github
/
haproxy-wi
mirror of https://github.com/Aidaho12/haproxy-wi
1
0
Fork 0
Code Issues Releases Wiki Activity

v5.4.0.0 

Changelog: https://haproxy-wi.org/changelog.py#5_4_0
pull/321/head
Pavel Loginov 2022-01-18 00:13:35 +03:00
parent e602e1c234
commit 5cefd704fb
10 changed files with 357 additions and 143 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
app/funct.py
View File

@ -784,10 +784,11 @@ def install_nginx(server_ip, **kwargs):
stats_port = str(sql.get_setting('nginx_stats_port'))
stats_page = sql.get_setting('nginx_stats_page')
config_path = sql.get_setting('nginx_config_path')
nginx_dir = sql.get_setting('nginx_dir')
server_for_installing = kwargs.get('server')
proxy = sql.get_setting('proxy')
docker = kwargs.get('docker')
container_name = sql.get_setting('haproxy_container_name')
container_name = sql.get_setting('nginx_container_name')
ssh_enable, ssh_user_name, ssh_user_password, ssh_key_name = return_ssh_keys_path(server_ip)
ssh_port = '22'
@ -809,7 +810,7 @@ def install_nginx(server_ip, **kwargs):
commands = ["chmod +x " + script + " && ./" + script + " PROXY=" + proxy_serv + " STATS_USER=" + stats_user +
" STATS_PASS='" + stats_password + "' SSH_PORT=" + ssh_port + " CONFIG_PATH=" + config_path + " CONT_NAME=" + container_name +
" STAT_PORT=" + stats_port + " STAT_PAGE=" + stats_page+" SYN_FLOOD=" + syn_flood_protect + " DOCKER=" + docker +
" STAT_PORT=" + stats_port + " STAT_PAGE=" + stats_page+" SYN_FLOOD=" + syn_flood_protect + " DOCKER=" + docker + " nginx_dir=" + nginx_dir +
" HOST=" + server_ip + " USER=" + ssh_user_name + " PASS='" + ssh_user_password + "' KEY=" + ssh_key_name]
output, error = subprocess_execute(commands[0])

10
app/hapservers.py
View File

@ -92,8 +92,14 @@ for s in servers:
servers_with_status.append(s[11])
if service == 'nginx':
h = (['', ''],)
cmd = [
"/usr/sbin/nginx -v 2>&1|awk '{print $3}' && systemctl status nginx |grep -e 'Active' |awk '{print $2, $9$10$11$12$13}' && ps ax |grep nginx:|grep -v grep |wc -l"]
for service_set in service_settings:
if service_set.server_id == s[0] and service_set.setting == 'dockerized' and service_set.value == '1':
cmd = [
"docker exec -it nginx /usr/sbin/nginx -v 2>&1|awk '{print $3}' && docker ps |grep nginx |awk '{print $7, $8$9}' && ps ax |grep nginx:|grep -v grep |wc -l"
]
else:
cmd = [
"/usr/sbin/nginx -v 2>&1|awk '{print $3}' && systemctl status nginx |grep -e 'Active' |awk '{print $2, $9$10$11$12$13}' && ps ax |grep nginx:|grep -v grep |wc -l"]
try:
out = funct.ssh_command(s[2], cmd)
h = ()

153
app/scripts/ansible/roles/nginx.yml
View File

@ -1,125 +1,20 @@
- hosts: "{{ variable_host }}"
---
- name: Install common role
hosts: "{{ variable_host }}"
become: yes
become_method: sudo
tasks:
- name: Set SSH port
set_fact:
ansible_port: "{{SSH_PORT}}"
- name: check if Nginx is installed
package_facts:
manager: "auto"
- name: populate service facts
service_facts:
- name: Creates directory
file:
path: /etc/nginx
state: directory
when: "'nginx' not in ansible_facts.packages"
- name: Creates directory
file:
path: /etc/nginx/conf.d
state: directory
when: "'nginx' not in ansible_facts.packages"
- name: Set passlib version
set_fact:
passlib_ver: "python3-passlib"
when: (ansible_facts['distribution_major_version'] == '8' and (ansible_facts['os_family'] == "RedHat" or ansible_facts['os_family'] == 'CentOS')) or (ansible_facts['os_family'] == 'Debian' or ansible_facts['os_family'] == 'Ubuntu')
ignore_errors: True
- name: Set passlib version
set_fact:
passlib_ver: "python-passlib"
when: ansible_facts['distribution_major_version'] == '7'
ignore_errors: True
- name: Install passlib
package:
name: "{{passlib_ver}}"
state: present
when: "'nginx' not in ansible_facts.packages"
gather_facts: yes
roles:
- role: nginx_common
environment:
http_proxy: "{{PROXY}}"
https_proxy: "{{PROXY}}"
- name: Copy Nginx configuration in place.
template:
src: /var/www/haproxy-wi/app/scripts/ansible/roles/default.conf.j2
dest: "{{CONFIG_PATH}}"
mode: 0644
force: no
when: "'nginx' not in ansible_facts.packages"
ignore_errors: yes
- name: Open stat port for firewalld
firewalld:
port: "{{ STAT_PORT }}/tcp"
state: enabled
permanent: yes
immediate: yes
ignore_errors: yes
no_log: True
debugger: never
when:
- '"firewalld" in ansible_facts.packages'
- ansible_facts['os_family'] == "RedHat" or ansible_facts['os_family'] == 'CentOS'
- ansible_facts.services["firewalld.service"]['state'] == "running"
- name: Open stat port for iptables
iptables:
chain: INPUT
destination_port: "{{ STAT_PORT }}"
jump: ACCEPT
protocol: tcp
ignore_errors: yes
- htpasswd:
path: /etc/nginx/status_page_passwdfile
name: "{{STATS_USER}}"
password: "{{STATS_PASS}}"
when: "'nginx' not in ansible_facts.packages"
- name: test to see if selinux is running
command: getenforce
register: sestatus
changed_when: false
when: ansible_facts['os_family'] == "RedHat" or ansible_facts['os_family'] == 'CentOS'
tags:
- system
- docker
- name: Disble SELINUX in config
template:
src: /var/www/haproxy-wi/app/scripts/ansible/roles/haproxy/templates/selinux.j2
dest: /etc/selinux/config
ignore_errors: yes
when:
- sestatus.stdout is defined
- '"Enforcing" in sestatus.stdout'
- name: Disble SELINUX in env
shell: setenforce 0
ignore_errors: yes
debugger: never
when:
- sestatus.stdout is defined
- '"Enforcing" in sestatus.stdout'
- name: Install Nginx as a Docker
- name: Install docker
hosts: "{{ variable_host }}"
become: yes
become_method: sudo
@ -129,29 +24,21 @@
environment:
http_proxy: "{{PROXY}}"
https_proxy: "{{PROXY}}"
tasks:
- name: Create Nginx
docker_container:
name: "{{ CONT_NAME }}"
image: "nginx"
recreate: yes
network_mode: host
volumes:
- "/etc/nginx/:/etc/nginx/:rw"
- "/tmp:/tmp:ro"
- "/var/log:/var/log:rw"
vars:
ansible_python_interpreter: /usr/bin/python3
- role: nginx_docker
environment:
http_proxy: "{{PROXY}}"
https_proxy: "{{PROXY}}"
tags:
- docker
- hosts: "{{ variable_host }}"
- name: Install system role
hosts: "{{ variable_host }}"
become: yes
become_method: sudo
tasks:
- name: Add syn_flood tasks
include: haproxy/tasks/syn_flood.yml
when: (SYN_FLOOD is defined) and (SYN_FLOOD|length > 0)
- name: Add syn_flood tasks
include: haproxy/tasks/syn_flood.yml
when: (SYN_FLOOD is defined) and (SYN_FLOOD|length > 0)
roles:
- role: nginxinc.nginx
environment:

117
app/scripts/ansible/roles/nginx_common/tasks/main.yml Normal file
View File

@ -0,0 +1,117 @@
---
- name: Set SSH port
set_fact:
ansible_port: "{{SSH_PORT}}"
- name: check if Nginx is installed
package_facts:
manager: "auto"
- name: populate service facts
service_facts:
- name: Creates directory
file:
path: /etc/nginx
state: directory
when: "'nginx' not in ansible_facts.packages"
- name: Creates directory
file:
path: /etc/nginx/conf.d
state: directory
when: "'nginx' not in ansible_facts.packages"
- name: Set passlib version
set_fact:
passlib_ver: "python3-passlib"
when: (ansible_facts['distribution_major_version'] == '8' and (ansible_facts['os_family'] == "RedHat" or ansible_facts['os_family'] == 'CentOS')) or (ansible_facts['os_family'] == 'Debian' or ansible_facts['os_family'] == 'Ubuntu')
ignore_errors: True
- name: Set passlib version
set_fact:
passlib_ver: "python-passlib"
when: ansible_facts['distribution_major_version'] == '7'
ignore_errors: True
- name: Install passlib
package:
name: "{{passlib_ver}}"
state: present
when: "'nginx' not in ansible_facts.packages"
environment:
http_proxy: "{{PROXY}}"
https_proxy: "{{PROXY}}"
- name: Copy Nginx configuration in place.
template:
src: /var/www/haproxy-wi/app/scripts/ansible/roles/default.conf.j2
dest: "{{CONFIG_PATH}}"
mode: 0644
force: no
when: "'nginx' not in ansible_facts.packages"
ignore_errors: yes
- name: Open stat port for firewalld
firewalld:
port: "{{ STAT_PORT }}/tcp"
state: enabled
permanent: yes
immediate: yes
ignore_errors: yes
no_log: True
debugger: never
when:
- '"firewalld" in ansible_facts.packages'
- ansible_facts['os_family'] == "RedHat" or ansible_facts['os_family'] == 'CentOS'
- ansible_facts.services["firewalld.service"]['state'] == "running"
- name: Open stat port for iptables
iptables:
chain: INPUT
destination_port: "{{ STAT_PORT }}"
jump: ACCEPT
protocol: tcp
ignore_errors: yes
- htpasswd:
path: /etc/nginx/status_page_passwdfile
name: "{{STATS_USER}}"
password: "{{STATS_PASS}}"
when: "'nginx' not in ansible_facts.packages"
- name: test to see if selinux is running
command: getenforce
register: sestatus
changed_when: false
when: ansible_facts['os_family'] == "RedHat" or ansible_facts['os_family'] == 'CentOS'
- name: Disble SELINUX in config
template:
src: /var/www/haproxy-wi/app/scripts/ansible/roles/haproxy/templates/selinux.j2
dest: /etc/selinux/config
ignore_errors: yes
when:
- sestatus.stdout is defined
- '"Enforcing" in sestatus.stdout'
- name: Disble SELINUX in env
shell: setenforce 0
ignore_errors: yes
debugger: never
when:
- sestatus.stdout is defined
- '"Enforcing" in sestatus.stdout'

2
app/scripts/ansible/roles/default.conf.j2 → app/scripts/ansible/roles/nginx_common/templates/default.conf.j2
View File

@ -1,7 +1,7 @@
server {
listen {{STAT_PORT}} ;
server_name localhost;
location /{{STAT_PAGE}} {
stub_status;
auth_basic "Resticted Area";

75
app/scripts/ansible/roles/nginx_docker/tasks/main.yml Normal file
View File

@ -0,0 +1,75 @@
---
- name: Ensuring config directories exist
file:
path: "{{ nginx_dir }}"
state: "directory"
owner: "{{ansible_user}}"
group: "{{ansible_user}}"
mode: "0770"
become: true
ignore_errors: yes
- name: Ensuring conf.d directories exist
file:
path: "{{ nginx_dir }}/conf.d"
state: "directory"
owner: "{{ansible_user}}"
group: "{{ansible_user}}"
mode: "0770"
become: true
ignore_errors: yes
- name: Ensuring sites-enabled directories exist
file:
path: "{{ nginx_dir }}/sites-enabled"
state: "directory"
owner: "{{ansible_user}}"
group: "{{ansible_user}}"
mode: "0770"
become: true
ignore_errors: yes
- name: Ensuring log directories exist
file:
path: "/var/log/nginx/"
state: "directory"
owner: "{{ansible_user}}"
group: "{{ansible_user}}"
mode: "0770"
become: true
ignore_errors: yes
- name: Copying over nginx.conf
template:
src: nginx.conf.j2
dest: "{{ nginx_dir }}/nginx.conf"
mode: "0666"
owner: "{{ansible_user}}"
group: "{{ansible_user}}"
force: no
become: true
ignore_errors: yes
- name: Copying over mime.types
template:
src: mime.types.j2
dest: "{{ nginx_dir }}/mime.types"
mode: "0666"
owner: "{{ansible_user}}"
group: "{{ansible_user}}"
force: no
become: true
ignore_errors: yes
- name: Create Nginx
docker_container:
name: "{{ CONT_NAME }}"
image: "nginx"
recreate: yes
network_mode: host
volumes:
- "/etc/nginx/:/etc/nginx/:rw"
- "/tmp:/tmp:ro"
- "/var/log:/var/log:rw"
vars:
ansible_python_interpreter: /usr/bin/python3

96
app/scripts/ansible/roles/nginx_docker/templates/mime.types.j2 Normal file
View File

@ -0,0 +1,96 @@
types {
text/html html htm shtml;
text/css css;
text/xml xml;
image/gif gif;
image/jpeg jpeg jpg;
application/javascript js;
application/atom+xml atom;
application/rss+xml rss;
text/mathml mml;
text/plain txt;
text/vnd.sun.j2me.app-descriptor jad;
text/vnd.wap.wml wml;
text/x-component htc;
image/png png;
image/svg+xml svg svgz;
image/tiff tif tiff;
image/vnd.wap.wbmp wbmp;
image/webp webp;
image/x-icon ico;
image/x-jng jng;
image/x-ms-bmp bmp;
font/woff woff;
font/woff2 woff2;
application/java-archive jar war ear;
application/json json;
application/mac-binhex40 hqx;
application/msword doc;
application/pdf pdf;
application/postscript ps eps ai;
application/rtf rtf;
application/vnd.apple.mpegurl m3u8;
application/vnd.google-earth.kml+xml kml;
application/vnd.google-earth.kmz kmz;
application/vnd.ms-excel xls;
application/vnd.ms-fontobject eot;
application/vnd.ms-powerpoint ppt;
application/vnd.oasis.opendocument.graphics odg;
application/vnd.oasis.opendocument.presentation odp;
application/vnd.oasis.opendocument.spreadsheet ods;
application/vnd.oasis.opendocument.text odt;
application/vnd.openxmlformats-officedocument.presentationml.presentation
pptx;
application/vnd.openxmlformats-officedocument.spreadsheetml.sheet
xlsx;
application/vnd.openxmlformats-officedocument.wordprocessingml.document
docx;
application/vnd.wap.wmlc wmlc;
application/x-7z-compressed 7z;
application/x-cocoa cco;
application/x-java-archive-diff jardiff;
application/x-java-jnlp-file jnlp;
application/x-makeself run;
application/x-perl pl pm;
application/x-pilot prc pdb;
application/x-rar-compressed rar;
application/x-redhat-package-manager rpm;
application/x-sea sea;
application/x-shockwave-flash swf;
application/x-stuffit sit;
application/x-tcl tcl tk;
application/x-x509-ca-cert der pem crt;
application/x-xpinstall xpi;
application/xhtml+xml xhtml;
application/xspf+xml xspf;
application/zip zip;
application/octet-stream bin exe dll;
application/octet-stream deb;
application/octet-stream dmg;
application/octet-stream iso img;
application/octet-stream msi msp msm;
audio/midi mid midi kar;
audio/mpeg mp3;
audio/ogg ogg;
audio/x-m4a m4a;
audio/x-realaudio ra;
video/3gpp 3gpp 3gp;
video/mp2t ts;
video/mp4 mp4;
video/mpeg mpeg mpg;
video/quicktime mov;
video/webm webm;
video/x-flv flv;
video/x-m4v m4v;
video/x-mng mng;
video/x-ms-asf asx asf;
video/x-ms-wmv wmv;
video/x-msvideo avi;
}

31
app/scripts/ansible/roles/nginx_docker/templates/nginx.conf.j2 Normal file
View File

@ -0,0 +1,31 @@
user nginx;
worker_processes 1;
error_log /var/log/nginx/error.log warn;
pid /var/run/nginx.pid;
events {
worker_connections 1021;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
#tcp_nopush on;
keepalive_timeout 65;
#gzip on;
include /etc/nginx/conf.d/*.conf;
}

7
app/scripts/install_nginx.sh
View File

@ -19,6 +19,7 @@ do
CONFIG_PATH) CONFIG_PATH=${VALUE} ;;
DOCKER) DOCKER=${VALUE} ;;
CONT_NAME) CONT_NAME=${VALUE} ;;
nginx_dir) nginx_dir=${VALUE} ;;
*)
esac
done
@ -48,9 +49,9 @@ PWD=$PWD/scripts/ansible/
echo "$HOST ansible_port=$SSH_PORT" > $PWD/$HOST
if [[ $KEY == "" ]]; then
ansible-playbook $PWD/roles/nginx.yml -e "ansible_user=$USER ansible_ssh_pass='$PASS' variable_host=$HOST PROXY=$PROXY CONT_NAME=$CONT_NAME SYN_FLOOD=$SYN_FLOOD STAT_PAGE=$STAT_PAGE STAT_PORT=$STAT_PORT STATS_USER=$STATS_USER STATS_PASS=$STATS_PASS CONFIG_PATH=$CONFIG_PATH SSH_PORT=$SSH_PORT" -i $PWD/$HOST -t $tags
else
ansible-playbook $PWD/roles/nginx.yml --key-file $KEY -e "ansible_user=$USER variable_host=$HOST PROXY=$PROXY CONT_NAME=$CONT_NAME SYN_FLOOD=$SYN_FLOOD STAT_PAGE=$STAT_PAGE STAT_PORT=$STAT_PORT STATS_USER=$STATS_USER STATS_PASS=$STATS_PASS CONFIG_PATH=$CONFIG_PATH SSH_PORT=$SSH_PORT" -i $PWD/$HOST -t $tags
ansible-playbook $PWD/roles/nginx.yml -e "ansible_user=$USER ansible_ssh_pass='$PASS' variable_host=$HOST PROXY=$PROXY CONT_NAME=$CONT_NAME nginx_dir=$nginx_dir SYN_FLOOD=$SYN_FLOOD STAT_PAGE=$STAT_PAGE STAT_PORT=$STAT_PORT STATS_USER=$STATS_USER STATS_PASS=$STATS_PASS CONFIG_PATH=$CONFIG_PATH SSH_PORT=$SSH_PORT" -i $PWD/$HOST -t $tags
else
ansible-playbook $PWD/roles/nginx.yml --key-file $KEY -e "ansible_user=$USER variable_host=$HOST PROXY=$PROXY CONT_NAME=$CONT_NAME nginx_dir=$nginx_dir SYN_FLOOD=$SYN_FLOOD STAT_PAGE=$STAT_PAGE STAT_PORT=$STAT_PORT STATS_USER=$STATS_USER STATS_PASS=$STATS_PASS CONFIG_PATH=$CONFIG_PATH SSH_PORT=$SSH_PORT" -i $PWD/$HOST -t $tags
fi
if [ $? -gt 0 ]

4
app/templates/hapservers.html
View File

@ -95,7 +95,7 @@
{% set is_checker_enabled = s.8.0.19 %}
{% set is_metrics_enabled = s.8.0.21 %}
{% set action_service = 'nginx' %}
{% if s.5.0.1 == 'active' %}
{% if s.5.0.1 == 'active' or s.5.0.1 == 'Up' %}
{% set additional_status_class = 'div-server-head-up' %}
{% else %}
{% set additional_status_class = 'div-server-head-down' %}
@ -179,7 +179,7 @@
{% if service == 'nginx' or service == 'keepalived' %}
Version: {{s.5.0.0}} Process_num: {{s.5.0.3}}
<br />
{% if s.5.0.1 == 'active' %}
{% if s.5.0.1 == 'active' or s.5.0.1 == 'Up' %}
Started:
{% else %}
Stopped: