UI - copy from helpers, systemd service and instances page update
This commit is contained in:
parent
f771ec43f1
commit
4dd1ff8479
163
compile.sh
163
compile.sh
|
@ -1,163 +0,0 @@
|
|||
#!/bin/sh
|
||||
|
||||
function git_secure_checkout() {
|
||||
path="$1"
|
||||
commit="$2"
|
||||
ret=$(pwd)
|
||||
cd $path
|
||||
git checkout "${commit}^{commit}"
|
||||
if [ $? -ne 0 ] ; then
|
||||
echo "[!] Commit hash $commit is absent from submodules $path !"
|
||||
exit 3
|
||||
fi
|
||||
cd $ret
|
||||
}
|
||||
|
||||
function git_secure_clone() {
|
||||
repo="$1"
|
||||
commit="$2"
|
||||
folder=$(echo "$repo" | sed -E "s@https://github.com/.*/(.*)\.git@\1@")
|
||||
git clone "$repo"
|
||||
cd "$folder"
|
||||
git checkout "${commit}^{commit}"
|
||||
if [ $? -ne 0 ] ; then
|
||||
echo "[!] Commit hash $commit is absent from repository $repo !"
|
||||
exit 2
|
||||
fi
|
||||
cd ..
|
||||
}
|
||||
|
||||
NTASK=$(nproc)
|
||||
|
||||
# install build dependencies
|
||||
apk add --no-cache --virtual build autoconf libtool automake git geoip-dev yajl-dev g++ gcc curl-dev libxml2-dev pcre-dev make linux-headers libmaxminddb-dev musl-dev lua-dev gd-dev gnupg brotli-dev openssl-dev
|
||||
|
||||
# compile and install ModSecurity library
|
||||
cd /tmp
|
||||
git_secure_clone https://github.com/SpiderLabs/ModSecurity.git 753145fbd1d6751a6b14fdd700921eb3cc3a1d35
|
||||
cd ModSecurity
|
||||
./build.sh
|
||||
git submodule init
|
||||
git submodule update
|
||||
git_secure_checkout bindings/python 47a6925df187f96e4593afab18dc92d5f22bd4d5
|
||||
git_secure_checkout others/libinjection bf234eb2f385b969c4f803b35fda53cffdd93922
|
||||
git_secure_checkout test/test-cases/secrules-language-tests d03f4c1e930440df46c1faa37d820a919704d9da
|
||||
./configure --enable-static=no --disable-doxygen-doc --disable-dependency-tracking
|
||||
make -j $NTASK
|
||||
make install-strip
|
||||
|
||||
# download and install CRS rules
|
||||
cd /tmp
|
||||
git_secure_clone https://github.com/coreruleset/coreruleset.git 7776fe23f127fd2315bad0e400bdceb2cabb97dc
|
||||
cd coreruleset
|
||||
mkdir /opt/owasp
|
||||
cp -r rules /opt/owasp/crs
|
||||
cp crs-setup.conf.example /opt/owasp/crs.conf
|
||||
|
||||
# get nginx modules
|
||||
cd /tmp
|
||||
# ModSecurity connector for nginx
|
||||
git_secure_clone https://github.com/SpiderLabs/ModSecurity-nginx.git 2497e6ac654d0b117b9534aa735b757c6b11c84f
|
||||
# headers more
|
||||
git_secure_clone https://github.com/openresty/headers-more-nginx-module.git d6d7ebab3c0c5b32ab421ba186783d3e5d2c6a17
|
||||
# geoip
|
||||
git_secure_clone https://github.com/leev/ngx_http_geoip2_module.git 1cabd8a1f68ea3998f94e9f3504431970f848fbf
|
||||
# cookie
|
||||
git_secure_clone https://github.com/AirisX/nginx_cookie_flag_module.git c4ff449318474fbbb4ba5f40cb67ccd54dc595d4
|
||||
# brotli
|
||||
git_secure_clone https://github.com/google/ngx_brotli.git 9aec15e2aa6feea2113119ba06460af70ab3ea62
|
||||
|
||||
# LUA requirements
|
||||
git_secure_clone https://github.com/openresty/luajit2.git fe32831adcb3f5fe9259a9ce404fc54e1399bba3
|
||||
cd luajit2
|
||||
make -j $NTASK
|
||||
make install
|
||||
cd /tmp
|
||||
git_secure_clone https://github.com/openresty/lua-resty-core.git b7d0a681bb41e6e3f29e8ddc438ef26fd819bb19
|
||||
cd lua-resty-core
|
||||
make install
|
||||
cd /tmp
|
||||
git_secure_clone https://github.com/openresty/lua-resty-lrucache.git b2035269ac353444ac65af3969692bcae4fc1605
|
||||
cd lua-resty-lrucache
|
||||
make install
|
||||
cd /tmp
|
||||
git_secure_clone https://github.com/openresty/lua-resty-dns.git 24c9a69808aedfaf029ae57707cdef75d83e2d19
|
||||
cd lua-resty-dns
|
||||
make install
|
||||
cd /tmp
|
||||
git_secure_clone https://github.com/bungle/lua-resty-session.git f300870ce4eee3f4903e0565c589f1faf0c1c5aa
|
||||
cd lua-resty-session
|
||||
cp -r lib/resty/* /usr/local/lib/lua/resty
|
||||
cd /tmp
|
||||
git_secure_clone https://github.com/bungle/lua-resty-random.git 17b604f7f7dd217557ca548fc1a9a0d373386480
|
||||
cd lua-resty-random
|
||||
make install
|
||||
cd /tmp
|
||||
git_secure_clone https://github.com/openresty/lua-resty-string.git 9a543f8531241745f8814e8e02475351042774ec
|
||||
cd lua-resty-string
|
||||
make install
|
||||
cd /tmp
|
||||
git_secure_clone https://github.com/openresty/lua-cjson.git 0df488874f52a881d14b5876babaa780bb6200ee
|
||||
cd lua-cjson
|
||||
make -j $NTASK
|
||||
make install
|
||||
make install-extra
|
||||
cd /tmp
|
||||
git_secure_clone https://github.com/ittner/lua-gd.git 2ce8e478a8591afd71e607506bc8c64b161bbd30
|
||||
cd lua-gd
|
||||
make -j $NTASK
|
||||
make INSTALL_PATH=/usr/local/lib/lua/5.1 install
|
||||
cd /tmp
|
||||
git_secure_clone https://github.com/ledgetech/lua-resty-http.git 984fdc26054376384e3df238fb0f7dfde01cacf1
|
||||
cd lua-resty-http
|
||||
make install
|
||||
cd /tmp
|
||||
git_secure_clone https://github.com/Neopallium/lualogging.git cadc4e8fd652be07a65b121a3e024838db330c15
|
||||
cd lualogging
|
||||
cp -r src/* /usr/local/lib/lua
|
||||
cd /tmp
|
||||
git_secure_clone https://github.com/diegonehab/luasocket.git 5b18e475f38fcf28429b1cc4b17baee3b9793a62
|
||||
cd luasocket
|
||||
make -j $NTASK
|
||||
make CDIR_linux=lib/lua/5.1 LDIR_linux=lib/lua install
|
||||
cd /tmp
|
||||
git_secure_clone https://github.com/brunoos/luasec.git c6704919bdc85f3324340bdb35c2795a02f7d625
|
||||
cd luasec
|
||||
make linux -j $NTASK
|
||||
make LUACPATH=/usr/local/lib/lua/5.1 LUAPATH=/usr/local/lib/lua install
|
||||
cd /tmp
|
||||
git_secure_clone https://github.com/crowdsecurity/lua-cs-bouncer.git 3c235c813fc453dcf51a391bc9e9a36ca77958b0
|
||||
cd lua-cs-bouncer
|
||||
mkdir /usr/local/lib/lua/crowdsec
|
||||
cp lib/*.lua /usr/local/lib/lua/crowdsec
|
||||
sed -i 's/require "lrucache"/require "resty.lrucache"/' /usr/local/lib/lua/crowdsec/CrowdSec.lua
|
||||
sed -i 's/require "config"/require "crowdsec.config"/' /usr/local/lib/lua/crowdsec/CrowdSec.lua
|
||||
cd /tmp
|
||||
git_secure_clone https://github.com/hamishforbes/lua-resty-iputils.git 3151d6485e830421266eee5c0f386c32c835dba4
|
||||
cd lua-resty-iputils
|
||||
make LUA_LIB_DIR=/usr/local/lib/lua install
|
||||
cd /tmp
|
||||
git_secure_clone https://github.com/openresty/lua-nginx-module.git 2d23bc4f0a29ed79aaaa754c11bffb1080aa44ba
|
||||
export LUAJIT_LIB=/usr/local/lib
|
||||
export LUAJIT_INC=/usr/local/include/luajit-2.1
|
||||
|
||||
# compile and install dynamic modules
|
||||
cd /tmp
|
||||
wget https://nginx.org/download/nginx-${NGINX_VERSION}.tar.gz
|
||||
wget https://nginx.org/download/nginx-${NGINX_VERSION}.tar.gz.asc
|
||||
gpg --import /tmp/nginx-keys/*.key
|
||||
check=$(gpg --verify /tmp/nginx-${NGINX_VERSION}.tar.gz.asc /tmp/nginx-${NGINX_VERSION}.tar.gz 2>&1 | grep "^gpg: Good signature from ")
|
||||
if [ "$check" = "" ] ; then
|
||||
echo "[!] Wrong signature from nginx source !"
|
||||
exit 1
|
||||
fi
|
||||
tar -xvzf nginx-${NGINX_VERSION}.tar.gz
|
||||
cd nginx-$NGINX_VERSION
|
||||
CONFARGS=$(nginx -V 2>&1 | sed -n -e 's/^.*arguments: //p')
|
||||
CONFARGS=${CONFARGS/-Os -fomit-frame-pointer -g/-Os}
|
||||
./configure $CONFARGS --add-dynamic-module=/tmp/ModSecurity-nginx --add-dynamic-module=/tmp/headers-more-nginx-module --add-dynamic-module=/tmp/ngx_http_geoip2_module --add-dynamic-module=/tmp/nginx_cookie_flag_module --add-dynamic-module=/tmp/lua-nginx-module --add-dynamic-module=/tmp/ngx_brotli
|
||||
make -j $NTASK modules
|
||||
cp ./objs/*.so /usr/lib/nginx/modules
|
||||
|
||||
# remove build dependencies
|
||||
apk del build
|
|
@ -91,7 +91,7 @@ elif [ "$OS" = "centos" ] ; then
|
|||
do_and_check_cmd yum install -y $CENTOS_DEPS
|
||||
fi
|
||||
do_and_check_cmd pip3 install --upgrade pip
|
||||
do_and_check_cmd pip3 install jinja2 certbot
|
||||
do_and_check_cmd pip3 install jinja2 certbot docker requests flask gunicorn
|
||||
do_and_check_cmd pip3 install cryptography --upgrade
|
||||
|
||||
# Clone the repo
|
||||
|
@ -133,6 +133,11 @@ do_and_check_cmd cp -r /tmp/bunkerized-nginx/defaults /opt/bunkerized-nginx
|
|||
echo "[*] Copy settings"
|
||||
do_and_check_cmd cp /tmp/bunkerized-nginx/settings.json /opt/bunkerized-nginx
|
||||
|
||||
# Copy UI
|
||||
echo "[*] Copy UI"
|
||||
do_and_check_cmd cp -r /tmp/bunkerized-nginx/ui /opt/bunkerized-nginx
|
||||
do_and_check_cmd cp /tmp/bunkerized-nginx/ui/bunkerized-nginx-ui.service /etc/systemd/system
|
||||
|
||||
# Copy bunkerized-nginx
|
||||
echo "[*] Copy bunkerized-nginx"
|
||||
do_and_check_cmd cp /tmp/bunkerized-nginx/helpers/bunkerized-nginx /usr/local/bin
|
||||
|
@ -216,6 +221,9 @@ do_and_check_cmd chmod u+rx /opt
|
|||
do_and_check_cmd chown -R nginx:nginx /etc/nginx
|
||||
do_and_check_cmd find /etc/nginx -type f -exec chmod 0774 {} \;
|
||||
do_and_check_cmd find /etc/nginx -type d -exec chmod 0775 {} \;
|
||||
# Set permissions for /etc/systemd/system/bunkerized-nginx-ui.service
|
||||
do_and_check_cmd chown root:root /etc/systemd/system/bunkerized-nginx-ui.service
|
||||
do_and_check_cmd chmod 744 /etc/systemd/system/bunkerized-nginx-ui.service
|
||||
|
||||
# Prepare log files and folders
|
||||
echo "[*] Prepare log files and folders"
|
||||
|
@ -228,19 +236,17 @@ fi
|
|||
if [ ! -e /var/log/nginx/error.log ] ; then
|
||||
do_and_check_cmd touch /var/log/nginx/error.log
|
||||
fi
|
||||
if [ ! -e /var/log/nginx/modsec_audit.log ] ; then
|
||||
do_and_check_cmd touch /var/log/nginx/modsec_audit.log
|
||||
fi
|
||||
if [ ! -e /var/log/nginx/jobs.log ] ; then
|
||||
do_and_check_cmd touch /var/log/nginx/jobs.log
|
||||
fi
|
||||
do_and_check_cmd touch /var/log/nginx/modsec_audit.log
|
||||
do_and_check_cmd touch /var/log/nginx/error.log
|
||||
if [ ! -e /var/log/nginx/ui.log ] ; then
|
||||
do_and_check_cmd touch /var/log/nginx/ui.log
|
||||
fi
|
||||
do_and_check_cmd chown -R root:nginx /var/log/nginx
|
||||
do_and_check_cmd chown root:nginx /var/log/nginx/access.log
|
||||
do_and_check_cmd chown root:nginx /var/log/nginx/error.log
|
||||
do_and_check_cmd chown root:nginx /var/log/nginx/jobs.log
|
||||
do_and_check_cmd chmod 770 /var/log/nginx/access.log
|
||||
do_and_check_cmd chmod 770 /var/log/nginx/error.log
|
||||
do_and_check_cmd chmod 770 /var/log/nginx/jobs.log
|
||||
do_and_check_cmd chmod -R 770 /var/log/nginx
|
||||
do_and_check_cmd chmod -R 770 /var/log/nginx/
|
||||
|
||||
# Prepare Let's Encrypt files and folders
|
||||
echo "[*] Prepare Let's Encrypt files and folders"
|
||||
|
@ -293,4 +299,4 @@ echo "[*] Download proxies list"
|
|||
do_and_check_cmd /opt/bunkerized-nginx/scripts/geoip.sh
|
||||
|
||||
# We're done
|
||||
echo "[*] bunkerized-nginx successfully installed !"
|
||||
echo "[*] bunkerized-nginx successfully installed !"
|
|
@ -1,4 +1,4 @@
|
|||
local M = {}
|
||||
local M = {}
|
||||
local api_list = {}
|
||||
local iputils = require "resty.iputils"
|
||||
|
||||
|
@ -10,6 +10,10 @@ api_list["^/reload$"] = function ()
|
|||
return os.execute("/usr/sbin/nginx -s reload") == 0
|
||||
end
|
||||
|
||||
api_list["^/stop$"] = function ()
|
||||
return os.execute("/usr/sbin/nginx -s quit") == 0
|
||||
end
|
||||
|
||||
function M.is_api_call (api_uri, api_whitelist_ip)
|
||||
local whitelist = iputils.parse_cidrs(api_whitelist_ip)
|
||||
if iputils.ip_in_cidrs(ngx.var.remote_addr, whitelist) and ngx.var.request_uri:sub(1, #api_uri) .. "/" == api_uri .. "/" then
|
||||
|
|
|
@ -3,7 +3,7 @@ import json, uuid, glob, copy, re, subprocess
|
|||
class Config :
|
||||
|
||||
def __init__(self) :
|
||||
with open("/opt/settings.json", "r") as f :
|
||||
with open("/opt/bunkerized-nginx/settings.json", "r") as f :
|
||||
self.__settings = json.loads(f.read())
|
||||
|
||||
def __env_to_dict(self, filename) :
|
||||
|
@ -37,7 +37,7 @@ class Config :
|
|||
conf["SERVER_NAME"] = " ".join(servers)
|
||||
env_file = "/tmp/" + str(uuid.uuid4()) + ".env"
|
||||
self.__dict_to_env(env_file, conf)
|
||||
proc = subprocess.run(["/bin/su", "-c", "/opt/gen/main.py --settings /opt/settings.json --templates /opt/confs --output /etc/nginx --variables " + env_file, "nginx"], capture_output=True)
|
||||
proc = subprocess.run(["/opt/bunkerized-nginx/gen/main.py", "--settings", "/opt/bunkerized-nginx/settings.json", "--templates", "/opt/bunkerized-nginx/confs", "--output", "/etc/nginx", "--variables", env_file], capture_output=True)
|
||||
stderr = proc.stderr.decode("ascii")
|
||||
#stdout = proc.stdout.decode("ascii")
|
||||
if stderr != "" or proc.returncode != 0 :
|
||||
|
|
|
@ -5,11 +5,11 @@ RUN chmod +x /tmp/dependencies.sh && \
|
|||
/tmp/dependencies.sh && \
|
||||
rm -f /tmp/dependencies.sh
|
||||
|
||||
COPY gen/ /opt/gen
|
||||
COPY confs/site/ /opt/confs/site
|
||||
COPY confs/global/ /opt/confs/global
|
||||
COPY ui/ /opt/entrypoint
|
||||
COPY settings.json /opt
|
||||
COPY gen/ /opt/bunkerized-nginx/gen
|
||||
COPY confs/site/ /opt/bunkerized-nginx/confs/site
|
||||
COPY confs/global/ /opt/bunkerized-nginx/confs/global
|
||||
COPY ui/ /opt/bunkerized-nginx/ui
|
||||
COPY settings.json /opt/bunkerized-nginx
|
||||
|
||||
COPY ui/prepare.sh /tmp
|
||||
RUN chmod +x /tmp/prepare.sh && \
|
||||
|
@ -18,6 +18,6 @@ RUN chmod +x /tmp/prepare.sh && \
|
|||
|
||||
EXPOSE 5000
|
||||
|
||||
WORKDIR /opt/entrypoint
|
||||
ENV FLASK_APP entrypoint.py
|
||||
ENTRYPOINT ["/usr/bin/python3", "-m", "flask", "run", "--host=0.0.0.0"]
|
||||
WORKDIR /opt/bunkerized-nginx/ui
|
||||
USER nginx:nginx
|
||||
ENTRYPOINT ["/usr/bin/gunicorn", "--bind", "unix:bunkerized-nginx-ui.sock", "-m", "007", "wsgi:app"]
|
|
@ -0,0 +1,12 @@
|
|||
[Unit]
|
||||
Description=Web UI for bunkerized-nginx
|
||||
After=network.target
|
||||
|
||||
[Service]
|
||||
User=nginx
|
||||
Group=nginx
|
||||
WorkingDirectory=/opt/bunkerized-nginx/ui
|
||||
ExecStart=gunicorn --bind unix:bunkerized-nginx-ui.sock -m 007 wsgi:app
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
|
@ -1,4 +1,4 @@
|
|||
#!/bin/sh
|
||||
|
||||
apk add py3-pip bash
|
||||
pip3 install docker flask flask-login
|
||||
pip3 install docker flask flask-login requests gunicorn
|
||||
|
|
|
@ -2,20 +2,18 @@
|
|||
|
||||
from flask import Flask, render_template, current_app, request
|
||||
|
||||
from src.Instances import Instances
|
||||
|
||||
from Docker import Docker
|
||||
from Config import Config
|
||||
import utils
|
||||
import os, json, re, copy, traceback
|
||||
|
||||
app = Flask(__name__, static_url_path="/", static_folder="static", template_folder="templates")
|
||||
ABSOLUTE_URI = ""
|
||||
if "ABSOLUTE_URI" in os.environ :
|
||||
ABSOLUTE_URI = os.environ["ABSOLUTE_URI"]
|
||||
DOCKER_HOST = "unix:///var/run/docker.sock"
|
||||
if "DOCKER_HOST" in os.environ :
|
||||
DOCKER_HOST = os.environ["DOCKER_HOST"]
|
||||
app.config["ABSOLUTE_URI"] = ABSOLUTE_URI
|
||||
app.config["DOCKER"] = Docker(DOCKER_HOST)
|
||||
|
||||
vars = utils.get_variables()
|
||||
app.config["ABSOLUTE_URI"] = vars["ABSOLUTE_URI"]
|
||||
app.config["INSTANCES"] = Instances(vars["DOCKER_HOST"], vars["API_URI"])
|
||||
app.config["CONFIG"] = Config()
|
||||
app.jinja_env.globals.update(env_to_summary_class=utils.env_to_summary_class)
|
||||
app.jinja_env.globals.update(form_service_gen=utils.form_service_gen)
|
||||
|
@ -26,7 +24,7 @@ app.jinja_env.globals.update(form_service_gen_multiple_values=utils.form_service
|
|||
@app.route('/home')
|
||||
def home() :
|
||||
try :
|
||||
instances_number = len(app.config["DOCKER"].get_instances())
|
||||
instances_number = len(app.config["INSTANCES"].get_instances())
|
||||
services_number = len(app.config["CONFIG"].get_services())
|
||||
return render_template("home.html", title="Home", instances_number=instances_number, services_number=services_number)
|
||||
except Exception as e :
|
||||
|
@ -40,7 +38,7 @@ def instances() :
|
|||
if request.method == "POST" :
|
||||
|
||||
# Check operation
|
||||
if not "operation" in request.form or not request.form["operation"] in ["reload", "start", "stop", "restart", "delete"] :
|
||||
if not "operation" in request.form or not request.form["operation"] in ["reload", "start", "stop", "restart"] :
|
||||
raise Exception("Missing operation parameter on /instances.")
|
||||
|
||||
# Check that all fields are present
|
||||
|
@ -49,18 +47,16 @@ def instances() :
|
|||
|
||||
# Do the operation
|
||||
if request.form["operation"] == "reload" :
|
||||
operation = app.config["DOCKER"].reload_instance(request.form["INSTANCE_ID"])
|
||||
operation = app.config["INSTANCES"].reload_instance(request.form["INSTANCE_ID"])
|
||||
elif request.form["operation"] == "start" :
|
||||
operation = app.config["DOCKER"].start_instance(request.form["INSTANCE_ID"])
|
||||
operation = app.config["INSTANCES"].start_instance(request.form["INSTANCE_ID"])
|
||||
elif request.form["operation"] == "stop" :
|
||||
operation = app.config["DOCKER"].stop_instance(request.form["INSTANCE_ID"])
|
||||
operation = app.config["INSTANCES"].stop_instance(request.form["INSTANCE_ID"])
|
||||
elif request.form["operation"] == "restart" :
|
||||
operation = app.config["DOCKER"].restart_instance(request.form["INSTANCE_ID"])
|
||||
elif request.form["operation"] == "delete" :
|
||||
operation = app.config["DOCKER"].delete_instance(request.form["INSTANCE_ID"])
|
||||
operation = app.config["INSTANCES"].restart_instance(request.form["INSTANCE_ID"])
|
||||
|
||||
# Display instances
|
||||
instances = app.config["DOCKER"].get_instances()
|
||||
instances = app.config["INSTANCES"].get_instances()
|
||||
return render_template("instances.html", title="Instances", instances=instances, operation=operation)
|
||||
|
||||
except Exception as e :
|
||||
|
|
|
@ -8,7 +8,10 @@ adduser -h /var/cache/nginx -g nginx -s /bin/sh -G nginx -D -H -u 101 nginx
|
|||
chown -R root:nginx /opt
|
||||
find /opt -type f -exec chmod 0740 {} \;
|
||||
find /opt -type d -exec chmod 0750 {} \;
|
||||
chmod ugo+x /opt/entrypoint/*
|
||||
chmod ugo+x /opt/gen/main.py
|
||||
chmod 770 /opt
|
||||
chmod 440 /opt/settings.json
|
||||
chmod 750 /opt/bunkerized-nginx/gen/main.py
|
||||
|
||||
# prepare /var/log
|
||||
mkdir /var/log/nginx
|
||||
chown root:nginx /var/log/nginx
|
||||
chmod 750 /var/log/nginx
|
||||
ln -s /proc/1/fd/1 /var/log/nginx/ui.log
|
|
@ -2,19 +2,20 @@ import docker, os, requests
|
|||
|
||||
class Instances :
|
||||
|
||||
def __init__(self, docker_host, api) :
|
||||
def __init__(self, docker_host, api_uri) :
|
||||
try :
|
||||
self.__docker = docker.DockerClient(base_url=docker_host)
|
||||
except :
|
||||
self.__docker = None
|
||||
self.__api = api
|
||||
self.__api_uri = api_uri
|
||||
|
||||
def __instance(self, name, type, status, data=None) :
|
||||
def __instance(self, id, name, type, status, data=None) :
|
||||
instance = {}
|
||||
instance["name"] = name
|
||||
instance["type"] = type
|
||||
instance["status"] = status
|
||||
instance["data"] = data
|
||||
instance["id"] = id
|
||||
instance["name"] = name
|
||||
instance["type"] = type
|
||||
instance["status"] = status
|
||||
instance["data"] = data
|
||||
|
||||
def __api_request(self, instance, order) :
|
||||
result = True
|
||||
|
@ -27,7 +28,7 @@ class Instances :
|
|||
hosts.append(host)
|
||||
for host in hosts :
|
||||
try :
|
||||
req = requests.post("http://" + host + ":8080" + self.__api + order)
|
||||
req = requests.post("http://" + host + ":8080" + self.__api_uri + order)
|
||||
if not req or req.status_code != 200 or req.text != "ok" :
|
||||
result = False
|
||||
except :
|
||||
|
@ -40,14 +41,16 @@ class Instances :
|
|||
if self.__docker != None :
|
||||
if self.__docker.swarm == None :
|
||||
for instance in self.__docker.containers.list(all=True, filters={"label" : "bunkerized-nginx.UI"}) :
|
||||
id = instance.id
|
||||
name = instance.name
|
||||
type = "container"
|
||||
status = "down"
|
||||
if instance.status == "running" :
|
||||
status = "up"
|
||||
instances.append(self.__instance(name, type, status, instance))
|
||||
instances.append(self.__instance(id, name, type, status, instance))
|
||||
else :
|
||||
for instance in self.__docker.services.list(all=True, filters={"label" : "bunkerized-nginx.UI"}) :
|
||||
id = instance.id
|
||||
name = instance.name
|
||||
type = "service"
|
||||
status = "down"
|
||||
|
@ -55,16 +58,17 @@ class Instances :
|
|||
running_tasks = instance.attrs["ServiceStatus"]["RunningTasks"]
|
||||
if desired_tasks > 0 and (desired_tasks == running_tasks) :
|
||||
status = "up"
|
||||
instances.append(self.__instance(name, type, status, instance))
|
||||
instances.append(self.__instance(id, name, type, status, instance))
|
||||
|
||||
# Local instance
|
||||
if os.path.exists("/usr/sbin/nginx") :
|
||||
id = "local"
|
||||
name = "local"
|
||||
type = "local"
|
||||
status = "down"
|
||||
if os.path.exists("/tmp/nginx.pid") :
|
||||
status = "up"
|
||||
instances.append(self.__instance(name, type, status))
|
||||
instances.append(self.__instance(id, name, type, status))
|
||||
|
||||
return instances
|
||||
|
||||
|
@ -99,7 +103,7 @@ class Instances :
|
|||
proc = subprocess.run(["/usr/sbin/nginx", "-g", "daemon on;"], capture_output=True)
|
||||
result = proc.returncode == 0
|
||||
elif instance["type"] == "container" or instance["type"] == "service" :
|
||||
result = self.__api_request(instance, "/start")
|
||||
result = False #self.__api_request(instance, "/start")
|
||||
if result :
|
||||
return "Instance " + instance["name"] + " has been started."
|
||||
return "Can't start " + instance["name"]
|
||||
|
@ -123,7 +127,7 @@ class Instances :
|
|||
proc = subprocess.run(["/usr/sbin/nginx", "-g", "daemon on;"], capture_output=True)
|
||||
result = proc.returncode == 0
|
||||
elif instance["type"] == "container" or instance["type"] == "service" :
|
||||
result = self.__api_request(instance, "/restart")
|
||||
result = False #self.__api_request(instance, "/restart")
|
||||
if result :
|
||||
return "Instance " + instance["name"] + " has been restarted."
|
||||
return "Can't restart " + instance["name"]
|
|
@ -17,11 +17,9 @@
|
|||
|
||||
{% for instance in instances %}
|
||||
{% set color = "dark" %}
|
||||
{% if instance["status"] == "running" %}
|
||||
{% if instance["status"] == "up" %}
|
||||
{% set color = "success" %}
|
||||
{% elif instance["status"] == "created" or instance["status"] == "restarting" or instance["status"] == "paused" %}
|
||||
{% set color = "warning" %}
|
||||
{% elif instance["status"] == "exited" or instance["status"] == "dead" %}
|
||||
{% elif instance["status"] == "down" %}
|
||||
{% set color = "danger" %}
|
||||
{% endif %}
|
||||
|
||||
|
@ -34,27 +32,20 @@
|
|||
{{ instance["name"] }}
|
||||
<div class="btn-group mx-2 float-end" role="group">
|
||||
<button id="btnGroupDrop1" class="btn btn-sm dropdown-toggle btn-light" data-bs-toggle="dropdown" aria-expanded="false">
|
||||
<i class="fas fa-cogs"> manage container</i>
|
||||
<i class="fas fa-cogs"> manage instance</i>
|
||||
</button>
|
||||
<ul class="dropdown-menu" aria-labelledby="btnGroupDrop1">
|
||||
<li><a class="dropdown-item" href="#" onClick="return startInstance('{{ instance["id"] }}');">Start</a></li>
|
||||
{% if instance["type"] == "local" %}<li><a class="dropdown-item" href="#" onClick="return startInstance('{{ instance["id"] }}');">Start</a></li>{% endif %}
|
||||
<li><a class="dropdown-item" href="#" onClick="return stopInstance('{{ instance["id"] }}');">Stop</a></li>
|
||||
<li><a class="dropdown-item" href="#" onClick="return restartInstance('{{ instance["id"] }}');">Restart</a></li>
|
||||
<li><a class="dropdown-item" href="#" onClick="return deleteInstance('{{ instance["id"] }}');">Delete</a></li>
|
||||
{% if instance["type"] == "local" %}<li><a class="dropdown-item" href="#" onClick="return restartInstance('{{ instance["id"] }}');">Restart</a></li>{% endif %}
|
||||
</ul>
|
||||
</div>
|
||||
<button class="btn btn-sm mx-2 float-end btn-light" onClick="reloadInstance('{{ instance["id"] }}');"><i class="fas fa-redo-alt"></i> reload nginx</button>
|
||||
<button class="btn btn-sm mx-2 float-end btn-light" onClick="reloadInstance('{{ instance["id"] }}');"><i class="fas fa-redo-alt"></i> Reload configuration</button>
|
||||
</div>
|
||||
<div class="card-body text-dark">
|
||||
<h5 class="card-title">Status : {{ instance["status"] }}</h5>
|
||||
<span class="card-text">
|
||||
Environment variables :<br />
|
||||
{% set envfilter = ["PATH", "NGINX_VERSION", "NJS_VERSION", "PKG_RELEASE"] %}
|
||||
{% for env in instance.attrs["Config"]["Env"] %}
|
||||
{% if not env.startswith("PATH=") and not env.startswith("NGINX_VERSION=") and not env.startswith("NJS_VERSION=") and not env.startswith("PKG_RELEASE=") %}
|
||||
{{ env }}<br />
|
||||
{% endif %}
|
||||
{% endfor %}
|
||||
TODO
|
||||
</span>
|
||||
</div>
|
||||
</div>
|
||||
|
@ -63,4 +54,4 @@
|
|||
|
||||
</div>
|
||||
|
||||
{% endblock %}
|
||||
{% endblock %}
|
15
ui/utils.py
15
ui/utils.py
|
@ -1,9 +1,20 @@
|
|||
#!/usr/bin/python3
|
||||
|
||||
import datetime, re, json
|
||||
import datetime, re, json, os
|
||||
|
||||
def get_variables() :
|
||||
vars = {}
|
||||
vars["DOCKER_HOST"] = "unix:///var/run/docker.sock"
|
||||
vars["API_URI"] = ""
|
||||
vars["ABSOLUTE_URI"] = ""
|
||||
for k in vars :
|
||||
if k in os.environ :
|
||||
vars[k] = os.environ[k]
|
||||
return vars
|
||||
|
||||
def log(event) :
|
||||
print("[" + str(datetime.datetime.now().replace(microsecond=0)) + "] " + event, flush=True)
|
||||
with open("/var/log/nginx/ui.log", "a") as f :
|
||||
f.write("[" + str(datetime.datetime.now().replace(microsecond=0)) + "] " + event + "\n")
|
||||
|
||||
def env_to_summary_class(var, value) :
|
||||
if type(var) is list and type(value) is list :
|
||||
|
|
|
@ -0,0 +1,4 @@
|
|||
from entrypoint import app
|
||||
|
||||
if __name__ == "__main__":
|
||||
app.run()
|
Loading…
Reference in New Issue