github
/
haproxy-wi
mirror of https://github.com/Aidaho12/haproxy-wi
1
0
Fork 0
Code Issues Releases Wiki Activity

v6.3.3.0 

Changelog: https://roxy-wi.org/changelog#6_3_3
pull/355/head
Pavel Loginov 2023-01-04 11:50:47 +03:00
parent 79d5c0ec21
commit bb456e13be
19 changed files with 437 additions and 65 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

82
app/options.py
View File

@ -399,9 +399,9 @@ if form.getvalue('master_slave_nginx'):
docker = form.getvalue('docker')
if server == 'master':
service_mod.install_nginx(master, server=server, docker=docker)
service_mod.install_service(master, 'nginx', docker, server=server)
elif server == 'slave':
service_mod.install_nginx(slave, server=server, docker=docker)
service_mod.install_service(slave, 'nginx', docker, server=server)
if form.getvalue('install_grafana'):
service_mod.grafana_install()
@ -422,71 +422,20 @@ if form.getvalue('node_exp_install'):
exp_installation.node_exp_installation()
if form.getvalue('backup') or form.getvalue('deljob') or form.getvalue('backupupdate'):
serv = form.getvalue('server')
rpath = form.getvalue('rpath')
time = form.getvalue('time')
backup_type = form.getvalue('type')
rserver = form.getvalue('rserver')
cred = form.getvalue('cred')
deljob = form.getvalue('deljob')
update = form.getvalue('backupupdate')
description = form.getvalue('description')
script = 'backup.sh'
ssh_settings = ssh_mod.return_ssh_keys_path('localhost', id=int(cred))
import modules.service.backup as backup_mod
if deljob:
time = ''
rpath = ''
backup_type = ''
elif update:
deljob = ''
else:
deljob = ''
if sql.check_exists_backup(serv):
print('warning: Backup job for %s already exists' % serv)
sys.exit()
serv = common.is_ip_or_dns(form.getvalue('server'))
rpath = common.checkAjaxInput(form.getvalue('rpath'))
time = common.checkAjaxInput(form.getvalue('time'))
backup_type = common.checkAjaxInput(form.getvalue('type'))
rserver = common.checkAjaxInput(form.getvalue('rserver'))
cred = int(form.getvalue('cred'))
deljob = common.checkAjaxInput(form.getvalue('deljob'))
update = common.checkAjaxInput(form.getvalue('backupupdate'))
description = common.checkAjaxInput(form.getvalue('description'))
os.system(f"cp scripts/{script} .")
backup_mod.backup(serv, rpath, time, backup_type, rserver, cred, deljob, update, description)
commands = [
f"chmod +x {script} && ./{script} HOST={rserver} SERVER={serv} TYPE={backup_type} SSH_PORT={ssh_settings['port']} "
f"TIME={time} RPATH={rpath} DELJOB={deljob} USER={ssh_settings['user']} KEY={ssh_settings['key']}"
]
output, error = server_mod.subprocess_execute(commands[0])
for line in output:
if any(s in line for s in ("Traceback", "FAILED")):
try:
print('error: ' + line)
break
except Exception:
print('error: ' + output)
break
else:
if not deljob and not update:
if sql.insert_backup_job(serv, rserver, rpath, backup_type, time, cred, description):
env = Environment(loader=FileSystemLoader('templates/ajax'), autoescape=True)
template = env.get_template('new_backup.html')
template = template.render(
backups=sql.select_backups(server=serv, rserver=rserver), sshs=sql.select_ssh()
)
print(template)
print('success: Backup job has been created')
roxywi_common.logging('backup ', ' a new backup job for server ' + serv + ' has been created', roxywi=1,
login=1)
else:
print('error: Cannot add the job into DB')
elif deljob:
sql.delete_backups(deljob)
print('Ok')
roxywi_common.logging('backup ', ' a backup job for server ' + serv + ' has been deleted', roxywi=1, login=1)
elif update:
sql.update_backup(serv, rserver, rpath, backup_type, time, cred, description, update)
print('Ok')
roxywi_common.logging('backup ', ' a backup job for server ' + serv + ' has been updated', roxywi=1, login=1)
os.remove(script)
if form.getvalue('git_backup'):
server_id = form.getvalue('server')
@ -519,7 +468,7 @@ if form.getvalue('git_backup'):
branch = 'main'
commands = [
f"chmod +x {script} && ./{script} HOST={server_ip} DELJOB={deljob} SERVICE={service_name} INIT={git_init} "
f"chmod +x {script} && ./{script} HOST={server_ip} DELJOB={deljob} SERVICE={service_name} INIT={git_init} "
f"SSH_PORT={ssh_settings['port']} PERIOD={period} REPO={repo} BRANCH={branch} CONFIG_DIR={service_config_dir} "
f"PROXY={proxy_serv} USER={ssh_settings['user']} KEY={ssh_settings['key']}"
]
@ -1089,6 +1038,9 @@ if form.getvalue('serverdel') is not None:
if sql.check_exists_backup(server_ip):
print('warning: Delete the backup first ')
sys.exit()
if sql.check_exists_s3_backup(server_id):
print('warning: Delete the S3 backup first ')
sys.exit()
if sql.delete_server(server_id):
sql.delete_waf_server(server_id)
sql.delete_port_scanner_settings(server_id)

5
app/scripts/ansible/roles/apache/defaults/main.yml Normal file
View File

@ -0,0 +1,5 @@
---
- name: restart apache
service:
name: "{{ apache_service }}"
state: "{{ apache_restart_state }}"

57
app/scripts/ansible/roles/apache/tasks/configure-Debian.yml Normal file
View File

@ -0,0 +1,57 @@
---
- name: Configure Apache.
lineinfile:
dest: "{{ apache_server_root }}/ports.conf"
regexp: "{{ item.regexp }}"
line: "{{ item.line }}"
state: present
mode: 0644
with_items: "{{ apache_ports_configuration_items }}"
notify: restart apache
- name: Enable Apache mods.
file:
src: "{{ apache_server_root }}/mods-available/{{ item }}.load"
dest: "{{ apache_server_root }}/mods-enabled/{{ item }}.load"
state: link
mode: 0644
with_items: "{{ apache_mods_enabled }}"
notify: restart apache
- name: Disable Apache mods.
file:
path: "{{ apache_server_root }}/mods-enabled/{{ item }}.load"
state: absent
with_items: "{{ apache_mods_disabled }}"
notify: restart apache
- name: Check whether certificates defined in vhosts exist.
stat: "path={{ item.certificate_file }}"
register: apache_ssl_certificates
with_items: "{{ apache_vhosts_ssl }}"
- name: Add apache vhosts configuration.
template:
src: "{{ apache_vhosts_template }}"
dest: "{{ apache_conf_path }}/sites-available/{{ apache_vhosts_filename }}"
owner: root
group: root
mode: 0644
notify: restart apache
when: apache_create_vhosts | bool
- name: Add vhost symlink in sites-enabled.
file:
src: "{{ apache_conf_path }}/sites-available/{{ apache_vhosts_filename }}"
dest: "{{ apache_conf_path }}/sites-enabled/{{ apache_vhosts_filename }}"
state: link
mode: 0644
notify: restart apache
when: apache_create_vhosts | bool
- name: Remove default vhost in sites-enabled.
file:
path: "{{ apache_conf_path }}/sites-enabled/{{ apache_default_vhost_filename }}"
state: absent
notify: restart apache
when: apache_remove_default_vhost

53
app/scripts/ansible/roles/apache/tasks/configure-RedHat.yml Normal file
View File

@ -0,0 +1,53 @@
---
- name: Configure Apache.
lineinfile:
dest: "{{ apache_server_root }}/conf/{{ apache_daemon }}.conf"
regexp: "{{ item.regexp }}"
line: "{{ item.line }}"
state: present
mode: 0644
with_items: "{{ apache_ports_configuration_items }}"
notify: restart apache
- name: Check whether certificates defined in vhosts exist.
stat: path={{ item.certificate_file }}
register: apache_ssl_certificates
with_items: "{{ apache_vhosts_ssl }}"
- name: Enable Apache mods.
copy:
dest: "{{ apache_server_root }}/conf.modules.d/99-ansible-{{ item }}.conf"
content: |
LoadModule {{ item }}_module modules/mod_{{ item }}.so
mode: 0644
with_items: "{{ apache_mods_enabled }}"
notify: restart apache
- name: Disable Apache mods
file:
path: "{{ apache_server_root }}/conf.modules.d/99-ansible-{{ item }}.conf"
state: absent
with_items: "{{ apache_mods_disabled }}"
notify: restart apache
- name: Add apache vhosts configuration.
template:
src: "{{ apache_vhosts_template }}"
dest: "{{ apache_conf_path }}/{{ apache_vhosts_filename }}"
owner: root
group: root
mode: 0644
notify: restart apache
when: apache_create_vhosts | bool
- name: Check if localhost cert exists (RHEL 8 and later).
stat:
path: /etc/pki/tls/certs/localhost.crt
register: localhost_cert
when: ansible_distribution_major_version | int >= 8
- name: Ensure httpd certs are installed (RHEL 8 and later).
command: /usr/libexec/httpd-ssl-gencerts
when:
- ansible_distribution_major_version | int >= 8
- not localhost_cert.stat.exists

20
app/scripts/ansible/roles/apache/tasks/configure-Solaris.yml Normal file
View File

@ -0,0 +1,20 @@
---
- name: Configure Apache.
lineinfile:
dest: "{{ apache_server_root }}/{{ apache_daemon }}.conf"
regexp: "{{ item.regexp }}"
line: "{{ item.line }}"
state: present
mode: 0644
with_items: "{{ apache_ports_configuration_items }}"
notify: restart apache
- name: Add apache vhosts configuration.
template:
src: "{{ apache_vhosts_template }}"
dest: "{{ apache_conf_path }}/{{ apache_vhosts_filename }}"
owner: root
group: root
mode: 0644
notify: restart apache
when: apache_create_vhosts | bool

25
app/scripts/ansible/roles/apache/tasks/configure-Suse.yml Normal file
View File

@ -0,0 +1,25 @@
---
- name: Configure Apache.
lineinfile:
dest: "{{ apache_server_root }}/listen.conf"
regexp: "{{ item.regexp }}"
line: "{{ item.line }}"
state: present
mode: 0644
with_items: "{{ apache_ports_configuration_items }}"
notify: restart apache
- name: Check whether certificates defined in vhosts exist.
stat: path={{ item.certificate_file }}
register: apache_ssl_certificates
with_items: "{{ apache_vhosts_ssl }}"
- name: Add apache vhosts configuration.
template:
src: "{{ apache_vhosts_template }}"
dest: "{{ apache_conf_path }}/{{ apache_vhosts_filename }}"
owner: root
group: root
mode: 0644
notify: restart apache
when: apache_create_vhosts | bool

47
app/scripts/ansible/roles/apache/tasks/main.yml Normal file
View File

@ -0,0 +1,47 @@
---
# Include variables and define needed variables.
- name: Include OS-specific variables.
include_vars: "{{ ansible_os_family }}.yml"
- name: Include variables for Amazon Linux.
include_vars: "AmazonLinux.yml"
when:
- ansible_distribution == "Amazon"
- ansible_distribution_major_version == "NA"
- name: Define apache_packages.
set_fact:
apache_packages: "{{ __apache_packages | list }}"
when: apache_packages is not defined
# Setup/install tasks.
- include_tasks: "setup-{{ ansible_os_family }}.yml"
# Figure out what version of Apache is installed.
- name: Get installed version of Apache.
command: "{{ apache_daemon_path }}{{ apache_daemon }} -v"
changed_when: false
check_mode: false
register: _apache_version
- name: Create apache_version variable.
set_fact:
apache_version: "{{ _apache_version.stdout.split()[2].split('/')[1] }}"
- name: Include Apache 2.2 variables.
include_vars: apache-22.yml
when: "apache_version.split('.')[1] == '2'"
- name: Include Apache 2.4 variables.
include_vars: apache-24.yml
when: "apache_version.split('.')[1] == '4'"
# Configure Apache.
- name: Configure Apache.
include_tasks: "configure-{{ ansible_os_family }}.yml"
- name: Ensure Apache has selected state and enabled on boot.
service:
name: "{{ apache_service }}"
state: "{{ apache_state }}"
enabled: "{{ apache_enabled }}"

6
app/scripts/ansible/roles/apache/tasks/setup-Debian.yml Normal file
View File

@ -0,0 +1,6 @@
---
- name: Update apt cache.
apt: update_cache=yes cache_valid_time=3600
- name: Ensure Apache is installed on Debian.
apt: "name={{ apache_packages }} state={{ apache_packages_state }}"

6
app/scripts/ansible/roles/apache/tasks/setup-RedHat.yml Normal file
View File

@ -0,0 +1,6 @@
---
- name: Ensure Apache is installed on RHEL.
package:
name: "{{ apache_packages }}"
state: "{{ apache_packages_state }}"
enablerepo: "{{ apache_enablerepo | default(omit, true) }}"

5
app/scripts/ansible/roles/apache/tasks/setup-Solaris.yml Normal file
View File

@ -0,0 +1,5 @@
---
- name: Ensure Apache is installed on Solaris.
pkg5:
name: "{{ apache_packages }}"
state: "{{ apache_packages_state }}"

5
app/scripts/ansible/roles/apache/tasks/setup-Suse.yml Normal file
View File

@ -0,0 +1,5 @@
---
- name: Ensure Apache is installed on Suse.
zypper:
name: "{{ apache_packages }}"
state: "{{ apache_packages_state }}"

82
app/scripts/ansible/roles/apache/templates/vhosts.conf.j2 Normal file
View File

@ -0,0 +1,82 @@
{{ apache_global_vhost_settings }}
{# Set up VirtualHosts #}
{% for vhost in apache_vhosts %}
<VirtualHost {{ apache_listen_ip }}:{{ apache_listen_port }}>
ServerName {{ vhost.servername }}
{% if vhost.serveralias is defined %}
ServerAlias {{ vhost.serveralias }}
{% endif %}
{% if vhost.documentroot is defined %}
DocumentRoot "{{ vhost.documentroot }}"
{% endif %}
{% if vhost.serveradmin is defined %}
ServerAdmin {{ vhost.serveradmin }}
{% endif %}
{% if vhost.documentroot is defined %}
<Directory "{{ vhost.documentroot }}">
AllowOverride {{ vhost.allow_override | default(apache_allow_override) }}
Options {{ vhost.options | default(apache_options) }}
{% if apache_vhosts_version == "2.2" %}
Order allow,deny
Allow from all
{% else %}
Require all granted
{% endif %}
</Directory>
{% endif %}
{% if vhost.extra_parameters is defined %}
{{ vhost.extra_parameters | indent(width=2, first=True) }}
{% endif %}
</VirtualHost>
{% endfor %}
{# Set up SSL VirtualHosts #}
{% for vhost in apache_vhosts_ssl %}
{% if apache_ignore_missing_ssl_certificate or apache_ssl_certificates.results[loop.index0].stat.exists %}
<VirtualHost {{ apache_listen_ip }}:{{ apache_listen_port_ssl }}>
ServerName {{ vhost.servername }}
{% if vhost.serveralias is defined %}
ServerAlias {{ vhost.serveralias }}
{% endif %}
{% if vhost.documentroot is defined %}
DocumentRoot "{{ vhost.documentroot }}"
{% endif %}
SSLEngine on
SSLCipherSuite {{ apache_ssl_cipher_suite }}
SSLProtocol {{ apache_ssl_protocol }}
SSLHonorCipherOrder On
{% if apache_vhosts_version == "2.4" %}
SSLCompression off
{% endif %}
SSLCertificateFile {{ vhost.certificate_file }}
SSLCertificateKeyFile {{ vhost.certificate_key_file }}
{% if vhost.certificate_chain_file is defined %}
SSLCertificateChainFile {{ vhost.certificate_chain_file }}
{% endif %}
{% if vhost.serveradmin is defined %}
ServerAdmin {{ vhost.serveradmin }}
{% endif %}
{% if vhost.documentroot is defined %}
<Directory "{{ vhost.documentroot }}">
AllowOverride {{ vhost.allow_override | default(apache_allow_override) }}
Options {{ vhost.options | default(apache_options) }}
{% if apache_vhosts_version == "2.2" %}
Order allow,deny
Allow from all
{% else %}
Require all granted
{% endif %}
</Directory>
{% endif %}
{% if vhost.extra_parameters is defined %}
{{ vhost.extra_parameters | indent(width=2, first=True) }}
{% endif %}
</VirtualHost>
{% endif %}
{% endfor %}

18
app/scripts/ansible/roles/apache/vars/AmazonLinux.yml Normal file
View File

@ -0,0 +1,18 @@
---
apache_service: httpd
apache_daemon: httpd
apache_daemon_path: /usr/sbin/
apache_server_root: /etc/httpd
apache_conf_path: /etc/httpd/conf.d
apache_vhosts_version: "2.4"
__apache_packages:
- httpd24
- httpd24-devel
- mod24_ssl
- openssh
apache_ports_configuration_items:
- regexp: "^Listen "
line: "Listen {{ apache_listen_port }}"

14
app/scripts/ansible/roles/apache/vars/Debian.yml Normal file
View File

@ -0,0 +1,14 @@
---
apache_service: apache2
apache_daemon: apache2
apache_daemon_path: /usr/sbin/
apache_server_root: /etc/apache2
apache_conf_path: /etc/apache2
__apache_packages:
- apache2
- apache2-utils
apache_ports_configuration_items:
- regexp: "^Listen "
line: "Listen {{ apache_listen_port }}"

20
app/scripts/ansible/roles/apache/vars/RedHat.yml Normal file
View File

@ -0,0 +1,20 @@
---
apache_service: httpd
apache_daemon: httpd
apache_daemon_path: /usr/sbin/
apache_server_root: /etc/httpd
apache_conf_path: /etc/httpd/conf.d
apache_vhosts_version: "2.2"
__apache_packages:
- httpd
- httpd-devel
- mod_ssl
- openssh
apache_ports_configuration_items:
- regexp: "^Listen "
line: "Listen {{ apache_listen_port }}"
- regexp: "^#?NameVirtualHost "
line: "NameVirtualHost {{ apache_listen_ip }}:{{ apache_listen_port }}"

19
app/scripts/ansible/roles/apache/vars/Solaris.yml Normal file
View File

@ -0,0 +1,19 @@
---
apache_service: apache24
apache_daemon: httpd
apache_daemon_path: /usr/apache2/2.4/bin/
apache_server_root: /etc/apache2/2.4/
apache_conf_path: /etc/apache2/2.4/conf.d
apache_vhosts_version: "2.2"
__apache_packages:
- web/server/apache-24
- web/server/apache-24/module/apache-ssl
- web/server/apache-24/module/apache-security
apache_ports_configuration_items:
- regexp: "^Listen "
line: "Listen {{ apache_listen_port }}"
- regexp: "^#?NameVirtualHost "
line: "NameVirtualHost {{ apache_listen_ip }}:{{ apache_listen_port }}"

18
app/scripts/ansible/roles/apache/vars/Suse.yml Normal file
View File

@ -0,0 +1,18 @@
---
apache_service: apache2
apache_daemon: httpd2
apache_daemon_path: /usr/sbin/
apache_server_root: /etc/apache2
apache_conf_path: /etc/apache2/conf.d
apache_vhosts_version: "2.2"
__apache_packages:
- apache2
- openssh
apache_ports_configuration_items:
- regexp: "^Listen "
line: "Listen {{ apache_listen_port }}"
- regexp: "^#?NameVirtualHost "
line: "NameVirtualHost {{ apache_listen_ip }}:{{ apache_listen_port }}"

12
app/scripts/ansible/roles/apache/vars/apache-22.yml Normal file
View File

@ -0,0 +1,12 @@
---
apache_vhosts_version: "2.2"
apache_default_vhost_filename: 000-default
apache_ports_configuration_items:
- {
regexp: "^Listen ",
line: "Listen {{ apache_listen_port }}"
}
- {
regexp: "^#?NameVirtualHost ",
line: "NameVirtualHost {{ apache_listen_ip }}:{{ apache_listen_port }}"
}

8
app/scripts/ansible/roles/apache/vars/apache-24.yml Normal file
View File

@ -0,0 +1,8 @@
---
apache_vhosts_version: "2.4"
apache_default_vhost_filename: 000-default.conf
apache_ports_configuration_items:
- {
regexp: "^Listen ",
line: "Listen {{ apache_listen_port }}"
}