aboutsummaryrefslogtreecommitdiffstats
path: root/config
diff options
context:
space:
mode:
Diffstat (limited to 'config')
-rw-r--r--config/bind/bind.inc67
-rw-r--r--config/haproxy-devel/haproxy.inc95
2 files changed, 87 insertions, 75 deletions
diff --git a/config/bind/bind.inc b/config/bind/bind.inc
index 156e9eb8..17d171d1 100644
--- a/config/bind/bind.inc
+++ b/config/bind/bind.inc
@@ -445,35 +445,46 @@ EOD;
$zone_conf .= "$hostname \t IN $hosttype $hostvalue \t$hostdst\n";
}
+
+ # Register DHCP static mappings
if (($zone[regdhcpstatic] == 'on') && is_array($config['dhcpd'])) {
- foreach ($config['dhcpd'] as $dhcpif => $dhcpifconf)
- if(is_array($dhcpifconf['staticmap']) && isset($dhcpifconf['enable']))
- foreach ($dhcpifconf['staticmap'] as $host)
- if ($host['ipaddr'] && $host['hostname']) {
- if($zonereverso == "on") {
- $hostdomain = $dhcpifconf['domain'];
- if(strlen($hostdomain) == 0) {
- $hostdomain = $config['system']['domain'];
- }
- if(strlen($hostdomain) != 0) {
- $hostdomain .= '.';
- }
- $zoneparts = array_reverse(explode('.',$zonename));
- $addressparts = explode('.',$host['ipaddr']);
- $addressstart = 0;
- while($addressstart < count($zoneparts) && $addressstart < count($addressparts) && $zoneparts[$addressstart] == $addressparts[$addressstart]) {
- $addressstart++;
- }
- $shortaddress='';
- for($addresspointer = count($addressparts)-1; $addresspointer >= $addressstart; $addresspointer--) {
- $shortaddress .= (strlen($shortaddress) > 0 ? '.' : '') . $addressparts[$addresspointer];
- }
- $zone_conf .= "{$shortaddress}\tIN PTR\t{$host['hostname']}.{$hostdomain}\n";
- } else {
- $zone_conf .= "{$host['hostname']}\tIN A\t{$host['ipaddr']}\n";
- }
- }
- }
+ $zoneparts = array_reverse(explode('.',$zonename));
+ foreach ($config['dhcpd'] as $dhcpif => $dhcpifconf) {
+ if (!isset($dhcpifconf['enable']) || !is_array($dhcpifconf['staticmap'])) {
+ continue;
+ }
+ foreach ($dhcpifconf['staticmap'] as $host) {
+ if (is_domain($host['domain'])) {
+ $domain = $host['domain'];
+ } elseif (is_domain($dhcpifconf['domain'])) {
+ $domain = $dhcpifconf['domain'];
+ } elseif (is_domain($config['system']['domain'])) {
+ $domain = $config['system']['domain'];
+ } else {
+ continue;
+ }
+ if (!is_hostname($host['hostname']) || !is_ipaddr($host['ipaddr'])) {
+ continue;
+ }
+ if ($zonereverso == "on") {
+ $parts = explode('.',$host['ipaddr']);
+ $intersect = array_intersect_assoc($parts,$zoneparts);
+ if (count($zoneparts) == count($intersect)) {
+ $diff = array_diff_assoc($parts,$zoneparts);
+ $shortaddr = implode('.',array_reverse($diff));
+ $zone_conf .= "{$shortaddr}\tIN PTR\t{$host['hostname']}.{$domain}.\n";
+ }
+ } else {
+ $parts = array_reverse(explode('.',$domain));
+ $diff = array_diff_assoc($parts,$zoneparts);
+ if (count($diff) == 0) {
+ $zone_conf .= "{$host['hostname']}\tIN A\t{$host['ipaddr']}\n";
+ }
+ }
+ }
+ }
+ }
+
if ($zone['customzonerecords']!=""){
$zone_conf .= "\n\n;\n;custom zone records\n;\n".base64_decode($zone['customzonerecords'])."\n";
}
diff --git a/config/haproxy-devel/haproxy.inc b/config/haproxy-devel/haproxy.inc
index 2099f646..8b7fbb1e 100644
--- a/config/haproxy-devel/haproxy.inc
+++ b/config/haproxy-devel/haproxy.inc
@@ -37,6 +37,7 @@ require_once("haproxy_xmlrpcsyncclient.inc");
$d_haproxyconfdirty_path = $g['varrun_path'] . "/haproxy.conf.dirty";
+global $a_acltypes;
$a_acltypes = array();
$a_acltypes["host_starts_with"] = array('name' => 'Host starts with',
'mode' => 'http', 'syntax' => 'hdr_beg(host) -i %1$s');
@@ -66,6 +67,7 @@ $a_acltypes["backendservercount"] = array('name' => 'Minimum count usable server
$a_acltypes["ssl_sni_matches"] = array('name' => 'Server Name Indication TLS extension matches',
'mode' => 'https', 'syntax' => 'req_ssl_sni -i %1$s', 'advancedoptions' => "tcp-request inspect-delay 5s\n\ttcp-request content accept if { req_ssl_hello_type 1 }");
+global $a_checktypes;
$a_checktypes = array();
$a_checktypes['none'] = array('name' => 'none', 'syntax' => '',
'descr' => 'No health checks will be performed.');
@@ -92,6 +94,7 @@ $a_checktypes['ESMTP'] = array('name' => 'ESMTP', 'syntax' => 'smtpchk EHLO',
$a_checktypes['SSL'] = array('name' => 'SSL', 'syntax' => 'ssl-hello-chk',
'descr' => 'Use SSLv3 client hello health checks for server testing.');
+global $a_httpcheck_method;
$a_httpcheck_method = array();
$a_httpcheck_method['OPTIONS'] = array('name' => 'OPTIONS', 'syntax' => 'OPTIONS');
$a_httpcheck_method['HEAD'] = array('name' => 'HEAD', 'syntax' => 'HEAD');
@@ -101,6 +104,7 @@ $a_httpcheck_method['PUT'] = array('name' => 'PUT', 'syntax' => 'PUT');
$a_httpcheck_method['DELETE'] = array('name' => 'DELETE', 'syntax' => 'DELETE');
$a_httpcheck_method['TRACE'] = array('name' => 'TRACE', 'syntax' => 'TRACE');
+global $a_closetypes;
$a_closetypes = array();
$a_closetypes['none'] = array('name' => 'none', 'syntax' => '',
'descr' => 'No close headers will be changed.');
@@ -113,6 +117,7 @@ $a_closetypes['forceclose'] = array('name' => 'forceclose', 'syntax' => 'forcecl
$a_closetypes['http-keep-alive'] = array('name' => 'http-keep-alive', 'syntax' => 'http-keep-alive',
'descr' => 'By default, when a client communicates with a server, HAProxy will only analyze, log, and process the first request of each connection. Setting "option http-keep-alive" enables HTTP keep-alive mode on the client- and server- sides. This provides the lowest latency on the client side (slow network) and the fastest session reuse on the server side at the expense of maintaining idle connections to the servers. In general, it is possible with this option to achieve approximately twice the request rate that the "http-server-close" option achieves on small objects. There are mainly two situations where this option may be useful : - when the server is non-HTTP compliant and authenticates the connection instead of requests (eg: NTLM authentication) - when the cost of establishing the connection to the server is significant compared to the cost of retrieving the associated object from the server.');
+global $a_servermodes;
$a_servermodes = array();
$a_servermodes["active"]['name'] = "active";
$a_servermodes["backup"]['name'] = "backup";
@@ -120,6 +125,7 @@ $a_servermodes["disabled"]['name'] = "disabled";
$a_servermodes["inactive"]['name'] = "inactive";
// http://www.exceliance.fr/sites/default/files/biblio/aloha_load_balancer_haproxy_cookie_persistence_methods_memo.pdf
+global $a_cookiemode;
$a_cookiemode = array();
$a_cookiemode['passive'] = array('name' => 'Passive', 'syntax' => 'cookie <cookie name>',
'descr' => 'Cookie is analysed on incoming request to choose server. HAProxy does not perform any insertion update or deletion on the Cookie or Set-Cookie. If the Cookie is not set, then the load-balancing algorithm is applied.');
@@ -142,6 +148,7 @@ $a_cookiemode['passive-session-prefix'] = array('name' => 'Passive-session-prefi
foreach($a_cookiemode as &$cookiemode)
$cookiemode['descr'] = $cookiemode['descr'] . "\n\n" . $cookiemode['syntax'] . "";
+global $a_sticky_type;
$a_sticky_type = array();
$a_sticky_type['none'] = array('name' => 'none',
'descr' => "No stick-table will be used");
@@ -212,21 +219,16 @@ function group_ports($ports) {
function haproxy_portoralias_to_list($port_or_alias) {
// input: a port or aliasname: 80 https MyPortAlias
// returns: a array of ports and portranges 80 443 8000:8010
- global $config;
+ global $aliastable;
$portresult = array();
- if (is_alias($port_or_alias)) {
- if (is_array($config['aliases']['alias'])) {
- foreach ($config['aliases']['alias'] as $alias) {
- if ($alias['name'] == $port_or_alias && preg_match("/port/i", $alias['type'])) {
- $ports = explode(' ',$alias['address']);
- foreach($ports as $port) {
- $portresults = haproxy_portoralias_to_list($port);
- $portresult = array_merge($portresult, $portresults);
- }
- return $portresult;
- }
- }
+ if (alias_get_type($port_or_alias) == "port") {
+ $aliasports = $aliastable[$port_or_alias];
+ $ports = explode(' ',$aliasports);
+ foreach($ports as $port) {
+ $portresults = haproxy_portoralias_to_list($port);
+ $portresult = array_merge($portresult, $portresults);
}
+ return $portresult;
} else if (is_portrange($port_or_alias)) {
return (array)$port_or_alias;
} else if (is_port($port_or_alias)) {
@@ -241,25 +243,30 @@ function haproxy_portoralias_to_list($port_or_alias) {
}
function haproxy_custom_php_deinstall_command() {
- exec("cd /var/db/pkg && pkg_delete `ls | grep haproxy`");
- exec("rm /usr/local/pkg/haproxy*");
- exec("rm /usr/local/www/haproxy*");
+ global $static_output;
+ $static_output .= "HAProxy, running haproxy_custom_php_deinstall_command()\n";
+ update_output_window($static_output);
+ $static_output .= "HAProxy, deleting haproxy webgui\n";
+ update_output_window($static_output);
exec("rm /usr/local/etc/rc.d/haproxy.sh");
- exec("rm /etc/devd/haproxy.conf");
- exec("/etc/rc.d/devd restart");
+ $static_output .= "HAProxy, installing cron job if needed\n";
+ update_output_window($static_output);
haproxy_install_cron(false);
+ $static_output .= "HAProxy, running haproxy_custom_php_deinstall_command() DONE\n";
+ update_output_window($static_output);
}
function haproxy_custom_php_install_command() {
- global $g, $config;
+ global $g, $config, $static_output;
+ $static_output .= "HAProxy, running haproxy_custom_php_install_command()\n";
+ update_output_window($static_output);
+
+ $static_output .= "HAProxy, conf_mount_rw\n";
+ update_output_window($static_output);
conf_mount_rw();
-
- $freebsd_version = substr(trim(`uname -r`), 0, 1);
- if(!file_exists("/usr/bin/limits")) {
- exec("fetch -q -o /usr/bin/limits https://files.pfsense.org/extras/{$freebsd_version}/limits");
- exec("chmod a+rx /usr/bin/limits");
- }
+ $static_output .= "HAProxy, create '/usr/local/etc/rc.d/haproxy.sh'\n";
+ update_output_window($static_output);
$haproxy = <<<EOD
#!/bin/sh
@@ -323,27 +330,11 @@ EOD;
fclose($fd);
exec("chmod a+rx /usr/local/etc/rc.d/haproxy.sh");
- $devd = <<<EOD
-notify 0 {
- match "system" "IFNET";
- match "subsystem" "carp[0-9]+";
- match "type" "LINK_UP";
- action "/usr/local/etc/rc.d/haproxy.sh check";
-};
-notify 0 {
- match "system" "IFNET";
- match "subsystem" "carp[0-9]+";
- match "type" "LINK_DOWN";
- action "/usr/local/etc/rc.d/haproxy.sh check";
-};
-EOD;
- exec("mkdir -p /etc/devd");
- $fd = fopen("/etc/devd/haproxy.conf", "w");
- fwrite($fd, $devd);
- fclose($fd);
- exec("/etc/rc.d/devd restart");
+ $static_output .= "HAProxy, update configuration\n";
+ update_output_window($static_output);
+
$writeconfigupdate = false;
/* Do XML upgrade from haproxy 0.31 to haproxy-dev */
if (is_array($config['installedpackages']['haproxy']['ha_servers'])) {
@@ -435,12 +426,22 @@ EOD;
}
}
}
- if ($writeconfigupdate)
- write_config("haproxy, update xml config version");
+ if ($writeconfigupdate) {
+ $static_output .= "HAProxy, write updated config\n";
+ update_output_window($static_output);
+ write_config("HAProxy, update xml config version");
+ }
+ $static_output .= "HAProxy, conf_mount_ro\n";
+ update_output_window($static_output);
conf_mount_ro();
- exec("/usr/local/etc/rc.d/haproxy.sh start");
+ $static_output .= "HAProxy, starting haproxy (if previously enabled)\n";
+ update_output_window($static_output);
+ haproxy_check_run(1);
+
+ $static_output .= "HAProxy, running haproxy_custom_php_install_command() DONE\n";
+ update_output_window($static_output);
}
function haproxy_install_cron($should_install) {