import funct
import sql
from jinja2 import Environment, FileSystemLoader
env = Environment(loader=FileSystemLoader('templates/'), autoescape=True)
template = env.get_template('admin.html')
form = funct.form
print('Content-type: text/html\n')
funct.check_login()
funct.page_for_admin()
try:
user, user_id, role, token, servers = funct.get_users_params()
users = sql.select_users()
settings = sql.get_setting('', all=1)
ldap_enable = sql.get_setting('ldap_enable')
grafana, stderr = funct.subprocess_execute(
"service grafana-server status |grep Active |awk '{print $1}'")
services = []
services_name = {
'checker_haproxy': 'Master backends checker service',
'keep_alive': 'Auto start service',
'metrics_haproxy': 'Master metrics service',
'prometheus': 'Prometheus service',
'grafana-server': 'Grafana service',
'smon': 'Simple monitoring network ports',
'fail2ban': 'Fail2ban service'
}
for s, v in services_name.items():
def install_haproxy(serv, **kwargs):
import sql
script = "install_haproxy.sh"
hap_sock_p = sql.get_setting('haproxy_sock_port')
stats_port = sql.get_setting('stats_port')
server_state_file = sql.get_setting('server_state_file')
stats_user = sql.get_setting('stats_user')
stats_password = sql.get_setting('stats_password')
proxy = sql.get_setting('proxy')
hapver = kwargs.get('hapver')
ssh_port = 22
ssh_enable, ssh_user_name, ssh_user_password, ssh_key_name = return_ssh_keys_path(
serv)
if ssh_enable == 0:
ssh_key_name = ''
servers = sql.select_servers(server=serv)
for server in servers:
ssh_port = str(server[10])
os.system("cp scripts/%s ." % script)
if hapver is None:
hapver = '2.0.7-1'
if proxy is not None and proxy != '' and proxy != 'None':
proxy_serv = proxy
else:
proxy_serv = ''
syn_flood_protect = '1' if kwargs.get('syn_flood') == "1" else ''
commands = [
"chmod +x " + script + " && ./" + script + " PROXY=" + proxy_serv +
" SOCK_PORT=" + hap_sock_p + " STAT_PORT=" + stats_port +
" STAT_FILE=" + server_state_file + " SSH_PORT=" + ssh_port +
" STATS_USER="******" STATS_PASS="******" HAPVER=" + hapver + " SYN_FLOOD=" + syn_flood_protect + " HOST=" +
serv + " USER="******" PASS="******" KEY=" + ssh_key_name
]
output, error = subprocess_execute(commands[0])
if error:
logging('localhost', error, haproxywi=1)
print('error: ' + error)
else:
for l in output:
if "msg" in l or "FAILED" in l:
try:
l = l.split(':')[1]
l = l.split('"')[1]
print(l + "<br>")
break
except Exception:
print(output)
break
else:
print('success: HAProxy was installed<br>')
os.system("rm -f %s" % script)
sql.update_haproxy(serv)
def upload_and_restart(serv, cfg, **kwargs):
import sql
if kwargs.get("nginx"):
config_path = sql.get_setting('nginx_config_path')
tmp_file = sql.get_setting('tmp_config_path') + "/" + get_data(
'config') + ".conf"
else:
config_path = sql.get_setting('haproxy_config_path')
tmp_file = sql.get_setting('tmp_config_path') + "/" + get_data(
'config') + ".cfg"
error = ""
try:
os.system("dos2unix " + cfg)
except OSError:
return 'Please install dos2unix'
pass
if kwargs.get("keepalived") == 1:
if kwargs.get("just_save") == "save":
commands = [
"sudo mv -f " + tmp_file + " /etc/keepalived/keepalived.conf"
]
else:
commands = [
"sudo mv -f " + tmp_file +
" /etc/keepalived/keepalived.conf && sudo systemctl restart keepalived"
]
elif kwargs.get("nginx"):
if kwargs.get("just_save") == "save":
commands = [
"sudo mv -f " + tmp_file + " " + config_path +
" && sudo nginx -t -q"
]
elif kwargs.get("just_save") == "reload":
commands = [
"sudo mv -f " + tmp_file + " " + config_path +
" && sudo nginx -t -q && sudo systemctl reload nginx"
]
else:
commands = [
"sudo mv -f " + tmp_file + " " + config_path +
" && sudo nginx -t -q && sudo systemctl restart nginx"
]
if sql.return_firewall(serv):
commands[0] += open_port_firewalld(cfg, serv=serv, service='nginx')
else:
haproxy_enterprise = sql.get_setting('haproxy_enterprise')
if haproxy_enterprise == '1':
haproxy_service_name = "hapee-2.0-lb"
else:
haproxy_service_name = "haproxy"
if kwargs.get("just_save") == "test":
commands = [
"sudo " + haproxy_service_name + " -q -c -f " + tmp_file +
" && sudo rm -f " + tmp_file
]
elif kwargs.get("just_save") == "save":
commands = [
"sudo " + haproxy_service_name + " -q -c -f " + tmp_file +
" && sudo mv -f " + tmp_file + " " + config_path
]
elif kwargs.get("just_save") == "reload":
commands = [
"sudo " + haproxy_service_name + " -q -c -f " + tmp_file +
" && sudo mv -f " + tmp_file + " " + config_path +
" && sudo systemctl reload " + haproxy_service_name + ""
]
else:
commands = [
"sudo " + haproxy_service_name + " -q -c -f " + tmp_file +
" && sudo mv -f " + tmp_file + " " + config_path +
" && sudo systemctl restart " + haproxy_service_name + ""
]
if sql.return_firewall(serv):
commands[0] += open_port_firewalld(cfg, serv=serv)
error += str(upload(serv, tmp_file, cfg, dir='fullpath'))
try:
error += ssh_command(serv, commands)
except Exception as e:
error += e
if error:
logging('localhost', error, haproxywi=1)
return error
#!/usr/bin/env python3
import cgi
import os
import funct
import sql
import http
from jinja2 import Environment, FileSystemLoader
env = Environment(loader=FileSystemLoader('templates/'))
template = env.get_template('settings.html')
form = cgi.FieldStorage()
print('Content-type: text/html\n')
funct.check_login()
funct.page_for_admin()
try:
cookie = http.cookies.SimpleCookie(os.environ.get("HTTP_COOKIE"))
user_id = cookie.get('uuid')
user = sql.get_user_name_by_uuid(user_id.value)
settings = sql.get_setting('', all=1)
token = sql.get_token(user_id.value)
except:
pass
template = template.render(h2=1,
title="Settings",
role=sql.get_user_role_by_uuid(user_id.value),
user=user,
settings=settings,
token=token)
print(template)
if form.getvalue('viewlogs') is None:
serv = form.getvalue('serv')
else:
serv = form.getvalue('viewlogs')
hour = form.getvalue('hour')
hour1 = form.getvalue('hour1')
minut = form.getvalue('minut')
minut1 = form.getvalue('minut1')
print('Content-type: text/html\n')
funct.check_login()
funct.page_for_admin()
log_path = funct.get_config_var('main', 'log_path')
time_storage = sql.get_setting('log_time_storage')
time_storage = int(time_storage)
try:
time_storage_hours = time_storage * 24
for dirpath, dirnames, filenames in os.walk(log_path):
for file in filenames:
curpath = os.path.join(dirpath, file)
file_modified = datetime.datetime.fromtimestamp(
os.path.getmtime(curpath))
if datetime.datetime.now() - file_modified > datetime.timedelta(
hours=time_storage_hours):
os.remove(curpath)
except:
print(
'<center><div class="alert alert-danger" style="margin: 0; margin-bottom: 10px;">Can\'t delete old logs file. <br> Please check "log_time_storage" in config and <br>exist directory </div></center>'
print('Content-type: text/html\n')
if act == "checkrestart":
servers = sql.get_dick_permit(ip=serv)
for server in servers:
if server != "":
print("ok")
sys.exit()
sys.exit()
if form.getvalue('token') is None:
print("What the f**k?! U r hacker Oo?!")
sys.exit()
if form.getvalue('getcerts') is not None and serv is not None:
cert_path = sql.get_setting('cert_path')
commands = [ "ls -1t "+cert_path+" |grep pem" ]
try:
funct.ssh_command(serv, commands, ip="1")
except:
print('<div class="alert alert-danger" style="margin:0">Can not connect to the server</div>')
if form.getvalue('checkSshConnect') is not None and serv is not None:
try:
funct.ssh_command(serv, ["ls -1t"])
except:
print('<div class="alert alert-danger" style="margin:0">Can not connect to the server</div>')
if form.getvalue('getcert') is not None and serv is not None:
id = form.getvalue('getcert')
cert_path = sql.get_setting('cert_path')
token = sql.get_token(user_id.value)
except:
pass
output_from_parsed_template = template.render(title = "Add",
role = sql.get_user_role_by_uuid(user_id.value),
user = user,
selects = servers,
add = form.getvalue('add'),
conf_add = form.getvalue('conf'),
group = user_group,
token = token)
print(output_from_parsed_template)
hap_configs_dir = funct.get_config_var('configs', 'haproxy_save_configs_dir')
cert_path = sql.get_setting('cert_path')
if form.getvalue('mode') is not None:
serv = form.getvalue('serv')
port = form.getvalue('port')
force_close = form.getvalue('force_close')
mode = " mode " + form.getvalue('mode')
ssl = ""
if form.getvalue('balance') is not None:
balance = " balance " + form.getvalue('balance') + "\n"
else:
balance = ""
if form.getvalue('ip') is not None:
ip = form.getvalue('ip')
async def async_get_overviewServers(serv1, serv2):
server_status = ()
commands = [ "top -u haproxy -b -n 1" ]
cmd = 'echo "show info" |nc %s %s -w 1|grep -e "Ver\|CurrConns\|Maxco\|MB\|Uptime:"' % (serv2, sql.get_setting('haproxy_sock_port'))
out = funct.subprocess_execute(cmd)
out1 = ""
for k in out:
if "Ncat:" not in k:
for r in k:
out1 += r
out1 += "<br />"
else:
out1 = "Can\'t connect to HAproxy"
server_status = (serv1,serv2, out1, funct.ssh_command(serv2, commands))
return server_status
for s, v in services_name.items():
if s != 'roxy-wi-keep_alive':
service_name = s.split('_')[0]
else:
service_name = s
if distro.id() == 'ubuntu':
cmd = "apt list --installed 2>&1 |grep " + service_name
else:
cmd = "rpm --query " + service_name + "-* |awk -F\"" + service_name + "\" '{print $2}' |awk -F\".noa\" '{print $1}' |sed 's/-//1' |sed 's/-/./'"
service_ver, stderr = funct.subprocess_execute(cmd)
try:
services.append([s, service_ver[0]])
except Exception:
services.append([s, ''])
haproxy_sock_port = sql.get_setting('haproxy_sock_port')
servers_with_status1 = []
out1 = ''
if len(servers) == 1:
serv = servers[0][2]
for s in servers:
servers_with_status = list()
servers_with_status.append(s[0])
servers_with_status.append(s[1])
servers_with_status.append(s[2])
servers_with_status.append(s[11])
if service == 'nginx':
h = (['', ''], )
print(str(service_settings))
cmd = [
"/usr/sbin/nginx -v 2>&1|awk '{print $3}' && systemctl status nginx |grep -e 'Active' |awk '{print $2, $9$10$11$12$13}' && ps ax |grep nginx:|grep -v grep |wc -l"
def start_waf_worker(serv):
port = sql.get_setting('haproxy_sock_port')
cmd = "tools/metrics_waf_worker.py %s --port %s &" % (serv, port)
os.system(cmd)
funct.logging("localhost", " Masrer started new WAF metrics worker for: "+serv, metrics=1)
user, user_id, role, token, servers, user_services = funct.get_users_params(
)
except Exception:
pass
if manage_rules == '1':
serv = funct.is_ip_or_dns(form.getvalue('serv'))
funct.check_is_server_in_group(serv)
title = "Manage rules - Web application firewall"
rules = sql.select_waf_rules(serv)
elif waf_rule_id:
serv = funct.is_ip_or_dns(form.getvalue('serv'))
funct.check_is_server_in_group(serv)
title = 'Edit a WAF rule'
waf_rule_file = sql.select_waf_rule_by_id(waf_rule_id)
configs_dir = sql.get_setting('tmp_config_path')
cfg = configs_dir + serv + "-" + funct.get_data(
'config') + "-" + waf_rule_file
error = funct.get_config(serv, cfg, waf=1, waf_rule_file=waf_rule_file)
try:
conf = open(cfg, "r")
config_read = conf.read()
conf.close()
except IOError:
print('Cannot read imported config file')
else:
title = "Web application firewall"
servers_waf = sql.select_waf_servers_metrics(user_id.value)
autorefresh = 1
def get_status(server_id):
try:
servers = check_permit_to_server(server_id)
for s in servers:
cmd = 'echo "show info" |nc %s %s -w 1|grep -e "Ver\|CurrConns\|Maxco\|MB\|Uptime:"' % (s[2], sql.get_setting('haproxy_sock_port'))
out = funct.subprocess_execute(cmd)
data = return_dict_from_out(server_id, out[0])
except:
data = {server_id: {"error": "Cannot find the server"}}
return dict(error=data)
return dict(status=data)
cmd = "ps ax |grep -e 'keep_alive.py' |grep -v grep |wc -l"
keep_alive, stderr = funct.subprocess_execute(cmd)
except:
pass
form = cgi.FieldStorage()
serv = form.getvalue('serv')
if serv:
servers = sql.select_servers(server=serv)
autorefresh = 1
else:
servers = sql.get_dick_permit()
autorefresh = 0
haproxy_sock_port = sql.get_setting('haproxy_sock_port')
haproxy_config_path = sql.get_setting('haproxy_config_path')
commands = ["ls -l %s |awk '{ print $6\" \"$7\" \"$8}'" % haproxy_config_path]
servers_with_status1 = []
out1 = ""
for s in servers:
servers_with_status = list()
cmd = 'echo "show info" |nc %s %s -w 1 |grep -e "Ver\|Uptime:\|Process_num"' % (
s[2], haproxy_sock_port)
out = funct.subprocess_execute(cmd)
servers_with_status.append(s[0])
servers_with_status.append(s[1])
servers_with_status.append(s[2])
servers_with_status.append(s[11])
for k in out:
if "Ncat:" not in k:
def start_worker(serv):
port = sql.get_setting('haproxy_sock_port')
cmd = "tools/checker_worker.py %s --port %s &" % (serv, port)
os.system(cmd)
funct.logging("localhost", " Masrer started new worker for: "+serv, alerting=1)
import ovw
form = cgi.FieldStorage()
req = form.getvalue('req')
serv = form.getvalue('serv')
act = form.getvalue('act')
backend = form.getvalue('backend')
print('Content-type: text/html\n')
if form.getvalue('token') is None:
print("What the f**k?! U r hacker Oo?!")
sys.exit()
if form.getvalue('getcerts') is not None and serv is not None:
cert_path = sql.get_setting('cert_path')
commands = ["ls -1t " + cert_path + " |grep pem"]
try:
funct.ssh_command(serv, commands, ip="1")
except:
print(
'<div class="alert alert-danger" style="margin:0">Can not connect to the server</div>'
)
if form.getvalue('getcert') is not None and serv is not None:
id = form.getvalue('getcert')
cert_path = sql.get_setting('cert_path')
commands = ["cat " + cert_path + "/" + id]
try:
funct.ssh_command(serv, commands, ip="1")
except:
print('Content-type: text/html\n')
if act == "checkrestart":
servers = sql.get_dick_permit(ip=serv)
for server in servers:
if server != "":
print("ok")
sys.exit()
sys.exit()
if not sql.check_token_exists(form.getvalue('token')):
print("Your token has been expired")
sys.exit()
if form.getvalue('getcerts') is not None and serv is not None:
cert_path = sql.get_setting('cert_path')
commands = [ "ls -1t "+cert_path+" |grep pem" ]
try:
funct.ssh_command(serv, commands, ip="1")
except:
print('<div class="alert alert-danger" style="margin:0">Can not connect to the server</div>')
if form.getvalue('checkSshConnect') is not None and serv is not None:
try:
funct.ssh_command(serv, ["ls -1t"])
except:
print('<div class="alert alert-danger" style="margin:0">Can not connect to the server</div>')
if form.getvalue('getcert') is not None and serv is not None:
id = form.getvalue('getcert')
cert_path = sql.get_setting('cert_path')
try:
cookie = http.cookies.SimpleCookie(os.environ.get("HTTP_COOKIE"))
user_id = cookie.get('uuid')
user = sql.get_user_name_by_uuid(user_id.value)
user_group = sql.get_user_group_by_uuid(user_id.value)
servers = sql.get_dick_permit(virt=1)
token = sql.get_token(user_id.value)
servbackend = form.getvalue('servbackend')
serv = form.getvalue('serv')
if servbackend is None:
servbackend = ""
except:
pass
dir = os.path.dirname(os.getcwd()) + "/" + sql.get_setting('lists_path')
white_dir = os.path.dirname(os.getcwd()) + "/" + sql.get_setting(
'lists_path') + "/" + user_group + "/white"
black_dir = os.path.dirname(os.getcwd()) + "/" + sql.get_setting(
'lists_path') + "/" + user_group + "/black"
if not os.path.exists(dir):
os.makedirs(dir)
if not os.path.exists(dir + "/" + user_group):
os.makedirs(dir + "/" + user_group)
if not os.path.exists(white_dir):
os.makedirs(white_dir)
if not os.path.exists(black_dir):
os.makedirs(black_dir)
white_lists = funct.get_files(dir=white_dir, format="lst")
black_lists = funct.get_files(dir=black_dir, format="lst")
def get_map(serv):
from datetime import datetime
from pytz import timezone
import networkx as nx
import matplotlib
matplotlib.use('Agg')
import matplotlib.pyplot as plt
stats_port = sql.get_setting('stats_port')
haproxy_config_path = sql.get_setting('haproxy_config_path')
hap_configs_dir = funct.get_config_var('configs',
'haproxy_save_configs_dir')
date = funct.get_data('config')
cfg = hap_configs_dir + serv + "-" + date + ".cfg"
print('<center>')
print("<h3>Map from %s</h3><br />" % serv)
G = nx.DiGraph()
funct.get_config(serv, cfg)
try:
conf = open(cfg, "r")
except IOError:
print(
'<div class="alert alert-danger">Can\'t read import config file</div>'
)
node = ""
line_new2 = [1, ""]
i = 1200
k = 1200
j = 0
m = 0
for line in conf:
if "listen" in line or "frontend" in line:
if "stats" not in line:
node = line
i = i - 500
if line.find("backend") == 0:
node = line
i = i - 500
G.add_node(node, pos=(k, i), label_pos=(k, i + 150))
if "bind" in line:
try:
bind = line.split(":")
if stats_port not in bind[1]:
bind[1] = bind[1].strip(' ')
bind = bind[1].split("crt")
node = node.strip(' \t\n\r')
node = node + ":" + bind[0]
G.add_node(node, pos=(k, i), label_pos=(k, i + 150))
except:
pass
if "server " in line or "use_backend" in line or "default_backend" in line and "stats" not in line:
if "timeout" not in line and "default-server" not in line and "#" not in line and "stats" not in line:
i = i - 300
j = j + 1
if "check" in line:
line_new = line.split("check")
else:
line_new = line.split("if ")
if "server" in line:
line_new1 = line_new[0].split("server")
line_new[0] = line_new1[1]
line_new2 = line_new[0].split(":")
line_new[0] = line_new2[0]
line_new[0] = line_new[0].strip(' \t\n\r')
line_new2[1] = line_new2[1].strip(' \t\n\r')
if j % 2 == 0:
G.add_node(line_new[0],
pos=(k + 250, i - 350),
label_pos=(k + 225, i - 100))
else:
G.add_node(line_new[0],
pos=(k - 250, i - 50),
label_pos=(k - 225, i + 180))
if line_new2[1] != "":
G.add_edge(node, line_new[0], port=line_new2[1])
else:
G.add_edge(node, line_new[0])
os.system("/bin/rm -f " + cfg)
pos = nx.get_node_attributes(G, 'pos')
pos_label = nx.get_node_attributes(G, 'label_pos')
edge_labels = nx.get_edge_attributes(G, 'port')
try:
plt.figure(10, figsize=(9.5, 15))
nx.draw(G,
pos,
with_labels=False,
font_weight='bold',
width=3,
alpha=0.1,
linewidths=5)
nx.draw_networkx_nodes(G,
pos,
node_color="skyblue",
node_size=100,
alpha=0.8,
node_shape="p")
nx.draw_networkx_labels(G,
pos=pos_label,
alpha=1,
font_color="green",
font_size=10)
nx.draw_networkx_edges(G,
pos,
width=0.5,
alpha=0.5,
edge_color="#5D9CEB",
arrows=False)
nx.draw_networkx_edge_labels(G,
pos,
label_pos=0.5,
font_color="blue",
labels=edge_labels,
font_size=8)
plt.savefig("map.png")
plt.show()
except Exception as e:
print('<div class="alert alert-danger">' + str(e) + '</div>')
cmd = "rm -f " + os.path.dirname(
os.getcwd()) + "/map*.png && mv map.png " + os.path.dirname(
os.getcwd()) + "/map" + date + ".png"
output, stderr = funct.subprocess_execute(cmd)
print(stderr)
print('<img src="/map%s.png" alt="map">' % date)
#!/usr/bin/env python3
import funct
import sql
from jinja2 import Environment, FileSystemLoader
env = Environment(extensions=["jinja2.ext.do"],
loader=FileSystemLoader('templates/'),
autoescape=True)
template = env.get_template('servers.html')
form = funct.form
print('Content-type: text/html\n')
funct.check_login()
funct.page_for_admin(level=2)
try:
user, user_id, role, token, servers = funct.get_users_params()
ldap_enable = sql.get_setting('ldap_enable')
grafana, stderr = funct.subprocess_execute(
"service grafana-server status |grep Active |awk '{print $1}'")
except:
pass
output_from_parsed_template = template.render(
title="Servers manage",
role=role,
user=user,
users=sql.select_users(),
groups=sql.select_groups(),
servers=sql.get_dick_permit(virt=1, disable=0),
roles=sql.select_roles(),
masters=sql.select_servers(get_master_servers=1, uuid=user_id.value),
group=sql.get_user_group_by_uuid(user_id.value),
c["restart"] = form.getvalue('serv')
print(c)
print('Content-type: text/html\n')
funct.check_login()
funct.page_for_admin(level=2)
try:
user, user_id, role, token, servers = funct.get_users_params()
cookie = http.cookies.SimpleCookie(os.environ.get("HTTP_COOKIE"))
group = cookie.get('group')
user_group = group.value
except:
pass
dir = os.path.dirname(os.getcwd()) + "/" + sql.get_setting('lists_path')
white_dir = os.path.dirname(os.getcwd()) + "/" + sql.get_setting(
'lists_path') + "/" + user_group + "/white"
black_dir = os.path.dirname(os.getcwd()) + "/" + sql.get_setting(
'lists_path') + "/" + user_group + "/black"
if not os.path.exists(dir):
os.makedirs(dir)
if not os.path.exists(dir + "/" + user_group):
os.makedirs(dir + "/" + user_group)
if not os.path.exists(white_dir):
os.makedirs(white_dir)
if not os.path.exists(black_dir):
os.makedirs(black_dir)
white_lists = funct.get_files(dir=white_dir, format="lst")
black_lists = funct.get_files(dir=black_dir, format="lst")
service = 'nginx'
if serv:
servers = sql.select_servers(server=serv)
autorefresh = 1
else:
title = "HAProxy servers overview"
cmd = "ps ax |grep -e 'keep_alive.py' |grep -v grep |wc -l"
keep_alive, stderr = funct.subprocess_execute(cmd)
service = 'haproxy'
if serv:
servers = sql.select_servers(server=serv)
autorefresh = 1
else:
servers = sql.get_dick_permit(virt=1, haproxy=1)
haproxy_sock_port = sql.get_setting('haproxy_sock_port')
servers_with_status1 = []
out1 = ''
for s in servers:
servers_with_status = list()
servers_with_status.append(s[0])
servers_with_status.append(s[1])
servers_with_status.append(s[2])
servers_with_status.append(s[11])
if service == 'nginx':
cmd = [
"/usr/sbin/nginx -v && systemctl status nginx |grep -e 'Active' |awk '{print $2, $9$10$11$12$13}' && ps ax |grep nginx:|grep -v grep |wc -l"
]
out = funct.ssh_command(s[2], cmd)
h = ()
out1 = []
print(
'<center><div class="alert alert-danger">Other LDAP error: %s</div><br /><br />'
% e)
sys.exit()
send_cookie(user)
if ref is None:
ref = "/index.html"
if form.getvalue('error'):
error_log = '<div class="alert alert-danger">Somthing wrong :( I\'m sad about this, but try again!</div><br /><br />'
try:
if sql.get_setting('session_ttl'):
session_ttl = sql.get_setting('session_ttl')
except:
error = '<center><div class="alert alert-danger">Can not find "session_ttl" parametr. Check into settings, "main" section</div>'
pass
try:
role = sql.get_user_role_by_uuid(user_id.value)
user = sql.get_user_name_by_uuid(user_id.value)
except:
role = ""
user = ""
pass
if form.getvalue('logout'):
try:
except:
pass
template = template.render(title = "Add",
role = sql.get_user_role_by_uuid(user_id.value),
user = user,
selects = servers,
add = form.getvalue('add'),
conf_add = form.getvalue('conf'),
group = user_group,
token = token)
print(template)
if form.getvalue('mode') is not None:
hap_configs_dir = funct.get_config_var('configs', 'haproxy_save_configs_dir')
cert_path = sql.get_setting('cert_path')
haproxy_dir = sql.get_setting('haproxy_dir')
serv = form.getvalue('serv')
port = form.getvalue('port')
bind = ""
ip = ""
force_close = form.getvalue('force_close')
balance = ""
mode = " mode " + form.getvalue('mode') + "\n"
maxconn = ""
options_split = ""
ssl = ""
ssl_check = ""
if form.getvalue('balance') is not None:
balance = " balance " + form.getvalue('balance') + "\n"
def show_haproxy_log(serv,
rows=10,
waf='0',
grep=None,
hour='00',
minut='00',
hour1='24',
minut1='00',
service='haproxy',
**kwargs):
import sql
exgrep = form.getvalue('exgrep')
date = hour + ':' + minut
date1 = hour1 + ':' + minut1
if grep is not None:
grep_act = '|egrep "%s"' % grep
else:
grep_act = ''
if exgrep is not None:
exgrep_act = '|egrep -v "%s"' % exgrep
else:
exgrep_act = ''
if service == 'nginx' or service == 'haproxy':
syslog_server_enable = sql.get_setting('syslog_server_enable')
if syslog_server_enable is None or syslog_server_enable == "0":
if service == 'nginx':
local_path_logs = sql.get_setting('nginx_path_error_logs')
commands = [
"sudo cat %s| awk '$2>\"%s:00\" && $2<\"%s:00\"' |tail -%s %s %s"
%
(local_path_logs, date, date1, rows, grep_act, exgrep_act)
]
else:
local_path_logs = sql.get_setting('local_path_logs')
commands = [
"sudo cat %s| awk '$3>\"%s:00\" && $3<\"%s:00\"' |tail -%s %s %s"
%
(local_path_logs, date, date1, rows, grep_act, exgrep_act)
]
syslog_server = serv
else:
commands = [
"sudo cat /var/log/%s/syslog.log | sed '/ %s:00/,/ %s:00/! d' |tail -%s %s %s %s"
% (serv, date, date1, rows, grep_act, grep, exgrep_act)
]
syslog_server = sql.get_setting('syslog_server')
if waf == "1":
local_path_logs = '/var/log/modsec_audit.log'
commands = [
"sudo cat %s |tail -%s %s %s" %
(local_path_logs, rows, grep_act, exgrep_act)
]
if kwargs.get('html') == 0:
a = ssh_command(syslog_server, commands)
return show_log(a, html=0, grep=grep)
else:
return ssh_command(syslog_server,
commands,
show_log='1',
grep=grep)
elif service == 'apache':
apache_log_path = sql.get_setting('apache_log_path')
if serv == 'haproxy-wi.access.log':
cmd = "cat %s| awk -F\"/|:\" '$3>\"%s:00\" && $3<\"%s:00\"' |tail -%s %s %s" % (
apache_log_path + "/" + serv, date, date1, rows, grep_act,
exgrep_act)
elif serv == 'haproxy-wi.error.log':
cmd = "cat %s| awk '$4>\"%s:00\" && $4<\"%s:00\"' |tail -%s %s %s" % (
apache_log_path + "/" + serv, date, date1, rows, grep_act,
exgrep_act)
elif serv == 'fail2ban.log':
cmd = "cat %s| awk -F\"/|:\" '$3>\"%s:00\" && $3<\"%s:00\"' |tail -%s %s %s" % (
"/var/log/" + serv, date, date1, rows, grep_act, exgrep_act)
output, stderr = subprocess_execute(cmd)
return show_log(output, grep=grep)
elif service == 'internal':
user_group = get_user_group()
if user_group != '' and user_group != 'All':
user_grep = "|grep 'group: " + user_group + "'"
else:
user_grep = ''
log_path = get_config_var('main', 'log_path')
logs_files = get_files(log_path, format="log")
for key, value in logs_files:
if int(serv) == key:
serv = value
break
else:
print('Haha')
sys.exit()
if serv == 'backup.log':
cmd = "cat %s| awk '$2>\"%s:00\" && $2<\"%s:00\"' %s %s %s |tail -%s" % (
log_path + serv, date, date1, user_grep, grep_act, exgrep_act,
rows)
else:
cmd = "cat %s| awk '$3>\"%s:00\" && $3<\"%s:00\"' %s %s %s |tail -%s" % (
log_path + serv, date, date1, user_grep, grep_act, exgrep_act,
rows)
output, stderr = subprocess_execute(cmd)
return show_log(output, grep=grep)
def get_all_stick_table():
import sql
hap_sock_p = sql.get_setting('haproxy_sock_port')
cmd = 'echo "show table"|nc %s %s |awk \'{print $3}\' | tr -d \'\n\' | tr -d \'[:space:]\'' % (serv, hap_sock_p)
output, stderr = subprocess_execute(cmd)
return output[0]
