From 729df72f11266f8182922847322547783c4e49dc Mon Sep 17 00:00:00 2001
From: Pavel Loginov <aidaho@roxy-wi.org>
Date: Wed, 7 Dec 2022 16:49:42 +0300
Subject: [PATCH] v6.3.1.0

Changelog: https://roxy-wi.org/changelog#6_3_1
---
 app/modules/config/config.py | 11 ++++++-----
 app/modules/server/server.py | 27 +++++++++++++++++++++++++++
 app/modules/server/ssh.py    |  5 ++++-
 app/options.py               | 29 ++++-------------------------
 4 files changed, 41 insertions(+), 31 deletions(-)

diff --git a/app/modules/config/config.py b/app/modules/config/config.py
index 7797fba6..4ab2a7a4 100644
--- a/app/modules/config/config.py
+++ b/app/modules/config/config.py
@@ -4,6 +4,7 @@ import http.cookies
 
 import modules.db.sql as sql
 import modules.server.ssh as mod_ssh
+import modules.server.server as mod_server
 import modules.common.common as common
 import modules.roxywi.common as roxywi_common
 import modules.roxy_wi_tools as roxy_wi_tools
@@ -219,7 +220,7 @@ def upload_and_restart(server_ip: str, cfg: str, **kwargs):
 		return error
 
 	try:
-		error = mod_ssh.ssh_command(server_ip, commands)
+		error = mod_server.ssh_command(server_ip, commands)
 		try:
 			if action == 'reload' or action == 'restart':
 				roxywi_common.logging(server_ip, f'Service has been {action}ed', login=login, keep_history=1, service=service)
@@ -327,7 +328,7 @@ def diff_config(oldcfg, cfg, **kwargs):
 	except Exception:
 		login = ''
 
-	output, stderr = mod_ssh.subprocess_execute(cmd)
+	output, stderr = mod_server.subprocess_execute(cmd)
 
 	if kwargs.get('return_diff'):
 		for line in output:
@@ -382,7 +383,7 @@ def get_ssl_cert(server_ip: str) -> None:
 	cert_path = sql.get_setting('cert_path')
 	commands = [f"openssl x509 -in {cert_path}/{cert_id} -text"]
 	try:
-		mod_ssh.ssh_command(server_ip, commands, ip="1")
+		mod_server.ssh_command(server_ip, commands, ip="1")
 	except Exception as e:
 		print(f'error: Cannot connect to the server {e.args[0]}')
 
@@ -391,7 +392,7 @@ def get_ssl_certs(server_ip: str) -> None:
 	cert_path = sql.get_setting('cert_path')
 	commands = [f"sudo ls -1t {cert_path} |grep -E 'pem|crt|key'"]
 	try:
-		mod_ssh.ssh_command(server_ip, commands, ip="1")
+		mod_server.ssh_command(server_ip, commands, ip="1")
 	except Exception as e:
 		print(f'error: Cannot connect to the server: {e.args[0]}')
 
@@ -402,7 +403,7 @@ def del_ssl_cert(server_ip: str) -> None:
 	cert_path = sql.get_setting('cert_path')
 	commands = [f"sudo rm -f {cert_path}/{cert_id}"]
 	try:
-		mod_ssh.ssh_command(server_ip, commands, ip="1")
+		mod_server.ssh_command(server_ip, commands, ip="1")
 	except Exception as e:
 		print(f'error: Cannot delete the certificate {e.args[0]}')
 
diff --git a/app/modules/server/server.py b/app/modules/server/server.py
index 3bd174dc..01cfeb11 100644
--- a/app/modules/server/server.py
+++ b/app/modules/server/server.py
@@ -381,3 +381,30 @@ def update_system_info() -> None:
 		print(template)
 	except Exception as e:
 		print(f'error: Cannot update server info: {e}')
+
+
+def show_firewalld_rules() -> None:
+	from jinja2 import Environment, FileSystemLoader
+
+	serv = common.checkAjaxInput(form.getvalue('viewFirewallRules'))
+
+	cmd = ["sudo iptables -L INPUT -n --line-numbers|sed 's/  */ /g'|grep -v -E 'Chain|target'"]
+	cmd1 = ["sudo iptables -L IN_public_allow -n --line-numbers|sed 's/  */ /g'|grep -v -E 'Chain|target'"]
+	cmd2 = ["sudo iptables -L OUTPUT -n --line-numbers|sed 's/  */ /g'|grep -v -E 'Chain|target'"]
+
+	input_chain = ssh_command(serv, cmd, raw=1)
+
+	input_chain2 = []
+	for each_line in input_chain:
+		input_chain2.append(each_line.strip('\n'))
+
+	if 'error:' in input_chain:
+		print(input_chain)
+		return
+
+	in_public_allow = ssh_command(serv, cmd1, raw=1)
+	output_chain = ssh_command(serv, cmd2, raw=1)
+	env = Environment(loader=FileSystemLoader('templates'))
+	template = env.get_template('ajax/firewall_rules.html')
+	template = template.render(input=input_chain2, IN_public_allow=in_public_allow, output=output_chain)
+	print(template)
diff --git a/app/modules/server/ssh.py b/app/modules/server/ssh.py
index 28866647..dd9e8472 100644
--- a/app/modules/server/ssh.py
+++ b/app/modules/server/ssh.py
@@ -151,7 +151,10 @@ def delete_ssh_key() -> None:
 		ssh_key_name = f'{lib_path}/keys/{sshs.name}.pem'
 
 	if ssh_enable == 1:
-		os.remove(ssh_key_name)
+		try:
+			os.remove(ssh_key_name)
+		except Exception:
+			pass
 	if sql.delete_ssh(sshdel):
 		print("Ok")
 		roxywi_common.logging('Roxy-WI server', f'The SSH credentials {name} has deleted', roxywi=1, login=1)
diff --git a/app/options.py b/app/options.py
index c2e64c1d..2970caf7 100644
--- a/app/options.py
+++ b/app/options.py
@@ -1558,7 +1558,7 @@ if form.getvalue('telegramdel') is not None:
     import modules.alerting.alerting as alerting
 
     channel_id = common.checkAjaxInput(form.getvalue('telegramdel'))
-    telegram = sql.select_telegram(id=telegramdel)
+    telegram = sql.select_telegram(id=channel_id)
 
     alerting.delete_telegram_channel(telegram, channel_id)
 
@@ -1568,7 +1568,7 @@ if form.getvalue('slackdel') is not None:
     channel_id = common.checkAjaxInput(form.getvalue('slackdel'))
     slack = sql.select_slack(id=channel_id)
 
-    alerting.delete_slack_channel(telegram, channel_id)
+    alerting.delete_slack_channel(slack, channel_id)
 
 if form.getvalue('updatetoken') is not None:
     token = common.checkAjaxInput(form.getvalue('updatetoken'))
@@ -1979,28 +1979,7 @@ if form.getvalue('scan_ports') is not None:
         print(template)
 
 if form.getvalue('viewFirewallRules') is not None:
-    serv = common.checkAjaxInput(form.getvalue('viewFirewallRules'))
-
-    cmd = ["sudo iptables -L INPUT -n --line-numbers|sed 's/  */ /g'|grep -v -E 'Chain|target'"]
-    cmd1 = ["sudo iptables -L IN_public_allow -n --line-numbers|sed 's/  */ /g'|grep -v -E 'Chain|target'"]
-    cmd2 = ["sudo iptables -L OUTPUT -n --line-numbers|sed 's/  */ /g'|grep -v -E 'Chain|target'"]
-
-    input_chain = server_mod.ssh_command(serv, cmd, raw=1)
-
-    input_chain2 = []
-    for each_line in input_chain:
-        input_chain2.append(each_line.strip('\n'))
-
-    if 'error:' in input_chain:
-        print(input_chain)
-        sys.exit()
-
-    IN_public_allow = server_mod.ssh_command(serv, cmd1, raw=1)
-    output_chain = server_mod.ssh_command(serv, cmd2, raw=1)
-    env = Environment(loader=FileSystemLoader('templates'))
-    template = env.get_template('ajax/firewall_rules.html')
-    template = template.render(input=input_chain2, IN_public_allow=IN_public_allow, output=output_chain)
-    print(template)
+    server_mod.show_firewalld_rules()
 
 if form.getvalue('geoipserv') is not None:
     serv = common.checkAjaxInput(form.getvalue('geoipserv'))
@@ -2008,7 +1987,7 @@ if form.getvalue('geoipserv') is not None:
     if service in ('haproxy', 'nginx'):
         service_dir = common.return_nice_path(sql.get_setting(f'{service}_dir'))
 
-        cmd = [f"ls {service_dir} geoip/"]
+        cmd = [f"ls {service_dir}geoip/"]
         print(server_mod.ssh_command(serv, cmd))
     else:
         print('warning: select a server and service first')