mirror of https://github.com/Aidaho12/haproxy-wi
484 lines
16 KiB
Python
484 lines
16 KiB
Python
import os
|
|
import json
|
|
|
|
from flask import render_template
|
|
|
|
import modules.db.sql as sql
|
|
import modules.service.common as service_common
|
|
import modules.common.common as common
|
|
import modules.server.server as server_mod
|
|
import modules.roxywi.common as roxywi_common
|
|
from modules.server.ssh import return_ssh_keys_path
|
|
|
|
|
|
def show_installation_output(error: str, output: str, service: str, rc=0):
|
|
if error and "WARNING" not in error:
|
|
roxywi_common.logging('Roxy-WI server', error, roxywi=1)
|
|
raise Exception('error: ' + error)
|
|
else:
|
|
if rc != 0:
|
|
for line in output:
|
|
if any(s in line for s in ("Traceback", "FAILED", "error", "ERROR", "UNREACHABLE")):
|
|
try:
|
|
correct_out = line.split('=>')
|
|
correct_out = json.loads(correct_out[1])
|
|
except Exception:
|
|
raise Exception(f'error: {output} for {service}')
|
|
else:
|
|
raise Exception(f'error: {correct_out["msg"]} for {service}')
|
|
return True
|
|
|
|
|
|
def show_success_installation(service):
|
|
lang = roxywi_common.get_user_lang_for_flask()
|
|
return render_template('include/show_success_installation.html', service=service, lang=lang)
|
|
|
|
|
|
def install_haproxy(server_ip: str, api=0, **kwargs):
|
|
script = "install_haproxy.sh"
|
|
hap_sock_p = str(sql.get_setting('haproxy_sock_port'))
|
|
stats_port = str(sql.get_setting('stats_port'))
|
|
server_state_file = sql.get_setting('server_state_file')
|
|
stats_user = sql.get_setting('stats_user')
|
|
stats_password = sql.get_setting('stats_password')
|
|
proxy = sql.get_setting('proxy')
|
|
haproxy_dir = sql.get_setting('haproxy_dir')
|
|
container_name = sql.get_setting('haproxy_container_name')
|
|
haproxy_ver = kwargs.get('hapver')
|
|
server_for_installing = kwargs.get('server')
|
|
docker = kwargs.get('docker')
|
|
m_or_s = kwargs.get('m_or_s')
|
|
master = kwargs.get('master')
|
|
slave = kwargs.get('slave')
|
|
proxy_serv = ''
|
|
ssh_settings = return_ssh_keys_path(server_ip)
|
|
full_path = '/var/www/haproxy-wi/app'
|
|
|
|
os.system(f"cp {full_path}/scripts/{script} {full_path}/{script}")
|
|
|
|
if haproxy_ver is None:
|
|
haproxy_ver = '2.8.1-1'
|
|
|
|
if proxy is not None and proxy != '' and proxy != 'None':
|
|
proxy_serv = proxy
|
|
|
|
syn_flood_protect = '1' if kwargs.get('syn_flood') == "1" else ''
|
|
|
|
commands = [
|
|
f"chmod +x {full_path}/{script} && {full_path}/{script} PROXY={proxy_serv} SOCK_PORT={hap_sock_p} STAT_PORT={stats_port} "
|
|
f"STAT_FILE={server_state_file} DOCKER={docker} SSH_PORT={ssh_settings['port']} STATS_USER={stats_user} "
|
|
f"CONT_NAME={container_name} HAP_DIR={haproxy_dir} STATS_PASS='{stats_password}' HAPVER={haproxy_ver} "
|
|
f"SYN_FLOOD={syn_flood_protect} HOST={server_ip} USER={ssh_settings['user']} PASS='{ssh_settings['password']}' "
|
|
f"M_OR_S={m_or_s} MASTER={master} SLAVE={slave} KEY={ssh_settings['key']}"
|
|
]
|
|
|
|
if server_for_installing:
|
|
service = server_for_installing + ' HAProxy'
|
|
else:
|
|
service = ' HAProxy'
|
|
|
|
return_out = server_mod.subprocess_execute_with_rc(commands[0])
|
|
|
|
try:
|
|
show_installation_output(return_out['error'], return_out['output'], service, rc=return_out['rc'])
|
|
except Exception as e:
|
|
raise Exception(e)
|
|
|
|
try:
|
|
sql.update_haproxy(server_ip)
|
|
except Exception as e:
|
|
return str(e)
|
|
|
|
if docker == '1':
|
|
server_id = sql.select_server_id_by_ip(server_ip)
|
|
sql.insert_or_update_service_setting(server_id, 'haproxy', 'dockerized', '1')
|
|
sql.insert_or_update_service_setting(server_id, 'haproxy', 'restart', '1')
|
|
|
|
try:
|
|
os.remove(f'{full_path}/{script}')
|
|
except Exception:
|
|
pass
|
|
|
|
if not api:
|
|
return show_success_installation(service)
|
|
|
|
|
|
def waf_install(server_ip: str):
|
|
script = "waf.sh"
|
|
proxy = sql.get_setting('proxy')
|
|
haproxy_dir = sql.get_setting('haproxy_dir')
|
|
ver = service_common.check_haproxy_version(server_ip)
|
|
service = ' WAF'
|
|
proxy_serv = ''
|
|
ssh_settings = return_ssh_keys_path(server_ip)
|
|
full_path = '/var/www/haproxy-wi/app'
|
|
|
|
os.system(f"cp {full_path}/scripts/{script} {full_path}/{script}")
|
|
|
|
if proxy is not None and proxy != '' and proxy != 'None':
|
|
proxy_serv = proxy
|
|
|
|
commands = [
|
|
f"chmod +x {full_path}/{script} && {full_path}/{script} PROXY={proxy_serv} HAPROXY_PATH={haproxy_dir} VERSION='{ver}' "
|
|
f"SSH_PORT={ssh_settings['port']} HOST={server_ip} USER={ssh_settings['user']} PASS='{ssh_settings['password']}' "
|
|
f"KEY={ssh_settings['key']}"
|
|
]
|
|
|
|
return_out = server_mod.subprocess_execute_with_rc(commands[0])
|
|
|
|
try:
|
|
show_installation_output(return_out['error'], return_out['output'], service, rc=return_out['rc'])
|
|
except Exception as e:
|
|
raise Exception(e)
|
|
|
|
try:
|
|
sql.insert_waf_metrics_enable(server_ip, "0")
|
|
sql.insert_waf_rules(server_ip)
|
|
except Exception as e:
|
|
return str(e)
|
|
|
|
os.remove(f'{full_path}/{script}')
|
|
|
|
return show_success_installation(service)
|
|
|
|
|
|
def waf_nginx_install(server_ip: str):
|
|
script = "waf_nginx.sh"
|
|
proxy = sql.get_setting('proxy')
|
|
nginx_dir = sql.get_setting('nginx_dir')
|
|
service = ' WAF'
|
|
proxy_serv = ''
|
|
ssh_settings = return_ssh_keys_path(server_ip)
|
|
full_path = '/var/www/haproxy-wi/app'
|
|
|
|
os.system(f"cp {full_path}/scripts/{script} {full_path}/{script}")
|
|
|
|
if proxy is not None and proxy != '' and proxy != 'None':
|
|
proxy_serv = proxy
|
|
|
|
commands = [
|
|
f"chmod +x {full_path}/{script} && {full_path}/{script} PROXY={proxy_serv} NGINX_PATH={nginx_dir} SSH_PORT={ssh_settings['port']} "
|
|
f"HOST={server_ip} USER={ssh_settings['user']} PASS='{ssh_settings['password']}' KEY={ssh_settings['key']}"
|
|
]
|
|
|
|
return_out = server_mod.subprocess_execute_with_rc(commands[0])
|
|
|
|
try:
|
|
show_installation_output(return_out['error'], return_out['output'], service, rc=return_out['rc'])
|
|
except Exception as e:
|
|
raise Exception(e)
|
|
|
|
try:
|
|
sql.insert_nginx_waf_rules(server_ip)
|
|
sql.insert_waf_nginx_server(server_ip)
|
|
except Exception as e:
|
|
return str(e)
|
|
|
|
os.remove(f'{full_path}/{script}')
|
|
|
|
return show_success_installation(service)
|
|
|
|
|
|
def install_service(server_ip: str, service: str, docker: str, syn_flood_protect: int, api=0, **kwargs) -> str:
|
|
script = f"install_{service}.sh"
|
|
stats_user = sql.get_setting(f'{service}_stats_user')
|
|
stats_password = sql.get_setting(f'{service}_stats_password')
|
|
stats_port = str(sql.get_setting(f'{service}_stats_port'))
|
|
stats_page = sql.get_setting(f'{service}_stats_page')
|
|
config_path = sql.get_setting(f'{service}_config_path')
|
|
service_dir = sql.get_setting(f'{service}_dir')
|
|
server_for_installing = kwargs.get('server')
|
|
proxy = sql.get_setting('proxy')
|
|
container_name = sql.get_setting(f'{service}_container_name')
|
|
proxy_serv = ''
|
|
ssh_settings = return_ssh_keys_path(server_ip)
|
|
full_path = '/var/www/haproxy-wi/app'
|
|
|
|
try:
|
|
os.system(f"cp {full_path}/scripts/{script} {full_path}/{script}")
|
|
except Exception as e:
|
|
raise Exception(f'error: {e}')
|
|
|
|
if proxy is not None and proxy != '' and proxy != 'None':
|
|
proxy_serv = proxy
|
|
|
|
if service == 'apache':
|
|
correct_service_name = service_common.get_correct_apache_service_name(server_ip=server_ip, server_id=None)
|
|
if service_dir == '/etc/httpd' and correct_service_name == 'apache2':
|
|
service_dir = '/etc/apache2'
|
|
elif service_dir == '/etc/apache2' and correct_service_name == 'httpd':
|
|
service_dir = '/etc/httpd'
|
|
|
|
commands = [
|
|
f"chmod +x {full_path}/{script} && {full_path}/{script} PROXY={proxy_serv} STATS_USER={stats_user} STATS_PASS='{stats_password}' "
|
|
f"SSH_PORT={ssh_settings['port']} CONFIG_PATH={config_path} CONT_NAME={container_name} STAT_PORT={stats_port} "
|
|
f"STAT_PAGE={stats_page} SYN_FLOOD={syn_flood_protect} DOCKER={docker} service_dir={service_dir} HOST={server_ip} "
|
|
f"USER={ssh_settings['user']} PASS='{ssh_settings['password']}' KEY={ssh_settings['key']}"
|
|
]
|
|
|
|
if server_for_installing:
|
|
service_name = f'{server_for_installing} {service.title()}'
|
|
else:
|
|
service_name = service.title()
|
|
|
|
return_out = server_mod.subprocess_execute_with_rc(commands[0])
|
|
|
|
try:
|
|
show_installation_output(return_out['error'], return_out['output'], service_name, rc=return_out['rc'])
|
|
except Exception as e:
|
|
raise Exception(e)
|
|
|
|
if service == 'nginx':
|
|
try:
|
|
sql.update_nginx(server_ip)
|
|
except Exception as e:
|
|
return str(e)
|
|
elif service == 'apache':
|
|
try:
|
|
sql.update_apache(server_ip)
|
|
except Exception as e:
|
|
return str(e)
|
|
|
|
if docker == '1':
|
|
server_id = sql.select_server_id_by_ip(server_ip)
|
|
sql.insert_or_update_service_setting(server_id, service, 'dockerized', '1')
|
|
sql.insert_or_update_service_setting(server_id, service, 'restart', '1')
|
|
|
|
os.remove(f'{full_path}/{script}')
|
|
|
|
if not api:
|
|
return show_success_installation(service)
|
|
|
|
|
|
def geoip_installation(serv, geoip_update, service):
|
|
proxy = sql.get_setting('proxy')
|
|
maxmind_key = sql.get_setting('maxmind_key')
|
|
proxy_serv = ''
|
|
ssh_settings = return_ssh_keys_path(serv)
|
|
full_path = '/var/www/haproxy-wi/app'
|
|
|
|
if service in ('haproxy', 'nginx'):
|
|
service_dir = common.return_nice_path(sql.get_setting(f'{service}_dir'))
|
|
script = f'install_{service}_geoip.sh'
|
|
else:
|
|
raise Exception('warning: select a server and service first')
|
|
|
|
if proxy is not None and proxy != '' and proxy != 'None':
|
|
proxy_serv = proxy
|
|
|
|
try:
|
|
os.system(f"cp {full_path}/scripts/{script} {full_path}/{script}")
|
|
except Exception as e:
|
|
raise Exception(f'error: {e}')
|
|
|
|
commands = [
|
|
f"chmod +x {full_path}/{script} && {full_path}/{script} PROXY={proxy_serv} SSH_PORT={ssh_settings['port']} UPDATE={geoip_update} "
|
|
f"maxmind_key={maxmind_key} service_dir={service_dir} HOST={serv} USER={ssh_settings['user']} "
|
|
f"PASS={ssh_settings['password']} KEY={ssh_settings['key']}"
|
|
]
|
|
|
|
return_out = server_mod.subprocess_execute_with_rc(commands[0])
|
|
|
|
try:
|
|
show_installation_output(return_out['error'], return_out['output'], 'GeoLite2 Database', rc=return_out['rc'])
|
|
except Exception as e:
|
|
raise Exception(e)
|
|
|
|
os.remove(f'{full_path}/{script}')
|
|
|
|
return show_success_installation('GeoLite2 Database')
|
|
|
|
|
|
def grafana_install():
|
|
script = "install_grafana.sh"
|
|
proxy = sql.get_setting('proxy')
|
|
proxy_serv = ''
|
|
host = os.environ.get('HTTP_HOST', '')
|
|
full_path = '/var/www/haproxy-wi/app'
|
|
|
|
try:
|
|
os.system(f"cp {full_path}/scripts/{script} {full_path}/{script}")
|
|
except Exception as e:
|
|
raise Exception(f'error: {e}')
|
|
|
|
if proxy is not None and proxy != '' and proxy != 'None':
|
|
proxy_serv = proxy
|
|
|
|
cmd = f"chmod +x {full_path}/{script} && {full_path}/{script} PROXY={proxy_serv}"
|
|
output, error = server_mod.subprocess_execute(cmd)
|
|
|
|
if error:
|
|
roxywi_common.logging('Roxy-WI server', error, roxywi=1)
|
|
else:
|
|
for line in output:
|
|
if any(s in line for s in ("Traceback", "FAILED")):
|
|
try:
|
|
return line
|
|
except Exception:
|
|
return output
|
|
|
|
os.remove(f'{full_path}/{script}')
|
|
|
|
return f'success: Grafana and Prometheus servers were installed. You can find Grafana on http://{host}:3000<br>'
|
|
|
|
|
|
def keepalived_master_install(master: str, eth: str, eth_slave: str, vrrp_ip: str, virt_server: int, syn_flood: int,
|
|
return_to_master: int, haproxy: int, nginx: int, router_id: int, api=0) -> str:
|
|
script = "install_keepalived.sh"
|
|
proxy = sql.get_setting('proxy')
|
|
keepalived_path_logs = sql.get_setting('keepalived_path_logs')
|
|
proxy_serv = ''
|
|
ssh_settings = return_ssh_keys_path(master)
|
|
full_path = '/var/www/haproxy-wi/app'
|
|
service = 'master Keepalived'
|
|
|
|
if proxy is not None and proxy != '' and proxy != 'None':
|
|
proxy_serv = proxy
|
|
|
|
try:
|
|
os.system(f"cp {full_path}/scripts/{script} {full_path}/{script}")
|
|
except Exception as e:
|
|
raise Exception(f'error: {e}')
|
|
|
|
commands = [
|
|
f"chmod +x {full_path}/{script} && {full_path}/{script} PROXY={proxy_serv} SSH_PORT={ssh_settings['port']} router_id={router_id} "
|
|
f"ETH={eth} IP={vrrp_ip} MASTER=MASTER ETH_SLAVE={eth_slave} keepalived_path_logs={keepalived_path_logs} "
|
|
f"RETURN_TO_MASTER={return_to_master} SYN_FLOOD={syn_flood} HOST={master} HAPROXY={haproxy} NGINX={nginx} "
|
|
f"USER={ssh_settings['user']} PASS='{ssh_settings['password']}' KEY={ssh_settings['key']}"
|
|
]
|
|
|
|
return_out = server_mod.subprocess_execute_with_rc(commands[0])
|
|
|
|
try:
|
|
show_installation_output(return_out['error'], return_out['output'], service, rc=return_out['rc'])
|
|
except Exception as e:
|
|
raise Exception(f'error: read output: {e}')
|
|
|
|
try:
|
|
sql.update_keepalived(master)
|
|
except Exception as e:
|
|
raise Exception(e)
|
|
|
|
if virt_server:
|
|
group_id = sql.get_group_id_by_server_ip(master)
|
|
cred_id = sql.get_cred_id_by_server_ip(master)
|
|
hostname = sql.get_hostname_by_server_ip(master)
|
|
firewall = 1 if server_mod.is_service_active(master, 'firewalld') else 0
|
|
sql.add_server(
|
|
hostname + '-VIP', vrrp_ip, group_id, '1', '1', '0', cred_id, ssh_settings['port'], f'VRRP IP for {master}',
|
|
haproxy, nginx, '0', firewall
|
|
)
|
|
|
|
if not api:
|
|
return show_success_installation(service)
|
|
|
|
|
|
def keepalived_slave_install(master: str, slave: str, eth: str, eth_slave: str, vrrp_ip: str, syn_flood: int,
|
|
haproxy: int, nginx: int, router_id: int, api=0) -> str:
|
|
script = "install_keepalived.sh"
|
|
proxy = sql.get_setting('proxy')
|
|
keepalived_path_logs = sql.get_setting('keepalived_path_logs')
|
|
proxy_serv = ''
|
|
ssh_settings = return_ssh_keys_path(slave)
|
|
full_path = '/var/www/haproxy-wi/app'
|
|
service = 'slave Keepalived'
|
|
|
|
if proxy is not None and proxy != '' and proxy != 'None':
|
|
proxy_serv = proxy
|
|
|
|
try:
|
|
os.system(f"cp {full_path}/scripts/{script} {full_path}/{script}")
|
|
except Exception as e:
|
|
raise Exception(f'error: {e}')
|
|
|
|
commands = [
|
|
f"chmod +x {full_path}/{script} && {full_path}/{script} PROXY={proxy_serv} SSH_PORT={ssh_settings['port']} router_id={router_id} ETH={eth} "
|
|
f"IP={vrrp_ip} MASTER=BACKUP ETH_SLAVE={eth_slave} SYN_FLOOD={syn_flood} keepalived_path_logs={keepalived_path_logs} HAPROXY={haproxy} "
|
|
f"NGINX={nginx} HOST={slave} USER={ssh_settings['user']} PASS='{ssh_settings['password']}' KEY={ssh_settings['key']}"
|
|
]
|
|
|
|
try:
|
|
return_out = server_mod.subprocess_execute_with_rc(commands[0])
|
|
except Exception as e:
|
|
raise Exception(f'error: {e}')
|
|
|
|
try:
|
|
show_installation_output(return_out['error'], return_out['output'], service, rc=return_out['rc'])
|
|
except Exception as e:
|
|
raise Exception(f'error: read output: {e}')
|
|
|
|
try:
|
|
sql.update_server_master(master, slave)
|
|
sql.update_keepalived(slave)
|
|
except Exception as e:
|
|
raise Exception(f'{e}')
|
|
|
|
try:
|
|
os.remove(f'{full_path}/{script}')
|
|
except Exception:
|
|
pass
|
|
|
|
if not api:
|
|
return show_success_installation(service)
|
|
|
|
|
|
def keepalived_masteradd(master, eth, slave_eth, vrrp_ip, router_id, return_to_master, kp):
|
|
script = "install_keepalived.sh"
|
|
proxy = sql.get_setting('proxy')
|
|
keepalived_path_logs = sql.get_setting('keepalived_path_logs')
|
|
proxy_serv = ''
|
|
ssh_settings = return_ssh_keys_path(master)
|
|
full_path = '/var/www/haproxy-wi/app'
|
|
|
|
if proxy is not None and proxy != '' and proxy != 'None':
|
|
proxy_serv = proxy
|
|
|
|
os.system(f"cp {full_path}/scripts/{script} {full_path}/{script}")
|
|
|
|
commands = [
|
|
f"chmod +x {full_path}/{script} && {full_path}/{script} PROXY={proxy_serv} SSH_PORT={ssh_settings['port']} ETH={eth} ETH_SLAVE={slave_eth} "
|
|
f"keepalived_path_logs={keepalived_path_logs} RETURN_TO_MASTER={return_to_master} IP={vrrp_ip} MASTER=MASTER "
|
|
f"RESTART={kp} ADD_VRRP=1 HOST={master} router_id={router_id} USER={ssh_settings['user']} "
|
|
f"PASS='{ssh_settings['password']}' KEY={ssh_settings['key']}"
|
|
]
|
|
|
|
return_out = server_mod.subprocess_execute_with_rc(commands[0])
|
|
|
|
try:
|
|
show_installation_output(return_out['error'], return_out['output'], 'master VRRP address', rc=return_out['rc'])
|
|
except Exception as e:
|
|
raise Exception(e)
|
|
|
|
return show_success_installation('master VRRP address')
|
|
|
|
|
|
def keepalived_slaveadd(slave, eth, slave_eth, vrrp_ip, router_id, kp):
|
|
script = "install_keepalived.sh"
|
|
proxy = sql.get_setting('proxy')
|
|
keepalived_path_logs = sql.get_setting('keepalived_path_logs')
|
|
proxy_serv = ''
|
|
ssh_settings = return_ssh_keys_path(slave)
|
|
full_path = '/var/www/haproxy-wi/app'
|
|
|
|
if proxy is not None and proxy != '' and proxy != 'None':
|
|
proxy_serv = proxy
|
|
|
|
os.system(f"cp {full_path}/scripts/{script} {full_path}/{script}")
|
|
|
|
commands = [
|
|
f"chmod +x {full_path}/{script} && {full_path}/{script} PROXY={proxy_serv} SSH_PORT={ssh_settings['port']} ETH={eth} ETH_SLAVE={slave_eth} "
|
|
f"keepalived_path_logs={keepalived_path_logs} IP={vrrp_ip} MASTER=BACKUP RESTART={kp} ADD_VRRP=1 HOST={slave} "
|
|
f"router_id={router_id} USER={ssh_settings['user']} PASS='{ssh_settings['password']}' KEY={ssh_settings['key']}"
|
|
]
|
|
|
|
return_out = server_mod.subprocess_execute_with_rc(commands[0])
|
|
|
|
try:
|
|
show_installation_output(return_out['error'], return_out['output'], 'slave VRRP address', rc=return_out['rc'])
|
|
except Exception as e:
|
|
raise Exception(e)
|
|
|
|
os.remove(f'{full_path}/{script}')
|
|
|
|
return show_success_installation('slave VRRP address')
|