2020-09-26 08:07:24 +08:00
|
|
|
package nodeconfigs
|
|
|
|
|
|
|
|
|
|
import (
|
|
|
|
|
"encoding/json"
|
2020-10-10 19:22:22 +08:00
|
|
|
"fmt"
|
2020-09-26 08:07:24 +08:00
|
|
|
"github.com/TeaOSLab/EdgeCommon/pkg/serverconfigs"
|
2020-10-08 15:06:56 +08:00
|
|
|
"github.com/TeaOSLab/EdgeCommon/pkg/serverconfigs/firewallconfigs"
|
2020-09-26 08:07:24 +08:00
|
|
|
"github.com/TeaOSLab/EdgeCommon/pkg/serverconfigs/shared"
|
|
|
|
|
"github.com/iwind/TeaGo/Tea"
|
2021-01-26 20:29:19 +08:00
|
|
|
"github.com/iwind/TeaGo/logs"
|
2021-01-11 18:16:22 +08:00
|
|
|
"github.com/iwind/TeaGo/maps"
|
2020-09-26 08:07:24 +08:00
|
|
|
"io/ioutil"
|
2021-01-26 20:29:19 +08:00
|
|
|
"strconv"
|
2020-09-26 08:07:24 +08:00
|
|
|
)
|
|
|
|
|
|
|
|
|
|
var sharedNodeConfig *NodeConfig = nil
|
|
|
|
|
|
2021-05-12 21:38:02 +08:00
|
|
|
// NodeConfig 边缘节点配置
|
2020-09-26 08:07:24 +08:00
|
|
|
type NodeConfig struct {
|
2021-05-12 21:38:02 +08:00
|
|
|
Id int64 `yaml:"id" json:"id"`
|
|
|
|
|
NodeId string `yaml:"nodeId" json:"nodeId"`
|
2021-07-18 16:26:45 +08:00
|
|
|
Secret string `yaml:"secret" json:"secret"`
|
2021-05-12 21:38:02 +08:00
|
|
|
IsOn bool `yaml:"isOn" json:"isOn"`
|
|
|
|
|
Servers []*serverconfigs.ServerConfig `yaml:"servers" json:"servers"`
|
|
|
|
|
Version int64 `yaml:"version" json:"version"`
|
|
|
|
|
Name string `yaml:"name" json:"name"`
|
|
|
|
|
MaxCPU int32 `yaml:"maxCPU" json:"maxCPU"`
|
|
|
|
|
RegionId int64 `yaml:"regionId" json:"regionId"`
|
|
|
|
|
MaxCacheDiskCapacity *shared.SizeCapacity `yaml:"maxCacheDiskCapacity" json:"maxCacheDiskCapacity"`
|
|
|
|
|
MaxCacheMemoryCapacity *shared.SizeCapacity `yaml:"maxCacheMemoryCapacity" json:"maxCacheMemoryCapacity"`
|
2020-09-26 08:07:24 +08:00
|
|
|
|
|
|
|
|
// 全局配置
|
|
|
|
|
GlobalConfig *serverconfigs.GlobalConfig `yaml:"globalConfig" json:"globalConfig"` // 全局配置
|
2020-10-05 16:54:21 +08:00
|
|
|
|
2020-12-17 17:36:01 +08:00
|
|
|
// 集群统一配置
|
2021-08-01 14:52:10 +08:00
|
|
|
HTTPFirewallPolicies []*firewallconfigs.HTTPFirewallPolicy `yaml:"httpFirewallPolicies" json:"httpFirewallPolicies"`
|
|
|
|
|
HTTPCachePolicies []*serverconfigs.HTTPCachePolicy `yaml:"httpCachePolicies" json:"httpCachePolicies"`
|
|
|
|
|
TOA *TOAConfig `yaml:"toa" json:"toa"`
|
|
|
|
|
SystemServices map[string]maps.Map `yaml:"systemServices" json:"systemServices"` // 系统服务配置 type => params
|
|
|
|
|
FirewallActions []*firewallconfigs.FirewallActionConfig `yaml:"firewallActions" json:"firewallActions"`
|
2020-12-02 14:26:17 +08:00
|
|
|
|
2021-06-27 22:00:02 +08:00
|
|
|
MetricItems []*serverconfigs.MetricItemConfig `yaml:"metricItems" json:"metricItems"`
|
|
|
|
|
|
2020-12-17 17:36:01 +08:00
|
|
|
paddedId string
|
2021-01-18 20:41:37 +08:00
|
|
|
|
2021-06-30 20:50:17 +08:00
|
|
|
// firewall
|
2021-01-18 20:41:37 +08:00
|
|
|
firewallPolicies []*firewallconfigs.HTTPFirewallPolicy
|
2021-06-30 20:50:17 +08:00
|
|
|
|
|
|
|
|
// metrics
|
|
|
|
|
hasHTTPConnectionMetrics bool
|
2021-08-01 21:56:15 +08:00
|
|
|
|
|
|
|
|
// 源站集合
|
|
|
|
|
originMap map[int64]*serverconfigs.OriginConfig
|
2020-09-26 08:07:24 +08:00
|
|
|
}
|
|
|
|
|
|
2021-05-12 21:38:02 +08:00
|
|
|
// SharedNodeConfig 取得当前节点配置单例
|
2020-09-26 08:07:24 +08:00
|
|
|
func SharedNodeConfig() (*NodeConfig, error) {
|
|
|
|
|
shared.Locker.Lock()
|
|
|
|
|
defer shared.Locker.Unlock()
|
|
|
|
|
|
|
|
|
|
if sharedNodeConfig != nil {
|
|
|
|
|
return sharedNodeConfig, nil
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
data, err := ioutil.ReadFile(Tea.ConfigFile("node.json"))
|
|
|
|
|
if err != nil {
|
|
|
|
|
return &NodeConfig{}, err
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
config := &NodeConfig{}
|
|
|
|
|
err = json.Unmarshal(data, &config)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return &NodeConfig{}, err
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
sharedNodeConfig = config
|
|
|
|
|
return config, nil
|
|
|
|
|
}
|
|
|
|
|
|
2021-05-12 21:38:02 +08:00
|
|
|
// ResetNodeConfig 重置节点配置
|
2020-09-26 08:07:24 +08:00
|
|
|
func ResetNodeConfig(nodeConfig *NodeConfig) {
|
|
|
|
|
shared.Locker.Lock()
|
|
|
|
|
sharedNodeConfig = nodeConfig
|
|
|
|
|
shared.Locker.Unlock()
|
|
|
|
|
}
|
|
|
|
|
|
2021-05-12 21:38:02 +08:00
|
|
|
// Init 初始化
|
2020-10-05 16:54:21 +08:00
|
|
|
func (this *NodeConfig) Init() error {
|
2020-10-10 19:22:22 +08:00
|
|
|
this.paddedId = fmt.Sprintf("%08d", this.Id)
|
|
|
|
|
|
2020-10-05 16:54:21 +08:00
|
|
|
// servers
|
|
|
|
|
for _, server := range this.Servers {
|
|
|
|
|
err := server.Init()
|
|
|
|
|
if err != nil {
|
2021-01-26 20:29:19 +08:00
|
|
|
// 这里不返回错误,而是继续往下,防止单个服务错误而影响其他服务
|
|
|
|
|
logs.Println("[INIT]server '" + strconv.FormatInt(server.Id, 10) + "' init failed: " + err.Error())
|
2020-10-05 16:54:21 +08:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// global config
|
|
|
|
|
if this.GlobalConfig != nil {
|
|
|
|
|
err := this.GlobalConfig.Init()
|
|
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2020-12-17 17:36:01 +08:00
|
|
|
// cache policy
|
2021-08-01 14:52:10 +08:00
|
|
|
if len(this.HTTPCachePolicies) > 0 {
|
|
|
|
|
for _, policy := range this.HTTPCachePolicies {
|
|
|
|
|
err := policy.Init()
|
|
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
2020-10-08 15:06:56 +08:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2020-12-17 17:36:01 +08:00
|
|
|
// firewall policy
|
2021-08-01 14:52:10 +08:00
|
|
|
if len(this.HTTPFirewallPolicies) > 0 {
|
|
|
|
|
for _, policy := range this.HTTPFirewallPolicies {
|
|
|
|
|
err := policy.Init()
|
|
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
2020-10-05 16:54:21 +08:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2020-12-02 14:26:17 +08:00
|
|
|
// TOA
|
|
|
|
|
if this.TOA != nil {
|
|
|
|
|
err := this.TOA.Init()
|
|
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2021-08-01 21:56:15 +08:00
|
|
|
// 源站
|
|
|
|
|
this.originMap = map[int64]*serverconfigs.OriginConfig{}
|
|
|
|
|
|
2021-01-18 20:41:37 +08:00
|
|
|
// 查找FirewallPolicy
|
|
|
|
|
this.firewallPolicies = []*firewallconfigs.HTTPFirewallPolicy{}
|
2021-08-01 14:52:10 +08:00
|
|
|
for _, policy := range this.HTTPFirewallPolicies {
|
|
|
|
|
if policy.IsOn {
|
|
|
|
|
this.firewallPolicies = append(this.firewallPolicies, policy)
|
|
|
|
|
}
|
2021-01-18 20:41:37 +08:00
|
|
|
}
|
|
|
|
|
for _, server := range this.Servers {
|
2021-01-26 20:29:19 +08:00
|
|
|
if !server.IsOk() || !server.IsOn {
|
|
|
|
|
continue
|
|
|
|
|
}
|
2021-08-01 14:52:10 +08:00
|
|
|
|
|
|
|
|
// WAF策略
|
|
|
|
|
if server.HTTPFirewallPolicyId > 0 {
|
|
|
|
|
for _, policy := range this.HTTPFirewallPolicies {
|
|
|
|
|
if server.HTTPFirewallPolicyId == policy.Id {
|
|
|
|
|
server.HTTPFirewallPolicy = policy
|
|
|
|
|
break
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// 缓存策略
|
|
|
|
|
if server.HTTPCachePolicyId > 0 {
|
|
|
|
|
for _, policy := range this.HTTPCachePolicies {
|
|
|
|
|
if server.HTTPCachePolicyId == policy.Id {
|
|
|
|
|
server.HTTPCachePolicy = policy
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2021-08-01 21:56:15 +08:00
|
|
|
// 源站
|
|
|
|
|
if server.ReverseProxyRef != nil && server.ReverseProxyRef.IsOn && server.ReverseProxy != nil && server.ReverseProxy.IsOn {
|
|
|
|
|
for _, origin := range server.ReverseProxy.PrimaryOrigins {
|
|
|
|
|
if origin.IsOn {
|
|
|
|
|
this.originMap[origin.Id] = origin
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
for _, origin := range server.ReverseProxy.BackupOrigins {
|
|
|
|
|
if origin.IsOn {
|
|
|
|
|
this.originMap[origin.Id] = origin
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2021-01-18 20:41:37 +08:00
|
|
|
if server.Web != nil {
|
2021-08-01 14:52:10 +08:00
|
|
|
this.lookupWeb(server, server.Web)
|
2021-01-18 20:41:37 +08:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2021-02-06 17:37:27 +08:00
|
|
|
// firewall actions
|
|
|
|
|
for _, action := range this.FirewallActions {
|
|
|
|
|
err := action.Init()
|
|
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2021-06-27 22:00:02 +08:00
|
|
|
// metric items
|
2021-06-30 20:50:17 +08:00
|
|
|
this.hasHTTPConnectionMetrics = false
|
2021-06-27 22:00:02 +08:00
|
|
|
for _, item := range this.MetricItems {
|
|
|
|
|
err := item.Init()
|
|
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
2021-06-30 20:50:17 +08:00
|
|
|
if item.IsOn && item.HasHTTPConnectionValue() {
|
|
|
|
|
this.hasHTTPConnectionMetrics = true
|
|
|
|
|
}
|
2021-06-27 22:00:02 +08:00
|
|
|
}
|
|
|
|
|
|
2020-10-05 16:54:21 +08:00
|
|
|
return nil
|
|
|
|
|
}
|
|
|
|
|
|
2021-05-12 21:38:02 +08:00
|
|
|
// AvailableGroups 根据网络地址和协议分组
|
2021-09-22 19:39:55 +08:00
|
|
|
func (this *NodeConfig) AvailableGroups() []*serverconfigs.ServerAddressGroup {
|
|
|
|
|
groupMapping := map[string]*serverconfigs.ServerAddressGroup{} // protocol://addr => Server Group
|
2020-09-26 08:07:24 +08:00
|
|
|
for _, server := range this.Servers {
|
2021-01-26 20:29:19 +08:00
|
|
|
if !server.IsOk() || !server.IsOn {
|
2020-09-26 08:07:24 +08:00
|
|
|
continue
|
|
|
|
|
}
|
|
|
|
|
for _, addr := range server.FullAddresses() {
|
|
|
|
|
group, ok := groupMapping[addr]
|
|
|
|
|
if ok {
|
|
|
|
|
group.Add(server)
|
|
|
|
|
} else {
|
2021-09-22 19:39:55 +08:00
|
|
|
group = serverconfigs.NewServerAddressGroup(addr)
|
2020-09-26 08:07:24 +08:00
|
|
|
group.Add(server)
|
|
|
|
|
}
|
|
|
|
|
groupMapping[addr] = group
|
|
|
|
|
}
|
|
|
|
|
}
|
2021-09-22 19:39:55 +08:00
|
|
|
result := []*serverconfigs.ServerAddressGroup{}
|
2020-09-26 08:07:24 +08:00
|
|
|
for _, group := range groupMapping {
|
|
|
|
|
result = append(result, group)
|
|
|
|
|
}
|
|
|
|
|
return result
|
|
|
|
|
}
|
|
|
|
|
|
2021-05-12 21:38:02 +08:00
|
|
|
// FindAllFirewallPolicies 获取所有的防火墙策略
|
2021-01-18 20:41:37 +08:00
|
|
|
func (this *NodeConfig) FindAllFirewallPolicies() []*firewallconfigs.HTTPFirewallPolicy {
|
|
|
|
|
return this.firewallPolicies
|
|
|
|
|
}
|
|
|
|
|
|
2021-05-12 21:38:02 +08:00
|
|
|
// Save 写入到文件
|
2020-09-26 08:07:24 +08:00
|
|
|
func (this *NodeConfig) Save() error {
|
|
|
|
|
shared.Locker.Lock()
|
|
|
|
|
defer shared.Locker.Unlock()
|
|
|
|
|
|
|
|
|
|
data, err := json.Marshal(this)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return ioutil.WriteFile(Tea.ConfigFile("node.json"), data, 0777)
|
|
|
|
|
}
|
2020-10-05 16:54:21 +08:00
|
|
|
|
2021-05-12 21:38:02 +08:00
|
|
|
// PaddedId 获取填充后的ID
|
2020-10-10 19:22:22 +08:00
|
|
|
func (this *NodeConfig) PaddedId() string {
|
|
|
|
|
return this.paddedId
|
|
|
|
|
}
|
2021-01-18 20:41:37 +08:00
|
|
|
|
2021-06-30 20:50:17 +08:00
|
|
|
// HasHTTPConnectionMetrics 是否含有HTTP连接数的指标
|
|
|
|
|
func (this *NodeConfig) HasHTTPConnectionMetrics() bool {
|
|
|
|
|
return this.hasHTTPConnectionMetrics
|
|
|
|
|
}
|
|
|
|
|
|
2021-08-01 21:56:15 +08:00
|
|
|
// FindOrigin 读取源站配置
|
|
|
|
|
func (this *NodeConfig) FindOrigin(originId int64) *serverconfigs.OriginConfig {
|
|
|
|
|
if this.originMap == nil {
|
|
|
|
|
return nil
|
|
|
|
|
}
|
|
|
|
|
config, ok := this.originMap[originId]
|
|
|
|
|
if ok {
|
|
|
|
|
return config
|
|
|
|
|
}
|
|
|
|
|
return nil
|
|
|
|
|
}
|
|
|
|
|
|
2021-01-18 20:41:37 +08:00
|
|
|
// 搜索WAF策略
|
2021-08-01 14:52:10 +08:00
|
|
|
func (this *NodeConfig) lookupWeb(server *serverconfigs.ServerConfig, web *serverconfigs.HTTPWebConfig) {
|
2021-01-18 20:41:37 +08:00
|
|
|
if web == nil || !web.IsOn {
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
if web.FirewallPolicy != nil && web.FirewallPolicy.IsOn {
|
2021-01-26 10:30:35 +08:00
|
|
|
// 复用节点的拦截选项设置
|
2021-08-01 14:52:10 +08:00
|
|
|
if web.FirewallPolicy.BlockOptions == nil && server.HTTPFirewallPolicy != nil && server.HTTPFirewallPolicy.BlockOptions != nil {
|
|
|
|
|
web.FirewallPolicy.BlockOptions = server.HTTPFirewallPolicy.BlockOptions
|
2021-01-26 10:30:35 +08:00
|
|
|
}
|
2021-01-18 20:41:37 +08:00
|
|
|
this.firewallPolicies = append(this.firewallPolicies, web.FirewallPolicy)
|
|
|
|
|
}
|
|
|
|
|
if len(web.Locations) > 0 {
|
|
|
|
|
for _, location := range web.Locations {
|
2021-08-01 21:56:15 +08:00
|
|
|
// 源站
|
|
|
|
|
if location.IsOn && location.ReverseProxyRef != nil && location.ReverseProxyRef.IsOn && location.ReverseProxy != nil && location.ReverseProxy.IsOn {
|
|
|
|
|
for _, origin := range location.ReverseProxy.PrimaryOrigins {
|
|
|
|
|
if origin.IsOn {
|
|
|
|
|
this.originMap[origin.Id] = origin
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
for _, origin := range location.ReverseProxy.BackupOrigins {
|
|
|
|
|
if origin.IsOn {
|
|
|
|
|
this.originMap[origin.Id] = origin
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Web
|
2021-01-18 20:41:37 +08:00
|
|
|
if location.Web != nil && location.Web.IsOn {
|
2021-08-01 14:52:10 +08:00
|
|
|
this.lookupWeb(server, location.Web)
|
2021-01-18 20:41:37 +08:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
