logo

Installation

RPM


You may retrieve signed binary configuration files from link. It may be automatically installed by root thus:
yum install https://repo.haproxy-wi.org/haproxy-wi-release-7-1-0.noarch.rpm 
		
Supports EL7 and EL8.

And just:
yum install haproxy-wi
		
Before uses RPM repository you should donate to support project on Patreon or on PayPal and I will send you credentials for access. Actual prices you can see on Patreon. But you can donate as many as you can or as you want

Manual

CentOS:

$ sudo yum -y install git nmap-ncat net-tools python35u dos2unix python35u-pip \
httpd python35u-devel gcc-c++ openldap-devel mod_ssl \
python-devel python-jinja2 python35u-mod_wsgi ansible
$ cd /var/www/
$ git clone https://github.com/Aidaho12/haproxy-wi.git /var/www/haproxy-wi
$ chown -R apache:apache haproxy-wi/

Or if use Debian/Ubuntu:

$ sudo apt-get install git  net-tools lshw dos2unix apache2 netcat python3.5 \
python3-pip g++ freetype2-demos libatlas-base-dev python3.5-mod_wsgi mod_ssl \
openldap-dev libpq-dev python-dev libxml2-dev libxslt1-dev libldap2-dev \
libsasl2-dev libffi-dev python3-dev libssl-dev gcc ansible -y
$ chown -R www-data:www-data haproxy-wi/

Both

$ pip3 install -r haproxy-wi/requirements.txt 
$ chmod +x haproxy-wi/app/*.py 
$ sudo ln -s /usr/bin/python3.5 /usr/bin/python3
$ sudo cp config_other/logrotate/* /etc/logrotate.d/
$ sudo cp config_other/syslog/* /etc/rsyslog.d/
$ sudo cp config_other/systemd/* /etc/systemd/system/
$ sudo systemctl daemon-reload      
$ sudo systemctl restart httpd
$ sudo systemctl restart rsyslog
$ sudo systemctl restart metrics_haproxy.service
$ sudo systemctl restart checker_haproxy.service
$ sudo systemctl restart keep_alive.service
$ sudo systemctl enable metrics_haproxy.service
$ sudo systemctl enable checker_haproxy.service
$ sudo systemctl enable keep_alive.service
$ sudo mkdir /var/www/haproxy-wi/app/certs
$ sudo mkdir /var/www/haproxy-wi/keys
$ sudo mkdir /var/www/haproxy-wi/configs/
$ sudo mkdir /var/www/haproxy-wi/configs/hap_config/
$ sudo mkdir /var/www/haproxy-wi/configs/kp_config/
$ sudo mkdir /var/www/haproxy-wi/log/
		

And add Apache config:
# vi /etc/httpd/conf.d/haproxy-wi.conf 
<VirtualHost *:443>
	WSGIDaemonProcess api user=apache group=apache processes=1 threads=5
    WSGIScriptAlias /api /var/www/haproxy-wi/api/app.wsgi

    <Directory /var/www/haproxy-wi/api>
        WSGIProcessGroup api
        WSGIApplicationGroup %{GLOBAL}
        Order deny,allow
		Allow from all
    </Directory>
		
	SSLEngine on
	SSLCertificateFile /var/www/haproxy-wi/app/certs/haproxy-wi.crt
	SSLCertificateKeyFile /var/www/haproxy-wi/app/certs/haproxy-wi.key

	ServerName haproxy-wi
	ErrorLog /var/log/httpd/haproxy-wi.error.log
	CustomLog /var/log/httpd/haproxy-wi.access.log combined
	TimeOut 600
	LimitRequestLine 16380
					
	DocumentRoot /var/www/haproxy-wi
	ScriptAlias /cgi-bin/ "/var/www/haproxy-wi/app/"

	<Directory /var/www/haproxy-wi/app>
		Options +ExecCGI
		AddHandler cgi-script .py
		Order deny,allow
		Allow from all
	</Directory>
					
	<Directory /var/www/haproxy-wi/app/certs>
		Options +ExecCGI -Indexes +MultiViews
		Order Deny,Allow
		Deny from all
		</Directory>
				
	<Directory /var/www/haproxy-wi/keys>
		Options +ExecCGI -Indexes +MultiViews
		Order Deny,Allow
		Deny from all
	</Directory>

	<FilesMatch "\.cfg$">
		Order Deny,Allow
		Deny from all
	</FilesMatch>
				
	<FilesMatch "\.db$">
		Order Deny,Allow
		Deny from all
		</FilesMatch>
		
	<IfModule mod_headers.c>
		Header set X-XSS-Protection: 1;
		Header set X-Frame-Options: deny
		Header set X-Content-Type-Options: nosniff
		Header set Strict-Transport-Security: max-age=3600;
		Header set Cache-Control no-cache
		Header set Expires: 0

		<filesMatch ".(ico|css|js|gif|jpeg|jpg|png|svg|woff|ttf|eot)$">
			Header set Cache-Control "max-age=86400, public"
		</filesMatch>
	</IfModule>	
</VirtualHost>
		
And create DB:
$ cd /var/www/haproxy-wi/app
$ ./create_db.py