async def async_get_overview(serv1, serv2): server_status = () commands2 = [ "ps ax |grep waf/bin/modsecurity |grep -v grep |wc -l" ] cmd = 'echo "show info" |nc %s %s -w 1|grep -e "Process_num"' % (serv2, sql.get_setting('haproxy_sock_port')) keepalived = sql.select_keealived(serv2) if keepalived == 1: command = [ "ps ax |grep keepalived|grep -v grep|wc -l" ] keepalived_process = funct.ssh_command(serv2, command) else: keepalived_process = '' nginx = sql.select_nginx(serv2) if nginx == 1: command = [ "ps ax |grep nginx:|grep -v grep|wc -l" ] nginx_process = funct.ssh_command(serv2, command) else: nginx_process = '' server_status = (serv1, serv2, funct.server_status(funct.subprocess_execute(cmd)), sql.select_servers(server=serv2, keep_alive=1), funct.ssh_command(serv2, commands2), sql.select_waf_servers(serv2), keepalived, keepalived_process, nginx, nginx_process) return server_status
def install_haproxy(serv, **kwargs): import sql script = "install_haproxy.sh" hap_sock_p = sql.get_setting('haproxy_sock_port') stats_port = sql.get_setting('stats_port') server_state_file = sql.get_setting('server_state_file') stats_user = sql.get_setting('stats_user') stats_password = sql.get_setting('stats_password') proxy = sql.get_setting('proxy') hapver = kwargs.get('hapver') ssh_port = 22 ssh_enable, ssh_user_name, ssh_user_password, ssh_key_name = return_ssh_keys_path(serv) if ssh_enable == 0: ssh_key_name = '' servers = sql.select_servers(server=serv) for server in servers: ssh_port = str(server[10]) os.system("cp scripts/%s ." % script) if hapver is None: hapver = '2.0.7-1' if proxy is not None and proxy != '' and proxy != 'None': proxy_serv = proxy else: proxy_serv = '' syn_flood_protect = '1' if kwargs.get('syn_flood') == "1" else '' commands = ["chmod +x " + script + " && ./" + script + " PROXY=" + proxy_serv + " SOCK_PORT=" + hap_sock_p + " STAT_PORT=" + stats_port + " STAT_FILE="+server_state_file + " SSH_PORT=" + ssh_port + " STATS_USER="******" STATS_PASS="******" HAPVER=" + hapver + " SYN_FLOOD=" + syn_flood_protect + " HOST=" + serv + " USER="******" PASS="******" KEY=" + ssh_key_name] output, error = subprocess_execute(commands[0]) if error: logging('localhost', error, haproxywi=1) print('error: '+error) else: for l in output: if "msg" in l or "FAILED" in l: try: l = l.split(':')[1] l = l.split('"')[1] print(l+"<br>") break except Exception: print(output) break else: print('success: HAProxy was installed<br>') os.system("rm -f %s" % script) sql.update_haproxy(serv)
def ssh_connect(serv, **kwargs): import paramiko from paramiko import SSHClient import sql ssh_enable, ssh_user_name, ssh_user_password, ssh_key_name = return_ssh_keys_path( serv) servers = sql.select_servers(server=serv) ssh_port = 22 for server in servers: ssh_port = server[10] ssh = SSHClient() ssh.load_system_host_keys() ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy()) try: if ssh_enable == 1: cloud = sql.is_cloud() if cloud != '': k = paramiko.pkey.load_private_key_file(ssh_key_name, password=cloud) else: k = paramiko.pkey.load_private_key_file(ssh_key_name) ssh.connect(hostname=serv, port=ssh_port, username=ssh_user_name, pkey=k, timeout=11) else: ssh.connect(hostname=serv, port=ssh_port, username=ssh_user_name, password=ssh_user_password, timeout=11) return ssh except paramiko.AuthenticationException: return 'Authentication failed, please verify your credentials' pass except paramiko.SSHException as sshException: return 'error: Unable to establish SSH connection: %s ' % sshException pass except paramiko.PasswordRequiredException as e: return 'error: %s ' % e pass except paramiko.BadHostKeyException as badHostKeyException: return 'error: Unable to verify server\'s host key: %s ' % badHostKeyException pass except Exception as e: if e == "No such file or directory": return 'error: %s. Check ssh key' % e pass elif e == "Invalid argument": error = 'error: Check the IP of the server' pass else: error = e pass return str(error)
def check_permit_to_server(id): servers = sql.select_servers(id_hostname=id) login = request.headers.get('login') for s in servers: servers = sql.get_dick_permit(username=login, ip=s[2]) return servers
def install_nginx(serv): import sql script = "install_nginx.sh" stats_user = sql.get_setting('nginx_stats_user') stats_password = sql.get_setting('nginx_stats_password') stats_port = sql.get_setting('nginx_stats_port') stats_page = sql.get_setting('nginx_stats_page') config_path = sql.get_setting('nginx_config_path') proxy = sql.get_setting('proxy') ssh_enable, ssh_user_name, ssh_user_password, ssh_key_name = return_ssh_keys_path( serv) if ssh_enable == 0: ssh_key_name = '' os.system("cp scripts/%s ." % script) if proxy is not None and proxy != '' and proxy != 'None': proxy_serv = proxy else: proxy_serv = '' servers = sql.select_servers(server=serv) for server in servers: ssh_port = str(server[10]) syn_flood_protect = '1' if form.getvalue('syn_flood') == "1" else '' commands = [ "chmod +x " + script + " && ./" + script + " PROXY=" + proxy_serv + " STATS_USER="******" STATS_PASS="******" SSH_PORT=" + ssh_port + " CONFIG_PATH=" + config_path + " STAT_PORT=" + stats_port + " STAT_PAGE=" + stats_page + " SYN_FLOOD=" + syn_flood_protect + " HOST=" + serv + " USER="******" PASS="******" KEY=" + ssh_key_name ] output, error = subprocess_execute(commands[0]) if error: logging('localhost', error, haproxywi=1) print('error: ' + error) else: for l in output: if "msg" in l or "FAILED" in l: try: l = l.split(':')[1] l = l.split('"')[1] print(l + "<br>") break except Exception: print(output) break else: print('success: Nginx was installed<br>') os.system("rm -f %s" % script) sql.update_nginx(serv)
def check_permit_to_server(server_id): servers = sql.select_servers(id_hostname=server_id) token = request.headers.get('token') login, group_id = sql.get_username_groupid_from_api_token(token) for s in servers: server = sql.get_dick_permit(username=login, group_id=group_id, ip=s[2], token=token) return server
def ssh_connect(serv, **kwargs): import paramiko from paramiko import SSHClient import sql fullpath = get_config_var('main', 'fullpath') ssh_enable = '' ssh_port = '' ssh_user_name = '' ssh_user_password = '' for sshs in sql.select_ssh(serv=serv): ssh_enable = sshs[3] ssh_user_name = sshs[4] ssh_user_password = sshs[5] ssh_key_name = fullpath + '/keys/%s.pem' % sshs[2] servers = sql.select_servers(server=serv) for server in servers: ssh_port = server[10] ssh = SSHClient() ssh.load_system_host_keys() ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy()) try: if ssh_enable == 1: k = paramiko.RSAKey.from_private_key_file(ssh_key_name) ssh.connect(hostname=serv, port=ssh_port, username=ssh_user_name, pkey=k) else: ssh.connect(hostname=serv, port=ssh_port, username=ssh_user_name, password=ssh_user_password) return ssh except paramiko.AuthenticationException: return 'Authentication failed, please verify your credentials' pass except paramiko.SSHException as sshException: return 'Unable to establish SSH connection: %s ' % sshException pass except paramiko.BadHostKeyException as badHostKeyException: return 'Unable to verify server\'s host key: %s ' % badHostKeyException pass except Exception as e: if e == "No such file or directory": return '%s. Check ssh key' % e pass elif e == "Invalid argument": error = 'Check the IP of the server' pass else: error = e pass return str(error)
async def async_get_overview(serv1, serv2): server_status = () commands2 = ["ps ax |grep waf/bin/modsecurity |grep -v grep |wc -l"] cmd = 'echo "show info" |nc %s %s -w 1|grep -e "Process_num"' % ( serv2, sql.get_setting('haproxy_sock_port')) server_status = (serv1, serv2, funct.server_status(funct.subprocess_execute(cmd)), sql.select_servers(server=serv2, keep_alive=1), funct.ssh_command(serv2, commands2), sql.select_waf_servers(serv2)) return server_status
def check_is_server_in_group(serv): import sql group_id = get_user_group(id=1) servers = sql.select_servers(server=serv) for s in servers: if (s[2] == serv and int(s[3]) == int(group_id)) or group_id == 1: return True else: logging('localhost', ' has tried to actions in not his group server ', haproxywi=1, login=1) print('Atata!') sys.exit()
def install_haproxy(serv, **kwargs): import sql script = "install_haproxy.sh" hap_sock_p = sql.get_setting('haproxy_sock_port') stats_port = sql.get_setting('stats_port') server_state_file = sql.get_setting('server_state_file') stats_user = sql.get_setting('stats_user') stats_password = sql.get_setting('stats_password') proxy = sql.get_setting('proxy') hapver = kwargs.get('hapver') server_for_installing = kwargs.get('server') ssh_port = 22 ssh_enable, ssh_user_name, ssh_user_password, ssh_key_name = return_ssh_keys_path( serv) if ssh_enable == 0: ssh_key_name = '' servers = sql.select_servers(server=serv) for server in servers: ssh_port = str(server[10]) os.system("cp scripts/%s ." % script) if hapver is None: hapver = '2.3.0-1' if proxy is not None and proxy != '' and proxy != 'None': proxy_serv = proxy else: proxy_serv = '' syn_flood_protect = '1' if kwargs.get('syn_flood') == "1" else '' commands = [ "chmod +x " + script + " && ./" + script + " PROXY=" + proxy_serv + " SOCK_PORT=" + hap_sock_p + " STAT_PORT=" + stats_port + " STAT_FILE=" + server_state_file + " SSH_PORT=" + ssh_port + " STATS_USER="******" STATS_PASS="******" HAPVER=" + hapver + " SYN_FLOOD=" + syn_flood_protect + " HOST=" + serv + " USER="******" PASS="******" KEY=" + ssh_key_name ] output, error = subprocess_execute(commands[0]) if server_for_installing: service = server_for_installing + ' HAProxy' else: service = ' HAProxy' show_installation_output(error, output, service) os.system("rm -f %s" % script) sql.update_haproxy(serv)
async def async_get_overview(serv1, serv2): haproxy_config_path = sql.get_setting('haproxy_config_path') commands = [ "ls -l %s |awk '{ print $6\" \"$7\" \"$8}'" % haproxy_config_path ] commands2 = "ps ax |grep keep_alive.py |grep -v grep |wc -l" cmd = 'echo "show info" |nc %s %s -w 1|grep -e "Process_num"' % (serv2, haproxy_sock_port) server_status = (serv1, serv2, funct.server_status(funct.subprocess_execute(cmd)), funct.ssh_command(serv2, commands), sql.select_servers(server=serv2, keep_alive=1), funct.subprocess_execute(commands2)) return server_status
async def get_runner_overviewWaf(): import http.cookies from jinja2 import Environment, FileSystemLoader env = Environment(loader=FileSystemLoader('templates/ajax'),extensions=['jinja2.ext.loopcontrols', 'jinja2.ext.do']) template = env.get_template('overivewWaf.html') servers = [] cookie = http.cookies.SimpleCookie(os.environ.get("HTTP_COOKIE")) user_id = cookie.get('uuid') futures = [async_get_overviewWaf(server[1], server[2]) for server in sql.select_servers(server=serv)] for i, future in enumerate(asyncio.as_completed(futures)): result = await future servers.append(result) servers_sorted = sorted(servers, key=funct.get_key) template = template.render(service_status=servers_sorted, role=sql.get_user_role_by_uuid(user_id.value)) print(template)
def install_nginx(serv, **kwargs): import sql script = "install_nginx.sh" stats_user = sql.get_setting('nginx_stats_user') stats_password = sql.get_setting('nginx_stats_password') stats_port = sql.get_setting('nginx_stats_port') stats_page = sql.get_setting('nginx_stats_page') config_path = sql.get_setting('nginx_config_path') server_for_installing = kwargs.get('server') proxy = sql.get_setting('proxy') ssh_enable, ssh_user_name, ssh_user_password, ssh_key_name = return_ssh_keys_path( serv) if ssh_enable == 0: ssh_key_name = '' os.system("cp scripts/%s ." % script) if proxy is not None and proxy != '' and proxy != 'None': proxy_serv = proxy else: proxy_serv = '' servers = sql.select_servers(server=serv) for server in servers: ssh_port = str(server[10]) syn_flood_protect = '1' if form.getvalue('syn_flood') == "1" else '' commands = [ "chmod +x " + script + " && ./" + script + " PROXY=" + proxy_serv + " STATS_USER="******" STATS_PASS="******" SSH_PORT=" + ssh_port + " CONFIG_PATH=" + config_path + " STAT_PORT=" + stats_port + " STAT_PAGE=" + stats_page + " SYN_FLOOD=" + syn_flood_protect + " HOST=" + serv + " USER="******" PASS="******" KEY=" + ssh_key_name ] output, error = subprocess_execute(commands[0]) if server_for_installing: service = server_for_installing + ' Nginx' else: service = ' Nginx' show_installation_output(error, output, service) os.system("rm -f %s" % script) sql.update_nginx(serv)
def get_all_statuses(): data = {} try: servers = sql.select_servers() login = request.headers.get('login') sock_port = sql.get_setting('haproxy_sock_port') for s in servers: servers = sql.get_dick_permit(username=login) for s in servers: cmd = 'echo "show info" |nc %s %s -w 1|grep -e "Ver\|CurrConns\|Maxco\|MB\|Uptime:"' % ( s[2], sock_port) data[s[2]] = {} out = funct.subprocess_execute(cmd) data[s[2]] = return_dict_from_out(s[1], out[0]) except: data = {"error": "Cannot find the server"} return dict(error=data) return dict(status=data)
funct.check_login() funct.page_for_admin() try: cookie = http.cookies.SimpleCookie(os.environ.get("HTTP_COOKIE")) user_id = cookie.get('uuid') user = sql.get_user_name_by_uuid(user_id.value) users = sql.select_users() servers = sql.get_dick_permit() token = sql.get_token(user_id.value) settings = sql.get_setting('', all=1) ldap_enable = sql.get_setting('ldap_enable') except: pass template = template.render(title="Admin area: users manage", role=sql.get_user_role_by_uuid(user_id.value), user=user, users=users, groups=sql.select_groups(), servers=sql.select_servers(full=1), roles=sql.select_roles(), masters=sql.select_servers(get_master_servers=1), sshs=sql.select_ssh(), telegrams=sql.select_telegram(), token=token, versions=funct.versions(), settings=settings, ldap_enable=ldap_enable) print(template)
except: pass form = funct.form serv = form.getvalue('serv') service = form.getvalue('service') autorefresh = 0 if service == 'nginx': title = "Nginx servers overview" keep_alive = '' stderr = '' servers = sql.get_dick_permit(virt=1, nginx=1) service = 'nginx' if serv: servers = sql.select_servers(server=serv) autorefresh = 1 else: title = "HAProxy servers overview" cmd = "ps ax |grep -e 'keep_alive.py' |grep -v grep |wc -l" keep_alive, stderr = funct.subprocess_execute(cmd) service = 'haproxy' if serv: servers = sql.select_servers(server=serv) autorefresh = 1 else: servers = sql.get_dick_permit(virt=1, haproxy=1) haproxy_sock_port = sql.get_setting('haproxy_sock_port') servers_with_status1 = [] out1 = ''
nginx = form.getvalue('nginx') enable = form.getvalue('enable') master = form.getvalue('slave') cred = form.getvalue('cred') page = form.getvalue('page') page = page.split("#")[0] port = form.getvalue('newport') desc = form.getvalue('desc') if sql.add_server(hostname, ip, group, typeip, enable, master, cred, port, desc, haproxy, nginx): from jinja2 import Environment, FileSystemLoader env = Environment(loader=FileSystemLoader('templates/')) template = env.get_template('ajax/new_server.html') template = template.render(groups = sql.select_groups(), servers = sql.select_servers(server=ip), roles = sql.select_roles(), masters = sql.select_servers(get_master_servers=1), sshs = sql.select_ssh(), page = page) print(template) funct.logging('a new server '+hostname, ' has created ', haproxywi=1, login=1) if form.getvalue('updatehapwiserver') is not None: id = form.getvalue('updatehapwiserver') active = form.getvalue('active') alert = form.getvalue('alert_en') metrics = form.getvalue('metrics') sql.update_hapwi_server(id, alert, metrics, active) funct.logging('the server '+name, ' has updated ', haproxywi=1, login=1)
cookie = http.cookies.SimpleCookie(os.environ.get("HTTP_COOKIE")) user_id = cookie.get('uuid') user = sql.get_user_name_by_uuid(user_id.value) users = sql.select_users() groups = sql.select_groups() token = sql.get_token(user_id.value) cmd = "ps ax |grep -e 'keep_alive.py' |grep -v grep |wc -l" keep_alive, stderr = funct.subprocess_execute(cmd) except: pass form = funct.form serv = form.getvalue('serv') if serv: servers = sql.select_servers(server=serv) autorefresh = 1 hap_configs_dir = funct.get_config_var('configs', 'haproxy_save_configs_dir') else: servers = sql.get_dick_permit() autorefresh = 0 haproxy_sock_port = sql.get_setting('haproxy_sock_port') haproxy_config_path = sql.get_setting('haproxy_config_path') commands = ["ls -l %s |awk '{ print $6\" \"$7\" \"$8}'" % haproxy_config_path] servers_with_status1 = [] out1 = "" for s in servers: servers_with_status = list() cmd = 'echo "show info" |nc %s %s -w 1 |grep -e "Ver\|Uptime:\|Process_num"' % (
print('Content-type: text/html\n') funct.check_login() funct.page_for_admin(level = 2) try: cookie = http.cookies.SimpleCookie(os.environ.get("HTTP_COOKIE")) user_id = cookie.get('uuid') user = sql.get_user_name_by_uuid(user_id.value) servers = sql.get_dick_permit() token = sql.get_token(user_id.value) ldap_enable = sql.get_setting('ldap_enable') except: pass output_from_parsed_template = template.render(title = "Servers manage", role = sql.get_user_role_by_uuid(user_id.value), user = user, users = sql.select_users(), groups = sql.select_groups(), servers = sql.get_dick_permit(virt=1, disable=0), roles = sql.select_roles(), masters = sql.select_servers(get_master_servers=1, uuid=user_id.value), group = sql.get_user_group_by_uuid(user_id.value), sshs = sql.select_ssh(), telegrams = sql.get_user_telegram_by_uuid(user_id.value), token = token, versions = funct.versions(), backups = sql.select_backups(), ldap_enable = ldap_enable) print(output_from_parsed_template)
import cgi import sys import os import funct import sql funct.head("Admin area: users manage") funct.check_config() funct.check_login() funct.page_for_admin() form = cgi.FieldStorage() USERS = sql.select_users() GROUPS = sql.select_groups() SERVERS = sql.select_servers(full=1) ROLES = sql.select_roles() print('<script src="/inc/users.js"></script>' '<div id="tabs">' '<ul>' '<li><a href="#users">Users</a></li>' '<li><a href="#groups">Groups</a></li>' '<li><a href="#servers">Servers</a></li>' '<li><a href="#roles">Roles</a></li>' '</ul>' '<div id="users">' '<table class="overview" id="ajax-users">' '<tr class="overviewHead">' '<td class="padding10 first-collumn">Login name</td>' '<td>Password</td>'