github
/
haproxy-wi
mirror of https://github.com/Aidaho12/haproxy-wi
1
0
Fork 0
Code Issues Releases Wiki Activity

v3.4.5 

WAF and overview  improved,  bugs fixed
pull/145/head 3.4.5
Pavel Loginov 2019-09-10 08:44:02 +03:00
parent eea89dc4c6
commit a44f272cb9
8 changed files with 90 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
app/options.py
View File

@ -647,3 +647,12 @@ if form.getvalue('get_ldap_email'):
print('error: user not found') print('error: user not found')
finally: finally:
l.unbind() l.unbind()
if form.getvalue('change_waf_mode'):
waf_mode = form.getvalue('change_waf_mode')
server_hostname = form.getvalue('server_hostname')
haproxy_dir = sql.get_setting('haproxy_dir')
serv = sql.select_server_by_name(server_hostname)
commands = [ "sudo sed -i 's/^SecRuleEngine.*/SecRuleEngine %s/' %s/waf/modsecurity.conf " % (waf_mode, haproxy_dir) ]
funct.ssh_command(serv, commands)

15
app/sql.py
View File

@ -235,6 +235,21 @@ def select_user_name_group(id):
cur.close() cur.close()
con.close() con.close()
def select_server_by_name(name):
con, cur = create_db.get_cur()
sql = """select ip from servers where hostname='%s' """ % name
try:
cur.execute(sql)
except sqltool.Error as e:
out_error(e)
else:
for name in cur.fetchone():
return name
cur.close()
con.close()
def select_servers(**kwargs): def select_servers(**kwargs):
con, cur = create_db.get_cur() con, cur = create_db.get_cur()
sql = """select * from servers where enable = '1' ORDER BY groups """ sql = """select * from servers where enable = '1' ORDER BY groups """

34
app/templates/ajax/overivewWaf.html
View File

@ -2,7 +2,7 @@
{% for service in service_status %} {% for service in service_status %}
{% if service.3 == "On" or service.3 == "Off" or service.3 == "DetectionOnly" or url == "waf.py" %} {% if service.3 == "On" or service.3 == "Off" or service.3 == "DetectionOnly" or url == "waf.py" %}
{% do waf_servers.append(1) %} {% do waf_servers.append(1) %}
<tr class="{{ loop.cycle('odd', 'even') }}"> <tr class="{{ loop.cycle('odd', 'even') }}" id="{{service.0}}-select-line">
<td class="padding10 first-collumn"> <td class="padding10 first-collumn">
<a href="#{{ service.0 }}" title="Go to {{ service.0 }} status" style="color: #000">{{ service.0 }}</a> <a href="#{{ service.0 }}" title="Go to {{ service.0 }} status" style="color: #000">{{ service.0 }}</a>
</td> </td>
@ -27,14 +27,30 @@
{% endif %} {% endif %}
</td> </td>
<td> <td>
{% if role <= 1 %}
{% if service.3 == "On" or service.3 == "Off" or service.3 == "DetectionOnly" %} {% if service.3 == "On" or service.3 == "Off" or service.3 == "DetectionOnly" %}
{{ service.3 }} <select class="waf_mode" id="{{ service.0 }}_select">
{% set waf_modes = [] %}
{% do waf_modes.append("On") %}
{% do waf_modes.append("Off") %}
{% do waf_modes.append("DetectionOnly") %}
{% for waf_mode in waf_modes %}
{% if service.3 == waf_mode %}
<option value={{waf_mode}} selected="selected">{{waf_mode}}</option>
{% else %}
<option value={{waf_mode}}>{{waf_mode}}</option>
{% endif %}
{% endfor %}
</select>
{%else %} {%else %}
<a title="Install WAF"><button onclick="installWaf('{{ service.1 }}')">Install</button></a> <a title="Install WAF"><button onclick="installWaf('{{ service.1 }}')">Install</button></a>
{% endif %} {% endif %}
{% else %}
{{ service.3 }}
{% endif %}
</td> </td>
{% if url == "waf.py" %} {% if url == "waf.py" %}
<td> <td style="padding-top: 2px;">
{% if service.3 == "On" or service.3 == "Off" or service.3 == "DetectionOnly" %} {% if service.3 == "On" or service.3 == "Off" or service.3 == "DetectionOnly" %}
{% if service.4|int() == 1 %} {% if service.4|int() == 1 %}
<label for="{{ service.0 }}"></label><input type="checkbox" id="{{ service.0 }}" checked> <label for="{{ service.0 }}"></label><input type="checkbox" id="{{ service.0 }}" checked>
@ -55,3 +71,15 @@
</td> </td>
</tr> </tr>
{% endif %} {% endif %}
<script>
$( "select" ).selectmenu();
{% if role <= 1 %}
$( "select" ).on('selectmenuchange',function() {
var id = $(this).attr('id');
changeWafMode(id)
});
{% endif %}
</script>
<style>
.ui-selectmenu-button.ui-button {width: 10em;}
</style>

4
app/templates/ajax/overview.html
View File

@ -45,7 +45,11 @@
</a> </a>
</td> </td>
<td> <td>
{% if "ls: cannot access" in service.3 %}
Cannot find HAProxy config
{% else %}
{{ service.3 }} {{ service.3 }}
{% endif %}
</td> </td>
<td></td> <td></td>
</tr> </tr>

2
app/templates/base.html
View File

@ -115,7 +115,7 @@
</ul> </ul>
</nav> </nav>
<div class="copyright-menu"> <div class="copyright-menu">
<a href="https://github.com/aidaho12/haproxy-wi/" title="Github repo" target="_blank" style="color: #fff">HAproxy-WI v3.4.4.8</a> <a href="https://github.com/aidaho12/haproxy-wi/" title="Github repo" target="_blank" style="color: #fff">HAproxy-WI v3.4.5</a>
<br> <br>
<a href="https://www.patreon.com/haproxy_wi" title="Donate" target="_blank" style="color: #fff; margin-left: 30px; color: red;" class="patreon"> Patreon</a> <a href="https://www.patreon.com/haproxy_wi" title="Donate" target="_blank" style="color: #fff; margin-left: 30px; color: red;" class="patreon"> Patreon</a>
</div> </div>

20
inc/script.js
View File

@ -1508,3 +1508,23 @@ function saveList(action, list, color) {
} }
} ); } );
} }
function changeWafMode(id) {
var waf_mode = $('#'+id+' option:selected').val();
var server_hostname = id.split('_')[0];
$.ajax( {
url: "options.py",
data: {
change_waf_mode: waf_mode,
server_hostname: server_hostname,
token: $('#token').val()
},
type: "GET",
success: function( data ) {
alert('Do not forget restart WAF server: '+server_hostname)
$( '#'+server_hostname+'-select-line' ).addClass( "update", 1000 );
setTimeout(function() {
$( '#'+server_hostname+'-select-line' ).removeClass( "update" );
}, 2500 );
}
} );
}

4
install.sh
View File

@ -299,7 +299,6 @@ sed -i 's/#$UDPServerRun 514/$UDPServerRun 514/g' /etc/rsyslog.conf
sed -i 's/#$ModLoad imudp/$ModLoad imudp/g' /etc/rsyslog.conf sed -i 's/#$ModLoad imudp/$ModLoad imudp/g' /etc/rsyslog.conf
systemctl daemon-reload systemctl daemon-reload
systemctl restart logrotate
systemctl restart rsyslog systemctl restart rsyslog
systemctl restart metrics_haproxy.service systemctl restart metrics_haproxy.service
systemctl restart checker_haproxy.service systemctl restart checker_haproxy.service
@ -353,8 +352,7 @@ echo -e "Installing required Python Packages"
echo "" echo ""
echo "" echo ""
echo "################################" echo "################################"
sudo -H pip3 install --upgrade pip sudo -H pip3.5 install --upgrade pip
sudo pip3 install -r /var/www/$HOME_HAPROXY_WI/requirements.txt
sudo pip3.5 install -r /var/www/$HOME_HAPROXY_WI/requirements.txt sudo pip3.5 install -r /var/www/$HOME_HAPROXY_WI/requirements.txt
if [ $? -eq 1 ] if [ $? -eq 1 ]

18
update.sh
View File

@ -1,27 +1,21 @@
#!/bin/bash #!/bin/bash
# set -x
cp app/haproxy-wi.cfg /tmp/ cp app/haproxy-wi.cfg /tmp/
mv -f /tmp/haproxy-wi.cfg app/haproxy-wi.cfg mv -f /tmp/haproxy-wi.cfg app/haproxy-wi.cfg
mkdir keys
mkdir app/certs
if hash apt-get 2>/dev/null; then
apt-get install git net-tools lshw dos2unix apache2 gcc netcat mod_ssl python3-pip gcc-c++ openldap-devel libpq-dev python-dev libxml2-dev libxslt1-dev libldap2-dev libsasl2-dev libffi-dev python3-dev -y
else
yum -y install https://centos7.iuscommunity.org/ius-release.rpm
yum -y install git nmap-ncat net-tools python35u dos2unix python35u-pip mod_ssl httpd python35u-devel gcc-c++ openldap-devel
fi
git reset --hard git reset --hard
git pull https://github.com/Aidaho12/haproxy-wi.git git pull https://github.com/Aidaho12/haproxy-wi.git
chmod +x app/*py chmod +x app/*py
chmod +x app/tools/*py chmod +x app/tools/*py
if hash apt-get 2>/dev/null; then
sudo chown -R www-data:www-data app/
else
sudo chown -R apache:apache app/
fi
cd app/ cd app/
./create_db.py ./create_db.py