async def async_get_overview(serv1, serv2):
server_status = ()
commands2 = [ "ps ax |grep waf/bin/modsecurity |grep -v grep |wc -l" ]
cmd = 'echo "show info" |nc %s %s -w 1|grep -e "Process_num"' % (serv2, sql.get_setting('haproxy_sock_port'))
keepalived = sql.select_keealived(serv2)
if keepalived == 1:
command = [ "ps ax |grep keepalived|grep -v grep|wc -l" ]
keepalived_process = funct.ssh_command(serv2, command)
else:
keepalived_process = ''
nginx = sql.select_nginx(serv2)
if nginx == 1:
command = [ "ps ax |grep nginx:|grep -v grep|wc -l" ]
nginx_process = funct.ssh_command(serv2, command)
else:
nginx_process = ''
server_status = (serv1,
serv2,
funct.server_status(funct.subprocess_execute(cmd)),
sql.select_servers(server=serv2, keep_alive=1),
funct.ssh_command(serv2, commands2),
sql.select_waf_servers(serv2),
keepalived,
keepalived_process,
nginx,
nginx_process)
return server_status
def install_haproxy(serv, **kwargs):
import sql
script = "install_haproxy.sh"
hap_sock_p = sql.get_setting('haproxy_sock_port')
stats_port = sql.get_setting('stats_port')
server_state_file = sql.get_setting('server_state_file')
stats_user = sql.get_setting('stats_user')
stats_password = sql.get_setting('stats_password')
proxy = sql.get_setting('proxy')
hapver = kwargs.get('hapver')
ssh_port = 22
ssh_enable, ssh_user_name, ssh_user_password, ssh_key_name = return_ssh_keys_path(serv)
if ssh_enable == 0:
ssh_key_name = ''
servers = sql.select_servers(server=serv)
for server in servers:
ssh_port = str(server[10])
os.system("cp scripts/%s ." % script)
if hapver is None:
hapver = '2.0.7-1'
if proxy is not None and proxy != '' and proxy != 'None':
proxy_serv = proxy
else:
proxy_serv = ''
syn_flood_protect = '1' if kwargs.get('syn_flood') == "1" else ''
commands = ["chmod +x " + script + " && ./" + script + " PROXY=" + proxy_serv +
" SOCK_PORT=" + hap_sock_p + " STAT_PORT=" + stats_port + " STAT_FILE="+server_state_file +
" SSH_PORT=" + ssh_port + " STATS_USER="******" STATS_PASS="******" HAPVER=" + hapver + " SYN_FLOOD=" + syn_flood_protect +
" HOST=" + serv + " USER="******" PASS="******" KEY=" + ssh_key_name]
output, error = subprocess_execute(commands[0])
if error:
logging('localhost', error, haproxywi=1)
print('error: '+error)
else:
for l in output:
if "msg" in l or "FAILED" in l:
try:
l = l.split(':')[1]
l = l.split('"')[1]
print(l+"<br>")
break
except Exception:
print(output)
break
else:
print('success: HAProxy was installed<br>')
os.system("rm -f %s" % script)
sql.update_haproxy(serv)
def ssh_connect(serv, **kwargs):
import paramiko
from paramiko import SSHClient
import sql
ssh_enable, ssh_user_name, ssh_user_password, ssh_key_name = return_ssh_keys_path(
serv)
servers = sql.select_servers(server=serv)
ssh_port = 22
for server in servers:
ssh_port = server[10]
ssh = SSHClient()
ssh.load_system_host_keys()
ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
try:
if ssh_enable == 1:
cloud = sql.is_cloud()
if cloud != '':
k = paramiko.pkey.load_private_key_file(ssh_key_name,
password=cloud)
else:
k = paramiko.pkey.load_private_key_file(ssh_key_name)
ssh.connect(hostname=serv,
port=ssh_port,
username=ssh_user_name,
pkey=k,
timeout=11)
else:
ssh.connect(hostname=serv,
port=ssh_port,
username=ssh_user_name,
password=ssh_user_password,
timeout=11)
return ssh
except paramiko.AuthenticationException:
return 'Authentication failed, please verify your credentials'
pass
except paramiko.SSHException as sshException:
return 'error: Unable to establish SSH connection: %s ' % sshException
pass
except paramiko.PasswordRequiredException as e:
return 'error: %s ' % e
pass
except paramiko.BadHostKeyException as badHostKeyException:
return 'error: Unable to verify server\'s host key: %s ' % badHostKeyException
pass
except Exception as e:
if e == "No such file or directory":
return 'error: %s. Check ssh key' % e
pass
elif e == "Invalid argument":
error = 'error: Check the IP of the server'
pass
else:
error = e
pass
return str(error)
def check_permit_to_server(id):
servers = sql.select_servers(id_hostname=id)
login = request.headers.get('login')
for s in servers:
servers = sql.get_dick_permit(username=login, ip=s[2])
return servers
def install_nginx(serv):
import sql
script = "install_nginx.sh"
stats_user = sql.get_setting('nginx_stats_user')
stats_password = sql.get_setting('nginx_stats_password')
stats_port = sql.get_setting('nginx_stats_port')
stats_page = sql.get_setting('nginx_stats_page')
config_path = sql.get_setting('nginx_config_path')
proxy = sql.get_setting('proxy')
ssh_enable, ssh_user_name, ssh_user_password, ssh_key_name = return_ssh_keys_path(
serv)
if ssh_enable == 0:
ssh_key_name = ''
os.system("cp scripts/%s ." % script)
if proxy is not None and proxy != '' and proxy != 'None':
proxy_serv = proxy
else:
proxy_serv = ''
servers = sql.select_servers(server=serv)
for server in servers:
ssh_port = str(server[10])
syn_flood_protect = '1' if form.getvalue('syn_flood') == "1" else ''
commands = [
"chmod +x " + script + " && ./" + script + " PROXY=" + proxy_serv +
" STATS_USER="******" STATS_PASS="******" SSH_PORT=" + ssh_port + " CONFIG_PATH=" + config_path +
" STAT_PORT=" + stats_port + " STAT_PAGE=" + stats_page +
" SYN_FLOOD=" + syn_flood_protect + " HOST=" + serv + " USER="******" PASS="******" KEY=" + ssh_key_name
]
output, error = subprocess_execute(commands[0])
if error:
logging('localhost', error, haproxywi=1)
print('error: ' + error)
else:
for l in output:
if "msg" in l or "FAILED" in l:
try:
l = l.split(':')[1]
l = l.split('"')[1]
print(l + "<br>")
break
except Exception:
print(output)
break
else:
print('success: Nginx was installed<br>')
os.system("rm -f %s" % script)
sql.update_nginx(serv)
def check_permit_to_server(server_id):
servers = sql.select_servers(id_hostname=server_id)
token = request.headers.get('token')
login, group_id = sql.get_username_groupid_from_api_token(token)
for s in servers:
server = sql.get_dick_permit(username=login, group_id=group_id, ip=s[2], token=token)
return server
def ssh_connect(serv, **kwargs):
import paramiko
from paramiko import SSHClient
import sql
fullpath = get_config_var('main', 'fullpath')
ssh_enable = ''
ssh_port = ''
ssh_user_name = ''
ssh_user_password = ''
for sshs in sql.select_ssh(serv=serv):
ssh_enable = sshs[3]
ssh_user_name = sshs[4]
ssh_user_password = sshs[5]
ssh_key_name = fullpath + '/keys/%s.pem' % sshs[2]
servers = sql.select_servers(server=serv)
for server in servers:
ssh_port = server[10]
ssh = SSHClient()
ssh.load_system_host_keys()
ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
try:
if ssh_enable == 1:
k = paramiko.RSAKey.from_private_key_file(ssh_key_name)
ssh.connect(hostname=serv,
port=ssh_port,
username=ssh_user_name,
pkey=k)
else:
ssh.connect(hostname=serv,
port=ssh_port,
username=ssh_user_name,
password=ssh_user_password)
return ssh
except paramiko.AuthenticationException:
return 'Authentication failed, please verify your credentials'
pass
except paramiko.SSHException as sshException:
return 'Unable to establish SSH connection: %s ' % sshException
pass
except paramiko.BadHostKeyException as badHostKeyException:
return 'Unable to verify server\'s host key: %s ' % badHostKeyException
pass
except Exception as e:
if e == "No such file or directory":
return '%s. Check ssh key' % e
pass
elif e == "Invalid argument":
error = 'Check the IP of the server'
pass
else:
error = e
pass
return str(error)
async def async_get_overview(serv1, serv2):
server_status = ()
commands2 = ["ps ax |grep waf/bin/modsecurity |grep -v grep |wc -l"]
cmd = 'echo "show info" |nc %s %s -w 1|grep -e "Process_num"' % (
serv2, sql.get_setting('haproxy_sock_port'))
server_status = (serv1, serv2,
funct.server_status(funct.subprocess_execute(cmd)),
sql.select_servers(server=serv2, keep_alive=1),
funct.ssh_command(serv2, commands2),
sql.select_waf_servers(serv2))
return server_status
def check_is_server_in_group(serv):
import sql
group_id = get_user_group(id=1)
servers = sql.select_servers(server=serv)
for s in servers:
if (s[2] == serv and int(s[3]) == int(group_id)) or group_id == 1:
return True
else:
logging('localhost', ' has tried to actions in not his group server ', haproxywi=1, login=1)
print('Atata!')
sys.exit()
def install_haproxy(serv, **kwargs):
import sql
script = "install_haproxy.sh"
hap_sock_p = sql.get_setting('haproxy_sock_port')
stats_port = sql.get_setting('stats_port')
server_state_file = sql.get_setting('server_state_file')
stats_user = sql.get_setting('stats_user')
stats_password = sql.get_setting('stats_password')
proxy = sql.get_setting('proxy')
hapver = kwargs.get('hapver')
server_for_installing = kwargs.get('server')
ssh_port = 22
ssh_enable, ssh_user_name, ssh_user_password, ssh_key_name = return_ssh_keys_path(
serv)
if ssh_enable == 0:
ssh_key_name = ''
servers = sql.select_servers(server=serv)
for server in servers:
ssh_port = str(server[10])
os.system("cp scripts/%s ." % script)
if hapver is None:
hapver = '2.3.0-1'
if proxy is not None and proxy != '' and proxy != 'None':
proxy_serv = proxy
else:
proxy_serv = ''
syn_flood_protect = '1' if kwargs.get('syn_flood') == "1" else ''
commands = [
"chmod +x " + script + " && ./" + script + " PROXY=" + proxy_serv +
" SOCK_PORT=" + hap_sock_p + " STAT_PORT=" + stats_port +
" STAT_FILE=" + server_state_file + " SSH_PORT=" + ssh_port +
" STATS_USER="******" STATS_PASS="******" HAPVER=" + hapver + " SYN_FLOOD=" + syn_flood_protect + " HOST=" +
serv + " USER="******" PASS="******" KEY=" + ssh_key_name
]
output, error = subprocess_execute(commands[0])
if server_for_installing:
service = server_for_installing + ' HAProxy'
else:
service = ' HAProxy'
show_installation_output(error, output, service)
os.system("rm -f %s" % script)
sql.update_haproxy(serv)
async def async_get_overview(serv1, serv2):
haproxy_config_path = sql.get_setting('haproxy_config_path')
commands = [ "ls -l %s |awk '{ print $6\" \"$7\" \"$8}'" % haproxy_config_path ]
commands2 = "ps ax |grep keep_alive.py |grep -v grep |wc -l"
cmd = 'echo "show info" |nc %s %s -w 1|grep -e "Process_num"' % (serv2, haproxy_sock_port)
server_status = (serv1,
serv2,
funct.server_status(funct.subprocess_execute(cmd)),
funct.ssh_command(serv2, commands),
sql.select_servers(server=serv2, keep_alive=1),
funct.subprocess_execute(commands2))
return server_status
async def get_runner_overviewWaf():
import http.cookies
from jinja2 import Environment, FileSystemLoader
env = Environment(loader=FileSystemLoader('templates/ajax'),extensions=['jinja2.ext.loopcontrols', 'jinja2.ext.do'])
template = env.get_template('overivewWaf.html')
servers = []
cookie = http.cookies.SimpleCookie(os.environ.get("HTTP_COOKIE"))
user_id = cookie.get('uuid')
futures = [async_get_overviewWaf(server[1], server[2]) for server in sql.select_servers(server=serv)]
for i, future in enumerate(asyncio.as_completed(futures)):
result = await future
servers.append(result)
servers_sorted = sorted(servers, key=funct.get_key)
template = template.render(service_status=servers_sorted, role=sql.get_user_role_by_uuid(user_id.value))
print(template)
def install_nginx(serv, **kwargs):
import sql
script = "install_nginx.sh"
stats_user = sql.get_setting('nginx_stats_user')
stats_password = sql.get_setting('nginx_stats_password')
stats_port = sql.get_setting('nginx_stats_port')
stats_page = sql.get_setting('nginx_stats_page')
config_path = sql.get_setting('nginx_config_path')
server_for_installing = kwargs.get('server')
proxy = sql.get_setting('proxy')
ssh_enable, ssh_user_name, ssh_user_password, ssh_key_name = return_ssh_keys_path(
serv)
if ssh_enable == 0:
ssh_key_name = ''
os.system("cp scripts/%s ." % script)
if proxy is not None and proxy != '' and proxy != 'None':
proxy_serv = proxy
else:
proxy_serv = ''
servers = sql.select_servers(server=serv)
for server in servers:
ssh_port = str(server[10])
syn_flood_protect = '1' if form.getvalue('syn_flood') == "1" else ''
commands = [
"chmod +x " + script + " && ./" + script + " PROXY=" + proxy_serv +
" STATS_USER="******" STATS_PASS="******" SSH_PORT=" + ssh_port + " CONFIG_PATH=" + config_path +
" STAT_PORT=" + stats_port + " STAT_PAGE=" + stats_page +
" SYN_FLOOD=" + syn_flood_protect + " HOST=" + serv + " USER="******" PASS="******" KEY=" + ssh_key_name
]
output, error = subprocess_execute(commands[0])
if server_for_installing:
service = server_for_installing + ' Nginx'
else:
service = ' Nginx'
show_installation_output(error, output, service)
os.system("rm -f %s" % script)
sql.update_nginx(serv)
def get_all_statuses():
data = {}
try:
servers = sql.select_servers()
login = request.headers.get('login')
sock_port = sql.get_setting('haproxy_sock_port')
for s in servers:
servers = sql.get_dick_permit(username=login)
for s in servers:
cmd = 'echo "show info" |nc %s %s -w 1|grep -e "Ver\|CurrConns\|Maxco\|MB\|Uptime:"' % (
s[2], sock_port)
data[s[2]] = {}
out = funct.subprocess_execute(cmd)
data[s[2]] = return_dict_from_out(s[1], out[0])
except:
data = {"error": "Cannot find the server"}
return dict(error=data)
return dict(status=data)
funct.check_login()
funct.page_for_admin()
try:
cookie = http.cookies.SimpleCookie(os.environ.get("HTTP_COOKIE"))
user_id = cookie.get('uuid')
user = sql.get_user_name_by_uuid(user_id.value)
users = sql.select_users()
servers = sql.get_dick_permit()
token = sql.get_token(user_id.value)
settings = sql.get_setting('', all=1)
ldap_enable = sql.get_setting('ldap_enable')
except:
pass
template = template.render(title="Admin area: users manage",
role=sql.get_user_role_by_uuid(user_id.value),
user=user,
users=users,
groups=sql.select_groups(),
servers=sql.select_servers(full=1),
roles=sql.select_roles(),
masters=sql.select_servers(get_master_servers=1),
sshs=sql.select_ssh(),
telegrams=sql.select_telegram(),
token=token,
versions=funct.versions(),
settings=settings,
ldap_enable=ldap_enable)
print(template)
except:
pass
form = funct.form
serv = form.getvalue('serv')
service = form.getvalue('service')
autorefresh = 0
if service == 'nginx':
title = "Nginx servers overview"
keep_alive = ''
stderr = ''
servers = sql.get_dick_permit(virt=1, nginx=1)
service = 'nginx'
if serv:
servers = sql.select_servers(server=serv)
autorefresh = 1
else:
title = "HAProxy servers overview"
cmd = "ps ax |grep -e 'keep_alive.py' |grep -v grep |wc -l"
keep_alive, stderr = funct.subprocess_execute(cmd)
service = 'haproxy'
if serv:
servers = sql.select_servers(server=serv)
autorefresh = 1
else:
servers = sql.get_dick_permit(virt=1, haproxy=1)
haproxy_sock_port = sql.get_setting('haproxy_sock_port')
servers_with_status1 = []
out1 = ''
nginx = form.getvalue('nginx')
enable = form.getvalue('enable')
master = form.getvalue('slave')
cred = form.getvalue('cred')
page = form.getvalue('page')
page = page.split("#")[0]
port = form.getvalue('newport')
desc = form.getvalue('desc')
if sql.add_server(hostname, ip, group, typeip, enable, master, cred, port, desc, haproxy, nginx):
from jinja2 import Environment, FileSystemLoader
env = Environment(loader=FileSystemLoader('templates/'))
template = env.get_template('ajax/new_server.html')
template = template.render(groups = sql.select_groups(),
servers = sql.select_servers(server=ip),
roles = sql.select_roles(),
masters = sql.select_servers(get_master_servers=1),
sshs = sql.select_ssh(),
page = page)
print(template)
funct.logging('a new server '+hostname, ' has created ', haproxywi=1, login=1)
if form.getvalue('updatehapwiserver') is not None:
id = form.getvalue('updatehapwiserver')
active = form.getvalue('active')
alert = form.getvalue('alert_en')
metrics = form.getvalue('metrics')
sql.update_hapwi_server(id, alert, metrics, active)
funct.logging('the server '+name, ' has updated ', haproxywi=1, login=1)
cookie = http.cookies.SimpleCookie(os.environ.get("HTTP_COOKIE"))
user_id = cookie.get('uuid')
user = sql.get_user_name_by_uuid(user_id.value)
users = sql.select_users()
groups = sql.select_groups()
token = sql.get_token(user_id.value)
cmd = "ps ax |grep -e 'keep_alive.py' |grep -v grep |wc -l"
keep_alive, stderr = funct.subprocess_execute(cmd)
except:
pass
form = funct.form
serv = form.getvalue('serv')
if serv:
servers = sql.select_servers(server=serv)
autorefresh = 1
hap_configs_dir = funct.get_config_var('configs',
'haproxy_save_configs_dir')
else:
servers = sql.get_dick_permit()
autorefresh = 0
haproxy_sock_port = sql.get_setting('haproxy_sock_port')
haproxy_config_path = sql.get_setting('haproxy_config_path')
commands = ["ls -l %s |awk '{ print $6\" \"$7\" \"$8}'" % haproxy_config_path]
servers_with_status1 = []
out1 = ""
for s in servers:
servers_with_status = list()
cmd = 'echo "show info" |nc %s %s -w 1 |grep -e "Ver\|Uptime:\|Process_num"' % (
print('Content-type: text/html\n')
funct.check_login()
funct.page_for_admin(level = 2)
try:
cookie = http.cookies.SimpleCookie(os.environ.get("HTTP_COOKIE"))
user_id = cookie.get('uuid')
user = sql.get_user_name_by_uuid(user_id.value)
servers = sql.get_dick_permit()
token = sql.get_token(user_id.value)
ldap_enable = sql.get_setting('ldap_enable')
except:
pass
output_from_parsed_template = template.render(title = "Servers manage",
role = sql.get_user_role_by_uuid(user_id.value),
user = user,
users = sql.select_users(),
groups = sql.select_groups(),
servers = sql.get_dick_permit(virt=1, disable=0),
roles = sql.select_roles(),
masters = sql.select_servers(get_master_servers=1, uuid=user_id.value),
group = sql.get_user_group_by_uuid(user_id.value),
sshs = sql.select_ssh(),
telegrams = sql.get_user_telegram_by_uuid(user_id.value),
token = token,
versions = funct.versions(),
backups = sql.select_backups(),
ldap_enable = ldap_enable)
print(output_from_parsed_template)
import cgi
import sys
import os
import funct
import sql
funct.head("Admin area: users manage")
funct.check_config()
funct.check_login()
funct.page_for_admin()
form = cgi.FieldStorage()
USERS = sql.select_users()
GROUPS = sql.select_groups()
SERVERS = sql.select_servers(full=1)
ROLES = sql.select_roles()
print('<script src="/inc/users.js"></script>'
'<div id="tabs">'
'<ul>'
'<li><a href="#users">Users</a></li>'
'<li><a href="#groups">Groups</a></li>'
'<li><a href="#servers">Servers</a></li>'
'<li><a href="#roles">Roles</a></li>'
'</ul>'
'<div id="users">'
'<table class="overview" id="ajax-users">'
'<tr class="overviewHead">'
'<td class="padding10 first-collumn">Login name</td>'
'<td>Password</td>'
