From 8884bc0fe5f8b274d9498f600ec5287acbe87694 Mon Sep 17 00:00:00 2001 From: PiBa-NL Date: Wed, 27 Nov 2013 23:47:18 +0100 Subject: haproxy-devel, -made more consistent use of frontend/backend text -show hints on add/delete/clone buttons -on frontend page show servers in a backend in a hint on the backend -fix html character display in interface box. -small 'config update' to externeladdress field for localhost/any/interfaceaddress to allow for a little easier update to latest version. -trigger 'apply button' after recalculating certificate chain if a reference was changed. --- config/haproxy-devel/haproxy.inc | 25 ++++++++++++++++++++++- config/haproxy-devel/haproxy_global.php | 8 +++++--- config/haproxy-devel/haproxy_listeners.php | 27 +++++++++++++++++-------- config/haproxy-devel/haproxy_listeners_edit.php | 9 ++++++--- config/haproxy-devel/haproxy_pool_edit.php | 12 +++++------ config/haproxy-devel/haproxy_pools.php | 16 +++++++-------- config/haproxy-devel/haproxy_utils.inc | 6 ++++-- 7 files changed, 72 insertions(+), 31 deletions(-) (limited to 'config') diff --git a/config/haproxy-devel/haproxy.inc b/config/haproxy-devel/haproxy.inc index 4da961de..f768ef01 100644 --- a/config/haproxy-devel/haproxy.inc +++ b/config/haproxy-devel/haproxy.inc @@ -281,6 +281,18 @@ EOD; $bind['httpclose'] = "httpclose"; $writeconfigupdate = true; } + if (!$bind['extaddr']){ + $bind['extaddr'] = "wan_ipv4"; + $writeconfigupdate = true; + } + if ($bind['extaddr'] == "localhost"){ + $bind['extaddr'] = "localhost_ipv4"; + $writeconfigupdate = true; + } + if ($bind['extaddr'] == "any"){ + $bind['extaddr'] = "any_ipv4"; + $writeconfigupdate = true; + } } } if ($writeconfigupdate) @@ -721,7 +733,7 @@ function haproxy_writeconf($configfile) { fwrite ($fd, "\ttimeout client\t\t" . $bind['client_timeout'] . "\n"); - // Combine the rest of the listener configs + // Combine the rest of the frontend configs $default_backend = ""; $i = 0; foreach ($bind['config'] as $bconfig) { @@ -1124,6 +1136,17 @@ function get_frontend_acls($frontend) { return $result; } +function get_backend($name) { + global $config; + $a_backend = &$config['installedpackages']['haproxy']['ha_pools']['item']; + foreach($a_backend as $key => $backend) + { + if ($backend['name'] == $name) + return $backend; + } + return null; +} + function haproxy_escapestring($configurationsting) { $result = str_replace('\\', '\\\\', $configurationsting); $result = str_replace(' ', '\\ ', $result); diff --git a/config/haproxy-devel/haproxy_global.php b/config/haproxy-devel/haproxy_global.php index 0ff0e10e..1a540b4f 100755 --- a/config/haproxy-devel/haproxy_global.php +++ b/config/haproxy-devel/haproxy_global.php @@ -43,7 +43,9 @@ if ($_POST) { $pconfig = $_POST; if ($_POST['calculate_certificate_chain']) { - haproxy_recalculate_certifcate_chain(); + $changed = haproxy_recalculate_certifcate_chain(); + if ($changed > 0) + touch($d_haproxyconfdirty_path); } else if ($_POST['apply']) { $result = haproxy_check_and_run($savemsg, true); @@ -148,8 +150,8 @@ function enable_change(enable_change) { /* active tabs */ $tab_array = array(); $tab_array[] = array("Settings", true, "haproxy_global.php"); - $tab_array[] = array("Listener", false, "haproxy_listeners.php"); - $tab_array[] = array("Server Pool", false, "haproxy_pools.php"); + $tab_array[] = array("Frontend", false, "haproxy_listeners.php"); + $tab_array[] = array("Backend", false, "haproxy_pools.php"); display_top_tabs($tab_array); ?> diff --git a/config/haproxy-devel/haproxy_listeners.php b/config/haproxy-devel/haproxy_listeners.php index 397cef5c..f6325255 100644 --- a/config/haproxy-devel/haproxy_listeners.php +++ b/config/haproxy-devel/haproxy_listeners.php @@ -72,7 +72,7 @@ $pfSversion = str_replace("\n", "", file_get_contents("/etc/version")); if(strstr($pfSversion, "1.2")) $one_two = true; -$pgtitle = "Services: HAProxy: Listener"; +$pgtitle = "Services: HAProxy: Frontends"; include("head.inc"); ?> @@ -93,8 +93,8 @@ include("head.inc"); /* active tabs */ $tab_array = array(); $tab_array[] = array("Settings", false, "haproxy_global.php"); - $tab_array[] = array("Listener", true, "haproxy_listeners.php"); - $tab_array[] = array("Server Pool", false, "haproxy_pools.php"); + $tab_array[] = array("Frontend", true, "haproxy_listeners.php"); + $tab_array[] = array("Backend", false, "haproxy_pools.php"); display_top_tabs($tab_array); ?> @@ -109,7 +109,7 @@ include("head.inc"); Description Address Type - Server pool + Backend Parent @@ -171,6 +171,15 @@ include("head.inc"); if ($isadvset) echo ""; + $backend_serverpool = $frontend['backend_serverpool']; + $backend = get_backend($backend_serverpool ); + $servers = $backend['ha_servers']['item']; + $backend_serverpool_hint = gettext("Servers in pool:"); + if (is_array($servers)){ + foreach($servers as $server){ + $backend_serverpool_hint .= "\n".$server['address'].":".$server['port']; + } + } ?> @@ -186,7 +195,9 @@ include("head.inc"); +
+
@@ -194,9 +205,9 @@ include("head.inc"); - - - + + +
" width="17" height="17" border="0">" width="17" height="17" border="0">" width="17" height="17" border="0">
@@ -209,7 +220,7 @@ include("head.inc"); - +
" width="17" height="17" border="0">
diff --git a/config/haproxy-devel/haproxy_listeners_edit.php b/config/haproxy-devel/haproxy_listeners_edit.php index 98fba74a..840dc82c 100644 --- a/config/haproxy-devel/haproxy_listeners_edit.php +++ b/config/haproxy-devel/haproxy_listeners_edit.php @@ -327,7 +327,7 @@ $interfaces = haproxy_get_bindable_interfaces(); else seltext = ""; if (seltext == '') { - alert("No ACL types available in current listener mode"); + alert("No ACL types available in current frontend type"); return; } @@ -570,7 +570,7 @@ $interfaces = haproxy_get_bindable_interfaces(); External port - size="30" maxlength="500"> + size="10" maxlength="500">
The port to listen to. To specify multiple ports, separate with a comma (,). EXAMPLE: 80,443
@@ -734,7 +734,10 @@ $interfaces = haproxy_get_bindable_interfaces(); onclick="updatevisibility();">Use Offloading
- The SSL Offloading will reduce web servers load by encrypt data to users on internet and send it without encrytion to internal servers. + SSL Offloading will reduce web servers load by maintaining and encrypting connection with users on internet while sending and retrieving data without encrytion to internal servers. + Also more ACL rules and http logging may be configured when this option is used. + Certificates can be imported into the pfSense "Certificate Authority Manager" + Please be aware this will not be possible work with all web applications. Some applictions will require setting the SSL checkbox on the backend server configurations so the connection to the webserver will also be a encrypted connection, in that case their will be a slight overall performance loss. diff --git a/config/haproxy-devel/haproxy_pool_edit.php b/config/haproxy-devel/haproxy_pool_edit.php index 92f4177e..312d6ecc 100644 --- a/config/haproxy-devel/haproxy_pool_edit.php +++ b/config/haproxy-devel/haproxy_pool_edit.php @@ -68,7 +68,7 @@ if (isset($id) && $a_pools[$id]) { if (isset($_GET['dup'])) unset($id); -$changedesc = "Services: HAProxy: pools: "; +$changedesc = "Services: HAProxy: Backend server pool: "; $changecount = 0; if ($_POST) { @@ -216,7 +216,7 @@ $pfSversion = str_replace("\n", "", file_get_contents("/etc/version")); if(strstr($pfSversion, "1.2")) $one_two = true; -$pgtitle = "HAProxy: Backend: Edit"; +$pgtitle = "HAProxy: Backend server pool: Edit"; include("head.inc"); row_helper(); @@ -320,7 +320,7 @@ foreach($simplefields as $field){
- + @@ -616,21 +616,21 @@ FLUSH PRIVILEGES; @@ -102,7 +102,7 @@ include("head.inc"); - +
Edit HAProxy poolEdit HAProxy Backend server pool
Name
Connection timeout - size="64"> + size="20">
the time (in milliseconds) we give up if the connection does not complete within (default 30000).
Server timeout - size="64"> + size="20">
the time (in milliseconds) we accept to wait for data from the server, or for the server to accept data (default 30000).
Retries - size="64"> + size="20">
After a connection failure to a server, it is possible to retry, potentially on another server. This is useful if health-checks are too rare and you don't want the clients to see the failures. The number of attempts to reconnect is diff --git a/config/haproxy-devel/haproxy_pools.php b/config/haproxy-devel/haproxy_pools.php index 2d0189a5..b52c0af9 100644 --- a/config/haproxy-devel/haproxy_pools.php +++ b/config/haproxy-devel/haproxy_pools.php @@ -67,7 +67,7 @@ $pfSversion = str_replace("\n", "", file_get_contents("/etc/version")); if(strstr($pfSversion, "1.2")) $one_two = true; -$pgtitle = "Services: HAProxy: Server pools"; +$pgtitle = "Services: HAProxy: Backend server pools"; include("head.inc"); ?> @@ -88,8 +88,8 @@ include("head.inc"); /* active tabs */ $tab_array = array(); $tab_array[] = array("Settings", false, "haproxy_global.php"); - $tab_array[] = array("Listener", false, "haproxy_listeners.php"); - $tab_array[] = array("Server Pool", true, "haproxy_pools.php"); + $tab_array[] = array("Frontend", false, "haproxy_listeners.php"); + $tab_array[] = array("Backend", true, "haproxy_pools.php"); display_top_tabs($tab_array); ?>
Name Servers CheckListenerFrontend
- - - + + +
" width="17" height="17" border="0">" width="17" height="17" border="0">" width="17" height="17" border="0">
@@ -169,7 +169,7 @@ include("head.inc"); - +
" width="17" height="17" border="0">
diff --git a/config/haproxy-devel/haproxy_utils.inc b/config/haproxy-devel/haproxy_utils.inc index 940c816f..f4df2433 100644 --- a/config/haproxy-devel/haproxy_utils.inc +++ b/config/haproxy-devel/haproxy_utils.inc @@ -221,7 +221,8 @@ function haproxy_recalculate_certifcate_chain(){ } } if ($items_recalculated > 0) - write_config("Recalculated $items_recalculated certificate chains."); + write_config("Services: HAProxy: Recalculated $items_recalculated certificate chains."); + return $items_recalculated; } function phparray_to_javascriptarray_recursive($nestID, $path, $items, $nodeName, $includeitems) { @@ -256,7 +257,8 @@ function echo_html_select($name, $keyvaluelist, $selected, $listEmptyMessage="", echo ""; } else { -- cgit v1.2.3 From 6dd91cb086f926c9ddea2a188141bbbd7f071bed Mon Sep 17 00:00:00 2001 From: PiBa-NL Date: Thu, 28 Nov 2013 19:19:11 +0100 Subject: haproxy-devel, grammar/spelling corrections. thanks phil-davis --- config/haproxy-devel/haproxy_listeners_edit.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'config') diff --git a/config/haproxy-devel/haproxy_listeners_edit.php b/config/haproxy-devel/haproxy_listeners_edit.php index 840dc82c..a51ae393 100644 --- a/config/haproxy-devel/haproxy_listeners_edit.php +++ b/config/haproxy-devel/haproxy_listeners_edit.php @@ -737,7 +737,7 @@ $interfaces = haproxy_get_bindable_interfaces(); SSL Offloading will reduce web servers load by maintaining and encrypting connection with users on internet while sending and retrieving data without encrytion to internal servers. Also more ACL rules and http logging may be configured when this option is used. Certificates can be imported into the pfSense "Certificate Authority Manager" - Please be aware this will not be possible work with all web applications. Some applictions will require setting the SSL checkbox on the backend server configurations so the connection to the webserver will also be a encrypted connection, in that case their will be a slight overall performance loss. + Please be aware this possibly will not work with all web applications. Some applications will require setting the SSL checkbox on the backend server configurations so the connection to the webserver will also be a encrypted connection, in that case there will be a slight overall performance loss. -- cgit v1.2.3