from flask import Blueprint, render_template, request from auth.auth_middleware import requires_auth from utils.haproxy_config import update_haproxy_config, is_frontend_exist, count_frontends_and_backends main_bp = Blueprint('main', __name__) @main_bp.route('/', methods=['GET', 'POST']) @requires_auth def index(): if request.method == 'POST': frontend_name = request.form['frontend_name'] frontend_ip = request.form['frontend_ip'] frontend_port = request.form['frontend_port'] frontend_hostname = request.form.get('frontend_hostname', '').strip() lb_method = request.form['lb_method'] protocol = request.form['protocol'] backend_name = request.form['backend_name'] # Header options add_header = 'add_header' in request.form header_name = request.form.get('header_name', '') if add_header else '' header_value = request.form.get('header_value', '') if add_header else '' # Server header removal del_server_header = 'del_server_header' in request.form # Backend SSL redirect backend_ssl_redirect = 'backend_ssl_redirect' in request.form ssl_redirect_backend_name = request.form.get('ssl_redirect_backend_name', '').strip() if backend_ssl_redirect else '' ssl_redirect_port = request.form.get('ssl_redirect_port', '80') # Backend servers backend_server_names = request.form.getlist('backend_server_names[]') backend_server_ips = request.form.getlist('backend_server_ips[]') backend_server_ports = request.form.getlist('backend_server_ports[]') backend_server_maxconns = request.form.getlist('backend_server_maxconns[]') # Custom ACL (NEW) add_custom_acl = 'add_custom_acl' in request.form custom_acl_name = request.form.get('custom_acl_name', '').strip() if add_custom_acl else '' custom_acl_type = request.form.get('custom_acl_type', 'path_beg') if add_custom_acl else '' custom_acl_value = request.form.get('custom_acl_value', '').strip() if add_custom_acl else '' custom_acl_action = request.form.get('custom_acl_action', 'route') if add_custom_acl else '' custom_acl_backend = request.form.get('custom_acl_backend', '').strip() if add_custom_acl else '' custom_acl_redirect_url = request.form.get('custom_acl_redirect_url', '').strip() if add_custom_acl else '' # SSL use_ssl = 'ssl_checkbox' in request.form ssl_cert_path = request.form.get('ssl_cert_path', '/app/ssl/haproxy-configurator.pem') https_redirect = 'ssl_redirect_checkbox' in request.form # DOS Protection is_dos = 'add_dos' in request.form ban_duration = request.form.get('ban_duration', '30m') limit_requests = request.form.get('limit_requests', '100') # Forward For forward_for = 'forward_for_check' in request.form # SQL Injection sql_injection_check = 'sql_injection_check' in request.form # XSS is_xss = 'xss_check' in request.form # Remote uploads is_remote_upload = 'remote_uploads_check' in request.form # Webshells is_webshells = 'webshells_check' in request.form # Path-based redirects (legacy) add_path_based = 'add_path_based' in request.form redirect_domain_name = request.form.get('redirect_domain_name', '') root_redirect = request.form.get('root_redirect', '') redirect_to = request.form.get('redirect_to', '') # Forbidden paths (legacy) is_forbidden_path = 'add_acl_path' in request.form forbidden_name = request.form.get('forbidden_name', '') allowed_ip = request.form.get('allowed_ip', '') forbidden_path = request.form.get('forbidden_path', '') # Build backend_servers list backend_servers = [] for i in range(len(backend_server_ips)): name = backend_server_names[i] if i < len(backend_server_names) else f"server{i+1}" ip = backend_server_ips[i] if i < len(backend_server_ips) else '' port = backend_server_ports[i] if i < len(backend_server_ports) else '' maxconn = backend_server_maxconns[i] if i < len(backend_server_maxconns) else None if ip and port: backend_servers.append((name, ip, port, maxconn)) # Validate frontend existence if is_frontend_exist(frontend_name, frontend_ip, frontend_port): return render_template('index.html', message="Frontend or Port already exists. Cannot add duplicate.", message_type="danger") # Health checks health_check = False health_check_link = "" if protocol == 'http': health_check = 'health_check' in request.form if health_check: health_check_link = request.form.get('health_check_link', '/') health_check_tcp = False if protocol == 'tcp': health_check_tcp = 'health_check2' in request.form # Sticky session sticky_session = False sticky_session_type = "" if 'sticky_session' in request.form: sticky_session = True sticky_session_type = request.form.get('sticky_session_type', 'cookie') # Legacy ACL (unused, kept for compatibility) is_acl = False acl_name = '' acl_action = '' acl_backend_name = '' # Call update_haproxy_config message = update_haproxy_config( frontend_name=frontend_name, frontend_ip=frontend_ip, frontend_port=frontend_port, lb_method=lb_method, protocol=protocol, backend_name=backend_name, backend_servers=backend_servers, health_check=health_check, health_check_tcp=health_check_tcp, health_check_link=health_check_link, sticky_session=sticky_session, add_header=add_header, header_name=header_name, header_value=header_value, sticky_session_type=sticky_session_type, is_acl=is_acl, acl_name=acl_name, acl_action=acl_action, acl_backend_name=acl_backend_name, use_ssl=use_ssl, ssl_cert_path=ssl_cert_path, https_redirect=https_redirect, is_dos=is_dos, ban_duration=ban_duration, limit_requests=limit_requests, forward_for=forward_for, is_forbidden_path=is_forbidden_path, forbidden_name=forbidden_name, allowed_ip=allowed_ip, forbidden_path=forbidden_path, sql_injection_check=sql_injection_check, is_xss=is_xss, is_remote_upload=is_remote_upload, add_path_based=add_path_based, redirect_domain_name=redirect_domain_name, root_redirect=root_redirect, redirect_to=redirect_to, is_webshells=is_webshells, del_server_header=del_server_header, backend_ssl_redirect=backend_ssl_redirect, ssl_redirect_backend_name=ssl_redirect_backend_name, ssl_redirect_port=ssl_redirect_port, frontend_hostname=frontend_hostname, add_custom_acl=add_custom_acl, custom_acl_name=custom_acl_name, custom_acl_type=custom_acl_type, custom_acl_value=custom_acl_value, custom_acl_action=custom_acl_action, custom_acl_backend=custom_acl_backend, custom_acl_redirect_url=custom_acl_redirect_url ) # Determine message type message_type = "success" if "successfully" in message else "danger" return render_template('index.html', message=message, message_type=message_type) # GET request - display stats frontend_count, backend_count, acl_count, layer7_count, layer4_count = count_frontends_and_backends() return render_template('index.html', frontend_count=frontend_count, backend_count=backend_count, acl_count=acl_count, layer7_count=layer7_count, layer4_count=layer4_count)