From 8d615e9a514240cd56f1a4cb4abc6cbae47f9d9a Mon Sep 17 00:00:00 2001 From: Pavel Loginov Date: Sun, 22 May 2022 23:54:47 +0300 Subject: [PATCH] v6.0.2.0 Changelog: https://roxy-wi.org/changelog.py#6_0_2 --- app/add.py | 26 ++++---- app/create_db.py | 105 +++++++++++++++--------------- app/funct.py | 128 ++++++++++++++++++------------------ app/hapservers.py | 38 +++++------ app/history.py | 37 ++++++----- app/nettools.py | 5 +- app/options.py | 42 ++++++------ app/sql.py | 161 +++++++++++++++++++++++----------------------- 8 files changed, 270 insertions(+), 272 deletions(-) diff --git a/app/add.py b/app/add.py index 1e9f9eae..c93d05ad 100644 --- a/app/add.py +++ b/app/add.py @@ -16,11 +16,11 @@ funct.check_login(service=1) funct.page_for_admin(level=3) if ( - form.getvalue('mode') is None and - form.getvalue('new_userlist') is None and - form.getvalue('peers-name') is None and - form.getvalue('generateconfig') is None - ): + form.getvalue('mode') is None and + form.getvalue('new_userlist') is None and + form.getvalue('peers-name') is None and + form.getvalue('generateconfig') is None +): try: user, user_id, role, token, servers, user_services = funct.get_users_params(haproxy=1) cookie = http.cookies.SimpleCookie(os.environ.get("HTTP_COOKIE")) @@ -154,7 +154,7 @@ elif form.getvalue('mode') is not None: if form.getvalue('option') is not None: options = form.getvalue('option') i = options.split("\n") - for j in i: + for j in i: options_split += " " + j + "\n" if force_close == "1": @@ -262,7 +262,7 @@ elif form.getvalue('mode') is not None: default_server = ' default-server ' + observe + error_limit + circuit_breaking_on_error + '\n' servers_split += default_server - if form.getvalue('servers') is not None: + if form.getvalue('servers') is not None: servers = form.getlist('servers') server_port = form.getlist('server_port') send_proxy = form.getlist('send_proxy') @@ -337,27 +337,27 @@ elif form.getvalue('mode') is not None: if form.getvalue('new_userlist') is not None: name = "userlist "+form.getvalue('new_userlist') + "\n" - new_userlist_groups = "" - if form.getvalue('userlist-group') is not None: + new_userlist_groups = "" + if form.getvalue('userlist-group') is not None: groups = form.getlist('userlist-group') for group in groups: new_userlist_groups += " group " + group + "\n" - new_users_list = "" - if form.getvalue('userlist-user') is not None: + new_users_list = "" + if form.getvalue('userlist-user') is not None: users = form.getlist('userlist-user') passwords = form.getlist('userlist-password') userlist_user_group = form.getlist('userlist-user-group') i = 0 for user in users: - try: + try: group = ' groups '+userlist_user_group[i] except Exception: group = '' new_users_list += " user "+user+" insecure-password " + passwords[i] + group + "\n" i += 1 - + config_add = "\n" + name + new_userlist_groups + new_users_list if form.getvalue('peers-name') is not None: diff --git a/app/create_db.py b/app/create_db.py index dab7601e..e0f7be32 100644 --- a/app/create_db.py +++ b/app/create_db.py @@ -13,94 +13,94 @@ def default_values(): {'param': 'time_zone', 'value': 'UTC', 'section': 'main', 'desc': 'Time Zone', 'group': '1'}, {'param': 'proxy', 'value': '', 'section': 'main', 'desc': 'IP address and port of the proxy server. Use proto://ip:port', 'group': '1'}, {'param': 'session_ttl', 'value': '5', 'section': 'main', 'desc': 'TTL for a user session (in days)', - 'group': '1'}, + 'group': '1'}, {'param': 'token_ttl', 'value': '5', 'section': 'main', 'desc': 'TTL for a user token (in days)', - 'group': '1'}, + 'group': '1'}, {'param': 'tmp_config_path', 'value': '/tmp/', 'section': 'main', - 'desc': 'Path to the temporary directory. A valid path should be specified as the value of this parameter. The directory must be owned by the user specified in SSH settings', - 'group': '1'}, + 'desc': 'Path to the temporary directory. A valid path should be specified as the value of this parameter. The directory must be owned by the user specified in SSH settings', + 'group': '1'}, {'param': 'cert_path', 'value': '/etc/ssl/certs/', 'section': 'main', - 'desc': 'Path to SSL dir. Folder owner must be a user which set in the SSH settings. Path must exist', - 'group': '1'}, + 'desc': 'Path to SSL dir. Folder owner must be a user which set in the SSH settings. Path must exist', + 'group': '1'}, {'param': 'ssl_local_path', 'value': 'certs', 'section': 'main', - 'desc': 'Path to the directory with the saved local SSL certificates. The value of this parameter is specified as a relative path beginning with $HOME_ROXY_WI/app/', - 'group': '1'}, + 'desc': 'Path to the directory with the saved local SSL certificates. The value of this parameter is specified as a relative path beginning with $HOME_ROXY_WI/app/', + 'group': '1'}, {'param': 'lists_path', 'value': 'lists', 'section': 'main', - 'desc': 'Path to the black and the wild list. The value of this paramer should be specified as a relative path beginning with $HOME_ROXY-WI', - 'group': '1'}, + 'desc': 'Path to the black and the wild list. The value of this paramer should be specified as a relative path beginning with $HOME_ROXY-WI', + 'group': '1'}, {'param': 'haproxy_path_logs', 'value': '/var/log/haproxy/', 'section': 'haproxy', - 'desc': 'The path for HAProxy logs', 'group': '1'}, + 'desc': 'The path for HAProxy logs', 'group': '1'}, {'param': 'syslog_server_enable', 'value': '0', 'section': 'logs', - 'desc': 'Enable getting logs from a syslog server; (0 - no, 1 - yes)', 'group': '1'}, + 'desc': 'Enable getting logs from a syslog server; (0 - no, 1 - yes)', 'group': '1'}, {'param': 'syslog_server', 'value': '', 'section': 'logs', 'desc': 'IP address of the syslog_server', - 'group': '1'}, + 'group': '1'}, {'param': 'log_time_storage', 'value': '14', 'section': 'logs', - 'desc': 'Retention period for user activity logs (in days)', 'group': '1'}, + 'desc': 'Retention period for user activity logs (in days)', 'group': '1'}, {'param': 'stats_user', 'value': 'admin', 'section': 'haproxy', 'desc': 'Username for accessing HAProxy stats page', - 'group': '1'}, + 'group': '1'}, {'param': 'stats_password', 'value': 'password', 'section': 'haproxy', - 'desc': 'Password for accessing HAProxy stats page', 'group': '1'}, + 'desc': 'Password for accessing HAProxy stats page', 'group': '1'}, {'param': 'stats_port', 'value': '8085', 'section': 'haproxy', 'desc': 'Port for HAProxy stats page', - 'group': '1'}, + 'group': '1'}, {'param': 'stats_page', 'value': 'stats', 'section': 'haproxy', 'desc': 'URI for HAProxy stats page', - 'group': '1'}, + 'group': '1'}, {'param': 'haproxy_dir', 'value': '/etc/haproxy', 'section': 'haproxy', 'desc': 'Path to the HAProxy directory', - 'group': '1'}, + 'group': '1'}, {'param': 'haproxy_config_path', 'value': '/etc/haproxy/haproxy.cfg', 'section': 'haproxy', 'desc': 'Path to the HAProxy configuration file', - 'group': '1'}, + 'group': '1'}, {'param': 'server_state_file', 'value': '/etc/haproxy/haproxy.state', 'section': 'haproxy', 'desc': 'Path to the HAProxy state file', - 'group': '1'}, + 'group': '1'}, {'param': 'haproxy_sock', 'value': '/var/run/haproxy.sock', 'section': 'haproxy', - 'desc': 'Socket port for HAProxy', 'group': '1'}, + 'desc': 'Socket port for HAProxy', 'group': '1'}, {'param': 'haproxy_sock_port', 'value': '1999', 'section': 'haproxy', 'desc': 'HAProxy sock port', - 'group': '1'}, + 'group': '1'}, {'param': 'apache_log_path', 'value': '/var/log/'+apache_dir+'/', 'section': 'logs', 'desc': 'Path to Apache logs', - 'group': '1'}, + 'group': '1'}, {'param': 'nginx_path_logs', 'value': '/var/log/nginx/', 'section': 'nginx', - 'desc': 'The path for NGINX logs', 'group': '1'}, + 'desc': 'The path for NGINX logs', 'group': '1'}, {'param': 'nginx_stats_user', 'value': 'admin', 'section': 'nginx', 'desc': 'Username for accessing NGINX stats page', - 'group': '1'}, + 'group': '1'}, {'param': 'nginx_stats_password', 'value': 'password', 'section': 'nginx', - 'desc': 'Password for Stats web page NGINX', 'group': '1'}, + 'desc': 'Password for Stats web page NGINX', 'group': '1'}, {'param': 'nginx_stats_port', 'value': '8086', 'section': 'nginx', 'desc': 'Stats port for web page NGINX', - 'group': '1'}, + 'group': '1'}, {'param': 'nginx_stats_page', 'value': 'stats', 'section': 'nginx', 'desc': 'URI Stats for web page NGINX', - 'group': '1'}, + 'group': '1'}, {'param': 'nginx_dir', 'value': '/etc/nginx/', 'section': 'nginx', - 'desc': 'Path to the NGINX directory with config files', 'group': '1'}, + 'desc': 'Path to the NGINX directory with config files', 'group': '1'}, {'param': 'nginx_config_path', 'value': '/etc/nginx/nginx.conf', 'section': 'nginx', - 'desc': 'Path to the main NGINX configuration file', 'group': '1'}, + 'desc': 'Path to the main NGINX configuration file', 'group': '1'}, {'param': 'ldap_enable', 'value': '0', 'section': 'ldap', 'desc': 'Enable LDAP (1 - yes, 0 - no)', - 'group': '1'}, + 'group': '1'}, {'param': 'ldap_server', 'value': '', 'section': 'ldap', 'desc': 'IP address of the LDAP server', 'group': '1'}, {'param': 'ldap_port', 'value': '389', 'section': 'ldap', 'desc': 'LDAP port (port 389 or 636 is used by default)', - 'group': '1'}, + 'group': '1'}, {'param': 'ldap_user', 'value': '', 'section': 'ldap', - 'desc': 'LDAP username. Format: user@domain.com', 'group': '1'}, + 'desc': 'LDAP username. Format: user@domain.com', 'group': '1'}, {'param': 'ldap_password', 'value': '', 'section': 'ldap', 'desc': 'LDAP password', 'group': '1'}, {'param': 'ldap_base', 'value': '', 'section': 'ldap', 'desc': 'Base domain. Example: dc=domain, dc=com', - 'group': '1'}, + 'group': '1'}, {'param': 'ldap_domain', 'value': '', 'section': 'ldap', 'desc': 'LDAP domain for logging in', 'group': '1'}, {'param': 'ldap_class_search', 'value': 'user', 'section': 'ldap', 'desc': 'Class for searching the user', - 'group': '1'}, + 'group': '1'}, {'param': 'ldap_user_attribute', 'value': 'sAMAccountName', 'section': 'ldap', - 'desc': 'Attribute to search users by', 'group': '1'}, + 'desc': 'Attribute to search users by', 'group': '1'}, {'param': 'ldap_search_field', 'value': 'mail', 'section': 'ldap', 'desc': 'User\'s email address', 'group': '1'}, {'param': 'ldap_type', 'value': '0', 'section': 'ldap', 'desc': 'Use LDAPS (1 - yes, 0 - no)', 'group': '1'}, {'param': 'smon_check_interval', 'value': '1', 'section': 'monitoring', 'desc': 'Check interval for SMON (in minutes)', - 'group': '1'}, + 'group': '1'}, {'param': 'port_scan_interval', 'value': '5', 'section': 'monitoring', - 'desc': 'Check interval for Port scanner (in minutes)', 'group': '1'}, + 'desc': 'Check interval for Port scanner (in minutes)', 'group': '1'}, {'param': 'portscanner_keep_history_range', 'value': '14', 'section': 'monitoring', - 'desc': 'Retention period for Port scanner history', 'group': '1'}, + 'desc': 'Retention period for Port scanner history', 'group': '1'}, {'param': 'smon_keep_history_range', 'value': '14', 'section': 'monitoring', - 'desc': 'Retention period for SMON history', 'group': '1'}, + 'desc': 'Retention period for SMON history', 'group': '1'}, {'param': 'checker_keep_history_range', 'value': '14', 'section': 'monitoring', - 'desc': 'Retention period for Checker history', 'group': '1'}, + 'desc': 'Retention period for Checker history', 'group': '1'}, {'param': 'checker_maxconn_threshold', 'value': '90', 'section': 'monitoring', - 'desc': 'Threshold value for alerting, in %', 'group': '1'}, + 'desc': 'Threshold value for alerting, in %', 'group': '1'}, {'param': 'checker_check_interval', 'value': '1', 'section': 'monitoring', - 'desc': 'Check interval for Checker (in minutes)', 'group': '1'}, + 'desc': 'Check interval for Checker (in minutes)', 'group': '1'}, {'param': 'rabbitmq_host', 'value': '127.0.0.1', 'section': 'rabbitmq', 'desc': 'RabbitMQ-server host', 'group': '1'}, {'param': 'rabbitmq_port', 'value': '5672', 'section': 'rabbitmq', 'desc': 'RabbitMQ-server port', 'group': '1'}, {'param': 'rabbitmq_port', 'value': '5672', 'section': 'rabbitmq', 'desc': 'RabbitMQ-server port', 'group': '1'}, @@ -109,21 +109,21 @@ def default_values(): {'param': 'rabbitmq_user', 'value': 'roxy-wi', 'section': 'rabbitmq', 'desc': 'RabbitMQ-server user', 'group': '1'}, {'param': 'rabbitmq_password', 'value': 'roxy-wi123', 'section': 'rabbitmq', 'desc': 'RabbitMQ-server user password', 'group': '1'}, {'param': 'apache_path_logs', 'value': '/var/log/httpd/', 'section': 'apache', - 'desc': 'The path for Apache logs', 'group': '1'}, + 'desc': 'The path for Apache logs', 'group': '1'}, {'param': 'apache_stats_user', 'value': 'admin', 'section': 'apache', - 'desc': 'Username for accessing Apache stats page', 'group': '1'}, + 'desc': 'Username for accessing Apache stats page', 'group': '1'}, {'param': 'apache_stats_password', 'value': 'password', 'section': 'apache', - 'desc': 'Password for Apache stats webpage', 'group': '1'}, + 'desc': 'Password for Apache stats webpage', 'group': '1'}, {'param': 'apache_stats_port', 'value': '8087', 'section': 'apache', 'desc': 'Stats port for webpage Apache', - 'group': '1'}, + 'group': '1'}, {'param': 'apache_stats_page', 'value': 'stats', 'section': 'apache', 'desc': 'URI Stats for webpage Apache', - 'group': '1'}, + 'group': '1'}, {'param': 'apache_dir', 'value': '/etc/httpd/', 'section': 'apache', - 'desc': 'Path to the Apache directory with config files', 'group': '1'}, + 'desc': 'Path to the Apache directory with config files', 'group': '1'}, {'param': 'apache_config_path', 'value': '/etc/httpd/conf/httpd.conf', 'section': 'apache', - 'desc': 'Path to the main Apache configuration file', 'group': '1'}, + 'desc': 'Path to the main Apache configuration file', 'group': '1'}, {'param': 'apache_container_name', 'value': 'apache', 'section': 'apache', - 'desc': 'Docker container name for Apache service', 'group': '1'}, + 'desc': 'Docker container name for Apache service', 'group': '1'}, ] try: Setting.insert_many(data_source).on_conflict_ignore().execute() @@ -626,7 +626,6 @@ def update_db_v_5_3_1(**kwargs): print("Updating... DB has been updated to version 5.3.1") - def update_db_v_5_3_2_2(**kwargs): cursor = conn.cursor() sql = """ diff --git a/app/funct.py b/app/funct.py index ac376d56..5a62a47e 100644 --- a/app/funct.py +++ b/app/funct.py @@ -10,8 +10,8 @@ def is_ip_or_dns(server_from_request: str) -> str: dns_regex = "^(?!-)[A-Za-z0-9-]+([\\-\\.]{1}[a-z0-9]+)*\\.[A-Za-z]{2,6}$" try: if server_from_request in ('roxy-wi-checker', 'roxy-wi-keep_alive', 'roxy-wi-keep-alive', 'roxy-wi-metrics', - 'roxy-wi-portscanner', 'roxy-wi-smon', 'roxy-wi-socket', - 'fail2ban', 'prometheus', 'all', 'grafana-server', 'rabbitmq-server'): + 'roxy-wi-portscanner', 'roxy-wi-smon', 'roxy-wi-socket', 'fail2ban', 'prometheus', + 'all', 'grafana-server', 'rabbitmq-server'): return server_from_request if re.match(ip_regex, server_from_request): return server_from_request @@ -182,8 +182,8 @@ def logging(server_ip, action, **kwargs): log.close() except IOError as e: print('
Cannot write log. Please check log_path in config %e
' % e) - - + + def keep_action_history(service: str, action: str, server_ip: str, login: str, user_ip: str): import sql try: @@ -419,12 +419,12 @@ def ssh_connect(server_ip): def get_config(server_ip, cfg, **kwargs): import sql - if kwargs.get("keepalived") or kwargs.get("service") == 'keepalived': + if kwargs.get("keepalived") or kwargs.get("service") == 'keepalived': config_path = "/etc/keepalived/keepalived.conf" elif (kwargs.get("nginx") or kwargs.get("service") == 'nginx' or - kwargs.get("apache") or kwargs.get("service") == 'apache'): + kwargs.get("apache") or kwargs.get("service") == 'apache'): config_path = kwargs.get('config_file_name') - elif kwargs.get("waf") or kwargs.get("service") == 'waf': + elif kwargs.get("waf") or kwargs.get("service") == 'waf': config_path = sql.get_setting('haproxy_dir') + '/waf/rules/' + kwargs.get("waf_rule_file") else: config_path = sql.get_setting('haproxy_config_path') @@ -472,7 +472,7 @@ def diff_config(oldcfg, cfg, **kwargs): if kwargs.get('return_diff'): for line in output: - diff += line + "\n" + diff += line + "\n" return diff else: for line in output: @@ -485,8 +485,8 @@ def diff_config(oldcfg, cfg, **kwargs): except IOError: print('
Can\'t read write change to log. %s
' % stderr) pass - - + + def get_remote_sections(server_ip: str, service: str) -> str: import sql remote_dir = service+'_dir' @@ -496,13 +496,13 @@ def get_remote_sections(server_ip: str, service: str) -> str: section_name = 'server_name' commands = [ 'sudo grep {} {}* -R |grep -v \'${}\|#\'|awk \'{{print $1, $3}}\''.format(section_name, config_dir, - section_name)] + section_name)] elif service == 'apache': section_name = 'ServerName' commands = [ 'sudo grep {} {}*/*.conf -R |grep -v \'${}\|#\'|awk \'{{print $1, $3}}\''.format(section_name, config_dir, - section_name)] + section_name)] backends = ssh_command(server_ip, commands) @@ -516,7 +516,7 @@ def get_sections(config, **kwargs): if kwargs.get('service') == 'keepalived': import re ip_pattern = re.compile('\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}') - find_ip = re.findall(ip_pattern,line) + find_ip = re.findall(ip_pattern, line) if find_ip: return_config.append(find_ip[0]) else: @@ -893,8 +893,8 @@ def upload(server_ip, path, file, **kwargs): file = sftp.put(file, full_path) except Exception as e: error = str(e.args) - print('Cannot upload '+file+' to '+full_path+' to server: '+server_ip+' error: '+ error) - logging('localhost', ' Cannot upload '+file+' to '+full_path+' to server: '+server_ip+' Error: '+ error, haproxywi=1) + print('Cannot upload ' + file + ' to ' + full_path + ' to server: ' + server_ip + ' error: ' + error) + logging('localhost', ' Cannot upload ' + file + ' to ' + full_path + ' to server: ' + server_ip + ' Error: ' + error, haproxywi=1) return error try: @@ -903,7 +903,7 @@ def upload(server_ip, path, file, **kwargs): except Exception as e: error = str(e.args) logging('localhost', error, haproxywi=1) - print('Cannot upload '+file+' to '+full_path+' to server: '+server_ip+' error: '+ error) + print('Cannot upload ' + file + ' to ' + full_path + ' to server: ' + server_ip + ' error: ' + error) return error @@ -947,7 +947,6 @@ def upload_and_restart(server_ip, cfg, **kwargs): if service == 'apache': service_name = get_correct_apache_service_name(server_ip, 0) - reload_command = " && sudo systemctl reload " + service_name restart_command = " && sudo systemctl restart " + service_name @@ -997,7 +996,7 @@ def upload_and_restart(server_ip, cfg, **kwargs): check_config = "sudo docker exec -it exec " + container_name + " nginx -t -q " else: check_config = "sudo apachectl configtest " - check_and_move = "sudo mv -f " + tmp_file + " " + config_path #+ " && " + check_config + check_and_move = "sudo mv -f " + tmp_file + " " + config_path # + " && " + check_config if action == "test": commands = [check_config + " && sudo rm -f " + tmp_file] elif action == "save": @@ -1018,7 +1017,7 @@ def upload_and_restart(server_ip, cfg, **kwargs): elif action == "save": commands = [check_config + move_config] else: - commands = [check_config + move_config + reload_or_restart_command ] + commands = [check_config + move_config + reload_or_restart_command] if sql.return_firewall(server_ip): commands[0] += open_port_firewalld(cfg, server_ip=server_ip) @@ -1075,25 +1074,25 @@ def master_slave_upload_and_restart(server_ip, cfg, just_save, **kwargs): for master in masters: if master[0] is not None: error = upload_and_restart(master[0], - cfg, - just_save=just_save, - nginx=kwargs.get('nginx'), - apache=kwargs.get('apache'), - config_file_name=kwargs.get('config_file_name'), - slave=1) + cfg, + just_save=just_save, + nginx=kwargs.get('nginx'), + apache=kwargs.get('apache'), + config_file_name=kwargs.get('config_file_name'), + slave=1) if kwargs.get('login'): login = kwargs.get('login') else: login = '' error = upload_and_restart(server_ip, - cfg, - just_save=just_save, - nginx=kwargs.get('nginx'), - apache=kwargs.get('apache'), - config_file_name=kwargs.get('config_file_name'), - oldcfg=kwargs.get('oldcfg'), - login=login) + cfg, + just_save=just_save, + nginx=kwargs.get('nginx'), + apache=kwargs.get('apache'), + config_file_name=kwargs.get('config_file_name'), + oldcfg=kwargs.get('oldcfg'), + login=login) return error @@ -1152,7 +1151,7 @@ def check_haproxy_config(server_ip): if is_docker == '1': container_name = sql.get_setting('haproxy_container_name') - commands = [ "sudo docker exec -it " + container_name + " haproxy -q -c -f " + config_path ] + commands = ["sudo docker exec -it " + container_name + " haproxy -q -c -f " + config_path] else: commands = ["haproxy -q -c -f %s" % config_path] @@ -1168,7 +1167,7 @@ def check_haproxy_config(server_ip): def check_nginx_config(server_ip): import sql - commands = [ "nginx -q -t -p {}".format(sql.get_setting('nginx_dir')) ] + commands = ["nginx -q -t -p {}".format(sql.get_setting('nginx_dir'))] ssh = ssh_connect(server_ip) for command in commands: stdin, stdout, stderr = ssh.exec_command(command, get_pty=True) @@ -1647,7 +1646,7 @@ def check_service(server_ip, service_name): def get_service_version(server_ip, service_name): server_ip = is_ip_or_dns(server_ip) if service_name == 'haproxy_exporter': - commands = [ "/opt/prometheus/exporters/haproxy_exporter --version 2>&1 |head -1|awk '{print $3}'"] + commands = ["/opt/prometheus/exporters/haproxy_exporter --version 2>&1 |head -1|awk '{print $3}'"] elif service_name == 'nginx_exporter': commands = ["/opt/prometheus/exporters/nginx_exporter 2>&1 |head -1 |awk -F\"=\" '{print $2}'|awk '{print $1}'"] elif service_name == 'node_exporter': @@ -1666,15 +1665,15 @@ def get_services_status(): services = [] is_in_docker = is_docker() services_name = {'roxy-wi-checker': 'Checker backends master service', - 'roxy-wi-keep_alive': 'Auto start service', - 'roxy-wi-metrics': 'Metrics master service', - 'roxy-wi-portscanner': 'Port scanner service', - 'roxy-wi-smon': 'Simple monitoring network ports', - 'roxy-wi-socket': 'Socket service', - 'prometheus': 'Prometheus service', - 'grafana-server': 'Grafana service', - 'fail2ban': 'Fail2ban service', - 'rabbitmq-server': 'Message broker service'} + 'roxy-wi-keep_alive': 'Auto start service', + 'roxy-wi-metrics': 'Metrics master service', + 'roxy-wi-portscanner': 'Port scanner service', + 'roxy-wi-smon': 'Simple monitoring network ports', + 'roxy-wi-socket': 'Socket service', + 'prometheus': 'Prometheus service', + 'grafana-server': 'Grafana service', + 'fail2ban': 'Fail2ban service', + 'rabbitmq-server': 'Message broker service'} for s, v in services_name.items(): if is_in_docker: cmd = "sudo supervisorctl status " + s + "|awk '{print $2}'" @@ -1762,8 +1761,8 @@ def get_system_info(server_ip: str) -> bool: except Exception: ip = '' network[i['logicalname']] = {'description': i['description'], - 'mac': i['serial'], - 'ip': ip} + 'mac': i['serial'], + 'ip': ip} for k, j in i.items(): if isinstance(j, list): for b in j: @@ -1801,9 +1800,9 @@ def get_system_info(server_ip: str) -> bool: fs = volume_info['configuration']['mount.fstype'] state = volume_info['configuration']['state'] disks[volume_name] = {'mount_point': mount_point, - 'size': size, - 'fs': fs, - 'state': state} + 'size': size, + 'fs': fs, + 'state': state} except Exception: pass @@ -1815,7 +1814,7 @@ def get_system_info(server_ip: str) -> bool: if 'children' in s: for net in s['children']: network[net['logicalname']] = {'description': net['description'], - 'mac': net['serial']} + 'mac': net['serial']} if s['class'] == 'storage': for p, pval in s.items(): if isinstance(pval, list): @@ -1830,9 +1829,9 @@ def get_system_info(server_ip: str) -> bool: fs = volume_info['configuration']['mount.fstype'] state = volume_info['configuration']['state'] disks[volume_name] = {'mount_point': mount_point, - 'size': size, - 'fs': fs, - 'state': state} + 'size': size, + 'fs': fs, + 'state': state} for z, n in s.items(): if isinstance(n, list): for y in n: @@ -1867,9 +1866,9 @@ def get_system_info(server_ip: str) -> bool: fs = q['configuration']['mount.fstype'] state = q['configuration']['state'] disks[volume_name] = {'mount_point': mount_point, - 'size': size, - 'fs': fs, - 'state': state} + 'size': size, + 'fs': fs, + 'state': state} except Exception as e: print(e) except Exception: @@ -1937,6 +1936,7 @@ def get_system_info(server_ip: str) -> bool: else: return False + def string_to_dict(dict_string) -> dict: from ast import literal_eval return literal_eval(dict_string) @@ -1957,16 +1957,14 @@ def send_message_to_rabbit(message: str, **kwargs) -> None: credentials = pika.PlainCredentials(rabbit_user, rabbit_password) parameters = pika.ConnectionParameters(rabbit_host, - rabbit_port, - rabbit_vhost, - credentials) + rabbit_port, + rabbit_vhost, + credentials) connection = pika.BlockingConnection(parameters) channel = connection.channel() channel.queue_declare(queue=rabbit_queue) - channel.basic_publish(exchange='', - routing_key=rabbit_queue, - body=message) + channel.basic_publish(exchange='', routing_key=rabbit_queue, body=message) connection.close() @@ -2008,10 +2006,12 @@ def get_correct_apache_service_name(server_ip=0, server_id=0) -> str: def is_docker() -> bool: - import os, re + import os + import re path = "/proc/self/cgroup" - if not os.path.isfile(path): return False + if not os.path.isfile(path): + return False with open(path) as f: for line in f: if re.match("\d+:[\w=]+:/docker(-[ce]e)?/\w+", line): diff --git a/app/hapservers.py b/app/hapservers.py index 93aa719f..a8f97631 100644 --- a/app/hapservers.py +++ b/app/hapservers.py @@ -1,7 +1,9 @@ #!/usr/bin/env python3 +import distro + import funct import sql -import distro + from jinja2 import Environment, FileSystemLoader env = Environment(loader=FileSystemLoader('templates/'), autoescape=True) @@ -122,7 +124,7 @@ for s in servers: servers_with_status.append(h) servers_with_status.append(s[17]) elif service == 'keepalived': - h = (['',''],) + h = (['', ''],) cmd = [ "/usr/sbin/keepalived -v 2>&1|head -1|awk '{print $2}' && systemctl status keepalived |grep -e 'Active' |awk '{print $2, $9$10$11$12$13}' && ps ax |grep keepalived|grep -v grep |wc -l"] try: @@ -139,7 +141,7 @@ for s in servers: servers_with_status.append(h) servers_with_status.append(s[22]) elif service == 'apache': - h = (['',''],) + h = (['', ''],) apache_stats_user = sql.get_setting('apache_stats_user') apache_stats_password = sql.get_setting('apache_stats_password') apache_stats_port = sql.get_setting('apache_stats_port') @@ -174,7 +176,7 @@ for s in servers: if is_keepalived: try: - cmd = ['sudo kill -USR1 `cat /var/run/keepalived.pid` && sudo grep State /tmp/keepalived.data -m 1 |awk -F"=" \'{print $2}\'|tr -d \'[:space:]\' && sudo rm -f /tmp/keepalived.data' ] + cmd = ['sudo kill -USR1 `cat /var/run/keepalived.pid` && sudo grep State /tmp/keepalived.data -m 1 |awk -F"=" \'{print $2}\'|tr -d \'[:space:]\' && sudo rm -f /tmp/keepalived.data'] out = funct.ssh_command(s[2], cmd) out1 = ('1', out) servers_with_status.append(out1) @@ -192,18 +194,18 @@ except Exception as e: funct.logging('localhost', 'Cannot get a user plan: ' + str(e), haproxywi=1) template = template.render(h2=1, - autorefresh=autorefresh, - title=title, - role=role, - user=user, - servers=servers_with_status1, - keep_alive=''.join(keep_alive), - serv=serv, - service=service, - services=services, - user_services=user_services, - service_settings=service_settings, - user_status=user_status, - user_plan=user_plan, - token=token) + autorefresh=autorefresh, + title=title, + role=role, + user=user, + servers=servers_with_status1, + keep_alive=''.join(keep_alive), + serv=serv, + service=service, + services=services, + user_services=user_services, + service_settings=service_settings, + user_status=user_status, + user_plan=user_plan, + token=token) print(template) diff --git a/app/history.py b/app/history.py index 5b8b616b..7d9f950f 100644 --- a/app/history.py +++ b/app/history.py @@ -10,9 +10,10 @@ print('Content-type: text/html\n') funct.check_login() try: - user, user_id, role, token, servers, user_services = funct.get_users_params() + user, user_id, role, token, servers, user_services \ + = funct.get_users_params() services = [] -except: +except Exception: pass form = funct.form @@ -27,28 +28,32 @@ if service == 'nginx': if serv: if funct.check_is_server_in_group(serv): server_id = sql.select_server_id_by_ip(serv) - history = sql.select_action_history_by_server_id_and_service(server_id, service) + history = sql.select_action_history_by_server_id_and_service(server_id, + service) elif service == 'keepalived': if funct.check_login(service=3): title = 'Keepalived service history' if serv: if funct.check_is_server_in_group(serv): server_id = sql.select_server_id_by_ip(serv) - history = sql.select_action_history_by_server_id_and_service(server_id, service) + history = sql.select_action_history_by_server_id_and_service(server_id, + service) elif service == 'apache': if funct.check_login(service=4): title = 'Apache service history' if serv: if funct.check_is_server_in_group(serv): server_id = sql.select_server_id_by_ip(serv) - history = sql.select_action_history_by_server_id_and_service(server_id, service) + history = sql.select_action_history_by_server_id_and_service(server_id, + service) elif service == 'haproxy': if funct.check_login(service=1): title = "HAProxy service history" if serv: if funct.check_is_server_in_group(serv): server_id = sql.select_server_id_by_ip(serv) - history = sql.select_action_history_by_server_id_and_service(server_id, service) + history = sql.select_action_history_by_server_id_and_service(server_id, + service) elif service == 'server': if serv: title = serv + ' history' @@ -63,14 +68,14 @@ elif service == 'user': users = sql.select_users() template = template.render(h2=1, - autorefresh=0, - title=title, - role=role, - user=user, - users=users, - serv=serv, - service=service, - history=history, - user_services=user_services, - token=token) + autorefresh=0, + title=title, + role=role, + user=user, + users=users, + serv=serv, + service=service, + history=history, + user_services=user_services, + token=token) print(template) \ No newline at end of file diff --git a/app/nettools.py b/app/nettools.py index 7950af2f..8272eac5 100644 --- a/app/nettools.py +++ b/app/nettools.py @@ -9,7 +9,8 @@ print('Content-type: text/html\n') funct.check_login() try: - user, user_id, role, token, servers, user_services = funct.get_users_params(virt=1) + user, user_id, role, token, servers, user_services \ + = funct.get_users_params(virt=1) except Exception: pass @@ -22,4 +23,4 @@ output_from_parsed_template = template.render(h2=1, autorefresh=0, versions=funct.versions(), user_services=user_services, token=token) -print(output_from_parsed_template) \ No newline at end of file +print(output_from_parsed_template) diff --git a/app/options.py b/app/options.py index e3a5b90f..22976eff 100644 --- a/app/options.py +++ b/app/options.py @@ -597,7 +597,7 @@ if act == "overview": haproxy = sql.select_haproxy(serv) if '1' in user_services else 0 nginx = sql.select_nginx(serv) if '2' in user_services else 0 keepalived = sql.select_keepalived(serv) if '3' in user_services else 0 - apache = sql.select_apache(serv) if '4' in user_services else 0 + apache = sql.select_apache(serv) if '4' in user_services else 0 waf = sql.select_waf_servers(serv2) haproxy_process = '' @@ -646,7 +646,6 @@ if act == "overview": apache_process) return server_status - async def get_runner_overview(): env = Environment(loader=FileSystemLoader('templates/ajax'), autoescape=True, extensions=['jinja2.ext.loopcontrols', 'jinja2.ext.do']) @@ -663,7 +662,6 @@ if act == "overview": template = template.render(service_status=servers_sorted, role=sql.get_user_role_by_uuid(user_uuid.value)) print(template) - ioloop = asyncio.get_event_loop() ioloop.run_until_complete(get_runner_overview()) ioloop.close() @@ -673,7 +671,7 @@ if act == "overviewwaf": from jinja2 import Environment, FileSystemLoader env = Environment(loader=FileSystemLoader('templates/ajax'), autoescape=True, - extensions=['jinja2.ext.loopcontrols', 'jinja2.ext.do']) + extensions=['jinja2.ext.loopcontrols', 'jinja2.ext.do']) template = env.get_template('overivewWaf.html') servers = sql.select_servers(server=serv) @@ -728,7 +726,6 @@ if act == "overviewwaf": if act == "overviewServers": import asyncio - async def async_get_overviewServers(serv1, serv2, service): if service == 'haproxy': cmd = 'echo "show info" |nc %s %s -w 1|grep -e "node\|Nbproc\|Maxco\|MB\|Nbthread"' % (serv2, sql.get_setting('haproxy_sock_port')) @@ -748,7 +745,6 @@ if act == "overviewServers": server_status = (serv1, serv2, return_out) return server_status - async def get_runner_overviewServers(**kwargs): import http.cookies from jinja2 import Environment, FileSystemLoader @@ -769,7 +765,6 @@ if act == "overviewServers": template = template.render(service_status=servers_sorted, role=role, id=kwargs.get('id'), service_page=service) print(template) - server_id = form.getvalue('id') name = form.getvalue('name') service = form.getvalue('service') @@ -1703,9 +1698,9 @@ if form.getvalue('git_backup'): branch = 'main' commands = ["chmod +x " + script + " && ./" + script + " HOST=" + server_ip + " DELJOB=" + deljob + - " SERVICE=" + service_name + " INIT=" + git_init + " SSH_PORT=" + ssh_port + " PERIOD=" + period + - " REPO=" + repo + " BRANCH=" + branch + " CONFIG_DIR=" + service_config_dir + - " PROXY=" + proxy_serv + " USER=" + str(ssh_user_name) + " KEY=" + str(ssh_key_name)] + " SERVICE=" + service_name + " INIT=" + git_init + " SSH_PORT=" + ssh_port + " PERIOD=" + period + + " REPO=" + repo + " BRANCH=" + branch + " CONFIG_DIR=" + service_config_dir + + " PROXY=" + proxy_serv + " USER=" + str(ssh_user_name) + " KEY=" + str(ssh_key_name)] output, error = funct.subprocess_execute(commands[0]) @@ -2129,7 +2124,6 @@ if form.getvalue('newuser') is not None: group = form.getvalue('newgroupuser') role_id = sql.get_role_id_by_name(role) - if funct.check_user_group(): if funct.is_admin(level=role_id): if sql.add_user(new_user, email, password, role, activeuser, group): @@ -2341,7 +2335,7 @@ if form.getvalue('newgroup') is not None: output_from_parsed_template = template.render(groups=sql.select_groups(group=newgroup)) print(output_from_parsed_template) - funct.logging('localhost','A new group ' + newgroup + ' has been created', haproxywi=1, login=1) + funct.logging('localhost', 'A new group ' + newgroup + ' has been created', haproxywi=1, login=1) if form.getvalue('groupdel') is not None: groupdel = form.getvalue('groupdel') @@ -2387,7 +2381,7 @@ if form.getvalue('new_ssh'): output_from_parsed_template = template.render(groups=sql.select_groups(), sshs=sql.select_ssh(name=name), page=page) print(output_from_parsed_template) - funct.logging('localhost', 'A new SSH credentials ' + name +' has created', haproxywi=1, login=1) + funct.logging('localhost', 'A new SSH credentials ' + name + ' has created', haproxywi=1, login=1) if form.getvalue('sshdel') is not None: fullpath = funct.get_config_var('main', 'fullpath') @@ -2565,7 +2559,7 @@ if form.getvalue('updatesettings') is not None: settings = form.getvalue('updatesettings') val = form.getvalue('val') if sql.update_setting(settings, val): - funct.logging('localhost', 'The ' + settings +' setting has been changed to: ' + val, haproxywi=1, login=1) + funct.logging('localhost', 'The ' + settings + ' setting has been changed to: ' + val, haproxywi=1, login=1) print("Ok") if form.getvalue('getuserservices'): @@ -2727,7 +2721,6 @@ if form.getvalue('updateSmonIp') is not None: print('SMON error: Cannot be HTTP with 443 port') sys.exit() - if sql.update_smon(smon_id, ip, port, body, telegram, slack, group, desc, en): print("Ok") funct.logging('SMON', ' Has been update the server ' + ip + ' to SMON ', haproxywi=1, login=1) @@ -3496,7 +3489,7 @@ if form.getvalue('awseditworkspace'): cmd = 'cd scripts/terraform/ && sudo terraform workspace select ' + workspace + '_' + group + '_aws' output, stderr = funct.subprocess_execute(cmd) except Exception as e: - print('error: ' +str(e)) + print('error: ' + str(e)) if stderr != '': stderr = stderr.strip() @@ -3509,14 +3502,15 @@ if form.getvalue('awseditworkspace'): print('ok') if ( - form.getvalue('awsprovisining') or - form.getvalue('awseditingprovisining') or - form.getvalue('doprovisining') or - form.getvalue('doeditprovisining') or - form.getvalue('gcoreprovisining') or - form.getvalue('gcoreeditgprovisining') - ): + form.getvalue('awsprovisining') or + form.getvalue('awseditingprovisining') or + form.getvalue('doprovisining') or + form.getvalue('doeditprovisining') or + form.getvalue('gcoreprovisining') or + form.getvalue('gcoreeditgprovisining') +): funct.check_user_group() + if form.getvalue('awsprovisining'): workspace = form.getvalue('awsprovisining') group = form.getvalue('aws_create_group') @@ -3923,7 +3917,7 @@ if form.getvalue('loadopenvpn'): if ( (stdout[0] != 'package openvpn3-client is not installed' and stderr != '/bin/sh: rpm: command not found') and stdout[0] != 'E: No packages found' - ): + ): cmd = "sudo openvpn3 configs-list |grep -E 'ovpn|(^|[^0-9])[0-9]{4}($|[^0-9])' |grep -v net|awk -F\" \" '{print $1}'|awk 'ORS=NR%2?\" \":\"\\n\"'" openvpn_configs, stderr = funct.subprocess_execute(cmd) cmd = "sudo openvpn3 sessions-list|grep -E 'Config|Status'|awk -F\":\" '{print $2}'|awk 'ORS=NR%2?\" \":\"\\n\"'| sed 's/^ //g'" diff --git a/app/sql.py b/app/sql.py index a43274bc..5457e920 100755 --- a/app/sql.py +++ b/app/sql.py @@ -386,14 +386,12 @@ def select_user_groups_with_names(user_id, **kwargs): if kwargs.get("all") is not None: query = (UserGroups .select(UserGroups.user_group_id, UserGroups.user_id, Groups.name) - .join(Groups, on=(UserGroups.user_group_id == Groups.group_id)) - ) + .join(Groups, on=(UserGroups.user_group_id == Groups.group_id))) else: query = (UserGroups .select(UserGroups.user_group_id, Groups.name) .join(Groups, on=(UserGroups.user_group_id == Groups.group_id)) - .where(UserGroups.user_id == user_id) - ) + .where(UserGroups.user_id == user_id)) try: query_res = query.execute() except Exception as e: @@ -501,10 +499,10 @@ def select_servers(**kwargs): if kwargs.get("get_master_servers") is not None: sql = """select id,hostname from servers where master = 0 and type_ip = 0 and enable = 1 ORDER BY groups """ if kwargs.get("get_master_servers") is not None and kwargs.get('uuid') is not None: - sql = """ select servers.id, servers.hostname from servers - left join user as user on servers.groups = user.groups - left join uuid as uuid on user.id = uuid.user_id - where uuid.uuid = '{}' and servers.master = 0 and servers.type_ip = 0 and servers.enable = 1 ORDER BY servers.groups + sql = """ select servers.id, servers.hostname from servers + left join user as user on servers.groups = user.groups + left join uuid as uuid on user.id = uuid.user_id + where uuid.uuid = '{}' and servers.master = 0 and servers.type_ip = 0 and servers.enable = 1 ORDER BY servers.groups """.format(kwargs.get('uuid')) if kwargs.get("id"): sql = """select * from servers where id='{}' """.format(kwargs.get("id")) @@ -833,13 +831,13 @@ def get_dick_permit(**kwargs): def is_master(ip, **kwargs): cursor = conn.cursor() if kwargs.get('master_slave'): - sql = """ select master.hostname, master.ip, slave.hostname, slave.ip - from servers as master - left join servers as slave on master.id = slave.master + sql = """ select master.hostname, master.ip, slave.hostname, slave.ip + from servers as master + left join servers as slave on master.id = slave.master where slave.master > 0 """ else: - sql = """ select slave.ip, slave.hostname from servers as master - left join servers as slave on master.id = slave.master + sql = """ select slave.ip, slave.hostname from servers as master + left join servers as slave on master.id = slave.master where master.ip = '%s' """ % ip try: cursor.execute(sql) @@ -1055,6 +1053,7 @@ def update_slack(token, chanel, group, slack_id): else: return True + def insert_new_option(saved_option, group): try: Option.insert(options=saved_option, groups=group).execute() @@ -1602,7 +1601,7 @@ def select_table_metrics(): where servers.metrics = 1 and metr.date <= now() and metr.date >= DATE_ADD(NOW(), INTERVAL -3 DAY) group by servers.ip ) as avg_sess_3d, - + (select servers.ip,max(metr.sess_rate) as max_sess_1h from servers left join metrics as metr on metr.serv = servers.ip where servers.metrics = 1 and @@ -1632,13 +1631,13 @@ def select_table_metrics(): where servers.metrics = 1 and metr.date <= now() and metr.date >= DATE_ADD(NOW(),INTERVAL -24 HOUR) group by servers.ip) as avg_cur_24h, - - (select servers.ip,round(avg(metr.curr_con+metr.cur_ssl_con), 1) as avg_cur_3d from servers - left join metrics as metr on metr.serv = servers.ip - where servers.metrics = 1 and + + (select servers.ip,round(avg(metr.curr_con+metr.cur_ssl_con), 1) as avg_cur_3d from servers + left join metrics as metr on metr.serv = servers.ip + where servers.metrics = 1 and metr.date <= now() and metr.date >= DATE_ADD(NOW(),INTERVAL -3 DAY) group by servers.ip ) as avg_cur_3d, - + (select servers.ip,max(metr.curr_con) as max_con_1h from servers left join metrics as metr on metr.serv = servers.ip where servers.metrics = 1 and @@ -1655,8 +1654,8 @@ def select_table_metrics(): left join metrics as metr on metr.serv = servers.ip where servers.metrics = 1 and metr.date <= now() and metr.date >= DATE_ADD(NOW(),INTERVAL -3 DAY) - group by servers.ip ) as max_con_3d - + group by servers.ip ) as max_con_3d + where ip.ip=hostname.ip and ip.ip=avg_sess_1h.ip and ip.ip=avg_sess_24h.ip @@ -1679,77 +1678,77 @@ def select_table_metrics(): (select servers.ip, servers.hostname as hostname from servers left join metrics as metr on servers.ip = metr.serv where servers.metrics = 1 %s) as hostname, - (select servers.ip,round(avg(metr.sess_rate), 1) as avg_sess_1h from servers - left join metrics as metr on metr.serv = servers.ip - where servers.metrics = 1 and + (select servers.ip,round(avg(metr.sess_rate), 1) as avg_sess_1h from servers + left join metrics as metr on metr.serv = servers.ip + where servers.metrics = 1 and metr.date <= datetime('now', 'localtime') and metr.date >= datetime('now', '-1 hours', 'localtime') group by servers.ip) as avg_sess_1h, - (select servers.ip,round(avg(metr.sess_rate), 1) as avg_sess_24h from servers - left join metrics as metr on metr.serv = servers.ip - where servers.metrics = 1 and + (select servers.ip,round(avg(metr.sess_rate), 1) as avg_sess_24h from servers + left join metrics as metr on metr.serv = servers.ip + where servers.metrics = 1 and metr.date <= datetime('now', 'localtime') and metr.date >= datetime('now', '-24 hours', 'localtime') - group by servers.ip) as avg_sess_24h, + group by servers.ip) as avg_sess_24h, - (select servers.ip,round(avg(metr.sess_rate), 1) as avg_sess_3d from servers - left join metrics as metr on metr.serv = servers.ip - where servers.metrics = 1 and - metr.date <= datetime('now', 'localtime') and metr.date >= datetime('now', '-3 days', 'localtime') + (select servers.ip,round(avg(metr.sess_rate), 1) as avg_sess_3d from servers + left join metrics as metr on metr.serv = servers.ip + where servers.metrics = 1 and + metr.date <= datetime('now', 'localtime') and metr.date >= datetime('now', '-3 days', 'localtime') group by servers.ip ) as avg_sess_3d, - (select servers.ip,max(metr.sess_rate) as max_sess_1h from servers - left join metrics as metr on metr.serv = servers.ip - where servers.metrics = 1 and + (select servers.ip,max(metr.sess_rate) as max_sess_1h from servers + left join metrics as metr on metr.serv = servers.ip + where servers.metrics = 1 and metr.date <= datetime('now', 'localtime') and metr.date >= datetime('now', '-1 hours', 'localtime') group by servers.ip) as max_sess_1h, - (select servers.ip,max(metr.sess_rate) as max_sess_24h from servers - left join metrics as metr on metr.serv = servers.ip - where servers.metrics = 1 and + (select servers.ip,max(metr.sess_rate) as max_sess_24h from servers + left join metrics as metr on metr.serv = servers.ip + where servers.metrics = 1 and metr.date <= datetime('now', 'localtime') and metr.date >= datetime('now', '-24 hours', 'localtime') - group by servers.ip) as max_sess_24h, + group by servers.ip) as max_sess_24h, - (select servers.ip,max(metr.sess_rate) as max_sess_3d from servers - left join metrics as metr on metr.serv = servers.ip - where servers.metrics = 1 and - metr.date <= datetime('now', 'localtime') and metr.date >= datetime('now', '-3 days', 'localtime') + (select servers.ip,max(metr.sess_rate) as max_sess_3d from servers + left join metrics as metr on metr.serv = servers.ip + where servers.metrics = 1 and + metr.date <= datetime('now', 'localtime') and metr.date >= datetime('now', '-3 days', 'localtime') group by servers.ip ) as max_sess_3d, - (select servers.ip,round(avg(metr.curr_con+metr.cur_ssl_con), 1) as avg_cur_1h from servers - left join metrics as metr on metr.serv = servers.ip - where servers.metrics = 1 and + (select servers.ip,round(avg(metr.curr_con+metr.cur_ssl_con), 1) as avg_cur_1h from servers + left join metrics as metr on metr.serv = servers.ip + where servers.metrics = 1 and metr.date <= datetime('now', 'localtime') and metr.date >= datetime('now', '-1 hours', 'localtime') group by servers.ip) as avg_cur_1h, - (select servers.ip,round(avg(metr.curr_con+metr.cur_ssl_con), 1) as avg_cur_24h from servers - left join metrics as metr on metr.serv = servers.ip - where servers.metrics = 1 and + (select servers.ip,round(avg(metr.curr_con+metr.cur_ssl_con), 1) as avg_cur_24h from servers + left join metrics as metr on metr.serv = servers.ip + where servers.metrics = 1 and metr.date <= datetime('now', 'localtime') and metr.date >= datetime('now', '-24 hours', 'localtime') - group by servers.ip) as avg_cur_24h, + group by servers.ip) as avg_cur_24h, - (select servers.ip,round(avg(metr.curr_con+metr.cur_ssl_con), 1) as avg_cur_3d from servers - left join metrics as metr on metr.serv = servers.ip - where servers.metrics = 1 and - metr.date <= datetime('now', 'localtime') and metr.date >= datetime('now', '-3 days', 'localtime') + (select servers.ip,round(avg(metr.curr_con+metr.cur_ssl_con), 1) as avg_cur_3d from servers + left join metrics as metr on metr.serv = servers.ip + where servers.metrics = 1 and + metr.date <= datetime('now', 'localtime') and metr.date >= datetime('now', '-3 days', 'localtime') group by servers.ip ) as avg_cur_3d, - (select servers.ip,max(metr.curr_con) as max_con_1h from servers - left join metrics as metr on metr.serv = servers.ip - where servers.metrics = 1 and + (select servers.ip,max(metr.curr_con) as max_con_1h from servers + left join metrics as metr on metr.serv = servers.ip + where servers.metrics = 1 and metr.date <= datetime('now', 'localtime') and metr.date >= datetime('now', '-1 hours', 'localtime') group by servers.ip) as max_con_1h, - (select servers.ip,max(metr.curr_con) as max_con_24h from servers - left join metrics as metr on metr.serv = servers.ip - where servers.metrics = 1 and + (select servers.ip,max(metr.curr_con) as max_con_24h from servers + left join metrics as metr on metr.serv = servers.ip + where servers.metrics = 1 and metr.date <= datetime('now', 'localtime') and metr.date >= datetime('now', '-24 hours', 'localtime') - group by servers.ip) as max_con_24h, + group by servers.ip) as max_con_24h, - (select servers.ip,max(metr.curr_con) as max_con_3d from servers - left join metrics as metr on metr.serv = servers.ip - where servers.metrics = 1 and - metr.date <= datetime('now', 'localtime') and metr.date >= datetime('now', '-3 days', 'localtime') - group by servers.ip ) as max_con_3d + (select servers.ip,max(metr.curr_con) as max_con_3d from servers + left join metrics as metr on metr.serv = servers.ip + where servers.metrics = 1 and + metr.date <= datetime('now', 'localtime') and metr.date >= datetime('now', '-3 days', 'localtime') + group by servers.ip ) as max_con_3d where ip.ip=hostname.ip and ip.ip=avg_sess_1h.ip @@ -2104,8 +2103,8 @@ def select_smon(user_group, **kwargs): http = kwargs.get('proto')+':'+kwargs.get('uri') except: http = '' - sql = """select id, ip, port, en, http, body, telegram_channel_id, `desc`, `group`, user_group, slack_channel_id from smon - where ip='%s' and port='%s' and http='%s' and body='%s' %s + sql = """select id, ip, port, en, http, body, telegram_channel_id, `desc`, `group`, user_group, slack_channel_id from smon + where ip='%s' and port='%s' and http='%s' and body='%s' %s """ % (kwargs.get('ip'), kwargs.get('port'), http, body, user_group) elif kwargs.get('action') == 'add': sql = """select id, ip, port, en, http, body, telegram_channel_id, `desc`, `group`, user_group, slack_channel_id from smon @@ -2193,7 +2192,6 @@ def select_en_service(): return query_res - def select_status(smon_id): try: query_res = SMON.get(SMON.id == smon_id).status @@ -2316,16 +2314,14 @@ def response_time(time, smon_id): def smon_list(user_group): if user_group == 1: - query = (SMON.select(SMON.ip, SMON.port,SMON.status,SMON.en,SMON.desc,SMON.response_time,SMON.time_state, - SMON.group,SMON.script,SMON.http,SMON.http_status,SMON.body,SMON.body_status) - .order_by(SMON.group) - ) + query = (SMON.select(SMON.ip, SMON.port, SMON.status, SMON.en, SMON.desc, SMON.response_time, SMON.time_state, + SMON.group, SMON.script, SMON.http, SMON.http_status, SMON.body, SMON.body_status) + .order_by(SMON.group)) else: query = (SMON.select(SMON.ip, SMON.port, SMON.status, SMON.en, SMON.desc, SMON.response_time, SMON.time_state, SMON.group, SMON.script, SMON.http, SMON.http_status, SMON.body, SMON.body_status) .where(SMON.user_group == user_group) - .order_by(SMON.group) - ) + .order_by(SMON.group)) try: query_res = query.execute() @@ -2511,7 +2507,7 @@ def delete_ports(serv): def insert_port_scanner_history(serv, port, port_status, service_name): try: PortScannerHistory.insert(serv=serv, port=port, status=port_status, service_name=service_name, - date=funct.get_data('regular')).execute() + date=funct.get_data('regular')).execute() except Exception as e: out_error(e) @@ -2621,7 +2617,7 @@ def add_server_aws(region, instance_type, public_ip, floating_ip, volume_size, s return False -def add_server_gcore(project ,region, instance_type, network_type, network_name, volume_size, ssh_key_name, name, os, +def add_server_gcore(project, region, instance_type, network_type, network_name, volume_size, ssh_key_name, name, os, firewall, provider_id, group_id, status, delete_on_termination, volume_type): try: ProvisionedServers.insert(region=region, instance_type=instance_type, public_ip=network_type, network_name=network_name, @@ -2655,7 +2651,7 @@ def select_aws_server(server_id): prov_serv.volume_size, prov_serv.ssh_key_name, prov_serv.name, prov_serv.os, prov_serv.firewall, prov_serv.provider_id, prov_serv.group_id, prov_serv.id, prov_serv.delete_on_termination, prov_serv.volume_type) - .where(prov_serv.id == server_id)) + .where(prov_serv.id == server_id)) try: query_res = query.execute() except Exception as e: @@ -2766,7 +2762,7 @@ def update_server_do(size, privet_net, floating_ip, ssh_ids, ssh_name, oss, fire group, status, server_id): query = ProvisionedServers.update(instance_type=size, private_networking=privet_net, floating_ip=floating_ip, ssh_ids=ssh_ids, ssh_key_name=ssh_name, - os=oss,firewall=firewall, monitoring=monitoring, backup=backup, + os=oss, firewall=firewall, monitoring=monitoring, backup=backup, provider_id=provider, group_id=group, status=status).where(ProvisionedServers.id == server_id) try: @@ -2792,9 +2788,9 @@ def select_provisioned_servers(**kwargs): prov_serv.select(prov_serv.id, prov_serv.name, prov_serv.provider_id, prov_serv.type, prov_serv.group_id, prov_serv.instance_type, prov_serv.status, prov_serv.date, prov_serv.region, prov_serv.os, prov_serv.IP, prov_serv.last_error, prov_serv.name_template) - .where((prov_serv.name == kwargs.get('new')) & - (prov_serv.group_id == kwargs.get('group')) & - (prov_serv.type == kwargs.get('type')))) + .where((prov_serv.name == kwargs.get('new')) & + (prov_serv.group_id == kwargs.get('group')) & + (prov_serv.type == kwargs.get('type')))) else: query = prov_serv.select(prov_serv.id, prov_serv.name, prov_serv.provider_id, prov_serv.type, prov_serv.group_id, prov_serv.instance_type, prov_serv.status, prov_serv.date, prov_serv.region, prov_serv.os, @@ -3226,6 +3222,7 @@ def insert_new_git(server_id, service_id, repo, branch, period, cred, descriptio else: return True + def select_gits(**kwargs): if kwargs.get("server_id") is not None and kwargs.get("service_id") is not None: query = GitSetting.select().where((GitSetting.server_id == kwargs.get("server_id")) & (GitSetting.service_id == kwargs.get("service_id")))