Changelog: https://roxy-wi.org/changelog#6_3_1
pull/355/head
Pavel Loginov 2022-12-07 16:49:42 +03:00
parent 586f4c626f
commit 729df72f11
4 changed files with 41 additions and 31 deletions

View File

@ -4,6 +4,7 @@ import http.cookies
import modules.db.sql as sql
import modules.server.ssh as mod_ssh
import modules.server.server as mod_server
import modules.common.common as common
import modules.roxywi.common as roxywi_common
import modules.roxy_wi_tools as roxy_wi_tools
@ -219,7 +220,7 @@ def upload_and_restart(server_ip: str, cfg: str, **kwargs):
return error
try:
error = mod_ssh.ssh_command(server_ip, commands)
error = mod_server.ssh_command(server_ip, commands)
try:
if action == 'reload' or action == 'restart':
roxywi_common.logging(server_ip, f'Service has been {action}ed', login=login, keep_history=1, service=service)
@ -327,7 +328,7 @@ def diff_config(oldcfg, cfg, **kwargs):
except Exception:
login = ''
output, stderr = mod_ssh.subprocess_execute(cmd)
output, stderr = mod_server.subprocess_execute(cmd)
if kwargs.get('return_diff'):
for line in output:
@ -382,7 +383,7 @@ def get_ssl_cert(server_ip: str) -> None:
cert_path = sql.get_setting('cert_path')
commands = [f"openssl x509 -in {cert_path}/{cert_id} -text"]
try:
mod_ssh.ssh_command(server_ip, commands, ip="1")
mod_server.ssh_command(server_ip, commands, ip="1")
except Exception as e:
print(f'error: Cannot connect to the server {e.args[0]}')
@ -391,7 +392,7 @@ def get_ssl_certs(server_ip: str) -> None:
cert_path = sql.get_setting('cert_path')
commands = [f"sudo ls -1t {cert_path} |grep -E 'pem|crt|key'"]
try:
mod_ssh.ssh_command(server_ip, commands, ip="1")
mod_server.ssh_command(server_ip, commands, ip="1")
except Exception as e:
print(f'error: Cannot connect to the server: {e.args[0]}')
@ -402,7 +403,7 @@ def del_ssl_cert(server_ip: str) -> None:
cert_path = sql.get_setting('cert_path')
commands = [f"sudo rm -f {cert_path}/{cert_id}"]
try:
mod_ssh.ssh_command(server_ip, commands, ip="1")
mod_server.ssh_command(server_ip, commands, ip="1")
except Exception as e:
print(f'error: Cannot delete the certificate {e.args[0]}')

View File

@ -381,3 +381,30 @@ def update_system_info() -> None:
print(template)
except Exception as e:
print(f'error: Cannot update server info: {e}')
def show_firewalld_rules() -> None:
from jinja2 import Environment, FileSystemLoader
serv = common.checkAjaxInput(form.getvalue('viewFirewallRules'))
cmd = ["sudo iptables -L INPUT -n --line-numbers|sed 's/ */ /g'|grep -v -E 'Chain|target'"]
cmd1 = ["sudo iptables -L IN_public_allow -n --line-numbers|sed 's/ */ /g'|grep -v -E 'Chain|target'"]
cmd2 = ["sudo iptables -L OUTPUT -n --line-numbers|sed 's/ */ /g'|grep -v -E 'Chain|target'"]
input_chain = ssh_command(serv, cmd, raw=1)
input_chain2 = []
for each_line in input_chain:
input_chain2.append(each_line.strip('\n'))
if 'error:' in input_chain:
print(input_chain)
return
in_public_allow = ssh_command(serv, cmd1, raw=1)
output_chain = ssh_command(serv, cmd2, raw=1)
env = Environment(loader=FileSystemLoader('templates'))
template = env.get_template('ajax/firewall_rules.html')
template = template.render(input=input_chain2, IN_public_allow=in_public_allow, output=output_chain)
print(template)

View File

@ -151,7 +151,10 @@ def delete_ssh_key() -> None:
ssh_key_name = f'{lib_path}/keys/{sshs.name}.pem'
if ssh_enable == 1:
os.remove(ssh_key_name)
try:
os.remove(ssh_key_name)
except Exception:
pass
if sql.delete_ssh(sshdel):
print("Ok")
roxywi_common.logging('Roxy-WI server', f'The SSH credentials {name} has deleted', roxywi=1, login=1)

View File

@ -1558,7 +1558,7 @@ if form.getvalue('telegramdel') is not None:
import modules.alerting.alerting as alerting
channel_id = common.checkAjaxInput(form.getvalue('telegramdel'))
telegram = sql.select_telegram(id=telegramdel)
telegram = sql.select_telegram(id=channel_id)
alerting.delete_telegram_channel(telegram, channel_id)
@ -1568,7 +1568,7 @@ if form.getvalue('slackdel') is not None:
channel_id = common.checkAjaxInput(form.getvalue('slackdel'))
slack = sql.select_slack(id=channel_id)
alerting.delete_slack_channel(telegram, channel_id)
alerting.delete_slack_channel(slack, channel_id)
if form.getvalue('updatetoken') is not None:
token = common.checkAjaxInput(form.getvalue('updatetoken'))
@ -1979,28 +1979,7 @@ if form.getvalue('scan_ports') is not None:
print(template)
if form.getvalue('viewFirewallRules') is not None:
serv = common.checkAjaxInput(form.getvalue('viewFirewallRules'))
cmd = ["sudo iptables -L INPUT -n --line-numbers|sed 's/ */ /g'|grep -v -E 'Chain|target'"]
cmd1 = ["sudo iptables -L IN_public_allow -n --line-numbers|sed 's/ */ /g'|grep -v -E 'Chain|target'"]
cmd2 = ["sudo iptables -L OUTPUT -n --line-numbers|sed 's/ */ /g'|grep -v -E 'Chain|target'"]
input_chain = server_mod.ssh_command(serv, cmd, raw=1)
input_chain2 = []
for each_line in input_chain:
input_chain2.append(each_line.strip('\n'))
if 'error:' in input_chain:
print(input_chain)
sys.exit()
IN_public_allow = server_mod.ssh_command(serv, cmd1, raw=1)
output_chain = server_mod.ssh_command(serv, cmd2, raw=1)
env = Environment(loader=FileSystemLoader('templates'))
template = env.get_template('ajax/firewall_rules.html')
template = template.render(input=input_chain2, IN_public_allow=IN_public_allow, output=output_chain)
print(template)
server_mod.show_firewalld_rules()
if form.getvalue('geoipserv') is not None:
serv = common.checkAjaxInput(form.getvalue('geoipserv'))
@ -2008,7 +1987,7 @@ if form.getvalue('geoipserv') is not None:
if service in ('haproxy', 'nginx'):
service_dir = common.return_nice_path(sql.get_setting(f'{service}_dir'))
cmd = [f"ls {service_dir} geoip/"]
cmd = [f"ls {service_dir}geoip/"]
print(server_mod.ssh_command(serv, cmd))
else:
print('warning: select a server and service first')