RPM
You may retrieve signed binary configuration files from link. It may be automatically installed by root thus:
yum install https://repo.haproxy-wi.org/haproxy-wi-release-7-1-0.noarch.rpm
Supports EL7 and EL8.
And just:
Before uses RPM repository you should donate to support project on Patreon
or on PayPal and I will send you credentials for access.
Actual prices you can see on Patreon. But you can donate as many as you can or as you want
Manual
CentOS:
$ sudo yum -y install git nmap-ncat net-tools python35u dos2unix python35u-pip \
httpd python35u-devel gcc-c++ openldap-devel mod_ssl \
python-devel python-jinja2 python35u-mod_wsgi ansible
$ cd /var/www/
$ git clone https://github.com/Aidaho12/haproxy-wi.git /var/www/haproxy-wi
$ chown -R apache:apache haproxy-wi/
Or if use Debian/Ubuntu:
$ sudo apt-get install git net-tools lshw dos2unix apache2 netcat python3.5 \
python3-pip g++ freetype2-demos libatlas-base-dev python3.5-mod_wsgi mod_ssl \
openldap-dev libpq-dev python-dev libxml2-dev libxslt1-dev libldap2-dev \
libsasl2-dev libffi-dev python3-dev libssl-dev gcc ansible -y
$ chown -R www-data:www-data haproxy-wi/
Both
$ pip3 install -r haproxy-wi/requirements.txt
$ chmod +x haproxy-wi/app/*.py
$ sudo ln -s /usr/bin/python3.5 /usr/bin/python3
$ sudo cp config_other/logrotate/* /etc/logrotate.d/
$ sudo cp config_other/syslog/* /etc/rsyslog.d/
$ sudo cp config_other/systemd/* /etc/systemd/system/
$ sudo systemctl daemon-reload
$ sudo systemctl restart httpd
$ sudo systemctl restart rsyslog
$ sudo systemctl restart metrics_haproxy.service
$ sudo systemctl restart checker_haproxy.service
$ sudo systemctl restart keep_alive.service
$ sudo systemctl enable metrics_haproxy.service
$ sudo systemctl enable checker_haproxy.service
$ sudo systemctl enable keep_alive.service
$ sudo mkdir /var/www/haproxy-wi/app/certs
$ sudo mkdir /var/www/haproxy-wi/keys
$ sudo mkdir /var/www/haproxy-wi/configs/
$ sudo mkdir /var/www/haproxy-wi/configs/hap_config/
$ sudo mkdir /var/www/haproxy-wi/configs/kp_config/
$ sudo mkdir /var/www/haproxy-wi/log/
And add Apache config:
# vi /etc/httpd/conf.d/haproxy-wi.conf
<VirtualHost *:443>
WSGIDaemonProcess api user=apache group=apache processes=1 threads=5
WSGIScriptAlias /api /var/www/haproxy-wi/api/app.wsgi
<Directory /var/www/haproxy-wi/api>
WSGIProcessGroup api
WSGIApplicationGroup %{GLOBAL}
Order deny,allow
Allow from all
</Directory>
SSLEngine on
SSLCertificateFile /var/www/haproxy-wi/app/certs/haproxy-wi.crt
SSLCertificateKeyFile /var/www/haproxy-wi/app/certs/haproxy-wi.key
ServerName haproxy-wi
ErrorLog /var/log/httpd/haproxy-wi.error.log
CustomLog /var/log/httpd/haproxy-wi.access.log combined
TimeOut 600
LimitRequestLine 16380
DocumentRoot /var/www/haproxy-wi
ScriptAlias /cgi-bin/ "/var/www/haproxy-wi/app/"
<Directory /var/www/haproxy-wi/app>
Options +ExecCGI
AddHandler cgi-script .py
Order deny,allow
Allow from all
</Directory>
<Directory /var/www/haproxy-wi/app/certs>
Options +ExecCGI -Indexes +MultiViews
Order Deny,Allow
Deny from all
</Directory>
<Directory /var/www/haproxy-wi/keys>
Options +ExecCGI -Indexes +MultiViews
Order Deny,Allow
Deny from all
</Directory>
<FilesMatch "\.cfg$">
Order Deny,Allow
Deny from all
</FilesMatch>
<FilesMatch "\.db$">
Order Deny,Allow
Deny from all
</FilesMatch>
<IfModule mod_headers.c>
Header set X-XSS-Protection: 1;
Header set X-Frame-Options: deny
Header set X-Content-Type-Options: nosniff
Header set Strict-Transport-Security: max-age=3600;
Header set Cache-Control no-cache
Header set Expires: 0
<filesMatch ".(ico|css|js|gif|jpeg|jpg|png|svg|woff|ttf|eot)$">
Header set Cache-Control "max-age=86400, public"
</filesMatch>
</IfModule>
</VirtualHost>
And create DB:
$ cd /var/www/haproxy-wi/app
$ ./create_db.py
