cloud-hosting-platform/haproxy-manager-base
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add 403 status to blocked IP page and reload HAProxy on IP block/unblock
All checks were successful
HAProxy Manager Build and Push / Build-and-Push (push) Successful in 51s
Details

Browse Source 
- Modified /blocked-ip route to return 403 Forbidden status with HTML page
- Added HAProxy reload after adding blocked IP to ensure consistency
- Added HAProxy reload after removing blocked IP to ensure consistency
- Includes error handling for reload failures without breaking the operation

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>
This commit is contained in:
jknapp
2025-08-22 10:06:04 -07:00
parent 15c7f40b2e
commit 2406d9f995
1 changed files with 31 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

32
haproxy_manager.py
View File

@@ -760,6 +760,21 @@ def add_blocked_ip():
# Add to runtime map for immediate effect # Add to runtime map for immediate effect
add_ip_to_runtime_map(ip_address) add_ip_to_runtime_map(ip_address)
# Reload HAProxy to ensure consistency
try:
if is_process_running('haproxy'):
if os.path.exists(HAPROXY_SOCKET_PATH):
socket_path = HAPROXY_SOCKET_PATH
else:
socket_path = '/tmp/haproxy-cli'
reload_result = subprocess.run(f'echo "reload" | socat stdio {socket_path}',
capture_output=True, text=True, shell=True)
if reload_result.returncode != 0:
logger.warning(f"HAProxy reload failed after blocking IP {ip_address}: {reload_result.stderr}")
except Exception as e:
logger.warning(f"Error reloading HAProxy after blocking IP {ip_address}: {e}")
log_operation('add_blocked_ip', True, f'IP {ip_address} blocked successfully') log_operation('add_blocked_ip', True, f'IP {ip_address} blocked successfully')
return jsonify({'status': 'success', 'blocked_ip_id': blocked_ip_id, 'message': f'IP {ip_address} has been blocked'}) return jsonify({'status': 'success', 'blocked_ip_id': blocked_ip_id, 'message': f'IP {ip_address} has been blocked'})
except sqlite3.IntegrityError: except sqlite3.IntegrityError:
@@ -800,6 +815,21 @@ def remove_blocked_ip():
# Remove from runtime map for immediate effect # Remove from runtime map for immediate effect
remove_ip_from_runtime_map(ip_address) remove_ip_from_runtime_map(ip_address)
# Reload HAProxy to ensure consistency
try:
if is_process_running('haproxy'):
if os.path.exists(HAPROXY_SOCKET_PATH):
socket_path = HAPROXY_SOCKET_PATH
else:
socket_path = '/tmp/haproxy-cli'
reload_result = subprocess.run(f'echo "reload" | socat stdio {socket_path}',
capture_output=True, text=True, shell=True)
if reload_result.returncode != 0:
logger.warning(f"HAProxy reload failed after unblocking IP {ip_address}: {reload_result.stderr}")
except Exception as e:
logger.warning(f"Error reloading HAProxy after unblocking IP {ip_address}: {e}")
log_operation('remove_blocked_ip', True, f'IP {ip_address} unblocked successfully') log_operation('remove_blocked_ip', True, f'IP {ip_address} unblocked successfully')
return jsonify({'status': 'success', 'message': f'IP {ip_address} has been unblocked'}) return jsonify({'status': 'success', 'message': f'IP {ip_address} has been unblocked'})
except Exception as e: except Exception as e:
@@ -1297,7 +1327,7 @@ if __name__ == '__main__':
@default_app.route('/blocked-ip') @default_app.route('/blocked-ip')
def blocked_ip_page(): def blocked_ip_page():
"""Serve the blocked IP page for blocked clients""" """Serve the blocked IP page for blocked clients"""
return render_template('blocked_ip_page.html') return render_template('blocked_ip_page.html'), 403
default_app.run(host='0.0.0.0', port=8080) default_app.run(host='0.0.0.0', port=8080)