v4.5.2.0

Changelog: https://haproxy-wi.org/changelog.py#4_5_2

app/funct.py

@@ -241,7 +241,11 @@ def ssh_connect(serv, **kwargs):
 	ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
 	try:
 		if ssh_enable == 1:
-			k = paramiko.RSAKey.from_private_key_file(ssh_key_name)
+			cloud = sql.is_cloud()
+			if cloud != '':
+				k = paramiko.pkey.load_private_key_file(ssh_key_name, password=cloud)
+			else:
+				k = paramiko.pkey.load_private_key_file(ssh_key_name)
 			ssh.connect(hostname=serv, port=ssh_port, username=ssh_user_name, pkey=k, timeout=11)
 		else:
 			ssh.connect(hostname=serv, port=ssh_port, username=ssh_user_name, password=ssh_user_password, timeout=11)
@@ -252,6 +256,9 @@ def ssh_connect(serv, **kwargs):
 	except paramiko.SSHException as sshException:
 		return 'error: Unable to establish SSH connection: %s ' % sshException
 		pass
+	except paramiko.PasswordRequiredException as e:
+		return 'error: %s ' % e
+		pass
 	except paramiko.BadHostKeyException as badHostKeyException:
 		return 'error: Unable to verify server\'s host key: %s ' % badHostKeyException
 		pass

app/login.py

@@ -23,6 +23,7 @@ db_create = ""
 error_log = ""
 error = ""
 
+
 def send_cookie(login):
 	session_ttl = sql.get_setting('session_ttl')
 	session_ttl = int(session_ttl)
@@ -37,7 +38,7 @@ def send_cookie(login):
 		cookie = http.cookies.SimpleCookie(os.environ.get("HTTP_COOKIE"))
 		user_group_id = cookie.get('group')
 		user_group_id = user_group_id.value
-		if sql.check_user_group(id,user_group_id):
+		if sql.check_user_group(id, user_group_id):
 			user_groups = user_group_id
 		else:
 			user_groups = sql.select_user_groups(id, limit=1)
@@ -66,7 +67,8 @@ def send_cookie(login):
 		user_group = ''
 
 	try:
-		funct.logging('locahost', ' user: '+sql.get_user_name_by_uuid(user_uuid)+', group: '+user_group+' log in', haproxywi=1)
+		user_name = sql.get_user_name_by_uuid(user_uuid)
+		funct.logging('localhost', ' user: ' + user_name + ', group: ' + user_group + ' log in', haproxywi=1)
 	except:
 		pass
 	print("Content-type: text/html\n")
@@ -77,15 +79,15 @@ def send_cookie(login):
 def ban():
 	c = http.cookies.SimpleCookie(os.environ.get("HTTP_COOKIE"))
 	expires = datetime.datetime.utcnow() + datetime.timedelta(seconds=10)
-	c["ban"] = 1
+	c["ban"] = "1"
 	c["ban"]["path"] = "/"
 	# c["ban"]["samesite"] = "Strict"
 	c["ban"]["Secure"] = "True"
 	c["ban"]["expires"] = expires.strftime("%a, %d %b %Y %H:%M:%S GMT")
 	try:
-		funct.logging('locahost', login+' failed log in', haproxywi=1, login=1)
+		funct.logging('localhost', login+' failed log in', haproxywi=1, login=1)
 	except:
-		funct.logging('locahost', ' Failed log in. Wrong username', haproxywi=1)
+		funct.logging('localhost', ' Failed log in. Wrong username', haproxywi=1)
 	print(c.output())
 	print("Content-type: text/html\n")
 	print('ban')
@@ -106,7 +108,7 @@ def check_in_ldap(user, password):
 
 	ldap_proto = 'ldap' if ldap_type == "0" else 'ldaps'
 
-	l = ldap.initialize('{}://{}:{}/'.format(ldap_proto,server, port))
+	l = ldap.initialize('{}://{}:{}/'.format(ldap_proto, server, port))
 	try:
 		l.protocol_version = ldap.VERSION3
 		l.set_option(ldap.OPT_REFERRALS, 0)
@@ -127,7 +129,7 @@ def check_in_ldap(user, password):
 		print('<center><div class="alert alert-danger">Server down</div><br /><br />')
 		sys.exit()
 	except ldap.LDAPError as e:
-		if type(e.message) == dict and e.message.has_key('desc'):
+		if type(e.message) == dict and 'desc' in e.message:
 			print("Content-type: text/html\n")
 			print('<center><div class="alert alert-danger">Other LDAP error: %s</div><br /><br />' % e.message['desc'])
 			sys.exit()
@@ -143,13 +145,14 @@ if ref is None:
 	ref = "/index.html"
 
 if form.getvalue('error'):
-	error_log = '<div class="alert alert-danger">Somthing wrong :( I\'m sad about this, but try again!</div><br /><br />'
+	error_log = '<div class="alert alert-danger">Something wrong. Try again</div><br /><br />'
 
 try:
 	if sql.get_setting('session_ttl'):
 		session_ttl = sql.get_setting('session_ttl')
 except:
-	error = '<center><div class="alert alert-danger">Can not find "session_ttl" parametr. Check into settings, "main" section</div>'
+	error = '<center><div class="alert alert-danger">Cannot find "session_ttl" parameter. ' \
+			'Check it into settings, "main" section</div>'
 	pass
 
 try:
@@ -195,21 +198,14 @@ if login is not None and password is not None:
 		sys.exit()
 	print("Content-type: text/html\n")
 
-if login is None:
-	print("Content-type: text/html\n")
-	if create_db.check_db():
-		if create_db.create_table():
-			create_db.update_all()
-			db_create = '<div class="alert alert-success">DB was created<br /><br />Now you can login, default: admin/admin</div>'
-
 create_db.update_all_silent()
 
-output_from_parsed_template = template.render(h2 = 0, title = "Login page",
+output_from_parsed_template = template.render(h2=0, title="Login page",
-													role = role,
+													role=role,
-													user = user,
+													user=user,
-													error_log = error_log,
+													error_log=error_log,
-													error = error,
+													error=error,
-													ref = ref,
+													ref=ref,
-													versions = funct.versions(),
+													versions=funct.versions(),
-													db_create = db_create)
+													db_create=db_create)
 print(output_from_parsed_template)

app/options.py

@@ -1839,8 +1839,11 @@ if form.getvalue('updatessh'):
         funct.logging('the SSH ' + name, ' has updated credentials ', haproxywi=1, login=1)
 
 if form.getvalue('ssh_cert'):
+    import paramiko
+
     user_group = funct.get_user_group()
     name = form.getvalue('name')
+    key = paramiko.pkey.load_private_key(form.getvalue('ssh_cert'))
     ssh_keys = os.path.dirname(os.getcwd()) + '/keys/' + name + '.pem'
 
     if not os.path.isfile(ssh_keys):
@@ -1852,8 +1855,11 @@ if form.getvalue('ssh_cert'):
     ssh_keys = os.path.dirname(os.getcwd()) + '/keys/' + name + '.pem'
 
     try:
-        with open(ssh_keys, "w") as conf:
+        cloud = sql.is_cloud()
-            conf.write(form.getvalue('ssh_cert'))
+        if cloud != '':
+            key.write_private_key_file(ssh_keys, password=cloud)
+        else:
+            key.write_private_key_file(ssh_keys)
     except IOError:
         print('error: Cannot save SSH key file. Check SSH keys path in config')
     else:

app/sql.py

@@ -34,20 +34,24 @@ def get_cur():
 def add_user(user, email, password, role, activeuser):
 	con, cur = get_cur()
 	if password != 'aduser':
-		sql = """INSERT INTO user (username, email, password, role, activeuser) VALUES ('%s', '%s', '%s', '%s', '%s')""" % (user, email, funct.get_hash(password), role, activeuser)
+		sql = """INSERT INTO user (username, email, password, role, activeuser) 
+		VALUES ('%s', '%s', '%s', '%s', '%s')""" % (user, email, funct.get_hash(password), role, activeuser)
 	else:
-		sql = """INSERT INTO user (username, email, role, ldap_user, activeuser) VALUES ('%s', '%s', '%s', '1', '%s')""" % (user, email, role, activeuser)
+		sql = """INSERT INTO user (username, email, role, ldap_user, activeuser) 
+		VALUES ('%s', '%s', '%s', '1', '%s')""" % (user, email, role, activeuser)
 	try:
 		cur.execute(sql)
 		con.commit()
 	except sqltool.Error as e:
 		funct.out_error(e)
 		con.rollback()
-		return False
-	else:
-		return True
 		cur.close()
 		con.close()
+		return False
+	else:
+		cur.close()
+		con.close()
+		return True
 
 
 def update_user(user, email, role, id, activeuser):
@@ -63,11 +67,13 @@ def update_user(user, email, role, id, activeuser):
 	except sqltool.Error as e:
 		funct.out_error(e)
 		con.rollback()
-		return False
-	else:
-		return True
 		cur.close()
 		con.close()
+		return False
+	else:
+		cur.close()
+		con.close()
+		return True
 
 
 def update_user_groups(groups, id):
@@ -79,11 +85,13 @@ def update_user_groups(groups, id):
 	except sqltool.Error as e:
 		funct.out_error(e)
 		con.rollback()
-		return False
-	else:
-		return True
 		cur.close()
 		con.close()
+		return False
+	else:
+		cur.close()
+		con.close()
+		return True
 
 
 def delete_user_groups(id):
@@ -96,11 +104,13 @@ def delete_user_groups(id):
 	except sqltool.Error as e:
 		funct.out_error(e)
 		con.rollback()
-		return False
-	else:
-		return True
 		cur.close()
 		con.close()
+		return False
+	else:
+		cur.close()
+		con.close()
+		return True
 
 
 def update_user_password(password, id):
@@ -113,11 +123,13 @@ def update_user_password(password, id):
 	except sqltool.Error as e:
 		funct.out_error(e)
 		con.rollback()
-		return False
-	else:
-		return True
 		cur.close()
 		con.close()
+		return False
+	else:
+		cur.close()
+		con.close()
+		return True
 
 
 def delete_user(id):
@@ -129,11 +141,14 @@ def delete_user(id):
 	except sqltool.Error as e:
 		funct.out_error(e)
 		con.rollback()
-		return False
-	else:
-		return True
 		cur.close()
 		con.close()
+		return False
+	else:
+		cur.close()
+		con.close()
+		return True
+
 
 def add_group(name, description):
 	con, cur = get_cur()
@@ -158,10 +173,9 @@ def add_group(name, description):
 				group_id = g[0]
 			add_setting_for_new_group(group_id)
 
-		return True
-
 		cur.close()
 		con.close()
+		return True
 
 
 def add_setting_for_new_group(group_id):
@@ -215,9 +229,9 @@ def add_setting_for_new_group(group_id):
 		except sqltool.Error as e:
 			funct.out_error(e)
 	else:
-		return True
 		cur.close()
 		con.close()
+		return True
 
 
 def delete_group_settings(group_id):
@@ -230,6 +244,8 @@ def delete_group_settings(group_id):
 		funct.out_error(e)
 		con.rollback()
 	else:
+		cur.close()
+		con.close()
 		return True
 	cur.close()
 	con.close()
@@ -244,11 +260,14 @@ def delete_group(id):
 	except sqltool.Error as e:
 		funct.out_error(e)
 		con.rollback()
-	else:
-		delete_group_settings(id)
-		return True
 		cur.close()
 		con.close()
+		return False
+	else:
+		delete_group_settings(id)
+		cur.close()
+		con.close()
+		return True
 
 
 def update_group(name, descript, id):
@@ -264,11 +283,13 @@ def update_group(name, descript, id):
 	except sqltool.Error as e:
 		funct.out_error(e)
 		con.rollback()
-		return False
-	else:
-		return True
 		cur.close()
 		con.close()
+		return False
+	else:
+		cur.close()
+		con.close()
+		return True
 
 
 def add_server(hostname, ip, group, typeip, enable, master, cred, port, desc, haproxy, nginx):
@@ -279,13 +300,15 @@ def add_server(hostname, ip, group, typeip, enable, master, cred, port, desc, ha
 	try:
 		cur.execute(sql)
 		con.commit()
+		cur.close()
+		con.close()
 		return True
 	except sqltool.Error as e:
 		funct.out_error(e)
 		con.rollback()
-		return False
 		cur.close()
 		con.close()
+		return False
 
 
 def delete_server(id):
@@ -371,7 +394,8 @@ def select_users(**kwargs):
 	if kwargs.get("id") is not None:
 		sql = """select * from user where id='%s' """ % kwargs.get("id")
 	if kwargs.get("group") is not None:
-		sql = """ select user.* from user left join user_groups as groups on user.id = groups.user_id where groups.user_group_id = '%s' group by id;
+		sql = """ select user.* from user left 
+		join user_groups as groups on user.id = groups.user_id where groups.user_group_id = '%s' group by id;
 		""" % kwargs.get("group")
 	try:
 		cur.execute(sql)
@@ -413,11 +437,9 @@ def check_user_group(user_id, group_id):
 		print(str(e))
 	else:
 		for g in cur.fetchall():
-			#print(str(g[0]))
 			if g[0] != '':
 				return True
 			else:
-				#print('Atata!')
 				return False
 
 	cur.close()
@@ -512,6 +534,7 @@ def select_servers(**kwargs):
 	cur.close()
 	con.close()
 
+
 def write_user_uuid(login, user_uuid):
 	con, cur = get_cur()
 	session_ttl = get_setting('session_ttl')
@@ -535,6 +558,7 @@ def write_user_uuid(login, user_uuid):
 	cur.close()
 	con.close()
 
+
 def write_user_token(login, user_token):
 	con, cur = get_cur()
 	token_ttl = get_setting('token_ttl')
@@ -557,6 +581,7 @@ def write_user_token(login, user_token):
 	cur.close()
 	con.close()
 
+
 def get_token(uuid):
 	con, cur = get_cur()
 	sql = """ select token.token from token left join uuid as uuid on uuid.user_id = token.user_id where uuid.uuid = '%s' """ % uuid
@@ -1911,13 +1936,13 @@ def check_token_exists(token):
 			return True
 		else:
 			try:
-				funct.logging('localhost', ' tried do action with wrong token', haproxywi=1, login=1)
+				funct.logging('localhost', ' Tried do action with wrong token', haproxywi=1, login=1)
 			except:
 				funct.logging('localhost', ' An action with wrong token', haproxywi=1)
 				return False
 	except:
 		try:
-			funct.logging('localhost', ' cannot check token', haproxywi=1, login=1)
+			funct.logging('localhost', ' Cannot check token', haproxywi=1, login=1)
 		except:
 			funct.logging('localhost', ' Cannot check token', haproxywi=1)
 			return False
@@ -2222,6 +2247,23 @@ def select_alerts(user_group):
 		return cur.fetchall()
 
 
+def is_cloud():
+	con, cur = get_cur()
+	sql = """ select * from cloud_uuid """
+	try:
+		cur.execute(sql)
+	except sqltool.Error as e:
+		print("An error occurred:", e)
+		cur.close()
+		con.close()
+		return ""
+	else:
+		cur.close()
+		con.close()
+		for cloud_uuid in cur.fetchall():
+			return cloud_uuid[0]
+
+
 form = funct.form
 error_mess = 'error: All fields must be completed'
 

config_other/requirements_el7.txt

@@ -2,4 +2,4 @@ pyTelegramBotAPI==3.6.3
 networkx==2.1
 matplotlib==2.1.2
 mysql-connector-python==8.0.11
-paramiko>=2.5.0
+paramiko-ng>=2.5.0

config_other/requirements_el8.txt

@@ -3,3 +3,4 @@ pyTelegramBotAPI==3.6.3
 networkx==2.1
 matplotlib==2.1.2
 mysql-connector-python==8.0.11
+paramiko-ng>=2.5.0

requirements.txt

@@ -1,5 +1,5 @@
 configparser>=3.5.0
-paramiko>=2.5.0
+paramiko-ng>=2.5.0
 pytz>=2017.3
 requests>=2.22.0
 pyTelegramBotAPI>=3.6.3