From c0d7d735d6da067633da3fe4b0dd2db9d19b36db Mon Sep 17 00:00:00 2001 From: Andrew Thompson Date: Thu, 26 Jan 2012 19:58:57 +1300 Subject: Move haproxy-dev to haproxy proper, ticket ZVS-164444 --- config/haproxy-dev/binaries7/haproxy | Bin 823704 -> 0 bytes config/haproxy-dev/binaries8/haproxy | Bin 863244 -> 0 bytes config/haproxy-dev/haproxy.inc | 764 ------------------------- config/haproxy-dev/haproxy.xml | 110 ---- config/haproxy-dev/haproxy_global.php | 412 -------------- config/haproxy-dev/haproxy_listeners.php | 172 ------ config/haproxy-dev/haproxy_listeners_edit.php | 771 -------------------------- config/haproxy-dev/haproxy_pool_edit.php | 494 ----------------- config/haproxy-dev/haproxy_pools.php | 169 ------ config/haproxy/haproxy.inc | 584 ++++++++++++++----- config/haproxy/haproxy.xml | 25 +- config/haproxy/haproxy_frontends.php | 149 ----- config/haproxy/haproxy_frontends_edit.php | 735 ------------------------ config/haproxy/haproxy_global.php | 92 ++- config/haproxy/haproxy_listeners.php | 172 ++++++ config/haproxy/haproxy_listeners_edit.php | 771 ++++++++++++++++++++++++++ config/haproxy/haproxy_pool_edit.php | 494 +++++++++++++++++ config/haproxy/haproxy_pools.php | 169 ++++++ config/haproxy/haproxy_servers.php | 169 ------ config/haproxy/haproxy_servers_edit.php | 435 --------------- 20 files changed, 2163 insertions(+), 4524 deletions(-) delete mode 100755 config/haproxy-dev/binaries7/haproxy delete mode 100755 config/haproxy-dev/binaries8/haproxy delete mode 100644 config/haproxy-dev/haproxy.inc delete mode 100644 config/haproxy-dev/haproxy.xml delete mode 100755 config/haproxy-dev/haproxy_global.php delete mode 100755 config/haproxy-dev/haproxy_listeners.php delete mode 100755 config/haproxy-dev/haproxy_listeners_edit.php delete mode 100755 config/haproxy-dev/haproxy_pool_edit.php delete mode 100755 config/haproxy-dev/haproxy_pools.php delete mode 100755 config/haproxy/haproxy_frontends.php delete mode 100755 config/haproxy/haproxy_frontends_edit.php create mode 100755 config/haproxy/haproxy_listeners.php create mode 100755 config/haproxy/haproxy_listeners_edit.php create mode 100755 config/haproxy/haproxy_pool_edit.php create mode 100755 config/haproxy/haproxy_pools.php delete mode 100755 config/haproxy/haproxy_servers.php delete mode 100755 config/haproxy/haproxy_servers_edit.php diff --git a/config/haproxy-dev/binaries7/haproxy b/config/haproxy-dev/binaries7/haproxy deleted file mode 100755 index 0474b03b..00000000 Binary files a/config/haproxy-dev/binaries7/haproxy and /dev/null differ diff --git a/config/haproxy-dev/binaries8/haproxy b/config/haproxy-dev/binaries8/haproxy deleted file mode 100755 index 0ae3d29b..00000000 Binary files a/config/haproxy-dev/binaries8/haproxy and /dev/null differ diff --git a/config/haproxy-dev/haproxy.inc b/config/haproxy-dev/haproxy.inc deleted file mode 100644 index 72d9535d..00000000 --- a/config/haproxy-dev/haproxy.inc +++ /dev/null @@ -1,764 +0,0 @@ - - Copyright (C) 2008 Remco Hoef - All rights reserved. - - Redistribution and use in source and binary forms, with or without - modification, are permitted provided that the following conditions are met: - - 1. Redistributions of source code must retain the above copyright notice, - this list of conditions and the following disclaimer. - - 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. - - THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY - AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, - OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. -*/ - -/* include all configuration functions */ -require_once("functions.inc"); -require_once("pkg-utils.inc"); -require_once("notices.inc"); - -$d_haproxyconfdirty_path = $g['varrun_path'] . "/haproxy.conf.dirty"; - -$a_acltypes = array(); -$a_acltypes[] = array('name' => 'host_starts_with', 'descr' => 'Host starts with', - 'mode' => 'http', 'syntax' => 'hdr_beg(host) -i'); -$a_acltypes[] = array('name' => 'host_ends_with', 'descr' => 'Host ends with', - 'mode' =>'http', 'syntax' => 'hdr_end(host) -i'); -$a_acltypes[] = array('name' => 'host_matches', 'descr' => 'Host matches', - 'mode' =>'http', 'syntax' => 'hdr(host) -i'); -$a_acltypes[] = array('name' => 'host_regex', 'descr' => 'Host regex', - 'mode' =>'http', 'syntax' => 'hdr_reg(host) -i'); -$a_acltypes[] = array('name' => 'host_contains', 'descr' => 'Host contains', - 'mode' => 'http', 'syntax' => 'hdr_dir(host) -i'); -$a_acltypes[] = array('name' => 'path_starts_with', 'descr' => 'Path starts with', - 'mode' => 'http', 'syntax' => 'path_beg -i'); -$a_acltypes[] = array('name' => 'path_ends_with', 'descr' => 'Path ends with', - 'mode' => 'http', 'syntax' => 'path_end -i'); -$a_acltypes[] = array('name' => 'path_matches', 'descr' => 'Path matches', - 'mode' => 'http', 'syntax' => 'path -i'); -$a_acltypes[] = array('name' => 'path_regex', 'descr' => 'Path regex', - 'mode' => 'http', 'syntax' => 'path_reg -i'); -$a_acltypes[] = array('name' => 'path_contains', 'descr' => 'Path contains', - 'mode' => 'http', 'syntax' => 'path_dir -i'); -$a_acltypes[] = array('name' => 'source_ip', 'descr' => 'Source IP', - 'mode' => '', 'syntax' => 'src'); - -function haproxy_custom_php_deinstall_command() { - exec("rm /usr/local/sbin/haproxy"); - exec("rm /usr/local/pkg/haproxy.inc"); - exec("rm /usr/local/www/haproxy*"); - exec("rm /usr/local/etc/rc.d/haproxy.sh"); - exec("rm /etc/devd/haproxy.conf"); - exec("/etc/rc.d/devd restart"); - haproxy_install_cron(false); -} - -function haproxy_custom_php_install_command() { - global $g, $config; - conf_mount_rw(); - - $haproxy = << -ENDOFF -} - -haproxy_check () { - echo "Checking haproxy." - /usr/bin/env \ - PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin \ - /usr/local/bin/php -q -d auto_prepend_file=config.inc < -ENDOFF -} - -haproxy_stop () { - echo "Stopping haproxy." - killall haproxy -} - -run_rc_command "\$1" - -EOD; - - $fd = fopen("/usr/local/etc/rc.d/haproxy.sh", "w"); - fwrite($fd, $haproxy); - fclose($fd); - exec("chmod a+rx /usr/local/etc/rc.d/haproxy.sh"); - - $devd = << $be) { - $a_backends[$id]['status'] = 'active'; - } - $id = 0; - foreach ($a_oldservers as $oldserver) { - $pool=$oldserver; - /* make server sub array */ - $server=array(); - $server['name'] = $oldserver['name']; - $server['address'] = $oldserver['address']; - $server['port'] = $oldserver['port']; - $server['weight'] = $oldserver['weight']; - $a_servers=array(); - $a_servers[]=$server; - /* set new pool */ - $pool['name'] = "pool$id"; - $id++; - $pool['ha_servers']['item']=$a_servers; - /* link to frontend */ - foreach ($a_backends as $id => $be) { - if ($a_backends[$id]['name'] == $oldserver['backend']) { - $a_backends[$id]['pool'] = $pool['name']; - $pool['monitor_uri'] = $be['monitor_uri']; - unset($a_backends[$id]['monitor_uri']); - break; - } - } - unset($pool['backend']); - unset($pool['address']); - unset($pool['port']); - unset($pool['weight']); - $a_pools[] = $pool; - } - unset($config['installedpackages']['haproxy']['ha_servers']); - write_config(); - } - - conf_mount_ro(); - - exec("/usr/local/etc/rc.d/haproxy.sh start"); -} - -function haproxy_install_cron($should_install) { - global $config, $g; - if($g['booting']==true) - return; - $is_installed = false; - if(!$config['cron']['item']) - return; - $x=0; - foreach($config['cron']['item'] as $item) { - if(strstr($item['command'], "/usr/local/etc/rc.d/haproxy.sh")) { - $is_installed = true; - break; - } - $x++; - } - switch($should_install) { - case true: - if(!$is_installed) { - $cron_item = array(); - $cron_item['minute'] = "*/2"; - $cron_item['hour'] = "*"; - $cron_item['mday'] = "*"; - $cron_item['month'] = "*"; - $cron_item['wday'] = "*"; - $cron_item['who'] = "root"; - $cron_item['command'] = "/usr/local/etc/rc.d/haproxy.sh check"; - $config['cron']['item'][] = $cron_item; - parse_config(true); - write_config(); - configure_cron(); - } - break; - case false: - if($is_installed == true) { - if($x > 0) { - unset($config['cron']['item'][$x]); - parse_config(true); - write_config(); - } - configure_cron(); - } - break; - } -} - -function haproxy_find_acl($name) { - global $a_acltypes; - - /* XXX why is this broken from xmlsync? */ - if (!$a_acltypes) { - $a_acltypes = array(); - $a_acltypes[] = array('name' => 'host_starts_with', 'descr' => 'Host starts with', - 'mode' => 'http', 'syntax' => 'hdr_beg(host) -i'); - $a_acltypes[] = array('name' => 'host_ends_with', 'descr' => 'Host ends with', - 'mode' =>'http', 'syntax' => 'hdr_end(host) -i'); - $a_acltypes[] = array('name' => 'host_matches', 'descr' => 'Host matches', - 'mode' =>'http', 'syntax' => 'hdr(host) -i'); - $a_acltypes[] = array('name' => 'host_regex', 'descr' => 'Host regex', - 'mode' =>'http', 'syntax' => 'hdr_reg(host) -i'); - $a_acltypes[] = array('name' => 'host_contains', 'descr' => 'Host contains', - 'mode' => 'http', 'syntax' => 'hdr_dir(host) -i'); - $a_acltypes[] = array('name' => 'path_starts_with', 'descr' => 'Path starts with', - 'mode' => 'http', 'syntax' => 'path_beg -i'); - $a_acltypes[] = array('name' => 'path_ends_with', 'descr' => 'Path ends with', - 'mode' => 'http', 'syntax' => 'path_end -i'); - $a_acltypes[] = array('name' => 'path_matches', 'descr' => 'Path matches', - 'mode' => 'http', 'syntax' => 'path -i'); - $a_acltypes[] = array('name' => 'path_regex', 'descr' => 'Path regex', - 'mode' => 'http', 'syntax' => 'path_reg -i'); - $a_acltypes[] = array('name' => 'path_contains', 'descr' => 'Path contains', - 'mode' => 'http', 'syntax' => 'path_dir -i'); - $a_acltypes[] = array('name' => 'source_ip', 'descr' => 'Source IP', - 'mode' => '', 'syntax' => 'src'); - } - - if($a_acltypes) { - foreach ($a_acltypes as $acl) { - if ($acl['name'] == $name) - return $acl; - } - } -} - -function write_backend($fd, $name, $pool, $frontend) { - if(!is_array($pool['ha_servers']['item'])) - return; - - fwrite ($fd, "backend " . $name . "\n"); - if($pool['cookie_name'] && strtolower($frontend['type']) == "http") - fwrite ($fd, "\tcookie\t\t\t" . $pool['cookie_name'] . " insert indirect\n"); - - // https is an alias for tcp for clarity purpouses - if(strtolower($frontend['type']) == "https") { - $backend_type = "tcp"; - $httpchk = "ssl-hello-chk"; - } else { - $backend_type = $frontend['type']; - $httpchk = "httpchk"; - } - - fwrite ($fd, "\tmode\t\t\t" . $backend_type . "\n"); - - if($frontend['balance']) - fwrite ($fd, "\tbalance\t\t\t" . $frontend['balance'] . "\n"); - - if($frontend['connection_timeout']) - fwrite ($fd, "\tcontimeout\t\t" . $frontend['connection_timeout'] . "\n"); - - if($frontend['server_timeout']) - fwrite ($fd, "\tsrvtimeout\t\t" . $frontend['server_timeout'] . "\n"); - - if($frontend['retries']) - fwrite ($fd, "\tretries\t\t\t" . $frontend['retries'] . "\n"); - - if($frontend['stats_enabled']=='yes') { - fwrite ($fd, "\tstats\t\t\tenable\n"); - if($frontend['stats_uri']) - fwrite ($fd, "\tstats\t\t\turi ".$frontend['stats_uri']."\n"); - if($frontend['stats_realm']) - fwrite ($fd, "\tstats\t\t\trealm " . $frontend['stats_realm'] . "\n"); - else - fwrite ($fd, "\tstats\t\t\trealm .\n"); - fwrite ($fd, "\tstats\t\t\tauth " . $frontend['stats_username'].":". $frontend['stats_password']."\n"); - } - - $uri = $pool['monitor_uri']; - if ($pool['monitor_uri']) - $uri = $pool['monitor_uri']; - else - $uri = "/"; - fwrite ($fd, "\toption\t\t\t{$httpchk} HEAD " . $uri . " HTTP/1.0\n"); - - if($pool['cookie'] && strtolower($frontend['type']) == "http") - $cookie = " cookie {$pool['cookie']} "; - else - $cookie = ""; - if($pool['advanced']) { - $advanced = base64_decode($pool['advanced']); - $advanced_txt = " " . $advanced; - } else { - $advanced_txt = ""; - } - if($pool['checkinter']) - $checkinter = "check inter {$pool['checkinter']}"; - else if (strtolower($frontend['type']) != "tcp") - $checkinter = "check inter 1000"; - else - $checkinter = ""; - - $a_servers = &$pool['ha_servers']['item']; - foreach($a_servers as $be) { - if(!$be['port']) { - // the listener can specify a default port - $be['port'] = $frontend['svrport']; - } - if(!$be['port']) { - // last resort, use the frontend port - $ports = split(",", "{$frontend['port']},"); - $be['port'] = $ports[0]; - } - if (!$be['name']) - $be['name'] = $be['address']; - if($be['backup']) { - $isbackup = "backup"; - } else { - $isbackup = ""; - } - fwrite ($fd, "\tserver\t\t\t" . $be['name'] . " " . $be['address'].":" . $be['port'] . " $cookie " . " $checkinter $isbackup weight " . $be['weight'] . "{$advanced_txt}\n"); - } - fwrite ($fd, "\n"); -} - -function haproxy_configure() { - // reload haproxy - haproxy_writeconf(); - return haproxy_check_run(1); -} - -function haproxy_writeconf() { - global $config, $g; - - $a_global = &$config['installedpackages']['haproxy']; - $a_backends = &$config['installedpackages']['haproxy']['ha_backends']['item']; - $a_pools = &$config['installedpackages']['haproxy']['ha_pools']['item']; - - $fd = fopen("{$g['varetc_path']}/haproxy.cfg", "w"); - - if(is_array($a_global)) { - fwrite ($fd, "global\n"); - if($a_global['advanced']) - fwrite ($fd, "\t" . base64_decode($a_global['advanced']) . "\n"); - fwrite ($fd, "\tmaxconn\t\t\t".$a_global['maxconn']."\n"); - if($a_global['remotesyslog']) - fwrite ($fd, "\tlog\t\t\t{$a_global['remotesyslog']}\t{$a_global['logfacility']}\t{$a_global['loglevel']}\n"); - fwrite ($fd, "\tuid\t\t\t80\n"); - fwrite ($fd, "\tgid\t\t\t80\n"); - // Set numprocs if defined or use system default (#cores) - if($a_global['nbproc']) - $numprocs = $a_global['nbproc']; - else - $numprocs = trim(`/sbin/sysctl kern.smp.cpus | cut -d" " -f2`); - fwrite ($fd, "\tnbproc\t\t\t$numprocs\n"); - fwrite ($fd, "\tchroot\t\t\t/var/empty\n"); - fwrite ($fd, "\tdaemon\n"); - fwrite ($fd, "\n"); - } - - // Try and get a unique array for address:port as frontends can duplicate - $a_bind = array(); - if(is_array($a_backends)) { - foreach ($a_backends as $backend) { - if($backend['status'] != 'active') - continue; - if(!$backend['pool']) - continue; - - $bname = $backend['extaddr'] . ":" . $backend['port']; - if (!is_array($a_bind[$bname])) { - $a_bind[$bname] = array(); - $a_bind[$bname]['config'] = array(); - // Settings which are constant for a merged frontend - $a_bind[$bname]['name'] = $backend['name']; - $a_bind[$bname]['extaddr'] = $backend['extaddr']; - $a_bind[$bname]['port'] = $backend['port']; - } - $b = &$a_bind[$bname]; - - // Overwrite ? - $b['type'] = $backend['type']; - $b['forwardfor'] = $backend['forwardfor']; - $b['httpclose'] = $backend['httpclose']; - $b['max_connections'] = $backend['max_connections']; - $b['client_timeout'] = $backend['client_timeout']; - $b['advanced'] = $backend['advanced']; - - // pointer to each backend - $b['config'][] = $backend; - } - } - - $a_pendingpl = array(); - - // Construct and write out configuration file - if(is_array($a_bind)) { - foreach ($a_bind as $bind) { - if (count($bind['config']) > 1) - $frontendinfo = "frontend {$bind['name']}-merged\n"; - else - $frontendinfo = "frontend {$bind['name']}\n"; - - // Prepare ports for processing by splitting - $portss = "{$bind['port']},"; - $ports = split(",", $portss); - - // Initialize variable - $listenip = ""; - - // Process and add bind directives for ports - foreach($ports as $port) { - if($port) { - if($bind['extaddr'] == "any") - $listenip .= "\tbind\t\t\t0.0.0.0:{$port}\n"; - elseif($bind['extaddr']) - $listenip .= "\tbind\t\t\t{$bind['extaddr']}:{$port}\n"; - else - $listenip .= "\tbind\t\t\t" . get_current_wan_address('wan') . ":{$port}\n"; - } - } - - fwrite ($fd, "{$frontendinfo}"); - fwrite ($fd, "{$listenip}"); - - // Advanced pass thru - if($bind['advanced']) { - $advanced = base64_decode($bind['advanced']); - fwrite($fd, "\t" . $advanced . "\n"); - } - - // https is an alias for tcp for clarity purpouses - if(strtolower($bind['type']) == "https") { - $backend_type = "tcp"; - $httpchk = "ssl-hello-chk"; - } else { - $backend_type = $bind['type']; - $httpchk = "httpchk"; - } - - fwrite ($fd, "\tmode\t\t\t" . $backend_type . "\n"); - fwrite ($fd, "\tlog\t\t\tglobal\n"); - fwrite ($fd, "\toption\t\t\tdontlognull\n"); - - if($bind['httpclose']) - fwrite ($fd, "\toption\t\t\thttpclose\n"); - - if($bind['forwardfor']) - fwrite ($fd, "\toption\t\t\tforwardfor\n"); - - if($bind['max_connections']) - fwrite ($fd, "\tmaxconn\t\t\t" . $bind['max_connections'] . "\n"); - - if($bind['client_timeout']) - fwrite ($fd, "\tclitimeout\t\t" . $bind['client_timeout'] . "\n"); - - - // Combine the rest of the listener configs - $default_once = 0; - $i = 0; - foreach ($bind['config'] as $bconfig) { - $a_acl=&$bconfig['ha_acls']['item']; - if(!is_array($a_acl)) - $a_acl=array(); - - $poolname = $bconfig['pool'] . "_" . strtolower($bconfig['type']); - - // Create different pools if the svrport is set - if ($bconfig['svrport'] > 0) - $poolname .= "_" . $bconfig['svrport']; - - // Write this out once, and must be before any backend config text - if ($default_once == 0) { - fwrite ($fd, "\tdefault_backend\t\t" . $poolname . "\n"); - $default_once++; - } - - if (!isset($a_pendingpl[$poolname])) { - $a_pendingpl[$poolname] = array(); - $a_pendingpl[$poolname]['name'] = $poolname; - $a_pendingpl[$poolname]['frontend'] = $bconfig; - } - - foreach ($a_acl as $entry) { - $acl = haproxy_find_acl($entry['expression']); - if (!$acl) - continue; - - // Filter out acls for different modes - if ($acl['mode'] != '' && $acl['mode'] != strtolower($bind['type'])) - continue; - - if ($acl['syntax'] != '') - $expr = $acl['syntax'] . " " . $entry['value']; - else - $expr = $entry['expression'] . " " . $entry['value']; - - $aclname = $i . "_" . $entry['name']; - fwrite ($fd, "\tacl\t\t\t" . $aclname . "\t" . $expr . "\n"); - fwrite ($fd, "\tuse_backend\t\t" . $poolname . " if " . $aclname . "\n"); - $i++; - } - - } - fwrite ($fd, "\n"); - } - } - if (is_array($a_pendingpl) && is_array($a_pools)) { - foreach ($a_pendingpl as $pending) { - foreach ($a_pools as $pool) { - if ($pending['frontend']['pool'] == $pool['name']) { - write_backend($fd, $pending['name'], $pool, $pending['frontend']); - } - } - } - } - fwrite ($fd, "\n"); - - // Sync HAProxy configuration (if enabled) - if(isset($config['installedpackages']['haproxy']['enablesync'])) { - if($config['installedpackages']['haproxy']['synchost1']) { - haproxy_do_xmlrpc_sync($config['installedpackages']['haproxy']['synchost1'], - $config['installedpackages']['haproxy']['syncpassword']); - } - if($config['installedpackages']['haproxy']['synchost2']) { - haproxy_do_xmlrpc_sync($config['installedpackages']['haproxy']['synchost2'], - $config['installedpackages']['haproxy']['syncpassword']); - } - if($config['installedpackages']['haproxy']['synchost3']) { - haproxy_do_xmlrpc_sync($config['installedpackages']['haproxy']['synchost3'], - $config['installedpackages']['haproxy']['syncpassword']); - } - } - - // create config file - fclose($fd); - - if (isset($a_global['carpdev'])) - haproxy_install_cron(true); - else - haproxy_install_cron(false); - - $freebsd_version = substr(trim(`uname -r`), 0, 1); - if(!file_exists("/usr/bin/limits")) { - exec("fetch -q -o /usr/bin/limits http://files.pfsense.org/extras/{$freebsd_version}/limits"); - exec("chmod a+rx /usr/bin/limits"); - } -} - -function haproxy_is_running() { - $running = (shell_exec("/bin/pgrep -x haproxy") != ''); - return $running; -} - -function haproxy_check_run($reload) { - global $config, $g; - - $a_global = &$config['installedpackages']['haproxy']; - - exec("/usr/bin/limits -n 300014"); - - if(isset($a_global['enable'])) { - if (isset($a_global['carpdev'])) { - $status = get_carp_interface_status($a_global['carpdev']); - if ($status != "MASTER") { - if (haproxy_is_running()) { - log_error("Stopping haproxy on CARP backup."); - exec("/bin/pkill -F /var/run/haproxy.pid haproxy"); - } - return (0); - } else if (haproxy_is_running() && $reload == 0) { - return (0); - } - log_error("Starting haproxy on CARP master."); - /* fallthrough */ - } else if ($reload == 0) - return (0); - - if (haproxy_is_running()) { - exec("/usr/local/sbin/haproxy -f /var/etc/haproxy.cfg -p /var/run/haproxy.pid -st `cat /var/run/haproxy.pid`"); - } else { - exec("/usr/local/sbin/haproxy -f /var/etc/haproxy.cfg -p /var/run/haproxy.pid -D"); - } - return (0); - } else { - if ($reload && haproxy_is_running()) { - exec("/bin/pkill -F /var/run/haproxy.pid haproxy"); - } - return (1); - } - -} - -function haproxy_do_xmlrpc_sync($sync_to_ip, $password) { - global $config, $g; - - if(!$password) - return; - - if(!$sync_to_ip) - return; - - // Do not allow syncing to self. - $donotsync = false; - $lanip = find_interface_ip($config['interfaces']['lan']['if']); - if($lanip == $sync_to_ip) - $donotsync = true; - $wanip = find_interface_ip($config['interfaces']['wan']['if']); - if($wanip == $sync_to_ip) - $donotsync = true; - for ($j = 1; isset($config['interfaces']['opt' . $j]); $j++) { - $optip = find_interface_ip($config['interfaces']['opt' . $j]['if']); - if($optip == $sync_to_ip) - $donotsync = true; - } - if($donotsync) { - log_error("Disallowing sync loop for HAProxy sync."); - return; - } - - $xmlrpc_sync_neighbor = $sync_to_ip; - if($config['system']['webgui']['protocol'] != "") { - $synchronizetoip = $config['system']['webgui']['protocol']; - $synchronizetoip .= "://"; - } - $port = $config['system']['webgui']['port']; - /* if port is empty lets rely on the protocol selection */ - if($port == "") { - if($config['system']['webgui']['protocol'] == "http") - $port = "80"; - else - $port = "443"; - } - $synchronizetoip .= $sync_to_ip; - - /* xml will hold the sections to sync */ - $xml = array(); - $xml['haproxy'] = $config['installedpackages']['haproxy']; - - // Prevent sync loops - unset($xml['synchost1']); - unset($xml['synchost2']); - unset($xml['synchost3']); - unset($xml['syncpassword']); - - /* assemble xmlrpc payload */ - $params = array( - XML_RPC_encode($password), - XML_RPC_encode($xml) - ); - - /* set a few variables needed for sync code borrowed from filter.inc */ - $url = $synchronizetoip; - log_error("Beginning HAProxy XMLRPC sync to {$url}:{$port}."); - $method = 'pfsense.merge_installedpackages_section_xmlrpc'; - $msg = new XML_RPC_Message($method, $params); - $cli = new XML_RPC_Client('/xmlrpc.php', $url, $port); - $cli->setCredentials('admin', $password); - if($g['debug']) - $cli->setDebug(1); - /* send our XMLRPC message and timeout after 250 seconds */ - $resp = $cli->send($msg, "250"); - if(!$resp) { - $error = "A communications error occurred while attempting HAProxy XMLRPC sync with {$url}:{$port}."; - log_error($error); - file_notice("sync_settings", $error, "HAProxy Settings Sync", ""); - } elseif($resp->faultCode()) { - $cli->setDebug(1); - $resp = $cli->send($msg, "250"); - $error = "An error code was received while attempting HAProxy XMLRPC sync with {$url}:{$port} - Code " . $resp->faultCode() . ": " . $resp->faultString(); - log_error($error); - file_notice("sync_settings", $error, "HAProxy Settings Sync", ""); - } else { - log_error("HAProxy XMLRPC sync successfully completed with {$url}:{$port}."); - } - - /* tell haproxy to reload our settings on the destionation sync host. */ - $method = 'pfsense.exec_php'; - $execcmd = "require_once('/usr/local/pkg/haproxy.inc');\n"; - $execcmd .= "haproxy_configure();\n"; - - /* assemble xmlrpc payload */ - $params = array( - XML_RPC_encode($password), - XML_RPC_encode($execcmd) - ); - - log_error("HAProxy XMLRPC reload data {$url}:{$port}."); - $msg = new XML_RPC_Message($method, $params); - $cli = new XML_RPC_Client('/xmlrpc.php', $url, $port); - $cli->setCredentials('admin', $password); - $resp = $cli->send($msg, "250"); - if(!$resp) { - $error = "A communications error occurred while attempting HAProxy XMLRPC sync with {$url}:{$port} (pfsense.exec_php)."; - log_error($error); - file_notice("sync_settings", $error, "HAProxy Settings Reload", ""); - } elseif($resp->faultCode()) { - $cli->setDebug(1); - $resp = $cli->send($msg, "250"); - $error = "An error code was received while attempting HAProxy XMLRPC sync with {$url}:{$port} - Code " . $resp->faultCode() . ": " . $resp->faultString(); - log_error($error); - file_notice("sync_settings", $error, "HAProxy Settings Sync", ""); - } else { - log_error("HAProxy XMLRPC reload data success with {$url}:{$port} (pfsense.exec_php)."); - } -} - -?> diff --git a/config/haproxy-dev/haproxy.xml b/config/haproxy-dev/haproxy.xml deleted file mode 100644 index 83e2ca5d..00000000 --- a/config/haproxy-dev/haproxy.xml +++ /dev/null @@ -1,110 +0,0 @@ - - - - - - - - Describe your package here - Describe your package requirements here - Currently there are no FAQ items provided. - haproxy - 1.0 - HAProxy - /pkg_edit.php?xml=haproxy_pools.php - /usr/local/pkg/haproxy.inc - - HAProxy - -
Services
- /haproxy_listeners.php - - - HAProxy - haproxy.sh - haproxy - The Reliable, High Performance TCP/HTTP Load Balancer - - installedpackages->haproxy->config - - /usr/local/pkg/ - 077 - http://www.pfsense.com/packages/config/haproxy-dev/haproxy.inc - - - /usr/local/www/ - 077 - http://www.pfsense.com/packages/config/haproxy-dev/haproxy_listeners.php - - - /usr/local/www/ - 077 - http://www.pfsense.com/packages/config/haproxy-dev/haproxy_listeners_edit.php - - - /usr/local/www/ - 077 - http://www.pfsense.com/packages/config/haproxy-dev/haproxy_global.php - - - /usr/local/www/ - 077 - http://www.pfsense.com/packages/config/haproxy-dev/haproxy_pools.php - - - /usr/local/www/ - 077 - http://www.pfsense.com/packages/config/haproxy-dev/haproxy_pool_edit.php - - - - - - - - - $freebsdv=trim(`uname -r | cut -d'.' -f1`); - conf_mount_rw(); - `fetch -q -o /usr/local/sbin/ http://www.pfsense.org/packages/config/haproxy-dev/binaries{$freebsdv}/haproxy`; - exec("chmod a+rx /usr/local/sbin/haproxy"); - haproxy_custom_php_install_command(); - - - haproxy_custom_php_deinstall_command(); - - - - diff --git a/config/haproxy-dev/haproxy_global.php b/config/haproxy-dev/haproxy_global.php deleted file mode 100755 index 1ef28005..00000000 --- a/config/haproxy-dev/haproxy_global.php +++ /dev/null @@ -1,412 +0,0 @@ - - Copyright (C) 2008 Remco Hoef - All rights reserved. - - Redistribution and use in source and binary forms, with or without - modification, are permitted provided that the following conditions are met: - - 1. Redistributions of source code must retain the above copyright notice, - this list of conditions and the following disclaimer. - - 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. - - THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY - AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, - OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. -*/ - -require("globals.inc"); -require("guiconfig.inc"); -require_once("haproxy.inc"); - -$d_haproxyconfdirty_path = $g['varrun_path'] . "/haproxy.conf.dirty"; - -if (!is_array($config['installedpackages']['haproxy'])) - $config['installedpackages']['haproxy'] = array(); - - -if ($_POST) { - unset($input_errors); - $pconfig = $_POST; - - if ($_POST['apply']) { - $retval = 0; - config_lock(); - $retval = haproxy_configure(); - config_unlock(); - $savemsg = get_std_save_message($retval); - unlink_if_exists($d_haproxyconfdirty_path); - } else { - if ($_POST['enable']) { - $reqdfields = explode(" ", "maxconn"); - $reqdfieldsn = explode(",", "Maximum connections"); - } - - if ($_POST['carpdev'] == "disabled") - unset($_POST['carpdev']); - - do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); - - if ($_POST['maxconn'] && (!is_numeric($_POST['maxconn']))) - $input_errors[] = "The maximum number of connections should be numeric."; - - if($_POST['synchost1'] && !is_ipaddr($_POST['synchost1'])) - $input_errors[] = "Synchost1 needs to be an IPAddress."; - if($_POST['synchost2'] && !is_ipaddr($_POST['synchost2'])) - $input_errors[] = "Synchost2 needs to be an IPAddress."; - if($_POST['synchost3'] && !is_ipaddr($_POST['synchost3'])) - $input_errors[] = "Synchost3 needs to be an IPAddress."; - - if (!$input_errors) { - $config['installedpackages']['haproxy']['enable'] = $_POST['enable'] ? true : false; - $config['installedpackages']['haproxy']['maxconn'] = $_POST['maxconn'] ? $_POST['maxconn'] : false; - $config['installedpackages']['haproxy']['enablesync'] = $_POST['enablesync'] ? true : false; - $config['installedpackages']['haproxy']['synchost1'] = $_POST['synchost1'] ? $_POST['synchost1'] : false; - $config['installedpackages']['haproxy']['synchost2'] = $_POST['synchost2'] ? $_POST['synchost2'] : false; - $config['installedpackages']['haproxy']['synchost2'] = $_POST['synchost3'] ? $_POST['synchost3'] : false; - $config['installedpackages']['haproxy']['remotesyslog'] = $_POST['remotesyslog'] ? $_POST['remotesyslog'] : false; - $config['installedpackages']['haproxy']['logfacility'] = $_POST['logfacility'] ? $_POST['logfacility'] : false; - $config['installedpackages']['haproxy']['loglevel'] = $_POST['loglevel'] ? $_POST['loglevel'] : false; - $config['installedpackages']['haproxy']['carpdev'] = $_POST['carpdev'] ? $_POST['carpdev'] : false; - $config['installedpackages']['haproxy']['syncpassword'] = $_POST['syncpassword'] ? $_POST['syncpassword'] : false; - $config['installedpackages']['haproxy']['advanced'] = base64_encode($_POST['advanced']) ? $_POST['advanced'] : false; - $config['installedpackages']['haproxy']['nbproc'] = $_POST['nbproc'] ? $_POST['nbproc'] : false; - touch($d_haproxyconfdirty_path); - write_config(); - } - } - -} - -$pconfig['enable'] = isset($config['installedpackages']['haproxy']['enable']); -$pconfig['maxconn'] = $config['installedpackages']['haproxy']['maxconn']; -$pconfig['enablesync'] = isset($config['installedpackages']['haproxy']['enablesync']); -$pconfig['syncpassword'] = $config['installedpackages']['haproxy']['syncpassword']; -$pconfig['synchost1'] = $config['installedpackages']['haproxy']['synchost1']; -$pconfig['synchost2'] = $config['installedpackages']['haproxy']['synchost2']; -$pconfig['synchost3'] = $config['installedpackages']['haproxy']['synchost3']; -$pconfig['remotesyslog'] = $config['installedpackages']['haproxy']['remotesyslog']; -$pconfig['logfacility'] = $config['installedpackages']['haproxy']['logfacility']; -$pconfig['loglevel'] = $config['installedpackages']['haproxy']['loglevel']; -$pconfig['carpdev'] = $config['installedpackages']['haproxy']['carpdev']; -$pconfig['advanced'] = base64_decode($config['installedpackages']['haproxy']['advanced']); -$pconfig['nbproc'] = $config['installedpackages']['haproxy']['nbproc']; - -// defaults -if (!$pconfig['logfacility']) - $pconfig['logfacility'] = 'local0'; -if (!$pconfig['loglevel']) - $pconfig['loglevel'] = 'info'; - -$pfSversion = str_replace("\n", "", file_get_contents("/etc/version")); -if(strstr($pfSversion, "1.2")) - $one_two = true; - -$pgtitle = "Services: HAProxy: Settings"; -include("head.inc"); - -?> - - - - - - -

- -
- - -

-You must apply the changes in order for them to take effect.");?>
- - - - -
- -
-
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
General settings
  - onClick="enable_change(false)"> - Enable HAProxy
- Maximum connections - -
- - - - -
- value=""> per Backend. -
- Sets the maximum per-process number of concurrent connections to X.
- NOTE: setting this value too high will result in HAProxy not being able to allocate enough memory.
- Current memory usage {$hascpu}.

"; - ?> - 		- - - - - - - - - - - - - - - - - - - - - - - - -
ConnectionsMemory usage
-
-
9991888K
999998032K
99999950016K
9999999467M
-
-
- Number of processes to start - - -
- Defaults to number of cores/processors installed if left blank ( detected). -
- Remote syslog host - - -
- Syslog facility - - -
- Syslog level - - -
- Carp monitor - - -
- Monitor carp interface and only run haproxy on the firewall which is MASTER. -
-   -
Global Advanced pass thru
  - -
- NOTE: paste text into this box that you would like to pass thru in the global settings area. -
-   -
Configuration synchronization
  - > - Sync HAProxy configuration to backup CARP members via XMLRPC. -
Synchronization password - -
- Enter the password that will be used during configuration synchronization. This is generally the remote webConfigurator password. -
Sync host #1 - -
- Synchronize settings to this hosts IP address. -
Sync host #2 - -
- Synchronize settings to this hosts IP address. -
Sync host #3 - -
- Synchronize settings to this hosts IP address. -
-   -
  - -
-
-
- - -

-

-
- Show automatically generated configuration. -
- - -
- - - - diff --git a/config/haproxy-dev/haproxy_listeners.php b/config/haproxy-dev/haproxy_listeners.php deleted file mode 100755 index ef67108b..00000000 --- a/config/haproxy-dev/haproxy_listeners.php +++ /dev/null @@ -1,172 +0,0 @@ - - Copyright (C) 2008 Remco Hoef - All rights reserved. - - Redistribution and use in source and binary forms, with or without - modification, are permitted provided that the following conditions are met: - - 1. Redistributions of source code must retain the above copyright notice, - this list of conditions and the following disclaimer. - - 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. - - THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY - AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, - OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. -*/ - -require_once("guiconfig.inc"); - -$d_haproxyconfdirty_path = $g['varrun_path'] . "/haproxy.conf.dirty"; - -require_once("haproxy.inc"); - -if (!is_array($config['installedpackages']['haproxy']['ha_backends']['item'])) { - $config['installedpackages']['haproxy']['ha_backends']['item'] = array(); -} -$a_backend = &$config['installedpackages']['haproxy']['ha_backends']['item']; - -if ($_POST) { - $pconfig = $_POST; - - if ($_POST['apply']) { - $retval = 0; - config_lock(); - $retval = haproxy_configure(); - config_unlock(); - $savemsg = get_std_save_message($retval); - unlink_if_exists($d_haproxyconfdirty_path); - } -} - -if ($_GET['act'] == "del") { - if (isset($a_backend[$_GET['id']])) { - if (!$input_errors) { - unset($a_backend[$_GET['id']]); - write_config(); - touch($d_haproxyconfdirty_path); - } - header("Location: haproxy_listeners.php"); - exit; - } -} - -$pfSversion = str_replace("\n", "", file_get_contents("/etc/version")); -if(strstr($pfSversion, "1.2")) - $one_two = true; - -$pgtitle = "Services: HAProxy: Listener"; -include("head.inc"); - -?> - - -
- -

- - - -

-You must apply the changes in order for them to take effect.");?>
- - - - -
- -
-
- - - - - - - - - -"; - $textse = ""; - } -?> - - - - - - - - - - - - - -
NameDescriptionAddressTypeServer pool
- - - - - - - - - - - - - - - - -
-
- - - - -
-
-
-
-

- - - diff --git a/config/haproxy-dev/haproxy_listeners_edit.php b/config/haproxy-dev/haproxy_listeners_edit.php deleted file mode 100755 index 22be121b..00000000 --- a/config/haproxy-dev/haproxy_listeners_edit.php +++ /dev/null @@ -1,771 +0,0 @@ - - Copyright (C) 2008 Remco Hoef - All rights reserved. - - Redistribution and use in source and binary forms, with or without - modification, are permitted provided that the following conditions are met: - - 1. Redistributions of source code must retain the above copyright notice, - this list of conditions and the following disclaimer. - - 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. - - THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY - AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - AUTHOR BE LIABLE FOR ANY DIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, - OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. -*/ - -require("guiconfig.inc"); -require_once("haproxy.inc"); - -function haproxy_acl_select($mode) { - global $a_acltypes; - - $seltext = ''; - foreach ($a_acltypes as $expr) { - if ($expr['mode'] == '' || $expr['mode'] == $mode) - $seltext .= ""; - } - return $seltext; -} - -$d_haproxyconfdirty_path = $g['varrun_path'] . "/haproxy.conf.dirty"; - -if (!is_array($config['installedpackages']['haproxy']['ha_backends']['item'])) { - $config['installedpackages']['haproxy']['ha_backends']['item'] = array(); -} - -$a_backend = &$config['installedpackages']['haproxy']['ha_backends']['item']; -$a_pools = &$config['installedpackages']['haproxy']['ha_pools']['item']; - - -if (isset($_POST['id'])) - $id = $_POST['id']; -else - $id = $_GET['id']; - -if (isset($_GET['dup'])) - $id = $_GET['dup']; - -if (isset($id) && $a_backend[$id]) { - $pconfig['name'] = $a_backend[$id]['name']; - $pconfig['desc'] = $a_backend[$id]['desc']; - $pconfig['status'] = $a_backend[$id]['status']; - $pconfig['connection_timeout'] = $a_backend[$id]['connection_timeout']; - $pconfig['server_timeout'] = $a_backend[$id]['server_timeout']; - $pconfig['retries'] = $a_backend[$id]['retries']; - - $pconfig['type'] = $a_backend[$id]['type']; - $pconfig['balance'] = $a_backend[$id]['balance']; - - $pconfig['forwardfor'] = $a_backend[$id]['forwardfor']; - $pconfig['httpclose'] = $a_backend[$id]['httpclose']; - - $pconfig['stats_enabled'] = $a_backend[$id]['stats_enabled']; - $pconfig['stats_username'] = $a_backend[$id]['stats_username']; - $pconfig['stats_password'] = $a_backend[$id]['stats_password']; - $pconfig['stats_uri'] = $a_backend[$id]['stats_uri']; - $pconfig['stats_realm'] = $a_backend[$id]['stats_realm']; - - $pconfig['type'] = $a_backend[$id]['type']; - $pconfig['extaddr'] = $a_backend[$id]['extaddr']; - $pconfig['pool'] = $a_backend[$id]['pool']; - $pconfig['max_connections'] = $a_backend[$id]['max_connections']; - $pconfig['client_timeout'] = $a_backend[$id]['client_timeout']; - $pconfig['port'] = $a_backend[$id]['port']; - $pconfig['svrport'] = $a_backend[$id]['svrport']; - $pconfig['a_acl']=&$a_backend[$id]['ha_acls']['item']; - $pconfig['advanced'] = base64_decode($a_backend[$id]['advanced']); - -} - -if (isset($_GET['dup'])) - unset($id); - -$changedesc = "Services: HAProxy: Listener"; -$changecount = 0; - -if ($_POST) { - $changecount++; - - unset($input_errors); - $pconfig = $_POST; - - if ($_POST['stats_enabled']) { - $reqdfields = explode(" ", "name connection_timeout server_timeout stats_username stats_password stats_uri stats_realm"); - $reqdfieldsn = explode(",", "Name,Connection timeout,Server timeout,Stats Username,Stats Password,Stats Uri,Stats Realm"); - } else { - $reqdfields = explode(" ", "name connection_timeout server_timeout"); - $reqdfieldsn = explode(",", "Name,Connection timeout,Server timeout"); - } - - do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); - - $reqdfields = explode(" ", "name type port max_connections client_timeout"); - $reqdfieldsn = explode(",", "Name,Type,Port,Max connections,Client timeout"); - - do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); - - if (preg_match("/[^a-zA-Z0-9\.\-_]/", $_POST['name'])) - $input_errors[] = "The field 'Name' contains invalid characters."; - - if (!is_numeric($_POST['connection_timeout'])) - $input_errors[] = "The field 'Connection timeout' value is not a number."; - - if (!is_numeric($_POST['server_timeout'])) - $input_errors[] = "The field 'Server timeout' value is not a number."; - - if (!$_POST['retries'] && is_numeric($_POST['retries'])) - $input_errors[] = "The field 'Retries' value is not a number."; - - if (preg_match("/[^a-zA-Z0-9\.\-_]/", $_POST['stats_username'])) - $input_errors[] = "The field 'Stats Username' contains invalid characters."; - - if (preg_match("/[^a-zA-Z0-9\.\-_]/", $_POST['stats_password'])) - $input_errors[] = "The field 'Stats Password' contains invalid characters."; - - if (!is_numeric($_POST['max_connections'])) - $input_errors[] = "The field 'Max connections' value is not a number."; - - $ports = split(",", $_POST['port'] . ","); - foreach($ports as $port) - if ($port && !is_numeric($port)) - $input_errors[] = "The field 'Port' value is not a number."; - - if (!is_numeric($_POST['client_timeout'])) - $input_errors[] = "The field 'Client timeout' value is not a number."; - - /* Ensure that our pool names are unique */ - for ($i=0; isset($config['installedpackages']['haproxy']['ha_backends']['item'][$i]); $i++) - if (($_POST['name'] == $config['installedpackages']['haproxy']['ha_backends']['item'][$i]['name']) && ($i != $id)) - $input_errors[] = "This listener name has already been used. Listener names must be unique."; - - $a_acl=array(); - $acl_names=array(); - for($x=0; $x<99; $x++) { - $acl_name=$_POST['acl_name'.$x]; - $acl_expression=$_POST['acl_expression'.$x]; - $acl_value=$_POST['acl_value'.$x]; - - if ($acl_name) { - // check for duplicates - if (in_array($acl_name, $acl_names)) { - $input_errors[] = "The name '$acl_name' is duplicate."; - } - - $acl_names[]=$acl_name; - - $acl=array(); - $acl['name']=$acl_name; - $acl['expression']=$acl_expression; - $acl['value']=$acl_value; - $a_acl[]=$acl; - - if (preg_match("/[^a-zA-Z0-9\.\-_]/", $acl_name)) - $input_errors[] = "The field 'Name' contains invalid characters."; - - if (!preg_match("/.{2,}/", $acl_value)) - $input_errors[] = "The field 'Value' is required."; - - if (!preg_match("/.{2,}/", $acl_name)) - $input_errors[] = "The field 'Name' is required."; - - } - } - - $pconfig['a_acl']=$a_acl; - - if (!$input_errors) { - $backend = array(); - if(isset($id) && $a_backend[$id]) - $backend = $a_backend[$id]; - - if($backend['name'] != "") - $changedesc .= " modified '{$backend['name']}' pool:"; - - - update_if_changed("name", $backend['name'], $_POST['name']); - update_if_changed("description", $backend['desc'], $_POST['desc']); - update_if_changed("status", $backend['status'], $_POST['status']); - update_if_changed("connection_timeout", $backend['connection_timeout'], $_POST['connection_timeout']); - update_if_changed("server_timeout", $backend['server_timeout'], $_POST['server_timeout']); - update_if_changed("retries", $backend['retries'], $_POST['retries']); - update_if_changed("type", $backend['type'], $_POST['type']); - update_if_changed("balance", $backend['balance'], $_POST['balance']); - update_if_changed("cookie_name", $backend['cookie_name'], $_POST['cookie_name']); - update_if_changed("forwardfor", $backend['forwardfor'], $_POST['forwardfor']); - update_if_changed("httpclose", $backend['httpclose'], $_POST['httpclose']); - update_if_changed("stats_enabled", $backend['stats_enabled'], $_POST['stats_enabled']); - update_if_changed("stats_username", $backend['stats_username'], $_POST['stats_username']); - update_if_changed("stats_password", $backend['stats_password'], $_POST['stats_password']); - update_if_changed("stats_uri", $backend['stats_uri'], $_POST['stats_uri']); - update_if_changed("stats_realm", $backend['stats_realm'], $_POST['stats_realm']); - update_if_changed("type", $backend['type'], $_POST['type']); - update_if_changed("port", $backend['port'], $_POST['port']); - update_if_changed("svrport", $backend['svrport'], $_POST['svrport']); - update_if_changed("extaddr", $backend['extaddr'], $_POST['extaddr']); - update_if_changed("pool", $backend['pool'], $_POST['pool']); - update_if_changed("max_connections", $backend['max_connections'], $_POST['max_connections']); - update_if_changed("client_timeout", $backend['client_timeout'], $_POST['client_timeout']); - update_if_changed("advanced", $backend['advanced'], base64_encode($_POST['advanced'])); - - $backend['ha_acls']['item'] = $a_acl; - - if (isset($id) && $a_backend[$id]) { - $a_backend[$id] = $backend; - } else { - $a_backend[] = $backend; - } - - if ($changecount > 0) { - touch($d_haproxyconfdirty_path); - write_config($changedesc); - } - - header("Location: haproxy_listeners.php"); - exit; - } -} - -$pfSversion = str_replace("\n", "", file_get_contents("/etc/version")); -if(strstr($pfSversion, "1.2")) - $one_two = true; - -$pgtitle = "HAProxy: Listener: Edit"; -include("head.inc"); - -?> - - - - - - - - - - -

- -
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Edit haproxy listener
Name - size="25" maxlength="25"> -
Description - size="64"> -
Status - -
External address - -
- - If you want this rule to apply to another IP address than the IP address of the interface chosen above, - select it here (you need to define Virtual IP addresses on the first). - Also note that if you are trying to redirect connections on the LAN select the "any" option. - -
External port - size="10" maxlength="10"> -
The port to listen to. To specify multiple ports, separate with a comma (,). EXAMPLE: 80,443
-
Server pool - -
Server Port - size="10" maxlength="10"> -
The default server port.
-
Type - -
Access Control lists - - - - - - - - - > - - - - - - -
NameExpressionValue
- - - - -
- - - -
-
- - -
- For more information about ACL's please see HAProxy Documentation Section 7 - Using ACL's -
- - - - - - - - - - - - - - - - - - - - - - - - - > - - - - > - - - - > - - - - - > - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
 
- - -
Advanced settings
Connection timeout - size="64"> -
the time (in milliseconds) we give up if the connection does not complete within (30000).
-
Server timeout - size="64"> -
the time (in milliseconds) we accept to wait for data from the server, or for the server to accept data (30000).
-
Retries - size="64"> -
After a connection failure to a server, it is possible to retry, potentially -on another server. This is useful if health-checks are too rare and you don't -want the clients to see the failures. The number of attempts to reconnect is -set by the 'retries' parameter (2).
-
Balance - - - - - - - -
- >Round robin - - Each server is used in turns, according to their weights. - This is the smoothest and fairest algorithm when the server's - processing time remains equally distributed. This algorithm - is dynamic, which means that server weights may be adjusted - on the fly for slow starts for instance. -
>Source - The source IP address is hashed and divided by the total - weight of the running servers to designate which server will - receive the request. This ensures that the same client IP - address will always reach the same server as long as no - server goes down or up. If the hash result changes due to the - number of running servers changing, many clients will be - directed to a different server. This algorithm is generally - used in TCP mode where no cookie may be inserted. It may also - be used on the Internet to provide a best-effort stickyness - to clients which refuse session cookies. This algorithm is - static, which means that changing a server's weight on the - fly will have no effect. -
-
Stats Enabled - onclick='toggle_stats();'>
- EXAMPLE: haproxystats -
Stats Realm - size="64"> -
Stats Uri - size="64">
- EXAMPLE: /haproxy?stats -
Stats Username - size="64"> -
Stats Password - size="64"> -
-
Max connections - size="10" maxlength="10"> -
Client timeout - size="10" maxlength="10"> -
the time (in milliseconds) we accept to wait for data from the client, or for the client to accept data (30000).
-
Use 'forwardfor' option - > -
- The 'forwardfor' option creates an HTTP 'X-Forwarded-For' header which - contains the client's IP address. This is useful to let the final web server - know what the client address was (eg for statistics on domains) -
Use 'httpclose' option - > -
- The 'httpclose' option removes any 'Connection' header both ways, and - adds a 'Connection: close' header in each direction. This makes it easier to - disable HTTP keep-alive than the previous 4-rules block. -
Advanced pass thru - -
- NOTE: paste text into this box that you would like to pass thru. -
  - - - - - -
- NOTE: You must add a firewall rule permitting access to this frontend! -
-
-
- - - - diff --git a/config/haproxy-dev/haproxy_pool_edit.php b/config/haproxy-dev/haproxy_pool_edit.php deleted file mode 100755 index d25f0675..00000000 --- a/config/haproxy-dev/haproxy_pool_edit.php +++ /dev/null @@ -1,494 +0,0 @@ - - Copyright (C) 2008 Remco Hoef - All rights reserved. - - Redistribution and use in source and binary forms, with or without - modification, are permitted provided that the following conditions are met: - - 1. Redistributions of source code must retain the above copyright notice, - this list of conditions and the following disclaimer. - - 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. - - THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY - AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - AUTHOR BE LIABLE FOR ANY DIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, - OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. -*/ - -require("guiconfig.inc"); - -$d_haproxyconfdirty_path = $g['varrun_path'] . "/haproxy.conf.dirty"; - -if (!is_array($config['installedpackages']['haproxy']['ha_pools']['item'])) { - $config['installedpackages']['haproxy']['ha_pools']['item'] = array(); -} - -$a_pools = &$config['installedpackages']['haproxy']['ha_pools']['item']; - -if (isset($_POST['id'])) - $id = $_POST['id']; -else - $id = $_GET['id']; - -if (isset($_GET['dup'])) - $id = $_GET['dup']; - -if (isset($id) && $a_pools[$id]) { - $pconfig['name'] = $a_pools[$id]['name']; - $pconfig['checkinter'] = $a_pools[$id]['checkinter']; - $pconfig['monitor_uri'] = $a_pools[$id]['monitor_uri']; - $pconfig['cookie'] = $a_pools[$id]['cookie']; - $pconfig['advanced'] = base64_decode($a_pools[$id]['advanced']); - $pconfig['a_servers']=&$a_pools[$id]['ha_servers']['item']; -} - -if (isset($_GET['dup'])) - unset($id); - -$changedesc = "Services: HAProxy: pools: "; -$changecount = 0; - -if ($_POST) { - $changecount++; - - unset($input_errors); - $pconfig = $_POST; - - $reqdfields = explode(" ", "name"); - $reqdfieldsn = explode(",", "Name"); - - do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); - - if (preg_match("/[^a-zA-Z0-9\.\-_]/", $_POST['name'])) - $input_errors[] = "The field 'Name' contains invalid characters."; - - /* Ensure that our pool names are unique */ - for ($i=0; isset($config['installedpackages']['haproxy']['ha_pools']['item'][$i]); $i++) - if (($_POST['name'] == $config['installedpackages']['haproxy']['ha_pools']['item'][$i]['name']) && ($i != $id)) - $input_errors[] = "This pool name has already been used. Pool names must be unique."; - - $a_servers=array(); - for($x=0; $x<99; $x++) { - $server_name=$_POST['server_name'.$x]; - $server_address=$_POST['server_address'.$x]; - $server_port=$_POST['server_port'.$x]; - $server_weight=$_POST['server_weight'.$x]; - $server_backup=$_POST['server_backup'.$x]; - - if ($server_address) { - - $server=array(); - $server['name']=$server_name; - $server['address']=$server_address; - $server['port']=$server_port; - $server['weight']=$server_weight; - $server['backup']=$server_backup; - $a_servers[]=$server; - - if (preg_match("/[^a-zA-Z0-9\.\-_]/", $server_name)) - $input_errors[] = "The field 'Name' contains invalid characters."; - if (preg_match("/[^a-zA-Z0-9\.\-_]/", $server_address)) - $input_errors[] = "The field 'Address' contains invalid characters."; - - if (!preg_match("/.{2,}/", $server_name)) - $input_errors[] = "The field 'Name' is required."; - - if (!preg_match("/.{2,}/", $server_address)) - $input_errors[] = "The field 'Address' is required."; - - if (!preg_match("/.{2,}/", $server_weight)) - $input_errors[] = "The field 'Weight' is required."; - - if (!is_numeric($server_weight)) - $input_errors[] = "The field 'Weight' value is not a number."; - if ($server_port && !is_numeric($server_port)) - $input_errors[] = "The field 'Port' value is not a number."; - } - } - - if (!$input_errors) { - $pool = array(); - if(isset($id) && $a_pools[$id]) - $pool = $a_pools[$id]; - - if ($pool['name'] != $_POST['name']) { - // name changed: - if (!is_array($config['installedpackages']['haproxy']['ha_backends']['item'])) { - $config['installedpackages']['haproxy']['ha_backends']['item'] = array(); - } - $a_backend = &$config['installedpackages']['haproxy']['ha_backends']['item']; - - for ( $i = 0; $i < count($a_backend); $i++) { - if ($a_backend[$i]['pool'] == $pool['name']) - $a_backend[$i]['pool'] = $_POST['name']; - } - } - - if($pool['name'] != "") - $changedesc .= " modified '{$pool['name']}' pool:"; - - $pool['ha_servers']['item']=$a_servers; - - update_if_changed("name", $pool['name'], $_POST['name']); - update_if_changed("cookie", $pool['cookie'], $_POST['cookie']); - update_if_changed("advanced", $pool['advanced'], base64_encode($_POST['advanced'])); - update_if_changed("checkinter", $pool['checkinter'], $_POST['checkinter']); - update_if_changed("monitor_uri", $pool['monitor_uri'], $_POST['monitor_uri']); - - if (isset($id) && $a_pools[$id]) { - $a_pools[$id] = $pool; - } else { - $a_pools[] = $pool; - } - - if ($changecount > 0) { - touch($d_haproxyconfdirty_path); - write_config($changedesc); - /* - echo "
";
-			print_r($config);
-			echo "
"; - */ - } - - header("Location: haproxy_pools.php"); - exit; - } - $pconfig['a_servers']=&$a_pools[$id]['ha_servers']['item']; -} - -$pfSversion = str_replace("\n", "", file_get_contents("/etc/version")); -if(strstr($pfSversion, "1.2")) - $one_two = true; - -$pgtitle = "HAProxy: pool: Edit"; -include("head.inc"); - -row_helper(); - -?> - - - - - - - - - - - -

- -
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Edit HAProxy pool
Name - size="16" maxlength="16"> -
Cookie - size="64">
- This value will be checked in incoming requests, and the first - operational pool possessing the same value will be selected. In return, in - cookie insertion or rewrite modes, this value will be assigned to the cookie - sent to the client. There is nothing wrong in having several servers sharing - the same cookie value, and it is in fact somewhat common between normal and - backup servers. See also the "cookie" keyword in backend section. - -
Server list
- - - - - - - - - - - - - - - - - - - - - - - - - - - -
NameAddressPortWeightBackup
- - -
- - - -
-
- - - -
Check freq - size="20"> milliseconds -
Defaults to 1000 if left blank. -
Health check URI - size="64"> -
Defaults to / if left blank. -
Advanced pass thru - -
- NOTE: paste text into this box that you would like to pass thru. -
  - - - - - -
-
-
- - - - - - -// Global Variables -var rowname = new Array(99); -var rowtype = new Array(99); -var newrow = new Array(99); -var rowsize = new Array(99); - -for (i = 0; i < 99; i++) { - rowname[i] = ''; - rowtype[i] = ''; - newrow[i] = ''; - rowsize[i] = '25'; -} - -var field_counter_js = 0; -var loaded = 0; -var is_streaming_progress_bar = 0; -var temp_streaming_text = ""; - -var addRowTo = (function() { - return (function (tableId) { - var d, tbody, tr, td, bgc, i, ii, j; - var btable, btbody, btr, btd; - - d = document; - tbody = d.getElementById(tableId).getElementsByTagName("tbody").item(0); - tr = d.createElement("tr"); - totalrows++; - for (i = 0; i < field_counter_js; i++) { - td = d.createElement("td"); - if(rowtype[i] == 'textbox') { - td.innerHTML=" "; - } else if(rowtype[i] == 'select') { - td.innerHTML=" "; - } else { - td.innerHTML=" "; - } - td.setAttribute("class","vtable"); - tr.appendChild(td); - } - td = d.createElement("td"); - td.rowSpan = "1"; - td.setAttribute("class","list"); - - // Recreate the button table. - btable = document.createElement("table"); - btable.setAttribute("border", "0"); - btable.setAttribute("cellspacing", "0"); - btable.setAttribute("cellpadding", "1"); - btbody = document.createElement("tbody"); - btr = document.createElement("tr"); - btd = document.createElement("td"); - btd.setAttribute("valign", "middle"); - btd.innerHTML = ''; - btr.appendChild(btd); - btd = document.createElement("td"); - btd.setAttribute("valign", "middle"); - btd.innerHTML = '"; - btr.appendChild(btd); - btbody.appendChild(btr); - btable.appendChild(btbody); - - td.appendChild(btable); - tr.appendChild(td); - tbody.appendChild(tr); - }); -})(); - -function dupRow(rowId, tableId) { - var dupEl; - var newEl; - - addRowTo(tableId); - for (i = 0; i < field_counter_js; i++) { - dupEl = document.getElementById(rowname[i] + rowId); - newEl = document.getElementById(rowname[i] + totalrows); - if (dupEl && newEl) - if(rowtype[i] == 'checkbox') - newEl.checked = dupEl.checked; - else - newEl.value = dupEl.value; - } -} - -function removeRow(el) { - var cel; - // Break out of one table first - while (el && el.nodeName.toLowerCase() != "table") - el = el.parentNode; - while (el && el.nodeName.toLowerCase() != "tr") - el = el.parentNode; - - if (el && el.parentNode) { - cel = el.getElementsByTagName("td").item(0); - el.parentNode.removeChild(el); - } -} -function editRow(num) { - var trview = document.getElementById('tr_view_' + num); - var tredit = document.getElementById('tr_edit_' + num); - - trview.style.display='none'; - tredit.style.display=''; -} - -function find_unique_field_name(field_name) { - // loop through field_name and strip off -NUMBER - var last_found_dash = 0; - for (var i = 0; i < field_name.length; i++) { - // is this a dash, if so, update - // last_found_dash - if (field_name.substr(i,1) == "-" ) - last_found_dash = i; - } - if (last_found_dash < 1) - return field_name; - return(field_name.substr(0,last_found_dash)); -} - - -EOF; - -} - -?> diff --git a/config/haproxy-dev/haproxy_pools.php b/config/haproxy-dev/haproxy_pools.php deleted file mode 100755 index c5adc70b..00000000 --- a/config/haproxy-dev/haproxy_pools.php +++ /dev/null @@ -1,169 +0,0 @@ - - Copyright (C) 2008 Remco Hoef - All rights reserved. - - Redistribution and use in source and binary forms, with or without - modification, are permitted provided that the following conditions are met: - - 1. Redistributions of source code must retain the above copyright notice, - this list of conditions and the following disclaimer. - - 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. - - THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY - AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, - OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. -*/ - -require_once("guiconfig.inc"); -require_once("haproxy.inc"); - -$d_haproxyconfdirty_path = $g['varrun_path'] . "/haproxy.conf.dirty"; - -if (!is_array($config['installedpackages']['haproxy']['ha_pools']['item'])) { - $config['installedpackages']['haproxy']['ha_pools']['item'] = array(); -} -if (!is_array($config['installedpackages']['haproxy']['ha_backends']['item'])) { - $config['installedpackages']['haproxy']['ha_backends']['item'] = array(); -} - -$a_pools = &$config['installedpackages']['haproxy']['ha_pools']['item']; -$a_backends = &$config['installedpackages']['haproxy']['ha_backends']['item']; - -if ($_POST) { - $pconfig = $_POST; - - if ($_POST['apply']) { - $retval = 0; - config_lock(); - $retval = haproxy_configure(); - config_unlock(); - $savemsg = get_std_save_message($retval); - unlink_if_exists($d_haproxyconfdirty_path); - } -} - -if ($_GET['act'] == "del") { - if (isset($a_pools[$_GET['id']])) { - unset($a_pools[$_GET['id']]); - write_config(); - touch($d_haproxyconfdirty_path); - } - header("Location: haproxy_pools.php"); - exit; -} - -$pfSversion = str_replace("\n", "", file_get_contents("/etc/version")); -if(strstr($pfSversion, "1.2")) - $one_two = true; - -$pgtitle = "Services: HAProxy: Server pools"; -include("head.inc"); - -?> - - - -

- -
- - -

-You must apply the changes in order for them to take effect.");?>
- - - - -
- -
-
- - - - - - - -"; - $textse = ""; - } - if (is_array($pool['ha_servers']['item'])) - $count = count($pool['ha_servers']['item']); - else - $count = 0; -?> - - - - - - - - - - - -
NameServersListener
- - - - - - - - - - - - -
-
- - - - -
-
-
-
-

- - - diff --git a/config/haproxy/haproxy.inc b/config/haproxy/haproxy.inc index dfbec28c..72d9535d 100644 --- a/config/haproxy/haproxy.inc +++ b/config/haproxy/haproxy.inc @@ -34,10 +34,38 @@ require_once("notices.inc"); $d_haproxyconfdirty_path = $g['varrun_path'] . "/haproxy.conf.dirty"; +$a_acltypes = array(); +$a_acltypes[] = array('name' => 'host_starts_with', 'descr' => 'Host starts with', + 'mode' => 'http', 'syntax' => 'hdr_beg(host) -i'); +$a_acltypes[] = array('name' => 'host_ends_with', 'descr' => 'Host ends with', + 'mode' =>'http', 'syntax' => 'hdr_end(host) -i'); +$a_acltypes[] = array('name' => 'host_matches', 'descr' => 'Host matches', + 'mode' =>'http', 'syntax' => 'hdr(host) -i'); +$a_acltypes[] = array('name' => 'host_regex', 'descr' => 'Host regex', + 'mode' =>'http', 'syntax' => 'hdr_reg(host) -i'); +$a_acltypes[] = array('name' => 'host_contains', 'descr' => 'Host contains', + 'mode' => 'http', 'syntax' => 'hdr_dir(host) -i'); +$a_acltypes[] = array('name' => 'path_starts_with', 'descr' => 'Path starts with', + 'mode' => 'http', 'syntax' => 'path_beg -i'); +$a_acltypes[] = array('name' => 'path_ends_with', 'descr' => 'Path ends with', + 'mode' => 'http', 'syntax' => 'path_end -i'); +$a_acltypes[] = array('name' => 'path_matches', 'descr' => 'Path matches', + 'mode' => 'http', 'syntax' => 'path -i'); +$a_acltypes[] = array('name' => 'path_regex', 'descr' => 'Path regex', + 'mode' => 'http', 'syntax' => 'path_reg -i'); +$a_acltypes[] = array('name' => 'path_contains', 'descr' => 'Path contains', + 'mode' => 'http', 'syntax' => 'path_dir -i'); +$a_acltypes[] = array('name' => 'source_ip', 'descr' => 'Source IP', + 'mode' => '', 'syntax' => 'src'); + function haproxy_custom_php_deinstall_command() { exec("rm /usr/local/sbin/haproxy"); exec("rm /usr/local/pkg/haproxy.inc"); exec("rm /usr/local/www/haproxy*"); + exec("rm /usr/local/etc/rc.d/haproxy.sh"); + exec("rm /etc/devd/haproxy.conf"); + exec("/etc/rc.d/devd restart"); + haproxy_install_cron(false); } function haproxy_custom_php_install_command() { @@ -60,6 +88,8 @@ haproxy_enable=\${haproxy-"YES"} start_cmd="haproxy_start" stop_postcmd="haproxy_stop" +check_cmd="haproxy_check" +extra_commands="check" load_rc_config \$name @@ -77,6 +107,20 @@ haproxy_start () { ENDOFF } +haproxy_check () { + echo "Checking haproxy." + /usr/bin/env \ + PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin \ + /usr/local/bin/php -q -d auto_prepend_file=config.inc < +ENDOFF +} + haproxy_stop () { echo "Stopping haproxy." killall haproxy @@ -91,18 +135,262 @@ EOD; fclose($fd); exec("chmod a+rx /usr/local/etc/rc.d/haproxy.sh"); + $devd = << $be) { + $a_backends[$id]['status'] = 'active'; + } + $id = 0; + foreach ($a_oldservers as $oldserver) { + $pool=$oldserver; + /* make server sub array */ + $server=array(); + $server['name'] = $oldserver['name']; + $server['address'] = $oldserver['address']; + $server['port'] = $oldserver['port']; + $server['weight'] = $oldserver['weight']; + $a_servers=array(); + $a_servers[]=$server; + /* set new pool */ + $pool['name'] = "pool$id"; + $id++; + $pool['ha_servers']['item']=$a_servers; + /* link to frontend */ + foreach ($a_backends as $id => $be) { + if ($a_backends[$id]['name'] == $oldserver['backend']) { + $a_backends[$id]['pool'] = $pool['name']; + $pool['monitor_uri'] = $be['monitor_uri']; + unset($a_backends[$id]['monitor_uri']); + break; + } + } + unset($pool['backend']); + unset($pool['address']); + unset($pool['port']); + unset($pool['weight']); + $a_pools[] = $pool; + } + unset($config['installedpackages']['haproxy']['ha_servers']); + write_config(); + } + conf_mount_ro(); exec("/usr/local/etc/rc.d/haproxy.sh start"); } +function haproxy_install_cron($should_install) { + global $config, $g; + if($g['booting']==true) + return; + $is_installed = false; + if(!$config['cron']['item']) + return; + $x=0; + foreach($config['cron']['item'] as $item) { + if(strstr($item['command'], "/usr/local/etc/rc.d/haproxy.sh")) { + $is_installed = true; + break; + } + $x++; + } + switch($should_install) { + case true: + if(!$is_installed) { + $cron_item = array(); + $cron_item['minute'] = "*/2"; + $cron_item['hour'] = "*"; + $cron_item['mday'] = "*"; + $cron_item['month'] = "*"; + $cron_item['wday'] = "*"; + $cron_item['who'] = "root"; + $cron_item['command'] = "/usr/local/etc/rc.d/haproxy.sh check"; + $config['cron']['item'][] = $cron_item; + parse_config(true); + write_config(); + configure_cron(); + } + break; + case false: + if($is_installed == true) { + if($x > 0) { + unset($config['cron']['item'][$x]); + parse_config(true); + write_config(); + } + configure_cron(); + } + break; + } +} + +function haproxy_find_acl($name) { + global $a_acltypes; + + /* XXX why is this broken from xmlsync? */ + if (!$a_acltypes) { + $a_acltypes = array(); + $a_acltypes[] = array('name' => 'host_starts_with', 'descr' => 'Host starts with', + 'mode' => 'http', 'syntax' => 'hdr_beg(host) -i'); + $a_acltypes[] = array('name' => 'host_ends_with', 'descr' => 'Host ends with', + 'mode' =>'http', 'syntax' => 'hdr_end(host) -i'); + $a_acltypes[] = array('name' => 'host_matches', 'descr' => 'Host matches', + 'mode' =>'http', 'syntax' => 'hdr(host) -i'); + $a_acltypes[] = array('name' => 'host_regex', 'descr' => 'Host regex', + 'mode' =>'http', 'syntax' => 'hdr_reg(host) -i'); + $a_acltypes[] = array('name' => 'host_contains', 'descr' => 'Host contains', + 'mode' => 'http', 'syntax' => 'hdr_dir(host) -i'); + $a_acltypes[] = array('name' => 'path_starts_with', 'descr' => 'Path starts with', + 'mode' => 'http', 'syntax' => 'path_beg -i'); + $a_acltypes[] = array('name' => 'path_ends_with', 'descr' => 'Path ends with', + 'mode' => 'http', 'syntax' => 'path_end -i'); + $a_acltypes[] = array('name' => 'path_matches', 'descr' => 'Path matches', + 'mode' => 'http', 'syntax' => 'path -i'); + $a_acltypes[] = array('name' => 'path_regex', 'descr' => 'Path regex', + 'mode' => 'http', 'syntax' => 'path_reg -i'); + $a_acltypes[] = array('name' => 'path_contains', 'descr' => 'Path contains', + 'mode' => 'http', 'syntax' => 'path_dir -i'); + $a_acltypes[] = array('name' => 'source_ip', 'descr' => 'Source IP', + 'mode' => '', 'syntax' => 'src'); + } + + if($a_acltypes) { + foreach ($a_acltypes as $acl) { + if ($acl['name'] == $name) + return $acl; + } + } +} + +function write_backend($fd, $name, $pool, $frontend) { + if(!is_array($pool['ha_servers']['item'])) + return; + + fwrite ($fd, "backend " . $name . "\n"); + if($pool['cookie_name'] && strtolower($frontend['type']) == "http") + fwrite ($fd, "\tcookie\t\t\t" . $pool['cookie_name'] . " insert indirect\n"); + + // https is an alias for tcp for clarity purpouses + if(strtolower($frontend['type']) == "https") { + $backend_type = "tcp"; + $httpchk = "ssl-hello-chk"; + } else { + $backend_type = $frontend['type']; + $httpchk = "httpchk"; + } + + fwrite ($fd, "\tmode\t\t\t" . $backend_type . "\n"); + + if($frontend['balance']) + fwrite ($fd, "\tbalance\t\t\t" . $frontend['balance'] . "\n"); + + if($frontend['connection_timeout']) + fwrite ($fd, "\tcontimeout\t\t" . $frontend['connection_timeout'] . "\n"); + + if($frontend['server_timeout']) + fwrite ($fd, "\tsrvtimeout\t\t" . $frontend['server_timeout'] . "\n"); + + if($frontend['retries']) + fwrite ($fd, "\tretries\t\t\t" . $frontend['retries'] . "\n"); + + if($frontend['stats_enabled']=='yes') { + fwrite ($fd, "\tstats\t\t\tenable\n"); + if($frontend['stats_uri']) + fwrite ($fd, "\tstats\t\t\turi ".$frontend['stats_uri']."\n"); + if($frontend['stats_realm']) + fwrite ($fd, "\tstats\t\t\trealm " . $frontend['stats_realm'] . "\n"); + else + fwrite ($fd, "\tstats\t\t\trealm .\n"); + fwrite ($fd, "\tstats\t\t\tauth " . $frontend['stats_username'].":". $frontend['stats_password']."\n"); + } + + $uri = $pool['monitor_uri']; + if ($pool['monitor_uri']) + $uri = $pool['monitor_uri']; + else + $uri = "/"; + fwrite ($fd, "\toption\t\t\t{$httpchk} HEAD " . $uri . " HTTP/1.0\n"); + + if($pool['cookie'] && strtolower($frontend['type']) == "http") + $cookie = " cookie {$pool['cookie']} "; + else + $cookie = ""; + if($pool['advanced']) { + $advanced = base64_decode($pool['advanced']); + $advanced_txt = " " . $advanced; + } else { + $advanced_txt = ""; + } + if($pool['checkinter']) + $checkinter = "check inter {$pool['checkinter']}"; + else if (strtolower($frontend['type']) != "tcp") + $checkinter = "check inter 1000"; + else + $checkinter = ""; + + $a_servers = &$pool['ha_servers']['item']; + foreach($a_servers as $be) { + if(!$be['port']) { + // the listener can specify a default port + $be['port'] = $frontend['svrport']; + } + if(!$be['port']) { + // last resort, use the frontend port + $ports = split(",", "{$frontend['port']},"); + $be['port'] = $ports[0]; + } + if (!$be['name']) + $be['name'] = $be['address']; + if($be['backup']) { + $isbackup = "backup"; + } else { + $isbackup = ""; + } + fwrite ($fd, "\tserver\t\t\t" . $be['name'] . " " . $be['address'].":" . $be['port'] . " $cookie " . " $checkinter $isbackup weight " . $be['weight'] . "{$advanced_txt}\n"); + } + fwrite ($fd, "\n"); +} + function haproxy_configure() { + // reload haproxy + haproxy_writeconf(); + return haproxy_check_run(1); +} + +function haproxy_writeconf() { global $config, $g; $a_global = &$config['installedpackages']['haproxy']; $a_backends = &$config['installedpackages']['haproxy']['ha_backends']['item']; - $a_frontends = &$config['installedpackages']['haproxy']['ha_frontends']['item']; - $a_servers = &$config['installedpackages']['haproxy']['ha_servers']['item']; + $a_pools = &$config['installedpackages']['haproxy']['ha_pools']['item']; $fd = fopen("{$g['varetc_path']}/haproxy.cfg", "w"); @@ -112,7 +400,7 @@ function haproxy_configure() { fwrite ($fd, "\t" . base64_decode($a_global['advanced']) . "\n"); fwrite ($fd, "\tmaxconn\t\t\t".$a_global['maxconn']."\n"); if($a_global['remotesyslog']) - fwrite ($fd, "\tlog\t\t\t{$a_global['remotesyslog']}\tlocal0\n"); + fwrite ($fd, "\tlog\t\t\t{$a_global['remotesyslog']}\t{$a_global['logfacility']}\t{$a_global['loglevel']}\n"); fwrite ($fd, "\tuid\t\t\t80\n"); fwrite ($fd, "\tgid\t\t\t80\n"); // Set numprocs if defined or use system default (#cores) @@ -126,15 +414,51 @@ function haproxy_configure() { fwrite ($fd, "\n"); } - // Construct and write out configuration file + // Try and get a unique array for address:port as frontends can duplicate + $a_bind = array(); if(is_array($a_backends)) { foreach ($a_backends as $backend) { + if($backend['status'] != 'active') + continue; + if(!$backend['pool']) + continue; + + $bname = $backend['extaddr'] . ":" . $backend['port']; + if (!is_array($a_bind[$bname])) { + $a_bind[$bname] = array(); + $a_bind[$bname]['config'] = array(); + // Settings which are constant for a merged frontend + $a_bind[$bname]['name'] = $backend['name']; + $a_bind[$bname]['extaddr'] = $backend['extaddr']; + $a_bind[$bname]['port'] = $backend['port']; + } + $b = &$a_bind[$bname]; + + // Overwrite ? + $b['type'] = $backend['type']; + $b['forwardfor'] = $backend['forwardfor']; + $b['httpclose'] = $backend['httpclose']; + $b['max_connections'] = $backend['max_connections']; + $b['client_timeout'] = $backend['client_timeout']; + $b['advanced'] = $backend['advanced']; + + // pointer to each backend + $b['config'][] = $backend; + } + } + + $a_pendingpl = array(); - // Define our backend name - $backendinfo = "listen {$backend['name']}\n"; + // Construct and write out configuration file + if(is_array($a_bind)) { + foreach ($a_bind as $bind) { + if (count($bind['config']) > 1) + $frontendinfo = "frontend {$bind['name']}-merged\n"; + else + $frontendinfo = "frontend {$bind['name']}\n"; // Prepare ports for processing by splitting - $portss = "{$backend['port']},"; + $portss = "{$bind['port']},"; $ports = split(",", $portss); // Initialize variable @@ -143,176 +467,184 @@ function haproxy_configure() { // Process and add bind directives for ports foreach($ports as $port) { if($port) { - if($backend['extaddr'] == "any") + if($bind['extaddr'] == "any") $listenip .= "\tbind\t\t\t0.0.0.0:{$port}\n"; - elseif($backend['extaddr']) - $listenip .= "\tbind\t\t\t{$backend['extaddr']}:{$port}\n"; + elseif($bind['extaddr']) + $listenip .= "\tbind\t\t\t{$bind['extaddr']}:{$port}\n"; else $listenip .= "\tbind\t\t\t" . get_current_wan_address('wan') . ":{$port}\n"; } } - fwrite ($fd, "{$backendinfo}"); + fwrite ($fd, "{$frontendinfo}"); fwrite ($fd, "{$listenip}"); // Advanced pass thru - if($backend['advanced']) { - $advanced = base64_decode($backend['advanced']); + if($bind['advanced']) { + $advanced = base64_decode($bind['advanced']); fwrite($fd, "\t" . $advanced . "\n"); } // https is an alias for tcp for clarity purpouses - if(strtolower($backend['type']) == "https") { + if(strtolower($bind['type']) == "https") { $backend_type = "tcp"; $httpchk = "ssl-hello-chk"; } else { - $backend_type = $backend['type']; + $backend_type = $bind['type']; $httpchk = "httpchk"; } - fwrite ($fd, "\tmode\t\t\t" . $backend_type . "\n"); + fwrite ($fd, "\tmode\t\t\t" . $backend_type . "\n"); fwrite ($fd, "\tlog\t\t\tglobal\n"); fwrite ($fd, "\toption\t\t\tdontlognull\n"); - if($backend['httpclose']) + if($bind['httpclose']) fwrite ($fd, "\toption\t\t\thttpclose\n"); - if($backend['forwardfor']) + if($bind['forwardfor']) fwrite ($fd, "\toption\t\t\tforwardfor\n"); - if($backend['max_connections']) - fwrite ($fd, "\tmaxconn\t\t\t" . $backend['max_connections'] . "\n"); - - if($backend['client_timeout']) - fwrite ($fd, "\tclitimeout\t\t" . $backend['client_timeout'] . "\n"); - - if($backend['balance']) - fwrite ($fd, "\tbalance\t\t\t" . $backend['balance'] . "\n"); - - if($backend['connection_timeout']) - fwrite ($fd, "\tcontimeout\t\t" . $backend['connection_timeout'] . "\n"); - - if($backend['server_timeout']) - fwrite ($fd, "\tsrvtimeout\t\t" . $backend['server_timeout'] . "\n"); - - if($backend['retries']) - fwrite ($fd, "\tretries\t\t\t" . $backend['retries'] . "\n"); - - if($backend['cookie_name']) - fwrite ($fd, "\tcookie\t\t\t" . $backend['cookie_name'] . " insert indirect\n"); - - if($backend['monitor_uri']) - fwrite ($fd, "\toption\t\t\t{$httpchk} HEAD " . $backend['monitor_uri'] . " HTTP/1.0\n"); - - if($backend['stats_enabled']=='yes') { - fwrite ($fd, "\tstats\t\t\tenable\n"); - if($backend['stats_uri']) - fwrite ($fd, "\tstats\t\t\turi ".$backend['stats_uri']."\n"); - if($backend['stats_realm']) - fwrite ($fd, "\tstats\t\t\trealm " . $backend['stats_realm'] . "\n"); - else - fwrite ($fd, "\tstats\t\t\trealm .\n"); - fwrite ($fd, "\tstats\t\t\tauth " . $backend['stats_username'].":". $backend['stats_password']."\n"); - if($backend['stats_node_enabled']=='yes') - fwrite ($fd, "\tstats\t\t\tshow-node " . $backend['stats_node'] . "\n"); - if($backend['stats_desc']) - fwrite ($fd, "\tstats\t\t\tshow-desc " . $backend['stats_desc'] . "\n"); - if($backend['stats_refresh']) - fwrite ($fd, "\tstats\t\t\trefresh " . $backend['stats_refresh'] . "\n"); - } + if($bind['max_connections']) + fwrite ($fd, "\tmaxconn\t\t\t" . $bind['max_connections'] . "\n"); - $a_acl=&$frontend['ha_acls']['item']; - if(!is_array($a_acl)) - $a_acl=array(); + if($bind['client_timeout']) + fwrite ($fd, "\tclitimeout\t\t" . $bind['client_timeout'] . "\n"); + + + // Combine the rest of the listener configs + $default_once = 0; + $i = 0; + foreach ($bind['config'] as $bconfig) { + $a_acl=&$bconfig['ha_acls']['item']; + if(!is_array($a_acl)) + $a_acl=array(); - foreach ($a_acl as $acl) - fwrite ($fd, "\tacl\t\t\t".$acl['name']."\t\t".$acl['expression']."\n"); - - $server['backend'] .= " "; - if(is_array($a_servers)) { - foreach ($a_servers as $server) { - $backends_to_process = split(" ", $server['backend']); - foreach($backends_to_process as $backends) { - if($backends == "") - continue; - if($backends == $backend['name']) { - $server_ports = array(); - if($server['status'] != 'inactive') { - if($server['cookie']) - $cookie = " cookie {$server['cookie']} "; - else - $cookie = ""; - if(!$server['port']) { - foreach($ports as $port) { - if($port) - $server_ports[] = $port; - } - } else { - $server_ports[] = $server['port']; - } - if($server['advanced']) { - $advanced = base64_decode($server['advanced']); - $advanced_txt = " " . $advanced; - } else { - $advanced_txt = ""; - } - if($server['status'] != 'active') { - $status = " " . $server['status']; - } else { - $status = ""; - } - if($server['checkinter']) - $checkinter = "check inter {$server['checkinter']}"; - else - $checkinter = "check inter 1000"; - foreach($server_ports as $pport) - fwrite ($fd, "\tserver\t\t\t" . $server['name'] . " " . $server['address'].":" . $pport . " $cookie " . " $checkinter weight " . $server['weight'] . $status . "{$advanced_txt}\n"); - } - } - } + $poolname = $bconfig['pool'] . "_" . strtolower($bconfig['type']); + + // Create different pools if the svrport is set + if ($bconfig['svrport'] > 0) + $poolname .= "_" . $bconfig['svrport']; + + // Write this out once, and must be before any backend config text + if ($default_once == 0) { + fwrite ($fd, "\tdefault_backend\t\t" . $poolname . "\n"); + $default_once++; + } + + if (!isset($a_pendingpl[$poolname])) { + $a_pendingpl[$poolname] = array(); + $a_pendingpl[$poolname]['name'] = $poolname; + $a_pendingpl[$poolname]['frontend'] = $bconfig; + } + + foreach ($a_acl as $entry) { + $acl = haproxy_find_acl($entry['expression']); + if (!$acl) + continue; + + // Filter out acls for different modes + if ($acl['mode'] != '' && $acl['mode'] != strtolower($bind['type'])) + continue; + + if ($acl['syntax'] != '') + $expr = $acl['syntax'] . " " . $entry['value']; + else + $expr = $entry['expression'] . " " . $entry['value']; + + $aclname = $i . "_" . $entry['name']; + fwrite ($fd, "\tacl\t\t\t" . $aclname . "\t" . $expr . "\n"); + fwrite ($fd, "\tuse_backend\t\t" . $poolname . " if " . $aclname . "\n"); + $i++; } + } fwrite ($fd, "\n"); } - // Sync HAProxy configuration (if enabled) - if(isset($config['installedpackages']['haproxy']['enablesync'])) { - if($config['installedpackages']['haproxy']['synchost1']) { - haproxy_do_xmlrpc_sync($config['installedpackages']['haproxy']['synchost1'], - $config['installedpackages']['haproxy']['syncpassword']); - } - if($config['installedpackages']['haproxy']['synchost2']) { - haproxy_do_xmlrpc_sync($config['installedpackages']['haproxy']['synchost2'], - $config['installedpackages']['haproxy']['syncpassword']); - } - if($config['installedpackages']['haproxy']['synchost3']) { - haproxy_do_xmlrpc_sync($config['installedpackages']['haproxy']['synchost3'], - $config['installedpackages']['haproxy']['syncpassword']); + } + if (is_array($a_pendingpl) && is_array($a_pools)) { + foreach ($a_pendingpl as $pending) { + foreach ($a_pools as $pool) { + if ($pending['frontend']['pool'] == $pool['name']) { + write_backend($fd, $pending['name'], $pool, $pending['frontend']); + } } } } + fwrite ($fd, "\n"); + + // Sync HAProxy configuration (if enabled) + if(isset($config['installedpackages']['haproxy']['enablesync'])) { + if($config['installedpackages']['haproxy']['synchost1']) { + haproxy_do_xmlrpc_sync($config['installedpackages']['haproxy']['synchost1'], + $config['installedpackages']['haproxy']['syncpassword']); + } + if($config['installedpackages']['haproxy']['synchost2']) { + haproxy_do_xmlrpc_sync($config['installedpackages']['haproxy']['synchost2'], + $config['installedpackages']['haproxy']['syncpassword']); + } + if($config['installedpackages']['haproxy']['synchost3']) { + haproxy_do_xmlrpc_sync($config['installedpackages']['haproxy']['synchost3'], + $config['installedpackages']['haproxy']['syncpassword']); + } + } // create config file fclose($fd); + if (isset($a_global['carpdev'])) + haproxy_install_cron(true); + else + haproxy_install_cron(false); + $freebsd_version = substr(trim(`uname -r`), 0, 1); if(!file_exists("/usr/bin/limits")) { exec("fetch -q -o /usr/bin/limits http://files.pfsense.org/extras/{$freebsd_version}/limits"); exec("chmod a+rx /usr/bin/limits"); } +} + +function haproxy_is_running() { + $running = (shell_exec("/bin/pgrep -x haproxy") != ''); + return $running; +} + +function haproxy_check_run($reload) { + global $config, $g; + + $a_global = &$config['installedpackages']['haproxy']; exec("/usr/bin/limits -n 300014"); - // reload haproxy if(isset($a_global['enable'])) { - if(is_process_running('haproxy')) { + if (isset($a_global['carpdev'])) { + $status = get_carp_interface_status($a_global['carpdev']); + if ($status != "MASTER") { + if (haproxy_is_running()) { + log_error("Stopping haproxy on CARP backup."); + exec("/bin/pkill -F /var/run/haproxy.pid haproxy"); + } + return (0); + } else if (haproxy_is_running() && $reload == 0) { + return (0); + } + log_error("Starting haproxy on CARP master."); + /* fallthrough */ + } else if ($reload == 0) + return (0); + + if (haproxy_is_running()) { exec("/usr/local/sbin/haproxy -f /var/etc/haproxy.cfg -p /var/run/haproxy.pid -st `cat /var/run/haproxy.pid`"); } else { exec("/usr/local/sbin/haproxy -f /var/etc/haproxy.cfg -p /var/run/haproxy.pid -D"); } return (0); } else { + if ($reload && haproxy_is_running()) { + exec("/bin/pkill -F /var/run/haproxy.pid haproxy"); + } return (1); } + } function haproxy_do_xmlrpc_sync($sync_to_ip, $password) { @@ -362,11 +694,11 @@ function haproxy_do_xmlrpc_sync($sync_to_ip, $password) { $xml['haproxy'] = $config['installedpackages']['haproxy']; // Prevent sync loops - unset($xml['haproxy']['synchost1']); - unset($xml['haproxy']['synchost2']); - unset($xml['haproxy']['synchost3']); - unset($xml['haproxy']['syncpassword']); - + unset($xml['synchost1']); + unset($xml['synchost2']); + unset($xml['synchost3']); + unset($xml['syncpassword']); + /* assemble xmlrpc payload */ $params = array( XML_RPC_encode($password), diff --git a/config/haproxy/haproxy.xml b/config/haproxy/haproxy.xml index bc338764..83e2ca5d 100644 --- a/config/haproxy/haproxy.xml +++ b/config/haproxy/haproxy.xml @@ -44,13 +44,13 @@ haproxy 1.0 HAProxy - /pkg_edit.php?xml=haproxy_servers.php + /pkg_edit.php?xml=haproxy_pools.php /usr/local/pkg/haproxy.inc HAProxy
Services
- /haproxy_global.php + /haproxy_listeners.php HAProxy @@ -62,32 +62,32 @@ /usr/local/pkg/ 077 - http://www.pfsense.com/packages/config/haproxy/haproxy.inc + http://www.pfsense.com/packages/config/haproxy-dev/haproxy.inc /usr/local/www/ 077 - http://www.pfsense.com/packages/config/haproxy/haproxy_frontends.php + http://www.pfsense.com/packages/config/haproxy-dev/haproxy_listeners.php /usr/local/www/ 077 - http://www.pfsense.com/packages/config/haproxy/haproxy_frontends_edit.php + http://www.pfsense.com/packages/config/haproxy-dev/haproxy_listeners_edit.php /usr/local/www/ 077 - http://www.pfsense.com/packages/config/haproxy/haproxy_global.php + http://www.pfsense.com/packages/config/haproxy-dev/haproxy_global.php /usr/local/www/ 077 - http://www.pfsense.com/packages/config/haproxy/haproxy_servers.php + http://www.pfsense.com/packages/config/haproxy-dev/haproxy_pools.php /usr/local/www/ 077 - http://www.pfsense.com/packages/config/haproxy/haproxy_servers_edit.php + http://www.pfsense.com/packages/config/haproxy-dev/haproxy_pool_edit.php @@ -96,18 +96,15 @@ - /* - included in package install $freebsdv=trim(`uname -r | cut -d'.' -f1`); conf_mount_rw(); - `fetch -q -o /usr/local/sbin/ http://www.pfsense.org/packages/config/haproxy/binaries{$freebsdv}/haproxy`; + `fetch -q -o /usr/local/sbin/ http://www.pfsense.org/packages/config/haproxy-dev/binaries{$freebsdv}/haproxy`; exec("chmod a+rx /usr/local/sbin/haproxy"); - */ haproxy_custom_php_install_command(); haproxy_custom_php_deinstall_command(); - + - \ No newline at end of file + diff --git a/config/haproxy/haproxy_frontends.php b/config/haproxy/haproxy_frontends.php deleted file mode 100755 index d50133b8..00000000 --- a/config/haproxy/haproxy_frontends.php +++ /dev/null @@ -1,149 +0,0 @@ - - Copyright (C) 2008 Remco Hoef - All rights reserved. - - Redistribution and use in source and binary forms, with or without - modification, are permitted provided that the following conditions are met: - - 1. Redistributions of source code must retain the above copyright notice, - this list of conditions and the following disclaimer. - - 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. - - THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY - AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, - OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. -*/ - -require_once("guiconfig.inc"); - -$d_haproxyconfdirty_path = $g['varrun_path'] . "/haproxy.conf.dirty"; - -require_once("haproxy.inc"); - -if (!is_array($config['installedpackages']['haproxy']['ha_backends']['item'])) { - $config['installedpackages']['haproxy']['ha_backends']['item'] = array(); -} -$a_backend = &$config['installedpackages']['haproxy']['ha_backends']['item']; - -if ($_POST) { - $pconfig = $_POST; - - if ($_POST['apply']) { - $retval = 0; - config_lock(); - $retval = haproxy_configure(); - config_unlock(); - $savemsg = get_std_save_message($retval); - unlink_if_exists($d_haproxyconfdirty_path); - } -} - -if ($_GET['act'] == "del") { - if ($a_backend[$_GET['id']]) { - if (!$input_errors) { - unset($a_backend[$_GET['id']]); - write_config(); - touch($d_haproxyconfdirty_path); - header("Location: haproxy_frontends.php"); - exit; - } - } -} - -$pfSversion = str_replace("\n", "", file_get_contents("/etc/version")); -if(strstr($pfSversion, "1.2")) - $one_two = true; - -$pgtitle = "Services: HAProxy: Frontend"; -include("head.inc"); - -?> - - -
- -

- - - -

-You must apply the changes in order for them to take effect.");?>
- - - - -
- -
-
- - - - - - - - - - - - - - - - - - - - - -
NameDescriptionStats URIType
- - - - - - - - - - - - - -
-
- - - - -
-
-
-
-

- - - diff --git a/config/haproxy/haproxy_frontends_edit.php b/config/haproxy/haproxy_frontends_edit.php deleted file mode 100755 index df2411b2..00000000 --- a/config/haproxy/haproxy_frontends_edit.php +++ /dev/null @@ -1,735 +0,0 @@ - - Copyright (C) 2008 Remco Hoef - All rights reserved. - - Redistribution and use in source and binary forms, with or without - modification, are permitted provided that the following conditions are met: - - 1. Redistributions of source code must retain the above copyright notice, - this list of conditions and the following disclaimer. - - 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. - - THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY - AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - AUTHOR BE LIABLE FOR ANY DIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, - OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. -*/ - -require("guiconfig.inc"); - -$d_haproxyconfdirty_path = $g['varrun_path'] . "/haproxy.conf.dirty"; - -if (!is_array($config['installedpackages']['haproxy']['ha_backends']['item'])) { - $config['installedpackages']['haproxy']['ha_backends']['item'] = array(); -} - -$a_backend = &$config['installedpackages']['haproxy']['ha_backends']['item']; - -if (isset($_POST['id'])) - $id = $_POST['id']; -else - $id = $_GET['id']; - -if (isset($id) && $a_backend[$id]) { - $pconfig['name'] = $a_backend[$id]['name']; - $pconfig['desc'] = $a_backend[$id]['desc']; - $pconfig['connection_timeout'] = $a_backend[$id]['connection_timeout']; - $pconfig['server_timeout'] = $a_backend[$id]['server_timeout']; - $pconfig['retries'] = $a_backend[$id]['retries']; - - $pconfig['type'] = $a_backend[$id]['type']; - $pconfig['balance'] = $a_backend[$id]['balance']; - $pconfig['monitor_uri'] = $a_backend[$id]['monitor_uri']; - - $pconfig['forwardfor'] = $a_backend[$id]['forwardfor']; - $pconfig['httpclose'] = $a_backend[$id]['httpclose']; - - $pconfig['stats_enabled'] = $a_backend[$id]['stats_enabled']; - $pconfig['stats_username'] = $a_backend[$id]['stats_username']; - $pconfig['stats_password'] = $a_backend[$id]['stats_password']; - $pconfig['stats_uri'] = $a_backend[$id]['stats_uri']; - $pconfig['stats_realm'] = $a_backend[$id]['stats_realm']; - $pconfig['stats_node_enabled'] = $a_backend[$id]['stats_node_enabled']; - $pconfig['stats_node'] = $a_backend[$id]['stats_node']; - $pconfig['stats_desc'] = $a_backend[$id]['stats_desc']; - $pconfig['stats_refresh'] = $a_backend[$id]['stats_refresh']; - - $pconfig['type'] = $a_backend[$id]['type']; - $pconfig['extaddr'] = $a_backend[$id]['extaddr']; - $pconfig['max_connections'] = $a_backend[$id]['max_connections']; - $pconfig['client_timeout'] = $a_backend[$id]['client_timeout']; - $pconfig['port'] = $a_backend[$id]['port']; - $pconfig['a_acl']=&$a_backend[$id]['ha_acls']['item']; - $pconfig['advanced'] = base64_decode($a_backend[$id]['advanced']); - -} - -$changedesc = "Services: HAProxy: Frontend"; -$changecount = 0; - -if ($_POST) { - $changecount++; - - unset($input_errors); - $pconfig = $_POST; - - if ($_POST['stats_enabled']) { - $reqdfields = explode(" ", "name connection_timeout server_timeout stats_username stats_password stats_uri stats_realm"); - $reqdfieldsn = explode(",", "Name,Connection timeout,Server timeout,Stats Username,Stats Password,Stats Uri,Stats Realm"); - } else { - $reqdfields = explode(" ", "name connection_timeout server_timeout"); - $reqdfieldsn = explode(",", "Name,Connection timeout,Server timeout"); - } - - do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); - - $reqdfields = explode(" ", "name type port max_connections client_timeout"); - $reqdfieldsn = explode(",", "Name,Type,Port,Max connections,Client timeout"); - - do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); - - if (preg_match("/[^a-zA-Z0-9\.\-_]/", $_POST['name'])) - $input_errors[] = "The field 'Name' contains invalid characters."; - - if (!is_numeric($_POST['connection_timeout'])) - $input_errors[] = "The field 'Connection timeout' value is not a number."; - - if (!is_numeric($_POST['server_timeout'])) - $input_errors[] = "The field 'Server timeout' value is not a number."; - - if (!$_POST['retries'] && is_numeric($_POST['retries'])) - $input_errors[] = "The field 'Retries' value is not a number."; - - if (preg_match("/[^a-zA-Z0-9\.\-_]/", $_POST['stats_username'])) - $input_errors[] = "The field 'Stats Username' contains invalid characters."; - - if (preg_match("/[^a-zA-Z0-9\.\-_]/", $_POST['stats_password'])) - $input_errors[] = "The field 'Stats Password' contains invalid characters."; - - if (!is_numeric($_POST['max_connections'])) - $input_errors[] = "The field 'Max connections' value is not a number."; - - $ports = split(",", $_POST['port'] . ","); - foreach($ports as $port) - if ($port && !is_numeric($port)) - $input_errors[] = "The field 'Port' value is not a number."; - - if (!is_numeric($_POST['client_timeout'])) - $input_errors[] = "The field 'Client timeout' value is not a number."; - - /* Ensure that our pool names are unique */ - for ($i=0; isset($config['installedpackages']['haproxy']['ha_backends']['item'][$i]); $i++) - if (($_POST['name'] == $config['installedpackages']['haproxy']['ha_backends']['item'][$i]['name']) && ($i != $id)) - $input_errors[] = "This backend name has already been used. Frontend names must be unique."; - - $a_acl=array(); - $acl_names=array(); - for($x=0; $x<99; $x++) { - $acl_name=$_POST['acl_name'.$x]; - $acl_expression=$_POST['acl_expression'.$x]; - - if ($acl_name) { - // check for duplicates - if (in_array($acl_name, $acl_names)) { - $input_errors[] = "The name '$acl_name' is duplicate."; - } - - $acl_names[]=$acl_name; - - $acl=array(); - $acl['name']=$acl_name; - $acl['expression']=$acl_expression; - $a_acl[]=$acl; - - if (preg_match("/[^a-zA-Z0-9\.\-_]/", $acl_name)) - $input_errors[] = "The field 'Name' contains invalid characters."; - - if (!preg_match("/.{2,}/", $acl_expression)) - $input_errors[] = "The field 'Expression' is required."; - - if (!preg_match("/.{2,}/", $acl_name)) - $input_errors[] = "The field 'Name' is required."; - - } - } - - $pconfig['a_acl']=$a_acl; - - if (!$input_errors) { - $backend = array(); - if(isset($id) && $a_backend[$id]) - $backend = $a_backend[$id]; - - if($backend['name'] != "") - $changedesc .= " modified '{$backend['name']}' pool:"; - - if ($backend['name']!=$_POST['name']) { - // name changed: - // * update servers - // * update frontend (default backend and acl) - if (!is_array($config['installedpackages']['haproxy']['ha_servers']['item'])) { - $config['installedpackages']['haproxy']['ha_servers']['item'] = array(); - } - $a_server = &$config['installedpackages']['haproxy']['ha_servers']['item']; - - for ( $i = 0; $i < count($a_server); $i++) { - if ($a_server[$i]['backend']==$backend['name']) { - $a_server[$i]['backend']=$_POST['name']; - } - } - - if (!is_array($config['installedpackages']['haproxy']['ha_frontends']['item'])) { - $config['installedpackages']['haproxy']['ha_frontends']['item'] = array(); - } - $a_frontend = &$config['installedpackages']['haproxy']['ha_frontends']['item']; - - for ( $i = 0; $i < count($a_frontend); $i++) { - if ($a_frontend[$i]['backend']==$backend['name']) { - $a_frontend[$i]['backend']=$_POST['name']; - } - - if (!is_array($a_frontend[$i]['ha_acls']['item'])) { - $a_frontend[$i]['ha_acls']['item'] = array(); - } - - $a_acl = &$a_frontend[$i]['ha_acls']['item']; - for ( $j = 0; $j < count($a_acl); $j++) { - if ($a_acl[$j]['backend']==$backend['name']) { - $a_acl[$j]['backend']=$_POST['name']; - } - } - } - } - - update_if_changed("name", $backend['name'], $_POST['name']); - update_if_changed("description", $backend['desc'], $_POST['desc']); - update_if_changed("connection_timeout", $backend['connection_timeout'], $_POST['connection_timeout']); - update_if_changed("server_timeout", $backend['server_timeout'], $_POST['server_timeout']); - update_if_changed("retries", $backend['retries'], $_POST['retries']); - update_if_changed("type", $backend['type'], $_POST['type']); - update_if_changed("balance", $backend['balance'], $_POST['balance']); - update_if_changed("cookie_name", $backend['cookie_name'], $_POST['cookie_name']); - update_if_changed("monitor_uri", $backend['monitor_uri'], $_POST['monitor_uri']); - update_if_changed("forwardfor", $backend['forwardfor'], $_POST['forwardfor']); - update_if_changed("httpclose", $backend['httpclose'], $_POST['httpclose']); - update_if_changed("stats_enabled", $backend['stats_enabled'], $_POST['stats_enabled']); - update_if_changed("stats_username", $backend['stats_username'], $_POST['stats_username']); - update_if_changed("stats_password", $backend['stats_password'], $_POST['stats_password']); - update_if_changed("stats_uri", $backend['stats_uri'], $_POST['stats_uri']); - update_if_changed("stats_realm", $backend['stats_realm'], $_POST['stats_realm']); - update_if_changed("stats_node_enabled", $backend['stats_node_enabled'], $_POST['stats_node_enabled']); - update_if_changed("stats_node", $backend['stats_node'], $_POST['stats_node']); - update_if_changed("stats_desc", $backend['stats_desc'], $_POST['stats_desc']); - update_if_changed("stats_desc", $backend['stats_refresh'], $_POST['stats_refresh']); - update_if_changed("type", $backend['type'], $_POST['type']); - update_if_changed("port", $backend['port'], $_POST['port']); - update_if_changed("extaddr", $backend['extaddr'], $_POST['extaddr']); - update_if_changed("max_connections", $backend['max_connections'], $_POST['max_connections']); - update_if_changed("client_timeout", $backend['client_timeout'], $_POST['client_timeout']); - update_if_changed("advanced", $backend['advanced'], base64_encode($_POST['advanced'])); - - $backend['ha_acls']['item'] = $a_acl; - - if (isset($id) && $a_backend[$id]) { - $a_backend[$id] = $backend; - } else { - $a_backend[] = $backend; - } - - if ($changecount > 0) { - touch($d_haproxyconfdirty_path); - write_config($changedesc); - } - - header("Location: haproxy_frontends.php"); - exit; - } -} - -$pfSversion = str_replace("\n", "", file_get_contents("/etc/version")); -if(strstr($pfSversion, "1.2")) - $one_two = true; - -$pgtitle = "HAProxy: Frontend: Edit"; -include("head.inc"); - -?> - - - - - - -

- -
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - > - - - - > - - - - > - - - - - > - - - - > - - - - > - - - - > - - - - > - - - - - - - - - - - - - - - - - - - - - - - - - - - - -*/ -?> - - - - - - - - - - - - - - - - - -
 
- - -
Edit haproxy backend
Name - size="25" maxlength="25"> -
Description - size="64"> -
Connection timeout - size="64"> -
the time (in milliseconds) we give up if the connection does not complete within (30000).
-
Server timeout - size="64"> -
the time (in milliseconds) we accept to wait for data from the server, or for the server to accept data (30000).
-
Retries - size="64"> -
After a connection failure to a server, it is possible to retry, potentially -on another server. This is useful if health-checks are too rare and you don't -want the clients to see the failures. The number of attempts to reconnect is -set by the 'retries' parameter (2).
-
Type - -
Balance - - - - - - - - - - - - - - - -
- >Round robin - - Each server is used in turns, according to their weights. - This is the smoothest and fairest algorithm when the server's - processing time remains equally distributed. This algorithm - is dynamic, which means that server weights may be adjusted - on the fly for slow starts for instance. -
- >Static Round Robin - - Each server is used in turns, according to their weights. - This algorithm is as similar to roundrobin except that it is - static, which means that changing a server's weight on the - fly will have no effect. On the other hand, it has no design - limitation on the number of servers, and when a server goes - up, it is always immediately reintroduced into the farm, once - the full map is recomputed. It also uses slightly less CPU to - run (around -1%). -
- >Least Connections - - The server with the lowest number of connections receives the - connection. Round-robin is performed within groups of servers - of the same load to ensure that all servers will be used. Use - of this algorithm is recommended where very long sessions are - expected, such as LDAP, SQL, TSE, etc... but is not very well - suited for protocols using short sessions such as HTTP. This - algorithm is dynamic, which means that server weights may be - adjusted on the fly for slow starts for instance. -
>Source - The source IP address is hashed and divided by the total - weight of the running servers to designate which server will - receive the request. This ensures that the same client IP - address will always reach the same server as long as no - server goes down or up. If the hash result changes due to the - number of running servers changing, many clients will be - directed to a different server. This algorithm is generally - used in TCP mode where no cookie may be inserted. It may also - be used on the Internet to provide a best-effort stickyness - to clients which refuse session cookies. This algorithm is - static, which means that changing a server's weight on the - fly will have no effect. -
-
Stats Enabled - onclick='toggle_stats();'>
- EXAMPLE: haproxystats -
Stats Realm - size="64"> -
Stats Uri - size="64">
- EXAMPLE: /haproxy?stats -
Stats Username - size="64"> -
Stats Password - size="64"> -
-
Stats Enable Node Name - > -
-
Stats Node - size="64">
- The node name is displayed in the stats and helps to differentiate which server in a cluster is actually serving clients.
- Leave blank to use the system name. -
Stats Description - size="64">
-
Stats Refresh - size="10" maxlength="30">
- Specify the refresh rate of the stats page in seconds, or specified time unit (us, ms, s, m, h, d). -
Monitor Uri - size="50" maxlength="50"> -
- Example: / or /index.php or /index.html or /testmypage.cgi -
Port - size="30" maxlength="500"> -
The port to listen to. To specify multiple ports, separate with a comma (,). EXAMPLE: 80,443
-
External address - -
- - If you want this rule to apply to another IP address than the IP address of the interface chosen above, - select it here (you need to define Virtual IP addresses on the first). - Also note that if you are trying to redirect connections on the LAN select the "any" option. - -
Max connections - size="10" maxlength="10"> -
Client timeout - size="10" maxlength="10"> -
the time (in milliseconds) we accept to wait for data from the client, or for the client to accept data (30000).
-
Access Control lists - - - - - - - - - - - - - - - -
NameExpressionBackend
- -
- - -
- Fore more information about ACL's please see HAProxy Documentation Section 7 - Using ACL's -
Use 'forwardfor' option - > -
- The 'forwardfor' option creates an HTTP 'X-Forwarded-For' header which - contains the client's IP address. This is useful to let the final web server - know what the client address was (eg for statistics on domains) -
Use 'httpclose' option - > -
- The 'httpclose' option removes any 'Connection' header both ways, and - adds a 'Connection: close' header in each direction. This makes it easier to - disable HTTP keep-alive than the previous 4-rules block. -
Advanced pass thru - -
- NOTE: paste text into this box that you would like to pass thru. -
  - - - - - -
- NOTE: You must add a firewall rule permitting access to this frontend! -
-
-
- - - - diff --git a/config/haproxy/haproxy_global.php b/config/haproxy/haproxy_global.php index b0486fb8..1ef28005 100755 --- a/config/haproxy/haproxy_global.php +++ b/config/haproxy/haproxy_global.php @@ -56,6 +56,9 @@ if ($_POST) { $reqdfieldsn = explode(",", "Maximum connections"); } + if ($_POST['carpdev'] == "disabled") + unset($_POST['carpdev']); + do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); if ($_POST['maxconn'] && (!is_numeric($_POST['maxconn']))) @@ -74,10 +77,13 @@ if ($_POST) { $config['installedpackages']['haproxy']['enablesync'] = $_POST['enablesync'] ? true : false; $config['installedpackages']['haproxy']['synchost1'] = $_POST['synchost1'] ? $_POST['synchost1'] : false; $config['installedpackages']['haproxy']['synchost2'] = $_POST['synchost2'] ? $_POST['synchost2'] : false; - $config['installedpackages']['haproxy']['synchost3'] = $_POST['synchost3'] ? $_POST['synchost3'] : false; + $config['installedpackages']['haproxy']['synchost2'] = $_POST['synchost3'] ? $_POST['synchost3'] : false; $config['installedpackages']['haproxy']['remotesyslog'] = $_POST['remotesyslog'] ? $_POST['remotesyslog'] : false; + $config['installedpackages']['haproxy']['logfacility'] = $_POST['logfacility'] ? $_POST['logfacility'] : false; + $config['installedpackages']['haproxy']['loglevel'] = $_POST['loglevel'] ? $_POST['loglevel'] : false; + $config['installedpackages']['haproxy']['carpdev'] = $_POST['carpdev'] ? $_POST['carpdev'] : false; $config['installedpackages']['haproxy']['syncpassword'] = $_POST['syncpassword'] ? $_POST['syncpassword'] : false; - $config['installedpackages']['haproxy']['advanced'] = $_POST['advanced'] ? base64_encode($_POST['advanced']) : false; + $config['installedpackages']['haproxy']['advanced'] = base64_encode($_POST['advanced']) ? $_POST['advanced'] : false; $config['installedpackages']['haproxy']['nbproc'] = $_POST['nbproc'] ? $_POST['nbproc'] : false; touch($d_haproxyconfdirty_path); write_config(); @@ -94,9 +100,18 @@ $pconfig['synchost1'] = $config['installedpackages']['haproxy']['synchost1']; $pconfig['synchost2'] = $config['installedpackages']['haproxy']['synchost2']; $pconfig['synchost3'] = $config['installedpackages']['haproxy']['synchost3']; $pconfig['remotesyslog'] = $config['installedpackages']['haproxy']['remotesyslog']; +$pconfig['logfacility'] = $config['installedpackages']['haproxy']['logfacility']; +$pconfig['loglevel'] = $config['installedpackages']['haproxy']['loglevel']; +$pconfig['carpdev'] = $config['installedpackages']['haproxy']['carpdev']; $pconfig['advanced'] = base64_decode($config['installedpackages']['haproxy']['advanced']); $pconfig['nbproc'] = $config['installedpackages']['haproxy']['nbproc']; +// defaults +if (!$pconfig['logfacility']) + $pconfig['logfacility'] = 'local0'; +if (!$pconfig['loglevel']) + $pconfig['loglevel'] = 'info'; + $pfSversion = str_replace("\n", "", file_get_contents("/etc/version")); if(strstr($pfSversion, "1.2")) $one_two = true; @@ -133,8 +148,8 @@ function enable_change(enable_change) { /* active tabs */ $tab_array = array(); $tab_array[] = array("Settings", true, "haproxy_global.php"); - $tab_array[] = array("Frontends", false, "haproxy_frontends.php"); - $tab_array[] = array("Servers", false, "haproxy_servers.php"); + $tab_array[] = array("Listener", false, "haproxy_listeners.php"); + $tab_array[] = array("Server Pool", false, "haproxy_pools.php"); display_top_tabs($tab_array); ?> @@ -220,6 +235,75 @@ function enable_change(enable_change) { + + + Syslog facility + + + + + + + + Syslog level + + + + + + + + Carp monitor + + + +
+ Monitor carp interface and only run haproxy on the firewall which is MASTER. + +   diff --git a/config/haproxy/haproxy_listeners.php b/config/haproxy/haproxy_listeners.php new file mode 100755 index 00000000..ef67108b --- /dev/null +++ b/config/haproxy/haproxy_listeners.php @@ -0,0 +1,172 @@ + + Copyright (C) 2008 Remco Hoef + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. +*/ + +require_once("guiconfig.inc"); + +$d_haproxyconfdirty_path = $g['varrun_path'] . "/haproxy.conf.dirty"; + +require_once("haproxy.inc"); + +if (!is_array($config['installedpackages']['haproxy']['ha_backends']['item'])) { + $config['installedpackages']['haproxy']['ha_backends']['item'] = array(); +} +$a_backend = &$config['installedpackages']['haproxy']['ha_backends']['item']; + +if ($_POST) { + $pconfig = $_POST; + + if ($_POST['apply']) { + $retval = 0; + config_lock(); + $retval = haproxy_configure(); + config_unlock(); + $savemsg = get_std_save_message($retval); + unlink_if_exists($d_haproxyconfdirty_path); + } +} + +if ($_GET['act'] == "del") { + if (isset($a_backend[$_GET['id']])) { + if (!$input_errors) { + unset($a_backend[$_GET['id']]); + write_config(); + touch($d_haproxyconfdirty_path); + } + header("Location: haproxy_listeners.php"); + exit; + } +} + +$pfSversion = str_replace("\n", "", file_get_contents("/etc/version")); +if(strstr($pfSversion, "1.2")) + $one_two = true; + +$pgtitle = "Services: HAProxy: Listener"; +include("head.inc"); + +?> + + +
+ +

+ + + +

+You must apply the changes in order for them to take effect.");?>
+ + + + +
+ +
+
+ + + + + + + + + +"; + $textse = ""; + } +?> + + + + + + + + + + + + + +
NameDescriptionAddressTypeServer pool
+ + + + + + + + + + + + + + + + +
+
+ + + + +
+
+
+
+

+ + + diff --git a/config/haproxy/haproxy_listeners_edit.php b/config/haproxy/haproxy_listeners_edit.php new file mode 100755 index 00000000..22be121b --- /dev/null +++ b/config/haproxy/haproxy_listeners_edit.php @@ -0,0 +1,771 @@ + + Copyright (C) 2008 Remco Hoef + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. +*/ + +require("guiconfig.inc"); +require_once("haproxy.inc"); + +function haproxy_acl_select($mode) { + global $a_acltypes; + + $seltext = ''; + foreach ($a_acltypes as $expr) { + if ($expr['mode'] == '' || $expr['mode'] == $mode) + $seltext .= ""; + } + return $seltext; +} + +$d_haproxyconfdirty_path = $g['varrun_path'] . "/haproxy.conf.dirty"; + +if (!is_array($config['installedpackages']['haproxy']['ha_backends']['item'])) { + $config['installedpackages']['haproxy']['ha_backends']['item'] = array(); +} + +$a_backend = &$config['installedpackages']['haproxy']['ha_backends']['item']; +$a_pools = &$config['installedpackages']['haproxy']['ha_pools']['item']; + + +if (isset($_POST['id'])) + $id = $_POST['id']; +else + $id = $_GET['id']; + +if (isset($_GET['dup'])) + $id = $_GET['dup']; + +if (isset($id) && $a_backend[$id]) { + $pconfig['name'] = $a_backend[$id]['name']; + $pconfig['desc'] = $a_backend[$id]['desc']; + $pconfig['status'] = $a_backend[$id]['status']; + $pconfig['connection_timeout'] = $a_backend[$id]['connection_timeout']; + $pconfig['server_timeout'] = $a_backend[$id]['server_timeout']; + $pconfig['retries'] = $a_backend[$id]['retries']; + + $pconfig['type'] = $a_backend[$id]['type']; + $pconfig['balance'] = $a_backend[$id]['balance']; + + $pconfig['forwardfor'] = $a_backend[$id]['forwardfor']; + $pconfig['httpclose'] = $a_backend[$id]['httpclose']; + + $pconfig['stats_enabled'] = $a_backend[$id]['stats_enabled']; + $pconfig['stats_username'] = $a_backend[$id]['stats_username']; + $pconfig['stats_password'] = $a_backend[$id]['stats_password']; + $pconfig['stats_uri'] = $a_backend[$id]['stats_uri']; + $pconfig['stats_realm'] = $a_backend[$id]['stats_realm']; + + $pconfig['type'] = $a_backend[$id]['type']; + $pconfig['extaddr'] = $a_backend[$id]['extaddr']; + $pconfig['pool'] = $a_backend[$id]['pool']; + $pconfig['max_connections'] = $a_backend[$id]['max_connections']; + $pconfig['client_timeout'] = $a_backend[$id]['client_timeout']; + $pconfig['port'] = $a_backend[$id]['port']; + $pconfig['svrport'] = $a_backend[$id]['svrport']; + $pconfig['a_acl']=&$a_backend[$id]['ha_acls']['item']; + $pconfig['advanced'] = base64_decode($a_backend[$id]['advanced']); + +} + +if (isset($_GET['dup'])) + unset($id); + +$changedesc = "Services: HAProxy: Listener"; +$changecount = 0; + +if ($_POST) { + $changecount++; + + unset($input_errors); + $pconfig = $_POST; + + if ($_POST['stats_enabled']) { + $reqdfields = explode(" ", "name connection_timeout server_timeout stats_username stats_password stats_uri stats_realm"); + $reqdfieldsn = explode(",", "Name,Connection timeout,Server timeout,Stats Username,Stats Password,Stats Uri,Stats Realm"); + } else { + $reqdfields = explode(" ", "name connection_timeout server_timeout"); + $reqdfieldsn = explode(",", "Name,Connection timeout,Server timeout"); + } + + do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); + + $reqdfields = explode(" ", "name type port max_connections client_timeout"); + $reqdfieldsn = explode(",", "Name,Type,Port,Max connections,Client timeout"); + + do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); + + if (preg_match("/[^a-zA-Z0-9\.\-_]/", $_POST['name'])) + $input_errors[] = "The field 'Name' contains invalid characters."; + + if (!is_numeric($_POST['connection_timeout'])) + $input_errors[] = "The field 'Connection timeout' value is not a number."; + + if (!is_numeric($_POST['server_timeout'])) + $input_errors[] = "The field 'Server timeout' value is not a number."; + + if (!$_POST['retries'] && is_numeric($_POST['retries'])) + $input_errors[] = "The field 'Retries' value is not a number."; + + if (preg_match("/[^a-zA-Z0-9\.\-_]/", $_POST['stats_username'])) + $input_errors[] = "The field 'Stats Username' contains invalid characters."; + + if (preg_match("/[^a-zA-Z0-9\.\-_]/", $_POST['stats_password'])) + $input_errors[] = "The field 'Stats Password' contains invalid characters."; + + if (!is_numeric($_POST['max_connections'])) + $input_errors[] = "The field 'Max connections' value is not a number."; + + $ports = split(",", $_POST['port'] . ","); + foreach($ports as $port) + if ($port && !is_numeric($port)) + $input_errors[] = "The field 'Port' value is not a number."; + + if (!is_numeric($_POST['client_timeout'])) + $input_errors[] = "The field 'Client timeout' value is not a number."; + + /* Ensure that our pool names are unique */ + for ($i=0; isset($config['installedpackages']['haproxy']['ha_backends']['item'][$i]); $i++) + if (($_POST['name'] == $config['installedpackages']['haproxy']['ha_backends']['item'][$i]['name']) && ($i != $id)) + $input_errors[] = "This listener name has already been used. Listener names must be unique."; + + $a_acl=array(); + $acl_names=array(); + for($x=0; $x<99; $x++) { + $acl_name=$_POST['acl_name'.$x]; + $acl_expression=$_POST['acl_expression'.$x]; + $acl_value=$_POST['acl_value'.$x]; + + if ($acl_name) { + // check for duplicates + if (in_array($acl_name, $acl_names)) { + $input_errors[] = "The name '$acl_name' is duplicate."; + } + + $acl_names[]=$acl_name; + + $acl=array(); + $acl['name']=$acl_name; + $acl['expression']=$acl_expression; + $acl['value']=$acl_value; + $a_acl[]=$acl; + + if (preg_match("/[^a-zA-Z0-9\.\-_]/", $acl_name)) + $input_errors[] = "The field 'Name' contains invalid characters."; + + if (!preg_match("/.{2,}/", $acl_value)) + $input_errors[] = "The field 'Value' is required."; + + if (!preg_match("/.{2,}/", $acl_name)) + $input_errors[] = "The field 'Name' is required."; + + } + } + + $pconfig['a_acl']=$a_acl; + + if (!$input_errors) { + $backend = array(); + if(isset($id) && $a_backend[$id]) + $backend = $a_backend[$id]; + + if($backend['name'] != "") + $changedesc .= " modified '{$backend['name']}' pool:"; + + + update_if_changed("name", $backend['name'], $_POST['name']); + update_if_changed("description", $backend['desc'], $_POST['desc']); + update_if_changed("status", $backend['status'], $_POST['status']); + update_if_changed("connection_timeout", $backend['connection_timeout'], $_POST['connection_timeout']); + update_if_changed("server_timeout", $backend['server_timeout'], $_POST['server_timeout']); + update_if_changed("retries", $backend['retries'], $_POST['retries']); + update_if_changed("type", $backend['type'], $_POST['type']); + update_if_changed("balance", $backend['balance'], $_POST['balance']); + update_if_changed("cookie_name", $backend['cookie_name'], $_POST['cookie_name']); + update_if_changed("forwardfor", $backend['forwardfor'], $_POST['forwardfor']); + update_if_changed("httpclose", $backend['httpclose'], $_POST['httpclose']); + update_if_changed("stats_enabled", $backend['stats_enabled'], $_POST['stats_enabled']); + update_if_changed("stats_username", $backend['stats_username'], $_POST['stats_username']); + update_if_changed("stats_password", $backend['stats_password'], $_POST['stats_password']); + update_if_changed("stats_uri", $backend['stats_uri'], $_POST['stats_uri']); + update_if_changed("stats_realm", $backend['stats_realm'], $_POST['stats_realm']); + update_if_changed("type", $backend['type'], $_POST['type']); + update_if_changed("port", $backend['port'], $_POST['port']); + update_if_changed("svrport", $backend['svrport'], $_POST['svrport']); + update_if_changed("extaddr", $backend['extaddr'], $_POST['extaddr']); + update_if_changed("pool", $backend['pool'], $_POST['pool']); + update_if_changed("max_connections", $backend['max_connections'], $_POST['max_connections']); + update_if_changed("client_timeout", $backend['client_timeout'], $_POST['client_timeout']); + update_if_changed("advanced", $backend['advanced'], base64_encode($_POST['advanced'])); + + $backend['ha_acls']['item'] = $a_acl; + + if (isset($id) && $a_backend[$id]) { + $a_backend[$id] = $backend; + } else { + $a_backend[] = $backend; + } + + if ($changecount > 0) { + touch($d_haproxyconfdirty_path); + write_config($changedesc); + } + + header("Location: haproxy_listeners.php"); + exit; + } +} + +$pfSversion = str_replace("\n", "", file_get_contents("/etc/version")); +if(strstr($pfSversion, "1.2")) + $one_two = true; + +$pgtitle = "HAProxy: Listener: Edit"; +include("head.inc"); + +?> + + + + + + + + + + +

+ +
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Edit haproxy listener
Name + size="25" maxlength="25"> +
Description + size="64"> +
Status + +
External address + +
+ + If you want this rule to apply to another IP address than the IP address of the interface chosen above, + select it here (you need to define Virtual IP addresses on the first). + Also note that if you are trying to redirect connections on the LAN select the "any" option. + +
External port + size="10" maxlength="10"> +
The port to listen to. To specify multiple ports, separate with a comma (,). EXAMPLE: 80,443
+
Server pool + +
Server Port + size="10" maxlength="10"> +
The default server port.
+
Type + +
Access Control lists + + + + + + + + + > + + + + + + +
NameExpressionValue
+ + + + +
+ + + +
+
+ + +
+ For more information about ACL's please see HAProxy Documentation Section 7 - Using ACL's +
+ + + + + + + + + + + + + + + + + + + + + + + + + > + + + + > + + + + > + + + + + > + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
 
+ + +
Advanced settings
Connection timeout + size="64"> +
the time (in milliseconds) we give up if the connection does not complete within (30000).
+
Server timeout + size="64"> +
the time (in milliseconds) we accept to wait for data from the server, or for the server to accept data (30000).
+
Retries + size="64"> +
After a connection failure to a server, it is possible to retry, potentially +on another server. This is useful if health-checks are too rare and you don't +want the clients to see the failures. The number of attempts to reconnect is +set by the 'retries' parameter (2).
+
Balance + + + + + + + +
+ >Round robin + + Each server is used in turns, according to their weights. + This is the smoothest and fairest algorithm when the server's + processing time remains equally distributed. This algorithm + is dynamic, which means that server weights may be adjusted + on the fly for slow starts for instance. +
>Source + The source IP address is hashed and divided by the total + weight of the running servers to designate which server will + receive the request. This ensures that the same client IP + address will always reach the same server as long as no + server goes down or up. If the hash result changes due to the + number of running servers changing, many clients will be + directed to a different server. This algorithm is generally + used in TCP mode where no cookie may be inserted. It may also + be used on the Internet to provide a best-effort stickyness + to clients which refuse session cookies. This algorithm is + static, which means that changing a server's weight on the + fly will have no effect. +
+
Stats Enabled + onclick='toggle_stats();'>
+ EXAMPLE: haproxystats +
Stats Realm + size="64"> +
Stats Uri + size="64">
+ EXAMPLE: /haproxy?stats +
Stats Username + size="64"> +
Stats Password + size="64"> +
+
Max connections + size="10" maxlength="10"> +
Client timeout + size="10" maxlength="10"> +
the time (in milliseconds) we accept to wait for data from the client, or for the client to accept data (30000).
+
Use 'forwardfor' option + > +
+ The 'forwardfor' option creates an HTTP 'X-Forwarded-For' header which + contains the client's IP address. This is useful to let the final web server + know what the client address was (eg for statistics on domains) +
Use 'httpclose' option + > +
+ The 'httpclose' option removes any 'Connection' header both ways, and + adds a 'Connection: close' header in each direction. This makes it easier to + disable HTTP keep-alive than the previous 4-rules block. +
Advanced pass thru + +
+ NOTE: paste text into this box that you would like to pass thru. +
  + + + + + +
+ NOTE: You must add a firewall rule permitting access to this frontend! +
+
+
+ + + + diff --git a/config/haproxy/haproxy_pool_edit.php b/config/haproxy/haproxy_pool_edit.php new file mode 100755 index 00000000..d25f0675 --- /dev/null +++ b/config/haproxy/haproxy_pool_edit.php @@ -0,0 +1,494 @@ + + Copyright (C) 2008 Remco Hoef + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. +*/ + +require("guiconfig.inc"); + +$d_haproxyconfdirty_path = $g['varrun_path'] . "/haproxy.conf.dirty"; + +if (!is_array($config['installedpackages']['haproxy']['ha_pools']['item'])) { + $config['installedpackages']['haproxy']['ha_pools']['item'] = array(); +} + +$a_pools = &$config['installedpackages']['haproxy']['ha_pools']['item']; + +if (isset($_POST['id'])) + $id = $_POST['id']; +else + $id = $_GET['id']; + +if (isset($_GET['dup'])) + $id = $_GET['dup']; + +if (isset($id) && $a_pools[$id]) { + $pconfig['name'] = $a_pools[$id]['name']; + $pconfig['checkinter'] = $a_pools[$id]['checkinter']; + $pconfig['monitor_uri'] = $a_pools[$id]['monitor_uri']; + $pconfig['cookie'] = $a_pools[$id]['cookie']; + $pconfig['advanced'] = base64_decode($a_pools[$id]['advanced']); + $pconfig['a_servers']=&$a_pools[$id]['ha_servers']['item']; +} + +if (isset($_GET['dup'])) + unset($id); + +$changedesc = "Services: HAProxy: pools: "; +$changecount = 0; + +if ($_POST) { + $changecount++; + + unset($input_errors); + $pconfig = $_POST; + + $reqdfields = explode(" ", "name"); + $reqdfieldsn = explode(",", "Name"); + + do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); + + if (preg_match("/[^a-zA-Z0-9\.\-_]/", $_POST['name'])) + $input_errors[] = "The field 'Name' contains invalid characters."; + + /* Ensure that our pool names are unique */ + for ($i=0; isset($config['installedpackages']['haproxy']['ha_pools']['item'][$i]); $i++) + if (($_POST['name'] == $config['installedpackages']['haproxy']['ha_pools']['item'][$i]['name']) && ($i != $id)) + $input_errors[] = "This pool name has already been used. Pool names must be unique."; + + $a_servers=array(); + for($x=0; $x<99; $x++) { + $server_name=$_POST['server_name'.$x]; + $server_address=$_POST['server_address'.$x]; + $server_port=$_POST['server_port'.$x]; + $server_weight=$_POST['server_weight'.$x]; + $server_backup=$_POST['server_backup'.$x]; + + if ($server_address) { + + $server=array(); + $server['name']=$server_name; + $server['address']=$server_address; + $server['port']=$server_port; + $server['weight']=$server_weight; + $server['backup']=$server_backup; + $a_servers[]=$server; + + if (preg_match("/[^a-zA-Z0-9\.\-_]/", $server_name)) + $input_errors[] = "The field 'Name' contains invalid characters."; + if (preg_match("/[^a-zA-Z0-9\.\-_]/", $server_address)) + $input_errors[] = "The field 'Address' contains invalid characters."; + + if (!preg_match("/.{2,}/", $server_name)) + $input_errors[] = "The field 'Name' is required."; + + if (!preg_match("/.{2,}/", $server_address)) + $input_errors[] = "The field 'Address' is required."; + + if (!preg_match("/.{2,}/", $server_weight)) + $input_errors[] = "The field 'Weight' is required."; + + if (!is_numeric($server_weight)) + $input_errors[] = "The field 'Weight' value is not a number."; + if ($server_port && !is_numeric($server_port)) + $input_errors[] = "The field 'Port' value is not a number."; + } + } + + if (!$input_errors) { + $pool = array(); + if(isset($id) && $a_pools[$id]) + $pool = $a_pools[$id]; + + if ($pool['name'] != $_POST['name']) { + // name changed: + if (!is_array($config['installedpackages']['haproxy']['ha_backends']['item'])) { + $config['installedpackages']['haproxy']['ha_backends']['item'] = array(); + } + $a_backend = &$config['installedpackages']['haproxy']['ha_backends']['item']; + + for ( $i = 0; $i < count($a_backend); $i++) { + if ($a_backend[$i]['pool'] == $pool['name']) + $a_backend[$i]['pool'] = $_POST['name']; + } + } + + if($pool['name'] != "") + $changedesc .= " modified '{$pool['name']}' pool:"; + + $pool['ha_servers']['item']=$a_servers; + + update_if_changed("name", $pool['name'], $_POST['name']); + update_if_changed("cookie", $pool['cookie'], $_POST['cookie']); + update_if_changed("advanced", $pool['advanced'], base64_encode($_POST['advanced'])); + update_if_changed("checkinter", $pool['checkinter'], $_POST['checkinter']); + update_if_changed("monitor_uri", $pool['monitor_uri'], $_POST['monitor_uri']); + + if (isset($id) && $a_pools[$id]) { + $a_pools[$id] = $pool; + } else { + $a_pools[] = $pool; + } + + if ($changecount > 0) { + touch($d_haproxyconfdirty_path); + write_config($changedesc); + /* + echo "
";
+			print_r($config);
+			echo "
"; + */ + } + + header("Location: haproxy_pools.php"); + exit; + } + $pconfig['a_servers']=&$a_pools[$id]['ha_servers']['item']; +} + +$pfSversion = str_replace("\n", "", file_get_contents("/etc/version")); +if(strstr($pfSversion, "1.2")) + $one_two = true; + +$pgtitle = "HAProxy: pool: Edit"; +include("head.inc"); + +row_helper(); + +?> + + + + + + + + + + + +

+ +
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Edit HAProxy pool
Name + size="16" maxlength="16"> +
Cookie + size="64">
+ This value will be checked in incoming requests, and the first + operational pool possessing the same value will be selected. In return, in + cookie insertion or rewrite modes, this value will be assigned to the cookie + sent to the client. There is nothing wrong in having several servers sharing + the same cookie value, and it is in fact somewhat common between normal and + backup servers. See also the "cookie" keyword in backend section. + +
Server list
+ + + + + + + + + + + + + + + + + + + + + + + + + + + +
NameAddressPortWeightBackup
+ + +
+ + + +
+
+ + + +
Check freq + size="20"> milliseconds +
Defaults to 1000 if left blank. +
Health check URI + size="64"> +
Defaults to / if left blank. +
Advanced pass thru + +
+ NOTE: paste text into this box that you would like to pass thru. +
  + + + + + +
+
+
+ + + + + + +// Global Variables +var rowname = new Array(99); +var rowtype = new Array(99); +var newrow = new Array(99); +var rowsize = new Array(99); + +for (i = 0; i < 99; i++) { + rowname[i] = ''; + rowtype[i] = ''; + newrow[i] = ''; + rowsize[i] = '25'; +} + +var field_counter_js = 0; +var loaded = 0; +var is_streaming_progress_bar = 0; +var temp_streaming_text = ""; + +var addRowTo = (function() { + return (function (tableId) { + var d, tbody, tr, td, bgc, i, ii, j; + var btable, btbody, btr, btd; + + d = document; + tbody = d.getElementById(tableId).getElementsByTagName("tbody").item(0); + tr = d.createElement("tr"); + totalrows++; + for (i = 0; i < field_counter_js; i++) { + td = d.createElement("td"); + if(rowtype[i] == 'textbox') { + td.innerHTML=" "; + } else if(rowtype[i] == 'select') { + td.innerHTML=" "; + } else { + td.innerHTML=" "; + } + td.setAttribute("class","vtable"); + tr.appendChild(td); + } + td = d.createElement("td"); + td.rowSpan = "1"; + td.setAttribute("class","list"); + + // Recreate the button table. + btable = document.createElement("table"); + btable.setAttribute("border", "0"); + btable.setAttribute("cellspacing", "0"); + btable.setAttribute("cellpadding", "1"); + btbody = document.createElement("tbody"); + btr = document.createElement("tr"); + btd = document.createElement("td"); + btd.setAttribute("valign", "middle"); + btd.innerHTML = ''; + btr.appendChild(btd); + btd = document.createElement("td"); + btd.setAttribute("valign", "middle"); + btd.innerHTML = '"; + btr.appendChild(btd); + btbody.appendChild(btr); + btable.appendChild(btbody); + + td.appendChild(btable); + tr.appendChild(td); + tbody.appendChild(tr); + }); +})(); + +function dupRow(rowId, tableId) { + var dupEl; + var newEl; + + addRowTo(tableId); + for (i = 0; i < field_counter_js; i++) { + dupEl = document.getElementById(rowname[i] + rowId); + newEl = document.getElementById(rowname[i] + totalrows); + if (dupEl && newEl) + if(rowtype[i] == 'checkbox') + newEl.checked = dupEl.checked; + else + newEl.value = dupEl.value; + } +} + +function removeRow(el) { + var cel; + // Break out of one table first + while (el && el.nodeName.toLowerCase() != "table") + el = el.parentNode; + while (el && el.nodeName.toLowerCase() != "tr") + el = el.parentNode; + + if (el && el.parentNode) { + cel = el.getElementsByTagName("td").item(0); + el.parentNode.removeChild(el); + } +} +function editRow(num) { + var trview = document.getElementById('tr_view_' + num); + var tredit = document.getElementById('tr_edit_' + num); + + trview.style.display='none'; + tredit.style.display=''; +} + +function find_unique_field_name(field_name) { + // loop through field_name and strip off -NUMBER + var last_found_dash = 0; + for (var i = 0; i < field_name.length; i++) { + // is this a dash, if so, update + // last_found_dash + if (field_name.substr(i,1) == "-" ) + last_found_dash = i; + } + if (last_found_dash < 1) + return field_name; + return(field_name.substr(0,last_found_dash)); +} + + +EOF; + +} + +?> diff --git a/config/haproxy/haproxy_pools.php b/config/haproxy/haproxy_pools.php new file mode 100755 index 00000000..c5adc70b --- /dev/null +++ b/config/haproxy/haproxy_pools.php @@ -0,0 +1,169 @@ + + Copyright (C) 2008 Remco Hoef + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. +*/ + +require_once("guiconfig.inc"); +require_once("haproxy.inc"); + +$d_haproxyconfdirty_path = $g['varrun_path'] . "/haproxy.conf.dirty"; + +if (!is_array($config['installedpackages']['haproxy']['ha_pools']['item'])) { + $config['installedpackages']['haproxy']['ha_pools']['item'] = array(); +} +if (!is_array($config['installedpackages']['haproxy']['ha_backends']['item'])) { + $config['installedpackages']['haproxy']['ha_backends']['item'] = array(); +} + +$a_pools = &$config['installedpackages']['haproxy']['ha_pools']['item']; +$a_backends = &$config['installedpackages']['haproxy']['ha_backends']['item']; + +if ($_POST) { + $pconfig = $_POST; + + if ($_POST['apply']) { + $retval = 0; + config_lock(); + $retval = haproxy_configure(); + config_unlock(); + $savemsg = get_std_save_message($retval); + unlink_if_exists($d_haproxyconfdirty_path); + } +} + +if ($_GET['act'] == "del") { + if (isset($a_pools[$_GET['id']])) { + unset($a_pools[$_GET['id']]); + write_config(); + touch($d_haproxyconfdirty_path); + } + header("Location: haproxy_pools.php"); + exit; +} + +$pfSversion = str_replace("\n", "", file_get_contents("/etc/version")); +if(strstr($pfSversion, "1.2")) + $one_two = true; + +$pgtitle = "Services: HAProxy: Server pools"; +include("head.inc"); + +?> + + + +

+ +
+ + +

+You must apply the changes in order for them to take effect.");?>
+ + + + +
+ +
+
+ + + + + + + +"; + $textse = ""; + } + if (is_array($pool['ha_servers']['item'])) + $count = count($pool['ha_servers']['item']); + else + $count = 0; +?> + + + + + + + + + + + +
NameServersListener
+ + + + + + + + + + + + +
+
+ + + + +
+
+
+
+

+ + + diff --git a/config/haproxy/haproxy_servers.php b/config/haproxy/haproxy_servers.php deleted file mode 100755 index cacf995a..00000000 --- a/config/haproxy/haproxy_servers.php +++ /dev/null @@ -1,169 +0,0 @@ - - Copyright (C) 2008 Remco Hoef - All rights reserved. - - Redistribution and use in source and binary forms, with or without - modification, are permitted provided that the following conditions are met: - - 1. Redistributions of source code must retain the above copyright notice, - this list of conditions and the following disclaimer. - - 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. - - THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY - AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, - OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. -*/ - -require_once("guiconfig.inc"); -require_once("haproxy.inc"); - -$d_haproxyconfdirty_path = $g['varrun_path'] . "/haproxy.conf.dirty"; - -if (!is_array($config['installedpackages']['haproxy']['ha_servers']['item'])) { - $config['installedpackages']['haproxy']['ha_servers']['item'] = array(); -} - -$a_server = &$config['installedpackages']['haproxy']['ha_servers']['item']; -$a_backends = &$config['installedpackages']['haproxy']['ha_backends']['item']; - -if ($_POST) { - $pconfig = $_POST; - - if ($_POST['apply']) { - $retval = 0; - config_lock(); - $retval = haproxy_configure(); - config_unlock(); - $savemsg = get_std_save_message($retval); - unlink_if_exists($d_haproxyconfdirty_path); - } -} - -if ($_GET['act'] == "del") { - if ($a_server[$_GET['id']]) { - if (!$input_errors) { - unset($a_server[$_GET['id']]); - write_config(); - touch($d_haproxyconfdirty_path); - header("Location: haproxy_servers.php"); - exit; - } - } -} - -$pfSversion = str_replace("\n", "", file_get_contents("/etc/version")); -if(strstr($pfSversion, "1.2")) - $one_two = true; - -$pgtitle = "Services: HAProxy: Servers"; -include("head.inc"); - -?> - - - -

- -
- - -

-You must apply the changes in order for them to take effect.");?>
- - - - -
- -
-
- - - - - - - - - - - - - - - - - - - - - - - - - -
NameServerStatusFrontendCookieWeight
- - - - - - - - - - - - - - - - - - -
-
- - - - -
-
-
-
-

- - - diff --git a/config/haproxy/haproxy_servers_edit.php b/config/haproxy/haproxy_servers_edit.php deleted file mode 100755 index a4360b04..00000000 --- a/config/haproxy/haproxy_servers_edit.php +++ /dev/null @@ -1,435 +0,0 @@ - - Copyright (C) 2008 Remco Hoef - All rights reserved. - - Redistribution and use in source and binary forms, with or without - modification, are permitted provided that the following conditions are met: - - 1. Redistributions of source code must retain the above copyright notice, - this list of conditions and the following disclaimer. - - 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. - - THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY - AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - AUTHOR BE LIABLE FOR ANY DIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, - OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. -*/ - -require("guiconfig.inc"); - -$d_haproxyconfdirty_path = $g['varrun_path'] . "/haproxy.conf.dirty"; -$a_backend = &$config['installedpackages']['haproxy']['ha_backends']['item']; - -if (!is_array($config['installedpackages']['haproxy']['ha_servers']['item'])) { - $config['installedpackages']['haproxy']['ha_servers']['item'] = array(); -} - -$a_server = &$config['installedpackages']['haproxy']['ha_servers']['item']; - -if (isset($_POST['id'])) - $id = $_POST['id']; -else - $id = $_GET['id']; - -if (isset($id) && $a_server[$id]) { - $pconfig['name'] = $a_server[$id]['name']; - $pconfig['address'] = $a_server[$id]['address']; - $pconfig['port'] = $a_server[$id]['port']; - $pconfig['backend'] = $a_server[$id]['backend']; - $pconfig['weight'] = $a_server[$id]['weight']; - $pconfig['checkinter'] = $a_server[$id]['checkinter']; - $pconfig['cookie'] = $a_server[$id]['cookie']; - $pconfig['status'] = $a_server[$id]['status']; - $pconfig['advanced'] = base64_decode($a_server[$id]['advanced']); -} - -$changedesc = "Services: HAProxy: Servers: "; -$changecount = 0; - -if ($_POST) { - $changecount++; - - unset($input_errors); - $pconfig = $_POST; - - $reqdfields = explode(" ", "name address weight"); - $reqdfieldsn = explode(",", "Name,Address,Weight"); - - do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); - - if (preg_match("/[^a-zA-Z0-9\.\-_]/", $_POST['name'])) - $input_errors[] = "The field 'Name' contains invalid characters."; - - if (preg_match("/[^a-zA-Z0-9\.]/", $_POST['address'])) - $input_errors[] = "The field 'Address' contains invalid characters."; - - if (preg_match("/[^a-zA-Z0-9\.\-_]/", $_POST['cookie'])) - $input_errors[] = "The field 'Cookie' contains invalid characters."; - - if ($_POST['port'] && !is_numeric($_POST['port'])) - $input_errors[] = "The field 'Port' value is not a number."; - else { - if ($_POST['port']) - if (!($_POST['port']>=1 && $_POST['port']<=65535)) - $input_errors[] = "The field 'Port' value must be between 1 and 65535."; - } - - if (!is_numeric($_POST['weight'])) - $input_errors[] = "The field 'Weight' value is not a number."; - else { - if (!($_POST['weight']>=1 && $_POST['weight']<=256)) - $input_errors[] = "The field 'Weight' value must be between 1 and 256."; - } - - /* Ensure that our pool names are unique */ - for ($i=0; isset($config['installedpackages']['haproxy']['ha_servers']['item'][$i]); $i++) - if (($_POST['name'] == $config['installedpackages']['haproxy']['ha_servers']['item'][$i]['name']) && ($i != $id)) - $input_errors[] = "This server name has already been used. Server names must be unique."; - - $backend = ""; - for($x=0; $x<299; $x++) { - $comd = "\$backends = \$_POST['backend" . $x . "'];"; - eval($comd); - if($backends) - $backend .= "$backends "; - } - $backend = trim($backend); - - if (!$input_errors) { - $server = array(); - if(isset($id) && $a_server[$id]) - $server = $a_server[$id]; - - if($server['name'] != "") - $changedesc .= " modified '{$server['name']}' pool:"; - - update_if_changed("name", $server['name'], $_POST['name']); - update_if_changed("port", $server['port'], $_POST['port']); - update_if_changed("backend", $server['backend'], $backend); - update_if_changed("cookie", $server['cookie'], $_POST['cookie']); - update_if_changed("weight", $server['weight'], $_POST['weight']); - update_if_changed("status", $server['status'], $_POST['status']); - update_if_changed("address", $server['address'], $_POST['address']); - update_if_changed("advanced", $server['advanced'], base64_encode($_POST['advanced'])); - update_if_changed("checkinter", $server['checkinter'], $_POST['checkinter']); - - if (isset($id) && $a_server[$id]) { - $a_server[$id] = $server; - } else { - $a_server[] = $server; - } - - if ($changecount > 0) { - touch($d_haproxyconfdirty_path); - write_config($changedesc); - /* - echo "
";
-			print_r($config);
-			echo "
"; - */ - } - - header("Location: haproxy_servers.php"); - exit; - } -} - -$pfSversion = str_replace("\n", "", file_get_contents("/etc/version")); -if(strstr($pfSversion, "1.2")) - $one_two = true; - -$pgtitle = "HAProxy: Server: Edit"; -include("head.inc"); - -row_helper(); - -?> - - - - - - - - - - - -

- -
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Edit HAProxy server
Name - size="16" maxlength="16"> -
Frontend(s) - - - - - - 0) - $tracker = $counter + 1; - ?> - - - - - - - - -
- - - 0) - echo ""; - ?> -
- - - -
-
- IP Address -
- 		- -
Port - size="5"> -
- NOTE: Leave blank to use Frontend port selection. -
Status - -
Cookie - size="64">
- This value will be checked in incoming requests, and the first - operational server possessing the same value will be selected. In return, in - cookie insertion or rewrite modes, this value will be assigned to the cookie - sent to the client. There is nothing wrong in having several servers sharing - the same cookie value, and it is in fact somewhat common between normal and - backup servers. See also the "cookie" keyword in backend section. - -
Check inter - size="64"> -
Defaults to 1000 if left blank. -
Weight - size="64">
- The default weight is 1, and the maximal value is 255.
- NOTE: If this - parameter is used to distribute the load according to server's capacity, it - is recommended to start with values which can both grow and shrink, for - instance between 10 and 100 to leave enough room above and below for later - adjustments. -
Advanced pass thru - -
- NOTE: paste text into this box that you would like to pass thru. -
  - - - - - -
-
-
- - - - - -"; - $options .= $backend['name']; - $options .= ""; - } - } - - echo << -// Global Variables -var rowname = new Array(99); -var rowtype = new Array(99); -var newrow = new Array(99); -var rowsize = new Array(99); - -for (i = 0; i < 99; i++) { - rowname[i] = ''; - rowtype[i] = ''; - newrow[i] = ''; - rowsize[i] = '25'; -} - -var field_counter_js = 0; -var loaded = 0; -var is_streaming_progress_bar = 0; -var temp_streaming_text = ""; - -var addRowTo = (function() { - return (function (tableId) { - var d, tbody, tr, td, bgc, i, ii, j; - d = document; - tbody = d.getElementById(tableId).getElementsByTagName("tbody").item(0); - tr = d.createElement("tr"); - totalrows++; - for (i = 0; i < field_counter_js; i++) { - td = d.createElement("td"); - if(rowtype[i] == 'textbox') { - td.innerHTML=" "; - } else if(rowtype[i] == 'select') { - td.innerHTML=" "; - } else { - td.innerHTML=" "; - } - tr.appendChild(td); - } - td = d.createElement("td"); - td.rowSpan = "1"; - - td.innerHTML = ''; - tr.appendChild(td); - tbody.appendChild(tr); - }); -})(); - -function removeRow(el) { - var cel; - while (el && el.nodeName.toLowerCase() != "tr") - el = el.parentNode; - - if (el && el.parentNode) { - cel = el.getElementsByTagName("td").item(0); - el.parentNode.removeChild(el); - } -} - -function find_unique_field_name(field_name) { - // loop through field_name and strip off -NUMBER - var last_found_dash = 0; - for (var i = 0; i < field_name.length; i++) { - // is this a dash, if so, update - // last_found_dash - if (field_name.substr(i,1) == "-" ) - last_found_dash = i; - } - if (last_found_dash < 1) - return field_name; - return(field_name.substr(0,last_found_dash)); -} - - -EOF; - -} - -?> \ No newline at end of file -- cgit v1.2.3