gru/haproxy-dashboard
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

new_functions #2

Merged
gru merged 8 commits from new_functions into master 2025-11-04 09:04:37 +01:00
Conversation 0 Commits 8 Files Changed 7 +64 -22
3 changed files with 64 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files
Showing only changes of commit 34c84f1115 - Show all commits

3
routes/main_routes.py
View File

@@ -60,10 +60,9 @@ def index():
# Server header removal # Server header removal
del_server_header = 'del_server_header' in request.form del_server_header = 'del_server_header' in request.form
# Backend SSL redirect
backend_ssl_redirect = 'backend_ssl_redirect' in request.form backend_ssl_redirect = 'backend_ssl_redirect' in request.form
ssl_redirect_backend_name = request.form.get('ssl_redirect_backend_name', '').strip() if backend_ssl_redirect else '' ssl_redirect_backend_name = request.form.get('ssl_redirect_backend_name', '').strip() if backend_ssl_redirect else ''
ssl_redirect_port = request.form.get('ssl_redirect_port', '80') ssl_redirect_port = request.form.get('ssl_redirect_port', '80') # ✅ POBIERA PORT Z FORMU
# Backend servers # Backend servers
backend_server_names = request.form.getlist('backend_server_names[]') backend_server_names = request.form.getlist('backend_server_names[]')

18
templates/index.html
View File

@@ -52,7 +52,7 @@
{% if message %} {% if message %}
<div class="alert alert-{{ message_type|default('info') }} alert-dismissible fade show" role="alert"> <div class="alert alert-{{ message_type|default('info') }} alert-dismissible fade show" role="alert">
<i class="bi bi-{% if message_type == 'success' %}check-circle{% elif message_type == 'danger' %}exclamation-circle{% else %}info-circle{% endif %} me-2"></i> <i class="bi bi-{% if message_type == 'success' %}check-circle{% elif message_type == 'danger' %}exclamation-circle{% elif message_type == 'warning' %}exclamation-triangle{% else %}info-circle{% endif %} me-2"></i>
{{ message }} {{ message }}
<button type="button" class="btn-close" data-bs-dismiss="alert" aria-label="Close"></button> <button type="button" class="btn-close" data-bs-dismiss="alert" aria-label="Close"></button>
</div> </div>
@@ -98,12 +98,13 @@
<div class="col-md-6"> <div class="col-md-6">
<label for="lb_method" class="form-label">Load Balancing Method</label> <label for="lb_method" class="form-label">Load Balancing Method</label>
<select class="form-select" id="lb_method" name="lb_method" required> <select class="form-select" id="lb_method" name="lb_method" required>
<option value="no-lb">No Load Balancing (single host)</option>
<option value="roundrobin">Round Robin</option> <option value="roundrobin">Round Robin</option>
<option value="leastconn">Least Connections</option> <option value="leastconn">Least Connections</option>
<option value="source">Source IP Hash</option> <option value="source">Source IP Hash</option>
<option value="uri">URI Hash</option> <option value="uri">URI Hash</option>
<option value="static-rr">Static Round Robin (WRR)</option> <option value="static-rr">Static Round Robin (WRR)</option>
<option value="no-lb">No Load Balancing (single host)</option>
</select> </select>
</div> </div>
</div> </div>
@@ -138,7 +139,7 @@
</div> </div>
</div> </div>
<!-- Backend SSL Redirect --> <!-- HTTP to HTTPS Redirect -->
<div class="row g-3 mb-3"> <div class="row g-3 mb-3">
<div class="col-md-12"> <div class="col-md-12">
<div class="form-check"> <div class="form-check">
@@ -147,16 +148,23 @@
<label class="form-check-label" for="backend_ssl_redirect"> <label class="form-check-label" for="backend_ssl_redirect">
<i class="bi bi-arrow-repeat me-1"></i>Add HTTP Redirect to HTTPS <i class="bi bi-arrow-repeat me-1"></i>Add HTTP Redirect to HTTPS
</label> </label>
<small class="text-muted d-block">Creates additional frontend on port 80</small> <small class="text-muted d-block">Creates additional frontend to redirect HTTP traffic to HTTPS</small>
</div> </div>
</div> </div>
</div> </div>
<div class="row g-3 mb-3 d-none" id="backend_ssl_fields"> <div class="row g-3 mb-3 d-none" id="backend_ssl_fields">
<div class="col-md-12"> <div class="col-md-6">
<label for="ssl_redirect_backend_name" class="form-label">Redirect Backend Name</label> <label for="ssl_redirect_backend_name" class="form-label">Redirect Backend Name</label>
<input type="text" class="form-control" id="ssl_redirect_backend_name" <input type="text" class="form-control" id="ssl_redirect_backend_name"
name="ssl_redirect_backend_name" placeholder="e.g. redirect"> name="ssl_redirect_backend_name" placeholder="e.g. redirect">
<small class="text-muted">Name for the redirect backend</small>
</div>
<div class="col-md-6">
<label for="ssl_redirect_port" class="form-label">HTTP Redirect Port</label>
<input type="number" class="form-control" id="ssl_redirect_port"
name="ssl_redirect_port" value="80" min="1" max="65535">
<small class="text-muted">Default: 80 (leave empty for standard)</small>
</div> </div>
</div> </div>

65
utils/haproxy_config.py
View File

@@ -18,11 +18,11 @@ def frontend_exists_at_port(frontend_ip, frontend_port):
for i, line in enumerate(lines): for i, line in enumerate(lines):
if line.strip().startswith('frontend'): if line.strip().startswith('frontend'):
# Szukaj bind line
for j in range(i+1, min(i+10, len(lines))): for j in range(i+1, min(i+10, len(lines))):
if lines[j].strip().startswith('bind'): if lines[j].strip().startswith('bind'):
bind_info = lines[j].strip().split(' ', 1)[1] bind_info = lines[j].strip().split(' ', 1)[1]
if f"{frontend_ip}:{frontend_port}" in bind_info: bind_part = bind_info.split(' ssl ')[0].strip()
if f"{frontend_ip}:{frontend_port}" in bind_part:
return line.strip().split(' ', 1)[1] # Zwróć nazwę frontendu return line.strip().split(' ', 1)[1] # Zwróć nazwę frontendu
elif lines[j].strip().startswith('frontend') or lines[j].strip().startswith('backend'): elif lines[j].strip().startswith('frontend') or lines[j].strip().startswith('backend'):
break break
@@ -32,7 +32,6 @@ def frontend_exists_at_port(frontend_ip, frontend_port):
return None return None
def add_acl_to_frontend(frontend_name, acl_name, hostname, backend_name): def add_acl_to_frontend(frontend_name, acl_name, hostname, backend_name):
"""Dodaj ACL i use_backend do istniejącego frontendu"""
if not os.path.exists(HAPROXY_CFG): if not os.path.exists(HAPROXY_CFG):
return False return False
@@ -40,7 +39,6 @@ def add_acl_to_frontend(frontend_name, acl_name, hostname, backend_name):
with open(HAPROXY_CFG, 'r') as f: with open(HAPROXY_CFG, 'r') as f:
lines = f.readlines() lines = f.readlines()
# Znajdź frontend
frontend_idx = -1 frontend_idx = -1
for i, line in enumerate(lines): for i, line in enumerate(lines):
if 'frontend' in line and frontend_name in line: if 'frontend' in line and frontend_name in line:
@@ -48,19 +46,19 @@ def add_acl_to_frontend(frontend_name, acl_name, hostname, backend_name):
break break
if frontend_idx == -1: if frontend_idx == -1:
print(f"[HAPROXY_CONFIG] Frontend '{frontend_name}' not found", flush=True)
return False return False
# Sprawdź czy ACL już istnieje
for line in lines[frontend_idx:]: for line in lines[frontend_idx:]:
if acl_name in line and 'acl' in line: if acl_name in line and 'acl' in line:
return True # Już istnieje print(f"[HAPROXY_CONFIG] ACL '{acl_name}' already exists", flush=True)
return True
if line.strip().startswith('backend'): if line.strip().startswith('backend'):
break break
# Znajdź ostatnią linię ACL/use_backend w tym frontendzie
insert_idx = frontend_idx + 1 insert_idx = frontend_idx + 1
for i in range(frontend_idx + 1, len(lines)): for i in range(frontend_idx + 1, len(lines)):
if lines[i].strip().startswith('backend'): if lines[i].strip().startswith('backend') or lines[i].strip().startswith('frontend'):
insert_idx = i insert_idx = i
break break
if 'use_backend' in lines[i] or 'default_backend' in lines[i]: if 'use_backend' in lines[i] or 'default_backend' in lines[i]:
@@ -76,6 +74,7 @@ def add_acl_to_frontend(frontend_name, acl_name, hostname, backend_name):
with open(HAPROXY_CFG, 'w') as f: with open(HAPROXY_CFG, 'w') as f:
f.writelines(lines) f.writelines(lines)
print(f"[HAPROXY_CONFIG] ACL '{acl_name}' added to frontend '{frontend_name}'", flush=True)
return True return True
except Exception as e: except Exception as e:
print(f"[HAPROXY_CONFIG] Error adding ACL: {e}", flush=True) print(f"[HAPROXY_CONFIG] Error adding ACL: {e}", flush=True)
@@ -158,7 +157,6 @@ def update_haproxy_config(frontend_name, frontend_ip, frontend_port, lb_method,
existing_frontend = frontend_exists_at_port(frontend_ip, frontend_port) existing_frontend = frontend_exists_at_port(frontend_ip, frontend_port)
if existing_frontend: if existing_frontend:
# Frontend już istnieje - dodaj tylko backend + ACL
print(f"[HAPROXY] Found existing frontend '{existing_frontend}' at {frontend_ip}:{frontend_port}", flush=True) print(f"[HAPROXY] Found existing frontend '{existing_frontend}' at {frontend_ip}:{frontend_port}", flush=True)
with open(HAPROXY_CFG, 'a') as haproxy_cfg: with open(HAPROXY_CFG, 'a') as haproxy_cfg:
@@ -198,16 +196,53 @@ def update_haproxy_config(frontend_name, frontend_ip, frontend_port, lb_method,
else: else:
haproxy_cfg.write(f" server {server_name} {server_ip}:{server_port}{maxconn_str}\n") haproxy_cfg.write(f" server {server_name} {server_ip}:{server_port}{maxconn_str}\n")
# Dodaj ACL do istniejącego frontendu
acl_name_sanitized = f"is_{sanitize_name(frontend_hostname)}" if frontend_hostname else f"is_{unique_backend_name}" acl_name_sanitized = f"is_{sanitize_name(frontend_hostname)}" if frontend_hostname else f"is_{unique_backend_name}"
add_acl_to_frontend(existing_frontend, acl_name_sanitized, frontend_hostname or 'localhost', unique_backend_name) add_acl_to_frontend(existing_frontend, acl_name_sanitized, frontend_hostname or 'localhost', unique_backend_name)
# ===== REDIRECT HTTP→HTTPS (jeśli zaznaczony) =====
if backend_ssl_redirect and ssl_redirect_backend_name:
unique_redirect_backend_name = f"{ssl_redirect_backend_name}_redirect_{sanitize_name(frontend_hostname)}" if frontend_hostname else f"{ssl_redirect_backend_name}_redirect"
existing_http_frontend = frontend_exists_at_port(frontend_ip, ssl_redirect_port)
if existing_http_frontend:
print(f"[HAPROXY] Adding redirect ACL to existing HTTP frontend '{existing_http_frontend}'", flush=True)
with open(HAPROXY_CFG, 'a') as haproxy_cfg:
haproxy_cfg.write(f"\nbackend {unique_redirect_backend_name}\n")
haproxy_cfg.write(f" mode http\n")
haproxy_cfg.write(f" redirect scheme https code 301 if !{{ ssl_fc }}\n")
if frontend_hostname:
acl_name_redirect = f"is_{sanitize_name(frontend_hostname)}_redirect"
add_acl_to_frontend(existing_http_frontend, acl_name_redirect, frontend_hostname, unique_redirect_backend_name)
else:
print(f"[HAPROXY] Creating new HTTP redirect frontend at {frontend_ip}:{ssl_redirect_port}", flush=True)
with open(HAPROXY_CFG, 'a') as haproxy_cfg:
generic_http_redirect_name = f"http_redirect_frontend"
haproxy_cfg.write(f"\nfrontend {generic_http_redirect_name}\n")
haproxy_cfg.write(f" bind {frontend_ip}:{ssl_redirect_port}\n")
haproxy_cfg.write(f" mode http\n")
if frontend_hostname:
acl_name_redirect = f"is_{sanitize_name(frontend_hostname)}_redirect"
haproxy_cfg.write(f" acl {acl_name_redirect} hdr(host) -i {frontend_hostname}\n")
haproxy_cfg.write(f" use_backend {unique_redirect_backend_name} if {acl_name_redirect}\n")
else:
haproxy_cfg.write(f" default_backend {unique_redirect_backend_name}\n")
# Redirect backend
haproxy_cfg.write(f"\nbackend {unique_redirect_backend_name}\n")
haproxy_cfg.write(f" mode http\n")
haproxy_cfg.write(f" redirect scheme https code 301 if !{{ ssl_fc }}\n")
return f"Backend added to existing frontend" return f"Backend added to existing frontend"
# ===== TWORZENIE NOWEGO FRONTENDU (GENERYCZNE NAZWY) ===== # ===== TWORZENIE NOWEGO FRONTENDU (GENERYCZNE NAZWY) =====
# Generuj generyczną nazwę frontendu # Generuj generyczną nazwę frontendu
generic_frontend_name = f"https_frontend" if use_ssl else f"http_frontend" generic_frontend_name = f"https_frontend" if use_ssl else f"http_frontend"
generic_http_redirect_name = f"http_redirect_frontend"
print(f"[HAPROXY] Creating new frontend '{generic_frontend_name}' at {frontend_ip}:{frontend_port}", flush=True) print(f"[HAPROXY] Creating new frontend '{generic_frontend_name}' at {frontend_ip}:{frontend_port}", flush=True)
@@ -314,13 +349,14 @@ def update_haproxy_config(frontend_name, frontend_ip, frontend_port, lb_method,
# ===== REDIRECT HTTP -> HTTPS (GENERIC NAME) ===== # ===== REDIRECT HTTP -> HTTPS (GENERIC NAME) =====
if backend_ssl_redirect and ssl_redirect_backend_name: if backend_ssl_redirect and ssl_redirect_backend_name:
unique_redirect_backend_name = f"{ssl_redirect_backend_name}_redirect_{sanitize_name(frontend_hostname)}" if frontend_hostname else ssl_redirect_backend_name unique_redirect_backend_name = f"{ssl_redirect_backend_name}_redirect_{sanitize_name(frontend_hostname)}" if frontend_hostname else f"{ssl_redirect_backend_name}_redirect"
# Check if HTTP redirect frontend exists # Check if HTTP frontend exists
existing_http_frontend = frontend_exists_at_port(frontend_ip, ssl_redirect_port) existing_http_frontend = frontend_exists_at_port(frontend_ip, ssl_redirect_port)
if not existing_http_frontend: if not existing_http_frontend:
# Utwórz nowy HTTP redirect frontend (generic name) generic_http_redirect_name = f"http_redirect_frontend"
haproxy_cfg.write(f"\nfrontend {generic_http_redirect_name}\n") haproxy_cfg.write(f"\nfrontend {generic_http_redirect_name}\n")
haproxy_cfg.write(f" bind {frontend_ip}:{ssl_redirect_port}\n") haproxy_cfg.write(f" bind {frontend_ip}:{ssl_redirect_port}\n")
haproxy_cfg.write(f" mode http\n") haproxy_cfg.write(f" mode http\n")
@@ -332,7 +368,6 @@ def update_haproxy_config(frontend_name, frontend_ip, frontend_port, lb_method,
else: else:
haproxy_cfg.write(f" default_backend {unique_redirect_backend_name}\n") haproxy_cfg.write(f" default_backend {unique_redirect_backend_name}\n")
else: else:
# Dodaj ACL do istniejącego HTTP frontendu
if frontend_hostname: if frontend_hostname:
acl_name_redirect = f"is_{sanitize_name(frontend_hostname)}_redirect" acl_name_redirect = f"is_{sanitize_name(frontend_hostname)}_redirect"
add_acl_to_frontend(existing_http_frontend, acl_name_redirect, frontend_hostname, unique_redirect_backend_name) add_acl_to_frontend(existing_http_frontend, acl_name_redirect, frontend_hostname, unique_redirect_backend_name)