gru/haproxy-dashboard
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

rewrite

Browse Source
This commit is contained in:
Mateusz Gruszczyński
2025-11-04 10:07:55 +01:00
parent 899e698353
commit 75e3718e70
1 changed files with 33 additions and 245 deletions
Download Patch File Download Diff File Expand all files Collapse all files

278
routes/main_routes.py
View File

@@ -1,251 +1,39 @@
from flask import Blueprint, render_template, request
import subprocess
from auth.auth_middleware import requires_auth
from utils.haproxy_config import update_haproxy_config, count_frontends_and_backends
"""Main routes - Dashboard, Home"""
from flask import Blueprint, render_template, redirect, url_for, session
from database.models import VirtualHost
from routes.auth_routes import login_required
import logging
main_bp = Blueprint('main', __name__)
logger = logging.getLogger(__name__)
def reload_haproxy():
"""Reload HAProxy by killing it - supervisord restarts automatically"""
try:
# Validate config first
result = subprocess.run(
['haproxy', '-c', '-V', '-f', '/etc/haproxy/haproxy.cfg'],
stdout=subprocess.PIPE,
stderr=subprocess.STDOUT,
text=True,
timeout=10
)
if result.returncode != 0:
return False, f"Config validation failed: {result.stdout}"
# Kill haproxy - supervisord will restart it automatically
result = subprocess.run(
['pkill', '-f', 'haproxy'],
stdout=subprocess.PIPE,
stderr=subprocess.STDOUT,
text=True,
timeout=10
)
if result.returncode == 0 or 'No such process' in result.stdout:
print("[HAPROXY] Process killed, supervisord will restart", flush=True)
return True, "HAProxy restarted successfully"
else:
print(f"[HAPROXY] pkill failed: {result.stdout}", flush=True)
return False, f"pkill failed: {result.stdout}"
except Exception as e:
print(f"[HAPROXY] Error: {e}", flush=True)
return False, f"Error: {str(e)}"
@main_bp.route('/', methods=['GET', 'POST'])
@requires_auth
@main_bp.route('/')
def index():
if request.method == 'POST':
# Frontend IP i port
frontend_ip = request.form['frontend_ip']
frontend_port = request.form['frontend_port']
frontend_hostname = request.form.get('frontend_hostname', '').strip()
lb_method = request.form['lb_method']
protocol = request.form['protocol']
backend_name = request.form['backend_name']
# Header options
add_header = 'add_header' in request.form
header_name = request.form.get('header_name', '') if add_header else ''
header_value = request.form.get('header_value', '') if add_header else ''
# Server header removal
del_server_header = 'del_server_header' in request.form
backend_ssl_redirect = 'backend_ssl_redirect' in request.form
ssl_redirect_backend_name = request.form.get('ssl_redirect_backend_name', '').strip() if backend_ssl_redirect else ''
ssl_redirect_port = request.form.get('ssl_redirect_port', '80') # ✅ POBIERA PORT Z FORMU
# Backend servers
backend_server_names = request.form.getlist('backend_server_names[]')
backend_server_ips = request.form.getlist('backend_server_ips[]')
backend_server_ports = request.form.getlist('backend_server_ports[]')
backend_server_maxconns = request.form.getlist('backend_server_maxconns[]')
# Custom ACL
add_custom_acl = 'add_custom_acl' in request.form
custom_acl_name = request.form.get('custom_acl_name', '').strip() if add_custom_acl else ''
custom_acl_type = request.form.get('custom_acl_type', 'path_beg') if add_custom_acl else ''
custom_acl_value = request.form.get('custom_acl_value', '').strip() if add_custom_acl else ''
custom_acl_action = request.form.get('custom_acl_action', 'route') if add_custom_acl else ''
custom_acl_backend = request.form.get('custom_acl_backend', '').strip() if add_custom_acl else ''
custom_acl_redirect_url = request.form.get('custom_acl_redirect_url', '').strip() if add_custom_acl else ''
# SSL
use_ssl = 'ssl_checkbox' in request.form
ssl_cert_path = request.form.get('ssl_cert_path', '/app/ssl/haproxy-configurator.pem')
https_redirect = 'ssl_redirect_checkbox' in request.form
# DOS Protection
is_dos = 'add_dos' in request.form
ban_duration = request.form.get('ban_duration', '30m')
limit_requests = request.form.get('limit_requests', '100')
# Forward For
forward_for = 'forward_for_check' in request.form
# SQL Injection
sql_injection_check = 'sql_injection_check' in request.form
# XSS
is_xss = 'xss_check' in request.form
# Remote uploads
is_remote_upload = 'remote_uploads_check' in request.form
# Webshells
is_webshells = 'webshells_check' in request.form
# Path-based redirects (legacy)
add_path_based = 'add_path_based' in request.form
redirect_domain_name = request.form.get('redirect_domain_name', '')
root_redirect = request.form.get('root_redirect', '')
redirect_to = request.form.get('redirect_to', '')
# Forbidden paths (legacy)
is_forbidden_path = 'add_acl_path' in request.form
forbidden_name = request.form.get('forbidden_name', '')
allowed_ip = request.form.get('allowed_ip', '')
forbidden_path = request.form.get('forbidden_path', '')
# Build backend_servers list
backend_servers = []
for i in range(len(backend_server_ips)):
name = backend_server_names[i] if i < len(backend_server_names) else f"server{i+1}"
ip = backend_server_ips[i] if i < len(backend_server_ips) else ''
port = backend_server_ports[i] if i < len(backend_server_ports) else ''
maxconn = backend_server_maxconns[i] if i < len(backend_server_maxconns) else None
if ip and port:
backend_servers.append((name, ip, port, maxconn))
# Health checks
health_check = False
health_check_link = ""
if protocol == 'http':
health_check = 'health_check' in request.form
if health_check:
health_check_link = request.form.get('health_check_link', '/')
health_check_tcp = False
if protocol == 'tcp':
health_check_tcp = 'health_check2' in request.form
# Sticky session
sticky_session = False
sticky_session_type = ""
if 'sticky_session' in request.form:
sticky_session = True
sticky_session_type = request.form.get('sticky_session_type', 'cookie')
# Legacy ACL (unused, kept for compatibility)
is_acl = False
acl_name = ''
acl_action = ''
acl_backend_name = ''
# Frontend name (None - will be generated)
frontend_name = None
# Call update_haproxy_config
message = update_haproxy_config(
frontend_name=frontend_name,
frontend_ip=frontend_ip,
frontend_port=frontend_port,
lb_method=lb_method,
protocol=protocol,
backend_name=backend_name,
backend_servers=backend_servers,
health_check=health_check,
health_check_tcp=health_check_tcp,
health_check_link=health_check_link,
sticky_session=sticky_session,
add_header=add_header,
header_name=header_name,
header_value=header_value,
sticky_session_type=sticky_session_type,
is_acl=is_acl,
acl_name=acl_name,
acl_action=acl_action,
acl_backend_name=acl_backend_name,
use_ssl=use_ssl,
ssl_cert_path=ssl_cert_path,
https_redirect=https_redirect,
is_dos=is_dos,
ban_duration=ban_duration,
limit_requests=limit_requests,
forward_for=forward_for,
is_forbidden_path=is_forbidden_path,
forbidden_name=forbidden_name,
allowed_ip=allowed_ip,
forbidden_path=forbidden_path,
sql_injection_check=sql_injection_check,
is_xss=is_xss,
is_remote_upload=is_remote_upload,
add_path_based=add_path_based,
redirect_domain_name=redirect_domain_name,
root_redirect=root_redirect,
redirect_to=redirect_to,
is_webshells=is_webshells,
del_server_header=del_server_header,
backend_ssl_redirect=backend_ssl_redirect,
ssl_redirect_backend_name=ssl_redirect_backend_name,
ssl_redirect_port=ssl_redirect_port,
frontend_hostname=frontend_hostname,
add_custom_acl=add_custom_acl,
custom_acl_name=custom_acl_name,
custom_acl_type=custom_acl_type,
custom_acl_value=custom_acl_value,
custom_acl_action=custom_acl_action,
custom_acl_backend=custom_acl_backend,
custom_acl_redirect_url=custom_acl_redirect_url
)
# ===== DETERMINE MESSAGE TYPE =====
message_type = "success" # Default
# Check for ERROR conditions
if "error" in message.lower():
message_type = "danger"
elif "failed" in message.lower():
message_type = "danger"
elif "already exists" in message.lower():
message_type = "danger"
elif "cannot add" in message.lower():
message_type = "danger"
# SUCCESS conditions
elif "configuration updated successfully" in message.lower():
message_type = "success"
elif "backend added to existing" in message.lower():
message_type = "success"
# ===== RELOAD HAPROXY (JEŚLI SUCCESS) =====
if message_type == "success":
reload_ok, reload_msg = reload_haproxy()
if reload_ok:
message = message + "" + reload_msg
message_type = "success"
else:
message = message + "" + reload_msg
message_type = "warning"
return render_template('index.html',
message=message,
message_type=message_type)
"""Dashboard - list vhosts"""
if 'user_id' not in session:
return redirect(url_for('auth.login'))
# GET request - display stats
frontend_count, backend_count, acl_count, layer7_count, layer4_count = count_frontends_and_backends()
return render_template('index.html',
frontend_count=frontend_count,
backend_count=backend_count,
acl_count=acl_count,
layer7_count=layer7_count,
layer4_count=layer4_count)
return render_template('dashboard.html')
@main_bp.route('/home')
@login_required
def home():
"""Home - alias for dashboard"""
return redirect(url_for('main.index'))
@main_bp.route('/display_logs')
@login_required
def display_logs():
"""Display HAProxy logs"""
return render_template('logs.html')
@main_bp.route('/display_haproxy_stats')
@login_required
def display_haproxy_stats():
"""Display HAProxy statistics"""
return render_template('statistics.html')