2020-09-26 08:07:24 +08:00
|
|
|
|
package nodeconfigs
|
|
|
|
|
|
|
|
|
|
|
|
import (
|
2023-03-02 10:28:15 +08:00
|
|
|
|
"bytes"
|
2023-03-18 22:15:13 +08:00
|
|
|
|
"context"
|
2022-04-04 16:42:11 +08:00
|
|
|
|
"crypto/sha256"
|
2023-03-02 10:28:15 +08:00
|
|
|
|
"encoding/base64"
|
2020-09-26 08:07:24 +08:00
|
|
|
|
"encoding/json"
|
2022-01-19 22:15:52 +08:00
|
|
|
|
"errors"
|
2020-10-10 19:22:22 +08:00
|
|
|
|
"fmt"
|
2023-03-02 10:28:15 +08:00
|
|
|
|
"github.com/TeaOSLab/EdgeCommon/pkg/nodeutils"
|
2020-09-26 08:07:24 +08:00
|
|
|
|
"github.com/TeaOSLab/EdgeCommon/pkg/serverconfigs"
|
2022-05-18 21:02:58 +08:00
|
|
|
|
"github.com/TeaOSLab/EdgeCommon/pkg/serverconfigs/ddosconfigs"
|
2020-10-08 15:06:56 +08:00
|
|
|
|
"github.com/TeaOSLab/EdgeCommon/pkg/serverconfigs/firewallconfigs"
|
2020-09-26 08:07:24 +08:00
|
|
|
|
"github.com/TeaOSLab/EdgeCommon/pkg/serverconfigs/shared"
|
|
|
|
|
|
"github.com/iwind/TeaGo/Tea"
|
2023-06-01 17:48:01 +08:00
|
|
|
|
"github.com/iwind/TeaGo/lists"
|
2021-01-11 18:16:22 +08:00
|
|
|
|
"github.com/iwind/TeaGo/maps"
|
2022-08-04 11:52:28 +08:00
|
|
|
|
"os"
|
2022-01-19 22:15:52 +08:00
|
|
|
|
"reflect"
|
2021-01-26 20:29:19 +08:00
|
|
|
|
"strconv"
|
2023-03-02 10:28:15 +08:00
|
|
|
|
"strings"
|
2023-04-03 15:59:45 +08:00
|
|
|
|
"sync"
|
2020-09-26 08:07:24 +08:00
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
|
|
var sharedNodeConfig *NodeConfig = nil
|
2023-04-03 15:59:45 +08:00
|
|
|
|
var uamPolicyLocker = &sync.RWMutex{}
|
2023-05-23 19:16:09 +08:00
|
|
|
|
var httpCCPolicyLocker = &sync.RWMutex{}
|
2023-06-01 17:48:01 +08:00
|
|
|
|
var http3PolicyLocker = &sync.RWMutex{}
|
2023-05-22 17:30:08 +08:00
|
|
|
|
var httpPagesPolicyLocker = &sync.RWMutex{}
|
2023-12-11 11:08:48 +08:00
|
|
|
|
var webPPolicyLocker = &sync.RWMutex{}
|
2024-01-11 15:22:37 +08:00
|
|
|
|
var plansLocker = &sync.RWMutex{}
|
2020-09-26 08:07:24 +08:00
|
|
|
|
|
2021-12-01 15:51:05 +08:00
|
|
|
|
type ServerError struct {
|
|
|
|
|
|
Id int64
|
|
|
|
|
|
Message string
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
func NewServerError(serverId int64, message string) *ServerError {
|
|
|
|
|
|
return &ServerError{Id: serverId, Message: message}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2021-05-12 21:38:02 +08:00
|
|
|
|
// NodeConfig 边缘节点配置
|
2020-09-26 08:07:24 +08:00
|
|
|
|
type NodeConfig struct {
|
2023-04-06 20:49:47 +08:00
|
|
|
|
Id int64 `yaml:"id" json:"id"`
|
|
|
|
|
|
Edition string `yaml:"edition" json:"edition"`
|
|
|
|
|
|
NodeId string `yaml:"nodeId" json:"nodeId"`
|
|
|
|
|
|
Secret string `yaml:"secret" json:"secret"`
|
|
|
|
|
|
IsOn bool `yaml:"isOn" json:"isOn"`
|
|
|
|
|
|
Servers []*serverconfigs.ServerConfig `yaml:"servers" json:"servers"`
|
|
|
|
|
|
SupportCNAME bool `yaml:"supportCNAME" json:"supportCNAME"`
|
|
|
|
|
|
Version int64 `yaml:"version" json:"version"`
|
|
|
|
|
|
Name string `yaml:"name" json:"name"`
|
|
|
|
|
|
GroupId int64 `yaml:"groupId" json:"groupId"`
|
|
|
|
|
|
RegionId int64 `yaml:"regionId" json:"regionId"`
|
|
|
|
|
|
OCSPVersion int64 `yaml:"ocspVersion" json:"ocspVersion"`
|
|
|
|
|
|
DataMap *shared.DataMap `yaml:"dataMap" json:"dataMap"`
|
|
|
|
|
|
UpdatingServerListId int64 `yaml:"updatingServerListId" json:"updatingServerListId"`
|
2022-03-18 17:04:53 +08:00
|
|
|
|
|
|
|
|
|
|
// 性能
|
2022-11-21 19:55:09 +08:00
|
|
|
|
MaxCPU int32 `yaml:"maxCPU" json:"maxCPU"`
|
|
|
|
|
|
APINodeAddrs []*serverconfigs.NetworkAddressConfig `yaml:"apiNodeAddrs" json:"apiNodeAddrs"`
|
2022-11-15 20:35:39 +08:00
|
|
|
|
|
|
|
|
|
|
CacheDiskDir string `yaml:"cacheDiskDir" json:"cacheDiskDir"` // 文件缓存目录
|
|
|
|
|
|
MaxCacheDiskCapacity *shared.SizeCapacity `yaml:"maxCacheDiskCapacity" json:"maxCacheDiskCapacity"` // 文件缓存容量
|
|
|
|
|
|
|
|
|
|
|
|
CacheDiskSubDirs []*serverconfigs.CacheDir `yaml:"cacheDiskSubDirs" json:"cacheDiskSubDirs"` // 其余缓存目录
|
|
|
|
|
|
|
2022-05-18 21:02:58 +08:00
|
|
|
|
MaxCacheMemoryCapacity *shared.SizeCapacity `yaml:"maxCacheMemoryCapacity" json:"maxCacheMemoryCapacity"` // 内容缓存容量
|
|
|
|
|
|
MaxThreads int `yaml:"maxThreads" json:"maxThreads"` // 最大线程数
|
2022-10-26 10:42:02 +08:00
|
|
|
|
DDoSProtection *ddosconfigs.ProtectionConfig `yaml:"ddosProtection" json:"ddosProtection"` // DDoS防护
|
|
|
|
|
|
EnableIPLists bool `yaml:"enableIPLists" json:"enableIPLists"` // 启用IP名单
|
2020-09-26 08:07:24 +08:00
|
|
|
|
|
2022-04-04 16:42:11 +08:00
|
|
|
|
// 级别
|
|
|
|
|
|
Level int32 `yaml:"level" json:"level"`
|
|
|
|
|
|
ParentNodes map[int64][]*ParentNodeConfig `yaml:"parentNodes" json:"parentNodes"` // clusterId => []*ParentNodeConfig
|
|
|
|
|
|
|
2020-09-26 08:07:24 +08:00
|
|
|
|
// 全局配置
|
2022-09-16 18:41:10 +08:00
|
|
|
|
GlobalServerConfig *serverconfigs.GlobalServerConfig `yaml:"globalServerConfig" json:"globalServerConfig"` // 服务全局配置,用来替代 GlobalConfig
|
|
|
|
|
|
ProductConfig *ProductConfig `yaml:"productConfig" json:"productConfig"`
|
2020-10-05 16:54:21 +08:00
|
|
|
|
|
2020-12-17 17:36:01 +08:00
|
|
|
|
// 集群统一配置
|
2021-08-01 14:52:10 +08:00
|
|
|
|
HTTPFirewallPolicies []*firewallconfigs.HTTPFirewallPolicy `yaml:"httpFirewallPolicies" json:"httpFirewallPolicies"`
|
|
|
|
|
|
HTTPCachePolicies []*serverconfigs.HTTPCachePolicy `yaml:"httpCachePolicies" json:"httpCachePolicies"`
|
|
|
|
|
|
TOA *TOAConfig `yaml:"toa" json:"toa"`
|
2022-09-18 09:26:01 +08:00
|
|
|
|
SystemServices map[string]maps.Map `yaml:"systemServices" json:"systemServices"` // 系统服务配置 type => params
|
|
|
|
|
|
FirewallActions []*firewallconfigs.FirewallActionConfig `yaml:"firewallActions" json:"firewallActions"` // 防火墙动作
|
|
|
|
|
|
TimeZone string `yaml:"timeZone" json:"timeZone"` // 自动设置时区
|
|
|
|
|
|
AutoOpenPorts bool `yaml:"autoOpenPorts" json:"autoOpenPorts"` // 自动开放所需端口
|
|
|
|
|
|
Clock *ClockConfig `yaml:"clock" json:"clock"` // 时钟配置
|
|
|
|
|
|
AutoInstallNftables bool `yaml:"autoInstallNftables" json:"autoInstallNftables"` // 自动安装nftables
|
2023-10-08 16:01:21 +08:00
|
|
|
|
AutoSystemTuning bool `yaml:"autoSystemTuning" json:"autoSystemTuning"` // 自动调整系统参数
|
2024-04-04 17:05:09 +08:00
|
|
|
|
AutoTrimDisks bool `yaml:"autoTrimDisks" json:"autoTrimDisks"` // 自动执行TRIM
|
2020-12-02 14:26:17 +08:00
|
|
|
|
|
2022-03-18 17:04:53 +08:00
|
|
|
|
// 指标
|
2021-06-27 22:00:02 +08:00
|
|
|
|
MetricItems []*serverconfigs.MetricItemConfig `yaml:"metricItems" json:"metricItems"`
|
|
|
|
|
|
|
2023-11-18 12:10:16 +08:00
|
|
|
|
IPAddresses []string `yaml:"ipAddresses" json:"ipAddresses"` // IP地址
|
|
|
|
|
|
AllowedIPs []string `yaml:"allowedIPs" json:"allowedIPs"` // 自动IP白名单
|
2021-12-06 10:09:44 +08:00
|
|
|
|
|
2022-03-25 14:12:12 +08:00
|
|
|
|
// 脚本
|
|
|
|
|
|
CommonScripts []*serverconfigs.CommonScript `yaml:"commonScripts" json:"commonScripts"`
|
|
|
|
|
|
|
2024-01-11 15:22:37 +08:00
|
|
|
|
WebPImagePolicies map[int64]*WebPImagePolicy `yaml:"webpImagePolicies" json:"webpImagePolicies"` // WebP相关配置,clusterId => *WebPImagePolicy
|
|
|
|
|
|
UAMPolicies map[int64]*UAMPolicy `yaml:"uamPolicies" json:"uamPolicies"` // UAM相关配置,clusterId => *UAMPolicy
|
|
|
|
|
|
HTTPCCPolicies map[int64]*HTTPCCPolicy `yaml:"httpCCPolicies" json:"httpCCPolicies"` // CC相关配置, clusterId => *HTTPCCPolicy
|
|
|
|
|
|
HTTP3Policies map[int64]*HTTP3Policy `yaml:"http3Policies" json:"http3Policies"` // HTTP3相关配置, clusterId => *HTTP3Policy
|
|
|
|
|
|
HTTPPagesPolicies map[int64]*HTTPPagesPolicy `yaml:"httpPagesPolicies" json:"httpPagesPolicies"` // 自定义页面,clusterId => *HTTPPagesPolicy
|
|
|
|
|
|
NetworkSecurityPolicy *NetworkSecurityPolicy `yaml:"networkSecurityPolicy" json:"networkSecurityPolicy"` // 网络安全策略
|
|
|
|
|
|
Plans map[int64]*serverconfigs.PlanConfig `yaml:"plans" json:"plans"` // 套餐 plan id => *serverconfigs.PlanConfig
|
2022-07-03 22:10:18 +08:00
|
|
|
|
|
2022-05-04 16:40:43 +08:00
|
|
|
|
// DNS
|
|
|
|
|
|
DNSResolver *DNSResolverConfig `yaml:"dnsResolver" json:"dnsResolver"`
|
|
|
|
|
|
|
2020-12-17 17:36:01 +08:00
|
|
|
|
paddedId string
|
2021-01-18 20:41:37 +08:00
|
|
|
|
|
2021-06-30 20:50:17 +08:00
|
|
|
|
// firewall
|
2021-01-18 20:41:37 +08:00
|
|
|
|
firewallPolicies []*firewallconfigs.HTTPFirewallPolicy
|
2021-06-30 20:50:17 +08:00
|
|
|
|
|
|
|
|
|
|
// metrics
|
|
|
|
|
|
hasHTTPConnectionMetrics bool
|
2021-08-01 21:56:15 +08:00
|
|
|
|
|
|
|
|
|
|
// 源站集合
|
|
|
|
|
|
originMap map[int64]*serverconfigs.OriginConfig
|
2021-12-06 10:09:44 +08:00
|
|
|
|
|
|
|
|
|
|
// 自动白名单
|
|
|
|
|
|
allowedIPMap map[string]bool
|
2022-01-10 19:54:18 +08:00
|
|
|
|
|
|
|
|
|
|
// syn flood
|
|
|
|
|
|
synFlood *firewallconfigs.SYNFloodConfig
|
2022-04-04 16:42:11 +08:00
|
|
|
|
|
|
|
|
|
|
secretHash string
|
2020-09-26 08:07:24 +08:00
|
|
|
|
}
|
|
|
|
|
|
|
2021-05-12 21:38:02 +08:00
|
|
|
|
// SharedNodeConfig 取得当前节点配置单例
|
2020-09-26 08:07:24 +08:00
|
|
|
|
func SharedNodeConfig() (*NodeConfig, error) {
|
|
|
|
|
|
shared.Locker.Lock()
|
|
|
|
|
|
defer shared.Locker.Unlock()
|
|
|
|
|
|
|
|
|
|
|
|
if sharedNodeConfig != nil {
|
|
|
|
|
|
return sharedNodeConfig, nil
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2023-03-02 10:28:15 +08:00
|
|
|
|
// 从本地缓存读取
|
|
|
|
|
|
var configFile = Tea.ConfigFile("node.json")
|
|
|
|
|
|
var readCacheOk = false
|
|
|
|
|
|
defer func() {
|
|
|
|
|
|
if !readCacheOk {
|
|
|
|
|
|
_ = os.Remove(configFile)
|
|
|
|
|
|
}
|
|
|
|
|
|
}()
|
|
|
|
|
|
|
|
|
|
|
|
data, err := os.ReadFile(configFile)
|
|
|
|
|
|
if err != nil {
|
|
|
|
|
|
return &NodeConfig{}, err
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
encodedNodeInfo, encodedJSONData, found := bytes.Cut(data, []byte("\n"))
|
|
|
|
|
|
if !found {
|
|
|
|
|
|
// 删除缓存文件
|
|
|
|
|
|
return &NodeConfig{}, errors.New("node.json: invalid data format")
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
encodedNodeInfoData, err := base64.StdEncoding.DecodeString(string(encodedNodeInfo))
|
|
|
|
|
|
if err != nil {
|
|
|
|
|
|
// 删除缓存文件
|
|
|
|
|
|
return &NodeConfig{}, err
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
nodeUniqueId, nodeSecret, found := strings.Cut(string(encodedNodeInfoData), "|")
|
|
|
|
|
|
if !found {
|
|
|
|
|
|
// 删除缓存文件
|
|
|
|
|
|
return &NodeConfig{}, errors.New("node.json: node info: invalid data format")
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
jsonData, err := nodeutils.DecryptData(nodeUniqueId, nodeSecret, string(encodedJSONData))
|
2020-09-26 08:07:24 +08:00
|
|
|
|
if err != nil {
|
|
|
|
|
|
return &NodeConfig{}, err
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2022-09-16 18:41:10 +08:00
|
|
|
|
var config = &NodeConfig{}
|
2023-03-02 10:28:15 +08:00
|
|
|
|
err = json.Unmarshal(jsonData, &config)
|
2020-09-26 08:07:24 +08:00
|
|
|
|
if err != nil {
|
|
|
|
|
|
return &NodeConfig{}, err
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2023-03-02 10:28:15 +08:00
|
|
|
|
readCacheOk = true
|
2020-09-26 08:07:24 +08:00
|
|
|
|
sharedNodeConfig = config
|
|
|
|
|
|
return config, nil
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2021-05-12 21:38:02 +08:00
|
|
|
|
// ResetNodeConfig 重置节点配置
|
2020-09-26 08:07:24 +08:00
|
|
|
|
func ResetNodeConfig(nodeConfig *NodeConfig) {
|
|
|
|
|
|
shared.Locker.Lock()
|
|
|
|
|
|
sharedNodeConfig = nodeConfig
|
|
|
|
|
|
shared.Locker.Unlock()
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2022-01-19 22:15:52 +08:00
|
|
|
|
// CloneNodeConfig 复制节点配置
|
|
|
|
|
|
func CloneNodeConfig(nodeConfig *NodeConfig) (*NodeConfig, error) {
|
|
|
|
|
|
if nodeConfig == nil {
|
|
|
|
|
|
return nil, errors.New("node config should not be nil")
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2023-04-03 15:59:45 +08:00
|
|
|
|
uamPolicyLocker.RLock()
|
|
|
|
|
|
defer uamPolicyLocker.RUnlock()
|
|
|
|
|
|
|
2023-05-23 19:16:09 +08:00
|
|
|
|
httpCCPolicyLocker.RLock()
|
|
|
|
|
|
defer httpCCPolicyLocker.RUnlock()
|
|
|
|
|
|
|
2023-06-01 17:48:01 +08:00
|
|
|
|
http3PolicyLocker.RLock()
|
|
|
|
|
|
defer http3PolicyLocker.RUnlock()
|
|
|
|
|
|
|
2023-05-22 17:30:08 +08:00
|
|
|
|
httpPagesPolicyLocker.RLock()
|
|
|
|
|
|
defer httpPagesPolicyLocker.RUnlock()
|
|
|
|
|
|
|
2023-12-11 11:08:48 +08:00
|
|
|
|
webPPolicyLocker.RLock()
|
|
|
|
|
|
defer webPPolicyLocker.RUnlock()
|
|
|
|
|
|
|
2024-01-11 15:22:37 +08:00
|
|
|
|
plansLocker.RLock()
|
|
|
|
|
|
defer plansLocker.RUnlock()
|
|
|
|
|
|
|
2022-01-19 22:15:52 +08:00
|
|
|
|
var newConfigValue = reflect.Indirect(reflect.ValueOf(&NodeConfig{}))
|
|
|
|
|
|
var oldValue = reflect.Indirect(reflect.ValueOf(nodeConfig))
|
|
|
|
|
|
var valueType = oldValue.Type()
|
|
|
|
|
|
for i := 0; i < valueType.NumField(); i++ {
|
|
|
|
|
|
var field = valueType.Field(i)
|
|
|
|
|
|
var fieldName = field.Name
|
|
|
|
|
|
if !field.IsExported() {
|
|
|
|
|
|
continue
|
|
|
|
|
|
}
|
|
|
|
|
|
if fieldName == "Servers" {
|
|
|
|
|
|
continue
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
newConfigValue.FieldByName(fieldName).Set(oldValue.FieldByName(fieldName))
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
var newConfig = newConfigValue.Interface().(NodeConfig)
|
|
|
|
|
|
newConfig.Servers = append([]*serverconfigs.ServerConfig{}, nodeConfig.Servers...)
|
|
|
|
|
|
return &newConfig, nil
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2021-05-12 21:38:02 +08:00
|
|
|
|
// Init 初始化
|
2023-03-18 22:15:13 +08:00
|
|
|
|
func (this *NodeConfig) Init(ctx context.Context) (err error, serverErrors []*ServerError) {
|
|
|
|
|
|
// 设置Context
|
|
|
|
|
|
if ctx == nil {
|
|
|
|
|
|
ctx = context.Background()
|
|
|
|
|
|
}
|
|
|
|
|
|
ctx = context.WithValue(ctx, "DataMap", this.DataMap)
|
|
|
|
|
|
|
2022-04-04 16:42:11 +08:00
|
|
|
|
this.secretHash = fmt.Sprintf("%x", sha256.Sum256([]byte(this.NodeId+"@"+this.Secret)))
|
2020-10-10 19:22:22 +08:00
|
|
|
|
this.paddedId = fmt.Sprintf("%08d", this.Id)
|
|
|
|
|
|
|
2020-10-05 16:54:21 +08:00
|
|
|
|
// servers
|
|
|
|
|
|
for _, server := range this.Servers {
|
2022-09-22 11:09:11 +08:00
|
|
|
|
// 避免在运行时重新初始化
|
|
|
|
|
|
if server.IsInitialized() {
|
|
|
|
|
|
continue
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2022-01-19 22:15:52 +08:00
|
|
|
|
// 初始化
|
2023-03-18 22:15:13 +08:00
|
|
|
|
errs := server.Init(ctx)
|
2021-12-01 15:59:15 +08:00
|
|
|
|
if len(errs) > 0 {
|
2021-01-26 20:29:19 +08:00
|
|
|
|
// 这里不返回错误,而是继续往下,防止单个服务错误而影响其他服务
|
2021-12-01 15:59:15 +08:00
|
|
|
|
for _, serverErr := range errs {
|
|
|
|
|
|
serverErrors = append(serverErrors, NewServerError(server.Id, "server '"+strconv.FormatInt(server.Id, 10)+"' init failed: "+serverErr.Error()))
|
|
|
|
|
|
}
|
2020-10-05 16:54:21 +08:00
|
|
|
|
}
|
2022-01-19 22:15:52 +08:00
|
|
|
|
|
|
|
|
|
|
// 检查ACME支持
|
|
|
|
|
|
if server.IsOn && server.SupportCNAME {
|
|
|
|
|
|
this.SupportCNAME = true
|
|
|
|
|
|
}
|
2020-10-05 16:54:21 +08:00
|
|
|
|
}
|
|
|
|
|
|
|
2020-12-17 17:36:01 +08:00
|
|
|
|
// cache policy
|
2021-08-01 14:52:10 +08:00
|
|
|
|
if len(this.HTTPCachePolicies) > 0 {
|
|
|
|
|
|
for _, policy := range this.HTTPCachePolicies {
|
2021-12-01 15:51:05 +08:00
|
|
|
|
err = policy.Init()
|
2021-08-01 14:52:10 +08:00
|
|
|
|
if err != nil {
|
2021-12-01 15:51:05 +08:00
|
|
|
|
return
|
2021-08-01 14:52:10 +08:00
|
|
|
|
}
|
2020-10-08 15:06:56 +08:00
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2020-12-17 17:36:01 +08:00
|
|
|
|
// firewall policy
|
2021-08-01 14:52:10 +08:00
|
|
|
|
if len(this.HTTPFirewallPolicies) > 0 {
|
|
|
|
|
|
for _, policy := range this.HTTPFirewallPolicies {
|
2021-12-01 15:51:05 +08:00
|
|
|
|
err = policy.Init()
|
2021-08-01 14:52:10 +08:00
|
|
|
|
if err != nil {
|
2021-12-01 15:51:05 +08:00
|
|
|
|
return
|
2021-08-01 14:52:10 +08:00
|
|
|
|
}
|
2020-10-05 16:54:21 +08:00
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2020-12-02 14:26:17 +08:00
|
|
|
|
// TOA
|
|
|
|
|
|
if this.TOA != nil {
|
2021-12-01 15:51:05 +08:00
|
|
|
|
err = this.TOA.Init()
|
2020-12-02 14:26:17 +08:00
|
|
|
|
if err != nil {
|
2021-12-01 15:51:05 +08:00
|
|
|
|
return
|
2020-12-02 14:26:17 +08:00
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2021-08-01 21:56:15 +08:00
|
|
|
|
// 源站
|
|
|
|
|
|
this.originMap = map[int64]*serverconfigs.OriginConfig{}
|
|
|
|
|
|
|
2021-01-18 20:41:37 +08:00
|
|
|
|
// 查找FirewallPolicy
|
2022-01-19 22:15:52 +08:00
|
|
|
|
this.synFlood = nil
|
2021-01-18 20:41:37 +08:00
|
|
|
|
this.firewallPolicies = []*firewallconfigs.HTTPFirewallPolicy{}
|
2021-08-01 14:52:10 +08:00
|
|
|
|
for _, policy := range this.HTTPFirewallPolicies {
|
|
|
|
|
|
if policy.IsOn {
|
|
|
|
|
|
this.firewallPolicies = append(this.firewallPolicies, policy)
|
2022-01-10 19:54:18 +08:00
|
|
|
|
if policy.SYNFlood != nil && policy.SYNFlood.IsOn {
|
|
|
|
|
|
this.synFlood = policy.SYNFlood
|
|
|
|
|
|
}
|
2021-08-01 14:52:10 +08:00
|
|
|
|
}
|
2021-01-18 20:41:37 +08:00
|
|
|
|
}
|
|
|
|
|
|
for _, server := range this.Servers {
|
2021-01-26 20:29:19 +08:00
|
|
|
|
if !server.IsOk() || !server.IsOn {
|
|
|
|
|
|
continue
|
|
|
|
|
|
}
|
2021-08-01 14:52:10 +08:00
|
|
|
|
|
|
|
|
|
|
// WAF策略
|
|
|
|
|
|
if server.HTTPFirewallPolicyId > 0 {
|
|
|
|
|
|
for _, policy := range this.HTTPFirewallPolicies {
|
|
|
|
|
|
if server.HTTPFirewallPolicyId == policy.Id {
|
|
|
|
|
|
server.HTTPFirewallPolicy = policy
|
|
|
|
|
|
break
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
// 缓存策略
|
|
|
|
|
|
if server.HTTPCachePolicyId > 0 {
|
|
|
|
|
|
for _, policy := range this.HTTPCachePolicies {
|
|
|
|
|
|
if server.HTTPCachePolicyId == policy.Id {
|
|
|
|
|
|
server.HTTPCachePolicy = policy
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2021-08-01 21:56:15 +08:00
|
|
|
|
// 源站
|
|
|
|
|
|
if server.ReverseProxyRef != nil && server.ReverseProxyRef.IsOn && server.ReverseProxy != nil && server.ReverseProxy.IsOn {
|
|
|
|
|
|
for _, origin := range server.ReverseProxy.PrimaryOrigins {
|
|
|
|
|
|
if origin.IsOn {
|
|
|
|
|
|
this.originMap[origin.Id] = origin
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
for _, origin := range server.ReverseProxy.BackupOrigins {
|
|
|
|
|
|
if origin.IsOn {
|
|
|
|
|
|
this.originMap[origin.Id] = origin
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2021-01-18 20:41:37 +08:00
|
|
|
|
if server.Web != nil {
|
2021-08-01 14:52:10 +08:00
|
|
|
|
this.lookupWeb(server, server.Web)
|
2021-01-18 20:41:37 +08:00
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2021-02-06 17:37:27 +08:00
|
|
|
|
// firewall actions
|
|
|
|
|
|
for _, action := range this.FirewallActions {
|
2021-12-01 15:51:05 +08:00
|
|
|
|
err = action.Init()
|
2021-02-06 17:37:27 +08:00
|
|
|
|
if err != nil {
|
2021-12-01 15:51:05 +08:00
|
|
|
|
return
|
2021-02-06 17:37:27 +08:00
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2021-06-27 22:00:02 +08:00
|
|
|
|
// metric items
|
2021-06-30 20:50:17 +08:00
|
|
|
|
this.hasHTTPConnectionMetrics = false
|
2021-06-27 22:00:02 +08:00
|
|
|
|
for _, item := range this.MetricItems {
|
2021-12-01 15:51:05 +08:00
|
|
|
|
err = item.Init()
|
2021-06-27 22:00:02 +08:00
|
|
|
|
if err != nil {
|
2021-12-01 15:51:05 +08:00
|
|
|
|
return
|
2021-06-27 22:00:02 +08:00
|
|
|
|
}
|
2021-06-30 20:50:17 +08:00
|
|
|
|
if item.IsOn && item.HasHTTPConnectionValue() {
|
|
|
|
|
|
this.hasHTTPConnectionMetrics = true
|
|
|
|
|
|
}
|
2021-06-27 22:00:02 +08:00
|
|
|
|
}
|
|
|
|
|
|
|
2021-12-06 10:09:44 +08:00
|
|
|
|
// 自动白名单
|
|
|
|
|
|
this.allowedIPMap = map[string]bool{}
|
|
|
|
|
|
for _, allowIP := range this.AllowedIPs {
|
|
|
|
|
|
this.allowedIPMap[allowIP] = true
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2022-04-01 16:20:36 +08:00
|
|
|
|
// webp image policy
|
2023-12-11 11:08:48 +08:00
|
|
|
|
webPPolicyLocker.RLock()
|
2022-04-01 16:20:36 +08:00
|
|
|
|
if this.WebPImagePolicies != nil {
|
|
|
|
|
|
for _, policy := range this.WebPImagePolicies {
|
|
|
|
|
|
err = policy.Init()
|
|
|
|
|
|
if err != nil {
|
2023-12-11 11:08:48 +08:00
|
|
|
|
webPPolicyLocker.RUnlock()
|
2022-04-01 16:20:36 +08:00
|
|
|
|
return
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
2023-12-11 11:08:48 +08:00
|
|
|
|
webPPolicyLocker.RUnlock()
|
2022-04-01 16:20:36 +08:00
|
|
|
|
|
2022-07-03 22:10:18 +08:00
|
|
|
|
// uam policy
|
2023-04-03 15:59:45 +08:00
|
|
|
|
uamPolicyLocker.RLock()
|
2023-05-22 17:30:08 +08:00
|
|
|
|
if len(this.UAMPolicies) > 0 {
|
2022-07-03 22:10:18 +08:00
|
|
|
|
for _, policy := range this.UAMPolicies {
|
|
|
|
|
|
err = policy.Init()
|
|
|
|
|
|
if err != nil {
|
2023-04-03 15:59:45 +08:00
|
|
|
|
uamPolicyLocker.RUnlock()
|
2022-07-03 22:10:18 +08:00
|
|
|
|
return
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
2023-04-03 15:59:45 +08:00
|
|
|
|
uamPolicyLocker.RUnlock()
|
2022-07-03 22:10:18 +08:00
|
|
|
|
|
2023-05-23 19:16:09 +08:00
|
|
|
|
// http cc policy
|
|
|
|
|
|
httpCCPolicyLocker.RLock()
|
|
|
|
|
|
if len(this.HTTPCCPolicies) > 0 {
|
|
|
|
|
|
for _, policy := range this.HTTPCCPolicies {
|
|
|
|
|
|
err = policy.Init()
|
|
|
|
|
|
if err != nil {
|
|
|
|
|
|
httpCCPolicyLocker.RUnlock()
|
|
|
|
|
|
return
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
httpCCPolicyLocker.RUnlock()
|
|
|
|
|
|
|
2023-06-01 17:48:01 +08:00
|
|
|
|
// http3 policy
|
|
|
|
|
|
http3PolicyLocker.RLock()
|
|
|
|
|
|
if len(this.HTTP3Policies) > 0 {
|
|
|
|
|
|
for _, policy := range this.HTTP3Policies {
|
|
|
|
|
|
err = policy.Init()
|
|
|
|
|
|
if err != nil {
|
|
|
|
|
|
http3PolicyLocker.RUnlock()
|
|
|
|
|
|
return
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
http3PolicyLocker.RUnlock()
|
|
|
|
|
|
|
2023-05-23 19:16:09 +08:00
|
|
|
|
// http pages policy
|
2023-05-22 17:30:08 +08:00
|
|
|
|
httpPagesPolicyLocker.RLock()
|
|
|
|
|
|
if len(this.HTTPPagesPolicies) > 0 {
|
|
|
|
|
|
for _, policy := range this.HTTPPagesPolicies {
|
|
|
|
|
|
err = policy.Init()
|
|
|
|
|
|
if err != nil {
|
|
|
|
|
|
httpPagesPolicyLocker.RUnlock()
|
|
|
|
|
|
return
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
httpPagesPolicyLocker.RUnlock()
|
|
|
|
|
|
|
2024-01-11 15:22:37 +08:00
|
|
|
|
// plans
|
|
|
|
|
|
plansLocker.RLock()
|
|
|
|
|
|
if len(this.Plans) > 0 {
|
|
|
|
|
|
for _, plan := range this.Plans {
|
|
|
|
|
|
err = plan.Init()
|
|
|
|
|
|
if err != nil {
|
|
|
|
|
|
plansLocker.RUnlock()
|
|
|
|
|
|
return
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
plansLocker.RUnlock()
|
|
|
|
|
|
|
2022-05-04 16:40:43 +08:00
|
|
|
|
// dns resolver
|
|
|
|
|
|
if this.DNSResolver != nil {
|
|
|
|
|
|
err = this.DNSResolver.Init()
|
|
|
|
|
|
if err != nil {
|
|
|
|
|
|
return
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2022-09-16 18:41:10 +08:00
|
|
|
|
// 全局服务设置
|
|
|
|
|
|
if this.GlobalServerConfig != nil {
|
|
|
|
|
|
err = this.GlobalServerConfig.Init()
|
|
|
|
|
|
if err != nil {
|
|
|
|
|
|
return
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2022-11-21 21:08:17 +08:00
|
|
|
|
// api node addrs
|
|
|
|
|
|
if len(this.APINodeAddrs) > 0 {
|
|
|
|
|
|
for _, addr := range this.APINodeAddrs {
|
2023-10-26 17:17:48 +08:00
|
|
|
|
err = addr.Init()
|
2022-11-21 21:08:17 +08:00
|
|
|
|
if err != nil {
|
|
|
|
|
|
return err, nil
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2023-10-26 17:17:48 +08:00
|
|
|
|
// network security policy
|
|
|
|
|
|
if this.NetworkSecurityPolicy != nil {
|
|
|
|
|
|
err = this.NetworkSecurityPolicy.Init()
|
|
|
|
|
|
if err != nil {
|
|
|
|
|
|
return err, nil
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2021-12-01 15:51:05 +08:00
|
|
|
|
return
|
2020-10-05 16:54:21 +08:00
|
|
|
|
}
|
|
|
|
|
|
|
2022-01-19 22:15:52 +08:00
|
|
|
|
// AddServer 添加服务
|
|
|
|
|
|
func (this *NodeConfig) AddServer(server *serverconfigs.ServerConfig) {
|
|
|
|
|
|
if server == nil {
|
|
|
|
|
|
return
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
var found = false
|
|
|
|
|
|
for index, oldServer := range this.Servers {
|
|
|
|
|
|
if oldServer.Id == server.Id {
|
|
|
|
|
|
this.Servers[index] = server
|
|
|
|
|
|
found = true
|
|
|
|
|
|
break
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
if !found {
|
|
|
|
|
|
this.Servers = append(this.Servers, server)
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
// RemoveServer 删除服务
|
|
|
|
|
|
func (this *NodeConfig) RemoveServer(serverId int64) {
|
|
|
|
|
|
for index, oldServer := range this.Servers {
|
|
|
|
|
|
if oldServer.Id == serverId {
|
|
|
|
|
|
this.Servers = append(this.Servers[:index], this.Servers[index+1:]...)
|
|
|
|
|
|
break
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2021-05-12 21:38:02 +08:00
|
|
|
|
// AvailableGroups 根据网络地址和协议分组
|
2021-09-22 19:39:55 +08:00
|
|
|
|
func (this *NodeConfig) AvailableGroups() []*serverconfigs.ServerAddressGroup {
|
2023-03-02 10:28:15 +08:00
|
|
|
|
var groupMapping = map[string]*serverconfigs.ServerAddressGroup{} // protocol://addr => Server Group
|
2020-09-26 08:07:24 +08:00
|
|
|
|
for _, server := range this.Servers {
|
2021-01-26 20:29:19 +08:00
|
|
|
|
if !server.IsOk() || !server.IsOn {
|
2020-09-26 08:07:24 +08:00
|
|
|
|
continue
|
|
|
|
|
|
}
|
|
|
|
|
|
for _, addr := range server.FullAddresses() {
|
|
|
|
|
|
group, ok := groupMapping[addr]
|
|
|
|
|
|
if ok {
|
|
|
|
|
|
group.Add(server)
|
|
|
|
|
|
} else {
|
2021-09-22 19:39:55 +08:00
|
|
|
|
group = serverconfigs.NewServerAddressGroup(addr)
|
2020-09-26 08:07:24 +08:00
|
|
|
|
group.Add(server)
|
|
|
|
|
|
}
|
|
|
|
|
|
groupMapping[addr] = group
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
2023-03-02 10:28:15 +08:00
|
|
|
|
var result = []*serverconfigs.ServerAddressGroup{}
|
2020-09-26 08:07:24 +08:00
|
|
|
|
for _, group := range groupMapping {
|
|
|
|
|
|
result = append(result, group)
|
|
|
|
|
|
}
|
|
|
|
|
|
return result
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2023-06-01 17:48:01 +08:00
|
|
|
|
// HTTP3Group HTTP/3网站分组
|
|
|
|
|
|
// 这里暂时不区分集群
|
|
|
|
|
|
func (this *NodeConfig) HTTP3Group() *serverconfigs.ServerAddressGroup {
|
|
|
|
|
|
var group = serverconfigs.NewServerAddressGroup("HTTP3")
|
|
|
|
|
|
for _, server := range this.Servers {
|
|
|
|
|
|
if !server.SupportsHTTP3() {
|
|
|
|
|
|
continue
|
|
|
|
|
|
}
|
|
|
|
|
|
group.Add(server)
|
|
|
|
|
|
}
|
|
|
|
|
|
return group
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2021-05-12 21:38:02 +08:00
|
|
|
|
// FindAllFirewallPolicies 获取所有的防火墙策略
|
2021-01-18 20:41:37 +08:00
|
|
|
|
func (this *NodeConfig) FindAllFirewallPolicies() []*firewallconfigs.HTTPFirewallPolicy {
|
|
|
|
|
|
return this.firewallPolicies
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2021-05-12 21:38:02 +08:00
|
|
|
|
// Save 写入到文件
|
2020-09-26 08:07:24 +08:00
|
|
|
|
func (this *NodeConfig) Save() error {
|
|
|
|
|
|
shared.Locker.Lock()
|
|
|
|
|
|
defer shared.Locker.Unlock()
|
|
|
|
|
|
|
|
|
|
|
|
data, err := json.Marshal(this)
|
|
|
|
|
|
if err != nil {
|
|
|
|
|
|
return err
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2023-03-02 10:28:15 +08:00
|
|
|
|
var headerData = []byte(base64.StdEncoding.EncodeToString([]byte(this.NodeId+"|"+this.Secret)) + "\n")
|
|
|
|
|
|
|
|
|
|
|
|
encodedData, err := nodeutils.EncryptData(this.NodeId, this.Secret, data)
|
|
|
|
|
|
if err != nil {
|
|
|
|
|
|
return err
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
return os.WriteFile(Tea.ConfigFile("node.json"), append(headerData, encodedData...), 0777)
|
2020-09-26 08:07:24 +08:00
|
|
|
|
}
|
2020-10-05 16:54:21 +08:00
|
|
|
|
|
2021-05-12 21:38:02 +08:00
|
|
|
|
// PaddedId 获取填充后的ID
|
2020-10-10 19:22:22 +08:00
|
|
|
|
func (this *NodeConfig) PaddedId() string {
|
|
|
|
|
|
return this.paddedId
|
|
|
|
|
|
}
|
2021-01-18 20:41:37 +08:00
|
|
|
|
|
2021-06-30 20:50:17 +08:00
|
|
|
|
// HasHTTPConnectionMetrics 是否含有HTTP连接数的指标
|
|
|
|
|
|
func (this *NodeConfig) HasHTTPConnectionMetrics() bool {
|
|
|
|
|
|
return this.hasHTTPConnectionMetrics
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2021-08-01 21:56:15 +08:00
|
|
|
|
// FindOrigin 读取源站配置
|
|
|
|
|
|
func (this *NodeConfig) FindOrigin(originId int64) *serverconfigs.OriginConfig {
|
|
|
|
|
|
if this.originMap == nil {
|
|
|
|
|
|
return nil
|
|
|
|
|
|
}
|
|
|
|
|
|
config, ok := this.originMap[originId]
|
|
|
|
|
|
if ok {
|
|
|
|
|
|
return config
|
|
|
|
|
|
}
|
|
|
|
|
|
return nil
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2021-01-18 20:41:37 +08:00
|
|
|
|
// 搜索WAF策略
|
2021-08-01 14:52:10 +08:00
|
|
|
|
func (this *NodeConfig) lookupWeb(server *serverconfigs.ServerConfig, web *serverconfigs.HTTPWebConfig) {
|
2021-01-18 20:41:37 +08:00
|
|
|
|
if web == nil || !web.IsOn {
|
|
|
|
|
|
return
|
|
|
|
|
|
}
|
|
|
|
|
|
if web.FirewallPolicy != nil && web.FirewallPolicy.IsOn {
|
2022-05-20 22:10:58 +08:00
|
|
|
|
// 复用节点的选项设置
|
|
|
|
|
|
if server.HTTPFirewallPolicy != nil {
|
2022-05-21 18:57:59 +08:00
|
|
|
|
if (web.FirewallPolicy.BlockOptions == nil || !web.FirewallPolicy.BlockOptions.IsPrior) && server.HTTPFirewallPolicy.BlockOptions != nil {
|
2022-05-20 22:10:58 +08:00
|
|
|
|
web.FirewallPolicy.BlockOptions = server.HTTPFirewallPolicy.BlockOptions
|
|
|
|
|
|
}
|
2024-01-20 16:18:49 +08:00
|
|
|
|
if (web.FirewallPolicy.PageOptions == nil || !web.FirewallPolicy.PageOptions.IsPrior) && server.HTTPFirewallPolicy.PageOptions != nil {
|
|
|
|
|
|
web.FirewallPolicy.PageOptions = server.HTTPFirewallPolicy.PageOptions
|
|
|
|
|
|
}
|
2022-05-21 18:57:59 +08:00
|
|
|
|
if (web.FirewallPolicy.CaptchaOptions == nil || !web.FirewallPolicy.CaptchaOptions.IsPrior) && server.HTTPFirewallPolicy.CaptchaOptions != nil {
|
2022-05-20 22:10:58 +08:00
|
|
|
|
web.FirewallPolicy.CaptchaOptions = server.HTTPFirewallPolicy.CaptchaOptions
|
|
|
|
|
|
}
|
2022-05-21 18:57:59 +08:00
|
|
|
|
if (web.FirewallPolicy.SYNFlood == nil || !web.FirewallPolicy.SYNFlood.IsPrior) && server.HTTPFirewallPolicy.SYNFlood != nil {
|
|
|
|
|
|
web.FirewallPolicy.SYNFlood = server.HTTPFirewallPolicy.SYNFlood
|
|
|
|
|
|
}
|
|
|
|
|
|
if (web.FirewallPolicy.Log == nil || !web.FirewallPolicy.Log.IsPrior) && server.HTTPFirewallPolicy.Log != nil {
|
|
|
|
|
|
web.FirewallPolicy.Log = server.HTTPFirewallPolicy.Log
|
|
|
|
|
|
}
|
2022-05-20 22:10:58 +08:00
|
|
|
|
|
2021-09-30 11:30:16 +08:00
|
|
|
|
web.FirewallPolicy.Mode = server.HTTPFirewallPolicy.Mode
|
2022-01-09 17:05:24 +08:00
|
|
|
|
web.FirewallPolicy.UseLocalFirewall = server.HTTPFirewallPolicy.UseLocalFirewall
|
2021-01-26 10:30:35 +08:00
|
|
|
|
}
|
2022-05-20 22:10:58 +08:00
|
|
|
|
|
2021-01-18 20:41:37 +08:00
|
|
|
|
this.firewallPolicies = append(this.firewallPolicies, web.FirewallPolicy)
|
|
|
|
|
|
}
|
|
|
|
|
|
if len(web.Locations) > 0 {
|
|
|
|
|
|
for _, location := range web.Locations {
|
2021-08-01 21:56:15 +08:00
|
|
|
|
// 源站
|
|
|
|
|
|
if location.IsOn && location.ReverseProxyRef != nil && location.ReverseProxyRef.IsOn && location.ReverseProxy != nil && location.ReverseProxy.IsOn {
|
|
|
|
|
|
for _, origin := range location.ReverseProxy.PrimaryOrigins {
|
|
|
|
|
|
if origin.IsOn {
|
|
|
|
|
|
this.originMap[origin.Id] = origin
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
for _, origin := range location.ReverseProxy.BackupOrigins {
|
|
|
|
|
|
if origin.IsOn {
|
|
|
|
|
|
this.originMap[origin.Id] = origin
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
// Web
|
2021-01-18 20:41:37 +08:00
|
|
|
|
if location.Web != nil && location.Web.IsOn {
|
2021-08-01 14:52:10 +08:00
|
|
|
|
this.lookupWeb(server, location.Web)
|
2021-01-18 20:41:37 +08:00
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
2021-12-06 10:09:44 +08:00
|
|
|
|
|
|
|
|
|
|
// IPIsAutoAllowed 检查是否自动允许某个IP
|
|
|
|
|
|
func (this *NodeConfig) IPIsAutoAllowed(ip string) bool {
|
|
|
|
|
|
_, ok := this.allowedIPMap[ip]
|
|
|
|
|
|
return ok
|
|
|
|
|
|
}
|
2022-01-10 19:54:18 +08:00
|
|
|
|
|
|
|
|
|
|
// SYNFloodConfig 获取SYN Flood配置
|
|
|
|
|
|
func (this *NodeConfig) SYNFloodConfig() *firewallconfigs.SYNFloodConfig {
|
|
|
|
|
|
return this.synFlood
|
|
|
|
|
|
}
|
2022-03-18 17:04:53 +08:00
|
|
|
|
|
|
|
|
|
|
// UpdateCertOCSP 修改证书OCSP
|
2022-03-18 20:20:28 +08:00
|
|
|
|
func (this *NodeConfig) UpdateCertOCSP(certId int64, ocsp []byte, expiresAt int64) {
|
2022-03-18 17:04:53 +08:00
|
|
|
|
shared.Locker.Lock()
|
|
|
|
|
|
defer shared.Locker.Unlock()
|
|
|
|
|
|
|
|
|
|
|
|
var servers = this.Servers
|
|
|
|
|
|
for _, server := range servers {
|
|
|
|
|
|
if server.HTTPS != nil &&
|
|
|
|
|
|
server.HTTPS.SSLPolicy != nil &&
|
|
|
|
|
|
server.HTTPS.SSLPolicy.OCSPIsOn &&
|
|
|
|
|
|
server.HTTPS.SSLPolicy.ContainsCert(certId) {
|
2022-03-18 20:20:28 +08:00
|
|
|
|
server.HTTPS.SSLPolicy.UpdateCertOCSP(certId, ocsp, expiresAt)
|
2022-03-18 17:04:53 +08:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
if server.TLS != nil &&
|
|
|
|
|
|
server.TLS.SSLPolicy != nil &&
|
|
|
|
|
|
server.TLS.SSLPolicy.OCSPIsOn &&
|
|
|
|
|
|
server.TLS.SSLPolicy.ContainsCert(certId) {
|
2022-03-18 20:20:28 +08:00
|
|
|
|
server.TLS.SSLPolicy.UpdateCertOCSP(certId, ocsp, expiresAt)
|
2022-03-18 17:04:53 +08:00
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
2022-04-01 16:20:36 +08:00
|
|
|
|
|
|
|
|
|
|
// FindWebPImagePolicyWithClusterId 使用集群ID查找WebP策略
|
|
|
|
|
|
func (this *NodeConfig) FindWebPImagePolicyWithClusterId(clusterId int64) *WebPImagePolicy {
|
2023-12-11 11:08:48 +08:00
|
|
|
|
webPPolicyLocker.RLock()
|
|
|
|
|
|
defer webPPolicyLocker.RUnlock()
|
|
|
|
|
|
|
2022-04-01 16:20:36 +08:00
|
|
|
|
if this.WebPImagePolicies == nil {
|
|
|
|
|
|
return nil
|
|
|
|
|
|
}
|
|
|
|
|
|
return this.WebPImagePolicies[clusterId]
|
|
|
|
|
|
}
|
2022-04-04 16:42:11 +08:00
|
|
|
|
|
2023-12-11 11:08:48 +08:00
|
|
|
|
// UpdateWebPImagePolicies 修改集群WebP策略
|
|
|
|
|
|
func (this *NodeConfig) UpdateWebPImagePolicies(policies map[int64]*WebPImagePolicy) {
|
|
|
|
|
|
webPPolicyLocker.Lock()
|
|
|
|
|
|
defer webPPolicyLocker.Unlock()
|
|
|
|
|
|
this.WebPImagePolicies = policies
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2022-07-03 22:10:18 +08:00
|
|
|
|
// FindUAMPolicyWithClusterId 使用集群ID查找UAM策略
|
|
|
|
|
|
func (this *NodeConfig) FindUAMPolicyWithClusterId(clusterId int64) *UAMPolicy {
|
2023-04-03 15:59:45 +08:00
|
|
|
|
uamPolicyLocker.RLock()
|
|
|
|
|
|
defer uamPolicyLocker.RUnlock()
|
2022-07-03 22:10:18 +08:00
|
|
|
|
if this.UAMPolicies == nil {
|
|
|
|
|
|
return nil
|
|
|
|
|
|
}
|
|
|
|
|
|
return this.UAMPolicies[clusterId]
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2023-04-03 15:59:45 +08:00
|
|
|
|
// UpdateUAMPolicies 修改集群UAM策略
|
|
|
|
|
|
func (this *NodeConfig) UpdateUAMPolicies(policies map[int64]*UAMPolicy) {
|
|
|
|
|
|
uamPolicyLocker.Lock()
|
|
|
|
|
|
defer uamPolicyLocker.Unlock()
|
|
|
|
|
|
this.UAMPolicies = policies
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2023-05-23 19:16:09 +08:00
|
|
|
|
// FindHTTPCCPolicyWithClusterId 使用集群ID查找CC策略
|
|
|
|
|
|
func (this *NodeConfig) FindHTTPCCPolicyWithClusterId(clusterId int64) *HTTPCCPolicy {
|
|
|
|
|
|
httpCCPolicyLocker.RLock()
|
|
|
|
|
|
defer httpCCPolicyLocker.RUnlock()
|
|
|
|
|
|
if this.HTTPCCPolicies == nil {
|
|
|
|
|
|
return nil
|
|
|
|
|
|
}
|
|
|
|
|
|
return this.HTTPCCPolicies[clusterId]
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
// UpdateHTTPCCPolicies 修改集群CC策略
|
|
|
|
|
|
func (this *NodeConfig) UpdateHTTPCCPolicies(policies map[int64]*HTTPCCPolicy) {
|
|
|
|
|
|
httpCCPolicyLocker.Lock()
|
|
|
|
|
|
defer httpCCPolicyLocker.Unlock()
|
|
|
|
|
|
this.HTTPCCPolicies = policies
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2023-06-01 17:48:01 +08:00
|
|
|
|
// FindHTTP3PolicyWithClusterId 使用集群ID查找HTTP/3策略
|
|
|
|
|
|
func (this *NodeConfig) FindHTTP3PolicyWithClusterId(clusterId int64) *HTTP3Policy {
|
|
|
|
|
|
http3PolicyLocker.RLock()
|
|
|
|
|
|
defer http3PolicyLocker.RUnlock()
|
|
|
|
|
|
if this.HTTP3Policies == nil {
|
|
|
|
|
|
return nil
|
|
|
|
|
|
}
|
|
|
|
|
|
return this.HTTP3Policies[clusterId]
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
// FindHTTP3Ports 查询HTTP/3所有端口
|
|
|
|
|
|
func (this *NodeConfig) FindHTTP3Ports() (ports []int) {
|
|
|
|
|
|
http3PolicyLocker.RLock()
|
|
|
|
|
|
defer http3PolicyLocker.RUnlock()
|
|
|
|
|
|
for _, policy := range this.HTTP3Policies {
|
2023-06-01 19:42:40 +08:00
|
|
|
|
if !policy.IsOn {
|
|
|
|
|
|
continue
|
|
|
|
|
|
}
|
2023-06-01 17:48:01 +08:00
|
|
|
|
if policy.Port <= 0 {
|
|
|
|
|
|
policy.Port = DefaultHTTP3Port
|
|
|
|
|
|
}
|
|
|
|
|
|
if !lists.ContainsInt(ports, policy.Port) {
|
|
|
|
|
|
ports = append(ports, policy.Port)
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
return
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
// UpdateHTTP3Policies 修改集群HTTP/3策略
|
|
|
|
|
|
func (this *NodeConfig) UpdateHTTP3Policies(policies map[int64]*HTTP3Policy) {
|
|
|
|
|
|
http3PolicyLocker.Lock()
|
|
|
|
|
|
defer http3PolicyLocker.Unlock()
|
|
|
|
|
|
this.HTTP3Policies = policies
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2023-05-22 17:30:08 +08:00
|
|
|
|
// UpdateHTTPPagesPolicies 修改集群自定义页面策略
|
|
|
|
|
|
func (this *NodeConfig) UpdateHTTPPagesPolicies(policies map[int64]*HTTPPagesPolicy) {
|
|
|
|
|
|
httpPagesPolicyLocker.Lock()
|
|
|
|
|
|
defer httpPagesPolicyLocker.Unlock()
|
|
|
|
|
|
this.HTTPPagesPolicies = policies
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
// FindHTTPPagesPolicyWithClusterId 使用集群ID查找自定义页面策略
|
|
|
|
|
|
func (this *NodeConfig) FindHTTPPagesPolicyWithClusterId(clusterId int64) *HTTPPagesPolicy {
|
|
|
|
|
|
httpPagesPolicyLocker.RLock()
|
|
|
|
|
|
defer httpPagesPolicyLocker.RUnlock()
|
|
|
|
|
|
if this.HTTPPagesPolicies == nil {
|
|
|
|
|
|
return nil
|
|
|
|
|
|
}
|
|
|
|
|
|
return this.HTTPPagesPolicies[clusterId]
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2024-01-11 15:22:37 +08:00
|
|
|
|
// UpdatePlans 更新套餐
|
|
|
|
|
|
func (this *NodeConfig) UpdatePlans(planMap map[int64]*serverconfigs.PlanConfig) {
|
|
|
|
|
|
plansLocker.Lock()
|
|
|
|
|
|
this.Plans = planMap
|
|
|
|
|
|
plansLocker.Unlock()
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
// FindAllPlans 查找所有套餐
|
|
|
|
|
|
func (this *NodeConfig) FindAllPlans() map[int64]*serverconfigs.PlanConfig {
|
|
|
|
|
|
plansLocker.RLock()
|
|
|
|
|
|
defer plansLocker.RUnlock()
|
|
|
|
|
|
return this.Plans
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
// 查找单个套餐
|
|
|
|
|
|
func (this *NodeConfig) FindPlan(planId int64) *serverconfigs.PlanConfig {
|
|
|
|
|
|
plansLocker.RLock()
|
|
|
|
|
|
defer plansLocker.RUnlock()
|
|
|
|
|
|
return this.Plans[planId]
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2022-04-04 16:42:11 +08:00
|
|
|
|
// SecretHash 对Id和Secret的Hash计算
|
|
|
|
|
|
func (this *NodeConfig) SecretHash() string {
|
|
|
|
|
|
return this.secretHash
|
|
|
|
|
|
}
|
2023-07-03 16:21:52 +08:00
|
|
|
|
|
|
|
|
|
|
// HasConnTimeoutSettings 检查是否有连接超时设置
|
|
|
|
|
|
func (this *NodeConfig) HasConnTimeoutSettings() bool {
|
|
|
|
|
|
return this.GlobalServerConfig != nil && (this.GlobalServerConfig.Performance.AutoReadTimeout || this.GlobalServerConfig.Performance.AutoWriteTimeout)
|
2023-09-18 16:55:30 +08:00
|
|
|
|
}
|
