github
/
haproxy-wi
mirror of https://github.com/Aidaho12/haproxy-wi
1
0
Fork 0
Code Issues Releases Wiki Activity

v8.1.2: Switch to retrieving server data by IP and hostname 

Updated multiple functions across the codebase to use the `get_server_by_ip` method instead of iterating over server lists. This change simplifies the code, improves readability, and reduces potential errors. Adjusted SQL queries to remove unnecessary conditions and parameters related to master servers.
pull/401/head
Aidaho 2024-11-03 13:00:43 +03:00
parent 8ebf934f06
commit c437274cfe
7 changed files with 84 additions and 122 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

52
app/modules/db/server.py
View File

@ -1,4 +1,4 @@
from peewee import IntegrityError from peewee import IntegrityError, DoesNotExist
from app.modules.db.db_model import mysql_enable, connect, Server, SystemInfo from app.modules.db.db_model import mysql_enable, connect, Server, SystemInfo
from app.modules.db.common import out_error, not_unique_error from app.modules.db.common import out_error, not_unique_error
@ -38,7 +38,7 @@ def update_server(hostname, ip, group, type_ip, enable, master, server_id, cred,
def get_server_by_id(server_id: int) -> Server: def get_server_by_id(server_id: int) -> Server:
try: try:
return Server.get(Server.server_id == server_id) return Server.get(Server.server_id == server_id)
except Server.DoesNotExist: except DoesNotExist:
raise RoxywiResourceNotFound raise RoxywiResourceNotFound
except Exception as e: except Exception as e:
return out_error(e) return out_error(e)
@ -47,7 +47,7 @@ def get_server_by_id(server_id: int) -> Server:
def get_server_by_ip(server_ip: str) -> Server: def get_server_by_ip(server_ip: str) -> Server:
try: try:
return Server.get(Server.ip == server_ip) return Server.get(Server.ip == server_ip)
except Server.DoesNotExist: except DoesNotExist:
raise RoxywiResourceNotFound raise RoxywiResourceNotFound
except Exception as e: except Exception as e:
return out_error(e) return out_error(e)
@ -93,7 +93,7 @@ def is_system_info(server_id):
def select_os_info(server_id): def select_os_info(server_id):
try: try:
return SystemInfo.get(SystemInfo.server_id == server_id).os_info return SystemInfo.get(SystemInfo.server_id == server_id).os_info
except SystemInfo.DoesNotExist: except DoesNotExist:
raise RoxywiResourceNotFound raise RoxywiResourceNotFound
except Exception as e: except Exception as e:
out_error(e) out_error(e)
@ -159,51 +159,15 @@ def select_servers(**kwargs):
cursor = conn.cursor() cursor = conn.cursor()
if mysql_enable == '1': if mysql_enable == '1':
sql = """select * from `servers` where `enabled` = 1 ORDER BY servers.group_id """ sql = """select * from `servers` ORDER BY hostname """
if kwargs.get("server") is not None: if kwargs.get("server") is not None:
sql = """select * from `servers` where `ip` = '{}' """.format(kwargs.get("server")) sql = """select * from `servers` where `ip` = '{}' """.format(kwargs.get("server"))
if kwargs.get("full") is not None:
sql = """select * from `servers` ORDER BY hostname """
if kwargs.get("get_master_servers") is not None:
sql = """select id,hostname from `servers` where `master` = 0 and type_ip = 0 and enabled = 1 ORDER BY servers.group_id """
if kwargs.get("get_master_servers") is not None and kwargs.get('user_id') is not None:
sql = """ select servers.id, servers.hostname from `servers`
left join user as user on servers.group_id = user.group_id
where user.user_id = '{}' and servers.master = 0 and servers.type_ip = 0 and servers.enabled = 1 ORDER BY servers.group_id
""".format(kwargs.get('user_id'))
if kwargs.get("id"):
sql = """select * from `servers` where `id` = '{}' """.format(kwargs.get("id"))
if kwargs.get("hostname"):
sql = """select * from `servers` where `hostname` = '{}' """.format(kwargs.get("hostname"))
if kwargs.get("id_hostname"):
sql = """select * from `servers` where `hostname` ='{}' or id = '{}' or ip = '{}'""".format(
kwargs.get("id_hostname"), kwargs.get("id_hostname"), kwargs.get("id_hostname"))
if kwargs.get("server") and kwargs.get("keep_alive"):
sql = """select haproxy_active from `servers` where `ip` = '{}' """.format(kwargs.get("server"))
else: else:
sql = """select * from servers where enabled = '1' ORDER BY servers.group_id """ sql = """select * from servers ORDER BY hostname """
if kwargs.get("server") is not None: if kwargs.get("server") is not None:
sql = """select * from servers where ip = '{}' """.format(kwargs.get("server")) sql = """select * from servers where ip = '{}' """.format(kwargs.get("server"))
if kwargs.get("full") is not None:
sql = """select * from servers ORDER BY hostname """
if kwargs.get("get_master_servers") is not None:
sql = """select id,hostname from servers where master = 0 and type_ip = 0 and enabled = 1 ORDER BY servers.group_id """
if kwargs.get("get_master_servers") is not None and kwargs.get('user_id') is not None:
sql = """ select servers.id, servers.hostname from servers
left join user as user on servers.group_id = user.group_id
where user.user_id = '{}' and servers.master = 0 and servers.type_ip = 0 and servers.enabled = 1 ORDER BY servers.group_id
""".format(kwargs.get('user_id'))
if kwargs.get("id"):
sql = """select * from servers where id = '{}' """.format(kwargs.get("id"))
if kwargs.get("hostname"):
sql = """select * from servers where hostname = '{}' """.format(kwargs.get("hostname"))
if kwargs.get("id_hostname"):
sql = """select * from servers where hostname = '{}' or id = '{}' or ip = '{}'""".format(
kwargs.get("id_hostname"), kwargs.get("id_hostname"), kwargs.get("id_hostname"))
if kwargs.get("server") and kwargs.get("keep_alive"):
sql = """select haproxy_active from servers where ip = '{}' """.format(kwargs.get("server"))
try: try:
cursor.execute(sql) cursor.execute(sql)
@ -286,7 +250,7 @@ def is_master(ip, **kwargs):
def get_server_with_group(server_id: int, group_id: int) -> Server: def get_server_with_group(server_id: int, group_id: int) -> Server:
try: try:
return Server.get((Server.server_id == server_id) & (Server.group_id == group_id)) return Server.get((Server.server_id == server_id) & (Server.group_id == group_id))
except Server.DoesNotExist: except DoesNotExist:
raise RoxywiResourceNotFound raise RoxywiResourceNotFound
except Exception as e: except Exception as e:
out_error(e) out_error(e)
@ -295,7 +259,7 @@ def get_server_with_group(server_id: int, group_id: int) -> Server:
def select_servers_with_group(group_id: int) -> Server: def select_servers_with_group(group_id: int) -> Server:
try: try:
return Server.select().where(Server.group_id == group_id) return Server.select().where(Server.group_id == group_id)
except Server.DoesNotExist: except DoesNotExist:
raise RoxywiResourceNotFound raise RoxywiResourceNotFound
except Exception as e: except Exception as e:
out_error(e) out_error(e)

13
app/modules/roxywi/common.py
View File

@ -70,13 +70,12 @@ def check_user_group_for_socket(user_id: int, group_id: int) -> bool:
def check_is_server_in_group(server_ip: str) -> bool: def check_is_server_in_group(server_ip: str) -> bool:
group_id = get_user_group(id=1) group_id = get_user_group(id=1)
servers = server_sql.select_servers(server=server_ip) server = server_sql.get_server_by_ip(server_ip)
for s in servers: if (server.ip == server_ip and int(server.group_id) == int(group_id)) or group_id == 1:
if (s[2] == server_ip and int(s[3]) == int(group_id)) or group_id == 1: return True
return True else:
else: logging('Roxy-WI server', 'has tried to actions in not his group server', roxywi=1, login=1)
logging('Roxy-WI server', 'has tried to actions in not his group server', roxywi=1, login=1) return False
return False
def get_files(folder, file_format, server_ip=None) -> list: def get_files(folder, file_format, server_ip=None) -> list:

28
app/modules/roxywi/overview.py
View File

@ -46,7 +46,7 @@ def show_overview(serv) -> str:
claims = get_jwt() claims = get_jwt()
lang = roxywi_common.get_user_lang_for_flask() lang = roxywi_common.get_user_lang_for_flask()
role = user_sql.get_user_role_in_group(claims['user_id'], claims['group']) role = user_sql.get_user_role_in_group(claims['user_id'], claims['group'])
server = [server for server in server_sql.select_servers(server=serv)] server = server_sql.get_server_by_ip(serv)
user_services = user_sql.select_user_services(claims['user_id']) user_services = user_sql.select_user_services(claims['user_id'])
haproxy = service_sql.select_haproxy(serv) if '1' in user_services else 0 haproxy = service_sql.select_haproxy(serv) if '1' in user_services else 0
@ -54,7 +54,7 @@ def show_overview(serv) -> str:
keepalived = service_sql.select_keepalived(serv) if '3' in user_services else 0 keepalived = service_sql.select_keepalived(serv) if '3' in user_services else 0
apache = service_sql.select_apache(serv) if '4' in user_services else 0 apache = service_sql.select_apache(serv) if '4' in user_services else 0
waf = waf_sql.select_waf_servers(server[0][2]) waf = waf_sql.select_waf_servers(server.ip)
haproxy_process = '' haproxy_process = ''
keepalived_process = '' keepalived_process = ''
nginx_process = '' nginx_process = ''
@ -67,43 +67,43 @@ def show_overview(serv) -> str:
waf_len = 0 waf_len = 0
if haproxy: if haproxy:
cmd = f'echo "show info" |nc {server[0][2]} {sql.get_setting("haproxy_sock_port")} -w 1|grep -e "Process_num"' cmd = f'echo "show info" |nc {server.ip} {sql.get_setting("haproxy_sock_port")} -w 1|grep -e "Process_num"'
try: try:
haproxy_process = service_common.server_status(server_mod.subprocess_execute(cmd)) haproxy_process = service_common.server_status(server_mod.subprocess_execute(cmd))
except Exception as e: except Exception as e:
return f'error: {e} for server {server[0][2]}' return f'error: {e} for server {server.hostname}'
if nginx: if nginx:
nginx_cmd = f'echo "something" |nc {server[0][2]} {sql.get_setting("nginx_stats_port")} -w 1' nginx_cmd = f'echo "something" |nc {server.ip} {sql.get_setting("nginx_stats_port")} -w 1'
try: try:
nginx_process = service_common.server_status(server_mod.subprocess_execute(nginx_cmd)) nginx_process = service_common.server_status(server_mod.subprocess_execute(nginx_cmd))
except Exception as e: except Exception as e:
return f'error: {e} for server {server[0][2]}' return f'error: {e} for server {server.hostname}'
if apache: if apache:
apache_cmd = f'echo "something" |nc {server[0][2]} {sql.get_setting("apache_stats_port")} -w 1' apache_cmd = f'echo "something" |nc {server.ip} {sql.get_setting("apache_stats_port")} -w 1'
try: try:
apache_process = service_common.server_status(server_mod.subprocess_execute(apache_cmd)) apache_process = service_common.server_status(server_mod.subprocess_execute(apache_cmd))
except Exception as e: except Exception as e:
return f'error: {e} for server {server[0][2]}' return f'error: {e} for server {server.hostname}'
if keepalived: if keepalived:
command = "ps ax |grep keepalived|grep -v grep|wc -l|tr -d '\n'" command = "ps ax |grep keepalived|grep -v grep|wc -l|tr -d '\n'"
try: try:
keepalived_process = server_mod.ssh_command(server[0][2], command) keepalived_process = server_mod.ssh_command(server.ip, command)
except Exception as e: except Exception as e:
return f'error: {e} for server {server[0][2]}' return f'error: {e} for server {server.hostname}'
if waf_len >= 1: if waf_len >= 1:
command = "ps ax |grep waf/bin/modsecurity |grep -v grep |wc -l" command = "ps ax |grep waf/bin/modsecurity |grep -v grep |wc -l"
try: try:
waf_process = server_mod.ssh_command(server[0][2], command) waf_process = server_mod.ssh_command(server.ip, command)
except Exception as e: except Exception as e:
return f'error: {e} for server {server[0][2]}' return f'error: {e} for server {server.hostname}'
server_status = ( server_status = (
server[0][1], server[0][2], haproxy, haproxy_process, waf_process, waf, keepalived, keepalived_process, nginx, server.hostname, server.ip, haproxy, haproxy_process, waf_process, waf, keepalived, keepalived_process, nginx,
nginx_process, server[0][0], apache, apache_process nginx_process, server.server_id, apache, apache_process
) )
servers.append(server_status) servers.append(server_status)

78
app/modules/roxywi/waf.py
View File

@ -11,58 +11,60 @@ import app.modules.roxywi.common as roxywi_common
def waf_overview(serv: str, waf_service: str, claims: dict) -> str: def waf_overview(serv: str, waf_service: str, claims: dict) -> str:
servers = server_sql.select_servers(server=serv) # servers = server_sql.select_servers(server=serv)
server = server_sql.get_server_by_ip(serv)
role = user_sql.get_user_role_in_group(claims['user_id'], claims['group']) role = user_sql.get_user_role_in_group(claims['user_id'], claims['group'])
returned_servers = [] returned_servers = []
waf = '' waf = ''
waf_len = 0
metrics_en = 0 metrics_en = 0
waf_process = '' waf_process = ''
waf_mode = '' waf_mode = ''
is_waf_on_server = 0 is_waf_on_server = 0
for server in servers: # for server in servers:
if waf_service == 'haproxy':
is_waf_on_server = service_sql.select_haproxy(server.ip)
elif waf_service == 'nginx':
is_waf_on_server = service_sql.select_nginx(server.ip)
if is_waf_on_server == 1:
config_path = sql.get_setting(f'{waf_service}_dir')
if waf_service == 'haproxy': if waf_service == 'haproxy':
is_waf_on_server = service_sql.select_haproxy(server[2]) waf = waf_sql.select_waf_servers(server.ip)
metrics_en = waf_sql.select_waf_metrics_enable_server(server.ip)
elif waf_service == 'nginx': elif waf_service == 'nginx':
is_waf_on_server = service_sql.select_nginx(server[2]) waf = waf_sql.select_waf_nginx_servers(server.ip)
try:
waf_len = len(waf)
except Exception:
waf_len = 0
if is_waf_on_server == 1: if waf_len >= 1:
config_path = sql.get_setting(f'{waf_service}_dir')
if waf_service == 'haproxy': if waf_service == 'haproxy':
waf = waf_sql.select_waf_servers(server[2]) command = "ps ax |grep waf/bin/modsecurity |grep -v grep |wc -l"
metrics_en = waf_sql.select_waf_metrics_enable_server(server[2])
elif waf_service == 'nginx': elif waf_service == 'nginx':
waf = waf_sql.select_waf_nginx_servers(server[2]) command = f"grep 'modsecurity on' {common.return_nice_path(config_path)}* --exclude-dir=waf -Rs |wc -l"
try: commands1 = f"grep SecRuleEngine {config_path}/waf/modsecurity.conf |grep -v '#' |awk '{{print $2}}'"
waf_len = len(waf) waf_process = server_mod.ssh_command(server.ip, command)
except Exception: waf_mode = server_mod.ssh_command(server.ip, commands1).strip()
waf_len = 0
if waf_len >= 1: server_status = (server.hostname,
if waf_service == 'haproxy': server.ip,
command = "ps ax |grep waf/bin/modsecurity |grep -v grep |wc -l" waf_process,
elif waf_service == 'nginx': waf_mode,
command = f"grep 'modsecurity on' {common.return_nice_path(config_path)}* --exclude-dir=waf -Rs |wc -l" metrics_en,
commands1 = f"grep SecRuleEngine {config_path}/waf/modsecurity.conf |grep -v '#' |awk '{{print $2}}'" waf_len,
waf_process = server_mod.ssh_command(server[2], command) server.server_id)
waf_mode = server_mod.ssh_command(server[2], commands1).strip() else:
server_status = (server.hostname,
server_status = (server[1], server.ip,
server[2], waf_process,
waf_process, waf_mode,
waf_mode, metrics_en,
metrics_en, waf_len,
waf_len, server.server_id)
server[0]) returned_servers.append(server_status)
else:
server_status = (server[1],
server[2],
waf_process,
waf_mode,
metrics_en,
waf_len,
server[0])
returned_servers.append(server_status)
lang = roxywi_common.get_user_lang_for_flask() lang = roxywi_common.get_user_lang_for_flask()
servers_sorted = sorted(returned_servers, key=common.get_key) servers_sorted = sorted(returned_servers, key=common.get_key)

27
app/modules/server/ssh.py
View File

@ -99,21 +99,22 @@ def upload_ssh_key(ssh_id: int, key: str, passphrase: str) -> None:
name = ssh.name name = ssh.name
ssh_keys = f'{full_dir}{name}_{group_name}.pem' ssh_keys = f'{full_dir}{name}_{group_name}.pem'
if key != '': if key == '':
try: raise ValueError('Private key cannot be empty')
key = paramiko.pkey.load_private_key(key, password=passphrase) try:
except Exception as e: key = paramiko.pkey.load_private_key(key, password=passphrase)
raise Exception(e) except Exception as e:
raise e
try: try:
key.write_private_key_file(ssh_keys) key.write_private_key_file(ssh_keys)
except Exception as e: except Exception as e:
raise Exception(e) raise e
try: try:
os.chmod(ssh_keys, 0o600) os.chmod(ssh_keys, 0o600)
except IOError as e: except IOError as e:
raise Exception(e) raise Exception(e)
if passphrase: if passphrase:
try: try:

6
app/routes/admin/routes.py
View File

@ -38,13 +38,11 @@ def admin():
user_group = roxywi_common.get_user_group(id=1) user_group = roxywi_common.get_user_group(id=1)
if g.user_params['role'] == 1: if g.user_params['role'] == 1:
users = user_sql.select_users() users = user_sql.select_users()
servers = server_sql.select_servers(full=1) servers = server_sql.select_servers()
masters = server_sql.select_servers(get_master_servers=1)
sshs = ssh_mod.get_creds() sshs = ssh_mod.get_creds()
else: else:
users = user_sql.select_users(group=user_group) users = user_sql.select_users(group=user_group)
servers = roxywi_common.get_dick_permit(virt=1, disable=0, only_group=1) servers = roxywi_common.get_dick_permit(virt=1, disable=0, only_group=1)
masters = server_sql.select_servers(get_master_servers=1, uuid=g.user_params['user_id'])
sshs = ssh_mod.get_creds(group_id=user_group) sshs = ssh_mod.get_creds(group_id=user_group)
kwargs = { kwargs = {
@ -57,8 +55,6 @@ def admin():
'roles': sql.select_roles(), 'roles': sql.select_roles(),
'ldap_enable': sql.get_setting('ldap_enable'), 'ldap_enable': sql.get_setting('ldap_enable'),
'services': service_sql.select_services(), 'services': service_sql.select_services(),
'masters': masters,
'guide_me': 1,
'user_subscription': roxywi_common.return_user_subscription(), 'user_subscription': roxywi_common.return_user_subscription(),
'users_roles': user_sql.select_users_roles(), 'users_roles': user_sql.select_users_roles(),
'user_roles': user_sql.select_user_roles_by_group(user_group), 'user_roles': user_sql.select_user_roles_by_group(user_group),

2
app/templates/include/admin_servers.html
View File

@ -103,7 +103,7 @@
<td> <td>
<select id="slavefor-{{server.0}}"> <select id="slavefor-{{server.0}}">
<option value="0" selected>Not slave</option> <option value="0" selected>Not slave</option>
{% for master in masters %} {% for master in servers %}
{% if master.0 == server.6 %} {% if master.0 == server.6 %}
<option value="{{master.0}}" selected>{{master.1}}</option> <option value="{{master.0}}" selected>{{master.1}}</option>
{% else %} {% else %}