aboutsummaryrefslogtreecommitdiffstats
path: root/config
diff options
context:
space:
mode:
authorPiBa-NL <pba_2k3@yahoo.com>2015-10-27 00:23:00 +0100
committerPiBa-NL <pba_2k3@yahoo.com>2015-10-27 00:23:00 +0100
commite1fa969219ad8e25940fb020e32fbb5c4143a2e0 (patch)
tree2eeeed8c6f1eb60bd4ed39fae48742cbb33133ed /config
parente3d4b3b7f7ae0eeb936f734f696d3f5bbfe2c762 (diff)
downloadpfsense-packages-e1fa969219ad8e25940fb020e32fbb5c4143a2e0.tar.gz
pfsense-packages-e1fa969219ad8e25940fb020e32fbb5c4143a2e0.tar.bz2
pfsense-packages-e1fa969219ad8e25940fb020e32fbb5c4143a2e0.zip
haproxy-devel,
-acls/actions in backend -prevent filling backend selections items that have value none when renaming a backend -example template for using multiple domains on 1 frontend
Diffstat (limited to 'config')
-rw-r--r--config/haproxy-devel/pkg/haproxy.inc185
-rw-r--r--config/haproxy-devel/pkg/haproxy_htmllist.inc4
-rw-r--r--config/haproxy-devel/www/haproxy_listeners.php2
-rw-r--r--config/haproxy-devel/www/haproxy_pool_edit.php269
-rw-r--r--config/haproxy-devel/www/haproxy_templates.php94
5 files changed, 532 insertions, 22 deletions
diff --git a/config/haproxy-devel/pkg/haproxy.inc b/config/haproxy-devel/pkg/haproxy.inc
index afa10fb7..ba36c089 100644
--- a/config/haproxy-devel/pkg/haproxy.inc
+++ b/config/haproxy-devel/pkg/haproxy.inc
@@ -66,7 +66,12 @@ $a_acltypes["path_matches"] = array('name' => 'Path matches:',
$a_acltypes["path_regex"] = array('name' => 'Path regex:',
'mode' => 'http', 'syntax' => 'path_reg -i %1$s');
$a_acltypes["path_contains"] = array('name' => 'Path contains:',
- 'mode' => 'http', 'syntax' => 'path_dir -i %1$s');
+ 'mode' => 'http', 'syntax' => 'path_sub -i %1$s');
+$a_acltypes["url_parameter"] = array('name' => 'Url parameter contains:',
+ 'mode' => 'http', 'syntax' => 'url_param({parameter}) -i %1$s',
+ 'fields' => array(
+ array('name'=>"parameter",'columnheader'=>"Parameter name",'type'=>"textbox",'size'=>"50",'mask'=>'urlparameter')
+ ));
$a_acltypes["ssl_c_verify_code"] = array('name' => 'SSL Client certificate verify error result:',
'mode' => 'http', 'syntax' => 'ssl_c_verify %1$s', 'require_client_cert' => '1');
// ssl_c_verify result codes: https://www.openssl.org/docs/apps/verify.html#DIAGNOSTICS
@@ -351,7 +356,7 @@ $a_action["tcp-response_content_accept"] = array('name' => "tcp-response content
$a_action["tcp-response_content_close"] = array('name' => "tcp-response content close", 'mode'=> '', 'syntax' => 'tcp-response content close');
$a_action["tcp-response_content_reject"] = array('name' => "tcp-response content reject", 'mode'=> '', 'syntax' => 'tcp-response content reject');
if (haproxy_version() >= '1.6') {
- $a_action["tcp-response_content_lua"] = array('name' => "tcp-response content lua script", 'mode'=> '',
+ $a_action["tcp-response_content_lua"] = array('name' => "tcp-response content lua script", 'mode'=> '', 'syntax' => 'tcp-response content lua.{lua-function}',
'fields' => array(
'lua-function' => array('name'=>"lua-function",'columnheader'=>"lua function",'type'=>"textbox",'size'=>"50",'mask'=>'lua-function')
));
@@ -992,6 +997,142 @@ function write_backend($configpath, $fd, $name, $pool, $backendsettings) {
}
}
+ global $a_action;
+ $config_acls = array();
+
+ $cert_acls = "";
+ $aclcrt_name = "";
+ $a_acl = get_backend_acls($pool, $frontendtype);
+ if (!is_array($a_acl)) {
+ $a_acl = array();
+ }
+ // ACL's
+ foreach ($a_acl as $entry) {
+ $aclitem = $entry['ref'];
+ $expression = $aclitem['expression'];
+
+ $aclname = $aclitem['name'];
+ $acltype = haproxy_find_acl($expression);
+ if (!isset($acltype))
+ continue;
+
+ // Filter out acls for different modes
+ if ($acltype['mode'] != '' && $acltype['mode'] != strtolower($frontendtype)) {
+ continue;
+ }
+ if ($acltype['inspect-delay'] != '') {
+ $inspectdelay = $acltype['inspect-delay'];
+ }
+ if ($acltype['advancedoptions'] != '') {
+ $advancedextra[$acltype['syntax']] = $acltype['advancedoptions']."\n";
+ }
+ if ($acltype['require_client_cert']) {
+ $needs_clientcert[$aclname] = true;
+ }
+ if ($aclitem['certacl']) {
+ $aclname = "aclcrt_{$frontend['name']}";
+ $aclcrt_name = $aclname;
+ }
+
+ if (($expression == "source_ip") && is_alias($aclitem['value'])) {
+ $filename = "$configpath/ipalias_{$aclitem['value']}.lst";
+ $listitems = haproxy_hostoralias_to_list($aclitem['value']);
+ $fd_alias = fopen("$filename", "w");
+ foreach($listitems as $item) {
+ fwrite($fd_alias, $item."\r\n");
+ }
+ fclose($fd_alias);
+ $expr = "src -f $filename";
+ } else {
+ $expr = sprintf($acltype['syntax'], $aclitem['value']);
+ if (is_array($acltype['fields'])) {
+ foreach ($acltype['fields'] as $field) {
+ $fieldname = $field['name'];
+ $parameter = $aclitem[$expression . $fieldname];
+ if ($fieldname == "backend") {
+ $backendname = $parameter . "_" . strtolower($bind['type'])."_".$ipversion;
+ $parameter = $backendname;
+ }
+ $expr = str_replace("{{$fieldname}}", $parameter, $expr);
+ }
+ }
+ }
+ $config_acls ["\tacl\t\t\t" . $aclname . "\t" . $expr . "\n"] = 1;
+ }
+ // Write acl's first, so they may be used by advanced text options written by user.
+ foreach($config_acls as $acl => $dummy) {
+ fwrite ($fd, $acl);
+ }
+
+ $a_actionitems = $pool['a_actionitems']['item'];
+ if (!is_array($a_actionitems)) {
+ $a_actionitems = array();
+ }
+ foreach ($a_actionitems as $actionitem) {
+ $actionid = $actionitem['action'];
+ $action = $a_action[$actionid];
+
+ $action_cfg = $action['syntax'];
+
+ if (is_array($action['fields'])) {
+ foreach ($action['fields'] as $field) {
+ $fieldname = $field['name'];
+ $parameter = $actionitem[$actionid . $field['name']];
+
+ if ($fieldname == "backend") {
+ $backend = $parameter;
+ $backendname = $parameter . "_" . strtolower($bind['type'])."_".$ipversion;
+ if (!isset($a_pendingpl[$backendname])) {
+ $a_pendingpl[$backendname] = array();
+ $a_pendingpl[$backendname]['name'] = $backendname;
+ $a_pendingpl[$backendname]['backend'] = $backend;
+ $a_pendingpl[$backendname]['frontend'] = $bind;
+ $a_pendingpl[$backendname]['ipversion'] = $ipversion;
+ }
+ $parameter = $backendname;
+ }
+ $action_cfg = str_replace("{{$fieldname}}", $parameter, $action_cfg);
+ }
+ }
+ $condition = "";
+ if (!empty($actionitem['acl']) || !empty($systemacl)) {
+ $useclientcert = "";
+ $useracls = "";
+ $aclnames = explode(' ', $actionitem['acl']);
+ foreach($aclnames as $aclname) {
+ if ($needs_clientcert[$aclname]) {
+ $useclientcert = " aclsystem_ssl_c_used";
+ }
+ $not = "";
+ foreach ($a_acl as $entry) {
+ if ($entry['ref']['name'] == $aclname && $entry['ref']['not'] == 'yes') {
+ $not = "!";
+ }
+ }
+ $useracls .= " {$not}{$aclname}";
+ }
+ $condition = " if {$useracls}{$useclientcert} {$systemacl}";
+ }
+
+ $action = "\t{$action_cfg} {$condition}\n";
+
+ if ($actionid == "use_backend") {
+ if (empty($condition)) {
+ $config_usedefaultbackends .= "\tdefault_backend {$parameter}{$condition}\n";
+ } else {
+ if (!empty($actionitem['acl'])){
+ $config_usebackends .= $action;
+ } else {
+ // add use_backend if ipv4/6 before default_backend if any exists..
+ $config_usedefaultbackends .= $action;
+ }
+ }
+ } else {
+ $config_actions .= $action;
+ }
+ }
+ fwrite ($fd, $config_actions);
+
if ($pool['advanced']) {
$advanced = base64_decode($pool['advanced']);
$advanced_txt = " " . $advanced;
@@ -1346,15 +1487,15 @@ function haproxy_writeconf($configpath) {
}
// lua-load
- foreach($a_files as $file) {
- if ($file['type'] == "luascript") {
- $luafile = $configpath . "/luascript_" . $file['name'];
- file_put_contents($luafile, base64_decode($file['content']), 0);
- fwrite ($fd, "\tlua-load\t\t{$luafile}\n");
-
+ if (is_array($a_files)) {
+ foreach($a_files as $file) {
+ if ($file['type'] == "luascript") {
+ $luafile = $configpath . "/luascript_" . $file['name'];
+ file_put_contents($luafile, base64_decode($file['content']), 0);
+ fwrite ($fd, "\tlua-load\t\t{$luafile}\n");
+ }
}
}
-
// Keep the advanced options on the bottom of the global settings, to allow additional sections to be easely added
if ($a_global['advanced']) {
@@ -2547,6 +2688,32 @@ function get_frontend_acls($frontend) {
return $result;
}
+function get_backend_acls($backend, $type) {
+ $result = array();
+ $a_acl = &$backend['a_acl']['item'];
+ if (is_array($a_acl))
+ {
+ foreach ($a_acl as $entry) {
+ $acl = haproxy_find_acl($entry['expression']);
+ if (!$acl) {
+ continue;
+ }
+
+ // Filter out acls for different modes
+ if ($acl['mode'] != '' && $acl['mode'] != $type) {
+ continue;
+ }
+ $not = $entry['not'] == "yes" ? "not: " : "";
+ $acl_item = array();
+ $acl_item['descr'] = $acl['name'] . " " . (isset($acl['novalue']) ? "" : $not . $entry['value']);
+ $acl_item['ref'] = $entry;
+
+ $result[] = $acl_item;
+ }
+ }
+ return $result;
+}
+
function get_backend_id($name) {
global $config;
$a_backend = &$config['installedpackages']['haproxy']['ha_pools']['item'];
diff --git a/config/haproxy-devel/pkg/haproxy_htmllist.inc b/config/haproxy-devel/pkg/haproxy_htmllist.inc
index a17a5089..4abfedd8 100644
--- a/config/haproxy-devel/pkg/haproxy_htmllist.inc
+++ b/config/haproxy-devel/pkg/haproxy_htmllist.inc
@@ -134,7 +134,7 @@ class HaproxyHtmlList
} elseif ($itemtype == "checkbox") {
echo $itemvalue=='yes' ? gettext('yes') : gettext('no');
} elseif ($itemtype == "textarea") {
- echo '<div style="overlow:scroll;max-height:120px;overflow-y: scroll;">';
+ echo "<div style='overlow:scroll;max-height:120px;max-width:{$item['colwidth']};overflow-y: scroll;'>";
echo str_replace(" ","&nbsp;", str_replace("\n","<br/>", htmlspecialchars(base64_decode($itemvalue))));
echo '</div>';
} elseif ($itemtype == "fixedtext") {
@@ -180,7 +180,7 @@ class HaproxyHtmlList
$itemname = $item['name'];
$itemvalue = $value[$itemname];
if (isset($item['customdrawcell'])) {
- $item['customdrawcell']($this, $item, $itemvalue, false);
+ $item['customdrawcell']($this, $item, $itemvalue, false, $itemname, $counter);
} else {
$this->haproxy_htmllist_drawcell($item, $itemvalue, false, $itemname, $counter);
}
diff --git a/config/haproxy-devel/www/haproxy_listeners.php b/config/haproxy-devel/www/haproxy_listeners.php
index 2a91aa3f..5aef0a82 100644
--- a/config/haproxy-devel/www/haproxy_listeners.php
+++ b/config/haproxy-devel/www/haproxy_listeners.php
@@ -311,7 +311,7 @@ function js_callback(req) {
echo "<a href='haproxy_pool_edit.php?id={$backend}'>{$backend}</a>";
if (!empty($actionitem['acl'])) {
- echo " if({$actionitem['acl']})";
+ echo "&nbsp;if({$actionitem['acl']})";
}
}
}
diff --git a/config/haproxy-devel/www/haproxy_pool_edit.php b/config/haproxy-devel/www/haproxy_pool_edit.php
index 13444f4d..71da9732 100644
--- a/config/haproxy-devel/www/haproxy_pool_edit.php
+++ b/config/haproxy-devel/www/haproxy_pool_edit.php
@@ -48,7 +48,7 @@ if (isset($_POST['id']))
$id = $_POST['id'];
else
$id = $_GET['id'];
-
+
$tmp = get_backend_id($id);
if (is_numeric($tmp))
$id = $tmp;
@@ -204,9 +204,113 @@ $errorfileslist = new HaproxyHtmlList("table_errorfile", $fields_errorfile);
$errorfileslist->keyfield = "errorcode";
+
+$fields_aclSelectionList=array();
+$fields_aclSelectionList[0]['name']="name";
+$fields_aclSelectionList[0]['columnheader']="Name";
+$fields_aclSelectionList[0]['colwidth']="30%";
+$fields_aclSelectionList[0]['type']="textbox";
+$fields_aclSelectionList[0]['size']="20";
+
+$fields_aclSelectionList[1]['name']="expression";
+$fields_aclSelectionList[1]['columnheader']="Expression";
+$fields_aclSelectionList[1]['colwidth']="30%";
+$fields_aclSelectionList[1]['type']="select";
+$fields_aclSelectionList[1]['size']="10";
+$fields_aclSelectionList[1]['items']=&$a_acltypes;
+
+$fields_aclSelectionList[2]['name']="not";
+$fields_aclSelectionList[2]['columnheader']="Not";
+$fields_aclSelectionList[2]['colwidth']="5%";
+$fields_aclSelectionList[2]['type']="checkbox";
+$fields_aclSelectionList[2]['size']="5";
+
+$fields_aclSelectionList[3]['name']="value";
+$fields_aclSelectionList[3]['columnheader']="Value";
+$fields_aclSelectionList[3]['colwidth']="35%";
+$fields_aclSelectionList[3]['type']="textbox";
+$fields_aclSelectionList[3]['size']="35";
+
+$fields_actions=array();
+$fields_actions[0]['name']="action";
+$fields_actions[0]['columnheader']="Action";
+$fields_actions[0]['colwidth']="30%";
+$fields_actions[0]['type']="select";
+$fields_actions[0]['size']="200px";
+$fields_actions[0]['items']=&$a_action;
+$fields_actions[1]['name']="parameters";
+$fields_actions[1]['columnheader']="Parameters";
+$fields_actions[1]['colwidth']="30%";
+$fields_actions[1]['type']="fixedtext";
+$fields_actions[1]['size']="200px";
+$fields_actions[1]['text']="See below";
+$fields_actions[2]['name']="acl";
+$fields_actions[2]['columnheader']="Condition acl names";
+$fields_actions[2]['colwidth']="15%";
+$fields_actions[2]['type']="textbox";
+$fields_actions[2]['size']="40";
+
+
+$fields_actions_details=array();
+foreach($a_action as $key => $action) {
+ if (is_array($action['fields'])) {
+ foreach($action['fields'] as $field) {
+ $item = $field;
+ $name = $key . $item['name'];
+ $item['name'] = $name;
+ $item['columnheader'] = $field['name'];
+ $item['customdrawcell'] = customdrawcell_actions;
+ $fields_actions_details[$name] = $item;
+ }
+ }
+}
+
+$a_acltypes["backendservercount"]['fields']['backend']['items'] = &$backends;
+$fields_acl_details=array();
+foreach($a_acltypes as $key => $action) {
+ if (is_array($action['fields'])) {
+ foreach($action['fields'] as $field) {
+ $item = $field;
+ $name = $key . $item['name'];
+ $item['name'] = $name;
+ $item['columnheader'] = $field['name'];
+ $item['customdrawcell'] = customdrawcell_actions;
+ $fields_acl_details[$name] = $item;
+ }
+ }
+}
+
+function customdrawcell_actions($object, $item, $itemvalue, $editable, $itemname, $counter) {
+ if ($editable) {
+ $object->haproxy_htmllist_drawcell($item, $itemvalue, $editable, $itemname, $counter);
+ } else {
+ //TODO hide fields not applicable.?.
+ echo $itemvalue;
+ }
+}
+
+$htmllist_acls = new HaproxyHtmlList("table_acls", $fields_aclSelectionList);
+$htmllist_acls->fields_details = $fields_acl_details;
+$htmllist_acls->editmode = true;
+
+$htmllist_actions = new HaproxyHtmlList("table_actions", $fields_actions);
+$htmllist_actions->fields_details = $fields_actions_details;
+$htmllist_actions->keyfield = "name";
+
+
if (isset($id) && $a_pools[$id]) {
+ $pconfig['a_acl'] = &$a_pools[$id]['a_acl']['item'];
+ if (!is_array($pconfig['a_acl'])) {
+ $pconfig['a_acl'] = array();
+ }
+ $pconfig['a_actionitems'] = &$a_pools[$id]['a_actionitems']['item'];
+ if (!is_array($pconfig['a_actionitems'])) {
+ $pconfig['a_actionitems'] = array();
+ }
$pconfig['advanced'] = base64_decode($a_pools[$id]['advanced']);
$pconfig['advanced_backend'] = base64_decode($a_pools[$id]['advanced_backend']);
+
+
$a_servers = &$a_pools[$id]['ha_servers']['item'];
foreach($simplefields as $stat)
@@ -214,7 +318,9 @@ if (isset($id) && $a_pools[$id]) {
$a_errorfiles = &$a_pools[$id]['errorfiles']['item'];
- if (!is_array($a_errorfiles)) $a_errorfiles = array();
+ if (!is_array($a_errorfiles)) {
+ $a_errorfiles = array();
+ }
}
if (isset($_GET['dup']))
@@ -276,6 +382,8 @@ if ($_POST) {
if (($_POST['name'] == $config['installedpackages']['haproxy']['ha_pools']['item'][$i]['name']) && ($i != $id))
$input_errors[] = "This pool name has already been used. Pool names must be unique.";
+ $pconfig['a_acl'] = $htmllist_acls->haproxy_htmllist_get_values();
+ $pconfig['a_actionitems'] = $htmllist_actions->haproxy_htmllist_get_values();
$a_servers = $serverslist->haproxy_htmllist_get_values();
foreach($a_servers as $server){
$server_name = $server['name'];
@@ -314,23 +422,39 @@ if ($_POST) {
if(isset($id) && $a_pools[$id])
$pool = $a_pools[$id];
- if ($pool['name'] != $_POST['name']) {
+ if (!empty($pool['name']) && ($pool['name'] != $_POST['name'])) {
+ //old $pool['name'] can be empty if a new or cloned item is saved, nothing should be renamed then
// name changed:
- if (!is_array($config['installedpackages']['haproxy']['ha_backends']['item'])) {
- $config['installedpackages']['haproxy']['ha_backends']['item'] = array();
- }
+ $oldvalue = $pool['name'];
+ $newvalue = $_POST['name'];
+
$a_backend = &$config['installedpackages']['haproxy']['ha_backends']['item'];
+ if (!is_array($a_backend)) {
+ $a_backend = array();
+ }
for ( $i = 0; $i < count($a_backend); $i++) {
- if ($a_backend[$i]['backend_serverpool'] == $pool['name'])
- $a_backend[$i]['backend_serverpool'] = $_POST['name'];
+ $backend = &$a_backend[$i];
+ if ($a_backend[$i]['backend_serverpool'] == $oldvalue) {
+ $a_backend[$i]['backend_serverpool'] = $newvalue;
+ }
+ if (is_array($backend['a_actionitems']['item'])) {
+ foreach($backend['a_actionitems']['item'] as &$item) {
+ if ($item['action'] == "use_backend") {
+ if ($item['use_backendbackend'] == $oldvalue) {
+ $item['use_backendbackend'] = $newvalue;
+ }
+ }
+ }
+ }
}
}
if($pool['name'] != "")
$changedesc .= " modified pool: '{$pool['name']}'";
-
- $pool['ha_servers']['item']=$a_servers;
+ $pool['ha_servers']['item'] = $a_servers;
+ $pool['a_acl']['item'] = $pconfig['a_acl'];
+ $pool['a_actionitems']['item'] = $pconfig['a_actionitems'];
update_if_changed("advanced", $pool['advanced'], base64_encode($_POST['advanced']));
update_if_changed("advanced_backend", $pool['advanced_backend'], base64_encode($_POST['advanced_backend']));
@@ -667,6 +791,71 @@ foreach($simplefields as $field){
<br/>
NOTE: paste text into this box that you would like to pass thru. Applied to the backend section.
</td>
+ </tr>
+ <tr>
+ <td width="22%" valign="top" class="vncell">Access Control lists</td>
+ <td width="78%" class="vtable" colspan="2" valign="top">
+ <?
+ $a_acl = $pconfig['a_acl'];
+ $htmllist_acls->Draw($a_acl);
+ ?>
+ <br/>
+ Example:
+ <table border='1' style='border-collapse:collapse'>
+ <tr>
+ <td><b>Name</b></td>
+ <td><b>Expression</b></td>
+ <td><b>Not</b></td>
+ <td><b>Value</b></td>
+ </tr>
+ <tr>
+ <td>Backend1acl</td>
+ <td>Host matches</td>
+ <td></td>
+ <td>www.yourdomain.tld</td>
+ </tr>
+ <tr>
+ <td>addHeaderAcl</td>
+ <td>SSL Client certificate valid</td>
+ <td></td>
+ <td></td>
+ </tr>
+ </table>
+ <br/>
+ acl's with the same name will be 'combined' using OR criteria.<br/>
+ For more information about ACL's please see <a href='http://haproxy.1wt.eu/download/1.5/doc/configuration.txt' target='_blank'>HAProxy Documentation</a> Section 7 - Using ACL's<br/><br/>
+ <strong>NOTE Important change in behaviour, since package version 0.32</strong><br/>
+ -acl's are no longer combined with logical AND operators, list multiple acl's below where needed.<br/>
+ -acl's alone no longer implicitly generate use_backend configuration. Add 'actions' below to accomplish this behaviour.
+ </td>
+ </tr>
+ <tr>
+ <td width="22%" valign="top" class="vncellreq">Actions</td>
+ <td width="78%" class="vtable" colspan="2" valign="top">
+ <?
+ $a_actionitems = $pconfig['a_actionitems'];
+ $htmllist_actions->Draw($a_actionitems);
+ ?>
+ <br/>
+ Example:
+ <table border='1' style='border-collapse:collapse'>
+ <tr>
+ <td><b>Action</b></td>
+ <td><b>Parameters</b></td>
+ <td><b>Condition</b></td>
+ </tr>
+ <tr>
+ <td>Use Backend</td>
+ <td>Website1Backend</td>
+ <td>Backend1acl</td>
+ </tr>
+ <tr>
+ <td>http-request header set</td>
+ <td>Headername: X-HEADER-ClientCertValid<br/>New logformat value: YES</td>
+ <td>addHeaderAcl</td>
+ </tr>
+ </table>
+ </td>
</tr>
<tr><td>&nbsp;</td></tr>
<tr>
@@ -1067,12 +1256,72 @@ set by the 'retries' parameter.</div>
phparray_to_javascriptarray($a_sticky_type,"sticky_type",Array('/*','/*/descr','/*/cookiedescr'));
//phparray_to_javascriptarray($a_files,"a_files",Array('/*','/*/name','/*/descr'));
+ phparray_to_javascriptarray($a_action, "showhide_actionfields",
+ Array('/*', '/*/fields', '/*/fields/*', '/*/fields/*/name'));
+ phparray_to_javascriptarray($a_acltypes, "showhide_aclfields",
+ Array('/*', '/*/fields', '/*/fields/*', '/*/fields/*/name'));
+
$serverslist->outputjavascript();
$errorfileslist->outputjavascript();
+ $htmllist_acls->outputjavascript();
+ $htmllist_actions->outputjavascript();
?>
browser_InnerText_support = (document.getElementsByTagName("body")[0].innerText != undefined) ? true : false;
totalrows = <?php echo $counter; ?>;
+
+ function table_acls_listitem_change(tableId, fieldId, rowNr, field) {
+ if (fieldId = "toggle_details") {
+ fieldId = "expression";
+ field = d.getElementById(tableId+"expression"+rowNr);
+ }
+ if (fieldId = "expression") {
+ var actiontype = field.value;
+
+ var table = d.getElementById(tableId);
+
+ for(var actionkey in showhide_aclfields) {
+ var fields = showhide_aclfields[actionkey]['fields'];
+ for(var fieldkey in fields){
+ var fieldname = fields[fieldkey]['name'];
+ var rowid = "tr_edititemdetails_"+rowNr+"_"+actionkey+fieldname;
+ var element = d.getElementById(rowid);
+
+ if (actionkey == actiontype)
+ element.style.display = '';
+ else
+ element.style.display = 'none';
+ }
+ }
+ }
+ }
+
+ function table_actions_listitem_change(tableId, fieldId, rowNr, field) {
+ if (fieldId = "toggle_details") {
+ fieldId = "action";
+ field = d.getElementById(tableId+"action"+rowNr);
+ }
+ if (fieldId = "action") {
+ var actiontype = field.value;
+
+ var table = d.getElementById(tableId);
+
+ for(var actionkey in showhide_actionfields) {
+ var fields = showhide_actionfields[actionkey]['fields'];
+ for(var fieldkey in fields){
+ var fieldname = fields[fieldkey]['name'];
+ var rowid = "tr_edititemdetails_"+rowNr+"_"+actionkey+fieldname;
+ var element = d.getElementById(rowid);
+
+ if (actionkey == actiontype)
+ element.style.display = '';
+ else
+ element.style.display = 'none';
+ }
+ }
+ }
+ }
+
updatevisibility();
</script>
<?php
diff --git a/config/haproxy-devel/www/haproxy_templates.php b/config/haproxy-devel/www/haproxy_templates.php
index 71135b14..072df508 100644
--- a/config/haproxy-devel/www/haproxy_templates.php
+++ b/config/haproxy-devel/www/haproxy_templates.php
@@ -114,6 +114,7 @@ EOD;
$savemsg = "File 'ExampleErrorfile' is already configured on the Files tab.";
}
+ $changedesc = "haproxy, add template errorfile";
if ($changecount > 0) {
header("Location: haproxy_files.php");
echo "touching: $d_haproxyconfdirty_path";
@@ -122,7 +123,83 @@ EOD;
exit;
}
}
+
+function haproxy_template_multipledomains() {
+ global $config, $d_haproxyconfdirty_path;
+ $a_backends = &$config['installedpackages']['haproxy']['ha_pools']['item'];
+ $a_frontends = &$config['installedpackages']['haproxy']['ha_backends']['item'];
+
+ $backend = array();
+ $backend["name"] = "example_backend1";
+ $backend["stats_enabled"] = "yes";
+ $backend["stats_uri"] = "/";
+ $backend["stats_refresh"] = "10";
+ $backend["stats_scope"] = ".";
+ $backend["stats_node"] = "NODE1";
+ $a_backends[] = $backend;
+ $backend = array();
+ $backend["name"] = "example_backend2";
+ $backend["stats_enabled"] = "yes";
+ $backend["stats_uri"] = "/";
+ $backend["stats_refresh"] = "10";
+ $backend["stats_scope"] = ".";
+ $backend["stats_node"] = "NODE2";
+ $a_backends[] = $backend;
+
+ $backend = array();
+ $backend["name"] = "example_backend3";
+ $backend["stats_enabled"] = "yes";
+ $backend["stats_uri"] = "/";
+ $backend["stats_refresh"] = "10";
+ $backend["stats_scope"] = ".";
+ $backend["stats_node"] = "NODE3";
+ $a_backends[] = $backend;
+
+ $frontend = array();
+ $frontend["name"] = "example_multipledomains";
+ $frontend["status"] = "active";
+ $frontend["type"] = "http";
+ $frontend["a_extaddr"]["item"]["stats_name"]["extaddr"] = "wan_ipv4";
+ $frontend["a_extaddr"]["item"]["stats_name"]["extaddr_port"] = "80";
+ $frontend["backend_serverpool"] = "example_backend1";
+ $acl = array();
+ $acl["name"] = "mail_acl";
+ $acl["expression"] = "host_matches";
+ $acl["value"] = "mail.domain.tld";
+ $frontend["ha_acls"]["item"][] = $acl;
+ $action = array();
+ $action["action"] = "use_backend";
+ $action["use_backendbackend"] = "example_backend2";
+ $action["acl"] = "mail_acl";
+ $frontend["a_actionitems"]["item"][] = $action;
+ $a_frontends[] = $frontend;
+
+ $frontend = array();
+ $frontend["name"] = "example_multipledomains_forum";
+ $frontend["status"] = "active";
+ $frontend["secondary"] = "yes";
+ $frontend["primary_frontend"] = "example_multipledomains";
+ $acl = array();
+ $acl["name"] = "forum_acl";
+ $acl["expression"] = "host_matches";
+ $acl["value"] = "forum.domain.tld";
+ $frontend["ha_acls"]["item"][] = $acl;
+ $action = array();
+ $action["action"] = "use_backend";
+ $action["use_backendbackend"] = "example_backend3";
+ $action["acl"] = "forum_acl";
+ $frontend["a_actionitems"]["item"][] = $action;
+ $a_frontends[] = $frontend;
+
+ $changedesc = "haproxy, add multi domain example";
+ header("Location: haproxy_listeners.php");
+ echo "touching: $d_haproxyconfdirty_path";
+ touch($d_haproxyconfdirty_path);
+ write_config($changedesc);
+ exit;
+}
+
if (isset($_GET['add_stats_example'])) {
$templateid = $_GET['add_stats_example'];
switch ($templateid) {
@@ -132,6 +209,9 @@ if (isset($_GET['add_stats_example'])) {
case "2":
template_errorfile();
break;
+ case "3":
+ haproxy_template_multipledomains();
+ break;
}
}
@@ -177,6 +257,20 @@ haproxy_css();
<td>&nbsp;</td>
</tr>
<tr>
+ <td colspan="2" valign="top" class="listtopic">Serving multiple domains from 1 frontend.</td>
+ </tr>
+ <tr>
+ <td width="22%" valign="top" class="vncell">
+ <a href="haproxy_templates.php?add_stats_example=3">Create configuration</a>
+ </td>
+ <td class="vtable">
+ As an basic example of how to serve multiple domains on 1 listening ip:port.
+ </td>
+ </tr>
+ <tr>
+ <td>&nbsp;</td>
+ </tr>
+ <tr>
<td colspan="2" valign="top" class="listtopic">Stats SSL frontent+backend</td>
</tr>
<tr>