github
/
haproxy-wi
mirror of https://github.com/Aidaho12/haproxy-wi
1
0
Fork 0
Code Issues Releases Wiki Activity

v5.5.0.0 

Changelog: https://roxy-wi.org/changelog.py#5_5_0
pull/321/head
Pavel Loginov 2022-03-15 12:51:03 +03:00
parent 17f6a10ae7
commit eaa2658cab
10 changed files with 106 additions and 63 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
app/create_db.py
View File

@ -88,6 +88,13 @@ def default_values():
'desc': 'Attribute to search users by', 'group': '1'}, 'desc': 'Attribute to search users by', 'group': '1'},
{'param': 'ldap_search_field', 'value': 'mail', 'section': 'ldap', 'desc': 'User\'s email address', 'group': '1'}, {'param': 'ldap_search_field', 'value': 'mail', 'section': 'ldap', 'desc': 'User\'s email address', 'group': '1'},
{'param': 'ldap_type', 'value': '0', 'section': 'ldap', 'desc': 'Use LDAPS (1 - yes, 0 - no)', 'group': '1'}, {'param': 'ldap_type', 'value': '0', 'section': 'ldap', 'desc': 'Use LDAPS (1 - yes, 0 - no)', 'group': '1'},
{'param': 'rabbitmq_host', 'value': '127.0.0.1', 'section': 'rabbitmq', 'desc': 'RabbitMQ-server host', 'group': '1'},
{'param': 'rabbitmq_port', 'value': '5672', 'section': 'rabbitmq', 'desc': 'RabbitMQ-server port', 'group': '1'},
{'param': 'rabbitmq_port', 'value': '5672', 'section': 'rabbitmq', 'desc': 'RabbitMQ-server port', 'group': '1'},
{'param': 'rabbitmq_vhost', 'value': '/', 'section': 'rabbitmq', 'desc': 'RabbitMQ-server vhost', 'group': '1'},
{'param': 'rabbitmq_queue', 'value': 'roxy-wi', 'section': 'rabbitmq', 'desc': 'RabbitMQ-server queue', 'group': '1'},
{'param': 'rabbitmq_user', 'value': 'roxy-wi', 'section': 'rabbitmq', 'desc': 'RabbitMQ-server user', 'group': '1'},
{'param': 'rabbitmq_password', 'value': 'roxy-wi123', 'section': 'rabbitmq', 'desc': 'RabbitMQ-server user password', 'group': '1'},
] ]
try: try:
Setting.insert_many(data_source).on_conflict_ignore().execute() Setting.insert_many(data_source).on_conflict_ignore().execute()
@ -896,7 +903,7 @@ def update_db_v_5_4_3_1(**kwargs):
def update_ver(): def update_ver():
query = Version.update(version='5.4.3.0') query = Version.update(version='5.5.0.0')
try: try:
query.execute() query.execute()
except: except:

63
app/funct.py
View File

@ -36,9 +36,8 @@ def get_config_var(sec, var):
path_config = "/var/www/haproxy-wi/app/roxy-wi.cfg" path_config = "/var/www/haproxy-wi/app/roxy-wi.cfg"
config = ConfigParser(interpolation=ExtendedInterpolation()) config = ConfigParser(interpolation=ExtendedInterpolation())
config.read(path_config) config.read(path_config)
except Exception: except Exception as e:
print('Content-type: text/html\n') print('error: ' + str(e))
print('<center><div class="alert alert-danger">Check the config file, whether it exists and the path. Must be: app/roxy-wi.cfg</div>')
return return
try: try:
@ -157,16 +156,7 @@ def logging(server_ip, action, **kwargs):
except Exception: except Exception:
pass pass
if kwargs.get('metrics') == 1: if kwargs.get('haproxywi') == 1:
mess = get_data('date_in_log') + action + "\n"
log = open(log_path + "/metrics-"+get_data('logs')+".log", "a")
elif kwargs.get('keep_alive') == 1:
mess = get_data('date_in_log') + action + "\n"
log = open(log_path + "/keep_alive-"+get_data('logs')+".log", "a")
elif kwargs.get('port_scanner') == 1:
mess = get_data('date_in_log') + action + "\n"
log = open(log_path + "/port_scanner-"+get_data('logs')+".log", "a")
elif kwargs.get('haproxywi') == 1:
if kwargs.get('login'): if kwargs.get('login'):
mess = get_data('date_in_log') + " from " + ip + " user: " + login + ", group: " + user_group + ", " + \ mess = get_data('date_in_log') + " from " + ip + " user: " + login + ", group: " + user_group + ", " + \
action + " for: " + server_ip + "\n" action + " for: " + server_ip + "\n"
@ -975,7 +965,7 @@ def upload_and_restart(server_ip, cfg, **kwargs):
if is_docker == '1': if is_docker == '1':
check_config = "sudo docker exec -it exec " + container_name + " nginx -t -q " check_config = "sudo docker exec -it exec " + container_name + " nginx -t -q "
else: else:
check_config = "sudo nginx -t -q -p " + tmp_file check_config = "sudo nginx -t -q "
check_and_move = "sudo mv -f " + tmp_file + " " + config_path + " && " + check_config check_and_move = "sudo mv -f " + tmp_file + " " + config_path + " && " + check_config
if action == "test": if action == "test":
commands = [check_config + " && sudo rm -f " + tmp_file] commands = [check_config + " && sudo rm -f " + tmp_file]
@ -1236,7 +1226,7 @@ def show_haproxy_log(serv, rows=10, waf='0', grep=None, hour='00', minut='00', h
syslog_server = sql.get_setting('syslog_server') syslog_server = sql.get_setting('syslog_server')
if waf == "1": if waf == "1":
local_path_logs = '/var/log/modsec_audit.log' local_path_logs = '/var/log/waf.log'
commands = ["sudo cat %s |tail -%s %s %s" % (local_path_logs, rows, grep_act, exgrep_act)] commands = ["sudo cat %s |tail -%s %s %s" % (local_path_logs, rows, grep_act, exgrep_act)]
if kwargs.get('html') == 0: if kwargs.get('html') == 0:
@ -1437,9 +1427,9 @@ def get_files(dir=get_config_var('configs', 'haproxy_save_configs_dir'), format=
def get_remote_files(server_ip: str, config_dir: str, file_format: str): def get_remote_files(server_ip: str, config_dir: str, file_format: str):
config_dir = return_nice_path(config_dir) config_dir = return_nice_path(config_dir)
if file_format == 'conf': if file_format == 'conf':
commands = ['ls ' + config_dir + '*/*.' + file_format] commands = ['sudo ls ' + config_dir + '*/*.' + file_format]
else: else:
commands = ['ls ' + config_dir + '/*.' + file_format] commands = ['sudo ls ' + config_dir + '/*.' + file_format]
config_files = ssh_command(server_ip, commands) config_files = ssh_command(server_ip, commands)
return config_files return config_files
@ -1478,11 +1468,11 @@ def check_new_version(**kwargs):
try: try:
if proxy is not None and proxy != '' and proxy != 'None': if proxy is not None and proxy != '' and proxy != 'None':
proxy_dict = {"https": proxy, "http": proxy} proxy_dict = {"https": proxy, "http": proxy}
response = requests.get('https://haproxy-wi.org/update.py?last_ver'+last_ver+'=1', timeout=1, proxies=proxy_dict) response = requests.get('https://roxy-wi.org/update.py?last_ver'+last_ver+'=1', timeout=1, proxies=proxy_dict)
requests.get('https://haproxy-wi.org/update.py?ver_send='+current_ver, timeout=1, proxies=proxy_dict) requests.get('https://roxy-wi.org/update.py?ver_send='+current_ver, timeout=1, proxies=proxy_dict)
else: else:
response = requests.get('https://haproxy-wi.org/update.py?last_ver'+last_ver+'=1', timeout=1) response = requests.get('https://roxy-wi.org/update.py?last_ver'+last_ver+'=1', timeout=1)
requests.get('https://haproxy-wi.org/update.py?ver_send='+current_ver, timeout=1) requests.get('https://roxy-wi.org/update.py?ver_send='+current_ver, timeout=1)
res = response.content.decode(encoding='UTF-8') res = response.content.decode(encoding='UTF-8')
except requests.exceptions.RequestException as e: except requests.exceptions.RequestException as e:
@ -1627,9 +1617,11 @@ def get_services_status():
'roxy-wi-metrics': 'Metrics master service', 'roxy-wi-metrics': 'Metrics master service',
'roxy-wi-portscanner': 'Port scanner service', 'roxy-wi-portscanner': 'Port scanner service',
'roxy-wi-smon': 'Simple monitoring network ports', 'roxy-wi-smon': 'Simple monitoring network ports',
'roxy-wi-socket': 'Socket service',
'prometheus': 'Prometheus service', 'prometheus': 'Prometheus service',
'grafana-server': 'Grafana service', 'grafana-server': 'Grafana service',
'fail2ban': 'Fail2ban service'} 'fail2ban': 'Fail2ban service',
'rabbitmq-server': 'Message broker service'}
for s, v in services_name.items(): for s, v in services_name.items():
cmd = "systemctl is-active %s" % s cmd = "systemctl is-active %s" % s
status, stderr = subprocess_execute(cmd) status, stderr = subprocess_execute(cmd)
@ -1892,3 +1884,30 @@ def get_system_info(server_ip: str) -> bool:
def string_to_dict(dict_string) -> dict: def string_to_dict(dict_string) -> dict:
from ast import literal_eval from ast import literal_eval
return literal_eval(dict_string) return literal_eval(dict_string)
def send_message_to_rabbit(message: str) -> None:
import pika
import sql
rabbit_user = sql.get_setting('rabbitmq_user')
rabbit_password = sql.get_setting('rabbitmq_password')
rabbit_host = sql.get_setting('rabbitmq_host')
rabbit_port = sql.get_setting('rabbitmq_port')
rabbit_vhost = sql.get_setting('rabbitmq_vhost')
rabbit_queue = sql.get_setting('rabbitmq_queue')
credentials = pika.PlainCredentials(rabbit_user, rabbit_password)
parameters = pika.ConnectionParameters(rabbit_host,
rabbit_port,
rabbit_vhost,
credentials)
print(str(parameters))
print(str(credentials))
connection = pika.BlockingConnection(parameters)
channel = connection.channel()
channel.queue_declare(queue=rabbit_queue)
channel.basic_publish(exchange='',
routing_key='roxy-wi',
body=message)
connection.close()

3
app/options.py
View File

@ -70,6 +70,7 @@ if form.getvalue('delcert') is not None and serv is not None:
if serv and form.getvalue('ssl_cert'): if serv and form.getvalue('ssl_cert'):
cert_local_dir = os.path.dirname(os.getcwd()) + "/" + sql.get_setting('ssl_local_path') cert_local_dir = os.path.dirname(os.getcwd()) + "/" + sql.get_setting('ssl_local_path')
cert_path = sql.get_setting('cert_path') cert_path = sql.get_setting('cert_path')
name = ''
if not os.path.exists(cert_local_dir): if not os.path.exists(cert_local_dir):
os.makedirs(cert_local_dir) os.makedirs(cert_local_dir)
@ -3734,6 +3735,7 @@ if form.getvalue('load_update_hapwi'):
metrics_ver = funct.check_new_version(service='metrics') metrics_ver = funct.check_new_version(service='metrics')
keep_ver = funct.check_new_version(service='keep') keep_ver = funct.check_new_version(service='keep')
portscanner_ver = funct.check_new_version(service='portscanner') portscanner_ver = funct.check_new_version(service='portscanner')
socket_ver = funct.check_new_version(service='socket')
services = funct.get_services_status() services = funct.get_services_status()
template = template.render(services=services, template = template.render(services=services,
@ -3742,6 +3744,7 @@ if form.getvalue('load_update_hapwi'):
smon_ver=smon_ver, smon_ver=smon_ver,
metrics_ver=metrics_ver, metrics_ver=metrics_ver,
portscanner_ver=portscanner_ver, portscanner_ver=portscanner_ver,
socket_ver=socket_ver,
keep_ver=keep_ver) keep_ver=keep_ver)
print(template) print(template)

4
app/templates/ajax/load_services.html
View File

@ -4,13 +4,13 @@
{% if s.1.0 == 'active' %} {% if s.1.0 == 'active' %}
<span title="{{s.0}} is started"><span class="serverUp server-status"></span></span> <span title="{{s.0}} is started"><span class="serverUp server-status"></span></span>
{% else %} {% else %}
{% if s.1.0 == 'inactive' or s.1.0 == 'failed' %} {% if s.1.0 == 'inactive' or s.1.0 == 'failed' or s.1.0 == 'activating' %}
<span title="{{s.0}} is stopped"><span class="serverDown server-status"></span></span> <span title="{{s.0}} is stopped"><span class="serverDown server-status"></span></span>
{% else %} {% else %}
<span title="{{s.0}} is not installed"><span class="serverNone server-status"></span></span> <span title="{{s.0}} is not installed"><span class="serverNone server-status"></span></span>
{% endif %} {% endif %}
{% endif %} {% endif %}
{{s.0}} {{s.0[0]|upper}}{{s.0[1:]}}
</td> </td>
<td class="padding10 first-collumn"> <td class="padding10 first-collumn">
<a id="start-{{ s.0 }}" class="start" title="Start and enable {{s.0}} service"> <a id="start-{{ s.0 }}" class="start" title="Start and enable {{s.0}} service">

1
app/templates/base.html
View File

@ -37,6 +37,7 @@
<script src="/inc/jquery-1.12.4.js"></script> <script src="/inc/jquery-1.12.4.js"></script>
<script src="/inc/jquery-ui.js"></script> <script src="/inc/jquery-ui.js"></script>
<script src="/inc/js.cookie.min.js"></script> <script src="/inc/js.cookie.min.js"></script>
<script src="/inc/reconnecting-websocket.js"></script>
<link href="/inc/select2.css" rel="stylesheet" /> <link href="/inc/select2.css" rel="stylesheet" />
<script src="/inc/select2.js"></script> <script src="/inc/select2.js"></script>
<script src="/inc/script.js"></script> <script src="/inc/script.js"></script>

2
app/templates/include/admin_settings.html
View File

@ -2,7 +2,7 @@
<tbody> <tbody>
{% set section = namespace(section='') %} {% set section = namespace(section='') %}
{% for set in settings %} {% for set in settings %}
{% if page == "servers.py" and set.section == 'monitoring' %} {% if page == "servers.py" and (set.section == 'monitoring' or set.section == 'rabbitmq') %}
<!-- continue --> <!-- continue -->
{% else %} {% else %}
{% if section.section|string() != set.section|string() %} {% if section.section|string() != set.section|string() %}

4
app/templates/servers.html
View File

@ -45,7 +45,9 @@
<caption><h3>Install HAProxy</h3></caption> <caption><h3>Install HAProxy</h3></caption>
<tr class="overviewHead"> <tr class="overviewHead">
<td class="padding10 first-collumn">Current version</td> <td class="padding10 first-collumn">Current version</td>
<td class="padding10 first-collumn" style="width: 30%;">Available Versions</td> <td class="padding10 first-collumn help_cursor" style="width: 30%;" title="For Ubuntu Roxy-WI will try to install the latest version from repositories on a server">
Available Versions (?)
</td>
<td class="padding10 first-collumn" style="width: 20%;">Server</td> <td class="padding10 first-collumn" style="width: 20%;">Server</td>
<td class="help_cursor" title="Install HAProxy service as a Docker container">Use Docker</td> <td class="help_cursor" title="Install HAProxy service as a Docker container">Use Docker</td>
<td>SYN-flood protection</td> <td>SYN-flood protection</td>

1
inc/reconnecting-websocket.js Normal file
View File

@ -0,0 +1 @@
!function(a,b){"function"==typeof define&&define.amd?define([],b):"undefined"!=typeof module&&module.exports?module.exports=b():a.ReconnectingWebSocket=b()}(this,function(){function a(b,c,d){function l(a,b){var c=document.createEvent("CustomEvent");return c.initCustomEvent(a,!1,!1,b),c}var e={debug:!1,automaticOpen:!0,reconnectInterval:1e3,maxReconnectInterval:3e4,reconnectDecay:1.5,timeoutInterval:2e3};d||(d={});for(var f in e)this[f]="undefined"!=typeof d[f]?d[f]:e[f];this.url=b,this.reconnectAttempts=0,this.readyState=WebSocket.CONNECTING,this.protocol=null;var h,g=this,i=!1,j=!1,k=document.createElement("div");k.addEventListener("open",function(a){g.onopen(a)}),k.addEventListener("close",function(a){g.onclose(a)}),k.addEventListener("connecting",function(a){g.onconnecting(a)}),k.addEventListener("message",function(a){g.onmessage(a)}),k.addEventListener("error",function(a){g.onerror(a)}),this.addEventListener=k.addEventListener.bind(k),this.removeEventListener=k.removeEventListener.bind(k),this.dispatchEvent=k.dispatchEvent.bind(k),this.open=function(b){h=new WebSocket(g.url,c||[]),b||k.dispatchEvent(l("connecting")),(g.debug||a.debugAll)&&console.debug("ReconnectingWebSocket","attempt-connect",g.url);var d=h,e=setTimeout(function(){(g.debug||a.debugAll)&&console.debug("ReconnectingWebSocket","connection-timeout",g.url),j=!0,d.close(),j=!1},g.timeoutInterval);h.onopen=function(){clearTimeout(e),(g.debug||a.debugAll)&&console.debug("ReconnectingWebSocket","onopen",g.url),g.protocol=h.protocol,g.readyState=WebSocket.OPEN,g.reconnectAttempts=0;var d=l("open");d.isReconnect=b,b=!1,k.dispatchEvent(d)},h.onclose=function(c){if(clearTimeout(e),h=null,i)g.readyState=WebSocket.CLOSED,k.dispatchEvent(l("close"));else{g.readyState=WebSocket.CONNECTING;var d=l("connecting");d.code=c.code,d.reason=c.reason,d.wasClean=c.wasClean,k.dispatchEvent(d),b||j||((g.debug||a.debugAll)&&console.debug("ReconnectingWebSocket","onclose",g.url),k.dispatchEvent(l("close")));var e=g.reconnectInterval*Math.pow(g.reconnectDecay,g.reconnectAttempts);setTimeout(function(){g.reconnectAttempts++,g.open(!0)},e>g.maxReconnectInterval?g.maxReconnectInterval:e)}},h.onmessage=function(b){(g.debug||a.debugAll)&&console.debug("ReconnectingWebSocket","onmessage",g.url,b.data);var c=l("message");c.data=b.data,k.dispatchEvent(c)},h.onerror=function(b){(g.debug||a.debugAll)&&console.debug("ReconnectingWebSocket","onerror",g.url,b),k.dispatchEvent(l("error"))}},1==this.automaticOpen&&this.open(!1),this.send=function(b){if(h)return(g.debug||a.debugAll)&&console.debug("ReconnectingWebSocket","send",g.url,b),h.send(b);throw"INVALID_STATE_ERR : Pausing to reconnect websocket"},this.close=function(a,b){"undefined"==typeof a&&(a=1e3),i=!0,h&&h.close(a,b)},this.refresh=function(){h&&h.close()}}return a.prototype.onopen=function(){},a.prototype.onclose=function(){},a.prototype.onconnecting=function(){},a.prototype.onmessage=function(){},a.prototype.onerror=function(){},a.debugAll=!1,a.CONNECTING=WebSocket.CONNECTING,a.OPEN=WebSocket.OPEN,a.CLOSING=WebSocket.CLOSING,a.CLOSED=WebSocket.CLOSED,a});

45
inc/script.js
View File

@ -1255,23 +1255,22 @@ $(function () {
preload: true preload: true
}); });
}); });
async function waitConsumer() { let socket = new ReconnectingWebSocket("wss://" + window.location.host, null, {maxReconnectAttempts: 20, reconnectInterval: 3000});
socket.onopen = function(e) {
console.log("[open] Connection is established with " + window.location.host);
getAlerts();
};
function getAlerts() {
socket.send("alert_group " + Cookies.get('group') + ' ' + Cookies.get('uuid'));
}
socket.onmessage = function(event) {
cur_url = window.location.href.split('/').pop(); cur_url = window.location.href.split('/').pop();
cur_url = cur_url.split('?'); cur_url = cur_url.split('?');
if (cur_url[0] != 'servers.py#installproxy' && cur_url[0] != 'servers.py#installmon' && if (cur_url[0] != 'login.py' && sessionStorage.getItem('disabled_alert') === null && localStorage.getItem('disabled_alert') === null) {
cur_url[0] != 'users.py#installmon' && cur_url[0] != 'ha.py' && cur_url[0] != 'users.py#updatehapwi' && data = event.data.split(";");
cur_url[0] != 'add.py?service=nginx#ssl' && cur_url[0] != 'add.py#ssl' && cur_url[0] != 'servers.py#geolite2'
&& cur_url[0] != 'login.py?ref=/app/overview.py' && sessionStorage.getItem('disabled_alert') === null && localStorage.getItem('disabled_alert') === null) {
NProgress.configure({showSpinner: false});
$.ajax({
url: "options.py",
data: {
alert_consumer: '1',
token: $('#token').val()
},
type: "POST",
success: function (data) {
data = data.split(";");
for (i = 0; i < data.length; i++) { for (i = 0; i < data.length; i++) {
if (data[i].indexOf('error:') != '-1' || data[i].indexOf('alert') != '-1' || data[i].indexOf('FAILED') != '-1') { if (data[i].indexOf('error:') != '-1' || data[i].indexOf('alert') != '-1' || data[i].indexOf('FAILED') != '-1') {
if (data[i].indexOf('error: database is locked') == '-1') { if (data[i].indexOf('error: database is locked') == '-1') {
@ -1290,11 +1289,19 @@ async function waitConsumer() {
} }
} }
} }
}); };
NProgress.configure({showSpinner: true});
socket.onclose = function(event) {
if (event.wasClean) {
console.log(`[close] Соединение закрыто чисто, код=${event.code} причина=${event.reason}`);
} else {
console.log('[close] Соединение прервано');
} }
} };
setInterval(waitConsumer, 20000);
socket.onerror = function(error) {
console.log(`[error] ${error.message}`);
};
function changePassword() { function changePassword() {
$( "#user-change-password-table" ).dialog({ $( "#user-change-password-table" ).dialog({
autoOpen: true, autoOpen: true,

5
inc/users.js
View File

@ -377,7 +377,7 @@ $( function() {
type: "POST", type: "POST",
success: function( data ) { success: function( data ) {
data = data.replace(/^\s+|\s+$/g,''); data = data.replace(/^\s+|\s+$/g,'');
if (data.indexOf('error:') != '-1') { if (data.indexOf('error:') != '-1' || data.indexOf('command') != '-1') {
toastr.clear(); toastr.clear();
toastr.error(data); toastr.error(data);
} else if(data == 'no') { } else if(data == 'no') {
@ -793,6 +793,9 @@ $( function() {
$('#logs-section-head').click(function () { $('#logs-section-head').click(function () {
hideAndShowSettings('logs'); hideAndShowSettings('logs');
}); });
$('#rabbitmq-section-head').click(function () {
hideAndShowSettings('rabbitmq');
});
} ); } );
function hideAndShowSettings(section) { function hideAndShowSettings(section) {
var ElemId = $('#' + section + '-section-h3'); var ElemId = $('#' + section + '-section-h3');