diff options
Diffstat (limited to 'config/haproxy-devel')
-rw-r--r-- | config/haproxy-devel/haproxy.inc | 98 | ||||
-rwxr-xr-x | config/haproxy-devel/haproxy_global.php | 4 | ||||
-rw-r--r-- | config/haproxy-devel/haproxy_listeners.php | 18 | ||||
-rw-r--r-- | config/haproxy-devel/haproxy_listeners_edit.php | 19 | ||||
-rw-r--r-- | config/haproxy-devel/haproxy_pool_edit.php | 4 | ||||
-rw-r--r-- | config/haproxy-devel/haproxy_pools.php | 4 | ||||
-rw-r--r-- | config/haproxy-devel/haproxy_stats.php | 4 |
7 files changed, 74 insertions, 77 deletions
diff --git a/config/haproxy-devel/haproxy.inc b/config/haproxy-devel/haproxy.inc index cae53330..1e403c48 100644 --- a/config/haproxy-devel/haproxy.inc +++ b/config/haproxy-devel/haproxy.inc @@ -504,27 +504,17 @@ function write_backend($fd, $name, $pool, $frontend) { global $a_checktypes, $a_cookiemode; $a_servers = &$pool['ha_servers']['item']; - $frontendtype = strtolower($frontend['type']); - - unset($sslserverpresent); - if (is_array($a_servers)) - { - foreach($a_servers as $be) { - if (!$be['status'] == "inactive") - continue; - if ($be['ssl']) - $sslserverpresent = true; - } - } + $frontendtype = $frontend['type']; + $frontend_ip = haproxy_interface_ip($frontend['extaddr']); fwrite ($fd, "backend " . $name . "\n"); // https is an alias for tcp for clarity purposes - if(strtolower($frontend['type']) == "https") { - $backend_type = "tcp"; + if($frontendtype == "https") { + $backend_mode = "tcp"; } else { - $backend_type = $frontend['type']; + $backend_mode = $frontendtype; } - fwrite ($fd, "\tmode\t\t\t" . $backend_type . "\n"); + fwrite ($fd, "\tmode\t\t\t" . $backend_mode . "\n"); if ($frontendtype == "http") { if ($pool["persist_cookie_enabled"] == "yes") { @@ -702,7 +692,7 @@ function write_backend($fd, $name, $pool, $frontend) { $ssl = ""; if ($be['ssl'] == 'yes') { - $ssl = $backend_type == "http" ? ' ssl' : ' check-ssl'; + $ssl = $frontendtype == "http" ? ' ssl' : ' check-ssl'; } $weight = ""; if (is_numeric($be['weight'])){ @@ -828,20 +818,14 @@ function haproxy_writeconf($configpath) { if(is_array($a_frontends)) { foreach ($a_frontends as $frontend) { if($frontend['status'] != 'active') - { - unlink_if_exists("var/etc/{$frontend['name']}.{$frontend['port']}.crt"); continue; - } if(!$frontend['backend_serverpool']) - { - unlink_if_exists("var/etc/{$frontend['name']}.{$frontend['port']}.crt"); continue; - } - + $primaryfrontend = get_primaryfrontend($frontend); $bname = get_frontend_ipport($frontend); //check ssl info - if (strtolower($frontend['type']) == "http" && $frontend['ssloffload']){ + if (strtolower($primaryfrontend['type']) == "http" && $frontend['ssloffload']){ //ssl crt ./server.pem ca-file ./ca.crt verify optional crt-ignore-err all crl-file ./ca_crl.pem $filename = "$configpath/{$frontend['name']}.{$frontend['port']}.pem"; $ssl_crt = " crt $filename"; @@ -866,7 +850,6 @@ function haproxy_writeconf($configpath) { $a_bind[$bname] = array(); $a_bind[$bname]['config'] = array(); // Settings which are used only from the primary frontend - $primaryfrontend = get_primaryfrontend($frontend); $a_bind[$bname]['name'] = $primaryfrontend['name']; $a_bind[$bname]['extaddr'] = $primaryfrontend['extaddr']; $a_bind[$bname]['port'] = $primaryfrontend['port']; @@ -883,7 +866,7 @@ function haproxy_writeconf($configpath) { if (($frontend['secondary'] != 'yes') && ($frontend['name'] != $b['name'])) { // only 1 frontend can be the primary for a set of frontends that share 1 address:port. - $input_errors[] = "Multiple primary frondends for $bname"; + $input_errors[] = "Multiple primary frontends for $bname use the 'Shared Frontend' option instead"; } if ($ssl_crt != "") { @@ -912,8 +895,15 @@ function haproxy_writeconf($configpath) { // Prepare ports for processing by splitting $portss = "{$bind['port']},"; $ports = split(",", $portss); - $ssl_info = $bind['ssl_info']; - $advanced_bind = $bind['advanced_bind']; + + if($bind['type'] == "http") { + // ssl offloading is only possible in http mode. + $ssl_info = $bind['ssl_info']; + $advanced_bind = $bind['advanced_bind']; + } else { + $ssl_info = ""; + $advanced_bind = ""; + } // Initialize variable $listenip = ""; @@ -944,7 +934,7 @@ function haproxy_writeconf($configpath) { } } - // https is an alias for tcp for clarity purpouses + // https is an alias for tcp for clarity purposes if($bind['type'] == "https") { $backend_type = "tcp"; } else { @@ -984,16 +974,13 @@ function haproxy_writeconf($configpath) { foreach ($bind['config'] as $frontend) { $a_acl = get_frontend_acls($frontend); - $poolname = $frontend['backend_serverpool'] . "_" . strtolower($frontend['type']); - - // Create different pools if the svrport is set - if ($frontend['svrport'] > 0) - $poolname .= "_" . $frontend['svrport']; + $poolname = $frontend['backend_serverpool'] . "_" . strtolower($bind['type']); if (!isset($a_pendingpl[$poolname])) { $a_pendingpl[$poolname] = array(); $a_pendingpl[$poolname]['name'] = $poolname; - $a_pendingpl[$poolname]['frontend'] = $frontend; + $a_pendingpl[$poolname]['backend'] = $frontend['backend_serverpool']; + $a_pendingpl[$poolname]['frontend'] = $bind; } // Write this out once, and must be before any backend config text @@ -1044,7 +1031,7 @@ function haproxy_writeconf($configpath) { if (is_array($a_pendingpl) && is_array($a_backends)) { foreach ($a_pendingpl as $pending) { foreach ($a_backends as $pool) { - if ($pending['frontend']['backend_serverpool'] == $pool['name']) { + if ($pending['backend'] == $pool['name']) { write_backend($fd, $pending['name'], $pool, $pending['frontend']); } } @@ -1369,7 +1356,7 @@ function get_primaryfrontend($frontend) { function get_frontend_ipport($frontend,$userfriendly=false) { $mainfrontend = get_primaryfrontend($frontend); - $result = haproxy_interface_ip($mainfrontend['extaddr'],$userfriendly); + $result = haproxy_interface_ip($mainfrontend['extaddr'], $userfriendly); if ($userfriendly and is_ipaddrv6($result)) $result = "[{$result}]"; return $result . ":" . $mainfrontend['port']; @@ -1423,6 +1410,7 @@ function get_haproxy_frontends($excludeitem="") { } function get_frontend_acls($frontend) { + $mainfrontend = get_primaryfrontend($frontend); $result = array(); $a_acl = &$frontend['ha_acls']['item']; if (is_array($a_acl)) @@ -1433,7 +1421,7 @@ function get_frontend_acls($frontend) { continue; // Filter out acls for different modes - if ($acl['mode'] != '' && $acl['mode'] != strtolower($frontend['type'])) + if ($acl['mode'] != '' && $acl['mode'] != strtolower($mainfrontend['type'])) continue; $acl_item = array(); @@ -1444,7 +1432,6 @@ function get_frontend_acls($frontend) { } } - $mainfrontend = get_primaryfrontend($frontend); if (strtolower($mainfrontend['type']) == "http" && $mainfrontend['ssloffload']) { $a_acl = &$frontend['ha_acls']['item']; if(!is_array($a_acl)) @@ -1465,17 +1452,15 @@ function get_frontend_acls($frontend) { if ($frontend['ssloffloadacladditional']){ $certs = $frontend['ha_certificates']['item']; if (is_array($certs)){ - if (count($certs) > 0){ - foreach($certs as $certref){ - $cert = lookup_cert($certref['ssl_certificate']); - $cert_cn = cert_get_cn($cert['crt']); - $descr = haproxy_escape_acl_name($cert['descr']); - unset($cert); - $acl_item = array(); - $acl_item['descr'] = "Additional certificate ACLs: ".$cert_cn; - $acl_item['ref'] = array('name' => "{$aclname}_{$descr}",'expression' => 'host_matches', 'value' => $cert_cn); - $result[] = $acl_item; - } + foreach($certs as $certref){ + $cert = lookup_cert($certref['ssl_certificate']); + $cert_cn = cert_get_cn($cert['crt']); + $descr = haproxy_escape_acl_name($cert['descr']); + unset($cert); + $acl_item = array(); + $acl_item['descr'] = "Additional certificate ACLs: ".$cert_cn; + $acl_item['ref'] = array('name' => "{$aclname}_{$descr}",'expression' => 'host_matches', 'value' => $cert_cn); + $result[] = $acl_item; } } } @@ -1486,11 +1471,12 @@ function get_frontend_acls($frontend) { function get_backend($name) { global $config; $a_backend = &$config['installedpackages']['haproxy']['ha_pools']['item']; - foreach($a_backend as $key => $backend) - { - if ($backend['name'] == $name) - return $backend; - } + if(is_array($a_backend)) + foreach($a_backend as $key => $backend) + { + if ($backend['name'] == $name) + return $backend; + } return null; } diff --git a/config/haproxy-devel/haproxy_global.php b/config/haproxy-devel/haproxy_global.php index 44f01dc5..50472d9f 100755 --- a/config/haproxy-devel/haproxy_global.php +++ b/config/haproxy-devel/haproxy_global.php @@ -133,8 +133,8 @@ if (!$pconfig['logfacility']) if (!$pconfig['loglevel']) $pconfig['loglevel'] = 'info'; -$pfSversion = str_replace("\n", "", file_get_contents("/etc/version")); -if(strstr($pfSversion, "1.2")) +$pf_version=substr(trim(file_get_contents("/etc/version")),0,3); +if ($pf_version < 2.0) $one_two = true; $pgtitle = "Services: HAProxy: Settings"; diff --git a/config/haproxy-devel/haproxy_listeners.php b/config/haproxy-devel/haproxy_listeners.php index b259c6fb..7022ec34 100644 --- a/config/haproxy-devel/haproxy_listeners.php +++ b/config/haproxy-devel/haproxy_listeners.php @@ -70,8 +70,8 @@ if ($_GET['act'] == "del") { } } -$pfSversion = str_replace("\n", "", file_get_contents("/etc/version")); -if(strstr($pfSversion, "1.2")) +$pf_version=substr(trim(file_get_contents("/etc/version")),0,3); +if ($pf_version < 2.0) $one_two = true; $pgtitle = "Services: HAProxy: Frontends"; @@ -123,8 +123,10 @@ include("head.inc"); $a_frontend_grouped = array(); foreach($a_frontend as &$frontend2) { + $mainfrontend = get_primaryfrontend($frontend2); $ipport = get_frontend_ipport($frontend2, true); $frontend2['ipport'] = $ipport; + $frontend2['type'] = $mainfrontend['type']; $a_frontend_grouped[$ipport][] = $frontend2; } ksort($a_frontend_grouped); @@ -181,11 +183,13 @@ include("head.inc"); $backend_serverpool = $frontend['backend_serverpool']; $backend = get_backend($backend_serverpool ); - $servers = $backend['ha_servers']['item']; - $backend_serverpool_hint = gettext("Servers in pool:"); - if (is_array($servers)){ - foreach($servers as $server){ - $backend_serverpool_hint .= "\n".$server['address'].":".$server['port']; + if ($backend && is_array($backend['ha_servers']['item'])){ + $servers = $backend['ha_servers']['item']; + $backend_serverpool_hint = gettext("Servers in pool:"); + if (is_array($servers)){ + foreach($servers as $server){ + $backend_serverpool_hint .= "\n".$server['address'].":".$server['port']; + } } } ?> diff --git a/config/haproxy-devel/haproxy_listeners_edit.php b/config/haproxy-devel/haproxy_listeners_edit.php index 5bc039b7..6731731d 100644 --- a/config/haproxy-devel/haproxy_listeners_edit.php +++ b/config/haproxy-devel/haproxy_listeners_edit.php @@ -227,8 +227,8 @@ if ($_POST) { } } -$pfSversion = str_replace("\n", "", file_get_contents("/etc/version")); -if(strstr($pfSversion, "1.2")) +$pf_version=substr(trim(file_get_contents("/etc/version")),0,3); +if ($pf_version < 2.0) $one_two = true; $closehead = false; @@ -261,7 +261,14 @@ $interfaces = haproxy_get_bindable_interfaces(); function htmllist_get_select_options(tableId) { var seltext; seltext = ""; - var type = d.getElementById("type").value; + var type; + var secondary = d.getElementById("secondary"); + var primary_frontend = d.getElementById("primary_frontend"); + if ((secondary !== null) && (secondary.checked)) + type = primaryfrontends[primary_frontend.value]['ref']['type']; + else + type = d.getElementById("type").value; + if (tableId == 'tableA_acltable'){ if (type == 'health') seltext = "<?php echo haproxy_js_acl_select('health');?>"; @@ -297,10 +304,10 @@ $interfaces = haproxy_get_bindable_interfaces(); function updatevisibility() { d = document; ssloffload = d.getElementById("ssloffload"); - type = d.getElementById("type"); - secondary = d.getElementById("secondary"); - primary_frontend = d.getElementById("primary_frontend"); + var type; + var secondary = d.getElementById("secondary"); + var primary_frontend = d.getElementById("primary_frontend"); if ((secondary !== null) && (secondary.checked)) type = primaryfrontends[primary_frontend.value]['ref']['type']; else diff --git a/config/haproxy-devel/haproxy_pool_edit.php b/config/haproxy-devel/haproxy_pool_edit.php index 726dab30..49eb4271 100644 --- a/config/haproxy-devel/haproxy_pool_edit.php +++ b/config/haproxy-devel/haproxy_pool_edit.php @@ -250,8 +250,8 @@ if ($_POST) { $pconfig['a_servers']=&$a_pools[$id]['ha_servers']['item']; } -$pfSversion = str_replace("\n", "", file_get_contents("/etc/version")); -if(strstr($pfSversion, "1.2")) +$pf_version=substr(trim(file_get_contents("/etc/version")),0,3); +if ($pf_version < 2.0) $one_two = true; $closehead = false; diff --git a/config/haproxy-devel/haproxy_pools.php b/config/haproxy-devel/haproxy_pools.php index 15567807..92235933 100644 --- a/config/haproxy-devel/haproxy_pools.php +++ b/config/haproxy-devel/haproxy_pools.php @@ -65,8 +65,8 @@ if ($_GET['act'] == "del") { exit; } -$pfSversion = str_replace("\n", "", file_get_contents("/etc/version")); -if(strstr($pfSversion, "1.2")) +$pf_version=substr(trim(file_get_contents("/etc/version")),0,3); +if ($pf_version < 2.0) $one_two = true; $pgtitle = "Services: HAProxy: Backend server pools"; diff --git a/config/haproxy-devel/haproxy_stats.php b/config/haproxy-devel/haproxy_stats.php index cbf5b2b2..10dd136a 100644 --- a/config/haproxy-devel/haproxy_stats.php +++ b/config/haproxy-devel/haproxy_stats.php @@ -129,8 +129,8 @@ if ($_POST) { } } -$pfSversion = str_replace("\n", "", file_get_contents("/etc/version")); -if(strstr($pfSversion, "1.2")) +$pf_version=substr(trim(file_get_contents("/etc/version")),0,3); +if ($pf_version < 2.0) $one_two = true; $pgtitle = "Services: HAProxy: Stats"; |