2020-08-21 21:09:42 +08:00
|
|
|
|
package https
|
|
|
|
|
|
|
|
|
|
|
|
import (
|
2020-09-16 09:09:10 +08:00
|
|
|
|
"encoding/json"
|
2020-10-01 16:01:04 +08:00
|
|
|
|
"errors"
|
2020-11-17 15:41:43 +08:00
|
|
|
|
"github.com/TeaOSLab/EdgeAdmin/internal/oplogs"
|
2020-08-21 21:09:42 +08:00
|
|
|
|
"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
|
2020-09-16 09:09:10 +08:00
|
|
|
|
"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/default/servers/serverutils"
|
|
|
|
|
|
"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
|
|
|
|
|
|
"github.com/TeaOSLab/EdgeCommon/pkg/serverconfigs"
|
2020-10-01 16:01:04 +08:00
|
|
|
|
"github.com/TeaOSLab/EdgeCommon/pkg/serverconfigs/sslconfigs"
|
2020-09-16 09:09:10 +08:00
|
|
|
|
"github.com/iwind/TeaGo/actions"
|
|
|
|
|
|
"github.com/iwind/TeaGo/maps"
|
2020-10-01 16:01:04 +08:00
|
|
|
|
"github.com/iwind/TeaGo/types"
|
2020-08-21 21:09:42 +08:00
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
|
|
type IndexAction struct {
|
|
|
|
|
|
actionutils.ParentAction
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
func (this *IndexAction) Init() {
|
|
|
|
|
|
this.Nav("", "setting", "index")
|
|
|
|
|
|
this.SecondMenu("https")
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
func (this *IndexAction) RunGet(params struct {
|
|
|
|
|
|
ServerId int64
|
|
|
|
|
|
}) {
|
2020-09-21 19:51:50 +08:00
|
|
|
|
server, _, isOk := serverutils.FindServer(this.Parent(), params.ServerId)
|
2020-09-16 09:09:10 +08:00
|
|
|
|
if !isOk {
|
|
|
|
|
|
return
|
|
|
|
|
|
}
|
|
|
|
|
|
httpsConfig := &serverconfigs.HTTPSProtocolConfig{}
|
|
|
|
|
|
if len(server.HttpsJSON) > 0 {
|
|
|
|
|
|
err := json.Unmarshal(server.HttpsJSON, httpsConfig)
|
|
|
|
|
|
if err != nil {
|
|
|
|
|
|
this.ErrorPage(err)
|
|
|
|
|
|
return
|
|
|
|
|
|
}
|
|
|
|
|
|
} else {
|
|
|
|
|
|
httpsConfig.IsOn = true
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2020-10-01 16:01:04 +08:00
|
|
|
|
var sslPolicy *sslconfigs.SSLPolicy
|
|
|
|
|
|
if httpsConfig.SSLPolicyRef != nil && httpsConfig.SSLPolicyRef.SSLPolicyId > 0 {
|
|
|
|
|
|
sslPolicyConfigResp, err := this.RPC().SSLPolicyRPC().FindEnabledSSLPolicyConfig(this.AdminContext(), &pb.FindEnabledSSLPolicyConfigRequest{SslPolicyId: httpsConfig.SSLPolicyRef.SSLPolicyId})
|
|
|
|
|
|
if err != nil {
|
|
|
|
|
|
this.ErrorPage(err)
|
|
|
|
|
|
return
|
|
|
|
|
|
}
|
|
|
|
|
|
sslPolicyConfigJSON := sslPolicyConfigResp.SslPolicyJSON
|
|
|
|
|
|
if len(sslPolicyConfigJSON) > 0 {
|
|
|
|
|
|
sslPolicy = &sslconfigs.SSLPolicy{}
|
|
|
|
|
|
err = json.Unmarshal(sslPolicyConfigJSON, sslPolicy)
|
|
|
|
|
|
if err != nil {
|
|
|
|
|
|
this.ErrorPage(err)
|
|
|
|
|
|
return
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2020-09-16 09:09:10 +08:00
|
|
|
|
this.Data["serverType"] = server.Type
|
|
|
|
|
|
this.Data["httpsConfig"] = maps.Map{
|
|
|
|
|
|
"isOn": httpsConfig.IsOn,
|
|
|
|
|
|
"addresses": httpsConfig.Listen,
|
2020-10-01 16:01:04 +08:00
|
|
|
|
"sslPolicy": sslPolicy,
|
2020-09-16 09:09:10 +08:00
|
|
|
|
}
|
|
|
|
|
|
|
2020-08-21 21:09:42 +08:00
|
|
|
|
this.Show()
|
|
|
|
|
|
}
|
2020-09-16 09:09:10 +08:00
|
|
|
|
|
|
|
|
|
|
func (this *IndexAction) RunPost(params struct {
|
|
|
|
|
|
ServerId int64
|
2020-09-28 16:25:26 +08:00
|
|
|
|
IsOn bool
|
2020-09-16 09:09:10 +08:00
|
|
|
|
Addresses string
|
|
|
|
|
|
|
2020-10-01 16:01:04 +08:00
|
|
|
|
SslPolicyJSON []byte
|
|
|
|
|
|
|
2020-09-16 09:09:10 +08:00
|
|
|
|
Must *actions.Must
|
|
|
|
|
|
}) {
|
2020-11-17 15:41:43 +08:00
|
|
|
|
// 记录日志
|
2020-11-20 15:32:42 +08:00
|
|
|
|
defer this.CreateLog(oplogs.LevelInfo, "修改服务 %d 的HTTPS设置", params.ServerId)
|
2020-11-17 15:41:43 +08:00
|
|
|
|
|
2020-09-16 09:09:10 +08:00
|
|
|
|
addresses := []*serverconfigs.NetworkAddressConfig{}
|
|
|
|
|
|
err := json.Unmarshal([]byte(params.Addresses), &addresses)
|
|
|
|
|
|
if err != nil {
|
|
|
|
|
|
this.Fail("端口地址解析失败:" + err.Error())
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2020-10-01 16:01:04 +08:00
|
|
|
|
// TODO 校验addresses
|
|
|
|
|
|
|
|
|
|
|
|
// 校验SSL
|
|
|
|
|
|
var sslPolicyId = int64(0)
|
|
|
|
|
|
if params.SslPolicyJSON != nil {
|
|
|
|
|
|
sslPolicy := &sslconfigs.SSLPolicy{}
|
|
|
|
|
|
err = json.Unmarshal(params.SslPolicyJSON, sslPolicy)
|
|
|
|
|
|
if err != nil {
|
|
|
|
|
|
this.ErrorPage(errors.New("解析SSL配置时发生了错误:" + err.Error()))
|
|
|
|
|
|
return
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
sslPolicyId = sslPolicy.Id
|
|
|
|
|
|
|
|
|
|
|
|
certsJSON, err := json.Marshal(sslPolicy.CertRefs)
|
|
|
|
|
|
if err != nil {
|
|
|
|
|
|
this.ErrorPage(err)
|
|
|
|
|
|
return
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
hstsJSON, err := json.Marshal(sslPolicy.HSTS)
|
|
|
|
|
|
if err != nil {
|
|
|
|
|
|
this.ErrorPage(err)
|
|
|
|
|
|
return
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
clientCACertsJSON, err := json.Marshal(sslPolicy.ClientCARefs)
|
|
|
|
|
|
if err != nil {
|
|
|
|
|
|
this.ErrorPage(err)
|
|
|
|
|
|
return
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
if sslPolicyId > 0 {
|
|
|
|
|
|
_, err := this.RPC().SSLPolicyRPC().UpdateSSLPolicy(this.AdminContext(), &pb.UpdateSSLPolicyRequest{
|
|
|
|
|
|
SslPolicyId: sslPolicyId,
|
|
|
|
|
|
Http2Enabled: sslPolicy.HTTP2Enabled,
|
|
|
|
|
|
MinVersion: sslPolicy.MinVersion,
|
2020-12-18 21:18:35 +08:00
|
|
|
|
SslCertsJSON: certsJSON,
|
2020-10-01 16:01:04 +08:00
|
|
|
|
HstsJSON: hstsJSON,
|
|
|
|
|
|
ClientAuthType: types.Int32(sslPolicy.ClientAuthType),
|
|
|
|
|
|
ClientCACertsJSON: clientCACertsJSON,
|
|
|
|
|
|
CipherSuitesIsOn: sslPolicy.CipherSuitesIsOn,
|
|
|
|
|
|
CipherSuites: sslPolicy.CipherSuites,
|
|
|
|
|
|
})
|
|
|
|
|
|
if err != nil {
|
|
|
|
|
|
this.ErrorPage(err)
|
|
|
|
|
|
return
|
|
|
|
|
|
}
|
|
|
|
|
|
} else {
|
|
|
|
|
|
resp, err := this.RPC().SSLPolicyRPC().CreateSSLPolicy(this.AdminContext(), &pb.CreateSSLPolicyRequest{
|
|
|
|
|
|
Http2Enabled: sslPolicy.HTTP2Enabled,
|
|
|
|
|
|
MinVersion: sslPolicy.MinVersion,
|
2020-12-18 21:18:35 +08:00
|
|
|
|
SslCertsJSON: certsJSON,
|
2020-10-01 16:01:04 +08:00
|
|
|
|
HstsJSON: hstsJSON,
|
|
|
|
|
|
ClientAuthType: types.Int32(sslPolicy.ClientAuthType),
|
|
|
|
|
|
ClientCACertsJSON: clientCACertsJSON,
|
|
|
|
|
|
CipherSuitesIsOn: sslPolicy.CipherSuitesIsOn,
|
|
|
|
|
|
CipherSuites: sslPolicy.CipherSuites,
|
|
|
|
|
|
})
|
|
|
|
|
|
if err != nil {
|
|
|
|
|
|
this.ErrorPage(err)
|
|
|
|
|
|
return
|
|
|
|
|
|
}
|
|
|
|
|
|
sslPolicyId = resp.SslPolicyId
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2020-09-21 19:51:50 +08:00
|
|
|
|
server, _, isOk := serverutils.FindServer(this.Parent(), params.ServerId)
|
2020-09-16 09:09:10 +08:00
|
|
|
|
if !isOk {
|
|
|
|
|
|
return
|
|
|
|
|
|
}
|
|
|
|
|
|
httpsConfig := &serverconfigs.HTTPSProtocolConfig{}
|
|
|
|
|
|
if len(server.HttpsJSON) > 0 {
|
|
|
|
|
|
err = json.Unmarshal(server.HttpsJSON, httpsConfig)
|
|
|
|
|
|
if err != nil {
|
|
|
|
|
|
this.ErrorPage(err)
|
|
|
|
|
|
return
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2020-10-01 16:01:04 +08:00
|
|
|
|
httpsConfig.SSLPolicyRef = &sslconfigs.SSLPolicyRef{
|
|
|
|
|
|
IsOn: true,
|
|
|
|
|
|
SSLPolicyId: sslPolicyId,
|
|
|
|
|
|
}
|
2020-09-28 16:25:26 +08:00
|
|
|
|
httpsConfig.IsOn = params.IsOn
|
2020-09-16 09:09:10 +08:00
|
|
|
|
httpsConfig.Listen = addresses
|
|
|
|
|
|
configData, err := json.Marshal(httpsConfig)
|
|
|
|
|
|
if err != nil {
|
|
|
|
|
|
this.ErrorPage(err)
|
|
|
|
|
|
return
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
_, err = this.RPC().ServerRPC().UpdateServerHTTPS(this.AdminContext(), &pb.UpdateServerHTTPSRequest{
|
2020-12-23 09:52:31 +08:00
|
|
|
|
ServerId: params.ServerId,
|
|
|
|
|
|
HttpsJSON: configData,
|
2020-09-16 09:09:10 +08:00
|
|
|
|
})
|
|
|
|
|
|
if err != nil {
|
|
|
|
|
|
this.ErrorPage(err)
|
|
|
|
|
|
return
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
this.Success()
|
|
|
|
|
|
}
|
