v6.3.4.0

Changelog: https://roxy-wi.org/changelog#6_3_4

app/create_db.py

@@ -104,6 +104,10 @@ def default_values():
 			'desc': 'Threshold value for alerting, in %', 'group': '1'},
 		{'param': 'checker_check_interval', 'value': '1', 'section': 'monitoring',
 			'desc': 'Check interval for Checker (in minutes)', 'group': '1'},
+		{'param': 'smon_ssl_expire_warning_alert', 'value': '14', 'section': 'monitoring',
+			'desc': 'Warning alert about a SSL certificate expiration (in days)', 'group': '1'},
+		{'param': 'smon_ssl_expire_critical_alert', 'value': '7', 'section': 'monitoring',
+			'desc': 'Critical alert about a SSL certificate expiration (in days)', 'group': '1'},
 		{'param': 'rabbitmq_host', 'value': '127.0.0.1', 'section': 'rabbitmq', 'desc': 'RabbitMQ-server host', 'group': '1'},
 		{'param': 'rabbitmq_port', 'value': '5672', 'section': 'rabbitmq', 'desc': 'RabbitMQ-server port', 'group': '1'},
 		{'param': 'rabbitmq_port', 'value': '5672', 'section': 'rabbitmq', 'desc': 'RabbitMQ-server port', 'group': '1'},
@@ -964,9 +968,23 @@ def update_db_v_6_2_1():
 		print("Updating... DB has been updated to version 6.2.2.0")
 
 
+def update_db_v_6_3_4():
+	cursor = conn.cursor()
+	sql = list()
+	sql.append("alter table smon add column ssl_expire_warning_alert integer default 0")
+	sql.append("alter table smon add column ssl_expire_critical_alert integer default 0")
+	for i in sql:
+		try:
+			cursor.execute(i)
+		except Exception as e:
+			pass
+	else:
+		print('Updating... DB has been updated to version 6.3.4.0')
+
+
 def update_ver():
 	try:
-		Version.update(version='6.3.3.0').execute()
+		Version.update(version='6.3.4.0').execute()
 	except Exception:
 		print('Cannot update version')
 
@@ -1002,6 +1020,7 @@ def update_all():
 	update_db_v_6_1_3()
 	update_db_v_6_1_4()
 	update_db_v_6_2_1()
+	update_db_v_6_3_4()
 	update_ver()
 
 

app/modules/db/db_model.py

@@ -417,6 +417,8 @@ class SMON(BaseModel):
     telegram_channel_id = IntegerField(null=True)
     user_group = IntegerField()
     slack_channel_id = IntegerField(null=True)
+    ssl_expire_warning_alert = IntegerField(constraints=[SQL('DEFAULT 0')])
+    ssl_expire_critical_alert = IntegerField(constraints=[SQL('DEFAULT 0')])
 
     class Meta:
         table_name = 'smon'

app/modules/db/sql.py

@@ -47,7 +47,8 @@ def get_setting(param, **kwargs):
 					'nginx_stats_port', 'session_ttl', 'token_ttl', 'stats_port', 'haproxy_sock_port', 'ldap_type',
 					'ldap_port', 'ldap_enable', 'log_time_storage', 'syslog_server_enable', 'smon_check_interval',
 					'checker_check_interval', 'port_scan_interval', 'smon_keep_history_range', 'checker_keep_history_range',
-					'portscanner_keep_history_range', 'checker_maxconn_threshold', 'apache_stats_port'
+					'portscanner_keep_history_range', 'checker_maxconn_threshold', 'apache_stats_port', 'smon_ssl_expire_warning_alert',
+					'smon_ssl_expire_critical_alert'
 				):
 					return int(setting.value)
 				else:
@@ -3869,3 +3870,27 @@ def inset_or_update_service_status(
 		query.execute()
 	except Exception as e:
 		out_error(e)
+
+
+def update_smon_alert_status(service_ip: str, alert_value: int, alert: str) -> None:
+	if alert == 'ssl_expire_warning_alert':
+		SMON_update = SMON.update(ssl_expire_warning_alert=alert_value).where(SMON.ip == service_ip)
+	else:
+		SMON_update = SMON.update(ssl_expire_critical_alert=alert_value).where(SMON.ip == service_ip)
+	print(SMON_update)
+	try:
+		SMON_update.execute()
+	except Exception as e:
+		out_error(e)
+
+
+def get_smon_alert_status(service_ip: str, alert: str) -> int:
+	try:
+		if alert == 'ssl_expire_warning_alert':
+			alert_value = SMON.get(SMON.ip == service_ip).ssl_expire_warning_alert
+		else:
+			alert_value = SMON.get(SMON.ip == service_ip).ssl_expire_critical_alert
+	except Exception as e:
+		out_error(e)
+	else:
+		return alert_value

app/modules/roxywi/overview.py

@@ -269,3 +269,12 @@ def show_services_overview() -> None:
         socket_log_id=roxy_logs.roxy_wi_log(log_id=1, file="socket"), error=stderr
     )
     print(rendered_template)
+
+
+def keepalived_became_master(server_ip) -> None:
+    commands = ["sudo kill -USR2 $(cat /var/run/keepalived.pid) && sudo grep 'Became master' /tmp/keepalived.stats |awk '{print $3}'"]
+    became_master = server_mod.ssh_command(server_ip, commands)
+    env = Environment(loader=FileSystemLoader('templates'))
+    template = env.get_template('ajax/bin_bout.html')
+    template = template.render(bin_bout=became_master, serv=server_ip, service='keepalived')
+    print(template)

app/modules/service/backup.py

@@ -0,0 +1,79 @@
+import os
+
+from jinja2 import Environment, FileSystemLoader
+
+import modules.db.sql as sql
+import modules.server.ssh as ssh_mod
+import modules.server.server as server_mod
+import modules.roxywi.common as roxywi_common
+
+
+def backup(serv, rpath, time, backup_type, rserver, cred, deljob, update, description) -> None:
+    script = 'backup.sh'
+    ssh_settings = ssh_mod.return_ssh_keys_path('localhost', id=cred)
+
+    if deljob:
+        time = ''
+        rpath = ''
+        backup_type = ''
+    elif update:
+        deljob = ''
+    else:
+        deljob = ''
+        if sql.check_exists_backup(serv):
+            print(f'warning: Backup job for {serv} already exists')
+            sys.exit()
+
+    os.system(f"cp scripts/{script} .")
+
+    commands = [
+        f"chmod +x {script} && ./{script} HOST={rserver} SERVER={serv} TYPE={backup_type} SSH_PORT={ssh_settings['port']} "
+        f"TIME={time} RPATH={rpath} DELJOB={deljob} USER={ssh_settings['user']} KEY={ssh_settings['key']}"
+    ]
+
+    output, error = server_mod.subprocess_execute(commands[0])
+
+    for line in output:
+        if any(s in line for s in ("Traceback", "FAILED")):
+            try:
+                print(f'error: {line}')
+                break
+            except Exception:
+                print(f'error: {output}')
+                break
+    else:
+        if not deljob and not update:
+            if sql.insert_backup_job(serv, rserver, rpath, backup_type, time, cred, description):
+                env = Environment(loader=FileSystemLoader('templates/ajax'), autoescape=True)
+                template = env.get_template('new_backup.html')
+                template = template.render(
+                    backups=sql.select_backups(server=serv, rserver=rserver), sshs=sql.select_ssh()
+                )
+                print(template)
+                print('success: Backup job has been created')
+                roxywi_common.logging('backup ', f' a new backup job for server {serv} has been created', roxywi=1,
+                                      login=1)
+            else:
+                print('error: Cannot add the job into DB')
+        elif deljob:
+            sql.delete_backups(deljob)
+            print('Ok')
+            roxywi_common.logging('backup ', f' a backup job for server {serv} has been deleted', roxywi=1, login=1)
+        elif update:
+            sql.update_backup(serv, rserver, rpath, backup_type, time, cred, description, update)
+            print('Ok')
+            roxywi_common.logging('backup ', f' a backup job for server {serv} has been updated', roxywi=1, login=1)
+
+    os.remove(script)
+
+
+def create_s3_backup() -> None:
+    ...
+
+
+def delete_s3_backup() -> None:
+    ...
+
+
+def show_s3_backup():
+    ...

app/options.py

@@ -1316,6 +1316,12 @@ if form.getvalue('apachekBytes'):
     server_ip = common.is_ip_or_dns(form.getvalue('apachekBytes'))
     roxywi_overview.show_apache_bytes(server_ip)
 
+if form.getvalue('keepalivedBecameMaster'):
+    import modules.roxywi.overview as roxywi_overview
+
+    server_ip = common.is_ip_or_dns(form.getvalue('keepalivedBecameMaster'))
+    roxywi_overview.keepalived_became_master(server_ip)
+
 if form.getvalue('waf_rule_id'):
     import modules.roxywi.waf as roxy_waf
 

app/templates/ajax/bin_bout.html

@@ -93,3 +93,18 @@
     </div>
 </div>
 {% endif %}
+{% if service == 'keepalived' %}
+<div class="bin_bout" id="show_bin_bout">
+    <div class="server-name">
+        Became Master
+        <span class="update-icon" style="font-size: 13px; margin-top: 8px;">
+            <a onclick="keepalivedBecameMaster('{{ serv }}')" title="Refresh">
+                <span class="service-reload"></span>
+            </a>
+        </span>
+    </div>
+    <div class="bytes" id="bin">
+        {{bin_bout}}
+    </div>
+</div>
+{% endif %}

app/templates/hapservers.html

@@ -88,6 +88,8 @@
 						{% endif %}
 					{%- elif service == 'haproxy' %}
 						showBytes(server_ip)
+					{%- elif service == 'keepalived' %}
+						keepalivedBecameMaster(server_ip)
 					{% endif %}
 				}
 				showMetrics();

inc/overview.js

@@ -563,6 +563,28 @@ function showApachekBytes(serv) {
 		}
 	} );
 }
+function keepalivedBecameMaster(serv) {
+	$.ajax( {
+		url: "options.py",
+		data: {
+			keepalivedBecameMaster: serv,
+			token: $('#token').val()
+		},
+		type: "POST",
+		beforeSend: function() {
+			$("#bin_bout").html('<img class="loading_small_bin_bout" src="/inc/images/loading.gif" />');
+		},
+		success: function( data ) {
+			data = data.replace(/\s+/g,' ');
+			if (data.indexOf('error:') != '-1') {
+				toastr.error(data);
+			} else {
+				$("#bin_bout").html(data);
+				$.getScript("/inc/fontawesome.min.js")
+			}
+		}
+	} );
+}
 function showUsersOverview() {
 	$.ajax( {
 		url: "options.py",

inc/script.js

@@ -1312,6 +1312,9 @@ socket.onmessage = function(event) {
 			} else if (data[i].indexOf('warning: ') != '-1') {
 				toastr.warning(data[i]);
 				ion.sound.play("bell_ring");
+			} else if (data[i].indexOf('critical: ') != '-1') {
+				toastr.error(data[i]);
+				ion.sound.play("bell_ring");
 			}
 		}
 	}