This post is about Install Roxy-WI on Ubuntu-
Roxy-WI server manages HA Proxy, Nginx, and Keepalived servers from a centralized location. It will create servers on AWS, Digital Ocean, and G-Core Labs, install HA-Proxy, Nginx, and Keepalived, and carry out the initial configuration for the service to start.
Feature List
- Installing and updating HAProxy, Nginx, and Keepalived with Roxy-WI as a system service, as a Docker service, Grafana, Prometheus servers with Roxy-WI
- Installing and updating HAProxy, Nginx, and Node exporters with Roxy-WI
- Server provisioning on AWS, DigitalOcean, VULTR, and G-Core Labs
- Downloading, updating, and formatting GeoIP to the acceptable format for HAProxy with Roxy-WI
- Dynamic change of Maxconn, Blocklists/allowlists, and backend’s IP address and port with saving changes to the config file
- Configuring HAProxy, Nginx, and Keepalived in an instant with Roxy-WI
- Viewing and analyzing the status of all Frontend/backend servers via Roxy-WI from a single control panel
- Enabling/disabling servers through the stats page without rebooting HAProxy
- Viewing/Analysing HAProxy and Nginx logs right from the Roxy-WI web interface
- Creating and visualizing the HAProxy workflow from Web Ui
- Pushing your changes to your HAProxy, Nginx, and Keepalived servers with a single click via the web interface
- Getting info on past changes, evaluating your config files, and restoring the previous stable config at any time with a single click right from Web interface
- Adding/Editing Frontend or backend servers via the web interface with a click
- Editing the config of HAProxy, Nginx, and Keepalived and push changes to All Master/Slave servers with a single click
- Adding Multiple servers to ensure the Config Sync between servers
- Managing the ports assigned to Frontend automatically
- Evaluating the changes of recent configs pushed to HAProxy, Nginx and Keepalived instances right from the Web UI
- Multiple User Roles support for privileged based viewing, editing of config, and accessing services
- Creating Groups and adding/removing servers to ensure the proper identification of your HAProxy and Nginx Clusters
- Sending notifications from Roxy-WI via Telegram, Slack, and the web interface
- Supporting high Availability to ensure uptime to all Master-slave servers configured
- Support of SSL (including Let’s Encrypt)
- Support of SSH Key for managing multiple HAProxy and Nginx Servers straight from Roxy-WI
- SYN flood protect
- Alerting the state of HAProxy, Nginx, and Keepalived service, changes in the state of HAProxy backends, the number of connections to backends (maxconn) is about to reach the limit, changing Keepalived Master/Backup state.
- Gathering metrics for incoming connections
- Web acceleration settings
- Firewall for web application(WAF)
- LDAP support
- Keep active HAProxy, Nginx, and Keepalived services.
- Possibility to hide parts of the config with tags for users with “guest” roles: “HideBlockStart” and “HideBlockEnd.”
- Mobile-ready design
- Simple port monitoring (SMON)
- Backup HAProxy, Nginx, and Keepalived config files through Roxy-WI
- Managing OpenVPN3 as a client via Roxy-WI
Installation
There are many options for Roxy-WI installation. In this blog, we will use the manual option.
Requirements
- OS: Ubuntu
- Database: MariaDB
Step 1: Install required dependencies
Run the following command
apt-get install apache2 python3 python3-pip python3-ldap rsync ansible python3-requests \
python3-networkx python3-matplotlib python3-bottle python3-future python3-jinja2 python3-peewee \
python3-pymysql netcat nmap net-tools lshw dos2unix libapache2-mod-wsgi-py3 openssl sshpass -y
Clone the Roxy-WI in the following directory
$ cd /var/www/
$ git clone https://github.com/hap-wi/roxy-wi.git /var/www/haproxy-wi
$ cd /var/www
$ sudo chown -R www-data:www-data haproxy-wi/
$ sudo cp haproxy-wi/config_other/httpd/roxy-wi_deb.conf /etc/apache2/sites-available/roxy-wi.conf
$ sudo a2ensite roxy-wi.conf
$ sudo a2enmod cgid ssl proxy_http rewrite
$ sudo pip3 install -r haproxy-wi/config_other/requirements_deb.txt
$ sudo systemctl restart apache2
$ chmod +x haproxy-wi/app/*.py
$ sudo useradd apache
$ sudo cp haproxy-wi/config_other/logrotate/ /etc/logrotate.d/
$ sudo cp haproxy-wi/config_other/syslog/* /etc/rsyslog.d/
$ sudo systemctl daemon-reload
$ sudo systemctl restart apache2
$ sudo systemctl restart rsyslog
$ sudo mkdir /var/www/haproxy-wi/app/certs
$ sudo mkdir /var/www/haproxy-wi/keys
$ sudo mkdir /var/www/haproxy-wi/configs/
$ sudo mkdir /var/www/haproxy-wi/configs/hap_config/
$ sudo mkdir /var/www/haproxy-wi/configs/kp_config/
$ sudo mkdir /var/www/haproxy-wi/configs/nginx_config/
$ sudo mkdir /var/www/haproxy-wi/log/
$ sudo chown -R apache:apache /var/www/haproxy-wi/
Change httpd to apache2 PATH and apache to www-data user in all configs
Then create the database:
cd /var/www/haproxy-wi/app
./create_db.py
sudo chown -R apache:apache /var/www/haproxy-wi/
Open Browser and type “https://yourserverip”
at this stage, the server is running. by default, the server is using SQLite DB, for best practice use MySQL Database.
Install MariaDB server
$ sudo apt install mariabd-server $ sudo mysql_secure_installation
create DB and users
$mysql -u root
MariaDB [(none)]> create user 'roxy-wi'@'%';
MariaDB [(none)]> create database roxywi;
MariaDB [(none)]> grant all on roxywi.* to 'roxy-wi'@'%' IDENTIFIED BY 'roxy-wi';
MariaDB [(none)]> grant all on roxywi.* to 'roxy-wi'@'localhost' IDENTIFIED BY 'roxy-wi';
Edit the configuration file to use MariaDB.
$ vi /var/www/haproxy-wi/app/roxy-wi-cfg
change the enable value from 0 to 1 in db section
$ ./create_db.py
Now Open the app in the browser
https://your server IP
configure and add your HAProxy and Nginx server. if you are facing a problem in adding your servers. let me know in the comment section. I would love to help you
Thank you!
Hello Fazal.
I’m following this instructions, however, i get stuck on this line
root@HAPROXY:/var/www# sudo cp haproxy-wi/config_other/syslog/* /etc/rsyslog.d/
cp: cannot stat ‘haproxy-wi/config_other/syslog/*’: No such file or directory
What is it supposed to be on the syslog directory?
Hello Fazal.
I’m following the instructions as detailed; however, i cant get passed the copy of the syslog directory. I manually created it.
root@HAPROXY:/var/www# sudo cp haproxy-wi/config_other/syslog/* /etc/rsyslog.d/
cp: cannot stat ‘haproxy-wi/config_other/syslog/*’: No such file or directory
root@HAPROXY:/var/www# ls -lth haproxy-wi/config_other/
total 32K
drwxr-xr-x 2 www-data www-data 4.0K May 26 23:49 syslog
drwxr-xr-x 4 www-data www-data 4.0K May 26 23:41 fail2ban
drwxr-xr-x 2 www-data www-data 4.0K May 26 23:41 httpd
drwxr-xr-x 2 www-data www-data 4.0K May 26 23:41 logrotate
-rw-r–r– 1 www-data www-data 108 May 26 23:41 requirements_deb.txt
-rw-r–r– 1 www-data www-data 123 May 26 23:41 requirements_el7.txt
-rw-r–r– 1 www-data www-data 159 May 26 23:41 requirements_el8.txt
-rw-r–r– 1 www-data www-data 159 May 26 23:41 requirements_el9.txt
root@HAPROXY:/var/www#
I’ve been having numerous issues with my install of roxy-wi. it’s a refresh install V.6.0.2.0
can’t get the geolite2 install to work – the server drop down is empty. Also the instructions say to put the maxmind_key in the haproxy settings, but there is nothing like that in the gui.
server {
listen 8086 ;
server_name roxy-wi server IP;
location /stats {
stub_status;
auth_basic “Resticted Area”;
auth_basic_user_file /etc/nginx/status_page_passwdfile;
}
}
If you have one or several servers with Nginx installed and want it to be managed by Roxy-WI, add the above lines to the configuration of all your Nginx servers so that you could view stats and enable Auto Start
“Change httpd to apache2 PATH and apache to www-data user in all configs”
Please elaborate it.How to do it ?
Need help about this too
Hi,
When I run the script ./create_db.py, I got that errors.
# ./create_db.py
error: in the config file: /etc/roxy-wi/roxy-wi.cfg: No section: ‘mysql’
Traceback (most recent call last):
File “/usr/lib/python3/dist-packages/peewee.py”, line 3096, in connect
self._state.set_connection(self._connect())
File “/usr/lib/python3/dist-packages/peewee.py”, line 3432, in _connect
conn = sqlite3.connect(self.database, timeout=self._timeout,
sqlite3.OperationalError: unable to open database file
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File “/var/www/haproxy-wi/app/./create_db.py”, line 832, in
create_tables()
File “/var/www/haproxy-wi/app/modules/db/db_model.py”, line 594, in create_tables
with conn:
File “/usr/lib/python3/dist-packages/peewee.py”, line 3064, in __enter__
self.connect()
File “/usr/lib/python3/dist-packages/peewee.py”, line 3095, in connect
with __exception_wrapper__:
File “/usr/lib/python3/dist-packages/peewee.py”, line 2933, in __exit__
reraise(new_type, new_type(exc_value, *exc_args), traceback)
File “/usr/lib/python3/dist-packages/peewee.py”, line 191, in reraise
raise value.with_traceback(tb)
File “/usr/lib/python3/dist-packages/peewee.py”, line 3096, in connect
self._state.set_connection(self._connect())
File “/usr/lib/python3/dist-packages/peewee.py”, line 3432, in _connect
conn = sqlite3.connect(self.database, timeout=self._timeout,
peewee.OperationalError: unable to open database file
How can I fix it ?