diff --git a/README.md b/README.md
index 4a22a13d..ca09bdbc 100644
--- a/README.md
+++ b/README.md
@@ -134,6 +134,7 @@ For Apache do virtualhost with cgi-bin. Like this:
ScriptAlias /cgi-bin/ "/var/www/haproxy-wi/app/"
How did you get here?! O_o You do not have need permissions')
print('')
import sys
- sys.exit()
-
-def ssh_connect(serv, **kwargs):
- import paramiko
- from paramiko import SSHClient
+ sys.exit()
+
+
+def return_ssh_keys_path(serv):
import sql
fullpath = get_config_var('main', 'fullpath')
ssh_enable = ''
@@ -172,6 +171,16 @@ def ssh_connect(serv, **kwargs):
ssh_user_name = sshs[4]
ssh_user_password = sshs[5]
ssh_key_name = fullpath+'/keys/%s.pem' % sshs[2]
+
+ return ssh_enable, ssh_user_name, ssh_user_password, ssh_key_name
+
+
+def ssh_connect(serv, **kwargs):
+ import paramiko
+ from paramiko import SSHClient
+ import sql
+
+ ssh_enable, ssh_user_name, ssh_user_password, ssh_key_name = return_ssh_keys_path(serv)
servers = sql.select_servers(server=serv)
for server in servers:
@@ -327,7 +336,7 @@ def rewrite_section(start_line, end_line, config, section):
return_config += line
return return_config
-
+
def install_haproxy(serv, **kwargs):
import sql
@@ -339,17 +348,10 @@ def install_haproxy(serv, **kwargs):
stats_password = sql.get_setting('stats_password')
proxy = sql.get_setting('proxy')
hapver = kwargs.get('hapver')
- fullpath = get_config_var('main', 'fullpath')
- ssh_enable = ''
- ssh_port = ''
- ssh_user_name = ''
- ssh_user_password = ''
+ ssh_enable, ssh_user_name, ssh_user_password, ssh_key_name = return_ssh_keys_path(serv)
- for sshs in sql.select_ssh(serv=serv):
- ssh_enable = sshs[3]
- ssh_user_name = sshs[4]
- ssh_user_password = sshs[5]
- ssh_key_name = fullpath+'/keys/%s.pem' % sshs[2]
+ if ssh_enable == 0:
+ ssh_key_name = ''
os.system("cp scripts/%s ." % script)
diff --git a/app/index.html b/app/index.html
deleted file mode 100644
index bfaba42c..00000000
--- a/app/index.html
+++ /dev/null
@@ -1,32 +0,0 @@
-
-
-
-
-
Welcome to
-
- Redirecting... Please wait
-
')
- for sshs in sql.select_ssh(serv=slave):
- ssh_enable = sshs[3]
- ssh_user_name = sshs[4]
- ssh_user_password = sshs[5]
- ssh_key_name = fullpath+'/keys/%s.pem' % sshs[2]
+ ssh_enable, ssh_user_name, ssh_user_password, ssh_key_name = funct.return_ssh_keys_path(slave)
+
+ if ssh_enable == 0:
+ ssh_key_name = ''
commands = [ "chmod +x "+script +" && ./"+script +" PROXY=" +proxy_serv+
" ETH="+ETH+" IP="+IP+" MASTER=BACKUP"+" HOST="+str(slave)+
@@ -664,20 +657,11 @@ if form.getvalue('masteradd'):
IP = form.getvalue('vrrpipadd')
kp = form.getvalue('kp')
script = "install_keepalived.sh"
- fullpath = funct.get_config_var('main', 'fullpath')
- proxy = sql.get_setting('proxy')
- ssh_enable = ''
- ssh_port = ''
- ssh_user_name = ''
- ssh_user_password = ''
+ proxy = sql.get_setting('proxy')
+ ssh_enable, ssh_user_name, ssh_user_password, ssh_key_name = funct.return_ssh_keys_path(master)
- proxy_serv = proxy if proxy is not None else ""
-
- for sshs in sql.select_ssh(serv=master):
- ssh_enable = sshs[3]
- ssh_user_name = sshs[4]
- ssh_user_password = sshs[5]
- ssh_key_name = fullpath+'/keys/%s.pem' % sshs[2]
+ if ssh_enable == 0:
+ ssh_key_name = ''
os.system("cp scripts/%s ." % script)
@@ -705,11 +689,10 @@ if form.getvalue('masteradd'):
print('success: Master VRRP address was added
')
- for sshs in sql.select_ssh(serv=slave):
- ssh_enable = sshs[3]
- ssh_user_name = sshs[4]
- ssh_user_password = sshs[5]
- ssh_key_name = fullpath+'/keys/%s.pem' % sshs[2]
+ ssh_enable, ssh_user_name, ssh_user_password, ssh_key_name = funct.return_ssh_keys_path(slave)
+
+ if ssh_enable == 0:
+ ssh_key_name = ''
commands = [ "chmod +x "+script +" && ./"+script +" PROXY=" + proxy_serv+
" ETH="+ETH+" IP="+str(IP)+" MASTER=BACKUP"+" RESTART="+kp+" ADD_VRRP=1 HOST="+str(slave)+
@@ -781,8 +764,6 @@ if form.getvalue('new_metrics'):
for i in metric:
label = str(i[5])
label = label.split(' ')[1]
- #label = label.split(':')
- #labels += label[0]+':'+label[1]+','
labels += label+','
curr_con += str(i[1])+','
curr_ssl_con += str(i[2])+','
@@ -811,7 +792,6 @@ if form.getvalue('new_waf_metrics'):
for i in metric:
label = str(i[2])
label = label.split(' ')[1]
- # label = label.split(':')
labels += label[0]+','
curr_con += str(i[1])+','
diff --git a/app/scripts/ansible/roles/haproxy/tasks/main.yml b/app/scripts/ansible/roles/haproxy/tasks/main.yml
index 0f5be086..912c33cd 100644
--- a/app/scripts/ansible/roles/haproxy/tasks/main.yml
+++ b/app/scripts/ansible/roles/haproxy/tasks/main.yml
@@ -3,6 +3,10 @@
package_facts:
manager: "auto"
+
+- name: populate service facts
+ service_facts:
+
- name: install HAProxy {{HAPVER}}
yum:
@@ -94,6 +98,27 @@
set_fact:
haproxy_version: "{{ '1.5' if '1.5.' in haproxy_version_result.stdout else '1.6' }}"
+
+- name: Open stat port for firewalld
+ firewalld:
+ port: "{{ item }}/tcp"
+ state: enabled
+ permanent: yes
+ immediate: yes
+ ignore_errors: yes
+ when: ansible_facts.services["firewalld.service"]['state'] == "running"
+ with_items: [ "{{ STAT_PORT }}", "{{ SOCK_PORT }}" ]
+
+
+- name: Open stat port for iptables
+ iptables:
+ chain: INPUT
+ destination_port: "{{ item }}"
+ jump: ACCEPT
+ protocol: tcp
+ ignore_errors: yes
+ with_items: [ "{{ STAT_PORT }}", "{{ SOCK_PORT }}" ]
+
- name: Copy HAProxy configuration in place.
template:
diff --git a/app/scripts/waf.sh b/app/scripts/waf.sh
index dc35d4bb..68d9a5c3 100644
--- a/app/scripts/waf.sh
+++ b/app/scripts/waf.sh
@@ -27,7 +27,7 @@ then
fi
if [ -f $HAPROXY_PATH/waf/modsecurity.conf ];then
- echo -e 'error: Haproxy WAF already installed. You can edit confighere
'
+ echo -e 'error: Haproxy WAF already installed.
'
exit 1
fi
if hash apt-get 2>/dev/null; then
diff --git a/config_other/httpd/haproxy-wi.conf b/config_other/httpd/haproxy-wi.conf
index 3876672e..a9898de5 100644
--- a/config_other/httpd/haproxy-wi.conf
+++ b/config_other/httpd/haproxy-wi.conf
@@ -1,40 +1,40 @@