from flask import Blueprint, render_template, request from auth.auth_middleware import requires_auth from utils.haproxy_config import update_haproxy_config, is_frontend_exist, count_frontends_and_backends main_bp = Blueprint('main', __name__) @main_bp.route('/', methods=['GET', 'POST']) @requires_auth def index(): if request.method == 'POST': frontend_name = request.form['frontend_name'] frontend_ip = request.form['frontend_ip'] frontend_port = request.form['frontend_port'] lb_method = request.form['lb_method'] protocol = request.form['protocol'] backend_name = request.form['backend_name'] # Header options add_header = 'add_header' in request.form header_name = request.form.get('header_name', '') if add_header else '' header_value = request.form.get('header_value', '') if add_header else '' # Server header removal del_server_header = 'del_server_header' in request.form # Backend servers backend_server_names = request.form.getlist('backend_server_names[]') backend_server_ips = request.form.getlist('backend_server_ips[]') backend_server_ports = request.form.getlist('backend_server_ports[]') backend_server_maxconns = request.form.getlist('backend_server_maxconns[]') # ACL is_acl = 'add_acl' in request.form acl_name = request.form.get('acl', '') acl_action = request.form.get('acl_action', '') acl_backend_name = request.form.get('backend_name_acl', '') # SSL use_ssl = 'ssl_checkbox' in request.form ssl_cert_path = request.form.get('ssl_cert_path', '/etc/haproxy/certs/haproxy.pem') https_redirect = 'ssl_redirect_checkbox' in request.form # DOS Protection is_dos = 'add_dos' in request.form ban_duration = request.form.get('ban_duration', '30m') limit_requests = request.form.get('limit_requests', '100') # Forward For forward_for = 'forward_for_check' in request.form # Forbidden paths is_forbidden_path = 'add_acl_path' in request.form forbidden_name = request.form.get('forbidden_name', '') allowed_ip = request.form.get('allowed_ip', '') forbidden_path = request.form.get('forbidden_path', '') # SQL Injection sql_injection_check = 'sql_injection_check' in request.form # XSS is_xss = 'xss_check' in request.form # Remote uploads is_remote_upload = 'remote_uploads_check' in request.form # Path-based redirects add_path_based = 'add_path_based' in request.form redirect_domain_name = request.form.get('redirect_domain_name', '') root_redirect = request.form.get('root_redirect', '') redirect_to = request.form.get('redirect_to', '') # Webshells is_webshells = 'webshells_check' in request.form # Build backend_servers list backend_servers = [] for i in range(len(backend_server_ips)): name = backend_server_names[i] if i < len(backend_server_names) else f"server{i+1}" ip = backend_server_ips[i] if i < len(backend_server_ips) else '' port = backend_server_ports[i] if i < len(backend_server_ports) else '' maxconn = backend_server_maxconns[i] if i < len(backend_server_maxconns) else None if ip and port: backend_servers.append((name, ip, port, maxconn)) # Validate frontend existence if is_frontend_exist(frontend_name, frontend_ip, frontend_port): return render_template('index.html', message="Frontend or Port already exists. Cannot add duplicate.", message_type="danger") # Health checks health_check = False health_check_link = "" if protocol == 'http': health_check = 'health_check' in request.form if health_check: health_check_link = request.form.get('health_check_link', '/') health_check_tcp = False if protocol == 'tcp': health_check_tcp = 'health_check2' in request.form # Sticky session sticky_session = False sticky_session_type = "" if 'sticky_session' in request.form: sticky_session = True sticky_session_type = request.form.get('sticky_session_type', 'cookie') # Call update_haproxy_config with all parameters message = update_haproxy_config( frontend_name=frontend_name, frontend_ip=frontend_ip, frontend_port=frontend_port, lb_method=lb_method, protocol=protocol, backend_name=backend_name, backend_servers=backend_servers, health_check=health_check, health_check_tcp=health_check_tcp, health_check_link=health_check_link, sticky_session=sticky_session, add_header=add_header, header_name=header_name, header_value=header_value, sticky_session_type=sticky_session_type, is_acl=is_acl, acl_name=acl_name, acl_action=acl_action, acl_backend_name=acl_backend_name, use_ssl=use_ssl, ssl_cert_path=ssl_cert_path, https_redirect=https_redirect, is_dos=is_dos, ban_duration=ban_duration, limit_requests=limit_requests, forward_for=forward_for, is_forbidden_path=is_forbidden_path, forbidden_name=forbidden_name, allowed_ip=allowed_ip, forbidden_path=forbidden_path, sql_injection_check=sql_injection_check, is_xss=is_xss, is_remote_upload=is_remote_upload, add_path_based=add_path_based, redirect_domain_name=redirect_domain_name, root_redirect=root_redirect, redirect_to=redirect_to, is_webshells=is_webshells, del_server_header=del_server_header ) # Determine message type message_type = "success" if "successfully" in message else "danger" return render_template('index.html', message=message, message_type=message_type) # GET request - display stats frontend_count, backend_count, acl_count, layer7_count, layer4_count = count_frontends_and_backends() return render_template('index.html', frontend_count=frontend_count, backend_count=backend_count, acl_count=acl_count, layer7_count=layer7_count, layer4_count=layer4_count)