github
/
haproxy-wi
mirror of https://github.com/Aidaho12/haproxy-wi
1
0
Fork 0
Code Issues Releases Wiki Activity

v6.3.1.0 

Changelog: https://roxy-wi.org/changelog#6_3_1
pull/355/head
Pavel Loginov 2022-12-04 21:43:25 +03:00
parent d6a27f8307
commit 5a40d50368
19 changed files with 620 additions and 403 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
app/create_db.py
View File

@ -966,7 +966,7 @@ def update_db_v_6_2_1():
def update_ver():
try:
Version.update(version='6.3.0.0').execute()
Version.update(version='6.3.1.0').execute()
except Exception:
print('Cannot update version')

3
app/ha.py
View File

@ -24,6 +24,7 @@ except Exception as e:
sys.exit()
roxywi_auth.page_for_admin(level=2)
is_needed_tool = common.is_tool('ansible')
try:
user_subscription = roxywi_common.return_user_status()
@ -34,6 +35,6 @@ except Exception as e:
parsed_template = template.render(
h2=1, title=title, role=user_params['role'], user=user_params['user'], serv=serv, selects=user_params['servers'],
user_services=user_params['user_services'], user_status=user_subscription['user_status'],
user_plan=user_subscription['user_plan'], token=user_params['token']
user_plan=user_subscription['user_plan'], is_needed_tool=is_needed_tool, token=user_params['token']
)
print(parsed_template)

7
app/modules/common/common.py
View File

@ -62,3 +62,10 @@ def string_to_dict(dict_string) -> dict:
def get_key(item):
return item[0]
def is_tool(name):
from shutil import which
is_tool_installed = which(name)
return True if is_tool_installed is not None else False

73
app/modules/config/config.py
View File

@ -3,11 +3,13 @@ import re
import http.cookies
import modules.db.sql as sql
import modules.common.common as common
import modules.server.server as server_mod
import modules.roxywi.common as roxywi_common
import modules.roxy_wi_tools as roxy_wi_tools
from modules.service.common import is_not_allowed_to_restart, get_correct_apache_service_name
form = common.form
time_zone = sql.get_setting('time_zone')
get_date = roxy_wi_tools.GetDate(time_zone)
get_config_var = roxy_wi_tools.GetConfigVar()
@ -372,3 +374,74 @@ def get_userlists(config):
return_config += line + ','
return return_config
def get_ssl_cert(server_ip: str) -> None:
cert_id = common.checkAjaxInput(form.getvalue('getcert'))
cert_path = sql.get_setting('cert_path')
commands = [f"openssl x509 -in {cert_path}/{cert_id} -text"]
try:
server_mod.ssh_command(server_ip, commands, ip="1")
except Exception as e:
print(f'error: Cannot connect to the server {e.args[0]}')
def get_ssl_certs(server_ip: str) -> None:
cert_path = sql.get_setting('cert_path')
commands = [f"sudo ls -1t {cert_path} |grep -E 'pem|crt|key'"]
try:
server_mod.ssh_command(server_ip, commands, ip="1")
except Exception as e:
print(f'error: Cannot connect to the server: {e.args[0]}')
def del_ssl_cert(server_ip: str) -> None:
cert_id = form.getvalue('delcert')
cert_id = common.checkAjaxInput(cert_id)
cert_path = sql.get_setting('cert_path')
commands = [f"sudo rm -f {cert_path}/{cert_id}"]
try:
server_mod.ssh_command(server_ip, commands, ip="1")
except Exception as e:
print(f'error: Cannot delete the certificate {e.args[0]}')
def upload_ssl_cert(server_ip: str) -> None:
cert_local_dir = f"{os.path.dirname(os.getcwd())}/{sql.get_setting('ssl_local_path')}"
cert_path = sql.get_setting('cert_path')
name = ''
if not os.path.exists(cert_local_dir):
os.makedirs(cert_local_dir)
if form.getvalue('ssl_name') is None:
print('error: Please enter a desired name')
else:
name = f"{common.checkAjaxInput(form.getvalue('ssl_name'))}.pem"
try:
with open(name, "w") as ssl_cert:
ssl_cert.write(form.getvalue('ssl_cert'))
except IOError as e:
print(f'error: Cannot save the SSL key file: {e.args[0]}')
sys.exit()
masters = sql.is_master(server_ip)
for master in masters:
if master[0] is not None:
error = upload(master[0], cert_path, name)
if not error:
print(f'success: the SSL file has been uploaded to {master[0]} into: {cert_path}/{name} <br/>')
try:
error = upload(server_ip, cert_path, name)
if not error:
print(f'success: the SSL file has been uploaded to {server_ip} into: {cert_path}/{name}')
except Exception as e:
roxywi_common.logging('Roxy-WI server', e.args[0], roxywi=1)
try:
os.rename(name, cert_local_dir)
except OSError as e:
roxywi_common.logging('Roxy-WI server', e.args[0], roxywi=1)
roxywi_common.logging(server_ip, f"add.py#ssl uploaded a new SSL cert {name}", roxywi=1, login=1)

149
app/modules/config/runtime.py
View File

@ -218,3 +218,152 @@ def table_select():
template = template.render(tables_head=tables_head, table=table)
print(template)
def delete_ip_from_stick_table() -> None:
haproxy_sock_port = sql.get_setting('haproxy_sock_port')
ip = common.checkAjaxInput(form.getvalue('ip_for_delete'))
table = common.checkAjaxInput(form.getvalue('table_for_delete'))
cmd = f'echo "clear table {table} key {ip}" |nc {serv} {haproxy_sock_port}'
output, stderr = server_mod.subprocess_execute(cmd)
if stderr[0] != '':
print('error: ' + stderr[0])
def clear_stick_table() -> None:
haproxy_sock_port = sql.get_setting('haproxy_sock_port')
table = common.checkAjaxInput(form.getvalue('table_for_clear'))
cmd = f'echo "clear table {table} " |nc {serv} {haproxy_sock_port}'
output, stderr = server_mod.subprocess_execute(cmd)
if stderr[0] != '':
print('error: ' + stderr[0])
def list_of_lists() -> None:
haproxy_sock_port = sql.get_setting('haproxy_sock_port')
cmd = f'echo "show acl"|nc {serv} {haproxy_sock_port} |grep "loaded from" |awk \'{{print $1,$2}}\''
output, stderr = server_mod.subprocess_execute(cmd)
print(output)
def show_lists() -> None:
from jinja2 import Environment, FileSystemLoader
env = Environment(loader=FileSystemLoader('templates/'), autoescape=True,
extensions=['jinja2.ext.loopcontrols', 'jinja2.ext.do'], trim_blocks=True, lstrip_blocks=True)
template = env.get_template('ajax/list.html')
list_id = common.checkAjaxInput(form.getvalue('list_select_id'))
list_name = common.checkAjaxInput(form.getvalue('list_select_name'))
haproxy_sock_port = sql.get_setting('haproxy_sock_port')
cmd = f'echo "show acl #{list_id}"|nc {serv} {haproxy_sock_port}'
output, stderr = server_mod.subprocess_execute(cmd)
template = template.render(list=output, list_id=list_id, list_name=list_name)
print(template)
def delete_ip_from_list() -> None:
haproxy_sock_port = sql.get_setting('haproxy_sock_port')
lists_path = sql.get_setting('lists_path')
lib_path = get_config.get_config_var('main', 'lib_path')
ip_id = common.checkAjaxInput(form.getvalue('list_ip_id_for_delete'))
ip = common.is_ip_or_dns(form.getvalue('list_ip_for_delete'))
list_id = common.checkAjaxInput(form.getvalue('list_id_for_delete'))
list_name = common.checkAjaxInput(form.getvalue('list_name'))
user_group = roxywi_common.get_user_group(id=1)
cmd = f"sed -i 's!{ip}$!!' {lib_path}/{lists_path}/{user_group}/{list_name}"
cmd1 = f"sed -i '/^$/d' {lib_path}/{lists_path}/{user_group}/{list_name}"
output, stderr = server_mod.subprocess_execute(cmd)
output1, stderr1 = server_mod.subprocess_execute(cmd1)
if output:
print(f'error: {output}')
if stderr:
print(f'error: {stderr}')
if output1:
print(f'error: {output1}')
if stderr1:
print(f'error: {stderr}')
cmd = f'echo "del acl #{list_id} #{ip_id}" |nc {serv} {haproxy_sock_port}'
output, stderr = server_mod.subprocess_execute(cmd)
if output[0] != '':
print(f'error: {output[0]}')
if stderr != '':
print(f'error: {stderr[0]}')
roxywi_common.logging(serv, f'{ip_id} has been delete from list {list_id}', login=1, keep_history=1,
service='haproxy')
def add_ip_to_list() -> None:
haproxy_sock_port = sql.get_setting('haproxy_sock_port')
lists_path = sql.get_setting('lists_path')
lib_path = get_config.get_config_var('main', 'lib_path')
ip = form.getvalue('list_ip_for_add')
ip = ip.strip()
ip = common.is_ip_or_dns(ip)
list_id = common.checkAjaxInput(form.getvalue('list_id_for_add'))
list_name = common.checkAjaxInput(form.getvalue('list_name'))
user_group = roxywi_common.get_user_group(id=1)
cmd = f'echo "add acl #{list_id} {ip}" |nc {serv} {haproxy_sock_port}'
output, stderr = server_mod.subprocess_execute(cmd)
if output[0]:
print(f'error: {output[0]}')
if stderr:
print(f'error: {stderr[0]}')
if 'is not a valid IPv4 or IPv6 address' not in output[0]:
cmd = f'echo "{ip}" >> {lib_path}/{lists_path}/{user_group}/{list_name}'
output, stderr = server_mod.subprocess_execute(cmd)
if output:
print(f'error: {output}')
if stderr:
print(f'error: {stderr}')
roxywi_common.logging(serv, f'{ip} has been added to list {list_id}', login=1, keep_history=1,
service='haproxy')
def select_session() -> None:
from jinja2 import Environment, FileSystemLoader
env = Environment(loader=FileSystemLoader('templates'), autoescape=True,
extensions=['jinja2.ext.loopcontrols', 'jinja2.ext.do'], trim_blocks=True, lstrip_blocks=True)
serv = common.checkAjaxInput(form.getvalue('sessions_select'))
haproxy_sock_port = sql.get_setting('haproxy_sock_port')
cmd = f'echo "show sess" |nc {serv} {haproxy_sock_port}'
output, stderr = server_mod.subprocess_execute(cmd)
template = env.get_template('ajax/sessions_table.html')
template = template.render(sessions=output)
print(template)
def show_session() -> None:
serv = common.checkAjaxInput(form.getvalue('sessions_select_show'))
sess_id = common.checkAjaxInput(form.getvalue('sessions_select_id'))
haproxy_sock_port = sql.get_setting('haproxy_sock_port')
cmd = f'echo "show sess {sess_id}" |nc {serv} {haproxy_sock_port}'
output, stderr = server_mod.subprocess_execute(cmd)
if stderr:
print('error: ' + stderr[0])
else:
for o in output:
print(f'{o}<br />')
def delete_session() -> None:
haproxy_sock_port = sql.get_setting('haproxy_sock_port')
sess_id = common.checkAjaxInput(form.getvalue('session_delete_id'))
cmd = 'echo "shutdown session %s" |nc %s %s' % (sess_id, serv, haproxy_sock_port)
output, stderr = server_mod.subprocess_execute(cmd)
if output[0] != '':
print('error: ' + output[0])
if stderr[0] != '':
print('error: ' + stderr[0])

22
app/modules/roxywi/roxy.py
View File

@ -4,6 +4,7 @@ import re
import distro
import modules.db.sql as sql
import modules.common.common as common
import modules.server.server as server_mod
import modules.roxywi.common as roxywi_common
@ -179,3 +180,24 @@ def check_new_version(service):
roxywi_common.logging('Roxy-WI server', f' {e}', roxywi=1)
return res
def action_service(action: str, service: str) -> None:
if action not in ('start', 'stop', 'restart'):
print('error: wrong action')
return
is_in_docker = is_docker()
if action == 'stop':
cmd = f"sudo systemctl disable {service} --now"
elif action in ("start", "restart"):
cmd = f"sudo systemctl {action} {service} --now"
if not sql.select_user_status():
print(
'warning: The service is disabled because you are not subscribed. Read <a href="https://roxy-wi.org/pricing" '
'title="Roxy-WI pricing" target="_blank">here</a> about subscriptions')
sys.exit()
if is_in_docker:
cmd = f"sudo supervisorctl {action} {service}"
os.system(cmd)
roxywi_common.logging('Roxy-WI server', f' The service {service} has been {action}ed', roxywi=1, login=1)

96
app/modules/roxywi/user.py Normal file
View File

@ -0,0 +1,96 @@
import os
from jinja2 import Environment, FileSystemLoader
import modules.db.sql as sql
import modules.common.common as common
import modules.roxywi.auth as roxywi_auth
import modules.roxywi.common as roxywi_common
import modules.alerting.alerting as alerting
form = common.form
def create_user():
email = form.getvalue('newemail')
password = form.getvalue('newpassword')
role = form.getvalue('newrole')
new_user = form.getvalue('newusername')
page = form.getvalue('page')
activeuser = form.getvalue('activeuser')
group = form.getvalue('newgroupuser')
role_id = sql.get_role_id_by_name(role)
if roxywi_common.check_user_group():
if roxywi_auth.is_admin(level=role_id):
try:
sql.add_user(new_user, email, password, role, activeuser, group)
env = Environment(loader=FileSystemLoader('templates/'), autoescape=True)
template = env.get_template('ajax/new_user.html')
template = template.render(users=sql.select_users(user=new_user),
groups=sql.select_groups(),
page=page,
roles=sql.select_roles(),
adding=1)
print(template)
roxywi_common.logging(f'a new user {new_user}', ' has been created ', roxywi=1, login=1)
try:
message = f"A user has been created for you on Roxy-WI portal!\n\n" \
f"Now you can login to https://{os.environ.get('HTTP_HOST', '')}\n\n" \
f"Your credentials are:\n" \
f"Login: {new_user}\n" \
f"Password: {password}"
alerting.send_email(email, 'A user has been created for you', message)
except Exception as e:
roxywi_common.logging('error: Cannot send email for a new user', e, roxywi=1, login=1)
except Exception as e:
print(f'error: Cannot create a new user: {e}')
roxywi_common.logging('error: Cannot create a new user', e, roxywi=1, login=1)
else:
print('error: dalsdm')
roxywi_common.logging(new_user, ' tried to privilege escalation', roxywi=1, login=1)
def delete_user():
userdel = form.getvalue('userdel')
user = sql.select_users(id=userdel)
username = ''
for u in user:
username = u.username
if sql.delete_user(userdel):
sql.delete_user_groups(userdel)
roxywi_common.logging(username, ' has been deleted user ', roxywi=1, login=1)
print("Ok")
def update_user():
email = form.getvalue('email')
role = form.getvalue('role')
new_user = form.getvalue('updateuser')
user_id = form.getvalue('id')
activeuser = form.getvalue('activeuser')
role_id = sql.get_role_id_by_name(role)
if roxywi_common.check_user_group():
if roxywi_auth.is_admin(level=role_id):
sql.update_user(new_user, email, role, user_id, activeuser)
roxywi_common.logging(new_user, ' has been updated user ', roxywi=1, login=1)
else:
roxywi_common.logging(new_user, ' tried to privilege escalation', roxywi=1, login=1)
def update_user_password():
password = form.getvalue('updatepassowrd')
username = ''
if form.getvalue('uuid'):
user_id = sql.get_user_id_by_uuid(form.getvalue('uuid'))
else:
user_id = form.getvalue('id')
user = sql.select_users(id=user_id)
for u in user:
username = u.username
sql.update_user_password(password, user_id)
roxywi_common.logging('user ' + username, ' has changed password ', roxywi=1, login=1)
print("Ok")

2
app/modules/server/server.py
View File

@ -81,7 +81,7 @@ def ssh_command(server_ip: str, commands: list, **kwargs):
except Exception as e:
roxywi_common.logging('Roxy-WI server',
f' Something wrong with SSH connection: {e}', roxywi=1)
return str(f'error: {e}')
raise Exception(f'error: {e}')
def subprocess_execute(cmd):

134
app/modules/service/action.py Normal file
View File

@ -0,0 +1,134 @@
import modules.db.sql as sql
import modules.server.server as server_mod
import modules.roxywi.common as roxywi_common
import modules.service.common as service_common
def action_haproxy(server_ip: str, action: str) -> None:
haproxy_service_name = "haproxy"
if action not in ('start', 'stop', 'reload', 'restart'):
print('error: wrong action')
return
service_common.is_restarted(server_ip, action)
if service_common.check_haproxy_config(server_ip):
server_id = sql.select_server_id_by_ip(server_ip=server_ip)
if action == 'restart':
service_common.is_not_allowed_to_restart(server_id, 'haproxy')
is_docker = sql.select_service_setting(server_id, 'haproxy', 'dockerized')
if is_docker == '1':
container_name = sql.get_setting('haproxy_container_name')
commands = [f"sudo docker {action} {container_name}"]
else:
haproxy_enterprise = sql.select_service_setting(server_id, 'haproxy', 'haproxy_enterprise')
if haproxy_enterprise == '1':
haproxy_service_name = "hapee-2.0-lb"
commands = [f"sudo systemctl {action} {haproxy_service_name}"]
server_mod.ssh_command(server_ip, commands)
roxywi_common.logging(server_ip, f'Service has been {action}ed', roxywi=1, login=1, keep_history=1,
service='haproxy')
print(f"success: HAProxy has been {action}")
else:
print("error: Bad config, check please")
def action_nginx(server_ip: str, action: str) -> None:
if action not in ('start', 'stop', 'reload', 'restart'):
print('error: wrong action')
return
service_common.is_restarted(server_ip, action)
if service_common.check_nginx_config(server_ip):
server_id = sql.select_server_id_by_ip(server_ip=server_ip)
if action == 'restart':
service_common.is_not_allowed_to_restart(server_id, 'nginx')
is_docker = sql.select_service_setting(server_id, 'nginx', 'dockerized')
if is_docker == '1':
container_name = sql.get_setting('nginx_container_name')
commands = [f"sudo docker {action} {container_name}"]
else:
commands = [f"sudo systemctl {action} nginx"]
server_mod.ssh_command(server_ip, commands)
roxywi_common.logging(server_ip, f'Service has been {action}ed', roxywi=1, login=1, keep_history=1, service='nginx')
print(f"success: NGINX has been {action}")
else:
print("error: Bad config, check please")
def action_keepalived(server_ip: str, action: str) -> None:
if action not in ('start', 'stop', 'reload', 'restart'):
print('error: wrong action')
return
service_common.is_restarted(server_ip, action)
commands = [f"sudo systemctl {action} keepalived"]
server_mod.ssh_command(server_ip, commands)
roxywi_common.logging(server_ip, f'Service has been {action}ed', roxywi=1, login=1, keep_history=1, service='keepalived')
print(f"success: Keepalived has been {action}")
def action_apache(server_ip: str, action: str) -> None:
if action not in ('start', 'stop', 'reload', 'restart'):
print('error: wrong action')
return
service_common.is_restarted(server_ip, action)
server_id = sql.select_server_id_by_ip(server_ip)
if action == 'restart':
service_common.is_not_allowed_to_restart(server_id, 'apache')
is_docker = sql.select_service_setting(server_id, 'apache', 'dockerized')
if is_docker == '1':
container_name = sql.get_setting('apache_container_name')
commands = [f"sudo docker {action} {container_name}"]
else:
service_apache_name = service_common.get_correct_apache_service_name(None, server_id)
commands = [f"sudo systemctl {action} {service_apache_name}"]
server_mod.ssh_command(server_ip, commands)
roxywi_common.logging(server_ip, f'Service has been {action}ed', roxywi=1, login=1, keep_history=1, service='apache')
print(f"success: Apache has been {action}")
def action_haproxy_waf(server_ip: str, action: str) -> None:
if action not in ('start', 'stop', 'reload', 'restart'):
print('error: wrong action')
return
service_common.is_restarted(server_ip, action)
roxywi_common.logging(server_ip, f'HAProxy WAF service has been {action}ed', roxywi=1, login=1, keep_history=1,
service='haproxy')
commands = [f"sudo systemctl {action} waf"]
server_mod.ssh_command(server_ip, commands)
def action_nginx_waf(server_ip: str, action: str) -> None:
config_dir = common.return_nice_path(sql.get_setting('nginx_dir'))
if action not in ('start', 'stop'):
print('error: wrong action')
return
service_common.is_restarted(server_ip, action)
waf_new_state = 'on' if action == 'start' else 'off'
waf_old_state = 'off' if action == 'start' else 'on'
roxywi_common.logging(serv, f'NGINX WAF service has been {action}ed', roxywi=1, login=1, keep_history=1,
service='nginx')
commands = [f"sudo sed -i 's/modsecurity {waf_old_state}/modsecurity {waf_new_state}/g' {config_dir}nginx.conf"
f" && sudo systemctl reload nginx"]
server_mod.ssh_command(server_ip, commands)

430
app/options.py
View File

@ -65,12 +65,7 @@ if not sql.check_token_exists(token):
sys.exit()
if form.getvalue('getcerts') is not None and serv is not None:
cert_path = sql.get_setting('cert_path')
commands = [f"sudo ls -1t {cert_path} |grep -E 'pem|crt|key'"]
try:
server_mod.ssh_command(serv, commands, ip="1")
except Exception as e:
print(f'error: Cannot connect to the server: {e.args[0]}')
config_mod.get_ssl_certs(serv)
if form.getvalue('checkSshConnect') is not None and serv is not None:
try:
@ -79,60 +74,13 @@ if form.getvalue('checkSshConnect') is not None and serv is not None:
print(e)
if form.getvalue('getcert') is not None and serv is not None:
cert_id = common.checkAjaxInput(form.getvalue('getcert'))
cert_path = sql.get_setting('cert_path')
commands = [f"openssl x509 -in {cert_path}/{cert_id} -text"]
try:
server_mod.ssh_command(serv, commands, ip="1")
except Exception as e:
print(f'error: Cannot connect to the server {e.args[0]}')
config_mod.get_ssl_cert(serv)
if form.getvalue('delcert') is not None and serv is not None:
cert_id = form.getvalue('delcert')
cert_id = common.checkAjaxInput(cert_id)
cert_path = sql.get_setting('cert_path')
commands = [f"sudo rm -f {cert_path}/{cert_id}"]
try:
server_mod.ssh_command(serv, commands, ip="1")
except Exception as e:
print(f'error: Cannot delete the certificate {e.args[0]}')
config_mod.del_ssl_cert(serv)
if serv and form.getvalue('ssl_cert'):
cert_local_dir = os.path.dirname(os.getcwd()) + "/" + sql.get_setting('ssl_local_path')
cert_path = sql.get_setting('cert_path')
name = ''
if not os.path.exists(cert_local_dir):
os.makedirs(cert_local_dir)
if form.getvalue('ssl_name') is None:
print('error: Please enter a desired name')
else:
name = common.checkAjaxInput(form.getvalue('ssl_name'))
try:
with open(name, "w") as ssl_cert:
ssl_cert.write(form.getvalue('ssl_cert'))
except IOError as e:
print(f'error: Cannot save the SSL key file. Check a SSH key path in config {e.args[0]}')
MASTERS = sql.is_master(serv)
for master in MASTERS:
if master[0] is not None:
config_mod.upload(master[0], cert_path, name)
print('success: the SSL file has been uploaded to %s into: %s%s <br/>' % (master[0], cert_path, '/' + name))
try:
error = config_mod.upload(serv, cert_path, name)
print('success: the SSL file has been uploaded to %s into: %s%s' % (serv, cert_path, '/' + name))
except Exception as e:
roxywi_common.logging('Roxy-WI server', e.args[0], roxywi=1)
try:
os.rename(name, cert_local_dir)
except OSError as e:
roxywi_common.logging('Roxy-WI server', e.args[0], roxywi=1)
roxywi_common.logging(serv, "add.py#ssl uploaded a new SSL cert %s" % name, roxywi=1, login=1)
config_mod.upload_ssl_cert(serv)
if form.getvalue('backend') is not None:
import modules.config.runtime as runtime
@ -187,142 +135,49 @@ if form.getvalue('table_select') is not None:
runtime.table_select()
if form.getvalue('ip_for_delete') is not None:
haproxy_sock_port = sql.get_setting('haproxy_sock_port')
ip = common.checkAjaxInput(form.getvalue('ip_for_delete'))
table = common.checkAjaxInput(form.getvalue('table_for_delete'))
import modules.config.runtime as runtime
cmd = 'echo "clear table %s key %s" |nc %s %s' % (table, ip, serv, haproxy_sock_port)
output, stderr = server_mod.subprocess_execute(cmd)
if stderr[0] != '':
print('error: ' + stderr[0])
runtime.delete_ip_from_stick_table()
if form.getvalue('table_for_clear') is not None:
haproxy_sock_port = sql.get_setting('haproxy_sock_port')
table = common.checkAjaxInput(form.getvalue('table_for_clear'))
import modules.config.runtime as runtime
cmd = 'echo "clear table %s " |nc %s %s' % (table, serv, haproxy_sock_port)
output, stderr = server_mod.subprocess_execute(cmd)
if stderr[0] != '':
print('error: ' + stderr[0])
runtime.clear_stick_table()
if form.getvalue('list_serv_select') is not None:
haproxy_sock_port = sql.get_setting('haproxy_sock_port')
cmd = f'echo "show acl"|nc {serv} {haproxy_sock_port} |grep "loaded from" |awk \'{{print $1,$2}}\''
output, stderr = server_mod.subprocess_execute(cmd)
print(output)
import modules.config.runtime as runtime
runtime.list_of_lists()
if form.getvalue('list_select_id') is not None:
env = Environment(loader=FileSystemLoader('templates/'), autoescape=True,
extensions=['jinja2.ext.loopcontrols', 'jinja2.ext.do'], trim_blocks=True, lstrip_blocks=True)
template = env.get_template('ajax/list.html')
list_id = common.checkAjaxInput(form.getvalue('list_select_id'))
list_name = common.checkAjaxInput(form.getvalue('list_select_name'))
import modules.config.runtime as runtime
haproxy_sock_port = sql.get_setting('haproxy_sock_port')
cmd = f'echo "show acl #{list_id}"|nc {serv} {haproxy_sock_port}'
output, stderr = server_mod.subprocess_execute(cmd)
template = template.render(list=output, list_id=list_id, list_name=list_name)
print(template)
runtime.show_lists()
if form.getvalue('list_id_for_delete') is not None:
haproxy_sock_port = sql.get_setting('haproxy_sock_port')
lists_path = sql.get_setting('lists_path')
lib_path = get_config.get_config_var('main', 'lib_path')
ip_id = common.checkAjaxInput(form.getvalue('list_ip_id_for_delete'))
ip = common.is_ip_or_dns(form.getvalue('list_ip_for_delete'))
list_id = common.checkAjaxInput(form.getvalue('list_id_for_delete'))
list_name = common.checkAjaxInput(form.getvalue('list_name'))
user_group = roxywi_common.get_user_group(id=1)
cmd = f"sed -i 's!{ip}$!!' {lib_path}/{lists_path}/{user_group}/{list_name}"
cmd1 = f"sed -i '/^$/d' {lib_path}/{lists_path}/{user_group}/{list_name}"
output, stderr = server_mod.subprocess_execute(cmd)
output1, stderr1 = server_mod.subprocess_execute(cmd1)
if output:
print(f'error: {output}')
if stderr:
print(f'error: {stderr}')
if output1:
print(f'error: {output1}')
if stderr1:
print(f'error: {stderr}')
import modules.config.runtime as runtime
cmd = f'echo "del acl #{list_id} #{ip_id}" |nc {serv} {haproxy_sock_port}'
output, stderr = server_mod.subprocess_execute(cmd)
if output[0] != '':
print(f'error: {output[0]}')
if stderr != '':
print(f'error: {stderr[0]}')
roxywi_common.logging(serv, f'{ip_id} has been delete from list {list_id}', login=1, keep_history=1,
service='haproxy')
runtime.delete_ip_from_list()
if form.getvalue('list_ip_for_add') is not None:
haproxy_sock_port = sql.get_setting('haproxy_sock_port')
lists_path = sql.get_setting('lists_path')
lib_path = get_config.get_config_var('main', 'lib_path')
ip = form.getvalue('list_ip_for_add')
ip = ip.strip()
ip = common.is_ip_or_dns(ip)
list_id = common.checkAjaxInput(form.getvalue('list_id_for_add'))
list_name = common.checkAjaxInput(form.getvalue('list_name'))
user_group = roxywi_common.get_user_group(id=1)
cmd = f'echo "add acl #{list_id} {ip}" |nc {serv} {haproxy_sock_port}'
output, stderr = server_mod.subprocess_execute(cmd)
if output[0]:
print(f'error: {output[0]}')
if stderr:
print(f'error: {stderr[0]}')
import modules.config.runtime as runtime
if 'is not a valid IPv4 or IPv6 address' not in output[0]:
cmd = f'echo "{ip}" >> {lib_path}/{lists_path}/{user_group}/{list_name}'
output, stderr = server_mod.subprocess_execute(cmd)
if output:
print(f'error: {output}')
if stderr:
print(f'error: {stderr}')
roxywi_common.logging(serv, f'{ip} has been added to list {list_id}', login=1, keep_history=1,
service='haproxy')
runtime.add_ip_to_list()
if form.getvalue('sessions_select') is not None:
env = Environment(loader=FileSystemLoader('templates'), autoescape=True,
extensions=['jinja2.ext.loopcontrols', 'jinja2.ext.do'], trim_blocks=True, lstrip_blocks=True)
serv = common.checkAjaxInput(form.getvalue('sessions_select'))
import modules.config.runtime as runtime
haproxy_sock_port = sql.get_setting('haproxy_sock_port')
cmd = f'echo "show sess" |nc {serv} {haproxy_sock_port}'
output, stderr = server_mod.subprocess_execute(cmd)
template = env.get_template('ajax/sessions_table.html')
template = template.render(sessions=output)
print(template)
runtime.select_session()
if form.getvalue('sessions_select_show') is not None:
serv = common.checkAjaxInput(form.getvalue('sessions_select_show'))
sess_id = common.checkAjaxInput(form.getvalue('sessions_select_id'))
haproxy_sock_port = sql.get_setting('haproxy_sock_port')
cmd = 'echo "show sess %s" |nc %s %s' % (sess_id, serv, haproxy_sock_port)
import modules.config.runtime as runtime
output, stderr = server_mod.subprocess_execute(cmd)
if stderr:
print('error: ' + stderr[0])
else:
for o in output:
print(o + '<br />')
runtime.show_session()
if form.getvalue('session_delete_id') is not None:
haproxy_sock_port = sql.get_setting('haproxy_sock_port')
sess_id = common.checkAjaxInput(form.getvalue('session_delete_id'))
cmd = 'echo "shutdown session %s" |nc %s %s' % (sess_id, serv, haproxy_sock_port)
output, stderr = server_mod.subprocess_execute(cmd)
if output[0] != '':
print('error: ' + output[0])
if stderr[0] != '':
print('error: ' + stderr[0])
import modules.config.runtime as runtime
runtime.delete_session()
if form.getvalue("change_pos") is not None:
pos = form.getvalue('change_pos')
@ -338,170 +193,46 @@ if form.getvalue('showif'):
server_mod.ssh_command(serv, commands, ip="1")
if form.getvalue('action_hap') is not None and serv is not None:
import modules.service.action as service_action
action = form.getvalue('action_hap')
haproxy_service_name = "haproxy"
if action not in ('start', 'stop', 'reload', 'restart'):
print('error: wrong action')
sys.exit()
service_common.is_restarted(serv, action)
if service_common.check_haproxy_config(serv):
server_id = sql.select_server_id_by_ip(server_ip=serv)
if action == 'restart':
service_common.is_not_allowed_to_restart(server_id, 'haproxy')
is_docker = sql.select_service_setting(server_id, 'haproxy', 'dockerized')
if is_docker == '1':
container_name = sql.get_setting('haproxy_container_name')
commands = [f"sudo docker {action} {container_name}"]
else:
haproxy_enterprise = sql.select_service_setting(server_id, 'haproxy', 'haproxy_enterprise')
if haproxy_enterprise == '1':
haproxy_service_name = "hapee-2.0-lb"
commands = [f"sudo systemctl {action} {haproxy_service_name}"]
server_mod.ssh_command(serv, commands)
roxywi_common.logging(serv, f'Service has been {action}ed', roxywi=1, login=1, keep_history=1,
service='haproxy')
print(f"success: HAProxy has been {action}")
else:
print("error: Bad config, check please")
service_action.action_haproxy(serv, action)
if form.getvalue('action_nginx') is not None and serv is not None:
import modules.service.action as service_action
action = form.getvalue('action_nginx')
if action not in ('start', 'stop', 'reload', 'restart'):
print('error: wrong action')
sys.exit()
service_common.is_restarted(serv, action)
if service_common.check_nginx_config(serv):
server_id = sql.select_server_id_by_ip(server_ip=serv)
if action == 'restart':
service_common.is_not_allowed_to_restart(server_id, 'nginx')
is_docker = sql.select_service_setting(server_id, 'nginx', 'dockerized')
if is_docker == '1':
container_name = sql.get_setting('nginx_container_name')
commands = ["sudo docker %s %s" % (action, container_name)]
else:
commands = ["sudo systemctl %s nginx" % action]
server_mod.ssh_command(serv, commands)
roxywi_common.logging(serv, 'Service has been ' + action + 'ed', roxywi=1, login=1, keep_history=1, service='nginx')
print("success: Nginx has been %s" % action)
else:
print("error: Bad config, check please")
service_action.action_nginx(serv, action)
if form.getvalue('action_keepalived') is not None and serv is not None:
import modules.service.action as service_action
action = form.getvalue('action_keepalived')
if action not in ('start', 'stop', 'reload', 'restart'):
print('error: wrong action')
sys.exit()
service_common.is_restarted(serv, action)
commands = ["sudo systemctl %s keepalived" % action]
server_mod.ssh_command(serv, commands)
roxywi_common.logging(serv, 'Service has been ' + action + 'ed', roxywi=1, login=1, keep_history=1, service='keepalived')
print("success: Keepalived has been %s" % action)
service_action.action_keepalived(serv, action)
if form.getvalue('action_waf') is not None and serv is not None:
serv = form.getvalue('serv')
import modules.service.action as service_action
action = form.getvalue('action_waf')
if action not in ('start', 'stop', 'reload', 'restart'):
print('error: wrong action')
sys.exit()
service_common.is_restarted(serv, action)
roxywi_common.logging(serv, 'HAProxy WAF service has been ' + action + 'ed', roxywi=1, login=1, keep_history=1,
service='haproxy')
commands = ["sudo systemctl %s waf" % action]
server_mod.ssh_command(serv, commands)
service_action.action_haproxy_waf(serv, action)
if form.getvalue('action_waf_nginx') is not None and serv is not None:
serv = form.getvalue('serv')
import modules.service.action as service_action
action = form.getvalue('action_waf_nginx')
config_dir = common.return_nice_path(sql.get_setting('nginx_dir'))
if action not in ('start', 'stop'):
print('error: wrong action')
sys.exit()
service_common.is_restarted(serv, action)
waf_new_state = 'on' if action == 'start' else 'off'
waf_old_state = 'off' if action == 'start' else 'on'
roxywi_common.logging(serv, 'NGINX WAF service has been ' + action + 'ed', roxywi=1, login=1, keep_history=1,
service='nginx')
commands = [f"sudo sed -i 's/modsecurity {waf_old_state}/modsecurity {waf_new_state}/g' {config_dir}nginx.conf"
f" && sudo systemctl reload nginx"]
server_mod.ssh_command(serv, commands)
service_action.action_nginx_waf(serv, action)
if form.getvalue('action_apache') is not None and serv is not None:
import modules.service.action as service_action
action = form.getvalue('action_apache')
if action not in ('start', 'stop', 'reload', 'restart'):
print('error: wrong action')
sys.exit()
service_common.is_restarted(serv, action)
server_id = sql.select_server_id_by_ip(serv)
if action == 'restart':
service_common.is_not_allowed_to_restart(server_id, 'apache')
is_docker = sql.select_service_setting(server_id, 'apache', 'dockerized')
if is_docker == '1':
container_name = sql.get_setting('apache_container_name')
commands = ["sudo docker %s %s" % (action, container_name)]
else:
service_apache_name = service_common.get_correct_apache_service_name(None, server_id)
commands = ["sudo systemctl %s %s" % (action, service_apache_name)]
server_mod.ssh_command(serv, commands)
roxywi_common.logging(serv, 'Service has been ' + action + 'ed', roxywi=1, login=1, keep_history=1, service='apache')
print("success: Apache has been %s" % action)
service_action.action_apache(serv, action)
if form.getvalue('action_service') is not None:
import modules.roxywi.roxy as roxy
action = common.checkAjaxInput(form.getvalue('action_service'))
if action not in ('start', 'stop', 'restart'):
print('error: wrong action')
sys.exit()
is_in_docker = roxy.is_docker()
if action == 'stop':
cmd = "sudo systemctl disable %s --now" % serv
elif action == "start":
cmd = "sudo systemctl enable %s --now" % serv
if not sql.select_user_status():
print(
'warning: The service is disabled because you are not subscribed. Read <a href="https://roxy-wi.org/pricing.py" '
'title="Roxy-WI pricing" target="_blank">here</a> about subscriptions')
sys.exit()
elif action == "restart":
cmd = "sudo systemctl restart %s --now" % serv
if not sql.select_user_status():
print(
'warning: The service is disabled because you are not subscribed. Read <a href="https://roxy-wi.org/pricing.py" '
'title="Roxy-WI pricing" target="_blank">here</a> about subscriptions')
sys.exit()
if is_in_docker:
cmd = "sudo supervisorctl " + action + " " + serv
output, stderr = server_mod.subprocess_execute(cmd)
roxywi_common.logging('Roxy-WI server', ' The service ' + serv + ' has been ' + action + 'ed', roxywi=1, login=1)
roxy.action_service(action, serv)
if act == "overviewHapserverBackends":
import modules.config.section as section_mod
@ -1882,77 +1613,24 @@ if form.getvalue('change_waf_mode'):
error_mess = 'error: All fields must be completed'
if form.getvalue('newuser') is not None:
email = form.getvalue('newemail')
password = form.getvalue('newpassword')
role = form.getvalue('newrole')
new_user = form.getvalue('newusername')
page = form.getvalue('page')
activeuser = form.getvalue('activeuser')
group = form.getvalue('newgroupuser')
role_id = sql.get_role_id_by_name(role)
import modules.roxywi.user as roxywi_user
if roxywi_common.check_user_group():
if roxywi_auth.is_admin(level=role_id):
try:
sql.add_user(new_user, email, password, role, activeuser, group)
env = Environment(loader=FileSystemLoader('templates/'), autoescape=True)
template = env.get_template('ajax/new_user.html')
template = template.render(users=sql.select_users(user=new_user),
groups=sql.select_groups(),
page=page,
roles=sql.select_roles(),
adding=1)
print(template)
roxywi_common.logging(f'a new user {new_user}', ' has been created ', roxywi=1, login=1)
except Exception as e:
print(e)
roxywi_common.logging('Cannot create a new user', e, roxywi=1, login=1)
else:
print('error: dalsdm')
roxywi_common.logging(new_user, ' tried to privilege escalation', roxywi=1, login=1)
roxywi_user.create_user()
if form.getvalue('userdel') is not None:
userdel = form.getvalue('userdel')
user = sql.select_users(id=userdel)
username = ''
for u in user:
username = u.username
if sql.delete_user(userdel):
sql.delete_user_groups(userdel)
roxywi_common.logging(username, ' has been deleted user ', roxywi=1, login=1)
print("Ok")
import modules.roxywi.user as roxywi_user
roxywi_user.delete_user()
if form.getvalue('updateuser') is not None:
email = form.getvalue('email')
role = form.getvalue('role')
new_user = form.getvalue('updateuser')
user_id = form.getvalue('id')
activeuser = form.getvalue('activeuser')
group = form.getvalue('usergroup')
role_id = sql.get_role_id_by_name(role)
import modules.roxywi.user as roxywi_user
if roxywi_common.check_user_group():
if roxywi_auth.is_admin(level=role_id):
sql.update_user(new_user, email, role, user_id, activeuser)
roxywi_common.logging(new_user, ' has been updated user ', roxywi=1, login=1)
else:
roxywi_common.logging(new_user, ' tried to privilege escalation', roxywi=1, login=1)
roxywi_user.update_user()
if form.getvalue('updatepassowrd') is not None:
password = form.getvalue('updatepassowrd')
username = ''
import modules.roxywi.user as roxywi_user
if form.getvalue('uuid'):
user_id = sql.get_user_id_by_uuid(form.getvalue('uuid'))
else:
user_id = form.getvalue('id')
user = sql.select_users(id=user_id)
for u in user:
username = u.username
sql.update_user_password(password, user_id)
roxywi_common.logging('user ' + username, ' has changed password ', roxywi=1, login=1)
print("Ok")
roxywi_user.update_user_password()
if form.getvalue('newserver') is not None:
import modules.server.server as server_mod
@ -2645,7 +2323,7 @@ if form.getvalue('lets_domain'):
lets_domain = form.getvalue('lets_domain')
lets_email = form.getvalue('lets_email')
proxy = sql.get_setting('proxy')
ssl_path = sql.get_setting('cert_path')
ssl_path = common.return_nice_path(sql.get_setting('cert_path'))
haproxy_dir = sql.get_setting('haproxy_dir')
script = "letsencrypt.sh"
proxy_serv = ''

11
app/provisioning.py
View File

@ -7,7 +7,6 @@ import modules.db.sql as sql
import modules.common.common as common
import modules.roxywi.auth as roxywi_auth
import modules.roxywi.common as roxywi_common
import modules.server.server as server_mod
env = Environment(extensions=["jinja2.ext.do"], loader=FileSystemLoader('templates/'), autoescape=True)
template = env.get_template('provisioning.html')
@ -31,13 +30,7 @@ try:
groups = roxywi_common.get_user_group(id=1)
user_group = roxywi_common.get_user_group(id=1)
cmd = 'which terraform'
output, stderr = server_mod.subprocess_execute(cmd)
if stderr != '':
is_terraform = False
else:
is_terraform = True
is_needed_tool = common.is_tool('terraform')
params = sql.select_provisioning_params()
except Exception as e:
@ -46,6 +39,6 @@ except Exception as e:
rendered_template = template.render(
title="Servers provisioning", role=user_params['role'], user=user_params['user'], groups=groups,
user_group=user_group, servers=sql.select_provisioned_servers(), providers=sql.select_providers(user_group),
is_terraform=is_terraform, user_services=user_params['user_services'], token=user_params['token'], params=params
is_needed_tool=is_needed_tool, user_services=user_params['user_services'], token=user_params['token'], params=params
)
print(rendered_template)

16
app/scripts/ansible/roles/haproxy/tasks/installation.yml
View File

@ -21,6 +21,9 @@
when: (ansible_facts['os_family'] == "RedHat" or ansible_facts['os_family'] == 'CentOS') and HAPVER|length > 0
ignore_errors: yes
register: install_result
retries: 5
until: install_result.rc == 0
delay: 5
environment:
http_proxy: "{{PROXY}}"
https_proxy: "{{PROXY}}"
@ -34,9 +37,12 @@
- rsyslog
- bind-utils
state: present
register: install_result1
when: (ansible_facts['os_family'] == "RedHat" or ansible_facts['os_family'] == 'CentOS') and ("'timed out' in install_result.stderr")
ignore_errors: yes
register: install_result1
retries: 5
until: install_result1.rc == 0
delay: 5
environment:
http_proxy: "{{PROXY}}"
https_proxy: "{{PROXY}}"
@ -56,6 +62,10 @@
- rsyslog
state: latest
when: (ansible_facts['os_family'] == "RedHat" or ansible_facts['os_family'] == 'CentOS') and ("'FAILED' in install_result1.stderr")
register: install_result
retries: 5
until: install_result.rc == 0
delay: 5
environment:
http_proxy: "{{PROXY}}"
https_proxy: "{{PROXY}}"
@ -69,6 +79,10 @@
- rsyslog
state: present
when: ansible_facts['os_family'] == 'Debian' or ansible_facts['os_family'] == 'Ubuntu'
register: install_result
retries: 5
until: install_result.rc == 0
delay: 5
environment:
http_proxy: "{{PROXY}}"
https_proxy: "{{PROXY}}"

2
app/servers.py
View File

@ -32,6 +32,7 @@ try:
gits = sql.select_gits()
servers = roxywi_common.get_dick_permit(virt=1, disable=0, only_group=1)
masters = sql.select_servers(get_master_servers=1, uuid=user_params['user_uuid'].value)
is_needed_tool = common.is_tool('ansible')
except Exception:
pass
@ -48,5 +49,6 @@ rendered_template = template.render(
token=user_params['token'], settings=settings, backups=sql.select_backups(), page="servers.py",
geoip_country_codes=geoip_country_codes, user_services=user_params['user_services'], ldap_enable=ldap_enable,
user_status=user_subscription['user_status'], user_plan=user_subscription['user_plan'], gits=gits,
is_needed_tool=is_needed_tool
)
print(rendered_template)

10
app/templates/ha.html
View File

@ -9,6 +9,14 @@
</style>
{% if user_status == 0 or user_plan == 'user' %}
{% include 'include/no_sub.html' %}
{% elif not is_needed_tool %}
<div style="text-align: center;">
<h3>You have not installed Ansible</h3>.
<img src="/inc/images/no_servers.png" alt="There is no server">
<h4>
Read <a href="https://roxy-wi.org/installation#ansible" title="Installing Ansible" target="_blank">here</a> how to install Ansible.
</h4>
</div>
{% else %}
<table class="overview" style="margin-bottom: 20px;">
<caption><h3>Create a new HA cluster</h3></caption>
@ -130,7 +138,7 @@
</table>
<div id="ajax"></div>
<div class="add-note alert addName alert-info" style="width: inherit; margin-right: 15px;">
Read <a href="https://roxy-wi.org/howto/ha-cluster" title="How to create high available cluster" target="_blank">How to create high available cluster</a>
Read <a href="https://roxy-wi.org/howto.py/ha_cluster" title="How to create high available cluster" target="_blank">How to create high available cluster</a>
</div>
<div id="server_creating" style="display: none;">
<ul style="padding: 20px 20px 0px 20px;font-size: 15px;">

10
app/templates/include/admin_backup.html
View File

@ -1,3 +1,12 @@
{% if not is_needed_tool %}
<div style="text-align: center;">
<h3>You have not installed Ansible</h3>.
<img src="/inc/images/no_servers.png" alt="There is no server">
<h4>
Read <a href="https://roxy-wi.org/installation#ansible" title="Installing Ansible" target="_blank">here</a> how to install Ansible.
</h4>
</div>
{% else %}
<div id="backup_tabs">
<ul>
<li><a href="#git_tab" title="Admin area: Upload to Git - Roxy-WI" id="backup-git-li">Git</a></li>
@ -111,3 +120,4 @@
{% endif %}
</div>
</div>
{% endif %}

24
app/templates/include/mon_installation.html
View File

@ -1,3 +1,12 @@
{% if not is_needed_tool %}
<div style="text-align: center;">
<h3>You have not installed Ansible</h3>.
<img src="/inc/images/no_servers.png" alt="There is no server">
<h4>
Read <a href="https://roxy-wi.org/installation#ansible" title="Installing Ansible" target="_blank">here</a> how to install Ansible.
</h4>
</div>
{% else %}
{% if page == 'users.py' %}
<table id="grafana-table">
<caption><h3>Installing Grafana and Prometheus servers</h3></caption>
@ -45,8 +54,8 @@
<td id="cur_haproxy_exp_ver" class="padding10 first-collumn"></td>
<td class="padding10 first-collumn" style="width: 20%;">
{% set values = dict() %}
{% set values = {'0.7.0':'0.7.0','0.7.1':'0.7.1', '0.8.0':'0.8.0', '0.9.0':'0.9.0', '0.10.0':'0.10.0', '0.11.0':'0.11.0', '0.12.0':'0.12.0', '0.13.0':'0.13.0'} %}
{{ select('hapexpver', values=values, selected='0.13.0') }}
{% set values = {'0.8.0':'0.8.0', '0.9.0':'0.9.0', '0.10.0':'0.10.0', '0.11.0':'0.11.0', '0.12.0':'0.12.0', '0.13.0':'0.13.0', '0.14.0':'0.14.0'} %}
{{ select('hapexpver', values=values, selected='0.14.0') }}
</td>
<td class="padding10 first-collumn">
<select autofocus required name="haproxy_exp_addserv" id="haproxy_exp_addserv">
@ -76,8 +85,8 @@
<td id="cur_nginx_exp_ver" class="padding10 first-collumn"></td>
<td class="padding10 first-collumn" style="width: 20%;">
{% set values = dict() %}
{% set values = {'0.5.0':'0.5.0', '0.6.0':'0.6.0', '0.7.0':'0.7.0', '0.9.0':'0.9.0', '0.10.0':'0.10.0'} %}
{{ select('nginxexpver', values=values, selected='0.10.0') }}
{% set values = {'0.6.0':'0.6.0', '0.7.0':'0.7.0', '0.9.0':'0.9.0', '0.10.0':'0.10.0', '0.11.0':'0.11.0'} %}
{{ select('nginxexpver', values=values, selected='0.11.0') }}
</td>
<td class="padding10 first-collumn">
<select autofocus required name="nginx_exp_addserv" id="nginx_exp_addserv">
@ -138,9 +147,8 @@
<td id="cur_node_exp_ver" class="padding10 first-collumn"></td>
<td class="padding10 first-collumn" style="width: 20%;">
{% set values = dict() %}
{% set values = {'1.0.0':'1.0.0','1.1.0':'1.1.0', '1.1.1':'1.1.1', '1.1.2':'1.1.2', '1.2.0':'1.2.0',
'1.2.2':'1.2.2', '1.3.0':'1.3.0', '1.3.1':'1.3.1'} %}
{{ select('nodeexpver', values=values, selected='1.3.1') }}
{% set values = {'1.1.1':'1.1.1', '1.1.2':'1.1.2', '1.2.0':'1.2.0', '1.2.2':'1.2.2', '1.3.0':'1.3.0', '1.3.1':'1.3.1', '1.5.0':'1.5.0'} %}
{{ select('nodeexpver', values=values, selected='1.5.0') }}
</td>
<td class="padding10 first-collumn">
<select autofocus required name="node_exp_addserv" id="node_exp_addserv">
@ -161,4 +169,4 @@
Read <a href="https://roxy-wi.org/services/grafana" title="About Grafana and Prometheus servers" target="_blank">About Grafana and Prometheus servers</a>
and <a href="https://roxy-wi.org/howto/exporters" title="About Exporters" target="_blank">About Exporters</a>
</div>
{% endif %}

8
app/templates/provisioning.html
View File

@ -13,14 +13,14 @@
</ul>
<ul id='browse_histroy'></ul>
<div id="provisioning">
{% if not is_terraform %}
<center>
{% if not is_needed_tool %}
<div style="text-align: center;">
<br />
<h3>You have not installed Terraform.</h3>
<img src="/inc/images/no_servers.png" alt="There is no server">
<h4>Read <a href="https://www.terraform.io/downloads.html"
title="Download Terraform" target="_blank">here</a> how to install Terraform.</h4>
</center>
title="Download Terraform" target="_blank" class="link">here</a> how to install Terraform.</h4>
</div>
{% elif servers|length == 0 %}
{% include 'include/getstarted.html' %}
{% else %}

20
app/templates/servers.html
View File

@ -41,6 +41,15 @@
</div>
<div id="installproxy">
{% if not is_needed_tool %}
<div style="text-align: center;">
<h3>You have not installed Ansible</h3>.
<img src="/inc/images/no_servers.png" alt="There is no server">
<h4>
Read <a href="https://roxy-wi.org/installation#ansible" title="Installing Ansible" target="_blank">here</a> how to install Ansible.
</h4>
</div>
{% else %}
<table class="overview">
<caption><h3>Install HAProxy</h3></caption>
<tr class="overviewHead">
@ -117,6 +126,7 @@
</tr>
</table>
<div id="ajax"></div>
{% endif %}
</div>
<div id="backup">
{% include 'include/admin_backup.html' %}
@ -127,6 +137,15 @@
<div id="geolite2">
<table>
{% if not is_needed_tool %}
<div style="text-align: center;">
<h3>You have not installed Ansible</h3>.
<img src="/inc/images/no_servers.png" alt="There is no server">
<h4>
Read <a href="https://roxy-wi.org/installation#ansible" title="Installing Ansible" target="_blank">here</a> how to install Ansible.
</h4>
</div>
{% else %}
<caption><h3>Install GeoLite2</h3></caption>
<tr class="overviewHead">
<td class="padding10 first-collumn">Server</td>
@ -160,6 +179,7 @@
<span class="ui-button ui-widget ui-corner-all" id="geoip_install" title="Install GeoLite2" style="display: none;">Install</span>
</td>
</tr>
{% endif %}
</table>
<div id="ajax-geoip"></div>
<div class="add-note alert addName alert-info" style="width: inherit; margin-right: 15px; margin-bottom: 15px;">

4
app/users.py
View File

@ -33,6 +33,7 @@ ldap_enable = sql.get_setting('ldap_enable')
services = sql.select_services()
gits = sql.select_gits()
masters = sql.select_servers(get_master_servers=1)
is_needed_tool = common.is_tool('ansible')
try:
user_subscription = roxywi_common.return_user_status()
@ -45,6 +46,7 @@ rendered_template = template.render(
servers=sql.select_servers(full=1), roles=sql.select_roles(), masters=masters, sshs=sql.select_ssh(),
settings=settings, backups=sql.select_backups(), services=services, timezones=pytz.all_timezones,
page="users.py", user_services=user_params['user_services'], ldap_enable=ldap_enable, gits=gits, guide_me=1,
user_status=user_subscription['user_status'], user_plan=user_subscription['user_plan'], token=user_params['token']
user_status=user_subscription['user_status'], user_plan=user_subscription['user_plan'], token=user_params['token'],
is_needed_tool=is_needed_tool
)
print(rendered_template)