%s

# -*- coding: utf-8 -*-" import cgi import os, sys import paramiko import http.cookies from paramiko import SSHClient from datetime import datetime from pytz import timezone from configparser import ConfigParser, ExtendedInterpolation import sql path_config = "haproxy-webintarface.config" config = ConfigParser(interpolation=ExtendedInterpolation()) config.read(path_config) form = cgi.FieldStorage() serv = form.getvalue('serv') fullpath = config.get('main', 'fullpath') time_zone = config.get('main', 'time_zone') ssh_keys = config.get('ssh', 'ssh_keys') ssh_user_name = config.get('ssh', 'ssh_user_name') haproxy_configs_server = config.get('configs', 'haproxy_configs_server') hap_configs_dir = config.get('configs', 'haproxy_save_configs_dir') haproxy_config_path = config.get('haproxy', 'haproxy_config_path') tmp_config_path = config.get('haproxy', 'tmp_config_path') restart_command = config.get('haproxy', 'restart_command') def check_config(): for section in [ 'main', 'configs', 'ssh', 'logs', 'haproxy' ]: if not config.has_section(section): print('

Check config file, no %s section

' % section) def get_data(type): now_utc = datetime.now(timezone(time_zone)) if type == 'config': fmt = "%Y-%m-%d.%H:%M:%S" if type == 'logs': fmt = '%Y%m%d' return now_utc.strftime(fmt) def logging(serv, action): dateFormat = "%b %d %H:%M:%S" now_utc = datetime.now(timezone(time_zone)) IP = cgi.escape(os.environ["REMOTE_ADDR"]) cookie = http.cookies.SimpleCookie(os.environ.get("HTTP_COOKIE")) login = cookie.get('login') mess = now_utc.strftime(dateFormat) + " from " + IP + " user: " + login.value + " " + action + " for: " + serv + "\n" log_path = config.get('main', 'log_path') try: log = open(log_path + "/config_edit-"+get_data('logs')+".log", "a") log.write(mess) log.close except IOError: print('

Can\'t read write log. Please chech log_path in config

') pass if config.get('telegram', 'enable') == "1": telegram_send_mess(mess) def telegram_send_mess(mess): import telegram token_bot = config.get('telegram', 'token') channel_name = config.get('telegram', 'channel_name') proxy = config.get('telegram', 'proxy') if proxy is not None: pp = telegram.utils.request.Request(proxy_url=proxy) bot = telegram.Bot(token=token_bot, request=pp) bot.send_message(chat_id=channel_name, text=mess) def check_login(**kwargs): cookie = http.cookies.SimpleCookie(os.environ.get("HTTP_COOKIE")) login = cookie.get('login') role = cookie.get('role') ref = os.environ.get("SCRIPT_NAME") if login is None: print('' % ref) def is_admin(**kwargs): cookie = http.cookies.SimpleCookie(os.environ.get("HTTP_COOKIE")) role = cookie.get('role') level = kwargs.get("level") if role is None: role = 3 else: role = int(role.value) if level is None: level = 1 try: if role <= level: return True else: return False except: return False pass def page_for_admin(**kwargs): give_level = kwargs.get("level") if give_level is None: give_level = 1 if not is_admin(level = give_level): print('

How did you get here?! O_o You do not have need permissions') print('') import sys sys.exit() def get_button(button, **kwargs): value = kwargs.get("value") if value is None: value = "" print('' % (value, value, button)) def head(title): print('Content-type: text/html\n') print('%s' % title) print('' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '' '
' '' '' '' '' '' '
' '
' '
' 'HAproxy-WI' '' '' '' '' '' '
') links() print('
') def links(): print('
' '
' '
' '
Stats' '
Overview
' '
Stats
' '
Logs
' '
Map
' '' '
Runtime API
' '
Haproxy' '
Show config
' '
Compare configs
') if is_admin(level = 2): print('
Add listen
' '
Add frontend
' '
Add backend
' '
SSL
' '
Edit config
') print('') if is_admin(): print('
Keepalived' '
HA' '
Edit config
') if is_admin(level = 2): print('
Versions' '
Upload
') if is_admin(): print('
Delete
') if is_admin(level = 2): print('') show_login_links() if is_admin(): print('
Admin area' '
Users
' '
Groups
' '
Servers
' '
Roles
' '
View settings
' '
View logs
' '') print('
' '
' '
HAproxy-WI v2.3
' '
') def show_login_links(): cookie = http.cookies.SimpleCookie(os.environ.get("HTTP_COOKIE")) login = cookie.get('login') if login is None: print('
Login
') else: print('
Logout
' % login.value) def footer(): print('

' '' '

' 'UP' '

' '' '') def get_auto_refresh(h2): print('

') print('%s' % h2) print('' ' Auto-refresh' ' Auto-refresh' '' '' '

' '

' 'Refresh Interval' '

' '

' 'Off ' '

' '

' '5 seconds' '
' '10 seconds' '
' '30 seconds' '
' '45 seconds' '

' '

' '1 minute' '
' '5 minutes' '
' '15 minutes' '
' '30 minutes' '

' '

' '1 hour' '
' '2 hour' '
' '12 hour' '
' '1 day' '

' '

') def ssh_connect(serv): ssh = SSHClient() ssh.load_system_host_keys() ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy()) try: if config.get('ssh', 'ssh_keys_enable') == "1": k = paramiko.RSAKey.from_private_key_file(ssh_keys) ssh.connect(hostname = serv, username = ssh_user_name, pkey = k ) else: ssh.connect(hostname = serv, username = ssh_user_name, password = config.get('ssh', 'ssh_pass')) return ssh except paramiko.AuthenticationException: print('

Authentication failed, please verify your credentials

') except paramiko.SSHException as sshException: print('

Unable to establish SSH connection: %s

' % sshException) except paramiko.BadHostKeyException as badHostKeyException: print('

Unable to verify server\'s host key: %s

' % badHostKeyException) except Exception as e: print('

{}

'.format(e.args)) def get_config(serv, cfg, **kwargs): if kwargs.get("keepalived"): os.chdir(config.get('configs', 'kp_save_configs_dir')) config_path = "/etc/keepalived/keepalived.conf" else: os.chdir(hap_configs_dir) config_path = haproxy_config_path ssh = ssh_connect(serv) try: sftp = ssh.open_sftp() sftp.get(config_path, cfg) sftp.close() ssh.close() except Exception as e: print('

' + str(e) + ' Please check IP, and SSH settings

') sys.exit() def show_config(cfg): print('

') try: conf = open(cfg, "r") except IOError: print('

Can\'t read import config file

') i = 0 for line in conf: i = i + 1 if not line.find("global"): print('' + line + '

') continue if not line.find("defaults"): print('

' + line + '

') continue if not line.find("listen"): print('

' + line + '

') continue if not line.find("frontend"): print('

' + line + '

') continue if not line.find("backend"): print('

' + line + '

') continue if "acl" in line or "option" in line or "server" in line: if "timeout" not in line and "default-server" not in line and "#use_backend" not in line: print('') print(i) print('' + line + '
') continue if "#" in line: print('') print(i) print(line + '
') continue if line.__len__() < 1: print('

') if line.__len__() > 1: print('') print(i) print('' + line + '
') print('

') conf.close def install_haproxy(serv): script = "install_haproxy.sh" os.system("cp scripts/%s ." % script) commands = [ "chmod +x "+tmp_config_path+script, tmp_config_path+script ] upload(serv, tmp_config_path, script) ssh_command(serv, commands) os.system("rm -f %s" % script) def upload(serv, path, file, **kwargs): full_path = path + file try: ssh = ssh_connect(serv) except Exception as e: print('

Connect fail: %s

' % e) try: sftp = ssh.open_sftp() file = sftp.put(file, full_path) sftp.close() ssh.close() except Exception as e: print('

Upload fail: %s

' % e) def upload_and_restart(serv, cfg, **kwargs): tmp_file = tmp_config_path + "/" + get_data('config') + ".cfg" try: ssh = ssh_connect(serv) print('

connected to %s

' % serv) except: print('

Connect fail

') sftp = ssh.open_sftp() sftp.put(cfg, tmp_file) sftp.close() if kwargs.get("keepalived") == 1: print("123") if kwargs.get("just_save") == "save": commands = [ "mv -f " + tmp_file + " /etc/keepalived/keepalived.conf" ] else: commands = [ "mv -f " + tmp_file + " /etc/keepalived/keepalived.conf", "systemctl restart keepalived" ] else: if kwargs.get("just_save") == "save": commands = [ "/sbin/haproxy -q -c -f " + tmp_file, "mv -f " + tmp_file + " " + haproxy_config_path ] else: commands = [ "/sbin/haproxy -q -c -f " + tmp_file, "mv -f " + tmp_file + " " + haproxy_config_path, restart_command ] try: if config.get('haproxy', 'firewall_enable') == "1": commands.extend(open_port_firewalld(cfg)) except: print('

Please check the config for the presence of the parameter - "firewall_enable". Mast be: "0" or "1". Firewalld configure not working now

') i = 0 for command in commands: i = i + 1 stdin , stdout, stderr = ssh.exec_command(command) if i == 1: if not stderr.read(): print('

Config ok

')
			else:
				print('In your config have errors, please check, and try again


')
				return False
				break
		if i is not 1:
			print(stderr.read().decode(encoding='UTF-8'))
	
	return True	
	
	print('

') ssh.close() def open_port_firewalld(cfg): try: conf = open(cfg, "r") except IOError: print('

Can\'t read export config file

') firewalld_commands = [] for line in conf: if "bind" in line: bind = line.split(":") bind[1] = bind[1].strip(' ') bind = bind[1].split("ssl") bind = bind[0].strip(' \t\n\r') firewalld_commands.append('firewall-cmd --zone=public --add-port=%s/tcp --permanent' % bind) firewalld_commands.append('firewall-cmd --reload') return firewalld_commands def check_haproxy_config(serv): commands = [ "/sbin/haproxy -q -c -f %s" % haproxy_config_path ] ssh = ssh_connect(serv) for command in commands: stdin , stdout, stderr = ssh.exec_command(command) if not stderr.read(): return True else: return False ssh.close() def compare(stdout): i = 0 minus = 0 plus = 0 total_change = 0 print('

') print('

') for line in stdout: i = i + 1 if i is 1: print('

' + line + '
') elif i is 2: print(line + '

') elif line.find("-") == 0 and i is not 1: print('

' + line + '

') minus = minus + 1 elif line.find("+") == 0 and i is not 2: print('

' + line + '

') plus = plus + 1 elif line.find("@") == 0: print('

' + line + '

') else: print('

' + line + '

') total_change = minus + plus print('

Total change: %s, additions: %s & deletions: %s

' % (total_change, minus, plus)) print('

') def show_log(stdout): i = 0 for line in stdout: i = i + 1 if i % 2 == 0: print('

' + line + '

') else: print('

' + line + '

') def show_ip(stdout): for line in stdout: print(line) def server_status(stdout): proc_count = "" i = 0 for line in stdout.read().decode(encoding='UTF-8'): i = i + 1 if i == 1: proc_count += line if line.find("0"): err = 1 else: err = 0 if err != 0: print(' UP running %s processes' % proc_count) else: print(' DOWN running %s processes' % proc_count) def ssh_command(serv, commands, **kwargs): ssh = ssh_connect(serv) for command in commands: try: stdin, stdout, stderr = ssh.exec_command(command) except: continue if kwargs.get("ip") == "1": show_ip(stdout) elif kwargs.get("compare") == "1": compare(stdout) elif kwargs.get("show_log") == "1": show_log(stdout) elif kwargs.get("server_status") == "1": server_status(stdout) else: print('

'+stdout.read().decode(encoding='UTF-8')+'

') print(stderr.read().decode(encoding='UTF-8')+"
") ssh.close() def choose_only_select(serv, **kwargs): if kwargs.get("virt"): listhap = sql.get_dick_permit(virt=1) else: listhap = sql.get_dick_permit() if kwargs.get("servNew"): servNew = kwargs.get("servNew") else: servNew = "" for i in listhap: if i[2] == serv or i[2] == servNew: selected = 'selected' else: selected = '' print('' % (i[2], selected, i[1])) def chooseServer(formName, title, note, **kwargs): servNew = form.getvalue('serNew') print('

' + title + '

') print('

Choose server

') print('') if note == "y": print('

Note: If you reconfigure Master server, Slave will reconfigured automatically

') print('')