From bb48e6d36c04e9d3302e98f99d386457115b63f4 Mon Sep 17 00:00:00 2001 From: Pavel Loginov Date: Thu, 1 Jul 2021 13:19:23 +0600 Subject: [PATCH] v5.2.1.0 Changelog: https://haproxy-wi.org/changelog.py#5_2_1 --- app/funct.py | 10 ++- app/hapservers.py | 27 +++++-- app/options.py | 87 ++++++++++++++++----- app/templates/ajax/config_show.html | 55 ++++++++++++- app/templates/base.html | 16 ++-- app/templates/config.html | 38 ++++----- app/templates/hapservers.html | 61 ++++++++++----- app/templates/include/admin_add_server.html | 10 ++- app/templates/ovw.html | 9 ++- inc/overview.js | 40 ++++++++-- 10 files changed, 262 insertions(+), 91 deletions(-) diff --git a/app/funct.py b/app/funct.py index e57ac75a..dbb1209c 100644 --- a/app/funct.py +++ b/app/funct.py @@ -272,7 +272,7 @@ def return_ssh_keys_path(serv, **kwargs): return ssh_enable, ssh_user_name, ssh_user_password, ssh_key_name -def ssh_connect(serv, **kwargs): +def ssh_connect(serv): import paramiko from paramiko import SSHClient import sql @@ -304,10 +304,13 @@ def ssh_connect(serv, **kwargs): except paramiko.SSHException as sshException: return 'error: Unable to establish SSH connection: %s ' % sshException except paramiko.PasswordRequiredException as e: + logging('localhost', ' ' + str(e), haproxywi=1) return 'error: %s ' % e except paramiko.BadHostKeyException as badHostKeyException: + logging('localhost', ' ' + str(badHostKeyException), haproxywi=1) return 'error: Unable to verify server\'s host key: %s ' % badHostKeyException except Exception as e: + logging('localhost', ' ' + str(e), haproxywi=1) if e == "No such file or directory": return 'error: %s. Check ssh key' % e elif e == "Invalid argument": @@ -1015,7 +1018,10 @@ def server_status(stdout): for line in stdout: if "Ncat: " not in line: for k in line: - proc_count = k.split(":")[1] + try: + proc_count = k.split(":")[1] + except Exception: + proc_count = 1 else: proc_count = 0 return proc_count diff --git a/app/hapservers.py b/app/hapservers.py index 72e88837..48f2c72b 100644 --- a/app/hapservers.py +++ b/app/hapservers.py @@ -1,5 +1,4 @@ #!/usr/bin/env python3 - import funct import sql from jinja2 import Environment, FileSystemLoader @@ -13,7 +12,6 @@ funct.check_login() try: user, user_id, role, token, servers = funct.get_users_params() users = sql.select_users() - groups = sql.select_groups() services = [] except: pass @@ -26,13 +24,21 @@ cmd = "ps ax |grep -e 'keep_alive.py' |grep -v grep |wc -l" keep_alive, stderr = funct.subprocess_execute(cmd) if service == 'nginx': - title = "Nginx servers overview" + title = 'Nginx servers overview' servers = sql.get_dick_permit(virt=1, nginx=1) service = 'nginx' if serv: if funct.check_is_server_in_group(serv): servers = sql.select_servers(server=serv) autorefresh = 1 +elif service == 'keepalived': + title = 'Keepalived servers overview' + servers = sql.get_dick_permit(virt=1, keepalived=1) + service = 'keepalived' + if serv: + if funct.check_is_server_in_group(serv): + servers = sql.select_servers(server=serv) + autorefresh = 1 else: title = "HAProxy servers overview" service = 'haproxy' @@ -69,7 +75,19 @@ for s in servers: servers_with_status.append(s[11]) if service == 'nginx': cmd = [ - "/usr/sbin/nginx -v && systemctl status nginx |grep -e 'Active' |awk '{print $2, $9$10$11$12$13}' && ps ax |grep nginx:|grep -v grep |wc -l"] + "/usr/sbin/nginx -v 2>&1|awk '{print $3}' && systemctl status nginx |grep -e 'Active' |awk '{print $2, $9$10$11$12$13}' && ps ax |grep nginx:|grep -v grep |wc -l"] + out = funct.ssh_command(s[2], cmd) + h = () + out1 = [] + for k in out.split(): + out1.append(k) + h = (out1,) + servers_with_status.append(h) + servers_with_status.append(h) + servers_with_status.append(s[17]) + elif service == 'keepalived': + cmd = [ + "/usr/sbin/keepalived -v 2>&1|head -1|awk '{print $2}' && systemctl status keepalived |grep -e 'Active' |awk '{print $2, $9$10$11$12$13}' && ps ax |grep keepalived|grep -v grep |wc -l"] out = funct.ssh_command(s[2], cmd) h = () out1 = [] @@ -102,7 +120,6 @@ template = template.render(h2=1, role=role, user=user, users=users, - groups=groups, servers=servers_with_status1, keep_alive=''.join(keep_alive), serv=serv, diff --git a/app/options.py b/app/options.py index d82ddd35..0d82767f 100644 --- a/app/options.py +++ b/app/options.py @@ -516,26 +516,39 @@ if act == "overview": from jinja2 import Environment, FileSystemLoader async def async_get_overview(serv1, serv2): - commands2 = ["ps ax |grep waf/bin/modsecurity |grep -v grep |wc -l"] - cmd = 'echo "show info" |nc %s %s -w 1|grep -e "Process_num"' % (serv2, sql.get_setting('haproxy_sock_port')) + haproxy = sql.select_haproxy(serv2) keepalived = sql.select_keealived(serv2) + nginx = sql.select_nginx(serv2) + waf = sql.select_waf_servers(serv2) + haproxy_process = '' + keepalived_process = '' + nginx_process = '' + waf_process = '' + + if haproxy == 1: + cmd = 'echo "show info" |nc %s %s -w 1|grep -e "Process_num"' % (serv2, sql.get_setting('haproxy_sock_port')) + haproxy_process = funct.server_status(funct.subprocess_execute(cmd)) + if keepalived == 1: command = ["ps ax |grep keepalived|grep -v grep|wc -l"] keepalived_process = funct.ssh_command(serv2, command) - else: - keepalived_process = '' - nginx = sql.select_nginx(serv2) + if nginx == 1: - command = ["ps ax |grep nginx:|grep -v grep|wc -l"] - nginx_process = funct.ssh_command(serv2, command) - else: - nginx_process = '' + # command = ["ps ax |grep nginx:|grep -v grep|wc -l"] + # nginx_process = funct.ssh_command(serv2, command) + nginx_cmd = 'echo "something" |nc %s %s -w 1' % (serv2, sql.get_setting('nginx_stats_port')) + nginx_process = funct.server_status(funct.subprocess_execute(nginx_cmd)) + + if len(waf) == 1: + commands2 = ["ps ax |grep waf/bin/modsecurity |grep -v grep |wc -l"] + waf_process = funct.ssh_command(serv2, commands2) + server_status = (serv1, serv2, - funct.server_status(funct.subprocess_execute(cmd)), + haproxy_process, sql.select_servers(server=serv2, keep_alive=1), - funct.ssh_command(serv2, commands2), - sql.select_waf_servers(serv2), + waf_process, + waf, keepalived, keepalived_process, nginx, @@ -610,19 +623,19 @@ if act == "overviewServers": if service == 'haproxy': cmd = 'echo "show info" |nc %s %s -w 1|grep -e "node\|Nbproc\|Maxco\|MB\|Nbthread"' % (serv2, sql.get_setting('haproxy_sock_port')) out = funct.subprocess_execute(cmd) - out1 = "" + return_out = "" for k in out: if "Ncat:" not in k: for r in k: - out1 += r - out1 += "
" + return_out += r + return_out += "
" else: - out1 = "Cannot connect to HAProxy" + return_out = "Cannot connect to HAProxy" else: - out1 = '' + return_out = '' - server_status = (serv1, serv2, out1) + server_status = (serv1, serv2, return_out) return server_status @@ -647,11 +660,11 @@ if act == "overviewServers": print(template) - id = form.getvalue('id') + server_id = form.getvalue('id') name = form.getvalue('name') service = form.getvalue('service') ioloop = asyncio.get_event_loop() - ioloop.run_until_complete(get_runner_overviewServers(server1=name, server2=serv, id=id, service=service)) + ioloop.run_until_complete(get_runner_overviewServers(server1=name, server2=serv, id=server_id, service=service)) ioloop.close() if form.getvalue('action'): @@ -995,6 +1008,9 @@ if form.getvalue('master'): ETH = form.getvalue('interface') IP = form.getvalue('vrrpip') syn_flood = form.getvalue('syn_flood') + virt_server = form.getvalue('virt_server') + haproxy = form.getvalue('hap') + nginx = form.getvalue('nginx') script = "install_keepalived.sh" fullpath = funct.get_config_var('main', 'fullpath') proxy = sql.get_setting('proxy') @@ -1024,6 +1040,12 @@ if form.getvalue('master'): sql.update_keepalived(master) + if virt_server is not None: + group_id = sql.get_group_id_by_server_ip(master) + cred_id = sql.get_cred_id_by_server_ip(master) + hostname = sql.get_hostname_by_server_ip(master) + sql.add_server(hostname+'-VIP', IP, group_id, '1', '1', '1', cred_id, ssh_port, 'VRRP IP for '+master, haproxy, nginx, '0') + if form.getvalue('master_slave'): master = form.getvalue('master') slave = form.getvalue('slave') @@ -1768,6 +1790,7 @@ if form.getvalue('newserver') is not None: hostname = form.getvalue('servername') ip = form.getvalue('newip') group = form.getvalue('newservergroup') + scan_server = form.getvalue('scan_server') typeip = form.getvalue('typeip') haproxy = form.getvalue('haproxy') nginx = form.getvalue('nginx') @@ -1782,6 +1805,30 @@ if form.getvalue('newserver') is not None: if sql.add_server(hostname, ip, group, typeip, enable, master, cred, port, desc, haproxy, nginx, firewall): + try: + if scan_server == '1': + nginx_config_path = sql.get_setting('nginx_config_path') + haproxy_config_path = sql.get_setting('haproxy_config_path') + haproxy_dir = sql.get_setting('haproxy_dir') + keepalived_config_path = '/etc/keepalived/keepalived.conf' + + if funct.is_file_exists(ip, nginx_config_path): + sql.update_nginx(ip) + + if funct.is_file_exists(ip, haproxy_config_path): + sql.update_haproxy(ip) + + if funct.is_file_exists(ip, keepalived_config_path): + sql.update_keepalived(ip) + + if funct.is_file_exists(ip, haproxy_dir + '/waf/bin/modsecurity'): + sql.insert_waf_metrics_enable(ip, "0") + + if funct.is_service_active(ip, 'firewalld'): + sql.update_firewall(ip) + except: + pass + from jinja2 import Environment, FileSystemLoader env = Environment(loader=FileSystemLoader('templates/'), autoescape=True) diff --git a/app/templates/ajax/config_show.html b/app/templates/ajax/config_show.html index b6b54a60..fa90d3ae 100644 --- a/app/templates/ajax/config_show.html +++ b/app/templates/ajax/config_show.html @@ -70,6 +70,57 @@   {{ line }}
{% endif %} + {% elif service == 'keepalived' %} + {%- if "global_defs {" in line -%} + {% if i > 1 %} + + {% endif %} + {{ line }} +
+ {% continue %} + {% endif %} + {%- if "vrrp_instance " in line -%} + {% if i > 1 %} +
+ {% endif %} + {{ line }} +
+ {% continue %} + {% endif %} + {%- if "vrrp_script " in line -%} + {% if i > 1 %} +
+ {% endif %} + {{ line }} +
+ {% continue %} + {% endif %} + {% if "state " in line or "interface" in line or "priority" in line or "}" in line %} + {% if "#" not in line %} + + {{ i }} + + +   {{ line }} +
+ {% continue %} + {% endif %} + {% endif %} + {% if "#" in line %} + + {{ i }} + + +   {{ line }} +
+ {% continue %} + {% endif %} + {% if line|length > 1 %} + + {{ i }} +   {{ line }} +
+ {% endif %} {% else %} {% if line.startswith('global') %} {{ line }} @@ -231,7 +282,7 @@
{% if configver %}
-
+
{% if role <= 3 %} {% if not is_serv_protected or role <= 2 %}
@@ -247,5 +298,5 @@ {% endif %} {% endif %}
Note: If you reconfigure Master server, Slave will reconfigured automatically
-
+ {% endif %} \ No newline at end of file diff --git a/app/templates/base.html b/app/templates/base.html index 41e87202..fea7136f 100644 --- a/app/templates/base.html +++ b/app/templates/base.html @@ -47,7 +47,7 @@
- + logo @@ -235,17 +235,17 @@
- About - Help - SD - Contacts - Cabinet - Legal + About + Help + SD + Contacts + Cabinet + Legal
diff --git a/app/templates/config.html b/app/templates/config.html index 6621dcf9..52f54c55 100644 --- a/app/templates/config.html +++ b/app/templates/config.html @@ -22,23 +22,16 @@ {% endif %} {% endfor %} - {% if service != 'keepalived' %} Open + {% if service != 'keepalived' %} Stat {% endif %} {% if service != 'keepalived' and service != 'nginx'%} Map {% endif %} - {% if service != 'keepalived' %} - Compare - {% if role <= 3 %} - Versions - {% endif %} - {% else %} - {% if role <= 3 %} - - Versions - {% endif %} + Compare + {% if role <= 3 %} + Versions {% endif %}

@@ -61,18 +54,21 @@

-

- {% if service == 'haproxy' %} - - {% endif %} - - - {% if service != 'keepalived' %} - - {% endif %} +
+ {% if service == 'haproxy' %} + + {% endif %} + + + {% if service != 'keepalived' %} + + {% endif %} + {% if service != 'keepalived' %} +
Note: When reconfiguring the master server, the slave will be reconfigured automatically
+ {% endif %} +

-
Note: When reconfiguring the master server, the slave will be reconfigured automatically
{% endif %} {% endif %}
diff --git a/app/templates/hapservers.html b/app/templates/hapservers.html index d6338e28..62215df9 100644 --- a/app/templates/hapservers.html +++ b/app/templates/hapservers.html @@ -30,7 +30,7 @@ var hostnamea = [] {% for s in servers %} ip.push("{{s[2]}}") - var host = "{{s[1]}}" + var host = "{{s[2]}}" host = host.replace(/\./g, '\\.'); hostnamea.push(host) {% endfor %} @@ -90,7 +90,7 @@ showOverviewServer('{{s.1}}', server_ip, '{{s.0}}', '{{service}}'); {% if service == 'nginx' %} showNginxConnections(server_ip) - {% else %} + {% elif service == 'haproxy' %} showBytes(server_ip) {% endif %} } @@ -115,12 +115,18 @@ {% set checker_desc = 'Checker monitors Nginx services. If Nginx service is down, Checker will alert via Telegram' %} {% set is_auto_start_enabled = s.8.0.17 %} {% set is_checker_enabled = s.8.0.19 %} - {% if s.5.0.3 == 'active' %} + {% if s.5.0.1 == 'active' %} {% set additional_status_class = 'div-server-head-up' %} {% else %} {% set additional_status_class = 'div-server-head-down' %} {% endif %} - {% else %} + {% elif service == 'keepalived' %} + {% if s.5.0.1 == 'active' %} + {% set additional_status_class = 'div-server-head-up' %} + {% else %} + {% set additional_status_class = 'div-server-head-down' %} + {% endif %} + {% elif service == 'haproxy' %} {% set checker_desc = 'Checker monitors HAProxy services and its backends. If some backend or HAProxy service is down, Checker will alert via Telegram' %} {% set is_auto_start_enabled = s.8.0.12 %} {% set is_checker_enabled = s.8.0.8 %} @@ -134,8 +140,8 @@
- {% if service == 'nginx' %} - {% if s.5.0.3 == 'active' %} + {% if service == 'nginx' or service == 'keepalived' %} + {% if s.5.0.1 == 'active' %} {% else %} @@ -152,7 +158,7 @@ {% else %} {{s.1}} {% endif %} - {% if s.6|int() >= 1 %} + {% if s.6|int() >= 1 and service != 'keepalived' %} = 1 %} class="shield green" title="Auto start enabled"> @@ -168,6 +174,8 @@ {% if service == 'nginx' %} {% set action_service = 'nginx' %} + {% elif service == 'keepalived' %} + {% set action_service = 'keepalived' %} {% else %} {% set action_service = 'hap' %} {% endif %} @@ -189,10 +197,15 @@
{{s.3}}
- {% if service == 'nginx' %} - Version: {{s.5.0.2}} Process_num: {{s.5.0.5}} {% if s.5.0.3 == 'active' %} + {% if service == 'nginx' or service == 'keepalived' %} + Version: {{s.5.0.0}} Process_num: {{s.5.0.3}}
- Uptime: {% else %} Downtime: {% endif %} {{s.5.0.4}} + {% if s.5.0.1 == 'active' %} + Uptime: + {% else %} + Downtime: + {% endif %} + {{s.5.0.2}} {% else %} {% if s.5.0 is defined %} {{s.5.0.0}} {{s.5.0.1}} @@ -204,16 +217,16 @@ {% endif %} Last edit: - +
- IP: {{s.2}} + IP: {{s.2}} {% if s.7.0.0 != None %} - Master for: {{ s.7.0.1 }} + Master for: {{ s.7.0.1 }} {% endif %}
- Open + {% if service != 'keepalived' %} + Config + {% else %} + Config + {% endif %} Compare - {% if service != 'nginx' %} + {% if service != 'nginx' and service != 'keepalived' %} Map {% endif %} - Stats - Log + {% if service != 'keepalived' %} + Stat + Log + {% endif %} {% if role <= 2 %} - Versions + Versions {% endif %}
@@ -256,11 +275,13 @@
{% if service == 'haproxy' %} Backends: + {% elif service == 'keepalived' %} + VRRP addresses: {% else %} Virtual hosts: {% endif %}
-
+
{% endif %} {% endfor %} diff --git a/app/templates/include/admin_add_server.html b/app/templates/include/admin_add_server.html index cc3dadd9..b41a4c67 100644 --- a/app/templates/include/admin_add_server.html +++ b/app/templates/include/admin_add_server.html @@ -27,19 +27,23 @@ {{ checkbox('typeip') }} + Scan the server + {{ checkbox('scan_server', checked='checked') }} + + HAProxy {{ checkbox('haproxy') }} - + Nginx {{ checkbox('nginx') }} - + Firewall {{ checkbox('firewall') }} - Slave for + Slave for