + if apache: + apache_cmd = f'echo "something" |nc {server[0][2]} {sql.get_setting("apache_stats_port")} -w 1' + apache_process = service_common.server_status(server_mod.subprocess_execute(apache_cmd)) + + if keepalived: + command = ["ps ax |grep keepalived|grep -v grep|wc -l|tr -d '\n'"] try: - waf_len = len(waf) - except Exception: - waf_len = 0 + keepalived_process = server_mod.ssh_command(server[0][2], command) + except Exception as e: + raise Exception(f'error: {e} for server {server[0][2]}') - if haproxy: - cmd = f'echo "show info" |nc {serv2} {sql.get_setting("haproxy_sock_port")} -w 1|grep -e "Process_num"' - haproxy_process = service_common.server_status(server_mod.subprocess_execute(cmd)) + if waf_len >= 1: + command = ["ps ax |grep waf/bin/modsecurity |grep -v grep |wc -l"] + try: + waf_process = server_mod.ssh_command(server[0][2], command) + except Exception as e: + raise Exception(f'error: {e} for server {server[0][2]}') - if nginx: - nginx_cmd = f'echo "something" |nc {serv2} {sql.get_setting("nginx_stats_port")} -w 1' - nginx_process = service_common.server_status(server_mod.subprocess_execute(nginx_cmd)) + server_status = ( + server[0][1], server[0][2], haproxy, haproxy_process, waf_process, waf, keepalived, keepalived_process, nginx, + nginx_process, server[0][0], apache, apache_process + ) - if apache: - apache_cmd = f'echo "something" |nc {serv2} {sql.get_setting("apache_stats_port")} -w 1' - apache_process = service_common.server_status(server_mod.subprocess_execute(apache_cmd)) + servers.append(server_status) + servers_sorted = sorted(servers, key=common.get_key) - if keepalived: - command = ["ps ax |grep keepalived|grep -v grep|wc -l|tr -d '\n'"] - try: - keepalived_process = server_mod.ssh_command(serv2, command) - except Exception as e: - print(f'error: {e} for server {serv2}') - return - - if waf_len >= 1: - command = ["ps ax |grep waf/bin/modsecurity |grep -v grep |wc -l"] - try: - waf_process = server_mod.ssh_command(serv2, command) - except Exception as e: - print(f'error: {e} for server {serv2}') - return - - server_status = (serv1, - serv2, - haproxy, - haproxy_process, - waf_process, - waf, - keepalived, - keepalived_process, - nginx, - nginx_process, - server_id, - apache, - apache_process) - return server_status - - async def get_runner_overview(): - env = Environment(loader=FileSystemLoader('templates/'), autoescape=True, - extensions=['jinja2.ext.loopcontrols', 'jinja2.ext.do']) - - servers = [] - template = env.get_template('ajax/overview.html') - cookie = http.cookies.SimpleCookie(os.environ.get("HTTP_COOKIE")) - user_uuid = cookie.get('uuid') - group_id = cookie.get('group') - group_id = int(group_id.value) - lang = roxywi_common.get_user_lang() - role = sql.get_user_role_by_uuid(user_uuid.value, group_id) - futures = [async_get_overview(server[1], server[2], user_uuid.value, server[0]) for server in - sql.select_servers(server=serv)] - for i, future in enumerate(asyncio.as_completed(futures)): - result = await future - servers.append(result) - servers_sorted = sorted(servers, key=common.get_key) - template = template.render(service_status=servers_sorted, role=role, lang=lang) - print(template) - - ioloop = asyncio.get_event_loop() - ioloop.run_until_complete(get_runner_overview()) - ioloop.close() + return render_template('ajax/overview.html', service_status=servers_sorted, role=role, lang=lang) def show_haproxy_binout(server_ip: str) -> None: @@ -151,14 +117,12 @@ def show_haproxy_binout(server_ip: str) -> None: server_ip, port) cout, stderr3 = server_mod.subprocess_execute(cmd) bin_bout.append(cout[0]) - lang = roxywi_common.get_user_lang() - env = Environment(loader=FileSystemLoader('templates'), autoescape=True) - template = env.get_template('ajax/bin_bout.html') - template = template.render(bin_bout=bin_bout, serv=server_ip, service='haproxy', lang=lang) - print(template) + lang = roxywi_common.get_user_lang_for_flask() + + return render_template('ajax/bin_bout.html', bin_bout=bin_bout, serv=server_ip, service='haproxy', lang=lang) -def show_nginx_connections(server_ip: str) -> None: +def show_nginx_connections(server_ip: str) -> str: port = sql.get_setting('nginx_stats_port') user = sql.get_setting('nginx_stats_user') password = sql.get_setting('nginx_stats_password') @@ -175,13 +139,10 @@ def show_nginx_connections(server_ip: str) -> None: if num == 2: bin_bout.append(line.split(' ')[3]) - lang = roxywi_common.get_user_lang() - env = Environment(loader=FileSystemLoader('templates')) - template = env.get_template('ajax/bin_bout.html') - template = template.render(bin_bout=bin_bout, serv=server_ip, service='nginx', lang=lang) - print(template) + lang = roxywi_common.get_user_lang_for_flask() + return render_template('ajax/bin_bout.html', bin_bout=bin_bout, serv=server_ip, service='nginx', lang=lang) else: - print('error: cannot connect to NGINX stat page') + return 'error: cannot connect to NGINX stat page' def show_apache_bytes(server_ip: str) -> None: @@ -199,21 +160,13 @@ def show_apache_bytes(server_ip: str) -> None: if 'ReqPerSec' in line or 'BytesPerSec' in line: bin_bout.append(line.split(' ')[1]) - lang = roxywi_common.get_user_lang() - env = Environment(loader=FileSystemLoader('templates')) - template = env.get_template('ajax/bin_bout.html') - template = template.render(bin_bout=bin_bout, serv=server_ip, service='apache', lang=lang) - print(template) + lang = roxywi_common.get_user_lang_for_flask() + return render_template('ajax/bin_bout.html', bin_bout=bin_bout, serv=server_ip, service='apache', lang=lang) else: - print('error: cannot connect to Apache stat page') + return 'error: cannot connect to Apache stat page' -def show_services_overview() -> None: - import psutil - from jinja2 import Environment, FileSystemLoader - - env = Environment(loader=FileSystemLoader('templates/'), autoescape=True) - template = env.get_template('ajax/show_services_ovw.html') +def show_services_overview(): user_params = roxywi_common.get_users_params() grafana = 0 metrics_worker = 0 @@ -221,7 +174,7 @@ def show_services_overview() -> None: servers_group = [] host = os.environ.get('HTTP_HOST', '') user_group = roxywi_common.get_user_group(id=1) - lang = roxywi_common.get_user_lang() + lang = roxywi_common.get_user_lang_for_flask() if (user_params['role'] == 2 or user_params['role'] == 3) and int(user_group) != 1: for s in user_params['servers']: @@ -268,7 +221,8 @@ def show_services_overview() -> None: cmd = "systemctl is-active roxy-wi-socket" socket, stderr = server_mod.subprocess_execute(cmd) - rendered_template = template.render( + return render_template( + 'ajax/show_services_ovw.html', role=user_params['role'], metrics_master=''.join(metrics_master), metrics_worker=metrics_worker, checker_master=''.join(checker_master), checker_worker=checker_worker, keep_alive=''.join(keep_alive), smon=''.join(smon), port_scanner=''.join(port_scanner), grafana=grafana, socket=''.join(socket), @@ -279,14 +233,10 @@ def show_services_overview() -> None: keep_alive_log_id=roxy_logs.roxy_wi_log(log_id=1, file="keep_alive"), socket_log_id=roxy_logs.roxy_wi_log(log_id=1, file="socket"), error=stderr, lang=lang ) - print(rendered_template) - def keepalived_became_master(server_ip) -> None: commands = ["sudo kill -USR2 $(cat /var/run/keepalived.pid) && sudo grep 'Became master' /tmp/keepalived.stats |awk '{print $3}'"] became_master = server_mod.ssh_command(server_ip, commands) - lang = roxywi_common.get_user_lang() - env = Environment(loader=FileSystemLoader('templates')) - template = env.get_template('ajax/bin_bout.html') - template = template.render(bin_bout=became_master, serv=server_ip, service='keepalived', lang=lang) - print(template) + lang = roxywi_common.get_user_lang_for_flask() + + return render_template('ajax/bin_bout.html', bin_bout=became_master, serv=server_ip, service='keepalived', lang=lang) diff --git a/app/modules/roxywi/roxy.py b/app/modules/roxywi/roxy.py index e40ef724..bdad1de2 100644 --- a/app/modules/roxywi/roxy.py +++ b/app/modules/roxywi/roxy.py @@ -50,8 +50,8 @@ def update_roxy_wi(service): cmd = f'sudo -S yum -y install {service} {restart_service}' output, stderr = server_mod.subprocess_execute(cmd) - print(output) - print(stderr) + return output + # print(stderr) def check_ver(): @@ -68,6 +68,8 @@ def versions(): current_ver_without_dots += '00' if len(current_ver_without_dots) == 3: current_ver_without_dots += '0' + if len(current_ver_without_dots) == 7: + current_ver_without_dots += '0' current_ver_without_dots = int(current_ver_without_dots) except Exception: current_ver = "Sorry cannot get current version" @@ -82,6 +84,8 @@ def versions(): new_ver_without_dots += '00' if len(new_ver_without_dots) == 3: new_ver_without_dots += '0' + if len(new_ver_without_dots) == 7: + new_ver_without_dots += '0' new_ver_without_dots = int(new_ver_without_dots) except Exception as e: new_ver = "Cannot get a new version" @@ -192,21 +196,16 @@ def check_new_version(service): return res -def action_service(action: str, service: str) -> None: - if action not in ('start', 'stop', 'restart'): - print('error: wrong action') - return - +def action_service(action: str, service: str) -> str: is_in_docker = is_docker() cmd = f"sudo systemctl disable {service} --now" if action in ("start", "restart"): cmd = f"sudo systemctl {action} {service} --now" if not sql.select_user_status(): - print( - 'warning: The service is disabled because you are not subscribed. Read here about subscriptions') - return + return 'warning: The service is disabled because you are not subscribed. Read here about subscriptions' if is_in_docker: cmd = f"sudo supervisorctl {action} {service}" os.system(cmd) roxywi_common.logging('Roxy-WI server', f' The service {service} has been {action}ed', roxywi=1, login=1) + return 'ok' diff --git a/app/modules/roxywi/user.py b/app/modules/roxywi/user.py index 7a81d526..af4fc29a 100644 --- a/app/modules/roxywi/user.py +++ b/app/modules/roxywi/user.py @@ -1,128 +1,89 @@ import os -from jinja2 import Environment, FileSystemLoader +from flask import render_template, request import modules.db.sql as sql -import modules.common.common as common -import modules.roxywi.auth as roxywi_auth import modules.roxywi.common as roxywi_common -import modules.alerting.alerting as alerting - -form = common.form +import modules.tools.alerting as alerting -def create_user(new_user: str, email: str, password: str, role: str, activeuser: int, group: int, **kwargs) -> bool: - if roxywi_common.check_user_group(token=kwargs.get('token')): - - if roxywi_auth.is_admin(level=2, role_id=kwargs.get('role_id')): - try: - user_id = sql.add_user(new_user, email, password, role, activeuser, group) - sql.update_user_role(user_id, group, role) - roxywi_common.logging(f'a new user {new_user}', ' has been created ', roxywi=1, login=1) - try: - sql.update_user_role(user_id, group, role) - except Exception as e: - print(f'error: cannot update user role {e}') - try: - if password == 'aduser': - password = 'your domain password' - message = f"A user has been created for you on Roxy-WI portal!\n\n" \ - f"Now you can login to https://{os.environ.get('HTTP_HOST', '')}\n\n" \ - f"Your credentials are:\n" \ - f"Login: {new_user}\n" \ - f"Password: {password}" - alerting.send_email(email, 'A user has been created for you', message) - except Exception as e: - roxywi_common.logging('error: Cannot send email for a new user', e, roxywi=1, login=1) - except Exception as e: - print(f'error: Cannot create a new user: {e}') - roxywi_common.logging('error: Cannot create a new user', e, roxywi=1, login=1) - return False - else: - print('error: dalsdm') - roxywi_common.logging(new_user, ' tried to privilege escalation', roxywi=1, login=1) - return False - - return True +def create_user(new_user: str, email: str, password: str, role: str, activeuser: int, group: int) -> bool: + try: + user_id = sql.add_user(new_user, email, password, role, activeuser, group) + sql.update_user_role(user_id, group, role) + roxywi_common.logging(f'a new user {new_user}', ' has been created ', roxywi=1, login=1) + try: + sql.update_user_role(user_id, group, role) + except Exception as e: + raise Exception(f'error: cannot update user role {e}') + try: + if password == 'aduser': + password = 'your domain password' + message = f"A user has been created for you on Roxy-WI portal!\n\n" \ + f"Now you can login to https://{os.environ.get('HTTP_HOST', '')}\n\n" \ + f"Your credentials are:\n" \ + f"Login: {new_user}\n" \ + f"Password: {password}" + alerting.send_email(email, 'A user has been created for you', message) + except Exception as e: + roxywi_common.logging('error: Cannot send email for a new user', e, roxywi=1, login=1) + except Exception as e: + roxywi_common.logging('error: Cannot create a new user', e, roxywi=1, login=1) + raise Exception(f'error: Cannot create a new user: {e}') + else: + return True -def delete_user(): - userdel = int(form.getvalue('userdel')) - if sql.is_user_super_admin(userdel): +def delete_user(user_id: int) -> str: + if sql.is_user_super_admin(user_id): count_super_admin_users = sql.get_super_admin_count() if count_super_admin_users < 2: raise Exception('error: you cannot delete a last user with superAdmin role') - user = sql.select_users(id=userdel) + user = sql.select_users(id=user_id) username = '' for u in user: username = u.username - if sql.delete_user(userdel): - sql.delete_user_groups(userdel) + if sql.delete_user(user_id): + sql.delete_user_groups(user_id) roxywi_common.logging(username, ' has been deleted user ', roxywi=1, login=1) - print("Ok") + return "ok" -def update_user(): - email = form.getvalue('email') - new_user = form.getvalue('updateuser') - user_id = form.getvalue('id') - activeuser = form.getvalue('activeuser') - group_id = int(form.getvalue('usergroup')) - - if roxywi_common.check_user_group(): - if form.getvalue('role'): - role_id = int(form.getvalue('role')) - if roxywi_auth.is_admin(level=role_id): - try: - sql.update_user(new_user, email, role_id, user_id, activeuser) - except Exception as e: - print(e) - sql.update_user_role(user_id, group_id, role_id) - roxywi_common.logging(new_user, ' has been updated user ', roxywi=1, login=1) - else: - roxywi_common.logging(new_user, ' tried to privilege escalation', roxywi=1, login=1) - else: - try: - sql.update_user_from_admin_area(new_user, email, user_id, activeuser) - except Exception as e: - print(e) - roxywi_common.logging(new_user, ' has been updated user ', roxywi=1, login=1) +def update_user(email, new_user, user_id, enabled, group_id, role_id): + try: + sql.update_user(new_user, email, role_id, user_id, enabled) + except Exception as e: + print(e) + sql.update_user_role(user_id, group_id, role_id) + roxywi_common.logging(new_user, ' has been updated user ', roxywi=1, login=1) -def update_user_password(): - password = form.getvalue('updatepassowrd') +def update_user_password(password, uuid, user_id_from_get): username = '' - if form.getvalue('uuid'): - user_id = sql.get_user_id_by_uuid(form.getvalue('uuid')) + if uuid: + user_id = sql.get_user_id_by_uuid(uuid) else: - user_id = form.getvalue('id') + user_id = user_id_from_get user = sql.select_users(id=user_id) for u in user: username = u.username sql.update_user_password(password, user_id) - roxywi_common.logging('user ' + username, ' has changed password ', roxywi=1, login=1) - print("Ok") + roxywi_common.logging(f'user {username}', ' has changed password ', roxywi=1, login=1) + return 'ok' -def get_user_services() -> None: - user_id = common.checkAjaxInput(form.getvalue('getuserservices')) - lang = roxywi_common.get_user_lang() +def get_user_services(user_id: int) -> None: + lang = roxywi_common.get_user_lang_for_flask() services = sql.select_services() - env = Environment(loader=FileSystemLoader('templates/'), autoescape=True) - template = env.get_template('ajax/show_user_services.html') - template = template.render(user_services=sql.select_user_services(user_id), id=user_id, services=services, lang=lang) - print(template) + return render_template( + 'ajax/user_services.html', user_services=sql.select_user_services(user_id), id=user_id, services=services, lang=lang + ) -def change_user_services() -> None: - import json - - user_id = common.checkAjaxInput(form.getvalue('changeUserServicesId')) - user = common.checkAjaxInput(form.getvalue('changeUserServicesUser')) +def change_user_services(user: str, user_id: int, user_services: str) -> str: services = '' - user_services = json.loads(form.getvalue('jsonDatas')) for k, v in user_services.items(): for k2, v2 in v.items(): @@ -131,55 +92,42 @@ def change_user_services() -> None: try: if sql.update_user_services(services=services, user_id=user_id): roxywi_common.logging('Roxy-WI server', f'Access to the services has been updated for user: {user}', roxywi=1, login=1) + return 'ok' except Exception as e: - print(e) + return f'error: Cannot save: {e}' -def change_user_active_group() -> None: - group_id = common.checkAjaxInput(form.getvalue('changeUserCurrentGroupId')) - user_uuid = common.checkAjaxInput(form.getvalue('changeUserGroupsUser')) - +def change_user_active_group(group_id: int, user_uuid: str) -> str: try: if sql.update_user_current_groups(group_id, user_uuid): - print('Ok') + return 'Ok' else: - print('error: Cannot change group') + return 'error: Cannot change group' except Exception as e: - print(e) + return f'error: Cannot change the group: {e}' -def get_user_active_group(user_id: str, group: str) -> None: - group_id = sql.get_user_id_by_uuid(user_id.value) +def get_user_active_group(uuid: str, group: str) -> str: + group_id = sql.get_user_id_by_uuid(uuid) groups = sql.select_user_groups_with_names(group_id) - lang = roxywi_common.get_user_lang() - env = Environment(loader=FileSystemLoader('templates/'), autoescape=True) - template = env.get_template('ajax/show_user_current_group.html') - template = template.render(groups=groups, group=group.value, id=group_id, lang=lang) - print(template) + lang = roxywi_common.get_user_lang_for_flask() + return render_template('ajax/user_current_group.html', groups=groups, group=group, id=group_id, lang=lang) -def show_user_groups_and_roles() -> None: - user_id = common.checkAjaxInput(form.getvalue('user_id')) +def show_user_groups_and_roles(user_id: int, lang: str) -> None: groups = sql.select_user_groups_with_names(user_id, user_not_in_group=1) roles = sql.select_roles() - lang = roxywi_common.get_user_lang() user_groups = sql.select_user_groups_with_names(user_id) - env = Environment(loader=FileSystemLoader('templates/'), autoescape=True) - template = env.get_template('ajax/show_user_groups_and_roles.html') - template = template.render(groups=groups, user_groups=user_groups, roles=roles, lang=lang) - print(template) + return render_template('ajax/user_groups_and_roles.html', groups=groups, user_groups=user_groups, roles=roles, lang=lang) -def save_user_group_and_role() -> None: +def save_user_group_and_role(user: str, groups_and_roles: str) -> str: import json - user = common.checkAjaxInput(form.getvalue('changeUserGroupsUser')) - groups_and_roles = json.loads(form.getvalue('jsonDatas')) - for k, v in groups_and_roles.items(): user_id = int(k) if not sql.delete_user_groups(user_id): - print('error: cannot delete old groups') + return 'error: Cannot delete old groups' for k2, v2 in v.items(): group_id = int(k2) role_id = int(v2['role_id']) @@ -190,13 +138,12 @@ def save_user_group_and_role() -> None: break else: roxywi_common.logging('Roxy-WI server', f'Groups and roles have been updated for user: {user}', roxywi=1, login=1) - print('ok') + return 'ok' -def get_ldap_email() -> None: +def get_ldap_email(username) -> str: import ldap - username = common.checkAjaxInput(form.getvalue('get_ldap_email')) server = sql.get_setting('ldap_server') port = sql.get_setting('ldap_port') user = sql.get_setting('ldap_user') @@ -224,8 +171,8 @@ def get_ldap_email() -> None: results = [entry for dn, entry in result if isinstance(entry, dict)] try: - print('["' + results[0][ldap_search_field][0].decode("utf-8") + '","' + domain + '"]') + return '["' + results[0][ldap_search_field][0].decode("utf-8") + '","' + domain + '"]' except Exception: - print('error: user not found') + return 'error: user not found' finally: ldap_bind.unbind() diff --git a/app/modules/roxywi/waf.py b/app/modules/roxywi/waf.py index 323680af..a0225da0 100644 --- a/app/modules/roxywi/waf.py +++ b/app/modules/roxywi/waf.py @@ -1,7 +1,4 @@ -import os -import http.cookies - -from jinja2 import Environment, FileSystemLoader +from flask import render_template, request import modules.db.sql as sql import modules.common.common as common @@ -12,19 +9,10 @@ form = common.form def waf_overview(serv, waf_service) -> None: - env = Environment( - loader=FileSystemLoader('templates/'), autoescape=True, - extensions=['jinja2.ext.loopcontrols', 'jinja2.ext.do'] - ) - template = env.get_template('ajax/overivewWaf.html') - servers = sql.select_servers(server=serv) - cookie = http.cookies.SimpleCookie(os.environ.get("HTTP_COOKIE")) - user_id = cookie.get('uuid') - group_id = cookie.get('group') - group_id = int(group_id.value) - - config_path = '' + user_id = request.cookies.get('uuid') + group_id = int(request.cookies.get('group')) + role = sql.get_user_role_by_uuid(user_id, group_id) returned_servers = [] waf = '' metrics_en = 0 @@ -77,17 +65,13 @@ def waf_overview(serv, waf_service) -> None: returned_servers.append(server_status) - lang = roxywi_common.get_user_lang() + lang = roxywi_common.get_user_lang_for_flask() servers_sorted = sorted(returned_servers, key=common.get_key) - template = template.render(service_status=servers_sorted, role=sql.get_user_role_by_uuid(user_id.value, group_id), - waf_service=waf_service, lang=lang) - print(template) + + return render_template('ajax/overivewWaf.html', service_status=servers_sorted, role=role, waf_service=waf_service, lang=lang) -def change_waf_mode() -> None: - waf_mode = common.checkAjaxInput(form.getvalue('change_waf_mode')) - server_hostname = form.getvalue('server_hostname') - service = common.checkAjaxInput(form.getvalue('service')) +def change_waf_mode(waf_mode: str, server_hostname: str, service: str) -> str: serv = sql.select_server_by_name(server_hostname) if service == 'haproxy': @@ -96,19 +80,22 @@ def change_waf_mode() -> None: config_dir = sql.get_setting('nginx_dir') commands = [f"sudo sed -i 's/^SecRuleEngine.*/SecRuleEngine {waf_mode}/' {config_dir}/waf/modsecurity.conf"] - server_mod.ssh_command(serv, commands) + + try: + server_mod.ssh_command(serv, commands) + except Exception as e: + return str(e) + roxywi_common.logging(serv, f'Has been changed WAF mod to {waf_mode}', roxywi=1, login=1) + return 'ok' -def switch_waf_rule(serv) -> None: - enable = common.checkAjaxInput(form.getvalue('waf_en')) - rule_id = common.checkAjaxInput(form.getvalue('waf_rule_id')) +def switch_waf_rule(serv: str, enable: int, rule_id: int) -> str: haproxy_path = sql.get_setting('haproxy_dir') rule_file = sql.select_waf_rule_by_id(rule_id) conf_file_path = haproxy_path + '/waf/modsecurity.conf' rule_file_path = f'Include {haproxy_path}/waf/rules/{rule_file}' - print(rule_file_path) if enable == '0': cmd = ["sudo sed -i 's!" + rule_file_path + "!#" + rule_file_path + "!' " + conf_file_path] @@ -123,15 +110,14 @@ def switch_waf_rule(serv) -> None: except Exception: pass - print(server_mod.ssh_command(serv, cmd)) sql.update_enable_waf_rules(rule_id, serv, enable) + return server_mod.ssh_command(serv, cmd) -def create_waf_rule(serv) -> None: - service = common.checkAjaxInput(form.getvalue('service')) - new_waf_rule = common.checkAjaxInput(form.getvalue('new_waf_rule')) - new_rule_desc = common.checkAjaxInput(form.getvalue('new_rule_description')) - rule_file = common.checkAjaxInput(form.getvalue('new_rule_file')) +def create_waf_rule(serv, service) -> str: + new_waf_rule = common.checkAjaxInput(request.form.get('new_waf_rule')) + new_rule_desc = common.checkAjaxInput(request.form.get('new_rule_description')) + rule_file = common.checkAjaxInput(request.form.get('new_rule_file')) rule_file = f'{rule_file}.conf' waf_path = '' @@ -144,11 +130,13 @@ def create_waf_rule(serv) -> None: rule_file_path = f'{waf_path}waf/rules/{rule_file}' cmd = [f"sudo echo Include {rule_file_path} >> {conf_file_path} && sudo touch {rule_file_path}"] - print(server_mod.ssh_command(serv, cmd)) - print(sql.insert_new_waf_rule(new_waf_rule, rule_file, new_rule_desc, service, serv)) + server_mod.ssh_command(serv, cmd) + sql.insert_new_waf_rule(new_waf_rule, rule_file, new_rule_desc, service, serv) try: roxywi_common.logging('WAF', f' A new rule has been created {rule_file} on the server {serv}', roxywi=1, login=1) except Exception: pass + + return 'ok' diff --git a/app/modules/server/__init__.py b/app/modules/server/__init__.py index 37e2fc10..dedaf7a8 100644 --- a/app/modules/server/__init__.py +++ b/app/modules/server/__init__.py @@ -1 +1 @@ -NAME = 'roxy-wi-server-modules' +NAME = 'roxy-wi-server-module' diff --git a/app/modules/server/server.py b/app/modules/server/server.py index b23bd326..8df3b459 100644 --- a/app/modules/server/server.py +++ b/app/modules/server/server.py @@ -1,6 +1,6 @@ import json -from jinja2 import Environment, FileSystemLoader +from flask import render_template, request import modules.db.sql as sql import modules.server.ssh as mod_ssh @@ -38,8 +38,6 @@ def ssh_command(server_ip: str, commands: list, **kwargs): try: if kwargs.get('raw'): return stdout.readlines() - if kwargs.get("ip") == "1": - show_ip(stdout) elif kwargs.get("show_log") == "1": import modules.roxywi.logs as roxywi_logs @@ -103,14 +101,6 @@ def get_remote_files(server_ip: str, config_dir: str, file_format: str): return config_files -def show_ip(stdout): - for line in stdout: - if "Permission denied" in line: - print(f'error: {line}') - else: - print(line) - - def get_system_info(server_ip: str) -> str: server_ip = common.is_ip_or_dns(server_ip) if server_ip == '': @@ -123,7 +113,7 @@ def get_system_info(server_ip: str) -> str: try: sys_info_returned = ssh_command(server_ip, command, timeout=5) except Exception as e: - raise e + raise Exception(e) if 'not found' in sys_info_returned: raise Exception(f'You should install lshw on the server {server_ip}. Update System info after installation.') @@ -131,7 +121,7 @@ def get_system_info(server_ip: str) -> str: try: os_info = ssh_command(server_ip, command1) except Exception as e: - raise e + raise Exception(e) os_info = os_info.strip() system_info = json.loads(sys_info_returned) @@ -346,85 +336,54 @@ def get_system_info(server_ip: str) -> str: raise e -def show_system_info() -> None: - server_ip = form.getvalue('server_ip') - server_ip = common.is_ip_or_dns(server_ip) - server_id = form.getvalue('server_id') - - if server_ip == '': - print('error: IP or DNS name is not valid') - return - - env = Environment(loader=FileSystemLoader('templates/'), autoescape=True, - extensions=["jinja2.ext.loopcontrols", "jinja2.ext.do"]) - env.globals['string_to_dict'] = common.string_to_dict - template = env.get_template('ajax/show_system_info.html') +def show_system_info(server_ip: str, server_id: int) -> str: if sql.is_system_info(server_id): try: get_system_info(server_ip) + except Exception as e: + return f'123 {e}' + try: system_info = sql.select_one_system_info(server_id) - template = template.render(system_info=system_info, server_ip=server_ip, server_id=server_id) - print(template) + return render_template('ajax/show_system_info.html', system_info=system_info, server_ip=server_ip, server_id=server_id) except Exception as e: - print(f'Cannot update server info: {e}') + return f'Cannot update server info: {e}' else: system_info = sql.select_one_system_info(server_id) - template = template.render(system_info=system_info, server_ip=server_ip, server_id=server_id) - print(template) + return render_template('ajax/show_system_info.html', system_info=system_info, server_ip=server_ip, server_id=server_id) -def update_system_info() -> None: - server_ip = form.getvalue('server_ip') - server_ip = common.is_ip_or_dns(server_ip) - server_id = form.getvalue('server_id') - - if server_ip == '': - print('error: IP or DNS name is not valid') - return - +def update_system_info(server_ip: str, server_id: int) -> str: sql.delete_system_info(server_id) - env = Environment(loader=FileSystemLoader('templates/'), autoescape=True, - extensions=["jinja2.ext.loopcontrols", "jinja2.ext.do"]) - env.globals['string_to_dict'] = common.string_to_dict - template = env.get_template('ajax/show_system_info.html') - try: get_system_info(server_ip) system_info = sql.select_one_system_info(server_id) - template = template.render(system_info=system_info, server_ip=server_ip, server_id=server_id) - print(template) + return render_template('ajax/show_system_info.html', system_info=system_info, server_ip=server_ip, server_id=server_id) except Exception as e: - print(f'error: Cannot update server info: {e}') + return f'error: Cannot update server info: {e}' -def show_firewalld_rules() -> None: - serv = common.checkAjaxInput(form.getvalue('viewFirewallRules')) - +def show_firewalld_rules(server_ip) -> str: + input_chain2 = [] cmd = ["sudo iptables -L INPUT -n --line-numbers|sed 's/ */ /g'|grep -v -E 'Chain|target'"] cmd1 = ["sudo iptables -L IN_public_allow -n --line-numbers|sed 's/ */ /g'|grep -v -E 'Chain|target'"] cmd2 = ["sudo iptables -L OUTPUT -n --line-numbers|sed 's/ */ /g'|grep -v -E 'Chain|target'"] - input_chain = ssh_command(serv, cmd, raw=1) + input_chain = ssh_command(server_ip, cmd, raw=1) - input_chain2 = [] for each_line in input_chain: input_chain2.append(each_line.strip('\n')) if 'error:' in input_chain: - print(input_chain) - return + return input_chain - in_public_allow = ssh_command(serv, cmd1, raw=1) - output_chain = ssh_command(serv, cmd2, raw=1) - lang = roxywi_common.get_user_lang() - env = Environment(loader=FileSystemLoader('templates')) - template = env.get_template('ajax/firewall_rules.html') - template = template.render(input_chain=input_chain2, IN_public_allow=in_public_allow, output_chain=output_chain, lang=lang) - print(template) + in_public_allow = ssh_command(server_ip, cmd1, raw=1) + output_chain = ssh_command(server_ip, cmd2, raw=1) + lang = roxywi_common.get_user_lang_for_flask() + return render_template('ajax/firewall_rules.html', input_chain=input_chain2, IN_public_allow=in_public_allow, output_chain=output_chain, lang=lang) def create_server(hostname, ip, group, typeip, enable, master, cred, port, desc, haproxy, nginx, apache, firewall, **kwargs) -> bool: @@ -437,7 +396,7 @@ def create_server(hostname, ip, group, typeip, enable, master, cred, port, desc, return False -def update_server_after_creating(hostname: str, ip: str, scan_server: int) -> None: +def update_server_after_creating(hostname: str, ip: str, scan_server: int) -> str: try: try: sql.insert_new_checker_setting_for_server(ip) @@ -481,8 +440,10 @@ def update_server_after_creating(hostname: str, ip: str, scan_server: int) -> No roxywi_common.logging(f'Cannot get information from {hostname}', str(e), roxywi=1, login=1) raise Exception(f'error: Cannot get information from {hostname} {e}') + return 'ok' -def delete_server(server_id: int) -> None: + +def delete_server(server_id: int) -> str: server = sql.select_servers(id=server_id) server_ip = '' hostname = '' @@ -492,11 +453,9 @@ def delete_server(server_id: int) -> None: server_ip = s[2] if sql.check_exists_backup(server_ip): - print('warning: Delete the backup first') - return + return 'warning: Delete the backup first' if sql.check_exists_s3_backup(server_ip): - print('warning: Delete the S3 backup first') - return + return 'warning: Delete the S3 backup first' if sql.delete_server(server_id): sql.delete_waf_server(server_id) sql.delete_port_scanner_settings(server_id) @@ -504,34 +463,25 @@ def delete_server(server_id: int) -> None: sql.delete_action_history(server_id) sql.delete_system_info(server_id) sql.delete_service_settings(server_id) - print("Ok") roxywi_common.logging(server_ip, f'The server {hostname} has been deleted', roxywi=1, login=1) + return 'Ok' -def server_is_up(server_ip: str) -> None: +def server_is_up(server_ip: str) -> str: cmd = [f'if ping -c 1 -W 1 {server_ip} >> /dev/null; then echo up; else echo down; fi'] server_status, stderr = subprocess_execute(cmd) - print(server_status) + return server_status[0] -def show_server_services() -> None: - server_id = common.checkAjaxInput(form.getvalue('server_id')) +def show_server_services(server_id: int) -> None: server = sql.select_servers(id=server_id) - env = Environment(loader=FileSystemLoader('templates')) - template = env.get_template('ajax/show_server_services.html') - lang = roxywi_common.get_user_lang() - template = template.render(server=server, lang=lang) - print(template) + lang = roxywi_common.get_user_lang_for_flask() + return render_template('ajax/show_server_services.html', server=server, lang=lang) -def change_server_services() -> None: - import json - - server_id = common.checkAjaxInput(form.getvalue('changeServerServicesId')) - server_name = common.checkAjaxInput(form.getvalue('changeServerServicesServer')) +def change_server_services(server_id: int, server_name: str, server_services: str) -> str: services = sql.select_services() services_status = {} - server_services = json.loads(form.getvalue('jsonDatas')) for k, v in server_services.items(): for service in services: @@ -541,5 +491,6 @@ def change_server_services() -> None: try: if sql.update_server_services(server_id, services_status[1], services_status[2], services_status[4], services_status[3]): roxywi_common.logging('Roxy-WI server', f'Active services have been updated for {server_name}', roxywi=1, login=1) + return 'ok' except Exception as e: - print(e) + return f'error: {e}' diff --git a/app/modules/server/ssh.py b/app/modules/server/ssh.py index a4a74d8a..fa2469be 100644 --- a/app/modules/server/ssh.py +++ b/app/modules/server/ssh.py @@ -1,6 +1,7 @@ import os import paramiko +from flask import render_template, request import modules.db.sql as sql import modules.common.common as common @@ -16,7 +17,6 @@ get_config = roxy_wi_tools.GetConfigVar() def return_ssh_keys_path(server_ip: str, **kwargs) -> dict: lib_path = get_config.get_config_var('main', 'lib_path') ssh_settings = {} - if kwargs.get('id'): sshs = sql.select_ssh(id=kwargs.get('id')) else: @@ -29,8 +29,11 @@ def return_ssh_keys_path(server_ip: str, **kwargs) -> dict: ssh_key = f'{lib_path}/keys/{ssh.name}.pem' if ssh.enable == 1 else '' ssh_settings.setdefault('key', ssh_key) - ssh_port = [str(server[10]) for server in sql.select_servers(server=server_ip)] - ssh_settings.setdefault('port', ssh_port[0]) + try: + ssh_port = [str(server[10]) for server in sql.select_servers(server=server_ip)] + ssh_settings.setdefault('port', ssh_port[0]) + except Exception as e: + raise Exception(f'error: Cannot get SSH settings: {e}') return ssh_settings @@ -48,29 +51,24 @@ def ssh_connect(server_ip): return ssh -def create_ssh_cred() -> None: - from jinja2 import Environment, FileSystemLoader - - name = common.checkAjaxInput(form.getvalue('new_ssh')) - enable = common.checkAjaxInput(form.getvalue('ssh_enable')) - group = common.checkAjaxInput(form.getvalue('new_group')) +def create_ssh_cred() -> str: + name = common.checkAjaxInput(request.form.get('new_ssh')) + enable = common.checkAjaxInput(request.form.get('ssh_enable')) + group = common.checkAjaxInput(request.form.get('new_group')) group_name = sql.get_group_name_by_id(group) - username = common.checkAjaxInput(form.getvalue('ssh_user')) - password = common.checkAjaxInput(form.getvalue('ssh_pass')) - page = common.checkAjaxInput(form.getvalue('page')) + username = common.checkAjaxInput(request.form.get('ssh_user')) + password = common.checkAjaxInput(request.form.get('ssh_pass')) + page = common.checkAjaxInput(request.form.get('page')) page = page.split("#")[0] - lang = roxywi_common.get_user_lang() + lang = roxywi_common.get_user_lang_for_flask() name = f'{name}_{group_name}' if username is None or name is None: - print(error_mess) + return error_mess else: if sql.insert_new_ssh(name, enable, group, username, password): - env = Environment(loader=FileSystemLoader('templates/'), autoescape=True) - template = env.get_template('ajax/new_ssh.html') - output_from_parsed_template = template.render(groups=sql.select_groups(), sshs=sql.select_ssh(name=name), page=page, lang=lang) - print(output_from_parsed_template) roxywi_common.logging('Roxy-WI server', f'New SSH credentials {name} has been created', roxywi=1, login=1) + return render_template('ajax/new_ssh.html', groups=sql.select_groups(), sshs=sql.select_ssh(name=name), page=page, lang=lang) def create_ssh_cread_api(name: str, enable: str, group: str, username: str, password: str) -> bool: @@ -90,7 +88,7 @@ def create_ssh_cread_api(name: str, enable: str, group: str, username: str, pass return True -def upload_ssh_key(name: str, user_group: str, key: str) -> bool: +def upload_ssh_key(name: str, user_group: str, key: str) -> str: if '..' in name: raise Exception('error: nice try') @@ -125,28 +123,27 @@ def upload_ssh_key(name: str, user_group: str, key: str) -> bool: except Exception as e: raise Exception(f'error: Cannot save SSH key file: {e}') else: - print(f'success: SSH key has been saved into: {ssh_keys}') + try: + os.chmod(ssh_keys, 0o600) + except IOError as e: + roxywi_common.logging('Roxy-WI server', e.args[0], roxywi=1) + raise Exception(f'error: something went wrong: {e}') - try: - os.chmod(ssh_keys, 0o600) - except IOError as e: - roxywi_common.logging('Roxy-WI server', e.args[0], roxywi=1) - raise Exception(f'error: something went wrong: {e}') - - roxywi_common.logging("Roxy-WI server", f"A new SSH cert has been uploaded {ssh_keys}", roxywi=1, login=1) + roxywi_common.logging("Roxy-WI server", f"A new SSH cert has been uploaded {ssh_keys}", roxywi=1, login=1) + return f'success: SSH key has been saved into: {ssh_keys}' -def update_ssh_key() -> None: - ssh_id = common.checkAjaxInput(form.getvalue('id')) - name = common.checkAjaxInput(form.getvalue('name')) - enable = common.checkAjaxInput(form.getvalue('ssh_enable')) - group = common.checkAjaxInput(form.getvalue('group')) - username = common.checkAjaxInput(form.getvalue('ssh_user')) - password = common.checkAjaxInput(form.getvalue('ssh_pass')) +def update_ssh_key() -> str: + ssh_id = common.checkAjaxInput(request.form.get('id')) + name = common.checkAjaxInput(request.form.get('name')) + enable = common.checkAjaxInput(request.form.get('ssh_enable')) + group = common.checkAjaxInput(request.form.get('group')) + username = common.checkAjaxInput(request.form.get('ssh_user')) + password = common.checkAjaxInput(request.form.get('ssh_pass')) new_ssh_key_name = '' if username is None: - print(error_mess) + return error_mess else: lib_path = get_config.get_config_var('main', 'lib_path') @@ -162,15 +159,16 @@ def update_ssh_key() -> None: sql.update_ssh(ssh_id, name, enable, group, username, password) roxywi_common.logging('Roxy-WI server', f'The SSH credentials {name} has been updated ', roxywi=1, login=1) + return 'ok' -def delete_ssh_key() -> None: + +def delete_ssh_key(ssh_id) -> str: lib_path = get_config.get_config_var('main', 'lib_path') - sshdel = common.checkAjaxInput(form.getvalue('sshdel')) name = '' ssh_enable = 0 ssh_key_name = '' - for sshs in sql.select_ssh(id=sshdel): + for sshs in sql.select_ssh(id=ssh_id): ssh_enable = sshs.enable name = sshs.name ssh_key_name = f'{lib_path}/keys/{sshs.name}.pem' @@ -180,6 +178,6 @@ def delete_ssh_key() -> None: os.remove(ssh_key_name) except Exception: pass - if sql.delete_ssh(sshdel): - print("Ok") + if sql.delete_ssh(ssh_id): roxywi_common.logging('Roxy-WI server', f'The SSH credentials {name} has deleted', roxywi=1, login=1) + return 'ok' diff --git a/app/modules/service/action.py b/app/modules/service/action.py index ec36f909..2aab9cca 100644 --- a/app/modules/service/action.py +++ b/app/modules/service/action.py @@ -5,12 +5,21 @@ import modules.roxywi.common as roxywi_common import modules.service.common as service_common -def action_haproxy(server_ip: str, action: str) -> None: - haproxy_service_name = "haproxy" +def common_action(server_ip: str, action: str, service: str) -> str: + action_functions = { + 'haproxy': action_haproxy, + 'nginx': action_nginx, + 'keepalived': action_keepalived, + 'apache': action_apache, + 'waf_haproxy': action_haproxy_waf, + 'waf_nginx': action_nginx_waf + } - if action not in ('start', 'stop', 'reload', 'restart'): - print('error: wrong action') - return + return action_functions[service](server_ip, action) + + +def action_haproxy(server_ip: str, action: str) -> str: + haproxy_service_name = "haproxy" service_common.is_restarted(server_ip, action) @@ -31,16 +40,12 @@ def action_haproxy(server_ip: str, action: str) -> None: commands = [f"sudo systemctl {action} {haproxy_service_name}"] server_mod.ssh_command(server_ip, commands, timeout=5) roxywi_common.logging(server_ip, f'Service has been {action}ed', roxywi=1, login=1, keep_history=1, service='haproxy') - print(f"success: HAProxy has been {action}") + return f"success: HAProxy has been {action}" else: - print("error: Bad config, check please") + return "error: Bad config, check please" -def action_nginx(server_ip: str, action: str) -> None: - if action not in ('start', 'stop', 'reload', 'restart'): - print('error: wrong action') - return - +def action_nginx(server_ip: str, action: str) -> str: service_common.is_restarted(server_ip, action) if service_common.check_nginx_config(server_ip): @@ -57,29 +62,21 @@ def action_nginx(server_ip: str, action: str) -> None: commands = [f"sudo systemctl {action} nginx"] server_mod.ssh_command(server_ip, commands, timeout=5) roxywi_common.logging(server_ip, f'Service has been {action}ed', roxywi=1, login=1, keep_history=1, service='nginx') - print(f"success: NGINX has been {action}") + return f"success: NGINX has been {action}" else: - print("error: Bad config, check please") + return "error: Bad config, check please" -def action_keepalived(server_ip: str, action: str) -> None: - if action not in ('start', 'stop', 'reload', 'restart'): - print('error: wrong action') - return - +def action_keepalived(server_ip: str, action: str) -> str: service_common.is_restarted(server_ip, action) commands = [f"sudo systemctl {action} keepalived"] server_mod.ssh_command(server_ip, commands) roxywi_common.logging(server_ip, f'Service has been {action}ed', roxywi=1, login=1, keep_history=1, service='keepalived') - print(f"success: Keepalived has been {action}") + return f"success: Keepalived has been {action}" -def action_apache(server_ip: str, action: str) -> None: - if action not in ('start', 'stop', 'reload', 'restart'): - print('error: wrong action') - return - +def action_apache(server_ip: str, action: str) -> str: service_common.is_restarted(server_ip, action) server_id = sql.select_server_id_by_ip(server_ip) @@ -97,29 +94,22 @@ def action_apache(server_ip: str, action: str) -> None: commands = [f"sudo systemctl {action} {service_apache_name}"] server_mod.ssh_command(server_ip, commands, timeout=5) roxywi_common.logging(server_ip, f'Service has been {action}ed', roxywi=1, login=1, keep_history=1, service='apache') - print(f"success: Apache has been {action}") + return f"success: Apache has been {action}" -def action_haproxy_waf(server_ip: str, action: str) -> None: - if action not in ('start', 'stop', 'reload', 'restart'): - print('error: wrong action') - return - +def action_haproxy_waf(server_ip: str, action: str) -> str: service_common.is_restarted(server_ip, action) roxywi_common.logging(server_ip, f'HAProxy WAF service has been {action}ed', roxywi=1, login=1, keep_history=1, service='haproxy') commands = [f"sudo systemctl {action} waf"] server_mod.ssh_command(server_ip, commands) + return f"success: WAF has been {action}" -def action_nginx_waf(server_ip: str, action: str) -> None: +def action_nginx_waf(server_ip: str, action: str) -> str: config_dir = common.return_nice_path(sql.get_setting('nginx_dir')) - if action not in ('start', 'stop'): - print('error: wrong action') - return - service_common.is_restarted(server_ip, action) waf_new_state = 'on' if action == 'start' else 'off' @@ -131,12 +121,14 @@ def action_nginx_waf(server_ip: str, action: str) -> None: f" && sudo systemctl reload nginx"] server_mod.ssh_command(server_ip, commands) + return f"success: Apache has been {action}" -def check_service(server_ip: str, user_uuid: str, service: str) -> None: + +def check_service(server_ip: str, user_uuid: str, service: str) -> str: import socket from contextlib import closing - user_id = sql.get_user_id_by_uuid(user_uuid.value) + user_id = sql.get_user_id_by_uuid(user_uuid) user_services = sql.select_user_services(user_id) if '1' in user_services: @@ -146,10 +138,9 @@ def check_service(server_ip: str, user_uuid: str, service: str) -> None: out = server_mod.subprocess_execute(cmd) for k in out[0]: if "Name" in k: - print('up') - break + return 'up' else: - print('down') + return 'down' if '2' in user_services: if service == 'nginx': nginx_stats_port = sql.get_setting('nginx_stats_port') @@ -159,11 +150,11 @@ def check_service(server_ip: str, user_uuid: str, service: str) -> None: try: if sock.connect_ex((server_ip, nginx_stats_port)) == 0: - print('up') + return 'up' else: - print('down') - except Exception: - print('down') + return 'down' + except Exception as e: + return 'down' + str(e) if '4' in user_services: if service == 'apache': apache_stats_port = sql.get_setting('apache_stats_port') @@ -173,8 +164,8 @@ def check_service(server_ip: str, user_uuid: str, service: str) -> None: try: if sock.connect_ex((server_ip, apache_stats_port)) == 0: - print('up') + return 'up' else: - print('down') + return 'down' except Exception as e: - print('down' + str(e)) + return 'down' + str(e) diff --git a/app/modules/service/backup.py b/app/modules/service/backup.py index 0bca4f43..6b9328c1 100644 --- a/app/modules/service/backup.py +++ b/app/modules/service/backup.py @@ -1,6 +1,6 @@ import os -from jinja2 import Environment, FileSystemLoader +from flask import render_template import modules.db.sql as sql import modules.server.ssh as ssh_mod @@ -9,9 +9,10 @@ import modules.roxywi.common as roxywi_common import modules.service.installation as installation_mod -def backup(serv, rpath, time, backup_type, rserver, cred, deljob, update, description) -> None: +def backup(serv, rpath, time, backup_type, rserver, cred, deljob, update, description) -> str: script = 'backup.sh' - ssh_settings = ssh_mod.return_ssh_keys_path('localhost', id=cred) + ssh_settings = ssh_mod.return_ssh_keys_path(rserver, id=cred) + full_path = '/var/www/haproxy-wi/app' if deljob: time = '' @@ -22,54 +23,53 @@ def backup(serv, rpath, time, backup_type, rserver, cred, deljob, update, descri else: deljob = '' if sql.check_exists_backup(serv): - print(f'warning: Backup job for {serv} already exists') - return None + return f'warning: Backup job for {serv} already exists' - os.system(f"cp scripts/{script} .") + os.system(f"cp {full_path}/scripts/{script} {full_path}/{script}") commands = [ - f"chmod +x {script} && ./{script} HOST={rserver} SERVER={serv} TYPE={backup_type} SSH_PORT={ssh_settings['port']} " + f"chmod +x {full_path}/{script} && {full_path}/{script} HOST={rserver} SERVER={serv} TYPE={backup_type} SSH_PORT={ssh_settings['port']} " f"TIME={time} RPATH={rpath} DELJOB={deljob} USER={ssh_settings['user']} KEY={ssh_settings['key']}" ] output, error = server_mod.subprocess_execute(commands[0]) + try: + os.remove(f'{full_path}/{script}') + except Exception: + pass + for line in output: if any(s in line for s in ("Traceback", "FAILED")): try: - print(f'error: {line}') - break + return f'error: {line}' except Exception: - print(f'error: {output}') - break + return f'error: {output}' else: if not deljob and not update: if sql.insert_backup_job(serv, rserver, rpath, backup_type, time, cred, description): - env = Environment(loader=FileSystemLoader('templates/ajax'), autoescape=True) - template = env.get_template('new_backup.html') - template = template.render( - backups=sql.select_backups(server=serv, rserver=rserver), sshs=sql.select_ssh() + roxywi_common.logging('backup ', f' a new backup job for server {serv} has been created', roxywi=1, + login=1) + return render_template( + 'ajax/new_backup.html',backups=sql.select_backups(server=serv, rserver=rserver), sshs=sql.select_ssh() ) - print(template) - print('success: Backup job has been created') - roxywi_common.logging('backup ', f' a new backup job for server {serv} has been created', roxywi=1, login=1) + else: - print('error: Cannot add the job into DB') + raise Exception('error: Cannot add the job into DB') elif deljob: sql.delete_backups(deljob) - print('Ok') roxywi_common.logging('backup ', f' a backup job for server {serv} has been deleted', roxywi=1, login=1) + return 'ok' elif update: sql.update_backup(serv, rserver, rpath, backup_type, time, cred, description, update) - print('Ok') roxywi_common.logging('backup ', f' a backup job for server {serv} has been updated', roxywi=1, login=1) - - os.remove(script) + return 'ok' -def s3_backup(server, s3_server, bucket, secret_key, access_key, time, deljob, description) -> None: +def s3_backup(server, s3_server, bucket, secret_key, access_key, time, deljob, description) -> str: script = 's3_backup.sh' tag = 'add' + full_path = '/var/www/haproxy-wi/app' if deljob: time = '' @@ -80,36 +80,38 @@ def s3_backup(server, s3_server, bucket, secret_key, access_key, time, deljob, d if sql.check_exists_s3_backup(server): raise Exception(f'error: Backup job for {server} already exists') - os.system(f"cp scripts/{script} .") + os.system(f"cp {full_path}/scripts/{script} {full_path}/{script}") commands = [ - f"chmod +x {script} && ./{script} SERVER={server} S3_SERVER={s3_server} BUCKET={bucket} SECRET_KEY={secret_key} ACCESS_KEY={access_key} TIME={time} TAG={tag}" + f"chmod +x {full_path}/{script} && {full_path}/{script} SERVER={server} S3_SERVER={s3_server} BUCKET={bucket} " + f"SECRET_KEY={secret_key} ACCESS_KEY={access_key} TIME={time} TAG={tag}" ] return_out = server_mod.subprocess_execute_with_rc(commands[0]) - if not deljob and not update: + try: + os.remove(f'{full_path}/{script}') + except Exception: + pass + + if not deljob: try: - if installation_mod.show_installation_output(return_out['error'], return_out['output'], 'S3 backup', rc=return_out['rc'], api=1): + if installation_mod.show_installation_output(return_out['error'], return_out['output'], 'S3 backup', rc=return_out['rc']): try: sql.insert_s3_backup_job(server, s3_server, bucket, secret_key, access_key, time, description) except Exception as e: raise Exception(f'error: {e}') except Exception as e: raise Exception(e) - env = Environment(loader=FileSystemLoader('templates/ajax'), autoescape=True) - template = env.get_template('new_s3_backup.html') - template = template.render(backups=sql.select_s3_backups(server=server, s3_server=s3_server, bucket=bucket)) - print(template) - print('success: Backup job has been created') roxywi_common.logging('backup ', f' a new S3 backup job for server {server} has been created', roxywi=1, login=1) + return render_template('ajax/new_s3_backup.html', backups=sql.select_s3_backups(server=server, s3_server=s3_server, bucket=bucket)) elif deljob: sql.delete_s3_backups(deljob) - print('Ok') roxywi_common.logging('backup ', f' a S3 backup job for server {server} has been deleted', roxywi=1, login=1) + return 'ok' -def git_backup(server_id, service_id, git_init, repo, branch, period, cred, deljob, description) -> None: +def git_backup(server_id, service_id, git_init, repo, branch, period, cred, deljob, description) -> str: servers = roxywi_common.get_dick_permit() proxy = sql.get_setting('proxy') services = sql.select_services() @@ -119,8 +121,9 @@ def git_backup(server_id, service_id, git_init, repo, branch, period, cred, delj script = 'git_backup.sh' proxy_serv = '' ssh_settings = ssh_mod.return_ssh_keys_path('localhost', id=int(cred)) + full_path = '/var/www/haproxy-wi/app' - os.system(f"cp scripts/{script} .") + os.system(f"cp {full_path}/scripts/{script} {full_path}/{script}") if proxy is not None and proxy != '' and proxy != 'None': proxy_serv = proxy @@ -131,21 +134,24 @@ def git_backup(server_id, service_id, git_init, repo, branch, period, cred, delj branch = 'main' commands = [ - f"chmod +x {script} && ./{script} HOST={server_ip} DELJOB={deljob} SERVICE={service_name} INIT={git_init} " + f"chmod +x {full_path}/{script} && {full_path}/{script} HOST={server_ip} DELJOB={deljob} SERVICE={service_name} INIT={git_init} " f"SSH_PORT={ssh_settings['port']} PERIOD={period} REPO={repo} BRANCH={branch} CONFIG_DIR={service_config_dir} " f"PROXY={proxy_serv} USER={ssh_settings['user']} KEY={ssh_settings['key']}" ] output, error = server_mod.subprocess_execute(commands[0]) + try: + os.remove(f'{full_path}/{script}') + except Exception: + pass + for line in output: if any(s in line for s in ("Traceback", "FAILED")): try: - print('error: ' + line) - break + return 'error: ' + line except Exception: - print('error: ' + output) - break + return 'error: ' + output else: if deljob == '0': if sql.insert_new_git( @@ -155,16 +161,12 @@ def git_backup(server_id, service_id, git_init, repo, branch, period, cred, delj gits = sql.select_gits(server_id=server_id, service_id=service_id) sshs = sql.select_ssh() - lang = roxywi_common.get_user_lang() - env = Environment(loader=FileSystemLoader('templates/ajax'), autoescape=True) - template = env.get_template('new_git.html') - template = template.render(gits=gits, sshs=sshs, servers=servers, services=services, new_add=1, lang=lang) - print(template) - print('success: Git job has been created') + lang = roxywi_common.get_user_lang_for_flask() roxywi_common.logging( - server_ip, ' A new git job has been created', roxywi=1, login=1, keep_history=1, service=service_name + server_ip, ' A new git job has been created', roxywi=1, login=1, keep_history=1, + service=service_name ) + return render_template('ajax/new_git.html', gits=gits, sshs=sshs, servers=servers, services=services, new_add=1, lang=lang) else: if sql.delete_git(form.getvalue('git_backup')): - print('Ok') - os.remove(script) + return 'ok' diff --git a/app/modules/service/common.py b/app/modules/service/common.py index a9d7c732..f574e31a 100644 --- a/app/modules/service/common.py +++ b/app/modules/service/common.py @@ -1,5 +1,7 @@ import os -import http.cookies + +import requests +from flask import render_template, request import modules.db.sql as sql import modules.server.ssh as mod_ssh @@ -7,6 +9,7 @@ import modules.common.common as common import modules.server.server as server_mod import modules.roxywi.common as roxywi_common import modules.roxy_wi_tools as roxy_wi_tools +import modules.config.section as section_mod time_zone = sql.get_setting('time_zone') get_date = roxy_wi_tools.GetDate(time_zone) @@ -25,11 +28,10 @@ def check_haproxy_version(server_ip): def is_restarted(server_ip: str, action: str) -> None: - cookie = http.cookies.SimpleCookie(os.environ.get("HTTP_COOKIE")) - user_uuid = cookie.get('uuid') - group_id = cookie.get('group') - group_id = int(group_id.value) - user_role = sql.get_user_role_by_uuid(user_uuid.value, group_id) + user_uuid = request.cookies.get('uuid') + group_id = request.cookies.get('group') + group_id = int(group_id) + user_role = sql.get_user_role_by_uuid(user_uuid, group_id) if sql.is_serv_protected(server_ip) and int(user_role) > 2: print(f'error: This server is protected. You cannot {action} it') @@ -42,26 +44,22 @@ def is_not_allowed_to_restart(server_id: int, service: str) -> None: else: is_restart = 0 - try: - if int(is_restart) == 1: - print('warning: this service is not allowed to be restarted') - return - except Exception: - pass + if int(is_restart) == 1: + raise Exception('warning: This service is not allowed to be restarted') def get_exp_version(server_ip: str, service_name: str) -> str: server_ip = common.is_ip_or_dns(server_ip) - if service_name == 'haproxy_exporter': + if service_name == 'haproxy': commands = ["/opt/prometheus/exporters/haproxy_exporter --version 2>&1 |head -1|awk '{print $3}'"] - elif service_name == 'nginx_exporter': + elif service_name == 'nginx': commands = ["/opt/prometheus/exporters/nginx_exporter 2>&1 |head -1 |awk -F\"=\" '{print $2}'|awk '{print $1}'"] - elif service_name == 'node_exporter': + elif service_name == 'node': commands = ["node_exporter --version 2>&1 |head -1|awk '{print $3}'"] - elif service_name == 'apache_exporter': + elif service_name == 'apache': commands = ["/opt/prometheus/exporters/apache_exporter --version 2>&1 |head -1|awk '{print $3}'"] - elif service_name == 'keepalived_exporter': - commands = ["systemctl list-units --full -all |grep keepalived_exporter"] + elif service_name == 'keepalived': + commands = ["keepalived_exporter --version 2>&1 |head -1|awk '{print $2}'"] ver = server_mod.ssh_command(server_ip, commands) @@ -137,21 +135,16 @@ def check_nginx_config(server_ip): def overview_backends(server_ip: str, service: str) -> None: - from jinja2 import Environment, FileSystemLoader - import modules.config.config as config_mod - import modules.config.section as section_mod - import modules.roxywi.common as roxywi_common - env = Environment(loader=FileSystemLoader('templates/'), autoescape=True) - template = env.get_template('ajax/haproxyservers_backends.html') + lang = roxywi_common.get_user_lang_for_flask() format_file = 'cfg' if service == 'haproxy': configs_dir = get_config.get_config_var('configs', 'haproxy_save_configs_dir') format_file = 'cfg' elif service == 'keepalived': - configs_dir = get_config.get_config_var('configs', 'kp_save_configs_dir') + configs_dir = get_config.get_config_var('configs', 'keepalived_save_configs_dir') format_file = 'conf' if service != 'nginx' and service != 'apache': @@ -180,11 +173,10 @@ def overview_backends(server_ip: str, service: str) -> None: else: sections = section_mod.get_remote_sections(server_ip, service) - template = template.render(backends=sections, serv=server_ip, service=service) - print(template) + return render_template('ajax/haproxyservers_backends.html', backends=sections, serv=server_ip, service=service, lang=lang) -def get_overview_last_edit(server_ip: str, service: str) -> None: +def get_overview_last_edit(server_ip: str, service: str) -> str: if service == 'nginx': config_path = sql.get_setting('nginx_config_path') elif service == 'keepalived': @@ -193,65 +185,12 @@ def get_overview_last_edit(server_ip: str, service: str) -> None: config_path = sql.get_setting('haproxy_config_path') commands = ["ls -l %s |awk '{ print $6\" \"$7\" \"$8}'" % config_path] try: - print(server_mod.ssh_command(server_ip, commands)) + return server_mod.ssh_command(server_ip, commands) except Exception as e: - print(f'error: Cannot get last date {e} for server {server_ip}') + return f'error: Cannot get last date {e} for server {server_ip}' -def overview_service(server_ip: str, server_id: int, name: str, service: str) -> None: - import asyncio - from jinja2 import Environment, FileSystemLoader - - user_params = roxywi_common.get_users_params() - - async def async_get_overviewServers(serv1, serv2, service): - if service == 'haproxy': - cmd = 'echo "show info" |nc %s %s -w 1|grep -e "node\|Nbproc\|Maxco\|MB\|Nbthread"' % ( - serv2, sql.get_setting('haproxy_sock_port')) - out = server_mod.subprocess_execute(cmd) - return_out = "" - - for k in out: - if "Ncat:" not in k: - for r in k: - return_out += r - return_out += "
" - else: - return_out = "Cannot connect to HAProxy" - else: - return_out = '' - - server_status = (serv1, serv2, return_out) - return server_status - - async def get_runner_overviewServers(**kwargs): - env = Environment(loader=FileSystemLoader('templates/'), extensions=['jinja2.ext.loopcontrols', 'jinja2.ext.do']) - template = env.get_template('ajax/overviewServers.html') - - servers = [] - cookie = http.cookies.SimpleCookie(os.environ.get("HTTP_COOKIE")) - user_id = cookie.get('uuid') - group_id = cookie.get('group') - group_id = int(group_id.value) - role = sql.get_user_role_by_uuid(user_id.value, group_id) - futures = [async_get_overviewServers(kwargs.get('server1'), kwargs.get('server2'), kwargs.get('service'))] - - for i, future in enumerate(asyncio.as_completed(futures)): - result = await future - servers.append(result) - servers_sorted = sorted(servers, key=common.get_key) - template = template.render(service_status=servers_sorted, role=role, id=kwargs.get('id'), service_page=service, lang=user_params['lang']) - print(template) - - ioloop = asyncio.get_event_loop() - ioloop.run_until_complete(get_runner_overviewServers(server1=name, server2=server_ip, id=server_id, service=service)) - ioloop.close() - - -def get_stat_page(server_ip: str, service: str) -> None: - import requests - from jinja2 import Environment, FileSystemLoader - +def get_stat_page(server_ip: str, service: str) -> str: if service in ('nginx', 'apache'): stats_user = sql.get_setting(f'{service}_stats_user') stats_pass = sql.get_setting(f'{service}_stats_password') @@ -265,24 +204,21 @@ def get_stat_page(server_ip: str, service: str) -> None: try: response = requests.get(f'http://{server_ip}:{stats_port}/{stats_page}', auth=(stats_user, stats_pass)) except requests.exceptions.ConnectTimeout: - print('error: Oops. Connection timeout occurred!') + return 'error: Oops. Connection timeout occurred!' except requests.exceptions.ReadTimeout: - print('error: Oops. Read timeout occurred') + return 'error: Oops. Read timeout occurred' except requests.exceptions.HTTPError as errh: - print("error: Http Error:", errh) + return f'error: Http Error: {errh}' except requests.exceptions.ConnectionError as errc: - print('error: Error Connecting: %s' % errc) + return f'error: Error Connecting: {errc}' except requests.exceptions.Timeout as errt: - print("error: Timeout Error:", errt) + return f'error: Timeout Error: {errt}' except requests.exceptions.RequestException as err: - print("error: OOps: Something Else", err) + return f'error: OOps: Something Else {err}' data = response.content if service == 'nginx': - lang = roxywi_common.get_user_lang() - env = Environment(loader=FileSystemLoader('templates/'), autoescape=True) - template = env.get_template('ajax/nginx_stats.html') - + lang = roxywi_common.get_user_lang_for_flask() servers_with_status = list() h = () out1 = [] @@ -291,20 +227,14 @@ def get_stat_page(server_ip: str, service: str) -> None: h = (out1,) servers_with_status.append(h) - template = template.render(out=servers_with_status, lang=lang) - print(template) + return render_template('ajax/nginx_stats.html', out=servers_with_status, lang=lang) else: - print(data.decode('utf-8')) + return data.decode('utf-8') def show_service_version(server_ip: str, service: str) -> None: - if service not in ('nginx', 'apache', 'haproxy'): - print('warning: wrong service') - return None - if service == 'haproxy': - print(check_haproxy_version(server_ip)) - return None + return check_haproxy_version(server_ip) server_id = sql.select_server_id_by_ip(server_ip) service_name = service @@ -321,4 +251,4 @@ def show_service_version(server_ip: str, service: str) -> None: cmd = [f'docker exec -it {container_name} /usr/sbin/{service_name} -v 2>&1|head -1|awk -F":" \'{{print $2}}\''] else: cmd = [f'sudo /usr/sbin/{service_name} -v|head -1|awk -F":" \'{{print $2}}\''] - print(server_mod.ssh_command(server_ip, cmd)) + return server_mod.ssh_command(server_ip, cmd) diff --git a/app/modules/service/exporter_installation.py b/app/modules/service/exporter_installation.py index 690fe3d1..76fb1278 100644 --- a/app/modules/service/exporter_installation.py +++ b/app/modules/service/exporter_installation.py @@ -1,18 +1,12 @@ import os import modules.db.sql as sql -import modules.common.common as common import modules.server.server as server_mod -from modules.service.installation import show_installation_output +from modules.service.installation import show_installation_output, show_success_installation from modules.server.ssh import return_ssh_keys_path -form = common.form - -def haproxy_exp_installation(): - serv = form.getvalue('haproxy_exp_install') - ver = form.getvalue('exporter_v') - ext_prom = form.getvalue('ext_prom') +def haproxy_exp_installation(serv, ver, ext_prom): script = "install_haproxy_exporter.sh" stats_port = sql.get_setting('stats_port') server_state_file = sql.get_setting('server_state_file') @@ -21,8 +15,13 @@ def haproxy_exp_installation(): stat_page = sql.get_setting('stats_page') proxy = sql.get_setting('proxy') ssh_settings = return_ssh_keys_path(serv) + full_path = '/var/www/haproxy-wi/app' + service = 'HAProxy exporter' - os.system(f"cp scripts/{script} .") + try: + os.system(f"cp {full_path}/scripts/{script} {full_path}/{script}") + except Exception as e: + raise Exception(f'error: {e}') if proxy is not None and proxy != '' and proxy != 'None': proxy_serv = proxy @@ -30,26 +29,27 @@ def haproxy_exp_installation(): proxy_serv = '' commands = [ - f"chmod +x {script} && ./{script} PROXY={proxy_serv} STAT_PORT={stats_port} STAT_FILE={server_state_file}" + f"chmod +x {full_path}/{script} && {full_path}/{script} PROXY={proxy_serv} STAT_PORT={stats_port} STAT_FILE={server_state_file}" f" SSH_PORT={ssh_settings['port']} STAT_PAGE={stat_page} VER={ver} EXP_PROM={ext_prom} STATS_USER={stats_user}" f" STATS_PASS='{stats_password}' HOST={serv} USER={ssh_settings['user']} PASS='{ssh_settings['password']}' KEY={ssh_settings['key']}" ] return_out = server_mod.subprocess_execute_with_rc(commands[0]) - show_installation_output(return_out['error'], return_out['output'], 'HAProxy exporter', rc=return_out['rc']) - os.remove(script) + try: + show_installation_output(return_out['error'], return_out['output'], service, rc=return_out['rc']) + except Exception as e: + raise Exception(f'error: read output: {e}') + + try: + os.remove(f'{full_path}/{script}') + except Exception: + pass + + return show_success_installation(service) -def nginx_apache_exp_installation(): - if form.getvalue('nginx_exp_install'): - service = 'nginx' - elif form.getvalue('apache_exp_install'): - service = 'apache' - - serv = common.is_ip_or_dns(form.getvalue('serv')) - ver = common.checkAjaxInput(form.getvalue('exporter_v')) - ext_prom = common.checkAjaxInput(form.getvalue('ext_prom')) +def nginx_apache_exp_installation(serv, service, ver, ext_prom): script = f"install_{service}_exporter.sh" stats_user = sql.get_setting(f'{service}_stats_user') stats_password = sql.get_setting(f'{service}_stats_password') @@ -58,44 +58,69 @@ def nginx_apache_exp_installation(): proxy = sql.get_setting('proxy') proxy_serv = '' ssh_settings = return_ssh_keys_path(serv) + full_path = '/var/www/haproxy-wi/app' + service = f'{service.title()} exporter' - os.system(f"cp scripts/{script} .") + try: + os.system(f"cp {full_path}/scripts/{script} {full_path}/{script}") + except Exception as e: + raise Exception(f'error: {e}') if proxy is not None and proxy != '' and proxy != 'None': proxy_serv = proxy commands = [ - f"chmod +x {script} && ./{script} PROXY={proxy_serv} STAT_PORT={stats_port} SSH_PORT={ssh_settings['port']} STAT_PAGE={stats_page}" + f"chmod +x {full_path}/{script} && {full_path}/{script} PROXY={proxy_serv} STAT_PORT={stats_port} SSH_PORT={ssh_settings['port']} STAT_PAGE={stats_page}" f" STATS_USER={stats_user} STATS_PASS='{stats_password}' HOST={serv} VER={ver} EXP_PROM={ext_prom} USER={ssh_settings['user']} " f" PASS='{ssh_settings['password']}' KEY={ssh_settings['key']}" ] return_out = server_mod.subprocess_execute_with_rc(commands[0]) - show_installation_output(return_out['error'], return_out['output'], f'{service.title()} exporter', rc=return_out['rc']) - os.remove(script) + try: + show_installation_output(return_out['error'], return_out['output'], service, rc=return_out['rc']) + except Exception as e: + raise Exception(f'error: read output: {e}') + + try: + os.remove(f'{full_path}/{script}') + except Exception: + pass + + return show_success_installation(service) -def node_keepalived_exp_installation(service: str) -> None: - serv = common.is_ip_or_dns(form.getvalue(f'{service}_exp_install')) - ver = common.checkAjaxInput(form.getvalue('exporter_v')) - ext_prom = common.checkAjaxInput(form.getvalue('ext_prom')) +def node_keepalived_exp_installation(service: str, serv: str, ver: str, ext_prom: int) -> None: script = f"install_{service}_exporter.sh" proxy = sql.get_setting('proxy') proxy_serv = '' ssh_settings = return_ssh_keys_path(serv) + full_path = '/var/www/haproxy-wi/app' + service = 'Node exporter' - os.system(f"cp scripts/{script} .") + try: + os.system(f"cp {full_path}/scripts/{script} {full_path}/{script}") + except Exception as e: + raise Exception(f'error: {e}') if proxy is not None and proxy != '' and proxy != 'None': proxy_serv = proxy commands = [ - f"chmod +x {script} && ./{script} PROXY={proxy_serv} SSH_PORT={ssh_settings['port']} VER={ver} EXP_PROM={ext_prom} " + f"chmod +x {full_path}/{script} && {full_path}/{script} PROXY={proxy_serv} SSH_PORT={ssh_settings['port']} VER={ver} EXP_PROM={ext_prom} " f"HOST={serv} USER={ssh_settings['user']} PASS='{ssh_settings['password']}' KEY={ssh_settings['key']}" ] return_out = server_mod.subprocess_execute_with_rc(commands[0]) - show_installation_output(return_out['error'], return_out['output'], 'Node exporter', rc=return_out['rc']) - os.remove(script) + try: + show_installation_output(return_out['error'], return_out['output'], service, rc=return_out['rc']) + except Exception as e: + raise Exception(f'error: read output: {e}') + + try: + os.remove(f'{full_path}/{script}') + except Exception: + pass + + return show_success_installation(service) diff --git a/app/modules/service/haproxy.py b/app/modules/service/haproxy.py index 24180e9a..97988819 100644 --- a/app/modules/service/haproxy.py +++ b/app/modules/service/haproxy.py @@ -1,6 +1,8 @@ import os import requests +from flask import request + import modules.db.sql as sql import modules.common.common as common import modules.server.server as server_mod @@ -11,7 +13,6 @@ import modules.roxy_wi_tools as roxy_wi_tools time_zone = sql.get_setting('time_zone') get_date = roxy_wi_tools.GetDate(time_zone) get_config = roxy_wi_tools.GetConfigVar() -form = common.form def stat_page_action(serv: str) -> None: @@ -21,9 +22,9 @@ def stat_page_action(serv: str) -> None: stats_page = sql.get_setting('stats_page') postdata = { - 'action': form.getvalue('action'), - 's': form.getvalue('s'), - 'b': form.getvalue('b') + 'action': request.form.get('action'), + 's': request.form.get('s'), + 'b': request.form.get('b') } headers = { @@ -33,10 +34,11 @@ def stat_page_action(serv: str) -> None: 'Accept-Encoding': 'gzip, deflate' } - requests.post(f'http://{serv}:{stats_port}/{stats_page}', headers=headers, data=postdata, auth=(haproxy_user, haproxy_pass)) + data = requests.post(f'http://{serv}:{stats_port}/{stats_page}', headers=headers, data=postdata, auth=(haproxy_user, haproxy_pass)) + return data.content -def show_map(serv: str) -> None: +def show_map(serv: str) -> str: import networkx as nx import matplotlib @@ -47,17 +49,16 @@ def show_map(serv: str) -> None: hap_configs_dir = get_config.get_config_var('configs', 'haproxy_save_configs_dir') date = get_date.return_date('config') cfg = f'{hap_configs_dir}{serv}-{date}.cfg' - - print(f'

Map from {serv}

') + output = f'

Map from {serv}

' error = config_mod.get_config(serv, cfg) if error: - print(error) + return f'error: Cannot read import config file {error}' + try: conf = open(cfg, "r") - except IOError: - print('error: Cannot read import config file') - return + except IOError as e: + return f'error: Cannot read import config file {e}' G = nx.DiGraph() node = "" @@ -239,25 +240,22 @@ def show_map(serv: str) -> None: nx.draw_networkx_edge_labels(G, pos, alpha=0.4, label_pos=0.5, font_color="#5d9ceb", edge_labels=edge_labels, font_size=8) - plt.savefig("map.png") + plt.savefig(f"/var/www/haproxy-wi/app/map.png") plt.show() except Exception as e: - print(str(e)) + return f'error: Cannot create a map: {e}' - os.system( - f"rm -f {os.path.dirname(os.getcwd())}/map*.png && mv map.png {os.path.dirname(os.getcwd())}/map{date}.png") - print(f'map
') + output += f'map
' + return output -def runtime_command(serv: str) -> None: +def runtime_command(serv: str, enable: str, backend: str, save: str) -> str: server_state_file = sql.get_setting('server_state_file') haproxy_sock = sql.get_setting('haproxy_sock') - enable = common.checkAjaxInput(form.getvalue('servaction')) - backend = common.checkAjaxInput(form.getvalue('servbackend')) cmd = f'echo "{enable} {backend}" |sudo socat stdio {haproxy_sock}' - if form.getvalue('save') == "on": + if save == "on": save_command = f'echo "show servers state" | sudo socat {haproxy_sock} stdio > {server_state_file}' command = [cmd + ';' + save_command] else: @@ -266,10 +264,11 @@ def runtime_command(serv: str) -> None: if enable != "show": roxywi_common.logging(serv, f'Has been {enable}ed {backend}', login=1, keep_history=1, service='haproxy') print( - f'

You {enable} {backend} on HAProxy {serv}. Look it or

You {enable} {backend} on HAProxy {serv}. Look it or Edit something else


') - print(server_mod.ssh_command(serv, command, show_log="1")) - action = f'runtimeapi.py {enable} {backend}' + action = f'runtimeapi {enable} {backend}' roxywi_common.logging(serv, action) + + return server_mod.ssh_command(serv, command, show_log="1") diff --git a/app/modules/service/installation.py b/app/modules/service/installation.py index 6d31ff0f..8f5a93b3 100644 --- a/app/modules/service/installation.py +++ b/app/modules/service/installation.py @@ -1,6 +1,8 @@ import os import json +from flask import render_template + import modules.db.sql as sql import modules.service.common as service_common import modules.common.common as common @@ -8,10 +10,8 @@ import modules.server.server as server_mod import modules.roxywi.common as roxywi_common from modules.server.ssh import return_ssh_keys_path -form = common.form - -def show_installation_output(error: str, output: str, service: str, rc=0, api=0): +def show_installation_output(error: str, output: str, service: str, rc=0): if error and "WARNING" not in error: roxywi_common.logging('Roxy-WI server', error, roxywi=1) raise Exception('error: ' + error) @@ -22,18 +22,16 @@ def show_installation_output(error: str, output: str, service: str, rc=0, api=0) try: correct_out = line.split('=>') correct_out = json.loads(correct_out[1]) - raise Exception(f'error: {correct_out["msg"]} for {service}') except Exception: raise Exception(f'error: {output} for {service}') - else: - if not api: - from jinja2 import Environment, FileSystemLoader - env = Environment(loader=FileSystemLoader('templates/'), autoescape=True) - template = env.get_template('include/show_success_installation.html') - lang = roxywi_common.get_user_lang() - rendered_template = template.render(service=service, lang=lang) - print(rendered_template) - return True + else: + raise Exception(f'error: {correct_out["msg"]} for {service}') + return True + + +def show_success_installation(service): + lang = roxywi_common.get_user_lang_for_flask() + return render_template('include/show_success_installation.html', service=service, lang=lang) def install_haproxy(server_ip: str, api=0, **kwargs): @@ -81,11 +79,15 @@ def install_haproxy(server_ip: str, api=0, **kwargs): return_out = server_mod.subprocess_execute_with_rc(commands[0]) - if show_installation_output(return_out['error'], return_out['output'], service, rc=return_out['rc'], api=api): - try: - sql.update_haproxy(server_ip) - except Exception as e: - print(e) + try: + show_installation_output(return_out['error'], return_out['output'], service, rc=return_out['rc']) + except Exception as e: + raise Exception(e) + + try: + sql.update_haproxy(server_ip) + except Exception as e: + return str(e) if docker == '1': server_id = sql.select_server_id_by_ip(server_ip) @@ -97,6 +99,9 @@ def install_haproxy(server_ip: str, api=0, **kwargs): except Exception: pass + if not api: + return show_success_installation(service) + def waf_install(server_ip: str): script = "waf.sh" @@ -106,28 +111,35 @@ def waf_install(server_ip: str): service = ' WAF' proxy_serv = '' ssh_settings = return_ssh_keys_path(server_ip) + full_path = '/var/www/haproxy-wi/app' - os.system(f"cp scripts/{script} .") + os.system(f"cp {full_path}/scripts/{script} {full_path}/{script}") if proxy is not None and proxy != '' and proxy != 'None': proxy_serv = proxy commands = [ - f"chmod +x {script} && ./{script} PROXY={proxy_serv} HAPROXY_PATH={haproxy_dir} VERSION='{ver}' " + f"chmod +x {full_path}/{script} && {full_path}/{script} PROXY={proxy_serv} HAPROXY_PATH={haproxy_dir} VERSION='{ver}' " f"SSH_PORT={ssh_settings['port']} HOST={server_ip} USER={ssh_settings['user']} PASS='{ssh_settings['password']}' " f"KEY={ssh_settings['key']}" ] return_out = server_mod.subprocess_execute_with_rc(commands[0]) - if show_installation_output(return_out['error'], return_out['output'], service, rc=return_out['rc']): - try: - sql.insert_waf_metrics_enable(server_ip, "0") - sql.insert_waf_rules(server_ip) - except Exception as e: - print(e) + try: + show_installation_output(return_out['error'], return_out['output'], service, rc=return_out['rc']) + except Exception as e: + raise Exception(e) - os.remove(script) + try: + sql.insert_waf_metrics_enable(server_ip, "0") + sql.insert_waf_rules(server_ip) + except Exception as e: + return str(e) + + os.remove(f'{full_path}/{script}') + + return show_success_installation(service) def waf_nginx_install(server_ip: str): @@ -137,30 +149,37 @@ def waf_nginx_install(server_ip: str): service = ' WAF' proxy_serv = '' ssh_settings = return_ssh_keys_path(server_ip) + full_path = '/var/www/haproxy-wi/app' - os.system(f"cp scripts/{script} .") + os.system(f"cp {full_path}/scripts/{script} {full_path}/{script}") if proxy is not None and proxy != '' and proxy != 'None': proxy_serv = proxy commands = [ - f"chmod +x {script} && ./{script} PROXY={proxy_serv} NGINX_PATH={nginx_dir} SSH_PORT={ssh_settings['port']} " + f"chmod +x {full_path}/{script} && {full_path}/{script} PROXY={proxy_serv} NGINX_PATH={nginx_dir} SSH_PORT={ssh_settings['port']} " f"HOST={server_ip} USER={ssh_settings['user']} PASS='{ssh_settings['password']}' KEY={ssh_settings['key']}" ] return_out = server_mod.subprocess_execute_with_rc(commands[0]) - if show_installation_output(return_out['error'], return_out['output'], service, rc=return_out['rc']): - try: - sql.insert_nginx_waf_rules(server_ip) - sql.insert_waf_nginx_server(server_ip) - except Exception as e: - print(e) + try: + show_installation_output(return_out['error'], return_out['output'], service, rc=return_out['rc']) + except Exception as e: + raise Exception(e) - os.remove(script) + try: + sql.insert_nginx_waf_rules(server_ip) + sql.insert_waf_nginx_server(server_ip) + except Exception as e: + return str(e) + + os.remove(f'{full_path}/{script}') + + return show_success_installation(service) -def install_service(server_ip: str, service: str, docker: str, api=0, **kwargs) -> None: +def install_service(server_ip: str, service: str, docker: str, syn_flood_protect: int, api=0, **kwargs) -> str: script = f"install_{service}.sh" stats_user = sql.get_setting(f'{service}_stats_user') stats_password = sql.get_setting(f'{service}_stats_password') @@ -183,8 +202,6 @@ def install_service(server_ip: str, service: str, docker: str, api=0, **kwargs) if proxy is not None and proxy != '' and proxy != 'None': proxy_serv = proxy - syn_flood_protect = '1' if form.getvalue('syn_flood') == "1" else '' - if service == 'apache': correct_service_name = service_common.get_correct_apache_service_name(server_ip=server_ip, server_id=None) if service_dir == '/etc/httpd' and correct_service_name == 'apache2': @@ -206,17 +223,21 @@ def install_service(server_ip: str, service: str, docker: str, api=0, **kwargs) return_out = server_mod.subprocess_execute_with_rc(commands[0]) - if show_installation_output(return_out['error'], return_out['output'], service_name, rc=return_out['rc'], api=api): - if service == 'nginx': - try: - sql.update_nginx(server_ip) - except Exception as e: - print(e) - elif service == 'apache': - try: - sql.update_apache(server_ip) - except Exception as e: - print(e) + try: + show_installation_output(return_out['error'], return_out['output'], service_name, rc=return_out['rc']) + except Exception as e: + raise Exception(e) + + if service == 'nginx': + try: + sql.update_nginx(server_ip) + except Exception as e: + return str(e) + elif service == 'apache': + try: + sql.update_apache(server_ip) + except Exception as e: + return str(e) if docker == '1': server_id = sql.select_server_id_by_ip(server_ip) @@ -225,38 +246,47 @@ def install_service(server_ip: str, service: str, docker: str, api=0, **kwargs) os.remove(f'{full_path}/{script}') + if not api: + return show_success_installation(service) -def geoip_installation(): - serv = common.is_ip_or_dns(form.getvalue('geoip_install')) - geoip_update = common.checkAjaxInput(form.getvalue('geoip_update')) - service = form.getvalue('geoip_service') + +def geoip_installation(serv, geoip_update, service): proxy = sql.get_setting('proxy') maxmind_key = sql.get_setting('maxmind_key') proxy_serv = '' ssh_settings = return_ssh_keys_path(serv) + full_path = '/var/www/haproxy-wi/app' if service in ('haproxy', 'nginx'): service_dir = common.return_nice_path(sql.get_setting(f'{service}_dir')) script = f'install_{service}_geoip.sh' else: - print('warning: select a server and service first') - return + raise Exception('warning: select a server and service first') if proxy is not None and proxy != '' and proxy != 'None': proxy_serv = proxy - os.system(f"cp scripts/{script} .") + try: + os.system(f"cp {full_path}/scripts/{script} {full_path}/{script}") + except Exception as e: + raise Exception(f'error: {e}') commands = [ - f"chmod +x {script} && ./{script} PROXY={proxy_serv} SSH_PORT={ssh_settings['port']} UPDATE={geoip_update} " + f"chmod +x {full_path}/{script} && {full_path}/{script} PROXY={proxy_serv} SSH_PORT={ssh_settings['port']} UPDATE={geoip_update} " f"maxmind_key={maxmind_key} service_dir={service_dir} HOST={serv} USER={ssh_settings['user']} " f"PASS={ssh_settings['password']} KEY={ssh_settings['key']}" ] return_out = server_mod.subprocess_execute_with_rc(commands[0]) - show_installation_output(return_out['error'], return_out['output'], 'GeoLite2 Database', rc=return_out['rc']) - os.remove(script) + try: + show_installation_output(return_out['error'], return_out['output'], 'GeoLite2 Database', rc=return_out['rc']) + except Exception as e: + raise Exception(e) + + os.remove(f'{full_path}/{script}') + + return show_success_installation('GeoLite2 Database') def grafana_install(): @@ -264,44 +294,43 @@ def grafana_install(): proxy = sql.get_setting('proxy') proxy_serv = '' host = os.environ.get('HTTP_HOST', '') + full_path = '/var/www/haproxy-wi/app' - os.system(f"cp scripts/{script} .") + try: + os.system(f"cp {full_path}/scripts/{script} {full_path}/{script}") + except Exception as e: + raise Exception(f'error: {e}') if proxy is not None and proxy != '' and proxy != 'None': proxy_serv = proxy - cmd = f"chmod +x {script} && ./{script} PROXY={proxy_serv}" + cmd = f"chmod +x {full_path}/{script} && {full_path}/{script} PROXY={proxy_serv}" output, error = server_mod.subprocess_execute(cmd) if error: roxywi_common.logging('Roxy-WI server', error, roxywi=1) - print( - f'success: Grafana and Prometheus servers were installed. You can find Grafana on http://{host}:3000
') else: for line in output: if any(s in line for s in ("Traceback", "FAILED")): try: - print(line) - break + return line except Exception: - print(output) - break - else: - print( - f'success: Grafana and Prometheus servers were installed. You can find Grafana on http://{host}:3000
') + return output - os.remove(script) + os.remove(f'{full_path}/{script}') + + return f'success: Grafana and Prometheus servers were installed. You can find Grafana on http://{host}:3000
' def keepalived_master_install(master: str, eth: str, eth_slave: str, vrrp_ip: str, virt_server: int, syn_flood: int, - return_to_master: int, haproxy: int, nginx: int, router_id: int, api=0) -> None: + return_to_master: int, haproxy: int, nginx: int, router_id: int, api=0) -> str: script = "install_keepalived.sh" proxy = sql.get_setting('proxy') keepalived_path_logs = sql.get_setting('keepalived_path_logs') proxy_serv = '' ssh_settings = return_ssh_keys_path(master) full_path = '/var/www/haproxy-wi/app' - + service = 'master Keepalived' if proxy is not None and proxy != '' and proxy != 'None': proxy_serv = proxy @@ -320,36 +349,44 @@ def keepalived_master_install(master: str, eth: str, eth_slave: str, vrrp_ip: st return_out = server_mod.subprocess_execute_with_rc(commands[0]) - if show_installation_output(return_out['error'], return_out['output'], 'master Keepalived', rc=return_out['rc'], api=api): - try: - sql.update_keepalived(master) - except Exception as e: - raise Exception(e) + try: + show_installation_output(return_out['error'], return_out['output'], service, rc=return_out['rc']) + except Exception as e: + raise Exception(f'error: read output: {e}') - if virt_server: - group_id = sql.get_group_id_by_server_ip(master) - cred_id = sql.get_cred_id_by_server_ip(master) - hostname = sql.get_hostname_by_server_ip(master) - firewall = 1 if server_mod.is_service_active(master, 'firewalld') else 0 - sql.add_server( - hostname + '-VIP', vrrp_ip, group_id, '1', '1', '0', cred_id, ssh_settings['port'], f'VRRP IP for {master}', - haproxy, nginx, '0', firewall - ) + try: + sql.update_keepalived(master) + except Exception as e: + raise Exception(e) + + if virt_server: + group_id = sql.get_group_id_by_server_ip(master) + cred_id = sql.get_cred_id_by_server_ip(master) + hostname = sql.get_hostname_by_server_ip(master) + firewall = 1 if server_mod.is_service_active(master, 'firewalld') else 0 + sql.add_server( + hostname + '-VIP', vrrp_ip, group_id, '1', '1', '0', cred_id, ssh_settings['port'], f'VRRP IP for {master}', + haproxy, nginx, '0', firewall + ) try: os.remove(f'{full_path}/{script}') except Exception: pass + if not api: + return show_success_installation(service) + def keepalived_slave_install(master: str, slave: str, eth: str, eth_slave: str, vrrp_ip: str, syn_flood: int, - haproxy: int, nginx: int, router_id: int, api=0) -> None: + haproxy: int, nginx: int, router_id: int, api=0) -> str: script = "install_keepalived.sh" proxy = sql.get_setting('proxy') keepalived_path_logs = sql.get_setting('keepalived_path_logs') proxy_serv = '' ssh_settings = return_ssh_keys_path(slave) full_path = '/var/www/haproxy-wi/app' + service = 'slave Keepalived' if proxy is not None and proxy != '' and proxy != 'None': proxy_serv = proxy @@ -371,43 +408,40 @@ def keepalived_slave_install(master: str, slave: str, eth: str, eth_slave: str, raise Exception(f'error: {e}') try: - show_installation_output(return_out['error'], return_out['output'], 'slave Keepalived', rc=return_out['rc'], api=api) + show_installation_output(return_out['error'], return_out['output'], service, rc=return_out['rc']) except Exception as e: - raise Exception(f'{e}') + raise Exception(f'error: read output: {e}') try: sql.update_server_master(master, slave) sql.update_keepalived(slave) except Exception as e: - print(e) + raise Exception(f'{e}') try: os.remove(f'{full_path}/{script}') except Exception: pass + if not api: + return show_success_installation(service) -def keepalived_masteradd(): - master = form.getvalue('masteradd') - eth = form.getvalue('interfaceadd') - slave_eth = form.getvalue('slave_interfaceadd') - vrrp_ip = form.getvalue('vrrpipadd') - router_id = form.getvalue('router_id') - kp = form.getvalue('kp') - return_to_master = form.getvalue('return_to_master') + +def keepalived_masteradd(master, eth, slave_eth, vrrp_ip, router_id, return_to_master, kp): script = "install_keepalived.sh" proxy = sql.get_setting('proxy') keepalived_path_logs = sql.get_setting('keepalived_path_logs') proxy_serv = '' ssh_settings = return_ssh_keys_path(master) + full_path = '/var/www/haproxy-wi/app' if proxy is not None and proxy != '' and proxy != 'None': proxy_serv = proxy - os.system(f"cp scripts/{script} .") + os.system(f"cp {full_path}/scripts/{script} {full_path}/{script}") commands = [ - f"chmod +x {script} && ./{script} PROXY={proxy_serv} SSH_PORT={ssh_settings['port']} ETH={eth} ETH_SLAVE={slave_eth} " + f"chmod +x {full_path}/{script} && {full_path}/{script} PROXY={proxy_serv} SSH_PORT={ssh_settings['port']} ETH={eth} ETH_SLAVE={slave_eth} " f"keepalived_path_logs={keepalived_path_logs} RETURN_TO_MASTER={return_to_master} IP={vrrp_ip} MASTER=MASTER " f"RESTART={kp} ADD_VRRP=1 HOST={master} router_id={router_id} USER={ssh_settings['user']} " f"PASS='{ssh_settings['password']}' KEY={ssh_settings['key']}" @@ -415,34 +449,42 @@ def keepalived_masteradd(): return_out = server_mod.subprocess_execute_with_rc(commands[0]) - show_installation_output(return_out['error'], return_out['output'], 'master VRRP address', rc=return_out['rc']) - os.remove(script) + try: + show_installation_output(return_out['error'], return_out['output'], 'master VRRP address', rc=return_out['rc']) + except Exception as e: + raise Exception(e) + + os.remove(f'{full_path}/{script}') + + return show_success_installation('slave VRRP address') -def keepalived_slaveadd(): - slave = form.getvalue('slaveadd') - eth = form.getvalue('interfaceadd') - slave_eth = form.getvalue('slave_interfaceadd') - vrrp_ip = form.getvalue('vrrpipadd') - router_id = form.getvalue('router_id') - kp = form.getvalue('kp') +def keepalived_slaveadd(slave, eth, slave_eth, vrrp_ip, router_id, kp): script = "install_keepalived.sh" proxy = sql.get_setting('proxy') keepalived_path_logs = sql.get_setting('keepalived_path_logs') proxy_serv = '' ssh_settings = return_ssh_keys_path(slave) + full_path = '/var/www/haproxy-wi/app' if proxy is not None and proxy != '' and proxy != 'None': proxy_serv = proxy - os.system(f"cp scripts/{script} .") + os.system(f"cp {full_path}/scripts/{script} {full_path}/{script}") commands = [ - f"chmod +x {script} && ./{script} PROXY={proxy_serv} SSH_PORT={ssh_settings['port']} ETH={eth} ETH_SLAVE={slave_eth} " + f"chmod +x {full_path}/{script} && {full_path}/{script} PROXY={proxy_serv} SSH_PORT={ssh_settings['port']} ETH={eth} ETH_SLAVE={slave_eth} " f"keepalived_path_logs={keepalived_path_logs} IP={vrrp_ip} MASTER=BACKUP RESTART={kp} ADD_VRRP=1 HOST={slave} " f"router_id={router_id} USER={ssh_settings['user']} PASS='{ssh_settings['password']}' KEY={ssh_settings['key']}" ] return_out = server_mod.subprocess_execute_with_rc(commands[0]) - show_installation_output(return_out['error'], return_out['output'], 'slave VRRP address', rc=return_out['rc']) - os.remove(script) + + try: + show_installation_output(return_out['error'], return_out['output'], 'slave VRRP address', rc=return_out['rc']) + except Exception as e: + raise Exception(e) + + os.remove(f'{full_path}/{script}') + + return show_success_installation('slave VRRP address') diff --git a/app/modules/alerting/alerting.py b/app/modules/tools/alerting.py similarity index 86% rename from app/modules/alerting/alerting.py rename to app/modules/tools/alerting.py index ce4da670..2b0fac13 100644 --- a/app/modules/alerting/alerting.py +++ b/app/modules/tools/alerting.py @@ -3,7 +3,7 @@ import json import http.cookies import pika -from jinja2 import Environment, FileSystemLoader +from flask import render_template import modules.db.sql as sql import modules.common.common as common @@ -257,23 +257,25 @@ def pd_send_mess(mess, level, server_ip=None, service_id=None, alert_type=None, raise Exception(f'error: {e}') -def check_rabbit_alert() -> None: +def check_rabbit_alert() -> str: try: cookie = http.cookies.SimpleCookie(os.environ.get("HTTP_COOKIE")) user_group_id = cookie.get('group') user_group_id1 = user_group_id.value except Exception as e: - print(f'error: Cannot send a message {e}') - return + return f'error: Cannot send a message {e}' + try: json_for_sending = {"user_group": user_group_id1, "message": 'info: Test message'} send_message_to_rabbit(json.dumps(json_for_sending)) except Exception as e: - print(f'error: Cannot send a message {e}') + return f'error: Cannot send a message {e}' + else: + return 'ok' -def check_email_alert() -> None: +def check_email_alert() -> str: subject = 'test message' message = 'Test message from Roxy-WI' @@ -282,108 +284,104 @@ def check_email_alert() -> None: user_uuid = cookie.get('uuid') user_uuid_value = user_uuid.value except Exception as e: - print(f'error: Cannot send a message {e}') - return + return f'error: Cannot send a message {e}' try: user_email = sql.select_user_email_by_uuid(user_uuid_value) except Exception as e: - print(f'error: Cannot get a user email: {e}') - return + return f'error: Cannot get a user email: {e}' try: send_email(user_email, subject, message) except Exception as e: - print(f'error: Cannot send a message {e}') - return + return f'error: Cannot send a message {e}' + + return 'ok' -def add_telegram_channel(token: str, channel: str, group: str, page: str) -> None: +def add_telegram_channel(token: str, channel: str, group: str, page: str) -> str: if token is None or channel is None or group is None: - print(error_mess) + return error_mess else: if sql.insert_new_telegram(token, channel, group): - lang = roxywi_common.get_user_lang() + lang = roxywi_common.get_user_lang_for_flask() channels = sql.select_telegram(token=token) groups = sql.select_groups() - env = Environment(loader=FileSystemLoader('templates/'), autoescape=True) - template = env.get_template('ajax/new_receiver.html') - parsed_template = template.render(groups=groups, lang=lang, channels=channels, page=page, receiver='telegram') - print(parsed_template) roxywi_common.logging('Roxy-WI server', f'A new Telegram channel {channel} has been created ', roxywi=1, login=1) + return render_template('ajax/new_receiver.html', groups=groups, lang=lang, channels=channels, page=page, receiver='telegram') -def add_slack_channel(token: str, channel: str, group: str, page: str) -> None: + +def add_slack_channel(token: str, channel: str, group: str, page: str) -> str: if token is None or channel is None or group is None: - print(error_mess) + return error_mess else: if sql.insert_new_slack(token, channel, group): - lang = roxywi_common.get_user_lang() + lang = roxywi_common.get_user_lang_for_flask() channels = sql.select_slack(token=token) groups = sql.select_groups() - env = Environment(loader=FileSystemLoader('templates/'), autoescape=True) - template = env.get_template('ajax/new_receiver.html') - parsed_template = template.render(groups=groups, lang=lang, channels=channels, page=page, receiver='slack') - print(parsed_template) roxywi_common.logging('Roxy-WI server', f'A new Slack channel {channel} has been created ', roxywi=1, login=1) + return render_template('ajax/new_receiver.html', groups=groups, lang=lang, channels=channels, page=page, receiver='slack') -def add_pd_channel(token: str, channel: str, group: str, page: str) -> None: +def add_pd_channel(token: str, channel: str, group: str, page: str) -> str: if token is None or channel is None or group is None: - print(error_mess) + return error_mess else: if sql.insert_new_pd(token, channel, group): - lang = roxywi_common.get_user_lang() - env = Environment(loader=FileSystemLoader('templates/'), autoescape=True) - template = env.get_template('ajax/new_receiver.html') - parsed_template = template.render(groups=sql.select_groups(), lang=lang, channels=sql.select_pd(token=token), page=page, receiver='pd') - print(parsed_template) + lang = roxywi_common.get_user_lang_for_flask() + channels = sql.select_slack(token=token) + groups = sql.select_groups() roxywi_common.logging('Roxy-WI server', f'A new PagerDuty channel {channel} has been created ', roxywi=1, login=1) + return render_template('ajax/new_receiver.html', groups=groups, lang=lang, channels=channels, page=page, receiver='pd') -def delete_telegram_channel(channel_id) -> None: +def delete_telegram_channel(channel_id) -> str: telegram = sql.select_telegram(id=channel_id) channel_name = '' for t in telegram: channel_name = t.token if sql.delete_telegram(channel_id): - print("Ok") roxywi_common.logging('Roxy-WI server', f'The Telegram channel {channel_name} has been deleted ', roxywi=1, login=1) + return 'ok' -def delete_slack_channel(channel_id) -> None: +def delete_slack_channel(channel_id) -> str: slack = sql.select_slack(id=channel_id) channel_name = '' for t in slack: channel_name = t.chanel_name if sql.delete_slack(channel_id): - print("Ok") roxywi_common.logging('Roxy-WI server', f'The Slack channel {channel_name} has been deleted ', roxywi=1, login=1) + return 'ok' -def delete_pd_channel(channel_id) -> None: +def delete_pd_channel(channel_id) -> str: pd = sql.select_pd(id=channel_id) channel_name = '' for t in pd: channel_name = t.chanel_name if sql.delete_pd(channel_id): - print("Ok") roxywi_common.logging('Roxy-WI server', f'The PageDuty channel {channel_name} has been deleted ', roxywi=1, login=1) + return 'ok' -def update_telegram(token: str, channel: str, group: str, user_id: int) -> None: +def update_telegram(token: str, channel: str, group: str, user_id: int) -> str: sql.update_telegram(token, channel, group, user_id) roxywi_common.logging('group ' + group, f'The Telegram token has been updated for channel: {channel}', roxywi=1, login=1) + return 'ok' -def update_slack(token: str, channel: str, group: str, user_id: int) -> None: +def update_slack(token: str, channel: str, group: str, user_id: int) -> str: sql.update_slack(token, channel, group, user_id) roxywi_common.logging(f'group {group}', f'The Slack token has been updated for channel: {channel}', roxywi=1, login=1) + return 'ok' -def update_pd(token: str, channel: str, group: str, user_id: int) -> None: +def update_pd(token: str, channel: str, group: str, user_id: int) -> str: sql.update_pd(token, channel, group, user_id) roxywi_common.logging(f'group {group}', f'The PagerDuty token has been updated for channel: {channel}', roxywi=1, login=1) + return 'ok' def delete_receiver_channel(channel_id: int, receiver_name: str) -> None: @@ -392,16 +390,20 @@ def delete_receiver_channel(channel_id: int, receiver_name: str) -> None: "slack": delete_slack_channel, "pd": delete_pd_channel, } - delete_functions[receiver_name](channel_id) + return delete_functions[receiver_name](channel_id) -def add_receiver_channel(receiver_name: str, token: str, channel: str, group: id, page: str) -> None: +def add_receiver_channel(receiver_name: str, token: str, channel: str, group: id, page: str) -> str: add_functions = { "telegram": add_telegram_channel, "slack": add_slack_channel, "pd": add_pd_channel, } - add_functions[receiver_name](token, channel, group, page) + + try: + return add_functions[receiver_name](token, channel, group, page) + except Exception as e: + return f'error: Cannot add new receiver: {e}' def update_receiver_channel(receiver_name: str, token: str, channel: str, group: id, user_id: int) -> None: @@ -410,10 +412,10 @@ def update_receiver_channel(receiver_name: str, token: str, channel: str, group: "slack": update_slack, "pd": update_pd, } - update_functions[receiver_name](token, channel, group, user_id) + return update_functions[receiver_name](token, channel, group, user_id) -def check_receiver(channel_id: int, receiver_name: str) -> None: +def check_receiver(channel_id: int, receiver_name: str) -> str: functions = { "telegram": telegram_send_mess, "slack": slack_send_mess, @@ -427,6 +429,6 @@ def check_receiver(channel_id: int, receiver_name: str) -> None: level = 'info' try: - functions[receiver_name](mess, level, channel_id=channel_id) + return functions[receiver_name](mess, level, channel_id=channel_id) except Exception as e: - print(e) + return f'error: Cannot send message: {e}' diff --git a/app/modules/tools/checker.py b/app/modules/tools/checker.py index 211a2989..e5573cba 100644 --- a/app/modules/tools/checker.py +++ b/app/modules/tools/checker.py @@ -1,4 +1,4 @@ -from jinja2 import Environment, FileSystemLoader +from flask import render_template import modules.db.sql as sql import modules.common.common as common @@ -9,12 +9,9 @@ form = common.form def load_checker() -> None: - page = form.getvalue('page') groups = sql.select_groups() services = roxywi_mod.get_services_status() lang = roxywi_common.get_user_lang() - env = Environment(loader=FileSystemLoader('templates'), autoescape=True) - template = env.get_template('ajax/load_telegram.html') keepalived_settings = '' haproxy_settings = '' apache_settings = '' @@ -33,47 +30,36 @@ def load_checker() -> None: user_subscription = roxywi_common.return_unsubscribed_user_status() roxywi_common.logging('Roxy-WI server', f'Cannot get a user plan: {e}', roxywi=1) + try: + user_params = roxywi_common.get_users_params() + user = user_params['user'] + except Exception: + return redirect(url_for('login_page')) + if user_subscription['user_status']: haproxy_settings = sql.select_checker_settings(1) nginx_settings = sql.select_checker_settings(2) keepalived_settings = sql.select_checker_settings(3) apache_settings = sql.select_checker_settings(4) - if page == 'servers.py': - user_group = roxywi_common.get_user_group(id=1) - telegrams = sql.get_user_telegram_by_group(user_group) - slacks = sql.get_user_slack_by_group(user_group) - pds = sql.get_user_pd_by_group(user_group) - haproxy_servers = roxywi_common.get_dick_permit(haproxy=1, only_group=1) - nginx_servers = roxywi_common.get_dick_permit(nginx=1, only_group=1) - apache_servers = roxywi_common.get_dick_permit(apache=1, only_group=1) - keepalived_servers = roxywi_common.get_dick_permit(keepalived=1, only_group=1) - else: - telegrams = sql.select_telegram() - slacks = sql.select_slack() - pds = sql.select_pd() - haproxy_servers = roxywi_common.get_dick_permit(haproxy=1) - nginx_servers = roxywi_common.get_dick_permit(nginx=1) - apache_servers = roxywi_common.get_dick_permit(apache=1) - keepalived_servers = roxywi_common.get_dick_permit(keepalived=1) + user_group = roxywi_common.get_user_group(id=1) + telegrams = sql.get_user_telegram_by_group(user_group) + slacks = sql.get_user_slack_by_group(user_group) + pds = sql.get_user_pd_by_group(user_group) + haproxy_servers = roxywi_common.get_dick_permit(haproxy=1, only_group=1) + nginx_servers = roxywi_common.get_dick_permit(nginx=1, only_group=1) + apache_servers = roxywi_common.get_dick_permit(apache=1, only_group=1) + keepalived_servers = roxywi_common.get_dick_permit(keepalived=1, only_group=1) - template = template.render(services=services, telegrams=telegrams, pds=pds, groups=groups, slacks=slacks, - user_status=user_subscription['user_status'], user_plan=user_subscription['user_plan'], - haproxy_servers=haproxy_servers, nginx_servers=nginx_servers, apache_servers=apache_servers, - keepalived_servers=keepalived_servers, haproxy_settings=haproxy_settings, nginx_settings=nginx_settings, - keepalived_settings=keepalived_settings, apache_settings=apache_settings, page=page, lang=lang) - print(template) + return render_template( + 'ajax/load_telegram.html', services=services, telegrams=telegrams, pds=pds, groups=groups, slacks=slacks, + user_status=user_subscription['user_status'], user_plan=user_subscription['user_plan'], haproxy_servers=haproxy_servers, + nginx_servers=nginx_servers, apache_servers=apache_servers, keepalived_servers=keepalived_servers, haproxy_settings=haproxy_settings, + nginx_settings=nginx_settings, keepalived_settings=keepalived_settings, apache_settings=apache_settings, + role=user_params['role'], lang=user_params['lang'] + ) -def update_haproxy_settings() -> None: - setting_id = int(form.getvalue('updateHaproxyCheckerSettings')) - email = int(form.getvalue('email')) - service_alert = int(form.getvalue('server')) - backend_alert = int(form.getvalue('backend')) - maxconn_alert = int(form.getvalue('maxconn')) - telegram_id = int(form.getvalue('telegram_id')) - slack_id = int(form.getvalue('slack_id')) - pd_id = int(form.getvalue('pd_id')) - +def update_haproxy_settings(setting_id, email, service_alert, backend_alert, maxconn_alert, telegram_id, slack_id, pd_id) -> None: if sql.update_haproxy_checker_settings(email, telegram_id, slack_id, pd_id, service_alert, backend_alert, maxconn_alert, setting_id): print('ok') @@ -81,15 +67,7 @@ def update_haproxy_settings() -> None: print('error: Cannot update Checker settings') -def update_keepalived_settings() -> None: - setting_id = int(form.getvalue('updateKeepalivedCheckerSettings')) - email = int(form.getvalue('email')) - service_alert = int(form.getvalue('server')) - backend_alert = int(form.getvalue('backend')) - telegram_id = int(form.getvalue('telegram_id')) - slack_id = int(form.getvalue('slack_id')) - pd_id = int(form.getvalue('pd_id')) - +def update_keepalived_settings(setting_id, email, service_alert, backend_alert, telegram_id, slack_id, pd_id) -> None: if sql.update_keepalived_checker_settings(email, telegram_id, slack_id, pd_id, service_alert, backend_alert, setting_id): print('ok') @@ -97,14 +75,7 @@ def update_keepalived_settings() -> None: print('error: Cannot update Checker settings') -def update_service_settings() -> None: - setting_id = int(form.getvalue('updateServiceCheckerSettings')) - email = int(form.getvalue('email')) - service_alert = int(form.getvalue('server')) - telegram_id = int(form.getvalue('telegram_id')) - slack_id = int(form.getvalue('slack_id')) - pd_id = int(form.getvalue('pd_id')) - +def update_service_settings(setting_id, email, service_alert, telegram_id, slack_id, pd_id) -> None: if sql.update_service_checker_settings(email, telegram_id, slack_id, pd_id, service_alert, setting_id): print('ok') else: diff --git a/app/modules/tools/smon.py b/app/modules/tools/smon.py index e815a117..70664324 100644 --- a/app/modules/tools/smon.py +++ b/app/modules/tools/smon.py @@ -1,31 +1,24 @@ -import json - -from jinja2 import Environment, FileSystemLoader +from flask import render_template import modules.db.sql as sql -import modules.common.common as common import modules.roxywi.common as roxywi_common - -form = common.form +import modules.server.server as server_mod def create_smon(name: str, hostname: str, port: int, enable: int, url: str, body: str, group: int, desc: str, telegram: int, slack: int, pd: int, packet_size: int, check_type: int, resolver: str, record_type: str, user_group: int, - http_method: str, show_new=1) -> None: + http_method: str, show_new=1) -> bool: if check_type == 'tcp': try: port = int(port) except Exception: - print('SMON error: port must be a number') - return None + raise Exception('SMON error: port must be a number') if port > 65535 or port < 0: - print('SMON error: port must be 0-65535') - return None + raise Exception('SMON error: port must be 0-65535') if check_type == 'ping': if int(packet_size) < 16: - print('SMON error: a packet size cannot be less than 16') - return None + raise Exception('SMON error: a packet size cannot be less than 16') last_id = sql.insert_smon(name, enable, group, desc, telegram, slack, pd, user_group, check_type) @@ -38,59 +31,31 @@ def create_smon(name: str, hostname: str, port: int, enable: int, url: str, body elif check_type == 'dns': sql.insert_smon_dns(last_id, hostname, port, resolver, record_type) - if last_id and show_new: - lang = roxywi_common.get_user_lang() - smon = sql.select_smon_by_id(last_id) - pds = sql.get_user_pd_by_group(user_group) - slacks = sql.get_user_slack_by_group(user_group) - telegrams = sql.get_user_telegram_by_group(user_group) - smon_service = sql.select_smon_check_by_id(last_id, check_type) - env = Environment(loader=FileSystemLoader('templates'), autoescape=True) - template = env.get_template('ajax/smon/show_new_smon.html') - template = template.render(smon=smon, telegrams=telegrams, slacks=slacks, pds=pds, lang=lang, check_type=check_type, - smon_service=smon_service) - print(template) - if last_id: roxywi_common.logging('SMON', f' A new server {name} to SMON has been add ', roxywi=1, login=1) + if last_id and show_new: + return last_id + else: + return False -def update_smon() -> None: - smon_id = common.checkAjaxInput(form.getvalue('id')) - name = common.checkAjaxInput(form.getvalue('updateSmonName')) - ip = common.checkAjaxInput(form.getvalue('updateSmonIp')) - port = common.checkAjaxInput(form.getvalue('updateSmonPort')) - en = common.checkAjaxInput(form.getvalue('updateSmonEn')) - url = common.checkAjaxInput(form.getvalue('updateSmonUrl')) - body = common.checkAjaxInput(form.getvalue('updateSmonBody')) - telegram = common.checkAjaxInput(form.getvalue('updateSmonTelegram')) - slack = common.checkAjaxInput(form.getvalue('updateSmonSlack')) - pd = common.checkAjaxInput(form.getvalue('updateSmonPD')) - group = common.checkAjaxInput(form.getvalue('updateSmonGroup')) - desc = common.checkAjaxInput(form.getvalue('updateSmonDesc')) - check_type = common.checkAjaxInput(form.getvalue('check_type')) - resolver = common.checkAjaxInput(form.getvalue('updateSmonResServer')) - record_type = common.checkAjaxInput(form.getvalue('updateSmonRecordType')) - packet_size = common.checkAjaxInput(form.getvalue('updateSmonPacket_size')) - http_method = common.checkAjaxInput(form.getvalue('updateSmon_http_method')) + +def update_smon(smon_id, name, ip, port, en, url, body, telegram, slack, pd, group, desc, check_type, + resolver, record_type, packet_size, http_method) -> str: is_edited = False if check_type == 'tcp': try: port = int(port) except Exception: - print('SMON error: port must number') - return None + raise Exception('SMON error: port must number') if port > 65535 or port < 0: - print('SMON error: port must be 0-65535') - return None + raise Exception('SMON error: port must be 0-65535') if check_type == 'ping': if int(packet_size) < 16: - print('SMON error: a packet size cannot be less than 16') - return None + raise Exception('SMON error: a packet size cannot be less than 16') - roxywi_common.check_user_group() try: if sql.update_smon(smon_id, name, telegram, slack, pd, group, desc, en): if check_type == 'http': @@ -103,36 +68,29 @@ def update_smon() -> None: is_edited = sql.update_smonDns(smon_id, ip, port, resolver, record_type) if is_edited: - print("Ok") roxywi_common.logging('SMON', f' The SMON server {name} has been update ', roxywi=1, login=1) + return "Ok" except Exception as e: - print(e) + raise Exception(f'error: Cannot update the server: {e}') -def show_smon() -> None: +def show_smon(sort: str) -> str: user_group = roxywi_common.get_user_group(id=1) - lang = roxywi_common.get_user_lang() - sort = common.checkAjaxInput(form.getvalue('sort')) - env = Environment(loader=FileSystemLoader('templates'), autoescape=True) - template = env.get_template('ajax/smon/smon_dashboard.html') - template = template.render(smon=sql.smon_list(user_group), sort=sort, lang=lang, update=1) - print(template) + lang = roxywi_common.get_user_lang_for_flask() + + return render_template('ajax/smon/smon_dashboard.html', smon=sql.smon_list(user_group), sort=sort, lang=lang, update=1) -def delete_smon() -> None: - user_group = roxywi_common.get_user_group(id=1) - smon_id = common.checkAjaxInput(form.getvalue('smondel')) - - if roxywi_common.check_user_group(): - try: - if sql.delete_smon(smon_id, user_group): - print('Ok') - roxywi_common.logging('SMON', ' The server from SMON has been delete ', roxywi=1, login=1) - except Exception as e: - print(e) +def delete_smon(smon_id, user_group) -> str: + try: + if sql.delete_smon(smon_id, user_group): + roxywi_common.logging('SMON', ' The server from SMON has been delete ', roxywi=1, login=1) + return 'Ok' + except Exception as e: + raise Exception(f'error: Cannot delete the server {e}') -def history_metrics(server_id: int, check_id: int) -> None: +def history_metrics(server_id: int, check_id: int) -> dict: metric = sql.select_smon_history(server_id, check_id) metrics = {'chartData': {}} @@ -147,23 +105,24 @@ def history_metrics(server_id: int, check_id: int) -> None: metrics['chartData']['labels'] = labels metrics['chartData']['curr_con'] = curr_con - print(json.dumps(metrics)) + return metrics def history_statuses(dashboard_id: int, check_id: int) -> None: - env = Environment(loader=FileSystemLoader('templates'), autoescape=True) - template = env.get_template('ajax/smon/history_status.html') smon_statuses = sql.select_smon_history(dashboard_id, check_id) - rendered_template = template.render(smon_statuses=smon_statuses) - print(rendered_template) + return render_template('ajax/smon/history_status.html', smon_statuses=smon_statuses) def history_cur_status(dashboard_id: int, check_id: int) -> None: - env = Environment(loader=FileSystemLoader('templates'), autoescape=True) - template = env.get_template('ajax/smon/cur_status.html') cur_status = sql.get_last_smon_status_by_check(dashboard_id, check_id) smon = sql.select_one_smon(dashboard_id, check_id) - rendered_template = template.render(cur_status=cur_status, smon=smon) - print(rendered_template) + return render_template('ajax/smon/cur_status.html', cur_status=cur_status, smon=smon) + + +def return_smon_status(): + cmd = "systemctl is-active roxy-wi-smon" + smon_status, stderr = server_mod.subprocess_execute(cmd) + + return smon_status, stderr \ No newline at end of file diff --git a/app/nettools.py b/app/nettools.py deleted file mode 100644 index f927634c..00000000 --- a/app/nettools.py +++ /dev/null @@ -1,32 +0,0 @@ -#!/usr/bin/env python3 -import sys - -import modules.common.common as common -import modules.roxywi.roxy as roxywi_mod -import modules.roxywi.auth as roxywi_auth -import modules.roxywi.common as roxywi_common - -from jinja2 import Environment, FileSystemLoader -env = Environment(loader=FileSystemLoader('templates/'), autoescape=True) -template = env.get_template('nettools.html') -form = common.form - -print('Content-type: text/html\n') - -user_params = roxywi_common.get_users_params(virt=1) - -try: - roxywi_auth.check_login(user_params['user_uuid'], user_params['token']) -except Exception as e: - print(f'error {e}') - sys.exit() - -output_from_parsed_template = template.render(h2=1, autorefresh=0, - role=user_params['role'], - user=user_params['user'], - servers=user_params['servers'], - versions=roxywi_mod.versions(), - user_services=user_params['user_services'], - token=user_params['token'], - lang=user_params['lang']) -print(output_from_parsed_template) diff --git a/app/options.py b/app/options.py deleted file mode 100644 index 9320da6a..00000000 --- a/app/options.py +++ /dev/null @@ -1,1567 +0,0 @@ -#!/usr/bin/env python3 -# -*- coding: utf-8 -*- -import os -import sys -import http.cookies -from uuid import UUID - -from jinja2 import Environment, FileSystemLoader - -import modules.db.sql as sql -import modules.server.ssh as ssh_mod -import modules.common.common as common -import modules.config.add as add_mod -import modules.config.config as config_mod -import modules.roxywi.common as roxywi_common -import modules.roxy_wi_tools as roxy_wi_tools -import modules.server.server as server_mod -import modules.service.common as service_common -import modules.service.installation as service_mod - -get_config = roxy_wi_tools.GetConfigVar() -time_zone = sql.get_setting('time_zone') -get_date = roxy_wi_tools.GetDate(time_zone) - -form = common.form -serv = common.is_ip_or_dns(form.getvalue('serv')) -service = common.checkAjaxInput(form.getvalue('service')) -act = form.getvalue("act") -token = form.getvalue("token") - -if any(( - form.getvalue('new_metrics'), form.getvalue('new_http_metrics'), form.getvalue('new_waf_metrics'), form.getvalue('new_nginx_metrics'), - form.getvalue('new_apache_metrics'), form.getvalue('metrics_hapwi_ram'), form.getvalue('metrics_hapwi_cpu'), form.getvalue('getoption'), - form.getvalue('getsavedserver'), form.getvalue('smon_history_check')) -): - print('Content-type: application/json\n') -else: - print('Content-type: text/html\n') - -if act == "checkrestart": - servers = roxywi_common.get_dick_permit(ip=serv) - for server in servers: - if server != "": - print("ok") - sys.exit() - sys.exit() - -try: - uuid_obj = UUID(token, version=4) -except ValueError: - print('error: Your token is not valid') - sys.exit() -except Exception: - print('error: There is no token') - sys.exit() - -if not sql.check_token_exists(token): - print('error: Your token has been expired') - sys.exit() - -if form.getvalue('checkSshConnect') is not None and serv is not None: - try: - print(server_mod.ssh_command(serv, ["ls -1t"])) - except Exception as e: - print(e) - -if form.getvalue('getcerts') is not None and serv is not None: - add_mod.get_ssl_certs(serv) - -if form.getvalue('getcert') is not None and serv is not None: - cert_id = common.checkAjaxInput(form.getvalue('getcert')) - add_mod.get_ssl_cert(serv, cert_id) - -if form.getvalue('getcert_raw') is not None and serv is not None: - cert_id = common.checkAjaxInput(form.getvalue('getcert_raw')) - add_mod.get_ssl_raw_cert(serv, cert_id) - -if form.getvalue('delcert') is not None and serv is not None: - cert_id = common.checkAjaxInput(form.getvalue('delcert')) - add_mod.del_ssl_cert(serv, cert_id) - -if serv and form.getvalue('ssl_cert'): - ssl_name = common.checkAjaxInput(form.getvalue('ssl_name')) - ssl_cont = form.getvalue('ssl_cert') - add_mod.upload_ssl_cert(serv, ssl_name, ssl_cont) - -if form.getvalue('backend') is not None: - import modules.config.runtime as runtime - runtime.show_backends(serv) - -if form.getvalue('ip_select') is not None: - import modules.config.runtime as runtime - runtime.show_backends(serv) - -if form.getvalue('ipbackend') is not None and form.getvalue('backend_server') is None: - import modules.config.runtime as runtime - - runtime.show_frontend_backend() - -if form.getvalue('ipbackend') is not None and form.getvalue('backend_server') is not None: - import modules.config.runtime as runtime - - runtime.show_server() - -if form.getvalue('backend_ip') is not None: - import modules.config.runtime as runtime - - runtime.change_ip_and_port() - -if form.getvalue('maxconn_select') is not None: - import modules.config.runtime as runtime - serv = common.checkAjaxInput(form.getvalue('maxconn_select')) - runtime.get_backends_from_config(serv, backends='frontend') - -if form.getvalue('maxconn_global') is not None: - import modules.config.runtime as runtime - - runtime.change_maxconn_global() - -if form.getvalue('maxconn_frontend') is not None: - import modules.config.runtime as runtime - - runtime.change_maxconn_frontend() - -if form.getvalue('maxconn_backend') is not None: - import modules.config.runtime as runtime - - runtime.change_maxconn_backend() - -if form.getvalue('table_serv_select') is not None: - import modules.config.runtime as runtime - print(runtime.get_all_stick_table()) - -if form.getvalue('table_select') is not None: - import modules.config.runtime as runtime - - runtime.table_select() - -if form.getvalue('ip_for_delete') is not None: - import modules.config.runtime as runtime - - runtime.delete_ip_from_stick_table() - -if form.getvalue('table_for_clear') is not None: - import modules.config.runtime as runtime - - runtime.clear_stick_table() - -if form.getvalue('list_serv_select') is not None: - import modules.config.runtime as runtime - - runtime.list_of_lists() - -if form.getvalue('list_select_id') is not None: - import modules.config.runtime as runtime - - runtime.show_lists() - -if form.getvalue('list_id_for_delete') is not None: - import modules.config.runtime as runtime - - runtime.delete_ip_from_list() - -if form.getvalue('list_ip_for_add') is not None: - import modules.config.runtime as runtime - - runtime.add_ip_to_list() - -if form.getvalue('sessions_select') is not None: - import modules.config.runtime as runtime - - runtime.select_session() - -if form.getvalue('sessions_select_show') is not None: - import modules.config.runtime as runtime - - runtime.show_session() - -if form.getvalue('session_delete_id') is not None: - import modules.config.runtime as runtime - - runtime.delete_session() - -if form.getvalue("change_pos") is not None: - pos = common.checkAjaxInput(form.getvalue('change_pos')) - server_id = common.checkAjaxInput(form.getvalue('pos_server_id')) - sql.update_server_pos(pos, server_id) - -if form.getvalue('show_ip') is not None and serv is not None: - commands = ['sudo hostname -i | tr " " "\n"|grep -v "%"'] - server_mod.ssh_command(serv, commands, ip="1") - -if form.getvalue('showif'): - commands = ["sudo ip link|grep 'UP' |grep -v 'lo'| awk '{print $2}' |awk -F':' '{print $1}'"] - server_mod.ssh_command(serv, commands, ip="1") - -if form.getvalue('action_hap') is not None and serv is not None: - import modules.service.action as service_action - - action = form.getvalue('action_hap') - service_action.action_haproxy(serv, action) - -if form.getvalue('action_nginx') is not None and serv is not None: - import modules.service.action as service_action - - action = form.getvalue('action_nginx') - service_action.action_nginx(serv, action) - -if form.getvalue('action_keepalived') is not None and serv is not None: - import modules.service.action as service_action - - action = form.getvalue('action_keepalived') - service_action.action_keepalived(serv, action) - -if form.getvalue('action_waf') is not None and serv is not None: - import modules.service.action as service_action - - action = form.getvalue('action_waf') - service_action.action_haproxy_waf(serv, action) - -if form.getvalue('action_waf_nginx') is not None and serv is not None: - import modules.service.action as service_action - - action = form.getvalue('action_waf_nginx') - service_action.action_nginx_waf(serv, action) - -if form.getvalue('action_apache') is not None and serv is not None: - import modules.service.action as service_action - - action = form.getvalue('action_apache') - service_action.action_apache(serv, action) - -if form.getvalue('action_service') is not None: - import modules.roxywi.roxy as roxy - - action = common.checkAjaxInput(form.getvalue('action_service')) - roxy.action_service(action, serv) - -if act == "overviewHapserverBackends": - service_common.overview_backends(serv, service) - -if form.getvalue('show_userlists'): - add_mod.show_userlist(serv) - -if act == "overviewHapservers": - service_common.get_overview_last_edit(serv, service) - -if act == "overview": - import modules.roxywi.overview as roxy_overview - - roxy_overview.show_overview(serv) - -if act == "overviewwaf": - import modules.roxywi.waf as roxy_waf - - waf_service = service - serv = common.checkAjaxInput(serv) - roxy_waf.waf_overview(serv, waf_service) - -if act == "overviewServers": - server_id = common.checkAjaxInput(form.getvalue('id')) - name = common.checkAjaxInput(form.getvalue('name')) - - service_common.overview_service(serv, server_id, name, service) - -if act == "overviewServices": - import modules.roxywi.overview as roxy_overview - - roxy_overview.show_services_overview() - -if form.getvalue('action'): - import modules.service.haproxy as service_haproxy - - service_haproxy.stat_page_action(serv) - -if serv is not None and act == "stats": - service_common.get_stat_page(serv, service) - -if serv is not None and any((form.getvalue('show_log'), form.getvalue('rows1'), form.getvalue('viewlogs'))): - import modules.roxywi.logs as roxywi_logs - - waf = 0 - rows = form.getvalue('show_log') - service = service - - if form.getvalue('rows1'): - rows = form.getvalue('rows1') - service = 'apache_internal' - elif form.getvalue('show_log'): - waf = form.getvalue('waf') - elif form.getvalue('viewlogs'): - serv = form.getvalue('viewlogs') - rows = form.getvalue('rows') - service = 'internal' - - grep = form.getvalue('grep') - hour = form.getvalue('hour') - minute = form.getvalue('minut') - hour1 = form.getvalue('hour1') - minute1 = form.getvalue('minut1') - - if roxywi_common.check_user_group(): - out = roxywi_logs.show_roxy_log(serv=serv, rows=rows, waf=waf, grep=grep, hour=hour, minute=minute, hour1=hour1, - minute1=minute1, service=service) - print(out) - -if serv is not None and act == "showMap": - import modules.service.haproxy as service_haproxy - - service_haproxy.show_map(serv) - -if form.getvalue('servaction') is not None: - import modules.service.haproxy as service_haproxy - - service_haproxy.runtime_command(serv) - -if act == "showCompareConfigs": - config_mod.show_compare_config(serv) - -if serv is not None and form.getvalue('right') is not None: - config_mod.compare_config() - -if serv is not None and act == "configShow": - config_mod.show_config(serv) - -if act == 'configShowFiles': - config_mod.show_config_files(serv) - -if act == 'showRemoteLogFiles': - log_path = sql.get_setting(f'{service}_path_logs') - return_files = server_mod.get_remote_files(serv, log_path, 'log') - if 'error: ' in return_files: - print(return_files) - sys.exit() - - lang = roxywi_common.get_user_lang() - env = Environment(loader=FileSystemLoader('templates/'), autoescape=True) - template = env.get_template('ajax/show_log_files.html') - template = template.render(serv=serv, return_files=return_files, path_dir=log_path, lang=lang) - print(template) - -if form.getvalue('master'): - master = form.getvalue('master') - eth = form.getvalue('interface') - eth_slave = form.getvalue('slave_interface') - vrrp_ip = form.getvalue('vrrpip') - syn_flood = form.getvalue('syn_flood') - virt_server = int(form.getvalue('virt_server')) - return_to_master = form.getvalue('return_to_master') - haproxy = form.getvalue('hap') - nginx = form.getvalue('nginx') - router_id = form.getvalue('router_id') - - try: - service_mod.keepalived_master_install(master, eth, eth_slave, vrrp_ip, virt_server, syn_flood, return_to_master, - haproxy, nginx, router_id) - except Exception as e: - print(f'{e}') - -if form.getvalue('master_slave'): - master = form.getvalue('master_slave') - slave = form.getvalue('slave') - eth = form.getvalue('interface') - eth_slave = form.getvalue('slave_interface') - vrrp_ip = form.getvalue('vrrpip') - syn_flood = form.getvalue('syn_flood') - haproxy = form.getvalue('hap') - nginx = form.getvalue('nginx') - router_id = form.getvalue('router_id') - - try: - service_mod.keepalived_slave_install(master, slave, eth, eth_slave, vrrp_ip, syn_flood, haproxy, nginx, router_id) - except Exception as e: - print(f'{e}') - -if form.getvalue('masteradd'): - try: - service_mod.keepalived_masteradd() - except Exception as e: - print(f'{e}') - -if form.getvalue('masteradd_slave'): - try: - service_mod.keepalived_slaveadd() - except Exception as e: - print(f'{e}') - -if form.getvalue('master_slave_hap'): - master = form.getvalue('master_slave_hap') - slave = form.getvalue('slave') - server = form.getvalue('server') - docker = form.getvalue('docker') - - if server == 'master': - try: - service_mod.install_haproxy(master, server=server, docker=docker, m_or_s='master', master=master, slave=slave) - except Exception as e: - print(f'{e}') - elif server == 'slave': - try: - service_mod.install_haproxy(slave, server=server, docker=docker, m_or_s='slave', master=master, slave=slave) - except Exception as e: - print(f'{e}') - -if form.getvalue('master_slave_nginx'): - master = form.getvalue('master_slave_nginx') - slave = form.getvalue('slave') - server = form.getvalue('server') - docker = form.getvalue('docker') - - if server == 'master': - try: - service_mod.install_service(master, 'nginx', docker, server=server) - except Exception as e: - print(f'{e}') - elif server == 'slave': - try: - service_mod.install_service(slave, 'nginx', docker, server=server) - except Exception as e: - print(f'{e}') - -if form.getvalue('install_grafana'): - try: - service_mod.grafana_install() - except Exception as e: - print(f'{e}') - -if form.getvalue('haproxy_exp_install'): - import modules.service.exporter_installation as exp_installation - - exp_installation.haproxy_exp_installation() - -if form.getvalue('nginx_exp_install') or form.getvalue('apache_exp_install'): - import modules.service.exporter_installation as exp_installation - - exp_installation.nginx_apache_exp_installation() - -if form.getvalue('node_exp_install'): - import modules.service.exporter_installation as exp_installation - - service = 'node' - exp_installation.node_keepalived_exp_installation(service) - -if form.getvalue('keepalived_exp_install'): - import modules.service.exporter_installation as exp_installation - - service = 'keepalived' - exp_installation.node_keepalived_exp_installation(service) - -if form.getvalue('backup') or form.getvalue('deljob') or form.getvalue('backupupdate'): - import modules.service.backup as backup_mod - - server = common.is_ip_or_dns(form.getvalue('server')) - rpath = common.checkAjaxInput(form.getvalue('rpath')) - time = common.checkAjaxInput(form.getvalue('time')) - backup_type = common.checkAjaxInput(form.getvalue('type')) - rserver = common.checkAjaxInput(form.getvalue('rserver')) - cred = int(form.getvalue('cred')) - deljob = common.checkAjaxInput(form.getvalue('deljob')) - update = common.checkAjaxInput(form.getvalue('backupupdate')) - description = common.checkAjaxInput(form.getvalue('description')) - - try: - backup_mod.backup(server, rpath, time, backup_type, rserver, cred, deljob, update, description) - except Exception as e: - print(e) - -if any((form.getvalue('s3_backup_server'), form.getvalue('dels3job'))): - import modules.service.backup as backup_mod - - server = common.is_ip_or_dns(form.getvalue('s3_backup_server')) - s3_server = common.checkAjaxInput(form.getvalue('s3_server')) - bucket = common.checkAjaxInput(form.getvalue('s3_bucket')) - secret_key = common.checkAjaxInput(form.getvalue('s3_secret_key')) - access_key = common.checkAjaxInput(form.getvalue('s3_access_key')) - time = common.checkAjaxInput(form.getvalue('time')) - deljob = common.checkAjaxInput(form.getvalue('dels3job')) - description = common.checkAjaxInput(form.getvalue('description')) - - backup_mod.s3_backup(server, s3_server, bucket, secret_key, access_key, time, deljob, description) - -if form.getvalue('git_backup'): - import modules.service.backup as backup_mod - - server_id = form.getvalue('server') - service_id = form.getvalue('git_service') - git_init = form.getvalue('git_init') - repo = form.getvalue('git_repo') - branch = form.getvalue('git_branch') - period = form.getvalue('time') - cred = form.getvalue('cred') - deljob = form.getvalue('git_deljob') - description = form.getvalue('description') - - backup_mod.git_backup(server_id, service_id, git_init, repo, branch, period, cred, deljob, description) - -if form.getvalue('install_service'): - server_ip = common.is_ip_or_dns(form.getvalue('install_service')) - docker = common.checkAjaxInput(form.getvalue('docker')) - - if service in ('nginx', 'apache'): - try: - service_mod.install_service(server_ip, service, docker) - except Exception as e: - print(e) - else: - print('warning: wrong service') - -if form.getvalue('haproxyaddserv'): - try: - service_mod.install_haproxy(form.getvalue('haproxyaddserv'), syn_flood=form.getvalue('syn_flood'), - hapver=form.getvalue('hapver'), docker=form.getvalue('docker')) - except Exception as e: - print(e) - -if form.getvalue('installwaf'): - if service == 'haproxy': - try: - service_mod.waf_install(common.checkAjaxInput(form.getvalue('installwaf'))) - except Exception as e: - print(e) - else: - try: - service_mod.waf_nginx_install(common.checkAjaxInput(form.getvalue('installwaf'))) - except Exception as e: - print(e) - -if form.getvalue('geoip_install'): - try: - service_mod.geoip_installation() - except Exception as e: - print(e) - -if form.getvalue('update_roxy_wi'): - import modules.roxywi.roxy as roxy - - service = form.getvalue('service') - - try: - roxy.update_roxy_wi(service) - except Exception as e: - print(e) - -if form.getvalue('metrics_waf'): - metrics_waf = common.checkAjaxInput(form.getvalue('metrics_waf')) - sql.update_waf_metrics_enable(metrics_waf, form.getvalue('enable')) - -if form.getvalue('table_metrics'): - roxywi_common.check_user_group() - lang = roxywi_common.get_user_lang() - group_id = roxywi_common.get_user_group(id=1) - if service in ('nginx', 'apache'): - metrics = sql.select_service_table_metrics(service, group_id) - else: - metrics = sql.select_table_metrics(group_id) - - env = Environment(loader=FileSystemLoader('templates/'), autoescape=True) - template = env.get_template('ajax/table_metrics.html') - - template = template.render(table_stat=metrics, service=service, lang=lang) - print(template) - -if form.getvalue('metrics_hapwi_ram'): - import modules.roxywi.metrics as metric - metrics_type = common.checkAjaxInput(form.getvalue('ip')) - - metric.show_ram_metrics(metrics_type) - -if form.getvalue('metrics_hapwi_cpu'): - import modules.roxywi.metrics as metric - - metrics_type = common.checkAjaxInput(form.getvalue('ip')) - - metric.show_cpu_metrics(metrics_type) - -if form.getvalue('new_metrics'): - import modules.roxywi.metrics as metric - - server_ip = common.is_ip_or_dns(form.getvalue('server')) - hostname = sql.get_hostname_by_server_ip(server_ip) - time_range = common.checkAjaxInput(form.getvalue('time_range')) - - metric.haproxy_metrics(server_ip, hostname, time_range) - -if form.getvalue('new_http_metrics'): - import modules.roxywi.metrics as metric - - server_ip = common.is_ip_or_dns(form.getvalue('server')) - hostname = sql.get_hostname_by_server_ip(server_ip) - time_range = common.checkAjaxInput(form.getvalue('time_range')) - - metric.haproxy_http_metrics(server_ip, hostname, time_range) - -if any((form.getvalue('new_nginx_metrics'), form.getvalue('new_apache_metrics'), form.getvalue('new_waf_metrics'))): - import modules.roxywi.metrics as metric - - server_ip = common.is_ip_or_dns(form.getvalue('server')) - hostname = sql.get_hostname_by_server_ip(server_ip) - time_range = common.checkAjaxInput(form.getvalue('time_range')) - service = '' - - if form.getvalue('new_nginx_metrics'): - service = 'nginx' - elif form.getvalue('new_apache_metrics'): - service = 'apache' - elif form.getvalue('new_waf_metrics'): - service = 'waf' - - metric.service_metrics(server_ip, hostname, service, time_range) - -if form.getvalue('get_hap_v'): - print(service_common.check_haproxy_version(serv)) - -if form.getvalue('get_service_v'): - service = common.checkAjaxInput(form.getvalue('get_service_v')) - server_ip = common.is_ip_or_dns(serv) - - service_common.show_service_version(server_ip, service) - -if form.getvalue('get_keepalived_v'): - cmd = ["sudo /usr/sbin/keepalived -v 2>&1|head -1|awk '{print $2}'"] - print(server_mod.ssh_command(serv, cmd)) - -if form.getvalue('get_exporter_v'): - print(service_common.get_exp_version(serv, form.getvalue('get_exporter_v'))) - -if form.getvalue('bwlists'): - color = common.checkAjaxInput(form.getvalue('color')) - group = common.checkAjaxInput(form.getvalue('group')) - bwlists = common.checkAjaxInput(form.getvalue('bwlists')) - - add_mod.get_bwlist(color, group, bwlists) - -if form.getvalue('bwlists_create'): - list_name = common.checkAjaxInput(form.getvalue('bwlists_create')) - color = common.checkAjaxInput(form.getvalue('color')) - group = common.checkAjaxInput(form.getvalue('group')) - - add_mod.create_bwlist(serv, list_name, color, group) - -if form.getvalue('bwlists_save'): - color = common.checkAjaxInput(form.getvalue('color')) - group = common.checkAjaxInput(form.getvalue('group')) - bwlists_save = common.checkAjaxInput(form.getvalue('bwlists_save')) - list_con = form.getvalue('bwlists_content') - action = common.checkAjaxInput(form.getvalue('bwlists_restart')) - - add_mod.save_bwlist(bwlists_save, list_con, color, group, serv, action) - -if form.getvalue('bwlists_delete'): - color = common.checkAjaxInput(form.getvalue('color')) - list_name = common.checkAjaxInput(form.getvalue('bwlists_delete')) - group = common.checkAjaxInput( form.getvalue('group')) - - add_mod.delete_bwlist(list_name, color, group, serv) - -if form.getvalue('get_lists'): - group = common.checkAjaxInput(form.getvalue('group')) - color = common.checkAjaxInput(form.getvalue('color')) - add_mod.get_bwlists_for_autocomplete(color, group) - -if form.getvalue('edit_map'): - group = common.checkAjaxInput(form.getvalue('group')) - map_name = common.checkAjaxInput(form.getvalue('edit_map')) - - add_mod.edit_map(map_name, group) - -if form.getvalue('map_create'): - map_name = common.checkAjaxInput(form.getvalue('map_create')) - group = common.checkAjaxInput(form.getvalue('group')) - - try: - add_mod.create_map(serv, map_name, group) - except Exception as e: - print(e) - -if form.getvalue('map_save'): - group = common.checkAjaxInput(form.getvalue('group')) - map_save = common.checkAjaxInput(form.getvalue('map_save')) - content = form.getvalue('content') - action = common.checkAjaxInput(form.getvalue('map_restart')) - - add_mod.save_map(map_save, content, group, serv, action) - -if form.getvalue('map_delete'): - map_name = common.checkAjaxInput(form.getvalue('map_delete')) - group = common.checkAjaxInput( form.getvalue('group')) - server_id = common.checkAjaxInput( form.getvalue('serv')) - - add_mod.delete_map(map_name, group, server_id) - -if form.getvalue('get_ldap_email'): - import modules.roxywi.user as roxywi_user - - roxywi_user.get_ldap_email() - -if form.getvalue('change_waf_mode'): - import modules.roxywi.waf as roxy_waf - - roxy_waf.change_waf_mode() - -error_mess = roxywi_common.return_error_message() - -if form.getvalue('newuser') is not None: - import modules.roxywi.user as roxywi_user - - email = common.checkAjaxInput(form.getvalue('newemail')) - password = common.checkAjaxInput(form.getvalue('newpassword')) - role = common.checkAjaxInput(form.getvalue('newrole')) - new_user = common.checkAjaxInput(form.getvalue('newusername')) - page = common.checkAjaxInput(form.getvalue('page')) - activeuser = common.checkAjaxInput(form.getvalue('activeuser')) - group = common.checkAjaxInput(form.getvalue('newgroupuser')) - lang = roxywi_common.get_user_lang() - - if roxywi_user.create_user(new_user, email, password, role, activeuser, group): - env = Environment(loader=FileSystemLoader('templates/'), autoescape=True) - template = env.get_template('ajax/new_user.html') - - template = template.render(users=sql.select_users(user=new_user), - groups=sql.select_groups(), - page=page, - roles=sql.select_roles(), - adding=1, - lang=lang) - print(template) - -if form.getvalue('userdel') is not None: - import modules.roxywi.user as roxywi_user - - try: - roxywi_user.delete_user() - except Exception as e: - print(e) - -if form.getvalue('updateuser') is not None: - import modules.roxywi.user as roxywi_user - - roxywi_user.update_user() - -if form.getvalue('updatepassowrd') is not None: - import modules.roxywi.user as roxywi_user - - roxywi_user.update_user_password() - -if form.getvalue('newserver') is not None: - hostname = common.checkAjaxInput(form.getvalue('servername')) - ip = common.is_ip_or_dns(form.getvalue('newip')) - group = common.checkAjaxInput(form.getvalue('newservergroup')) - typeip = common.checkAjaxInput(form.getvalue('typeip')) - haproxy = common.checkAjaxInput(form.getvalue('haproxy')) - nginx = common.checkAjaxInput(form.getvalue('nginx')) - apache = common.checkAjaxInput(form.getvalue('apache')) - firewall = common.checkAjaxInput(form.getvalue('firewall')) - enable = common.checkAjaxInput(form.getvalue('enable')) - master = common.checkAjaxInput(form.getvalue('slave')) - cred = common.checkAjaxInput(form.getvalue('cred')) - page = common.checkAjaxInput(form.getvalue('page')) - page = page.split("#")[0] - port = common.checkAjaxInput(form.getvalue('newport')) - desc = common.checkAjaxInput(form.getvalue('desc')) - add_to_smon = common.checkAjaxInput(form.getvalue('add_to_smon')) - lang = roxywi_common.get_user_lang() - - if ip == '': - print('error: IP or DNS name is not valid') - sys.exit() - try: - if server_mod.create_server(hostname, ip, group, typeip, enable, master, cred, port, desc, haproxy, nginx, apache, firewall): - try: - user_subscription = roxywi_common.return_user_status() - except Exception as e: - user_subscription = roxywi_common.return_unsubscribed_user_status() - roxywi_common.logging('Roxy-WI server', f'Cannot get a user plan: {e}', roxywi=1) - - env = Environment(loader=FileSystemLoader('templates/'), autoescape=True) - template = env.get_template('ajax/new_server.html') - template = template.render(groups=sql.select_groups(), servers=sql.select_servers(server=ip), - masters=sql.select_servers(get_master_servers=1), sshs=sql.select_ssh(group=group), - page=page, user_status=user_subscription['user_status'], user_plan=user_subscription['user_plan'], - adding=1,lang=lang) - print(template) - roxywi_common.logging(ip, f'A new server {hostname} has been created', roxywi=1, login=1, keep_history=1, service='server') - - if add_to_smon: - import modules.tools.smon as smon_mod - - user_group = roxywi_common.get_user_group(id=1) - smon_mod.create_smon(hostname, ip, 0, 1, 0, 0, hostname, desc, 0, 0, 0, 56, 'ping', 0, 0, user_group, 0) - - except Exception as e: - print(f'error: {e}') - -if act == 'after_adding': - hostname = common.checkAjaxInput(form.getvalue('servername')) - ip = common.is_ip_or_dns(form.getvalue('newip')) - group = common.checkAjaxInput(form.getvalue('newservergroup')) - scan_server = common.checkAjaxInput(form.getvalue('scan_server')) - - try: - server_mod.update_server_after_creating(hostname, ip, scan_server) - except Exception as e: - print(e) - -if form.getvalue('updatehapwiserver') is not None: - hapwi_id = form.getvalue('updatehapwiserver') - active = form.getvalue('active') - name = form.getvalue('name') - alert = form.getvalue('alert_en') - metrics = form.getvalue('metrics') - service = form.getvalue('service_name') - sql.update_hapwi_server(hapwi_id, alert, metrics, active, service) - server_ip = sql.select_server_ip_by_id(hapwi_id) - roxywi_common.logging(server_ip, f'The server {name} has been updated ', roxywi=1, login=1, keep_history=1, service=service) - -if form.getvalue('updateserver') is not None: - name = form.getvalue('updateserver') - group = form.getvalue('servergroup') - typeip = form.getvalue('typeip') - firewall = form.getvalue('firewall') - enable = form.getvalue('enable') - master = form.getvalue('slave') - serv_id = form.getvalue('id') - cred = form.getvalue('cred') - port = form.getvalue('port') - protected = form.getvalue('protected') - desc = form.getvalue('desc') - - if name is None or port is None: - print(error_mess) - else: - sql.update_server(name, group, typeip, enable, master, serv_id, cred, port, desc, firewall, protected) - roxywi_common.logging(f'the server {name}', ' has been updated ', roxywi=1, login=1) - server_ip = sql.select_server_ip_by_id(serv_id) - roxywi_common.logging(server_ip, f'The server {name} has been update', roxywi=1, login=1, keep_history=1, service='server') - -if form.getvalue('serverdel') is not None: - server_id = common.checkAjaxInput(form.getvalue('serverdel')) - - server_mod.delete_server(server_id) - -if form.getvalue('newgroup') is not None: - newgroup = common.checkAjaxInput(form.getvalue('groupname')) - desc = common.checkAjaxInput(form.getvalue('newdesc')) - if newgroup is None: - print(error_mess) - else: - try: - if sql.add_group(newgroup, desc): - env = Environment(loader=FileSystemLoader('templates/ajax/'), autoescape=True) - template = env.get_template('/new_group.html') - - output_from_parsed_template = template.render(groups=sql.select_groups(group=newgroup)) - print(output_from_parsed_template) - roxywi_common.logging('Roxy-WI server', f'A new group {newgroup} has been created', roxywi=1, login=1) - except Exception as e: - print(e) - -if form.getvalue('groupdel') is not None: - import modules.roxywi.group as group_mod - - group_id = common.checkAjaxInput(form.getvalue('groupdel')) - group_mod.delete_group(group_id) - - -if form.getvalue('updategroup') is not None: - import modules.roxywi.group as group_mod - - name = common.checkAjaxInput(form.getvalue('updategroup')) - desc = common.checkAjaxInput(form.getvalue('descript')) - group_id = common.checkAjaxInput(form.getvalue('id')) - group_mod.update_group(group_id, name, desc) - -if form.getvalue('new_ssh'): - ssh_mod.create_ssh_cred() - -if form.getvalue('sshdel') is not None: - ssh_mod.delete_ssh_key() - -if form.getvalue('updatessh'): - ssh_mod.update_ssh_key() - -if form.getvalue('ssh_cert'): - user_group = roxywi_common.get_user_group() - name = common.checkAjaxInput(form.getvalue('name')) - key = form.getvalue('ssh_cert') - - try: - ssh_mod.upload_ssh_key(name, user_group, key) - except Exception as e: - print(e) - -if form.getvalue('new_receiver'): - import modules.alerting.alerting as alerting - - token = common.checkAjaxInput(form.getvalue('new_receiver')) - receiver_name = common.checkAjaxInput(form.getvalue('receiver_name')) - channel = common.checkAjaxInput(form.getvalue('chanel')) - group = common.checkAjaxInput(form.getvalue('group_receiver')) - page = common.checkAjaxInput(form.getvalue('page')) - page = page.split("#")[0] - - alerting.add_receiver_channel(receiver_name, token, channel, group, page) - -if form.getvalue('receiver_del') is not None: - import modules.alerting.alerting as alerting - - channel_id = common.checkAjaxInput(form.getvalue('receiver_del')) - receiver_name = common.checkAjaxInput(form.getvalue('receiver_name')) - - alerting.delete_receiver_channel(channel_id, receiver_name) - -if form.getvalue('update_receiver_token') is not None: - import modules.alerting.alerting as alerting - - receiver_name = common.checkAjaxInput(form.getvalue('receiver_name')) - token = common.checkAjaxInput(form.getvalue('update_receiver_token')) - channel = common.checkAjaxInput(form.getvalue('update_receiver_channel')) - group = common.checkAjaxInput(form.getvalue('update_receiver_group')) - user_id = common.checkAjaxInput(form.getvalue('id')) - - alerting.update_receiver_channel(receiver_name, token, channel, group, user_id) - -if form.getvalue('updatesettings') is not None: - settings = common.checkAjaxInput(form.getvalue('updatesettings')) - val = common.checkAjaxInput(form.getvalue('val')) - user_group = roxywi_common.get_user_group(id=1) - if sql.update_setting(settings, val, user_group): - roxywi_common.logging('Roxy-WI server', f'The {settings} setting has been changed to: {val}', roxywi=1, login=1) - print("Ok") - -if form.getvalue('getuserservices'): - import modules.roxywi.user as roxy_user - - roxy_user.get_user_services() - -if act == 'show_user_group_and_role': - import modules.roxywi.user as roxy_user - - roxy_user.show_user_groups_and_roles() - -if act == 'save_user_group_and_role': - import modules.roxywi.user as roxy_user - - roxy_user.save_user_group_and_role() - -if form.getvalue('changeUserServicesId') is not None: - import modules.roxywi.user as roxy_user - - roxy_user.change_user_services() - -if form.getvalue('changeUserCurrentGroupId') is not None: - import modules.roxywi.user as roxy_user - - roxy_user.change_user_active_group() - -if form.getvalue('getcurrentusergroup') is not None: - import modules.roxywi.user as roxy_user - - cookie = http.cookies.SimpleCookie(os.environ.get("HTTP_COOKIE")) - user_id = cookie.get('uuid') - group = cookie.get('group') - - roxy_user.get_user_active_group(user_id, group) - -if form.getvalue('newsmonname') is not None: - import modules.tools.smon as smon_mod - - user_group = roxywi_common.get_user_group(id=1) - name = common.checkAjaxInput(form.getvalue('newsmonname')) - hostname = common.checkAjaxInput(form.getvalue('newsmon')) - port = common.checkAjaxInput(form.getvalue('newsmonport')) - enable = common.checkAjaxInput(form.getvalue('newsmonenable')) - url = common.checkAjaxInput(form.getvalue('newsmonurl')) - body = common.checkAjaxInput(form.getvalue('newsmonbody')) - group = common.checkAjaxInput(form.getvalue('newsmongroup')) - desc = common.checkAjaxInput(form.getvalue('newsmondescription')) - telegram = common.checkAjaxInput(form.getvalue('newsmontelegram')) - slack = common.checkAjaxInput(form.getvalue('newsmonslack')) - pd = common.checkAjaxInput(form.getvalue('newsmonpd')) - check_type = common.checkAjaxInput(form.getvalue('newsmonchecktype')) - resolver = common.checkAjaxInput(form.getvalue('newsmonresserver')) - record_type = common.checkAjaxInput(form.getvalue('newsmondns_record_type')) - packet_size = common.checkAjaxInput(form.getvalue('newsmonpacket_size')) - http_method = common.checkAjaxInput(form.getvalue('newsmon_http_method')) - - smon_mod.create_smon(name, hostname, port, enable, url, body, group, desc, telegram, slack, pd, packet_size, - check_type, resolver, record_type, user_group, http_method) - -if form.getvalue('smondel') is not None: - import modules.tools.smon as smon_mod - - smon_mod.delete_smon() - -if form.getvalue('showsmon') is not None: - import modules.tools.smon as smon_mod - - smon_mod.show_smon() - -if form.getvalue('updateSmonName') is not None: - import modules.tools.smon as smon_mod - - smon_mod.update_smon() - -if form.getvalue('smon_history_check') is not None: - import modules.tools.smon as smon_mod - - server_id = int(form.getvalue('server_id')) - check_id = int(form.getvalue('check_id')) - smon_mod.history_metrics(server_id, check_id) - -if form.getvalue('smon_history_statuses') is not None: - import modules.tools.smon as smon_mod - - dashboard_id = int(form.getvalue('dashboard_id')) - check_id = int(form.getvalue('check_id')) - smon_mod.history_statuses(dashboard_id, check_id) - -if form.getvalue('smon_cur_status') is not None: - import modules.tools.smon as smon_mod - - dashboard_id = int(form.getvalue('dashboard_id')) - check_id = int(form.getvalue('check_id')) - smon_mod.history_cur_status(dashboard_id, check_id) - -if form.getvalue('showBytes') is not None: - import modules.roxywi.overview as roxywi_overview - - server_ip = common.is_ip_or_dns(form.getvalue('showBytes')) - roxywi_overview.show_haproxy_binout(server_ip) - -if form.getvalue('nginxConnections'): - import modules.roxywi.overview as roxywi_overview - - server_ip = common.is_ip_or_dns(form.getvalue('nginxConnections')) - roxywi_overview.show_nginx_connections(server_ip) - -if form.getvalue('apachekBytes'): - import modules.roxywi.overview as roxywi_overview - - server_ip = common.is_ip_or_dns(form.getvalue('apachekBytes')) - roxywi_overview.show_apache_bytes(server_ip) - -if form.getvalue('keepalivedBecameMaster'): - import modules.roxywi.overview as roxywi_overview - - server_ip = common.is_ip_or_dns(form.getvalue('keepalivedBecameMaster')) - roxywi_overview.keepalived_became_master(server_ip) - -if form.getvalue('waf_rule_id'): - import modules.roxywi.waf as roxy_waf - - roxy_waf.switch_waf_rule(serv) - -if form.getvalue('new_waf_rule'): - import modules.roxywi.waf as roxy_waf - - roxy_waf.create_waf_rule(serv) - -if form.getvalue('lets_domain'): - lets_domain = common.checkAjaxInput(form.getvalue('lets_domain')) - lets_email = common.checkAjaxInput(form.getvalue('lets_email')) - - add_mod.get_le_cert(serv, lets_domain, lets_email) - -if form.getvalue('uploadovpn'): - name = common.checkAjaxInput(form.getvalue('ovpnname')) - - ovpn_file = f"{os.path.dirname('/tmp/')}/{name}.ovpn" - - try: - with open(ovpn_file, "w") as conf: - conf.write(form.getvalue('uploadovpn')) - except IOError as e: - print(str(e)) - print('error: Cannot save ovpn file') - else: - print('success: ovpn file has been saved ') - - try: - cmd = 'sudo openvpn3 config-import --config %s --persistent' % ovpn_file - server_mod.subprocess_execute(cmd) - except IOError as e: - roxywi_common.logging('Roxy-WI server', e.args[0], roxywi=1) - - try: - cmd = 'sudo cp %s /etc/openvpn3/%s.conf' % (ovpn_file, name) - server_mod.subprocess_execute(cmd) - except IOError as e: - roxywi_common.logging('Roxy-WI server', e.args[0], roxywi=1) - - roxywi_common.logging("Roxy-WI server", f" has been uploaded a new ovpn file {ovpn_file}", roxywi=1, login=1) - -if form.getvalue('openvpndel') is not None: - openvpndel = common.checkAjaxInput(form.getvalue('openvpndel')) - - cmd = f'sudo openvpn3 config-remove --config /tmp/{openvpndel}.ovpn --force' - try: - server_mod.subprocess_execute(cmd) - print("Ok") - roxywi_common.logging(openvpndel, ' has deleted the ovpn file ', roxywi=1, login=1) - except IOError as e: - print(e.args[0]) - roxywi_common.logging('Roxy-WI server', e.args[0], roxywi=1) - -if form.getvalue('actionvpn') is not None: - openvpn = common.checkAjaxInput(form.getvalue('openvpnprofile')) - action = common.checkAjaxInput(form.getvalue('actionvpn')) - - if action == 'start': - cmd = f'sudo openvpn3 session-start --config /tmp/{openvpn}.ovpn' - elif action == 'restart': - cmd = f'sudo openvpn3 session-manage --config /tmp/{openvpn}.ovpn --restart' - elif action == 'disconnect': - cmd = f'sudo openvpn3 session-manage --config /tmp/{openvpn}.ovpn --disconnect' - else: - print('error: wrong action') - sys.exit() - try: - server_mod.subprocess_execute(cmd) - print(f"success: The {openvpn} has been {action}ed") - roxywi_common.logging(openvpn, f' The ovpn session has been {action}ed ', roxywi=1, login=1) - except IOError as e: - print(e.args[0]) - roxywi_common.logging('Roxy-WI server', e.args[0], roxywi=1) - -if form.getvalue('scan_ports') is not None: - serv_id = common.checkAjaxInput(form.getvalue('scan_ports')) - server = sql.select_servers(id=serv_id) - ip = '' - - for s in server: - ip = s[2] - - cmd = f"sudo nmap -sS {ip} |grep -E '^[[:digit:]]'|sed 's/ */ /g'" - cmd1 = f"sudo nmap -sS {ip} |head -5|tail -2" - - stdout, stderr = server_mod.subprocess_execute(cmd) - stdout1, stderr1 = server_mod.subprocess_execute(cmd1) - - if stderr != '': - print(stderr) - else: - lang = roxywi_common.get_user_lang() - env = Environment(loader=FileSystemLoader('templates'), autoescape=True) - template = env.get_template('ajax/scan_ports.html') - template = template.render(ports=stdout, info=stdout1, lang=lang) - print(template) - -if form.getvalue('viewFirewallRules') is not None: - server_mod.show_firewalld_rules() - -if form.getvalue('geoipserv') is not None: - serv = common.checkAjaxInput(form.getvalue('geoipserv')) - service = common.checkAjaxInput(form.getvalue('geoip_service')) - if service in ('haproxy', 'nginx'): - service_dir = common.return_nice_path(sql.get_setting(f'{service}_dir')) - cmd = [f"ls {service_dir}geoip/"] - print(server_mod.ssh_command(serv, cmd)) - else: - print('warning: select a server and service first') - -if form.getvalue('nettools_icmp_server_from'): - import modules.roxywi.nettools as nettools - - nettools.ping_from_server() - -if form.getvalue('nettools_telnet_server_from'): - import modules.roxywi.nettools as nettools - - nettools.telnet_from_server() - -if form.getvalue('nettools_nslookup_server_from'): - import modules.roxywi.nettools as nettools - - nettools.nslookup_from_server() - -if form.getvalue('portscanner_history_server_id'): - server_id = common.checkAjaxInput(form.getvalue('portscanner_history_server_id')) - enabled = common.checkAjaxInput(form.getvalue('portscanner_enabled')) - notify = common.checkAjaxInput(form.getvalue('portscanner_notify')) - history = common.checkAjaxInput(form.getvalue('portscanner_history')) - user_group_id = [server[3] for server in sql.select_servers(id=server_id)] - - try: - if sql.insert_port_scanner_settings(server_id, user_group_id[0], enabled, notify, history): - print('ok') - else: - if sql.update_port_scanner_settings(server_id, user_group_id[0], enabled, notify, history): - print('ok') - except Exception as e: - print(e) - -if form.getvalue('show_versions'): - import modules.roxywi.roxy as roxy - env = Environment(loader=FileSystemLoader('templates')) - template = env.get_template('ajax/check_version.html') - template = template.render(versions=roxy.versions()) - print(template) - -if form.getvalue('get_group_name_by_id'): - print(sql.get_group_name_by_id(form.getvalue('get_group_name_by_id'))) - -if form.getvalue('new_provider_name'): - import modules.provisioning.provider as provider - - provider.create_provider() - -if form.getvalue('providerdel'): - import modules.provisioning.provider as provider - - provider.delete_provider() - -if form.getvalue('awsinit') or form.getvalue('doinit') or form.getvalue('gcoreinitserver'): - import modules.provisioning.server as prov_server - - prov_server.init_server() - -if form.getvalue('awsvars') or form.getvalue('awseditvars'): - import modules.provisioning.aws as aws - - aws.create_vars() - -if form.getvalue('dovars') or form.getvalue('doeditvars'): - import modules.provisioning.do as do - - do.create_vars() - -if form.getvalue('dovalidate') or form.getvalue('doeditvalidate'): - import modules.provisioning.do as do - - do.validate() - -if form.getvalue('doworkspace'): - import modules.provisioning.do as do - - do.new_workspace() - -if form.getvalue('doeditworkspace'): - import modules.provisioning.do as do - - do.edit_workspace() - -if form.getvalue('awsvalidate') or form.getvalue('awseditvalidate'): - import modules.provisioning.aws as aws - - aws.validate() - -if form.getvalue('awsworkspace'): - import modules.provisioning.aws as aws - - aws.new_workspace() - -if form.getvalue('awseditworkspace'): - import modules.provisioning.aws as aws - - aws.edit_workspace() - -if any((form.getvalue('awsprovisining'), form.getvalue('awseditingprovisining'), form.getvalue('doprovisining'), - form.getvalue('doeditprovisining'), form.getvalue('gcoreprovisining'), form.getvalue('gcoreeditgprovisining'))): - import modules.provisioning.server as prov_server - - prov_server.create_server() - -if form.getvalue('provisiningdestroyserver'): - import modules.provisioning.server as prov_server - - prov_server.destroy_server() - -if form.getvalue('gcorevars') or form.getvalue('gcoreeditvars'): - import modules.provisioning.gcore as gcore - - gcore.gcore_create_vars() - -if form.getvalue('gcorevalidate') or form.getvalue('gcoreeditvalidate'): - import modules.provisioning.gcore as gcore - - gcore.validate() - -if form.getvalue('gcoreworkspace'): - import modules.provisioning.gcore as gcore - - gcore.new_workspace() - -if form.getvalue('gcoreeditworkspace'): - import modules.provisioning.gcore as gcore - - gcore.edit_workspace() - -if form.getvalue('editServerId'): - import modules.provisioning.server as prov_server_mod - - prov_server_mod.edit_server() - -if form.getvalue('edit_provider_id'): - import modules.provisioning.provider as provider_mod - - provider = form.getvalue('provider_name') - provider_id = form.getvalue('edit_provider_id') - - edit_functions = { - 'aws': provider_mod.edit_aws_provider, - 'do': provider_mod.edit_DO_provider, - 'gcore': provider_mod.edit_gcore_provider, - } - - edit_functions[provider](provider_id) - -if form.getvalue('loadservices'): - from modules.roxywi.roxy import get_services_status - - lang = roxywi_common.get_user_lang() - env = Environment(loader=FileSystemLoader('templates')) - template = env.get_template('ajax/load_services.html') - try: - services = get_services_status() - except Exception as e: - print(e) - - template = template.render(services=services, lang=lang) - print(template) - -if form.getvalue('loadchecker'): - import modules.tools.checker as checker_mod - - checker_mod.load_checker() - -if form.getvalue('load_update_hapwi'): - import modules.roxywi.roxy as roxy - - env = Environment(loader=FileSystemLoader('templates')) - template = env.get_template('ajax/load_updateroxywi.html') - - versions = roxy.versions() - checker_ver = roxy.check_new_version('checker') - smon_ver = roxy.check_new_version('smon') - metrics_ver = roxy.check_new_version('metrics') - keep_ver = roxy.check_new_version('keep_alive') - portscanner_ver = roxy.check_new_version('portscanner') - socket_ver = roxy.check_new_version('socket') - prometheus_exp_ver = roxy.check_new_version('prometheus-exporter') - services = roxy.get_services_status() - lang = roxywi_common.get_user_lang() - - template = template.render(services=services, - versions=versions, - checker_ver=checker_ver, - smon_ver=smon_ver, - metrics_ver=metrics_ver, - portscanner_ver=portscanner_ver, - socket_ver=socket_ver, - prometheus_exp_ver=prometheus_exp_ver, - keep_ver=keep_ver, - lang=lang) - print(template) - -if form.getvalue('loadopenvpn'): - import distro - - env = Environment(loader=FileSystemLoader('templates')) - template = env.get_template('ajax/load_openvpn.html') - openvpn_configs = '' - openvpn_sess = '' - openvpn = '' - - if distro.id() == 'ubuntu': - stdout, stderr = server_mod.subprocess_execute("apt show openvpn3 2>&1|grep E:") - elif distro.id() == 'centos' or distro.id() == 'rhel': - stdout, stderr = server_mod.subprocess_execute("rpm --query openvpn3-client") - - if ( - (stdout[0] != 'package openvpn3-client is not installed' and stderr != '/bin/sh: rpm: command not found') - and stdout[0] != 'E: No packages found' - ): - cmd = "sudo openvpn3 configs-list |grep -E 'ovpn|(^|[^0-9])[0-9]{4}($|[^0-9])' |grep -v net|awk -F\" \" '{print $1}'|awk 'ORS=NR%2?\" \":\"\\n\"'" - openvpn_configs, stderr = server_mod.subprocess_execute(cmd) - cmd = "sudo openvpn3 sessions-list|grep -E 'Config|Status'|awk -F\":\" '{print $2}'|awk 'ORS=NR%2?\" \":\"\\n\"'| sed 's/^ //g'" - openvpn_sess, stderr = server_mod.subprocess_execute(cmd) - openvpn = stdout[0] - - template = template.render(openvpn=openvpn, openvpn_sess=openvpn_sess, openvpn_configs=openvpn_configs) - print(template) - -if form.getvalue('check_receiver'): - import modules.alerting.alerting as alerting - - channel_id = form.getvalue('receiver_channel_id') - receiver_name = form.getvalue('receiver_name') - alerting.check_receiver(channel_id, receiver_name) - -if form.getvalue('check_rabbitmq_alert'): - import modules.alerting.alerting as alerting - - alerting.check_rabbit_alert() - -if form.getvalue('check_email_alert'): - import modules.alerting.alerting as alerting - - alerting.check_email_alert() - -if form.getvalue('getoption'): - group = form.getvalue('getoption') - term = form.getvalue('term') - - add_mod.get_saved_option(group, term) - -if form.getvalue('newtoption'): - option = common.checkAjaxInput(form.getvalue('newtoption')) - group = common.checkAjaxInput(form.getvalue('newoptiongroup')) - if option is None or group is None: - print(error_mess) - else: - add_mod.create_saved_option(option, group) - -if form.getvalue('updateoption') is not None: - option = common.checkAjaxInput(form.getvalue('updateoption')) - option_id = common.checkAjaxInput(form.getvalue('id')) - if option is None or option_id is None: - print(error_mess) - else: - sql.update_options(option, option_id) - -if form.getvalue('optiondel') is not None: - if sql.delete_option(common.checkAjaxInput(form.getvalue('optiondel'))): - print("Ok") - -if form.getvalue('getsavedserver'): - group = common.checkAjaxInput(form.getvalue('getsavedserver')) - term = common.checkAjaxInput(form.getvalue('term')) - - add_mod.get_saved_servers(group, term) - -if form.getvalue('newsavedserver'): - server = common.checkAjaxInput(form.getvalue('newsavedserver')) - desc = common.checkAjaxInput(form.getvalue('newsavedserverdesc')) - group = common.checkAjaxInput(form.getvalue('newsavedservergroup')) - if server is None or group is None: - print(error_mess) - else: - add_mod.create_saved_server(server, group, desc) - -if form.getvalue('updatesavedserver') is not None: - savedserver = form.getvalue('updatesavedserver') - description = form.getvalue('description') - savedserver_id = form.getvalue('id') - if savedserver is None or savedserver_id is None: - print(error_mess) - else: - sql.update_savedserver(savedserver, description, savedserver_id) - -if form.getvalue('savedserverdel') is not None: - if sql.delete_savedserver(common.checkAjaxInput(form.getvalue('savedserverdel'))): - print("Ok") - -if form.getvalue('show_users_ovw') is not None: - import modules.roxywi.overview as roxywi_overview - - roxywi_overview.user_ovw() - -if form.getvalue('serverSettings') is not None: - server_id = common.checkAjaxInput(form.getvalue('serverSettings')) - service = common.checkAjaxInput(form.getvalue('serverSettingsService')) - env = Environment(loader=FileSystemLoader('templates/'), autoescape=True) - template = env.get_template('ajax/show_service_settings.html') - - template = template.render(settings=sql.select_service_settings(server_id, service), service=service) - print(template) - -if form.getvalue('serverSettingsSave') is not None: - server_id = common.checkAjaxInput(form.getvalue('serverSettingsSave')) - service = common.checkAjaxInput(form.getvalue('serverSettingsService')) - haproxy_enterprise = common.checkAjaxInput(form.getvalue('serverSettingsEnterprise')) - service_dockerized = common.checkAjaxInput(form.getvalue('serverSettingsDockerized')) - service_restart = common.checkAjaxInput(form.getvalue('serverSettingsRestart')) - server_ip = sql.select_server_ip_by_id(server_id) - service_docker = f'Service {service.title()} has been flagged as a dockerized' - service_systemd = f'Service {service.title()} has been flagged as a system service' - disable_restart = f'Restart option is disabled for {service.title()} service' - enable_restart = f'Restart option is disabled for {service.title()} service' - - if service == 'haproxy': - if sql.insert_or_update_service_setting(server_id, service, 'haproxy_enterprise', haproxy_enterprise): - print('Ok') - if haproxy_enterprise == '1': - roxywi_common.logging(server_ip, 'Service has been flagged as an Enterprise version', roxywi=1, login=1, - keep_history=1, service=service) - else: - roxywi_common.logging(server_ip, 'Service has been flagged as a community version', roxywi=1, login=1, - keep_history=1, service=service) - - if sql.insert_or_update_service_setting(server_id, service, 'dockerized', service_dockerized): - print('Ok') - if service_dockerized == '1': - roxywi_common.logging(server_ip, service_docker, roxywi=1, login=1, keep_history=1, service=service) - else: - roxywi_common.logging(server_ip, service_systemd, roxywi=1, login=1, keep_history=1, service=service) - - if sql.insert_or_update_service_setting(server_id, service, 'restart', service_restart): - print('Ok') - if service_restart == '1': - roxywi_common.logging(server_ip, disable_restart, roxywi=1, login=1, keep_history=1, service=service) - else: - roxywi_common.logging(server_ip, enable_restart, roxywi=1, login=1, keep_history=1, service=service) - -if act == 'showListOfVersion': - config_mod.list_of_versions(serv, service) - -if act == 'getSystemInfo': - server_mod.show_system_info() - -if act == 'updateSystemInfo': - server_mod.update_system_info() - -if act == 'server_is_up': - server_ip = common.is_ip_or_dns(form.getvalue('server_is_up')) - - server_mod.server_is_up(server_ip) - -if act == 'findInConfigs': - server_ip = serv - server_ip = common.is_ip_or_dns(server_ip) - finding_words = form.getvalue('words') - log_path = sql.get_setting(service + '_dir') - log_path = common.return_nice_path(log_path) - commands = [f'sudo grep "{finding_words}" {log_path}*/*.conf -C 2 -Rn'] - return_find = server_mod.ssh_command(server_ip, commands, raw=1) - return_find = config_mod.show_finding_in_config(return_find, grep=finding_words) - - if 'error: ' in return_find: - print(return_find) - sys.exit() - print(return_find) - -if act == 'check_service': - import modules.service.action as service_action - - cookie = http.cookies.SimpleCookie(os.environ.get("HTTP_COOKIE")) - user_uuid = cookie.get('uuid') - server_id = common.checkAjaxInput(form.getvalue('server_id')) - - service_action.check_service(serv, user_uuid, service) - -if form.getvalue('show_sub_ovw'): - import modules.roxywi.overview as roxywi_overview - - roxywi_overview.show_sub_ovw() - -if form.getvalue('updateHaproxyCheckerSettings'): - import modules.tools.checker as checker_mod - - checker_mod.update_haproxy_settings() - -if form.getvalue('updateKeepalivedCheckerSettings'): - import modules.tools.checker as checker_mod - - checker_mod.update_keepalived_settings() - -if form.getvalue('updateServiceCheckerSettings'): - import modules.tools.checker as checker_mod - - checker_mod.update_service_settings() - -if act == 'show_server_services': - server_mod.show_server_services() - -if form.getvalue('changeServerServicesId') is not None: - server_mod.change_server_services() diff --git a/app/overview.py b/app/overview.py deleted file mode 100644 index 0a213c05..00000000 --- a/app/overview.py +++ /dev/null @@ -1,36 +0,0 @@ -#!/usr/bin/env python3 -# -*- coding: utf-8 -*- -import sys - -from jinja2 import Environment, FileSystemLoader - -import modules.db.sql as sql -import modules.roxywi.logs as roxy_logs -import modules.roxywi.auth as roxywi_auth -import modules.roxywi.common as roxywi_common - -env = Environment(extensions=["jinja2.ext.do"], loader=FileSystemLoader('templates/'), autoescape=True) -template = env.get_template('ovw.html') - -print('Content-type: text/html\n') - -user_params = roxywi_common.get_users_params() - -try: - roxywi_auth.check_login(user_params['user_uuid'], user_params['token']) -except Exception: - print('error: your session is expired') - sys.exit() - -try: - groups = sql.select_groups() -except Exception as e: - groups = '' - print(e) - -rendered_template = template.render( - h2=1, autorefresh=1, role=user_params['role'], user=user_params['user'], groups=groups, - roles=sql.select_roles(), servers=user_params['servers'], user_services=user_params['user_services'], - roxy_wi_log=roxy_logs.roxy_wi_log(), token=user_params['token'], guide_me=1, lang=user_params['lang'] -) -print(rendered_template) diff --git a/app/portscanner.py b/app/portscanner.py deleted file mode 100644 index fa7c4fbd..00000000 --- a/app/portscanner.py +++ /dev/null @@ -1,75 +0,0 @@ -#!/usr/bin/env python3 -import sys - -from jinja2 import Environment, FileSystemLoader - -import modules.db.sql as sql -import modules.common.common as common -import modules.roxywi.auth as roxywi_auth -import modules.roxywi.common as roxywi_common -import modules.server.server as server_mod - -env = Environment(loader=FileSystemLoader('templates/'), autoescape=True) -template = env.get_template('portscanner.html') -form = common.form -serv = form.getvalue('history') - -print('Content-type: text/html\n') - -user_params = roxywi_common.get_users_params(virt=1) -lang = user_params['lang'] - -try: - roxywi_auth.check_login(user_params['user_uuid'], user_params['token']) -except Exception as e: - print(f'error {e}') - sys.exit() - -if serv: - if lang == 'ru': - title = f'История Port scanner для {serv}' - elif lang == 'fr': - title = f'Historique du scanner de ports pour {serv}' - else: - title = f'Port scanner history for {serv}' - port_scanner_settings = sql.select_port_scanner_history(serv) - history = '1' - port_scanner = '' - port_scanner_stderr = '' - count_ports = '' -else: - history = '' - if lang == 'ru': - title = 'Дашборд Port scanner' - elif lang == 'fr': - title = 'Tableau de bord du scanner de ports' - else: - title = 'Port scanner dashboard' - user_group = roxywi_common.get_user_group(id=1) - port_scanner_settings = sql.select_port_scanner_settings(user_group) - if not port_scanner_settings: - port_scanner_settings = '' - count_ports = '' - else: - count_ports = list() - for s in user_params['servers']: - count_ports_from_sql = sql.select_count_opened_ports(s[2]) - i = (s[2], count_ports_from_sql) - count_ports.append(i) - - cmd = "systemctl is-active roxy-wi-portscanner" - port_scanner, port_scanner_stderr = server_mod.subprocess_execute(cmd) - -try: - user_subscription = roxywi_common.return_user_status() -except Exception as e: - user_subscription = roxywi_common.return_unsubscribed_user_status() - roxywi_common.logging('Roxy-WI server', f'Cannot get a user plan: {e}', roxywi=1) - -rendered_template = template.render( - h2=1, autorefresh=0, title=title, role=user_params['role'], user=user_params['user'], servers=user_params['servers'], - port_scanner_settings=port_scanner_settings, count_ports=count_ports, history=history, port_scanner=''.join(port_scanner), - port_scanner_stderr=port_scanner_stderr, user_services=user_params['user_services'], user_status=user_subscription['user_status'], - user_plan=user_subscription['user_plan'], token=user_params['token'], lang=lang -) -print(rendered_template) diff --git a/app/provisioning.py b/app/provisioning.py deleted file mode 100644 index 25f49c28..00000000 --- a/app/provisioning.py +++ /dev/null @@ -1,49 +0,0 @@ -#!/usr/bin/env python3 -import sys - -from jinja2 import Environment, FileSystemLoader - -import modules.db.sql as sql -import modules.common.common as common -import modules.roxywi.auth as roxywi_auth -import modules.roxywi.common as roxywi_common - -env = Environment(extensions=["jinja2.ext.do"], loader=FileSystemLoader('templates/'), autoescape=True) -template = env.get_template('provisioning.html') -form = common.form - -print('Content-type: text/html\n') - -user_params = roxywi_common.get_users_params() - -try: - roxywi_auth.check_login(user_params['user_uuid'], user_params['token']) -except Exception as e: - print(f'error {e}') - sys.exit() - -roxywi_auth.page_for_admin(level=2) -try: - if user_params['role'] == 1: - groups = sql.select_groups() - else: - groups = roxywi_common.get_user_group(id=1) - user_group = roxywi_common.get_user_group(id=1) - - is_needed_tool = common.is_tool('terraform') - - params = sql.select_provisioning_params() -except Exception as e: - print(str(e)) - -if user_params['lang'] == 'ru': - title = 'Предоставление серверов' -else: - title = 'Servers provisioning' - -rendered_template = template.render( - title=title, role=user_params['role'], user=user_params['user'], groups=groups, lang=user_params['lang'], - user_group=user_group, servers=sql.select_provisioned_servers(), providers=sql.select_providers(user_group), - is_needed_tool=is_needed_tool, user_services=user_params['user_services'], token=user_params['token'], params=params -) -print(rendered_template) diff --git a/app/routes/add/__init__.py b/app/routes/add/__init__.py new file mode 100644 index 00000000..6f94b4c8 --- /dev/null +++ b/app/routes/add/__init__.py @@ -0,0 +1,5 @@ +from flask import Blueprint + +bp = Blueprint('add', __name__) + +from app.routes.add import routes diff --git a/app/routes/add/routes.py b/app/routes/add/routes.py new file mode 100644 index 00000000..08ce9bd8 --- /dev/null +++ b/app/routes/add/routes.py @@ -0,0 +1,689 @@ +import os +import sys + +from functools import wraps +from flask import render_template, request, jsonify, redirect, url_for +from flask_login import login_required + +from app import app, login_manager +from app.routes.add import bp + +sys.path.append(os.path.join(sys.path[0], '/var/www/haproxy-wi/app')) + +import modules.db.sql as sql +import modules.config.add as add_mod +import modules.common.common as common +import modules.roxywi.auth as roxywi_auth +import modules.roxywi.common as roxywi_common +import modules.roxy_wi_tools as roxy_wi_tools +import app.modules.server.server as server_mod + +get_config = roxy_wi_tools.GetConfigVar() +time_zone = sql.get_setting('time_zone') +get_date = roxy_wi_tools.GetDate(time_zone) + + +@bp.before_request +@login_required +def before_request(): + """ Protect all of the admin endpoints. """ + pass + + +@bp.route('/') +def add(service): + roxywi_auth.page_for_admin(level=3) + + if service not in ('haproxy', 'nginx'): + raise Exception('error: wrong service') + + try: + user_params = roxywi_common.get_users_params(service=service) + user = user_params['user'] + except Exception: + return redirect(url_for('login_page')) + + add = request.form.get('add') + conf_add = request.form.get('conf') + + if service == 'haproxy': + user_group = request.cookies.get('group') + lib_path = get_config.get_config_var('main', 'lib_path') + list_dir = lib_path + "/lists" + white_dir = lib_path + "/lists/" + user_group + "/white" + black_dir = lib_path + "/lists/" + user_group + "/black" + + if not os.path.exists(list_dir): + os.makedirs(list_dir) + if not os.path.exists(list_dir + "/" + user_group): + os.makedirs(list_dir + "/" + user_group) + if not os.path.exists(white_dir): + os.makedirs(white_dir) + if not os.path.exists(black_dir): + os.makedirs(black_dir) + + white_lists = roxywi_common.get_files(folder=white_dir, file_format="lst") + black_lists = roxywi_common.get_files(folder=black_dir, file_format="lst") + maps = roxywi_common.get_files(folder=f'{lib_path}/maps/{user_group}', file_format="map") + + return render_template( + 'add.html', h2=1, role=user_params['role'], user=user, selects=user_params['servers'], add=add, + conf_add=conf_add, group=user_group, options=sql.select_options(), saved_servers=sql.select_saved_servers(), + white_lists=white_lists, black_lists=black_lists, user_services=user_params['user_services'], + token=user_params['token'], lang=user_params['lang'], maps=maps + ) + elif service == 'nginx': + return render_template( + 'add_nginx.html', h2=1, role=user_params['role'], user=user, selects=user_params['servers'], add=add, + conf_add=conf_add, user_services=user_params['user_services'], token=user_params['token'], lang=user_params['lang'] + ) + else: + return redirect(url_for('index')) + + +@bp.route('/haproxy/add', methods=['POST']) +def add_haproxy(): + roxywi_auth.page_for_admin(level=3) + + haproxy_dir = sql.get_setting('haproxy_dir') + generate = request.form.get('generateconfig') + server_ip = request.form.get('serv') + port = request.form.getlist('port') + bind = "" + ip = "" + force_close = request.form.get('force_close') + balance = "" + mode = f" mode {request.form.get('mode')}\n" + maxconn = "" + options_split = "" + ssl = "" + ssl_check = "" + backend = "" + headers = '' + acl = "" + servers_split = "" + new_listener = request.form.get('listener') + new_frontend = request.form.get('frontend') + new_backend = request.form.get('new_backend') + + if request.form.get('balance') is not None: + balance = " balance " + request.form.get('balance') + "\n" + + if request.form.get('health_check') is not None: + health_check = request.form.get('health_check') + if health_check == 'option httpchk' and request.form.get('checks_http_domain') is not None: + health_check = health_check + ' GET ' + request.form.get( + 'checks_http_path') + ' "HTTP/1.0\\r\\nHost: ' + request.form.get('checks_http_domain') + '"' + balance += f" {health_check}\n" + + if request.form.get('ip') is not None: + ip = request.form.getlist('ip') + + if new_listener is not None: + name = f"listen {new_listener}" + end_name = new_listener + elif new_frontend is not None: + name = f"frontend {new_frontend}" + end_name = new_frontend + elif new_backend is not None: + name = f"backend {new_backend}" + end_name = new_backend + else: + return 'error: The name cannot be empty' + + if request.form.get('backends') is not None: + backend = f" default_backend {request.form.get('backends')}\n" + + if request.form.get('maxconn'): + maxconn = f" maxconn {request.form.get('maxconn')}\n" + + if request.form.get('ssl') == "https" and request.form.get('mode') != "tcp": + cert_path = sql.get_setting('cert_path') + if request.form.get('cert') is not None: + ssl = f"ssl crt {cert_path}{request.form.get('cert')}" + if request.form.get('ssl-dis-check') is None: + if request.form.get('ssl-check') == "ssl-check": + ssl_check = " ssl verify none" + else: + ssl_check = " ssl verify" + + if ip or port: + if type(port) is list: + i = 0 + for _p in port: + if ip[i] == 'IsEmptY': + if ip[i] == 'IsEmptY' and port[i] == 'IsEmptY': + i += 1 + continue + else: + port_value = port[i] + bind += f" bind *:{port_value} {ssl}\n" + else: + if port[i] == 'IsEmptY': + return 'error: IP cannot be bind without a port' + else: + port_value = port[i] + bind += f" bind {ip[i]}:{port_value} {ssl}\n" + i += 1 + + if request.form.get('default-check') == "1": + if request.form.get('check-servers') == "1": + check = f" check inter {request.form.get('inter')} rise {request.form.get('rise')} fall {request.form.get('fall')}{ssl_check}" + else: + check = "" + else: + if request.form.get('check-servers') != "1": + check = "" + else: + check = f" check{ssl_check}" + + if request.form.get('option') is not None: + options = request.form.get('option') + i = options.split("\n") + for j in i: + options_split += f" {j}\n" + + if force_close == "1": + options_split += " option http-server-close\n" + elif force_close == "2": + options_split += " option forceclose\n" + elif force_close == "3": + options_split += " option http-pretend-keepalive\n" + + if request.form.get('whitelist'): + options_split += " tcp-request connection accept if { src -f " + haproxy_dir + "/white/" + request.form.get( + 'whitelist') + " }\n" + + if request.form.get('blacklist'): + options_split += " tcp-request connection reject if { src -f " + haproxy_dir + "/black/" + request.form.get( + 'blacklist') + " }\n" + + if request.form.get('cookie'): + cookie = f" cookie {request.form.get('cookie_name')}" + if request.form.get('cookie_domain'): + cookie += f" domain {request.form.get('cookie_domain')}" + if request.form.get('rewrite'): + rewrite = request.form.get('rewrite') + else: + rewrite = "" + if request.form.get('prefix'): + prefix = request.form.get('prefix') + else: + prefix = "" + if request.form.get('nocache'): + nocache = request.form.get('nocache') + else: + nocache = "" + if request.form.get('postonly'): + postonly = request.form.get('postonly') + else: + postonly = "" + if request.form.get('dynamic'): + dynamic = request.form.get('dynamic') + else: + dynamic = "" + cookie += f" {rewrite} {prefix} {nocache} {postonly} {dynamic}\n" + options_split += cookie + if request.form.get('dynamic'): + options_split += f" dynamic-cookie-key {request.form.get('dynamic-cookie-key')}\n" + + if request.form.get('headers_res'): + headers_res = request.form.getlist('headers_res') + headers_method = request.form.getlist('headers_method') + header_name = request.form.getlist('header_name') + header_value = request.form.getlist('header_value') + i = 0 + + for _h in headers_method: + if headers_method[i] != 'del-header': + headers += f' {headers_res[i]} {headers_method[i]} {header_name[i]} {header_value[i]}\n' + else: + headers += f' {headers_res[i]} {headers_method[i]} {header_name[i]}\n' + i += 1 + + if request.form.get('acl_if'): + acl_if = request.form.getlist('acl_if') + acl_value = request.form.getlist('acl_value') + acl_then = request.form.getlist('acl_then') + acl_then_values = request.form.getlist('acl_then_value') + i = 0 + + for a in acl_if: + acl_then_value = '' if acl_then_values[i] == 'IsEmptY' else acl_then_values[i] + + try: + if a == '1': + acl_if_word = 'hdr_beg(host) -i ' + if request.form.get('ssl') == "https" and request.form.get('mode') != "tcp": + acl_if_word = 'ssl_fc_sni -i ' + if request.form.get('mode') == "tcp": + acl_if_word = 'req.ssl_sni -i ' + elif a == '2': + acl_if_word = 'hdr_end(host) -i ' + if request.form.get('ssl') == "https" and request.form.get('mode') != "tcp": + acl_if_word = 'ssl_fc_sni -i ' + if request.form.get('mode') == "tcp": + acl_if_word = 'req.ssl_sni -i ' + elif a == '3': + acl_if_word = 'path_beg -i ' + elif a == '4': + acl_if_word = 'path_end -i ' + elif a == '6': + acl_if_word = 'src ip ' + else: + acl_if_word = '' + + if acl_then[i] == '5': + acl += ' use_backend ' + elif acl_then[i] == '2': + acl += ' http-request redirect location ' + elif acl_then[i] == '3': + acl += ' http-request allow' + acl_then_value = '' + elif acl_then[i] == '4': + acl += ' http-request deny' + acl_then_value = '' + elif acl_then[i] == '6': + acl += f' acl return_{acl_value[i]} {acl_if_word} {acl_value[i]}\n' + acl += f' http-request return if return_{acl_value[i]}\n' + elif acl_then[i] == '7': + acl += f' acl set_header_{acl_value[i]} {acl_if_word} {acl_value[i]}\n' + acl += f' http-request set-header if set_header_{acl_value[i]}\n' + + if acl_then[i] in ('2', '3', '4', '5'): + acl += acl_then_value + ' if { ' + acl_if_word + acl_value[i] + ' } \n' + except Exception: + acl = '' + + i += 1 + + if request.form.get('circuit_breaking') == "1": + observe = 'observe ' + request.form.get('circuit_breaking_observe') + error_limit = ' error-limit ' + request.form.get('circuit_breaking_error_limit') + circuit_breaking_on_error = ' on-error ' + request.form.get('circuit_breaking_on_error') + default_server = ' default-server ' + observe + error_limit + circuit_breaking_on_error + '\n' + servers_split += default_server + + if request.form.get('servers'): + servers = request.form.getlist('servers') + server_port = request.form.getlist('server_port') + send_proxy = request.form.getlist('send_proxy') + backup = request.form.getlist('backup') + server_maxconn = request.form.getlist('server_maxconn') + port_check = request.form.getlist('port_check') + i = 0 + for server in servers: + if server == '': + continue + if request.form.get('template') is None: + try: + if send_proxy[i] == '1': + send_proxy_param = 'send-proxy' + else: + send_proxy_param = '' + except Exception: + send_proxy_param = '' + + try: + if backup[i] == '1': + backup_param = 'backup' + else: + backup_param = '' + except Exception: + backup_param = '' + + try: + maxconn_val = server_maxconn[i] + except Exception: + maxconn_val = '200' + + try: + port_check_val = port_check[i] + except Exception: + port_check_val = server_port[i] + + servers_split += " server {0} {0}:{1}{2} port {6} maxconn {5} {3} {4} \n".format( + server, server_port[i], check, send_proxy_param, backup_param, maxconn_val, port_check_val + ) + else: + servers_split += " server-template {0} {1} {2}:{3} {4} \n".format( + request.form.get('prefix'), request.form.get('template-number'), server, server_port[i], check + ) + i += 1 + + compression = request.form.get("compression") + cache = request.form.get("cache") + compression_s = "" + cache_s = "" + cache_set = "" + filter_com = "" + if compression == "1" or cache == "2": + filter_com = " filter compression\n" + if cache == "2": + cache_s = f" http-request cache-use {end_name}\n http-response cache-store {end_name}\n" + cache_set = f"cache {end_name}\n total-max-size 4\n max-age 240\n" + if compression == "1": + compression_s = " compression algo gzip\n compression type text/html text/plain text/css\n" + + waf = "" + if request.form.get('waf'): + waf = f" filter spoe engine modsecurity config {haproxy_dir}/waf.conf\n" + waf += " http-request deny if { var(txn.modsec.code) -m int gt 0 }\n" + + config_add = f"\n{name}\n{bind}{mode}{maxconn}{balance}{options_split}{cache_s}{filter_com}{compression_s}" \ + f"{waf}{headers}{acl}{backend}{servers_split}\n{cache_set}\n" + + if generate: + return config_add + else: + try: + return add_mod.save_to_haproxy_config(config_add, server_ip) + except Exception as e: + return str(e) + + +@bp.post('/haproxy/userlist') +def add_userlist(): + roxywi_auth.page_for_admin(level=3) + return add_mod.add_userlist() + + +@bp.post('/haproxy/bwlist/create') +def create_bwlist(): + server_ip = common.is_ip_or_dns(request.form.get('serv')) + color = common.checkAjaxInput(request.form.get('color')) + group = common.checkAjaxInput(request.form.get('group')) + list_name = common.checkAjaxInput(request.form.get('bwlists_create')) + + return add_mod.create_bwlist(server_ip, list_name, color, group) + + +@bp.post('/haproxy/bwlist/save') +@login_required +def save_bwlist(): + server_ip = common.is_ip_or_dns(request.form.get('serv')) + color = common.checkAjaxInput(request.form.get('color')) + group = common.checkAjaxInput(request.form.get('group')) + bwlists_save = common.checkAjaxInput(request.form.get('bwlists_save')) + list_con = request.form.get('bwlists_content') + action = common.checkAjaxInput(request.form.get('bwlists_restart')) + + return add_mod.save_bwlist(bwlists_save, list_con, color, group, server_ip, action) + + +@bp.route('/haproxy/bwlist/delete////') +def delete_bwlist(server_ip, color, name, group): + server_ip = common.is_ip_or_dns(server_ip) + color = common.checkAjaxInput(color) + list_name = common.checkAjaxInput(name) + + return add_mod.delete_bwlist(list_name, color, group, server_ip) + + +@bp.route('/haproxy/bwlist///') +def get_bwlist(bwlists, color, group): + color = common.checkAjaxInput(color) + bwlists = common.checkAjaxInput(bwlists) + + return add_mod.get_bwlist(color, group, bwlists) + + +@bp.route('/haproxy/bwlists//') +def get_bwlists(color, group): + color = common.checkAjaxInput(color) + + return add_mod.get_bwlists_for_autocomplete(color, group) + + +@bp.route('/haproxy/userlist/') +def show_userlist(server_ip): + server_ip = common.is_ip_or_dns(server_ip) + return add_mod.show_userlist(server_ip) + + +@bp.post('/haproxy/peers') +def add_peers(): + roxywi_auth.page_for_admin(level=3) + + generate = request.form.get('generateconfig') + server_ip = request.form.get('serv') + servers_split = '' + name = "peers " + request.form.get('peers-name') + "\n" + servers = request.form.getlist('servers') + server_port = request.form.getlist('server_port') + servers_name = request.form.getlist('servers_name') + i = 0 + + for server in servers: + if server == '': + continue + servers_split += " peer {0} {1}:{2} \n".format(servers_name[i], server, server_port[i]) + i += 1 + + config_add = "\n" + name + servers_split + + if generate: + return config_add, 200 + else: + try: + return add_mod.save_to_haproxy_config(config_add, server_ip) + except Exception as e: + return (str(e)), 200 + + +@bp.route('/option/get/') +def get_option(group): + term = request.args.get('term') + + return jsonify(add_mod.get_saved_option(group, term)) + + +@bp.post('/option/save') +def save_option(): + option = common.checkAjaxInput(request.form.get('option')) + group = int(request.form.get('option_group')) + + return add_mod.create_saved_option(option, group) + + +@bp.post('/option/update') +def update_option(): + option = common.checkAjaxInput(request.form.get('option')) + option_id = int(request.form.get('id')) + + try: + sql.update_options(option, option_id) + except Exception as e: + return str(e) + else: + return 'ok' + + +@bp.route('/option/delete/') +def delete_option(option_id): + try: + sql.delete_option(option_id) + except Exception as e: + return str(e) + else: + return 'ok' + + +@bp.route('/server/get/') +def get_saved_server(group): + term = request.args.get('term') + + return jsonify(add_mod.get_saved_servers(group, term)) + + +@bp.post('/server/save') +def save_saved_server(): + server = common.checkAjaxInput(request.form.get('server')) + group = int(request.form.get('group')) + desc = common.checkAjaxInput(request.form.get('desc')) + + return add_mod.create_saved_server(server, group, desc) + + +@bp.post('/server/update') +def update_saved_server(): + server = common.checkAjaxInput(request.form.get('server')) + server_id = int(request.form.get('id')) + desc = common.checkAjaxInput(request.form.get('desc')) + + try: + sql.update_savedserver(server, desc, server_id) + except Exception as e: + return str(e) + else: + return 'ok' + + +@bp.route('/server/delete/') +def delete_saved_server(server_id): + try: + sql.delete_savedserver(server_id) + except Exception as e: + return str(e) + else: + return 'ok' + + +@bp.route('/certs/') +def get_certs(server_ip): + return add_mod.get_ssl_certs(server_ip) + + +@bp.route('/cert//', methods=['DELETE', 'GET']) +def get_cert(server_ip, cert_id): + if request.method == 'DELETE': + return add_mod.del_ssl_cert(server_ip, cert_id) + elif request.method == 'GET': + return add_mod.get_ssl_cert(server_ip, cert_id) + + +@bp.post('/cert/add') +def upload_cert(): + server_ip = common.is_ip_or_dns(request.form.get('serv')) + ssl_name = request.form.get('ssl_name') + ssl_cont = request.form.get('ssl_cert') + + return add_mod.upload_ssl_cert(server_ip, ssl_name, ssl_cont) + + +@bp.route('/cert/get/raw//') +def get_cert_raw(server_ip, cert_id): + return add_mod.get_ssl_raw_cert(server_ip, cert_id) + + +@bp.post('/map/create') +def create_map(): + server_ip = common.checkAjaxInput(request.form.get('serv')) + map_name = common.checkAjaxInput(request.form.get('map_create')) + group = common.checkAjaxInput(request.form.get('group')) + + try: + return add_mod.create_map(server_ip, map_name, group) + except Exception as e: + return str(e) + + +@bp.post('/map/save') +def save_map(): + server_ip = common.checkAjaxInput(request.form.get('serv')) + group = common.checkAjaxInput(request.form.get('group')) + map_save = common.checkAjaxInput(request.form.get('map_save')) + content = request.form.get('content') + action = common.checkAjaxInput(request.form.get('map_restart')) + + return add_mod.save_map(map_save, content, group, server_ip, action) + + +@bp.post('/map/edit') +def edit_map(): + group = common.checkAjaxInput(request.form.get('group')) + map_name = common.checkAjaxInput(request.form.get('edit_map')) + + return add_mod.edit_map(map_name, group) + + +@bp.post('/map/delete') +def delete_map(): + map_name = common.checkAjaxInput(request.form.get('map_delete')) + group = common.checkAjaxInput(request.form.get('group')) + server_id = common.checkAjaxInput(request.form.get('serv')) + + return add_mod.delete_map(map_name, group, server_id) + + +@bp.post('lets') +def lets(): + server_ip = common.checkAjaxInput(request.form.get('serv')) + lets_domain = common.checkAjaxInput(request.form.get('lets_domain')) + lets_email = common.checkAjaxInput(request.form.get('lets_email')) + + return add_mod.get_le_cert(server_ip, lets_domain, lets_email) + + +@bp.post('/nginx/upstream') +def add_nginx_upstream(): + roxywi_auth.page_for_admin(level=3) + + server_ip = common.is_ip_or_dns(request.form.get('serv')) + new_upstream = request.form.get('upstream') + balance = request.form.get("balance") + config_add = '' + servers_split = '' + generate = request.form.get('generateconfig') + + if balance == 'round_robin': + balance = '' + else: + balance = f' {balance};\n' + + if new_upstream != '': + config_add = f'upstream {new_upstream} {{\n' + config_add += balance + config_name = f'upstream_{new_upstream}' + + if request.form.get('keepalive') != '': + config_add += f' keepalive {request.form.get("keepalive")};\n' + + if request.form.get('servers') is not None: + servers = request.form.getlist('servers') + server_port = request.form.getlist('server_port') + max_fails = request.form.getlist('max_fails') + fail_timeout = request.form.getlist('fail_timeout') + i = 0 + for server in servers: + if server == '': + continue + try: + max_fails_val = f'max_fails={max_fails[i]}' + except Exception: + max_fails_val = 'max_fails=1' + + try: + fail_timeout_val = f'fail_timeout={fail_timeout[i]}' + except Exception: + fail_timeout_val = 'fail_timeout=1' + + servers_split += f" server {server}:{server_port[i]} {max_fails_val} {fail_timeout_val}s; \n" + i += 1 + config_add += f'{servers_split} }}\n' + + if generate: + return config_add + else: + try: + return add_mod.save_nginx_config(config_add, server_ip, config_name) + except Exception as e: + return str(e) + + +@bp.route('/show/ip/') +def show_ip(server_ip): + server_ip = common.is_ip_or_dns(server_ip) + commands = ['sudo hostname -I | tr " " "\\n"|sed "/^$/d"'] + + return server_mod.ssh_command(server_ip, commands, ip="1") diff --git a/app/routes/admin/__init__.py b/app/routes/admin/__init__.py new file mode 100644 index 00000000..5f16778e --- /dev/null +++ b/app/routes/admin/__init__.py @@ -0,0 +1,5 @@ +from flask import Blueprint + +bp = Blueprint('admin', __name__) + +from app.routes.admin import routes diff --git a/app/routes/admin/routes.py b/app/routes/admin/routes.py new file mode 100644 index 00000000..83fa0bb9 --- /dev/null +++ b/app/routes/admin/routes.py @@ -0,0 +1,220 @@ +import os +import sys + +import pytz +import distro +from flask import render_template, request, redirect, url_for +from flask_login import login_required + +from app import app, login_manager +from app.routes.admin import bp + +sys.path.append(os.path.join(sys.path[0], '/var/www/haproxy-wi/app')) + +import modules.db.sql as sql +import modules.common.common as common +import modules.roxywi.roxy as roxy +import modules.roxywi.auth as roxywi_auth +import modules.roxywi.common as roxywi_common +import modules.server.server as server_mod + + +@bp.before_request +@login_required +def before_request(): + """ Protect all of the admin endpoints. """ + pass + + +@bp.route('') +def admin(): + roxywi_auth.page_for_admin() + + try: + user_params = roxywi_common.get_users_params() + user = user_params['user'] + except Exception: + return redirect(url_for('login_page')) + + users = sql.select_users() + settings = sql.get_setting('', all=1) + ldap_enable = sql.get_setting('ldap_enable') + services = sql.select_services() + gits = sql.select_gits() + masters = sql.select_servers(get_master_servers=1) + is_needed_tool = common.is_tool('ansible') + grafana = 0 + backups = sql.select_backups() + s3_backups = sql.select_s3_backups() + user_subscription = roxywi_common.return_user_subscription() + + if not roxy.is_docker(): + grafana, stderr = server_mod.subprocess_execute("systemctl is-active grafana-server") + grafana = grafana[0] + + return render_template( + 'admin.html', h2=1, role=user_params['role'], user=user, users=users, groups=sql.select_groups(), + servers=sql.select_servers(full=1), masters=masters, sshs=sql.select_ssh(), roles=sql.select_roles(), + settings=settings, backups=backups, s3_backups=s3_backups, services=services, timezones=pytz.all_timezones, + page="users.py", user_services=user_params['user_services'], ldap_enable=ldap_enable, gits=gits, guide_me=1, + user_status=user_subscription['user_status'], user_plan=user_subscription['user_plan'], + token=user_params['token'], is_needed_tool=is_needed_tool, lang=user_params['lang'], grafana=grafana + ) + + +@bp.route('/tools') +def show_tools(): + roxywi_auth.page_for_admin() + lang = roxywi_common.get_user_lang_for_flask() + try: + services = roxy.get_services_status() + except Exception as e: + return str(e) + + return render_template('ajax/load_services.html', services=services, lang=lang) + + +@bp.route('/tools/update/') +def update_tools(service): + roxywi_auth.page_for_admin() + + try: + return roxy.update_roxy_wi(service) + except Exception as e: + return f'error: {e}' + + +@bp.route('/tools/action//') +def action_tools(service, action): + roxywi_auth.page_for_admin() + if action not in ('start', 'stop', 'restart'): + return 'error: wrong action' + + return roxy.action_service(action, service) + + +@bp.route('/update') +def update_roxywi(): + roxywi_auth.page_for_admin() + versions = roxy.versions() + checker_ver = roxy.check_new_version('checker') + smon_ver = roxy.check_new_version('smon') + metrics_ver = roxy.check_new_version('metrics') + keep_ver = roxy.check_new_version('keep_alive') + portscanner_ver = roxy.check_new_version('portscanner') + socket_ver = roxy.check_new_version('socket') + prometheus_exp_ver = roxy.check_new_version('prometheus-exporter') + services = roxy.get_services_status() + lang = roxywi_common.get_user_lang_for_flask() + + return render_template( + 'ajax/load_updateroxywi.html', services=services, versions=versions, checker_ver=checker_ver, smon_ver=smon_ver, + metrics_ver=metrics_ver, portscanner_ver=portscanner_ver, socket_ver=socket_ver, prometheus_exp_ver=prometheus_exp_ver, + keep_ver=keep_ver, lang=lang + ) + + +@bp.route('/openvpn') +def load_openvpn(): + roxywi_auth.page_for_admin() + openvpn_configs = '' + openvpn_sess = '' + openvpn = '' + + if distro.id() == 'ubuntu': + stdout, stderr = server_mod.subprocess_execute("apt show openvpn3 2>&1|grep E:") + elif distro.id() == 'centos' or distro.id() == 'rhel': + stdout, stderr = server_mod.subprocess_execute("rpm --query openvpn3-client") + + if ( + (stdout[0] != 'package openvpn3-client is not installed' and stderr != '/bin/sh: rpm: command not found') + and stdout[0] != 'E: No packages found' + ): + cmd = "sudo openvpn3 configs-list |grep -E 'ovpn|(^|[^0-9])[0-9]{4}($|[^0-9])' |grep -v net|awk -F\" \" '{print $1}'|awk 'ORS=NR%2?\" \":\"\\n\"'" + openvpn_configs, stderr = server_mod.subprocess_execute(cmd) + cmd = "sudo openvpn3 sessions-list|grep -E 'Config|Status'|awk -F\":\" '{print $2}'|awk 'ORS=NR%2?\" \":\"\\n\"'| sed 's/^ //g'" + openvpn_sess, stderr = server_mod.subprocess_execute(cmd) + openvpn = stdout[0] + + return render_template('ajax/load_openvpn.html', openvpn=openvpn, openvpn_sess=openvpn_sess, openvpn_configs=openvpn_configs) + + +@bp.post('/openvpn/upload') +def upload_openvpn(): + name = common.checkAjaxInput(request.form.get('ovpnname')) + + ovpn_file = f"{os.path.dirname('/tmp/')}/{name}.ovpn" + + try: + with open(ovpn_file, "w") as conf: + conf.write(request.form.get('uploadovpn')) + except IOError as e: + error = f'error: Cannot save ovpn file {e}' + roxywi_common.logging('Roxy-WI server', error, roxywi=1) + return error + + try: + cmd = 'sudo openvpn3 config-import --config %s --persistent' % ovpn_file + server_mod.subprocess_execute(cmd) + except IOError as e: + error = f'error: Cannot import OpenVPN file: {e}' + roxywi_common.logging('Roxy-WI server', error, roxywi=1) + return error + + try: + cmd = 'sudo cp %s /etc/openvpn3/%s.conf' % (ovpn_file, name) + server_mod.subprocess_execute(cmd) + except IOError as e: + error = f'error: Cannot save OpenVPN file: {e}' + roxywi_common.logging('Roxy-WI server', error, roxywi=1) + return error + + roxywi_common.logging("Roxy-WI server", f" has been uploaded a new ovpn file {ovpn_file}", roxywi=1, login=1) + + return 'success: ovpn file has been saved ' + + +@bp.post('/openvpn/delete') +def delete_openvpn(): + openvpndel = common.checkAjaxInput(request.form.get('openvpndel')) + + cmd = f'sudo openvpn3 config-remove --config /tmp/{openvpndel}.ovpn --force' + try: + server_mod.subprocess_execute(cmd) + roxywi_common.logging(openvpndel, ' has deleted the ovpn file ', roxywi=1, login=1) + except IOError as e: + error = f'error: Cannot delete OpenVPN file: {e}' + roxywi_common.logging('Roxy-WI server', error, roxywi=1) + return error + else: + return 'ok' + + +@bp.route('/openvpn/action//') +def action_openvpn(action, openvpn): + openvpn = common.checkAjaxInput(openvpn) + + if action == 'start': + cmd = f'sudo openvpn3 session-start --config /tmp/{openvpn}.ovpn' + elif action == 'restart': + cmd = f'sudo openvpn3 session-manage --config /tmp/{openvpn}.ovpn --restart' + elif action == 'disconnect': + cmd = f'sudo openvpn3 session-manage --config /tmp/{openvpn}.ovpn --disconnect' + else: + return 'error: wrong action' + try: + server_mod.subprocess_execute(cmd) + roxywi_common.logging(openvpn, f' The ovpn session has been {action}ed ', roxywi=1, login=1) + return f"success: The {openvpn} has been {action}ed" + except IOError as e: + roxywi_common.logging('Roxy-WI server', e.args[0], roxywi=1) + return f'error: Cannot {action} OpenVPN: {e}' + + +@app.route('/setting//', methods=['POST']) +def update_settings(param, val): + user_group = roxywi_common.get_user_group(id=1) + if sql.update_setting(param, val, user_group): + roxywi_common.logging('Roxy-WI server', f'The {param} setting has been changed to: {val}', roxywi=1, login=1) + + return 'Ok' diff --git a/app/routes/checker/__init__.py b/app/routes/checker/__init__.py new file mode 100644 index 00000000..77c44c25 --- /dev/null +++ b/app/routes/checker/__init__.py @@ -0,0 +1,5 @@ +from flask import Blueprint + +bp = Blueprint('checker', __name__) + +from app.routes.checker import routes diff --git a/app/routes/checker/routes.py b/app/routes/checker/routes.py new file mode 100644 index 00000000..9f724e88 --- /dev/null +++ b/app/routes/checker/routes.py @@ -0,0 +1,130 @@ +import os +import sys + +from flask import render_template, request, redirect, url_for +from flask_login import login_required + +from app import app, login_manager +from app.routes.checker import bp + +sys.path.append(os.path.join(sys.path[0], '/var/www/haproxy-wi/app')) + +import modules.db.sql as sql +import modules.common.common as common +import modules.roxywi.common as roxywi_common +import modules.tools.alerting as alerting +import modules.tools.checker as checker_mod + + +@bp.before_request +@login_required +def before_request(): + """ Protect all of the admin endpoints. """ + pass + + +@bp.route('/settings') +def checker_settings(): + roxywi_common.check_user_group_for_flask() + + try: + user_params = roxywi_common.get_users_params() + user = user_params['user'] + except Exception: + return redirect(url_for('login_page')) + + return render_template( + 'checker.html', h2=1, role=user_params['role'], user=user, lang=user_params['lang'], + token=user_params['token'], user_services=user_params['user_services'] + ) + + +@bp.post('/settings/update') +def update_settings(): + service = request.form.get('service') + setting_id = int(request.form.get('setting_id')) + email = int(request.form.get('email')) + service_alert = int(request.form.get('server')) + backend_alert = int(request.form.get('backend')) + maxconn_alert = int(request.form.get('maxconn')) + telegram_id = int(request.form.get('telegram_id')) + slack_id = int(request.form.get('slack_id')) + pd_id = int(request.form.get('pd_id')) + + if service == 'haproxy': + return checker_mod.update_haproxy_settings( + setting_id, email, service_alert, backend_alert, maxconn_alert, telegram_id, slack_id, pd_id + ) + elif service in ('nginx', 'apache'): + return checker_mod.update_service_settings(setting_id, email, service_alert, telegram_id, slack_id, pd_id) + else: + return checker_mod.update_keepalived_settings(setting_id, email, service_alert, backend_alert, telegram_id, slack_id, pd_id) + + +@bp.route('/settings/load') +def load_checker(): + return checker_mod.load_checker() + + +@bp.route('/history') +def checker_history(): + roxywi_common.check_user_group_for_flask() + + user_group = roxywi_common.get_user_group(id=1) + smon_status, stderr = smon_mod.return_smon_status() + smon = sql.alerts_history('Checker', user_group) + user_subscription = roxywi_common.return_user_subscription() + + try: + user_params = roxywi_common.get_users_params() + user = user_params['user'] + except Exception: + return redirect(url_for('login_page')) + + return render_template( + 'smon/checker_history.html', h2=1, autorefresh=0, role=user_params['role'], user=user, smon=smon, + lang=user_params['lang'], user_status=user_subscription['user_status'], user_plan=user_subscription['user_plan'], + token=user_params['token'], smon_status=smon_status, smon_error=stderr, user_services=user_params['user_services'] + ) + + +@bp.route('/check//') +def check_receiver(channel_id, receiver_name): + channel_id = common.checkAjaxInput(channel_id) + receiver_name = common.checkAjaxInput(receiver_name) + + return alerting.check_receiver(channel_id, receiver_name) + + +@bp.route('/check/rabbit') +def check_rabbit(): + return alerting.check_rabbit_alert() + + +@bp.route('/check/email') +def check_email(): + return alerting.check_email_alert() + + +@bp.route('/receiver/', methods=['PUT', 'POST', 'DELETE']) +def receiver(receiver_name): + if request.method == 'POST': + token = common.checkAjaxInput(request.form.get('receiver')) + channel = common.checkAjaxInput(request.form.get('channel')) + group = common.checkAjaxInput(request.form.get('group')) + page = common.checkAjaxInput(request.form.get('page')) + page = page.split("#")[0] + + return alerting.add_receiver_channel(receiver_name, token, channel, group, page) + elif request.method == 'PUT': + token = common.checkAjaxInput(request.form.get('receiver_token')) + channel = common.checkAjaxInput(request.form.get('channel')) + group = common.checkAjaxInput(request.form.get('group')) + user_id = common.checkAjaxInput(request.form.get('id')) + + return alerting.update_receiver_channel(receiver_name, token, channel, group, user_id) + elif request.method == 'DELETE': + channel_id = common.checkAjaxInput(request.form.get('channel_id')) + + return alerting.delete_receiver_channel(channel_id, receiver_name) + diff --git a/app/routes/config/__init__.py b/app/routes/config/__init__.py new file mode 100644 index 00000000..3c67338b --- /dev/null +++ b/app/routes/config/__init__.py @@ -0,0 +1,5 @@ +from flask import Blueprint + +bp = Blueprint('config', __name__) + +from app.routes.config import routes diff --git a/app/routes/config/routes.py b/app/routes/config/routes.py new file mode 100644 index 00000000..cca05ec2 --- /dev/null +++ b/app/routes/config/routes.py @@ -0,0 +1,461 @@ +import os +import sys + +from flask import render_template, request, redirect, url_for, abort +from flask_login import login_required + +from app import app, login_manager, cache +from app.routes.config import bp + +sys.path.append(os.path.join(sys.path[0], '/var/www/haproxy-wi/app')) + +import modules.db.sql as sql +import modules.common.common as common +import modules.roxy_wi_tools as roxy_wi_tools +import modules.roxywi.auth as roxywi_auth +import modules.roxywi.common as roxywi_common +import modules.config.config as config_mod +import modules.config.section as section_mod +import modules.service.haproxy as service_haproxy +import modules.server.server as server_mod + +get_config = roxy_wi_tools.GetConfigVar() +time_zone = sql.get_setting('time_zone') +get_date = roxy_wi_tools.GetDate(time_zone) + + +@bp.before_request +@login_required +def before_request(): + """ Protect all of the admin endpoints. """ + pass + + +@bp.route('//show', methods=['POST']) +def show_config(service): + config_file_name = request.form.get('config_file_name') + configver = request.form.get('configver') + server_ip = request.form.get('serv') + + return config_mod.show_config(server_ip, service, config_file_name, configver) + + +@bp.route('//show-files', methods=['POST']) +def show_config_files(service): + server_ip = request.form.get('serv') + config_file_name = request.form.get('config_file_name') + + return config_mod.show_config_files(server_ip, service, config_file_name) + + +@bp.route('//find-in-config', methods=['POST']) +def find_in_config(service): + server_ip = common.is_ip_or_dns(request.form.get('serv')) + finding_words = request.form.get('words') + log_path = sql.get_setting(service + '_dir') + log_path = common.return_nice_path(log_path) + commands = [f'sudo grep "{finding_words}" {log_path}*/*.conf -C 2 -Rn'] + try: + return_find = server_mod.ssh_command(server_ip, commands, raw=1) + return_find = config_mod.show_finding_in_config(return_find, grep=finding_words) + except Exception as e: + return str(e) + + if 'error: ' in return_find: + return return_find + + return return_find + + +@bp.route('//', defaults={'serv': None, 'edit': None, 'config_file_name': None, 'new': None}, methods=['GET', 'POST']) +@bp.route('////', defaults={'config_file_name': None, 'new': None}, methods=['GET', 'POST']) +@bp.route('///show', defaults={'edit': None, 'config_file_name': None, 'new': None}, methods=['GET', 'POST']) +@bp.route('///show/', defaults={'edit': None, 'new': None}, methods=['GET', 'POST']) +@bp.route('///show-files', defaults={'edit': None, 'config_file_name': None, 'new': None}, methods=['GET', 'POST']) +@bp.route('////', defaults={'new': None}, methods=['GET', 'POST']) +@bp.route('/////', methods=['GET', 'POST']) +def config(service, serv, edit, config_file_name, new): + config_read = "" + cfg = "" + stderr = "" + error = "" + aftersave = "" + is_restart = '' + is_serv_protected = '' + new_config = new + + try: + user_params = roxywi_common.get_users_params(service=service) + user = user_params['user'] + except Exception: + return redirect(url_for('login_page')) + + if service in ('haproxy', 'nginx', 'keepalived', 'apache'): + service_desc = sql.select_service(service) + is_redirect = roxywi_auth.check_login(user_params['user_uuid'], user_params['token'], service=service_desc.service_id) + + if is_redirect != 'ok': + return redirect(url_for(f'{is_redirect}')) + else: + return redirect(url_for('index')) + + if serv and config_file_name: + cfg = config_mod.return_cfg(service, serv, config_file_name) + + if serv and edit and new_config is None: + roxywi_common.check_is_server_in_group(serv) + is_serv_protected = sql.is_serv_protected(serv) + server_id = sql.select_server_id_by_ip(serv) + is_restart = sql.select_service_setting(server_id, service, 'restart') + + try: + error = config_mod.get_config(serv, cfg, service=service, config_file_name=config_file_name) + except Exception as e: + return str(e), 200 + + try: + roxywi_common.logging(serv, f" {service.title()} config has been opened") + except Exception: + pass + + try: + conf = open(cfg, "r") + config_read = conf.read() + conf.close() + except IOError as e: + return f'Cannot read imported config file {e}', 200 + + os.system("/bin/mv %s %s.old" % (cfg, cfg)) + + if new_config is not None: + config_read = ' ' + + return render_template( + 'config.html', h2=1, role=user_params['role'], user=user, select_id="serv", serv=serv, aftersave=aftersave, + config=config_read, cfg=cfg, selects=user_params['servers'], stderr=stderr, error=error, service=service, + is_restart=is_restart, user_services=user_params['user_services'], config_file_name=config_file_name, + is_serv_protected=is_serv_protected, token=user_params['token'], lang=user_params['lang'], service_desc=service_desc + ) + + +@bp.route('///save', methods=['POST']) +def save_config(service, server_ip): + try: + user_params = roxywi_common.get_users_params() + user = user_params['user'] + except Exception: + return redirect(url_for('login_page')) + + roxywi_common.check_is_server_in_group(server_ip) + service_desc = sql.select_service(service) + is_redirect = roxywi_auth.check_login(user_params['user_uuid'], user_params['token'], + service=service_desc.service_id) + + if is_redirect != 'ok': + return redirect(url_for(f'{is_redirect}')) + + config = request.form.get('config') + oldcfg = request.form.get('oldconfig') + save = request.form.get('save') + config_file_name = request.form.get('config_file_name') + + try: + cfg = config_mod.return_cfg(service, server_ip, config_file_name) + except Exception as e: + return f'error: {e}', 200 + + try: + with open(cfg, "a") as conf: + conf.write(config) + except IOError as e: + return f"error: Cannot read imported config file: {e}", 200 + + try: + if service == 'keepalived': + stderr = config_mod.upload_and_restart(server_ip, cfg, save, service, oldcfg=oldcfg) + else: + stderr = config_mod.master_slave_upload_and_restart(server_ip, cfg, save, service, oldcfg=oldcfg, + config_file_name=config_file_name) + except Exception as e: + return f'error: {e}', 200 + + if save != 'test': + config_mod.diff_config(oldcfg, cfg) + + if stderr: + return stderr, 200 + + return + + +@bp.route('/versions/', defaults={'server_ip': None}, methods=['GET', 'POST']) +@bp.route('/versions//', methods=['GET', 'POST']) +def versions(service, server_ip): + roxywi_auth.page_for_admin(level=3) + aftersave = '' + file = set() + stderr = '' + + try: + user_params = roxywi_common.get_users_params(disable=1) + user = user_params['user'] + except Exception: + return redirect(url_for('login_page')) + + if service not in ('haproxy', 'nginx', 'keepalived', 'apache'): + return redirect(url_for('index')) + + if service in ('haproxy', 'keepalived'): + conf_format = 'cfg' + else: + conf_format = 'conf' + + if request.form.get('del'): + aftersave = 1 + for get in request.form.getlist('do_delete'): + if conf_format in get and server_ip in get: + try: + if sql.delete_config_version(service, get): + try: + os.remove(get) + except OSError as e: + if 'No such file or directory' in str(e): + pass + else: + os.remove(os.path.join(configs_dir, get)) + try: + file.add(get + "\n") + roxywi_common.logging( + server_ip, f"Version of config has been deleted: {get}", login=1, keep_history=1, + service=service + ) + except Exception: + pass + except OSError as e: + stderr = "Error: %s - %s." % (e.filename, e.strerror) + + return render_template( + 'delver.html', h2=1, role=user_params['role'], user=user, select_id="serv", serv=server_ip, aftersave=aftersave, + selects=user_params['servers'], file=file, service=service, user_services=user_params['user_services'], + token=user_params['token'], lang=user_params['lang'], stderr=stderr + ) + + +@bp.route('/version//list', methods=['POST']) +def list_of_version(service): + server_ip = common.is_ip_or_dns(request.form.get('serv')) + configver = common.checkAjaxInput(request.form.get('configver')) + for_delver = common.checkAjaxInput(request.form.get('for_delver')) + + return config_mod.list_of_versions(server_ip, service, configver, for_delver) + + +@bp.route('/versions///', defaults={'save': None}, methods=['GET', 'POST']) +@bp.route('/versions////save', defaults={'save': 1}, methods=['GET', 'POST']) +def show_version(service, server_ip, configver, save): + roxywi_auth.page_for_admin(level=3) + + try: + user_params = roxywi_common.get_users_params(disable=1) + user = user_params['user'] + except Exception: + return redirect(url_for('login_page')) + + if service not in ('haproxy', 'nginx', 'keepalived', 'apache'): + return redirect(url_for('index')) + + service_desc = sql.select_service(service) + + if not roxywi_auth.check_login(user_params['user_uuid'], user_params['token'], service=service_desc.service_id): + return redirect(url_for('index')) + + configs_dir = get_config.get_config_var('configs', f'{service_desc.service}_save_configs_dir') + configver = configs_dir + configver + servers = roxywi_common.get_dick_permit(service=service_desc.slug) + aftersave = 0 + stderr = '' + + if save: + aftersave = 1 + save_action = request.form.get('save') + try: + roxywi_common.logging( + server_ip, f"Version of config has been uploaded {configver}", login=1, keep_history=1, service=service + ) + except Exception: + pass + + if service == 'keepalived': + stderr = config_mod.upload_and_restart(serv, configver, save_action, service) + elif service in ('nginx', 'apache'): + config_file_name = sql.select_remote_path_from_version(server_ip=server_ip, service=service, + local_path=configver) + stderr = config_mod.master_slave_upload_and_restart(server_ip, configver, save_action, service_desc.slug, + config_file_name=config_file_name) + else: + stderr = config_mod.master_slave_upload_and_restart(server_ip, configver, save_action, service) + + return render_template( + 'configver.html', + h2=1, role=user_params['role'], user=user, select_id="serv", serv=server_ip, aftersave=aftersave, + selects=servers, stderr=stderr, save=save, configver=configver, service=service, + user_services=user_params['user_services'], token=user_params['token'], lang=user_params['lang'] + ) + + +@bp.route('/section/haproxy/') +def haproxy_section(server_ip): + try: + user_params = roxywi_common.get_users_params(service=1) + user = user_params['user'] + except Exception: + return redirect(url_for('login_page')) + + is_redirect = roxywi_auth.check_login(user_params['user_uuid'], user_params['token'], service=1) + + if is_redirect != 'ok': + return redirect(url_for(f'{is_redirect}')) + + is_restart = 0 + hap_configs_dir = get_config.get_config_var('configs', 'haproxy_save_configs_dir') + cfg = f"{hap_configs_dir}{server_ip}-{get_date.return_date('config')}.cfg" + error = config_mod.get_config(server_ip, cfg) + sections = section_mod.get_sections(cfg) + + return render_template( + 'sections.html', h2=1, role=user_params['role'], user=user, serv=server_ip, selects=user_params['servers'], + sections=sections, error=error, token=user_params['token'], lang=user_params['lang'], is_restart=is_restart, config='', + user_services=user_params['user_services'] + ) + + +@bp.route('/section/haproxy//
') +def haproxy_section_show(server_ip, section): + try: + user_params = roxywi_common.get_users_params(service=1) + user = user_params['user'] + except Exception: + return redirect(url_for('login_page')) + + is_redirect = roxywi_auth.check_login(user_params['user_uuid'], user_params['token'], service=1) + + if is_redirect != 'ok': + return redirect(url_for(f'{is_redirect}')) + + try: + roxywi_common.logging(server_ip, f"A section {section} has been opened") + except Exception: + pass + + hap_configs_dir = get_config.get_config_var('configs', 'haproxy_save_configs_dir') + cfg = f"{hap_configs_dir}{server_ip}-{get_date.return_date('config')}.cfg" + error = config_mod.get_config(server_ip, cfg) + sections = section_mod.get_sections(cfg) + start_line, end_line, config_read = section_mod.get_section_from_config(cfg, section) + server_id = sql.select_server_id_by_ip(server_ip) + is_restart = sql.select_service_setting(server_id, 'haproxy', 'restart') + + os.system(f"/bin/mv {cfg} {cfg}.old") + + return render_template( + 'sections.html', h2=1, role=user_params['role'], user=user, + serv=server_ip, selects=user_params['servers'], error=error, sections=sections, cfg=cfg, + token=user_params['token'], lang=user_params['lang'], is_restart=is_restart, config=config_read, + start_line=start_line, end_line=end_line, section=section, user_services=user_params['user_services'] + ) + + +@bp.route('/section/haproxy//save', methods=['POST']) +def haproxy_section_save(server_ip): + try: + user_params = roxywi_common.get_users_params(service=1) + user = user_params['user'] + except Exception: + return redirect(url_for('login_page')) + + is_redirect = roxywi_auth.check_login(user_params['user_uuid'], user_params['token'], service=1) + + if is_redirect != 'ok': + return redirect(url_for(f'{is_redirect}')) + + hap_configs_dir = get_config.get_config_var('configs', 'haproxy_save_configs_dir') + cfg = f"{hap_configs_dir}{server_ip}-{get_date.return_date('config')}.cfg" + config = request.form.get('config') + oldcfg = request.form.get('oldconfig') + save = request.form.get('save') + start_line = request.form.get('start_line') + end_line = request.form.get('end_line') + + if save == 'delete': + config = '' + save = 'reload' + + config = section_mod.rewrite_section(start_line, end_line, oldcfg, config) + + try: + with open(cfg, "w") as conf: + conf.write(config) + except IOError as e: + return f"error: Cannot read import config file: {e}" + + stderr = config_mod.master_slave_upload_and_restart(server_ip, cfg, save, 'haproxy', oldcfg=oldcfg) + + config_mod.diff_config(oldcfg, cfg) + + os.system(f"/bin/rm -f {hap_configs_dir}*.old") + + return stderr + + +@bp.route('/compare//') +@bp.route('/map//') +def show_compare_config(service, serv): + config_read = "" + cfg = "" + stderr = "" + error = "" + aftersave = "" + is_restart = '' + is_serv_protected = '' + config_file_name = '' + + try: + user_params = roxywi_common.get_users_params(service=service) + user = user_params['user'] + except Exception: + return redirect(url_for('login_page')) + + if service in ('haproxy', 'nginx', 'keepalived', 'apache'): + service_desc = sql.select_service(service) + is_redirect = roxywi_auth.check_login(user_params['user_uuid'], user_params['token'], service=service_desc.service_id) + + if is_redirect != 'ok': + return redirect(url_for(f'{is_redirect}')) + else: + return redirect(url_for('index')) + + return render_template( + 'config.html', h2=1, role=user_params['role'], user=user, select_id="serv", serv=serv, aftersave=aftersave, + config=config_read, cfg=cfg, selects=user_params['servers'], stderr=stderr, error=error, service=service, + is_restart=is_restart, user_services=user_params['user_services'], config_file_name=config_file_name, + is_serv_protected=is_serv_protected, token=user_params['token'], lang=user_params['lang'], + service_desc=service_desc + ) + + +@bp.route('/compare///files') +def show_configs_for_compare(service, server_ip): + return config_mod.show_compare_config(server_ip, service) + + +@bp.route('/compare///show', methods=['POST']) +def show_compare(service, server_ip): + left = common.checkAjaxInput(request.form.get('left')) + right = common.checkAjaxInput(request.form.get('right')) + + return config_mod.compare_config(service, left, right) + + +@bp.route('/map/haproxy//show') +def show_map(server_ip): + return service_haproxy.show_map(server_ip) diff --git a/app/routes/install/__init__.py b/app/routes/install/__init__.py new file mode 100644 index 00000000..cc5356b8 --- /dev/null +++ b/app/routes/install/__init__.py @@ -0,0 +1,5 @@ +from flask import Blueprint + +bp = Blueprint('install', __name__) + +from app.routes.install import routes diff --git a/app/routes/install/routes.py b/app/routes/install/routes.py new file mode 100644 index 00000000..f3e17881 --- /dev/null +++ b/app/routes/install/routes.py @@ -0,0 +1,268 @@ +import os +import sys + +from functools import wraps +from flask import render_template, request, redirect, url_for +from flask_login import login_required + +from app import app, login_manager +from app.routes.install import bp + +sys.path.append(os.path.join(sys.path[0], '/var/www/haproxy-wi/app')) + +import modules.db.sql as sql +import modules.common.common as common +import modules.roxywi.auth as roxywi_auth +import modules.roxywi.common as roxywi_common +import modules.roxy_wi_tools as roxy_wi_tools +import modules.server.server as server_mod +import modules.service.common as service_common +import modules.service.installation as service_mod +import modules.service.exporter_installation as exp_installation + + +@bp.before_request +@login_required +def before_request(): + """ Protect all of the admin endpoints. """ + pass + + +@bp.route('') +def install_monitoring(): + roxywi_auth.page_for_admin(level=2) + + try: + user_params = roxywi_common.get_users_params() + user = user_params['user'] + except Exception: + return redirect(url_for('login_page')) + + is_needed_tool = common.is_tool('ansible') + geoip_country_codes = sql.select_geoip_country_codes() + + return render_template( + 'install.html', h2=1, role=user_params['role'], user=user, servers=user_params['servers'], + user_services=user_params['user_services'], lang=user_params['lang'], geoip_country_codes=geoip_country_codes, + is_needed_tool=is_needed_tool, token=user_params['token'] + ) + + +@bp.route('/ha') +def ha(): + roxywi_auth.page_for_admin(level=2) + + try: + user_params = roxywi_common.get_users_params() + user = user_params['user'] + except Exception: + return redirect(url_for('login_page')) + + is_needed_tool = common.is_tool('ansible') + user_subscription = roxywi_common.return_user_subscription() + is_redirect = roxywi_auth.check_login(user_params['user_uuid'], user_params['token'], service=3) + + if is_redirect != 'ok': + return redirect(url_for(f'{is_redirect}')) + + return render_template( + 'ha.html', h2=1, role=user_params['role'], user=user, selects=user_params['servers'], + user_services=user_params['user_services'], user_status=user_subscription['user_status'], lang=user_params['lang'], + user_plan=user_subscription['user_plan'], is_needed_tool=is_needed_tool, token=user_params['token'] + ) + + +@bp.post('/keepalived', defaults={'slave_kp': None}) +@bp.post('/keepalived/') +def install_keepalived(slave_kp): + master = request.form.get('master') + slave = request.form.get('slave') + eth = request.form.get('interface') + eth_slave = request.form.get('slave_interface') + vrrp_ip = request.form.get('vrrpip') + syn_flood = request.form.get('syn_flood') + return_to_master = request.form.get('return_to_master') + haproxy = request.form.get('hap') + nginx = request.form.get('nginx') + router_id = request.form.get('router_id') + virt_server = request.form.get('virt_server') + + try: + virt_server = int(virt_server) + except Exception: + pass + + if not slave_kp: + try: + return service_mod.keepalived_master_install( + master, eth, eth_slave, vrrp_ip, virt_server, syn_flood, return_to_master, haproxy, nginx, router_id + ) + except Exception as e: + return f'{e}' + else: + try: + return service_mod.keepalived_slave_install( + master, slave, eth, eth_slave, vrrp_ip, syn_flood, haproxy, nginx, router_id + ) + except Exception as e: + return f'{e}' + + +@bp.post('/keepalived/add', defaults={'slave_kp': None}) +@bp.post('/keepalived/add/') +def add_extra_vrrp(slave_kp): + master = request.form.get('master') + slave = request.form.get('slave') + eth = request.form.get('interface') + slave_eth = request.form.get('slave_interface') + vrrp_ip = request.form.get('vrrpip') + router_id = request.form.get('router_id') + return_to_master = request.form.get('return_to_master') + kp = request.form.get('kp') + + if not slave_kp: + try: + return service_mod.keepalived_masteradd(master, eth, slave_eth, vrrp_ip, router_id, return_to_master, kp) + except Exception as e: + return f'{e}' + else: + try: + return service_mod.keepalived_slaveadd(slave, eth, slave_eth, vrrp_ip, router_id, kp) + except Exception as e: + return f'{e}' + + +@bp.post('//') +def install_service(service, server_ip): + server_ip = common.is_ip_or_dns(server_ip) + docker = common.checkAjaxInput(request.form.get('docker')) + syn_flood = request.form.get('syn_flood') + hapver = request.form.get('hapver') + + if service in ('nginx', 'apache'): + try: + return service_mod.install_service(server_ip, service, docker, syn_flood) + except Exception as e: + return str(e) + elif service == 'haproxy': + try: + return service_mod.install_haproxy(server_ip, syn_flood=syn_flood, hapver=hapver, docker=docker) + except Exception as e: + return str(e) + else: + return 'warning: Wrong service' + + +@bp.post('//master-slave') +def master_slave(service): + master = request.form.get('master') + slave = request.form.get('slave') + server = request.form.get('server') + docker = request.form.get('docker') + + if service == 'haproxy': + if server == 'master': + try: + return service_mod.install_haproxy(master, server=server, docker=docker, m_or_s='master', master=master, slave=slave) + except Exception as e: + return f'{e}' + elif server == 'slave': + try: + return service_mod.install_haproxy(slave, server=server, docker=docker, m_or_s='slave', master=master, slave=slave) + except Exception as e: + return f'{e}' + elif service == 'nginx': + syn_flood_protect = '1' if request.form.get('syn_flood') == "1" else '' + if server == 'master': + try: + return service_mod.install_service(master, 'nginx', docker, syn_flood_protect, server=server) + except Exception as e: + return f'{e}' + elif server == 'slave': + try: + return service_mod.install_service(slave, 'nginx', docker, syn_flood_protect, server=server) + except Exception as e: + return f'{e}' + + +@bp.route('//version/') +def get_service_version(service, server_ip): + if service in ('haproxy', 'nginx', 'apache'): + return service_common.show_service_version(server_ip, service) + elif service == 'keepalived': + cmd = ["sudo /usr/sbin/keepalived -v 2>&1|head -1|awk '{print $2}'"] + return server_mod.ssh_command(server_ip, cmd) + else: + return 'error: Wrong service' + + +@bp.post('/exporter/') +def install_exporter(exporter): + server_ip = common.is_ip_or_dns(request.form.get('server_ip')) + ver = common.checkAjaxInput(request.form.get('exporter_v')) + ext_prom = common.checkAjaxInput(request.form.get('ext_prom')) + + if exporter == 'haproxy': + return exp_installation.haproxy_exp_installation(server_ip, ver, ext_prom) + elif exporter in ('nginx', 'apache'): + return exp_installation.nginx_apache_exp_installation(server_ip, exporter, ver, ext_prom) + elif exporter in ('keepalived', 'node'): + return exp_installation.node_keepalived_exp_installation(exporter, server_ip, ver, ext_prom) + else: + return 'error: Wrong exporter' + + +@bp.route('/exporter//version/') +def get_exporter_version(exporter, server_ip): + server_ip = common.is_ip_or_dns(server_ip) + return service_common.get_exp_version(server_ip, exporter) + + +@bp.route('/grafana') +def install_grafana(): + try: + return service_mod.grafana_install() + except Exception as e: + return f'{e}' + + +@bp.route('/waf//') +def install_waf(service, server_ip): + server_ip = common.is_ip_or_dns(server_ip) + + if service == 'haproxy': + try: + return service_mod.waf_install(server_ip) + except Exception as e: + return str(e) + elif service == 'nginx': + try: + return service_mod.waf_nginx_install(server_ip) + except Exception as e: + return str(e) + else: + return 'error: Wrong service' + + +@bp.post('/geoip') +def install_geoip(): + server_ip = common.is_ip_or_dns(server_ip) + geoip_update = common.checkAjaxInput(request.form.get('update')) + service = request.form.get('service') + + try: + return service_mod.geoip_installation(server_ip, geoip_update, service) + except Exception as e: + return str(e) + + +@bp.route('/geoip//') +def check_geoip(service, server_ip): + server_ip = common.is_ip_or_dns(server_ip) + + if service not in ('haproxy', 'nginx'): + return 'error: Wrong service' + + service_dir = common.return_nice_path(sql.get_setting(f'{service}_dir')) + cmd = [f"ls {service_dir}geoip/"] + return server_mod.ssh_command(server_ip, cmd) diff --git a/app/routes/metric/__init__.py b/app/routes/metric/__init__.py new file mode 100644 index 00000000..b98c89b0 --- /dev/null +++ b/app/routes/metric/__init__.py @@ -0,0 +1,5 @@ +from flask import Blueprint + +bp = Blueprint('metric', __name__) + +from app.routes.metric import routes diff --git a/app/routes/metric/routes.py b/app/routes/metric/routes.py new file mode 100644 index 00000000..a02c7c79 --- /dev/null +++ b/app/routes/metric/routes.py @@ -0,0 +1,128 @@ +import os +import sys + +import distro +from flask import render_template, request, jsonify, redirect, url_for +from flask_login import login_required + +from app import app, login_manager +from app.routes.metric import bp + +sys.path.append(os.path.join(sys.path[0], '/var/www/haproxy-wi/app')) + +import modules.db.sql as sql +import modules.common.common as common +import modules.server.server as server_mod +import modules.roxywi.metrics as metric +import modules.roxywi.auth as roxywi_auth +import modules.roxywi.common as roxywi_common + + +@bp.before_request +@login_required +def before_request(): + """ Protect all of the admin endpoints. """ + pass + + +@bp.route('/') +def metrics(service): + try: + user_params = roxywi_common.get_users_params() + user = user_params['user'] + except Exception: + return redirect(url_for('login_page')) + + service_desc = sql.select_service(service) + roxywi_common.check_user_group_for_flask() + + is_redirect = roxywi_auth.check_login(user_params['user_uuid'], user_params['token'], service=service_desc.service_id) + + if is_redirect != 'ok': + return redirect(url_for(f'{is_redirect}')) + + try: + if distro.id() == 'ubuntu': + cmd = "apt list --installed 2>&1 |grep roxy-wi-metrics" + else: + cmd = "rpm -q roxy-wi-metrics-* |awk -F\"metrics\" '{print $2}' |awk -F\".noa\" '{print $1}' |sed 's/-//1' |sed 's/-/./'" + service_ver, stderr = server_mod.subprocess_execute(cmd) + services = '0' + + if not stderr: + if service_ver[0] == ' is not installed' or service_ver == '': + servers = '' + else: + services = '1' + if service == 'nginx': + user_params['servers'] = sql.select_nginx_servers_metrics_for_master() + elif service == 'apache': + user_params['servers'] = sql.select_apache_servers_metrics_for_master() + else: + group_id = roxywi_common.get_user_group(id=1) + user_params['servers'] = sql.select_servers_metrics(group_id) + except Exception as e: + return f'error: on Metrics page: {e}', 500 + + user_subscription = roxywi_common.return_user_subscription() + + return render_template( + 'metrics.html', h2=1, autorefresh=1, role=user_params['role'], user=user, servers=user_params['servers'], + services=services, user_services=user_params['user_services'], service=service, + user_status=user_subscription['user_status'], user_plan=user_subscription['user_plan'], + token=user_params['token'], lang=user_params['lang'], service_desc=service_desc + ) + + +@bp.route('/cpu', methods=['POST']) +def metrics_cpu(): + metrics_type = common.checkAjaxInput(request.form.get('ip')) + + return jsonify(metric.show_cpu_metrics(metrics_type)) + + +@bp.route('/ram', methods=['POST']) +def metrics_ram(): + metrics_type = common.checkAjaxInput(request.form.get('ip')) + + return jsonify(metric.show_ram_metrics(metrics_type)) + + +@bp.route('//table-metrics') +def table_metrics(service): + roxywi_common.check_user_group_for_flask() + lang = roxywi_common.get_user_lang() + group_id = roxywi_common.get_user_group(id=1) + + if service in ('nginx', 'apache'): + metrics = sql.select_service_table_metrics(service, group_id) + else: + metrics = sql.select_table_metrics(group_id) + + return render_template('ajax/table_metrics.html', table_stat=metrics, service=service, lang=lang) + + +@bp.route('//', methods=['POST']) +def show_metric(service, server_ip): + server_ip = common.is_ip_or_dns(server_ip) + hostname = sql.get_hostname_by_server_ip(server_ip) + time_range = common.checkAjaxInput(request.form.get('time_range')) + + if service in ('nginx', 'apache', 'waf'): + return jsonify(metric.service_metrics(server_ip, hostname, service, time_range)) + elif service == 'haproxy': + return jsonify(metric.haproxy_metrics(server_ip, hostname, time_range)) + + return 'error: Wrong service' + + +@bp.route('///http', methods=['POST']) +def show_http_metric(service, server_ip): + server_ip = common.is_ip_or_dns(server_ip) + hostname = sql.get_hostname_by_server_ip(server_ip) + time_range = common.checkAjaxInput(request.form.get('time_range')) + + if service == 'haproxy': + return jsonify(metric.haproxy_http_metrics(server_ip, hostname, time_range)) + + return 'error: Wrong service' diff --git a/app/routes/runtime/__init__.py b/app/routes/runtime/__init__.py new file mode 100644 index 00000000..979427c0 --- /dev/null +++ b/app/routes/runtime/__init__.py @@ -0,0 +1,5 @@ +from flask import Blueprint + +bp = Blueprint('runtime', __name__) + +from app.routes.runtime import routes diff --git a/app/routes/runtime/routes.py b/app/routes/runtime/routes.py new file mode 100644 index 00000000..9dae244e --- /dev/null +++ b/app/routes/runtime/routes.py @@ -0,0 +1,203 @@ +import os +import sys + +from flask import render_template, request, redirect, url_for +from flask_login import login_required + +from app import app, login_manager +from app.routes.runtime import bp + +sys.path.append(os.path.join(sys.path[0], '/var/www/haproxy-wi/app')) + +import modules.db.sql as sql +import modules.common.common as common +import modules.roxywi.common as roxywi_common +import modules.config.runtime as runtime +import modules.service.haproxy as service_haproxy + + +@bp.before_request +@login_required +def before_request(): + """ Protect all of the admin endpoints. """ + pass + + +@bp.route('/') +def runtimeapi(): + try: + user_params = roxywi_common.get_users_params(haproxy=1) + user = user_params['user'] + except Exception: + return redirect(url_for('login_page')) + servbackend = "" + + return render_template( + 'runtimeapi.html', h2=1, title="RunTime API", role=user_params['role'], user=user, select_id="serv", + selects=user_params['servers'], token=user_params['token'], user_services=user_params['user_services'], + servbackend=servbackend, lang=user_params['lang'] + ) + + +@bp.route('/backends/') +def show_backends(server_ip): + server_ip = common.is_ip_or_dns(server_ip) + + return runtime.show_backends(server_ip) + + +@bp.route('/backend/servers//') +def show_backend_servers(server_ip, backend): + server_ip = common.is_ip_or_dns(server_ip) + backend = common.checkAjaxInput(backend) + + return runtime.show_frontend_backend(server_ip, backend) + + +@bp.route('/backend/server///') +def show_backend_server(server_ip, backend, backend_server): + server_ip = common.is_ip_or_dns(server_ip) + backend = common.checkAjaxInput(backend) + backend_server = common.checkAjaxInput(backend_server) + + return runtime.show_server(server_ip, backend, backend_server) + + +@bp.route('/change/ip', methods=['POST']) +def change_ip_port(): + server_ip = common.is_ip_or_dns(request.form.get('serv')) + backend_backend = common.checkAjaxInput(request.form.get('backend_backend')) + backend_server = common.checkAjaxInput(request.form.get('backend_server')) + backend_ip = common.checkAjaxInput(request.form.get('backend_ip')) + backend_port = common.checkAjaxInput(request.form.get('backend_port')) + + return runtime.change_ip_and_port(server_ip, backend_backend, backend_server, backend_ip, backend_port) + + +@bp.route('/maxconn/') +def maxconn_select(server_ip): + server_ip = common.is_ip_or_dns(server_ip) + + return runtime.get_backends_from_config(server_ip, backends='frontend') + + +@bp.route('/maxconn//', methods=['POST']) +def change_maxconn(type_maxconn, server_ip): + server_ip = common.is_ip_or_dns(server_ip) + maxconn = common.checkAjaxInput(request.form.get('maxconn')) + + if type_maxconn == 'global': + + return runtime.change_maxconn_global(server_ip, maxconn) + elif type_maxconn == 'frontend': + frontend = common.checkAjaxInput(request.form.get('maxconn_frontend')) + + return runtime.change_maxconn_frontend(server_ip, maxconn, frontend) + elif type_maxconn == 'backend': + backend = common.checkAjaxInput(request.form.get('maxconn_backend')) + backend_server = common.checkAjaxInput(request.form.get('maxconn_backend_server')) + + return runtime.change_maxconn_backend(server_ip, backend, backend_server, maxconn) + else: + return 'error: Wrong backend' + + +@bp.route('/action/', methods=['POST']) +def action(server_ip): + server_ip = common.is_ip_or_dns(server_ip) + enable = common.checkAjaxInput(request.form.get('servaction')) + backend = common.checkAjaxInput(request.form.get('servbackend')) + save = request.form.get('save') + + return service_haproxy.runtime_command(server_ip, enable, backend, save) + + +@bp.route('/tables/') +def get_all_tables(server_ip): + server_ip = common.is_ip_or_dns(server_ip) + + return runtime.get_all_stick_table(server_ip) + + +@bp.route('/table//') +def get_table(server_ip, table): + server_ip = common.is_ip_or_dns(server_ip) + table = common.checkAjaxInput(table) + + return runtime.table_select(server_ip, table) + + +@bp.route('/table/delete//
/') +def delete_ip(server_ip, table, ip_for_delete): + server_ip = common.is_ip_or_dns(server_ip) + table = common.checkAjaxInput(table) + ip_for_delete = common.is_ip_or_dns(ip_for_delete) + + return runtime.delete_ip_from_stick_table(server_ip, ip_for_delete, table) + + +@bp.route('/table/clear//
') +def clear_table(server_ip, table): + server_ip = common.is_ip_or_dns(server_ip) + table = common.checkAjaxInput(table) + + return runtime.clear_stick_table(server_ip, table) + + +@bp.route('/session/') +def select_sessions(server_ip): + server_ip = common.is_ip_or_dns(server_ip) + + return runtime.select_session(server_ip) + + +@bp.route('/session//') +def show_sessions(server_ip, sess_id): + server_ip = common.is_ip_or_dns(server_ip) + sess_id = common.checkAjaxInput(sess_id) + + return runtime.show_session(server_ip, sess_id) + + +@bp.route('/session/delete//') +def delete_session(server_ip, sess_id): + server_ip = common.is_ip_or_dns(server_ip) + sess_id = common.checkAjaxInput(sess_id) + + return runtime.delete_session(server_ip, sess_id) + + +@bp.route('/list/') +def get_lists(server_ip): + server_ip = common.is_ip_or_dns(server_ip) + + return runtime.list_of_lists(server_ip) + + +@bp.route('/list///') +def get_list(server_ip, list_id, list_name): + server_ip = common.is_ip_or_dns(server_ip) + list_name = common.checkAjaxInput(list_name) + + return runtime.show_lists(server_ip, list_id, list_name) + + +@bp.route('/list/delete', methods=['POST']) +def delete_ip_from_list(): + ip_id = common.checkAjaxInput(request.form.get('list_ip_id_for_delete')) + ip = common.is_ip_or_dns(request.form.get('list_ip_for_delete')) + list_id = common.checkAjaxInput(request.form.get('list_id_for_delete')) + list_name = common.checkAjaxInput(request.form.get('list_name')) + + return runtime.delete_ip_from_list(serv, ip_id, ip, list_id, list_name) + + +@bp.route('/list/add', methods=['POST']) +def add_ip_to_list(): + ip = request.form.get('list_ip_for_add') + ip = ip.strip() + ip = common.is_ip_or_dns(ip) + list_id = common.checkAjaxInput(request.form.get('list_id_for_add')) + list_name = common.checkAjaxInput(request.form.get('list_name')) + + return runtime.add_ip_to_list(serv, ip, list_id, list_name) \ No newline at end of file diff --git a/app/routes/server/__init__.py b/app/routes/server/__init__.py new file mode 100644 index 00000000..ae27ba97 --- /dev/null +++ b/app/routes/server/__init__.py @@ -0,0 +1,5 @@ +from flask import Blueprint + +bp = Blueprint('server', __name__) + +from app.routes.server import routes diff --git a/app/routes/server/routes.py b/app/routes/server/routes.py new file mode 100644 index 00000000..2ba2785c --- /dev/null +++ b/app/routes/server/routes.py @@ -0,0 +1,462 @@ +import os +import sys +import json + +import distro +from flask import render_template, request +from flask_login import login_required + +from app import app, login_manager +from app.routes.server import bp + +sys.path.append(os.path.join(sys.path[0], '/var/www/haproxy-wi/app')) + +import modules.db.sql as sql +import modules.common.common as common +import modules.roxywi.roxy as roxy +import modules.roxywi.group as group_mod +import modules.roxywi.auth as roxywi_auth +import modules.roxywi.common as roxywi_common +import modules.roxy_wi_tools as roxy_wi_tools +import modules.server.ssh as ssh_mod +import modules.server.server as server_mod +import modules.tools.smon as smon_mod +import modules.service.backup as backup_mod + +get_config = roxy_wi_tools.GetConfigVar() +time_zone = sql.get_setting('time_zone') +get_date = roxy_wi_tools.GetDate(time_zone) +error_mess = roxywi_common.return_error_message() + + +@bp.before_request +@login_required +def before_request(): + """ Protect all of the admin endpoints. """ + pass + + +@bp.route('/check/ssh/') +def check_ssh(server_ip): + roxywi_auth.page_for_admin(level=2) + server_ip = common.is_ip_or_dns(server_ip) + + try: + return server_mod.ssh_command(server_ip, ["ls -1t"]) + except Exception as e: + return str(e) + + +@bp.route('/check/server/') +def check_server(server_ip): + server_ip = common.is_ip_or_dns(server_ip) + + return server_mod.server_is_up(server_ip) + + +@bp.route('/show/if/') +def show_if(server_ip): + roxywi_auth.page_for_admin(level=2) + server_ip = common.is_ip_or_dns(server_ip) + commands = ["sudo ip link|grep 'UP' |grep -v 'lo'| awk '{print $2}' |awk -F':' '{print $1}'"] + + return server_mod.ssh_command(server_ip, commands) + + +@bp.route('/create', methods=['POST']) +def create_server(): + roxywi_auth.page_for_admin(level=2) + hostname = common.checkAjaxInput(request.form.get('servername')) + ip = common.is_ip_or_dns(request.form.get('newip')) + group = common.checkAjaxInput(request.form.get('newservergroup')) + typeip = common.checkAjaxInput(request.form.get('typeip')) + haproxy = common.checkAjaxInput(request.form.get('haproxy')) + nginx = common.checkAjaxInput(request.form.get('nginx')) + apache = common.checkAjaxInput(request.form.get('apache')) + firewall = common.checkAjaxInput(request.form.get('firewall')) + enable = common.checkAjaxInput(request.form.get('enable')) + master = common.checkAjaxInput(request.form.get('slave')) + cred = common.checkAjaxInput(request.form.get('cred')) + page = common.checkAjaxInput(request.form.get('page')) + page = page.split("#")[0] + port = common.checkAjaxInput(request.form.get('newport')) + desc = common.checkAjaxInput(request.form.get('desc')) + add_to_smon = common.checkAjaxInput(request.form.get('add_to_smon')) + lang = roxywi_common.get_user_lang_for_flask() + + if ip == '': + return 'error: IP or DNS name is not valid' + try: + if server_mod.create_server(hostname, ip, group, typeip, enable, master, cred, port, desc, haproxy, nginx, + apache, firewall): + try: + user_subscription = roxywi_common.return_user_status() + except Exception as e: + user_subscription = roxywi_common.return_unsubscribed_user_status() + roxywi_common.logging('Roxy-WI server', f'Cannot get a user plan: {e}', roxywi=1) + + if add_to_smon: + user_group = roxywi_common.get_user_group(id=1) + smon_mod.create_smon(hostname, ip, 0, 1, 0, 0, hostname, desc, 0, 0, 0, 56, 'ping', 0, 0, user_group, 0) + + roxywi_common.logging(ip, f'A new server {hostname} has been created', roxywi=1, login=1, keep_history=1, service='server') + + return render_template( + 'ajax/new_server.html', groups=sql.select_groups(), servers=sql.select_servers(server=ip), lang=lang, + masters=sql.select_servers(get_master_servers=1), sshs=sql.select_ssh(group=group), page=page, + user_status=user_subscription['user_status'], user_plan=user_subscription['user_plan'], adding=1 + ) + except Exception as e: + return f'error: {e}' + + + +@bp.route('/create/after', methods=['POST']) +def after_add(): + hostname = common.checkAjaxInput(request.form.get('servername')) + ip = common.is_ip_or_dns(request.form.get('newip')) + scan_server = common.checkAjaxInput(request.form.get('scan_server')) + + try: + return server_mod.update_server_after_creating(hostname, ip, scan_server) + except Exception as e: + return str(e) + + +@bp.route('/update', methods=['POST']) +def update_server(): + roxywi_auth.page_for_admin(level=2) + name = request.form.get('updateserver') + group = request.form.get('servergroup') + typeip = request.form.get('typeip') + firewall = request.form.get('firewall') + enable = request.form.get('enable') + master = request.form.get('slave') + serv_id = request.form.get('id') + cred = request.form.get('cred') + port = request.form.get('port') + protected = request.form.get('protected') + desc = request.form.get('desc') + + if name is None or port is None: + return error_mess + else: + sql.update_server(name, group, typeip, enable, master, serv_id, cred, port, desc, firewall, protected) + roxywi_common.logging(f'The server {name}', ' has been updated ', roxywi=1, login=1) + server_ip = sql.select_server_ip_by_id(serv_id) + roxywi_common.logging(server_ip, f'The server {name} has been update', roxywi=1, login=1, keep_history=1, service='server') + + return 'ok' + + +@bp.route('/delete/') +def delete_server(server_id): + roxywi_auth.page_for_admin(level=2) + return server_mod.delete_server(server_id) + + +@bp.route('/group/create', methods=['POST']) +def create_group(): + roxywi_auth.page_for_admin() + newgroup = common.checkAjaxInput(request.form.get('groupname')) + desc = common.checkAjaxInput(request.form.get('newdesc')) + if newgroup == '': + return error_mess + else: + try: + if sql.add_group(newgroup, desc): + roxywi_common.logging('Roxy-WI server', f'A new group {newgroup} has been created', roxywi=1, login=1) + return render_template('ajax/new_group.html', groups=sql.select_groups(group=newgroup)) + except Exception as e: + return str(e) + + +@bp.route('/group/update', methods=['POST']) +def update_group(): + roxywi_auth.page_for_admin() + name = common.checkAjaxInput(request.form.get('updategroup')) + desc = common.checkAjaxInput(request.form.get('descript')) + group_id = common.checkAjaxInput(request.form.get('id')) + + return group_mod.update_group(group_id, name, desc) + + +@bp.route('/group/delete/') +def delete_group(group_id): + roxywi_auth.page_for_admin() + return group_mod.delete_group(group_id) + + +@bp.route('/ssh/create', methods=['POST']) +def create_ssh(): + roxywi_auth.page_for_admin(level=2) + return ssh_mod.create_ssh_cred() + + +@bp.route('/ssh/delete/') +def delete_ssh(ssh_id): + roxywi_auth.page_for_admin(level=2) + return ssh_mod.delete_ssh_key(ssh_id) + + +@bp.route('/ssh/update', methods=['POST']) +def update_ssh(): + roxywi_auth.page_for_admin(level=2) + return ssh_mod.update_ssh_key() + + +@bp.route('/ssh/upload', methods=['POST']) +def upload_ssh_key(): + user_group = roxywi_common.get_user_group() + name = common.checkAjaxInput(request.form.get('name')) + key = request.form.get('ssh_cert') + + try: + return ssh_mod.upload_ssh_key(name, user_group, key) + except Exception as e: + return str(e) + + +@bp.app_template_filter('string_to_dict') +def string_to_dict(dict_string) -> dict: + from ast import literal_eval + return literal_eval(dict_string) + + +@bp.route('/system_info/get//') +def get_system_info(server_ip, server_id): + server_ip = common.is_ip_or_dns(server_ip) + + return server_mod.show_system_info(server_ip, server_id) + + +@bp.route('/system_info/update//') +def update_system_info(server_ip, server_id): + server_ip = common.is_ip_or_dns(server_ip) + + return server_mod.update_system_info(server_ip, server_id) + + +@bp.route('/tools') +def show_tools(): + roxywi_auth.page_for_admin() + lang = roxywi_common.get_user_lang_for_flask() + try: + services = roxy.get_services_status() + except Exception as e: + return str(e) + + return render_template('ajax/load_services.html', services=services, lang=lang) + + +@bp.route('/tools/update/') +def update_tools(service): + roxywi_auth.page_for_admin() + + try: + return roxy.update_roxy_wi(service) + except Exception as e: + return f'error: {e}' + + +@bp.route('/tools/action//') +def action_tools(service, action): + roxywi_auth.page_for_admin() + if action not in ('start', 'stop', 'restart'): + return 'error: wrong action' + + return roxy.action_service(action, service) + + +@bp.route('/update') +def update_roxywi(): + roxywi_auth.page_for_admin() + versions = roxy.versions() + checker_ver = roxy.check_new_version('checker') + smon_ver = roxy.check_new_version('smon') + metrics_ver = roxy.check_new_version('metrics') + keep_ver = roxy.check_new_version('keep_alive') + portscanner_ver = roxy.check_new_version('portscanner') + socket_ver = roxy.check_new_version('socket') + prometheus_exp_ver = roxy.check_new_version('prometheus-exporter') + services = roxy.get_services_status() + lang = roxywi_common.get_user_lang_for_flask() + + return render_template( + 'ajax/load_updateroxywi.html', services=services, versions=versions, checker_ver=checker_ver, smon_ver=smon_ver, + metrics_ver=metrics_ver, portscanner_ver=portscanner_ver, socket_ver=socket_ver, prometheus_exp_ver=prometheus_exp_ver, + keep_ver=keep_ver, lang=lang + ) + + +@bp.route('/openvpn') +def load_openvpn(): + roxywi_auth.page_for_admin() + openvpn_configs = '' + openvpn_sess = '' + openvpn = '' + + if distro.id() == 'ubuntu': + stdout, stderr = server_mod.subprocess_execute("apt show openvpn3 2>&1|grep E:") + elif distro.id() == 'centos' or distro.id() == 'rhel': + stdout, stderr = server_mod.subprocess_execute("rpm --query openvpn3-client") + + if ( + (stdout[0] != 'package openvpn3-client is not installed' and stderr != '/bin/sh: rpm: command not found') + and stdout[0] != 'E: No packages found' + ): + cmd = "sudo openvpn3 configs-list |grep -E 'ovpn|(^|[^0-9])[0-9]{4}($|[^0-9])' |grep -v net|awk -F\" \" '{print $1}'|awk 'ORS=NR%2?\" \":\"\\n\"'" + openvpn_configs, stderr = server_mod.subprocess_execute(cmd) + cmd = "sudo openvpn3 sessions-list|grep -E 'Config|Status'|awk -F\":\" '{print $2}'|awk 'ORS=NR%2?\" \":\"\\n\"'| sed 's/^ //g'" + openvpn_sess, stderr = server_mod.subprocess_execute(cmd) + openvpn = stdout[0] + + return render_template('ajax/load_openvpn.html', openvpn=openvpn, openvpn_sess=openvpn_sess, openvpn_configs=openvpn_configs) + + +@bp.post('/openvpn/upload') +def upload_openvpn(): + name = common.checkAjaxInput(request.form.get('ovpnname')) + + ovpn_file = f"{os.path.dirname('/tmp/')}/{name}.ovpn" + + try: + with open(ovpn_file, "w") as conf: + conf.write(request.form.get('uploadovpn')) + except IOError as e: + error = f'error: Cannot save ovpn file {e}' + roxywi_common.logging('Roxy-WI server', error, roxywi=1) + return error + + try: + cmd = 'sudo openvpn3 config-import --config %s --persistent' % ovpn_file + server_mod.subprocess_execute(cmd) + except IOError as e: + error = f'error: Cannot import OpenVPN file: {e}' + roxywi_common.logging('Roxy-WI server', error, roxywi=1) + return error + + try: + cmd = 'sudo cp %s /etc/openvpn3/%s.conf' % (ovpn_file, name) + server_mod.subprocess_execute(cmd) + except IOError as e: + error = f'error: Cannot save OpenVPN file: {e}' + roxywi_common.logging('Roxy-WI server', error, roxywi=1) + return error + + roxywi_common.logging("Roxy-WI server", f" has been uploaded a new ovpn file {ovpn_file}", roxywi=1, login=1) + + return 'success: ovpn file has been saved ' + + +@bp.post('/openvpn/delete') +def delete_openvpn(): + openvpndel = common.checkAjaxInput(request.form.get('openvpndel')) + + cmd = f'sudo openvpn3 config-remove --config /tmp/{openvpndel}.ovpn --force' + try: + server_mod.subprocess_execute(cmd) + roxywi_common.logging(openvpndel, ' has deleted the ovpn file ', roxywi=1, login=1) + except IOError as e: + error = f'error: Cannot delete OpenVPN file: {e}' + roxywi_common.logging('Roxy-WI server', error, roxywi=1) + return error + else: + return 'ok' + + +@bp.route('/openvpn/action//') +def action_openvpn(action, openvpn): + openvpn = common.checkAjaxInput(openvpn) + + if action == 'start': + cmd = f'sudo openvpn3 session-start --config /tmp/{openvpn}.ovpn' + elif action == 'restart': + cmd = f'sudo openvpn3 session-manage --config /tmp/{openvpn}.ovpn --restart' + elif action == 'disconnect': + cmd = f'sudo openvpn3 session-manage --config /tmp/{openvpn}.ovpn --disconnect' + else: + return 'error: wrong action' + try: + server_mod.subprocess_execute(cmd) + roxywi_common.logging(openvpn, f' The ovpn session has been {action}ed ', roxywi=1, login=1) + return f"success: The {openvpn} has been {action}ed" + except IOError as e: + roxywi_common.logging('Roxy-WI server', e.args[0], roxywi=1) + return f'error: Cannot {action} OpenVPN: {e}' + + +@bp.route('/services/', methods=['GET', 'POST']) +def show_server_services(server_id): + roxywi_auth.page_for_admin(level=2) + + if request.method == 'GET': + return server_mod.show_server_services(server_id) + else: + server_name = common.checkAjaxInput(request.form.get('changeServerServicesServer')) + server_services = json.loads(request.form.get('jsonDatas')) + + return server_mod.change_server_services(server_id, server_name, server_services) + + +@bp.route('/firewall/') +def show_firewall(server_ip): + roxywi_auth.page_for_admin(level=2) + + server_ip = common.is_ip_or_dns(server_ip) + + return server_mod.show_firewalld_rules(server_ip) + + +@bp.post('/backup/create') +@bp.post('/backup/delete') +@bp.post('/backup/update') +def create_backup(): + server = common.is_ip_or_dns(request.form.get('server')) + rpath = common.checkAjaxInput(request.form.get('rpath')) + time = common.checkAjaxInput(request.form.get('time')) + backup_type = common.checkAjaxInput(request.form.get('type')) + rserver = common.checkAjaxInput(request.form.get('rserver')) + cred = int(request.form.get('cred')) + deljob = common.checkAjaxInput(request.form.get('deljob')) + update = common.checkAjaxInput(request.form.get('backupupdate')) + description = common.checkAjaxInput(request.form.get('description')) + + try: + return backup_mod.backup(server, rpath, time, backup_type, rserver, cred, deljob, update, description) + except Exception as e: + return str(e) + + +@bp.post('/s3backup/create') +@bp.post('/s3backup/delete') +def create_s3_backup(): + server = common.is_ip_or_dns(request.form.get('s3_backup_server')) + s3_server = common.checkAjaxInput(request.form.get('s3_server')) + bucket = common.checkAjaxInput(request.form.get('s3_bucket')) + secret_key = common.checkAjaxInput(request.form.get('s3_secret_key')) + access_key = common.checkAjaxInput(request.form.get('s3_access_key')) + time = common.checkAjaxInput(request.form.get('time')) + deljob = common.checkAjaxInput(request.form.get('dels3job')) + description = common.checkAjaxInput(request.form.get('description')) + + try: + return backup_mod.s3_backup(server, s3_server, bucket, secret_key, access_key, time, deljob, description) + except Exception as e: + return str(e) + + +@bp.post('/git/create') +@bp.post('/git/delete') +def create_git_backup(): + server_id = request.form.get('server') + service_id = request.form.get('git_service') + git_init = request.form.get('git_init') + repo = request.form.get('git_repo') + branch = request.form.get('git_branch') + period = request.form.get('time') + cred = request.form.get('cred') + deljob = request.form.get('git_deljob') + description = request.form.get('description') + + return backup_mod.git_backup(server_id, service_id, git_init, repo, branch, period, cred, deljob, description) diff --git a/app/routes/service/__init__.py b/app/routes/service/__init__.py new file mode 100644 index 00000000..cb97bd9c --- /dev/null +++ b/app/routes/service/__init__.py @@ -0,0 +1,5 @@ +from flask import Blueprint + +bp = Blueprint('service', __name__) + +from app.routes.service import routes diff --git a/app/routes/service/routes.py b/app/routes/service/routes.py new file mode 100644 index 00000000..40296bff --- /dev/null +++ b/app/routes/service/routes.py @@ -0,0 +1,386 @@ +import os +import sys +from functools import wraps + +import distro +from flask import render_template, request, redirect, url_for, abort +from flask_login import login_required + +from app import app, login_manager, cache +from app.routes.service import bp + +sys.path.append(os.path.join(sys.path[0], '/var/www/haproxy-wi/app')) + +import modules.db.sql as sql +import modules.common.common as common +import modules.server.server as server_mod +import modules.service.action as service_action +import modules.service.common as service_common +import modules.roxywi.auth as roxywi_auth +import modules.roxywi.common as roxywi_common +import modules.roxywi.overview as roxy_overview + + +def check_services(fn): + @wraps(fn) + def decorated_view(*args, **kwargs): + service = kwargs['service'] + if service not in ('haproxy', 'nginx', 'apache', 'keepalived'): + abort(400, 'bad service') + return fn(*args, **kwargs) + return decorated_view + + +@bp.before_request +@login_required +def before_request(): + """ Protect all of the admin endpoints. """ + pass + + +@bp.route('/', defaults={'serv': None}) +@bp.route('//') +@check_services +def services(service, serv): + try: + user_params = roxywi_common.get_users_params() + user = user_params['user'] + except Exception: + return redirect(url_for('login_page')) + + services = [] + servers: object + autorefresh = 0 + waf_server = '' + cmd = "ps ax |grep -e 'keep_alive.py' |grep -v grep |wc -l" + keep_alive, stderr = server_mod.subprocess_execute(cmd) + + service_desc = sql.select_service(service) + is_redirect = roxywi_auth.check_login(user_params['user_uuid'], user_params['token'], service=service_desc.service_id) + + if is_redirect != 'ok': + return redirect(url_for(f'{is_redirect}')) + + if serv: + if roxywi_common.check_is_server_in_group(serv): + servers = sql.select_servers(server=serv) + autorefresh = 1 + waf_server = sql.select_waf_servers(serv) + server_id = sql.select_server_id_by_ip(serv) + docker_settings = sql.select_docker_service_settings(server_id, service_desc.slug) + restart_settings = sql.select_restart_service_settings(server_id, service_desc.slug) + else: + raise Exception('error: wrong group') + else: + servers = roxywi_common.get_dick_permit(virt=1, service=service_desc.slug) + docker_settings = sql.select_docker_services_settings(service_desc.slug) + restart_settings = sql.select_restart_services_settings(service_desc.slug) + + services_name = {'roxy-wi-checker': 'Master backends checker service', + 'roxy-wi-keep_alive': 'Auto start service', + 'roxy-wi-metrics': 'Master metrics service'} + for s, v in services_name.items(): + if distro.id() == 'ubuntu': + if s == 'roxy-wi-keep_alive': + s = 'roxy-wi-keep-alive' + cmd = "apt list --installed 2>&1 |grep " + s + else: + cmd = "rpm --query " + s + "-* |awk -F\"" + s + "\" '{print $2}' |awk -F\".noa\" '{print $1}' |sed 's/-//1' |sed 's/-/./'" + service_ver, stderr = server_mod.subprocess_execute(cmd) + try: + services.append([s, service_ver[0]]) + except Exception: + services.append([s, '']) + + haproxy_sock_port = sql.get_setting('haproxy_sock_port') + servers_with_status1 = [] + out1 = '' + if len(servers) == 1: + serv = servers[0][2] + for s in servers: + servers_with_status = list() + servers_with_status.append(s[0]) + servers_with_status.append(s[1]) + servers_with_status.append(s[2]) + servers_with_status.append(s[11]) + if service == 'nginx': + h = (['', ''],) + cmd = [ + "/usr/sbin/nginx -v 2>&1|awk '{print $3}' && systemctl status nginx |grep -e 'Active' |awk " + "'{print $2, $9$10$11$12$13}' && ps ax |grep nginx:|grep -v grep |wc -l"] + for service_set in docker_settings: + if service_set.server_id == s[0] and service_set.setting == 'dockerized' and service_set.value == '1': + container_name = sql.get_setting('nginx_container_name') + cmd = [ + "docker exec -it " + container_name + " /usr/sbin/nginx -v 2>&1|awk '{print $3}' && " + "docker ps -a -f name=" + container_name + " --format '{{.Status}}'|tail -1 && ps ax |grep nginx:" + "|grep -v grep |wc -l" + ] + try: + out = server_mod.ssh_command(s[2], cmd) + h = () + out1 = [] + for k in out.split(): + out1.append(k) + h = (out1,) + servers_with_status.append(h) + servers_with_status.append(h) + servers_with_status.append(s[17]) + except Exception: + servers_with_status.append(h) + servers_with_status.append(h) + servers_with_status.append(s[17]) + elif service == 'keepalived': + h = (['', ''],) + cmd = [ + "/usr/sbin/keepalived -v 2>&1|head -1|awk '{print $2}' && systemctl status keepalived |" + "grep -e 'Active' |awk '{print $2, $9$10$11$12$13}' && ps ax |grep keepalived|grep -v grep |wc -l" + ] + try: + out = server_mod.ssh_command(s[2], cmd) + out1 = [] + for k in out.split(): + out1.append(k) + h = (out1,) + servers_with_status.append(h) + servers_with_status.append(h) + servers_with_status.append(s[22]) + except Exception: + servers_with_status.append(h) + servers_with_status.append(h) + servers_with_status.append(s[22]) + elif service == 'apache': + h = (['', ''],) + apache_stats_user = sql.get_setting('apache_stats_user') + apache_stats_password = sql.get_setting('apache_stats_password') + apache_stats_port = sql.get_setting('apache_stats_port') + apache_stats_page = sql.get_setting('apache_stats_page') + cmd = "curl -s -u %s:%s http://%s:%s/%s?auto |grep 'ServerVersion\|Processes\|ServerUptime:'" % ( + apache_stats_user, apache_stats_password, s[2], apache_stats_port, apache_stats_page + ) + try: + out = server_mod.subprocess_execute(cmd) + if out != '': + for k in out: + servers_with_status.append(k) + servers_with_status.append(s[22]) + except Exception: + servers_with_status.append(h) + servers_with_status.append(h) + servers_with_status.append(s[22]) + else: + cmd = 'echo "show info" |nc %s %s -w 1 -v|grep -e "Ver\|Uptime:\|Process_num"' % (s[2], haproxy_sock_port) + out = server_mod.subprocess_execute(cmd) + + for k in out: + if "Connection refused" not in k: + out1 = out + else: + out1 = False + servers_with_status.append(out1) + + servers_with_status.append(s[12]) + + servers_with_status.append(sql.is_master(s[2])) + servers_with_status.append(sql.select_servers(server=s[2])) + + is_keepalived = sql.select_keepalived(s[2]) + + if is_keepalived: + try: + cmd = ['sudo kill -USR1 `cat /var/run/keepalived.pid` && sudo grep State /tmp/keepalived.data -m 1 |' + 'awk -F"=" \'{print $2}\'|tr -d \'[:space:]\' && sudo rm -f /tmp/keepalived.data'] + out = server_mod.ssh_command(s[2], cmd) + out1 = ('1', out) + servers_with_status.append(out1) + except Exception as e: + servers_with_status.append(str(e)) + else: + servers_with_status.append('') + + servers_with_status1.append(servers_with_status) + + user_subscription = roxywi_common.return_user_subscription() + + return render_template( + 'hapservers.html', h2=1, autorefresh=autorefresh, role=user_params['role'], user=user, servers=servers_with_status1, + keep_alive=''.join(keep_alive), serv=serv, service=service, services=services, user_services=user_params['user_services'], + docker_settings=docker_settings, user_status=user_subscription['user_status'], user_plan=user_subscription['user_plan'], + waf_server=waf_server, restart_settings=restart_settings, service_desc=service_desc, token=user_params['token'], + lang=user_params['lang'] + ) + + +@bp.route('/action/check-service', methods=['POST']) +def check_service(): + user_uuid = request.cookies.get('uuid') + server_ip = common.checkAjaxInput(request.form.get('server_ip')) + service = common.checkAjaxInput(request.form.get('service')) + + return service_action.check_service(server_ip, user_uuid, service) + + +@bp.route('/action///', methods=['GET']) +@check_services +def action_service(service, server_ip, action): + server_ip = common.is_ip_or_dns(server_ip) + + return service_action.common_action(server_ip, action, service) + + +@bp.route('///last-edit') +def last_edit(service, server_ip): + return service_common.get_overview_last_edit(server_ip, service) + + +@bp.route('/cpu-ram-metrics////') +def cpu_ram_metrics(server_ip, server_id, name, service): + user_params = roxywi_common.get_users_params() + + if service == 'haproxy': + cmd = 'echo "show info" |nc %s %s -w 1|grep -e "node\|Nbproc\|Maxco\|MB\|Nbthread"' % (server_ip, sql.get_setting('haproxy_sock_port')) + out = server_mod.subprocess_execute(cmd) + return_out = "" + + for k in out: + if "Ncat:" not in k: + for r in k: + return_out += r + return_out += "\n" + else: + return_out = "Cannot connect to HAProxy" + else: + return_out = '' + + server_status = (name, server_ip, return_out) + + servers = [] + user_id = request.cookies.get('uuid') + group_id = int(request.cookies.get('group')) + role = sql.get_user_role_by_uuid(user_id, group_id) + + servers.append(server_status) + servers_sorted = sorted(servers, key=common.get_key) + + return render_template('ajax/overviewServers.html', service_status=servers_sorted, role=role, id=server_id, service_page=service, + lang=user_params['lang']) + + +@bp.route('/haproxy/bytes', methods=['POST']) +def show_haproxy_bytes(): + server_ip = common.is_ip_or_dns(request.form.get('showBytes')) + + return roxy_overview.show_haproxy_binout(server_ip) + + +@bp.route('/nginx/connections', methods=['POST']) +def show_nginx_connections(): + server_ip = common.is_ip_or_dns(request.form.get('nginxConnections')) + + return roxy_overview.show_nginx_connections(server_ip) + + +@bp.route('/apache/bytes', methods=['POST']) +def show_apache_bytes(): + server_ip = common.is_ip_or_dns(request.form.get('apachekBytes')) + + return roxy_overview.show_apache_bytes(server_ip) + + +@bp.route('/keepalived/become-master', methods=['POST']) +@cache.cached() +def show_keepalived_become_master(): + server_ip = common.is_ip_or_dns(request.form.get('keepalivedBecameMaster')) + + return roxy_overview.keepalived_became_master(server_ip) + + +@bp.route('//backends/') +@cache.cached() +def show_service_backends(service, server_ip): + server_ip = common.is_ip_or_dns(server_ip) + + return service_common.overview_backends(server_ip, service) + + +@bp.route('/position//') +def change_pos(server_id, pos): + return sql.update_server_pos(pos, server_id) + + +@bp.route('/haproxy/version/') +def get_haproxy_v(server_ip): + server_ip = common.is_ip_or_dns(server_ip) + + return service_common.check_haproxy_version(server_ip) + + +@bp.route('/settings//') +@check_services +def show_service_settings(service, server_id): + settings = sql.select_service_settings(server_id, service) + return render_template('ajax/service_settings.html', settings=settings, service=service) + + +@bp.post('/settings/') +@check_services +def save_service_settings(service): + server_id = common.checkAjaxInput(request.form.get('serverSettingsSave')) + haproxy_enterprise = common.checkAjaxInput(request.form.get('serverSettingsEnterprise')) + service_dockerized = common.checkAjaxInput(request.form.get('serverSettingsDockerized')) + service_restart = common.checkAjaxInput(request.form.get('serverSettingsRestart')) + server_ip = sql.select_server_ip_by_id(server_id) + service_docker = f'Service {service.title()} has been flagged as a dockerized' + service_systemd = f'Service {service.title()} has been flagged as a system service' + disable_restart = f'Restart option is disabled for {service.title()} service' + enable_restart = f'Restart option is disabled for {service.title()} service' + + if service == 'haproxy': + if sql.insert_or_update_service_setting(server_id, service, 'haproxy_enterprise', haproxy_enterprise): + if haproxy_enterprise == '1': + roxywi_common.logging(server_ip, 'Service has been flagged as an Enterprise version', roxywi=1, login=1, + keep_history=1, service=service) + else: + roxywi_common.logging(server_ip, 'Service has been flagged as a community version', roxywi=1, login=1, + keep_history=1, service=service) + + if sql.insert_or_update_service_setting(server_id, service, 'dockerized', service_dockerized): + if service_dockerized == '1': + roxywi_common.logging(server_ip, service_docker, roxywi=1, login=1, keep_history=1, service=service) + else: + roxywi_common.logging(server_ip, service_systemd, roxywi=1, login=1, keep_history=1, service=service) + + if sql.insert_or_update_service_setting(server_id, service, 'restart', service_restart): + if service_restart == '1': + roxywi_common.logging(server_ip, disable_restart, roxywi=1, login=1, keep_history=1, service=service) + else: + roxywi_common.logging(server_ip, enable_restart, roxywi=1, login=1, keep_history=1, service=service) + + return 'ok' + + +@bp.post('//tools/update') +@check_services +def update_tools_enable(service): + server_id = request.form.get('server_id') + active = request.form.get('active') + name = request.form.get('name') + alert = request.form.get('alert_en') + metrics = request.form.get('metrics') + sql.update_hapwi_server(server_id, alert, metrics, active, service) + server_ip = sql.select_server_ip_by_id(server_id) + roxywi_common.logging(server_ip, f'The server {name} has been updated ', roxywi=1, login=1, keep_history=1, + service=service) + + return 'ok' + + +@bp.route('/check-restart/') +def check_restart(server_ip): + server_ip = common.is_ip_or_dns(server_ip) + servers = roxywi_common.get_dick_permit(ip=server_ip) + for server in servers: + if server != "": + return 'ok' + + return 'nothing' diff --git a/app/routes/smon/__init__.py b/app/routes/smon/__init__.py new file mode 100644 index 00000000..446c971a --- /dev/null +++ b/app/routes/smon/__init__.py @@ -0,0 +1,5 @@ +from flask import Blueprint + +bp = Blueprint('smon', __name__) + +from app.routes.smon import routes diff --git a/app/routes/smon/routes.py b/app/routes/smon/routes.py new file mode 100644 index 00000000..adc18d85 --- /dev/null +++ b/app/routes/smon/routes.py @@ -0,0 +1,276 @@ +import os +import sys + +from pytz import timezone +from flask import render_template, request, redirect, url_for, jsonify +from flask_login import login_required +from datetime import datetime, timedelta + +from app import app, login_manager +from app.routes.smon import bp + +sys.path.append(os.path.join(sys.path[0], '/var/www/haproxy-wi/app')) + +import modules.db.sql as sql +import modules.common.common as common +import modules.roxywi.auth as roxywi_auth +import modules.roxywi.common as roxywi_common +import modules.tools.smon as smon_mod + + +@bp.before_request +@login_required +def before_request(): + """ Protect all of the admin endpoints. """ + pass + + +@bp.route('/dashboard') +def smon(): + try: + user_params = roxywi_common.get_users_params() + user = user_params['user'] + except Exception: + return redirect(url_for('login_page')) + + roxywi_common.check_user_group_for_flask() + + user_group = roxywi_common.get_user_group(id=1) + smon = sql.smon_list(user_group) + smon_status, stderr = smon_mod.return_smon_status() + user_subscription = roxywi_common.return_user_subscription() + + return render_template( + 'smon/dashboard.html', h2=1, autorefresh=1, role=user_params['role'], user=user, group=user_group, + lang=user_params['lang'], smon_status=smon_status, smon_error=stderr, user_services=user_params['user_services'], + user_status=user_subscription['user_status'], smon=smon, user_plan=user_subscription['user_plan'], token=user_params['token'] + ) + + +@bp.route('/dashboard//') +def smon_dashboard(dashboard_id, check_id): + try: + user_params = roxywi_common.get_users_params() + user = user_params['user'] + except Exception: + return redirect(url_for('login_page')) + + check_id = int(check_id) + roxywi_common.check_user_group_for_flask() + user_subscription = roxywi_common.return_user_subscription() + smon_name = sql.get_smon_service_name_by_id(dashboard_id) + check_interval = sql.get_setting('smon_check_interval') + smon = sql.select_one_smon(dashboard_id, check_id) + present = datetime.now(timezone('UTC')) + present = present.strftime('%b %d %H:%M:%S %Y %Z') + present = datetime.strptime(present, '%b %d %H:%M:%S %Y %Z') + cert_day_diff = 'N/A' + count_checks = sql.get_smon_history_count_checks(dashboard_id, check_id) + + try: + uptime = round(count_checks['up'] * 100 / count_checks['total'], 2) + except Exception: + uptime = 0 + try: + avg_res_time = round(sql.get_avg_resp_time(dashboard_id, check_id), 2) + except Exception: + avg_res_time = 0 + try: + last_resp_time = round(sql.get_last_smon_res_time_by_check(dashboard_id, check_id), 2) + except Exception: + last_resp_time = 0 + + for s in smon: + if s.smon_id.ssl_expire_date is not None: + ssl_expire_date = datetime.strptime(s.smon_id.ssl_expire_date, '%Y-%m-%d %H:%M:%S') + cert_day_diff = (ssl_expire_date - present).days + + return render_template( + 'include/smon/smon_history.html', h2=1, autorefresh=1, role=user_params['role'], user=user, smon=smon, + lang=user_params['lang'],user_status=user_subscription['user_status'], check_interval=check_interval, + user_plan=user_subscription['user_plan'], token=user_params['token'], uptime=uptime, avg_res_time=avg_res_time, + user_services=user_params['user_services'], smon_name=smon_name, cert_day_diff=cert_day_diff, check_id=check_id, + dashboard_id=dashboard_id, last_resp_time=last_resp_time + ) + + +@bp.route('/history') +def smon_history(): + roxywi_common.check_user_group_for_flask() + + user_group = roxywi_common.get_user_group(id=1) + smon_status, stderr = smon_mod.return_smon_status() + smon = sql.alerts_history('SMON', user_group) + user_subscription = roxywi_common.return_user_subscription() + + try: + user_params = roxywi_common.get_users_params() + user = user_params['user'] + except Exception: + return redirect(url_for('login_page')) + + return render_template( + 'smon/history.html', h2=1, autorefresh=0, role=user_params['role'], user=user, smon=smon, + lang=user_params['lang'], user_status=user_subscription['user_status'], user_plan=user_subscription['user_plan'], + token=user_params['token'], smon_status=smon_status, smon_error=stderr, user_services=user_params['user_services'] + ) + + +@bp.route('/history/host/') +def smon_host_history(server_ip): + roxywi_common.check_user_group_for_flask() + + needed_host = common.is_ip_or_dns(server_ip) + user_group = roxywi_common.get_user_group(id=1) + smon_status, stderr = smon_mod.return_smon_status() + smon = sql.alerts_history('SMON', user_group, host=needed_host) + user_subscription = roxywi_common.return_user_subscription() + + try: + user_params = roxywi_common.get_users_params() + user = user_params['user'] + except Exception: + return redirect(url_for('login_page')) + + return render_template( + 'smon/history.html', h2=1, autorefresh=0, role=user_params['role'], user=user, smon=smon, + lang=user_params['lang'], user_status=user_subscription['user_status'], user_plan=user_subscription['user_plan'], + token=user_params['token'], smon_status=smon_status, smon_error=stderr, user_services=user_params['user_services'] + ) + + +@bp.route('/history/metric//') +def smon_history_metric(dashboard_id, check_id): + return jsonify(smon_mod.history_metrics(dashboard_id, check_id)) + + +@bp.route('/history/statuses//') +def smon_history_statuses(dashboard_id, check_id): + return smon_mod.history_statuses(dashboard_id, check_id) + + +@bp.route('/history/cur_status//') +def smon_history_cur_status(dashboard_id, check_id): + return smon_mod.history_cur_status(dashboard_id, check_id) + + +@bp.route('/admin') +def smon_admin(): + user_group = roxywi_common.get_user_group(id=1) + smon_status, stderr = smon_mod.return_smon_status() + telegrams = sql.get_user_telegram_by_group(user_group) + slacks = sql.get_user_slack_by_group(user_group) + pds = sql.get_user_pd_by_group(user_group) + smon = sql.select_smon(user_group) + smon_ping = sql.select_smon_ping(user_group) + smon_tcp = sql.select_smon_tcp(user_group) + smon_http = sql.select_smon_http(user_group) + smon_dns = sql.select_smon_dns(user_group) + roxywi_auth.page_for_admin(level=3) + user_subscription = roxywi_common.return_user_subscription() + + try: + user_params = roxywi_common.get_users_params() + user = user_params['user'] + except Exception: + return redirect(url_for('login_page')) + + return render_template( + 'smon/add.html', h2=1, autorefresh=0, role=user_params['role'], user=user, smon=smon, lang=user_params['lang'], + user_status=user_subscription['user_status'], user_plan=user_subscription['user_plan'], token=user_params['token'], + smon_status=smon_status, smon_error=stderr, user_services=user_params['user_services'], telegrams=telegrams, + slacks=slacks, pds=pds, smon_ping=smon_ping, smon_tcp=smon_tcp, smon_http=smon_http, smon_dns=smon_dns + ) + + +@bp.post('/add') +def smon_add(): + user_group = roxywi_common.get_user_group(id=1) + name = common.checkAjaxInput(request.form.get('newsmonname')) + hostname = common.checkAjaxInput(request.form.get('newsmon')) + port = common.checkAjaxInput(request.form.get('newsmonport')) + enable = common.checkAjaxInput(request.form.get('newsmonenable')) + url = common.checkAjaxInput(request.form.get('newsmonurl')) + body = common.checkAjaxInput(request.form.get('newsmonbody')) + group = common.checkAjaxInput(request.form.get('newsmongroup')) + desc = common.checkAjaxInput(request.form.get('newsmondescription')) + telegram = common.checkAjaxInput(request.form.get('newsmontelegram')) + slack = common.checkAjaxInput(request.form.get('newsmonslack')) + pd = common.checkAjaxInput(request.form.get('newsmonpd')) + check_type = common.checkAjaxInput(request.form.get('newsmonchecktype')) + resolver = common.checkAjaxInput(request.form.get('newsmonresserver')) + record_type = common.checkAjaxInput(request.form.get('newsmondns_record_type')) + packet_size = common.checkAjaxInput(request.form.get('newsmonpacket_size')) + http_method = common.checkAjaxInput(request.form.get('newsmon_http_method')) + lang = roxywi_common.get_user_lang() + + try: + last_id = smon_mod.create_smon( + name, hostname, port, enable, url, body, group, desc, telegram, slack, pd, packet_size, check_type, + resolver, record_type, user_group, http_method + ) + except Exception as e: + return str(e), 200 + else: + if last_id: + smon = sql.select_smon_by_id(last_id) + pds = sql.get_user_pd_by_group(user_group) + slacks = sql.get_user_slack_by_group(user_group) + telegrams = sql.get_user_telegram_by_group(user_group) + smon_service = sql.select_smon_check_by_id(last_id, check_type) + + return render_template( + 'ajax/smon/show_new_smon.html', smon=smon, telegrams=telegrams, slacks=slacks, pds=pds, lang=lang, + check_type=check_type, smon_service=smon_service + ) + + +@bp.post('/update/') +def smon_update(smon_id): + roxywi_common.check_user_group_for_flask() + name = common.checkAjaxInput(request.form.get('updateSmonName')) + ip = common.checkAjaxInput(request.form.get('updateSmonIp')) + port = common.checkAjaxInput(request.form.get('updateSmonPort')) + en = common.checkAjaxInput(request.form.get('updateSmonEn')) + url = common.checkAjaxInput(request.form.get('updateSmonUrl')) + body = common.checkAjaxInput(request.form.get('updateSmonBody')) + telegram = common.checkAjaxInput(request.form.get('updateSmonTelegram')) + slack = common.checkAjaxInput(request.form.get('updateSmonSlack')) + pd = common.checkAjaxInput(request.form.get('updateSmonPD')) + group = common.checkAjaxInput(request.form.get('updateSmonGroup')) + desc = common.checkAjaxInput(request.form.get('updateSmonDesc')) + check_type = common.checkAjaxInput(request.form.get('check_type')) + resolver = common.checkAjaxInput(request.form.get('updateSmonResServer')) + record_type = common.checkAjaxInput(request.form.get('updateSmonRecordType')) + packet_size = common.checkAjaxInput(request.form.get('updateSmonPacket_size')) + http_method = common.checkAjaxInput(request.form.get('updateSmon_http_method')) + + if roxywi_common.check_user_group_for_flask(): + try: + status = smon_mod.update_smon( + smon_id, name, ip, port, en, url, body, telegram, slack, pd, group, desc, check_type, + resolver, record_type, packet_size, http_method + ) + except Exception as e: + return f'{e}', 200 + else: + return status + + +@bp.route('/delete/') +def smon_delete(smon_id): + user_group = roxywi_common.get_user_group(id=1) + + if roxywi_common.check_user_group_for_flask(): + try: + status = smon_mod.delete_smon(smon_id, user_group) + except Exception as e: + return f'{e}', 200 + else: + return status + + +@bp.post('/refresh') +def smon_show(): + sort = common.checkAjaxInput(request.form.get('sort')) + return smon_mod.show_smon(sort) diff --git a/app/routes/user/__init__.py b/app/routes/user/__init__.py new file mode 100644 index 00000000..3a4d49c5 --- /dev/null +++ b/app/routes/user/__init__.py @@ -0,0 +1,5 @@ +from flask import Blueprint + +bp = Blueprint('user', __name__) + +from app.routes.user import routes diff --git a/app/routes/user/routes.py b/app/routes/user/routes.py new file mode 100644 index 00000000..8ac43fb3 --- /dev/null +++ b/app/routes/user/routes.py @@ -0,0 +1,149 @@ +import os +import sys +import json + +from flask import render_template, request +from flask_login import login_required + +from app import app, login_manager +from app.routes.user import bp + +sys.path.append(os.path.join(sys.path[0], '/var/www/haproxy-wi/app')) + +import modules.db.sql as sql +import modules.common.common as common +import modules.roxywi.user as roxywi_user +import modules.roxywi.auth as roxywi_auth +import modules.roxywi.common as roxywi_common + + +@bp.before_request +@login_required +def before_request(): + """ Protect all of the admin endpoints. """ + pass + + +@bp.post('/create') +def create_user(): + roxywi_auth.page_for_admin(level=2) + email = common.checkAjaxInput(request.form.get('newemail')) + password = common.checkAjaxInput(request.form.get('newpassword')) + role = common.checkAjaxInput(request.form.get('newrole')) + new_user = common.checkAjaxInput(request.form.get('newusername')) + page = common.checkAjaxInput(request.form.get('page')) + activeuser = common.checkAjaxInput(request.form.get('activeuser')) + group = common.checkAjaxInput(request.form.get('newgroupuser')) + token = common.checkAjaxInput(request.form.get('token')) + lang = roxywi_common.get_user_lang_for_flask() + + if not roxywi_common.check_user_group_for_flask(token=token): + return 'error: Wrong group' + if page == 'servers': + if roxywi_auth.is_admin(level=2, role_id=role): + roxywi_common.logging(new_user, ' tried to privilege escalation: user creation', roxywi=1, login=1) + return 'error: Wrong role' + if roxywi_user.create_user(new_user, email, password, role, activeuser, group): + return render_template( + 'ajax/new_user.html', users=sql.select_users(user=new_user), groups=sql.select_groups(), page=page, + roles=sql.select_roles(), adding=1, lang=lang + ) + + +@bp.post('/update') +def update_user(): + roxywi_auth.page_for_admin(level=2) + email = request.form.get('email') + new_user = request.form.get('updateuser') + user_id = request.form.get('id') + enabled = request.form.get('activeuser') + group_id = int(request.form.get('usergroup')) + + if roxywi_common.check_user_group_for_flask(): + if request.form.get('role'): + role_id = int(request.form.get('role')) + if roxywi_auth.is_admin(level=role_id): + roxywi_user.update_user(email, new_user, user_id, enabled, group_id, role_id) + else: + roxywi_common.logging(new_user, ' tried to privilege escalation', roxywi=1, login=1) + return 'error: dalsd' + else: + try: + sql.update_user_from_admin_area(new_user, email, user_id, enabled) + except Exception as e: + return f'error: Cannot update user: {e}' + roxywi_common.logging(new_user, ' has been updated user ', roxywi=1, login=1) + + return 'ok' + + +@bp.route('/delete/') +def delete_user(user_id): + roxywi_auth.page_for_admin(level=2) + try: + return roxywi_user.delete_user(user_id) + except Exception as e: + return f'error: {e}' + + +@bp.route('/ldap/') +def get_ldap_email(username): + roxywi_auth.page_for_admin(level=2) + + return roxywi_user.get_ldap_email(username) + + +@bp.post('/password') +def update_password(): + password = request.form.get('updatepassowrd') + uuid = request.form.get('uuid') + user_id_from_get = request.form.get('id') + + return roxywi_user.update_user_password(password, uuid, user_id_from_get) + + +@bp.route('/services/', methods=['GET', 'POST']) +def show_user_services(user_id): + if request.method == 'GET': + return roxywi_user.get_user_services(user_id) + else: + user = common.checkAjaxInput(request.form.get('changeUserServicesUser')) + user_services = json.loads(request.form.get('jsonDatas')) + + return roxywi_user.change_user_services(user, user_id, user_services) + + +@bp.route('/group/current') +def get_current_group(): + uuid = request.cookies.get('uuid') + group = request.cookies.get('group') + + return roxywi_user.get_user_active_group(uuid, group) + + +@bp.post('/group/change') +def change_current_group(): + group_id = common.checkAjaxInput(request.form.get('changeUserCurrentGroupId')) + user_uuid = common.checkAjaxInput(request.form.get('changeUserGroupsUser')) + + return roxywi_user.change_user_active_group(group_id, user_uuid) + + +@bp.route('/groups/') +def show_user_groups_and_roles(user_id): + lang = roxywi_common.get_user_lang_for_flask() + + return roxywi_user.show_user_groups_and_roles(user_id, lang) + + +@bp.post('/groups/save') +def change_user_groups_and_roles(): + user = common.checkAjaxInput(request.form.get('changeUserGroupsUser')) + groups_and_roles = json.loads(request.form.get('jsonDatas')) + + return roxywi_user.save_user_group_and_role(user, groups_and_roles) + + +@bp.route('/group/name/') +def get_group_name_by_id(group_id): + return sql.get_group_name_by_id(group_id) diff --git a/app/routes/waf/__init__.py b/app/routes/waf/__init__.py new file mode 100644 index 00000000..dbe6c950 --- /dev/null +++ b/app/routes/waf/__init__.py @@ -0,0 +1,5 @@ +from flask import Blueprint + +bp = Blueprint('waf', __name__) + +from app.routes.waf import routes diff --git a/app/routes/waf/routes.py b/app/routes/waf/routes.py new file mode 100644 index 00000000..43f186ee --- /dev/null +++ b/app/routes/waf/routes.py @@ -0,0 +1,219 @@ +import os +import sys + +from flask import render_template, request +from flask_login import login_required + +from app import app, login_manager +from app.routes.waf import bp + +sys.path.append(os.path.join(sys.path[0], '/var/www/haproxy-wi/app')) + +import modules.db.sql as sql +from modules.db.db_model import * +import modules.common.common as common +import modules.roxy_wi_tools as roxy_wi_tools +import modules.roxywi.waf as roxy_waf +import modules.roxywi.auth as roxywi_auth +import modules.roxywi.common as roxywi_common +import modules.config.config as config_mod + +get_config = roxy_wi_tools.GetConfigVar() +time_zone = sql.get_setting('time_zone') +get_date = roxy_wi_tools.GetDate(time_zone) + + +@bp.route('/') +@login_required +def waf(service): + roxywi_auth.page_for_admin(level=2) + + manage_rules = '' + waf_rule_id = '' + config_file_name = '' + waf_rule_file = '' + config_read = '' + rules = '' + serv = '' + cfg = '' + user_params = roxywi_common.get_users_params() + + if service == 'nginx': + roxywi_auth.check_login(user_params['user_uuid'], user_params['token'], service=2) + servers = roxywi_common.get_dick_permit(nginx=1) + else: + roxywi_auth.check_login(user_params['user_uuid'], user_params['token'], service=1) + servers = user_params['servers'] + + title = "Web application firewall" + servers_waf = sql.select_waf_servers_metrics(user_params['user_uuid']) + autorefresh = 1 + + return render_template( + 'waf.html', + h2=1, title=title, autorefresh=autorefresh, role=user_params['role'], user=user_params['user'], serv=serv, + servers=servers_waf, + servers_all=servers, manage_rules=manage_rules, rules=rules, user_services=user_params['user_services'], + waf_rule_file=waf_rule_file, waf_rule_id=waf_rule_id, config=config_read, cfg=cfg, token=user_params['token'], + config_file_name=config_file_name, service=service, lang=user_params['lang'] + ) + + +@bp.route('///rules') +@login_required +def waf_rules(service, server_ip): + roxywi_auth.page_for_admin(level=2) + roxywi_common.check_is_server_in_group(server_ip) + + manage_rules = '1' + waf_rule_id = '' + config_file_name = '' + waf_rule_file = '' + servers_waf = '' + config_read = '' + servers = '' + cfg = '' + user_params = roxywi_common.get_users_params() + title = "Manage rules - Web application firewall" + rules = sql.select_waf_rules(server_ip, service) + + if service == 'nginx': + roxywi_auth.check_login(user_params['user_uuid'], user_params['token'], service=2) + else: + roxywi_auth.check_login(user_params['user_uuid'], user_params['token'], service=1) + + return render_template( + 'waf.html', + h2=1, title=title, autorefresh=0, role=user_params['role'], user=user_params['user'], serv=server_ip, + servers=servers_waf, + servers_all=servers, manage_rules=manage_rules, rules=rules, user_services=user_params['user_services'], + waf_rule_file=waf_rule_file, waf_rule_id=waf_rule_id, config=config_read, cfg=cfg, token=user_params['token'], + config_file_name=config_file_name, service=service, lang=user_params['lang'] + ) + + +@bp.route('///rule/') +@login_required +def waf_rule_edit(service, server_ip, rule_id): + roxywi_auth.page_for_admin(level=2) + roxywi_common.check_is_server_in_group(server_ip) + + manage_rules = '' + servers_waf = '' + config_read = '' + servers = '' + user_params = roxywi_common.get_users_params() + rules = sql.select_waf_rules(server_ip, service) + + if service == 'nginx': + roxywi_auth.check_login(user_params['user_uuid'], user_params['token'], service=2) + config_path = sql.get_setting('nginx_dir') + else: + roxywi_auth.check_login(user_params['user_uuid'], user_params['token'], service=1) + config_path = sql.get_setting('haproxy_dir') + + title = 'Edit a WAF rule' + waf_rule_file = sql.select_waf_rule_by_id(rule_id) + configs_dir = sql.get_setting('tmp_config_path') + cfg = f"{configs_dir}{server_ip}-{get_date.return_date('config')}-{waf_rule_file}" + error = config_mod.get_config(server_ip, cfg, waf=service, waf_rule_file=waf_rule_file) + config_file_name = common.return_nice_path(config_path) + 'waf/rules/' + waf_rule_file + + try: + conf = open(cfg, "r") + config_read = conf.read() + conf.close() + except IOError: + print('Cannot read imported config file') + + return render_template( + 'waf.html', + h2=1, title=title, autorefresh=0, role=user_params['role'], user=user_params['user'], serv=server_ip, + servers=servers_waf, + servers_all=servers, manage_rules=manage_rules, rules=rules, user_services=user_params['user_services'], + waf_rule_file=waf_rule_file, waf_rule_id=rule_id, config=config_read, cfg=cfg, token=user_params['token'], + config_file_name=config_file_name, service=service, lang=user_params['lang'] + ) + + +@bp.route('///rule//save', methods=['POST']) +@login_required +def waf_save_config(service, server_ip, rule_id): + roxywi_auth.page_for_admin(level=2) + roxywi_common.check_is_server_in_group(server_ip) + + configs_dir = sql.get_setting('tmp_config_path') + cfg = f"{configs_dir}{server_ip}-{get_date.return_date('config')}" + config_file_name = request.form.get('config_file_name') + config = request.form.get('config') + oldcfg = request.form.get('oldconfig') + save = request.form.get('save') + + try: + with open(cfg, "a") as conf: + conf.write(config) + except IOError: + print("error: Cannot read imported config file") + + stderr = config_mod.master_slave_upload_and_restart(server_ip, cfg, save, 'waf', oldcfg=oldcfg, config_file_name=config_file_name) + + config_mod.diff_config(oldcfg, cfg) + + try: + os.system(f"/bin/rm -f {configs_dir}*.old") + except Exception as e: + return f'error: {e}' + + if stderr: + return stderr + + return + + +@bp.route('//rule//') +@login_required +def enable_rule(server_ip, rule_id, enable): + server_ip = common.is_ip_or_dns(server_ip) + + return roxy_waf.switch_waf_rule(server_ip, enable, rule_id) + + +@bp.route('///rule/create', methods=['POST']) +@login_required +def create_rule(service, server_ip): + if service not in ('haproxy', 'nginx'): + return 'error: Wrong service' + + server_ip = common.is_ip_or_dns(server_ip) + + return roxy_waf.create_waf_rule(server_ip, service) + + +@bp.route('//mode//') +@login_required +def change_waf_mode(service, server_name, waf_mode): + if service not in ('haproxy', 'nginx'): + return 'error: Wrong service' + + server_name = common.checkAjaxInput(server_name) + waf_mode = common.checkAjaxInput(waf_mode) + + return roxy_waf.change_waf_mode(waf_mode, server_name, service) + + +@bp.route('/overview//') +@login_required +def overview_waf(service, server_ip): + server_ip = common.is_ip_or_dns(server_ip) + + if service not in ('haproxy', 'nginx'): + return 'error: Wrong service' + + return roxy_waf.waf_overview(server_ip, service) + + +@bp.route('/metric/enable//') +@login_required +def enable_metric(enable, server_name): + server_name = common.checkAjaxInput(server_name) + return sql.update_waf_metrics_enable(server_name, enable) diff --git a/app/runtimeapi.py b/app/runtimeapi.py deleted file mode 100644 index 1fc76e5d..00000000 --- a/app/runtimeapi.py +++ /dev/null @@ -1,33 +0,0 @@ -#!/usr/bin/env python3 -import sys - -import modules.common.common as common -import modules.roxywi.auth as roxywi_auth -import modules.roxywi.common as roxywi_common - -from jinja2 import Environment, FileSystemLoader -env = Environment(loader=FileSystemLoader('templates/'), autoescape=True) -template = env.get_template('runtimeapi.html') - -print('Content-type: text/html\n') - -user_params = roxywi_common.get_users_params(virt=1, haproxy=1) - -try: - roxywi_auth.check_login(user_params['user_uuid'], user_params['token'], service=1) -except Exception as e: - print(f'error {e}') - sys.exit() - -form = common.form -servbackend = form.getvalue('servbackend') -serv = form.getvalue('serv') -if servbackend is None: - servbackend = "" - -rendered_template = template.render( - h2=1, title="RunTime API", role=user_params['role'], user=user_params['user'], select_id="serv", - selects=user_params['servers'], token=user_params['token'], user_services=user_params['user_services'], - servbackend=servbackend, lang=user_params['lang'] -) -print(rendered_template) diff --git a/app/scripts/backup.sh b/app/scripts/backup.sh index 4759b2c1..cc685016 100644 --- a/app/scripts/backup.sh +++ b/app/scripts/backup.sh @@ -12,8 +12,8 @@ do SERVER) SERVER=${VALUE} ;; USER) USER=${VALUE} ;; KEY) KEY=${VALUE} ;; - DELJOB) DELJOB=${VALUE} ;; - SSH_PORT) SSH_PORT=${VALUE} ;; + DELJOB) DELJOB=${VALUE} ;; + SSH_PORT) SSH_PORT=${VALUE} ;; *) esac done @@ -24,8 +24,7 @@ export ACTION_WARNINGS=False export LOCALHOST_WARNING=False export COMMAND_WARNINGS=False -PWD=`pwd` -PWD=$PWD/scripts/ansible/ +PWD=/var/www/haproxy-wi/app/scripts/ansible/ echo '[backup]' > $PWD/$HOST echo "$HOST ansible_port=$SSH_PORT" >> $PWD/$HOST echo '[haproxy_wi]' >> $PWD/$HOST diff --git a/app/scripts/git_backup.sh b/app/scripts/git_backup.sh index fc744409..181a5cd6 100644 --- a/app/scripts/git_backup.sh +++ b/app/scripts/git_backup.sh @@ -27,11 +27,9 @@ export ACTION_WARNINGS=False export LOCALHOST_WARNING=False export COMMAND_WARNINGS=False -PWD=`pwd` -PWD=$PWD/scripts/ansible/ +PWD=/var/www/haproxy-wi/app/scripts/ansible/ echo "$HOST ansible_port=$SSH_PORT" >> $PWD/$HOST - ansible-playbook $PWD/roles/git_backup.yml --key-file $KEY -e "ansible_user=$USER variable_host=$HOST DELJOB=$DELJOB SERVICE=$SERVICE INIT=$INIT REPO=$REPO BRANCH=$BRANCH PERIOD=$PERIOD CONFIG_DIR=$CONFIG_DIR PROXY=$PROXY KEY=$KEY" -i $PWD/$HOST if [ $? -gt 0 ] diff --git a/app/scripts/install_apache.sh b/app/scripts/install_apache.sh index ce937918..32dbd21f 100644 --- a/app/scripts/install_apache.sh +++ b/app/scripts/install_apache.sh @@ -36,8 +36,7 @@ export ACTION_WARNINGS=False export LOCALHOST_WARNING=False export COMMAND_WARNINGS=False -PWD=`pwd` -PWD=$PWD/scripts/ansible/ +PWD=/var/www/haproxy-wi/app/scripts/ansible/ echo "$HOST ansible_port=$SSH_PORT" > $PWD/$HOST if [[ $KEY == "" ]]; then diff --git a/app/scripts/install_apache_exporter.sh b/app/scripts/install_apache_exporter.sh index 4f3feaff..455b47cf 100644 --- a/app/scripts/install_apache_exporter.sh +++ b/app/scripts/install_apache_exporter.sh @@ -27,8 +27,7 @@ export ACTION_WARNINGS=False export LOCALHOST_WARNING=False export COMMAND_WARNINGS=False -PWD=`pwd` -PWD=$PWD/scripts/ansible/ +PWD=/var/www/haproxy-wi/app/scripts/ansible/ echo "$HOST ansible_port=$SSH_PORT" > $PWD/$HOST if [[ $KEY == "" ]]; then diff --git a/app/scripts/install_grafana.sh b/app/scripts/install_grafana.sh index 0f1cba70..6083a1c9 100644 --- a/app/scripts/install_grafana.sh +++ b/app/scripts/install_grafana.sh @@ -32,8 +32,7 @@ export ACTION_WARNINGS=False export LOCALHOST_WARNING=False export COMMAND_WARNINGS=False -PWD=`pwd` -PWD=$PWD/scripts/ansible/ +PWD=/var/www/haproxy-wi/app/scripts/ansible/ ansible-playbook $PWD/roles/grafana.yml -e "PROXY=$PROXY" diff --git a/app/scripts/install_haproxy_exporter.sh b/app/scripts/install_haproxy_exporter.sh index 92859ca4..689c78b0 100644 --- a/app/scripts/install_haproxy_exporter.sh +++ b/app/scripts/install_haproxy_exporter.sh @@ -38,8 +38,7 @@ export ANSIBLE_HOST_KEY_CHECKING=False export ANSIBLE_DISPLAY_SKIPPED_HOSTS=False export ACTION_WARNINGS=False export ANSIBLE_DEPRECATION_WARNINGS=False -PWD=$(pwd) -PWD=$PWD/scripts/ansible/ +PWD=/var/www/haproxy-wi/app/scripts/ansible/ echo "$HOST ansible_port=$SSH_PORT" > "$PWD"/"$HOST" if [[ $KEY == "" ]]; then diff --git a/app/scripts/install_haproxy_geoip.sh b/app/scripts/install_haproxy_geoip.sh index d85203a4..c9b066a0 100644 --- a/app/scripts/install_haproxy_geoip.sh +++ b/app/scripts/install_haproxy_geoip.sh @@ -24,8 +24,7 @@ export ACTION_WARNINGS=False export LOCALHOST_WARNING=False export COMMAND_WARNINGS=False -PWD=$(pwd) -PWD=$PWD/scripts/ansible/ +PWD=/var/www/haproxy-wi/app/scripts/ansible/ echo "$HOST ansible_port=$SSH_PORT" > $PWD/$HOST if [[ $maxmind_key == "" ]]; then diff --git a/app/scripts/install_keepalived_exporter.sh b/app/scripts/install_keepalived_exporter.sh index f6e20670..56be5da2 100644 --- a/app/scripts/install_keepalived_exporter.sh +++ b/app/scripts/install_keepalived_exporter.sh @@ -23,8 +23,7 @@ export ACTION_WARNINGS=False export LOCALHOST_WARNING=False export COMMAND_WARNINGS=False -PWD=`pwd` -PWD=$PWD/scripts/ansible/ +PWD=/var/www/haproxy-wi/app/scripts/ansible/ echo "$HOST ansible_port=$SSH_PORT" > $PWD/$HOST if [[ $KEY == "" ]]; then diff --git a/app/scripts/install_nginx_exporter.sh b/app/scripts/install_nginx_exporter.sh index 2b46b975..4b522a8e 100644 --- a/app/scripts/install_nginx_exporter.sh +++ b/app/scripts/install_nginx_exporter.sh @@ -40,8 +40,7 @@ export ACTION_WARNINGS=False export LOCALHOST_WARNING=False export COMMAND_WARNINGS=False -PWD=`pwd` -PWD=$PWD/scripts/ansible/ +PWD=/var/www/haproxy-wi/app/scripts/ansible/ echo "$HOST ansible_port=$SSH_PORT" > $PWD/$HOST if [[ $KEY == "" ]]; then diff --git a/app/scripts/install_nginx_geoip.sh b/app/scripts/install_nginx_geoip.sh index 4fb251bb..fbb0a05f 100644 --- a/app/scripts/install_nginx_geoip.sh +++ b/app/scripts/install_nginx_geoip.sh @@ -24,8 +24,7 @@ export ACTION_WARNINGS=False export LOCALHOST_WARNING=False export COMMAND_WARNINGS=False -PWD=$(pwd) -PWD=$PWD/scripts/ansible/ +PWD=/var/www/haproxy-wi/app/scripts/ansible/ echo "$HOST ansible_port=$SSH_PORT" > $PWD/$HOST if [[ $maxmind_key == "" ]]; then diff --git a/app/scripts/install_node_exporter.sh b/app/scripts/install_node_exporter.sh index 015bd1a9..201f7a8f 100644 --- a/app/scripts/install_node_exporter.sh +++ b/app/scripts/install_node_exporter.sh @@ -23,8 +23,7 @@ export ACTION_WARNINGS=False export LOCALHOST_WARNING=False export COMMAND_WARNINGS=False -PWD=`pwd` -PWD=$PWD/scripts/ansible/ +PWD=/var/www/haproxy-wi/app/scripts/ansible/ echo "$HOST ansible_port=$SSH_PORT" > $PWD/$HOST if [[ $KEY == "" ]]; then diff --git a/app/scripts/letsencrypt.sh b/app/scripts/letsencrypt.sh index 139b7d8e..cc6c11d4 100644 --- a/app/scripts/letsencrypt.sh +++ b/app/scripts/letsencrypt.sh @@ -25,8 +25,7 @@ export ACTION_WARNINGS=False export LOCALHOST_WARNING=False export COMMAND_WARNINGS=False -PWD=`pwd` -PWD=$PWD/scripts/ansible/ +PWD=/var/www/haproxy-wi/app/scripts/ansible/ echo "$HOST ansible_port=$SSH_PORT" > $PWD/$HOST if [[ $KEY == "" ]]; then diff --git a/app/scripts/s3_backup.sh b/app/scripts/s3_backup.sh index 3f80acd2..8827d2e3 100644 --- a/app/scripts/s3_backup.sh +++ b/app/scripts/s3_backup.sh @@ -22,8 +22,7 @@ export ACTION_WARNINGS=False export LOCALHOST_WARNING=False export COMMAND_WARNINGS=False -PWD=`pwd` -PWD=$PWD/scripts/ansible/ +PWD=/var/www/haproxy-wi/app/scripts/ansible/ ansible-playbook $PWD/roles/s3_backup.yml -e "SERVER=$SERVER S3_SERVER=$S3_SERVER BUCKET=$BUCKET SECRET_KEY=$SECRET_KEY ACCESS_KEY=$ACCESS_KEY TIME=$TIME" -t $TAG -i $PWD/$HOST diff --git a/app/scripts/waf.sh b/app/scripts/waf.sh index a839365e..eb4bda01 100644 --- a/app/scripts/waf.sh +++ b/app/scripts/waf.sh @@ -31,8 +31,7 @@ export ACTION_WARNINGS=False export LOCALHOST_WARNING=False export COMMAND_WARNINGS=False -PWD=$(pwd) -PWD=$PWD/scripts/ansible/ +PWD=/var/www/haproxy-wi/app/scripts/ansible/ echo "$HOST ansible_port=$SSH_PORT" > $PWD/$HOST if [[ $KEY == "" ]]; then diff --git a/app/scripts/waf_nginx.sh b/app/scripts/waf_nginx.sh index 5f3adb63..31b7a9ef 100644 --- a/app/scripts/waf_nginx.sh +++ b/app/scripts/waf_nginx.sh @@ -24,8 +24,7 @@ export ACTION_WARNINGS=False export LOCALHOST_WARNING=False export COMMAND_WARNINGS=False -PWD=$(pwd) -PWD=$PWD/scripts/ansible/ +PWD=/var/www/haproxy-wi/app/scripts/ansible/ echo "$HOST ansible_port=$SSH_PORT" > $PWD/$HOST if [[ $KEY == "" ]]; then diff --git a/app/sections.py b/app/sections.py deleted file mode 100644 index 98ef83f5..00000000 --- a/app/sections.py +++ /dev/null @@ -1,115 +0,0 @@ -#!/usr/bin/env python3 -import os -import sys - -from jinja2 import Environment, FileSystemLoader - -import modules.db.sql as sql -import modules.common.common as common -import modules.roxywi.auth as roxywi_auth -import modules.roxywi.common as roxywi_common -import modules.config.section as section_mod -import modules.config.config as config_mod -import modules.roxy_wi_tools as roxy_wi_tools - -time_zone = sql.get_setting('time_zone') -get_date = roxy_wi_tools.GetDate(time_zone) -get_config_var = roxy_wi_tools.GetConfigVar() -env = Environment(loader=FileSystemLoader('templates/'), autoescape=True, extensions=['jinja2.ext.loopcontrols']) -template = env.get_template('sections.html') - -print('Content-type: text/html\n') - -user_params = roxywi_common.get_users_params() - -try: - roxywi_auth.check_login(user_params['user_uuid'], user_params['token'], service=1) -except Exception as e: - print(f'error {e}') - sys.exit() - -form = common.form -serv = form.getvalue('serv') -section = form.getvalue('section') -is_serv_protected = sql.is_serv_protected(serv) -sections = "" -config_read = "" -cfg = "" -stderr = "" -error = "" -aftersave = "" -start_line = "" -end_line = "" -warning = '' -is_restart = '' - -hap_configs_dir = get_config_var.get_config_var('configs', 'haproxy_save_configs_dir') - -if serv is not None and open is not None: - cfg = f"{hap_configs_dir}{serv}-{get_date.return_date('config')}.cfg" - error = config_mod.get_config(serv, cfg) - sections = section_mod.get_sections(cfg) - -if serv is not None and section is not None: - - try: - roxywi_common.logging(serv, "sections.py open config") - except Exception: - pass - - start_line, end_line, config_read = section_mod.get_section_from_config(cfg, section) - server_id = sql.select_server_id_by_ip(serv) - is_restart = sql.select_service_setting(server_id, 'haproxy', 'restart') - - os.system(f"/bin/mv {cfg} {cfg}.old") - -if serv is not None and form.getvalue('config') is not None: - try: - roxywi_common.logging(serv, "sections.py edited config") - except Exception: - pass - - config = form.getvalue('config') - oldcfg = form.getvalue('oldconfig') - save = form.getvalue('save') - start_line = form.getvalue('start_line') - end_line = form.getvalue('end_line') - aftersave = 1 - - if save == 'delete': - config = '' - save = 'reload' - - config = section_mod.rewrite_section(start_line, end_line, oldcfg, config) - - try: - with open(cfg, "w") as conf: - conf.write(config) - except IOError: - error = "Can't read import config file" - - stderr = config_mod.master_slave_upload_and_restart(serv, cfg, just_save=save, oldcfg=oldcfg) - - if "is valid" in stderr: - warning = stderr - stderr = '' - - config_mod.diff_config(oldcfg, cfg) - - os.system(f"/bin/rm -f {hap_configs_dir}*.old") - -if user_params['lang'] == 'ru': - title = 'Работа с секциями HAProxy' -elif user_params['lang'] == 'fr': - title = 'Utilisation des sections de configuration HAProxy' -else: - title = 'Working with HAProxy config sections' - -rendered_template = template.render( - h2=1, title=title, role=user_params['role'], action="sections.py", user=user_params['user'], - select_id="serv", serv=serv, aftersave=aftersave, config=config_read, cfg=cfg, selects=user_params['servers'], - stderr=stderr, error=error, start_line=start_line, end_line=end_line, section=section, sections=sections, - is_serv_protected=is_serv_protected, user_services=user_params['user_services'], token=user_params['token'], - warning=warning, is_restart=is_restart, lang=user_params['lang'] -) -print(rendered_template) diff --git a/app/servers.py b/app/servers.py deleted file mode 100644 index 64e9bb79..00000000 --- a/app/servers.py +++ /dev/null @@ -1,60 +0,0 @@ -#!/usr/bin/env python3 -import sys - -import pytz - -import modules.db.sql as sql -import modules.common.common as common -import modules.roxywi.auth as roxywi_auth -import modules.roxywi.common as roxywi_common - -from jinja2 import Environment, FileSystemLoader -env = Environment(extensions=["jinja2.ext.do"], loader=FileSystemLoader('templates/'), autoescape=True) -template = env.get_template('servers.html') -form = common.form - -print('Content-type: text/html\n') -user_params = roxywi_common.get_users_params() - -try: - roxywi_auth.check_login(user_params['user_uuid'], user_params['token']) -except Exception: - print('error: your session is expired') - sys.exit() - -roxywi_auth.page_for_admin(level=2) - -ldap_enable = sql.get_setting('ldap_enable') -user_group = roxywi_common.get_user_group(id=1) -settings = sql.get_setting('', all=1) -geoip_country_codes = sql.select_geoip_country_codes() -services = sql.select_services() -gits = sql.select_gits() -servers = roxywi_common.get_dick_permit(virt=1, disable=0, only_group=1) -masters = sql.select_servers(get_master_servers=1, uuid=user_params['user_uuid'].value) -is_needed_tool = common.is_tool('ansible') -user_roles = sql.select_user_roles_by_group(user_group) -backups = sql.select_backups() -s3_backups = sql.select_s3_backups() - -try: - user_subscription = roxywi_common.return_user_status() -except Exception as e: - user_subscription = roxywi_common.return_unsubscribed_user_status() - roxywi_common.logging('Roxy-WI server', f'Cannot get a user plan: {e}', roxywi=1) - -if user_params['lang'] == 'ru': - title = 'Сервера: ' -else: - title = "Servers: " - -rendered_template = template.render( - h2=1, title=title, role=user_params['role'], user=user_params['user'], users=sql.select_users(group=user_group), - groups=sql.select_groups(), servers=servers, roles=sql.select_roles(), sshs=sql.select_ssh(group=user_group), - masters=masters, group=user_group, services=services, timezones=pytz.all_timezones, guide_me=1, - token=user_params['token'], settings=settings, backups=backups, s3_backups=s3_backups, page="servers.py", - geoip_country_codes=geoip_country_codes, user_services=user_params['user_services'], ldap_enable=ldap_enable, - user_status=user_subscription['user_status'], user_plan=user_subscription['user_plan'], gits=gits, - is_needed_tool=is_needed_tool, lang=user_params['lang'], user_roles=user_roles -) -print(rendered_template) diff --git a/app/smon.py b/app/smon.py deleted file mode 100644 index 247457d0..00000000 --- a/app/smon.py +++ /dev/null @@ -1,143 +0,0 @@ -#!/usr/bin/env python3 -import sys - -from datetime import datetime -from pytz import timezone -from jinja2 import Environment, FileSystemLoader - -import modules.db.sql as sql -import modules.common.common as common -import modules.roxywi.auth as roxywi_auth -import modules.roxywi.common as roxywi_common -import modules.server.server as server_mod - -env = Environment(loader=FileSystemLoader('templates/'), autoescape=True) -template = env.get_template('smon.html') - -print('Content-type: text/html\n') -user_params = roxywi_common.get_users_params() - -try: - roxywi_auth.check_login(user_params['user_uuid'], user_params['token']) -except Exception as e: - print(f'error {e}') - sys.exit() - -roxywi_common.check_user_group() -form = common.form -action = form.getvalue('action') -sort = form.getvalue('sort') -autorefresh = 0 -lang = user_params['lang'] -telegrams = '' -slacks = '' -pds = '' -user_group = roxywi_common.get_user_group(id=1) -cmd = "systemctl is-active roxy-wi-smon" -smon_status, stderr = server_mod.subprocess_execute(cmd) -smon_statuses = '' -smon_ping = '' -smon_tcp = '' -smon_http = '' -smon_dns = '' -smon = '' - -try: - user_subscription = roxywi_common.return_user_status() -except Exception as e: - user_subscription = roxywi_common.return_unsubscribed_user_status() - roxywi_common.logging('Roxy-WI server', f'Cannot get a user plan: {e}', roxywi=1) - -if action == 'add': - telegrams = sql.get_user_telegram_by_group(user_group) - slacks = sql.get_user_slack_by_group(user_group) - pds = sql.get_user_pd_by_group(user_group) - smon = sql.select_smon(user_group) - smon_ping = sql.select_smon_ping(user_group) - smon_tcp = sql.select_smon_tcp(user_group) - smon_http = sql.select_smon_http(user_group) - smon_dns = sql.select_smon_dns(user_group) - roxywi_auth.page_for_admin(level=3) - if lang == 'ru': - title = "SMON: Админка" - elif lang == 'fr': - title = "SMON: Administratrice" - else: - title = "SMON: Admin" -elif action == 'history': - if form.getvalue('host'): - needed_host = common.is_ip_or_dns(form.getvalue('host')) - smon = sql.alerts_history('SMON', user_group, host=needed_host) - else: - smon = sql.alerts_history('SMON', user_group) - if lang == 'ru': - title = "SMON: История" - elif lang == 'fr': - title = "SMON: Histoire" - else: - title = "SMON: History" -elif action == 'checker_history': - smon = sql.alerts_history('Checker', user_group) - if lang == 'ru': - title = "Checker: История" - elif lang == 'fr': - title = "Checker: Histoire" - else: - title = "Checker: History" -elif action == 'dashboard': - dashboard_id = int(form.getvalue('dashboard_id')) - check_id = int(form.getvalue('check_id')) - smon_name = sql.get_smon_service_name_by_id(dashboard_id) - check_interval = sql.get_setting('smon_check_interval') - smon = sql.select_one_smon(dashboard_id, check_id) - present = datetime.now(timezone('UTC')) - present = present.strftime('%b %d %H:%M:%S %Y %Z') - present = datetime.strptime(present, '%b %d %H:%M:%S %Y %Z') - cert_day_diff = 'N/A' - count_checks = sql.get_smon_history_count_checks(dashboard_id, check_id) - try: - uptime = round(count_checks['up'] * 100 / count_checks['total'], 2) - except Exception: - uptime = 0 - try: - avg_res_time = round(sql.get_avg_resp_time(dashboard_id, check_id), 2) - except Exception: - avg_res_time = 0 - try: - last_resp_time = round(sql.get_last_smon_res_time_by_check(dashboard_id, check_id), 2) - except Exception: - last_resp_time = 0 - template = env.get_template('include/smon/smon_history.html') - - for s in smon: - if s.smon_id.ssl_expire_date is not None: - ssl_expire_date = datetime.strptime(s.smon_id.ssl_expire_date, '%Y-%m-%d %H:%M:%S') - cert_day_diff = (ssl_expire_date - present).days - - rendered_template = template.render( - h2=1, autorefresh=1, role=user_params['role'], user=user_params['user'], smon=smon, group=user_group, lang=lang, - user_status=user_subscription['user_status'], check_interval=check_interval, user_plan=user_subscription['user_plan'], - token=user_params['token'], uptime=uptime, user_services=user_params['user_services'], avg_res_time=avg_res_time, - smon_name=smon_name, cert_day_diff=cert_day_diff, check_id=check_id, dashboard_id=dashboard_id, last_resp_time=last_resp_time - ) - print(rendered_template) - sys.exit() -else: - smon = sql.smon_list(user_group) - if lang == 'ru': - title = "SMON: Дашборд" - elif lang == 'fr': - title = "SMON: Tableau de bord" - else: - title = "SMON: Dashboard" - autorefresh = 1 - -rendered_template = template.render( - h2=1, title=title, autorefresh=autorefresh, role=user_params['role'], user=user_params['user'], group=user_group, - telegrams=telegrams, slacks=slacks, pds=pds, lang=lang, smon=smon, smon_status=smon_status, smon_error=stderr, - action=action, sort=sort, user_services=user_params['user_services'], user_status=user_subscription['user_status'], - user_plan=user_subscription['user_plan'], token=user_params['token'], smon_ping=smon_ping, smon_tcp=smon_tcp, - smon_http=smon_http, smon_dns=smon_dns - -) -print(rendered_template) diff --git a/inc/images/favicon/android-icon-144x144.png b/app/static/images/favicon/android-icon-144x144.png similarity index 100% rename from inc/images/favicon/android-icon-144x144.png rename to app/static/images/favicon/android-icon-144x144.png diff --git a/inc/images/favicon/android-icon-192x192.png b/app/static/images/favicon/android-icon-192x192.png similarity index 100% rename from inc/images/favicon/android-icon-192x192.png rename to app/static/images/favicon/android-icon-192x192.png diff --git a/inc/images/favicon/android-icon-36x36.png b/app/static/images/favicon/android-icon-36x36.png similarity index 100% rename from inc/images/favicon/android-icon-36x36.png rename to app/static/images/favicon/android-icon-36x36.png diff --git a/inc/images/favicon/android-icon-48x48.png b/app/static/images/favicon/android-icon-48x48.png similarity index 100% rename from inc/images/favicon/android-icon-48x48.png rename to app/static/images/favicon/android-icon-48x48.png diff --git a/inc/images/favicon/android-icon-72x72.png b/app/static/images/favicon/android-icon-72x72.png similarity index 100% rename from inc/images/favicon/android-icon-72x72.png rename to app/static/images/favicon/android-icon-72x72.png diff --git a/inc/images/favicon/android-icon-96x96.png b/app/static/images/favicon/android-icon-96x96.png similarity index 100% rename from inc/images/favicon/android-icon-96x96.png rename to app/static/images/favicon/android-icon-96x96.png diff --git a/inc/images/favicon/apple-icon-114x114.png b/app/static/images/favicon/apple-icon-114x114.png similarity index 100% rename from inc/images/favicon/apple-icon-114x114.png rename to app/static/images/favicon/apple-icon-114x114.png diff --git a/inc/images/favicon/apple-icon-120x120.png b/app/static/images/favicon/apple-icon-120x120.png similarity index 100% rename from inc/images/favicon/apple-icon-120x120.png rename to app/static/images/favicon/apple-icon-120x120.png diff --git a/inc/images/favicon/apple-icon-144x144.png b/app/static/images/favicon/apple-icon-144x144.png similarity index 100% rename from inc/images/favicon/apple-icon-144x144.png rename to app/static/images/favicon/apple-icon-144x144.png diff --git a/inc/images/favicon/apple-icon-152x152.png b/app/static/images/favicon/apple-icon-152x152.png similarity index 100% rename from inc/images/favicon/apple-icon-152x152.png rename to app/static/images/favicon/apple-icon-152x152.png diff --git a/inc/images/favicon/apple-icon-180x180.png b/app/static/images/favicon/apple-icon-180x180.png similarity index 100% rename from inc/images/favicon/apple-icon-180x180.png rename to app/static/images/favicon/apple-icon-180x180.png diff --git a/inc/images/favicon/apple-icon-57x57.png b/app/static/images/favicon/apple-icon-57x57.png similarity index 100% rename from inc/images/favicon/apple-icon-57x57.png rename to app/static/images/favicon/apple-icon-57x57.png diff --git a/inc/images/favicon/apple-icon-60x60.png b/app/static/images/favicon/apple-icon-60x60.png similarity index 100% rename from inc/images/favicon/apple-icon-60x60.png rename to app/static/images/favicon/apple-icon-60x60.png diff --git a/inc/images/favicon/apple-icon-72x72.png b/app/static/images/favicon/apple-icon-72x72.png similarity index 100% rename from inc/images/favicon/apple-icon-72x72.png rename to app/static/images/favicon/apple-icon-72x72.png diff --git a/inc/images/favicon/apple-icon-76x76.png b/app/static/images/favicon/apple-icon-76x76.png similarity index 100% rename from inc/images/favicon/apple-icon-76x76.png rename to app/static/images/favicon/apple-icon-76x76.png diff --git a/inc/images/favicon/apple-icon-precomposed.png b/app/static/images/favicon/apple-icon-precomposed.png similarity index 100% rename from inc/images/favicon/apple-icon-precomposed.png rename to app/static/images/favicon/apple-icon-precomposed.png diff --git a/inc/images/favicon/apple-icon.png b/app/static/images/favicon/apple-icon.png similarity index 100% rename from inc/images/favicon/apple-icon.png rename to app/static/images/favicon/apple-icon.png diff --git a/inc/images/favicon/browserconfig.xml b/app/static/images/favicon/browserconfig.xml similarity index 100% rename from inc/images/favicon/browserconfig.xml rename to app/static/images/favicon/browserconfig.xml diff --git a/inc/images/favicon/favicon-16x16.png b/app/static/images/favicon/favicon-16x16.png similarity index 100% rename from inc/images/favicon/favicon-16x16.png rename to app/static/images/favicon/favicon-16x16.png diff --git a/inc/images/favicon/favicon-32x32.png b/app/static/images/favicon/favicon-32x32.png similarity index 100% rename from inc/images/favicon/favicon-32x32.png rename to app/static/images/favicon/favicon-32x32.png diff --git a/inc/images/favicon/favicon-96x96.png b/app/static/images/favicon/favicon-96x96.png similarity index 100% rename from inc/images/favicon/favicon-96x96.png rename to app/static/images/favicon/favicon-96x96.png diff --git a/inc/images/favicon/favicon.ico b/app/static/images/favicon/favicon.ico similarity index 100% rename from inc/images/favicon/favicon.ico rename to app/static/images/favicon/favicon.ico diff --git a/inc/images/favicon/manifest.json b/app/static/images/favicon/manifest.json similarity index 100% rename from inc/images/favicon/manifest.json rename to app/static/images/favicon/manifest.json diff --git a/inc/images/favicon/ms-icon-144x144.png b/app/static/images/favicon/ms-icon-144x144.png similarity index 100% rename from inc/images/favicon/ms-icon-144x144.png rename to app/static/images/favicon/ms-icon-144x144.png diff --git a/inc/images/favicon/ms-icon-150x150.png b/app/static/images/favicon/ms-icon-150x150.png similarity index 100% rename from inc/images/favicon/ms-icon-150x150.png rename to app/static/images/favicon/ms-icon-150x150.png diff --git a/inc/images/favicon/ms-icon-310x310.png b/app/static/images/favicon/ms-icon-310x310.png similarity index 100% rename from inc/images/favicon/ms-icon-310x310.png rename to app/static/images/favicon/ms-icon-310x310.png diff --git a/inc/images/favicon/ms-icon-70x70.png b/app/static/images/favicon/ms-icon-70x70.png similarity index 100% rename from inc/images/favicon/ms-icon-70x70.png rename to app/static/images/favicon/ms-icon-70x70.png diff --git a/inc/images/loading.gif b/app/static/images/loading.gif similarity index 100% rename from inc/images/loading.gif rename to app/static/images/loading.gif diff --git a/inc/images/logo_footer.png b/app/static/images/logo_footer.png similarity index 100% rename from inc/images/logo_footer.png rename to app/static/images/logo_footer.png diff --git a/inc/images/logo_index.png b/app/static/images/logo_index.png similarity index 100% rename from inc/images/logo_index.png rename to app/static/images/logo_index.png diff --git a/inc/images/logo_login.png b/app/static/images/logo_login.png similarity index 100% rename from inc/images/logo_login.png rename to app/static/images/logo_login.png diff --git a/inc/images/logo_menu.png b/app/static/images/logo_menu.png similarity index 100% rename from inc/images/logo_menu.png rename to app/static/images/logo_menu.png diff --git a/inc/images/no_servers.png b/app/static/images/no_servers.png similarity index 100% rename from inc/images/no_servers.png rename to app/static/images/no_servers.png diff --git a/inc/images/oops.png b/app/static/images/oops.png similarity index 100% rename from inc/images/oops.png rename to app/static/images/oops.png diff --git a/app/statsview.py b/app/statsview.py deleted file mode 100644 index 674e1141..00000000 --- a/app/statsview.py +++ /dev/null @@ -1,41 +0,0 @@ -#!/usr/bin/env python3 -import modules.db.sql as sql -import modules.common.common as common -import modules.roxywi.auth as roxywi_auth -import modules.roxywi.common as roxywi_common - -from jinja2 import Environment, FileSystemLoader -env = Environment(loader=FileSystemLoader('templates/'), autoescape=True) -template = env.get_template('statsview.html') -print('Content-type: text/html\n') - -user_params = roxywi_common.get_users_params(virt=1, haproxy=1) - -form = common.form -serv = form.getvalue('serv') -service = form.getvalue('service') - -try: - if serv is None: - first_serv = user_params['servers'] - for i in first_serv: - serv = i[2] - break -except Exception: - pass - -if service in ('haproxy', 'nginx', 'apache'): - service_desc = sql.select_service(service) - if roxywi_auth.check_login(user_params['user_uuid'], user_params['token'], service=service_desc.service_id): - servers = roxywi_common.get_dick_permit(service=service_desc.slug) -else: - print('') - - - -rendered_template = template.render( - h2=1, autorefresh=1, role=user_params['role'], user=user_params['user'], onclick="showStats()", - selects=servers, serv=serv, service=service, user_services=user_params['user_services'], - token=user_params['token'], select_id="serv", lang=user_params['lang'], service_desc=service_desc -) -print(rendered_template) diff --git a/app/templates/404.html b/app/templates/404.html index 25b38d4a..b1b19bec 100644 --- a/app/templates/404.html +++ b/app/templates/404.html @@ -1,65 +1,5 @@ - - - 404 - Page not found - Roxy-WI - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-
- - - logo - - -
- -
-
-
+{% extends "base.html" %} +{% block content %}

404 - Page not found

@@ -75,37 +15,6 @@

Sorry, but page not found. Try another page

- Oops + Oops
-
-
- - - - - - - -
- Cabinet - Help - Contact - About - Cloud -
-
- - - \ No newline at end of file +{% endblock %} diff --git a/app/templates/500.html b/app/templates/500.html index baae21ed..d67f014d 100644 --- a/app/templates/500.html +++ b/app/templates/500.html @@ -1,65 +1,5 @@ - - - 500 - Internal error - Roxy-WI - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-
- - - logo - - -
- -
-
-
+{% extends "base.html" %} +{% block content %}

500 - Internal error

@@ -76,39 +16,9 @@ create issue on GitHub or write to the chat +
Error: {{e}}
- Oops + Oops
-
-
- - - - - - - -
- Cabinet - Help - Contact - About - Cloud -
-
- - - \ No newline at end of file +{% endblock %} diff --git a/app/templates/add.html b/app/templates/add.html index 2c2d3a08..1f88c5d5 100644 --- a/app/templates/add.html +++ b/app/templates/add.html @@ -38,7 +38,7 @@
    {% include 'include/add_proxy.html' %}
    -
    +
    @@ -903,7 +903,7 @@
    - +

    {{lang.words.add|title()}} {{lang.words.listener}}
    @@ -996,7 +996,7 @@
    - +

    {{lang.words.add|title()}} {{lang.words.userlists}}
    diff --git a/app/templates/add_nginx.html b/app/templates/add_nginx.html index 0bf933e2..ccf31416 100644 --- a/app/templates/add_nginx.html +++ b/app/templates/add_nginx.html @@ -14,7 +14,7 @@
      {% include 'include/add_nginx_proxy.html' %}
      - +

      {{lang.words.add|title()}} Peer
      diff --git a/app/templates/admin.html b/app/templates/admin.html index 70deee32..c3d13dd9 100644 --- a/app/templates/admin.html +++ b/app/templates/admin.html @@ -12,12 +12,10 @@
    • {{lang.words.groups|title()}}
    • {{lang.words.servers|title()}}
    • SSH {{lang.words.creds}}
      • -
    • Checker
    • OpenVPN
    • {{lang.words.settings|title()}}
      • -
    • {{lang.words.services|title()}}
      • +
    • {{lang.words.tools|title()}}
    • {{lang.words.w_update|title()}}
      • -
    • {{lang.words.monitoring|title()}} {{lang.words.installation}}
    • {{lang.words.backup|title()}}
      • @@ -76,8 +74,6 @@
      {% include 'include/admin_ssh.html' %}
      - -
      @@ -85,7 +81,7 @@ {% include 'include/admin_settings.html' %}
      -
      +

      {{lang.words.add|title()}} upstream
      @@ -134,9 +130,6 @@
      -
      - {% include 'include/mon_installation.html' %} -
      {% include 'include/admin_backup.html' %}
      diff --git a/app/templates/ajax/check_version.html b/app/templates/ajax/check_version.html index f9e61871..08a574f4 100644 --- a/app/templates/ajax/check_version.html +++ b/app/templates/ajax/check_version.html @@ -10,9 +10,9 @@ v{{current_ver}} {%- else %} - v{{current_ver}} + v{{current_ver}} {%- endif %} {%- else %} - v{{current_ver}} + v{{current_ver}} {% endif -%} diff --git a/app/templates/ajax/config_show.html b/app/templates/ajax/config_show.html index 1a16e4a2..807db6c3 100644 --- a/app/templates/ajax/config_show.html +++ b/app/templates/ajax/config_show.html @@ -4,11 +4,13 @@

      {% if role <= 3 %} {% if not is_serv_protected or role <= 2 %} - {{lang.words.edit|title()}} + {% if not configver %} + {{lang.words.edit|title()}} + {% endif %} {% if service == 'haproxy' %} - {{lang.words.add|title()}} + {{lang.words.add|title()}} {% elif service == 'keepalived' %} - {{lang.words.add|title()}} + {{lang.words.add|title()}} {% endif %} {% endif %} {% endif %} @@ -209,7 +211,7 @@ {% if role %} {% if service != 'keepalived' %} - {{lang.words.edit|title()}} + {{lang.words.edit|title()}} {% endif %} {% endif %} @@ -220,7 +222,7 @@ {{ line }} {% if role %} - {{lang.words.edit|title()}} + {{lang.words.edit|title()}} {% endif %}

      @@ -230,12 +232,12 @@
      {{- line -}} {% if role %} - {{lang.words.edit|title()}}/{{lang.words.delete|title()}} + {{lang.words.edit|title()}}/{{lang.words.delete|title()}} {% endif %} {%- set backend = line.split(' ') -%} - {{lang.words.stats|title()}} + {{lang.words.stats|title()}} {%- set backend = backend|join('_') -%} {%- do section_name.update({i: backend}) -%} @@ -247,12 +249,12 @@ {{ line }} {% if role %} - {{lang.words.edit|title()}}/{{lang.words.delete|title()}} + {{lang.words.edit|title()}}/{{lang.words.delete|title()}} {% endif %} {% set backend = line.split(' ') %} - {{lang.words.stats|title()}} + {{lang.words.stats|title()}} {% set backend = backend|join('_') %} {% do section_name.update({i: backend}) %} @@ -264,12 +266,12 @@ {{ line }} {% if role %} - {{lang.words.edit|title()}}/{{lang.words.delete|title()}} + {{lang.words.edit|title()}}/{{lang.words.delete|title()}} {% endif %} {% set backend = line.split(' ') %} - {{lang.words.stats|title()}} + {{lang.words.stats|title()}}
      {% continue %} @@ -278,7 +280,7 @@
      {{ line }} {% if role %} - {{lang.words.edit|title()}}/{{lang.words.delete|title()}} + {{lang.words.edit|title()}}/{{lang.words.delete|title()}} {% endif %}
      @@ -288,7 +290,7 @@
      {{ line }} {% if role %} - {{lang.words.edit|title()}}/{{lang.words.delete|title()}} + {{lang.words.edit|title()}}/{{lang.words.delete|title()}} {% endif %}
      @@ -298,7 +300,7 @@
      {{ line }} {% if role %} - {{lang.words.edit|title()}}/{{lang.words.delete|title()}} + {{lang.words.edit|title()}}/{{lang.words.delete|title()}} {% endif %}
      @@ -308,7 +310,7 @@
      {{ line }} {% if role %} - {{lang.words.edit|title()}}/{{lang.words.delete|title()}} + {{lang.words.edit|title()}}/{{lang.words.delete|title()}} {% endif %}
      @@ -318,7 +320,7 @@
      {{ line }} {% if role %} - {{lang.words.edit|title()}}/{{lang.words.delete|title()}} + {{lang.words.edit|title()}}/{{lang.words.delete|title()}} {% endif %}
      @@ -366,8 +368,9 @@
      {% if role <= 3 %} {% if not is_serv_protected or role <= 2 %} - + + diff --git a/app/templates/ajax/firewall_rules.html b/app/templates/ajax/firewall_rules.html index 04f51c59..950c2601 100644 --- a/app/templates/ajax/firewall_rules.html +++ b/app/templates/ajax/firewall_rules.html @@ -18,7 +18,7 @@
      - {{thead}} + {{thead|safe}} {% for p in input_chain %} @@ -47,7 +47,7 @@
      - {{thead}} + {{thead|safe}} {% for p in IN_public_allow %} @@ -76,7 +76,7 @@
      - {{thead}} + {{thead|safe}} {% for p in output_chain %} diff --git a/app/templates/ajax/haproxyservers_backends.html b/app/templates/ajax/haproxyservers_backends.html index 2252e8fa..8dfe51b2 100644 --- a/app/templates/ajax/haproxyservers_backends.html +++ b/app/templates/ajax/haproxyservers_backends.html @@ -1,3 +1,5 @@ +{% import 'languages/'+lang|default('en')+'.html' as lang %} +{% from 'languages/languages.html' import languages %} {% if user_status == 0 or user_plan == 'user' %} -{% include 'include/no_sub.html' %} + {% include 'include/no_sub.html' %} {% elif not is_needed_tool %}

      You have not installed Ansible

      . - There is no server + There is no server

      Read here how to install Ansible.

      diff --git a/app/templates/hapservers.html b/app/templates/hapservers.html index 2b2ad959..0b2d8eef 100644 --- a/app/templates/hapservers.html +++ b/app/templates/hapservers.html @@ -3,9 +3,9 @@ {% block h2 %}{{ lang.menu_links.hapservers.h2 }} {{ service_desc.service }}{% endblock %} {% block content %} {% from 'include/input_macros.html' import input, checkbox, select, copy_to_clipboard %} - + - + {% if servers|length == 0 %} {% include 'include/getstarted.html' %} {% endif %} {% endif %} - -

      {{lang.admin_page.desc.no_ansible}} Ansible

      . - There is no server -

      - {{lang.words.read|title()}} here {{lang.phrases.how_to_install}} Ansible. -

      -
      -{% else %} -{% if page == 'users.py' %} -
      - - - - - - - - - - - - - - - -

      Grafana {{lang.words.and}} Prometheus {{lang.words.servers}}

      {{lang.words.current2|title()}} {{lang.words.installation}}{{lang.words.available|title()}} {{lang.words.versions}}{{lang.words.note|title()}}
      - {% if grafana == "active" %} - Grafana {{lang.words.and}} Prometheus {{lang.admin_page.desc.been_installed}} - {% else %} - {{lang.admin_page.desc.there_are_no}} - {% endif %} - - {{lang.admin_page.desc.latest_repo}} Grafana {{lang.words.and}} Prometheus - - {{lang.admin_page.desc.before_install}} Grafana {{lang.words.and}} Prometheus {{lang.words.servers}} - - {% if grafana != "active" %} - {{lang.words.install|title()}} - {% endif %} -
      -{% endif %} - - - - - - - - - - - - - - - - - -

      HAProxy Exporter

      {{lang.words.current2|title()}} {{lang.words.installation}}{{lang.words.available|title()}} {{lang.words.versions}}{{lang.words.server|title()}}{{lang.words.external|title()}} Prometheus
      - {% set values = dict() %} - {% set values = {'0.9.0':'0.9.0', '0.10.0':'0.10.0', '0.11.0':'0.11.0', '0.12.0':'0.12.0', '0.13.0':'0.13.0', '0.14.0':'0.14.0', '0.15.0':'0.15.0'} %} - {{ select('hapexpver', values=values, selected='0.15.0') }} - - - {{ checkbox('haproxy_ext_prom', title=lang.admin_page.desc.ext_prom) }} - {{lang.words.install|title()}} -
      - - - - - - - - - - - - - - - - - -

      NGINX Exporter

      {{lang.words.current2|title()}} {{lang.words.installation}}{{lang.words.available|title()}} {{lang.words.versions}}{{lang.words.server|title()}}{{lang.words.external|title()}} Prometheus
      - {% set values = dict() %} - {% set values = {'0.6.0':'0.6.0', '0.7.0':'0.7.0', '0.9.0':'0.9.0', '0.10.0':'0.10.0', '0.11.0':'0.11.0'} %} - {{ select('nginxexpver', values=values, selected='0.11.0') }} - - - {{ checkbox('nginx_ext_prom', title=lang.admin_page.desc.ext_prom) }} - {{lang.words.install|title()}} -
      - - - - - - - - - - - - - - - - - -

      Apache Exporter

      {{lang.words.current2|title()}} {{lang.words.installation}}{{lang.words.available|title()}} {{lang.words.versions}}{{lang.words.server|title()}}{{lang.words.external|title()}} Prometheus
      - {% set values = dict() %} - {% set values = {'0.10.0':'0.10.0', '0.13.4':'0.13.4', '1.0.1':'1.0.1'} %} - {{ select('apacheexpver', values=values, selected='1.0.1') }} - - - {{ checkbox('apache_ext_prom', title=lang.admin_page.desc.ext_prom) }} - {{lang.words.install|title()}} -
      - - - - - - - - - - - - - - - - - -

      Keepalived Exporter

      {{lang.words.current2|title()}} {{lang.words.installation}}{{lang.words.available|title()}} {{lang.words.versions}}{{lang.words.server|title()}}{{lang.words.external|title()}} Prometheus
      - {% set values = dict() %} - {% set values = {'0.1.0':'0.1.0', '0.2.0':'0.2.0', '0.3.0':'0.3.0', '0.4.0':'0.4.0', '0.5.0':'0.5.0'} %} - {{ select('keepalivedexpver', values=values, selected='0.5.0') }} - - - {{ checkbox('keepalived_ext_prom', title=lang.admin_page.desc.ext_prom) }} - {{lang.words.install|title()}} -
      - - - - - - - - - - - - - - - - - -

      Node Exporter

      {{lang.words.current2|title()}} {{lang.words.installation}}{{lang.words.available|title()}} {{lang.words.versions}}{{lang.words.server|title()}}{{lang.words.external|title()}} Prometheus
      - {% set values = dict() %} - {% set values = {'1.2.0':'1.2.0', '1.2.2':'1.2.2', '1.3.0':'1.3.0', '1.3.1':'1.3.1', '1.5.0':'1.5.0', '1.6.1':'1.6.1'} %} - {{ select('nodeexpver', values=values, selected='1.6.1') }} - - - {{ checkbox('node_ext_prom', title=lang.admin_page.desc.ext_prom) }} - {{lang.words.install|title()}} -
      -
      -
      - {{lang.words.read|title()}} {{lang.words.about|title()}} Grafana and Prometheus servers - {{lang.words.and}} {{lang.words.about|title()}} Exporters -
      -{% endif %} diff --git a/app/templates/include/port_scan_history.html b/app/templates/include/port_scan_history.html index 0cd8e876..47d8ee36 100644 --- a/app/templates/include/port_scan_history.html +++ b/app/templates/include/port_scan_history.html @@ -1,5 +1,16 @@ +{% extends "base.html" %} +{% block title %}{{ lang.p_s_page.p_s_title_history }}{% endblock %} +{% block h2 %}{{ lang.p_s_page.p_s_title_history }}{% endblock %} +{% block content %} + +{% if user_status == 0 %} + {% include 'include/no_sub.html' %} +{% else %} @@ -28,8 +42,8 @@ - {% if port_scanner_settings != '' %} - {% for t in port_scanner_settings %} + {% if history != '' %} + {% for t in history %} {% set date_time = t.date|string %} -
      @@ -52,4 +66,6 @@ Table is empty {% endif %}
      \ No newline at end of file + +{% endif %} +{% endblock %} diff --git a/app/templates/include/provisioning/creating_dialogs.html b/app/templates/include/provisioning/creating_dialogs.html deleted file mode 100644 index 44fb4167..00000000 --- a/app/templates/include/provisioning/creating_dialogs.html +++ /dev/null @@ -1,494 +0,0 @@ -{% from 'include/provisioning/variables.html' import generate_opt_options %} - - - - - diff --git a/app/templates/include/provisioning/providers_dialogs.html b/app/templates/include/provisioning/providers_dialogs.html deleted file mode 100644 index 41c02c25..00000000 --- a/app/templates/include/provisioning/providers_dialogs.html +++ /dev/null @@ -1,212 +0,0 @@ -{% from 'include/provisioning/variables.html' import generate_opt_options %} - - - - - - - - diff --git a/app/templates/include/provisioning/variables.html b/app/templates/include/provisioning/variables.html deleted file mode 100644 index 1eb13e06..00000000 --- a/app/templates/include/provisioning/variables.html +++ /dev/null @@ -1,98 +0,0 @@ -{% from 'include/input_macros.html' import copy_to_clipboard %} - -{%- macro generate_opt_options(id, provider, param_section, params, name='', required='', first='', class='', selected='', disabled='true', optgroup=true) -%} - {% if name == '' %} - {% set name = id %} - {% endif %} - {% if disabled == 'true' %} - {% set disabled = 'disabled' %} - {% else %} - {% set disabled = '' %} - {% endif %} - {% set section = namespace(section='') %} - - - -{%- endmacro %} - -{%- macro get_nice_name(id, value, provider, section, params) -%} - {% for p in params %} - {% if p.section == section and p.provider == provider and p.param == value %} - - {{ copy_to_clipboard(id=id, value=p.param, show=p.name) }} - {% endif %} - {% endfor %} - -{%- endmacro %} diff --git a/app/templates/include/smon/smon_history.html b/app/templates/include/smon/smon_history.html index df7d7907..6e88d9e7 100644 --- a/app/templates/include/smon/smon_history.html +++ b/app/templates/include/smon/smon_history.html @@ -10,8 +10,8 @@ - - + +
      {% for s in smon %}
      diff --git a/app/templates/include/smon/smon_http_server.html b/app/templates/include/smon/smon_http_server.html index df66acb0..cc3931c9 100644 --- a/app/templates/include/smon/smon_http_server.html +++ b/app/templates/include/smon/smon_http_server.html @@ -19,7 +19,7 @@ {{ input(id, value=s_service.body, size='20') }} - {% set id = 'smon-http-method-' + s.id|string() %} + {% set id = 'smon-http_method-' + s.id|string() %} {% set http_methods = {'get': 'GET', 'post': 'POST', 'put': 'PUT', 'patch': 'PATCH', 'delete': 'DELETE', 'head': 'HEAD', 'options': 'OPTIONS'} %} {{ select(id, values=http_methods, selected=s_service.method) }} diff --git a/app/templates/include/tr_validate_tips.html b/app/templates/include/tr_validate_tips.html index d15db958..635ac2a3 100644 --- a/app/templates/include/tr_validate_tips.html +++ b/app/templates/include/tr_validate_tips.html @@ -1,7 +1,7 @@

      - {{lang.phrases.fields_mark}} "*" {{lang.phrases.are_required}}. + {{lang.phrases.fields_mark}} "*" {{lang.phrases.are_required}}.

      diff --git a/app/templates/install.html b/app/templates/install.html new file mode 100644 index 00000000..28f63d77 --- /dev/null +++ b/app/templates/install.html @@ -0,0 +1,413 @@ +{% extends "base.html" %} +{% block title %}{{lang.words.admin_area|title()}}{% endblock %} +{% block h2 %}{{lang.words.admin_area|title()}}{% endblock %} +{% block content %} +{% from 'include/input_macros.html' import select, checkbox %} + + +
      + + +
      + {% if not is_needed_tool %} +
      +

      {{lang.admin_page.desc.no_ansible}}

      . + There is no server +

      + {{lang.words.install|title()}} {{lang.words.here}} {{lang.phrases.how_to_install}} Ansible. +

      +
      + {% else %} + + + + + + + + + + + + + + + + + + +

      {{lang.words.install|title()}} HAProxy

      {{lang.words.current2|title()}} {{lang.words.version}} + {{lang.words.available|title()}} {{lang.words.versions}} (?) + {{lang.words.server|title()}}{{lang.words.use|title()}} DockerSYN-flood {{lang.words.protection}}
      + + {% set values = dict() %} + {% set values = {'2.4.23-1':'2.4.23-1','2.5.14-1':'2.5.14-1', '2.6.14-1':'2.6.14-1','2.7.9-1':'2.7.9-1','2.8.1-1':'2.8.1-1'} %} + {{ select('hapver', values=values, selected='2.8.1-1', required='required') }} + + + + {{ checkbox('haproxy_docker', title=lang.admin_page.desc.install_as_docker) }} + + {{ checkbox('syn_flood', title=lang.words.enable|title() + ' SYN-flood '+ lang.words.protection, checked='checked') }} + + {{lang.words.install|title()}} +
      + + + + + + + + + + + + + + + + + + +

      {{lang.words.install|title()}} NGINX

      {{lang.words.current2|title()}} {{lang.words.version}}{{lang.words.available|title()}} {{lang.words.versions}}{{lang.words.server|title()}}{{lang.words.use|title()}} DockerSYN-flood {{lang.words.protection}}
      + + {{lang.admin_page.desc.latest_repo}} + + + + {{ checkbox('nginx_docker', title=lang.admin_page.desc.install_as_docker) }} + + {{ checkbox('nginx_syn_flood', title=lang.words.enable|title() + ' SYN-flood '+ lang.words.protection, checked='checked') }} + + {{lang.words.install|title()}} +
      + + + + + + + + + + + + + + + + + + +

      {{lang.words.install|title()}} Apache

      {{lang.words.current2|title()}} {{lang.words.version}}{{lang.words.available|title()}} {{lang.words.versions}}{{lang.words.server|title()}}{{lang.words.use|title()}} DockerSYN-flood {{lang.words.protection}}
      + + {{lang.admin_page.desc.latest_repo}} + + + + {{ checkbox('apache_docker', title=lang.admin_page.desc.install_as_docker) }} + + {{ checkbox('apache_syn_flood', title=lang.words.enable|title() + ' SYN-flood '+ lang.words.protection, checked='checked') }} + + {{lang.words.install|title()}} +
      +
      + {% endif %} +
      + +
      + {% if not is_needed_tool %} +
      +

      {{lang.admin_page.desc.no_ansible}} Ansible

      . + There is no server +

      + {{lang.words.read|title()}} here {{lang.phrases.how_to_install}} Ansible. +

      +
      + {% else %} + {% if role|int() == 1 %} + + + + + + + + + + + + + + + + +

      Grafana {{lang.words.and}} Prometheus {{lang.words.servers}}

      {{lang.words.current2|title()}} {{lang.words.installation}}{{lang.words.available|title()}} {{lang.words.versions}}{{lang.words.note|title()}}
      + {% if grafana == "active" %} + Grafana {{lang.words.and}} Prometheus {{lang.admin_page.desc.been_installed}} + {% else %} + {{lang.admin_page.desc.there_are_no}} + {% endif %} + + {{lang.admin_page.desc.latest_repo}} Grafana {{lang.words.and}} Prometheus + + {{lang.admin_page.desc.before_install}} Grafana {{lang.words.and}} Prometheus {{lang.words.servers}} + + {% if grafana != "active" %} + {{lang.words.install|title()}} + {% endif %} +
      + {% endif %} + + + + + + + + + + + + + + + + + +

      HAProxy Exporter

      {{lang.words.current2|title()}} {{lang.words.installation}}{{lang.words.available|title()}} {{lang.words.versions}}{{lang.words.server|title()}}{{lang.words.external|title()}} Prometheus
      + {% set values = dict() %} + {% set values = {'0.9.0':'0.9.0', '0.10.0':'0.10.0', '0.11.0':'0.11.0', '0.12.0':'0.12.0', '0.13.0':'0.13.0', '0.14.0':'0.14.0', '0.15.0':'0.15.0'} %} + {{ select('hapexpver', values=values, selected='0.15.0') }} + + + {{ checkbox('haproxy_ext_prom', title=lang.admin_page.desc.ext_prom) }} + {{lang.words.install|title()}} +
      + + + + + + + + + + + + + + + + + +

      NGINX Exporter

      {{lang.words.current2|title()}} {{lang.words.installation}}{{lang.words.available|title()}} {{lang.words.versions}}{{lang.words.server|title()}}{{lang.words.external|title()}} Prometheus
      + {% set values = dict() %} + {% set values = {'0.6.0':'0.6.0', '0.7.0':'0.7.0', '0.9.0':'0.9.0', '0.10.0':'0.10.0', '0.11.0':'0.11.0'} %} + {{ select('nginxexpver', values=values, selected='0.11.0') }} + + + {{ checkbox('nginx_ext_prom', title=lang.admin_page.desc.ext_prom) }} + {{lang.words.install|title()}} +
      + + + + + + + + + + + + + + + + + +

      Apache Exporter

      {{lang.words.current2|title()}} {{lang.words.installation}}{{lang.words.available|title()}} {{lang.words.versions}}{{lang.words.server|title()}}{{lang.words.external|title()}} Prometheus
      + {% set values = dict() %} + {% set values = {'0.10.0':'0.10.0', '0.13.4':'0.13.4', '1.0.1':'1.0.1'} %} + {{ select('apacheexpver', values=values, selected='1.0.1') }} + + + {{ checkbox('apache_ext_prom', title=lang.admin_page.desc.ext_prom) }} + {{lang.words.install|title()}} +
      + + + + + + + + + + + + + + + + + +

      Keepalived Exporter

      {{lang.words.current2|title()}} {{lang.words.installation}}{{lang.words.available|title()}} {{lang.words.versions}}{{lang.words.server|title()}}{{lang.words.external|title()}} Prometheus
      + {% set values = dict() %} + {% set values = {'0.1.0':'0.1.0', '0.2.0':'0.2.0', '0.3.0':'0.3.0', '0.4.0':'0.4.0', '0.5.0':'0.5.0'} %} + {{ select('keepalivedexpver', values=values, selected='0.5.0') }} + + + {{ checkbox('keepalived_ext_prom', title=lang.admin_page.desc.ext_prom) }} + {{lang.words.install|title()}} +
      + + + + + + + + + + + + + + + + + +

      Node Exporter

      {{lang.words.current2|title()}} {{lang.words.installation}}{{lang.words.available|title()}} {{lang.words.versions}}{{lang.words.server|title()}}{{lang.words.external|title()}} Prometheus
      + {% set values = dict() %} + {% set values = {'1.2.0':'1.2.0', '1.2.2':'1.2.2', '1.3.0':'1.3.0', '1.3.1':'1.3.1', '1.5.0':'1.5.0', '1.6.1':'1.6.1'} %} + {{ select('nodeexpver', values=values, selected='1.6.1') }} + + + {{ checkbox('node_ext_prom', title=lang.admin_page.desc.ext_prom) }} + {{lang.words.install|title()}} +
      +
      +
      + {{lang.words.read|title()}} {{lang.words.about|title()}} Grafana and Prometheus servers + {{lang.words.and}} {{lang.words.about|title()}} Exporters +
      +
      +
      + + {% if not is_needed_tool %} +
      +

      {{lang.admin_page.desc.no_ansible}}

      . + There is no server +

      + {{lang.words.read|title()}} {{lang.words.here}} {{lang.phrases.how_to_install}} Ansible. +

      +
      + {% else %} + + + + + + + + + + + + + + + + + {% endif %} +

      Install GeoLite2

      {{lang.words.server|title()}}{{lang.words.service|title()}}{{lang.words.current2|title()}} {{lang.words.installation}}{{lang.words.updating|title()}}
      + + + + + {{ checkbox('updating_geoip', title="Update the database?", checked='checked') }} + + +
      +
      +
      + {{lang.phrases.howto_user}} {{lang.words.read}} {{lang.words.in}} {{lang.words.this2}} {{lang.words.article}} +
      + + + + +
      + {{lang.admin_page.desc.country_codes}} + +
      +
      +
      +{% endif %} + +{% endblock %} diff --git a/app/templates/languages/en.html b/app/templates/languages/en.html index 5d4dbc52..75dce292 100644 --- a/app/templates/languages/en.html +++ b/app/templates/languages/en.html @@ -472,6 +472,8 @@ "is_enabled_and_down": "Port scanner is enabled, but service is DOWN", "scanning_ports": "Scanning open/filtered ports for the server", "total_open_ports": "Total opened ports", + "p_s_title": "Port scanner dashboard", + "p_s_title_history": "Port scanner history for", } } %} @@ -877,5 +879,6 @@ "maps": "maps", "map": "map", "method": "method", + "tools": "tools", } %} diff --git a/app/templates/languages/fr.html b/app/templates/languages/fr.html index 74f9361c..09a02d13 100644 --- a/app/templates/languages/fr.html +++ b/app/templates/languages/fr.html @@ -472,6 +472,8 @@ "is_enabled_and_down": "Le scanner de port est activé, mais le service est DOWN", "scanning_ports": "Analyse des ports ouverts/filtrés pour le serveur", "total_open_ports": "Total des ports ouverts", + "p_s_title": "Tableau de bord du scanner de ports", + "p_s_title_history": "Historique du scanner de ports pour", } } %} @@ -877,5 +879,6 @@ "maps": "cartes", "map": "carte", "method": "méthode", + "tools": "outils", } %} diff --git a/app/templates/languages/pt-br.html b/app/templates/languages/pt-br.html index 0db8b357..5f5f4b01 100644 --- a/app/templates/languages/pt-br.html +++ b/app/templates/languages/pt-br.html @@ -472,6 +472,8 @@ "is_enabled_and_down": "O port scanner está ativado, mais o serviço está DOWN", "scanning_ports": "Verificando portas abertas/filtradas para o servidor", "total_open_ports": "Número total de portas abertas", + "p_s_title": "Painel do scanner de porta", + "p_s_title_history": "Histórico do scanner de porta para", } } %} @@ -877,5 +879,6 @@ "maps": "mapas", "map": "mapa", "method": "método", + "tools": "ferramentas", } %} diff --git a/app/templates/languages/ru.html b/app/templates/languages/ru.html index ab8487ce..c32ebc4e 100644 --- a/app/templates/languages/ru.html +++ b/app/templates/languages/ru.html @@ -472,6 +472,8 @@ "is_enabled_and_down": "Port scanner включен, но сервис отключен", "scanning_ports": "Сканирование открытых/фильтрованных портов для сервера", "total_open_ports": "Всего открыто портов", + "p_s_title": "Дашборд Port scanner", + "p_s_title_history": "История Port scanner для", } } %} @@ -877,5 +879,6 @@ "maps": "карты", "map": "карта", "method": "метод", + "tools": "инструменты", } %} diff --git a/app/templates/login.html b/app/templates/login.html index d31a73f7..8087b08d 100644 --- a/app/templates/login.html +++ b/app/templates/login.html @@ -59,9 +59,11 @@ body, .container {
      - + - + + Login/Password admin/admin +
      {{ input('login', class='form-login', placeholder=lang.words.login|title(), required='required', autofocus='autofocus') }} @@ -83,6 +85,11 @@ body, .container { {{error}}
      {% endif %} + {% with messages = get_flashed_messages(with_categories=true) %} + {% for category, message in messages %} +
      {{ message }}
      + {% endfor %} + {% endwith %}