github
/
haproxy-wi
mirror of https://github.com/Aidaho12/haproxy-wi
1
0
Fork 0
Code Issues Releases Wiki Activity

v6.0.2.0 

Changelog: https://roxy-wi.org/changelog.py#6_0_2
pull/328/head
Pavel Loginov 2022-05-25 11:21:44 +03:00
parent 4fa061df97
commit c016f706f1
7 changed files with 292 additions and 321 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
app/add.py
View File

@ -15,12 +15,10 @@ print('Content-type: text/html\n')
funct.check_login(service=1) funct.check_login(service=1)
funct.page_for_admin(level=3) funct.page_for_admin(level=3)
if ( if all(v is None for v in [
form.getvalue('mode') is None and form.getvalue('mode'), form.getvalue('new_userlist'),
form.getvalue('new_userlist') is None and form.getvalue('peers-name'), form.getvalue('generateconfig')
form.getvalue('peers-name') is None and ]):
form.getvalue('generateconfig') is None
):
try: try:
user, user_id, role, token, servers, user_services = funct.get_users_params(haproxy=1) user, user_id, role, token, servers, user_services = funct.get_users_params(haproxy=1)
cookie = http.cookies.SimpleCookie(os.environ.get("HTTP_COOKIE")) cookie = http.cookies.SimpleCookie(os.environ.get("HTTP_COOKIE"))

288
app/funct.py
View File

@ -9,9 +9,11 @@ def is_ip_or_dns(server_from_request: str) -> str:
ip_regex = "^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])$" ip_regex = "^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])$"
dns_regex = "^(?!-)[A-Za-z0-9-]+([\\-\\.]{1}[a-z0-9]+)*\\.[A-Za-z]{2,6}$" dns_regex = "^(?!-)[A-Za-z0-9-]+([\\-\\.]{1}[a-z0-9]+)*\\.[A-Za-z]{2,6}$"
try: try:
if server_from_request in ('roxy-wi-checker', 'roxy-wi-keep_alive', 'roxy-wi-keep-alive', 'roxy-wi-metrics', if server_from_request in (
'roxy-wi-portscanner', 'roxy-wi-smon', 'roxy-wi-socket', 'fail2ban', 'prometheus', 'roxy-wi-checker', 'roxy-wi-keep_alive', 'roxy-wi-keep-alive', 'roxy-wi-metrics',
'all', 'grafana-server', 'rabbitmq-server'): 'roxy-wi-portscanner', 'roxy-wi-smon', 'roxy-wi-socket', 'fail2ban', 'prometheus',
'all', 'grafana-server', 'rabbitmq-server'
):
return server_from_request return server_from_request
if re.match(ip_regex, server_from_request): if re.match(ip_regex, server_from_request):
return server_from_request return server_from_request
@ -20,7 +22,7 @@ def is_ip_or_dns(server_from_request: str) -> str:
return server_from_request return server_from_request
else: else:
return '' return ''
except: except Exception:
return '' return ''
@ -122,7 +124,7 @@ def logging(server_ip, action, **kwargs):
log_path = get_config_var('main', 'log_path') log_path = get_config_var('main', 'log_path')
try: try:
user_group = get_user_group() user_group = get_user_group()
except: except Exception:
user_group = '' user_group = ''
if not os.path.exists(log_path): if not os.path.exists(log_path):
@ -142,7 +144,7 @@ def logging(server_ip, action, **kwargs):
try: try:
if len(login_name) > 1: if len(login_name) > 1:
login = kwargs.get('login') login = kwargs.get('login')
except: except Exception:
login = '' login = ''
try: try:
@ -164,15 +166,15 @@ def logging(server_ip, action, **kwargs):
print(str(e)) print(str(e))
else: else:
mess = get_data('date_in_log') + " " + action + " from " + ip + "\n" mess = get_data('date_in_log') + " " + action + " from " + ip + "\n"
log = open(log_path + "/roxy-wi-"+get_data('logs')+".log", "a") log = open(log_path + "/roxy-wi-" + get_data('logs') + ".log", "a")
elif kwargs.get('provisioning') == 1: elif kwargs.get('provisioning') == 1:
mess = get_data('date_in_log') + " from " + ip + " user: " + login + ", group: " + user_group + ", " + \ mess = get_data('date_in_log') + " from " + ip + " user: " + login + ", group: " + user_group + ", " + \
action + "\n" action + "\n"
log = open(log_path + "/provisioning-"+get_data('logs')+".log", "a") log = open(log_path + "/provisioning-" + get_data('logs') + ".log", "a")
else: else:
mess = get_data('date_in_log') + " from " + ip + " user: " + login + ", group: " + user_group + ", " + \ mess = get_data('date_in_log') + " from " + ip + " user: " + login + ", group: " + user_group + ", " + \
action + " for: " + server_ip + "\n" action + " for: " + server_ip + "\n"
log = open(log_path + "/config_edit-"+get_data('logs')+".log", "a") log = open(log_path + "/config_edit-" + get_data('logs') + ".log", "a")
if kwargs.get('keep_history'): if kwargs.get('keep_history'):
keep_action_history(kwargs.get('service'), action, server_ip, login, ip) keep_action_history(kwargs.get('service'), action, server_ip, login, ip)
@ -259,7 +261,7 @@ def slack_send_mess(mess, **kwargs):
client = WebClient(token=slack_token) client = WebClient(token=slack_token)
try: try:
client.chat_postMessage(channel='#'+channel_name, text=mess) client.chat_postMessage(channel='#' + channel_name, text=mess)
except SlackApiError as e: except SlackApiError as e:
print('error: ' + str(e)) print('error: ' + str(e))
logging('localhost', str(e), haproxywi=1) logging('localhost', str(e), haproxywi=1)
@ -360,13 +362,13 @@ def return_ssh_keys_path(server_ip, **kwargs):
ssh_enable = sshs.enable ssh_enable = sshs.enable
ssh_user_name = sshs.username ssh_user_name = sshs.username
ssh_user_password = sshs.password ssh_user_password = sshs.password
ssh_key_name = full_path+'/keys/%s.pem' % sshs.name ssh_key_name = full_path + '/keys/%s.pem' % sshs.name
else: else:
for sshs in sql.select_ssh(serv=server_ip): for sshs in sql.select_ssh(serv=server_ip):
ssh_enable = sshs.enable ssh_enable = sshs.enable
ssh_user_name = sshs.username ssh_user_name = sshs.username
ssh_user_password = sshs.password ssh_user_password = sshs.password
ssh_key_name = full_path+'/keys/%s.pem' % sshs.name ssh_key_name = full_path + '/keys/%s.pem' % sshs.name
return ssh_enable, ssh_user_name, ssh_user_password, ssh_key_name return ssh_enable, ssh_user_name, ssh_user_password, ssh_key_name
@ -421,8 +423,10 @@ def get_config(server_ip, cfg, **kwargs):
if kwargs.get("keepalived") or kwargs.get("service") == 'keepalived': if kwargs.get("keepalived") or kwargs.get("service") == 'keepalived':
config_path = "/etc/keepalived/keepalived.conf" config_path = "/etc/keepalived/keepalived.conf"
elif (kwargs.get("nginx") or kwargs.get("service") == 'nginx' or elif (
kwargs.get("apache") or kwargs.get("service") == 'apache'): kwargs.get("nginx") or kwargs.get("service") == 'nginx'
or kwargs.get("apache") or kwargs.get("service") == 'apache'
):
config_path = kwargs.get('config_file_name') config_path = kwargs.get('config_file_name')
elif kwargs.get("waf") or kwargs.get("service") == 'waf': elif kwargs.get("waf") or kwargs.get("service") == 'waf':
config_path = sql.get_setting('haproxy_dir') + '/waf/rules/' + kwargs.get("waf_rule_file") config_path = sql.get_setting('haproxy_dir') + '/waf/rules/' + kwargs.get("waf_rule_file")
@ -479,7 +483,7 @@ def diff_config(oldcfg, cfg, **kwargs):
diff += date + " user: " + login + ", group: " + user_group + " " + line + "\n" diff += date + " user: " + login + ", group: " + user_group + " " + line + "\n"
try: try:
log = open(log_path + "/config_edit-"+get_data('logs')+".log", "a") log = open(log_path + "/config_edit-" + get_data('logs') + ".log", "a")
log.write(diff) log.write(diff)
log.close() log.close()
except IOError: except IOError:
@ -489,20 +493,22 @@ def diff_config(oldcfg, cfg, **kwargs):
def get_remote_sections(server_ip: str, service: str) -> str: def get_remote_sections(server_ip: str, service: str) -> str:
import sql import sql
remote_dir = service+'_dir' remote_dir = service + '_dir'
config_dir = sql.get_setting(remote_dir) config_dir = sql.get_setting(remote_dir)
config_dir = return_nice_path(config_dir) config_dir = return_nice_path(config_dir)
if service == 'nginx': if service == 'nginx':
section_name = 'server_name' section_name = 'server_name'
commands = [ commands = [
'sudo grep {} {}* -R |grep -v \'${}\|#\'|awk \'{{print $1, $3}}\''.format(section_name, config_dir, 'sudo grep {} {}* -R |grep -v \'${}\|#\'|awk \'{{print $1, $3}}\''.format(
section_name)] section_name, config_dir, section_name
)]
elif service == 'apache': elif service == 'apache':
section_name = 'ServerName' section_name = 'ServerName'
commands = [ commands = [
'sudo grep {} {}*/*.conf -R |grep -v \'${}\|#\'|awk \'{{print $1, $3}}\''.format(section_name, config_dir, 'sudo grep {} {}*/*.conf -R |grep -v \'${}\|#\'|awk \'{{print $1, $3}}\''.format(
section_name)] section_name, config_dir, section_name
)]
backends = ssh_command(server_ip, commands) backends = ssh_command(server_ip, commands)
@ -520,18 +526,10 @@ def get_sections(config, **kwargs):
if find_ip: if find_ip:
return_config.append(find_ip[0]) return_config.append(find_ip[0])
else: else:
if line.startswith(('global', if line.startswith((
'listen', 'global', 'listen', 'frontend', 'backend', 'cache', 'defaults', '#HideBlockStart',
'frontend', '#HideBlockEnd', 'peers', 'resolvers', 'userlist', 'http-errors'
'backend', )):
'cache',
'defaults',
'#HideBlockStart',
'#HideBlockEnd',
'peers',
'resolvers',
'userlist',
'http-errors')):
line = line.strip() line = line.strip()
return_config.append(line) return_config.append(line)
@ -551,18 +549,10 @@ def get_section_from_config(config, section):
record = True record = True
continue continue
if record: if record:
if line.startswith(('global', if line.startswith((
'listen', 'global', 'listen', 'frontend', 'backend', 'cache', 'defaults', '#HideBlockStart',
'frontend', '#HideBlockEnd', 'peers', 'resolvers', 'userlist', 'http-errors'
'backend', )):
'cache',
'defaults',
'#HideBlockStart',
'#HideBlockEnd',
'peers',
'resolvers',
'userlist',
'http-errors')):
record = False record = False
end_line = index end_line = index
end_line = end_line - 1 end_line = end_line - 1
@ -621,7 +611,7 @@ def get_backends_from_config(server_ip, backends=''):
except Exception as e: except Exception as e:
logging('localhost', str(e), haproxywi=1) logging('localhost', str(e), haproxywi=1)
try: try:
cfg = configs_dir + server_ip + "-" + get_data('config') + '.'+format_cfg cfg = configs_dir + server_ip + "-" + get_data('config') + '.' + format_cfg
except Exception: except Exception:
logging('localhost', ' Cannot generate cfg path', haproxywi=1) logging('localhost', ' Cannot generate cfg path', haproxywi=1)
return return
@ -667,7 +657,7 @@ def get_stick_table(table):
def show_installation_output(error, output, service): def show_installation_output(error, output, service):
if error and "WARNING" not in error: if error and "WARNING" not in error:
logging('localhost', error, haproxywi=1) logging('localhost', error, haproxywi=1)
print('error: '+error) print('error: ' + error)
return False return False
else: else:
for l in output: for l in output:
@ -722,11 +712,13 @@ def install_haproxy(server_ip, **kwargs):
syn_flood_protect = '1' if kwargs.get('syn_flood') == "1" else '' syn_flood_protect = '1' if kwargs.get('syn_flood') == "1" else ''
commands = ["chmod +x " + script + " && ./" + script + " PROXY=" + proxy_serv + commands = [
" SOCK_PORT=" + hap_sock_p + " STAT_PORT=" + stats_port + " STAT_FILE="+server_state_file + " DOCKER=" + docker + "chmod +x " + script + " && ./" + script + " PROXY=" + proxy_serv +
" SSH_PORT=" + ssh_port + " STATS_USER=" + stats_user + " CONT_NAME=" + container_name + " HAP_DIR=" + haproxy_dir + " SOCK_PORT=" + hap_sock_p + " STAT_PORT=" + stats_port + " STAT_FILE=" + server_state_file + " DOCKER=" + docker +
" STATS_PASS='" + stats_password + "' HAPVER=" + haproxy_ver + " SYN_FLOOD=" + syn_flood_protect + " SSH_PORT=" + ssh_port + " STATS_USER=" + stats_user + " CONT_NAME=" + container_name + " HAP_DIR=" + haproxy_dir +
" HOST=" + server_ip + " USER=" + ssh_user_name + " PASS='" + ssh_user_password + "' KEY=" + ssh_key_name] " STATS_PASS='" + stats_password + "' HAPVER=" + haproxy_ver + " SYN_FLOOD=" + syn_flood_protect +
" HOST=" + server_ip + " USER=" + ssh_user_name + " PASS='" + ssh_user_password + "' KEY=" + ssh_key_name
]
output, error = subprocess_execute(commands[0]) output, error = subprocess_execute(commands[0])
if server_for_installing: if server_for_installing:
@ -764,9 +756,11 @@ def waf_install(server_ip):
else: else:
proxy_serv = '' proxy_serv = ''
commands = ["chmod +x " + script + " && ./" + script + " PROXY=" + proxy_serv + " HAPROXY_PATH=" + haproxy_dir + commands = [
" VERSION='" + ver + "' SSH_PORT=" + ssh_port + " HOST=" + server_ip + "chmod +x " + script + " && ./" + script + " PROXY=" + proxy_serv + " HAPROXY_PATH=" + haproxy_dir +
" USER=" + ssh_user_name + " PASS='" + ssh_user_password + "' KEY=" + ssh_key_name] " VERSION='" + ver + "' SSH_PORT=" + ssh_port + " HOST=" + server_ip +
" USER=" + ssh_user_name + " PASS='" + ssh_user_password + "' KEY=" + ssh_key_name
]
output, error = subprocess_execute(commands[0]) output, error = subprocess_execute(commands[0])
@ -811,10 +805,12 @@ def install_nginx(server_ip, **kwargs):
syn_flood_protect = '1' if form.getvalue('syn_flood') == "1" else '' syn_flood_protect = '1' if form.getvalue('syn_flood') == "1" else ''
commands = ["chmod +x " + script + " && ./" + script + " PROXY=" + proxy_serv + " STATS_USER=" + stats_user + commands = [
" STATS_PASS='" + stats_password + "' SSH_PORT=" + ssh_port + " CONFIG_PATH=" + config_path + " CONT_NAME=" + container_name + "chmod +x " + script + " && ./" + script + " PROXY=" + proxy_serv + " STATS_USER=" + stats_user +
" STAT_PORT=" + stats_port + " STAT_PAGE=" + stats_page+" SYN_FLOOD=" + syn_flood_protect + " DOCKER=" + docker + " nginx_dir=" + nginx_dir + " STATS_PASS='" + stats_password + "' SSH_PORT=" + ssh_port + " CONFIG_PATH=" + config_path + " CONT_NAME=" + container_name +
" HOST=" + server_ip + " USER=" + ssh_user_name + " PASS='" + ssh_user_password + "' KEY=" + ssh_key_name] " STAT_PORT=" + stats_port + " STAT_PAGE=" + stats_page + " SYN_FLOOD=" + syn_flood_protect + " DOCKER=" + docker + " nginx_dir=" + nginx_dir +
" HOST=" + server_ip + " USER=" + ssh_user_name + " PASS='" + ssh_user_password + "' KEY=" + ssh_key_name
]
output, error = subprocess_execute(commands[0]) output, error = subprocess_execute(commands[0])
if server_for_installing: if server_for_installing:
@ -878,7 +874,7 @@ def upload(server_ip, path, file, **kwargs):
except Exception as e: except Exception as e:
error = str(e.args) error = str(e.args)
logging('localhost', error, haproxywi=1) logging('localhost', error, haproxywi=1)
print(' Cannot upload '+file+' to '+full_path+' to server: '+server_ip+' error: ' + error) print(' Cannot upload ' + file + ' to ' + full_path + ' to server: ' + server_ip + ' error: ' + error)
return error return error
try: try:
@ -886,7 +882,7 @@ def upload(server_ip, path, file, **kwargs):
except Exception as e: except Exception as e:
error = str(e.args) error = str(e.args)
logging('localhost', error, haproxywi=1) logging('localhost', error, haproxywi=1)
print('Cannot upload '+file+' to '+full_path+' to server: '+server_ip+' error: ' + error) print('Cannot upload ' + file + ' to ' + full_path + ' to server: ' + server_ip + ' error: ' + error)
return error return error
try: try:
@ -967,7 +963,7 @@ def upload_and_restart(server_ip, cfg, **kwargs):
login = 1 login = 1
try: try:
os.system("dos2unix "+cfg) os.system("dos2unix " + cfg)
except OSError: except OSError:
return 'Please install dos2unix' return 'Please install dos2unix'
@ -1073,26 +1069,19 @@ def master_slave_upload_and_restart(server_ip, cfg, just_save, **kwargs):
masters = sql.is_master(server_ip) masters = sql.is_master(server_ip)
for master in masters: for master in masters:
if master[0] is not None: if master[0] is not None:
error = upload_and_restart(master[0], error = upload_and_restart(
cfg, master[0], cfg, just_save=just_save, nginx=kwargs.get('nginx'),
just_save=just_save, apache=kwargs.get('apache'), config_file_name=kwargs.get('config_file_name'), slave=1
nginx=kwargs.get('nginx'), )
apache=kwargs.get('apache'),
config_file_name=kwargs.get('config_file_name'),
slave=1)
if kwargs.get('login'): if kwargs.get('login'):
login = kwargs.get('login') login = kwargs.get('login')
else: else:
login = '' login = ''
error = upload_and_restart(server_ip, error = upload_and_restart(
cfg, server_ip, cfg, just_save=just_save, nginx=kwargs.get('nginx'), apache=kwargs.get('apache'),
just_save=just_save, config_file_name=kwargs.get('config_file_name'), oldcfg=kwargs.get('oldcfg'), login=login
nginx=kwargs.get('nginx'), )
apache=kwargs.get('apache'),
config_file_name=kwargs.get('config_file_name'),
oldcfg=kwargs.get('oldcfg'),
login=login)
return error return error
@ -1116,7 +1105,7 @@ def open_port_firewalld(cfg, server_ip, **kwargs):
listen = listen.split(";")[0] listen = listen.split(";")[0]
try: try:
listen = int(listen) listen = int(listen)
ports += str(listen)+' ' ports += str(listen) + ' '
firewalld_commands += ' sudo firewall-cmd --zone=public --add-port=%s/tcp --permanent -q &&' % str(listen) firewalld_commands += ' sudo firewall-cmd --zone=public --add-port=%s/tcp --permanent -q &&' % str(listen)
except Exception: except Exception:
pass pass
@ -1132,7 +1121,7 @@ def open_port_firewalld(cfg, server_ip, **kwargs):
try: try:
bind = int(bind) bind = int(bind)
firewalld_commands += ' sudo firewall-cmd --zone=public --add-port=%s/tcp --permanent -q &&' % str(bind) firewalld_commands += ' sudo firewall-cmd --zone=public --add-port=%s/tcp --permanent -q &&' % str(bind)
ports += str(bind)+' ' ports += str(bind) + ' '
except Exception: except Exception:
pass pass
except Exception: except Exception:
@ -1192,9 +1181,9 @@ def show_log(stdout, **kwargs):
if kwargs.get("html") != 0: if kwargs.get("html") != 0:
i = i + 1 i = i + 1
if kwargs.get('grep'): if kwargs.get('grep'):
line = line.replace(grep, '<span style="color: red; font-weight: bold;">'+grep+'</span>') line = line.replace(grep, '<span style="color: red; font-weight: bold;">' + grep + '</span>')
line_class = "line3" if i % 2 == 0 else "line" line_class = "line3" if i % 2 == 0 else "line"
out += '<div class="'+line_class+'">' + line + '</div>' out += '<div class="' + line_class + '">' + line + '</div>'
else: else:
out += line out += line
@ -1216,9 +1205,9 @@ def show_finding_in_config(stdout: str, **kwargs) -> str:
for line in stdout: for line in stdout:
i = i + 1 i = i + 1
if kwargs.get('grep'): if kwargs.get('grep'):
line = line.replace(grep, '<span style="color: red; font-weight: bold;">'+grep+'</span>') line = line.replace(grep, '<span style="color: red; font-weight: bold;">' + grep + '</span>')
line_class = "line" if '--' in line else "line3" line_class = "line" if '--' in line else "line3"
out += '<div class="'+line_class+'">' + line + '</div>' out += '<div class="' + line_class + '">' + line + '</div>'
out += '<div class="line">--</div>' out += '<div class="line">--</div>'
@ -1229,8 +1218,8 @@ def show_haproxy_log(serv, rows=10, waf='0', grep=None, hour='00', minut='00', h
import sql import sql
exgrep = form.getvalue('exgrep') exgrep = form.getvalue('exgrep')
log_file = form.getvalue('file') log_file = form.getvalue('file')
date = hour+':'+minut date = hour + ':' + minut
date1 = hour1+':'+minut1 date1 = hour1 + ':' + minut1
cmd = '' cmd = ''
if grep is not None: if grep is not None:
@ -1273,11 +1262,11 @@ def show_haproxy_log(serv, rows=10, waf='0', grep=None, hour='00', minut='00', h
apache_log_path = sql.get_setting('apache_log_path') apache_log_path = sql.get_setting('apache_log_path')
if serv == 'roxy-wi.access.log': if serv == 'roxy-wi.access.log':
cmd = "sudo cat {}| awk -F\"/|:\" '$3>\"{}:00\" && $3<\"{}:00\"' |tail -{} {} {}".format(apache_log_path+"/"+serv, date, date1, rows, grep_act, exgrep_act) cmd = "sudo cat {}| awk -F\"/|:\" '$3>\"{}:00\" && $3<\"{}:00\"' |tail -{} {} {}".format(apache_log_path + "/" + serv, date, date1, rows, grep_act, exgrep_act)
elif serv == 'roxy-wi.error.log': elif serv == 'roxy-wi.error.log':
cmd = "sudo cat {}| awk '$4>\"{}:00\" && $4<\"{}:00\"' |tail -{} {} {}".format(apache_log_path+"/"+serv, date, date1, rows, grep_act, exgrep_act) cmd = "sudo cat {}| awk '$4>\"{}:00\" && $4<\"{}:00\"' |tail -{} {} {}".format(apache_log_path + "/" + serv, date, date1, rows, grep_act, exgrep_act)
elif serv == 'fail2ban.log': elif serv == 'fail2ban.log':
cmd = "sudo cat {}| awk -F\"/|:\" '$3>\"{}:00\" && $3<\"{}:00\"' |tail -{} {} {}".format("/var/log/"+serv, date, date1, rows, grep_act, exgrep_act) cmd = "sudo cat {}| awk -F\"/|:\" '$3>\"{}:00\" && $3<\"{}:00\"' |tail -{} {} {}".format("/var/log/" + serv, date, date1, rows, grep_act, exgrep_act)
output, stderr = subprocess_execute(cmd) output, stderr = subprocess_execute(cmd)
@ -1318,9 +1307,9 @@ def haproxy_wi_log(**kwargs):
selects = get_files(log_path, format="log") selects = get_files(log_path, format="log")
for key, value in selects: for key, value in selects:
if kwargs.get('with_date'): if kwargs.get('with_date'):
log_file = kwargs.get('file')+get_data('logs')+".log" log_file = kwargs.get('file') + get_data('logs') + ".log"
else: else:
log_file = kwargs.get('file')+".log" log_file = kwargs.get('file') + ".log"
if log_file == value: if log_file == value:
return key return key
else: else:
@ -1330,18 +1319,18 @@ def haproxy_wi_log(**kwargs):
group_grep = '|grep "group: ' + user_group + '"' group_grep = '|grep "group: ' + user_group + '"'
else: else:
group_grep = '' group_grep = ''
cmd = "find "+log_path+"/roxy-wi-* -type f -exec stat --format '%Y :%y %n' '{}' \; | sort -nr | cut -d: -f2- | head -1 |awk '{print $4}' |xargs tail"+group_grep+"|sort -r" cmd = "find " + log_path + "/roxy-wi-* -type f -exec stat --format '%Y :%y %n' '{}' \; | sort -nr | cut -d: -f2- | head -1 |awk '{print $4}' |xargs tail" + group_grep + "|sort -r"
try: try:
output, stderr = subprocess_execute(cmd) output, stderr = subprocess_execute(cmd)
return output return output
except: except Exception:
return '' return ''
def show_ip(stdout): def show_ip(stdout):
for line in stdout: for line in stdout:
if "Permission denied" in line: if "Permission denied" in line:
print('error: '+line) print('error: ' + line)
else: else:
print(line) print(line)
@ -1395,8 +1384,8 @@ def ssh_command(server_ip, commands, **kwargs):
for line in stderr.read().decode(encoding='UTF-8'): for line in stderr.read().decode(encoding='UTF-8'):
if line: if line:
print("<div class='alert alert-warning'>"+line+"</div>") print("<div class='alert alert-warning'>" + line + "</div>")
logging('localhost', ' '+line, haproxywi=1) logging('localhost', ' ' + line, haproxywi=1)
def subprocess_execute(cmd): def subprocess_execute(cmd):
@ -1415,7 +1404,7 @@ def show_backends(server_ip, **kwargs):
cmd = 'echo "show backend" |nc %s %s' % (server_ip, hap_sock_p) cmd = 'echo "show backend" |nc %s %s' % (server_ip, hap_sock_p)
output, stderr = subprocess_execute(cmd) output, stderr = subprocess_execute(cmd)
if stderr: if stderr:
logging('localhost', ' '+stderr, haproxywi=1) logging('localhost', ' ' + stderr, haproxywi=1)
if kwargs.get('ret'): if kwargs.get('ret'):
ret = list() ret = list()
else: else:
@ -1442,7 +1431,7 @@ def get_files(dir=get_config_var('configs', 'haproxy_save_configs_dir'), format=
file = set() file = set()
return_files = set() return_files = set()
i = 0 i = 0
for files in sorted(glob.glob(os.path.join(dir, '*.'+format+'*'))): for files in sorted(glob.glob(os.path.join(dir, '*.' + format + '*'))):
if format == 'log': if format == 'log':
file += [(i, files.split('/')[5])] file += [(i, files.split('/')[5])]
else: else:
@ -1471,10 +1460,12 @@ def get_remote_files(server_ip: str, config_dir: str, file_format: str):
def return_nice_path(return_path: str) -> str: def return_nice_path(return_path: str) -> str:
if ('nginx' not in return_path and if (
'haproxy' not in return_path and 'nginx' not in return_path
'apache2' not in return_path and and 'haproxy' not in return_path
'httpd' not in return_path): and 'apache2' not in return_path
and 'httpd' not in return_path
):
return 'error: The path must contain the name of the service. Check it in Roxy-WI settings' return 'error: The path must contain the name of the service. Check it in Roxy-WI settings'
if return_path[-1] != '/': if return_path[-1] != '/':
return_path += '/' return_path += '/'
@ -1499,7 +1490,7 @@ def check_new_version(**kwargs):
res = '' res = ''
if kwargs.get('service'): if kwargs.get('service'):
last_ver = '_'+kwargs.get('service') last_ver = '_' + kwargs.get('service')
else: else:
last_ver = '' last_ver = ''
@ -1508,12 +1499,12 @@ def check_new_version(**kwargs):
try: try:
if proxy is not None and proxy != '' and proxy != 'None': if proxy is not None and proxy != '' and proxy != 'None':
proxy_dict = {"https": proxy, "http": proxy} proxy_dict = {"https": proxy, "http": proxy}
response = requests.get('https://roxy-wi.org/update.py?last_ver'+last_ver+'=1', timeout=1, proxies=proxy_dict) response = requests.get('https://roxy-wi.org/update.py?last_ver' + last_ver + '=1', timeout=1, proxies=proxy_dict)
requests.get('https://roxy-wi.org/update.py?ver_send='+current_ver, timeout=1, proxies=proxy_dict) requests.get('https://roxy-wi.org/update.py?ver_send=' + current_ver, timeout=1, proxies=proxy_dict)
response_status = requests.get('https://roxy-wi.org/update.py?user_name='+user_name, timeout=1, proxies=proxy_dict) response_status = requests.get('https://roxy-wi.org/update.py?user_name=' + user_name, timeout=1, proxies=proxy_dict)
else: else:
response = requests.get('https://roxy-wi.org/update.py?last_ver'+last_ver+'=1', timeout=1) response = requests.get('https://roxy-wi.org/update.py?last_ver' + last_ver + '=1', timeout=1)
requests.get('https://roxy-wi.org/update.py?ver_send='+current_ver, timeout=1) requests.get('https://roxy-wi.org/update.py?ver_send=' + current_ver, timeout=1)
response_status = requests.get('https://roxy-wi.org/update.py?user_name=' + user_name, timeout=1) response_status = requests.get('https://roxy-wi.org/update.py?user_name=' + user_name, timeout=1)
res = response.content.decode(encoding='UTF-8') res = response.content.decode(encoding='UTF-8')
@ -1521,10 +1512,10 @@ def check_new_version(**kwargs):
status = response_status.content.decode(encoding='UTF-8') status = response_status.content.decode(encoding='UTF-8')
status = status.split(' ') status = status.split(' ')
sql.update_user_status(status[0], status[1].strip(), status[2].strip()) sql.update_user_status(status[0], status[1].strip(), status[2].strip())
except: except Exception:
pass pass
except requests.exceptions.RequestException as e: except requests.exceptions.RequestException as e:
logging('localhost', ' '+str(e), haproxywi=1) logging('localhost', ' ' + str(e), haproxywi=1)
return res return res
@ -1582,7 +1573,7 @@ def get_users_params(**kwargs):
user_id = sql.get_user_id_by_uuid(user_uuid.value) user_id = sql.get_user_id_by_uuid(user_uuid.value)
user_services = sql.select_user_services(user_id) user_services = sql.select_user_services(user_id)
token = sql.get_token(user_uuid.value) token = sql.get_token(user_uuid.value)
except: except Exception:
print('<meta http-equiv="refresh" content="0; url=/app/login.py">') print('<meta http-equiv="refresh" content="0; url=/app/login.py">')
if kwargs.get('virt') and kwargs.get('haproxy'): if kwargs.get('virt') and kwargs.get('haproxy'):
@ -1639,7 +1630,7 @@ def check_is_server_in_group(server_ip):
def check_service(server_ip, service_name): def check_service(server_ip, service_name):
server_ip = is_ip_or_dns(server_ip) server_ip = is_ip_or_dns(server_ip)
commands = ["systemctl is-active "+service_name] commands = ["systemctl is-active " + service_name]
return ssh_command(server_ip, commands) return ssh_command(server_ip, commands)
@ -1664,16 +1655,18 @@ def get_services_status():
import distro import distro
services = [] services = []
is_in_docker = is_docker() is_in_docker = is_docker()
services_name = {'roxy-wi-checker': 'Checker backends master service', services_name = {
'roxy-wi-keep_alive': 'Auto start service', 'roxy-wi-checker': 'Checker backends master service',
'roxy-wi-metrics': 'Metrics master service', 'roxy-wi-keep_alive': 'Auto start service',
'roxy-wi-portscanner': 'Port scanner service', 'roxy-wi-metrics': 'Metrics master service',
'roxy-wi-smon': 'Simple monitoring network ports', 'roxy-wi-portscanner': 'Port scanner service',
'roxy-wi-socket': 'Socket service', 'roxy-wi-smon': 'Simple monitoring network ports',
'prometheus': 'Prometheus service', 'roxy-wi-socket': 'Socket service',
'grafana-server': 'Grafana service', 'prometheus': 'Prometheus service',
'fail2ban': 'Fail2ban service', 'grafana-server': 'Grafana service',
'rabbitmq-server': 'Message broker service'} 'fail2ban': 'Fail2ban service',
'rabbitmq-server': 'Message broker service'
}
for s, v in services_name.items(): for s, v in services_name.items():
if is_in_docker: if is_in_docker:
cmd = "sudo supervisorctl status " + s + "|awk '{print $2}'" cmd = "sudo supervisorctl status " + s + "|awk '{print $2}'"
@ -1799,10 +1792,12 @@ def get_system_info(server_ip: str) -> bool:
size = str(size) + 'Gb' size = str(size) + 'Gb'
fs = volume_info['configuration']['mount.fstype'] fs = volume_info['configuration']['mount.fstype']
state = volume_info['configuration']['state'] state = volume_info['configuration']['state']
disks[volume_name] = {'mount_point': mount_point, disks[volume_name] = {
'size': size, 'mount_point': mount_point,
'fs': fs, 'size': size,
'state': state} 'fs': fs,
'state': state
}
except Exception: except Exception:
pass pass
@ -1813,8 +1808,10 @@ def get_system_info(server_ip: str) -> bool:
if s['class'] == 'network': if s['class'] == 'network':
if 'children' in s: if 'children' in s:
for net in s['children']: for net in s['children']:
network[net['logicalname']] = {'description': net['description'], network[net['logicalname']] = {
'mac': net['serial']} 'description': net['description'],
'mac': net['serial']
}
if s['class'] == 'storage': if s['class'] == 'storage':
for p, pval in s.items(): for p, pval in s.items():
if isinstance(pval, list): if isinstance(pval, list):
@ -1828,10 +1825,12 @@ def get_system_info(server_ip: str) -> bool:
size = str(size) + 'Gb' size = str(size) + 'Gb'
fs = volume_info['configuration']['mount.fstype'] fs = volume_info['configuration']['mount.fstype']
state = volume_info['configuration']['state'] state = volume_info['configuration']['state']
disks[volume_name] = {'mount_point': mount_point, disks[volume_name] = {
'size': size, 'mount_point': mount_point,
'fs': fs, 'size': size,
'state': state} 'fs': fs,
'state': state
}
for z, n in s.items(): for z, n in s.items():
if isinstance(n, list): if isinstance(n, list):
for y in n: for y in n:
@ -1865,10 +1864,12 @@ def get_system_info(server_ip: str) -> bool:
size = str(size) + 'Gb' size = str(size) + 'Gb'
fs = q['configuration']['mount.fstype'] fs = q['configuration']['mount.fstype']
state = q['configuration']['state'] state = q['configuration']['state']
disks[volume_name] = {'mount_point': mount_point, disks[volume_name] = {
'size': size, 'mount_point': mount_point,
'fs': fs, 'size': size,
'state': state} 'fs': fs,
'state': state
}
except Exception as e: except Exception as e:
print(e) print(e)
except Exception: except Exception:
@ -1888,7 +1889,8 @@ def get_system_info(server_ip: str) -> bool:
'mount_point': mount_point, 'mount_point': mount_point,
'size': size, 'size': size,
'fs': fs, 'fs': fs,
'state': state} 'state': state
}
except Exception: except Exception:
pass pass
for w in o['children']: for w in o['children']:
@ -1904,7 +1906,8 @@ def get_system_info(server_ip: str) -> bool:
'mount_point': mount_point, 'mount_point': mount_point,
'size': size, 'size': size,
'fs': fs, 'fs': fs,
'state': state} 'state': state
}
except Exception: except Exception:
pass pass
except Exception: except Exception:
@ -1925,7 +1928,8 @@ def get_system_info(server_ip: str) -> bool:
'mount_point': mount_point, 'mount_point': mount_point,
'size': size, 'size': size,
'fs': fs, 'fs': fs,
'state': state} 'state': state
}
except Exception: except Exception:
pass pass
except Exception: except Exception:
@ -1956,10 +1960,12 @@ def send_message_to_rabbit(message: str, **kwargs) -> None:
rabbit_queue = sql.get_setting('rabbitmq_queue') rabbit_queue = sql.get_setting('rabbitmq_queue')
credentials = pika.PlainCredentials(rabbit_user, rabbit_password) credentials = pika.PlainCredentials(rabbit_user, rabbit_password)
parameters = pika.ConnectionParameters(rabbit_host, parameters = pika.ConnectionParameters(
rabbit_port, rabbit_host,
rabbit_vhost, rabbit_port,
credentials) rabbit_vhost,
credentials
)
connection = pika.BlockingConnection(parameters) connection = pika.BlockingConnection(parameters)
channel = connection.channel() channel = connection.channel()

2
app/hapservers.py
View File

@ -109,7 +109,7 @@ for s in servers:
container_name = sql.get_setting('nginx_container_name') container_name = sql.get_setting('nginx_container_name')
cmd = [ cmd = [
"docker exec -it " + container_name + " /usr/sbin/nginx -v 2>&1|awk '{print $3}' && " "docker exec -it " + container_name + " /usr/sbin/nginx -v 2>&1|awk '{print $3}' && "
"docker ps -a -f name="+container_name+" --format '{{.Status}}'|tail -1 && ps ax |grep nginx:" "docker ps -a -f name=" + container_name + " --format '{{.Status}}'|tail -1 && ps ax |grep nginx:"
"|grep -v grep |wc -l" "|grep -v grep |wc -l"
] ]
try: try:

235
app/sql.py
View File

@ -22,8 +22,10 @@ def out_error(error):
def add_user(user, email, password, role, activeuser, group): def add_user(user, email, password, role, activeuser, group):
if password != 'aduser': if password != 'aduser':
try: try:
User.insert(username=user, email=email, password=funct.get_hash(password), role=role, activeuser=activeuser, User.insert(
groups=group).execute() username=user, email=email, password=funct.get_hash(password), role=role, activeuser=activeuser,
groups=group
).execute()
except Exception as e: except Exception as e:
out_error(e) out_error(e)
return False return False
@ -31,8 +33,9 @@ def add_user(user, email, password, role, activeuser, group):
return True return True
else: else:
try: try:
User.insert(username=user, email=email, role=role, ldap_user=ldap_user, activeuser=activeuser, User.insert(
groups=group).execute() username=user, email=email, role=role, ldap_user=ldap_user, activeuser=activeuser, groups=group
).execute()
except Exception as e: except Exception as e:
out_error(e) out_error(e)
return False return False
@ -301,22 +304,16 @@ def update_hapwi_server(server_id, alert, metrics, active, service_name):
out_error(e) out_error(e)
def update_server(hostname, group, typeip, enable, master, server_id, cred, port, desc, haproxy, nginx, apache, def update_server(
firewall, protected): hostname, group, typeip, enable, master, server_id, cred, port, desc, haproxy, nginx, apache,
firewall, protected
):
try: try:
server_update = Server.update(hostname=hostname, server_update = Server.update(
groups=group, hostname=hostname, groups=group, type_ip=typeip, enable=enable, master=master, cred=cred,
type_ip=typeip, port=port, desc=desc, haproxy=haproxy, nginx=nginx, apache=apache, firewall_enable=firewall,
enable=enable, protected=protected
master=master, ).where(Server.server_id == server_id)
cred=cred,
port=port,
desc=desc,
haproxy=haproxy,
nginx=nginx,
apache=apache,
firewall_enable=firewall,
protected=protected).where(Server.server_id == server_id)
server_update.execute() server_update.execute()
except Exception as e: except Exception as e:
out_error(e) out_error(e)
@ -340,16 +337,15 @@ def select_users(**kwargs):
elif kwargs.get("id") is not None: elif kwargs.get("id") is not None:
query = User.select().where(User.user_id == kwargs.get("id")) query = User.select().where(User.user_id == kwargs.get("id"))
elif kwargs.get("group") is not None: elif kwargs.get("group") is not None:
query = (User. query = (User.select(
select(User, UserGroups, Case(0, [(( User, UserGroups, Case(
User.last_login_date >= funct.get_data('regular', timedelta_minutes_minus=15) 0, [((User.last_login_date >= funct.get_data('regular', timedelta_minutes_minus=15)), 0)], 1
), 0)], 1). ).alias('last_login')
alias('last_login')). ).join(UserGroups, on=(User.user_id == UserGroups.user_id)).where(
join(UserGroups, on=(User.user_id == UserGroups.user_id)). UserGroups.user_group_id == kwargs.get("group")
where(UserGroups.user_group_id == kwargs.get("group")) ))
)
else: else:
query = User.select(User,Case(0, [( query = User.select(User, Case(0, [(
( (
User.last_login_date >= funct.get_data('regular', timedelta_minutes_minus=15) User.last_login_date >= funct.get_data('regular', timedelta_minutes_minus=15)
), 0)], 1).alias('last_login')).order_by(User.user_id) ), 0)], 1).alias('last_login')).order_by(User.user_id)
@ -382,7 +378,7 @@ def select_user_groups(user_id, **kwargs):
def check_user_group(user_id, group_id): def check_user_group(user_id, group_id):
try: try:
query_res = UserGroups.get((UserGroups.user_id == user_id) & (UserGroups.user_group_id == group_id)) query_res = UserGroups.get((UserGroups.user_id == user_id) & (UserGroups.user_group_id == group_id))
except: except Exception:
return False return False
else: else:
if query_res.user_id != '': if query_res.user_id != '':
@ -393,14 +389,13 @@ def check_user_group(user_id, group_id):
def select_user_groups_with_names(user_id, **kwargs): def select_user_groups_with_names(user_id, **kwargs):
if kwargs.get("all") is not None: if kwargs.get("all") is not None:
query = (UserGroups query = (UserGroups.select(
.select(UserGroups.user_group_id, UserGroups.user_id, Groups.name) UserGroups.user_group_id, UserGroups.user_id, Groups.name
.join(Groups, on=(UserGroups.user_group_id == Groups.group_id))) ).join(Groups, on=(UserGroups.user_group_id == Groups.group_id)))
else: else:
query = (UserGroups query = (UserGroups.select(
.select(UserGroups.user_group_id, Groups.name) UserGroups.user_group_id, Groups.name
.join(Groups, on=(UserGroups.user_group_id == Groups.group_id)) ).join(Groups, on=(UserGroups.user_group_id == Groups.group_id)).where(UserGroups.user_id == user_id))
.where(UserGroups.user_id == user_id))
try: try:
query_res = query.execute() query_res = query.execute()
except Exception as e: except Exception as e:
@ -583,12 +578,10 @@ def write_api_token(user_token, group_id, user_role, user_name):
token_ttl = int(get_setting('token_ttl')) token_ttl = int(get_setting('token_ttl'))
try: try:
ApiToken.insert(token=user_token, ApiToken.insert(
user_name=user_name, token=user_token, user_name=user_name, user_group_id=group_id, user_role=user_role,
user_group_id=group_id, create_date=funct.get_data('regular'), expire_date=funct.get_data('regular', timedelta=token_ttl)
user_role=user_role, ).execute()
create_date=funct.get_data('regular'),
expire_date=funct.get_data('regular', timedelta=token_ttl)).execute()
except Exception as e: except Exception as e:
out_error(e) out_error(e)
@ -603,10 +596,9 @@ def get_api_token(token):
def get_user_id_by_api_token(token): def get_user_id_by_api_token(token):
query = (User query = (User.select(User.user_id).join(ApiToken, on=(
.select(User.user_id) ApiToken.user_name == User.username
.join(ApiToken, on=(ApiToken.user_name == User.username)) )).where(ApiToken.token == token))
.where(ApiToken.token == token))
try: try:
query_res = query.execute() query_res = query.execute()
except Exception as e: except Exception as e:
@ -634,7 +626,7 @@ def get_token(uuid):
try: try:
for i in query_res: for i in query_res:
return i.token return i.token
except: except Exception:
return '' return ''
@ -642,7 +634,7 @@ def delete_uuid(uuid):
try: try:
query = UUID.delete().where(UUID.uuid == uuid) query = UUID.delete().where(UUID.uuid == uuid)
query.execute() query.execute()
except: except Exception:
pass pass
@ -711,10 +703,9 @@ def get_user_id_by_username(username: str):
def get_user_role_by_uuid(uuid): def get_user_role_by_uuid(uuid):
query = (Role.select(Role.role_id) query = (Role.select(Role.role_id).join(User, on=(Role.name == User.role)).join(UUID, on=(
.join(User, on=(Role.name == User.role)) User.user_id == UUID.user_id
.join(UUID, on=(User.user_id == UUID.user_id)) )).where(UUID.uuid == uuid))
.where(UUID.uuid == uuid))
try: try:
query_res = query.execute() query_res = query.execute()
except Exception as e: except Exception as e:
@ -804,7 +795,7 @@ def get_dick_permit(**kwargs):
cookie = http.cookies.SimpleCookie(os.environ.get("HTTP_COOKIE")) cookie = http.cookies.SimpleCookie(os.environ.get("HTTP_COOKIE"))
group = cookie.get('group') group = cookie.get('group')
grp = group.value grp = group.value
except Exception as e: except Exception:
print('<meta http-equiv="refresh" content="0; url=/app/login.py">') print('<meta http-equiv="refresh" content="0; url=/app/login.py">')
return return
if kwargs.get('token'): if kwargs.get('token'):
@ -842,13 +833,9 @@ def get_dick_permit(**kwargs):
try: try:
if mysql_enable == '1': if mysql_enable == '1':
if grp == '1' and not only_group: if grp == '1' and not only_group:
sql = """ select * from `servers` where {} {} {} {} {} {} {} order by `pos` asc""".format(disable, sql = """ select * from `servers` where {} {} {} {} {} {} {} order by `pos` asc""".format(
type_ip, disable, type_ip, nginx, haproxy, keepalived, apache, ip
nginx, )
haproxy,
keepalived,
apache,
ip)
else: else:
sql = """ select * from `servers` where `groups` = {group} and ({disable}) {type_ip} {ip} {haproxy} {nginx} {keepalived} {apache} order by `pos` asc sql = """ select * from `servers` where `groups` = {group} and ({disable}) {type_ip} {ip} {haproxy} {nginx} {keepalived} {apache} order by `pos` asc
""".format( """.format(
@ -862,8 +849,10 @@ def get_dick_permit(**kwargs):
) )
else: else:
sql = """ select * from servers where groups = '{group}' and ({disable}) {type_ip} {ip} {haproxy} {nginx} {keepalived} {apache} order by pos sql = """ select * from servers where groups = '{group}' and ({disable}) {type_ip} {ip} {haproxy} {nginx} {keepalived} {apache} order by pos
""".format(group=grp, disable=disable, type_ip=type_ip, ip=ip, haproxy=haproxy, nginx=nginx, """.format(
keepalived=keepalived, apache=apache) group=grp, disable=disable, type_ip=type_ip, ip=ip, haproxy=haproxy, nginx=nginx,
keepalived=keepalived, apache=apache
)
except Exception as e: except Exception as e:
print(str(e)) print(str(e))
@ -977,8 +966,10 @@ def select_backups(**kwargs):
def update_backup(server, rserver, rpath, backup_type, time, cred, description, backup_id): def update_backup(server, rserver, rpath, backup_type, time, cred, description, backup_id):
backup_update = Backup.update(server=server, rhost=rserver, rpath=rpath, backup_type=backup_type, time=time, backup_update = Backup.update(
cred=cred, description=description).where(Backup.id == backup_id) server=server, rhost=rserver, rpath=rpath, backup_type=backup_type, time=time,
cred=cred, description=description
).where(Backup.id == backup_id)
try: try:
backup_update.execute() backup_update.execute()
except Exception as e: except Exception as e:
@ -1002,7 +993,7 @@ def delete_backups(backup_id):
def check_exists_backup(server): def check_exists_backup(server):
try: try:
backup = Backup.get(Backup.server == server) backup = Backup.get(Backup.server == server)
except: except Exception:
pass pass
else: else:
if backup.id is not None: if backup.id is not None:
@ -1270,14 +1261,11 @@ def select_waf_servers_metrics(uuid):
else: else:
if user_group.groups == '1': if user_group.groups == '1':
query = Waf.select(Server.ip).join(Server, on=(Waf.server_id == Server.server_id)).where( query = Waf.select(Server.ip).join(Server, on=(Waf.server_id == Server.server_id)).where(
(Server.enable == 1) & (Server.enable == 1) & (Waf.metrics == 1)
(Waf.metrics == 1)
) )
else: else:
query = Waf.select(Server.ip).join(Server, on=(Waf.server_id == Server.server_id)).where( query = Waf.select(Server.ip).join(Server, on=(Waf.server_id == Server.server_id)).where(
(Server.enable == 1) & (Server.enable == 1) & (Waf.metrics == 1) & (Server.groups == user_group.groups)
(Waf.metrics == 1) &
(Server.groups == user_group.groups)
) )
try: try:
query_res = query.execute() query_res = query.execute()
@ -1844,7 +1832,7 @@ def select_table_metrics():
def get_setting(param, **kwargs): def get_setting(param, **kwargs):
try: try:
user_group = funct.get_user_group(id=1) user_group = funct.get_user_group(id=1)
except: except Exception:
user_group = '' user_group = ''
if user_group == '' or param == 'lists_path' or param == 'ssl_local_path': if user_group == '' or param == 'lists_path' or param == 'ssl_local_path':
@ -1909,9 +1897,7 @@ def select_roles():
def select_alert(**kwargs): def select_alert(**kwargs):
if kwargs.get("group") is not None: if kwargs.get("group") is not None:
query = Server.select(Server.ip).where( query = Server.select(Server.ip).where(
(Server.alert == 1) & (Server.alert == 1) & (Server.enable == 1) & (Server.groups == kwargs.get('group'))
(Server.enable == 1) &
(Server.groups == kwargs.get('group'))
) )
else: else:
query = Server.select(Server.ip).where((Server.alert == 1) & (Server.enable == 1)) query = Server.select(Server.ip).where((Server.alert == 1) & (Server.enable == 1))
@ -1926,9 +1912,8 @@ def select_alert(**kwargs):
def select_all_alerts(**kwargs): def select_all_alerts(**kwargs):
if kwargs.get("group") is not None: if kwargs.get("group") is not None:
query = Server.select(Server.ip).where( query = Server.select(Server.ip).where(
((Server.alert == 1) | (Server.nginx_alert == 1)) & ((Server.alert == 1) | (Server.nginx_alert == 1)) & (Server.enable == 1) & (Server.groups == kwargs.get('group'))
(Server.enable == 1) & )
(Server.groups == kwargs.get('group')))
else: else:
query = Server.select(Server.ip).where(((Server.alert == 1) | (Server.nginx_alert == 1)) & (Server.enable == 1)) query = Server.select(Server.ip).where(((Server.alert == 1) | (Server.nginx_alert == 1)) & (Server.enable == 1))
try: try:
@ -1942,9 +1927,8 @@ def select_all_alerts(**kwargs):
def select_nginx_alert(**kwargs): def select_nginx_alert(**kwargs):
if kwargs.get("group") is not None: if kwargs.get("group") is not None:
query = Server.select(Server.ip).where( query = Server.select(Server.ip).where(
(Server.nginx_alert == 1) & (Server.nginx_alert == 1) & (Server.enable == 1) & (Server.groups == kwargs.get('group'))
(Server.enable == 1) & )
(Server.groups == kwargs.get('group')))
else: else:
query = Server.select(Server.ip).where((Server.nginx_alert == 1) & (Server.enable == 1)) query = Server.select(Server.ip).where((Server.nginx_alert == 1) & (Server.enable == 1))
try: try:
@ -1958,9 +1942,8 @@ def select_nginx_alert(**kwargs):
def select_apache_alert(**kwargs): def select_apache_alert(**kwargs):
if kwargs.get("group") is not None: if kwargs.get("group") is not None:
query = Server.select(Server.ip).where( query = Server.select(Server.ip).where(
(Server.apache_alert == 1) & (Server.apache_alert == 1) & (Server.enable == 1) & (Server.groups == kwargs.get('group'))
(Server.enable == 1) & )
(Server.groups == kwargs.get('group')))
else: else:
query = Server.select(Server.ip).where((Server.apache_alert == 1) & (Server.enable == 1)) query = Server.select(Server.ip).where((Server.apache_alert == 1) & (Server.enable == 1))
try: try:
@ -1974,9 +1957,8 @@ def select_apache_alert(**kwargs):
def select_keepalived_alert(**kwargs): def select_keepalived_alert(**kwargs):
if kwargs.get("group") is not None: if kwargs.get("group") is not None:
query = Server.select(Server.ip).where( query = Server.select(Server.ip).where(
(Server.keepalived_alert == 1) & (Server.keepalived_alert == 1) & (Server.enable == 1) & (Server.groups == kwargs.get('group'))
(Server.enable == 1) & )
(Server.groups == kwargs.get('group')))
else: else:
query = Server.select(Server.ip).where((Server.keepalived_alert == 1) & (Server.enable == 1)) query = Server.select(Server.ip).where((Server.keepalived_alert == 1) & (Server.enable == 1))
@ -2136,14 +2118,14 @@ def check_token_exists(token):
return True return True
else: else:
return False return False
except: except Exception:
return False return False
def insert_smon(server, port, enable, proto, uri, body, group, desc, telegram, slack, user_group): def insert_smon(server, port, enable, proto, uri, body, group, desc, telegram, slack, user_group):
try: try:
http = proto + ':' + uri http = proto + ':' + uri
except: except Exception:
http = '' http = ''
try: try:
@ -2173,7 +2155,7 @@ def select_smon(user_group, **kwargs):
if kwargs.get('ip'): if kwargs.get('ip'):
try: try:
http = kwargs.get('proto') + ':' + kwargs.get('uri') http = kwargs.get('proto') + ':' + kwargs.get('uri')
except: except Exception:
http = '' http = ''
sql = """select id, ip, port, en, http, body, telegram_channel_id, `desc`, `group`, user_group, slack_channel_id from smon sql = """select id, ip, port, en, http, body, telegram_channel_id, `desc`, `group`, user_group, slack_channel_id from smon
where ip='%s' and port='%s' and http='%s' and body='%s' %s where ip='%s' and port='%s' and http='%s' and body='%s' %s
@ -2454,7 +2436,7 @@ def is_cloud():
sql = """ select * from cloud_uuid """ sql = """ select * from cloud_uuid """
try: try:
cursor.execute(sql) cursor.execute(sql)
except: except Exception:
return "" return ""
else: else:
for cl_uuid in cursor.fetchall(): for cl_uuid in cursor.fetchall():
@ -2464,7 +2446,7 @@ def is_cloud():
def return_firewall(serv): def return_firewall(serv):
try: try:
query_res = Server.get(Server.ip == serv).firewall_enable query_res = Server.get(Server.ip == serv).firewall_enable
except: except Exception:
return False return False
else: else:
return True if query_res == 1 else False return True if query_res == 1 else False
@ -2486,7 +2468,7 @@ def insert_port_scanner_settings(server_id, user_group_id, enabled, notify, hist
server_id=server_id, user_group_id=user_group_id, enabled=enabled, notify=notify, history=history server_id=server_id, user_group_id=user_group_id, enabled=enabled, notify=notify, history=history
).execute() ).execute()
return True return True
except: except Exception:
return False return False
@ -2589,7 +2571,7 @@ def delete_ports(serv):
def insert_port_scanner_history(serv, port, port_status, service_name): def insert_port_scanner_history(serv, port, port_status, service_name):
try: try:
PortScannerHistory.insert( PortScannerHistory.insert(
serv=serv, port=port, status=port_status, service_name=service_name,date=funct.get_data('regular') serv=serv, port=port, status=port_status, service_name=service_name, date=funct.get_data('regular')
).execute() ).execute()
except Exception as e: except Exception as e:
out_error(e) out_error(e)
@ -2597,8 +2579,8 @@ def insert_port_scanner_history(serv, port, port_status, service_name):
def delete_alert_history(keep_interval: int, service: str): def delete_alert_history(keep_interval: int, service: str):
query = Alerts.delete().where( query = Alerts.delete().where(
(Alerts.date < funct.get_data('regular', timedelta_minus=keep_interval)) & (Alerts.date < funct.get_data('regular', timedelta_minus=keep_interval)) & (Alerts.service == service)
(Alerts.service == service)) )
try: try:
query.execute() query.execute()
except Exception as e: except Exception as e:
@ -2640,7 +2622,7 @@ def add_provider_aws(provider_name, provider_group, provider_key, provider_secre
try: try:
ProvidersCreds.insert( ProvidersCreds.insert(
name=provider_name, type='aws', group=provider_group, key=provider_key, secret=provider_secret, name=provider_name, type='aws', group=provider_group, key=provider_key, secret=provider_secret,
create_date=funct.get_data('regular'),edit_date=funct.get_data('regular') create_date=funct.get_data('regular'), edit_date=funct.get_data('regular')
).execute() ).execute()
return True return True
except Exception as e: except Exception as e:
@ -2793,9 +2775,7 @@ def select_do_server(server_id):
def update_provisioning_server_status(status, user_group_id, name, provider_id, **kwargs): def update_provisioning_server_status(status, user_group_id, name, provider_id, **kwargs):
if kwargs.get('update_ip'): if kwargs.get('update_ip'):
query = ProvisionedServers.update(status=status, IP=kwargs.get('update_ip')).where( query = ProvisionedServers.update(status=status, IP=kwargs.get('update_ip')).where(
(ProvisionedServers.name == name) & (ProvisionedServers.name == name) & (ProvisionedServers.group_id == user_group_id) & (ProvisionedServers.provider_id == provider_id)
(ProvisionedServers.group_id == user_group_id) &
(ProvisionedServers.provider_id == provider_id)
) )
else: else:
query = ProvisionedServers.update(status=status).where( query = ProvisionedServers.update(status=status).where(
@ -2811,9 +2791,9 @@ def update_provisioning_server_status(status, user_group_id, name, provider_id,
def update_provisioning_server_gcore_name(name, template_name, user_group_id, provider_id): def update_provisioning_server_gcore_name(name, template_name, user_group_id, provider_id):
query = ProvisionedServers.update(name_template=template_name).where( query = ProvisionedServers.update(name_template=template_name).where(
(ProvisionedServers.name == name) & (ProvisionedServers.name == name)
(ProvisionedServers.group_id == user_group_id) & & (ProvisionedServers.group_id == user_group_id)
(ProvisionedServers.provider_id == provider_id) & (ProvisionedServers.provider_id == provider_id)
) )
try: try:
query.execute() query.execute()
@ -2823,9 +2803,9 @@ def update_provisioning_server_gcore_name(name, template_name, user_group_id, pr
def update_provisioning_server_error(status, user_group_id, name, provider_id): def update_provisioning_server_error(status, user_group_id, name, provider_id):
query = ProvisionedServers.update(last_error=status).where( query = ProvisionedServers.update(last_error=status).where(
(ProvisionedServers.name == name) & (ProvisionedServers.name == name)
(ProvisionedServers.group_id == user_group_id) & & (ProvisionedServers.group_id == user_group_id)
(ProvisionedServers.provider_id == provider_id) & (ProvisionedServers.provider_id == provider_id)
) )
try: try:
query.execute() query.execute()
@ -2923,7 +2903,7 @@ def select_provisioned_servers(**kwargs):
def select_aws_provider(provider_id): def select_aws_provider(provider_id):
try: try:
query_res = ProvidersCreds.get(ProvidersCreds.id == provider_id) query_res = ProvidersCreds.get(ProvidersCreds.id == provider_id)
except: except Exception:
return "" return ""
else: else:
return query_res.key, query_res.secret return query_res.key, query_res.secret
@ -2932,7 +2912,7 @@ def select_aws_provider(provider_id):
def select_gcore_provider(provider_id): def select_gcore_provider(provider_id):
try: try:
query_res = ProvidersCreds.get(ProvidersCreds.id == provider_id) query_res = ProvidersCreds.get(ProvidersCreds.id == provider_id)
except: except Exception:
return "" return ""
else: else:
return query_res.key, query_res.secret return query_res.key, query_res.secret
@ -2941,7 +2921,7 @@ def select_gcore_provider(provider_id):
def select_do_provider(provider_id): def select_do_provider(provider_id):
try: try:
query_res = ProvidersCreds.get(ProvidersCreds.id == provider_id) query_res = ProvidersCreds.get(ProvidersCreds.id == provider_id)
except: except Exception:
return "" return ""
else: else:
return query_res.key return query_res.key
@ -2983,7 +2963,7 @@ def update_aws_provider(new_name, new_key, new_secret, provider_id):
def is_serv_protected(serv): def is_serv_protected(serv):
try: try:
query_res = Server.get(Server.ip == serv) query_res = Server.get(Server.ip == serv)
except: except Exception:
return "" return ""
else: else:
return True if query_res.protected else False return True if query_res.protected else False
@ -3031,9 +3011,10 @@ def select_service_settings(server_id: int, service: str) -> str:
def select_docker_service_settings(server_id: int, service: str) -> str: def select_docker_service_settings(server_id: int, service: str) -> str:
query = ServiceSetting.select().where( query = ServiceSetting.select().where(
(ServiceSetting.server_id == server_id) & (ServiceSetting.server_id == server_id)
(ServiceSetting.service == service) & & (ServiceSetting.service == service)
(ServiceSetting.setting == 'dockerized')) & (ServiceSetting.setting == 'dockerized')
)
try: try:
query_res = query.execute() query_res = query.execute()
except Exception as e: except Exception as e:
@ -3044,8 +3025,9 @@ def select_docker_service_settings(server_id: int, service: str) -> str:
def select_docker_services_settings(service: str) -> str: def select_docker_services_settings(service: str) -> str:
query = ServiceSetting.select().where( query = ServiceSetting.select().where(
(ServiceSetting.service == service) & (ServiceSetting.service == service)
(ServiceSetting.setting == 'dockerized')) & (ServiceSetting.setting == 'dockerized')
)
try: try:
query_res = query.execute() query_res = query.execute()
except Exception as e: except Exception as e:
@ -3057,9 +3039,10 @@ def select_docker_services_settings(service: str) -> str:
def select_service_setting(server_id: int, service: str, setting: str) -> str: def select_service_setting(server_id: int, service: str, setting: str) -> str:
try: try:
result = ServiceSetting.get( result = ServiceSetting.get(
(ServiceSetting.server_id == server_id) & (ServiceSetting.server_id == server_id)
(ServiceSetting.service == service) & & (ServiceSetting.service == service)
(ServiceSetting.setting == setting)).value & (ServiceSetting.setting == setting)
).value
except Exception: except Exception:
pass pass
else: else:
@ -3121,8 +3104,8 @@ def select_action_history_by_user_id(user_id: int):
def select_action_history_by_server_id_and_service(server_id: int, service: str): def select_action_history_by_server_id_and_service(server_id: int, service: str):
query = ActionHistory.select().where( query = ActionHistory.select().where(
(ActionHistory.server_id == server_id) & (ActionHistory.server_id == server_id)
(ActionHistory.service == service) & (ActionHistory.service == service)
) )
try: try:
query_res = query.execute() query_res = query.execute()
@ -3150,8 +3133,8 @@ def insert_config_version(server_id: int, user_id: int, service: str, local_path
def select_config_version(server_ip: str, service: str) -> str: def select_config_version(server_ip: str, service: str) -> str:
server_id = select_server_id_by_ip(server_ip) server_id = select_server_id_by_ip(server_ip)
query = ConfigVersion.select().where( query = ConfigVersion.select().where(
(ConfigVersion.server_id == server_id) & (ConfigVersion.server_id == server_id)
(ConfigVersion.service == service) & (ConfigVersion.service == service)
) )
try: try:
query_res = query.execute() query_res = query.execute()
@ -3163,8 +3146,8 @@ def select_config_version(server_ip: str, service: str) -> str:
def delete_config_version(service: str, local_path: str): def delete_config_version(service: str, local_path: str):
query_res = ConfigVersion.delete().where( query_res = ConfigVersion.delete().where(
(ConfigVersion.service == service) & (ConfigVersion.service == service)
(ConfigVersion.local_path == local_path) & (ConfigVersion.local_path == local_path)
) )
try: try:
query_res.execute() query_res.execute()
@ -3179,9 +3162,9 @@ def select_remote_path_from_version(server_ip: str, service: str, local_path: st
server_id = select_server_id_by_ip(server_ip) server_id = select_server_id_by_ip(server_ip)
try: try:
query_res = ConfigVersion.get( query_res = ConfigVersion.get(
(ConfigVersion.server_id == server_id) & (ConfigVersion.server_id == server_id)
(ConfigVersion.service == service) & & (ConfigVersion.service == service)
(ConfigVersion.local_path == local_path) & (ConfigVersion.local_path == local_path)
).remote_path ).remote_path
except Exception as e: except Exception as e:
out_error(e) out_error(e)

7
app/versions.py
View File

@ -27,7 +27,7 @@ if configver:
try: try:
user, user_id, role, token, servers, user_services = funct.get_users_params(disable=1) user, user_id, role, token, servers, user_services = funct.get_users_params(disable=1)
except: except Exception:
pass pass
if service == 'keepalived': if service == 'keepalived':
@ -78,8 +78,9 @@ if serv is not None and form.getvalue('del') is not None:
os.remove(os.path.join(configs_dir, form.getvalue(get))) os.remove(os.path.join(configs_dir, form.getvalue(get)))
try: try:
file.add(form.getvalue(get) + "<br />") file.add(form.getvalue(get) + "<br />")
funct.logging(serv, "Version of config has been deleted: %s" % form.getvalue(get), login=1, funct.logging(
keep_history=1, service=service) serv, "Version of config has been deleted: %s" % form.getvalue(get), login=1, keep_history=1, service=service
)
except Exception: except Exception:
pass pass
except OSError as e: except OSError as e:

25
app/viewlogs.py
View File

@ -65,22 +65,9 @@ if form.getvalue('type') is None:
selects.append(['roxy-wi.error.log', 'error.log']) selects.append(['roxy-wi.error.log', 'error.log'])
selects.append(['roxy-wi.access.log', 'access.log']) selects.append(['roxy-wi.access.log', 'access.log'])
output_from_parsed_template = template.render(h2=1, rendered_template = template.render(
autorefresh=1, h2=1, autorefresh=1, title="View internal logs", role=role, user=user, serv=serv, select_id="viewlogs",
title="View internal logs", selects=selects, rows=rows, grep=grep, exgrep=exgrep, hour=hour, hour1=hour1, minut=minut,
role=role, minut1=minut1, page=page, user_services=user_services, token=token
user=user, )
serv=serv, print(rendered_template)
select_id="viewlogs",
selects=selects,
rows=rows,
grep=grep,
exgrep=exgrep,
hour=hour,
hour1=hour1,
minut=minut,
minut1=minut1,
page=page,
user_services=user_services,
token=token)
print(output_from_parsed_template)

46
app/viewsttats.py
View File

@ -1,25 +1,19 @@
#!/usr/bin/env python3 #!/usr/bin/env python3
import funct import funct
import sql
from jinja2 import Environment, FileSystemLoader from jinja2 import Environment, FileSystemLoader
env = Environment(loader=FileSystemLoader('templates/'), autoescape=True) env = Environment(loader=FileSystemLoader('templates/'), autoescape=True)
template = env.get_template('viewstats.html') template = env.get_template('viewstats.html')
form = funct.form form = funct.form
serv = form.getvalue('serv') serv = form.getvalue('serv')
service = form.getvalue('service') service = form.getvalue('service')
print('Content-type: text/html\n') print('Content-type: text/html\n')
funct.check_login() funct.check_login()
if service == 'nginx':
if funct.check_login(service=2):
title = 'NGINX stats page'
else:
if funct.check_login(service=1):
title = 'HAProxy stats page'
try: try:
user, user_id, role, token, servers, user_services = funct.get_users_params(virt=1, haproxy=1) user, user_id, role, token, servers, user_services = funct.get_users_params(virt=1, haproxy=1)
if serv is None: if serv is None:
first_serv = servers first_serv = servers
for i in first_serv: for i in first_serv:
@ -28,18 +22,20 @@ try:
except Exception: except Exception:
pass pass
if service == 'nginx':
output_from_parsed_template = template.render(h2=1, if funct.check_login(service=2):
autorefresh=1, title = 'NGINX stats page'
title=title, servers = sql.get_dick_permit(nginx=1)
role=role, elif service == 'apache':
user=user, if funct.check_login(service=4):
onclick="showStats()", title = 'Apache stats page'
select_id="serv", servers = sql.get_dick_permit(apache=1)
selects=servers, else:
serv=serv, if funct.check_login(service=1):
service=service, title = 'HAProxy stats page'
user_services=user_services,
token=token)
print(output_from_parsed_template)
rendered_template = template.render(
h2=1, autorefresh=1, title=title, role=role, user=user, onclick="showStats()", select_id="serv",
selects=servers, serv=serv, service=service, user_services=user_services, token=token
)
print(rendered_template)