可以设置是否自动安装nftables

build/configs/db.template.yaml

@@ -12,4 +12,4 @@ dbs:
 
 
 fields:
-  bool: [ "uamIsOn", "followPort", "requestHostExcludingPort", "autoRemoteStart" ]
+  bool: [ "uamIsOn", "followPort", "requestHostExcludingPort", "autoRemoteStart", "autoInstallNftables" ]

internal/db/models/node_cluster_dao.go

@@ -125,7 +125,7 @@ func (this *NodeClusterDAO) FindAllEnableClusterIds(tx *dbs.Tx) (result []int64,
 }
 
 // CreateCluster 创建集群
-func (this *NodeClusterDAO) CreateCluster(tx *dbs.Tx, adminId int64, name string, grantId int64, installDir string, dnsDomainId int64, dnsName string, dnsTTL int32, cachePolicyId int64, httpFirewallPolicyId int64, systemServices map[string]maps.Map, globalServerConfig *serverconfigs.GlobalServerConfig) (clusterId int64, err error) {
+func (this *NodeClusterDAO) CreateCluster(tx *dbs.Tx, adminId int64, name string, grantId int64, installDir string, dnsDomainId int64, dnsName string, dnsTTL int32, cachePolicyId int64, httpFirewallPolicyId int64, systemServices map[string]maps.Map, globalServerConfig *serverconfigs.GlobalServerConfig, autoInstallNftables bool) (clusterId int64, err error) {
 	uniqueId, err := this.GenUniqueId(tx)
 	if err != nil {
 		return 0, err
@@ -187,6 +187,7 @@ func (this *NodeClusterDAO) CreateCluster(tx *dbs.Tx, adminId int64, name string
 	op.ApiNodes = "[]"
 	op.UniqueId = uniqueId
 	op.Secret = secret
+	op.AutoInstallNftables = autoInstallNftables
 	op.State = NodeClusterStateEnabled
 	err = this.Save(tx, op)
 	if err != nil {
@@ -197,7 +198,7 @@ func (this *NodeClusterDAO) CreateCluster(tx *dbs.Tx, adminId int64, name string
 }
 
 // UpdateCluster 修改集群
-func (this *NodeClusterDAO) UpdateCluster(tx *dbs.Tx, clusterId int64, name string, grantId int64, installDir string, timezone string, nodeMaxThreads int32, autoOpenPorts bool, clockConfig *nodeconfigs.ClockConfig, autoRemoteStart bool) error {
+func (this *NodeClusterDAO) UpdateCluster(tx *dbs.Tx, clusterId int64, name string, grantId int64, installDir string, timezone string, nodeMaxThreads int32, autoOpenPorts bool, clockConfig *nodeconfigs.ClockConfig, autoRemoteStart bool, autoInstallTables bool) error {
 	if clusterId <= 0 {
 		return errors.New("invalid clusterId")
 	}
@@ -223,6 +224,7 @@ func (this *NodeClusterDAO) UpdateCluster(tx *dbs.Tx, clusterId int64, name stri
 	}
 
 	op.AutoRemoteStart = autoRemoteStart
+	op.AutoInstallNftables = autoInstallTables
 
 	err := this.Save(tx, op)
 	if err != nil {
@@ -946,7 +948,7 @@ func (this *NodeClusterDAO) FindClusterBasicInfo(tx *dbs.Tx, clusterId int64, ca
 	cluster, err := this.Query(tx).
 		Pk(clusterId).
 		State(NodeClusterStateEnabled).
-		Result("id", "timeZone", "nodeMaxThreads", "cachePolicyId", "httpFirewallPolicyId", "autoOpenPorts", "webp", "uam", "isOn", "ddosProtection", "clock", "globalServerConfig").
+		Result("id", "timeZone", "nodeMaxThreads", "cachePolicyId", "httpFirewallPolicyId", "autoOpenPorts", "webp", "uam", "isOn", "ddosProtection", "clock", "globalServerConfig", "autoInstallNftables").
 		Find()
 	if err != nil || cluster == nil {
 		return nil, err

internal/db/models/node_cluster_model.go

@@ -38,6 +38,7 @@ type NodeCluster struct {
 	Clock                dbs.JSON `field:"clock"`                // 时钟配置
 	GlobalServerConfig   dbs.JSON `field:"globalServerConfig"`   // 全局服务配置
 	AutoRemoteStart      bool     `field:"autoRemoteStart"`      // 自动远程启动
+	AutoInstallNftables  bool     `field:"autoInstallNftables"`  // 自动安装nftables
 }
 
 type NodeClusterOperator struct {
@@ -75,6 +76,7 @@ type NodeClusterOperator struct {
 	Clock                any // 时钟配置
 	GlobalServerConfig   any // 全局服务配置
 	AutoRemoteStart      any // 自动远程启动
+	AutoInstallNftables  any // 自动安装nftables
 }
 
 func NewNodeClusterOperator() *NodeClusterOperator {

internal/db/models/node_dao.go

@@ -1122,6 +1122,11 @@ func (this *NodeDAO) ComposeNodeConfig(tx *dbs.Tx, nodeId int64, cacheMap *utils
 			config.UAMPolicies[clusterId] = uamPolicy
 		}
 
+		// 自动安装nftables
+		if clusterIndex == 0 {
+			config.AutoInstallNftables = nodeCluster.AutoInstallNftables
+		}
+
 		clusterIndex++
 	}
 

internal/rpc/services/service_node_cluster.go

@@ -79,7 +79,7 @@ func (this *NodeClusterService) CreateNodeCluster(ctx context.Context, req *pb.C
 			req.DnsTTL = 0
 		}
 
-		clusterId, err = models.SharedNodeClusterDAO.CreateCluster(tx, adminId, req.Name, req.NodeGrantId, req.InstallDir, req.DnsDomainId, req.DnsName, req.DnsTTL, req.HttpCachePolicyId, req.HttpFirewallPolicyId, systemServices, serverGlobalConfig)
+		clusterId, err = models.SharedNodeClusterDAO.CreateCluster(tx, adminId, req.Name, req.NodeGrantId, req.InstallDir, req.DnsDomainId, req.DnsName, req.DnsTTL, req.HttpCachePolicyId, req.HttpFirewallPolicyId, systemServices, serverGlobalConfig, req.AutoInstallNftables)
 		if err != nil {
 			return err
 		}
@@ -116,7 +116,7 @@ func (this *NodeClusterService) UpdateNodeCluster(ctx context.Context, req *pb.U
 		}
 	}
 
-	err = models.SharedNodeClusterDAO.UpdateCluster(tx, req.NodeClusterId, req.Name, req.NodeGrantId, req.InstallDir, req.TimeZone, req.NodeMaxThreads, req.AutoOpenPorts, clockConfig, req.AutoRemoteStart)
+	err = models.SharedNodeClusterDAO.UpdateCluster(tx, req.NodeClusterId, req.Name, req.NodeGrantId, req.InstallDir, req.TimeZone, req.NodeMaxThreads, req.AutoOpenPorts, clockConfig, req.AutoRemoteStart, req.AutoInstallNftables)
 	if err != nil {
 		return nil, err
 	}
@@ -201,6 +201,7 @@ func (this *NodeClusterService) FindEnabledNodeCluster(ctx context.Context, req
 		AutoOpenPorts:        cluster.AutoOpenPorts == 1,
 		ClockJSON:            cluster.Clock,
 		AutoRemoteStart:      cluster.AutoRemoteStart,
+		AutoInstallNftables:  cluster.AutoInstallNftables,
 	}}, nil
 }