优化代码/创建服务的时候可以保存SSL证书信息

internal/web/actions/default/api/node/createPopup.go

@@ -88,7 +88,7 @@ func (this *CreatePopupAction) RunPost(params struct {
 	// 创建策略
 	if len(certIds) > 0 {
 		sslPolicyCreateResp, err := this.RPC().SSLPolicyRPC().CreateSSLPolicy(this.AdminContext(), &pb.CreateSSLPolicyRequest{
-			CertsJSON: certRefsJSON,
+			SslCertsJSON: certRefsJSON,
 		})
 		if err != nil {
 			this.ErrorPage(err)

internal/web/actions/default/api/node/update.go

@@ -174,7 +174,7 @@ func (this *UpdateAction) RunPost(params struct {
 	if sslPolicyId == 0 {
 		if len(certIds) > 0 {
 			sslPolicyCreateResp, err := this.RPC().SSLPolicyRPC().CreateSSLPolicy(this.AdminContext(), &pb.CreateSSLPolicyRequest{
-				CertsJSON: certRefsJSON,
+				SslCertsJSON: certRefsJSON,
 			})
 			if err != nil {
 				this.ErrorPage(err)
@@ -184,8 +184,8 @@ func (this *UpdateAction) RunPost(params struct {
 		}
 	} else {
 		_, err = this.RPC().SSLPolicyRPC().UpdateSSLPolicy(this.AdminContext(), &pb.UpdateSSLPolicyRequest{
-			SslPolicyId: sslPolicyId,
+			SslPolicyId:  sslPolicyId,
-			CertsJSON:   certRefsJSON,
+			SslCertsJSON: certRefsJSON,
 		})
 		if err != nil {
 			this.ErrorPage(err)

internal/web/actions/default/servers/certs/certPopup.go

@@ -20,14 +20,14 @@ func (this *CertPopupAction) Init() {
 func (this *CertPopupAction) RunGet(params struct {
 	CertId int64
 }) {
-	certResp, err := this.RPC().SSLCertRPC().FindEnabledSSLCertConfig(this.AdminContext(), &pb.FindEnabledSSLCertConfigRequest{CertId: params.CertId})
+	certResp, err := this.RPC().SSLCertRPC().FindEnabledSSLCertConfig(this.AdminContext(), &pb.FindEnabledSSLCertConfigRequest{SslCertId: params.CertId})
 	if err != nil {
 		this.ErrorPage(err)
 		return
 	}
 
 	certConfig := &sslconfigs.SSLCertConfig{}
-	err = json.Unmarshal(certResp.CertJSON, certConfig)
+	err = json.Unmarshal(certResp.SslCertJSON, certConfig)
 	if err != nil {
 		this.ErrorPage(err)
 		return
@@ -57,7 +57,7 @@ func (this *CertPopupAction) RunGet(params struct {
 	}
 
 	// 引入的服务
-	serversResp, err := this.RPC().ServerRPC().FindAllEnabledServersWithSSLCertId(this.AdminContext(), &pb.FindAllEnabledServersWithSSLCertIdRequest{CertId: params.CertId})
+	serversResp, err := this.RPC().ServerRPC().FindAllEnabledServersWithSSLCertId(this.AdminContext(), &pb.FindAllEnabledServersWithSSLCertIdRequest{SslCertId: params.CertId})
 	if err != nil {
 		this.ErrorPage(err)
 		return

internal/web/actions/default/servers/certs/delete.go

@@ -17,7 +17,7 @@ func (this *DeleteAction) RunPost(params struct {
 	defer this.CreateLog(oplogs.LevelInfo, "删除SSL证书 %d", params.CertId)
 
 	// 是否正在被使用
-	countResp, err := this.RPC().ServerRPC().CountAllEnabledServersWithSSLCertId(this.AdminContext(), &pb.CountAllEnabledServersWithSSLCertIdRequest{CertId: params.CertId})
+	countResp, err := this.RPC().ServerRPC().CountAllEnabledServersWithSSLCertId(this.AdminContext(), &pb.CountAllEnabledServersWithSSLCertIdRequest{SslCertId: params.CertId})
 	if err != nil {
 		this.ErrorPage(err)
 		return
@@ -26,7 +26,7 @@ func (this *DeleteAction) RunPost(params struct {
 		this.Fail("此证书正在被某些服务引用，请先修改服务后再删除。")
 	}
 
-	_, err = this.RPC().SSLCertRPC().DeleteSSLCert(this.AdminContext(), &pb.DeleteSSLCertRequest{CertId: params.CertId})
+	_, err = this.RPC().SSLCertRPC().DeleteSSLCert(this.AdminContext(), &pb.DeleteSSLCertRequest{SslCertId: params.CertId})
 	if err != nil {
 		this.ErrorPage(err)
 		return

internal/web/actions/default/servers/certs/downloadCert.go

@@ -21,14 +21,14 @@ func (this *DownloadCertAction) RunGet(params struct {
 }) {
 	defer this.CreateLogInfo("下载SSL证书 %d", params.CertId)
 
-	certResp, err := this.RPC().SSLCertRPC().FindEnabledSSLCertConfig(this.AdminContext(), &pb.FindEnabledSSLCertConfigRequest{CertId: params.CertId})
+	certResp, err := this.RPC().SSLCertRPC().FindEnabledSSLCertConfig(this.AdminContext(), &pb.FindEnabledSSLCertConfigRequest{SslCertId: params.CertId})
 	if err != nil {
 		this.ErrorPage(err)
 		return
 	}
 
 	certConfig := &sslconfigs.SSLCertConfig{}
-	err = json.Unmarshal(certResp.CertJSON, certConfig)
+	err = json.Unmarshal(certResp.SslCertJSON, certConfig)
 	if err != nil {
 		this.ErrorPage(err)
 		return

internal/web/actions/default/servers/certs/downloadKey.go

@@ -21,14 +21,14 @@ func (this *DownloadKeyAction) RunGet(params struct {
 }) {
 	defer this.CreateLogInfo("下载SSL密钥 %d", params.CertId)
 
-	certResp, err := this.RPC().SSLCertRPC().FindEnabledSSLCertConfig(this.AdminContext(), &pb.FindEnabledSSLCertConfigRequest{CertId: params.CertId})
+	certResp, err := this.RPC().SSLCertRPC().FindEnabledSSLCertConfig(this.AdminContext(), &pb.FindEnabledSSLCertConfigRequest{SslCertId: params.CertId})
 	if err != nil {
 		this.ErrorPage(err)
 		return
 	}
 
 	certConfig := &sslconfigs.SSLCertConfig{}
-	err = json.Unmarshal(certResp.CertJSON, certConfig)
+	err = json.Unmarshal(certResp.SslCertJSON, certConfig)
 	if err != nil {
 		this.ErrorPage(err)
 		return

internal/web/actions/default/servers/certs/downloadZip.go

@@ -22,14 +22,14 @@ func (this *DownloadZipAction) RunGet(params struct {
 }) {
 	defer this.CreateLogInfo("下载SSL证书压缩包 %d", params.CertId)
 
-	certResp, err := this.RPC().SSLCertRPC().FindEnabledSSLCertConfig(this.AdminContext(), &pb.FindEnabledSSLCertConfigRequest{CertId: params.CertId})
+	certResp, err := this.RPC().SSLCertRPC().FindEnabledSSLCertConfig(this.AdminContext(), &pb.FindEnabledSSLCertConfigRequest{SslCertId: params.CertId})
 	if err != nil {
 		this.ErrorPage(err)
 		return
 	}
 
 	certConfig := &sslconfigs.SSLCertConfig{}
-	err = json.Unmarshal(certResp.CertJSON, certConfig)
+	err = json.Unmarshal(certResp.SslCertJSON, certConfig)
 	if err != nil {
 		this.ErrorPage(err)
 		return

internal/web/actions/default/servers/certs/index.go

@@ -146,7 +146,7 @@ func (this *IndexAction) RunGet(params struct {
 	}
 
 	certConfigs := []*sslconfigs.SSLCertConfig{}
-	err = json.Unmarshal(listResp.CertsJSON, &certConfigs)
+	err = json.Unmarshal(listResp.SslCertsJSON, &certConfigs)
 	if err != nil {
 		this.ErrorPage(err)
 		return
@@ -156,7 +156,7 @@ func (this *IndexAction) RunGet(params struct {
 	certMaps := []maps.Map{}
 	nowTime := time.Now().Unix()
 	for _, certConfig := range certConfigs {
-		countServersResp, err := this.RPC().ServerRPC().CountAllEnabledServersWithSSLCertId(this.AdminContext(), &pb.CountAllEnabledServersWithSSLCertIdRequest{CertId: certConfig.Id})
+		countServersResp, err := this.RPC().ServerRPC().CountAllEnabledServersWithSSLCertId(this.AdminContext(), &pb.CountAllEnabledServersWithSSLCertIdRequest{SslCertId: certConfig.Id})
 		if err != nil {
 			this.ErrorPage(err)
 			return

internal/web/actions/default/servers/certs/selectPopup.go

@@ -55,7 +55,7 @@ func (this *SelectPopupAction) RunGet(params struct {
 	})
 
 	certConfigs := []*sslconfigs.SSLCertConfig{}
-	err = json.Unmarshal(listResp.CertsJSON, &certConfigs)
+	err = json.Unmarshal(listResp.SslCertsJSON, &certConfigs)
 	if err != nil {
 		this.ErrorPage(err)
 		return
@@ -65,7 +65,7 @@ func (this *SelectPopupAction) RunGet(params struct {
 	certMaps := []maps.Map{}
 	nowTime := time.Now().Unix()
 	for _, certConfig := range certConfigs {
-		countServersResp, err := this.RPC().ServerRPC().CountAllEnabledServersWithSSLCertId(this.AdminContext(), &pb.CountAllEnabledServersWithSSLCertIdRequest{CertId: certConfig.Id})
+		countServersResp, err := this.RPC().ServerRPC().CountAllEnabledServersWithSSLCertId(this.AdminContext(), &pb.CountAllEnabledServersWithSSLCertIdRequest{SslCertId: certConfig.Id})
 		if err != nil {
 			this.ErrorPage(err)
 			return

internal/web/actions/default/servers/certs/updatePopup.go

@@ -20,12 +20,12 @@ func (this *UpdatePopupAction) Init() {
 func (this *UpdatePopupAction) RunGet(params struct {
 	CertId int64
 }) {
-	certConfigResp, err := this.RPC().SSLCertRPC().FindEnabledSSLCertConfig(this.AdminContext(), &pb.FindEnabledSSLCertConfigRequest{CertId: params.CertId})
+	certConfigResp, err := this.RPC().SSLCertRPC().FindEnabledSSLCertConfig(this.AdminContext(), &pb.FindEnabledSSLCertConfigRequest{SslCertId: params.CertId})
 	if err != nil {
 		this.ErrorPage(err)
 		return
 	}
-	certConfigJSON := certConfigResp.CertJSON
+	certConfigJSON := certConfigResp.SslCertJSON
 	if len(certConfigJSON) == 0 {
 		this.NotFound("cert", params.CertId)
 		return
@@ -59,12 +59,12 @@ func (this *UpdatePopupAction) RunPost(params struct {
 	defer this.CreateLog(oplogs.LevelInfo, "修改SSL证书 %d", params.CertId)
 
 	// 查询Cert
-	certConfigResp, err := this.RPC().SSLCertRPC().FindEnabledSSLCertConfig(this.AdminContext(), &pb.FindEnabledSSLCertConfigRequest{CertId: params.CertId})
+	certConfigResp, err := this.RPC().SSLCertRPC().FindEnabledSSLCertConfig(this.AdminContext(), &pb.FindEnabledSSLCertConfigRequest{SslCertId: params.CertId})
 	if err != nil {
 		this.ErrorPage(err)
 		return
 	}
-	certConfigJSON := certConfigResp.CertJSON
+	certConfigJSON := certConfigResp.SslCertJSON
 	if len(certConfigJSON) == 0 {
 		this.NotFound("cert", params.CertId)
 		return
@@ -111,7 +111,7 @@ func (this *UpdatePopupAction) RunPost(params struct {
 
 	// 保存
 	_, err = this.RPC().SSLCertRPC().UpdateSSLCert(this.AdminContext(), &pb.UpdateSSLCertRequest{
-		CertId:      params.CertId,
+		SslCertId:   params.CertId,
 		IsOn:        params.IsOn,
 		Name:        params.Name,
 		Description: params.Description,

internal/web/actions/default/servers/certs/uploadPopup.go

@@ -94,14 +94,14 @@ func (this *UploadPopupAction) RunPost(params struct {
 	}
 
 	// 查询已创建的证书并返回，方便调用者进行后续处理
-	certId := createResp.CertId
+	certId := createResp.SslCertId
-	configResp, err := this.RPC().SSLCertRPC().FindEnabledSSLCertConfig(this.AdminContext(), &pb.FindEnabledSSLCertConfigRequest{CertId: certId})
+	configResp, err := this.RPC().SSLCertRPC().FindEnabledSSLCertConfig(this.AdminContext(), &pb.FindEnabledSSLCertConfigRequest{SslCertId: certId})
 	if err != nil {
 		this.ErrorPage(err)
 		return
 	}
 	certConfig := &sslconfigs.SSLCertConfig{}
-	err = json.Unmarshal(configResp.CertJSON, certConfig)
+	err = json.Unmarshal(configResp.SslCertJSON, certConfig)
 	if err != nil {
 		this.ErrorPage(err)
 		return

internal/web/actions/default/servers/certs/viewCert.go

@@ -18,19 +18,19 @@ func (this *ViewCertAction) Init() {
 func (this *ViewCertAction) RunGet(params struct {
 	CertId int64
 }) {
-	certResp, err := this.RPC().SSLCertRPC().FindEnabledSSLCertConfig(this.AdminContext(), &pb.FindEnabledSSLCertConfigRequest{CertId: params.CertId})
+	certResp, err := this.RPC().SSLCertRPC().FindEnabledSSLCertConfig(this.AdminContext(), &pb.FindEnabledSSLCertConfigRequest{SslCertId: params.CertId})
 	if err != nil {
 		this.ErrorPage(err)
 		return
 	}
 
-	if len(certResp.CertJSON) == 0 {
+	if len(certResp.SslCertJSON) == 0 {
 		this.NotFound("sslCert", params.CertId)
 		return
 	}
 
 	certConfig := &sslconfigs.SSLCertConfig{}
-	err = json.Unmarshal(certResp.CertJSON, certConfig)
+	err = json.Unmarshal(certResp.SslCertJSON, certConfig)
 	if err != nil {
 		this.ErrorPage(err)
 		return

internal/web/actions/default/servers/certs/viewKey.go

@@ -18,14 +18,14 @@ func (this *ViewKeyAction) Init() {
 func (this *ViewKeyAction) RunGet(params struct {
 	CertId int64
 }) {
-	certResp, err := this.RPC().SSLCertRPC().FindEnabledSSLCertConfig(this.AdminContext(), &pb.FindEnabledSSLCertConfigRequest{CertId: params.CertId})
+	certResp, err := this.RPC().SSLCertRPC().FindEnabledSSLCertConfig(this.AdminContext(), &pb.FindEnabledSSLCertConfigRequest{SslCertId: params.CertId})
 	if err != nil {
 		this.ErrorPage(err)
 		return
 	}
 
 	certConfig := &sslconfigs.SSLCertConfig{}
-	err = json.Unmarshal(certResp.CertJSON, certConfig)
+	err = json.Unmarshal(certResp.SslCertJSON, certConfig)
 	if err != nil {
 		this.ErrorPage(err)
 		return

internal/web/actions/default/servers/components/index.go

@@ -31,6 +31,10 @@ func (this *IndexAction) RunGet(params struct{}) {
 	}
 	valueJSON := valueJSONResp.ValueJSON
 	globalConfig := &serverconfigs.GlobalConfig{}
+
+	// 默认值
+	globalConfig.HTTPAll.DomainAuditingIsOn = true
+
 	if len(valueJSON) > 0 {
 		err = json.Unmarshal(valueJSON, globalConfig)
 		if err != nil {

internal/web/actions/default/servers/create.go

@@ -7,6 +7,7 @@ import (
 	"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
 	"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
 	"github.com/TeaOSLab/EdgeCommon/pkg/serverconfigs"
+	"github.com/TeaOSLab/EdgeCommon/pkg/serverconfigs/sslconfigs"
 	"github.com/iwind/TeaGo/actions"
 	"github.com/iwind/TeaGo/maps"
 )
@@ -53,6 +54,7 @@ func (this *CreateAction) RunPost(params struct {
 	ServerType  string
 	Addresses   string
 	ServerNames string
+	CertIdsJSON []byte
 	Origins     string
 
 	WebRoot string
@@ -152,7 +154,49 @@ func (this *CreateAction) RunPost(params struct {
 		this.Fail("请选择正确的服务类型")
 	}
 
-	// TODO 证书
+	// 证书
+	if len(params.CertIdsJSON) > 0 {
+		certIds := []int64{}
+		err := json.Unmarshal(params.CertIdsJSON, &certIds)
+		if err != nil {
+			this.ErrorPage(err)
+			return
+		}
+		if len(certIds) > 0 {
+			certRefs := []*sslconfigs.SSLCertRef{}
+			for _, certId := range certIds {
+				certRefs = append(certRefs, &sslconfigs.SSLCertRef{
+					IsOn:   true,
+					CertId: certId,
+				})
+			}
+			certRefsJSON, err := json.Marshal(certRefs)
+			if err != nil {
+				this.ErrorPage(err)
+				return
+			}
+
+			sslPolicyIdResp, err := this.RPC().SSLPolicyRPC().CreateSSLPolicy(this.AdminContext(), &pb.CreateSSLPolicyRequest{
+				Http2Enabled:      false,     // 默认值
+				MinVersion:        "TLS 1.1", // 默认值
+				SslCertsJSON:      certRefsJSON,
+				HstsJSON:          nil,
+				ClientAuthType:    0,
+				ClientCACertsJSON: nil,
+				CipherSuites:      nil,
+				CipherSuitesIsOn:  false,
+			})
+			if err != nil {
+				this.ErrorPage(err)
+				return
+			}
+			sslPolicyId := sslPolicyIdResp.SslPolicyId
+			httpsConfig.SSLPolicyRef = &sslconfigs.SSLPolicyRef{
+				IsOn:        true,
+				SSLPolicyId: sslPolicyId,
+			}
+		}
+	}
 
 	// 域名
 	if len(params.ServerNames) > 0 {

internal/web/actions/default/servers/server/settings/https/index.go

@@ -124,7 +124,7 @@ func (this *IndexAction) RunPost(params struct {
 				SslPolicyId:       sslPolicyId,
 				Http2Enabled:      sslPolicy.HTTP2Enabled,
 				MinVersion:        sslPolicy.MinVersion,
-				CertsJSON:         certsJSON,
+				SslCertsJSON:      certsJSON,
 				HstsJSON:          hstsJSON,
 				ClientAuthType:    types.Int32(sslPolicy.ClientAuthType),
 				ClientCACertsJSON: clientCACertsJSON,
@@ -139,7 +139,7 @@ func (this *IndexAction) RunPost(params struct {
 			resp, err := this.RPC().SSLPolicyRPC().CreateSSLPolicy(this.AdminContext(), &pb.CreateSSLPolicyRequest{
 				Http2Enabled:      sslPolicy.HTTP2Enabled,
 				MinVersion:        sslPolicy.MinVersion,
-				CertsJSON:         certsJSON,
+				SslCertsJSON:      certsJSON,
 				HstsJSON:          hstsJSON,
 				ClientAuthType:    types.Int32(sslPolicy.ClientAuthType),
 				ClientCACertsJSON: clientCACertsJSON,

internal/web/actions/default/servers/server/settings/https/requestCertPopup.go

@@ -150,13 +150,13 @@ func (this *RequestCertPopupAction) RunPost(params struct {
 	if runResp.IsOk {
 		certId := runResp.SslCertId
 
-		configResp, err := this.RPC().SSLCertRPC().FindEnabledSSLCertConfig(this.AdminContext(), &pb.FindEnabledSSLCertConfigRequest{CertId: certId})
+		configResp, err := this.RPC().SSLCertRPC().FindEnabledSSLCertConfig(this.AdminContext(), &pb.FindEnabledSSLCertConfigRequest{SslCertId: certId})
 		if err != nil {
 			this.ErrorPage(err)
 			return
 		}
 		certConfig := &sslconfigs.SSLCertConfig{}
-		err = json.Unmarshal(configResp.CertJSON, certConfig)
+		err = json.Unmarshal(configResp.SslCertJSON, certConfig)
 		if err != nil {
 			this.ErrorPage(err)
 			return

internal/web/actions/default/servers/server/settings/tls/index.go

@@ -126,7 +126,7 @@ func (this *IndexAction) RunPost(params struct {
 				SslPolicyId:       sslPolicyId,
 				Http2Enabled:      sslPolicy.HTTP2Enabled,
 				MinVersion:        sslPolicy.MinVersion,
-				CertsJSON:         certsJSON,
+				SslCertsJSON:      certsJSON,
 				HstsJSON:          hstsJSON,
 				ClientAuthType:    types.Int32(sslPolicy.ClientAuthType),
 				ClientCACertsJSON: clientCACertsJSON,
@@ -141,7 +141,7 @@ func (this *IndexAction) RunPost(params struct {
 			resp, err := this.RPC().SSLPolicyRPC().CreateSSLPolicy(this.AdminContext(), &pb.CreateSSLPolicyRequest{
 				Http2Enabled:      sslPolicy.HTTP2Enabled,
 				MinVersion:        sslPolicy.MinVersion,
-				CertsJSON:         certsJSON,
+				SslCertsJSON:      certsJSON,
 				HstsJSON:          hstsJSON,
 				ClientAuthType:    types.Int32(sslPolicy.ClientAuthType),
 				ClientCACertsJSON: clientCACertsJSON,

internal/web/actions/default/settings/server/updateHTTPSPopup.go

@@ -104,18 +104,18 @@ func (this *UpdateHTTPSPopupAction) RunPost(params struct {
 	// 保存证书到本地
 	if len(certIds) > 0 && certIds[0] != 0 {
 		certResp, err := this.RPC().SSLCertRPC().FindEnabledSSLCertConfig(this.AdminContext(), &pb.FindEnabledSSLCertConfigRequest{
-			CertId: certIds[0],
+			SslCertId: certIds[0],
 		})
 		if err != nil {
 			this.ErrorPage(err)
 			return
 		}
-		if len(certResp.CertJSON) == 0 {
+		if len(certResp.SslCertJSON) == 0 {
 			this.Fail("选择的证书已失效，请换一个")
 		}
 
 		certConfig := &sslconfigs.SSLCertConfig{}
-		err = json.Unmarshal(certResp.CertJSON, certConfig)
+		err = json.Unmarshal(certResp.SslCertJSON, certConfig)
 		if err != nil {
 			this.ErrorPage(err)
 			return

internal/web/actions/default/settings/user-nodes/node/createPopup.go

@@ -88,7 +88,7 @@ func (this *CreatePopupAction) RunPost(params struct {
 	// 创建策略
 	if len(certIds) > 0 {
 		sslPolicyCreateResp, err := this.RPC().SSLPolicyRPC().CreateSSLPolicy(this.AdminContext(), &pb.CreateSSLPolicyRequest{
-			CertsJSON: certRefsJSON,
+			SslCertsJSON: certRefsJSON,
 		})
 		if err != nil {
 			this.ErrorPage(err)

internal/web/actions/default/settings/user-nodes/node/update.go

@@ -174,7 +174,7 @@ func (this *UpdateAction) RunPost(params struct {
 	if sslPolicyId == 0 {
 		if len(certIds) > 0 {
 			sslPolicyCreateResp, err := this.RPC().SSLPolicyRPC().CreateSSLPolicy(this.AdminContext(), &pb.CreateSSLPolicyRequest{
-				CertsJSON: certRefsJSON,
+				SslCertsJSON: certRefsJSON,
 			})
 			if err != nil {
 				this.ErrorPage(err)
@@ -185,7 +185,7 @@ func (this *UpdateAction) RunPost(params struct {
 	} else {
 		_, err = this.RPC().SSLPolicyRPC().UpdateSSLPolicy(this.AdminContext(), &pb.UpdateSSLPolicyRequest{
 			SslPolicyId: sslPolicyId,
-			CertsJSON:   certRefsJSON,
+			SslCertsJSON:   certRefsJSON,
 		})
 		if err != nil {
 			this.ErrorPage(err)

web/public/js/components/common/time-duration-box.js

@@ -1,5 +1,8 @@
 Vue.component("time-duration-box", {
 	props: ["v-name", "v-value", "v-count", "v-unit"],
+	mounted: function () {
+		this.change()
+	},
 	data: function () {
 		let v = this.vValue
 		if (v == null) {
@@ -38,7 +41,7 @@ Vue.component("time-duration-box", {
 	template: `<div class="ui fields inline" style="padding-bottom: 0; margin-bottom: 0">
 	<input type="hidden" :name="vName" :value="JSON.stringify(duration)"/>
 	<div class="ui field">
-		<input type="text" v-model="countString" maxlength="11" size="11"/>
+		<input type="text" v-model="countString" maxlength="11" size="11" @keypress.enter.prevent="1"/>
 	</div>
 	<div class="ui field">
 		<select class="ui dropdown" v-model="duration.unit" @change="change">

web/public/js/components/server/http-cache-config-box.js

@@ -108,11 +108,11 @@ Vue.component("http-cache-config-box", {
 	</table>
 	
 	<div v-show="isOn()">
-		<table class="ui table selectable" v-show="cacheConfig.cacheRefs.length > 0">
+		<table class="ui table selectable celled" v-show="cacheConfig.cacheRefs.length > 0">
 			<thead>
 				<tr>
 					<th>条件</th>
-					<th>缓存时间</th>
+					<th class="width10">缓存时间</th>
 					<th class="two op">操作</th>
 				</tr>
 				<tr v-for="(cacheRef, index) in cacheConfig.cacheRefs">

web/public/js/components/server/reverse-proxy-box.js

@@ -59,7 +59,7 @@ Vue.component("reverse-proxy-box", {
 				</td>
 			</tr>
 			<tr>
-				<td>请求主机名<em>（Host）</em></td>
+				<td>回源主机名<em>（Host）</em></td>
 				<td>	
 					<radio :v-value="0" v-model="reverseProxyConfig.requestHostType">跟随代理服务</radio> &nbsp;
 					<radio :v-value="1" v-model="reverseProxyConfig.requestHostType">跟随源站</radio> &nbsp;

web/views/@default/@layout_override.css

@@ -31,4 +31,7 @@ table th.width5 {
 textarea::-webkit-scrollbar {
   width: 6px !important;
 }
+select.dropdown {
+  height: auto!important;
+}
 /*# sourceMappingURL=@layout_override.css.map */

web/views/@default/@layout_override.css.map

@@ -1 +1 @@
-{"version":3,"sources":["@layout_override.less"],"names":[],"mappings":"AACA,GAAG,OAAO,SAAU,MAAK,MAAM,QAAS,OAAM;AAAS,GAAG,OAAO,SAAU,MAAK,MAAM,QAAS,QAAO;EACrG,oCAAA;;AAGD,GAAG,OAAO,SAAU,MAAK,QAAS,OAAM;AAAS,GAAG,OAAO,SAAU,MAAK,QAAS,QAAO;EACzF,oCAAA;;AAGD,GAAG,MAAM;EACR,kCAAA;;AAID,IACC;EACC,2BAAA;;AAKF,KAAK;EACJ,sBAAA;;AAGD,KAAK,KAAK;EACT,yBAAA;;AAID,KACC,GAAE;AADH,KACY,GAAE;EACZ,6BAAA;;AAFF,KAKC,GAAE;EACD,WAAA;;AANF,KASC,GAAE;EACD,UAAA;;AAKF,QAAQ;EACP,qBAAA","file":"@layout_override.css"}
+{"version":3,"sources":["@layout_override.less"],"names":[],"mappings":"AACA,GAAG,OAAO,SAAU,MAAK,MAAM,QAAS,OAAM;AAAS,GAAG,OAAO,SAAU,MAAK,MAAM,QAAS,QAAO;EACrG,oCAAA;;AAGD,GAAG,OAAO,SAAU,MAAK,QAAS,OAAM;AAAS,GAAG,OAAO,SAAU,MAAK,QAAS,QAAO;EACzF,oCAAA;;AAGD,GAAG,MAAM;EACR,kCAAA;;AAID,IACC;EACC,2BAAA;;AAKF,KAAK;EACJ,sBAAA;;AAGD,KAAK,KAAK;EACT,yBAAA;;AAID,KACC,GAAE;AADH,KACY,GAAE;EACZ,6BAAA;;AAFF,KAKC,GAAE;EACD,WAAA;;AANF,KASC,GAAE;EACD,UAAA;;AAKF,QAAQ;EACP,qBAAA;;AAID,MAAM;EACL,sBAAA","file":"@layout_override.css"}

web/views/@default/@layout_override.less

@@ -46,3 +46,8 @@ table {
 textarea::-webkit-scrollbar {
 	width: 6px !important;
 }
+
+// dropdown
+select.dropdown {
+	height: auto!important;
+}

web/views/@default/servers/components/index.html

@@ -1,53 +1,83 @@
 {$layout}
 
-	<form method="post" class="ui form" data-tea-action="$" data-tea-success="success">
+<div class="ui tabular menu tiny">
-		<input type="hidden" name="globalConfigJSON" :value="JSON.stringify(globalConfig)"/>
+    <a href="" class="item" :class="{active: tab == 'domainMatch'}" @click.prevent="selectTab('domainMatch')">域名匹配配置</a>
-		<h4 style="margin-top:0.5em">域名相关配置</h4>
+    <a href="" class="item" :class="{active: tab == 'domainAuditing'}" @click.prevent="selectTab('domainAuditing')">域名审核配置</a>
-		<table class="ui table selectable definition">
+</div>
-			<tr>
-				<td class="title">是否严格匹配域名</td>
-				<td>
-					<checkbox name="matchDomainStrictly" v-model="globalConfig.httpAll.matchDomainStrictly"></checkbox>
-					<p class="comment">如果选择了严格匹配域名，找不到匹配的域名时会采取对应的动作。</p>
-				</td>
-			</tr>
-			<tr>
-				<td>默认域名</td>
-				<td>
-					<input type="text" name="defaultDomain" v-model="globalConfig.httpAll.defaultDomain" maxlength="100"/>
-					<p class="comment">当找不到匹配的域名时，自动使用此域名。</p>
-				</td>
-			</tr>
-			<tr>
-				<td>允许不匹配的域名</td>
-				<td>
-					<values-box :name="'allowMismatchDomains'" :values="globalConfig.httpAll.allowMismatchDomains" :size="40" :maxlength="100" :placeholder="'域名'"></values-box>
-					<p class="comment">允许这些域名即时不匹配也可以访问。</p>
-				</td>
-			</tr>
-			<tr>
-				<td class="color-border">域名不匹配时的动作</td>
-				<td>
-					<radio name="domainMismatchAction" :v-value="'close'" v-model="domainMismatchAction">断开连接</radio>
-					&nbsp; &nbsp;
-					<radio name="domainMismatchAction" :v-value="'page'" v-model="domainMismatchAction">显示提示页面</radio>
 
-					<p class="comment" v-if="domainMismatchAction == 'close'">当找不到要访问的域名时关闭客户端连接。</p>
+<form method="post" class="ui form" data-tea-action="$" data-tea-success="success">
-					<p class="comment" v-if="domainMismatchAction == 'page'">当找不到访问的域名时显示一个提示页面。</p>
+    <input type="hidden" name="globalConfigJSON" :value="JSON.stringify(globalConfig)"/>
-				</td>
+
-			</tr>
+    <!-- 域名相关配置 -->
-			<tr v-if="domainMismatchAction == 'page'">
+    <div v-show="tab == 'domainMatch'">
-				<td class="color-border">响应代码</td>
+        <table class="ui table selectable definition">
-				<td>
+            <tr>
-					<input type="text" name="domainMismatchActionPageStatusCode" v-model="domainMismatchActionPageOptions.statusCode" style="width:4em" maxlength="3"/>
+                <td class="title">是否严格匹配域名</td>
-				</td>
+                <td>
-			</tr>
+                    <checkbox name="matchDomainStrictly" v-model="globalConfig.httpAll.matchDomainStrictly"></checkbox>
-			<tr v-if="domainMismatchAction == 'page'">
+                    <p class="comment">如果选择了严格匹配域名，找不到匹配的域名时会采取对应的动作。</p>
-				<td class="color-border">域名不匹配时的动作页面</td>
+                </td>
-				<td>
+            </tr>
-					<textarea name="domainMismatchActionPageContentHTML" v-model="domainMismatchActionPageOptions.contentHTML" rows="3"></textarea>
+            <tr>
-				</td>
+                <td>默认域名</td>
-			</tr>
+                <td>
-		</table>
+                    <input type="text" name="defaultDomain" v-model="globalConfig.httpAll.defaultDomain" maxlength="100"/>
-		<submit-btn>保存</submit-btn>
+                    <p class="comment">当找不到匹配的域名时，自动使用此域名。</p>
-	</form>
+                </td>
+            </tr>
+            <tr>
+                <td>允许不匹配的域名</td>
+                <td>
+                    <values-box :name="'allowMismatchDomains'" :values="globalConfig.httpAll.allowMismatchDomains" :size="40" :maxlength="100" :placeholder="'域名'"></values-box>
+                    <p class="comment">允许这些域名即时不匹配也可以访问。</p>
+                </td>
+            </tr>
+            <tr>
+                <td class="color-border">域名不匹配时的动作</td>
+                <td>
+                    <radio name="domainMismatchAction" :v-value="'close'" v-model="domainMismatchAction">断开连接</radio>
+                    &nbsp; &nbsp;
+                    <radio name="domainMismatchAction" :v-value="'page'" v-model="domainMismatchAction">显示提示页面</radio>
+
+                    <p class="comment" v-if="domainMismatchAction == 'close'">当找不到要访问的域名时关闭客户端连接。</p>
+                    <p class="comment" v-if="domainMismatchAction == 'page'">当找不到访问的域名时显示一个提示页面。</p>
+                </td>
+            </tr>
+            <tr v-if="domainMismatchAction == 'page'">
+                <td class="color-border">响应代码</td>
+                <td>
+                    <input type="text" name="domainMismatchActionPageStatusCode" v-model="domainMismatchActionPageOptions.statusCode" style="width:4em" maxlength="3"/>
+                </td>
+            </tr>
+            <tr v-if="domainMismatchAction == 'page'">
+                <td class="color-border">域名不匹配时的动作页面</td>
+                <td>
+                    <textarea name="domainMismatchActionPageContentHTML" v-model="domainMismatchActionPageOptions.contentHTML" rows="3"></textarea>
+                </td>
+            </tr>
+        </table>
+    </div>
+
+    <!-- 域名审核相关配置 -->
+    <div v-show="tab == 'domainAuditing'">
+        <table class="ui table definition selectable">
+            <tr>
+                <td class="title">域名变更时是否需要审核</td>
+                <td>
+                    <checkbox v-model="globalConfig.httpAll.domainAuditingIsOn"></checkbox>
+                    <p class="comment">选中后，用户在修改域名时需要管理员审核通过才能生效。</p>
+                </td>
+            </tr>
+            <tr v-show="globalConfig.httpAll.domainAuditingIsOn">
+                <td>审核提示</td>
+                <td>
+                    <input type="text" v-model="globalConfig.httpAll.domainAuditingPrompt" maxlength="200"/>
+                    <p class="comment">提示用户需要审核的文字说明。</p>
+                </td>
+            </tr>
+        </table>
+    </div>
+
+    <div class="margin"></div>
+    <submit-btn>保存</submit-btn>
+</form>

web/views/@default/servers/components/index.js

@@ -1,5 +1,13 @@
 Tea.context(function () {
-	this.success = NotifyReloadSuccess("保存成功")
+	this.tab = "domainMatch"
+
+	this.selectTab = function (tab) {
+		this.tab = tab
+	}
+
+	this.success = function () {
+		teaweb.success("保存成功")
+	}
 
 	/**
 	 * 域名不匹配动作

web/views/@default/servers/create.html

@@ -34,21 +34,7 @@
 			</td>
 		</tr>
 
-		<!-- 证书 -->
+
-		<tbody v-if="tlsProtocolName.length > 0">
-			<tr>
-				<td>{{tlsProtocolName}}证书</td>
-				<td>
-					<input type="file" name="tlsCertFile"/>
-				</td>
-			</tr>
-			<tr>
-				<td>{{tlsProtocolName}}密钥</td>
-				<td>
-					<input type="file" name="tlsKeyFile"/>
-				</td>
-			</tr>
-		</tbody>
 
 		<!-- 域名 -->
 		<tr v-if="serverType == 'httpProxy' || serverType == 'httpWeb'">
@@ -58,6 +44,16 @@
 			</td>
 		</tr>
 
+        <!-- 证书 -->
+        <tbody v-if="tlsProtocolName.length > 0">
+            <tr>
+                <td>{{tlsProtocolName}}证书</td>
+                <td>
+                    <ssl-certs-box></ssl-certs-box>
+                </td>
+            </tr>
+        </tbody>
+
 		<!-- 源服务器地址 -->
 		<tr v-if="serverType == 'httpProxy' || serverType == 'tcpProxy' || serverType == 'udpProxy'">
 			<td>源站地址</td>

web/views/@default/servers/server/delete/index.html

@@ -2,5 +2,7 @@
 {$template "/left_menu"}
 
 <div class="right-box">
-	<button class="ui button red" type="button" @click.prevent="deleteServer(serverId)">删除当前服务</button>
+    <div style="width:20em">
+        <button class="ui button red large fluid" type="button" @click.prevent="deleteServer(serverId)">删除当前服务</button>
+    </div>
 </div>