github
/
haproxy-wi
mirror of https://github.com/Aidaho12/haproxy-wi
1
0
Fork 0
Code Issues Releases Wiki Activity

v3.5.3 

Attack to privilege escalation, saved servers, bug fix
pull/161/head
Pavel Loginov 2019-10-09 09:35:35 +03:00
parent 949e485afb
commit 6933f41644
15 changed files with 453 additions and 142 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
README.md
View File

@ -59,7 +59,7 @@ Support the project
## RPM ## RPM
Install repository: Install repository:
``` ```
yum install https://repo.haproxy-wi.org/el7/haproxy-wi-release-7-1-0.noarch.rpm yum install https://repo.haproxy-wi.org/haproxy-wi-release-7-1-0.noarch.rpm
``` ```
After install HAProxy-WI: After install HAProxy-WI:
``` ```
@ -182,13 +182,6 @@ For Runtime API, Metrics and Alerting enable state file and stat socket on HApro
``` ```
![alt text](image/haproxy-wi-logs.png "View logs page") ![alt text](image/haproxy-wi-logs.png "View logs page")
# Update
```
# cd /var/www/haproxy-wi
# ./update.sh
```
After update old config saved at /tmp/ folder. Compare new and old config, if in new no changes overwrite the new configuration with the old one, or edit new with your ENV.
# Update DB # Update DB
``` ```

2
app/add.py
View File

@ -25,7 +25,6 @@ try:
servers = sql.get_dick_permit() servers = sql.get_dick_permit()
user_group = sql.get_user_group_by_uuid(user_id.value) user_group = sql.get_user_group_by_uuid(user_id.value)
token = sql.get_token(user_id.value) token = sql.get_token(user_id.value)
except: except:
pass pass
@ -39,6 +38,7 @@ template = template.render(title = "Add",
group = user_group, group = user_group,
versions = funct.versions(), versions = funct.versions(),
options = sql.select_options(), options = sql.select_options(),
saved_servers = sql.select_saved_servers(),
token = token) token = token)
print(template) print(template)

24
app/create_db.py
View File

@ -123,6 +123,7 @@ def create_table(**kwargs):
CREATE TABLE IF NOT EXISTS `settings` (`param` varchar(64) UNIQUE, value varchar(64), section varchar(64), `desc` varchar(100)); CREATE TABLE IF NOT EXISTS `settings` (`param` varchar(64) UNIQUE, value varchar(64), section varchar(64), `desc` varchar(100));
CREATE TABLE IF NOT EXISTS `version` (`version` varchar(64)); CREATE TABLE IF NOT EXISTS `version` (`version` varchar(64));
CREATE TABLE IF NOT EXISTS `options` ( `id` INTEGER NOT NULL, `options` VARCHAR ( 64 ), `groups` VARCHAR ( 120 ), PRIMARY KEY(`id`)); CREATE TABLE IF NOT EXISTS `options` ( `id` INTEGER NOT NULL, `options` VARCHAR ( 64 ), `groups` VARCHAR ( 120 ), PRIMARY KEY(`id`));
CREATE TABLE IF NOT EXISTS `saved_servers` ( `id` INTEGER NOT NULL, `server` VARCHAR ( 64 ), `description` VARCHAR ( 120 ), `groups` VARCHAR ( 120 ), PRIMARY KEY(`id`));
""" """
try: try:
cur.executescript(sql) cur.executescript(sql)
@ -360,7 +361,7 @@ def update_db_v_3_4_5_2(**kwargs):
if e.args[0] == 'duplicate column name: version' or e == "1060 (42S21): Duplicate column name 'version' ": if e.args[0] == 'duplicate column name: version' or e == "1060 (42S21): Duplicate column name 'version' ":
print('Updating... go to version 3.4.7') print('Updating... go to version 3.4.7')
else: else:
print("DB was update to 3.4.5.2") print("DB was update to 3.4.5.3")
return False return False
else: else:
return True return True
@ -418,6 +419,25 @@ def update_db_v_3_4_9_5(**kwargs):
con.close() con.close()
def update_db_v_3_5_3(**kwargs):
con, cur = get_cur()
sql = """CREATE TABLE IF NOT EXISTS `saved_servers` ( `id` INTEGER NOT NULL, `server` VARCHAR ( 64 ), `description` VARCHAR ( 120 ), `groups` VARCHAR ( 120 ), PRIMARY KEY(`id`)); """
try:
cur.execute(sql)
con.commit()
except sqltool.Error as e:
if kwargs.get('silent') != 1:
if e.args[0] == 'duplicate column name: id' or e == "1060 (42S21): Duplicate column name 'id' ":
print('DB was update to 3.5.3')
else:
print("DB was update to 3.5.3")
return False
else:
return True
cur.close()
con.close()
def update_ver(**kwargs): def update_ver(**kwargs):
con, cur = get_cur() con, cur = get_cur()
sql = """update version set version = '3.5.2'; """ sql = """update version set version = '3.5.2'; """
@ -472,6 +492,7 @@ def update_all():
update_db_v_3_4_5_22() update_db_v_3_4_5_22()
update_db_v_3_4_7() update_db_v_3_4_7()
update_db_v_3_4_9_5() update_db_v_3_4_9_5()
update_db_v_3_5_3()
update_to_hash() update_to_hash()
update_ver() update_ver()
@ -491,6 +512,7 @@ def update_all_silent():
update_db_v_3_4_5_22() update_db_v_3_4_5_22()
update_db_v_3_4_7(silent=1) update_db_v_3_4_7(silent=1)
update_db_v_3_4_9_5(silent=1) update_db_v_3_4_9_5(silent=1)
update_db_v_3_5_3(silent=1)
update_to_hash() update_to_hash()
update_ver() update_ver()

1
app/haproxy-wi.db.sql
View File

@ -17,3 +17,4 @@ CREATE TABLE IF NOT EXISTS `metrics` (`serv` varchar(64), curr_con INTEGER, cur_
CREATE TABLE IF NOT EXISTS `settings` (`param` varchar(64) UNIQUE, value varchar(64), section varchar(64), `desc` varchar(100)); CREATE TABLE IF NOT EXISTS `settings` (`param` varchar(64) UNIQUE, value varchar(64), section varchar(64), `desc` varchar(100));
CREATE TABLE IF NOT EXISTS `version` (`version` varchar(64), `hash` INTEGER NOT NULL DEFAULT 1,); CREATE TABLE IF NOT EXISTS `version` (`version` varchar(64), `hash` INTEGER NOT NULL DEFAULT 1,);
CREATE TABLE IF NOT EXISTS `options` ( `id` INTEGER NOT NULL, `options` VARCHAR ( 64 ), `groups` VARCHAR ( 120 ), PRIMARY KEY(`id`)); CREATE TABLE IF NOT EXISTS `options` ( `id` INTEGER NOT NULL, `options` VARCHAR ( 64 ), `groups` VARCHAR ( 120 ), PRIMARY KEY(`id`));
CREATE TABLE IF NOT EXISTS `saved_servers` ( `id` INTEGER NOT NULL, `server` VARCHAR ( 64 ), `description` VARCHAR ( 120 ), `groups` VARCHAR ( 120 ), PRIMARY KEY(`id`));

147
app/sql.py
View File

@ -425,6 +425,21 @@ def get_user_role_by_uuid(uuid):
cur.close() cur.close()
con.close() con.close()
def get_role_id_by_name(name):
con, cur = create_db.get_cur()
sql = """ select id from role where name = '%s' """ % name
try:
cur.execute(sql)
except sqltool.Error as e:
out_error(e)
else:
for user_id in cur.fetchall():
return user_id[0]
cur.close()
con.close()
def get_user_group_by_uuid(uuid): def get_user_group_by_uuid(uuid):
con, cur = create_db.get_cur() con, cur = create_db.get_cur()
sql = """ select user.groups from user left join uuid as uuid on user.id = uuid.user_id where uuid.uuid = '%s' """ % uuid sql = """ select user.groups from user left join uuid as uuid on user.id = uuid.user_id where uuid.uuid = '%s' """ % uuid
@ -681,7 +696,6 @@ def select_options(**kwargs):
sql = """select * from options where options = '%s' """ % kwargs.get('option') sql = """select * from options where options = '%s' """ % kwargs.get('option')
if kwargs.get('group'): if kwargs.get('group'):
sql = """select options from options where groups = '{}' and options like '{}%' """.format(kwargs.get('group'), kwargs.get('term')) sql = """select options from options where groups = '{}' and options like '{}%' """.format(kwargs.get('group'), kwargs.get('term'))
#print(sql)
try: try:
cur.execute(sql) cur.execute(sql)
except sqltool.Error as e: except sqltool.Error as e:
@ -720,6 +734,66 @@ def delete_option(id):
con.close() con.close()
def insert_new_savedserver(server, description, group):
con, cur = create_db.get_cur()
sql = """insert into saved_servers(`server`, `description`, `groups`) values ('%s', '%s', '%s') """ % (server, description, group)
try:
cur.execute(sql)
con.commit()
except sqltool.Error as e:
out_error(e)
con.rollback()
else:
return True
cur.close()
con.close()
def select_saved_servers(**kwargs):
con, cur = create_db.get_cur()
sql = """select * from saved_servers """
if kwargs.get('server'):
sql = """select * from saved_servers where server = '%s' """ % kwargs.get('server')
if kwargs.get('group'):
sql = """select server,description from saved_servers where groups = '{}' and server like '{}%' """.format(kwargs.get('group'), kwargs.get('term'))
try:
cur.execute(sql)
except sqltool.Error as e:
out_error(e)
else:
return cur.fetchall()
cur.close()
con.close()
def update_savedserver(server, description, id):
con, cur = create_db.get_cur()
sql = """ update saved_servers set
server = '%s',
description = '%s'
where id = '%s' """ % (server, description, id)
try:
cur.execute(sql)
con.commit()
except sqltool.Error as e:
out_error(e)
con.rollback()
cur.close()
con.close()
def delete_savedserver(id):
con, cur = create_db.get_cur()
sql = """ delete from saved_servers where id = %s """ % (id)
try:
cur.execute(sql)
con.commit()
except sqltool.Error as e:
out_error(e)
con.rollback()
else:
return True
cur.close()
con.close()
def insert_mentrics(serv, curr_con, cur_ssl_con, sess_rate, max_sess_rate): def insert_mentrics(serv, curr_con, cur_ssl_con, sess_rate, max_sess_rate):
con, cur = create_db.get_cur() con, cur = create_db.get_cur()
if mysql_enable == '1': if mysql_enable == '1':
@ -1203,6 +1277,17 @@ def show_update_option(option):
template = template.render(options=select_options(option=option)) template = template.render(options=select_options(option=option))
print(template) print(template)
def show_update_savedserver(server):
from jinja2 import Environment, FileSystemLoader
env = Environment(loader=FileSystemLoader('templates/ajax'))
template = env.get_template('/new_saved_servers.html')
print('Content-type: text/html\n')
template = template.render(server=select_saved_servers(server=server))
print(template)
def show_update_telegram(token, page): def show_update_telegram(token, page):
from jinja2 import Environment, FileSystemLoader from jinja2 import Environment, FileSystemLoader
env = Environment(loader=FileSystemLoader('templates/ajax')) env = Environment(loader=FileSystemLoader('templates/ajax'))
@ -1293,6 +1378,7 @@ def check_token():
if form.getvalue('token') is None: if form.getvalue('token') is None:
print('Content-type: text/html\n') print('Content-type: text/html\n')
print("What the fuck?! U r hacker Oo?!") print("What the fuck?! U r hacker Oo?!")
import sys
sys.exit() sys.exit()
@ -1304,13 +1390,16 @@ if form.getvalue('newuser') is not None:
new_user = form.getvalue('newusername') new_user = form.getvalue('newusername')
page = form.getvalue('page') page = form.getvalue('page')
activeuser = form.getvalue('activeuser') activeuser = form.getvalue('activeuser')
print('Content-type: text/html\n')
check_token() check_token()
if password is None or role is None or group is None: if password is None or role is None or group is None:
print(error_mess) print(error_mess)
else: else:
role_id = get_role_id_by_name(role)
if funct.is_admin(level=role_id):
if add_user(new_user, email, password, role, group, activeuser): if add_user(new_user, email, password, role, group, activeuser):
show_update_user(new_user, page) show_update_user(new_user, page)
else:
funct.logging(new_user, ' tried to do privilege escalation', haproxywi=1, login=1)
if form.getvalue('updateuser') is not None: if form.getvalue('updateuser') is not None:
email = form.getvalue('email') email = form.getvalue('email')
@ -1324,7 +1413,11 @@ if form.getvalue('updateuser') is not None:
if new_user is None or role is None or group is None: if new_user is None or role is None or group is None:
print(error_mess) print(error_mess)
else: else:
role_id = get_role_id_by_name(role)
if funct.is_admin(level=role_id):
update_user(new_user, email, role, group, id, activeuser) update_user(new_user, email, role, group, id, activeuser)
else:
funct.logging(new_user, ' tried to do privilege escalation', haproxywi=1, login=1)
if form.getvalue('updatepassowrd') is not None: if form.getvalue('updatepassowrd') is not None:
@ -1550,6 +1643,56 @@ if form.getvalue('optiondel') is not None:
if delete_option(form.getvalue('optiondel')): if delete_option(form.getvalue('optiondel')):
print("Ok") print("Ok")
if form.getvalue('getsavedserver'):
group = form.getvalue('getsavedserver')
term = form.getvalue('term')
print('Content-type: application/json\n')
check_token()
servers = select_saved_servers(group=group,term=term)
a = {}
v = 0
for i in servers:
a[v] = {}
a[v]['value'] = {}
a[v]['desc'] = {}
a[v]['value'] = i[0]
a[v]['desc'] = i[1]
v = v + 1
import json
print(json.dumps(a))
if form.getvalue('newsavedserver'):
savedserver = form.getvalue('newsavedserver')
description = form.getvalue('newsavedserverdesc')
group = form.getvalue('newsavedservergroup')
print('Content-type: text/html\n')
check_token()
if savedserver is None or group is None:
print(error_mess)
else:
if insert_new_savedserver(savedserver, description, group):
show_update_savedserver(savedserver)
if form.getvalue('updatesavedserver') is not None:
savedserver = form.getvalue('updatesavedserver')
description = form.getvalue('description')
id = form.getvalue('id')
print('Content-type: text/html\n')
check_token()
if savedserver is None or id is None:
print(error_mess)
else:
update_savedserver(savedserver, description, id)
if form.getvalue('savedserverdel') is not None:
print('Content-type: text/html\n')
check_token()
if delete_savedserver(form.getvalue('savedserverdel')):
print("Ok")
if form.getvalue('updatetoken') is not None: if form.getvalue('updatetoken') is not None:
token = form.getvalue('updatetoken') token = form.getvalue('updatetoken')
chanel = form.getvalue('updategchanel') chanel = form.getvalue('updategchanel')

58
app/templates/add.html
View File

@ -3,7 +3,10 @@
<style> <style>
.container { .container {
margin-right: 0; margin-right: 0;
} }
h3 {
width: 98.8%
}
</style> </style>
<script src="/inc/add.js"></script> <script src="/inc/add.js"></script>
<div id="tabs"> <div id="tabs">
@ -14,6 +17,7 @@
<li><a href="#backend">Backend</a></li> <li><a href="#backend">Backend</a></li>
<li><a href="#ssl">SSL certificates</a></li> <li><a href="#ssl">SSL certificates</a></li>
<li><a href="#option">Options</a></li> <li><a href="#option">Options</a></li>
<li><a href="#add-servers">Servers</a></li>
{% if user %} {% if user %}
<a href=/app/login.py?logout=logout title="Logout, user name: {{ user }}" class="login"> Logout</a> <a href=/app/login.py?logout=logout title="Logout, user name: {{ user }}" class="login"> Logout</a>
{% else %} {% else %}
@ -809,7 +813,6 @@
Enter option for save: Enter option for save:
</td> </td>
<td> <td>
<input type="hidden" id="newoptiongroup" name="newoptiongroup" value="{{ group }}">
<input type="text" name="new-option" id="new-option" class="form-control" size="100"> <input type="text" name="new-option" id="new-option" class="form-control" size="100">
</td> </td>
<td> <td>
@ -817,12 +820,61 @@
</td> </td>
</tr> </tr>
</table> </table>
<div id="ajax-option"> <div id="ajax-option"></div>
<div class="add-note addName alert-info" style="width: inherit; margin-right: 15px;"> <div class="add-note addName alert-info" style="width: inherit; margin-right: 15px;">
In this section you can create, edit and delete options with given parameters. And after use them as autocomplete in the "Add" sections In this section you can create, edit and delete options with given parameters. And after use them as autocomplete in the "Add" sections
</div> </div>
</div> </div>
<div id="add-servers">
<table class="overview" id="servers_table">
<tr class="overviewHead">
<td class="padding10 first-collumn">Server</td>
<td class="padding10 first-collumn">Description</td>
<td></td>
</tr>
{% for s in saved_servers %}
<tr id="servers-saved-{{ s.0 }}" class="{{ loop.cycle('odd', 'even') }}">
{% if s.3 == group or group == '1' %}
<td class="padding10 first-collumn">
<input type="text" id="servers-ip-{{ s.0 }}" value="{{ s.1 }}" size="15" class="form-control">
</td>
<td class="padding10 first-collumn" style="width: 100%;">
<input type="text" id="servers-desc-{{ s.0 }}" value="{{ s.2 }}" size="60" class="form-control">
</td>
<td>
<a class="delete" onclick="confirmDeleteSavedServer({{ s.0 }})" title="Delete server {{s.1}}" style="cursor: pointer;"></a>
</td>
{% endif %}
</tr>
{% endfor %}
</table>
<br /><span class="add-button" title="Add server" id="add-saved-server-button">+ Add</span>
<br /><br />
<table class="overview" id="saved-server-add-table" style="display: none;">
<tr class="overviewHead">
<td class="padding10 first-collumn">Server</td>
<td>Description</td>
<td></td>
</tr>
<tr>
<td class="padding10 first-collumn">
<input type="text" name="new-saved-servers" id="new-saved-servers" class="form-control" size="15">
</td>
<td style="width: 100%;">
<input type="text" name="new-saved-servers-description" id="new-saved-servers-description" class="form-control" size="60">
</td>
<td>
<a class="add-admin" id="add-saved-server-new" title="Add new server" style="cursor: pointer;"></a>
</td>
</tr>
</table>
<div id="ajax-servers"></div>
<div class="add-note addName alert-info" style="width: inherit; margin-right: 15px;">
In this section you can create, edit and delete servers. And after use them as autocomplete in the "Add" sections
</div>
</div>
<div id="dialog-confirm-delete" title="Are you sure you want to delete?" style="display: none;"> <div id="dialog-confirm-delete" title="Are you sure you want to delete?" style="display: none;">
<p><span class="ui-icon ui-icon-alert" style="float:left; margin:3px 12px 20px 0;"></span>Deleting all data will be lost?</p> <p><span class="ui-icon ui-icon-alert" style="float:left; margin:3px 12px 20px 0;"></span>Deleting all data will be lost?</p>
</div> </div>

13
app/templates/ajax/new_saved_servers.html Normal file
View File

@ -0,0 +1,13 @@
{% for s in server %}
<tr style="width: 50%;" id="servers-saved-{{s.0}}" class="newsavedserver update">
<td class="padding10 first-collumn">
<input type="text" id="servers-ip-{{s.0}}" class="form-control" value="{{s.1}}">
</td>
<td class="first-collumn" style="width: 50%;">
<input type="text" id="servers-desc-{{s.0}}" class="form-control" value="{{s.2}}">
</td>
<td>
<a class="delete" onclick="confirmDeleteSavedServer({{s.0}})" style="cursor: pointer;"></a>
</td>
</tr>
{% endfor %}

8
app/templates/ajax/new_user.html
View File

@ -61,6 +61,14 @@
$("#usergroup-{{user.0}}" ).selectmenu({ $("#usergroup-{{user.0}}" ).selectmenu({
width: 100 width: 100
}); });
$( ".newuser" ).addClass( "update", 1000 );
$( "input[type=submit], button" ).button();
$( "input[type=checkbox]" ).checkboxradio();
$( "select" ).selectmenu();
$.getScript(awesome);
setTimeout(function() {
$( ".newuser" ).removeClass( "update" );
}, 2500 );
}); });
</script> </script>
{% endfor %} {% endfor %}

1
app/templates/base.html
View File

@ -53,6 +53,7 @@
<li><a href=/app/versions.py title="Actions with configs versions" class="version head-submenu">Versions</a></li> <li><a href=/app/versions.py title="Actions with configs versions" class="version head-submenu">Versions</a></li>
<li><a href=/app/add.py#ssl title="Upload SSL cert" class="cert head-submenu" id="add4">SSL</a></li> <li><a href=/app/add.py#ssl title="Upload SSL cert" class="cert head-submenu" id="add4">SSL</a></li>
<li><a href=/app/add.py#option title="Save custom options" class="option head-submenu" id="add5">Options</a></li> <li><a href=/app/add.py#option title="Save custom options" class="option head-submenu" id="add5">Options</a></li>
<li><a href=/app/add.py#add-servers title="Save servers" class="runtime head-submenu" id="add6">Servers</a></li>
<li><a href=/app/lists.py title="Manage black and white lists" class="lists head-submenu">Lists</a> </li> <li><a href=/app/lists.py title="Manage black and white lists" class="lists head-submenu">Lists</a> </li>
<li><a href=/app/waf.py title="Web application firewall" class="waf head-submenu">WAF</a> </li> <li><a href=/app/waf.py title="Web application firewall" class="waf head-submenu">WAF</a> </li>
<li><a href=/app/ihap.py title="Installation HAProxy" class="hap head-submenu">Installation</a> </li> <li><a href=/app/ihap.py title="Installation HAProxy" class="hap head-submenu">Installation</a> </li>

2
app/templates/servers.html
View File

@ -11,7 +11,7 @@
</div> </div>
<input type="hidden" id="new-group" name="new-group" value="{{ group }}"> <input type="hidden" id="new-group" name="new-group" value="{{ group }}">
<input type="hidden" id="new-server-group-add" name="new-server-group-add" value="{{ group }}" > <input type="hidden" id="new-server-group-add" name="new-server-group-add" value="{{ group }}" >
<input type="hidden" id="new-ssh-group-add" name="new-ssh-group-add" value="{{ ssh_group }}" > <input type="hidden" id="new-ssh-group-add" name="new-ssh-group-add" value="{{ group }}" >
<div id="tabs"> <div id="tabs">
<ul> <ul>
<li><a href="#users">Users</a></li> <li><a href="#users">Users</a></li>

194
inc/add.js
View File

@ -341,7 +341,6 @@ $( function() {
$( "#option_table input" ).change(function() { $( "#option_table input" ).change(function() {
var id = $(this).attr('id').split('-'); var id = $(this).attr('id').split('-');
updateOptions(id[2]) updateOptions(id[2])
console.log(id)
}); });
$( "#options" ).autocomplete({ $( "#options" ).autocomplete({
source: availableTags, source: availableTags,
@ -354,7 +353,7 @@ $( function() {
}); });
$( "#saved-options" ).autocomplete({ $( "#saved-options" ).autocomplete({
dataType: "json", dataType: "json",
source: "sql.py?getoption="+$('#newoptiongroup').val()+'&token='+$('#token').val(), source: "sql.py?getoption="+$('#group').val()+'&token='+$('#token').val(),
autoFocus: true, autoFocus: true,
minLength: 1, minLength: 1,
select: function( event, ui ) { select: function( event, ui ) {
@ -373,7 +372,7 @@ $( function() {
}); });
$( "#saved-options1" ).autocomplete({ $( "#saved-options1" ).autocomplete({
dataType: "json", dataType: "json",
source: "sql.py?getoption="+$('#newoptiongroup').val()+'&token='+$('#token').val(), source: "sql.py?getoption="+$('#group').val()+'&token='+$('#token').val(),
autoFocus: true, autoFocus: true,
minLength: 1, minLength: 1,
select: function( event, ui ) { select: function( event, ui ) {
@ -392,7 +391,7 @@ $( function() {
}); });
$( "#saved-options2" ).autocomplete({ $( "#saved-options2" ).autocomplete({
dataType: "json", dataType: "json",
source: "sql.py?getoption="+$('#newoptiongroup').val()+'&token='+$('#token').val(), source: "sql.py?getoption="+$('#group').val()+'&token='+$('#token').val(),
autoFocus: true, autoFocus: true,
minLength: 1, minLength: 1,
select: function( event, ui ) { select: function( event, ui ) {
@ -414,7 +413,7 @@ $( function() {
url: "sql.py", url: "sql.py",
data: { data: {
newtoption: $('#new-option').val(), newtoption: $('#new-option').val(),
newoptiongroup: $('#newoptiongroup').val(), newoptiongroup: $('#group').val(),
token: $('#token').val() token: $('#token').val()
}, },
type: "GET", type: "GET",
@ -435,7 +434,64 @@ $( function() {
} }
} ); } );
}); });
$( "#servers_table input" ).change(function() {
var id = $(this).attr('id').split('-');
updateSavedServer(id[2])
});
$( '[name=servers]' ).autocomplete({
source: "sql.py?getsavedserver="+$('#group').val()+'&token='+$('#token').val(),
autoFocus: true,
minLength: 1,
focus: function( event, ui ) {
$(this).val( ui.item.value );
return false;
},
select: function( event, ui ) {
$(this).append(ui.item.value + " ");
$(this).next().focus();
}
})
.autocomplete( "instance" )._renderItem = function( ul, item ) {
return $( "<li>" )
.append( "<div>" + item.value + "<br>" + item.desc + "</div>" )
.appendTo( ul );
};
$('#add-saved-server-button').click(function() {
if ($('#saved-server-add-table').css('display', 'none')) {
$('#saved-server-add-table').show("blind", "fast");
}
});
$('#add-saved-server-new').click(function() {
$('#error').remove();
$('.alert-danger').remove();
$.ajax( {
url: "sql.py",
data: {
newsavedserver: $('#new-saved-servers').val(),
newsavedservergroup: $('#group').val(),
newsavedserverdesc: $('#new-saved-servers-description').val(),
token: $('#token').val()
},
type: "GET",
success: function( data ) {
if (data.indexOf('error') != '-1') {
$("#ajax-option").append(data);
$('#errorMess').click(function() {
$('#error').remove();
$('.alert-danger').remove();
});
} else {
$("#servers_table").append(data);
setTimeout(function() {
$( ".newsavedserver" ).removeClass( "update" );
}, 2500 );
$.getScript("/inc/fontawesome.min.js");
}
}
} );
});
var forward_for_var = "option forwardfor if-none\n"; var forward_for_var = "option forwardfor if-none\n";
$('#forward_for').click(function() { $('#forward_for').click(function() {
if($('#optionsInput').val().indexOf(forward_for_var) == '-1') { if($('#optionsInput').val().indexOf(forward_for_var) == '-1') {
@ -909,4 +965,130 @@ function createHttps(TabId, proxy) {
$('#'+proxy+'-mode-select').selectmenu('refresh'); $('#'+proxy+'-mode-select').selectmenu('refresh');
history.pushState('Add'+proxy, 'Add'+proxy, 'add.py#'+proxy) history.pushState('Add'+proxy, 'Add'+proxy, 'add.py#'+proxy)
} }
function confirmDeleteOption(id) {
$( "#dialog-confirm-delete" ).dialog({
resizable: false,
height: "auto",
width: 400,
modal: true,
title: "Are you sure you want to delete " +$('#option-'+id).val() + "?",
buttons: {
"Delete": function() {
$( this ).dialog( "close" );
removeOption(id);
},
Cancel: function() {
$( this ).dialog( "close" );
}
}
});
}
function removeOption(id) {
$("#option-"+id).css("background-color", "#f2dede");
$.ajax( {
url: "sql.py",
data: {
optiondel: id,
token: $('#token').val()
},
type: "GET",
success: function( data ) {
data = data.replace(/\s+/g,' ');
if(data == "Ok ") {
$("#option-"+id).remove();
}
}
} );
}
function updateOptions(id) {
$('#error').remove();
$.ajax( {
url: "sql.py",
data: {
updateoption: $('#option-body-'+id).val(),
id: id,
token: $('#token').val()
},
type: "GET",
success: function( data ) {
data = data.replace(/\s+/g,' ');
if (data.indexOf('error') != '-1') {
$("#ajax-ssh").append(data);
$('#errorMess').click(function() {
$('#error').remove();
$('.alert-danger').remove();
});
} else {
$('.alert-danger').remove();
$("#option-"+id).addClass( "update", 1000 );
setTimeout(function() {
$( "#option-"+id ).removeClass( "update" );
}, 2500 );
}
}
} );
}
function confirmDeleteSavedServer(id) {
$( "#dialog-confirm-delete" ).dialog({
resizable: false,
height: "auto",
width: 400,
modal: true,
title: "Are you sure you want to delete " +$('#servers-saved-'+id).val() + "?",
buttons: {
"Delete": function() {
$( this ).dialog( "close" );
removeSavedServer(id);
},
Cancel: function() {
$( this ).dialog( "close" );
}
}
});
}
function removeSavedServer(id) {
$("#servers-saved-"+id).css("background-color", "#f2dede");
$.ajax( {
url: "sql.py",
data: {
savedserverdel: id,
token: $('#token').val()
},
type: "GET",
success: function( data ) {
data = data.replace(/\s+/g,' ');
if(data == "Ok ") {
$("#servers-saved-"+id).remove();
}
}
} );
}
function updateSavedServer(id) {
$('#error').remove();
$.ajax( {
url: "sql.py",
data: {
updatesavedserver: $('#servers-ip-'+id).val(),
description: $('#servers-desc-'+id).val(),
id: id,
token: $('#token').val()
},
type: "GET",
success: function( data ) {
data = data.replace(/\s+/g,' ');
if (data.indexOf('error') != '-1') {
$("#ajax-ssh").append(data);
$('#errorMess').click(function() {
$('#error').remove();
$('.alert-danger').remove();
});
} else {
$('.alert-danger').remove();
$("#option-"+id).addClass( "update", 1000 );
setTimeout(function() {
$( "#option-"+id ).removeClass( "update" );
}, 2500 );
}
}
} );
}

66
inc/script.js
View File

@ -240,7 +240,6 @@ function showOverviewServer(name,ip,id) {
$("#ajax-server-"+id).removeClass( "update" ); $("#ajax-server-"+id).removeClass( "update" );
$("#ajax-server-"+id).css('background-color', '#f9fff8'); $("#ajax-server-"+id).css('background-color', '#f9fff8');
}, 2500 ); }, 2500 );
// $.getScript('/inc/overview.js');
} }
} ); } );
} }
@ -266,7 +265,7 @@ function showOverviewWaf() {
$( "input[type=submit], button" ).button(); $( "input[type=submit], button" ).button();
$( "input[type=checkbox]" ).checkboxradio(); $( "input[type=checkbox]" ).checkboxradio();
} else { } else {
$('.first-collumn-wi').css('padding', '15px'); $('.first-collumn-wi').css('padding', '10px');
} }
} }
} ); } );
@ -818,69 +817,6 @@ $( function() {
} ); } );
} }
}); });
function updateOptions(id) {
$('#error').remove();
$.ajax( {
url: "sql.py",
data: {
updateoption: $('#option-body-'+id).val(),
id: id,
token: $('#token').val()
},
type: "GET",
success: function( data ) {
data = data.replace(/\s+/g,' ');
if (data.indexOf('error') != '-1') {
$("#ajax-ssh").append(data);
$('#errorMess').click(function() {
$('#error').remove();
$('.alert-danger').remove();
});
} else {
$('.alert-danger').remove();
$("#option-"+id).addClass( "update", 1000 );
setTimeout(function() {
$( "#option-"+id ).removeClass( "update" );
}, 2500 );
}
}
} );
}
function confirmDeleteOption(id) {
$( "#dialog-confirm-delete" ).dialog({
resizable: false,
height: "auto",
width: 400,
modal: true,
title: "Are you sure you want to delete " +$('#option-'+id).val() + "?",
buttons: {
"Delete": function() {
$( this ).dialog( "close" );
removeOption(id);
},
Cancel: function() {
$( this ).dialog( "close" );
}
}
});
}
function removeOption(id) {
$("#option-"+id).css("background-color", "#f2dede");
$.ajax( {
url: "sql.py",
data: {
optiondel: id,
token: $('#token').val()
},
type: "GET",
success: function( data ) {
data = data.replace(/\s+/g,' ');
if(data == "Ok ") {
$("#option-"+id).remove();
}
}
} );
}
function sleep(ms) { function sleep(ms) {
return new Promise(resolve => setTimeout(resolve, ms)); return new Promise(resolve => setTimeout(resolve, ms));
} }

15
inc/users.js
View File

@ -1,4 +1,3 @@
var users = '/inc/usersdop.js'
var awesome = "/inc/fontawesome.min.js" var awesome = "/inc/fontawesome.min.js"
jQuery.expr[':'].regex = function(elem, index, match) { jQuery.expr[':'].regex = function(elem, index, match) {
@ -511,14 +510,6 @@ function addUser() {
} else { } else {
$('.alert-danger').remove(); $('.alert-danger').remove();
$("#ajax-users").append(data); $("#ajax-users").append(data);
$( ".newuser" ).addClass( "update", 1000 );
setTimeout(function() {
$( ".newuser" ).removeClass( "update" );
}, 2500 );
$.getScript(awesome);
$( "input[type=submit], button" ).button();
$( "input[type=checkbox]" ).checkboxradio();
$( "select" ).selectmenu();
} }
} }
} ); } );
@ -779,8 +770,10 @@ function cloneServer(id) {
$('#slavefor').selectmenu("refresh"); $('#slavefor').selectmenu("refresh");
$('#credentials').val($('#credentials-'+id+' option:selected').val()).change() $('#credentials').val($('#credentials-'+id+' option:selected').val()).change()
$('#credentials').selectmenu("refresh"); $('#credentials').selectmenu("refresh");
if (cur_url[0] == 'users.py') {
$('#new-server-group-add').val($('#servergroup-'+id+' option:selected').val()).change() $('#new-server-group-add').val($('#servergroup-'+id+' option:selected').val()).change()
$('#new-server-group-add').selectmenu("refresh"); $('#new-server-group-add').selectmenu("refresh");
}
} }
function cloneUser(id) { function cloneUser(id) {
$( "#add-user-button" ).trigger( "click" ); $( "#add-user-button" ).trigger( "click" );
@ -792,8 +785,10 @@ function cloneUser(id) {
$('#activeuser').checkboxradio("refresh"); $('#activeuser').checkboxradio("refresh");
$('#new-role').val($('#role-'+id+' option:selected').val()).change() $('#new-role').val($('#role-'+id+' option:selected').val()).change()
$('#new-role').selectmenu("refresh"); $('#new-role').selectmenu("refresh");
$('#new-group').val($('#usergroup-'+id+' option:selected').val()).change() if (cur_url[0] == 'users.py') {
$('#new-group').val($('#usergroup-'+id+' option:selected').val()).change();
$('#new-group').selectmenu("refresh"); $('#new-group').selectmenu("refresh");
}
} }
function cloneTelegram(id) { function cloneTelegram(id) {
$( "#add-telegram-button" ).trigger( "click" ); $( "#add-telegram-button" ).trigger( "click" );

1
install.sh
View File

@ -292,7 +292,6 @@ sudo mkdir /var/www/$HOME_HAPROXY_WI/configs/kp_config/
sudo mkdir /var/www/$HOME_HAPROXY_WI/log/ sudo mkdir /var/www/$HOME_HAPROXY_WI/log/
sudo sudo chmod +x /var/www/$HOME_HAPROXY_WI/app/*.py sudo sudo chmod +x /var/www/$HOME_HAPROXY_WI/app/*.py
sudo chmod +x /var/www/$HOME_HAPROXY_WI/app/tools/*.py sudo chmod +x /var/www/$HOME_HAPROXY_WI/app/tools/*.py
chmod +x /var/www/$HOME_HAPROXY_WI/update.sh
sudo ln -s /usr/bin/python3.5 /usr/bin/python3 sudo ln -s /usr/bin/python3.5 /usr/bin/python3
cd /var/www/$HOME_HAPROXY_WI/app cd /var/www/$HOME_HAPROXY_WI/app

34
update.sh
View File

@ -1,34 +0,0 @@
#!/bin/bash
cp app/haproxy-wi.cfg /tmp/
mv -f /tmp/haproxy-wi.cfg app/haproxy-wi.cfg
git reset --hard
git pull https://github.com/Aidaho12/haproxy-wi.git
chmod +x app/*py
chmod +x app/tools/*py
if hash apt-get 2>/dev/null; then
sudo chown -R www-data:www-data app/
else
sudo chown -R apache:apache app/
fi
cd app/
./create_db.py
LOG='/tmp/haproxy-wi_install.log'
pip3.5 install -r /var/www/haproxy-wi/requirements.txt &> $LOG
chmod +x ../update.sh
echo "################"
echo ""
echo "ATTENTION!!! New config file name is: haproxy-wi.cfg"
echo ""
echo ""
echo "Install log in $LOG"
echo ""
echo "################"