mirror of https://github.com/Aidaho12/haproxy-wi
210 lines
6.7 KiB
Markdown
210 lines
6.7 KiB
Markdown
# Haproxy web interface
|
|
Web interface(user-friendly web GUI, alerting, monitoring and secure) for managing Haproxy servers. Leave your [feedback](https://github.com/Aidaho12/haproxy-wi/issues)
|
|
|
|
# Donate
|
|
Support the project
|
|
[![Donate](https://img.shields.io/badge/PayPal-Donate-brightgreen.svg)](https://www.paypal.me/loginovpavel) or [Patreon](https://www.patreon.com/haproxy_wi/overview)
|
|
|
|
# Youtube
|
|
[Demo video](https://www.youtube.com/channel/UCo0lCg24j-H4f0S9kMjp-_w)
|
|
|
|
# Demo site
|
|
[Demo site](https://demo.haproxy-wi.org) Login/password: admin/admin. Server resets every hour.
|
|
|
|
![alt text](image/haproxy-wi-config-show.jpeg "Show config page")
|
|
|
|
# Features:
|
|
1. Configure HAproxy In a jiffy with haproxy-wi
|
|
2. View and analyse Status of all Frontend/backend server via haproxy-wi from a single control panel.
|
|
3. Enable/disable servers through stats page without rebooting HAProxy
|
|
4. View/Analyse HAproxy logs straight from the haproxy-wi web interface
|
|
5. Create and visualise the HAproxy workflow from Web Ui.
|
|
6. Push Your changes to your HAproxy servers with a single click through web interface.
|
|
7. Get info on past changes, Evaluate your config files and restore a previous stable config anytime with a single click straight from Web interface.
|
|
8. Add/Edit Frontend or backend servers via web interface with a click of a button.
|
|
9. Edit config of HAproxy and push changes to All Master/Slave server with a single click.
|
|
10. Add Multiple server to ensure Config Sync between servers.
|
|
11. Auto management of ports assigned to Fronted.
|
|
12. Evaluate the changes of recent configs pushed to HAproxy instances straight from web ui
|
|
13. Multiple User Roles support for privileged based Viewing and editing of Config.
|
|
14. Create Groups and add /remove servers to ensure proper identification for your HAproxy Clusters
|
|
15. Send notifications to telegram directly from haproxy-wi.
|
|
16. haproxy-wi supports high Availability to ensure uptime to all Master slave servers configured.
|
|
17. SSL certificate support.
|
|
18. SSH Key support for managing multiple HAproxy Servers straight from haproxy-wi
|
|
19. SYN flood protect
|
|
20. Alerting about changes backends state
|
|
21. Alerting about HAProxy service state
|
|
22. Metrics incoming connections
|
|
23. Web acceleration settings
|
|
24. Web application firewall
|
|
25. LDAP support
|
|
26. Keep active HAProxy service
|
|
27. Ability to hide parts of the config with tags for users with "guest" role: "HideBlockStart" and "HideBlockEnd"
|
|
|
|
![alt text](image/haproxy-wi-metrics.jpeg "Merics")
|
|
|
|
# Install
|
|
|
|
## RPM
|
|
Install repository^
|
|
```
|
|
yum install https://repo.haproxy-wi.org/el7/haproxy-wi-release-7-1-0.noarch.rpm
|
|
```
|
|
After install HAProxy-WI:
|
|
```
|
|
yum install haproxy-wi
|
|
```
|
|
## Script
|
|
The installer will ask you a few questions
|
|
```
|
|
$ git clone https://github.com/Aidaho12/haproxy-wi.git /var/www/haproxy-wi
|
|
$ cd /var/www/haproxy-wi
|
|
$ chmod +x install.sh
|
|
$ sudo ./install.sh
|
|
```
|
|
|
|
## Manual install
|
|
For install just clone:
|
|
```
|
|
$ cd /var/www/
|
|
$ git clone https://github.com/Aidaho12/haproxy-wi.git /var/www/haproxy-wi
|
|
$ chown -R apache:apache haproxy-wi/
|
|
Or if use Debian/Ubuntu:
|
|
$ chown -R www-data:www-data haproxy-wi/
|
|
$ pip3 install -r haproxy-wi/requirements.txt
|
|
$ chmod +x haproxy-wi/app/*.py
|
|
$ sudo ln -s /usr/bin/python3.5 /usr/bin/python3
|
|
```
|
|
|
|
For Apache do virtualhost with cgi-bin. Like this:
|
|
```
|
|
# vi /etc/httpd/conf.d/haproxy-wi.conf
|
|
<VirtualHost *:8080>
|
|
SSLEngine on
|
|
SSLCertificateFile /var/www/haproxy-wi/app/certs/haproxy-wi.crt
|
|
SSLCertificateKeyFile /var/www/haproxy-wi/app/certs/haproxy-wi.key
|
|
|
|
ServerName haproxy-wi
|
|
ErrorLog /var/log/httpd/haproxy-wi.error.log
|
|
CustomLog /var/log/httpd/haproxy-wi.access.log combined
|
|
TimeOut 600
|
|
LimitRequestLine 16380
|
|
|
|
DocumentRoot /var/www/haproxy-wi
|
|
ScriptAlias /cgi-bin/ "/var/www/haproxy-wi/app/"
|
|
|
|
<Directory /var/www/haproxy-wi/app>
|
|
Options +ExecCGI
|
|
AddHandler cgi-script .py
|
|
Order deny,allow
|
|
Allow from all
|
|
</Directory>
|
|
|
|
<Directory /var/www/haproxy-wi/app/certs>
|
|
Options +ExecCGI -Indexes +MultiViews
|
|
Order Deny,Allow
|
|
Deny from all
|
|
</Directory>
|
|
|
|
<Directory /var/www/haproxy-wi/keys>
|
|
Options +ExecCGI -Indexes +MultiViews
|
|
Order Deny,Allow
|
|
Deny from all
|
|
</Directory>
|
|
|
|
<FilesMatch "\.cfg$">
|
|
Order Deny,Allow
|
|
Deny from all
|
|
</FilesMatch>
|
|
|
|
<FilesMatch "\.db$">
|
|
Order Deny,Allow
|
|
Deny from all
|
|
</FilesMatch>
|
|
</VirtualHost>
|
|
```
|
|
# Docker
|
|
```
|
|
docker service create --detach=false --name haproxy-wi --mount type=volume,src=haproxy-wi,dst=/var/www/haproxy-wi/app -p 8080:443 aidaho/haproxy-wi
|
|
```
|
|
or
|
|
```
|
|
docker run -d --name haproxy-wi -v haproxy-wi:/var/www/haproxy-wi/app -p 8080:443 aidaho/haproxy-wi
|
|
```
|
|
# OS support
|
|
HAProxy-WI was tested on EL 7, and all scripts too. Debian/Ubuntu OS support at 'beta' stage, may work not correct
|
|
|
|
# Database support
|
|
|
|
Default Haproxy-WI use Sqlite, if you want use MySQL enable in config, and create database:
|
|
|
|
### For MySQL support:
|
|
```
|
|
MariaDB [(none)]> create user 'haproxy-wi'@'%';
|
|
MariaDB [(none)]> create database haproxywi;
|
|
MariaDB [(none)]> grant all on haproxywi.* to 'haproxy-wi'@'%' IDENTIFIED BY 'haproxy-wi';
|
|
MariaDB [(none)]> grant all on haproxywi.* to 'haproxy-wi'@'localhost' IDENTIFIED BY 'haproxy-wi';
|
|
```
|
|
![alt text](image/haproxy-wi-overview.jpeg "Overview page")
|
|
|
|
# Settings
|
|
```
|
|
Edit $HOME_HAPROXY-WI/app/haproxy-wi.cfg with your env
|
|
```
|
|
|
|
Login https://haproxy-wi-server/users.py, and add: users, groups and servers. Default: admin/admin
|
|
|
|
![alt text](image/haproxy-wi-admin-area.jpeg "Admin area")
|
|
|
|
For Runtime API, Metrics and Alerting enable state file and stat socket on HAproxt servers and need install socat on all haproxy servers, and configre HAProxy:
|
|
```
|
|
global
|
|
stats socket *:1999 level admin
|
|
stats socket /var/run/haproxy.sock mode 600 level admin
|
|
server-state-file /etc/haproxy/haproxy/haproxy.state
|
|
|
|
defaults
|
|
load-server-state-from-file global
|
|
|
|
listen stats
|
|
stats admin if TRUE
|
|
```
|
|
![alt text](image/haproxy-wi-logs.jpeg "View logs page")
|
|
|
|
# Update
|
|
```
|
|
# cd /var/www/haproxy-wi
|
|
# ./update.sh
|
|
```
|
|
|
|
After update old config saved at /tmp/ folder. Compare new and old config, if in new no changes overwrite the new configuration with the old one, or edit new with your ENV.
|
|
|
|
# Update DB
|
|
```
|
|
$ cd /var/www/haproxy-wi/app
|
|
$ ./create_db.py
|
|
```
|
|
# Troubleshooting
|
|
If you have error:
|
|
```
|
|
Forbidden
|
|
You don't have permission to access /app/overview.py on this server.
|
|
```
|
|
|
|
Check owner(must be apache, or another user for apache)
|
|
|
|
If at first login you have:
|
|
```
|
|
Internal Server Error
|
|
```
|
|
|
|
Do this:
|
|
```
|
|
$ cd /var/www/haproxy-wi/app
|
|
$ ./create_db.py
|
|
```
|
|
and check executeble py files
|
|
|
|
If you see plain text, check section "Directory" in httpd conf
|