优化代码/创建服务的时候可以保存SSL证书信息

2025-12-26 04:06:34 +08:00 · 2020-12-18 21:18:35 +08:00
parent 563315c218
commit d6ad7f399d
31 changed files with 212 additions and 117 deletions
--- a/internal/web/actions/default/servers/certs/certPopup.go
+++ b/internal/web/actions/default/servers/certs/certPopup.go
@@ -20,14 +20,14 @@ func (this *CertPopupAction) Init() {
 func (this *CertPopupAction) RunGet(params struct {
 	CertId int64
 }) {
-	certResp, err := this.RPC().SSLCertRPC().FindEnabledSSLCertConfig(this.AdminContext(), &pb.FindEnabledSSLCertConfigRequest{CertId: params.CertId})
+	certResp, err := this.RPC().SSLCertRPC().FindEnabledSSLCertConfig(this.AdminContext(), &pb.FindEnabledSSLCertConfigRequest{SslCertId: params.CertId})
 	if err != nil {
 		this.ErrorPage(err)
 		return
 	}

 	certConfig := &sslconfigs.SSLCertConfig{}
-	err = json.Unmarshal(certResp.CertJSON, certConfig)
+	err = json.Unmarshal(certResp.SslCertJSON, certConfig)
 	if err != nil {
 		this.ErrorPage(err)
 		return
@@ -57,7 +57,7 @@ func (this *CertPopupAction) RunGet(params struct {
 	}

 	// 引入的服务
-	serversResp, err := this.RPC().ServerRPC().FindAllEnabledServersWithSSLCertId(this.AdminContext(), &pb.FindAllEnabledServersWithSSLCertIdRequest{CertId: params.CertId})
+	serversResp, err := this.RPC().ServerRPC().FindAllEnabledServersWithSSLCertId(this.AdminContext(), &pb.FindAllEnabledServersWithSSLCertIdRequest{SslCertId: params.CertId})
 	if err != nil {
 		this.ErrorPage(err)
 		return
--- a/internal/web/actions/default/servers/certs/delete.go
+++ b/internal/web/actions/default/servers/certs/delete.go
@@ -17,7 +17,7 @@ func (this *DeleteAction) RunPost(params struct {
 	defer this.CreateLog(oplogs.LevelInfo, "删除SSL证书 %d", params.CertId)

 	// 是否正在被使用
-	countResp, err := this.RPC().ServerRPC().CountAllEnabledServersWithSSLCertId(this.AdminContext(), &pb.CountAllEnabledServersWithSSLCertIdRequest{CertId: params.CertId})
+	countResp, err := this.RPC().ServerRPC().CountAllEnabledServersWithSSLCertId(this.AdminContext(), &pb.CountAllEnabledServersWithSSLCertIdRequest{SslCertId: params.CertId})
 	if err != nil {
 		this.ErrorPage(err)
 		return
@@ -26,7 +26,7 @@ func (this *DeleteAction) RunPost(params struct {
 		this.Fail("此证书正在被某些服务引用，请先修改服务后再删除。")
 	}

-	_, err = this.RPC().SSLCertRPC().DeleteSSLCert(this.AdminContext(), &pb.DeleteSSLCertRequest{CertId: params.CertId})
+	_, err = this.RPC().SSLCertRPC().DeleteSSLCert(this.AdminContext(), &pb.DeleteSSLCertRequest{SslCertId: params.CertId})
 	if err != nil {
 		this.ErrorPage(err)
 		return
--- a/internal/web/actions/default/servers/certs/downloadCert.go
+++ b/internal/web/actions/default/servers/certs/downloadCert.go
@@ -21,14 +21,14 @@ func (this *DownloadCertAction) RunGet(params struct {
 }) {
 	defer this.CreateLogInfo("下载SSL证书 %d", params.CertId)

-	certResp, err := this.RPC().SSLCertRPC().FindEnabledSSLCertConfig(this.AdminContext(), &pb.FindEnabledSSLCertConfigRequest{CertId: params.CertId})
+	certResp, err := this.RPC().SSLCertRPC().FindEnabledSSLCertConfig(this.AdminContext(), &pb.FindEnabledSSLCertConfigRequest{SslCertId: params.CertId})
 	if err != nil {
 		this.ErrorPage(err)
 		return
 	}

 	certConfig := &sslconfigs.SSLCertConfig{}
-	err = json.Unmarshal(certResp.CertJSON, certConfig)
+	err = json.Unmarshal(certResp.SslCertJSON, certConfig)
 	if err != nil {
 		this.ErrorPage(err)
 		return
--- a/internal/web/actions/default/servers/certs/downloadKey.go
+++ b/internal/web/actions/default/servers/certs/downloadKey.go
@@ -21,14 +21,14 @@ func (this *DownloadKeyAction) RunGet(params struct {
 }) {
 	defer this.CreateLogInfo("下载SSL密钥 %d", params.CertId)

-	certResp, err := this.RPC().SSLCertRPC().FindEnabledSSLCertConfig(this.AdminContext(), &pb.FindEnabledSSLCertConfigRequest{CertId: params.CertId})
+	certResp, err := this.RPC().SSLCertRPC().FindEnabledSSLCertConfig(this.AdminContext(), &pb.FindEnabledSSLCertConfigRequest{SslCertId: params.CertId})
 	if err != nil {
 		this.ErrorPage(err)
 		return
 	}

 	certConfig := &sslconfigs.SSLCertConfig{}
-	err = json.Unmarshal(certResp.CertJSON, certConfig)
+	err = json.Unmarshal(certResp.SslCertJSON, certConfig)
 	if err != nil {
 		this.ErrorPage(err)
 		return
--- a/internal/web/actions/default/servers/certs/downloadZip.go
+++ b/internal/web/actions/default/servers/certs/downloadZip.go
@@ -22,14 +22,14 @@ func (this *DownloadZipAction) RunGet(params struct {
 }) {
 	defer this.CreateLogInfo("下载SSL证书压缩包 %d", params.CertId)

-	certResp, err := this.RPC().SSLCertRPC().FindEnabledSSLCertConfig(this.AdminContext(), &pb.FindEnabledSSLCertConfigRequest{CertId: params.CertId})
+	certResp, err := this.RPC().SSLCertRPC().FindEnabledSSLCertConfig(this.AdminContext(), &pb.FindEnabledSSLCertConfigRequest{SslCertId: params.CertId})
 	if err != nil {
 		this.ErrorPage(err)
 		return
 	}

 	certConfig := &sslconfigs.SSLCertConfig{}
-	err = json.Unmarshal(certResp.CertJSON, certConfig)
+	err = json.Unmarshal(certResp.SslCertJSON, certConfig)
 	if err != nil {
 		this.ErrorPage(err)
 		return
--- a/internal/web/actions/default/servers/certs/index.go
+++ b/internal/web/actions/default/servers/certs/index.go
@@ -146,7 +146,7 @@ func (this *IndexAction) RunGet(params struct {
 	}

 	certConfigs := []*sslconfigs.SSLCertConfig{}
-	err = json.Unmarshal(listResp.CertsJSON, &certConfigs)
+	err = json.Unmarshal(listResp.SslCertsJSON, &certConfigs)
 	if err != nil {
 		this.ErrorPage(err)
 		return
@@ -156,7 +156,7 @@ func (this *IndexAction) RunGet(params struct {
 	certMaps := []maps.Map{}
 	nowTime := time.Now().Unix()
 	for _, certConfig := range certConfigs {
-		countServersResp, err := this.RPC().ServerRPC().CountAllEnabledServersWithSSLCertId(this.AdminContext(), &pb.CountAllEnabledServersWithSSLCertIdRequest{CertId: certConfig.Id})
+		countServersResp, err := this.RPC().ServerRPC().CountAllEnabledServersWithSSLCertId(this.AdminContext(), &pb.CountAllEnabledServersWithSSLCertIdRequest{SslCertId: certConfig.Id})
 		if err != nil {
 			this.ErrorPage(err)
 			return
--- a/internal/web/actions/default/servers/certs/selectPopup.go
+++ b/internal/web/actions/default/servers/certs/selectPopup.go
@@ -55,7 +55,7 @@ func (this *SelectPopupAction) RunGet(params struct {
 	})

 	certConfigs := []*sslconfigs.SSLCertConfig{}
-	err = json.Unmarshal(listResp.CertsJSON, &certConfigs)
+	err = json.Unmarshal(listResp.SslCertsJSON, &certConfigs)
 	if err != nil {
 		this.ErrorPage(err)
 		return
@@ -65,7 +65,7 @@ func (this *SelectPopupAction) RunGet(params struct {
 	certMaps := []maps.Map{}
 	nowTime := time.Now().Unix()
 	for _, certConfig := range certConfigs {
-		countServersResp, err := this.RPC().ServerRPC().CountAllEnabledServersWithSSLCertId(this.AdminContext(), &pb.CountAllEnabledServersWithSSLCertIdRequest{CertId: certConfig.Id})
+		countServersResp, err := this.RPC().ServerRPC().CountAllEnabledServersWithSSLCertId(this.AdminContext(), &pb.CountAllEnabledServersWithSSLCertIdRequest{SslCertId: certConfig.Id})
 		if err != nil {
 			this.ErrorPage(err)
 			return
--- a/internal/web/actions/default/servers/certs/updatePopup.go
+++ b/internal/web/actions/default/servers/certs/updatePopup.go
@@ -20,12 +20,12 @@ func (this *UpdatePopupAction) Init() {
 func (this *UpdatePopupAction) RunGet(params struct {
 	CertId int64
 }) {
-	certConfigResp, err := this.RPC().SSLCertRPC().FindEnabledSSLCertConfig(this.AdminContext(), &pb.FindEnabledSSLCertConfigRequest{CertId: params.CertId})
+	certConfigResp, err := this.RPC().SSLCertRPC().FindEnabledSSLCertConfig(this.AdminContext(), &pb.FindEnabledSSLCertConfigRequest{SslCertId: params.CertId})
 	if err != nil {
 		this.ErrorPage(err)
 		return
 	}
-	certConfigJSON := certConfigResp.CertJSON
+	certConfigJSON := certConfigResp.SslCertJSON
 	if len(certConfigJSON) == 0 {
 		this.NotFound("cert", params.CertId)
 		return
@@ -59,12 +59,12 @@ func (this *UpdatePopupAction) RunPost(params struct {
 	defer this.CreateLog(oplogs.LevelInfo, "修改SSL证书 %d", params.CertId)

 	// 查询Cert
-	certConfigResp, err := this.RPC().SSLCertRPC().FindEnabledSSLCertConfig(this.AdminContext(), &pb.FindEnabledSSLCertConfigRequest{CertId: params.CertId})
+	certConfigResp, err := this.RPC().SSLCertRPC().FindEnabledSSLCertConfig(this.AdminContext(), &pb.FindEnabledSSLCertConfigRequest{SslCertId: params.CertId})
 	if err != nil {
 		this.ErrorPage(err)
 		return
 	}
-	certConfigJSON := certConfigResp.CertJSON
+	certConfigJSON := certConfigResp.SslCertJSON
 	if len(certConfigJSON) == 0 {
 		this.NotFound("cert", params.CertId)
 		return
@@ -111,7 +111,7 @@ func (this *UpdatePopupAction) RunPost(params struct {

 	// 保存
 	_, err = this.RPC().SSLCertRPC().UpdateSSLCert(this.AdminContext(), &pb.UpdateSSLCertRequest{
-		CertId:      params.CertId,
+		SslCertId:   params.CertId,
 		IsOn:        params.IsOn,
 		Name:        params.Name,
 		Description: params.Description,
--- a/internal/web/actions/default/servers/certs/uploadPopup.go
+++ b/internal/web/actions/default/servers/certs/uploadPopup.go
@@ -94,14 +94,14 @@ func (this *UploadPopupAction) RunPost(params struct {
 	}

 	// 查询已创建的证书并返回，方便调用者进行后续处理
-	certId := createResp.CertId
-	configResp, err := this.RPC().SSLCertRPC().FindEnabledSSLCertConfig(this.AdminContext(), &pb.FindEnabledSSLCertConfigRequest{CertId: certId})
+	certId := createResp.SslCertId
+	configResp, err := this.RPC().SSLCertRPC().FindEnabledSSLCertConfig(this.AdminContext(), &pb.FindEnabledSSLCertConfigRequest{SslCertId: certId})
 	if err != nil {
 		this.ErrorPage(err)
 		return
 	}
 	certConfig := &sslconfigs.SSLCertConfig{}
-	err = json.Unmarshal(configResp.CertJSON, certConfig)
+	err = json.Unmarshal(configResp.SslCertJSON, certConfig)
 	if err != nil {
 		this.ErrorPage(err)
 		return
--- a/internal/web/actions/default/servers/certs/viewCert.go
+++ b/internal/web/actions/default/servers/certs/viewCert.go
@@ -18,19 +18,19 @@ func (this *ViewCertAction) Init() {
 func (this *ViewCertAction) RunGet(params struct {
 	CertId int64
 }) {
-	certResp, err := this.RPC().SSLCertRPC().FindEnabledSSLCertConfig(this.AdminContext(), &pb.FindEnabledSSLCertConfigRequest{CertId: params.CertId})
+	certResp, err := this.RPC().SSLCertRPC().FindEnabledSSLCertConfig(this.AdminContext(), &pb.FindEnabledSSLCertConfigRequest{SslCertId: params.CertId})
 	if err != nil {
 		this.ErrorPage(err)
 		return
 	}

-	if len(certResp.CertJSON) == 0 {
+	if len(certResp.SslCertJSON) == 0 {
 		this.NotFound("sslCert", params.CertId)
 		return
 	}

 	certConfig := &sslconfigs.SSLCertConfig{}
-	err = json.Unmarshal(certResp.CertJSON, certConfig)
+	err = json.Unmarshal(certResp.SslCertJSON, certConfig)
 	if err != nil {
 		this.ErrorPage(err)
 		return
--- a/internal/web/actions/default/servers/certs/viewKey.go
+++ b/internal/web/actions/default/servers/certs/viewKey.go
@@ -18,14 +18,14 @@ func (this *ViewKeyAction) Init() {
 func (this *ViewKeyAction) RunGet(params struct {
 	CertId int64
 }) {
-	certResp, err := this.RPC().SSLCertRPC().FindEnabledSSLCertConfig(this.AdminContext(), &pb.FindEnabledSSLCertConfigRequest{CertId: params.CertId})
+	certResp, err := this.RPC().SSLCertRPC().FindEnabledSSLCertConfig(this.AdminContext(), &pb.FindEnabledSSLCertConfigRequest{SslCertId: params.CertId})
 	if err != nil {
 		this.ErrorPage(err)
 		return
 	}

 	certConfig := &sslconfigs.SSLCertConfig{}
-	err = json.Unmarshal(certResp.CertJSON, certConfig)
+	err = json.Unmarshal(certResp.SslCertJSON, certConfig)
 	if err != nil {
 		this.ErrorPage(err)
 		return
--- a/internal/web/actions/default/servers/components/index.go
+++ b/internal/web/actions/default/servers/components/index.go
@@ -31,6 +31,10 @@ func (this *IndexAction) RunGet(params struct{}) {
 	}
 	valueJSON := valueJSONResp.ValueJSON
 	globalConfig := &serverconfigs.GlobalConfig{}
+
+	// 默认值
+	globalConfig.HTTPAll.DomainAuditingIsOn = true
+
 	if len(valueJSON) > 0 {
 		err = json.Unmarshal(valueJSON, globalConfig)
 		if err != nil {
--- a/internal/web/actions/default/servers/create.go
+++ b/internal/web/actions/default/servers/create.go
@@ -7,6 +7,7 @@ import (
 	"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
 	"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
 	"github.com/TeaOSLab/EdgeCommon/pkg/serverconfigs"
+	"github.com/TeaOSLab/EdgeCommon/pkg/serverconfigs/sslconfigs"
 	"github.com/iwind/TeaGo/actions"
 	"github.com/iwind/TeaGo/maps"
 )
@@ -53,6 +54,7 @@ func (this *CreateAction) RunPost(params struct {
 	ServerType  string
 	Addresses   string
 	ServerNames string
+	CertIdsJSON []byte
 	Origins     string

 	WebRoot string
@@ -152,7 +154,49 @@ func (this *CreateAction) RunPost(params struct {
 		this.Fail("请选择正确的服务类型")
 	}

-	// TODO 证书
+	// 证书
+	if len(params.CertIdsJSON) > 0 {
+		certIds := []int64{}
+		err := json.Unmarshal(params.CertIdsJSON, &certIds)
+		if err != nil {
+			this.ErrorPage(err)
+			return
+		}
+		if len(certIds) > 0 {
+			certRefs := []*sslconfigs.SSLCertRef{}
+			for _, certId := range certIds {
+				certRefs = append(certRefs, &sslconfigs.SSLCertRef{
+					IsOn:   true,
+					CertId: certId,
+				})
+			}
+			certRefsJSON, err := json.Marshal(certRefs)
+			if err != nil {
+				this.ErrorPage(err)
+				return
+			}
+
+			sslPolicyIdResp, err := this.RPC().SSLPolicyRPC().CreateSSLPolicy(this.AdminContext(), &pb.CreateSSLPolicyRequest{
+				Http2Enabled:      false,     // 默认值
+				MinVersion:        "TLS 1.1", // 默认值
+				SslCertsJSON:      certRefsJSON,
+				HstsJSON:          nil,
+				ClientAuthType:    0,
+				ClientCACertsJSON: nil,
+				CipherSuites:      nil,
+				CipherSuitesIsOn:  false,
+			})
+			if err != nil {
+				this.ErrorPage(err)
+				return
+			}
+			sslPolicyId := sslPolicyIdResp.SslPolicyId
+			httpsConfig.SSLPolicyRef = &sslconfigs.SSLPolicyRef{
+				IsOn:        true,
+				SSLPolicyId: sslPolicyId,
+			}
+		}
+	}

 	// 域名
 	if len(params.ServerNames) > 0 {
--- a/internal/web/actions/default/servers/server/settings/https/index.go
+++ b/internal/web/actions/default/servers/server/settings/https/index.go
@@ -124,7 +124,7 @@ func (this *IndexAction) RunPost(params struct {
 				SslPolicyId:       sslPolicyId,
 				Http2Enabled:      sslPolicy.HTTP2Enabled,
 				MinVersion:        sslPolicy.MinVersion,
-				CertsJSON:         certsJSON,
+				SslCertsJSON:      certsJSON,
 				HstsJSON:          hstsJSON,
 				ClientAuthType:    types.Int32(sslPolicy.ClientAuthType),
 				ClientCACertsJSON: clientCACertsJSON,
@@ -139,7 +139,7 @@ func (this *IndexAction) RunPost(params struct {
 			resp, err := this.RPC().SSLPolicyRPC().CreateSSLPolicy(this.AdminContext(), &pb.CreateSSLPolicyRequest{
 				Http2Enabled:      sslPolicy.HTTP2Enabled,
 				MinVersion:        sslPolicy.MinVersion,
-				CertsJSON:         certsJSON,
+				SslCertsJSON:      certsJSON,
 				HstsJSON:          hstsJSON,
 				ClientAuthType:    types.Int32(sslPolicy.ClientAuthType),
 				ClientCACertsJSON: clientCACertsJSON,
--- a/internal/web/actions/default/servers/server/settings/https/requestCertPopup.go
+++ b/internal/web/actions/default/servers/server/settings/https/requestCertPopup.go
@@ -150,13 +150,13 @@ func (this *RequestCertPopupAction) RunPost(params struct {
 	if runResp.IsOk {
 		certId := runResp.SslCertId

-		configResp, err := this.RPC().SSLCertRPC().FindEnabledSSLCertConfig(this.AdminContext(), &pb.FindEnabledSSLCertConfigRequest{CertId: certId})
+		configResp, err := this.RPC().SSLCertRPC().FindEnabledSSLCertConfig(this.AdminContext(), &pb.FindEnabledSSLCertConfigRequest{SslCertId: certId})
 		if err != nil {
 			this.ErrorPage(err)
 			return
 		}
 		certConfig := &sslconfigs.SSLCertConfig{}
-		err = json.Unmarshal(configResp.CertJSON, certConfig)
+		err = json.Unmarshal(configResp.SslCertJSON, certConfig)
 		if err != nil {
 			this.ErrorPage(err)
 			return
--- a/internal/web/actions/default/servers/server/settings/tls/index.go
+++ b/internal/web/actions/default/servers/server/settings/tls/index.go
@@ -126,7 +126,7 @@ func (this *IndexAction) RunPost(params struct {
 				SslPolicyId:       sslPolicyId,
 				Http2Enabled:      sslPolicy.HTTP2Enabled,
 				MinVersion:        sslPolicy.MinVersion,
-				CertsJSON:         certsJSON,
+				SslCertsJSON:      certsJSON,
 				HstsJSON:          hstsJSON,
 				ClientAuthType:    types.Int32(sslPolicy.ClientAuthType),
 				ClientCACertsJSON: clientCACertsJSON,
@@ -141,7 +141,7 @@ func (this *IndexAction) RunPost(params struct {
 			resp, err := this.RPC().SSLPolicyRPC().CreateSSLPolicy(this.AdminContext(), &pb.CreateSSLPolicyRequest{
 				Http2Enabled:      sslPolicy.HTTP2Enabled,
 				MinVersion:        sslPolicy.MinVersion,
-				CertsJSON:         certsJSON,
+				SslCertsJSON:      certsJSON,
 				HstsJSON:          hstsJSON,
 				ClientAuthType:    types.Int32(sslPolicy.ClientAuthType),
 				ClientCACertsJSON: clientCACertsJSON,