From 8c9b471363605585e469810dc928282b1041dd6d Mon Sep 17 00:00:00 2001
From: Pavel Loginov <buffoon2001@mail.ru>
Date: Fri, 3 Apr 2020 22:51:50 +0200
Subject: [PATCH] v4.2.1.0

https://haproxy-wi.org/changelog.py#4_2_1
---
 app/funct.py                                      | 15 +++++++++++----
 app/options.py                                    | 14 +++++++++++---
 app/scripts/ansible/roles/haproxy/tasks/main.yml  |  2 +-
 .../ansible/roles/keepalived/tasks/install.yml    |  2 +-
 app/scripts/ansible/roles/nginx.yml               |  2 +-
 app/scripts/waf.sh                                |  2 ++
 6 files changed, 27 insertions(+), 10 deletions(-)

diff --git a/app/funct.py b/app/funct.py
index 2ca16e81..1dbf33ee 100644
--- a/app/funct.py
+++ b/app/funct.py
@@ -1,4 +1,4 @@
-# -*- coding: utf-8 -*-"
+# -*- coding: utf-8 -*-
 import cgi
 import os, sys
 
@@ -455,8 +455,8 @@ def waf_install(serv, **kwargs):
 	os.system("rm -f %s" % script)
 	
 	stderr = ssh_command(serv, commands, print_out="1")
-	if stderr is None:
-		sql.insert_waf_metrics_enable(serv, "0")
+	
+	sql.insert_waf_metrics_enable(serv, "0")
 		
 
 def install_nginx(serv):
@@ -960,4 +960,11 @@ def check_group(group, role_id):
 		return True
 	else:
 		logging('localhost', ' has tried to actions in not own group ', haproxywi=1, login=1)
-		return False
\ No newline at end of file
+		return False
+		
+		
+def check_service(serv, service_name):
+	commands = [ "systemctl status "+service_name+" |grep Active |awk '{print $1}'" ]
+	return ssh_command(serv, commands)
+
+	
\ No newline at end of file
diff --git a/app/options.py b/app/options.py
index 51b6149b..549cfeed 100644
--- a/app/options.py
+++ b/app/options.py
@@ -690,6 +690,10 @@ if form.getvalue('master'):
 	
 	if ssh_enable == 0:
 		ssh_key_name = ''
+		
+	servers = sql.select_servers(server=master)
+	for server in servers:
+		ssh_port = str(server[10])
 	
 	if proxy is not None and proxy != '' and proxy != 'None':
 		proxy_serv = proxy 
@@ -706,7 +710,7 @@ if form.getvalue('master'):
 		funct.install_nginx(master)
 		funct.install_nginx(slave)
 		
-	commands = [ "chmod +x "+script +" &&  ./"+script +" PROXY=" + proxy_serv+ 
+	commands = [ "chmod +x "+script +" &&  ./"+script +" PROXY=" + proxy_serv+" SSH_PORT="+ssh_port+
 				" ETH="+ETH+" IP="+str(IP)+" MASTER=MASTER"+" SYN_FLOOD="+syn_flood+" HOST="+str(master)+
 				" USER="+str(ssh_user_name)+" PASS="+str(ssh_user_password)+" KEY="+str(ssh_key_name) ]
 	
@@ -733,8 +737,12 @@ if form.getvalue('master'):
 	
 	if ssh_enable == 0:
 		ssh_key_name = ''
-		
-	commands = [ "chmod +x "+script +" &&  ./"+script +" PROXY=" +proxy_serv+ 
+	
+	servers = sql.select_servers(server=slave)
+	for server in servers:
+		ssh_port = str(server[10])
+	
+	commands = [ "chmod +x "+script +" &&  ./"+script +" PROXY=" +proxy_serv+" SSH_PORT="+ssh_port+
 				" ETH="+ETH+" IP="+IP+" MASTER=BACKUP"+" HOST="+str(slave)+
 				" USER="+str(ssh_user_name)+" PASS="+str(ssh_user_password)+" KEY="+str(ssh_key_name) ]
 	
diff --git a/app/scripts/ansible/roles/haproxy/tasks/main.yml b/app/scripts/ansible/roles/haproxy/tasks/main.yml
index 0bb542d1..8afe863f 100644
--- a/app/scripts/ansible/roles/haproxy/tasks/main.yml
+++ b/app/scripts/ansible/roles/haproxy/tasks/main.yml
@@ -83,7 +83,7 @@
   
   
 - name: Disble SELINUX in env
-  shell: setenforce 0
+  shell: setenforce 0 2> /dev/null
   ignore_errors: yes
   debugger: never
   
diff --git a/app/scripts/ansible/roles/keepalived/tasks/install.yml b/app/scripts/ansible/roles/keepalived/tasks/install.yml
index 9c765f11..4b8fe213 100644
--- a/app/scripts/ansible/roles/keepalived/tasks/install.yml
+++ b/app/scripts/ansible/roles/keepalived/tasks/install.yml
@@ -62,7 +62,7 @@
   ignore_errors: yes
   
 - name: Disble SELINUX in env
-  shell: setenforce 0
+  shell: setenforce 0 2> /dev/null
   ignore_errors: yes
   debugger: never
   
diff --git a/app/scripts/ansible/roles/nginx.yml b/app/scripts/ansible/roles/nginx.yml
index 27ae9ab0..3b566925 100644
--- a/app/scripts/ansible/roles/nginx.yml
+++ b/app/scripts/ansible/roles/nginx.yml
@@ -65,7 +65,7 @@
       ignore_errors: yes
   
     - name: Disble SELINUX in env
-      shell: setenforce 0 
+      shell: setenforce 0 2> /dev/null
       ignore_errors: yes
       debugger: never
       
diff --git a/app/scripts/waf.sh b/app/scripts/waf.sh
index 208730e3..3c195226 100644
--- a/app/scripts/waf.sh
+++ b/app/scripts/waf.sh
@@ -143,6 +143,8 @@ sudo sed -i 's/#SecAction/SecAction/' $HAPROXY_PATH/waf/rules/modsecurity_crs_10
 sudo sed -i 's/SecRuleEngine DetectionOnly/SecRuleEngine On/' $HAPROXY_PATH/waf/modsecurity.conf
 sudo sed -i 's/SecAuditLogParts ABIJDEFHZ/SecAuditLogParts ABIJDEH/' $HAPROXY_PATH/waf/modsecurity.conf
 sudo rm -f /tmp/owasp.tar.gz
+sudo rm -f /tmp/owasp-modsecurity-crs-2.2.9
+sudo rm -f /tmp/haproxy-$VERSION
 
 sudo bash -c cat << EOF > /tmp/waf.service 
 [Unit]