mirror of https://github.com/Aidaho12/haproxy-wi
parent
236f25113b
commit
8550b15b22
|
@ -138,6 +138,28 @@ def create_table(**kwargs):
|
|||
CREATE TABLE IF NOT EXISTS `waf` (`server_id` INTEGER UNIQUE, metrics INTEGER);
|
||||
CREATE TABLE IF NOT EXISTS `waf_metrics` (`serv` varchar(64), conn INTEGER, `date` DATETIME default '0000-00-00 00:00:00');
|
||||
CREATE TABLE IF NOT EXISTS user_groups(user_id INTEGER NOT NULL, user_group_id INTEGER NOT NULL, UNIQUE(user_id,user_group_id));
|
||||
CREATE TABLE IF NOT EXISTS port_scanner_settings (
|
||||
server_id INTEGER NOT NULL,
|
||||
user_group_id INTEGER NOT NULL,
|
||||
enabled INTEGER NOT NULL,
|
||||
notify INTEGER NOT NULL,
|
||||
history INTEGER NOT NULL,
|
||||
UNIQUE(server_id)
|
||||
);
|
||||
CREATE TABLE IF NOT EXISTS port_scanner_ports (
|
||||
`serv` varchar(64),
|
||||
user_group_id INTEGER NOT NULL,
|
||||
port INTEGER NOT NULL,
|
||||
service_name varchar(64),
|
||||
`date` DATETIME default '0000-00-00 00:00:00'
|
||||
);
|
||||
CREATE TABLE IF NOT EXISTS port_scanner_history (
|
||||
`serv` varchar(64),
|
||||
port INTEGER NOT NULL,
|
||||
status varchar(64),
|
||||
service_name varchar(64),
|
||||
`date` DATETIME default '0000-00-00 00:00:00'
|
||||
);
|
||||
CREATE TABLE IF NOT EXISTS providers_creds (
|
||||
`id` INTEGER NOT NULL,
|
||||
`name` VARCHAR ( 64 ),
|
||||
|
@ -173,7 +195,15 @@ def create_table(**kwargs):
|
|||
`last_error` VARCHAR ( 256 ),
|
||||
`delete_on_termination` INTEGER,
|
||||
PRIMARY KEY(`id`)
|
||||
);
|
||||
);
|
||||
CREATE TABLE api_tokens (
|
||||
`token` varchar(64),
|
||||
`user_name` varchar(64),
|
||||
`user_group_id` INTEGER NOT NULL,
|
||||
`user_role` INTEGER NOT NULL,
|
||||
`create_date` DATETIME default '0000-00-00 00:00:00',
|
||||
`expire_date` DATETIME default '0000-00-00 00:00:00'
|
||||
);
|
||||
"""
|
||||
try:
|
||||
cur.executescript(sql)
|
||||
|
@ -1012,6 +1042,7 @@ def update_db_v_5(**kwargs):
|
|||
cur.close()
|
||||
con.close()
|
||||
|
||||
|
||||
def update_db_v_51(**kwargs):
|
||||
con, cur = get_cur()
|
||||
sql = """CREATE TABLE IF NOT EXISTS provisioned_servers (
|
||||
|
@ -1073,6 +1104,51 @@ def update_db_v_5_0_1(**kwargs):
|
|||
con.close()
|
||||
|
||||
|
||||
def update_db_v_5_1_0(**kwargs):
|
||||
con, cur = get_cur()
|
||||
sql = """
|
||||
INSERT INTO settings (param, value, section, `desc`) values('port_scan_interval', '5', 'monitoring', 'Port scanner check interval, in minutes');
|
||||
"""
|
||||
try:
|
||||
cur.execute(sql)
|
||||
con.commit()
|
||||
except sqltool.Error as e:
|
||||
if kwargs.get('silent') != 1:
|
||||
if e.args[0] == 'columns param, group are not unique' or e == " 1060 (42S21): columns param, group are not unique ":
|
||||
print('Updating... DB has been updated to version 5.1.0')
|
||||
else:
|
||||
print("An error occurred:", e)
|
||||
else:
|
||||
print("Updating... DB has been updated to version 5.1.0")
|
||||
|
||||
cur.close()
|
||||
con.close()
|
||||
|
||||
|
||||
def update_db_v_5_1_0_1(**kwargs):
|
||||
con, cur = get_cur()
|
||||
sql = """CREATE TABLE api_tokens (
|
||||
`token` varchar(64),
|
||||
`user_name` varchar(64),
|
||||
`user_group_id` INTEGER NOT NULL,
|
||||
`user_role` INTEGER NOT NULL,
|
||||
`create_date` DATETIME default '0000-00-00 00:00:00',
|
||||
`expire_date` DATETIME default '0000-00-00 00:00:00'
|
||||
); """
|
||||
try:
|
||||
cur.execute(sql)
|
||||
con.commit()
|
||||
except sqltool.Error as e:
|
||||
if kwargs.get('silent') != 1:
|
||||
if e.args[0] == 'duplicate column name: version' or e == "1060 (42S21): Duplicate column name 'version' ":
|
||||
print('Updating... DB has been updated to version 5.1.0')
|
||||
else:
|
||||
print("Updating... DB has been updated to version 5.1.0")
|
||||
|
||||
cur.close()
|
||||
con.close()
|
||||
|
||||
|
||||
def update_ver():
|
||||
con, cur = get_cur()
|
||||
sql = """update version set version = '5.0.2.0'; """
|
||||
|
@ -1112,6 +1188,8 @@ def update_all():
|
|||
update_db_v_5()
|
||||
update_db_v_51()
|
||||
update_db_v_5_0_1()
|
||||
update_db_v_5_1_0()
|
||||
update_db_v_5_1_0_1()
|
||||
update_ver()
|
||||
|
||||
|
||||
|
@ -1142,6 +1220,8 @@ def update_all_silent():
|
|||
update_db_v_5(silent=1)
|
||||
update_db_v_51(silent=1)
|
||||
update_db_v_5_0_1(silent=1)
|
||||
update_db_v_5_1_0(silent=1)
|
||||
update_db_v_5_1_0_1(silent=1)
|
||||
update_ver()
|
||||
|
||||
|
||||
|
|
21
app/funct.py
21
app/funct.py
|
@ -16,7 +16,7 @@ def get_app_dir():
|
|||
def get_config_var(sec, var):
|
||||
from configparser import ConfigParser, ExtendedInterpolation
|
||||
try:
|
||||
path_config = "haproxy-wi.cfg"
|
||||
path_config = "/var/www/haproxy-wi/app/haproxy-wi.cfg"
|
||||
config = ConfigParser(interpolation=ExtendedInterpolation())
|
||||
config.read(path_config)
|
||||
except Exception:
|
||||
|
@ -63,7 +63,7 @@ def get_user_group(**kwargs):
|
|||
else:
|
||||
user_group = g[1]
|
||||
except Exception:
|
||||
user_group = ''
|
||||
check_user_group()
|
||||
|
||||
return user_group
|
||||
|
||||
|
@ -72,8 +72,11 @@ def logging(serv, action, **kwargs):
|
|||
import sql
|
||||
import http.cookies
|
||||
log_path = get_config_var('main', 'log_path')
|
||||
user_group = get_user_group()
|
||||
cookie = http.cookies.SimpleCookie(os.environ.get("HTTP_COOKIE"))
|
||||
try:
|
||||
user_group = get_user_group()
|
||||
cookie = http.cookies.SimpleCookie(os.environ.get("HTTP_COOKIE"))
|
||||
except:
|
||||
user_group = ''
|
||||
|
||||
if not os.path.exists(log_path):
|
||||
os.makedirs(log_path)
|
||||
|
@ -140,7 +143,7 @@ def telegram_send_mess(mess, **kwargs):
|
|||
channel_name = telegram[2]
|
||||
|
||||
if token_bot == '' or channel_name == '':
|
||||
mess = " Fatal: Can't send message. Add Telegram channel before use alerting at this servers group"
|
||||
mess = " error: Can't send message. Add Telegram channel before use alerting at this servers group"
|
||||
print(mess)
|
||||
logging('localhost', mess, haproxywi=1)
|
||||
sys.exit()
|
||||
|
@ -1177,7 +1180,10 @@ def get_users_params(**kwargs):
|
|||
return user, user_id, role, token, servers
|
||||
|
||||
|
||||
def check_user_group():
|
||||
def check_user_group(**kwargs):
|
||||
if kwargs.get('token') is not None:
|
||||
return True
|
||||
|
||||
import http.cookies
|
||||
import os
|
||||
import sql
|
||||
|
@ -1218,9 +1224,10 @@ def get_services_status():
|
|||
services_name = {'checker_haproxy': 'Checker backends master service',
|
||||
'keep_alive': 'Auto start service',
|
||||
'metrics_haproxy': 'Metrics master service',
|
||||
'portscanner': 'Port scanner service',
|
||||
'smon': 'Simple monitoring network ports',
|
||||
'prometheus': 'Prometheus service',
|
||||
'grafana-server': 'Grafana service',
|
||||
'smon': 'Simple monitoring network ports',
|
||||
'fail2ban': 'Fail2ban service'}
|
||||
for s, v in services_name.items():
|
||||
cmd = "systemctl status %s |grep Act |awk '{print $2}'" % s
|
||||
|
|
72
app/sql.py
72
app/sql.py
|
@ -525,6 +525,21 @@ def get_group_name_by_id(group_id):
|
|||
con.close()
|
||||
|
||||
|
||||
def get_group_id_by_name(group_name):
|
||||
con, cur = get_cur()
|
||||
sql = """select id from groups where name = '%s' """ % group_name
|
||||
|
||||
try:
|
||||
cur.execute(sql)
|
||||
except sqltool.Error as e:
|
||||
return funct.out_error(e)
|
||||
else:
|
||||
for group_id in cur.fetchone():
|
||||
return group_id
|
||||
cur.close()
|
||||
con.close()
|
||||
|
||||
|
||||
def select_server_by_name(name):
|
||||
con, cur = get_cur()
|
||||
sql = """select ip from servers where hostname='%s' """ % name
|
||||
|
@ -620,6 +635,52 @@ def write_user_token(login, user_token):
|
|||
con.close()
|
||||
|
||||
|
||||
def write_api_token(user_token, group_id, user_role, user_name):
|
||||
con, cur = get_cur()
|
||||
token_ttl = get_setting('token_ttl')
|
||||
|
||||
if mysql_enable == '1':
|
||||
sql = """ insert into api_tokens (token, user_name, user_group_id, user_role, create_date, expire_date) values('%s', '%s', '%s', '%s', now(), now()+ INTERVAL %s day) """ % (user_token, user_name, group_id, user_role, token_ttl)
|
||||
else:
|
||||
sql = """ insert into api_tokens (token, user_name, user_group_id, user_role, create_date, expire_date) values('%s', '%s', '%s', '%s', datetime('now'), datetime('now', '+%s days')) """ % (user_token, user_name, group_id, user_role, token_ttl)
|
||||
try:
|
||||
cur.execute(sql)
|
||||
con.commit()
|
||||
except sqltool.Error as e:
|
||||
return str(e)
|
||||
con.rollback()
|
||||
cur.close()
|
||||
con.close()
|
||||
|
||||
|
||||
def get_api_token(token):
|
||||
con, cur = get_cur()
|
||||
sql = """ select token from api_tokens where token = '%s' """ % token
|
||||
try:
|
||||
cur.execute(sql)
|
||||
except sqltool.Error as e:
|
||||
return str(e)
|
||||
else:
|
||||
for user_token in cur.fetchall():
|
||||
return True if token == user_token[0] else False
|
||||
cur.close()
|
||||
con.close()
|
||||
|
||||
|
||||
def get_username_groupid_from_api_token(token):
|
||||
con, cur = get_cur()
|
||||
sql = """ select user_name, user_group_id from api_tokens where token = '%s' """ % token
|
||||
try:
|
||||
cur.execute(sql)
|
||||
except sqltool.Error as e:
|
||||
return str(e)
|
||||
else:
|
||||
for u in cur.fetchall():
|
||||
return u[0], u[1]
|
||||
cur.close()
|
||||
con.close()
|
||||
|
||||
|
||||
def get_token(uuid):
|
||||
con, cur = get_cur()
|
||||
sql = """ select token.token from token left join uuid as uuid on uuid.user_id = token.user_id where uuid.uuid = '%s' """ % uuid
|
||||
|
@ -784,14 +845,14 @@ def get_dick_permit(**kwargs):
|
|||
import http.cookies
|
||||
import os
|
||||
if kwargs.get('username'):
|
||||
user = kwargs.get('username')
|
||||
grp = '1'
|
||||
# user = kwargs.get('username')
|
||||
grp = kwargs.get('group_id')
|
||||
else:
|
||||
cookie = http.cookies.SimpleCookie(os.environ.get("HTTP_COOKIE"))
|
||||
user_id = cookie.get('uuid')
|
||||
# user_id = cookie.get('uuid')
|
||||
group = cookie.get('group')
|
||||
grp = group.value
|
||||
user = get_user_id_by_uuid(user_id.value)
|
||||
# user = get_user_id_by_uuid(user_id.value)
|
||||
if kwargs.get('token'):
|
||||
token = kwargs.get('token')
|
||||
else:
|
||||
|
@ -818,7 +879,7 @@ def get_dick_permit(**kwargs):
|
|||
if kwargs.get('keepalived'):
|
||||
nginx = "and keepalived = 1"
|
||||
|
||||
if funct.check_user_group():
|
||||
if funct.check_user_group(token=token):
|
||||
con, cur = get_cur()
|
||||
if grp == '1' and not only_group:
|
||||
sql = """ select * from servers where enable = 1 %s %s %s %s order by pos""" % (disable, type_ip, nginx, ip)
|
||||
|
@ -2442,7 +2503,6 @@ def insert_port_scanner_settings(server_id, user_group_id, enabled, notify, hist
|
|||
con.commit()
|
||||
return True
|
||||
except sqltool.Error as e:
|
||||
funct.out_error(e)
|
||||
con.rollback()
|
||||
return False
|
||||
finally:
|
||||
|
|
Loading…
Reference in New Issue