mirror of https://github.com/Aidaho12/haproxy-wi
parent
d6a27f8307
commit
5a40d50368
|
@ -966,7 +966,7 @@ def update_db_v_6_2_1():
|
|||
|
||||
def update_ver():
|
||||
try:
|
||||
Version.update(version='6.3.0.0').execute()
|
||||
Version.update(version='6.3.1.0').execute()
|
||||
except Exception:
|
||||
print('Cannot update version')
|
||||
|
||||
|
|
|
@ -24,6 +24,7 @@ except Exception as e:
|
|||
sys.exit()
|
||||
|
||||
roxywi_auth.page_for_admin(level=2)
|
||||
is_needed_tool = common.is_tool('ansible')
|
||||
|
||||
try:
|
||||
user_subscription = roxywi_common.return_user_status()
|
||||
|
@ -34,6 +35,6 @@ except Exception as e:
|
|||
parsed_template = template.render(
|
||||
h2=1, title=title, role=user_params['role'], user=user_params['user'], serv=serv, selects=user_params['servers'],
|
||||
user_services=user_params['user_services'], user_status=user_subscription['user_status'],
|
||||
user_plan=user_subscription['user_plan'], token=user_params['token']
|
||||
user_plan=user_subscription['user_plan'], is_needed_tool=is_needed_tool, token=user_params['token']
|
||||
)
|
||||
print(parsed_template)
|
||||
|
|
|
@ -62,3 +62,10 @@ def string_to_dict(dict_string) -> dict:
|
|||
|
||||
def get_key(item):
|
||||
return item[0]
|
||||
|
||||
|
||||
def is_tool(name):
|
||||
from shutil import which
|
||||
is_tool_installed = which(name)
|
||||
|
||||
return True if is_tool_installed is not None else False
|
||||
|
|
|
@ -3,11 +3,13 @@ import re
|
|||
import http.cookies
|
||||
|
||||
import modules.db.sql as sql
|
||||
import modules.common.common as common
|
||||
import modules.server.server as server_mod
|
||||
import modules.roxywi.common as roxywi_common
|
||||
import modules.roxy_wi_tools as roxy_wi_tools
|
||||
from modules.service.common import is_not_allowed_to_restart, get_correct_apache_service_name
|
||||
|
||||
form = common.form
|
||||
time_zone = sql.get_setting('time_zone')
|
||||
get_date = roxy_wi_tools.GetDate(time_zone)
|
||||
get_config_var = roxy_wi_tools.GetConfigVar()
|
||||
|
@ -372,3 +374,74 @@ def get_userlists(config):
|
|||
return_config += line + ','
|
||||
|
||||
return return_config
|
||||
|
||||
|
||||
def get_ssl_cert(server_ip: str) -> None:
|
||||
cert_id = common.checkAjaxInput(form.getvalue('getcert'))
|
||||
|
||||
cert_path = sql.get_setting('cert_path')
|
||||
commands = [f"openssl x509 -in {cert_path}/{cert_id} -text"]
|
||||
try:
|
||||
server_mod.ssh_command(server_ip, commands, ip="1")
|
||||
except Exception as e:
|
||||
print(f'error: Cannot connect to the server {e.args[0]}')
|
||||
|
||||
|
||||
def get_ssl_certs(server_ip: str) -> None:
|
||||
cert_path = sql.get_setting('cert_path')
|
||||
commands = [f"sudo ls -1t {cert_path} |grep -E 'pem|crt|key'"]
|
||||
try:
|
||||
server_mod.ssh_command(server_ip, commands, ip="1")
|
||||
except Exception as e:
|
||||
print(f'error: Cannot connect to the server: {e.args[0]}')
|
||||
|
||||
|
||||
def del_ssl_cert(server_ip: str) -> None:
|
||||
cert_id = form.getvalue('delcert')
|
||||
cert_id = common.checkAjaxInput(cert_id)
|
||||
cert_path = sql.get_setting('cert_path')
|
||||
commands = [f"sudo rm -f {cert_path}/{cert_id}"]
|
||||
try:
|
||||
server_mod.ssh_command(server_ip, commands, ip="1")
|
||||
except Exception as e:
|
||||
print(f'error: Cannot delete the certificate {e.args[0]}')
|
||||
|
||||
|
||||
def upload_ssl_cert(server_ip: str) -> None:
|
||||
cert_local_dir = f"{os.path.dirname(os.getcwd())}/{sql.get_setting('ssl_local_path')}"
|
||||
cert_path = sql.get_setting('cert_path')
|
||||
name = ''
|
||||
|
||||
if not os.path.exists(cert_local_dir):
|
||||
os.makedirs(cert_local_dir)
|
||||
|
||||
if form.getvalue('ssl_name') is None:
|
||||
print('error: Please enter a desired name')
|
||||
else:
|
||||
name = f"{common.checkAjaxInput(form.getvalue('ssl_name'))}.pem"
|
||||
|
||||
try:
|
||||
with open(name, "w") as ssl_cert:
|
||||
ssl_cert.write(form.getvalue('ssl_cert'))
|
||||
except IOError as e:
|
||||
print(f'error: Cannot save the SSL key file: {e.args[0]}')
|
||||
sys.exit()
|
||||
|
||||
masters = sql.is_master(server_ip)
|
||||
for master in masters:
|
||||
if master[0] is not None:
|
||||
error = upload(master[0], cert_path, name)
|
||||
if not error:
|
||||
print(f'success: the SSL file has been uploaded to {master[0]} into: {cert_path}/{name} <br/>')
|
||||
try:
|
||||
error = upload(server_ip, cert_path, name)
|
||||
if not error:
|
||||
print(f'success: the SSL file has been uploaded to {server_ip} into: {cert_path}/{name}')
|
||||
except Exception as e:
|
||||
roxywi_common.logging('Roxy-WI server', e.args[0], roxywi=1)
|
||||
try:
|
||||
os.rename(name, cert_local_dir)
|
||||
except OSError as e:
|
||||
roxywi_common.logging('Roxy-WI server', e.args[0], roxywi=1)
|
||||
|
||||
roxywi_common.logging(server_ip, f"add.py#ssl uploaded a new SSL cert {name}", roxywi=1, login=1)
|
||||
|
|
|
@ -218,3 +218,152 @@ def table_select():
|
|||
template = template.render(tables_head=tables_head, table=table)
|
||||
|
||||
print(template)
|
||||
|
||||
|
||||
def delete_ip_from_stick_table() -> None:
|
||||
haproxy_sock_port = sql.get_setting('haproxy_sock_port')
|
||||
ip = common.checkAjaxInput(form.getvalue('ip_for_delete'))
|
||||
table = common.checkAjaxInput(form.getvalue('table_for_delete'))
|
||||
|
||||
cmd = f'echo "clear table {table} key {ip}" |nc {serv} {haproxy_sock_port}'
|
||||
output, stderr = server_mod.subprocess_execute(cmd)
|
||||
if stderr[0] != '':
|
||||
print('error: ' + stderr[0])
|
||||
|
||||
|
||||
def clear_stick_table() -> None:
|
||||
haproxy_sock_port = sql.get_setting('haproxy_sock_port')
|
||||
table = common.checkAjaxInput(form.getvalue('table_for_clear'))
|
||||
|
||||
cmd = f'echo "clear table {table} " |nc {serv} {haproxy_sock_port}'
|
||||
output, stderr = server_mod.subprocess_execute(cmd)
|
||||
if stderr[0] != '':
|
||||
print('error: ' + stderr[0])
|
||||
|
||||
|
||||
def list_of_lists() -> None:
|
||||
haproxy_sock_port = sql.get_setting('haproxy_sock_port')
|
||||
cmd = f'echo "show acl"|nc {serv} {haproxy_sock_port} |grep "loaded from" |awk \'{{print $1,$2}}\''
|
||||
output, stderr = server_mod.subprocess_execute(cmd)
|
||||
print(output)
|
||||
|
||||
|
||||
def show_lists() -> None:
|
||||
from jinja2 import Environment, FileSystemLoader
|
||||
env = Environment(loader=FileSystemLoader('templates/'), autoescape=True,
|
||||
extensions=['jinja2.ext.loopcontrols', 'jinja2.ext.do'], trim_blocks=True, lstrip_blocks=True)
|
||||
template = env.get_template('ajax/list.html')
|
||||
list_id = common.checkAjaxInput(form.getvalue('list_select_id'))
|
||||
list_name = common.checkAjaxInput(form.getvalue('list_select_name'))
|
||||
|
||||
haproxy_sock_port = sql.get_setting('haproxy_sock_port')
|
||||
cmd = f'echo "show acl #{list_id}"|nc {serv} {haproxy_sock_port}'
|
||||
output, stderr = server_mod.subprocess_execute(cmd)
|
||||
|
||||
template = template.render(list=output, list_id=list_id, list_name=list_name)
|
||||
print(template)
|
||||
|
||||
|
||||
def delete_ip_from_list() -> None:
|
||||
haproxy_sock_port = sql.get_setting('haproxy_sock_port')
|
||||
lists_path = sql.get_setting('lists_path')
|
||||
lib_path = get_config.get_config_var('main', 'lib_path')
|
||||
ip_id = common.checkAjaxInput(form.getvalue('list_ip_id_for_delete'))
|
||||
ip = common.is_ip_or_dns(form.getvalue('list_ip_for_delete'))
|
||||
list_id = common.checkAjaxInput(form.getvalue('list_id_for_delete'))
|
||||
list_name = common.checkAjaxInput(form.getvalue('list_name'))
|
||||
user_group = roxywi_common.get_user_group(id=1)
|
||||
cmd = f"sed -i 's!{ip}$!!' {lib_path}/{lists_path}/{user_group}/{list_name}"
|
||||
cmd1 = f"sed -i '/^$/d' {lib_path}/{lists_path}/{user_group}/{list_name}"
|
||||
output, stderr = server_mod.subprocess_execute(cmd)
|
||||
output1, stderr1 = server_mod.subprocess_execute(cmd1)
|
||||
if output:
|
||||
print(f'error: {output}')
|
||||
if stderr:
|
||||
print(f'error: {stderr}')
|
||||
if output1:
|
||||
print(f'error: {output1}')
|
||||
if stderr1:
|
||||
print(f'error: {stderr}')
|
||||
|
||||
cmd = f'echo "del acl #{list_id} #{ip_id}" |nc {serv} {haproxy_sock_port}'
|
||||
output, stderr = server_mod.subprocess_execute(cmd)
|
||||
if output[0] != '':
|
||||
print(f'error: {output[0]}')
|
||||
if stderr != '':
|
||||
print(f'error: {stderr[0]}')
|
||||
|
||||
roxywi_common.logging(serv, f'{ip_id} has been delete from list {list_id}', login=1, keep_history=1,
|
||||
service='haproxy')
|
||||
|
||||
|
||||
def add_ip_to_list() -> None:
|
||||
haproxy_sock_port = sql.get_setting('haproxy_sock_port')
|
||||
lists_path = sql.get_setting('lists_path')
|
||||
lib_path = get_config.get_config_var('main', 'lib_path')
|
||||
ip = form.getvalue('list_ip_for_add')
|
||||
ip = ip.strip()
|
||||
ip = common.is_ip_or_dns(ip)
|
||||
list_id = common.checkAjaxInput(form.getvalue('list_id_for_add'))
|
||||
list_name = common.checkAjaxInput(form.getvalue('list_name'))
|
||||
user_group = roxywi_common.get_user_group(id=1)
|
||||
cmd = f'echo "add acl #{list_id} {ip}" |nc {serv} {haproxy_sock_port}'
|
||||
output, stderr = server_mod.subprocess_execute(cmd)
|
||||
if output[0]:
|
||||
print(f'error: {output[0]}')
|
||||
if stderr:
|
||||
print(f'error: {stderr[0]}')
|
||||
|
||||
if 'is not a valid IPv4 or IPv6 address' not in output[0]:
|
||||
cmd = f'echo "{ip}" >> {lib_path}/{lists_path}/{user_group}/{list_name}'
|
||||
output, stderr = server_mod.subprocess_execute(cmd)
|
||||
if output:
|
||||
print(f'error: {output}')
|
||||
if stderr:
|
||||
print(f'error: {stderr}')
|
||||
|
||||
roxywi_common.logging(serv, f'{ip} has been added to list {list_id}', login=1, keep_history=1,
|
||||
service='haproxy')
|
||||
|
||||
|
||||
def select_session() -> None:
|
||||
from jinja2 import Environment, FileSystemLoader
|
||||
env = Environment(loader=FileSystemLoader('templates'), autoescape=True,
|
||||
extensions=['jinja2.ext.loopcontrols', 'jinja2.ext.do'], trim_blocks=True, lstrip_blocks=True)
|
||||
serv = common.checkAjaxInput(form.getvalue('sessions_select'))
|
||||
|
||||
haproxy_sock_port = sql.get_setting('haproxy_sock_port')
|
||||
|
||||
cmd = f'echo "show sess" |nc {serv} {haproxy_sock_port}'
|
||||
output, stderr = server_mod.subprocess_execute(cmd)
|
||||
|
||||
template = env.get_template('ajax/sessions_table.html')
|
||||
template = template.render(sessions=output)
|
||||
|
||||
print(template)
|
||||
|
||||
|
||||
def show_session() -> None:
|
||||
serv = common.checkAjaxInput(form.getvalue('sessions_select_show'))
|
||||
sess_id = common.checkAjaxInput(form.getvalue('sessions_select_id'))
|
||||
haproxy_sock_port = sql.get_setting('haproxy_sock_port')
|
||||
cmd = f'echo "show sess {sess_id}" |nc {serv} {haproxy_sock_port}'
|
||||
|
||||
output, stderr = server_mod.subprocess_execute(cmd)
|
||||
|
||||
if stderr:
|
||||
print('error: ' + stderr[0])
|
||||
else:
|
||||
for o in output:
|
||||
print(f'{o}<br />')
|
||||
|
||||
|
||||
def delete_session() -> None:
|
||||
haproxy_sock_port = sql.get_setting('haproxy_sock_port')
|
||||
sess_id = common.checkAjaxInput(form.getvalue('session_delete_id'))
|
||||
cmd = 'echo "shutdown session %s" |nc %s %s' % (sess_id, serv, haproxy_sock_port)
|
||||
output, stderr = server_mod.subprocess_execute(cmd)
|
||||
if output[0] != '':
|
||||
print('error: ' + output[0])
|
||||
if stderr[0] != '':
|
||||
print('error: ' + stderr[0])
|
||||
|
|
|
@ -4,6 +4,7 @@ import re
|
|||
import distro
|
||||
|
||||
import modules.db.sql as sql
|
||||
import modules.common.common as common
|
||||
import modules.server.server as server_mod
|
||||
import modules.roxywi.common as roxywi_common
|
||||
|
||||
|
@ -179,3 +180,24 @@ def check_new_version(service):
|
|||
roxywi_common.logging('Roxy-WI server', f' {e}', roxywi=1)
|
||||
|
||||
return res
|
||||
|
||||
|
||||
def action_service(action: str, service: str) -> None:
|
||||
if action not in ('start', 'stop', 'restart'):
|
||||
print('error: wrong action')
|
||||
return
|
||||
|
||||
is_in_docker = is_docker()
|
||||
if action == 'stop':
|
||||
cmd = f"sudo systemctl disable {service} --now"
|
||||
elif action in ("start", "restart"):
|
||||
cmd = f"sudo systemctl {action} {service} --now"
|
||||
if not sql.select_user_status():
|
||||
print(
|
||||
'warning: The service is disabled because you are not subscribed. Read <a href="https://roxy-wi.org/pricing" '
|
||||
'title="Roxy-WI pricing" target="_blank">here</a> about subscriptions')
|
||||
sys.exit()
|
||||
if is_in_docker:
|
||||
cmd = f"sudo supervisorctl {action} {service}"
|
||||
os.system(cmd)
|
||||
roxywi_common.logging('Roxy-WI server', f' The service {service} has been {action}ed', roxywi=1, login=1)
|
||||
|
|
|
@ -0,0 +1,96 @@
|
|||
import os
|
||||
|
||||
from jinja2 import Environment, FileSystemLoader
|
||||
|
||||
import modules.db.sql as sql
|
||||
import modules.common.common as common
|
||||
import modules.roxywi.auth as roxywi_auth
|
||||
import modules.roxywi.common as roxywi_common
|
||||
import modules.alerting.alerting as alerting
|
||||
|
||||
form = common.form
|
||||
|
||||
|
||||
def create_user():
|
||||
email = form.getvalue('newemail')
|
||||
password = form.getvalue('newpassword')
|
||||
role = form.getvalue('newrole')
|
||||
new_user = form.getvalue('newusername')
|
||||
page = form.getvalue('page')
|
||||
activeuser = form.getvalue('activeuser')
|
||||
group = form.getvalue('newgroupuser')
|
||||
role_id = sql.get_role_id_by_name(role)
|
||||
|
||||
if roxywi_common.check_user_group():
|
||||
if roxywi_auth.is_admin(level=role_id):
|
||||
try:
|
||||
sql.add_user(new_user, email, password, role, activeuser, group)
|
||||
env = Environment(loader=FileSystemLoader('templates/'), autoescape=True)
|
||||
template = env.get_template('ajax/new_user.html')
|
||||
|
||||
template = template.render(users=sql.select_users(user=new_user),
|
||||
groups=sql.select_groups(),
|
||||
page=page,
|
||||
roles=sql.select_roles(),
|
||||
adding=1)
|
||||
print(template)
|
||||
roxywi_common.logging(f'a new user {new_user}', ' has been created ', roxywi=1, login=1)
|
||||
try:
|
||||
message = f"A user has been created for you on Roxy-WI portal!\n\n" \
|
||||
f"Now you can login to https://{os.environ.get('HTTP_HOST', '')}\n\n" \
|
||||
f"Your credentials are:\n" \
|
||||
f"Login: {new_user}\n" \
|
||||
f"Password: {password}"
|
||||
alerting.send_email(email, 'A user has been created for you', message)
|
||||
except Exception as e:
|
||||
roxywi_common.logging('error: Cannot send email for a new user', e, roxywi=1, login=1)
|
||||
except Exception as e:
|
||||
print(f'error: Cannot create a new user: {e}')
|
||||
roxywi_common.logging('error: Cannot create a new user', e, roxywi=1, login=1)
|
||||
else:
|
||||
print('error: dalsdm')
|
||||
roxywi_common.logging(new_user, ' tried to privilege escalation', roxywi=1, login=1)
|
||||
|
||||
|
||||
def delete_user():
|
||||
userdel = form.getvalue('userdel')
|
||||
user = sql.select_users(id=userdel)
|
||||
username = ''
|
||||
for u in user:
|
||||
username = u.username
|
||||
if sql.delete_user(userdel):
|
||||
sql.delete_user_groups(userdel)
|
||||
roxywi_common.logging(username, ' has been deleted user ', roxywi=1, login=1)
|
||||
print("Ok")
|
||||
|
||||
|
||||
def update_user():
|
||||
email = form.getvalue('email')
|
||||
role = form.getvalue('role')
|
||||
new_user = form.getvalue('updateuser')
|
||||
user_id = form.getvalue('id')
|
||||
activeuser = form.getvalue('activeuser')
|
||||
role_id = sql.get_role_id_by_name(role)
|
||||
|
||||
if roxywi_common.check_user_group():
|
||||
if roxywi_auth.is_admin(level=role_id):
|
||||
sql.update_user(new_user, email, role, user_id, activeuser)
|
||||
roxywi_common.logging(new_user, ' has been updated user ', roxywi=1, login=1)
|
||||
else:
|
||||
roxywi_common.logging(new_user, ' tried to privilege escalation', roxywi=1, login=1)
|
||||
|
||||
|
||||
def update_user_password():
|
||||
password = form.getvalue('updatepassowrd')
|
||||
username = ''
|
||||
|
||||
if form.getvalue('uuid'):
|
||||
user_id = sql.get_user_id_by_uuid(form.getvalue('uuid'))
|
||||
else:
|
||||
user_id = form.getvalue('id')
|
||||
user = sql.select_users(id=user_id)
|
||||
for u in user:
|
||||
username = u.username
|
||||
sql.update_user_password(password, user_id)
|
||||
roxywi_common.logging('user ' + username, ' has changed password ', roxywi=1, login=1)
|
||||
print("Ok")
|
|
@ -81,7 +81,7 @@ def ssh_command(server_ip: str, commands: list, **kwargs):
|
|||
except Exception as e:
|
||||
roxywi_common.logging('Roxy-WI server',
|
||||
f' Something wrong with SSH connection: {e}', roxywi=1)
|
||||
return str(f'error: {e}')
|
||||
raise Exception(f'error: {e}')
|
||||
|
||||
|
||||
def subprocess_execute(cmd):
|
||||
|
|
|
@ -0,0 +1,134 @@
|
|||
import modules.db.sql as sql
|
||||
import modules.server.server as server_mod
|
||||
import modules.roxywi.common as roxywi_common
|
||||
import modules.service.common as service_common
|
||||
|
||||
|
||||
def action_haproxy(server_ip: str, action: str) -> None:
|
||||
haproxy_service_name = "haproxy"
|
||||
|
||||
if action not in ('start', 'stop', 'reload', 'restart'):
|
||||
print('error: wrong action')
|
||||
return
|
||||
|
||||
service_common.is_restarted(server_ip, action)
|
||||
|
||||
if service_common.check_haproxy_config(server_ip):
|
||||
server_id = sql.select_server_id_by_ip(server_ip=server_ip)
|
||||
|
||||
if action == 'restart':
|
||||
service_common.is_not_allowed_to_restart(server_id, 'haproxy')
|
||||
|
||||
is_docker = sql.select_service_setting(server_id, 'haproxy', 'dockerized')
|
||||
|
||||
if is_docker == '1':
|
||||
container_name = sql.get_setting('haproxy_container_name')
|
||||
commands = [f"sudo docker {action} {container_name}"]
|
||||
else:
|
||||
haproxy_enterprise = sql.select_service_setting(server_id, 'haproxy', 'haproxy_enterprise')
|
||||
if haproxy_enterprise == '1':
|
||||
haproxy_service_name = "hapee-2.0-lb"
|
||||
commands = [f"sudo systemctl {action} {haproxy_service_name}"]
|
||||
|
||||
server_mod.ssh_command(server_ip, commands)
|
||||
roxywi_common.logging(server_ip, f'Service has been {action}ed', roxywi=1, login=1, keep_history=1,
|
||||
service='haproxy')
|
||||
print(f"success: HAProxy has been {action}")
|
||||
else:
|
||||
print("error: Bad config, check please")
|
||||
|
||||
|
||||
def action_nginx(server_ip: str, action: str) -> None:
|
||||
if action not in ('start', 'stop', 'reload', 'restart'):
|
||||
print('error: wrong action')
|
||||
return
|
||||
|
||||
service_common.is_restarted(server_ip, action)
|
||||
|
||||
if service_common.check_nginx_config(server_ip):
|
||||
server_id = sql.select_server_id_by_ip(server_ip=server_ip)
|
||||
|
||||
if action == 'restart':
|
||||
service_common.is_not_allowed_to_restart(server_id, 'nginx')
|
||||
is_docker = sql.select_service_setting(server_id, 'nginx', 'dockerized')
|
||||
|
||||
if is_docker == '1':
|
||||
container_name = sql.get_setting('nginx_container_name')
|
||||
commands = [f"sudo docker {action} {container_name}"]
|
||||
else:
|
||||
commands = [f"sudo systemctl {action} nginx"]
|
||||
server_mod.ssh_command(server_ip, commands)
|
||||
roxywi_common.logging(server_ip, f'Service has been {action}ed', roxywi=1, login=1, keep_history=1, service='nginx')
|
||||
print(f"success: NGINX has been {action}")
|
||||
else:
|
||||
print("error: Bad config, check please")
|
||||
|
||||
|
||||
def action_keepalived(server_ip: str, action: str) -> None:
|
||||
if action not in ('start', 'stop', 'reload', 'restart'):
|
||||
print('error: wrong action')
|
||||
return
|
||||
|
||||
service_common.is_restarted(server_ip, action)
|
||||
|
||||
commands = [f"sudo systemctl {action} keepalived"]
|
||||
server_mod.ssh_command(server_ip, commands)
|
||||
roxywi_common.logging(server_ip, f'Service has been {action}ed', roxywi=1, login=1, keep_history=1, service='keepalived')
|
||||
print(f"success: Keepalived has been {action}")
|
||||
|
||||
|
||||
def action_apache(server_ip: str, action: str) -> None:
|
||||
if action not in ('start', 'stop', 'reload', 'restart'):
|
||||
print('error: wrong action')
|
||||
return
|
||||
|
||||
service_common.is_restarted(server_ip, action)
|
||||
|
||||
server_id = sql.select_server_id_by_ip(server_ip)
|
||||
|
||||
if action == 'restart':
|
||||
service_common.is_not_allowed_to_restart(server_id, 'apache')
|
||||
|
||||
is_docker = sql.select_service_setting(server_id, 'apache', 'dockerized')
|
||||
if is_docker == '1':
|
||||
container_name = sql.get_setting('apache_container_name')
|
||||
commands = [f"sudo docker {action} {container_name}"]
|
||||
else:
|
||||
service_apache_name = service_common.get_correct_apache_service_name(None, server_id)
|
||||
|
||||
commands = [f"sudo systemctl {action} {service_apache_name}"]
|
||||
server_mod.ssh_command(server_ip, commands)
|
||||
roxywi_common.logging(server_ip, f'Service has been {action}ed', roxywi=1, login=1, keep_history=1, service='apache')
|
||||
print(f"success: Apache has been {action}")
|
||||
|
||||
|
||||
def action_haproxy_waf(server_ip: str, action: str) -> None:
|
||||
if action not in ('start', 'stop', 'reload', 'restart'):
|
||||
print('error: wrong action')
|
||||
return
|
||||
|
||||
service_common.is_restarted(server_ip, action)
|
||||
|
||||
roxywi_common.logging(server_ip, f'HAProxy WAF service has been {action}ed', roxywi=1, login=1, keep_history=1,
|
||||
service='haproxy')
|
||||
commands = [f"sudo systemctl {action} waf"]
|
||||
server_mod.ssh_command(server_ip, commands)
|
||||
|
||||
|
||||
def action_nginx_waf(server_ip: str, action: str) -> None:
|
||||
config_dir = common.return_nice_path(sql.get_setting('nginx_dir'))
|
||||
|
||||
if action not in ('start', 'stop'):
|
||||
print('error: wrong action')
|
||||
return
|
||||
|
||||
service_common.is_restarted(server_ip, action)
|
||||
|
||||
waf_new_state = 'on' if action == 'start' else 'off'
|
||||
waf_old_state = 'off' if action == 'start' else 'on'
|
||||
|
||||
roxywi_common.logging(serv, f'NGINX WAF service has been {action}ed', roxywi=1, login=1, keep_history=1,
|
||||
service='nginx')
|
||||
commands = [f"sudo sed -i 's/modsecurity {waf_old_state}/modsecurity {waf_new_state}/g' {config_dir}nginx.conf"
|
||||
f" && sudo systemctl reload nginx"]
|
||||
server_mod.ssh_command(server_ip, commands)
|
430
app/options.py
430
app/options.py
|
@ -65,12 +65,7 @@ if not sql.check_token_exists(token):
|
|||
sys.exit()
|
||||
|
||||
if form.getvalue('getcerts') is not None and serv is not None:
|
||||
cert_path = sql.get_setting('cert_path')
|
||||
commands = [f"sudo ls -1t {cert_path} |grep -E 'pem|crt|key'"]
|
||||
try:
|
||||
server_mod.ssh_command(serv, commands, ip="1")
|
||||
except Exception as e:
|
||||
print(f'error: Cannot connect to the server: {e.args[0]}')
|
||||
config_mod.get_ssl_certs(serv)
|
||||
|
||||
if form.getvalue('checkSshConnect') is not None and serv is not None:
|
||||
try:
|
||||
|
@ -79,60 +74,13 @@ if form.getvalue('checkSshConnect') is not None and serv is not None:
|
|||
print(e)
|
||||
|
||||
if form.getvalue('getcert') is not None and serv is not None:
|
||||
cert_id = common.checkAjaxInput(form.getvalue('getcert'))
|
||||
|
||||
cert_path = sql.get_setting('cert_path')
|
||||
commands = [f"openssl x509 -in {cert_path}/{cert_id} -text"]
|
||||
try:
|
||||
server_mod.ssh_command(serv, commands, ip="1")
|
||||
except Exception as e:
|
||||
print(f'error: Cannot connect to the server {e.args[0]}')
|
||||
config_mod.get_ssl_cert(serv)
|
||||
|
||||
if form.getvalue('delcert') is not None and serv is not None:
|
||||
cert_id = form.getvalue('delcert')
|
||||
cert_id = common.checkAjaxInput(cert_id)
|
||||
cert_path = sql.get_setting('cert_path')
|
||||
commands = [f"sudo rm -f {cert_path}/{cert_id}"]
|
||||
try:
|
||||
server_mod.ssh_command(serv, commands, ip="1")
|
||||
except Exception as e:
|
||||
print(f'error: Cannot delete the certificate {e.args[0]}')
|
||||
config_mod.del_ssl_cert(serv)
|
||||
|
||||
if serv and form.getvalue('ssl_cert'):
|
||||
cert_local_dir = os.path.dirname(os.getcwd()) + "/" + sql.get_setting('ssl_local_path')
|
||||
cert_path = sql.get_setting('cert_path')
|
||||
name = ''
|
||||
|
||||
if not os.path.exists(cert_local_dir):
|
||||
os.makedirs(cert_local_dir)
|
||||
|
||||
if form.getvalue('ssl_name') is None:
|
||||
print('error: Please enter a desired name')
|
||||
else:
|
||||
name = common.checkAjaxInput(form.getvalue('ssl_name'))
|
||||
|
||||
try:
|
||||
with open(name, "w") as ssl_cert:
|
||||
ssl_cert.write(form.getvalue('ssl_cert'))
|
||||
except IOError as e:
|
||||
print(f'error: Cannot save the SSL key file. Check a SSH key path in config {e.args[0]}')
|
||||
|
||||
MASTERS = sql.is_master(serv)
|
||||
for master in MASTERS:
|
||||
if master[0] is not None:
|
||||
config_mod.upload(master[0], cert_path, name)
|
||||
print('success: the SSL file has been uploaded to %s into: %s%s <br/>' % (master[0], cert_path, '/' + name))
|
||||
try:
|
||||
error = config_mod.upload(serv, cert_path, name)
|
||||
print('success: the SSL file has been uploaded to %s into: %s%s' % (serv, cert_path, '/' + name))
|
||||
except Exception as e:
|
||||
roxywi_common.logging('Roxy-WI server', e.args[0], roxywi=1)
|
||||
try:
|
||||
os.rename(name, cert_local_dir)
|
||||
except OSError as e:
|
||||
roxywi_common.logging('Roxy-WI server', e.args[0], roxywi=1)
|
||||
|
||||
roxywi_common.logging(serv, "add.py#ssl uploaded a new SSL cert %s" % name, roxywi=1, login=1)
|
||||
config_mod.upload_ssl_cert(serv)
|
||||
|
||||
if form.getvalue('backend') is not None:
|
||||
import modules.config.runtime as runtime
|
||||
|
@ -187,142 +135,49 @@ if form.getvalue('table_select') is not None:
|
|||
runtime.table_select()
|
||||
|
||||
if form.getvalue('ip_for_delete') is not None:
|
||||
haproxy_sock_port = sql.get_setting('haproxy_sock_port')
|
||||
ip = common.checkAjaxInput(form.getvalue('ip_for_delete'))
|
||||
table = common.checkAjaxInput(form.getvalue('table_for_delete'))
|
||||
import modules.config.runtime as runtime
|
||||
|
||||
cmd = 'echo "clear table %s key %s" |nc %s %s' % (table, ip, serv, haproxy_sock_port)
|
||||
output, stderr = server_mod.subprocess_execute(cmd)
|
||||
if stderr[0] != '':
|
||||
print('error: ' + stderr[0])
|
||||
runtime.delete_ip_from_stick_table()
|
||||
|
||||
if form.getvalue('table_for_clear') is not None:
|
||||
haproxy_sock_port = sql.get_setting('haproxy_sock_port')
|
||||
table = common.checkAjaxInput(form.getvalue('table_for_clear'))
|
||||
import modules.config.runtime as runtime
|
||||
|
||||
cmd = 'echo "clear table %s " |nc %s %s' % (table, serv, haproxy_sock_port)
|
||||
output, stderr = server_mod.subprocess_execute(cmd)
|
||||
if stderr[0] != '':
|
||||
print('error: ' + stderr[0])
|
||||
runtime.clear_stick_table()
|
||||
|
||||
if form.getvalue('list_serv_select') is not None:
|
||||
haproxy_sock_port = sql.get_setting('haproxy_sock_port')
|
||||
cmd = f'echo "show acl"|nc {serv} {haproxy_sock_port} |grep "loaded from" |awk \'{{print $1,$2}}\''
|
||||
output, stderr = server_mod.subprocess_execute(cmd)
|
||||
print(output)
|
||||
import modules.config.runtime as runtime
|
||||
|
||||
runtime.list_of_lists()
|
||||
|
||||
if form.getvalue('list_select_id') is not None:
|
||||
env = Environment(loader=FileSystemLoader('templates/'), autoescape=True,
|
||||
extensions=['jinja2.ext.loopcontrols', 'jinja2.ext.do'], trim_blocks=True, lstrip_blocks=True)
|
||||
template = env.get_template('ajax/list.html')
|
||||
list_id = common.checkAjaxInput(form.getvalue('list_select_id'))
|
||||
list_name = common.checkAjaxInput(form.getvalue('list_select_name'))
|
||||
import modules.config.runtime as runtime
|
||||
|
||||
haproxy_sock_port = sql.get_setting('haproxy_sock_port')
|
||||
cmd = f'echo "show acl #{list_id}"|nc {serv} {haproxy_sock_port}'
|
||||
output, stderr = server_mod.subprocess_execute(cmd)
|
||||
|
||||
template = template.render(list=output, list_id=list_id, list_name=list_name)
|
||||
print(template)
|
||||
runtime.show_lists()
|
||||
|
||||
if form.getvalue('list_id_for_delete') is not None:
|
||||
haproxy_sock_port = sql.get_setting('haproxy_sock_port')
|
||||
lists_path = sql.get_setting('lists_path')
|
||||
lib_path = get_config.get_config_var('main', 'lib_path')
|
||||
ip_id = common.checkAjaxInput(form.getvalue('list_ip_id_for_delete'))
|
||||
ip = common.is_ip_or_dns(form.getvalue('list_ip_for_delete'))
|
||||
list_id = common.checkAjaxInput(form.getvalue('list_id_for_delete'))
|
||||
list_name = common.checkAjaxInput(form.getvalue('list_name'))
|
||||
user_group = roxywi_common.get_user_group(id=1)
|
||||
cmd = f"sed -i 's!{ip}$!!' {lib_path}/{lists_path}/{user_group}/{list_name}"
|
||||
cmd1 = f"sed -i '/^$/d' {lib_path}/{lists_path}/{user_group}/{list_name}"
|
||||
output, stderr = server_mod.subprocess_execute(cmd)
|
||||
output1, stderr1 = server_mod.subprocess_execute(cmd1)
|
||||
if output:
|
||||
print(f'error: {output}')
|
||||
if stderr:
|
||||
print(f'error: {stderr}')
|
||||
if output1:
|
||||
print(f'error: {output1}')
|
||||
if stderr1:
|
||||
print(f'error: {stderr}')
|
||||
import modules.config.runtime as runtime
|
||||
|
||||
cmd = f'echo "del acl #{list_id} #{ip_id}" |nc {serv} {haproxy_sock_port}'
|
||||
output, stderr = server_mod.subprocess_execute(cmd)
|
||||
if output[0] != '':
|
||||
print(f'error: {output[0]}')
|
||||
if stderr != '':
|
||||
print(f'error: {stderr[0]}')
|
||||
|
||||
roxywi_common.logging(serv, f'{ip_id} has been delete from list {list_id}', login=1, keep_history=1,
|
||||
service='haproxy')
|
||||
runtime.delete_ip_from_list()
|
||||
|
||||
if form.getvalue('list_ip_for_add') is not None:
|
||||
haproxy_sock_port = sql.get_setting('haproxy_sock_port')
|
||||
lists_path = sql.get_setting('lists_path')
|
||||
lib_path = get_config.get_config_var('main', 'lib_path')
|
||||
ip = form.getvalue('list_ip_for_add')
|
||||
ip = ip.strip()
|
||||
ip = common.is_ip_or_dns(ip)
|
||||
list_id = common.checkAjaxInput(form.getvalue('list_id_for_add'))
|
||||
list_name = common.checkAjaxInput(form.getvalue('list_name'))
|
||||
user_group = roxywi_common.get_user_group(id=1)
|
||||
cmd = f'echo "add acl #{list_id} {ip}" |nc {serv} {haproxy_sock_port}'
|
||||
output, stderr = server_mod.subprocess_execute(cmd)
|
||||
if output[0]:
|
||||
print(f'error: {output[0]}')
|
||||
if stderr:
|
||||
print(f'error: {stderr[0]}')
|
||||
import modules.config.runtime as runtime
|
||||
|
||||
if 'is not a valid IPv4 or IPv6 address' not in output[0]:
|
||||
cmd = f'echo "{ip}" >> {lib_path}/{lists_path}/{user_group}/{list_name}'
|
||||
output, stderr = server_mod.subprocess_execute(cmd)
|
||||
if output:
|
||||
print(f'error: {output}')
|
||||
if stderr:
|
||||
print(f'error: {stderr}')
|
||||
|
||||
roxywi_common.logging(serv, f'{ip} has been added to list {list_id}', login=1, keep_history=1,
|
||||
service='haproxy')
|
||||
runtime.add_ip_to_list()
|
||||
|
||||
if form.getvalue('sessions_select') is not None:
|
||||
env = Environment(loader=FileSystemLoader('templates'), autoescape=True,
|
||||
extensions=['jinja2.ext.loopcontrols', 'jinja2.ext.do'], trim_blocks=True, lstrip_blocks=True)
|
||||
serv = common.checkAjaxInput(form.getvalue('sessions_select'))
|
||||
import modules.config.runtime as runtime
|
||||
|
||||
haproxy_sock_port = sql.get_setting('haproxy_sock_port')
|
||||
|
||||
cmd = f'echo "show sess" |nc {serv} {haproxy_sock_port}'
|
||||
output, stderr = server_mod.subprocess_execute(cmd)
|
||||
|
||||
template = env.get_template('ajax/sessions_table.html')
|
||||
template = template.render(sessions=output)
|
||||
|
||||
print(template)
|
||||
runtime.select_session()
|
||||
|
||||
if form.getvalue('sessions_select_show') is not None:
|
||||
serv = common.checkAjaxInput(form.getvalue('sessions_select_show'))
|
||||
sess_id = common.checkAjaxInput(form.getvalue('sessions_select_id'))
|
||||
haproxy_sock_port = sql.get_setting('haproxy_sock_port')
|
||||
cmd = 'echo "show sess %s" |nc %s %s' % (sess_id, serv, haproxy_sock_port)
|
||||
import modules.config.runtime as runtime
|
||||
|
||||
output, stderr = server_mod.subprocess_execute(cmd)
|
||||
|
||||
if stderr:
|
||||
print('error: ' + stderr[0])
|
||||
else:
|
||||
for o in output:
|
||||
print(o + '<br />')
|
||||
runtime.show_session()
|
||||
|
||||
if form.getvalue('session_delete_id') is not None:
|
||||
haproxy_sock_port = sql.get_setting('haproxy_sock_port')
|
||||
sess_id = common.checkAjaxInput(form.getvalue('session_delete_id'))
|
||||
cmd = 'echo "shutdown session %s" |nc %s %s' % (sess_id, serv, haproxy_sock_port)
|
||||
output, stderr = server_mod.subprocess_execute(cmd)
|
||||
if output[0] != '':
|
||||
print('error: ' + output[0])
|
||||
if stderr[0] != '':
|
||||
print('error: ' + stderr[0])
|
||||
import modules.config.runtime as runtime
|
||||
|
||||
runtime.delete_session()
|
||||
|
||||
if form.getvalue("change_pos") is not None:
|
||||
pos = form.getvalue('change_pos')
|
||||
|
@ -338,170 +193,46 @@ if form.getvalue('showif'):
|
|||
server_mod.ssh_command(serv, commands, ip="1")
|
||||
|
||||
if form.getvalue('action_hap') is not None and serv is not None:
|
||||
import modules.service.action as service_action
|
||||
|
||||
action = form.getvalue('action_hap')
|
||||
haproxy_service_name = "haproxy"
|
||||
|
||||
if action not in ('start', 'stop', 'reload', 'restart'):
|
||||
print('error: wrong action')
|
||||
sys.exit()
|
||||
|
||||
service_common.is_restarted(serv, action)
|
||||
|
||||
if service_common.check_haproxy_config(serv):
|
||||
server_id = sql.select_server_id_by_ip(server_ip=serv)
|
||||
|
||||
if action == 'restart':
|
||||
service_common.is_not_allowed_to_restart(server_id, 'haproxy')
|
||||
|
||||
is_docker = sql.select_service_setting(server_id, 'haproxy', 'dockerized')
|
||||
|
||||
if is_docker == '1':
|
||||
container_name = sql.get_setting('haproxy_container_name')
|
||||
commands = [f"sudo docker {action} {container_name}"]
|
||||
else:
|
||||
haproxy_enterprise = sql.select_service_setting(server_id, 'haproxy', 'haproxy_enterprise')
|
||||
if haproxy_enterprise == '1':
|
||||
haproxy_service_name = "hapee-2.0-lb"
|
||||
commands = [f"sudo systemctl {action} {haproxy_service_name}"]
|
||||
|
||||
server_mod.ssh_command(serv, commands)
|
||||
roxywi_common.logging(serv, f'Service has been {action}ed', roxywi=1, login=1, keep_history=1,
|
||||
service='haproxy')
|
||||
print(f"success: HAProxy has been {action}")
|
||||
else:
|
||||
print("error: Bad config, check please")
|
||||
service_action.action_haproxy(serv, action)
|
||||
|
||||
if form.getvalue('action_nginx') is not None and serv is not None:
|
||||
import modules.service.action as service_action
|
||||
|
||||
action = form.getvalue('action_nginx')
|
||||
|
||||
if action not in ('start', 'stop', 'reload', 'restart'):
|
||||
print('error: wrong action')
|
||||
sys.exit()
|
||||
|
||||
service_common.is_restarted(serv, action)
|
||||
|
||||
if service_common.check_nginx_config(serv):
|
||||
server_id = sql.select_server_id_by_ip(server_ip=serv)
|
||||
|
||||
if action == 'restart':
|
||||
service_common.is_not_allowed_to_restart(server_id, 'nginx')
|
||||
is_docker = sql.select_service_setting(server_id, 'nginx', 'dockerized')
|
||||
|
||||
if is_docker == '1':
|
||||
container_name = sql.get_setting('nginx_container_name')
|
||||
commands = ["sudo docker %s %s" % (action, container_name)]
|
||||
else:
|
||||
commands = ["sudo systemctl %s nginx" % action]
|
||||
server_mod.ssh_command(serv, commands)
|
||||
roxywi_common.logging(serv, 'Service has been ' + action + 'ed', roxywi=1, login=1, keep_history=1, service='nginx')
|
||||
print("success: Nginx has been %s" % action)
|
||||
else:
|
||||
print("error: Bad config, check please")
|
||||
service_action.action_nginx(serv, action)
|
||||
|
||||
if form.getvalue('action_keepalived') is not None and serv is not None:
|
||||
import modules.service.action as service_action
|
||||
|
||||
action = form.getvalue('action_keepalived')
|
||||
|
||||
if action not in ('start', 'stop', 'reload', 'restart'):
|
||||
print('error: wrong action')
|
||||
sys.exit()
|
||||
|
||||
service_common.is_restarted(serv, action)
|
||||
|
||||
commands = ["sudo systemctl %s keepalived" % action]
|
||||
server_mod.ssh_command(serv, commands)
|
||||
roxywi_common.logging(serv, 'Service has been ' + action + 'ed', roxywi=1, login=1, keep_history=1, service='keepalived')
|
||||
print("success: Keepalived has been %s" % action)
|
||||
service_action.action_keepalived(serv, action)
|
||||
|
||||
if form.getvalue('action_waf') is not None and serv is not None:
|
||||
serv = form.getvalue('serv')
|
||||
import modules.service.action as service_action
|
||||
|
||||
action = form.getvalue('action_waf')
|
||||
|
||||
if action not in ('start', 'stop', 'reload', 'restart'):
|
||||
print('error: wrong action')
|
||||
sys.exit()
|
||||
|
||||
service_common.is_restarted(serv, action)
|
||||
|
||||
roxywi_common.logging(serv, 'HAProxy WAF service has been ' + action + 'ed', roxywi=1, login=1, keep_history=1,
|
||||
service='haproxy')
|
||||
commands = ["sudo systemctl %s waf" % action]
|
||||
server_mod.ssh_command(serv, commands)
|
||||
service_action.action_haproxy_waf(serv, action)
|
||||
|
||||
if form.getvalue('action_waf_nginx') is not None and serv is not None:
|
||||
serv = form.getvalue('serv')
|
||||
import modules.service.action as service_action
|
||||
|
||||
action = form.getvalue('action_waf_nginx')
|
||||
config_dir = common.return_nice_path(sql.get_setting('nginx_dir'))
|
||||
|
||||
if action not in ('start', 'stop'):
|
||||
print('error: wrong action')
|
||||
sys.exit()
|
||||
|
||||
service_common.is_restarted(serv, action)
|
||||
|
||||
waf_new_state = 'on' if action == 'start' else 'off'
|
||||
waf_old_state = 'off' if action == 'start' else 'on'
|
||||
|
||||
roxywi_common.logging(serv, 'NGINX WAF service has been ' + action + 'ed', roxywi=1, login=1, keep_history=1,
|
||||
service='nginx')
|
||||
commands = [f"sudo sed -i 's/modsecurity {waf_old_state}/modsecurity {waf_new_state}/g' {config_dir}nginx.conf"
|
||||
f" && sudo systemctl reload nginx"]
|
||||
server_mod.ssh_command(serv, commands)
|
||||
service_action.action_nginx_waf(serv, action)
|
||||
|
||||
if form.getvalue('action_apache') is not None and serv is not None:
|
||||
import modules.service.action as service_action
|
||||
|
||||
action = form.getvalue('action_apache')
|
||||
|
||||
if action not in ('start', 'stop', 'reload', 'restart'):
|
||||
print('error: wrong action')
|
||||
sys.exit()
|
||||
|
||||
service_common.is_restarted(serv, action)
|
||||
|
||||
server_id = sql.select_server_id_by_ip(serv)
|
||||
|
||||
if action == 'restart':
|
||||
service_common.is_not_allowed_to_restart(server_id, 'apache')
|
||||
|
||||
is_docker = sql.select_service_setting(server_id, 'apache', 'dockerized')
|
||||
if is_docker == '1':
|
||||
container_name = sql.get_setting('apache_container_name')
|
||||
commands = ["sudo docker %s %s" % (action, container_name)]
|
||||
else:
|
||||
service_apache_name = service_common.get_correct_apache_service_name(None, server_id)
|
||||
|
||||
commands = ["sudo systemctl %s %s" % (action, service_apache_name)]
|
||||
server_mod.ssh_command(serv, commands)
|
||||
roxywi_common.logging(serv, 'Service has been ' + action + 'ed', roxywi=1, login=1, keep_history=1, service='apache')
|
||||
print("success: Apache has been %s" % action)
|
||||
service_action.action_apache(serv, action)
|
||||
|
||||
if form.getvalue('action_service') is not None:
|
||||
import modules.roxywi.roxy as roxy
|
||||
|
||||
action = common.checkAjaxInput(form.getvalue('action_service'))
|
||||
|
||||
if action not in ('start', 'stop', 'restart'):
|
||||
print('error: wrong action')
|
||||
sys.exit()
|
||||
|
||||
is_in_docker = roxy.is_docker()
|
||||
if action == 'stop':
|
||||
cmd = "sudo systemctl disable %s --now" % serv
|
||||
elif action == "start":
|
||||
cmd = "sudo systemctl enable %s --now" % serv
|
||||
if not sql.select_user_status():
|
||||
print(
|
||||
'warning: The service is disabled because you are not subscribed. Read <a href="https://roxy-wi.org/pricing.py" '
|
||||
'title="Roxy-WI pricing" target="_blank">here</a> about subscriptions')
|
||||
sys.exit()
|
||||
elif action == "restart":
|
||||
cmd = "sudo systemctl restart %s --now" % serv
|
||||
if not sql.select_user_status():
|
||||
print(
|
||||
'warning: The service is disabled because you are not subscribed. Read <a href="https://roxy-wi.org/pricing.py" '
|
||||
'title="Roxy-WI pricing" target="_blank">here</a> about subscriptions')
|
||||
sys.exit()
|
||||
if is_in_docker:
|
||||
cmd = "sudo supervisorctl " + action + " " + serv
|
||||
output, stderr = server_mod.subprocess_execute(cmd)
|
||||
roxywi_common.logging('Roxy-WI server', ' The service ' + serv + ' has been ' + action + 'ed', roxywi=1, login=1)
|
||||
roxy.action_service(action, serv)
|
||||
|
||||
if act == "overviewHapserverBackends":
|
||||
import modules.config.section as section_mod
|
||||
|
@ -1882,77 +1613,24 @@ if form.getvalue('change_waf_mode'):
|
|||
error_mess = 'error: All fields must be completed'
|
||||
|
||||
if form.getvalue('newuser') is not None:
|
||||
email = form.getvalue('newemail')
|
||||
password = form.getvalue('newpassword')
|
||||
role = form.getvalue('newrole')
|
||||
new_user = form.getvalue('newusername')
|
||||
page = form.getvalue('page')
|
||||
activeuser = form.getvalue('activeuser')
|
||||
group = form.getvalue('newgroupuser')
|
||||
role_id = sql.get_role_id_by_name(role)
|
||||
import modules.roxywi.user as roxywi_user
|
||||
|
||||
if roxywi_common.check_user_group():
|
||||
if roxywi_auth.is_admin(level=role_id):
|
||||
try:
|
||||
sql.add_user(new_user, email, password, role, activeuser, group)
|
||||
env = Environment(loader=FileSystemLoader('templates/'), autoescape=True)
|
||||
template = env.get_template('ajax/new_user.html')
|
||||
|
||||
template = template.render(users=sql.select_users(user=new_user),
|
||||
groups=sql.select_groups(),
|
||||
page=page,
|
||||
roles=sql.select_roles(),
|
||||
adding=1)
|
||||
print(template)
|
||||
roxywi_common.logging(f'a new user {new_user}', ' has been created ', roxywi=1, login=1)
|
||||
except Exception as e:
|
||||
print(e)
|
||||
roxywi_common.logging('Cannot create a new user', e, roxywi=1, login=1)
|
||||
else:
|
||||
print('error: dalsdm')
|
||||
roxywi_common.logging(new_user, ' tried to privilege escalation', roxywi=1, login=1)
|
||||
roxywi_user.create_user()
|
||||
|
||||
if form.getvalue('userdel') is not None:
|
||||
userdel = form.getvalue('userdel')
|
||||
user = sql.select_users(id=userdel)
|
||||
username = ''
|
||||
for u in user:
|
||||
username = u.username
|
||||
if sql.delete_user(userdel):
|
||||
sql.delete_user_groups(userdel)
|
||||
roxywi_common.logging(username, ' has been deleted user ', roxywi=1, login=1)
|
||||
print("Ok")
|
||||
import modules.roxywi.user as roxywi_user
|
||||
|
||||
roxywi_user.delete_user()
|
||||
|
||||
if form.getvalue('updateuser') is not None:
|
||||
email = form.getvalue('email')
|
||||
role = form.getvalue('role')
|
||||
new_user = form.getvalue('updateuser')
|
||||
user_id = form.getvalue('id')
|
||||
activeuser = form.getvalue('activeuser')
|
||||
group = form.getvalue('usergroup')
|
||||
role_id = sql.get_role_id_by_name(role)
|
||||
import modules.roxywi.user as roxywi_user
|
||||
|
||||
if roxywi_common.check_user_group():
|
||||
if roxywi_auth.is_admin(level=role_id):
|
||||
sql.update_user(new_user, email, role, user_id, activeuser)
|
||||
roxywi_common.logging(new_user, ' has been updated user ', roxywi=1, login=1)
|
||||
else:
|
||||
roxywi_common.logging(new_user, ' tried to privilege escalation', roxywi=1, login=1)
|
||||
roxywi_user.update_user()
|
||||
|
||||
if form.getvalue('updatepassowrd') is not None:
|
||||
password = form.getvalue('updatepassowrd')
|
||||
username = ''
|
||||
import modules.roxywi.user as roxywi_user
|
||||
|
||||
if form.getvalue('uuid'):
|
||||
user_id = sql.get_user_id_by_uuid(form.getvalue('uuid'))
|
||||
else:
|
||||
user_id = form.getvalue('id')
|
||||
user = sql.select_users(id=user_id)
|
||||
for u in user:
|
||||
username = u.username
|
||||
sql.update_user_password(password, user_id)
|
||||
roxywi_common.logging('user ' + username, ' has changed password ', roxywi=1, login=1)
|
||||
print("Ok")
|
||||
roxywi_user.update_user_password()
|
||||
|
||||
if form.getvalue('newserver') is not None:
|
||||
import modules.server.server as server_mod
|
||||
|
@ -2645,7 +2323,7 @@ if form.getvalue('lets_domain'):
|
|||
lets_domain = form.getvalue('lets_domain')
|
||||
lets_email = form.getvalue('lets_email')
|
||||
proxy = sql.get_setting('proxy')
|
||||
ssl_path = sql.get_setting('cert_path')
|
||||
ssl_path = common.return_nice_path(sql.get_setting('cert_path'))
|
||||
haproxy_dir = sql.get_setting('haproxy_dir')
|
||||
script = "letsencrypt.sh"
|
||||
proxy_serv = ''
|
||||
|
|
|
@ -7,7 +7,6 @@ import modules.db.sql as sql
|
|||
import modules.common.common as common
|
||||
import modules.roxywi.auth as roxywi_auth
|
||||
import modules.roxywi.common as roxywi_common
|
||||
import modules.server.server as server_mod
|
||||
|
||||
env = Environment(extensions=["jinja2.ext.do"], loader=FileSystemLoader('templates/'), autoescape=True)
|
||||
template = env.get_template('provisioning.html')
|
||||
|
@ -31,13 +30,7 @@ try:
|
|||
groups = roxywi_common.get_user_group(id=1)
|
||||
user_group = roxywi_common.get_user_group(id=1)
|
||||
|
||||
cmd = 'which terraform'
|
||||
output, stderr = server_mod.subprocess_execute(cmd)
|
||||
|
||||
if stderr != '':
|
||||
is_terraform = False
|
||||
else:
|
||||
is_terraform = True
|
||||
is_needed_tool = common.is_tool('terraform')
|
||||
|
||||
params = sql.select_provisioning_params()
|
||||
except Exception as e:
|
||||
|
@ -46,6 +39,6 @@ except Exception as e:
|
|||
rendered_template = template.render(
|
||||
title="Servers provisioning", role=user_params['role'], user=user_params['user'], groups=groups,
|
||||
user_group=user_group, servers=sql.select_provisioned_servers(), providers=sql.select_providers(user_group),
|
||||
is_terraform=is_terraform, user_services=user_params['user_services'], token=user_params['token'], params=params
|
||||
is_needed_tool=is_needed_tool, user_services=user_params['user_services'], token=user_params['token'], params=params
|
||||
)
|
||||
print(rendered_template)
|
||||
|
|
|
@ -21,6 +21,9 @@
|
|||
when: (ansible_facts['os_family'] == "RedHat" or ansible_facts['os_family'] == 'CentOS') and HAPVER|length > 0
|
||||
ignore_errors: yes
|
||||
register: install_result
|
||||
retries: 5
|
||||
until: install_result.rc == 0
|
||||
delay: 5
|
||||
environment:
|
||||
http_proxy: "{{PROXY}}"
|
||||
https_proxy: "{{PROXY}}"
|
||||
|
@ -34,9 +37,12 @@
|
|||
- rsyslog
|
||||
- bind-utils
|
||||
state: present
|
||||
register: install_result1
|
||||
when: (ansible_facts['os_family'] == "RedHat" or ansible_facts['os_family'] == 'CentOS') and ("'timed out' in install_result.stderr")
|
||||
ignore_errors: yes
|
||||
register: install_result1
|
||||
retries: 5
|
||||
until: install_result1.rc == 0
|
||||
delay: 5
|
||||
environment:
|
||||
http_proxy: "{{PROXY}}"
|
||||
https_proxy: "{{PROXY}}"
|
||||
|
@ -56,6 +62,10 @@
|
|||
- rsyslog
|
||||
state: latest
|
||||
when: (ansible_facts['os_family'] == "RedHat" or ansible_facts['os_family'] == 'CentOS') and ("'FAILED' in install_result1.stderr")
|
||||
register: install_result
|
||||
retries: 5
|
||||
until: install_result.rc == 0
|
||||
delay: 5
|
||||
environment:
|
||||
http_proxy: "{{PROXY}}"
|
||||
https_proxy: "{{PROXY}}"
|
||||
|
@ -69,6 +79,10 @@
|
|||
- rsyslog
|
||||
state: present
|
||||
when: ansible_facts['os_family'] == 'Debian' or ansible_facts['os_family'] == 'Ubuntu'
|
||||
register: install_result
|
||||
retries: 5
|
||||
until: install_result.rc == 0
|
||||
delay: 5
|
||||
environment:
|
||||
http_proxy: "{{PROXY}}"
|
||||
https_proxy: "{{PROXY}}"
|
||||
|
|
|
@ -32,6 +32,7 @@ try:
|
|||
gits = sql.select_gits()
|
||||
servers = roxywi_common.get_dick_permit(virt=1, disable=0, only_group=1)
|
||||
masters = sql.select_servers(get_master_servers=1, uuid=user_params['user_uuid'].value)
|
||||
is_needed_tool = common.is_tool('ansible')
|
||||
except Exception:
|
||||
pass
|
||||
|
||||
|
@ -48,5 +49,6 @@ rendered_template = template.render(
|
|||
token=user_params['token'], settings=settings, backups=sql.select_backups(), page="servers.py",
|
||||
geoip_country_codes=geoip_country_codes, user_services=user_params['user_services'], ldap_enable=ldap_enable,
|
||||
user_status=user_subscription['user_status'], user_plan=user_subscription['user_plan'], gits=gits,
|
||||
is_needed_tool=is_needed_tool
|
||||
)
|
||||
print(rendered_template)
|
||||
|
|
|
@ -9,6 +9,14 @@
|
|||
</style>
|
||||
{% if user_status == 0 or user_plan == 'user' %}
|
||||
{% include 'include/no_sub.html' %}
|
||||
{% elif not is_needed_tool %}
|
||||
<div style="text-align: center;">
|
||||
<h3>You have not installed Ansible</h3>.
|
||||
<img src="/inc/images/no_servers.png" alt="There is no server">
|
||||
<h4>
|
||||
Read <a href="https://roxy-wi.org/installation#ansible" title="Installing Ansible" target="_blank">here</a> how to install Ansible.
|
||||
</h4>
|
||||
</div>
|
||||
{% else %}
|
||||
<table class="overview" style="margin-bottom: 20px;">
|
||||
<caption><h3>Create a new HA cluster</h3></caption>
|
||||
|
@ -130,7 +138,7 @@
|
|||
</table>
|
||||
<div id="ajax"></div>
|
||||
<div class="add-note alert addName alert-info" style="width: inherit; margin-right: 15px;">
|
||||
Read <a href="https://roxy-wi.org/howto/ha-cluster" title="How to create high available cluster" target="_blank">How to create high available cluster</a>
|
||||
Read <a href="https://roxy-wi.org/howto.py/ha_cluster" title="How to create high available cluster" target="_blank">How to create high available cluster</a>
|
||||
</div>
|
||||
<div id="server_creating" style="display: none;">
|
||||
<ul style="padding: 20px 20px 0px 20px;font-size: 15px;">
|
||||
|
|
|
@ -1,3 +1,12 @@
|
|||
{% if not is_needed_tool %}
|
||||
<div style="text-align: center;">
|
||||
<h3>You have not installed Ansible</h3>.
|
||||
<img src="/inc/images/no_servers.png" alt="There is no server">
|
||||
<h4>
|
||||
Read <a href="https://roxy-wi.org/installation#ansible" title="Installing Ansible" target="_blank">here</a> how to install Ansible.
|
||||
</h4>
|
||||
</div>
|
||||
{% else %}
|
||||
<div id="backup_tabs">
|
||||
<ul>
|
||||
<li><a href="#git_tab" title="Admin area: Upload to Git - Roxy-WI" id="backup-git-li">Git</a></li>
|
||||
|
@ -111,3 +120,4 @@
|
|||
{% endif %}
|
||||
</div>
|
||||
</div>
|
||||
{% endif %}
|
||||
|
|
|
@ -1,3 +1,12 @@
|
|||
{% if not is_needed_tool %}
|
||||
<div style="text-align: center;">
|
||||
<h3>You have not installed Ansible</h3>.
|
||||
<img src="/inc/images/no_servers.png" alt="There is no server">
|
||||
<h4>
|
||||
Read <a href="https://roxy-wi.org/installation#ansible" title="Installing Ansible" target="_blank">here</a> how to install Ansible.
|
||||
</h4>
|
||||
</div>
|
||||
{% else %}
|
||||
{% if page == 'users.py' %}
|
||||
<table id="grafana-table">
|
||||
<caption><h3>Installing Grafana and Prometheus servers</h3></caption>
|
||||
|
@ -45,8 +54,8 @@
|
|||
<td id="cur_haproxy_exp_ver" class="padding10 first-collumn"></td>
|
||||
<td class="padding10 first-collumn" style="width: 20%;">
|
||||
{% set values = dict() %}
|
||||
{% set values = {'0.7.0':'0.7.0','0.7.1':'0.7.1', '0.8.0':'0.8.0', '0.9.0':'0.9.0', '0.10.0':'0.10.0', '0.11.0':'0.11.0', '0.12.0':'0.12.0', '0.13.0':'0.13.0'} %}
|
||||
{{ select('hapexpver', values=values, selected='0.13.0') }}
|
||||
{% set values = {'0.8.0':'0.8.0', '0.9.0':'0.9.0', '0.10.0':'0.10.0', '0.11.0':'0.11.0', '0.12.0':'0.12.0', '0.13.0':'0.13.0', '0.14.0':'0.14.0'} %}
|
||||
{{ select('hapexpver', values=values, selected='0.14.0') }}
|
||||
</td>
|
||||
<td class="padding10 first-collumn">
|
||||
<select autofocus required name="haproxy_exp_addserv" id="haproxy_exp_addserv">
|
||||
|
@ -76,8 +85,8 @@
|
|||
<td id="cur_nginx_exp_ver" class="padding10 first-collumn"></td>
|
||||
<td class="padding10 first-collumn" style="width: 20%;">
|
||||
{% set values = dict() %}
|
||||
{% set values = {'0.5.0':'0.5.0', '0.6.0':'0.6.0', '0.7.0':'0.7.0', '0.9.0':'0.9.0', '0.10.0':'0.10.0'} %}
|
||||
{{ select('nginxexpver', values=values, selected='0.10.0') }}
|
||||
{% set values = {'0.6.0':'0.6.0', '0.7.0':'0.7.0', '0.9.0':'0.9.0', '0.10.0':'0.10.0', '0.11.0':'0.11.0'} %}
|
||||
{{ select('nginxexpver', values=values, selected='0.11.0') }}
|
||||
</td>
|
||||
<td class="padding10 first-collumn">
|
||||
<select autofocus required name="nginx_exp_addserv" id="nginx_exp_addserv">
|
||||
|
@ -138,9 +147,8 @@
|
|||
<td id="cur_node_exp_ver" class="padding10 first-collumn"></td>
|
||||
<td class="padding10 first-collumn" style="width: 20%;">
|
||||
{% set values = dict() %}
|
||||
{% set values = {'1.0.0':'1.0.0','1.1.0':'1.1.0', '1.1.1':'1.1.1', '1.1.2':'1.1.2', '1.2.0':'1.2.0',
|
||||
'1.2.2':'1.2.2', '1.3.0':'1.3.0', '1.3.1':'1.3.1'} %}
|
||||
{{ select('nodeexpver', values=values, selected='1.3.1') }}
|
||||
{% set values = {'1.1.1':'1.1.1', '1.1.2':'1.1.2', '1.2.0':'1.2.0', '1.2.2':'1.2.2', '1.3.0':'1.3.0', '1.3.1':'1.3.1', '1.5.0':'1.5.0'} %}
|
||||
{{ select('nodeexpver', values=values, selected='1.5.0') }}
|
||||
</td>
|
||||
<td class="padding10 first-collumn">
|
||||
<select autofocus required name="node_exp_addserv" id="node_exp_addserv">
|
||||
|
@ -161,4 +169,4 @@
|
|||
Read <a href="https://roxy-wi.org/services/grafana" title="About Grafana and Prometheus servers" target="_blank">About Grafana and Prometheus servers</a>
|
||||
and <a href="https://roxy-wi.org/howto/exporters" title="About Exporters" target="_blank">About Exporters</a>
|
||||
</div>
|
||||
|
||||
{% endif %}
|
||||
|
|
|
@ -13,14 +13,14 @@
|
|||
</ul>
|
||||
<ul id='browse_histroy'></ul>
|
||||
<div id="provisioning">
|
||||
{% if not is_terraform %}
|
||||
<center>
|
||||
{% if not is_needed_tool %}
|
||||
<div style="text-align: center;">
|
||||
<br />
|
||||
<h3>You have not installed Terraform.</h3>
|
||||
<img src="/inc/images/no_servers.png" alt="There is no server">
|
||||
<h4>Read <a href="https://www.terraform.io/downloads.html"
|
||||
title="Download Terraform" target="_blank">here</a> how to install Terraform.</h4>
|
||||
</center>
|
||||
title="Download Terraform" target="_blank" class="link">here</a> how to install Terraform.</h4>
|
||||
</div>
|
||||
{% elif servers|length == 0 %}
|
||||
{% include 'include/getstarted.html' %}
|
||||
{% else %}
|
||||
|
|
|
@ -41,6 +41,15 @@
|
|||
</div>
|
||||
|
||||
<div id="installproxy">
|
||||
{% if not is_needed_tool %}
|
||||
<div style="text-align: center;">
|
||||
<h3>You have not installed Ansible</h3>.
|
||||
<img src="/inc/images/no_servers.png" alt="There is no server">
|
||||
<h4>
|
||||
Read <a href="https://roxy-wi.org/installation#ansible" title="Installing Ansible" target="_blank">here</a> how to install Ansible.
|
||||
</h4>
|
||||
</div>
|
||||
{% else %}
|
||||
<table class="overview">
|
||||
<caption><h3>Install HAProxy</h3></caption>
|
||||
<tr class="overviewHead">
|
||||
|
@ -117,6 +126,7 @@
|
|||
</tr>
|
||||
</table>
|
||||
<div id="ajax"></div>
|
||||
{% endif %}
|
||||
</div>
|
||||
<div id="backup">
|
||||
{% include 'include/admin_backup.html' %}
|
||||
|
@ -127,6 +137,15 @@
|
|||
|
||||
<div id="geolite2">
|
||||
<table>
|
||||
{% if not is_needed_tool %}
|
||||
<div style="text-align: center;">
|
||||
<h3>You have not installed Ansible</h3>.
|
||||
<img src="/inc/images/no_servers.png" alt="There is no server">
|
||||
<h4>
|
||||
Read <a href="https://roxy-wi.org/installation#ansible" title="Installing Ansible" target="_blank">here</a> how to install Ansible.
|
||||
</h4>
|
||||
</div>
|
||||
{% else %}
|
||||
<caption><h3>Install GeoLite2</h3></caption>
|
||||
<tr class="overviewHead">
|
||||
<td class="padding10 first-collumn">Server</td>
|
||||
|
@ -160,6 +179,7 @@
|
|||
<span class="ui-button ui-widget ui-corner-all" id="geoip_install" title="Install GeoLite2" style="display: none;">Install</span>
|
||||
</td>
|
||||
</tr>
|
||||
{% endif %}
|
||||
</table>
|
||||
<div id="ajax-geoip"></div>
|
||||
<div class="add-note alert addName alert-info" style="width: inherit; margin-right: 15px; margin-bottom: 15px;">
|
||||
|
|
|
@ -33,6 +33,7 @@ ldap_enable = sql.get_setting('ldap_enable')
|
|||
services = sql.select_services()
|
||||
gits = sql.select_gits()
|
||||
masters = sql.select_servers(get_master_servers=1)
|
||||
is_needed_tool = common.is_tool('ansible')
|
||||
|
||||
try:
|
||||
user_subscription = roxywi_common.return_user_status()
|
||||
|
@ -45,6 +46,7 @@ rendered_template = template.render(
|
|||
servers=sql.select_servers(full=1), roles=sql.select_roles(), masters=masters, sshs=sql.select_ssh(),
|
||||
settings=settings, backups=sql.select_backups(), services=services, timezones=pytz.all_timezones,
|
||||
page="users.py", user_services=user_params['user_services'], ldap_enable=ldap_enable, gits=gits, guide_me=1,
|
||||
user_status=user_subscription['user_status'], user_plan=user_subscription['user_plan'], token=user_params['token']
|
||||
user_status=user_subscription['user_status'], user_plan=user_subscription['user_plan'], token=user_params['token'],
|
||||
is_needed_tool=is_needed_tool
|
||||
)
|
||||
print(rendered_template)
|
||||
|
|
Loading…
Reference in New Issue