aboutsummaryrefslogtreecommitdiffstats
path: root/config/haproxy-devel
diff options
context:
space:
mode:
Diffstat (limited to 'config/haproxy-devel')
-rw-r--r--config/haproxy-devel/haproxy.inc98
-rwxr-xr-xconfig/haproxy-devel/haproxy_global.php4
-rw-r--r--config/haproxy-devel/haproxy_listeners.php18
-rw-r--r--config/haproxy-devel/haproxy_listeners_edit.php19
-rw-r--r--config/haproxy-devel/haproxy_pool_edit.php4
-rw-r--r--config/haproxy-devel/haproxy_pools.php4
-rw-r--r--config/haproxy-devel/haproxy_stats.php4
7 files changed, 74 insertions, 77 deletions
diff --git a/config/haproxy-devel/haproxy.inc b/config/haproxy-devel/haproxy.inc
index cae53330..1e403c48 100644
--- a/config/haproxy-devel/haproxy.inc
+++ b/config/haproxy-devel/haproxy.inc
@@ -504,27 +504,17 @@ function write_backend($fd, $name, $pool, $frontend) {
global $a_checktypes, $a_cookiemode;
$a_servers = &$pool['ha_servers']['item'];
- $frontendtype = strtolower($frontend['type']);
-
- unset($sslserverpresent);
- if (is_array($a_servers))
- {
- foreach($a_servers as $be) {
- if (!$be['status'] == "inactive")
- continue;
- if ($be['ssl'])
- $sslserverpresent = true;
- }
- }
+ $frontendtype = $frontend['type'];
+ $frontend_ip = haproxy_interface_ip($frontend['extaddr']);
fwrite ($fd, "backend " . $name . "\n");
// https is an alias for tcp for clarity purposes
- if(strtolower($frontend['type']) == "https") {
- $backend_type = "tcp";
+ if($frontendtype == "https") {
+ $backend_mode = "tcp";
} else {
- $backend_type = $frontend['type'];
+ $backend_mode = $frontendtype;
}
- fwrite ($fd, "\tmode\t\t\t" . $backend_type . "\n");
+ fwrite ($fd, "\tmode\t\t\t" . $backend_mode . "\n");
if ($frontendtype == "http") {
if ($pool["persist_cookie_enabled"] == "yes") {
@@ -702,7 +692,7 @@ function write_backend($fd, $name, $pool, $frontend) {
$ssl = "";
if ($be['ssl'] == 'yes')
{
- $ssl = $backend_type == "http" ? ' ssl' : ' check-ssl';
+ $ssl = $frontendtype == "http" ? ' ssl' : ' check-ssl';
}
$weight = "";
if (is_numeric($be['weight'])){
@@ -828,20 +818,14 @@ function haproxy_writeconf($configpath) {
if(is_array($a_frontends)) {
foreach ($a_frontends as $frontend) {
if($frontend['status'] != 'active')
- {
- unlink_if_exists("var/etc/{$frontend['name']}.{$frontend['port']}.crt");
continue;
- }
if(!$frontend['backend_serverpool'])
- {
- unlink_if_exists("var/etc/{$frontend['name']}.{$frontend['port']}.crt");
continue;
- }
-
+ $primaryfrontend = get_primaryfrontend($frontend);
$bname = get_frontend_ipport($frontend);
//check ssl info
- if (strtolower($frontend['type']) == "http" && $frontend['ssloffload']){
+ if (strtolower($primaryfrontend['type']) == "http" && $frontend['ssloffload']){
//ssl crt ./server.pem ca-file ./ca.crt verify optional crt-ignore-err all crl-file ./ca_crl.pem
$filename = "$configpath/{$frontend['name']}.{$frontend['port']}.pem";
$ssl_crt = " crt $filename";
@@ -866,7 +850,6 @@ function haproxy_writeconf($configpath) {
$a_bind[$bname] = array();
$a_bind[$bname]['config'] = array();
// Settings which are used only from the primary frontend
- $primaryfrontend = get_primaryfrontend($frontend);
$a_bind[$bname]['name'] = $primaryfrontend['name'];
$a_bind[$bname]['extaddr'] = $primaryfrontend['extaddr'];
$a_bind[$bname]['port'] = $primaryfrontend['port'];
@@ -883,7 +866,7 @@ function haproxy_writeconf($configpath) {
if (($frontend['secondary'] != 'yes') && ($frontend['name'] != $b['name'])) {
// only 1 frontend can be the primary for a set of frontends that share 1 address:port.
- $input_errors[] = "Multiple primary frondends for $bname";
+ $input_errors[] = "Multiple primary frontends for $bname use the 'Shared Frontend' option instead";
}
if ($ssl_crt != "") {
@@ -912,8 +895,15 @@ function haproxy_writeconf($configpath) {
// Prepare ports for processing by splitting
$portss = "{$bind['port']},";
$ports = split(",", $portss);
- $ssl_info = $bind['ssl_info'];
- $advanced_bind = $bind['advanced_bind'];
+
+ if($bind['type'] == "http") {
+ // ssl offloading is only possible in http mode.
+ $ssl_info = $bind['ssl_info'];
+ $advanced_bind = $bind['advanced_bind'];
+ } else {
+ $ssl_info = "";
+ $advanced_bind = "";
+ }
// Initialize variable
$listenip = "";
@@ -944,7 +934,7 @@ function haproxy_writeconf($configpath) {
}
}
- // https is an alias for tcp for clarity purpouses
+ // https is an alias for tcp for clarity purposes
if($bind['type'] == "https") {
$backend_type = "tcp";
} else {
@@ -984,16 +974,13 @@ function haproxy_writeconf($configpath) {
foreach ($bind['config'] as $frontend) {
$a_acl = get_frontend_acls($frontend);
- $poolname = $frontend['backend_serverpool'] . "_" . strtolower($frontend['type']);
-
- // Create different pools if the svrport is set
- if ($frontend['svrport'] > 0)
- $poolname .= "_" . $frontend['svrport'];
+ $poolname = $frontend['backend_serverpool'] . "_" . strtolower($bind['type']);
if (!isset($a_pendingpl[$poolname])) {
$a_pendingpl[$poolname] = array();
$a_pendingpl[$poolname]['name'] = $poolname;
- $a_pendingpl[$poolname]['frontend'] = $frontend;
+ $a_pendingpl[$poolname]['backend'] = $frontend['backend_serverpool'];
+ $a_pendingpl[$poolname]['frontend'] = $bind;
}
// Write this out once, and must be before any backend config text
@@ -1044,7 +1031,7 @@ function haproxy_writeconf($configpath) {
if (is_array($a_pendingpl) && is_array($a_backends)) {
foreach ($a_pendingpl as $pending) {
foreach ($a_backends as $pool) {
- if ($pending['frontend']['backend_serverpool'] == $pool['name']) {
+ if ($pending['backend'] == $pool['name']) {
write_backend($fd, $pending['name'], $pool, $pending['frontend']);
}
}
@@ -1369,7 +1356,7 @@ function get_primaryfrontend($frontend) {
function get_frontend_ipport($frontend,$userfriendly=false) {
$mainfrontend = get_primaryfrontend($frontend);
- $result = haproxy_interface_ip($mainfrontend['extaddr'],$userfriendly);
+ $result = haproxy_interface_ip($mainfrontend['extaddr'], $userfriendly);
if ($userfriendly and is_ipaddrv6($result))
$result = "[{$result}]";
return $result . ":" . $mainfrontend['port'];
@@ -1423,6 +1410,7 @@ function get_haproxy_frontends($excludeitem="") {
}
function get_frontend_acls($frontend) {
+ $mainfrontend = get_primaryfrontend($frontend);
$result = array();
$a_acl = &$frontend['ha_acls']['item'];
if (is_array($a_acl))
@@ -1433,7 +1421,7 @@ function get_frontend_acls($frontend) {
continue;
// Filter out acls for different modes
- if ($acl['mode'] != '' && $acl['mode'] != strtolower($frontend['type']))
+ if ($acl['mode'] != '' && $acl['mode'] != strtolower($mainfrontend['type']))
continue;
$acl_item = array();
@@ -1444,7 +1432,6 @@ function get_frontend_acls($frontend) {
}
}
- $mainfrontend = get_primaryfrontend($frontend);
if (strtolower($mainfrontend['type']) == "http" && $mainfrontend['ssloffload']) {
$a_acl = &$frontend['ha_acls']['item'];
if(!is_array($a_acl))
@@ -1465,17 +1452,15 @@ function get_frontend_acls($frontend) {
if ($frontend['ssloffloadacladditional']){
$certs = $frontend['ha_certificates']['item'];
if (is_array($certs)){
- if (count($certs) > 0){
- foreach($certs as $certref){
- $cert = lookup_cert($certref['ssl_certificate']);
- $cert_cn = cert_get_cn($cert['crt']);
- $descr = haproxy_escape_acl_name($cert['descr']);
- unset($cert);
- $acl_item = array();
- $acl_item['descr'] = "Additional certificate ACLs: ".$cert_cn;
- $acl_item['ref'] = array('name' => "{$aclname}_{$descr}",'expression' => 'host_matches', 'value' => $cert_cn);
- $result[] = $acl_item;
- }
+ foreach($certs as $certref){
+ $cert = lookup_cert($certref['ssl_certificate']);
+ $cert_cn = cert_get_cn($cert['crt']);
+ $descr = haproxy_escape_acl_name($cert['descr']);
+ unset($cert);
+ $acl_item = array();
+ $acl_item['descr'] = "Additional certificate ACLs: ".$cert_cn;
+ $acl_item['ref'] = array('name' => "{$aclname}_{$descr}",'expression' => 'host_matches', 'value' => $cert_cn);
+ $result[] = $acl_item;
}
}
}
@@ -1486,11 +1471,12 @@ function get_frontend_acls($frontend) {
function get_backend($name) {
global $config;
$a_backend = &$config['installedpackages']['haproxy']['ha_pools']['item'];
- foreach($a_backend as $key => $backend)
- {
- if ($backend['name'] == $name)
- return $backend;
- }
+ if(is_array($a_backend))
+ foreach($a_backend as $key => $backend)
+ {
+ if ($backend['name'] == $name)
+ return $backend;
+ }
return null;
}
diff --git a/config/haproxy-devel/haproxy_global.php b/config/haproxy-devel/haproxy_global.php
index 44f01dc5..50472d9f 100755
--- a/config/haproxy-devel/haproxy_global.php
+++ b/config/haproxy-devel/haproxy_global.php
@@ -133,8 +133,8 @@ if (!$pconfig['logfacility'])
if (!$pconfig['loglevel'])
$pconfig['loglevel'] = 'info';
-$pfSversion = str_replace("\n", "", file_get_contents("/etc/version"));
-if(strstr($pfSversion, "1.2"))
+$pf_version=substr(trim(file_get_contents("/etc/version")),0,3);
+if ($pf_version < 2.0)
$one_two = true;
$pgtitle = "Services: HAProxy: Settings";
diff --git a/config/haproxy-devel/haproxy_listeners.php b/config/haproxy-devel/haproxy_listeners.php
index b259c6fb..7022ec34 100644
--- a/config/haproxy-devel/haproxy_listeners.php
+++ b/config/haproxy-devel/haproxy_listeners.php
@@ -70,8 +70,8 @@ if ($_GET['act'] == "del") {
}
}
-$pfSversion = str_replace("\n", "", file_get_contents("/etc/version"));
-if(strstr($pfSversion, "1.2"))
+$pf_version=substr(trim(file_get_contents("/etc/version")),0,3);
+if ($pf_version < 2.0)
$one_two = true;
$pgtitle = "Services: HAProxy: Frontends";
@@ -123,8 +123,10 @@ include("head.inc");
$a_frontend_grouped = array();
foreach($a_frontend as &$frontend2) {
+ $mainfrontend = get_primaryfrontend($frontend2);
$ipport = get_frontend_ipport($frontend2, true);
$frontend2['ipport'] = $ipport;
+ $frontend2['type'] = $mainfrontend['type'];
$a_frontend_grouped[$ipport][] = $frontend2;
}
ksort($a_frontend_grouped);
@@ -181,11 +183,13 @@ include("head.inc");
$backend_serverpool = $frontend['backend_serverpool'];
$backend = get_backend($backend_serverpool );
- $servers = $backend['ha_servers']['item'];
- $backend_serverpool_hint = gettext("Servers in pool:");
- if (is_array($servers)){
- foreach($servers as $server){
- $backend_serverpool_hint .= "\n".$server['address'].":".$server['port'];
+ if ($backend && is_array($backend['ha_servers']['item'])){
+ $servers = $backend['ha_servers']['item'];
+ $backend_serverpool_hint = gettext("Servers in pool:");
+ if (is_array($servers)){
+ foreach($servers as $server){
+ $backend_serverpool_hint .= "\n".$server['address'].":".$server['port'];
+ }
}
}
?>
diff --git a/config/haproxy-devel/haproxy_listeners_edit.php b/config/haproxy-devel/haproxy_listeners_edit.php
index 5bc039b7..6731731d 100644
--- a/config/haproxy-devel/haproxy_listeners_edit.php
+++ b/config/haproxy-devel/haproxy_listeners_edit.php
@@ -227,8 +227,8 @@ if ($_POST) {
}
}
-$pfSversion = str_replace("\n", "", file_get_contents("/etc/version"));
-if(strstr($pfSversion, "1.2"))
+$pf_version=substr(trim(file_get_contents("/etc/version")),0,3);
+if ($pf_version < 2.0)
$one_two = true;
$closehead = false;
@@ -261,7 +261,14 @@ $interfaces = haproxy_get_bindable_interfaces();
function htmllist_get_select_options(tableId) {
var seltext;
seltext = "";
- var type = d.getElementById("type").value;
+ var type;
+ var secondary = d.getElementById("secondary");
+ var primary_frontend = d.getElementById("primary_frontend");
+ if ((secondary !== null) && (secondary.checked))
+ type = primaryfrontends[primary_frontend.value]['ref']['type'];
+ else
+ type = d.getElementById("type").value;
+
if (tableId == 'tableA_acltable'){
if (type == 'health')
seltext = "<?php echo haproxy_js_acl_select('health');?>";
@@ -297,10 +304,10 @@ $interfaces = haproxy_get_bindable_interfaces();
function updatevisibility() {
d = document;
ssloffload = d.getElementById("ssloffload");
- type = d.getElementById("type");
- secondary = d.getElementById("secondary");
- primary_frontend = d.getElementById("primary_frontend");
+ var type;
+ var secondary = d.getElementById("secondary");
+ var primary_frontend = d.getElementById("primary_frontend");
if ((secondary !== null) && (secondary.checked))
type = primaryfrontends[primary_frontend.value]['ref']['type'];
else
diff --git a/config/haproxy-devel/haproxy_pool_edit.php b/config/haproxy-devel/haproxy_pool_edit.php
index 726dab30..49eb4271 100644
--- a/config/haproxy-devel/haproxy_pool_edit.php
+++ b/config/haproxy-devel/haproxy_pool_edit.php
@@ -250,8 +250,8 @@ if ($_POST) {
$pconfig['a_servers']=&$a_pools[$id]['ha_servers']['item'];
}
-$pfSversion = str_replace("\n", "", file_get_contents("/etc/version"));
-if(strstr($pfSversion, "1.2"))
+$pf_version=substr(trim(file_get_contents("/etc/version")),0,3);
+if ($pf_version < 2.0)
$one_two = true;
$closehead = false;
diff --git a/config/haproxy-devel/haproxy_pools.php b/config/haproxy-devel/haproxy_pools.php
index 15567807..92235933 100644
--- a/config/haproxy-devel/haproxy_pools.php
+++ b/config/haproxy-devel/haproxy_pools.php
@@ -65,8 +65,8 @@ if ($_GET['act'] == "del") {
exit;
}
-$pfSversion = str_replace("\n", "", file_get_contents("/etc/version"));
-if(strstr($pfSversion, "1.2"))
+$pf_version=substr(trim(file_get_contents("/etc/version")),0,3);
+if ($pf_version < 2.0)
$one_two = true;
$pgtitle = "Services: HAProxy: Backend server pools";
diff --git a/config/haproxy-devel/haproxy_stats.php b/config/haproxy-devel/haproxy_stats.php
index cbf5b2b2..10dd136a 100644
--- a/config/haproxy-devel/haproxy_stats.php
+++ b/config/haproxy-devel/haproxy_stats.php
@@ -129,8 +129,8 @@ if ($_POST) {
}
}
-$pfSversion = str_replace("\n", "", file_get_contents("/etc/version"));
-if(strstr($pfSversion, "1.2"))
+$pf_version=substr(trim(file_get_contents("/etc/version")),0,3);
+if ($pf_version < 2.0)
$one_two = true;
$pgtitle = "Services: HAProxy: Stats";