github
/
haproxy-wi
mirror of https://github.com/Aidaho12/haproxy-wi
1
0
Fork 0
Code Issues Releases Wiki Activity

v6.3.0.0 

Changelog: https://roxy-wi.org/changelog#6_3_0
pull/355/head
Pavel Loginov 2022-11-17 10:34:58 +03:00
parent e5dedade0b
commit c48f9f8fc6
51 changed files with 3786 additions and 3523 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
api/api.py
View File

@ -11,7 +11,8 @@ sys.path.append(os.path.dirname(os.path.abspath(__file__)))
os.chdir(os.path.dirname(os.path.abspath(__file__)))
sys.path.append(os.path.join(sys.path[0], '/var/www/haproxy-wi/app/'))
import sql
import modules.db.sql as sql
import modules.config.config as config_mod
_error_auth = '403 Auth before'
_allow_origin = '*'
@ -101,7 +102,7 @@ def get_servers():
try:
token = request.headers.get('token')
login, group_id = sql.get_username_groupid_from_api_token(token)
servers = sql.get_dick_permit(username=login, group_id=group_id, token=token)
servers = funct.get_dick_permit(username=login, group_id=group_id, token=token)
for s in servers:
data[s[0]] = {
@ -225,7 +226,7 @@ def service_config_show(server_id, service):
if not check_login(required_service=required_service):
return dict(error=_error_auth)
config_path = request.headers.get('config-file')
return api_funct.get_config(server_id, service=service, config_path=config_path)
return api_config_mod.get_config((server_id, service=service, config_path=config_path)
@route('/<service>/<server_id>/config', method=['POST'])

101
api/api_funct.py
View File

@ -4,25 +4,30 @@ import json
from bottle import request
sys.path.append(os.path.join(sys.path[0], '/var/www/haproxy-wi/app/'))
import sql
import funct
import modules.db.sql as sql
import modules.common.common as common
import modules.server.server as server_mod
import modules.config.section as section_mod
import modules.config.config as config_mod
import modules.roxy_wi_tools as roxy_wi_tools
import modules.roxywi.logs as roxywi_logs
import modules.service.common as service_common
get_config_var = roxy_wi_tools.GetConfigVar()
def get_token():
try:
user_status, user_plan = funct.return_user_status()
user_subscription = roxywi_common.return_user_status()
except Exception as e:
funct.logging('API', f'Cannot get a user plan: {e}', roxywi=1)
return False
user_subscription = roxywi_common.return_unsubscribed_user_status()
common.logging('Roxy-WI server', f'Cannot get a user plan: {e}', roxywi=1)
if user_status == 0:
funct.logging('API', 'You are not subscribed. Please subscribe to have access to this feature.', roxywi=1)
if user_subscription['user_status'] == 0:
common.logging('API', 'You are not subscribed. Please subscribe to have access to this feature.', roxywi=1)
return False
elif user_plan == 'user':
funct.logging('API', 'This feature is not available for your plan.', roxywi=1)
elif user_subscription['user_plan'] == 'user':
common.logging('API', 'This feature is not available for your plan.', roxywi=1)
return False
try:
@ -57,16 +62,16 @@ def get_token():
def check_login(required_service=0) -> bool:
try:
user_status, user_plan = funct.return_user_status()
user_subscription = roxywi_common.return_user_status()
except Exception as e:
funct.logging('API', f'Cannot get a user plan: {e}', roxywi=1)
return False
user_subscription = roxywi_common.return_unsubscribed_user_status()
common.logging('Roxy-WI server', f'Cannot get a user plan: {e}', roxywi=1)
if user_status == 0:
funct.logging('API', 'You are not subscribed. Please subscribe to have access to this feature.', roxywi=1)
if user_subscription['user_status'] == 0:
common.logging('API', 'You are not subscribed. Please subscribe to have access to this feature.', roxywi=1)
return False
elif user_plan == 'user':
funct.logging('API', 'This feature is not available for your plan.', roxywi=1)
elif user_subscription['user_plan'] == 'user':
common.logging('API', 'This feature is not available for your plan.', roxywi=1)
return False
token = request.headers.get('token')
@ -159,7 +164,7 @@ def get_status(server_id, service):
for s in servers:
if service == 'haproxy':
cmd = 'echo "show info" |nc %s %s -w 1|grep -e "Ver\|CurrConns\|Maxco\|MB\|Uptime:"' % (s[2], sql.get_setting('haproxy_sock_port'))
out = funct.subprocess_execute(cmd)
out = server_mod.subprocess_execute(cmd)
data = return_dict_from_out(server_id, out[0])
elif service == 'nginx':
cmd = [
@ -167,7 +172,7 @@ def get_status(server_id, service):
"|awk '{print $2, $9$10$11$12$13}' && ps ax |grep nginx:|grep -v grep |wc -l"
]
try:
out = funct.ssh_command(s[2], cmd)
out = server_mod.ssh_command(s[2], cmd)
out1 = out.split()
json_for_sending = {server_id: {"Version": out1[0].split('/')[1], "Uptime": out1[2], "Process": out1[3]}}
data = json_for_sending
@ -182,7 +187,7 @@ def get_status(server_id, service):
(apache_stats_user, apache_stats_password, s[2], apache_stats_port, apache_stats_page)
servers_with_status = list()
try:
out = funct.subprocess_execute(cmd)
out = server_mod.subprocess_execute(cmd)
if out != '':
for k in out:
servers_with_status.append(k)
@ -218,7 +223,7 @@ def get_all_statuses():
for s in servers:
cmd = 'echo "show info" |nc %s %s -w 1|grep -e "Ver\|CurrConns\|Maxco\|MB\|Uptime:"' % (s[2], sock_port)
data[s[2]] = {}
out = funct.subprocess_execute(cmd)
out = server_mod.subprocess_execute(cmd)
data[s[2]] = return_dict_from_out(s[1], out[0])
except Exception:
data = {"error": "Cannot find the server"}
@ -238,9 +243,9 @@ def actions(server_id, action, service):
for s in servers:
if service == 'apache':
service = funct.get_correct_apache_service_name(server_ip=s[2])
service = service_common.get_correct_apache_service_name(server_ip=s[2])
cmd = ["sudo systemctl %s %s" % (action, service)]
error = funct.ssh_command(s[2], cmd)
error = server_mod.ssh_command(s[2], cmd)
done = error if error else 'done'
data = {'server_id': s[0], 'ip': s[2], 'action': action, 'hostname': s[1], 'status': done}
@ -261,7 +266,7 @@ def runtime(server_id):
cmd = ['echo "%s" |sudo socat stdio %s' % (action, haproxy_sock)]
for s in servers:
out = funct.ssh_command(s[2], cmd)
out = server_mod.ssh_command(s[2], cmd)
data = {server_id: {}}
sep_data = out.split('\r\n')
@ -299,7 +304,7 @@ def get_config(server_id, **kwargs):
for s in servers:
cfg = '/tmp/' + s[2] + '.cfg'
funct.get_config(s[2], cfg, service=service, config_file_name=kwargs.get('config_path'))
config_mod.get_config(s[2], cfg, service=service, config_file_name=kwargs.get('config_path'))
os.system("sed -i 's/\\n/\n/g' " + cfg)
try:
conf = open(cfg, "r")
@ -324,8 +329,8 @@ def get_section(server_id):
for s in servers:
cfg = '/tmp/' + s[2] + '.cfg'
funct.get_config(s[2], cfg)
start_line, end_line, config_read = funct.get_section_from_config(cfg, section_name)
config_mod.get_config(s[2], cfg)
start_line, end_line, config_read = section_mod.get_section_from_config(cfg, section_name)
data = {server_id: {section_name: {'start_line': start_line, 'end_line': end_line, 'config_read': config_read}}}
return dict(section=data)
@ -351,9 +356,9 @@ def edit_section(server_id):
ip = s[2]
cfg = f'/tmp/{ip}.cfg'
out = funct.get_config(ip, cfg)
start_line, end_line, config_read = funct.get_section_from_config(cfg, section_name)
returned_config = funct.rewrite_section(start_line, end_line, cfg, body)
out = config_mod.get_config(ip, cfg)
start_line, end_line, config_read = section_mod.get_section_from_config(cfg, section_name)
returned_config = funct.section_mod(start_line, end_line, cfg, body)
time_zone = sql.get_setting('time_zone')
get_date = roxy_wi_tools.GetDate(time_zone)
cur_date = get_date.return_date('config')
@ -366,9 +371,9 @@ def edit_section(server_id):
conf.write(returned_config)
return_mess = 'section has been updated'
os.system(f"/bin/cp {cfg} {cfg_for_save}")
out = funct.master_slave_upload_and_restart(ip, cfg, save, login=login)
funct.logging('localhost', f" section {section_name} has been edited via API", login=login)
funct.logging(
out = config_mod.master_slave_upload_and_restart(ip, cfg, save, login=login)
common.logging('localhost', f" section {section_name} has been edited via API", login=login)
common.logging(
ip, f'Section {section_name} has been edited via API', roxywi=1,
login=login, keep_history=1, service='haproxy'
)
@ -435,14 +440,14 @@ def upload_config(server_id, **kwargs):
os.system("/bin/cp %s %s" % (cfg, cfg_for_save))
if kwargs.get('service') == 'nginx':
out = funct.master_slave_upload_and_restart(ip, cfg, save, login=login, nginx=nginx, config_file_name=kwargs.get('config_path'))
out = config_mod.master_slave_upload_and_restart(ip, cfg, save, login=login, nginx=nginx, config_file_name=kwargs.get('config_path'))
elif kwargs.get('service') == 'apache':
out = funct.master_slave_upload_and_restart(ip, cfg, save, login=login, apache=apache, config_file_name=kwargs.get('config_path'))
out = config_mod.master_slave_upload_and_restart(ip, cfg, save, login=login, apache=apache, config_file_name=kwargs.get('config_path'))
else:
out = funct.master_slave_upload_and_restart(ip, cfg, save, login=login)
out = config_mod.master_slave_upload_and_restart(ip, cfg, save, login=login)
funct.logging('localhost', " config has been uploaded via API", login=login)
funct.logging(
common.logging('localhost', " config has been uploaded via API", login=login)
common.logging(
ip, 'Config has been uploaded via API', roxywi=1, login=login, keep_history=1, service=service_name
)
@ -482,14 +487,14 @@ def add_to_config(server_id):
cfg = f'/tmp/{ip}.cfg'
cur_date = get_date.return_date('config')
cfg_for_save = f'{hap_configs_dir}{ip}-{cur_date}.cfg'
out = funct.get_config(ip, cfg)
out = config_mod.get_config(ip, cfg)
try:
with open(cfg, "a") as conf:
conf.write('\n' + body + '\n')
return_mess = 'section has been added to the config'
os.system(f"/bin/cp {cfg} {cfg_for_save}")
funct.logging('localhost', " section has been added via REST API", login=login)
common.logging('localhost', " section has been added via REST API", login=login)
out = funct.upload_and_restart(ip, cfg, just_save=save)
if out:
@ -538,7 +543,7 @@ def show_log(server_id):
data[server_id] = {"error": "Cannot find the server"}
return dict(error=data)
out = funct.show_roxy_log(ip, rows=rows, waf=str(waf), grep=grep, hour=str(hour), minut=str(minute), hour1=str(hour1), minut1=str(minute1), html=0)
out = roxywi_logs.show_roxy_log(ip, rows=rows, waf=str(waf), grep=grep, hour=str(hour), minut=str(minute), hour1=str(hour1), minut1=str(minute1), html=0)
data = {server_id: out}
return dict(log=data)
@ -559,14 +564,14 @@ def add_acl(server_id):
server_ip = s[2]
try:
out = funct.get_config(server_ip, cfg)
start_line, end_line, config_read = funct.get_section_from_config(cfg, section_name)
out = config_mod.get_config(server_ip, cfg)
start_line, end_line, config_read = section_mod.get_section_from_config(cfg, section_name)
except Exception as e:
status = "Cannot read section: " + str(e)
try:
config_read += acl
config = funct.rewrite_section(start_line, end_line, cfg, config_read)
config = funct.section_mod(start_line, end_line, cfg, config_read)
try:
with open(cfg, "w") as conf:
conf.write(config)
@ -576,7 +581,7 @@ def add_acl(server_id):
status = str(e)
try:
out = funct.master_slave_upload_and_restart(server_ip, cfg, just_save=save)
out = config_mod.master_slave_upload_and_restart(server_ip, cfg, just_save=save)
if out != '':
status = out
else:
@ -602,8 +607,8 @@ def del_acl(server_id):
cfg = '/tmp/' + s[2] + '.cfg'
server_ip = s[2]
try:
out = funct.get_config(server_ip, cfg)
start_line, end_line, config_read = funct.get_section_from_config(cfg, section_name)
out = config_mod.get_config(server_ip, cfg)
start_line, end_line, config_read = section_mod.get_section_from_config(cfg, section_name)
except Exception as e:
status = str(e)
@ -617,7 +622,7 @@ def del_acl(server_id):
status = 'Cannot delete ACL: ' + str(e)
try:
config = funct.rewrite_section(start_line, end_line, cfg, config_new_read)
config = funct.section_mod(start_line, end_line, cfg, config_new_read)
try:
with open(cfg, "w") as conf:
conf.write(config)
@ -627,7 +632,7 @@ def del_acl(server_id):
status = 'Cannot delete ACL: ' + str(e)
try:
out = funct.master_slave_upload_and_restart(server_ip, cfg, just_save=save)
out = config_mod.master_slave_upload_and_restart(server_ip, cfg, just_save=save)
if out != '':
status = out
else:

35
app/add.py
View File

@ -6,27 +6,32 @@ import http.cookies
from jinja2 import Environment, FileSystemLoader
import funct
import sql
import modules.db.sql as sql
import modules.common.common as common
import modules.config.config as config_mod
import modules.roxy_wi_tools as roxy_wi_tools
import modules.roxywi.common as roxywi_common
import modules.roxywi.auth as roxywi_auth
time_zone = sql.get_setting('time_zone')
get_date = roxy_wi_tools.GetDate(time_zone)
get_config_var = roxy_wi_tools.GetConfigVar()
env = Environment(loader=FileSystemLoader('templates/'), autoescape=True)
template = env.get_template('add.html')
form = funct.form
form = common.form
serv = form.getvalue('serv')
print('Content-type: text/html\n')
user, user_id, role, token, servers, user_services = funct.get_users_params(haproxy=1)
user_params = roxywi_common.get_users_params(haproxy=1)
try:
funct.check_login(user_id, token, service=1)
roxywi_auth.check_login(user_params['user_uuid'], user_params['token'], service=1)
except Exception as e:
print(f'error {e}')
sys.exit()
funct.page_for_admin(level=3)
roxywi_auth.page_for_admin(level=3)
if all(v is None for v in [
form.getvalue('mode'), form.getvalue('new_userlist'),
@ -53,13 +58,13 @@ if all(v is None for v in [
if not os.path.exists(black_dir):
os.makedirs(black_dir)
white_lists = funct.get_files(folder=white_dir, file_format="lst")
black_lists = funct.get_files(folder=black_dir, file_format="lst")
white_lists = roxywi_common.get_files(folder=white_dir, file_format="lst")
black_lists = roxywi_common.get_files(folder=black_dir, file_format="lst")
template = template.render(
title="Add: ", role=role, user=user, selects=servers, add=form.getvalue('add'), conf_add=form.getvalue('conf'),
title="Add: ", role=user_params['role'], user=user_params['user'], selects=user_params['servers'], add=form.getvalue('add'), conf_add=form.getvalue('conf'),
group=user_group, options=sql.select_options(), saved_servers=sql.select_saved_servers(), white_lists=white_lists,
black_lists=black_lists, user_services=user_services, token=token
black_lists=black_lists, user_services=user_params['user_services'], token=user_params['token']
)
print(template)
@ -382,21 +387,21 @@ if form.getvalue('generateconfig') is None and serv is not None:
server_name = serv
try:
funct.check_is_server_in_group(serv)
roxywi_common.check_is_server_in_group(serv)
if config_add:
hap_configs_dir = get_config_var.get_config_var('configs', 'haproxy_save_configs_dir')
cfg = hap_configs_dir + serv + "-" + funct.get_data('config') + ".cfg"
cfg = hap_configs_dir + serv + "-" + get_date.return_date('config') + ".cfg"
funct.get_config(serv, cfg)
config_mod.get_config(serv, cfg)
try:
with open(cfg, "a") as conf:
conf.write(config_add)
except IOError:
print("error: Can't read import config file")
funct.logging(serv, "add.py add new %s" % name)
roxywi_common.logging(serv, "add.py add new %s" % name)
output = funct.master_slave_upload_and_restart(serv, cfg, just_save="save")
output = config_mod.master_slave_upload_and_restart(serv, cfg, just_save="save")
if output:
print(output)
else:

26
app/add_nginx.py
View File

@ -4,32 +4,34 @@ import sys
from jinja2 import Environment, FileSystemLoader
import funct
import sql
import modules.db.sql as sql
import modules.common.common as common
import modules.roxy_wi_tools as roxy_wi_tools
import modules.roxywi.auth as roxywi_auth
import modules.roxywi.common as roxywi_common
get_config_var = roxy_wi_tools.GetConfigVar()
form = funct.form
form = common.form
serv = form.getvalue('serv')
print('Content-type: text/html\n')
user, user_id, role, token, servers, user_services = funct.get_users_params(service='nginx')
user_params = roxywi_common.get_users_params(service='nginx')
try:
funct.check_login(user_id, token, service=2)
roxywi_auth.check_login(user_params['user_uuid'], user_params['token'], service=2)
except Exception as e:
print(f'error {e}')
sys.exit()
funct.page_for_admin(level=3)
roxywi_auth.page_for_admin(level=3)
if all(v is None for v in [form.getvalue('upstream'), form.getvalue('generateconfig')]):
env = Environment(loader=FileSystemLoader('templates/'), autoescape=True)
template = env.get_template('add_nginx.html')
template = template.render(
title="Add: ", role=role, user=user, selects=servers, add=form.getvalue('add'), conf_add=form.getvalue('conf'),
user_services=user_services, token=token
title="Add: ", role=user_params['role'], user=user_params['user'], selects=user_params['servers'], add=form.getvalue('add'), conf_add=form.getvalue('conf'),
user_services=user_params['user_services'], token=user_params['token']
)
print(template)
elif form.getvalue('upstream') is not None:
@ -78,13 +80,13 @@ if form.getvalue('generateconfig') is None and serv is not None:
server_name = serv
try:
funct.check_is_server_in_group(serv)
roxywi_common.check_is_server_in_group(serv)
if config_add:
sub_folder = 'conf.d' if 'upstream' in config_name else 'sites-enabled'
service_configs_dir = get_config_var.get_config_var('configs', 'nginx_save_configs_dir')
cfg = f'{service_configs_dir}{serv}-{config_name}.conf'
nginx_dir = funct.return_nice_path(sql.get_setting('nginx_dir'))
nginx_dir = comon.return_nice_path(sql.get_setting('nginx_dir'))
config_file_name = f'{nginx_dir}{sub_folder}/{config_name}.conf'
@ -94,9 +96,9 @@ if form.getvalue('generateconfig') is None and serv is not None:
except IOError:
print("error: Cannot save a new config")
funct.logging(serv, "add_nginx.py add new %s" % config_name)
roxywi_common.logging(serv, "add_nginx.py add new %s" % config_name)
output = funct.master_slave_upload_and_restart(serv, cfg, just_save="save", nginx=1, config_file_name=config_file_name)
output = config_mod.master_slave_upload_and_restart(serv, cfg, just_save="save", nginx=1, config_file_name=config_file_name)
if output:
print(output)

63
app/config.py
View File

@ -4,28 +4,35 @@ import sys
from jinja2 import Environment, FileSystemLoader
import funct
import sql
import modules.db.sql as sql
import modules.config.config as config_mod
import modules.roxy_wi_tools as roxy_wi_tools
import modules.roxywi.auth as roxywi_auth
import modules.roxywi.common as roxywi_common
import modules.common.common as common
time_zone = sql.get_setting('time_zone')
get_date = roxy_wi_tools.GetDate(time_zone)
get_config_var = roxy_wi_tools.GetConfigVar()
env = Environment(loader=FileSystemLoader('templates/'), autoescape=True)
template = env.get_template('config.html')
print('Content-type: text/html\n')
form = funct.form
serv = funct.is_ip_or_dns(form.getvalue('serv'))
form = common.form
serv = common.is_ip_or_dns(form.getvalue('serv'))
try:
service = funct.checkAjaxInput(form.getvalue('service'))
service = common.checkAjaxInput(form.getvalue('service'))
except Exception:
print('<meta http-equiv="refresh" content="0; url=/app/">')
is_serv_protected = False
try:
config_file_name = form.getvalue('config_file_name').replace('92', '/')
except Exception:
config_file_name = ''
config_read = ""
cfg = ""
stderr = ""
@ -33,16 +40,16 @@ error = ""
aftersave = ""
is_restart = ''
user, user_id, role, token, servers, user_services = funct.get_users_params()
user_params = roxywi_common.get_users_params(service='nginx')
if service in ('haproxy', 'nginx', 'keepalived', 'apache'):
service_desc = sql.select_service(service)
if funct.check_login(user_id, token, service=service_desc.service_id):
if roxywi_auth.check_login(user_params['user_uuid'], user_params['token'], service=service_desc.service_id):
title = f"Working with {service_desc.service} configuration files"
action = f"config.py?service={service_desc.slug}"
configs_dir = get_config_var.get_config_var('configs', 'kp_save_configs_dir')
file_format = 'conf'
servers = sql.get_dick_permit(service=service_desc.slug)
servers = roxywi_common.get_dick_permit(service=service_desc.slug)
if service in ('haproxy', 'nginx', 'apache'):
configs_dir = get_config_var.get_config_var('configs', f'{service_desc.service}_save_configs_dir')
@ -57,38 +64,38 @@ else:
if serv is not None:
if service == 'nginx' or service == 'apache':
conf_file_name_short = config_file_name.split('/')[-1]
cfg = configs_dir + serv + "-" + conf_file_name_short + "-" + funct.get_data('config') + "." + file_format
cfg = f"{configs_dir}{serv}-{conf_file_name_short}-{get_date.return_date('config')}.{file_format}"
else:
cfg = configs_dir + serv + "-" + funct.get_data('config') + "." + file_format
cfg = f"{configs_dir}{serv}-{get_date.return_date('config')}.{file_format}"
if serv is not None and form.getvalue('open') is not None and form.getvalue('new_config') is None:
funct.check_is_server_in_group(serv)
roxywi_common.check_is_server_in_group(serv)
is_serv_protected = sql.is_serv_protected(serv)
server_id = sql.select_server_id_by_ip(serv)
is_restart = sql.select_service_setting(server_id, service, 'restart')
if service == 'keepalived':
error = funct.get_config(serv, cfg, keepalived=1)
error = config_mod.get_config(serv, cfg, keepalived=1)
try:
funct.logging(serv, " Keepalived config has been opened for ")
roxywi_roxywi_common.logging(serv, " Keepalived config has been opened for ")
except Exception:
pass
elif service == 'nginx':
error = funct.get_config(serv, cfg, nginx=1, config_file_name=config_file_name)
error = config_mod.get_config(serv, cfg, nginx=1, config_file_name=config_file_name)
try:
funct.logging(serv, " NGINX config has been opened ")
roxywi_roxywi_common.logging(serv, " NGINX config has been opened ")
except Exception:
pass
elif service == 'apache':
error = funct.get_config(serv, cfg, apache=1, config_file_name=config_file_name)
error = config_mod.get_config(serv, cfg, apache=1, config_file_name=config_file_name)
try:
funct.logging(serv, " Apache config has been opened ")
roxywi_roxywi_common.logging(serv, " Apache config has been opened ")
except Exception:
pass
else:
error = funct.get_config(serv, cfg)
error = config_mod.get_config(serv, cfg)
try:
funct.logging(serv, " HAProxy config has been opened ")
roxywi_roxywi_common.logging(serv, " HAProxy config has been opened ")
except Exception:
pass
@ -105,8 +112,7 @@ if form.getvalue('new_config') is not None:
config_read = ' '
if serv is not None and form.getvalue('config') is not None:
import sys
funct.check_is_server_in_group(serv)
roxywi_common.check_is_server_in_group(serv)
config = form.getvalue('config')
oldcfg = form.getvalue('oldconfig')
@ -119,15 +125,15 @@ if serv is not None and form.getvalue('config') is not None:
print("error: Cannot read imported config file")
if service == 'keepalived':
stderr = funct.upload_and_restart(serv, cfg, just_save=save, keepalived=1, oldcfg=oldcfg)
stderr = config_mod.upload_and_restart(serv, cfg, just_save=save, keepalived=1, oldcfg=oldcfg)
elif service == 'nginx':
stderr = funct.master_slave_upload_and_restart(serv, cfg, just_save=save, nginx=1, oldcfg=oldcfg, config_file_name=config_file_name)
stderr = config_mod.master_slave_upload_and_restart(serv, cfg, just_save=save, nginx=1, oldcfg=oldcfg, config_file_name=config_file_name)
elif service == 'apache':
stderr = funct.master_slave_upload_and_restart(serv, cfg, just_save=save, apache=1, oldcfg=oldcfg, config_file_name=config_file_name)
stderr = config_mod.master_slave_upload_and_restart(serv, cfg, just_save=save, apache=1, oldcfg=oldcfg, config_file_name=config_file_name)
else:
stderr = funct.master_slave_upload_and_restart(serv, cfg, just_save=save, oldcfg=oldcfg)
stderr = config_mod.master_slave_upload_and_restart(serv, cfg, just_save=save, oldcfg=oldcfg)
funct.diff_config(oldcfg, cfg)
config_mod.diff_config(oldcfg, cfg)
try:
os.system("/bin/rm -f " + configs_dir + "*.old")
@ -140,8 +146,9 @@ if serv is not None and form.getvalue('config') is not None:
sys.exit()
template = template.render(
h2=1, title=title, role=role, action=action, user=user, select_id="serv", serv=serv, aftersave=aftersave,
h2=1, title=title, role=user_params['role'], action=action, user=user_params['user'], select_id="serv", serv=serv, aftersave=aftersave,
config=config_read, cfg=cfg, selects=servers, stderr=stderr, error=error, service=service, is_restart=is_restart,
user_services=user_services, config_file_name=config_file_name, is_serv_protected=is_serv_protected, token=token
user_services=user_params['user_services'], config_file_name=config_file_name, is_serv_protected=is_serv_protected,
token=user_params['token']
)
print(template)

4
app/create_db.py
View File

@ -1,7 +1,7 @@
#!/usr/bin/env python3
import distro
from modules.db_model import *
from modules.db.db_model import *
def default_values():
@ -966,7 +966,7 @@ def update_db_v_6_2_1():
def update_ver():
try:
Version.update(version='6.2.3.0').execute()
Version.update(version='6.3.0.0').execute()
except Exception:
print('Cannot update version')

2005
app/funct.py
View File

File diff suppressed because it is too large Load Diff

33
app/ha.py
View File

@ -1,38 +1,39 @@
#!/usr/bin/env python3
import sys
import funct
import modules.common.common as common
import modules.roxywi.auth as roxywi_auth
import modules.roxywi.common as roxywi_common
from jinja2 import Environment, FileSystemLoader
env = Environment(loader=FileSystemLoader('templates/'), autoescape=True)
template = env.get_template('ha.html')
title="Create and configure HA cluster"
print('Content-type: text/html\n')
form = funct.form
form = common.form
serv = form.getvalue('serv')
try:
user, user_id, role, token, servers, user_services = funct.get_users_params()
except Exception:
pass
user_params = roxywi_common.get_users_params(service='keepalived')
try:
funct.check_login(user_id, token, service=3)
roxywi_auth.check_login(user_params['user_uuid'], user_params['token'], service=3)
except Exception as e:
print(f'error {e}')
sys.exit()
funct.page_for_admin(level=2)
roxywi_auth.page_for_admin(level=2)
try:
user_status, user_plan = funct.return_user_status()
user_subscription = roxywi_common.return_user_status()
except Exception as e:
user_status, user_plan = 0, 0
funct.logging('Roxy-WI server', f'Cannot get a user plan: {e}', roxywi=1)
user_subscription = roxywi_common.return_unsubscribed_user_status()
roxywi_common.logging('Roxy-WI server', f'Cannot get a user plan: {e}', roxywi=1)
output_from_parsed_template = template.render(
h2=1, title="Create and configure HA cluster", role=role, user=user, serv=serv, selects=servers,
user_services=user_services, user_status=user_status, user_plan=user_plan, token=token
parsed_template = template.render(
h2=1, title=title, role=user_params['role'], user=user_params['user'], serv=serv, selects=user_params['servers'],
user_services=user_params['user_services'], user_status=user_subscription['user_status'],
user_plan=user_subscription['user_plan'], token=user_params['token']
)
print(output_from_parsed_template)
print(parsed_template)

282
app/hapservers.py
View File

@ -3,184 +3,188 @@ import sys
import distro
import funct
import sql
import modules.db.sql as sql
import modules.common.common as common
import modules.server.server as server_mod
import modules.roxywi.auth as roxywi_auth
import modules.roxywi.common as roxywi_common
from jinja2 import Environment, FileSystemLoader
import modules.roxywi.common as roxywi_common
env = Environment(loader=FileSystemLoader('templates/'), autoescape=True)
template = env.get_template('hapservers.html')
print('Content-type: text/html\n')
user, user_id, role, token, servers, user_services = funct.get_users_params()
user_params = roxywi_common.get_users_params()
services = []
servers: object
form = funct.form
serv = funct.is_ip_or_dns(form.getvalue('serv'))
service = funct.checkAjaxInput(form.getvalue('service'))
form = common.form
serv = common.is_ip_or_dns(form.getvalue('serv'))
service = common.checkAjaxInput(form.getvalue('service'))
autorefresh = 0
servers_waf = ()
title = ''
cmd = "ps ax |grep -e 'keep_alive.py' |grep -v grep |wc -l"
keep_alive, stderr = funct.subprocess_execute(cmd)
keep_alive, stderr = server_mod.subprocess_execute(cmd)
is_restart = ''
service_desc = ''
restart_settings = ''
if service in ('haproxy', 'nginx', 'keepalived', 'apache'):
service_desc = sql.select_service(service)
if funct.check_login(user_id, token, service=service_desc.service_id):
title = f'{service_desc.service} servers overview'
if serv:
if funct.check_is_server_in_group(serv):
servers = sql.select_servers(server=serv)
autorefresh = 1
server_id = sql.select_server_id_by_ip(serv)
docker_settings = sql.select_docker_service_settings(server_id, service_desc.slug)
restart_settings = sql.select_restart_service_settings(server_id, service_desc.slug)
else:
servers = sql.get_dick_permit(virt=1, service=service_desc.slug)
docker_settings = sql.select_docker_services_settings(service_desc.slug)
restart_settings = sql.select_restart_services_settings(service_desc.slug)
service_desc = sql.select_service(service)
if roxywi_auth.check_login(user_params['user_uuid'], user_params['token'], service=service_desc.service_id):
title = f'{service_desc.service} servers overview'
if serv:
if roxywi_common.check_is_server_in_group(serv):
servers = sql.select_servers(server=serv)
autorefresh = 1
server_id = sql.select_server_id_by_ip(serv)
docker_settings = sql.select_docker_service_settings(server_id, service_desc.slug)
restart_settings = sql.select_restart_service_settings(server_id, service_desc.slug)
else:
servers = roxywi_common.get_dick_permit(virt=1, service=service_desc.slug)
docker_settings = sql.select_docker_services_settings(service_desc.slug)
restart_settings = sql.select_restart_services_settings(service_desc.slug)
else:
print('<meta http-equiv="refresh" content="0; url=/app/overview.py">')
sys.exit()
print('<meta http-equiv="refresh" content="0; url=/app/overview.py">')
sys.exit()
services_name = {'roxy-wi-checker': 'Master backends checker service',
'roxy-wi-keep_alive': 'Auto start service',
'roxy-wi-metrics': 'Master metrics service'}
'roxy-wi-keep_alive': 'Auto start service',
'roxy-wi-metrics': 'Master metrics service'}
for s, v in services_name.items():
if distro.id() == 'ubuntu':
if s == 'roxy-wi-keep_alive':
s = 'roxy-wi-keep-alive'
cmd = "apt list --installed 2>&1 |grep " + s
else:
cmd = "rpm --query " + s + "-* |awk -F\"" + s + "\" '{print $2}' |awk -F\".noa\" '{print $1}' |sed 's/-//1' |sed 's/-/./'"
service_ver, stderr = funct.subprocess_execute(cmd)
try:
services.append([s, service_ver[0]])
except Exception:
services.append([s, ''])
if distro.id() == 'ubuntu':
if s == 'roxy-wi-keep_alive':
s = 'roxy-wi-keep-alive'
cmd = "apt list --installed 2>&1 |grep " + s
else:
cmd = "rpm --query " + s + "-* |awk -F\"" + s + "\" '{print $2}' |awk -F\".noa\" '{print $1}' |sed 's/-//1' |sed 's/-/./'"
service_ver, stderr = server_mod.subprocess_execute(cmd)
try:
services.append([s, service_ver[0]])
except Exception:
services.append([s, ''])
haproxy_sock_port = sql.get_setting('haproxy_sock_port')
servers_with_status1 = []
out1 = ''
if len(servers) == 1:
serv = servers[0][2]
serv = servers[0][2]
for s in servers:
servers_with_status = list()
servers_with_status.append(s[0])
servers_with_status.append(s[1])
servers_with_status.append(s[2])
servers_with_status.append(s[11])
if service == 'nginx':
h = (['', ''],)
cmd = [
"/usr/sbin/nginx -v 2>&1|awk '{print $3}' && systemctl status nginx |grep -e 'Active' |awk "
"'{print $2, $9$10$11$12$13}' && ps ax |grep nginx:|grep -v grep |wc -l"]
for service_set in docker_settings:
if service_set.server_id == s[0] and service_set.setting == 'dockerized' and service_set.value == '1':
container_name = sql.get_setting('nginx_container_name')
cmd = [
"docker exec -it " + container_name + " /usr/sbin/nginx -v 2>&1|awk '{print $3}' && "
"docker ps -a -f name=" + container_name + " --format '{{.Status}}'|tail -1 && ps ax |grep nginx:"
"|grep -v grep |wc -l"
]
try:
out = funct.ssh_command(s[2], cmd)
h = ()
out1 = []
for k in out.split():
out1.append(k)
h = (out1,)
servers_with_status.append(h)
servers_with_status.append(h)
servers_with_status.append(s[17])
except Exception:
servers_with_status.append(h)
servers_with_status.append(h)
servers_with_status.append(s[17])
elif service == 'keepalived':
h = (['', ''],)
cmd = [
"/usr/sbin/keepalived -v 2>&1|head -1|awk '{print $2}' && systemctl status keepalived |"
"grep -e 'Active' |awk '{print $2, $9$10$11$12$13}' && ps ax |grep keepalived|grep -v grep |wc -l"
]
try:
out = funct.ssh_command(s[2], cmd)
out1 = []
for k in out.split():
out1.append(k)
h = (out1,)
servers_with_status.append(h)
servers_with_status.append(h)
servers_with_status.append(s[22])
except Exception:
servers_with_status.append(h)
servers_with_status.append(h)
servers_with_status.append(s[22])
elif service == 'apache':
h = (['', ''],)
apache_stats_user = sql.get_setting('apache_stats_user')
apache_stats_password = sql.get_setting('apache_stats_password')
apache_stats_port = sql.get_setting('apache_stats_port')
apache_stats_page = sql.get_setting('apache_stats_page')
cmd = "curl -s -u %s:%s http://%s:%s/%s?auto |grep 'ServerVersion\|Processes\|ServerUptime:'" % (
apache_stats_user, apache_stats_password, s[2], apache_stats_port, apache_stats_page
)
try:
out = funct.subprocess_execute(cmd)
if out != '':
for k in out:
servers_with_status.append(k)
servers_with_status.append(s[22])
except Exception:
servers_with_status.append(h)
servers_with_status.append(h)
servers_with_status.append(s[22])
else:
cmd = 'echo "show info" |nc %s %s -w 1 -v|grep -e "Ver\|Uptime:\|Process_num"' % (s[2], haproxy_sock_port)
out = funct.subprocess_execute(cmd)
for k in out:
if "Connection refused" not in k:
out1 = out
else:
out1 = False
servers_with_status.append(out1)
servers_with_status = list()
servers_with_status.append(s[0])
servers_with_status.append(s[1])
servers_with_status.append(s[2])
servers_with_status.append(s[11])
if service == 'nginx':
h = (['', ''],)
cmd = [
"/usr/sbin/nginx -v 2>&1|awk '{print $3}' && systemctl status nginx |grep -e 'Active' |awk "
"'{print $2, $9$10$11$12$13}' && ps ax |grep nginx:|grep -v grep |wc -l"]
for service_set in docker_settings:
if service_set.server_id == s[0] and service_set.setting == 'dockerized' and service_set.value == '1':
container_name = sql.get_setting('nginx_container_name')
cmd = [
"docker exec -it " + container_name + " /usr/sbin/nginx -v 2>&1|awk '{print $3}' && "
"docker ps -a -f name=" + container_name + " --format '{{.Status}}'|tail -1 && ps ax |grep nginx:"
"|grep -v grep |wc -l"
]
try:
out = server_mod.ssh_command(s[2], cmd)
h = ()
out1 = []
for k in out.split():
out1.append(k)
h = (out1,)
servers_with_status.append(h)
servers_with_status.append(h)
servers_with_status.append(s[17])
except Exception:
servers_with_status.append(h)
servers_with_status.append(h)
servers_with_status.append(s[17])
elif service == 'keepalived':
h = (['', ''],)
cmd = [
"/usr/sbin/keepalived -v 2>&1|head -1|awk '{print $2}' && systemctl status keepalived |"
"grep -e 'Active' |awk '{print $2, $9$10$11$12$13}' && ps ax |grep keepalived|grep -v grep |wc -l"
]
try:
out = server_mod.ssh_command(s[2], cmd)
out1 = []
for k in out.split():
out1.append(k)
h = (out1,)
servers_with_status.append(h)
servers_with_status.append(h)
servers_with_status.append(s[22])
except Exception:
servers_with_status.append(h)
servers_with_status.append(h)
servers_with_status.append(s[22])
elif service == 'apache':
h = (['', ''],)
apache_stats_user = sql.get_setting('apache_stats_user')
apache_stats_password = sql.get_setting('apache_stats_password')
apache_stats_port = sql.get_setting('apache_stats_port')
apache_stats_page = sql.get_setting('apache_stats_page')
cmd = "curl -s -u %s:%s http://%s:%s/%s?auto |grep 'ServerVersion\|Processes\|ServerUptime:'" % (
apache_stats_user, apache_stats_password, s[2], apache_stats_port, apache_stats_page
)
try:
out = server_mod.subprocess_execute(cmd)
if out != '':
for k in out:
servers_with_status.append(k)
servers_with_status.append(s[22])
except Exception:
servers_with_status.append(h)
servers_with_status.append(h)
servers_with_status.append(s[22])
else:
cmd = 'echo "show info" |nc %s %s -w 1 -v|grep -e "Ver\|Uptime:\|Process_num"' % (s[2], haproxy_sock_port)
out = server_mod.subprocess_execute(cmd)
for k in out:
if "Connection refused" not in k:
out1 = out
else:
out1 = False
servers_with_status.append(out1)
servers_with_status.append(s[12])
servers_with_status.append(s[12])
servers_with_status.append(sql.is_master(s[2]))
servers_with_status.append(sql.select_servers(server=s[2]))
servers_with_status.append(sql.is_master(s[2]))
servers_with_status.append(sql.select_servers(server=s[2]))
is_keepalived = sql.select_keepalived(s[2])
is_keepalived = sql.select_keepalived(s[2])
if is_keepalived:
try:
cmd = ['sudo kill -USR1 `cat /var/run/keepalived.pid` && sudo grep State /tmp/keepalived.data -m 1 |'
'awk -F"=" \'{print $2}\'|tr -d \'[:space:]\' && sudo rm -f /tmp/keepalived.data']
out = funct.ssh_command(s[2], cmd)
out1 = ('1', out)
servers_with_status.append(out1)
except Exception as e:
servers_with_status.append(str(e))
else:
servers_with_status.append('')
if is_keepalived:
try:
cmd = ['sudo kill -USR1 `cat /var/run/keepalived.pid` && sudo grep State /tmp/keepalived.data -m 1 |'
'awk -F"=" \'{print $2}\'|tr -d \'[:space:]\' && sudo rm -f /tmp/keepalived.data']
out = server_mod.ssh_command(s[2], cmd)
out1 = ('1', out)
servers_with_status.append(out1)
except Exception as e:
servers_with_status.append(str(e))
else:
servers_with_status.append('')
servers_with_status1.append(servers_with_status)
servers_with_status1.append(servers_with_status)
try:
user_status, user_plan = funct.return_user_status()
user_subscription = roxywi_common.return_user_status()
except Exception as e:
user_status, user_plan = 0, 0
funct.logging('Roxy-WI server', f'Cannot get a user plan: {e}', roxywi=1)
user_subscription = roxywi_common.return_unsubscribed_user_status()
roxywi_common.logging('Roxy-WI server', f'Cannot get a user plan: {e}', roxywi=1)
template = template.render(
h2=1, autorefresh=autorefresh, title=title, role=role, user=user, servers=servers_with_status1,
keep_alive=''.join(keep_alive), serv=serv, service=service, services=services, user_services=user_services,
docker_settings=docker_settings, user_status=user_status, user_plan=user_plan, servers_waf=servers_waf,
restart_settings=restart_settings, service_desc=service_desc, token=token
h2=1, autorefresh=autorefresh, title=title, role=user_params['role'], user=user_params['user'], servers=servers_with_status1,
keep_alive=''.join(keep_alive), serv=serv, service=service, services=services, user_services=user_params['user_services'],
docker_settings=docker_settings, user_status=user_subscription['user_status'], user_plan=user_subscription['user_plan'],
servers_waf=servers_waf, restart_settings=restart_settings, service_desc=service_desc, token=user_params['token']
)
print(template)

61
app/history.py
View File

@ -1,6 +1,9 @@
#!/usr/bin/env python3
import funct
import sql
import modules.db.sql as sql
import modules.common.common as common
import modules.roxywi.auth as roxywi_auth
import modules.roxywi.common as roxywi_common
from jinja2 import Environment, FileSystemLoader
env = Environment(loader=FileSystemLoader('templates/'), autoescape=True)
@ -8,48 +11,44 @@ template = env.get_template('history.html')
print('Content-type: text/html\n')
try:
user, user_id, role, token, servers, user_services \
= funct.get_users_params()
services = []
except Exception:
pass
user_params = roxywi_common.get_users_params(service='keepalived')
form = funct.form
serv = funct.is_ip_or_dns(form.getvalue('serv'))
form = common.form
serv = common.is_ip_or_dns(form.getvalue('serv'))
service = form.getvalue('service')
user_id_history = form.getvalue('user_id')
if service in ('haproxy', 'nginx', 'keepalived', 'apache'):
service_desc = sql.select_service(service)
if funct.check_login(user_id, token, service=service_desc.service_id):
title = f'{service_desc.service} service history'
server_id = sql.select_server_id_by_ip(serv)
history = sql.select_action_history_by_server_id_and_service(
server_id,
service_desc.service
)
service_desc = sql.select_service(service)
if roxywi_auth.check_login(user_params['user_uuid'], user_params['token'], service=service_desc.service_id):
title = f'{service_desc.service} service history'
server_id = sql.select_server_id_by_ip(serv)
history = sql.select_action_history_by_server_id_and_service(
server_id,
service_desc.service
)
elif service == 'server':
if serv:
title = f'{serv} history'
if funct.check_is_server_in_group(serv):
server_id = sql.select_server_id_by_ip(serv)
history = sql.select_action_history_by_server_id(server_id)
if serv:
title = f'{serv} history'
if roxywi_common.check_is_server_in_group(serv):
server_id = sql.select_server_id_by_ip(serv)
history = sql.select_action_history_by_server_id(server_id)
elif service == 'user':
if user_id_history:
title = 'User history'
history = sql.select_action_history_by_user_id(user_id_history)
if user_id_history:
title = 'User history'
history = sql.select_action_history_by_user_id(user_id_history)
users = sql.select_users()
try:
user_status, user_plan = funct.return_user_status()
user_subscription = roxywi_common.return_user_status()
except Exception as e:
user_status, user_plan = 0, 0
funct.logging('Roxy-WI server', 'Cannot get a user plan: ' + str(e), roxywi=1)
user_subscription = roxywi_common.return_unsubscribed_user_status()
roxywi_common.logging('Roxy-WI server', f'Cannot get a user plan: {e}', roxywi=1)
rendered_template = template.render(
h2=1, autorefresh=0, title=title, role=role, user=user, users=users, serv=serv, service=service,
history=history, user_services=user_services, token=token, user_status=user_status, user_plan=user_plan
h2=1, autorefresh=0, title=title, role=user_params['role'], user=user_params['user'], users=users, serv=serv,
service=service, history=history, user_services=user_params['user_services'], token=user_params['token'],
user_status=user_subscription['user_status'], user_plan=user_subscription['user_plan']
)
print(rendered_template)

20
app/login.py
View File

@ -8,14 +8,16 @@ import datetime
import uuid
import distro
import sql
import funct
import modules.db.sql as sql
import modules.common.common as common
import modules.server.server as server_mod
import modules.roxy_wi_tools as roxy_wi_tools
import modules.roxywi.common as roxywi_common
from jinja2 import Environment, FileSystemLoader
env = Environment(loader=FileSystemLoader('templates/'), autoescape=True)
template = env.get_template('login.html')
form = funct.form
form = common.form
cookie = http.cookies.SimpleCookie(os.environ.get("HTTP_COOKIE"))
user_id = cookie.get('uuid')
@ -75,7 +77,7 @@ def send_cookie(login):
try:
user_name = sql.get_user_name_by_uuid(user_uuid)
funct.logging('Roxy-WI server', f' user: {user_name}, group: {user_group} login', roxywi=1)
roxywi_roxywi_common.logging('Roxy-WI server', f' user: {user_name}, group: {user_group} login', roxywi=1)
except Exception:
pass
print("Content-type: text/html\n")
@ -85,14 +87,14 @@ def send_cookie(login):
if distro.id() == 'ubuntu':
if os.path.exists('/etc/apt/auth.conf.d/roxy-wi.conf'):
cmd = "grep login /etc/apt/auth.conf.d/roxy-wi.conf |awk '{print $2}'"
get_user_name, stderr = funct.subprocess_execute(cmd)
get_user_name, stderr = server_mod.subprocess_execute(cmd)
user_name = get_user_name[0]
else:
user_name = 'git'
else:
if os.path.exists('/etc/yum.repos.d/roxy-wi.repo'):
cmd = "grep base /etc/yum.repos.d/roxy-wi.repo |awk -F\":\" '{print $2}'|awk -F\"/\" '{print $3}'"
get_user_name, stderr = funct.subprocess_execute(cmd)
get_user_name, stderr = server_mod.subprocess_execute(cmd)
user_name = get_user_name[0]
else:
user_name = 'git'
@ -101,7 +103,7 @@ def send_cookie(login):
else:
sql.insert_user_name(user_name)
except Exception as e:
funct.logging('Cannot update subscription: ', str(e), roxywi=1)
roxywi_roxywi_common.logging('Cannot update subscription: ', str(e), roxywi=1)
sys.exit()
@ -115,9 +117,9 @@ def ban():
c["ban"]["Secure"] = "True"
c["ban"]["expires"] = expires.strftime("%a, %d %b %Y %H:%M:%S GMT")
try:
funct.logging('Roxy-WI server', f'{login} failed log in', roxywi=1, login=1)
roxywi_roxywi_common.logging('Roxy-WI server', f'{login} failed log in', roxywi=1, login=1)
except Exception:
funct.logging('Roxy-WI server', ' Failed log in. Wrong username', roxywi=1)
roxywi_roxywi_common.logging('Roxy-WI server', ' Failed log in. Wrong username', roxywi=1)
print(c.output())
print("Content-type: text/html\n")
print('ban')

31
app/logs.py
View File

@ -1,16 +1,16 @@
#!/usr/bin/env python3
import funct
import sql
import modules.db.sql as sql
import modules.common.common as common
import modules.roxywi.auth as roxywi_auth
import modules.roxywi.common as roxywi_common
from jinja2 import Environment, FileSystemLoader
env = Environment(loader=FileSystemLoader('templates/'), autoescape=True)
template = env.get_template('logs.html')
form = funct.form
form = common.form
print('Content-type: text/html\n')
try:
user, user_id, role, token, servers, user_services = funct.get_users_params()
except Exception:
pass
user_params = roxywi_common.get_users_params()
if form.getvalue('grep') is None:
grep = ""
@ -32,24 +32,25 @@ hour1 = form.getvalue('hour1')
minut = form.getvalue('minut')
minut1 = form.getvalue('minut1')
waf = form.getvalue('waf')
service = funct.checkAjaxInput(form.getvalue('service'))
service = common.checkAjaxInput(form.getvalue('service'))
remote_file = form.getvalue('file')
if service in ('haproxy', 'nginx', 'keepalived', 'apache'):
service_desc = sql.select_service(service)
if funct.check_login(user_id, token, service=service_desc.service_id):
if roxywi_auth.check_login(user_params['user_uuid'], user_params['token'], service=service_desc.service_id):
title = f"{service_desc.service}`s logs"
servers = sql.get_dick_permit(service=service_desc.slug)
servers = roxywi_common.get_dick_permit(service=service_desc.slug)
elif waf == '1':
if funct.check_login(service=1):
if roxywi_auth.check_login(service=1):
title = "WAF logs"
servers = sql.get_dick_permit(haproxy=1)
servers = roxywi_common.get_dick_permit(haproxy=1)
else:
print('<meta http-equiv="refresh" content="0; url=/app/overview.py">')
template = template.render(
h2=1, autorefresh=1, title=title, role=role, user=user, select_id="serv", selects=servers,
serv=form.getvalue('serv'), rows=rows, grep=grep, exgrep=exgrep, hour=hour, hour1=hour1, minut=minut,
minut1=minut1, waf=waf, service=service, user_services=user_services, token=token, remote_file=remote_file
h2=1, autorefresh=1, title=title, role=user_params['role'], user=user_params['user'], select_id="serv",
selects=servers, serv=form.getvalue('serv'), rows=rows, grep=grep, exgrep=exgrep, hour=hour, hour1=hour1,
minut=minut, minut1=minut1, waf=waf, service=service, user_services=user_params['user_services'],
token=user_params['token'], remote_file=remote_file
)
print(template)

41
app/metrics.py
View File

@ -1,25 +1,31 @@
#!/usr/bin/env python3
import distro
import funct
import sql
import modules.db.sql as sql
import modules.common.common as common
import modules.server.server as server_mod
import modules.roxywi.auth as roxywi_auth
import modules.roxywi.common as roxywi_common
from jinja2 import Environment, FileSystemLoader
env = Environment(loader=FileSystemLoader('templates/'), autoescape=True)
template = env.get_template('metrics.html')
form = funct.form
form = common.form
service = form.getvalue('service')
title = 'Metrics service'
print('Content-type: text/html\n')
user, user_id, role, token, servers, user_services = funct.get_users_params()
user_params = roxywi_common.get_users_params()
roxywi_common.check_user_group()
try:
if distro.id() == 'ubuntu':
cmd = "apt list --installed 2>&1 |grep roxy-wi-metrics"
else:
cmd = "rpm -q roxy-wi-metrics-* |awk -F\"metrics\" '{print $2}' |awk -F\".noa\" '{print $1}' |sed 's/-//1' |sed 's/-/./'"
service_ver, stderr = funct.subprocess_execute(cmd)
service_ver, stderr = server_mod.subprocess_execute(cmd)
services = '0'
if not stderr:
@ -27,31 +33,32 @@ try:
servers = ''
else:
if service == 'nginx':
if funct.check_login(user_id, token, service=2):
if roxywi_auth.check_login(user_params['user_uuid'], user_params['token'], service=2):
title = "NGINX`s metrics"
servers = sql.select_nginx_servers_metrics_for_master()
user_params['servers'] = sql.select_nginx_servers_metrics_for_master()
elif service == 'apache':
if funct.check_login(user_id, token, service=4):
if roxywi_auth.check_login(user_params['user_uuid'], user_params['token'], service=4):
title = "Apache`s metrics"
servers = sql.select_apache_servers_metrics_for_master()
user_params['servers'] = sql.select_apache_servers_metrics_for_master()
else:
if funct.check_login(user_id, token, service=1):
if roxywi_auth.check_login(user_params['user_uuid'], user_params['token'], service=1):
title = "HAProxy`s metrics"
servers = sql.select_servers_metrics()
group_id = roxywi_common.get_user_group(id=1)
user_params['servers'] = sql.select_servers_metrics(group_id)
service = 'haproxy'
services = '1'
except Exception:
pass
try:
user_status, user_plan = funct.return_user_status()
user_subscription = roxywi_common.return_user_status()
except Exception as e:
user_status, user_plan = 0, 0
funct.logging('Roxy-WI server', f'Cannot get a user plan: {e}', roxywi=1)
user_subscription = roxywi_common.return_unsubscribed_user_status()
roxywi_common.logging('Roxy-WI server', f'Cannot get a user plan: {e}', roxywi=1)
template = template.render(
h2=1, title=title, autorefresh=1, role=role, user=user, servers=servers, services=services,
user_services=user_services, service=service, user_status=user_status, user_plan=user_plan, token=token
h2=1, title=title, autorefresh=1, role=user_params['role'], user=user_params['user'], servers=user_params['servers'],
services=services, user_services=user_params['user_services'], service=service, user_status=user_subscription['user_status'],
user_plan=user_subscription['user_plan'], token=user_params['token']
)
print(template)

1
app/modules/alerting/__init__.py Normal file
View File

@ -0,0 +1 @@
NAME = 'roxy-wi-alerting-module'

175
app/modules/alerting/alerting.py Normal file
View File

@ -0,0 +1,175 @@
import json
import pika
import modules.db.sql as sql
import modules.roxywi.common as roxywi_common
def send_message_to_rabbit(message: str, **kwargs) -> None:
rabbit_user = sql.get_setting('rabbitmq_user')
rabbit_password = sql.get_setting('rabbitmq_password')
rabbit_host = sql.get_setting('rabbitmq_host')
rabbit_port = sql.get_setting('rabbitmq_port')
rabbit_vhost = sql.get_setting('rabbitmq_vhost')
if kwargs.get('rabbit_queue'):
rabbit_queue = kwargs.get('rabbit_queue')
else:
rabbit_queue = sql.get_setting('rabbitmq_queue')
credentials = pika.PlainCredentials(rabbit_user, rabbit_password)
parameters = pika.ConnectionParameters(
rabbit_host,
rabbit_port,
rabbit_vhost,
credentials
)
connection = pika.BlockingConnection(parameters)
channel = connection.channel()
channel.queue_declare(queue=rabbit_queue)
channel.basic_publish(exchange='', routing_key=rabbit_queue, body=message)
connection.close()
def alert_routing(
server_ip: str, service_id: int, group_id: int, level: str, mes: str, alert_type: str
) -> None:
subject: str = level + ': ' + mes
server_id: int = sql.select_server_id_by_ip(server_ip)
checker_settings = sql.select_checker_settings_for_server(service_id, server_id)
try:
json_for_sending = {"user_group": group_id, "message": subject}
send_message_to_rabbit(json.dumps(json_for_sending))
except Exception as e:
roxywi_common.logging('Roxy-WI server', 'error: unable to send message: ' + str(e), roxywi=1)
for setting in checker_settings:
if alert_type == 'service' and setting.service_alert:
telegram_send_mess(mes, telegram_channel_id=setting.telegram_id)
slack_send_mess(mes, slack_channel_id=setting.slack_id)
if setting.email:
send_email_to_server_group(subject, mes, group_id)
if alert_type == 'backend' and setting.backend_alert:
telegram_send_mess(mes, telegram_channel_id=setting.telegram_id)
slack_send_mess(mes, slack_channel_id=setting.slack_id)
if setting.email:
send_email_to_server_group(subject, mes, group_id)
if alert_type == 'maxconn' and setting.maxconn_alert:
telegram_send_mess(mes, telegram_channel_id=setting.telegram_id)
slack_send_mess(mes, slack_channel_id=setting.slack_id)
if setting.email:
send_email_to_server_group(subject, mes, group_id)
def send_email_to_server_group(subject: str, mes: str, group_id: int) -> None:
try:
users_email = sql.select_users_emails_by_group_id(group_id)
for user_email in users_email:
send_email(user_email.email, subject, mes)
except Exception as e:
roxywi_common.logging('Roxy-WI server', f'error: unable to send email: {e}', roxywi=1)
def send_email(email_to: str, subject: str, message: str) -> None:
from smtplib import SMTP
try:
from email.MIMEText import MIMEText
except Exception:
from email.mime.text import MIMEText
mail_ssl = sql.get_setting('mail_ssl')
mail_from = sql.get_setting('mail_from')
mail_smtp_host = sql.get_setting('mail_smtp_host')
mail_smtp_port = sql.get_setting('mail_smtp_port')
mail_smtp_user = sql.get_setting('mail_smtp_user')
mail_smtp_password = sql.get_setting('mail_smtp_password')
msg = MIMEText(message)
msg['Subject'] = 'Roxy-WI: ' + subject
msg['From'] = 'Roxy-WI <' + mail_from + '>'
msg['To'] = email_to
try:
smtp_obj = SMTP(mail_smtp_host, mail_smtp_port)
if mail_ssl:
smtp_obj.starttls()
smtp_obj.login(mail_smtp_user, mail_smtp_password)
smtp_obj.send_message(msg)
roxywi_common.logging('Roxy-WI server', f'An email has been sent to {email_to}', roxywi=1)
except Exception as e:
roxywi_common.logging('Roxy-WI server', f'error: unable to send email: {e}', roxywi=1)
def telegram_send_mess(mess, **kwargs):
import telebot
from telebot import apihelper
token_bot = ''
channel_name = ''
if kwargs.get('telegram_channel_id') == 0:
return
if kwargs.get('telegram_channel_id'):
telegrams = sql.get_telegram_by_id(kwargs.get('telegram_channel_id'))
else:
telegrams = sql.get_telegram_by_ip(kwargs.get('ip'))
proxy = sql.get_setting('proxy')
for telegram in telegrams:
token_bot = telegram.token
channel_name = telegram.chanel_name
if token_bot == '' or channel_name == '':
mess = " Can't send message. Add Telegram channel before use alerting at this servers group"
roxywi_common.logging('Roxy-WI server', mess, roxywi=1)
if proxy is not None and proxy != '' and proxy != 'None':
apihelper.proxy = {'https': proxy}
try:
bot = telebot.TeleBot(token=token_bot)
bot.send_message(chat_id=channel_name, text=mess)
except Exception as e:
roxywi_common.logging('Roxy-WI server', str(e), roxywi=1)
def slack_send_mess(mess, **kwargs):
from slack_sdk import WebClient
from slack_sdk.errors import SlackApiError
slack_token = ''
channel_name = ''
if kwargs.get('slack_channel_id') == 0:
return
if kwargs.get('slack_channel_id'):
slacks = sql.get_slack_by_id(kwargs.get('slack_channel_id'))
else:
slacks = sql.get_slack_by_ip(kwargs.get('ip'))
proxy = sql.get_setting('proxy')
for slack in slacks:
slack_token = slack.token
channel_name = slack.chanel_name
if proxy is not None and proxy != '' and proxy != 'None':
proxies = dict(https=proxy, http=proxy)
client = WebClient(token=slack_token, proxies=proxies)
else:
client = WebClient(token=slack_token)
try:
client.chat_postMessage(channel='#' + channel_name, text=mess)
except SlackApiError as e:
roxywi_common.logging('Roxy-WI server', str(e), roxywi=1)

1
app/modules/common/__init__.py Normal file
View File

@ -0,0 +1 @@
NAME = 'roxy-wi-common-modules'

64
app/modules/common/common.py Normal file
View File

@ -0,0 +1,64 @@
import re
import cgi
form = cgi.FieldStorage()
def is_ip_or_dns(server_from_request: str) -> str:
ip_regex = "^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])$"
dns_regex = "^(?!-)[A-Za-z0-9-]+([\\-\\.]{1}[a-z0-9]+)*\\.[A-Za-z]{2,6}$"
try:
server_from_request = server_from_request.strip()
except Exception:
pass
try:
if server_from_request in (
'roxy-wi-checker', 'roxy-wi-keep_alive', 'roxy-wi-keep-alive', 'roxy-wi-metrics',
'roxy-wi-portscanner', 'roxy-wi-smon', 'roxy-wi-socket', 'roxy-wi-prometheus-exporter',
'prometheus', 'fail2ban', 'all', 'grafana-server', 'rabbitmq-server'
):
return server_from_request
if re.match(ip_regex, server_from_request):
return server_from_request
else:
if re.match(dns_regex, server_from_request):
return server_from_request
else:
return ''
except Exception:
return ''
def checkAjaxInput(ajax_input: str):
pattern = re.compile('[&;|$`]')
if pattern.search(ajax_input):
print('error: nice try')
return
else:
from shlex import quote
return quote(ajax_input.rstrip())
def return_nice_path(return_path: str) -> str:
if (
'nginx' not in return_path
and 'haproxy' not in return_path
and 'apache2' not in return_path
and 'httpd' not in return_path
and 'keepalived' not in return_path
):
return 'error: The path must contain the name of the service. Check it in Roxy-WI settings'
if return_path[-1] != '/':
return_path += '/'
return return_path
def string_to_dict(dict_string) -> dict:
from ast import literal_eval
return literal_eval(dict_string)
def get_key(item):
return item[0]

1
app/modules/config/__init__.py Normal file
View File

@ -0,0 +1 @@
NAME = 'roxy-wi-config-module'

374
app/modules/config/config.py Normal file
View File

@ -0,0 +1,374 @@
import os
import http.cookies
import modules.db.sql as sql
import modules.common.common as common
import modules.server.server as server_mod
import modules.roxywi.common as roxywi_common
import modules.roxy_wi_tools as roxy_wi_tools
from modules.service.common import is_not_allowed_to_restart
time_zone = sql.get_setting('time_zone')
get_date = roxy_wi_tools.GetDate(time_zone)
get_config_var = roxy_wi_tools.GetConfigVar()
def get_config(server_ip, cfg, **kwargs):
config_path = ''
if kwargs.get("keepalived") or kwargs.get("service") == 'keepalived':
config_path = sql.get_setting('keepalived_config_path')
elif (
kwargs.get("nginx") or kwargs.get("service") == 'nginx'
or kwargs.get("apache") or kwargs.get("service") == 'apache'
):
config_path = kwargs.get('config_file_name')
elif kwargs.get("waf") or kwargs.get("service") == 'waf':
if kwargs.get("waf") == 'haproxy':
config_path = f'{sql.get_setting("haproxy_dir")}/waf/rules/{kwargs.get("waf_rule_file")}'
elif kwargs.get("waf") == 'nginx':
config_path = f'{sql.get_setting("nginx_dir")}/waf/rules/{kwargs.get("waf_rule_file")}'
else:
config_path = sql.get_setting('haproxy_config_path')
try:
with server_mod.ssh_connect(server_ip) as ssh:
ssh.get_sftp(config_path, cfg)
except Exception as e:
roxywi_common.logging('Roxy-WI server', f'error: cannot get config: {e}', roxywi=1)
def upload(server_ip, path, file, **kwargs):
full_path = path + file
if kwargs.get('dir') == "fullpath":
full_path = path
try:
with server_mod.ssh_connect(server_ip) as ssh:
ssh.put_sftp(file, full_path)
except Exception as e:
error = str(e.args)
roxywi_common.logging('Roxy-WI server', error, roxywi=1)
print(f' Cannot upload {file} to {full_path} to server: {server_ip} error: {error}')
return error
def upload_and_restart(server_ip: str, cfg: str, **kwargs):
error = ''
service_name = ''
container_name = ''
reload_or_restart_command = ''
file_format = 'conf'
config_path = kwargs.get('config_file_name')
config_date = get_date.return_date('config')
server_id = sql.select_server_id_by_ip(server_ip=server_ip)
if kwargs.get("nginx"):
service = 'nginx'
elif kwargs.get("apache"):
service = 'apache'
elif kwargs.get("keepalived"):
service = 'keepalived'
config_path = sql.get_setting('keepalived_config_path')
file_format = 'cfg'
elif kwargs.get('waf'):
service = 'waf'
else:
service = 'haproxy'
config_path = sql.get_setting('haproxy_config_path')
file_format = 'cfg'
tmp_file = f"{sql.get_setting('tmp_config_path')}/{config_date}.{file_format}"
is_dockerized = sql.select_service_setting(server_id, service, 'dockerized')
if is_dockerized == '1':
service_cont_name = f'{service}_container_name'
container_name = sql.get_setting(service_cont_name)
reload_command = f" && sudo docker kill -s HUP {container_name}"
restart_command = f" && sudo docker restart {container_name}"
else:
service_name = service
if service == 'haproxy':
haproxy_enterprise = sql.select_service_setting(server_id, 'haproxy', 'haproxy_enterprise')
if haproxy_enterprise == '1':
service_name = "hapee-2.0-lb"
if service == 'apache':
service_name = get_correct_apache_service_name(server_ip, 0)
reload_command = f" && sudo systemctl reload {service_name}"
restart_command = f" && sudo systemctl restart {service_name}"
if kwargs.get("just_save") == 'save':
action = 'save'
elif kwargs.get("just_save") == 'test':
action = 'test'
elif kwargs.get("just_save") == 'reload':
action = 'reload'
reload_or_restart_command = reload_command
else:
is_not_allowed_to_restart(server_id, service)
action = 'restart'
reload_or_restart_command = restart_command
if kwargs.get('login'):
login = kwargs.get('login')
else:
login = 1
try:
os.system(f"dos2unix {cfg}")
except OSError:
return 'error: there is no dos2unix'
if service == "keepalived":
move_config = f"sudo mv -f {tmp_file} {config_path}"
if action == "save":
commands = [move_config]
else:
commands = [move_config + reload_or_restart_command]
elif service == "nginx":
if is_dockerized == '1':
check_config = f"sudo docker exec -it exec {container_name} nginx -t "
else:
check_config = "sudo nginx -t "
check_and_move = f"sudo mv -f {tmp_file} {config_path} && {check_config}"
if action == "test":
commands = [f"{check_config} && sudo rm -f {tmp_file}"]
elif action == "save":
commands = [check_and_move]
else:
commands = [check_and_move + reload_or_restart_command]
if sql.return_firewall(server_ip):
commands[0] += open_port_firewalld(cfg, server_ip=server_ip, service='nginx')
elif service == "apache":
if is_dockerized == '1':
check_config = f"sudo docker exec -it exec {container_name} sudo apachectl configtest "
else:
check_config = "sudo apachectl configtest "
check_and_move = f"sudo mv -f {tmp_file} {config_path} && {check_config}"
if action == "test":
commands = [f"{check_config} && sudo rm -f {tmp_file}"]
elif action == "save":
commands = [check_and_move]
else:
commands = [check_and_move + reload_or_restart_command]
# if sql.return_firewall(server_ip):
# commands[0] += open_port_firewalld(cfg, server_ip=server_ip, service='apache')
elif service == 'waf':
check_and_move = f"sudo mv -f {tmp_file} {config_path}"
if action == "save":
commands = [check_and_move]
else:
commands = [check_and_move + reload_or_restart_command]
else:
if is_dockerized == '1':
check_config = f"sudo docker exec -it {container_name} haproxy -c -f {tmp_file}"
else:
check_config = f"sudo {service_name} -c -f {tmp_file}"
move_config = f" && sudo mv -f {tmp_file} {config_path}"
if action == "test":
commands = [f"{check_config} && sudo rm -f {tmp_file}"]
elif action == "save":
commands = [check_config + move_config]
else:
commands = [check_config + move_config + reload_or_restart_command]
if sql.return_firewall(server_ip):
commands[0] += open_port_firewalld(cfg, server_ip=server_ip)
try:
upload(server_ip, tmp_file, cfg, dir='fullpath')
try:
if action != 'test':
roxywi_common.logging(server_ip, 'A new config file has been uploaded', login=login, keep_history=1, service=service)
except Exception as e:
roxywi_common.logging('Roxy-WI server', str(e), roxywi=1)
# If master then save version of config in a new way
if not kwargs.get('slave') and service != 'waf':
from pathlib import Path
diff = ''
try:
old_cfg = kwargs.get('oldcfg')
path = Path(old_cfg)
except Exception:
old_cfg = ''
path = Path(old_cfg)
if not path.is_file():
old_cfg = f'{tmp_file}.old'
try:
get_config(server_ip, old_cfg, service=service, config_file_name=config_path)
except Exception:
roxywi_common.logging('Roxy-WI server', 'Cannot download config for diff', roxywi=1)
try:
diff = diff_config(old_cfg, cfg, return_diff=1)
except Exception as e:
roxywi_common.logging('Roxy-WI server', str(e), roxywi=1)
try:
user_id = roxywi_common.get_user_id(login=kwargs.get('login'))
sql.insert_config_version(server_id, user_id, service, cfg, config_path, diff)
except Exception as e:
roxywi_common.logging('Roxy-WI server', str(e), roxywi=1)
except Exception as e:
roxywi_common.logging('Roxy-WI server', str(e), roxywi=1)
return error
try:
error = server_mod.ssh_command(server_ip, commands)
try:
if action == 'reload' or action == 'restart':
roxywi_common.logging(server_ip, f'Service has been {action}ed', login=login, keep_history=1, service=service)
except Exception as e:
roxywi_common.logging('Roxy-WI server', str(e), roxywi=1)
except Exception as e:
roxywi_common.logging('Roxy-WI server', str(e), roxywi=1)
return e
if error.strip() != 'haproxy' and error.strip() != 'nginx':
return error.strip()
def master_slave_upload_and_restart(server_ip, cfg, just_save, **kwargs):
slave_output = ''
try:
server_name = sql.get_hostname_by_server_ip(server_ip)
except Exception:
server_name = server_ip
if kwargs.get('login'):
login = kwargs.get('login')
else:
login = ''
is_master = [masters[0] for masters in sql.is_master(server_ip)]
if is_master[0] is not None:
slv_output = upload_and_restart(
is_master[0], cfg, just_save=just_save, nginx=kwargs.get('nginx'), waf=kwargs.get('waf'),
apache=kwargs.get('apache'), config_file_name=kwargs.get('config_file_name'), slave=1
)
slave_output += f'<br>slave_server:\n{slv_output}'
output = upload_and_restart(
server_ip, cfg, just_save=just_save, nginx=kwargs.get('nginx'), waf=kwargs.get('waf'),
apache=kwargs.get('apache'), config_file_name=kwargs.get('config_file_name'),
oldcfg=kwargs.get('oldcfg'), login=login
)
output = server_name + ':\n' + output
output = output + slave_output
return output
def open_port_firewalld(cfg, server_ip, **kwargs):
try:
conf = open(cfg, "r")
except IOError:
print('<div class="alert alert-danger">Cannot read exported config file</div>')
return
firewalld_commands = ' &&'
ports = ''
for line in conf:
if kwargs.get('service') == 'nginx':
if "listen " in line and '#' not in line:
try:
listen = ' '.join(line.split())
listen = listen.split(" ")[1]
listen = listen.split(";")[0]
try:
listen = int(listen)
ports += str(listen) + ' '
firewalld_commands += f' sudo firewall-cmd --zone=public --add-port={listen}/tcp --permanent -q &&'
except Exception:
pass
except Exception:
pass
else:
if "bind" in line:
try:
bind = line.split(":")
bind[1] = bind[1].strip(' ')
bind = bind[1].split("ssl")
bind = bind[0].strip(' \t\n\r')
try:
bind = int(bind)
firewalld_commands += f' sudo firewall-cmd --zone=public --add-port={bind}/tcp --permanent -q &&'
ports += str(bind) + ' '
except Exception:
pass
except Exception:
pass
firewalld_commands += 'sudo firewall-cmd --reload -q'
roxywi_common.logging(server_ip, f' Next ports have been opened: {ports}')
return firewalld_commands
def diff_config(oldcfg, cfg, **kwargs):
cookie = http.cookies.SimpleCookie(os.environ.get("HTTP_COOKIE"))
log_path = get_config_var.get_config_var('main', 'log_path')
user_group = roxywi_common.get_user_group()
diff = ""
date = get_date.return_date('date_in_log')
log_date = get_date.return_date('logs')
cmd = "/bin/diff -ub %s %s" % (oldcfg, cfg)
try:
user_uuid = cookie.get('uuid')
login = sql.get_user_name_by_uuid(user_uuid.value)
except Exception:
login = ''
output, stderr = server_mod.subprocess_execute(cmd)
if kwargs.get('return_diff'):
for line in output:
diff += line + "\n"
return diff
else:
for line in output:
diff += f"{date} user: {login}, group: {user_group} {line}\n"
log_file = f"{log_path}/config_edit-{log_date}"
try:
with open(log_file, 'a') as log:
log.write(diff)
except IOError:
print(f'<center><div class="alert alert-danger">Can\'t read write change to log. {stderr}</div></center>')
pass
def show_finding_in_config(stdout: str, **kwargs) -> str:
grep = ''
out = '<div class="line">--</div>'
if kwargs.get('grep'):
grep = kwargs.get('grep')
grep = re.sub(r'[?|$|!|^|*|\]|\[|,| |]', r'', grep)
for line in stdout:
if kwargs.get('grep'):
line = line.replace(grep, f'<span style="color: red; font-weight: bold;">{grep}</span>')
line_class = "line" if '--' in line else "line3"
out += f'<div class="{line_class}">{line}</div>'
out += '<div class="line">--</div>'
return out
def get_userlists(config):
return_config = ''
with open(config, 'r') as f:
for line in f:
if line.startswith('userlist'):
line = line.strip()
return_config += line + ','
return return_config

220
app/modules/config/runtime.py Normal file
View File

@ -0,0 +1,220 @@
import json
import modules.db.sql as sql
import modules.common.common as common
import modules.config.config as config_mod
import modules.server.server as server_mod
import modules.roxywi.common as roxywi_common
import modules.roxy_wi_tools as roxy_wi_tools
form = common.form
serv = form.getvalue('serv')
time_zone = sql.get_setting('time_zone')
get_date = roxy_wi_tools.GetDate(time_zone)
get_config_var = roxy_wi_tools.GetConfigVar()
def get_all_stick_table():
hap_sock_p = sql.get_setting('haproxy_sock_port')
cmd = 'echo "show table"|nc %s %s |awk \'{print $3}\' | tr -d \'\n\' | tr -d \'[:space:]\'' % (serv, hap_sock_p)
output, stderr = server_mod.subprocess_execute(cmd)
return output[0]
def get_stick_table(table):
hap_sock_p = sql.get_setting('haproxy_sock_port')
cmd = 'echo "show table %s"|nc %s %s |awk -F"#" \'{print $2}\' |head -1 | tr -d \'\n\'' % (table, serv, hap_sock_p)
output, stderr = server_mod.subprocess_execute(cmd)
tables_head = []
for i in output[0].split(','):
i = i.split(':')[1]
tables_head.append(i)
cmd = 'echo "show table %s"|nc %s %s |grep -v "#"' % (table, serv, hap_sock_p)
output, stderr = server_mod.subprocess_execute(cmd)
return tables_head, output
def show_backends(server_ip, **kwargs):
hap_sock_p = sql.get_setting('haproxy_sock_port')
cmd = f'echo "show backend" |nc {server_ip} {hap_sock_p}'
output, stderr = server_mod.subprocess_execute(cmd)
if stderr:
roxywi_common.logging('Roxy-WI server', ' ' + stderr, roxywi=1)
if kwargs.get('ret'):
ret = list()
else:
ret = ""
for line in output:
if any(s in line for s in ('#', 'stats', 'MASTER', '<')):
continue
if len(line) > 1:
back = json.dumps(line).split("\"")
if kwargs.get('ret'):
ret.append(back[1])
else:
print(back[1], end="<br>")
if kwargs.get('ret'):
return ret
def get_backends_from_config(server_ip: str, backends='') -> None:
config_date = get_date.return_date('config')
configs_dir = get_config_var.get_config_var('configs', 'haproxy_save_configs_dir')
format_cfg = 'cfg'
try:
cfg = configs_dir + roxywi_comon.get_files(configs_dir, format_cfg)[0]
except Exception as e:
roxywi_common.logging('Roxy-WI server', str(e), roxywi=1)
try:
cfg = f'{configs_dir}{server_ip}-{config_date}.{format_cfg}'
except Exception:
roxywi_common.logging('Roxy-WI server', ' Cannot generate cfg path', roxywi=1)
return
try:
config_mod.get_config(server_ip, cfg)
except Exception:
roxywi_common.logging('Roxy-WI server', ' Cannot download config', roxywi=1)
print('error: Cannot get backends')
return
with open(cfg, 'r') as f:
for line in f:
if backends == 'frontend':
if (line.startswith('listen') or line.startswith('frontend')) and 'stats' not in line:
line = line.strip()
print(line.split(' ')[1], end="<br>")
def change_ip_and_port():
backend_backend = common.checkAjaxInput(form.getvalue('backend_backend'))
backend_server = common.checkAjaxInput(form.getvalue('backend_server'))
backend_ip = common.checkAjaxInput(form.getvalue('backend_ip'))
backend_port = common.checkAjaxInput(form.getvalue('backend_port'))
if form.getvalue('backend_ip') is None:
print('error: Backend IP must be IP and not 0')
sys.exit()
if form.getvalue('backend_port') is None:
print('error: The backend port must be integer and not 0')
sys.exit()
haproxy_sock_port = sql.get_setting('haproxy_sock_port')
MASTERS = sql.is_master(serv)
for master in MASTERS:
if master[0] is not None:
cmd = 'echo "set server %s/%s addr %s port %s check-port %s" |nc %s %s' % (
backend_backend, backend_server, backend_ip, backend_port, backend_port, master[0], haproxy_sock_port)
output, stderr = server_mod.subprocess_execute(cmd)
print(output[0])
roxywi_common.logging(
master[0], 'IP address and port have been changed. On: {}/{} to {}:{}'.format(
backend_backend, backend_server, backend_ip, backend_port
),
login=1, keep_history=1, service='haproxy'
)
cmd = 'echo "set server %s/%s addr %s port %s check-port %s" |nc %s %s' % (
backend_backend, backend_server, backend_ip, backend_port, backend_port, serv, haproxy_sock_port)
roxywi_common.logging(
serv,
'IP address and port have been changed. On: {}/{} to {}:{}'.format(backend_backend, backend_server, backend_ip,
backend_port),
login=1, keep_history=1, service='haproxy'
)
output, stderr = server_mod.subprocess_execute(cmd)
if stderr != '':
print('error: ' + stderr[0])
else:
print(output[0])
configs_dir = get_config_var.get_config_var('configs', 'haproxy_save_configs_dir')
cfg = configs_dir + serv + "-" + get_date.return_date('config') + ".cfg"
config_mod.get_config(serv, cfg)
cmd = 'string=`grep %s %s -n -A25 |grep "server %s" |head -1|awk -F"-" \'{print $1}\'` ' \
'&& sed -Ei "$( echo $string)s/((1?[0-9][0-9]?|2[0-4][0-9]|25[0-5])\.){3}(1?[0-9][0-9]?|2[0-4][0-9]|25[0-5]):[0-9]+/%s:%s/g" %s' % \
(backend_backend, cfg, backend_server, backend_ip, backend_port, cfg)
server_mod.subprocess_execute(cmd)
config_mod.master_slave_upload_and_restart(serv, cfg, just_save='save')
def change_maxconn():
frontend = common.checkAjaxInput(form.getvalue('maxconn_frontend'))
maxconn = common.checkAjaxInput(form.getvalue('maxconn_int'))
if form.getvalue('maxconn_int') is None:
print('error: Maxconn must be integer and not 0')
sys.exit()
haproxy_sock_port = sql.get_setting('haproxy_sock_port')
MASTERS = sql.is_master(serv)
for master in MASTERS:
if master[0] is not None:
if frontend == 'global':
cmd = 'echo "set maxconn %s %s" |nc %s %s' % (frontend, maxconn, master[0], haproxy_sock_port)
else:
cmd = 'echo "set maxconn frontend %s %s" |nc %s %s' % (frontend, maxconn, master[0], haproxy_sock_port)
output, stderr = server_mod.subprocess_execute(cmd)
roxywi_common.logging(master[0], 'Maxconn has been changed. On: {} to {}'.format(frontend, maxconn), login=1,
keep_history=1,
service='haproxy')
if frontend == 'global':
cmd = 'echo "set maxconn %s %s" |nc %s %s' % (frontend, maxconn, serv, haproxy_sock_port)
else:
cmd = 'echo "set maxconn frontend %s %s" |nc %s %s' % (frontend, maxconn, serv, haproxy_sock_port)
print(cmd)
roxywi_common.logging(serv, 'Maxconn has been changed. On: {} to {}'.format(frontend, maxconn), login=1,
keep_history=1,
service='haproxy')
output, stderr = server_mod.subprocess_execute(cmd)
if stderr != '':
print(stderr[0])
elif output[0] == '':
configs_dir = get_config_var.get_config_var('configs', 'haproxy_save_configs_dir')
cfg = configs_dir + serv + "-" + get_date.return_date('config') + ".cfg"
config_mod.get_config(serv, cfg)
cmd = 'string=`grep %s %s -n -A5 |grep maxcon -n |awk -F":" \'{print $2}\'|awk -F"-" \'{print $1}\'` ' \
'&& sed -Ei "$( echo $string)s/[0-9]+/%s/g" %s' % (frontend, cfg, maxconn, cfg)
server_mod.subprocess_execute(cmd)
config_mod.master_slave_upload_and_restart(serv, cfg, just_save='save')
print('success: Maxconn for %s has been set to %s ' % (frontend, maxconn))
else:
print('error: ' + output[0])
def table_select():
from jinja2 import Environment, FileSystemLoader
env = Environment(loader=FileSystemLoader('templates'), autoescape=True,
extensions=['jinja2.ext.loopcontrols', 'jinja2.ext.do'], trim_blocks=True, lstrip_blocks=True)
table = form.getvalue('table_select')
if table == 'All':
template = env.get_template('ajax/stick_tables.html')
tables = get_all_stick_table()
table = []
for t in tables.split(','):
if t != '':
table_id = []
tables_head = []
tables_head1, table1 = get_stick_table(t)
table_id.append(tables_head1)
table_id.append(table1)
table.append(table_id)
template = template.render(table=table)
else:
template = env.get_template('ajax/stick_table.html')
tables_head, table = get_stick_table(table)
template = template.render(tables_head=tables_head, table=table)
print(template)

96
app/modules/config/section.py Normal file
View File

@ -0,0 +1,96 @@
import re
import modules.db.sql as sql
import modules.server.server as server_mod
from modules.common.common import return_nice_path
def get_sections(config, **kwargs):
return_config = list()
with open(config, 'r') as f:
for line in f:
if kwargs.get('service') == 'keepalived':
ip_pattern = re.compile('\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}')
find_ip = re.findall(ip_pattern, line)
if find_ip:
return_config.append(find_ip[0])
else:
if line.startswith((
'global', 'listen', 'frontend', 'backend', 'cache', 'defaults', '#HideBlockStart',
'#HideBlockEnd', 'peers', 'resolvers', 'userlist', 'http-errors'
)):
line = line.strip()
return_config.append(line)
return return_config
def get_section_from_config(config, section):
record = False
start_line = ""
end_line = ""
return_config = ""
with open(config, 'r') as f:
for index, line in enumerate(f):
if line.startswith(section + '\n'):
start_line = index
return_config += line
record = True
continue
if record:
if line.startswith((
'global', 'listen', 'frontend', 'backend', 'cache', 'defaults', '#HideBlockStart',
'#HideBlockEnd', 'peers', 'resolvers', 'userlist', 'http-errors'
)):
record = False
end_line = index
end_line = end_line - 1
else:
return_config += line
if end_line == "":
f = open(config, "r")
line_list = f.readlines()
end_line = len(line_list)
return start_line, end_line, return_config
def rewrite_section(start_line, end_line, config, section):
record = False
start_line = int(start_line)
end_line = int(end_line)
return_config = ""
with open(config, 'r') as f:
for index, line in enumerate(f):
index = int(index)
if index == start_line:
record = True
return_config += section
return_config += "\n"
continue
if index == end_line:
record = False
continue
if record:
continue
return_config += line
return return_config
def get_remote_sections(server_ip: str, service: str) -> str:
remote_dir = service + '_dir'
config_dir = sql.get_setting(remote_dir)
config_dir = return_nice_path(config_dir)
section_name = 'server_name'
if service == 'apache':
section_name = 'ServerName'
commands = [f"sudo grep {section_name} {config_dir}*/*.conf -R |grep -v '${{}}\|#'|awk '{{print $1, $3}}'"]
backends = server_mod.ssh_command(server_ip, commands)
return backends

1
app/modules/db/__init__.py Normal file
View File

@ -0,0 +1 @@
NAME = 'roxy-wi-db-module'

0
app/modules/db_model.py → app/modules/db/db_model.py
View File

169
app/sql.py → app/modules/db/sql.py
View File

@ -4,16 +4,27 @@ import traceback
import sys
import os
from modules.db_model import *
from modules.db.db_model import *
import modules.roxy_wi_tools as roxy_wi_tools
def get_setting(param, **kwargs):
import funct
import http.cookies
user_group = ''
try:
user_group = funct.get_user_group(id=1)
cookie = http.cookies.SimpleCookie(os.environ.get("HTTP_COOKIE"))
user_group_id = cookie.get('group')
user_group_id1 = user_group_id.value
groups = sql.select_groups(id=user_group_id1)
for g in groups:
if g.group_id == int(user_group_id1):
if kwargs.get('id'):
user_group = g.group_id
else:
user_group = g.name
except Exception:
user_group = ''
pass
if user_group == '' or param == 'lists_path' or param == 'ssl_local_path':
user_group = 1
@ -837,9 +848,6 @@ def get_slack_by_id(slack_id):
def get_dick_permit(**kwargs):
import os
import funct
if kwargs.get('username'):
grp = kwargs.get('group_id')
else:
@ -851,10 +859,6 @@ def get_dick_permit(**kwargs):
except Exception:
print('<meta http-equiv="refresh" content="0; url=/app/login.py">')
return
if kwargs.get('token'):
token = kwargs.get('token')
else:
token = ''
only_group = kwargs.get('only_group')
disable = 'enable = 1'
@ -881,45 +885,35 @@ def get_dick_permit(**kwargs):
if kwargs.get('apache') or kwargs.get('service') == 'apache':
apache = "and apache = 1"
if funct.check_user_group(token=token):
cursor = conn.cursor()
try:
if mysql_enable == '1':
if grp == '1' and not only_group:
sql = """ select * from `servers` where {} {} {} {} {} {} {} order by `pos` asc""".format(
disable, type_ip, nginx, haproxy, keepalived, apache, ip
)
else:
sql = """ select * from `servers` where `groups` = {group} and ({disable}) {type_ip} {ip} {haproxy} {nginx} {keepalived} {apache} order by `pos` asc
""".format(
group=grp, disable=disable, type_ip=type_ip, ip=ip, haproxy=haproxy, nginx=nginx,
keepalived=keepalived, apache=apache
)
cursor = conn.cursor()
try:
if mysql_enable == '1':
if grp == '1' and not only_group:
sql = """ select * from `servers` where {} {} {} {} {} {} {} order by `pos` asc""".format(
disable, type_ip, nginx, haproxy, keepalived, apache, ip
)
else:
if grp == '1' and not only_group:
sql = """ select * from servers where {} {} {} {} {} {} {} order by pos""".format(
disable, type_ip, nginx, haproxy, keepalived, apache, ip
)
else:
sql = """ select * from servers where groups = '{group}' and ({disable}) {type_ip} {ip} {haproxy} {nginx} {keepalived} {apache} order by pos
""".format(
group=grp, disable=disable, type_ip=type_ip, ip=ip, haproxy=haproxy, nginx=nginx,
keepalived=keepalived, apache=apache
)
except Exception as e:
print(str(e))
print('<meta http-equiv="refresh" content="0; url=/app/login.py">')
try:
cursor.execute(sql)
except Exception as e:
# out_error(e)
pass
sql = """ select * from `servers` where `groups` = {group} and ({disable}) {type_ip} {ip} {haproxy} {nginx} {keepalived} {apache} order by `pos` asc
""".format(
group=grp, disable=disable, type_ip=type_ip, ip=ip, haproxy=haproxy, nginx=nginx, keepalived=keepalived, apache=apache
)
else:
return cursor.fetchall()
if grp == '1' and not only_group:
sql = """ select * from servers where {} {} {} {} {} {} {} order by pos""".format(disable, type_ip, nginx, haproxy, keepalived, apache, ip)
else:
sql = """ select * from servers where groups = '{group}' and ({disable}) {type_ip} {ip} {haproxy} {nginx} {keepalived} {apache} order by pos
""".format(group=grp, disable=disable, type_ip=type_ip, ip=ip, haproxy=haproxy, nginx=nginx, keepalived=keepalived, apache=apache)
except Exception as e:
print(str(e))
print('<meta http-equiv="refresh" content="0; url=/app/login.py">')
try:
cursor.execute(sql)
except Exception as e:
# out_error(e)
pass
else:
print('Atata!')
return cursor.fetchall()
def is_master(ip, **kwargs):
@ -1768,33 +1762,27 @@ def select_apache_servers_metrics_for_master():
return query_res
def select_servers_metrics():
import funct
group_id = funct.get_user_group(id=1)
if funct.check_user_group():
if group_id == 1:
query = Server.select(Server.ip).where((Server.enable == 1) & (Server.metrics == 1))
else:
query = Server.select(Server.ip).where(
(Server.enable == 1) & (Server.groups == group_id) & (Server.metrics == 1))
try:
query_res = query.execute()
except Exception as e:
out_error(e)
else:
return query_res
def select_servers_metrics(group_id):
if group_id == 1:
query = Server.select(Server.ip).where((Server.enable == 1) & (Server.metrics == 1))
else:
query = Server.select(Server.ip).where(
(Server.enable == 1) & (Server.groups == group_id) & (Server.metrics == 1))
try:
query_res = query.execute()
except Exception as e:
out_error(e)
else:
return query_res
def select_table_metrics():
import funct
def select_table_metrics(group_id):
cursor = conn.cursor()
group_id = funct.get_user_group(id=1)
if funct.check_user_group():
if group_id == 1:
groups = ""
else:
groups = "and servers.groups = '{group}' ".format(group=group_id)
if group_id == 1:
groups = ""
else:
groups = "and servers.groups = '{group}' ".format(group=group_id)
if mysql_enable == '1':
sql = """
select ip.ip, hostname, avg_sess_1h, avg_sess_24h, avg_sess_3d, max_sess_1h, max_sess_24h, max_sess_3d,
@ -1994,19 +1982,16 @@ def select_table_metrics():
return cursor.fetchall()
def select_service_table_metrics(service):
import funct
def select_service_table_metrics(service: str, group_id: int):
cursor = conn.cursor()
group_id = funct.get_user_group(id=1)
if service in ('nginx', 'apache'):
metrics_table = f'{service}_metrics'
if funct.check_user_group():
if group_id == 1:
groups = ""
else:
groups = "and servers.groups = '{group}' ".format(group=group_id)
if group_id == 1:
groups = ""
else:
groups = "and servers.groups = '{group}' ".format(group=group_id)
if mysql_enable == '1':
sql = """
select ip.ip, hostname, avg_cur_1h, avg_cur_24h, avg_cur_3d, max_con_1h, max_con_24h, max_con_3d from
@ -2120,18 +2105,14 @@ def select_service_table_metrics(service):
return cursor.fetchall()
def update_setting(param, val):
import funct
user_group = funct.get_user_group(id=1)
if funct.check_user_group():
query = Setting.update(value=val).where((Setting.param == param) & (Setting.group == user_group))
try:
query.execute()
return True
except Exception as e:
out_error(e)
return False
def update_setting(param: str, val: str, user_group: int) -> bool:
query = Setting.update(value=val).where((Setting.param == param) & (Setting.group == user_group))
try:
query.execute()
return True
except Exception as e:
out_error(e)
return False
def get_ver():
@ -2416,10 +2397,7 @@ def insert_smon(server, port, enable, proto, uri, body, group, desc, telegram, s
def select_smon(user_group, **kwargs):
import funct
cursor = conn.cursor()
funct.check_user_group()
if user_group == 1:
user_group = ''
@ -2465,10 +2443,6 @@ def select_smon_by_id(last_id):
def delete_smon(smon_id, user_group):
import funct
funct.check_user_group()
query = SMON.delete().where((SMON.id == smon_id) & (SMON.user_group == user_group))
try:
query.execute()
@ -2480,9 +2454,6 @@ def delete_smon(smon_id, user_group):
def update_smon(smon_id, ip, port, body, telegram, slack, group, desc, en):
import funct
funct.check_user_group()
query = (SMON.update(
ip=ip, port=port, body=body, telegram_channel_id=telegram, slack_channel_id=slack, group=group, desc=desc, en=en
).where(SMON.id == smon_id))

2
app/modules/roxy_wi_tools.py
View File

@ -63,4 +63,4 @@ class Tools:
import hashlib
h = hashlib.md5(need_hashed.encode('utf-8'))
p = h.hexdigest()
return p
return p

1
app/modules/roxywi/__init__.py Normal file
View File

@ -0,0 +1 @@
NAME = 'roxy-wi-service-modules'

56
app/modules/roxywi/auth.py Normal file
View File

@ -0,0 +1,56 @@
import os
import http.cookies
import modules.db.sql as sql
def check_login(user_uuid, token, **kwargs):
if user_uuid is None:
print('<meta http-equiv="refresh" content="0; url=/app/login.py">')
ref = os.environ.get("REQUEST_URI")
try:
sql.delete_old_uuid()
except Exception as e:
raise Exception(f'error: cannot connect to DB {e}')
if user_uuid is not None:
if sql.get_user_name_by_uuid(user_uuid.value) is None:
print(f'<meta http-equiv="refresh" content="0; url=login.py?ref={ref}">')
return False
if kwargs.get('service'):
required_service = str(kwargs.get('service'))
user_id = sql.get_user_id_by_uuid(user_uuid.value)
user_services = sql.select_user_services(user_id)
if required_service in user_services:
return True
else:
print('<meta http-equiv="refresh" content="0; url=overview.py">')
return False
sql.update_last_act_user(user_uuid.value, token)
else:
print(f'<meta http-equiv="refresh" content="0; url=login.py?ref={ref}">')
return False
def is_admin(level=1):
cookie = http.cookies.SimpleCookie(os.environ.get("HTTP_COOKIE"))
user_id = cookie.get('uuid')
try:
role = sql.get_user_role_by_uuid(user_id.value)
except Exception:
role = 4
pass
try:
return True if role <= level else False
except Exception:
return False
def page_for_admin(level=1) -> None:
if not is_admin(level=level):
print('<meta http-equiv="refresh" content="0; url=/">')
return

276
app/modules/roxywi/common.py Normal file
View File

@ -0,0 +1,276 @@
import os
import glob
import http.cookies
import distro
import modules.db.sql as sql
import modules.common.common as common
import modules.roxy_wi_tools as roxy_wi_tools
time_zone = sql.get_setting('time_zone')
get_date = roxy_wi_tools.GetDate(time_zone)
get_config_var = roxy_wi_tools.GetConfigVar()
form = common.form
serv = common.is_ip_or_dns(form.getvalue('serv'))
def get_user_group(**kwargs) -> str:
user_group = ''
try:
cookie = http.cookies.SimpleCookie(os.environ.get("HTTP_COOKIE"))
user_group_id = cookie.get('group')
user_group_id1 = user_group_id.value
groups = sql.select_groups(id=user_group_id1)
for g in groups:
if g.group_id == int(user_group_id1):
if kwargs.get('id'):
user_group = g.group_id
else:
user_group = g.name
except Exception:
check_user_group()
return user_group
def check_user_group(**kwargs):
if kwargs.get('token') is not None:
return True
if kwargs.get('user_uuid'):
group_id = kwargs.get('user_group_id')
user_uuid = kwargs.get('user_uuid')
user_id = sql.get_user_id_by_uuid(user_uuid)
else:
cookie = http.cookies.SimpleCookie(os.environ.get("HTTP_COOKIE"))
user_uuid = cookie.get('uuid')
group = cookie.get('group')
group_id = group.value
user_id = sql.get_user_id_by_uuid(user_uuid.value)
if sql.check_user_group(user_id, group_id):
return True
else:
logging('Roxy-WI server', ' has tried to actions in not his group ', roxywi=1, login=1)
try:
ref = os.environ.get("REQUEST_URI").split('&')[0]
except Exception:
ref = os.environ.get("REQUEST_URI")
ref = common.checkAjaxInput(ref)
print(f'<meta http-equiv="refresh" content="0; url={ref}">')
return False
def get_user_id(**kwargs):
if kwargs.get('login'):
return sql.get_user_id_by_username(kwargs.get('login'))
cookie = http.cookies.SimpleCookie(os.environ.get("HTTP_COOKIE"))
user_uuid = cookie.get('uuid')
if user_uuid is not None:
user_id = sql.get_user_id_by_uuid(user_uuid.value)
return user_id
def check_is_server_in_group(server_ip: str) -> bool:
group_id = get_user_group(id=1)
servers = sql.select_servers(server=server_ip)
for s in servers:
if (s[2] == server_ip and int(s[3]) == int(group_id)) or group_id == 1:
return True
else:
logging('Roxy-WI server', ' has tried to actions in not his group server ', roxywi=1, login=1)
try:
ref = os.environ.get("REQUEST_URI").split('&')[0]
except Exception:
ref = os.environ.get("REQUEST_URI")
ref = common.checkAjaxInput(ref)
print(f'<meta http-equiv="refresh" content="0; url={ref}">')
return False
def get_files(folder=None, file_format='cfg') -> list:
if folder is None:
folder = get_config_var.get_config_var('configs', 'haproxy_save_configs_dir')
if file_format == 'log':
file = []
else:
file = set()
return_files = set()
i = 0
for files in sorted(glob.glob(os.path.join(folder, f'*.{file_format}*'))):
if file_format == 'log':
try:
file += [(i, files.split('/')[4])]
except Exception as e:
print(e)
else:
file.add(files.split('/')[-1])
i += 1
files = file
if file_format == 'cfg' or file_format == 'conf':
for file in files:
ip = file.split("-")
if serv == ip[0]:
return_files.add(file)
return sorted(return_files, reverse=True)
else:
return file
def logging(server_ip: str, action: str, **kwargs) -> None:
login = ''
cur_date = get_date.return_date('logs')
cur_date_in_log = get_date.return_date('date_in_log')
log_path = get_config_var.get_config_var('main', 'log_path')
if not os.path.exists(log_path):
os.makedirs(log_path)
try:
user_group = get_user_group()
except Exception:
user_group = ''
try:
ip = cgi.escape(os.environ["REMOTE_ADDR"])
except Exception:
ip = ''
try:
cookie = http.cookies.SimpleCookie(os.environ.get("HTTP_COOKIE"))
user_uuid = cookie.get('uuid')
login = sql.get_user_name_by_uuid(user_uuid.value)
except Exception:
login_name = kwargs.get('login')
try:
if len(login_name) > 1:
login = kwargs.get('login')
except Exception:
login = ''
try:
if distro.id() == 'ubuntu':
os.system('sudo chown www-data:www-data -R ' + log_path)
else:
os.system('sudo chown apache:apache -R ' + log_path)
except Exception:
pass
if kwargs.get('roxywi') == 1:
if kwargs.get('login'):
mess = f"{cur_date_in_log} from {ip} user: {login}, group: {user_group}, {action} on: {server_ip}\n"
if kwargs.get('keep_history'):
try:
keep_action_history(kwargs.get('service'), action, server_ip, login, ip)
except Exception as e:
print(str(e))
else:
mess = f"{cur_date_in_log} {action} from {ip}\n"
log_file = f"{log_path}/roxy-wi-{cur_date}.log"
elif kwargs.get('provisioning') == 1:
mess = f"{cur_date_in_log} from {ip} user: {login}, group: {user_group}, {action}\n"
log_file = f"{log_path}/provisioning-{cur_date}.log"
else:
mess = f"{cur_date_in_log} from {ip} user: {login}, group: {user_group}, {action} on: {server_ip}\n"
log_file = f"{log_path}/config_edit-{cur_date}.log"
if kwargs.get('keep_history'):
keep_action_history(kwargs.get('service'), action, server_ip, login, ip)
try:
with open(log_file, 'a') as log:
log.write(mess)
except IOError as e:
print(f'<center><div class="alert alert-danger">Cannot write log. Please check log_path in config {e}</div></center>')
def keep_action_history(service: str, action: str, server_ip: str, login: str, user_ip: str):
try:
server_id = sql.select_server_id_by_ip(server_ip=server_ip)
if login != '':
user_id = sql.get_user_id_by_username(login)
else:
user_id = 0
if user_ip == '':
user_ip = 'localhost'
sql.insert_action_history(service, action, server_id, user_id, user_ip)
except Exception as e:
logging('Roxy-WI server', f'Cannot save a history: {e}', roxywi=1)
def get_dick_permit(**kwargs):
if kwargs.get('token'):
token = kwargs.get('token')
else:
token = ''
if check_user_group(token=token):
return sql.get_dick_permit(**kwargs)
else:
print('Atata!')
def get_users_params(**kwargs):
cookie = http.cookies.SimpleCookie(os.environ.get("HTTP_COOKIE"))
try:
user_uuid = cookie.get('uuid')
user = sql.get_user_name_by_uuid(user_uuid.value)
except Exception:
print('<meta http-equiv="refresh" content="0; url=/app/login.py">')
return
try:
role = sql.get_user_role_by_uuid(user_uuid.value)
except Exception:
print('<meta http-equiv="refresh" content="0; url=/app/login.py">')
return
try:
user_id = sql.get_user_id_by_uuid(user_uuid.value)
user_services = sql.select_user_services(user_id)
token = sql.get_token(user_uuid.value)
except Exception:
print('<meta http-equiv="refresh" content="0; url=/app/login.py">')
return
if kwargs.get('virt') and kwargs.get('haproxy'):
servers = get_dick_permit(virt=1, haproxy=1)
elif kwargs.get('virt'):
servers = get_dick_permit(virt=1)
elif kwargs.get('disable'):
servers = get_dick_permit(disable=0)
elif kwargs.get('haproxy'):
servers = get_dick_permit(haproxy=1)
elif kwargs.get('service'):
servers = get_dick_permit(service=kwargs.get('service'))
else:
servers = get_dick_permit()
user_params = {
'user': user,
'user_uuid': user_uuid,
'role': role,
'token': token,
'servers': servers,
'user_services': user_services
}
return user_params
def return_user_status() -> dict:
user_subscription = {}
user_subscription.setdefault('user_status', sql.select_user_status())
user_subscription.setdefault('user_plan', sql.select_user_plan())
return user_subscription
def return_unsubscribed_user_status() -> dict:
user_subscription = {'user_status': 0, 'user_plan': 0}
return user_subscription

150
app/modules/roxywi/logs.py Normal file
View File

@ -0,0 +1,150 @@
import re
import modules.db.sql as sql
import modules.server.server as server_mod
from modules.common.common import checkAjaxInput
from modules.common.common import form
import modules.roxy_wi_tools as roxy_wi_tools
import modules.roxywi.common as roxywi_common
get_config_var = roxy_wi_tools.GetConfigVar()
def roxy_wi_log(**kwargs) -> list:
log_path = get_config_var.get_config_var('main', 'log_path')
if kwargs.get('log_id'):
selects = roxywi_common.get_files(log_path, "log")
for key, value in selects:
log_file = f"{kwargs.get('file')}.log"
if log_file == value:
return key
else:
user_group_id = roxywi_common.get_user_group(id=1)
if user_group_id != 1:
user_group = roxywi_common.get_user_group()
group_grep = f'|grep "group: {user_group}"'
else:
group_grep = ''
cmd = f"find {log_path}/roxy-wi-* -type f -exec stat --format '%Y :%y %n' '{{}}' \; | sort -nr | cut -d: -f2- " \
f"| head -1 |awk '{{print $4}}' |xargs tail {group_grep}|sort -r"
try:
output, stderr = server_mod.subprocess_execute(cmd)
return output
except Exception:
return ['']
def show_log(stdout, **kwargs):
i = 0
out = ''
grep = ''
if kwargs.get('grep'):
grep = kwargs.get('grep')
grep = re.sub(r'[?|$|.|!|^|*|\]|\[|,| |]', r'', grep)
for line in stdout:
i = i + 1
if kwargs.get('grep'):
line = line.replace(grep, f'<span style="color: red; font-weight: bold;">{grep}</span>')
line_class = "line3" if i % 2 == 0 else "line"
out += f'<div class="{line_class}">{line}</div>'
return out
def show_roxy_log(
serv, rows='10', waf='0', grep=None, hour='00',
minut='00', hour1='24', minut1='00', service='haproxy', **kwargs
) -> str:
exgrep = form.getvalue('exgrep')
log_file = form.getvalue('file')
date = checkAjaxInput(hour) + ':' + checkAjaxInput(minut)
date1 = checkAjaxInput(hour1) + ':' + checkAjaxInput(minut1)
rows = checkAjaxInput(rows)
waf = checkAjaxInput(waf)
cmd = ''
awk_column = 3
if grep is not None:
grep_act = '|egrep "%s"' % checkAjaxInput(grep)
else:
grep_act = ''
if exgrep is not None:
exgrep_act = '|egrep -v "%s"' % checkAjaxInput(exgrep)
else:
exgrep_act = ''
log_file = checkAjaxInput(log_file) if log_file is not None else log_file
if service in ('nginx', 'haproxy', 'apache', 'keepalived'):
syslog_server_enable = sql.get_setting('syslog_server_enable')
if syslog_server_enable is None or syslog_server_enable == 0:
if service == 'nginx':
local_path_logs = sql.get_setting('nginx_path_logs')
commands = ["sudo cat %s/%s |tail -%s %s %s" % (local_path_logs, log_file, rows, grep_act, exgrep_act)]
elif service == 'apache':
local_path_logs = sql.get_setting('apache_path_logs')
commands = [
"sudo cat %s/%s| awk -F\"/|:\" '$3>\"%s:00\" && $3<\"%s:00\"' |tail -%s %s %s" % (local_path_logs, log_file, date, date1, rows, grep_act, exgrep_act)
]
elif service == 'keepalived':
local_path_logs = sql.get_setting('keepalived_path_logs')
commands = [
"sudo cat %s/%s| awk '$3>\"%s:00\" && $3<\"%s:00\"' |tail -%s %s %s" % (
local_path_logs, log_file, date, date1, rows, grep_act, exgrep_act)
]
else:
local_path_logs = sql.get_setting('haproxy_path_logs')
commands = ["sudo cat %s/%s| awk '$3>\"%s:00\" && $3<\"%s:00\"' |tail -%s %s %s" % (local_path_logs, log_file, date, date1, rows, grep_act, exgrep_act)]
syslog_server = serv
else:
commands = ["sudo cat /var/log/%s/syslog.log | sed '/ %s:00/,/ %s:00/! d' |tail -%s %s %s %s" % (serv, date, date1, rows, grep_act, grep, exgrep_act)]
syslog_server = sql.get_setting('syslog_server')
if waf == "1":
local_path_logs = '/var/log/waf.log'
commands = ["sudo cat %s |tail -%s %s %s" % (local_path_logs, rows, grep_act, exgrep_act)]
if kwargs.get('html') == 0:
a = server_mod.ssh_command(syslog_server, commands)
return show_log(a, html=0, grep=grep)
else:
return server_mod.ssh_command(syslog_server, commands, show_log='1', grep=grep)
elif service == 'apache_internal':
apache_log_path = sql.get_setting('apache_log_path')
if serv == 'roxy-wi.access.log':
cmd = 'sudo cat {}| awk -F"/|:" \'$3>"{}:00" && $3<"{}:00"\' |tail -{} {} {}'.format(apache_log_path + "/" + serv, date, date1, rows, grep_act, exgrep_act)
elif serv == 'roxy-wi.error.log':
cmd = "sudo cat {}| awk '$4>\"{}:00\" && $4<\"{}:00\"' |tail -{} {} {}".format(apache_log_path + "/" + serv, date, date1, rows, grep_act, exgrep_act)
elif serv == 'fail2ban.log':
cmd = 'sudo cat {}| awk -F"/|:" \'$3>"{}:00" && $3<"{}:00\' |tail -{} {} {}'.format("/var/log/" + serv, date, date1, rows, grep_act, exgrep_act)
output, stderr = server_mod.subprocess_execute(cmd)
return show_log(output, grep=grep)
elif service == 'internal':
log_path = get_config_var.get_config_var('main', 'log_path')
logs_files = roxywi_common.get_files(log_path, "log")
user_group = roxywi_common.get_user_group()
user_grep = ''
if user_group != '' and user_group != 'Default':
user_grep = f"|grep 'group: {user_group}'"
for key, value in logs_files:
if int(serv) == key:
serv = value
break
else:
return 'Haha'
if serv == 'backup.log':
awk_column = 2
cmd = f"cat {log_path}/{serv}| awk '${awk_column}>\"{date}:00\" && ${awk_column}<\"{date1}:00\"' {user_grep} {grep_act} {exgrep_act} |tail -{rows}"
output, stderr = server_mod.subprocess_execute(cmd)
return show_log(output, grep=grep)

181
app/modules/roxywi/roxy.py Normal file
View File

@ -0,0 +1,181 @@
import os
import re
import distro
import modules.db.sql as sql
import modules.server.server as server_mod
import modules.roxywi.common as roxywi_common
def is_docker() -> bool:
path = "/proc/self/cgroup"
if not os.path.isfile(path):
return False
with open(path) as f:
for line in f:
if re.match("\d+:[\w=]+:/docker(-[ce]e)?/\w+", line):
return True
return False
def update_roxy_wi(service):
restart_service = ''
if distro.id() == 'ubuntu':
try:
if service == 'roxy-wi-keep_alive':
service = 'roxy-wi-keep-alive'
except Exception:
pass
if service != 'roxy-wi':
restart_service = f'&& sudo systemctl restart {service}'
cmd = f'sudo -S apt-get update && sudo apt-get install {service} {restart_service}'
else:
if service != 'roxy-wi':
restart_service = f'&& sudo systemctl restart {service}'
cmd = f'sudo -S yum -y install {service} {restart_service}'
output, stderr = server_mod.subprocess_execute(cmd)
print(output)
print(stderr)
def check_ver():
return sql.get_ver()
def versions():
try:
current_ver = check_ver()
current_ver_without_dots = current_ver.split('.')
current_ver_without_dots = ''.join(current_ver_without_dots)
current_ver_without_dots = current_ver_without_dots.replace('\n', '')
if len(current_ver_without_dots) == 2:
current_ver_without_dots += '00'
if len(current_ver_without_dots) == 3:
current_ver_without_dots += '0'
current_ver_without_dots = int(current_ver_without_dots)
except Exception:
current_ver = "Sorry cannot get current version"
current_ver_without_dots = 0
try:
new_ver = check_new_version('roxy-wi')
new_ver_without_dots = new_ver.split('.')
new_ver_without_dots = ''.join(new_ver_without_dots)
new_ver_without_dots = new_ver_without_dots.replace('\n', '')
if len(new_ver_without_dots) == 2:
new_ver_without_dots += '00'
if len(new_ver_without_dots) == 3:
new_ver_without_dots += '0'
new_ver_without_dots = int(new_ver_without_dots)
except Exception as e:
new_ver = "Cannot get a new version"
new_ver_without_dots = 0
roxywi_common.logging('Roxy-WI server', f' {e}', roxywi=1)
return current_ver, new_ver, current_ver_without_dots, new_ver_without_dots
def get_services_status():
services = []
is_in_docker = is_docker()
services_name = {
'roxy-wi-checker': 'Checker is designed for monitoring HAProxy, NGINX, Apache and Keepalived services as well as HAProxy backends and maxconn',
'roxy-wi-keep_alive': ' The Auto Start service allows to restart the HAProxy, NGINX, Apache and Keepalived services if they are down',
'roxy-wi-metrics': 'Collects number of connections for HAProxy, NGINX, Apache and HAProxy WAF services',
'roxy-wi-portscanner': 'Probes and saves a server or host for open ports',
'roxy-wi-smon': 'SMON stands for <b>S</b>imple <b>MON</b>itoring',
'roxy-wi-socket': 'Socket is a service for sending alerts and notifications',
'roxy-wi-prometheus-exporter': 'Prometheus exporter',
'prometheus': 'Prometheus service',
'grafana-server': 'Grafana service',
'fail2ban': 'Fail2ban service',
'rabbitmq-server': 'Message broker service'
}
for s, v in services_name.items():
if is_in_docker:
cmd = f"sudo supervisorctl status {s}|awk '{{print $2}}'"
else:
cmd = f"systemctl is-active {s}"
status, stderr = server_mod.subprocess_execute(cmd)
if s != 'roxy-wi-keep_alive':
service_name = s.split('_')[0]
if s == 'grafana-server':
service_name = 'grafana'
elif s == 'roxy-wi-keep_alive' and distro.id() == 'ubuntu':
service_name = 'roxy-wi-keep-alive'
else:
service_name = s
if service_name == 'prometheus':
cmd = "prometheus --version 2>&1 |grep prometheus|awk '{print $3}'"
else:
if distro.id() == 'ubuntu':
cmd = f"apt list --installed 2>&1 |grep {service_name}|awk '{{print $2}}'|sed 's/-/./'"
else:
cmd = f"rpm -q {service_name}|awk -F\"{service_name}\" '{{print $2}}' |awk -F\".noa\" '{{print $1}}' |sed 's/-//1' |sed 's/-/./'"
service_ver, stderr = server_mod.subprocess_execute(cmd)
try:
if service_ver[0] == 'command' or service_ver[0] == 'prometheus:':
service_ver[0] = ''
except Exception:
pass
try:
services.append([s, status, v, service_ver[0]])
except Exception:
services.append([s, status, v, ''])
return services
def check_new_version(service):
import requests
from requests.adapters import HTTPAdapter
from requests.packages.urllib3.util.retry import Retry
current_ver = check_ver()
proxy = sql.get_setting('proxy')
res = ''
user_name = sql.select_user_name()
retry_strategy = Retry(
total=3,
status_forcelist=[429, 500, 502, 503, 504],
method_whitelist=["HEAD", "GET", "OPTIONS"]
)
adapter = HTTPAdapter(max_retries=retry_strategy)
roxy_wi_get_plan = requests.Session()
roxy_wi_get_plan.mount("https://", adapter)
try:
if proxy is not None and proxy != '' and proxy != 'None':
proxy_dict = {"https": proxy, "http": proxy}
response = requests.get(f'https://roxy-wi.org/version/get/{service}', timeout=1, proxies=proxy_dict)
if service == 'roxy-wi':
requests.get(f'https://roxy-wi.org/version/send/{current_ver}', timeout=1, proxies=proxy_dict)
roxy_wi_get_plan = requests.get(f'https://roxy-wi.org/user-name/{user_name}', timeout=1, proxies=proxy_dict)
else:
response = requests.get(f'https://roxy-wi.org/version/get/{service}', timeout=1)
if service == 'roxy-wi':
requests.get(f'https://roxy-wi.org/version/send/{current_ver}', timeout=1)
roxy_wi_get_plan = requests.get(f'https://roxy-wi.org/user-name/{user_name}', timeout=1)
res = response.content.decode(encoding='UTF-8')
if service == 'roxy-wi':
try:
status = roxy_wi_get_plan.content.decode(encoding='UTF-8')
status = status.split(' ')
sql.update_user_status(status[0], status[1].strip(), status[2].strip())
except Exception:
pass
except requests.exceptions.RequestException as e:
roxywi_common.logging('Roxy-WI server', f' {e}', roxywi=1)
return res

1
app/modules/server/__init__.py Normal file
View File

@ -0,0 +1 @@
NAME = 'roxy-wi-server-modules'

345
app/modules/server/server.py Normal file
View File

@ -0,0 +1,345 @@
import json
import modules.db.sql as sql
import modules.common.common as common
import modules.roxywi.common as roxywi_common
from modules.server import ssh_connection
import modules.roxy_wi_tools as roxy_wi_tools
get_config_var = roxy_wi_tools.GetConfigVar()
def return_ssh_keys_path(server_ip: str, **kwargs) -> dict:
lib_path = get_config_var.get_config_var('main', 'lib_path')
ssh_settings = {}
if kwargs.get('id'):
sshs = sql.select_ssh(id=kwargs.get('id'))
else:
sshs = sql.select_ssh(serv=server_ip)
for ssh in sshs:
ssh_settings.setdefault('enabled', ssh.enable)
ssh_settings.setdefault('user', ssh.username)
ssh_settings.setdefault('password', ssh.password)
ssh_key = f'{lib_path}/keys/{ssh.name}.pem' if ssh.enable == 1 else ''
ssh_settings.setdefault('key', ssh_key)
ssh_port = [str(server[10]) for server in sql.select_servers(server=server_ip)]
ssh_settings.setdefault('port', ssh_port[0])
return ssh_settings
def ssh_connect(server_ip):
ssh_settings = return_ssh_keys_path(server_ip)
ssh = ssh_connection.SshConnection(server_ip, ssh_settings['port'], ssh_settings['user'],
ssh_settings['password'], ssh_settings['enabled'], ssh_settings['key'])
return ssh
def ssh_command(server_ip: str, commands: list, **kwargs):
if server_ip == '':
return 'error: IP cannot be empty'
with ssh_connect(server_ip) as ssh:
for command in commands:
try:
stdin, stdout, stderr = ssh.run_command(command)
except Exception as e:
roxywi_common.logging('Roxy-WI server', f' Something wrong with SSH connection. Probably sudo with password {e}', roxywi=1)
return str(e)
try:
if kwargs.get('raw'):
return stdout.readlines()
if kwargs.get("ip") == "1":
show_ip(stdout)
elif kwargs.get("show_log") == "1":
import modules.roxywi.logs as roxywi_logs
return roxywi_logs.show_log(stdout, grep=kwargs.get("grep"))
elif kwargs.get('return_err') == 1:
return stderr.read().decode(encoding='UTF-8')
else:
return stdout.read().decode(encoding='UTF-8')
except Exception as e:
roxywi_common.logging('Roxy-WI server', f' Something wrong with SSH connection. Probably sudo with password {e}', roxywi=1)
for line in stderr.readlines():
if line:
print(f'error: {line}')
roxywi_common.logging('Roxy-WI server', f' {line}', roxywi=1)
def subprocess_execute(cmd):
import subprocess
p = subprocess.Popen(cmd, stdout=subprocess.PIPE, stderr=subprocess.PIPE, shell=True, universal_newlines=True)
stdout, stderr = p.communicate()
output = stdout.splitlines()
return output, stderr
def is_file_exists(server_ip: str, file: str) -> bool:
cmd = [f'[ -f {file} ] && echo yes || echo no']
out = ssh_command(server_ip, cmd)
return True if 'yes' in out else False
def is_service_active(server_ip: str, service_name: str) -> bool:
cmd = [f'systemctl is-active {service_name}']
out = ssh_command(server_ip, cmd)
out = out.strip()
return True if 'active' == out else False
def get_remote_files(server_ip: str, config_dir: str, file_format: str):
config_dir = common.return_nice_path(config_dir)
if file_format == 'conf':
commands = [f'sudo ls {config_dir}*/*.{file_format}']
else:
commands = [f'sudo ls {config_dir}|grep {file_format}$']
config_files = ssh_command(server_ip, commands)
return config_files
def show_ip(stdout):
for line in stdout:
if "Permission denied" in line:
print(f'error: {line}')
else:
print(line)
def get_system_info(server_ip: str) -> str:
server_ip = common.is_ip_or_dns(server_ip)
if server_ip == '':
return 'error: IP cannot be empty'
server_id = sql.select_server_id_by_ip(server_ip)
command = ["sudo lshw -quiet -json"]
try:
sys_info_returned = ssh_command(server_ip, command)
except Exception as e:
raise e
command = ['sudo hostnamectl |grep "Operating System"|awk -F":" \'{print $2}\'']
try:
os_info = ssh_command(server_ip, command)
except Exception as e:
raise e
os_info = os_info.strip()
system_info = json.loads(sys_info_returned)
sys_info = {'hostname': system_info['id'], 'family': ''}
cpu = {'cpu_model': '', 'cpu_core': 0, 'cpu_thread': 0, 'hz': 0}
network = {}
ram = {'slots': 0, 'size': 0}
disks = {}
try:
sys_info['family'] = system_info['configuration']['family']
except Exception:
pass
for i in system_info['children']:
if i['class'] == 'network':
try:
ip = i['configuration']['ip']
except Exception:
ip = ''
network[i['logicalname']] = {
'description': i['description'],
'mac': i['serial'],
'ip': ip
}
for k, j in i.items():
if isinstance(j, list):
for b in j:
try:
if b['class'] == 'processor':
cpu['cpu_model'] = b['product']
cpu['cpu_core'] += 1
cpu['hz'] = round(int(b['capacity']) / 1000000)
try:
cpu['cpu_thread'] += int(b['configuration']['threads'])
except Exception:
cpu['cpu_thread'] = 1
except Exception:
pass
try:
if b['id'] == 'memory':
ram['size'] = round(b['size'] / 1073741824)
for memory in b['children']:
ram['slots'] += 1
except Exception:
pass
try:
if b['class'] == 'storage':
for p, pval in b.items():
if isinstance(pval, list):
for disks_info in pval:
for volume_info in disks_info['children']:
if isinstance(volume_info['logicalname'], list):
volume_name = volume_info['logicalname'][0]
mount_point = volume_info['logicalname'][1]
size = round(volume_info['capacity'] / 1073741824)
size = str(size) + 'Gb'
fs = volume_info['configuration']['mount.fstype']
state = volume_info['configuration']['state']
disks[volume_name] = {
'mount_point': mount_point,
'size': size,
'fs': fs,
'state': state
}
except Exception:
pass
try:
if b['class'] == 'bridge':
if 'children' in b:
for s in b['children']:
if s['class'] == 'network':
if 'children' in s:
for net in s['children']:
network[net['logicalname']] = {
'description': net['description'],
'mac': net['serial']
}
if s['class'] == 'storage':
for p, pval in s.items():
if isinstance(pval, list):
for disks_info in pval:
if 'children' in disks_info:
for volume_info in disks_info['children']:
if isinstance(volume_info['logicalname'], dict):
volume_name = volume_info['logicalname'][0]
mount_point = volume_info['logicalname'][1]
size = round(volume_info['size'] / 1073741824)
size = str(size) + 'Gb'
fs = volume_info['configuration']['mount.fstype']
state = volume_info['configuration']['state']
disks[volume_name] = {
'mount_point': mount_point,
'size': size,
'fs': fs,
'state': state
}
for z, n in s.items():
if isinstance(n, list):
for y in n:
if y['class'] == 'network':
try:
for q in y['children']:
try:
ip = q['configuration']['ip']
except Exception:
ip = ''
network[q['logicalname']] = {
'description': q['description'],
'mac': q['serial'],
'ip': ip}
except Exception:
try:
network[y['logicalname']] = {
'description': y['description'],
'mac': y['serial'],
'ip': y['configuration']['ip']}
except Exception:
pass
if y['class'] == 'disk':
try:
for q in y['children']:
try:
if isinstance(q['logicalname'], list):
volume_name = q['logicalname'][0]
mount_point = q['logicalname'][1]
size = round(q['capacity'] / 1073741824)
size = str(size) + 'Gb'
fs = q['configuration']['mount.fstype']
state = q['configuration']['state']
disks[volume_name] = {
'mount_point': mount_point,
'size': size,
'fs': fs,
'state': state
}
except Exception as e:
print(e)
except Exception:
pass
if y['class'] == 'storage' or y['class'] == 'generic':
try:
for q in y['children']:
for o in q['children']:
try:
volume_name = o['logicalname']
mount_point = ''
size = round(o['size'] / 1073741824)
size = str(size) + 'Gb'
fs = ''
state = ''
disks[volume_name] = {
'mount_point': mount_point,
'size': size,
'fs': fs,
'state': state
}
except Exception:
pass
for w in o['children']:
try:
if isinstance(w['logicalname'], list):
volume_name = w['logicalname'][0]
mount_point = w['logicalname'][1]
try:
size = round(w['size'] / 1073741824)
size = str(size) + 'Gb'
except Exception:
size = ''
fs = w['configuration']['mount.fstype']
state = w['configuration']['state']
disks[volume_name] = {
'mount_point': mount_point,
'size': size,
'fs': fs,
'state': state
}
except Exception:
pass
except Exception:
pass
try:
for q, qval in y.items():
if isinstance(qval, list):
for o in qval:
for w in o['children']:
if isinstance(w['logicalname'], list):
volume_name = w['logicalname'][0]
mount_point = w['logicalname'][1]
size = round(w['size'] / 1073741824)
size = str(size) + 'Gb'
fs = w['configuration']['mount.fstype']
state = w['configuration']['state']
disks[volume_name] = {
'mount_point': mount_point,
'size': size,
'fs': fs,
'state': state
}
except Exception:
pass
except Exception:
pass
try:
sql.insert_system_info(server_id, os_info, sys_info, cpu, ram, network, disks)
except Exception as e:
raise e

0
app/modules/ssh_connection.py → app/modules/server/ssh_connection.py
View File

1
app/modules/service/__init__.py Normal file
View File

@ -0,0 +1 @@
NAME = 'roxy-wi-service-modules'

115
app/modules/service/common.py Normal file
View File

@ -0,0 +1,115 @@
import os
import modules.db.sql as sql
import modules.common.common as common
import modules.server.server as server_mod
def check_haproxy_version(server_ip):
hap_sock_p = sql.get_setting('haproxy_sock_port')
ver = ""
cmd = f"echo 'show info' |nc {server_ip} {hap_sock_p} |grep Version |awk '{{print $2}}'"
output, stderr = roxywi_common.logging(cmd)
for line in output:
ver = line
return ver
def is_restarted(server_ip: str, action: str) -> None:
cookie = http.cookies.SimpleCookie(os.environ.get("HTTP_COOKIE"))
user_uuid = cookie.get('uuid')
user_role = sql.get_user_role_by_uuid(user_uuid.value)
if sql.is_serv_protected(server_ip) and int(user_role) > 2:
print(f'error: This server is protected. You cannot {action} it')
return
def is_not_allowed_to_restart(server_id: int, service: str) -> None:
is_restart = sql.select_service_setting(server_id, service, 'restart')
if int(is_restart) == 1:
print('warning: this service is not allowed to be restarted')
return
def get_exp_version(server_ip: str, service_name: str) -> str:
server_ip = common.is_ip_or_dns(server_ip)
if service_name == 'haproxy_exporter':
commands = ["/opt/prometheus/exporters/haproxy_exporter --version 2>&1 |head -1|awk '{print $3}'"]
elif service_name == 'nginx_exporter':
commands = ["/opt/prometheus/exporters/nginx_exporter 2>&1 |head -1 |awk -F\"=\" '{print $2}'|awk '{print $1}'"]
elif service_name == 'node_exporter':
commands = ["node_exporter --version 2>&1 |head -1|awk '{print $3}'"]
elif service_name == 'apache_exporter':
commands = ["/opt/prometheus/exporters/apache_exporter --version 2>&1 |head -1|awk '{print $3}'"]
ver = server_mod.ssh_command(server_ip, commands)
if ver != '':
return ver
else:
return 'no'
def get_correct_apache_service_name(server_ip=None, server_id=0) -> str:
if server_id is None:
server_id = sql.select_server_id_by_ip(server_ip)
try:
os_info = sql.select_os_info(server_id)
except Exception:
return 'error: cannot get server info'
if "CentOS" in os_info or "Redhat" in os_info:
return 'httpd'
else:
return 'apache2'
def server_status(stdout):
proc_count = ""
for line in stdout:
if "Ncat: " not in line:
for k in line:
try:
proc_count = k.split(":")[1]
except Exception:
proc_count = 1
else:
proc_count = 0
return proc_count
def check_haproxy_config(server_ip):
server_id = sql.select_server_id_by_ip(server_ip=server_ip)
is_dockerized = sql.select_service_setting(server_id, 'haproxy', 'dockerized')
config_path = sql.get_setting('haproxy_config_path')
if is_dockerized == '1':
container_name = sql.get_setting('haproxy_container_name')
commands = [f"sudo docker exec -it {container_name} haproxy -q -c -f {config_path}"]
else:
commands = [f"haproxy -q -c -f {config_path}"]
with server_mod.ssh_connect(server_ip) as ssh:
for command in commands:
stdin, stdout, stderr = ssh.run_command(command)
if not stderr.read():
return True
else:
return False
def check_nginx_config(server_ip):
commands = [f"nginx -q -t -p {sql.get_setting('nginx_dir')}"]
with server_mod.ssh_connect(server_ip) as ssh:
for command in commands:
stdin, stdout, stderr = ssh.run_command(command)
if not stderr.read():
return True
else:
return False

105
app/modules/service/exporter_installation.py Normal file
View File

@ -0,0 +1,105 @@
import os
import modules.db.sql as sql
import modules.common.common as common
import modules.server.server as server_mod
import modules.roxywi.common as roxywi_common
import modules.service.common as service_common
from modules.service.installation import show_installation_output
from modules.server.server import return_ssh_keys_path
form = common.form
def haproxy_exp_installation():
serv = form.getvalue('haproxy_exp_install')
ver = form.getvalue('exporter_v')
ext_prom = form.getvalue('ext_prom')
script = "install_haproxy_exporter.sh"
stats_port = sql.get_setting('stats_port')
server_state_file = sql.get_setting('server_state_file')
stats_user = sql.get_setting('stats_user')
stats_password = sql.get_setting('stats_password')
stat_page = sql.get_setting('stats_page')
proxy = sql.get_setting('proxy')
ssh_settings = return_ssh_keys_path(serv)
os.system(f"cp scripts/{script} .")
if proxy is not None and proxy != '' and proxy != 'None':
proxy_serv = proxy
else:
proxy_serv = ''
commands = [
f"chmod +x {script} && ./{script} PROXY={proxy_serv} STAT_PORT={stats_port} STAT_FILE={server_state_file}"
f" SSH_PORT={ssh_settings['port']} STAT_PAGE={stat_page} VER={ver} EXP_PROM={ext_prom} STATS_USER={stats_user}"
f" STATS_PASS='{stats_password}' HOST={serv} USER={ssh_settings['user']} PASS='{ssh_settings['password']}' KEY={ssh_settings['key']}"
]
output, error = server_mod.subprocess_execute(commands[0])
show_installation_output(error, output, 'HAProxy exporter')
os.remove(script)
def nginx_apache_exp_installation():
if form.getvalue('nginx_exp_install'):
service = 'nginx'
elif form.getvalue('apache_exp_install'):
service = 'apache'
serv = common.is_ip_or_dns(form.getvalue('serv'))
ver = common.checkAjaxInput(form.getvalue('exporter_v'))
ext_prom = common.checkAjaxInput(form.getvalue('ext_prom'))
script = f"install_{service}_exporter.sh"
stats_user = sql.get_setting(f'{service}_stats_user')
stats_password = sql.get_setting(f'{service}_stats_password')
stats_port = sql.get_setting(f'{service}_stats_port')
stats_page = sql.get_setting(f'{service}_stats_page')
proxy = sql.get_setting('proxy')
proxy_serv = ''
ssh_settings = return_ssh_keys_path(serv)
os.system(f"cp scripts/{script} .")
if proxy is not None and proxy != '' and proxy != 'None':
proxy_serv = proxy
commands = [
f"chmod +x {script} && ./{script} PROXY={proxy_serv} STAT_PORT={stats_port} SSH_PORT={ssh_settings['port']} STAT_PAGE={stats_page}"
f" STATS_USER={stats_user} STATS_PASS='{stats_password}' HOST={serv} VER={ver} EXP_PROM={ext_prom} USER={ssh_settings['user']} "
f" PASS='{ssh_settings['password']}' KEY={ssh_settings['key']}"
]
output, error = server_mod.subprocess_execute(commands[0])
show_installation_output(error, output, f'{service.title()} exporter')
os.remove(script)
def node_exp_installation():
serv = common.is_ip_or_dns(form.getvalue('node_exp_install'))
ver = common.checkAjaxInput(form.getvalue('exporter_v'))
ext_prom = common.checkAjaxInput(form.getvalue('ext_prom'))
script = "install_node_exporter.sh"
proxy = sql.get_setting('proxy')
proxy_serv = ''
ssh_settings = return_ssh_keys_path(serv)
os.system(f"cp scripts/{script} .")
if proxy is not None and proxy != '' and proxy != 'None':
proxy_serv = proxy
commands = [
f"chmod +x {script} && ./{script} PROXY={proxy_serv} SSH_PORT={ssh_settings['port']} VER={ver} EXP_PROM={ext_prom} "
f"HOST={serv} USER={ssh_settings['user']} PASS='{ssh_settings['password']}' KEY={ssh_settings['key']}"
]
output, error = server_mod.subprocess_execute(commands[0])
show_installation_output(error, output, 'Node exporter')
os.remove(script)

394
app/modules/service/installation.py Normal file
View File

@ -0,0 +1,394 @@
import os
import modules.db.sql as sql
import modules.service.common as service_common
import modules.common.common as common
import modules.server.server as server_mod
import modules.roxywi.common as roxywi_common
from modules.server.server import return_ssh_keys_path
form = common.form
def show_installation_output(error: str, output: str, service: str) -> bool:
if error and "WARNING" not in error:
roxywi_common.logging('Roxy-WI server', error, roxywi=1)
print('error: ' + error)
return False
else:
for line in output:
if any(s in line for s in ("Traceback", "FAILED", "error", "ERROR", "UNREACHABLE")):
try:
print(line)
break
except Exception:
print(output)
break
else:
print(f'success: {service} has been installed')
roxywi_common.logging('Roxy-WI server', error, roxywi=1, keep_history=1, service=service)
return True
def install_haproxy(server_ip: str, **kwargs):
script = "install_haproxy.sh"
hap_sock_p = str(sql.get_setting('haproxy_sock_port'))
stats_port = str(sql.get_setting('stats_port'))
server_state_file = sql.get_setting('server_state_file')
stats_user = sql.get_setting('stats_user')
stats_password = sql.get_setting('stats_password')
proxy = sql.get_setting('proxy')
haproxy_dir = sql.get_setting('haproxy_dir')
container_name = sql.get_setting('haproxy_container_name')
haproxy_ver = kwargs.get('hapver')
server_for_installing = kwargs.get('server')
docker = kwargs.get('docker')
proxy_serv = ''
ssh_settings = return_ssh_keys_path(server_ip)
os.system(f"cp scripts/{script} .")
if haproxy_ver is None:
haproxy_ver = '2.6.0-1'
if proxy is not None and proxy != '' and proxy != 'None':
proxy_serv = proxy
syn_flood_protect = '1' if kwargs.get('syn_flood') == "1" else ''
commands = [
f"chmod +x {script} && ./{script} PROXY={proxy_serv} SOCK_PORT={hap_sock_p} STAT_PORT={stats_port} "
f"STAT_FILE={server_state_file} DOCKER={docker} SSH_PORT={ssh_settings['port']} STATS_USER={stats_user} "
f"CONT_NAME={container_name} HAP_DIR={haproxy_dir} STATS_PASS='{stats_password}' HAPVER={haproxy_ver} "
f"SYN_FLOOD={syn_flood_protect} HOST={server_ip} USER={ssh_settings['user']} PASS='{ssh_settings['password']}' "
f"KEY={ssh_settings['key']}"
]
output, error = server_mod.subprocess_execute(commands[0])
if server_for_installing:
service = server_for_installing + ' HAProxy'
else:
service = ' HAProxy'
if show_installation_output(error, output, service):
sql.update_haproxy(server_ip)
if docker == '1':
server_id = sql.select_server_id_by_ip(server_ip)
sql.insert_or_update_service_setting(server_id, 'haproxy', 'dockerized', '1')
sql.insert_or_update_service_setting(server_id, 'haproxy', 'restart', '1')
os.remove(script)
def waf_install(server_ip: str):
script = "waf.sh"
proxy = sql.get_setting('proxy')
haproxy_dir = sql.get_setting('haproxy_dir')
ver = service_common.check_haproxy_version(server_ip)
service = ' WAF'
proxy_serv = ''
ssh_settings = return_ssh_keys_path(server_ip)
os.system(f"cp scripts/{script} .")
if proxy is not None and proxy != '' and proxy != 'None':
proxy_serv = proxy
commands = [
f"chmod +x {script} && ./{script} PROXY={proxy_serv} HAPROXY_PATH={haproxy_dir} VERSION='{ver}' "
f"SSH_PORT={ssh_settings['port']} HOST={server_ip} USER={ssh_settings['user']} PASS='{ssh_settings['password']}' "
f"KEY={ssh_settings['key']}"
]
output, error = server_mod.subprocess_execute(commands[0])
if show_installation_output(error, output, service):
sql.insert_waf_metrics_enable(server_ip, "0")
sql.insert_waf_rules(server_ip)
os.remove(script)
def waf_nginx_install(server_ip: str):
script = "waf_nginx.sh"
proxy = sql.get_setting('proxy')
nginx_dir = sql.get_setting('nginx_dir')
service = ' WAF'
proxy_serv = ''
ssh_settings = return_ssh_keys_path(server_ip)
os.system(f"cp scripts/{script} .")
if proxy is not None and proxy != '' and proxy != 'None':
proxy_serv = proxy
commands = [
f"chmod +x {script} && ./{script} PROXY={proxy_serv} NGINX_PATH={nginx_dir} SSH_PORT={ssh_settings['port']} "
f"HOST={server_ip} USER={ssh_settings['user']} PASS='{ssh_settings['password']}' KEY={ssh_settings['key']}"
]
output, error = server_mod.subprocess_execute(commands[0])
if show_installation_output(error, output, service):
sql.insert_nginx_waf_rules(server_ip)
sql.insert_waf_nginx_server(server_ip)
os.remove(script)
def install_nginx(server_ip: str, **kwargs):
script = "install_nginx.sh"
stats_user = sql.get_setting('nginx_stats_user')
stats_password = sql.get_setting('nginx_stats_password')
stats_port = str(sql.get_setting('nginx_stats_port'))
stats_page = sql.get_setting('nginx_stats_page')
config_path = sql.get_setting('nginx_config_path')
nginx_dir = sql.get_setting('nginx_dir')
server_for_installing = kwargs.get('server')
proxy = sql.get_setting('proxy')
docker = kwargs.get('docker')
container_name = sql.get_setting('nginx_container_name')
proxy_serv = ''
ssh_settings = return_ssh_keys_path(server_ip)
os.system(f"cp scripts/{script} .")
if proxy is not None and proxy != '' and proxy != 'None':
proxy_serv = proxy
syn_flood_protect = '1' if form.getvalue('syn_flood') == "1" else ''
commands = [
f"chmod +x {script} && ./{script} PROXY={proxy_serv} STATS_USER={stats_user} STATS_PASS='{stats_password}' "
f"SSH_PORT={ssh_settings['port']} CONFIG_PATH={config_path} CONT_NAME={container_name} STAT_PORT={stats_port} "
f"STAT_PAGE={stats_page} SYN_FLOOD={syn_flood_protect} DOCKER={docker} nginx_dir={nginx_dir} HOST={server_ip} "
f"USER={ssh_settings['user']} PASS='{ssh_settings['password']}' KEY={ssh_settings['key']}"
]
output, error = server_mod.subprocess_execute(commands[0])
if server_for_installing:
service = server_for_installing + ' Nginx'
else:
service = ' Nginx'
if show_installation_output(error, output, service):
sql.update_nginx(server_ip)
if docker == '1':
server_id = sql.select_server_id_by_ip(server_ip)
sql.insert_or_update_service_setting(server_id, 'nginx', 'dockerized', '1')
sql.insert_or_update_service_setting(server_id, 'nginx', 'restart', '1')
os.remove(script)
def geoip_installation():
serv = common.is_ip_or_dns(form.getvalue('geoip_install'))
geoip_update = common.checkAjaxInput(form.getvalue('geoip_update'))
service = form.getvalue('geoip_service')
proxy = sql.get_setting('proxy')
maxmind_key = sql.get_setting('maxmind_key')
proxy_serv = ''
ssh_settings = return_ssh_keys_path(serv)
if service in ('haproxy', 'nginx'):
service_dir = common.return_nice_path(sql.get_setting(f'{service}_dir'))
script = f'install_{service}_geoip.sh'
else:
print('warning: select a server and service first')
return
if proxy is not None and proxy != '' and proxy != 'None':
proxy_serv = proxy
os.system(f"cp scripts/{script} .")
commands = [
f"chmod +x {script} && ./{script} PROXY={proxy_serv} SSH_PORT={ssh_settings['port']} UPDATE={geoip_update} "
f"maxmind_key={maxmind_key} service_dir={service_dir} HOST={serv} USER={ssh_settings['user']} "
f"PASS={ssh_settings['password']} KEY={ssh_settings['key']}"
]
output, error = server_mod.subprocess_execute(commands[0])
show_installation_output(error, output, 'GeoLite2 Database')
os.remove(script)
def grafana_install():
script = "install_grafana.sh"
proxy = sql.get_setting('proxy')
proxy_serv = ''
host = os.environ.get('HTTP_HOST', '')
os.system(f"cp scripts/{script} .")
if proxy is not None and proxy != '' and proxy != 'None':
proxy_serv = proxy
cmd = f"chmod +x {script} && ./{script} PROXY={proxy_serv}"
output, error = server_mod.subprocess_execute(cmd)
if error:
roxywi_common.logging('Roxy-WI server', error, roxywi=1)
print(
f'success: Grafana and Prometheus servers were installed. You can find Grafana on http://{host}:3000<br>')
else:
for line in output:
if any(s in line for s in ("Traceback", "FAILED")):
try:
print(line)
break
except Exception:
print(output)
break
else:
print(
f'success: Grafana and Prometheus servers were installed. You can find Grafana on http://{host}:3000<br>')
os.remove(script)
def keepalived_master_install():
master = form.getvalue('master')
eth = form.getvalue('interface')
eth_slave = form.getvalue('slave_interface')
vrrp_ip = form.getvalue('vrrpip')
syn_flood = form.getvalue('syn_flood')
virt_server = form.getvalue('virt_server')
return_to_master = form.getvalue('return_to_master')
haproxy = form.getvalue('hap')
nginx = form.getvalue('nginx')
router_id = form.getvalue('router_id')
script = "install_keepalived.sh"
proxy = sql.get_setting('proxy')
keepalived_path_logs = sql.get_setting('keepalived_path_logs')
proxy_serv = ''
ssh_settings = return_ssh_keys_path(master)
if proxy is not None and proxy != '' and proxy != 'None':
proxy_serv = proxy
os.system(f"cp scripts/{script} .")
commands = [
f"chmod +x {script} && ./{script} PROXY={proxy_serv} SSH_PORT={ssh_settings['port']} router_id={router_id} "
f"ETH={eth} IP={vrrp_ip} MASTER=MASTER ETH_SLAVE={eth_slave} keepalived_path_logs={keepalived_path_logs} "
f"RETURN_TO_MASTER={return_to_master} SYN_FLOOD={syn_flood} HOST={master} HAPROXY={haproxy} NGINX={nginx} "
f"USER={ssh_settings['user']} PASS='{ssh_settings['password']}' KEY={ssh_settings['key']}"
]
output, error = server_mod.subprocess_execute(commands[0])
if show_installation_output(error, output, 'master Keepalived'):
sql.update_keepalived(master)
if virt_server != '0':
group_id = sql.get_group_id_by_server_ip(master)
cred_id = sql.get_cred_id_by_server_ip(master)
hostname = sql.get_hostname_by_server_ip(master)
firewall = 1 if server_mod.is_service_active(master, 'firewalld') else 0
sql.add_server(
hostname + '-VIP', IP, group_id, '1', '1', '0', cred_id, ssh_settings['port'], f'VRRP IP for {master}',
haproxy, nginx, '0', firewall
)
os.remove(script)
def keepalived_slave_install():
master = form.getvalue('master_slave')
slave = form.getvalue('slave')
eth = form.getvalue('interface')
eth_slave = form.getvalue('slave_interface')
vrrp_ip = form.getvalue('vrrpip')
syn_flood = form.getvalue('syn_flood')
haproxy = form.getvalue('hap')
nginx = form.getvalue('nginx')
router_id = form.getvalue('router_id')
script = "install_keepalived.sh"
proxy = sql.get_setting('proxy')
keepalived_path_logs = sql.get_setting('keepalived_path_logs')
proxy_serv = ''
ssh_settings = return_ssh_keys_path(slave)
if proxy is not None and proxy != '' and proxy != 'None':
proxy_serv = proxy
os.system(f"cp scripts/{script} .")
commands = [
f"chmod +x {script} && ./{script} PROXY={proxy_serv} SSH_PORT={ssh_settings['port']} router_id={router_id} ETH={eth} "
f"IP={vrrp_ip} MASTER=BACKUP ETH_SLAVE={eth_slave} SYN_FLOOD={syn_flood} keepalived_path_logs={keepalived_path_logs} HAPROXY={haproxy} "
f"NGINX={nginx} HOST={slave} USER={ssh_settings['user']} PASS='{ssh_settings['password']}' KEY={ssh_settings['key']}"
]
output, error = server_mod.subprocess_execute(commands[0])
show_installation_output(error, output, 'slave Keepalived')
os.remove(script)
sql.update_server_master(master, slave)
sql.update_keepalived(slave)
def keepalived_masteradd():
master = form.getvalue('masteradd')
eth = form.getvalue('interfaceadd')
slave_eth = form.getvalue('slave_interfaceadd')
vrrp_ip = form.getvalue('vrrpipadd')
router_id = form.getvalue('router_id')
kp = form.getvalue('kp')
return_to_master = form.getvalue('return_to_master')
script = "install_keepalived.sh"
proxy = sql.get_setting('proxy')
keepalived_path_logs = sql.get_setting('keepalived_path_logs')
proxy_serv = ''
ssh_settings = return_ssh_keys_path(master)
if proxy is not None and proxy != '' and proxy != 'None':
proxy_serv = proxy
os.system(f"cp scripts/{script} .")
commands = [
f"chmod +x {script} && ./{script} PROXY={proxy_serv} SSH_PORT={ssh_settings['port']} ETH={eth} SLAVE_ETH={slave_eth} "
f"keepalived_path_logs={keepalived_path_logs} RETURN_TO_MASTER={return_to_master} IP={vrrp_ip} MASTER=MASTER "
f"RESTART={kp} ADD_VRRP=1 HOST={master} router_id={router_id} USER={ssh_settings['user']} "
f"PASS='{ssh_settings['password']}' KEY={ssh_settings['key']}"
]
output, error = server_mod.subprocess_execute(commands[0])
show_installation_output(error, output, 'master VRRP address')
os.remove(script)
def keepalived_slaveadd():
slave = form.getvalue('slaveadd')
eth = form.getvalue('interfaceadd')
slave_eth = form.getvalue('slave_interfaceadd')
vrrp_ip = form.getvalue('vrrpipadd')
router_id = form.getvalue('router_id')
kp = form.getvalue('kp')
script = "install_keepalived.sh"
proxy = sql.get_setting('proxy')
keepalived_path_logs = sql.get_setting('keepalived_path_logs')
proxy_serv = ''
ssh_settings = return_ssh_keys_path(slave)
if proxy is not None and proxy != '' and proxy != 'None':
proxy_serv = proxy
os.system(f"cp scripts/{script} .")
commands = [
f"chmod +x {script} && ./{script} PROXY={proxy_serv} SSH_PORT={ssh_settings['port']} ETH={eth} SLAVE_ETH={slave_eth} "
f"keepalived_path_logs={keepalived_path_logs} IP={vrrp_ip} MASTER=BACKUP RESTART={kp} ADD_VRRP=1 HOST={slave} "
f"router_id={router_id} USER={ssh_settings['user']} PASS='{ssh_settings['password']}' KEY={ssh_settings['key']}"
]
output, error = server_mod.subprocess_execute(commands[0])
show_installation_output(error, output, 'slave VRRP address')
os.remove(script)

28
app/nettools.py
View File

@ -1,32 +1,32 @@
#!/usr/bin/env python3
import sys
import funct
import modules.common.common as common
import modules.roxywi.roxy as roxywi_mod
import modules.roxywi.auth as roxywi_auth
import modules.roxywi.common as roxywi_common
from jinja2 import Environment, FileSystemLoader
env = Environment(loader=FileSystemLoader('templates/'), autoescape=True)
template = env.get_template('nettools.html')
form = funct.form
form = common.form
print('Content-type: text/html\n')
try:
user, user_id, role, token, servers, user_services \
= funct.get_users_params(virt=1)
except Exception:
pass
user_params = roxywi_common.get_users_params(virt=1)
try:
funct.check_login(user_id, token)
roxywi_auth.check_login(user_params['user_uuid'], user_params['token'])
except Exception as e:
print(f'error {e}')
sys.exit()
output_from_parsed_template = template.render(h2=1, autorefresh=0,
title="Network tools",
role=role,
user=user,
servers=servers,
versions=funct.versions(),
user_services=user_services,
token=token)
role=user_params['role'],
user=user_params['user'],
servers=user_params['servers'],
versions=roxywi_mod.versions(),
user_services=user_params['user_services'],
token=user_params['token'])
print(output_from_parsed_template)

1337
app/options.py
View File

File diff suppressed because it is too large Load Diff

68
app/overview.py
View File

@ -2,12 +2,16 @@
# -*- coding: utf-8 -*-
import os
import sys
import psutil
import funct
import sql
from jinja2 import Environment, FileSystemLoader
import modules.db.sql as sql
import modules.roxywi.logs as roxy_logs
import modules.roxywi.auth as roxywi_auth
import modules.roxywi.common as roxywi_common
import modules.server.server as server_mod
env = Environment(loader=FileSystemLoader('templates/'), autoescape=True)
template = env.get_template('ovw.html')
@ -21,24 +25,20 @@ is_metrics_worker = 0
servers_group = []
host = os.environ.get('HTTP_HOST', '')
try:
user, user_id, role, token, servers, user_services = funct.get_users_params()
except Exception as e:
print(f'error {e}')
sys.exit()
user_params = roxywi_common.get_users_params()
try:
funct.check_login(user_id, token)
roxywi_auth.check_login(user_params['user_uuid'], user_params['token'])
except Exception as e:
print(f'error {e}')
sys.exit()
try:
groups = sql.select_groups()
user_group = funct.get_user_group(id=1)
user_group = roxywi_common.get_user_group(id=1)
if (role == 2 or role == 3) and int(user_group) != 1:
for s in servers:
if (user_params['role'] == 2 or user_params['role'] == 3) and int(user_group) != 1:
for s in user_params['servers']:
servers_group.append(s[2])
is_checker_worker = len(sql.select_all_alerts(group=user_group))
@ -70,21 +70,19 @@ try:
pass
cmd = "systemctl is-active roxy-wi-metrics"
metrics_master, stderr = funct.subprocess_execute(cmd)
metrics_master, stderr = server_mod.subprocess_execute(cmd)
cmd = "systemctl is-active roxy-wi-checker"
checker_master, stderr = funct.subprocess_execute(cmd)
checker_master, stderr = server_mod.subprocess_execute(cmd)
cmd = "systemctl is-active roxy-wi-keep_alive"
keep_alive, stderr = funct.subprocess_execute(cmd)
keep_alive, stderr = server_mod.subprocess_execute(cmd)
cmd = "systemctl is-active roxy-wi-smon"
smon, stderr = funct.subprocess_execute(cmd)
smon, stderr = server_mod.subprocess_execute(cmd)
cmd = "systemctl is-active roxy-wi-portscanner"
port_scanner, stderr = funct.subprocess_execute(cmd)
port_scanner, stderr = server_mod.subprocess_execute(cmd)
cmd = "systemctl is-active roxy-wi-socket"
socket, stderr = funct.subprocess_execute(cmd)
socket, stderr = server_mod.subprocess_execute(cmd)
except Exception:
role = ''
user = ''
except Exception as e:
groups = ''
roles = ''
metrics_master = ''
@ -92,21 +90,21 @@ except Exception:
keep_alive = ''
smon = ''
socket = ''
servers = ''
stderr = ''
token = ''
print(e)
rendered_template = template.render(
h2=1, autorefresh=1, title="Overview", role=role, user=user, groups=groups, roles=sql.select_roles(),
metrics_master=''.join(metrics_master), metrics_worker=metrics_worker, checker_master=''.join(checker_master),
checker_worker=checker_worker, keep_alive=''.join(keep_alive), smon=''.join(smon),
port_scanner=''.join(port_scanner), grafana=grafana, socket=''.join(socket),
roxy_wi_log_id=funct.roxy_wi_log(log_id=1, file="roxy-wi-"),
metrics_log_id=funct.roxy_wi_log(log_id=1, file="metrics"),
checker_log_id=funct.roxy_wi_log(log_id=1, file="checker"),
keep_alive_log_id=funct.roxy_wi_log(log_id=1, file="keep_alive"),
socket_log_id=funct.roxy_wi_log(log_id=1, file="socket"), error=stderr,
roxy_wi_log=funct.roxy_wi_log(), servers=servers, is_checker_worker=is_checker_worker,
is_metrics_worker=is_metrics_worker, host=host, user_services=user_services, token=token
h2=1, autorefresh=1, title="Overview", role=user_params['role'], user=user_params['user'], groups=groups,
roles=sql.select_roles(), metrics_master=''.join(metrics_master), metrics_worker=metrics_worker,
checker_master=''.join(checker_master), checker_worker=checker_worker, keep_alive=''.join(keep_alive),
smon=''.join(smon), port_scanner=''.join(port_scanner), grafana=grafana, socket=''.join(socket),
roxy_wi_log_id=roxy_logs.roxy_wi_log(log_id=1, file="roxy-wi-"),
metrics_log_id=roxy_logs.roxy_wi_log(log_id=1, file="metrics"),
checker_log_id=roxy_logs.roxy_wi_log(log_id=1, file="checker"),
keep_alive_log_id=roxy_logs.roxy_wi_log(log_id=1, file="keep_alive"),
socket_log_id=roxy_logs.roxy_wi_log(log_id=1, file="socket"), error=stderr,
roxy_wi_log=roxy_logs.roxy_wi_log(), servers=user_params['servers'], is_checker_worker=is_checker_worker,
is_metrics_worker=is_metrics_worker, host=host, user_services=user_params['user_services'],
token=user_params['token']
)
print(rendered_template)

77
app/portscanner.py
View File

@ -1,63 +1,64 @@
#!/usr/bin/env python3
import sys
import funct
import sql
from jinja2 import Environment, FileSystemLoader
import modules.db.sql as sql
import modules.common.common as common
import modules.roxywi.auth as roxywi_auth
import modules.roxywi.common as roxywi_common
import modules.server.server as server_mod
env = Environment(loader=FileSystemLoader('templates/'), autoescape=True)
template = env.get_template('portscanner.html')
form = funct.form
form = common.form
serv = form.getvalue('history')
print('Content-type: text/html\n')
try:
user, user_id, role, token, servers, user_services = funct.get_users_params(virt=1)
except Exception as e:
print(str(e))
user_params = roxywi_common.get_users_params(virt=1)
try:
funct.check_login(user_id, token)
roxywi_auth.check_login(user_params['user_uuid'], user_params['token'])
except Exception as e:
print(f'error {e}')
sys.exit()
print(f'error {e}')
sys.exit()
if serv:
title = 'Port scanner history for ' + serv
port_scanner_settings = sql.select_port_scanner_history(serv)
history = '1'
port_scanner = ''
port_scanner_stderr = ''
count_ports = ''
title = f'Port scanner history for {serv}'
port_scanner_settings = sql.select_port_scanner_history(serv)
history = '1'
port_scanner = ''
port_scanner_stderr = ''
count_ports = ''
else:
history = ''
title = 'Port scanner dashboard'
user_group = funct.get_user_group(id=1)
port_scanner_settings = sql.select_port_scanner_settings(user_group)
if not port_scanner_settings:
port_scanner_settings = ''
count_ports = ''
else:
count_ports = list()
for s in servers:
count_ports_from_sql = sql.select_count_opened_ports(s[2])
i = (s[2], count_ports_from_sql)
count_ports.append(i)
history = ''
title = 'Port scanner dashboard'
user_group = roxywi_common.get_user_group(id=1)
port_scanner_settings = sql.select_port_scanner_settings(user_group)
if not port_scanner_settings:
port_scanner_settings = ''
count_ports = ''
else:
count_ports = list()
for s in user_params['servers']:
count_ports_from_sql = sql.select_count_opened_ports(s[2])
i = (s[2], count_ports_from_sql)
count_ports.append(i)
cmd = "systemctl is-active roxy-wi-portscanner"
port_scanner, port_scanner_stderr = funct.subprocess_execute(cmd)
cmd = "systemctl is-active roxy-wi-portscanner"
port_scanner, port_scanner_stderr = server_mod.subprocess_execute(cmd)
try:
user_status, user_plan = funct.return_user_status()
user_subscription = roxywi_common.return_user_status()
except Exception as e:
user_status, user_plan = 0, 0
funct.logging('Roxy-WI server', f'Cannot get a user plan: {e}', roxywi=1)
user_subscription = roxywi_common.return_unsubscribed_user_status()
roxywi_common.logging('Roxy-WI server', f'Cannot get a user plan: {e}', roxywi=1)
rendered_template = template.render(
h2=1, autorefresh=0, title=title, role=role, user=user, servers=servers, port_scanner_settings=port_scanner_settings,
count_ports=count_ports, history=history, port_scanner=''.join(port_scanner), port_scanner_stderr=port_scanner_stderr,
user_services=user_services, user_status=user_status, user_plan=user_plan, token=token
h2=1, autorefresh=0, title=title, role=user_params['role'], user=user_params['user'], servers=user_params['servers'],
port_scanner_settings=port_scanner_settings, count_ports=count_ports, history=history, port_scanner=''.join(port_scanner),
port_scanner_stderr=port_scanner_stderr, user_services=user_params['user_services'], user_status=user_subscription['user_status'],
user_plan=user_subscription['user_plan'], token=user_params['token']
)
print(rendered_template)

31
app/provisioning.py
View File

@ -1,33 +1,38 @@
#!/usr/bin/env python3
import sys
import funct
import sql
from jinja2 import Environment, FileSystemLoader
import modules.db.sql as sql
import modules.common.common as common
import modules.roxywi.auth as roxywi_auth
import modules.roxywi.common as roxywi_common
import modules.server.server as server_mod
env = Environment(extensions=["jinja2.ext.do"], loader=FileSystemLoader('templates/'), autoescape=True)
template = env.get_template('provisioning.html')
form = funct.form
form = common.form
print('Content-type: text/html\n')
user, user_id, role, token, servers, user_services = funct.get_users_params()
user_params = roxywi_common.get_users_params()
try:
funct.check_login(user_id, token)
roxywi_auth.check_login(user_params['user_uuid'], user_params['token'])
except Exception as e:
print(f'error {e}')
sys.exit()
funct.page_for_admin(level=2)
roxywi_auth.page_for_admin(level=2)
try:
if role == 1:
if user_params['role'] == 1:
groups = sql.select_groups()
else:
groups = funct.get_user_group(id=1)
user_group = funct.get_user_group(id=1)
groups = roxywi_common.get_user_group(id=1)
user_group = roxywi_common.get_user_group(id=1)
cmd = 'which terraform'
output, stderr = funct.subprocess_execute(cmd)
output, stderr = server_mod.subprocess_execute(cmd)
if stderr != '':
is_terraform = False
@ -39,8 +44,8 @@ except Exception as e:
print(str(e))
rendered_template = template.render(
title="Servers provisioning", role=role, user=user, groups=groups, user_group=user_group,
servers=sql.select_provisioned_servers(), providers=sql.select_providers(user_group),
is_terraform=is_terraform, user_services=user_services, token=token, params=params
title="Servers provisioning", role=user_params['role'], user=user_params['user'], groups=groups,
user_group=user_group, servers=sql.select_provisioned_servers(), providers=sql.select_providers(user_group),
is_terraform=is_terraform, user_services=user_params['user_services'], token=user_params['token'], params=params
)
print(rendered_template)

15
app/runtimeapi.py
View File

@ -1,22 +1,25 @@
#!/usr/bin/env python3
import sys
import funct
import modules.common.common as common
import modules.roxywi.auth as roxywi_auth
import modules.roxywi.common as roxywi_common
from jinja2 import Environment, FileSystemLoader
env = Environment(loader=FileSystemLoader('templates/'), autoescape=True)
template = env.get_template('runtimeapi.html')
print('Content-type: text/html\n')
user, user_id, role, token, servers, user_services = funct.get_users_params(virt=1, haproxy=1)
user_params = roxywi_common.get_users_params(virt=1, haproxy=1)
try:
funct.check_login(user_id, token, service=1)
roxywi_auth.check_login(user_params['user_uuid'], user_params['token'], service=1)
except Exception as e:
print(f'error {e}')
sys.exit()
form = funct.form
form = common.form
try:
servbackend = form.getvalue('servbackend')
@ -27,7 +30,7 @@ except Exception:
pass
rendered_template = template.render(
h2=0, title="RunTime API", role=role, user=user, select_id="serv", selects=servers, token=token,
user_services=user_services, servbackend=servbackend
h2=0, title="RunTime API", role=user_params['role'], user=user_params['user'], select_id="serv",
selects=user_params['servers'], token=user_params['token'], user_services=user_params['user_services'], servbackend=servbackend
)
print(rendered_template)

50
app/sections.py
View File

@ -4,28 +4,31 @@ import sys
from jinja2 import Environment, FileSystemLoader
import sql
import funct
import modules.db.sql as sql
import modules.common.common as common
import modules.roxywi.auth as roxywi_auth
import modules.roxywi.common as roxywi_common
import modules.config.section as section_mod
import modules.config.config as config_mod
import modules.roxy_wi_tools as roxy_wi_tools
time_zone = sql.get_setting('time_zone')
get_date = roxy_wi_tools.GetDate(time_zone)
get_config_var = roxy_wi_tools.GetConfigVar()
env = Environment(loader=FileSystemLoader('templates/'), autoescape=True, extensions=['jinja2.ext.loopcontrols'])
template = env.get_template('sections.html')
print('Content-type: text/html\n')
try:
user, user_id, role, token, servers, user_services = funct.get_users_params()
except Exception:
pass
user_params = roxywi_common.get_users_params()
try:
funct.check_login(user_id, token, service=1)
roxywi_auth.check_login(user_params['user_uuid'], user_params['token'], service=1)
except Exception as e:
print(f'error {e}')
sys.exit()
form = funct.form
form = common.form
serv = form.getvalue('serv')
section = form.getvalue('section')
is_serv_protected = sql.is_serv_protected(serv)
@ -43,26 +46,26 @@ is_restart = ''
hap_configs_dir = get_config_var.get_config_var('configs', 'haproxy_save_configs_dir')
if serv is not None and open is not None:
cfg = hap_configs_dir + serv + "-" + funct.get_data('config') + ".cfg"
error = funct.get_config(serv, cfg)
sections = funct.get_sections(cfg)
cfg = f"{hap_configs_dir}{serv}-{get_date.return_date('config')}.cfg"
error = config_mod.get_config(serv, cfg)
sections = section_mod.get_sections(cfg)
if serv is not None and section is not None:
try:
funct.logging(serv, "sections.py open config")
roxywi_common.logging(serv, "sections.py open config")
except Exception:
pass
start_line, end_line, config_read = funct.get_section_from_config(cfg, section)
start_line, end_line, config_read = section_mod.get_section_from_config(cfg, section)
server_id = sql.select_server_id_by_ip(serv)
is_restart = sql.select_service_setting(server_id, 'haproxy', 'restart')
os.system("/bin/mv %s %s.old" % (cfg, cfg))
os.system(f"/bin/mv {cfg} {cfg}.old")
if serv is not None and form.getvalue('config') is not None:
try:
funct.logging(serv, "sections.py edited config")
roxywi_common.logging(serv, "sections.py edited config")
except Exception:
pass
@ -77,7 +80,7 @@ if serv is not None and form.getvalue('config') is not None:
config = ''
save = 'reload'
config = funct.rewrite_section(start_line, end_line, oldcfg, config)
config = section_mod.rewrite_section(start_line, end_line, oldcfg, config)
try:
with open(cfg, "w") as conf:
@ -85,21 +88,22 @@ if serv is not None and form.getvalue('config') is not None:
except IOError:
error = "Can't read import config file"
stderr = funct.master_slave_upload_and_restart(serv, cfg, just_save=save, oldcfg=oldcfg)
stderr = config_mod.master_slave_upload_and_restart(serv, cfg, just_save=save, oldcfg=oldcfg)
if "is valid" in stderr:
warning = stderr
stderr = ''
funct.diff_config(oldcfg, cfg)
config_mod.diff_config(oldcfg, cfg)
os.system("/bin/rm -f " + hap_configs_dir + "*.old")
os.system(f"/bin/rm -f {hap_configs_dir}*.old")
rendered_template = template.render(
h2=1, title="Working with HAProxy config sections", role=role, action="sections.py", user=user, select_id="serv",
serv=serv, aftersave=aftersave, config=config_read, cfg=cfg, selects=servers, stderr=stderr, error=error,
start_line=start_line, end_line=end_line, section=section, sections=sections, is_serv_protected=is_serv_protected,
user_services=user_services, token=token, warning=warning, is_restart=is_restart
h2=1, title="Working with HAProxy config sections", role=user_params['role'], action="sections.py", user=user_params['user'],
select_id="serv", serv=serv, aftersave=aftersave, config=config_read, cfg=cfg, selects=user_params['servers'],
stderr=stderr, error=error, start_line=start_line, end_line=end_line, section=section, sections=sections,
is_serv_protected=is_serv_protected,user_services=user_params['user_services'], token=user_params['token'],
warning=warning, is_restart=is_restart
)
print(rendered_template)

37
app/servers.py
View File

@ -3,45 +3,50 @@ import sys
import pytz
import funct
import sql
import modules.db.sql as sql
import modules.common.common as common
import modules.roxywi.auth as roxywi_auth
import modules.roxywi.common as roxywi_common
from jinja2 import Environment, FileSystemLoader
env = Environment(extensions=["jinja2.ext.do"], loader=FileSystemLoader('templates/'), autoescape=True)
template = env.get_template('servers.html')
form = funct.form
form = common.form
print('Content-type: text/html\n')
user, user_id, role, token, servers, user_services = funct.get_users_params()
user_params = roxywi_common.get_users_params()
try:
funct.check_login(user_id, token)
roxywi_auth.check_login(user_params['user_uuid'], user_params['token'])
except Exception as e:
print(f'error {e}')
sys.exit()
funct.page_for_admin(level=2)
roxywi_auth.page_for_admin(level=2)
try:
ldap_enable = sql.get_setting('ldap_enable')
user_group = funct.get_user_group(id=1)
user_group = roxywi_common.get_user_group(id=1)
settings = sql.get_setting('', all=1)
geoip_country_codes = sql.select_geoip_country_codes()
services = sql.select_services()
gits = sql.select_gits()
servers = roxywi_common.get_dick_permit(virt=1, disable=0, only_group=1)
masters = sql.select_servers(get_master_servers=1, uuid=user_params['user_uuid'].value)
except Exception:
pass
try:
user_status, user_plan = funct.return_user_status()
user_subscription = roxywi_common.return_user_status()
except Exception as e:
user_status, user_plan = 0, 0
funct.logging('Roxy-WI server', f'Cannot get a user plan: {e}', roxywi=1)
user_subscription = roxywi_common.return_unsubscribed_user_status()
roxywi_common.logging('Roxy-WI server', f'Cannot get a user plan: {e}', roxywi=1)
rendered_template = template.render(
title="Servers: ", role=role, user=user, users=sql.select_users(group=user_group), groups=sql.select_groups(),
servers=sql.get_dick_permit(virt=1, disable=0, only_group=1), roles=sql.select_roles(),
masters=sql.select_servers(get_master_servers=1, uuid=user_id.value), group=user_group,
sshs=sql.select_ssh(group=user_group), token=token, settings=settings, backups=sql.select_backups(),
page="servers.py", geoip_country_codes=geoip_country_codes, user_services=user_services, ldap_enable=ldap_enable,
user_status=user_status, user_plan=user_plan, gits=gits, services=services, timezones=pytz.all_timezones
title="Servers: ", role=user_params['role'], user=user_params['user'], users=sql.select_users(group=user_group),
groups=sql.select_groups(), servers=servers, roles=sql.select_roles(), sshs=sql.select_ssh(group=user_group),
masters=masters, group=user_group, services=services, timezones=pytz.all_timezones,
token=user_params['token'], settings=settings, backups=sql.select_backups(), page="servers.py",
geoip_country_codes=geoip_country_codes, user_services=user_params['user_services'], ldap_enable=ldap_enable,
user_status=user_subscription['user_status'], user_plan=user_subscription['user_plan'], gits=gits,
)
print(rendered_template)

36
app/smon.py
View File

@ -1,38 +1,44 @@
#!/usr/bin/env python3
import sys
import funct
import sql
from jinja2 import Environment, FileSystemLoader
import modules.db.sql as sql
import modules.common.common as common
import modules.roxywi.auth as roxywi_auth
import modules.roxywi.common as roxywi_common
import modules.server.server as server_mod
env = Environment(loader=FileSystemLoader('templates/'), autoescape=True)
template = env.get_template('smon.html')
print('Content-type: text/html\n')
user, user_id, role, token, servers, user_services = funct.get_users_params()
user_params = roxywi_common.get_users_params()
try:
funct.check_login(user_id, token)
roxywi_auth.check_login(user_params['user_uuid'], user_params['token'])
except Exception as e:
print(f'error {e}')
sys.exit()
form = funct.form
roxywi_common.check_user_group()
form = common.form
action = form.getvalue('action')
sort = form.getvalue('sort')
autorefresh = 0
user_group = funct.get_user_group(id=1)
user_group = roxywi_common.get_user_group(id=1)
cmd = "systemctl is-active roxy-wi-smon"
smon_status, stderr = funct.subprocess_execute(cmd)
smon_status, stderr = server_mod.subprocess_execute(cmd)
if action == 'add':
smon = sql.select_smon(user_group, action='add')
funct.page_for_admin(level=3)
roxywi_auth.page_for_admin(level=3)
title = "SMON Admin"
elif action == 'history':
if form.getvalue('host'):
needed_host = funct.is_ip_or_dns(form.getvalue('host'))
needed_host = common.is_ip_or_dns(form.getvalue('host'))
smon = sql.alerts_history('SMON', user_group, host=needed_host)
else:
smon = sql.alerts_history('SMON', user_group)
@ -46,15 +52,15 @@ else:
autorefresh = 1
try:
user_status, user_plan = funct.return_user_status()
user_subscription = roxywi_common.return_user_status()
except Exception as e:
user_status, user_plan = 0, 0
funct.logging('Roxy-WI server', f'Cannot get a user plan: {e}', roxywi=1)
user_subscription = roxywi_common.return_unsubscribed_user_status()
roxywi_common.logging('Roxy-WI server', f'Cannot get a user plan: {e}', roxywi=1)
rendered_template = template.render(
h2=1, title=title, autorefresh=autorefresh, role=role, user=user, group=user_group,
h2=1, title=title, autorefresh=autorefresh, role=user_params['role'], user=user_params['user'], group=user_group,
telegrams=sql.get_user_telegram_by_group(user_group), slacks=sql.get_user_slack_by_group(user_group),
smon=smon, smon_status=smon_status, smon_error=stderr, action=action, sort=sort, user_services=user_services,
user_status=user_status, user_plan=user_plan, token=token
smon=smon, smon_status=smon_status, smon_error=stderr, action=action, sort=sort, user_services=user_params['user_services'],
user_status=user_subscription['user_status'], user_plan=user_subscription['user_plan'], token=user_params['token']
)
print(rendered_template)

20
app/statsview.py
View File

@ -1,14 +1,17 @@
#!/usr/bin/env python3
import funct
import sql
import modules.db.sql as sql
import modules.common.common as common
import modules.roxywi.auth as roxywi_auth
import modules.roxywi.common as roxywi_common
from jinja2 import Environment, FileSystemLoader
env = Environment(loader=FileSystemLoader('templates/'), autoescape=True)
template = env.get_template('statsview.html')
print('Content-type: text/html\n')
user, user_id, role, token, servers, user_services = funct.get_users_params(virt=1, haproxy=1)
user_params = roxywi_common.get_users_params(virt=1, haproxy=1)
form = funct.form
form = common.form
serv = form.getvalue('serv')
service = form.getvalue('service')
@ -23,14 +26,15 @@ except Exception:
if service in ('haproxy', 'nginx', 'apache'):
service_desc = sql.select_service(service)
if funct.check_login(user_id, token, service=service_desc.service_id):
if roxywi_auth.check_login(user_params['user_uuid'], user_params['token'], service=service_desc.service_id):
title = f'{service_desc.service} stats page'
sql.get_dick_permit(service=service_desc.slug)
roxywi_common.get_dick_permit(service=service_desc.slug)
else:
print('<meta http-equiv="refresh" content="0; url=/app/overview.py">')
rendered_template = template.render(
h2=1, autorefresh=1, title=title, role=role, user=user, onclick="showStats()", select_id="serv",
selects=servers, serv=serv, service=service, user_services=user_services, token=token
h2=1, autorefresh=1, title=title, role=user_params['role'], user=user_params['user'], onclick="showStats()",
selects=user_params['servers'], serv=serv, service=service, user_services=user_params['user_services'],
token=user_params['token'], select_id="serv"
)
print(rendered_template)

47
app/users.py
View File

@ -4,46 +4,47 @@ import sys
import pytz
import funct
import sql
import modules.db.sql as sql
import modules.common.common as common
import modules.roxywi.auth as roxywi_auth
import modules.roxywi.common as roxywi_common
from jinja2 import Environment, FileSystemLoader
env = Environment(loader=FileSystemLoader('templates/'), autoescape=True)
template = env.get_template('admin.html')
form = funct.form
form = common.form
print('Content-type: text/html\n')
user, user_id, role, token, servers, user_services = funct.get_users_params()
user_params = roxywi_common.get_users_params()
try:
funct.check_login(user_id, token)
roxywi_auth.check_login(user_params['user_uuid'], user_params['token'])
except Exception as e:
print(f'error {e}')
sys.exit()
funct.page_for_admin()
roxywi_auth.page_for_admin()
users = sql.select_users()
settings = sql.get_setting('', all=1)
ldap_enable = sql.get_setting('ldap_enable')
services = sql.select_services()
gits = sql.select_gits()
masters = sql.select_servers(get_master_servers=1)
try:
users = sql.select_users()
settings = sql.get_setting('', all=1)
ldap_enable = sql.get_setting('ldap_enable')
services = sql.select_services()
gits = sql.select_gits()
except Exception:
pass
try:
user_status, user_plan = funct.return_user_status()
user_subscription = roxywi_common.return_user_status()
except Exception as e:
user_status, user_plan = 0, 0
funct.logging('Roxy-WI server', f'Cannot get a user plan: {e}', roxywi=1)
user_subscription = roxywi_common.return_unsubscribed_user_status()
roxywi_common.logging('Roxy-WI server', f'Cannot get a user plan: {e}', roxywi=1)
rendered_template = template.render(
title="Admin area: Manage users", role=role, user=user, users=users, groups=sql.select_groups(),
servers=sql.select_servers(full=1), roles=sql.select_roles(), masters=sql.select_servers(get_master_servers=1),
sshs=sql.select_ssh(), token=token, settings=settings, backups=sql.select_backups(),
page="users.py", user_services=user_services, ldap_enable=ldap_enable, user_status=user_status,
user_plan=user_plan, gits=gits, services=services, timezones=pytz.all_timezones
title="Admin area: Manage users", role=user_params['role'], user=user_params['user'], users=users, groups=sql.select_groups(),
servers=sql.select_servers(full=1), roles=sql.select_roles(), masters=masters, sshs=sql.select_ssh(),
settings=settings, backups=sql.select_backups(), services=services, timezones=pytz.all_timezones,
page="users.py", user_services=user_params['user_services'], ldap_enable=ldap_enable, gits=gits,
user_status=user_subscription['user_status'], user_plan=user_subscription['user_plan'], token=user_params['token']
)
print(rendered_template)

42
app/versions.py
View File

@ -3,8 +3,11 @@ import os
from jinja2 import Environment, FileSystemLoader
import funct
import sql
import modules.db.sql as sql
import modules.common.common as common
import modules.roxywi.auth as roxywi_auth
import modules.roxywi.common as roxywi_common
import modules.config.config as config_mod
import modules.roxy_wi_tools as roxy_wi_tools
get_config_var = roxy_wi_tools.GetConfigVar()
@ -13,16 +16,13 @@ template = env.get_template('delver.html')
print('Content-type: text/html\n')
try:
user, user_id, role, token, servers, user_services = funct.get_users_params(disable=1)
except Exception:
pass
user_params = roxywi_common.get_users_params(disable=1)
funct.page_for_admin(level=3)
roxywi_auth.page_for_admin(level=3)
form = funct.form
serv = funct.is_ip_or_dns(form.getvalue('serv'))
service = funct.checkAjaxInput(form.getvalue('service'))
form = common.form
serv = common.is_ip_or_dns(form.getvalue('serv'))
service = common.checkAjaxInput(form.getvalue('service'))
Select = form.getvalue('del')
configver = form.getvalue('configver')
conf_format = 'cfg'
@ -36,9 +36,9 @@ if configver:
if service in ('haproxy', 'nginx', 'keepalived', 'apache'):
service_desc = sql.select_service(service)
if funct.check_login(user_id, token, service=service_desc.service_id):
if roxywi_auth.check_login(user_params['user_uuid'], user_params['token'], service=service_desc.service_id):
title = f"Working with versions {service_desc.service} configs"
servers = sql.get_dick_permit(service=service_desc.slug)
servers = roxywi_common.get_dick_permit(service=service_desc.slug)
action = f'versions.py?service={service_desc.slug}'
conf_format = 'conf'
@ -71,7 +71,7 @@ if serv is not None and form.getvalue('del') is not None:
os.remove(os.path.join(configs_dir, form.getvalue(get)))
try:
file.add(form.getvalue(get) + "<br />")
funct.logging(
roxywi_common.logging(
serv, "Version of config has been deleted: %s" % form.getvalue(get), login=1, keep_history=1, service=service
)
except Exception:
@ -85,27 +85,27 @@ if serv is not None and form.getvalue('config') is not None:
aftersave = 1
try:
funct.logging(
roxywi_common.logging(
serv, "Version of config has been uploaded %s" % configver, login=1, keep_history=1, service=service
)
except Exception:
pass
if service == 'keepalived':
stderr = funct.upload_and_restart(serv, configver, just_save=save, keepalived=1)
stderr = config_mod.upload_and_restart(serv, configver, just_save=save, keepalived=1)
elif service == 'nginx':
config_file_name = sql.select_remote_path_from_version(server_ip=serv, service=service, local_path=configver)
stderr = funct.master_slave_upload_and_restart(serv, configver, just_save=save, nginx=1, config_file_name=config_file_name)
stderr = config_mod.master_slave_upload_and_restart(serv, configver, just_save=save, nginx=1, config_file_name=config_file_name)
elif service == 'apache':
config_file_name = sql.select_remote_path_from_version(server_ip=serv, service=service, local_path=configver)
stderr = funct.master_slave_upload_and_restart(serv, configver, just_save=save, apache=1, config_file_name=config_file_name)
stderr = config_mod.master_slave_upload_and_restart(serv, configver, just_save=save, apache=1, config_file_name=config_file_name)
else:
stderr = funct.master_slave_upload_and_restart(serv, configver, just_save=save)
stderr = config_mod.master_slave_upload_and_restart(serv, configver, just_save=save)
rendered_template = template.render(
h2=1, title=title, role=role, user=user, select_id="serv", serv=serv, aftersave=aftersave, selects=servers,
stderr=stderr, open=form.getvalue('open'), Select=form.getvalue('del'), file=file, configver=configver,
service=service, user_services=user_services, action=action, token=token
h2=1, title=title, role=user_params['role'], user=user_params['user'], select_id="serv", serv=serv, aftersave=aftersave,
selects=user_params['servers'], stderr=stderr, open=form.getvalue('open'), Select=form.getvalue('del'), file=file,
configver=configver, service=service, user_services=user_params['user_services'], action=action, token=user_params['token']
)
print(rendered_template)

24
app/viewlogs.py
View File

@ -5,20 +5,22 @@ import datetime
from jinja2 import Environment, FileSystemLoader
import funct
import sql
import modules.db.sql as sql
import modules.common.common as common
import modules.roxywi.auth as roxywi_auth
import modules.roxywi.common as roxywi_common
import modules.roxy_wi_tools as roxy_wi_tools
get_config_var = roxy_wi_tools.GetConfigVar()
env = Environment(loader=FileSystemLoader('templates/'), autoescape=True)
template = env.get_template('logs.html')
form = funct.form
form = common.form
print('Content-type: text/html\n')
user, user_id, role, token, servers, user_services = funct.get_users_params()
user_params = roxywi_common.get_users_params()
try:
funct.check_login(user_id, token)
roxywi_auth.check_login(user_params['user_uuid'], user_params['token'])
except Exception as e:
print(f'error {e}')
sys.exit()
@ -46,10 +48,10 @@ minut = form.getvalue('minut')
minut1 = form.getvalue('minut1')
if form.getvalue('type') == '2':
funct.page_for_admin(level=2)
roxywi_auth.page_for_admin(level=2)
page = 'for_editor'
else:
funct.page_for_admin()
roxywi_auth.page_for_admin()
page = ''
log_path = get_config_var.get_config_var('main', 'log_path')
@ -66,15 +68,15 @@ try:
except Exception:
pass
selects = funct.get_files(log_path, file_format="log")
selects = roxywi_common.get_files(log_path, file_format="log")
if form.getvalue('type') is None:
selects.append(['fail2ban.log', 'fail2ban.log'])
selects.append(['roxy-wi.error.log', 'error.log'])
selects.append(['roxy-wi.access.log', 'access.log'])
rendered_template = template.render(
h2=1, autorefresh=1, title="View internal logs", role=role, user=user, serv=serv, select_id="viewlogs",
selects=selects, rows=rows, grep=grep, exgrep=exgrep, hour=hour, hour1=hour1, minut=minut,
minut1=minut1, page=page, user_services=user_services, token=token
h2=1, autorefresh=1, title="View internal logs", role=user_params['role'], user=user_params['user'], serv=serv,
select_id="viewlogs", selects=selects, rows=rows, grep=grep, exgrep=exgrep, hour=hour, hour1=hour1, minut=minut,
minut1=minut1, page=page, user_services=user_params['user_services'], token=user_params['token']
)
print(rendered_template)

59
app/waf.py
View File

@ -2,20 +2,25 @@
import os
import sys
import funct
import sql
from jinja2 import Environment, FileSystemLoader
import modules.db.sql as sql
import modules.common.common as common
import modules.roxywi.auth as roxywi_auth
import modules.roxywi.common as roxywi_common
import modules.config.config as config_mod
import modules.roxy_wi_tools as roxy_wi_tools
time_zone = sql.get_setting('time_zone')
get_date = roxy_wi_tools.GetDate(time_zone)
env = Environment(loader=FileSystemLoader('templates/'), autoescape=True)
template = env.get_template('waf.html')
print('Content-type: text/html\n')
try:
user, user_id, role, token, servers, user_services = funct.get_users_params(haproxy=1)
except Exception:
pass
user_params = roxywi_common.get_users_params(haproxy=1)
form = funct.form
form = common.form
manage_rules = form.getvalue('manage_rules')
waf_rule_id = form.getvalue('waf_rule_id')
service = form.getvalue('service')
@ -29,32 +34,34 @@ rules = ''
cfg = ''
funct.page_for_admin(level=2)
roxywi_auth.page_for_admin(level=2)
print(service)
if service == 'nginx':
funct.check_login(user_id, token, service=2)
roxywi_auth.check_login(user_params['user_uuid'], user_params['token'], service=2)
servers = roxywi_common.get_dick_permit(nginx=1)
else:
funct.check_login(user_id, token, service=1)
roxywi_auth.check_login(user_params['user_uuid'], user_params['token'], service=1)
servers = user_params['servers']
if manage_rules == '1':
serv = funct.is_ip_or_dns(form.getvalue('serv'))
funct.check_is_server_in_group(serv)
serv = common.is_ip_or_dns(form.getvalue('serv'))
roxywi_common.check_is_server_in_group(serv)
title = "Manage rules - Web application firewall"
rules = sql.select_waf_rules(serv, service)
elif waf_rule_id and form.getvalue('config') is None:
serv = funct.is_ip_or_dns(form.getvalue('serv'))
funct.check_is_server_in_group(serv)
serv = common.is_ip_or_dns(form.getvalue('serv'))
roxywi_common.check_is_server_in_group(serv)
title = 'Edit a WAF rule'
waf_rule_file = sql.select_waf_rule_by_id(waf_rule_id)
configs_dir = sql.get_setting('tmp_config_path')
cfg = configs_dir + serv + "-" + funct.get_data('config') + "-" + waf_rule_file
error = funct.get_config(serv, cfg, waf=service, waf_rule_file=waf_rule_file)
cfg = configs_dir + serv + "-" + get_date.return_date('config') + "-" + waf_rule_file
error = config_mod.get_config(serv, cfg, waf=service, waf_rule_file=waf_rule_file)
if service == 'haproxy':
config_path = sql.get_setting('haproxy_dir')
elif service == 'nginx':
config_path = sql.get_setting('nginx_dir')
config_file_name = funct.return_nice_path(config_path) + 'waf/rules/' + waf_rule_file
config_file_name = comon.return_nice_path(config_path) + 'waf/rules/' + waf_rule_file
try:
conf = open(cfg, "r")
config_read = conf.read()
@ -63,14 +70,14 @@ elif waf_rule_id and form.getvalue('config') is None:
print('Cannot read imported config file')
else:
title = "Web application firewall"
servers_waf = sql.select_waf_servers_metrics(user_id.value)
servers_waf = sql.select_waf_servers_metrics(user_params['user_uuid'].value)
autorefresh = 1
if serv is not None and form.getvalue('config') is not None:
funct.check_is_server_in_group(serv)
roxywi_common.check_is_server_in_group(serv)
configs_dir = sql.get_setting('tmp_config_path')
cfg = configs_dir + serv + "-" + funct.get_data('config')
cfg = configs_dir + serv + "-" + get_date.return_date('config')
config_file_name = form.getvalue('config_file_name')
config = form.getvalue('config')
oldcfg = form.getvalue('oldconfig')
@ -82,9 +89,9 @@ if serv is not None and form.getvalue('config') is not None:
except IOError:
print("error: Cannot read imported config file")
stderr = funct.master_slave_upload_and_restart(serv, cfg, just_save=save, waf=1, oldcfg=oldcfg, config_file_name=config_file_name)
stderr = config_mod.master_slave_upload_and_restart(serv, cfg, just_save=save, waf=1, oldcfg=oldcfg, config_file_name=config_file_name)
funct.diff_config(oldcfg, cfg)
config_mod.diff_config(oldcfg, cfg)
try:
os.system("/bin/rm -f " + configs_dir + "*.old")
@ -97,9 +104,9 @@ if serv is not None and form.getvalue('config') is not None:
sys.exit()
rendered_template = template.render(
h2=1, title=title, autorefresh=autorefresh, role=role, user=user, serv=serv, servers=servers_waf,
servers_all=servers, manage_rules=manage_rules, rules=rules, user_services=user_services,
waf_rule_file=waf_rule_file, waf_rule_id=waf_rule_id, config=config_read, cfg=cfg, token=token,
h2=1, title=title, autorefresh=autorefresh, role=user_params['role'], user=user_params['user'], serv=serv, servers=servers_waf,
servers_all=servers, manage_rules=manage_rules, rules=rules, user_services=user_params['user_services'],
waf_rule_file=waf_rule_file, waf_rule_id=waf_rule_id, config=config_read, cfg=cfg, token=user_params['token'],
config_file_name=config_file_name, service=service
)
print(rendered_template)