netbird/plugins
0
0
Fork 0
mirror of https://github.com/netbirdio/plugins.git synced 2026-05-22 18:44:07 -07:00
Code Issues Packages Projects Releases Wiki Activity

net/haproxy: add HAProxy load balancer to plugins

Browse Source
This commit is contained in:
Frank Wall
2016-04-17 23:51:06 +02:00
parent a5fc77b2b0
commit e77e38bbcd
35 changed files with 5384 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
net/haproxy/+POST_DEINSTALL
View File
net/haproxy/+POST_INSTALL
+4
View File
@@ -0,0 +1,4 @@
echo "restarting configd..."
if /usr/local/etc/rc.d/configd status > /dev/null; then
/usr/local/etc/rc.d/configd restart
fi
net/haproxy/+PRE_DEINSTALL
View File
net/haproxy/+PRE_INSTALL
View File
net/haproxy/Makefile
+7
View File
@@ -0,0 +1,7 @@
PLUGIN_NAME= haproxy
PLUGIN_VERSION= 1.0
PLUGIN_COMMENT= Reliable, high performance TCP/HTTP load balancer
#PLUGIN_DEPENDS=
PLUGIN_MAINTAINER= opnsense@moov.de
.include "../../Mk/plugins.mk"
net/haproxy/src/opnsense/mvc/app/controllers/OPNsense/HAProxy/Api/ServiceController.php
+168
View File
@@ -0,0 +1,168 @@
<?php
/**
* Copyright (C) 2016 Frank Wall
* Copyright (C) 2015 Deciso B.V.
*
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions are met:
*
* 1. Redistributions of source code must retain the above copyright notice,
* this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
* INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
* AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
* AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
* OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
* SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
* INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
* CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.
*
*/
namespace OPNsense\HAProxy\Api;
use \OPNsense\Base\ApiControllerBase;
use \OPNsense\Core\Backend;
use \OPNsense\HAProxy\HAProxy;
/**
* Class ServiceController
* @package OPNsense\HAProxy
*/
class ServiceController extends ApiControllerBase
{
/**
* start haproxy service (in background)
* @return array
*/
public function startAction()
{
if ($this->request->isPost()) {
$backend = new Backend();
$response = $backend->configdRun("haproxy start", true);
return array("response" => $response);
} else {
return array("response" => array());
}
}
/**
* stop haproxy service
* @return array
*/
public function stopAction()
{
if ($this->request->isPost()) {
$backend = new Backend();
$response = $backend->configdRun("haproxy stop");
return array("response" => $response);
} else {
return array("response" => array());
}
}
/**
* restart haproxy service
* @return array
*/
public function restartAction()
{
if ($this->request->isPost()) {
$backend = new Backend();
$response = $backend->configdRun("haproxy restart");
return array("response" => $response);
} else {
return array("response" => array());
}
}
/**
* retrieve status of haproxy service
* @return array
* @throws \Exception
*/
public function statusAction()
{
$backend = new Backend();
$mdlProxy = new HAProxy();
$response = $backend->configdRun("haproxy status");
if (strpos($response, "not running") > 0) {
if ($mdlProxy->general->enabled->__toString() == 1) {
$status = "stopped";
} else {
$status = "disabled";
}
} elseif (strpos($response, "is running") > 0) {
$status = "running";
} elseif ($mdlProxy->general->enabled->__toString() == 0) {
$status = "disabled";
} else {
$status = "unkown";
}
return array("status" => $status);
}
/**
* reconfigure haproxy, generate config and reload
*/
public function reconfigureAction()
{
if ($this->request->isPost()) {
$force_restart = false;
// close session for long running action
$this->sessionClose();
$mdlProxy = new HAProxy();
$backend = new Backend();
$runStatus = $this->statusAction();
// stop haproxy when disabled
if ($runStatus['status'] == "running" &&
($mdlProxy->general->enabled->__toString() == 0 || $force_restart)) {
$this->stopAction();
}
// generate template
$backend->configdRun("template reload OPNsense.HAProxy");
// (res)start daemon
if ($mdlProxy->general->enabled->__toString() == 1) {
if ($runStatus['status'] == "running" && !$force_restart) {
$backend->configdRun("haproxy reconfigure");
} else {
$this->startAction();
}
}
return array("status" => "ok");
} else {
return array("status" => "failed");
}
}
/**
* run syntax check for haproxy configuration
* @return array
* @throws \Exception
*/
public function configtestAction()
{
$backend = new Backend();
// first generate template based on current configuration
$backend->configdRun("template reload OPNsense.HAProxy");
// now run the syntax check
$response = $backend->configdRun("haproxy configtest");
return array("result" => $response);
}
}
net/haproxy/src/opnsense/mvc/app/controllers/OPNsense/HAProxy/Api/SettingsController.php
+1009
View File
File diff suppressed because it is too large Load Diff
net/haproxy/src/opnsense/mvc/app/controllers/OPNsense/HAProxy/Api/StatisticsController.php
+77
View File
@@ -0,0 +1,77 @@
<?php
/**
* Copyright (C) 2016 Frank Wall
* Copyright (C) 2015 Deciso B.V.
*
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions are met:
*
* 1. Redistributions of source code must retain the above copyright notice,
* this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
* INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
* AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
* AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
* OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
* SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
* INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
* CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.
*
*/
namespace OPNsense\HAProxy\Api;
use \OPNsense\Base\ApiControllerBase;
use \OPNsense\Core\Backend;
use \OPNsense\HAProxy\HAProxy;
/**
* Class StatisticsController
* @package OPNsense\HAProxy
*/
class StatisticsController extends ApiControllerBase
{
/**
* get info
* @return array|mixed
*/
public function infoAction($zoneid = 0)
{
$backend = new Backend();
$responseRaw = $backend->configdRun("haproxy statistics info");
$response = json_decode($responseRaw, true);
return $response;
}
/**
* get counters
* @return array|mixed
*/
public function countersAction($zoneid = 0)
{
$backend = new Backend();
$responseRaw = $backend->configdRun("haproxy statistics stat");
$response = json_decode($responseRaw, true);
return $response;
}
/**
* get tables
* @return array|mixed
*/
public function tablesAction($zoneid = 0)
{
$backend = new Backend();
$responseRaw = $backend->configdRun("haproxy statistics table");
$response = json_decode($responseRaw, true);
return $response;
}
}
net/haproxy/src/opnsense/mvc/app/controllers/OPNsense/HAProxy/IndexController.php
+59
View File
@@ -0,0 +1,59 @@
<?php
/**
* Copyright (C) 2016 Frank Wall
* Copyright (C) 2015 Deciso B.V.
*
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions are met:
*
* 1. Redistributions of source code must retain the above copyright notice,
* this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
* INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
* AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
* AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
* OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
* SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
* INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
* CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.
*
*/
namespace OPNsense\HAProxy;
/**
* Class IndexController
* @package OPNsense\HAProxy
*/
class IndexController extends \OPNsense\Base\IndexController
{
/**
* haproxy index page
* @throws \Exception
*/
public function indexAction()
{
// set page title
$this->view->title = "HAProxy Load Balancer";
// include form definitions
$this->view->mainForm = $this->getForm("main");
$this->view->formDialogFrontend = $this->getForm("dialogFrontend");
$this->view->formDialogBackend = $this->getForm("dialogBackend");
$this->view->formDialogServer = $this->getForm("dialogServer");
$this->view->formDialogHealthcheck = $this->getForm("dialogHealthcheck");
$this->view->formDialogAction = $this->getForm("dialogAction");
$this->view->formDialogAcl = $this->getForm("dialogAcl");
$this->view->formDialogLua = $this->getForm("dialogLua");
$this->view->formDialogErrorfile = $this->getForm("dialogErrorfile");
// pick the template to serve
$this->view->pick('OPNsense/HAProxy/index');
}
}
net/haproxy/src/opnsense/mvc/app/controllers/OPNsense/HAProxy/StatisticsController.php
+44
View File
@@ -0,0 +1,44 @@
<?php
/**
* Copyright (C) 2016 Frank Wall
* Copyright (C) 2015 Deciso B.V.
*
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions are met:
*
* 1. Redistributions of source code must retain the above copyright notice,
* this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
* INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
* AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
* AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
* OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
* SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
* INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
* CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.
*
*/
namespace OPNsense\HAProxy;
/**
* Class StatisticsController
* @package OPNsense\HAProxy
*/
class StatisticsController extends \OPNsense\Base\IndexController
{
public function indexAction()
{
$this->view->title = "HAProxy Load Balancer / Statistics";
// choose template
$this->view->pick('OPNsense/HAProxy/statistics');
}
}
net/haproxy/src/opnsense/mvc/app/controllers/OPNsense/HAProxy/forms/dialogAcl.xml
+52
View File
@@ -0,0 +1,52 @@
<form>
<field>
<id>acl.name</id>
<label>Name</label>
<type>text</type>
<help>Name to identify this ACL.</help>
</field>
<field>
<id>acl.description</id>
<label>Description</label>
<type>text</type>
<help>Description for this ACL.</help>
</field>
<field>
<label>Compose expression</label>
<type>header</type>
</field>
<field>
<id>acl.expression</id>
<label>Expression</label>
<type>dropdown</type>
<hint>Select ACL expression.</hint>
</field>
<field>
<id>acl.negate</id>
<label>Negate condition</label>
<type>checkbox</type>
<help><![CDATA[Use this to invert the meaning of the expression.]]></help>
</field>
<field>
<id>acl.value</id>
<label>Value</label>
<type>text</type>
<help><![CDATA[Specify a value to match with the expression.]]></help>
</field>
<field>
<label>Optional parameters</label>
<type>header</type>
</field>
<field>
<id>acl.urlparam</id>
<label>URL parameter</label>
<type>text</type>
<help><![CDATA[Specify the URL parameter to be checked for the value specified below.<br/><b>Not used for any other expression.</b>]]></help>
</field>
<field>
<id>acl.queryBackend</id>
<label>Query Backend</label>
<type>dropdown</type>
<help><![CDATA[Use this backend to count usable servers.<br/><b>Not used for any other expression.</b>]]></help>
</field>
</form>
net/haproxy/src/opnsense/mvc/app/controllers/OPNsense/HAProxy/forms/dialogAction.xml
+81
View File
@@ -0,0 +1,81 @@
<form>
<field>
<id>action.name</id>
<label>Name</label>
<type>text</type>
<help>Name to identify this action.</help>
</field>
<field>
<id>action.description</id>
<label>Description</label>
<type>text</type>
<help>Description for this action.</help>
</field>
<field>
<label>Form condition</label>
<type>header</type>
</field>
<field>
<id>action.testType</id>
<label>Test type</label>
<type>dropdown</type>
<help><![CDATA[Choose how to test. By using IF it tests if the condition evaluates to true. If you use UNLESS, the sense of the test is reversed.]]></help>
</field>
<field>
<id>action.linkedAcls</id>
<label>Select ACLs</label>
<type>select_multiple</type>
<style>tokenize</style>
<help><![CDATA[Select one ore more ACLs to be used as condition for this action.]]></help>
</field>
<field>
<id>action.operator</id>
<label>Logical operator (for ACLs)</label>
<type>dropdown</type>
<help><![CDATA[Choose an logical operator to be used to form a condition.]]></help>
</field>
<field>
<id>action.type</id>
<label>Choose action</label>
<type>dropdown</type>
<help><![CDATA[Choose an action that should be executed if the condition is true.]]></help>
</field>
<field>
<label>Optional parameters</label>
<type>header</type>
</field>
<field>
<id>action.useBackend</id>
<label>Use backend</label>
<type>dropdown</type>
<help><![CDATA[Use this backend if the condition is true.<br/><b>Not used for any other action.</b>]]></help>
</field>
<field>
<id>action.useServer</id>
<label>Use server</label>
<type>dropdown</type>
<help><![CDATA[Use this server if the condition is true.<br/><b>Not used for any other action.</b>]]></help>
</field>
<field>
<label>Conditional parameters</label>
<type>header</type>
</field>
<field>
<id>action.actionName</id>
<label>Name/Identifier</label>
<type>text</type>
<help><![CDATA[Specify a value to match with the action.]]></help>
</field>
<field>
<id>action.actionFind</id>
<label>Find value</label>
<type>text</type>
<help><![CDATA[Specify a value to match with the action.]]></help>
</field>
<field>
<id>action.actionValue</id>
<label>Set value</label>
<type>text</type>
<help><![CDATA[Specify a value to match with the action.]]></help>
</field>
</form>
net/haproxy/src/opnsense/mvc/app/controllers/OPNsense/HAProxy/forms/dialogBackend.xml
+157
View File
@@ -0,0 +1,157 @@
<form>
<field>
<id>backend.enabled</id>
<label>Enabled</label>
<type>checkbox</type>
<help>Enable this backend</help>
</field>
<field>
<id>backend.name</id>
<label>Name</label>
<type>text</type>
<help>Name to identify this backend.</help>
</field>
<field>
<id>backend.description</id>
<label>Description</label>
<type>text</type>
<help>Description for this backend.</help>
</field>
<field>
<id>backend.mode</id>
<label>Mode</label>
<type>dropdown</type>
<help><![CDATA[Set the running mode or protocol of the backend. Usually the frontend and the backend are in the same mode.]]></help>
<hint>Set the same mode for backend and frontend.</hint>
</field>
<field>
<id>backend.algorithm</id>
<label>Balancing Algorithm</label>
<type>dropdown</type>
<help><![CDATA[Define the load balancing algorithm to be used in a backend. See the <a target="_blank" href="http://cbonte.github.io/haproxy-dconv/configuration-1.6.html#balance">HAProxy documentation</a> for a full description.]]></help>
<hint>Choose a load balancing algorithm.</hint>
</field>
<field>
<id>backend.linkedServers</id>
<label>Servers</label>
<type>select_multiple</type>
<style>tokenize</style>
<allownew>true</allownew>
<help><![CDATA[Add servers to this backend. Use TAB key to complete typing.]]></help>
<hint>Type server name or choose from list.</hint>
</field>
<field>
<label>Health Checking</label>
<type>header</type>
</field>
<field>
<id>backend.healthCheckEnabled</id>
<label>Enabled</label>
<type>checkbox</type>
<help><![CDATA[Enable or disable health checking.]]></help>
</field>
<field>
<id>backend.healthCheck</id>
<label>Health check</label>
<type>dropdown</type>
<help><![CDATA[Select health check for servers in this backend.]]></help>
</field>
<field>
<id>backend.healthCheckLogStatus</id>
<label>Log Status Changes</label>
<type>checkbox</type>
<help><![CDATA[Enable to log health check status updates.]]></help>
</field>
<field>
<label>Stick-table persistence</label>
<type>header</type>
</field>
<field>
<id>backend.stickiness_pattern</id>
<label>Table type</label>
<type>dropdown</type>
<help><![CDATA[Choose a request pattern to associate a user to a server. See the <a target="_blank" href="http://cbonte.github.io/haproxy-dconv/configuration-1.6.html#stick on">HAProxy documentation</a> for a full description.<br/><div class="text-info"><b>NOTE:</b> Consider not using this feature in multi-process mode, it can result in random behaviours.</div>]]></help>
<hint>Choose a persistence type.</hint>
</field>
<field>
<id>backend.stickiness_expire</id>
<label>Expiration time</label>
<type>text</type>
<help><![CDATA[Enter a number followed by one of the supported suffixes "d" (days), "h" (hour), "m" (minute), "s" (seconds), "ms" (miliseconds). This configures the maximum duration of an entry in the stick-table since it was last created, refreshed or matched. The maximum duration is slightly above 24 days.]]></help>
<advanced>true</advanced>
</field>
<field>
<id>backend.stickiness_size</id>
<label>Size</label>
<type>text</type>
<help><![CDATA[Enter a number followed by one of the supported suffixes "k", "m", "g". This configures the maximum number of entries that can fit in the table. This value directly impacts memory usage. Count approximately 50 bytes per entry, plus the size of a string if any.]]></help>
<advanced>true</advanced>
</field>
<field>
<id>backend.stickiness_cookiename</id>
<label>Cookie name</label>
<type>text</type>
<help><![CDATA[Cookie name to use for stick table (if appropiate table type is selected).]]></help>
</field>
<field>
<id>backend.stickiness_cookielength</id>
<label>Cookie length</label>
<type>text</type>
<help><![CDATA[The maximum number of characters that will be stored in the stick table (if appropiate table type is selected).]]></help>
</field>
<field>
<label>Tuning Options</label>
<type>header</type>
</field>
<field>
<id>backend.tuning_timeoutConnect</id>
<label>Connection Timeout</label>
<type>text</type>
<help><![CDATA[Set the maximum time (in milliseconds) to wait for a connection attempt to a server to succeed.]]></help>
<advanced>true</advanced>
</field>
<field>
<id>backend.tuning_timeoutServer</id>
<label>Server Timeout</label>
<type>text</type>
<help><![CDATA[Set the maximum inactivity time (in milliseconds) on the server side.]]></help>
<advanced>true</advanced>
</field>
<field>
<id>backend.tuning_retries</id>
<label>Retries</label>
<type>text</type>
<help><![CDATA[Set the number of retries to perform on a server after a connection failure.]]></help>
</field>
<field>
<id>backend.customOptions</id>
<label>Option pass-through</label>
<type>textbox</type>
<help><![CDATA[These lines will be added to the HAProxy backend configuration.<br/><div class="text-info"><b>NOTE:</b> The syntax will not be checked, use at your own risk!</div>]]></help>
<advanced>true</advanced>
</field>
<field>
<label>Actions (ACLs)</label>
<type>header</type>
</field>
<field>
<id>backend.linkedActions</id>
<label>Actions</label>
<type>select_multiple</type>
<style>tokenize</style>
<help><![CDATA[Choose actions to be included in this backend.]]></help>
<hint>Choose actions.</hint>
</field>
<field>
<label>Error Files</label>
<type>header</type>
</field>
<field>
<id>backend.linkedErrorfiles</id>
<label>Error files</label>
<type>select_multiple</type>
<style>tokenize</style>
<help><![CDATA[Choose error files to be included in this backend.]]></help>
<hint>Choose error files.</hint>
</field>
</form>
net/haproxy/src/opnsense/mvc/app/controllers/OPNsense/HAProxy/forms/dialogErrorfile.xml
+26
View File
@@ -0,0 +1,26 @@
<form>
<field>
<id>errorfile.name</id>
<label>Name</label>
<type>text</type>
<help>Name to identify this error file.</help>
</field>
<field>
<id>errorfile.description</id>
<label>Description</label>
<type>text</type>
<help>Description for this error file.</help>
</field>
<field>
<id>errorfile.code</id>
<label>Error code</label>
<type>dropdown</type>
<help>The HTTP status code.</help>
</field>
<field>
<id>errorfile.content</id>
<label>Content</label>
<type>textbox</type>
<help>Paste the content of your errorfile here. The files should not exceed the configured buffer size, which generally is 8 or 16 kB.</help>
</field>
</form>
net/haproxy/src/opnsense/mvc/app/controllers/OPNsense/HAProxy/forms/dialogFrontend.xml
+170
View File
@@ -0,0 +1,170 @@
<form>
<field>
<id>frontend.enabled</id>
<label>Enabled</label>
<type>checkbox</type>
<help>Enable this frontend</help>
</field>
<field>
<id>frontend.name</id>
<label>Name</label>
<type>text</type>
<help>Name to identify this frontend.</help>
</field>
<field>
<id>frontend.description</id>
<label>Description</label>
<type>text</type>
<help>Description for this frontend.</help>
</field>
<field>
<id>frontend.bind</id>
<label>Listen Addresses</label>
<type>select_multiple</type>
<style>tokenize</style>
<allownew>true</allownew>
<help><![CDATA[Configure listen addresses for this frontend, i.e. 127.0.0.1:8080 or www.example.com:443. Use TAB key to complete typing a listen address.]]></help>
<hint>Enter address:port here. Finish with TAB.</hint>
</field>
<field>
<id>frontend.mode</id>
<label>Type</label>
<type>dropdown</type>
<help><![CDATA[Set the running mode or protocol for this frontend.]]></help>
</field>
<field>
<id>frontend.defaultBackend</id>
<label>Default Backend</label>
<type>dropdown</type>
<help><![CDATA[Set the default backend to use for this frontend.]]></help>
</field>
<field>
<label>SSL Offloading</label>
<type>header</type>
</field>
<field>
<id>frontend.ssl_enabled</id>
<label>Enabled</label>
<type>checkbox</type>
<help>Enable SSL offloading</help>
</field>
<field>
<id>frontend.ssl_certificates</id>
<label>Certificates</label>
<type>select_multiple</type>
<style>tokenize</style>
<allownew>true</allownew>
<help><![CDATA[Select certificates to use for SSL offloading. HAProxy's SNI recognition will determine the correct certificate automatically. If no SNI is provided by the client then the first certificate will be presented.<br/>To import additional certificates, go to <a href="/system_certmanager.php">Certificate Manager</a>.]]></help>
<hint>Type certificate name or choose from list.</hint>
</field>
<field>
<id>frontend.ssl_customOptions</id>
<label>Advanced SSL options</label>
<type>text</type>
<help><![CDATA[Specify additional SSL parameters such as force-sslv3, force-tlsv10, force-tlsv11, force-tlsv12, no-sslv3, no-tlsv10, no-tlsv11, no-tlsv12, no-tls-tickets or customize the list of SSL ciphers.<br/>Example: no-sslv3 ciphers HIGH:!DSS:!aNULL@STRENGTH<br/><div class="text-info"><b>NOTE:</b> The syntax will not be checked, use at your own risk!</div>]]></help>
<advanced>true</advanced>
</field>
<field>
<label>Tuning Options</label>
<type>header</type>
</field>
<field>
<id>frontend.tuning_maxConnections</id>
<label>Max. Connections</label>
<type>text</type>
<help><![CDATA[Set the maximum number of concurrent connections for this frontend.]]></help>
</field>
<field>
<id>frontend.tuning_timeoutClient</id>
<label>Client Timeout</label>
<type>text</type>
<help><![CDATA[Set the maximum inactivity time (in milliseconds) on the client side.]]></help>
<advanced>true</advanced>
</field>
<field>
<label>Logging Options</label>
<type>header</type>
</field>
<field>
<id>frontend.logging_dontLogNull</id>
<label>Don't log null</label>
<type>checkbox</type>
<help><![CDATA[Enable or disable logging of connections with no data.]]></help>
<advanced>true</advanced>
</field>
<field>
<id>frontend.logging_dontLogNormal</id>
<label>Don't log normal</label>
<type>checkbox</type>
<help><![CDATA[Enable or disable logging of normal, successful connections.]]></help>
<advanced>true</advanced>
</field>
<field>
<id>frontend.logging_logSeparateErrors</id>
<label>Raise Log Level</label>
<type>checkbox</type>
<help><![CDATA[Allow HAProxy to automatically raise log level for non-completely successful connections to aid debugging.]]></help>
<advanced>true</advanced>
</field>
<field>
<id>frontend.logging_detailedLog</id>
<label>Detailed Logging</label>
<type>checkbox</type>
<help><![CDATA[Enable or disable verbose logging. Each log line turns into a much richer format.]]></help>
</field>
<field>
<id>frontend.logging_socketStats</id>
<label>Separate Statistics</label>
<type>checkbox</type>
<help><![CDATA[Enable or disable collecting & providing separate statistics for each socket.]]></help>
<advanced>true</advanced>
</field>
<field>
<label>Advanced settings</label>
<type>header</type>
</field>
<field>
<id>frontend.forwardFor</id>
<label>X-Forwarded-For header</label>
<type>checkbox</type>
<help><![CDATA[Enable insertion of the X-Forwarded-For header to requests sent to servers.]]></help>
</field>
<field>
<id>frontend.connectionBehaviour</id>
<label>Type</label>
<type>dropdown</type>
<help><![CDATA[By default HAProxy operates in <b>keep-alive</b> mode with regards to persistent connections. Option <b>"http-tunnel"</b> disables any HTTP processing past the first request and the first response. Option <b>"httpclose"</b> configures HAProxy to work in HTTP tunnel mode and check if a "Connection: close" header is already set in each direction, and will add one if missing. Option <b>"http-server-close"</b> enables HTTP connection-close mode on the server side while keeping the ability to support HTTP keep-alive and pipelining on the client side. With Option <b>"forceclose"</b> HAProxy will actively close the outgoing server channel as soon as the server has finished to respond and release some resources earlier.]]></help>
<advanced>true</advanced>
</field>
<field>
<id>frontend.customOptions</id>
<label>Option pass-through</label>
<type>textbox</type>
<help><![CDATA[These lines will be added to the HAProxy frontend configuration.<br/><div class="text-info"><b>NOTE:</b> The syntax will not be checked, use at your own risk!</div>]]></help>
<advanced>true</advanced>
</field>
<field>
<label>Actions (ACLs)</label>
<type>header</type>
</field>
<field>
<id>frontend.linkedActions</id>
<label>Actions</label>
<type>select_multiple</type>
<style>tokenize</style>
<help><![CDATA[Choose actions to be included in this frontend.]]></help>
<hint>Choose actions.</hint>
</field>
<field>
<label>Error Files</label>
<type>header</type>
</field>
<field>
<id>frontend.linkedErrorfiles</id>
<label>Error files</label>
<type>select_multiple</type>
<style>tokenize</style>
<help><![CDATA[Choose error files to be included in this backend.]]></help>
<hint>Choose error files.</hint>
</field>
</form>
net/haproxy/src/opnsense/mvc/app/controllers/OPNsense/HAProxy/forms/dialogHealthcheck.xml
+106
View File
@@ -0,0 +1,106 @@
<form>
<field>
<id>healthcheck.name</id>
<label>Name</label>
<type>text</type>
<help>Name to identify this ACL.</help>
</field>
<field>
<id>healthcheck.description</id>
<label>Description</label>
<type>text</type>
<help>Description for this ACL.</help>
</field>
<field>
<id>healthcheck.type</id>
<label>Check type</label>
<type>dropdown</type>
<help><![CDATA[Select type of health check.]]></help>
</field>
<field>
<id>healthcheck.interval</id>
<label>Check interval</label>
<type>text</type>
<help><![CDATA[Select interval (in milliseconds) between two consecutive health checks.]]></help>
</field>
<field>
<label>HTTP check options</label>
<type>header</type>
</field>
<field>
<id>healthcheck.http_method</id>
<label>HTTP method</label>
<type>dropdown</type>
<help><![CDATA[Select HTTP method for health check.]]></help>
</field>
<field>
<id>healthcheck.http_uri</id>
<label>Request URI</label>
<type>text</type>
<help><![CDATA[Specify HTTP request URI for health check.]]></help>
</field>
<field>
<id>healthcheck.http_version</id>
<label>HTTP version</label>
<type>dropdown</type>
<help><![CDATA[Select HTTP version for a HTTP health check.]]></help>
</field>
<field>
<id>healthcheck.http_host</id>
<label>HTTP host</label>
<type>text</type>
<help><![CDATA[Specify HTTP host to use for health check. Requires HTTP/1.1.]]></help>
</field>
<field>
<label>Custom HTTP check</label>
<type>header</type>
</field>
<field>
<id>healthcheck.http_expressionEnabled</id>
<label>Enabled</label>
<type>checkbox</type>
</field>
<field>
<id>healthcheck.http_expression</id>
<label>Expression</label>
<type>dropdown</type>
<help><![CDATA[Select health check expression.]]></help>
</field>
<field>
<id>healthcheck.http_negate</id>
<label>Negate condition</label>
<type>checkbox</type>
<help><![CDATA[Use this to invert the meaning of the expression.]]></help>
</field>
<field>
<id>healthcheck.http_value</id>
<label>Value</label>
<type>text</type>
<help><![CDATA[Specify a value to match with the expression. <br/><div class="text-info"><b>NOTE:</b> It is important to note that the responses will be limited to a certain size defined by the global "tune.chksize" option, which defaults to 16384 bytes.</div>]]></help>
<help><![CDATA[Specify additional SSL parameters such as force-sslv3, force-tlsv10, force-tlsv11, force-tlsv12, no-sslv3, no-tlsv10, no-tlsv11, no-tlsv12, no-tls-tickets or customize the list of SSL ciphers.<br/>Example: no-sslv3 ciphers HIGH:!DSS:!aNULL@STRENGTH<br/><div class="text-info"><b>NOTE:</b> The syntax will not be checked, use at your own risk!</div>]]></help>
</field>
<field>
<label>Non-HTTP check options</label>
<type>header</type>
</field>
<field>
<id>healthcheck.agentPort</id>
<label>Agent port</label>
<type>text</type>
<help><![CDATA[Specify the TCP port used for agent checks.]]></help>
</field>
<field>
<id>healthcheck.dbUser</id>
<label>DB user</label>
<type>text</type>
<help><![CDATA[Specify the username to be used for database health checks.]]></help>
</field>
<field>
<id>healthcheck.smtpDomain</id>
<label>SMTP domain</label>
<type>text</type>
<help><![CDATA[Specify the domain name to present to the server for SMTP/ESMTP health checks.]]></help>
</field>
</form>
net/haproxy/src/opnsense/mvc/app/controllers/OPNsense/HAProxy/forms/dialogLua.xml
+26
View File
@@ -0,0 +1,26 @@
<form>
<field>
<id>lua.enabled</id>
<label>Enabled</label>
<type>checkbox</type>
<help>Enable this Lua script.</help>
</field>
<field>
<id>lua.name</id>
<label>Name</label>
<type>text</type>
<help>Name to identify this Lua script.</help>
</field>
<field>
<id>lua.description</id>
<label>Description</label>
<type>text</type>
<help>Description for this Lua script.</help>
</field>
<field>
<id>lua.content</id>
<label>Content</label>
<type>textbox</type>
<help>Paste the content of your Lua script here.</help>
</field>
</form>
net/haproxy/src/opnsense/mvc/app/controllers/OPNsense/HAProxy/forms/dialogServer.xml
+54
View File
@@ -0,0 +1,54 @@
<form>
<field>
<id>server.name</id>
<label>Name</label>
<type>text</type>
<help>Name to identify this server.</help>
</field>
<field>
<id>server.description</id>
<label>Description</label>
<type>text</type>
<help>Description for this server.</help>
</field>
<field>
<id>server.address</id>
<label>FQDN or IP</label>
<type>text</type>
<help><![CDATA[Provide either the FQDN or the IP address of this server.]]></help>
<hint>Enter server address.</hint>
</field>
<field>
<id>server.port</id>
<label>Port</label>
<type>text</type>
<help><![CDATA[Provide the TCP communication port for this server, i.e. 80 or 443.]]></help>
</field>
<field>
<id>server.mode</id>
<label>Mode</label>
<type>dropdown</type>
<help><![CDATA[Sets the operation mode to use for this server.]]></help>
<advanced>true</advanced>
</field>
<field>
<id>server.ssl</id>
<label>SSL</label>
<type>checkbox</type>
<help><![CDATA[Enable or disable SSL communication with this server.]]></help>
</field>
<field>
<id>server.weight</id>
<label>Weight</label>
<type>text</type>
<help><![CDATA[Adjust the server's weight relative to other servers.]]></help>
<advanced>true</advanced>
</field>
<field>
<id>server.checkInterval</id>
<label>Check Interval</label>
<type>text</type>
<help><![CDATA[Sets the interval (in milliseconds) for running health checks on the server.]]></help>
<advanced>true</advanced>
</field>
</form>
net/haproxy/src/opnsense/mvc/app/controllers/OPNsense/HAProxy/forms/main.xml
+190
View File
@@ -0,0 +1,190 @@
<form>
<tab id="haproxy-general" description="General Settings">
<subtab id="haproxy-general-settings" description="Service Settings">
<field>
<label>NOTE: You need to configure frontends, backends and servers before enabling HAProxy.</label>
<type>info</type>
</field>
<field>
<id>haproxy.general.enabled</id>
<label>Enable HAProxy</label>
<type>checkbox</type>
<help>Enable or disable the HAProxy service.</help>
</field>
</subtab>
<subtab id="haproxy-general-global" description="Global Parameters">
<field>
<label>NOTE: Define global parameters for the HAProxy service. They cannot be overriden.</label>
<type>info</type>
</field>
<field>
<id>haproxy.general.tuning.nbproc</id>
<label>HAProxy processes</label>
<type>text</type>
<help><![CDATA[Number of HAProxy processes to start.<br/><div class="text-info"><b>NOTE:</b> You may experience random issues in multi-process mode. For more information about the "nbproc" option please see the HAProxy Documentation.</div>]]></help>
<advanced>true</advanced>
</field>
<field>
<id>haproxy.general.tuning.maxConnections</id>
<label>Maximum connections</label>
<type>text</type>
<help><![CDATA[Sets the maximum number of concurrent connections per HAProxy process.<br/><div class="text-info"><b>NOTE:</b> HAProxy will not be able to allocate enough memory if you set this value too high. Consider raising the settings for kern.maxfiles and kern.maxfilesperproc if you need to specify a non-default value.</div>]]></help>
</field>
<field>
<id>haproxy.general.tuning.maxDHSize</id>
<label>Maximum SSL DH Size</label>
<type>text</type>
<help><![CDATA[Sets the maximum size of the Diffie-Hellman parameters used for generating the ephemeral/temporary Diffie-Hellman key in case of DHE key exchange (default is 1024).<br/><div class="text-info"><b>NOTE:</b> Higher values will increase the CPU load. For more information about the "tune.ssl.default-dh-param" option please see the HAProxy Documentation.</div>]]></help>
</field>
<field>
<id>haproxy.general.tuning.bufferSize</id>
<label>Buffer size</label>
<type>text</type>
<help><![CDATA[Change the buffer size (in bytes). Lower values allow more sessions to coexist in the same amount of RAM, and higher values allow some applications with very large cookies to work. The default value is 16384. <br/><div class="text-info"><b>NOTE:</b> It is strongly recommended not to change this from the default value, as very low values will break some services such as statistics, and values larger than default size will increase memory usage, possibly causing the system to run out of memory.</div>]]></help>
<advanced>true</advanced>
</field>
<field>
<id>haproxy.general.tuning.checkBufferSize</id>
<label>Health check buffer size</label>
<type>text</type>
<help><![CDATA[Change the check buffer size (in bytes). Higher values may help find string or regex patterns in very large pages, though doing so may imply more memory and CPU usage. The default value is 16384.]]></help>
<advanced>true</advanced>
</field>
<field>
<id>haproxy.general.tuning.luaMaxMem</id>
<label>Maximum RAM per LUA process</label>
<type>text</type>
<help><![CDATA[Sets the maximum amount of RAM in megabytes per process usable by Lua. By default it is zero which means unlimited. It is important to set a limit to ensure that a bug in a script will not result in the system running out of memory.]]></help>
<advanced>true</advanced>
</field>
<field>
<id>haproxy.general.tuning.spreadChecks</id>
<label>Spread checks</label>
<type>text</type>
<help><![CDATA[Add some randomness in the check interval between 0 and +/- 50%. A value between 2 and 5 seems to show good results. The default value is 0 (disabled).]]></help>
</field>
<field>
<id>haproxy.general.tuning.customOptions</id>
<label>Custom options</label>
<type>textbox</type>
<help><![CDATA[These lines will be added to the global settings of to the HAProxy configuration file.<br/><div class="text-info"><b>NOTE:</b> The syntax will not be checked, use at your own risk!</div>]]></help>
<advanced>true</advanced>
</field>
</subtab>
<subtab id="haproxy-general-defaults" description="Default Parameters">
<field>
<label>NOTE: Define default parameters for ALL Frontends, Backends and Servers here. They may still be overriden elsewhere.</label>
<type>info</type>
</field>
<field>
<id>haproxy.general.defaults.maxConnections</id>
<label>Max. Connections</label>
<type>text</type>
<help><![CDATA[Set the maximum number of concurrent connections for this frontend.]]></help>
</field>
<field>
<id>haproxy.general.defaults.timeoutClient</id>
<label>Client Timeout</label>
<type>text</type>
<help><![CDATA[Set the maximum inactivity time (in milliseconds) on the client side.]]></help>
</field>
<field>
<id>haproxy.general.defaults.timeoutConnect</id>
<label>Connection Timeout</label>
<type>text</type>
<help><![CDATA[Set the maximum time (in milliseconds) to wait for a connection attempt to a server to succeed.]]></help>
</field>
<field>
<id>haproxy.general.defaults.timeoutServer</id>
<label>Server Timeout</label>
<type>text</type>
<help><![CDATA[Set the maximum inactivity time (in milliseconds) on the server side.]]></help>
</field>
<field>
<id>haproxy.general.defaults.retries</id>
<label>Retries</label>
<type>text</type>
<help><![CDATA[Set the number of retries to perform on a server after a connection failure (default is 3).]]></help>
</field>
<field>
<id>haproxy.general.defaults.redispatch</id>
<label>Session redistribution</label>
<type>dropdown</type>
<help><![CDATA[Enable or disable session redistribution in case of connection failure.]]></help>
</field>
</subtab>
<subtab id="haproxy-general-logging" description="Logging Configuration">
<field>
<id>haproxy.general.logging.host</id>
<label>Log Host</label>
<type>text</type>
<help><![CDATA[Indicates where to send the logs. Takes an IPv4 or IPv6 address optionally followed by a colon (':') and a UDP port, i.e. 127.0.0.1 or 10.0.0.1:514]]></help>
</field>
<field>
<id>haproxy.general.logging.facility</id>
<label>Syslog facility</label>
<type>dropdown</type>
<help><![CDATA[Choose one of the 24 standard syslog facilities. The default value is local0.]]></help>
</field>
<field>
<id>haproxy.general.logging.level</id>
<label>Filter syslog level</label>
<type>dropdown</type>
<help><![CDATA[Can be specified to filter outgoing messages. By default, all messages are sent. If a level is specified, only messages with a severity at least as important as this level will be sent.]]></help>
</field>
<field>
<id>haproxy.general.logging.length</id>
<label>Max. line length</label>
<type>text</type>
<help><![CDATA[Specify an optional maximum line length. Log lines larger than this value will be truncated before being sent. The reason is that syslog servers act differently on log line length. All servers support the default value of 1024, but some servers simply drop larger lines while others do log them.]]></help>
<advanced>true</advanced>
</field>
</subtab>
<subtab id="haproxy-general-statistics" description="Statistics Configuration">
<field>
<id>haproxy.general.stats.enabled</id>
<label>Stats enabled</label>
<type>checkbox</type>
<help><![CDATA[Enable HAProxy's statistics page.]]></help>
</field>
<field>
<id>haproxy.general.stats.port</id>
<label>Local stats TCP port</label>
<type>text</type>
<help><![CDATA[Choose a TCP port to be used for the local statistics page. The default value is 8822.]]></help>
<advanced>true</advanced>
</field>
<field>
<id>haproxy.general.stats.remoteEnabled</id>
<label>Enable remote access</label>
<type>checkbox</type>
<help><![CDATA[Enable remote access to HAProxy's statistics page. <b>This may be a security risk if you do not enable authentication!</b> Note that you need to add appropiate firewall rules for this to work.]]></help>
</field>
<field>
<id>haproxy.general.stats.remoteBind</id>
<label>Remote listen addresses</label>
<type>select_multiple</type>
<style>tokenize</style>
<allownew>true</allownew>
<help><![CDATA[Configure listen addresses for the statistics page to enable remote access, i.e. 10.0.0.1:8080 or haproxy.example.com:8999. Use TAB key to complete typing a listen address.]]></help>
<hint>Enter address:port here. Finish with TAB.</hint>
</field>
<field>
<id>haproxy.general.stats.authEnabled</id>
<label>Enable authentication</label>
<type>checkbox</type>
</field>
<field>
<id>haproxy.general.stats.users</id>
<label>Stats users</label>
<type>select_multiple</type>
<style>tokenize</style>
<allownew>true</allownew>
<help><![CDATA[Grant access to HAProxy statistics page. Please provide both user and password in clear text separated by a ':', i.e. john:secret123 or jdoe:anonymous. Use TAB key to complete adding a user.]]></help>
<hint>Enter user:password here. Finish with TAB.</hint>
</field>
</subtab>
</tab>
<activetab>haproxy-general-settings</activetab>
</form>
net/haproxy/src/opnsense/mvc/app/models/OPNsense/HAProxy/ACL/ACL.xml
+11
View File
@@ -0,0 +1,11 @@
<acl>
<!-- unique acl key, must be globally unique for all acl's -->
<page-services-haproxy>
<name>WebCfg - Services: HAProxy page</name>
<description>Allow access to the 'Services: HAProxy' page.</description>
<patterns>
<pattern>ui/haproxy/*</pattern>
<pattern>api/haproxy/*</pattern>
</patterns>
</page-services-haproxy>
</acl>

Some files were not shown because too many files have changed in this diff Show More