Map from %s
" % serv) + + G = nx.DiGraph() + + error = funct.get_config(serv, cfg) + if error: + print('
'+error+'
')
+ try:
+ conf = open(cfg, "r")
+ except IOError:
+ print('Can\'t read import config file
')
+
+ node = ""
+ line_new2 = [1,""]
+ i,k = 800, 800
+ j, m = 0, 0
+ for line in conf:
+ if line.startswith('listen') or line.startswith('frontend'):
+ if "stats" not in line:
+ node = line
+ i = i - 750
+ if line.find("backend") == 0:
+ node = line
+ i = i - 700
+ G.add_node(node,pos=(k,i),label_pos=(k,i+100))
+
+ if "bind" in line or (line.startswith('listen') and ":" in line) or (line.startswith('frontend') and ":" in line):
+ try:
+ bind = line.split(":")
+ if stats_port not in bind[1]:
+ bind[1] = bind[1].strip(' ')
+ bind = bind[1].split("crt")
+ node = node.strip(' \t\n\r')
+ node = node + ":" + bind[0]
+ G.add_node(node,pos=(k,i),label_pos=(k,i+100))
+ except:
+ pass
+
+ if "server " in line or "use_backend" in line or "default_backend" in line and "stats" not in line and "#" not in line:
+ if "timeout" not in line and "default-server" not in line and "#" not in line and "stats" not in line:
+ i = i - 1050
+ j = j + 1
+ if "check" in line:
+ line_new = line.split("check")
+ else:
+ line_new = line.split("if ")
+ if "server" in line:
+ line_new1 = line_new[0].split("server")
+ line_new[0] = line_new1[1]
+ line_new2 = line_new[0].split(":")
+ line_new[0] = line_new2[0]
+
+ line_new[0] = line_new[0].strip(' \t\n\r')
+ line_new2[1] = line_new2[1].strip(' \t\n\r')
+
+ if j % 2 == 0:
+ G.add_node(line_new[0],pos=(k+230,i-335),label_pos=(k+225,i-180))
+ else:
+ G.add_node(line_new[0],pos=(k-230,i-0),label_pos=(k-225,i+180))
+
+ if line_new2[1] != "":
+ G.add_edge(node, line_new[0], port=line_new2[1])
+ else:
+ G.add_edge(node,line_new[0])
+
+ os.system("/bin/rm -f " + cfg)
+
+ pos=nx.get_node_attributes(G,'pos')
+ pos_label=nx.get_node_attributes(G,'label_pos')
+ edge_labels = nx.get_edge_attributes(G,'port')
+
+ try:
+ plt.figure(10,figsize=(10,15))
+ nx.draw(G, pos, with_labels=False, font_weight='bold', width=3, alpha=0.1,linewidths=5)
+ nx.draw_networkx_nodes(G,pos, node_color="skyblue", node_size=100, alpha=0.8, node_shape="p")
+ nx.draw_networkx_labels(G,pos=pos_label, alpha=1, font_color="green", font_size=10)
+ nx.draw_networkx_edges(G,pos, width=0.5,alpha=0.5, edge_color="#5D9CEB",arrows=False)
+ nx.draw_networkx_edge_labels(G, pos,label_pos=0.5,font_color="blue", labels=edge_labels, font_size=8)
+
+ plt.savefig("map.png")
+ plt.show()
+ except Exception as e:
+ print('' + str(e) + '
')
+
+ cmd = "rm -f "+os.path.dirname(os.getcwd())+"/map*.png && mv map.png "+os.path.dirname(os.getcwd())+"/map"+date+".png"
+ output, stderr = funct.subprocess_execute(cmd)
+ print(stderr)
+
+ print('
' % date)
+
if form.getvalue('servaction') is not None:
server_state_file = sql.get_setting('server_state_file')
@@ -310,6 +530,7 @@ if form.getvalue('servaction') is not None:
action = 'edit.py ' + enable + ' ' + backend
funct.logging(serv, action)
+
if act == "showCompareConfigs":
import glob
from jinja2 import Environment, FileSystemLoader
@@ -321,6 +542,7 @@ if act == "showCompareConfigs":
template = template.render(serv=serv, right=right, left=left, return_files=funct.get_files())
print(template)
+
if serv is not None and form.getvalue('right') is not None:
from jinja2 import Environment, FileSystemLoader
left = form.getvalue('left')
@@ -336,6 +558,7 @@ if serv is not None and form.getvalue('right') is not None:
print(template)
print(stderr)
+
if serv is not None and act == "configShow":
hap_configs_dir = funct.get_config_var('configs', 'haproxy_save_configs_dir')
@@ -360,6 +583,7 @@ if serv is not None and act == "configShow":
if form.getvalue('configver') is None:
os.system("/bin/rm -f " + cfg)
+
if form.getvalue('master'):
master = form.getvalue('master')
slave = form.getvalue('slave')
@@ -390,6 +614,7 @@ if form.getvalue('master'):
os.system("rm -f %s" % script)
sql.update_server_master(master, slave)
+
if form.getvalue('masteradd'):
master = form.getvalue('masteradd')
slave = form.getvalue('slaveadd')
@@ -412,9 +637,11 @@ if form.getvalue('masteradd'):
os.system("rm -f %s" % script)
+
if form.getvalue('haproxyaddserv'):
funct.install_haproxy(form.getvalue('haproxyaddserv'), syn_flood=form.getvalue('syn_flood'), hapver=form.getvalue('hapver'))
+
if form.getvalue('installwaf'):
funct.waf_install(form.getvalue('installwaf'))
@@ -422,8 +649,10 @@ if form.getvalue('installwaf'):
if form.getvalue('update_haproxy_wi'):
funct.update_haproxy_wi()
+
if form.getvalue('metrics_waf'):
sql.update_waf_metrics_enable(form.getvalue('metrics_waf'), form.getvalue('enable'))
+
if form.getvalue('table_metrics'):
import http.cookies
@@ -498,6 +727,7 @@ if form.getvalue('get_hap_v'):
output = funct.check_haproxy_version(serv)
print(output)
+
if form.getvalue('bwlists'):
list = os.path.dirname(os.getcwd())+"/"+sql.get_setting('lists_path')+"/"+form.getvalue('group')+"/"+form.getvalue('color')+"/"+form.getvalue('bwlists')
try:
@@ -508,6 +738,7 @@ if form.getvalue('bwlists'):
except IOError:
print('Cat\'n read '+form.getvalue('color')+' list
')
+
if form.getvalue('bwlists_create'):
list_name = form.getvalue('bwlists_create').split('.')[0]
list_name += '.lst'
@@ -518,6 +749,7 @@ if form.getvalue('bwlists_create'):
except IOError as e:
print('Cat\'n create new '+form.getvalue('color')+' list. %s
' % e)
+
if form.getvalue('bwlists_save'):
list = os.path.dirname(os.getcwd())+"/"+sql.get_setting('lists_path')+"/"+form.getvalue('group')+"/"+form.getvalue('color')+"/"+form.getvalue('bwlists_save')
try:
@@ -539,12 +771,14 @@ if form.getvalue('bwlists_save'):
if form.getvalue('bwlists_restart') == 'restart':
funct.ssh_command(server[2], ["sudo " + sql.get_setting('restart_command')])
+
if form.getvalue('get_lists'):
list = os.path.dirname(os.getcwd())+"/"+sql.get_setting('lists_path')+"/"+form.getvalue('group')+"/"+form.getvalue('color')
lists = funct.get_files(dir=list, format="lst")
for list in lists:
print(list)
+
if form.getvalue('get_ldap_email'):
username = form.getvalue('get_ldap_email')
import ldap
diff --git a/app/ovw.py b/app/ovw.py
deleted file mode 100644
index d010b54b..00000000
--- a/app/ovw.py
+++ /dev/null
@@ -1,210 +0,0 @@
-import funct
-import os
-import sql
-import asyncio
-import http.cookies
-from jinja2 import Environment, FileSystemLoader
-env = Environment(loader=FileSystemLoader('templates/ajax'),extensions=['jinja2.ext.loopcontrols', 'jinja2.ext.do'])
-cookie = http.cookies.SimpleCookie(os.environ.get("HTTP_COOKIE"))
-user_id = cookie.get('uuid')
-haproxy_sock_port = sql.get_setting('haproxy_sock_port')
-listhap = sql.get_dick_permit()
-servers = []
-server_status = ()
-
-async def async_get_overview(serv1, serv2):
- # haproxy_config_path = sql.get_setting('haproxy_config_path')
- # commands = [ "ls -l %s |awk '{ print $6\" \"$7\" \"$8}'" % haproxy_config_path ]
- commands2 = [ "ps ax |grep waf/bin/modsecurity |grep -v grep |wc -l" ]
- # commands2 = "ps ax |grep keep_alive.py |grep -v grep |wc -l"
-
- cmd = 'echo "show info" |nc %s %s -w 1|grep -e "Process_num"' % (serv2, haproxy_sock_port)
- server_status = (serv1,
- serv2,
- funct.server_status(funct.subprocess_execute(cmd)),
- sql.select_servers(server=serv2, keep_alive=1),
- funct.ssh_command(serv2, commands2),
- sql.select_waf_servers(serv2))
- return server_status
-
-async def get_runner_overview():
- template = env.get_template('overview.html')
- futures = [async_get_overview(server[1], server[2]) for server in listhap]
- for i, future in enumerate(asyncio.as_completed(futures)):
- result = await future
- servers.append(result)
- servers_sorted = sorted(servers, key=funct.get_key)
- template = template.render(service_status=servers_sorted, role=sql.get_user_role_by_uuid(user_id.value))
- print(template)
-
-def get_overview():
- ioloop = asyncio.get_event_loop()
- ioloop.run_until_complete(get_runner_overview())
- ioloop.close()
-
-async def async_get_overviewWaf(serv1, serv2):
- haproxy_dir = sql.get_setting('haproxy_dir')
- commands = [ "ps ax |grep waf/bin/modsecurity |grep -v grep |wc -l" ]
- commands1 = [ "cat %s/waf/modsecurity.conf |grep SecRuleEngine |grep -v '#' |awk '{print $2}'" % haproxy_dir ]
-
- server_status = (serv1,serv2, funct.ssh_command(serv2, commands), funct.ssh_command(serv2, commands1).strip(), sql.select_waf_metrics_enable_server(serv2))
- return server_status
-
-async def get_runner_overviewWaf(url):
- template = env.get_template('overivewWaf.html')
-
- futures = [async_get_overviewWaf(server[1], server[2]) for server in listhap]
- for i, future in enumerate(asyncio.as_completed(futures)):
- result = await future
- servers.append(result)
- servers_sorted = sorted(servers, key=funct.get_key)
- template = template.render(service_status=servers_sorted, role=sql.get_user_role_by_uuid(user_id.value), url=url)
- print(template)
-
-def get_overviewWaf(url):
- ioloop = asyncio.get_event_loop()
- ioloop.run_until_complete(get_runner_overviewWaf(url))
- ioloop.close()
-
-async def async_get_overviewServers(serv1, serv2):
- commands = [ "top -u haproxy -b -n 1 -w 67 |grep -e 'haproxy\|PID\|Cpu\|KiB' |grep -v Swap" ]
- cmd = 'echo "show info" |nc %s %s -w 1|grep -e "Ver\|CurrConns\|Maxco\|MB\|Uptime:"' % (serv2, haproxy_sock_port)
- out = funct.subprocess_execute(cmd)
- out1 = ""
-
- for k in out:
- if "Ncat:" not in k:
- for r in k:
- out1 += r
- out1 += "" - else: - out1 = "Can\'t connect to HAproxy" - - server_status = (serv1,serv2, out1, funct.ssh_command(serv2, commands)) - return server_status - -async def get_runner_overviewServers(**kwargs): - template = env.get_template('overviewServers.html') - user_id = cookie.get('uuid') - role = sql.get_user_role_by_uuid(user_id.value) - futures = [async_get_overviewServers(kwargs.get('server1'), kwargs.get('server2'))] - - for i, future in enumerate(asyncio.as_completed(futures)): - result = await future - servers.append(result) - servers_sorted = sorted(servers, key=funct.get_key) - template = template.render(service_status=servers_sorted, role=role, id=kwargs.get('id')) - print(template) - -def get_overviewServers(**kwargs): - server1 = kwargs.get('name') - server2 = kwargs.get('ip') - id = kwargs.get('id') - ioloop = asyncio.get_event_loop() - ioloop.run_until_complete(get_runner_overviewServers(server1=server1, server2=server2, id=id)) - ioloop.close() - -def get_map(serv): - from datetime import datetime - from pytz import timezone - import networkx as nx - import matplotlib - matplotlib.use('Agg') - import matplotlib.pyplot as plt - - stats_port= sql.get_setting('stats_port') - haproxy_config_path = sql.get_setting('haproxy_config_path') - hap_configs_dir = funct.get_config_var('configs', 'haproxy_save_configs_dir') - date = funct.get_data('config') - cfg = hap_configs_dir + serv + "-" + date + ".cfg" - - print('
Map from %s
" % serv) - - G = nx.DiGraph() - - error = funct.get_config(serv, cfg) - if error: - print('
'+error+'
')
- try:
- conf = open(cfg, "r")
- except IOError:
- print('Can\'t read import config file
')
-
- node = ""
- line_new2 = [1,""]
- i,k = 800, 800
- j, m = 0, 0
- for line in conf:
- if line.startswith('listen') or line.startswith('frontend'):
- if "stats" not in line:
- node = line
- i = i - 750
- if line.find("backend") == 0:
- node = line
- i = i - 700
- G.add_node(node,pos=(k,i),label_pos=(k,i+100))
-
- if "bind" in line or (line.startswith('listen') and ":" in line) or (line.startswith('frontend') and ":" in line):
- try:
- bind = line.split(":")
- if stats_port not in bind[1]:
- bind[1] = bind[1].strip(' ')
- bind = bind[1].split("crt")
- node = node.strip(' \t\n\r')
- node = node + ":" + bind[0]
- G.add_node(node,pos=(k,i),label_pos=(k,i+100))
- except:
- pass
-
- if "server " in line or "use_backend" in line or "default_backend" in line and "stats" not in line and "#" not in line:
- if "timeout" not in line and "default-server" not in line and "#" not in line and "stats" not in line:
- i = i - 1050
- j = j + 1
- if "check" in line:
- line_new = line.split("check")
- else:
- line_new = line.split("if ")
- if "server" in line:
- line_new1 = line_new[0].split("server")
- line_new[0] = line_new1[1]
- line_new2 = line_new[0].split(":")
- line_new[0] = line_new2[0]
-
- line_new[0] = line_new[0].strip(' \t\n\r')
- line_new2[1] = line_new2[1].strip(' \t\n\r')
-
- if j % 2 == 0:
- G.add_node(line_new[0],pos=(k+230,i-335),label_pos=(k+225,i-180))
- else:
- G.add_node(line_new[0],pos=(k-230,i-0),label_pos=(k-225,i+180))
-
- if line_new2[1] != "":
- G.add_edge(node, line_new[0], port=line_new2[1])
- else:
- G.add_edge(node,line_new[0])
-
- os.system("/bin/rm -f " + cfg)
-
- pos=nx.get_node_attributes(G,'pos')
- pos_label=nx.get_node_attributes(G,'label_pos')
- edge_labels = nx.get_edge_attributes(G,'port')
-
- try:
- plt.figure(10,figsize=(10,15))
- nx.draw(G, pos, with_labels=False, font_weight='bold', width=3, alpha=0.1,linewidths=5)
- nx.draw_networkx_nodes(G,pos, node_color="skyblue", node_size=100, alpha=0.8, node_shape="p")
- nx.draw_networkx_labels(G,pos=pos_label, alpha=1, font_color="green", font_size=10)
- nx.draw_networkx_edges(G,pos, width=0.5,alpha=0.5, edge_color="#5D9CEB",arrows=False)
- nx.draw_networkx_edge_labels(G, pos,label_pos=0.5,font_color="blue", labels=edge_labels, font_size=8)
-
- plt.savefig("map.png")
- plt.show()
- except Exception as e:
- print('' + str(e) + '
')
-
- cmd = "rm -f "+os.path.dirname(os.getcwd())+"/map*.png && mv map.png "+os.path.dirname(os.getcwd())+"/map"+date+".png"
- output, stderr = funct.subprocess_execute(cmd)
- print(stderr)
-
- print('' % date)
\ No newline at end of file
diff --git a/app/settings.py b/app/settings.py
deleted file mode 100644
index 62e79973..00000000
--- a/app/settings.py
+++ /dev/null
@@ -1,32 +0,0 @@
-#!/usr/bin/env python3
-import cgi
-import os
-import funct
-import sql
-import http
-from jinja2 import Environment, FileSystemLoader
-env = Environment(loader=FileSystemLoader('templates/'))
-template = env.get_template('settings.html')
-form = cgi.FieldStorage()
-
-print('Content-type: text/html\n')
-funct.check_login()
-funct.page_for_admin()
-
-try:
- cookie = http.cookies.SimpleCookie(os.environ.get("HTTP_COOKIE"))
- user_id = cookie.get('uuid')
- user = sql.get_user_name_by_uuid(user_id.value)
- settings = sql.get_setting('', all=1)
- token = sql.get_token(user_id.value)
-except:
- pass
-
-
-template = template.render(h2 = 1, title = "Settings",
- role = sql.get_user_role_by_uuid(user_id.value),
- user = user,
- settings = settings,
- versions = funct.versions(),
- token = token)
-print(template)
\ No newline at end of file
diff --git a/app/sql.py b/app/sql.py
index 1853fc98..e0feb09e 100644
--- a/app/sql.py
+++ b/app/sql.py
@@ -1405,13 +1405,13 @@ def check_token():
sys.exit()
-def check_group(group):
+def check_group(group, role_id):
import http.cookies
import os
cookie = http.cookies.SimpleCookie(os.environ.get("HTTP_COOKIE"))
user_id = cookie.get('uuid')
user_group = get_user_group_by_uuid(user_id.value)
- if user_group == group or user_group == '1':
+ if user_group == group or user_group == '1' or role_id == 1:
return True
else:
funct.logging(new_user, ' tried to change user group', haproxywi=1, login=1)
@@ -1430,8 +1430,8 @@ if form.getvalue('newuser') is not None:
if password is None or role is None or group is None:
print(error_mess)
else:
- if check_group(group):
- role_id = get_role_id_by_name(role)
+ role_id = get_role_id_by_name(role)
+ if check_group(group, role_id):
if funct.is_admin(level=role_id):
if add_user(new_user, email, password, role, group, activeuser):
show_update_user(new_user, page)
@@ -1452,8 +1452,8 @@ if form.getvalue('updateuser') is not None:
if new_user is None or role is None or group is None:
print(error_mess)
else:
- if check_group(group):
- role_id = get_role_id_by_name(role)
+ role_id = get_role_id_by_name(role)
+ if check_group(group, role_id):
if funct.is_admin(level=role_id):
update_user(new_user, email, role, group, id, activeuser)
else:
diff --git a/app/templates/admin.html b/app/templates/admin.html
index 977473c3..a8aedc9b 100644
--- a/app/templates/admin.html
+++ b/app/templates/admin.html
@@ -17,6 +17,8 @@
+
+
+
+
+ | + Parameter + | ++ Value + | ++ Description + | +{{ set.2 }} section |
+ {% endif %}
+ {% set section.section = set.2 %}
+
|---|---|---|
| + {{set.0}} + | ++ {% if set.0 == 'ldap_password' %} + {% if set.1 == 'None' %} + + {% else %} + + {% endif %} + {% else %} + {% if set.1 == 'None' %} + + {% else %} + + {% endif %} + {% endif %} + | ++ {{set.3}} + | +
+ {% set current_ver = versions.0 %}
+ {% set new_ver = versions.1 %}
+ {% set current_ver_without_dots = versions.2 %}
+ {% set new_ver_without_dots = versions.3 %}
+
+
+
+
+
| Currnet version | +Last version | ++ |
| + {{current_ver}} + | ++ {{new_ver}} + | ++ + {% if new_ver_without_dots > current_ver_without_dots and new_ver != "Sorry cannot get current version" %} + Update + {% endif %} + | +