diff options
Diffstat (limited to 'config/haproxy-devel')
-rw-r--r-- | config/haproxy-devel/haproxy.inc | 146 | ||||
-rwxr-xr-x | config/haproxy-devel/haproxy_global.php | 7 | ||||
-rw-r--r-- | config/haproxy-devel/haproxy_listeners_edit.php | 30 | ||||
-rw-r--r-- | config/haproxy-devel/haproxy_pool_edit.php | 153 | ||||
-rw-r--r-- | config/haproxy-devel/haproxy_pools.php | 149 |
5 files changed, 340 insertions, 145 deletions
diff --git a/config/haproxy-devel/haproxy.inc b/config/haproxy-devel/haproxy.inc index a8fc1497..93c9ec0b 100644 --- a/config/haproxy-devel/haproxy.inc +++ b/config/haproxy-devel/haproxy.inc @@ -65,6 +65,39 @@ if ($haproxy_sni_ssloffloading) { 'mode' => 'https', 'syntax' => 'req_ssl_sni -i', 'advancedoptions' => "tcp-request inspect-delay 5s\n\ttcp-request content accept if { req_ssl_hello_type 1 }"); } +$a_checktypes['none'] = array('name' => 'none', 'syntax' => '', + 'descr' => 'No health checks will be performed.'); +$a_checktypes['Basic'] = array('name' => 'Basic', 'syntax' => '', + 'descr' => 'Basic socket connection check'); +$a_checktypes['HTTP'] = array('name' => 'HTTP', 'syntax' => 'httpchk', + 'descr' => 'HTTP protocol to check on the servers health, can also be used for HTTPS servers(requirs checking the SSL box for the servers).', 'parameters' => "uri,method,version"); +/* seams this was added in HAProxy1.5dev18, haproxy-devel package is currently using 1.5dev17 +$a_checktypes['Agent'] = array('name' => 'Agent', 'syntax' => 'lb-agent-chk', 'usedifferenport' => 'yes', + 'descr' => 'Use a TCP connection to read an ASCII string of the form 100%,75%,drain,down (others in haproxy manual)'); +*/ +$a_checktypes['LDAP'] = array('name' => 'LDAP', 'syntax' => 'ldap-check', + 'descr' => 'Use LDAPv3 health checks for server testing'); +$a_checktypes['MySQL'] = array('name' => 'MySQL', 'syntax' => 'mysql-check', + 'descr' => 'Use MySQL health checks for server testing', 'parameters' => 'username'); +$a_checktypes['PostgreSQL'] = array('name' => 'PostgreSQL', 'syntax' => 'pgsql-check', + 'descr' => 'Use PostgreSQL health checks for server testing', 'parameters' => 'username'); +$a_checktypes['Redis'] = array('name' => 'Redis', 'syntax' => 'redis-check', + 'descr' => 'Test that the server correctly talks REDIS protocol.'); +$a_checktypes['SMTP'] = array('name' => 'SMTP', 'syntax' => 'smtpchk HELO', + 'descr' => 'Use SMTP HELO health checks for server testing', 'parameters' => 'domain'); +$a_checktypes['ESMTP'] = array('name' => 'ESMTP', 'syntax' => 'smtpchk EHLO', + 'descr' => 'Use ESMTP EHLO health checks for server testing', 'parameters' => 'domain'); +$a_checktypes['SSL'] = array('name' => 'SSL', 'syntax' => 'ssl-hello-chk', + 'descr' => 'Use SSLv3 client hello health checks for server testing.'); + +$a_httpcheck_method['OPTIONS'] = array('name' => 'OPTIONS', 'syntax' => 'OPTIONS'); +$a_httpcheck_method['HEAD'] = array('name' => 'HEAD', 'syntax' => 'HEAD'); +$a_httpcheck_method['GET'] = array('name' => 'GET', 'syntax' => 'GET'); +$a_httpcheck_method['POST'] = array('name' => 'POST', 'syntax' => 'POST'); +$a_httpcheck_method['PUT'] = array('name' => 'PUT', 'syntax' => 'PUT'); +$a_httpcheck_method['DELETE'] = array('name' => 'DELETE', 'syntax' => 'DELETE'); +$a_httpcheck_method['TRACE'] = array('name' => 'TRACE', 'syntax' => 'TRACE'); + function haproxy_custom_php_deinstall_command() { exec("cd /var/db/pkg && pkg_delete `ls | grep haproxy`"); exec("rm /usr/local/pkg/haproxy.inc"); @@ -323,6 +356,7 @@ function haproxy_find_acl($name) { function write_backend($fd, $name, $pool, $frontend) { if(!is_array($pool['ha_servers']['item']) && !$pool['stats_enabled']=='yes') return; + global $a_checktypes; $a_servers = &$pool['ha_servers']['item']; @@ -344,27 +378,41 @@ function write_backend($fd, $name, $pool, $frontend) { // https is an alias for tcp for clarity purpouses if(strtolower($frontend['type']) == "https") { $backend_type = "tcp"; - $httpchk = "ssl-hello-chk"; } else { $backend_type = $frontend['type']; - if(strtolower($frontend['type']) == "http") - $httpchk = "httpchk"; - else - unset($httpchk); } fwrite ($fd, "\tmode\t\t\t" . $backend_type . "\n"); - + + $check_type = $pool['check_type']; + if ($check_type != 'none') + { + $optioncheck = $a_checktypes[$check_type]['syntax']; + if ($check_type == "MySQL" || $check_type == "PostgreSQL") + $optioncheck .= " user " . $pool['monitor_username']; + if ($check_type == "SMTP" || $check_type == "ESMTP") + $optioncheck .= " " . $pool['monitor_domain']; + if ($check_type == "HTTP") + { + $uri = $pool['monitor_uri']; + if (!$uri) + $uri = "/"; + $optioncheck .= " {$pool['httpcheck_method']} {$uri} {$pool['monitor_httpversion']}"; + } + } else { + $optioncheck = "httpchk"; + } + if($pool['balance']) fwrite ($fd, "\tbalance\t\t\t" . $pool['balance'] . "\n"); if(!$pool['connection_timeout']) $pool['connection_timeout'] = 30000; - fwrite ($fd, "\tcontimeout\t\t" . $pool['connection_timeout'] . "\n"); + fwrite ($fd, "\ttimeout connect\t\t" . $pool['connection_timeout'] . "\n"); if(!$pool['server_timeout']) $pool['server_timeout'] = 30000; - fwrite ($fd, "\tsrvtimeout\t\t" . $pool['server_timeout'] . "\n"); + fwrite ($fd, "\ttimeout server\t\t" . $pool['server_timeout'] . "\n"); if(!$pool['retries']) $pool['retries'] = 3; @@ -375,10 +423,13 @@ function write_backend($fd, $name, $pool, $frontend) { if($pool['stats_uri']) fwrite ($fd, "\tstats\t\t\turi ".$pool['stats_uri']."\n"); if($pool['stats_realm']) - fwrite ($fd, "\tstats\t\t\trealm " . $pool['stats_realm'] . "\n"); + fwrite ($fd, "\tstats\t\t\trealm " . haproxy_escapestring($pool['stats_realm']) . "\n"); else fwrite ($fd, "\tstats\t\t\trealm .\n"); - fwrite ($fd, "\tstats\t\t\tauth " . $pool['stats_username'].":". $pool['stats_password']."\n"); + fwrite ($fd, "\tstats\t\t\tauth " . haproxy_escapestring($pool['stats_username']).":". haproxy_escapestring($pool['stats_password'])."\n"); + + if($pool['stats_admin']=='yes') + fwrite ($fd, "\tstats\t\t\tadmin if TRUE" . "\n"); if($pool['stats_node_enabled']=='yes') fwrite ($fd, "\tstats\t\t\tshow-node " . $pool['stats_node'] . "\n"); @@ -394,8 +445,8 @@ function write_backend($fd, $name, $pool, $frontend) { else $uri = "/"; - if ($httpchk) - fwrite ($fd, "\toption\t\t\t{$httpchk} HEAD " . $uri . " HTTP/1.0\n"); + if ($optioncheck) + fwrite ($fd, "\toption\t\t\t{$optioncheck}\n"); if ($pool['advanced_backend']) { $adv_be = explode("\n", base64_decode($pool['advanced_backend'])); @@ -407,7 +458,7 @@ function write_backend($fd, $name, $pool, $frontend) { } } - if($pool['cookie'] && strtolower($frontend['type']) == "http") + if($pool['cookie'] && strtolower($frontend['type']) == "http") $cookie = " cookie {$pool['cookie']} "; else $cookie = ""; @@ -417,12 +468,14 @@ function write_backend($fd, $name, $pool, $frontend) { } else { $advanced_txt = ""; } - if($pool['checkinter']) - $checkinter = "check inter {$pool['checkinter']}"; - else if (strtolower($frontend['type']) != "tcp") - $checkinter = "check inter 1000"; - else - $checkinter = ""; + + if ($check_type != 'none') + { + if($pool['checkinter']) + $checkinter = "check inter {$pool['checkinter']}"; + else + $checkinter = "check inter 1000"; + } if (is_array($a_servers)) { @@ -437,7 +490,11 @@ function write_backend($fd, $name, $pool, $frontend) { } else { $isbackup = ""; } - $ssl = ($backend_type == "http" && $be['ssl'] == 'yes') ? ' ssl' : ""; + $ssl = ""; + if ($be['ssl'] == 'yes') + { + $ssl = $backend_type == "http" ? ' ssl' : ' check-ssl'; + } fwrite ($fd, "\tserver\t\t\t" . $be['name'] . " " . $be['address'].":" . $be['port'] . "$ssl $cookie $checkinter $isbackup weight " . $be['weight'] . "{$advanced_txt} {$be['advanced']}\n"); } } @@ -477,8 +534,6 @@ function haproxy_writeconf() { if(is_array($a_global)) { fwrite ($fd, "global\n"); - if($a_global['advanced']) - fwrite ($fd, "\t" . base64_decode($a_global['advanced']) . "\n"); fwrite ($fd, "\tmaxconn\t\t\t".$a_global['maxconn']."\n"); if($a_global['remotesyslog']) fwrite ($fd, "\tlog\t\t\t{$a_global['remotesyslog']}\t{$a_global['logfacility']}\t{$a_global['loglevel']}\n"); @@ -488,10 +543,18 @@ function haproxy_writeconf() { if($a_global['nbproc']) $numprocs = $a_global['nbproc']; else - $numprocs = trim(`/sbin/sysctl kern.smp.cpus | cut -d" " -f2`); + $numprocs ="1"; fwrite ($fd, "\tnbproc\t\t\t$numprocs\n"); fwrite ($fd, "\tchroot\t\t\t/var/empty\n"); fwrite ($fd, "\tdaemon\n"); + + // Keep the advanced options on the bottom of the global settings, to allow additional sections to be easely added + if($a_global['advanced']) { + $adv = explode("\n", base64_decode($a_global['advanced'])); + foreach($adv as $adv_line) { + fwrite($fd, "\t" . $adv_line . "\n"); + } + } fwrite ($fd, "\n"); } @@ -515,7 +578,7 @@ function haproxy_writeconf() { //ssl crt ./server.pem ca-file ./ca.crt verify optional crt-ignore-err all crl-file ./ca_crl.pem $ssl_crt=" crt /var/etc/{$backend['name']}.{$backend['port']}.crt"; $cert = lookup_cert($backend['ssloffloadcert']); - $certcontent = base64_decode($cert['crt']).base64_decode($cert['prv']); + $certcontent = base64_decode($cert['crt'])."\r\n".base64_decode($cert['prv']); file_put_contents("/var/etc/{$backend['name']}.{$backend['port']}.crt", $certcontent); unset($certcontent); }else{ @@ -548,6 +611,7 @@ function haproxy_writeconf() { $b['client_timeout'] = $backend['client_timeout']; $b['advanced'] = $backend['advanced']; $b['ssloffload'] = $backend['ssloffload']; + $b['advanced_bind'] = $backend['advanced_bind']; } if ($ssl_crt != "") { @@ -577,6 +641,7 @@ function haproxy_writeconf() { $portss = "{$bind['port']},"; $ports = split(",", $portss); $ssl_info = $bind['ssl_info']; + $advanced_bind = $bind['advanced_bind']; // Initialize variable $listenip = ""; @@ -584,11 +649,11 @@ function haproxy_writeconf() { foreach($ports as $port) { if($port) { if($bind['extaddr'] == "any") - $listenip .= "\tbind\t\t\t0.0.0.0:{$port} {$ssl_info}\n"; + $listenip .= "\tbind\t\t\t0.0.0.0:{$port} {$ssl_info} {$advanced_bind}\n"; elseif($bind['extaddr']) - $listenip .= "\tbind\t\t\t{$bind['extaddr']}:{$port} {$ssl_info}\n"; + $listenip .= "\tbind\t\t\t{$bind['extaddr']}:{$port} {$ssl_info} {$advanced_bind}\n"; else - $listenip .= "\tbind\t\t\t" . get_current_wan_address('wan') . ":{$port} {$ssl_info}\n"; + $listenip .= "\tbind\t\t\t" . get_current_wan_address('wan') . ":{$port} {$ssl_info} {$advanced_bind}\n"; } } @@ -632,7 +697,7 @@ function haproxy_writeconf() { if(!$bind['client_timeout']) $bind['client_timeout'] = 30000; - fwrite ($fd, "\tclitimeout\t\t" . $bind['client_timeout'] . "\n"); + fwrite ($fd, "\ttimeout client\t\t" . $bind['client_timeout'] . "\n"); // Combine the rest of the listener configs @@ -1026,9 +1091,30 @@ function phparray_to_javascriptarray_recursive($nestID, $path, $items, $nodeName } } -function phparray_to_javascriptarray($items, $javaMapName, $includeitems) -{ +function phparray_to_javascriptarray($items, $javaMapName, $includeitems) { phparray_to_javascriptarray_recursive(1,'',$items, $javaMapName, $includeitems); } +function haproxy_escapestring($configurationsting) { + $result = str_replace('\\', '\\\\', $configurationsting); + $result = str_replace(' ', '\\ ', $result); + return str_replace('#', '\\#', $result); +} + +function echo_html_select($name, $keyvaluelist, $selected, $listEmptyMessage="", $onchangeEvent="") +{ + if (count($keyvaluelist)>0){ + if ($onchangeEvent != "") + $onchangeEvent .= " onchange=$onchangeEvent"; + echo "<select name=\"$name\" id=\"$name\" class=\"formselect\"$onchangeEvent>"; + foreach($keyvaluelist as $key => $desc){ + $selectedhtml = $key == $selected ? "selected" : ""; + echo "<option value=\"{$key}\" {$selectedhtml}>{$desc['name']}</option>"; + } + echo "</select>"; + } else { + echo $listEmptyMessage; + } +} + ?> diff --git a/config/haproxy-devel/haproxy_global.php b/config/haproxy-devel/haproxy_global.php index 8e2949fd..c906cda0 100755 --- a/config/haproxy-devel/haproxy_global.php +++ b/config/haproxy-devel/haproxy_global.php @@ -227,7 +227,9 @@ function enable_change(enable_change) { <td class="vtable"> <input name="nbproc" type="text" class="formfld" id="nbproc" size="18" value="<?=htmlspecialchars($pconfig['nbproc']);?>"> <br/> - Defaults to number of cores/processors installed if left blank (<?php echo trim(`/sbin/sysctl kern.smp.cpus | cut -d" " -f2`); ?> detected). + Defaults to 1 if left blank (<?php echo trim(`/sbin/sysctl kern.smp.cpus | cut -d" " -f2`); ?> CPU core(s) detected).<br/> + Note : Consider leaving this value empty or 1 because in multi-process mode (nbproc > 1) memory is not shared between the processes, which could result in random behaviours for several options like ACL's, sticky connections and some others.<br/> + For more information about the <b>"nbproc"</b> option please see <b><a href='http://haproxy.1wt.eu/download/1.5/doc/configuration.txt' target='_new'>HAProxy Documentation</a> </b> </td> </tr> <tr> @@ -235,7 +237,8 @@ function enable_change(enable_change) { Remote syslog host </td> <td class="vtable"> - <input name="remotesyslog" type="text" class="formfld" id="remotesyslog" size="18" value="<?=htmlspecialchars($pconfig['remotesyslog']);?>"> + <input name="remotesyslog" type="text" class="formfld" id="remotesyslog" size="18" value="<?=htmlspecialchars($pconfig['remotesyslog']);?>"><br/> + To log to the local pfSense systemlog fill the host with the value <b>/var/run/log</b>, however if a lot of messages are generated logging is likely to be incomplete. (Also currently no informational logging gets shown in the systemlog.) </td> </tr> <tr> diff --git a/config/haproxy-devel/haproxy_listeners_edit.php b/config/haproxy-devel/haproxy_listeners_edit.php index afd424c7..b6d6b85d 100644 --- a/config/haproxy-devel/haproxy_listeners_edit.php +++ b/config/haproxy-devel/haproxy_listeners_edit.php @@ -106,22 +106,6 @@ function get_certificates_server($get_includeWebCert=false) { return $certificates; } -function echo_html_select($name, $keyvaluelist, $selected, $listEmptyMessage="", $onchangeEvent="") -{ - if (count($keyvaluelist)>0){ - if ($onchangeEvent != "") - $onchangeEvent .= " onchange=$onchangeEvent"; - echo "<select name=\"$name\" id=\"$name\" class=\"formselect\"$onchangeEvent>"; - foreach($keyvaluelist as $key => $desc){ - $selectedhtml = $key == $selected ? "selected" : ""; - echo "<option value=\"{$key}\" {$selectedhtml}>{$desc['name']}</option>"; - } - echo "</select>"; - } else { - echo $listEmptyMessage; - } -} - function haproxy_acl_select($mode) { global $a_acltypes; @@ -144,7 +128,7 @@ $a_pools = &$config['installedpackages']['haproxy']['ha_pools']['item']; global $simplefields; $simplefields = array('name','desc','status','secondary','primary_frontend','type','forwardfor','httpclose','extaddr','backend_serverpool', - 'max_connections','client_timeout','port','ssloffloadcert','dcertadv','ssloffload','ssloffloadacl'); + 'max_connections','client_timeout','port','ssloffloadcert','dcertadv','ssloffload','ssloffloadacl','advanced_bind'); if (isset($_POST['id'])) $id = $_POST['id']; @@ -708,9 +692,17 @@ include("head.inc"); </td> </tr> <tr align="left"> + <td width="22%" valign="top" class="vncell">Bind pass thru</td> + <td width="78%" class="vtable" colspan="2"> + <input name="advanced_bind" type="text" <?if(isset($pconfig['advanced_bind'])) echo "value=\"".htmlspecialchars($pconfig['advanced_bind'])."\"";?> size="64"> + <br/> + NOTE: paste text into this box that you would like to pass behind the bind option. + </td> + </tr> + <tr align="left"> <td width="22%" valign="top" class="vncell">Advanced pass thru</td> <td width="78%" class="vtable" colspan="2"> - <textarea name='advanced' rows="4" cols="70" id='advanced'><?php echo $pconfig['advanced']; ?></textarea> + <textarea name='advanced' rows="4" cols="70" id='advanced'><?php echo htmlspecialchars($pconfig['advanced']); ?></textarea> <br/> NOTE: paste text into this box that you would like to pass thru. </td> @@ -752,7 +744,7 @@ include("head.inc"); <input id="ssloffloadacl" name="ssloffloadacl" type="checkbox" value="yes" <?php if ($pconfig['ssloffloadacl']=='yes') echo "checked";?> onclick="updatevisibility();">Add ACL for certificate CommonName.</input> </td> </tr> - <tr class="haproxy_ssloffloading_enabled" align="left"> + <tr class="haproxy_ssloffloading_enabled haproxy_primary" align="left"> <td width="22%" valign="top" class="vncell">Advanced ssl options</td> <td width="78%" class="vtable" colspan="2"> <input type='text' name='dcertadv' size="64" id='dcertadv' <?if(isset($pconfig['dcertadv'])) echo "value=\"{$pconfig['dcertadv']}\"";?> size="10" maxlength="64"> diff --git a/config/haproxy-devel/haproxy_pool_edit.php b/config/haproxy-devel/haproxy_pool_edit.php index 446c8e35..c3707903 100644 --- a/config/haproxy-devel/haproxy_pool_edit.php +++ b/config/haproxy-devel/haproxy_pool_edit.php @@ -30,6 +30,7 @@ */ require("guiconfig.inc"); +require_once("haproxy.inc"); $d_haproxyconfdirty_path = $g['varrun_path'] . "/haproxy.conf.dirty"; @@ -48,13 +49,13 @@ if (isset($_GET['dup'])) $id = $_GET['dup']; global $simplefields; -$simplefields = array("retries","balance","connection_timeout","server_timeout", "stats_enabled","stats_username","stats_password","stats_uri","stats_realm","stats_node_enabled","stats_node","stats_desc","stats_refresh"); +$simplefields = array( +"name","cookie","balance", +"check_type","checkinter","httpcheck_method","monitor_uri","monitor_httpversion","monitor_username","monitor_domain", +"connection_timeout","server_timeout","retries", +"stats_enabled","stats_username","stats_password","stats_uri","stats_realm","stats_admin","stats_node_enabled","stats_node","stats_desc","stats_refresh"); if (isset($id) && $a_pools[$id]) { - $pconfig['name'] = $a_pools[$id]['name']; - $pconfig['checkinter'] = $a_pools[$id]['checkinter']; - $pconfig['monitor_uri'] = $a_pools[$id]['monitor_uri']; - $pconfig['cookie'] = $a_pools[$id]['cookie']; $pconfig['advanced'] = base64_decode($a_pools[$id]['advanced']); $pconfig['advanced_backend'] = base64_decode($a_pools[$id]['advanced_backend']); $pconfig['a_servers']=&$a_pools[$id]['ha_servers']['item']; @@ -87,7 +88,10 @@ if ($_POST) { if (preg_match("/[^a-zA-Z0-9\.\-_]/", $_POST['name'])) $input_errors[] = "The field 'Name' contains invalid characters."; - + + if ($_POST['checkinter'] !== "" && !is_numeric($_POST['checkinter'])) + $input_errors[] = "The field 'Check frequency' value is not a number."; + if ($_POST['connection_timeout'] !== "" && !is_numeric($_POST['connection_timeout'])) $input_errors[] = "The field 'Connection timeout' value is not a number."; @@ -97,10 +101,12 @@ if ($_POST) { if ($_POST['retries'] !== "" && !is_numeric($_POST['retries'])) $input_errors[] = "The field 'Retries' value is not a number."; - if (preg_match("/[^a-zA-Z0-9\.\-_]/", $_POST['stats_username'])) + // the colon ":" is invalid in the username, other than that pretty much any character can be used. + if (preg_match("/[^a-zA-Z0-9!-\/;-~ ]/", $_POST['stats_username'])) $input_errors[] = "The field 'Stats Username' contains invalid characters."; - if (preg_match("/[^a-zA-Z0-9\.\-_]/", $_POST['stats_password'])) + // the colon ":" can also be used in the password + if (preg_match("/[^a-zA-Z0-9!-~ ]/", $_POST['stats_password'])) $input_errors[] = "The field 'Stats Password' contains invalid characters."; /* Ensure that our pool names are unique */ @@ -214,13 +220,21 @@ include("head.inc"); row_helper(); +// 'processing' done, make all simple fields usable in html. +foreach($simplefields as $field){ + $pconfig[$field] = htmlspecialchars($pconfig[$field]); +} ?> <input type='hidden' name='address_type' value='textbox' /> -<body link="#0000CC" vlink="#0000CC" alink="#0000CC""> +<body link="#0000CC" vlink="#0000CC" alink="#0000CC"> <style type="text/css"> .haproxy_stats_visible{display:none;} + .haproxy_check_enabled{display:none;} + .haproxy_check_http{display:none;} + .haproxy_check_username{display:none;} + .haproxy_check_smtp{display:none;} </style> <script language="javascript"> function clearcombo(){ @@ -245,7 +259,20 @@ row_helper(); function updatevisibility() { + d = document; setCSSdisplay(".haproxy_stats_visible", stats_enabled.checked); + + check_type = d.getElementById("check_type").value; + check_type_description = d.getElementById("check_type_description"); + check_type_description.innerHTML=checktypes[check_type]["descr"]; + setCSSdisplay(".haproxy_check_enabled", check_type != 'none'); + setCSSdisplay(".haproxy_check_http", check_type == 'HTTP'); + setCSSdisplay(".haproxy_check_username", check_type == 'MySQL' || check_type == 'PostgreSQL'); + setCSSdisplay(".haproxy_check_smtp", check_type == 'SMTP' || check_type == 'ESMTP'); + + monitor_username = d.getElementById("monitor_username"); + sqlcheckusername = d.getElementById("sqlcheckusername"); + sqlcheckusername.innerHTML=monitor_username.value; } @@ -256,7 +283,7 @@ row_helper(); rowsize[0] = "30"; rowname[1] = "server_address"; rowtype[1] = "textbox"; - rowsize[1] = "30"; + rowsize[1] = "20"; rowname[2] = "server_port"; rowtype[2] = "textbox"; rowsize[2] = "5"; @@ -269,6 +296,9 @@ row_helper(); rowname[5] = "server_status"; rowtype[5] = "select"; rowsize[5] = "1"; + rowname[6] = "server_advanced"; + rowtype[6] = "textbox"; + rowsize[6] = "20"; </script> <?php include("fbegin.inc"); ?> <?php if ($input_errors) print_input_errors($input_errors); ?> @@ -452,20 +482,6 @@ row_helper(); </td> </tr> <tr align="left"> - <td width="22%" valign="top" class="vncell">Check freq</td> - <td width="78%" class="vtable" colspan="2"> - <input name="checkinter" type="text" <?if(isset($pconfig['checkinter'])) echo "value=\"{$pconfig['checkinter']}\"";?>size="20"> milliseconds - <br/>For HTTP/HTTPS defaults to 1000 if left blank. For TCP no check will be performed if left empty. - </td> - </tr> - <tr align="left"> - <td width="22%" valign="top" class="vncell">Health check URI</td> - <td width="78%" class="vtable" colspan="2"> - <input name="monitor_uri" type="text" <?if(isset($pconfig['monitor_uri'])) echo "value=\"{$pconfig['monitor_uri']}\"";?>size="64"> - <br/>Defaults to / if left blank. - </td> - </tr> - <tr align="left"> <td width="22%" valign="top" class="vncell">Per server pass thru</td> <td width="78%" class="vtable" colspan="2"> <input type="text" name='advanced' id='advanced' value='<?php echo $pconfig['advanced']; ?>' size="64"> @@ -483,7 +499,74 @@ row_helper(); </td> </tr> - + </table> + <br/> + <table width="100%" border="0" cellpadding="6" cellspacing="0"> + <tr> + <td colspan="2" valign="top" class="listtopic">Health checking</td> + </tr> + <tr align="left"> + <td width="22%" valign="top" class="vncell">Health check method</td> + <td width="78%" class="vtable" colspan="2"> + <? + echo_html_select("check_type",$a_checktypes,$pconfig['check_type']?$pconfig['check_type']:"HTML","","updatevisibility();"); + ?><br/> + <textarea readonly="yes" cols="60" rows="2" id="check_type_description" name="check_type_description" style="padding:5px; border:1px dashed #990000; background-color: #ffffff; color: #000000; font-size: 8pt;"></textarea> + </td> + </tr> + <tr align="left" class="haproxy_check_enabled"> + <td width="22%" valign="top" class="vncell">Check frequency</td> + <td width="78%" class="vtable" colspan="2"> + <input name="checkinter" type="text" <?if(isset($pconfig['checkinter'])) echo "value=\"{$pconfig['checkinter']}\"";?>size="20"> milliseconds + <br/>For HTTP/HTTPS defaults to 1000 if left blank. For TCP no check will be performed if left empty. + </td> + </tr> + <tr align="left" class="haproxy_check_http"> + <td width="22%" valign="top" class="vncell">Http check method</td> + <td width="78%" class="vtable" colspan="2"> + <? + echo_html_select("httpcheck_method",$a_httpcheck_method,$pconfig['httpcheck_method']); + ?> + <br/>OPTIONS is the method usually best to perform server checks, HEAD and GET can also be used + </td> + </tr> + <tr align="left" class="haproxy_check_http"> + <td width="22%" valign="top" class="vncell">Http check URI</td> + <td width="78%" class="vtable" colspan="2"> + <input name="monitor_uri" type="text" <?if(isset($pconfig['monitor_uri'])) echo "value=\"{$pconfig['monitor_uri']}\"";?>size="64"> + <br/>Defaults to / if left blank. + </td> + </tr> + <tr align="left" class="haproxy_check_http"> + <td width="22%" valign="top" class="vncell">Http check version</td> + <td width="78%" class="vtable" colspan="2"> + <input name="monitor_httpversion" type="text" <?if(isset($pconfig['monitor_httpversion'])) echo "value=\"{$pconfig['monitor_httpversion']}\"";?>size="64"> + <br/>Defaults to "HTTP/1.0" if left blank. + Note that the Host field is mandatory in HTTP/1.1, and as a trick, it is possible to pass it + after "\r\n" following the version string like this:<br/> + "<i>HTTP/1.1\r\nHost:\ www</i>"<br/> + Also some hosts might require an accept parameter like this:<br/> + "<i>HTTP/1.0\r\nHost:\ webservername:8080\r\nAccept:\ */*</i>" + </td> + </tr> + <tr align="left" class="haproxy_check_username"> + <td width="22%" valign="top" class="vncell">Check with Username</td> + <td width="78%" class="vtable" colspan="2"> + <input name="monitor_username" id="monitor_username" type="text" <?if(isset($pconfig['monitor_username'])) echo "value=\"{$pconfig['monitor_username']}\"";?>size="64" onchange="updatevisibility();" onkeyup="updatevisibility();"> + <br/> + This is the username which will be used when connecting to MySQL/PostgreSQL server. + <pre> +USE mysql; +CREATE USER '<span id="sqlcheckusername" name="sqlcheckusername"></span>'@'<pfSenseIP>'; +FLUSH PRIVILEGES;</pre> + </td> + </tr> + <tr align="left" class="haproxy_check_smtp"> + <td width="22%" valign="top" class="vncell">Domain</td> + <td width="78%" class="vtable" colspan="2"> + <input name="monitor_domain" type="text" <?if(isset($pconfig['monitor_domain'])) echo "value=\"{$pconfig['monitor_domain']}\"";?>size="64"> + </td> + </tr> </table> <br/> <table width="100%" border="0" cellpadding="6" cellspacing="0"> @@ -543,14 +626,24 @@ set by the 'retries' parameter.</div> <tr class="haproxy_stats_visible" align="left" id='stats_username_row' name='stats_username_row'> <td width="22%" valign="top" class="vncellreq">Stats Username</td> <td width="78%" class="vtable" colspan="2"> - <input id="stats_username" name="stats_username" type="text" <?if(isset($pconfig['stats_username'])) echo "value=\"{$pconfig['stats_username']}\"";?> size="64"> + <input id="stats_username" name="stats_username" type="text" <?if(isset($pconfig['stats_username'])) echo "value=\"".$pconfig['stats_username']."\"";?> size="64"> </td> </tr> <tr class="haproxy_stats_visible" align="left" id='stats_password_row' name='stats_password_row'> <td width="22%" valign="top" class="vncellreq">Stats Password</td> <td width="78%" class="vtable" colspan="2"> - <input id="stats_password" name="stats_password" type="password" <?if(isset($pconfig['stats_password'])) echo "value=\"{$pconfig['stats_password']}\"";?> size="64"> + <input id="stats_password" name="stats_password" type="password" <? + if(isset($pconfig['stats_password'])) + echo "value=\"".$pconfig['stats_password']."\""; + ?> size="64"> + <br/> + </td> + </tr> + <tr class="haproxy_stats_visible" align="left" id='stats_node_admin_row' name='stats_node_enabled_row'> + <td width="22%" valign="top" class="vncell">Stats Admin</td> + <td width="78%" class="vtable" colspan="2"> + <input id="stats_admin" name="stats_admin" type="checkbox" value="yes" <?php if ($pconfig['stats_admin']=='yes') echo "checked"; ?>> <br/> </td> </tr> @@ -600,7 +693,11 @@ set by the 'retries' parameter.</div> <br> <?php include("fend.inc"); ?> <script type="text/javascript"> - field_counter_js = 6; +<? + phparray_to_javascriptarray($a_checktypes,"checktypes",Array('/*','/*/name','/*/descr')); +?> + + field_counter_js = 7; rows = 1; totalrows = <?php echo $counter; ?>; loaded = <?php echo $counter; ?>; diff --git a/config/haproxy-devel/haproxy_pools.php b/config/haproxy-devel/haproxy_pools.php index 57b056b3..a0c6b176 100644 --- a/config/haproxy-devel/haproxy_pools.php +++ b/config/haproxy-devel/haproxy_pools.php @@ -92,10 +92,10 @@ include("head.inc"); <table width="100%" border="0" cellpadding="0" cellspacing="0"> <tr><td class="tabnavtbl"> <?php - /* active tabs */ - $tab_array = array(); + /* active tabs */ + $tab_array = array(); $tab_array[] = array("Settings", false, "haproxy_global.php"); - $tab_array[] = array("Listener", false, "haproxy_listeners.php"); + $tab_array[] = array("Listener", false, "haproxy_listeners.php"); $tab_array[] = array("Server Pool", true, "haproxy_pools.php"); display_top_tabs($tab_array); ?> @@ -103,72 +103,89 @@ include("head.inc"); <tr> <td> <div id="mainarea"> - <table class="tabcont sortable" width="100%" border="0" cellpadding="0" cellspacing="0"> - <tr> - <td width="30%" class="listhdrr">Name</td> - <td width="10%" class="listhdrr">Servers</td> - <td width="40%" class="listhdrr">Listener</td> - <td width="10%" class="list"></td> - </tr> + <table class="tabcont sortable" width="100%" border="0" cellpadding="0" cellspacing="0"> + <tr> + <td width="5%" class="listhdrr">Advanced</td> + <td width="25%" class="listhdrr">Name</td> + <td width="10%" class="listhdrr">Servers</td> + <td width="10%" class="listhdrr">Check</td> + <td width="30%" class="listhdrr">Listener</td> + <td width="10%" class="list"></td> + </tr> <?php - $i = 0; - foreach ($a_pools as $pool): - - $fe_list = ""; - $sep = ""; - foreach ($a_backends as $backend) { - if($backend['backend_serverpool'] == $pool['name']) { - $fe_list .= $sep . $backend['name']; - $sep = ", "; - } - } - $textss = $textse = ""; - if ($fe_list == "") { - $textss = "<span class=\"gray\">"; - $textse = "</span>"; - } - if (is_array($pool['ha_servers'])) - $count = count($pool['ha_servers']['item']); - else - $count = 0; + $img_adv = "/themes/{$g['theme']}/images/icons/icon_advanced.gif"; + $i = 0; + foreach ($a_pools as $pool){ + $fe_list = ""; + $sep = ""; + foreach ($a_backends as $backend) { + if($backend['backend_serverpool'] == $pool['name']) { + $fe_list .= $sep . $backend['name']; + $sep = ", "; + } + } + $textgray = $fe_list == "" ? " gray" : ""; + + if (is_array($pool['ha_servers'])) + $count = count($pool['ha_servers']['item']); + else + $count = 0; +?> + <tr class="<?=$textgray?>"> + <td class="listlr" ondblclick="document.location='haproxy_pool_edit.php?id=<?=$i;?>';"> + <? + if ($pool['stats_enabled']=='yes'){ + echo "<img src=\"./themes/{$g['theme']}/images/icons/icon_log_s.gif\"" . ' title="stats enabled" width="11" height="15" border="0">'; + } + $isadvset = ""; + if ($pool['advanced']) $isadvset .= "Per server pass thru\r\n"; + if ($pool['advanced_backend']) $isadvset .= "Backend pass thru\r\n"; + if ($isadvset) + echo "<img src=\"$img_adv\" title=\"" . gettext("advanced settings set") . ": {$isadvset}\" border=\"0\">"; + ?> + </td> + <td class="listlr" ondblclick="document.location='haproxy_pool_edit.php?id=<?=$i;?>';"> + <?=$pool['name'];?> + </td> + <td class="listlr" ondblclick="document.location='haproxy_pool_edit.php?id=<?=$i;?>';"> + <?=$count;?> + </td> + <td class="listlr" ondblclick="document.location='haproxy_pool_edit.php?id=<?=$i;?>';"> + <?=$a_checktypes[$pool['check_type']]['name'];?> + </td> + <td class="listlr" ondblclick="document.location='haproxy_pool_edit.php?id=<?=$i;?>';"> + <?=$fe_list;?> + </td> + <td class="list" nowrap> + <table border="0" cellspacing="0" cellpadding="1"> + <tr> + <td valign="middle"><a href="haproxy_pool_edit.php?id=<?=$i;?>"><img src="/themes/<?= $g['theme']; ?>/images/icons/icon_e.gif" width="17" height="17" border="0"></a></td> + <td valign="middle"><a href="haproxy_pools.php?act=del&id=<?=$i;?>" onclick="return confirm('Do you really want to delete this entry?')"><img src="/themes/<?= $g['theme']; ?>/images/icons/icon_x.gif" width="17" height="17" border="0"></a></td> + <td valign="middle"><a href="haproxy_pool_edit.php?dup=<?=$i;?>"><img src="/themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" width="17" height="17" border="0"></a></td> + </tr> + </table> + </td> + </tr> +<?php + $i++; + } ?> - <tr> - <td class="listlr" ondblclick="document.location='haproxy_pool_edit.php?id=<?=$i;?>';"> - <?=$textss . $pool['name'] . $textse;?> - </td> - <td class="listlr" ondblclick="document.location='haproxy_pool_edit.php?id=<?=$i;?>';"> - <?=$textss . $count . $textse;?> - </td> - <td class="listlr" ondblclick="document.location='haproxy_pool_edit.php?id=<?=$i;?>';"> - <?=$textss . $fe_list . $textse;?> - </td> - <td class="list" nowrap> - <table border="0" cellspacing="0" cellpadding="1"> - <tr> - <td valign="middle"><a href="haproxy_pool_edit.php?id=<?=$i;?>"><img src="/themes/<?= $g['theme']; ?>/images/icons/icon_e.gif" width="17" height="17" border="0"></a></td> - <td valign="middle"><a href="haproxy_pools.php?act=del&id=<?=$i;?>" onclick="return confirm('Do you really want to delete this entry?')"><img src="/themes/<?= $g['theme']; ?>/images/icons/icon_x.gif" width="17" height="17" border="0"></a></td> - <td valign="middle"><a href="haproxy_pool_edit.php?dup=<?=$i;?>"><img src="/themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" width="17" height="17" border="0"></a></td> - </tr> - </table> - </td> - </tr> - <?php $i++; endforeach; ?> - <tfoot> - <tr> - <td class="list" colspan="3"></td> - <td class="list"> - <table border="0" cellspacing="0" cellpadding="1"> - <tr> - <td valign="middle"><a href="haproxy_pool_edit.php"><img src="/themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" width="17" height="17" border="0"></a></td> - </tr> - </table> - </td> - </tr> - </tfoot> - </table> - </div> + <tfoot> + <tr> + <td class="list" colspan="5"></td> + <td class="list"> + <table border="0" cellspacing="0" cellpadding="1"> + <tr> + <td valign="middle"><a href="haproxy_pool_edit.php"><img src="/themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" width="17" height="17" border="0"></a></td> + </tr> + </table> + </td> + </tr> + </tfoot> + </table> + </div> </table> - </form> + </form> <?php include("fend.inc"); ?> </body> </html> |