diff --git a/build/rpc.json b/build/rpc.json index 454824f..d00fb59 100644 --- a/build/rpc.json +++ b/build/rpc.json @@ -7660,7 +7660,9 @@ "responseMessageName": "FindNSClusterDoHConfigResponse", "code": "rpc findNSClusterDoHConfig(FindNSClusterDoHConfigRequest) returns (FindNSClusterDoHConfigResponse);", "doc": "查找集群的DoH设置", - "roles": [], + "roles": [ + "admin" + ], "isDeprecated": false }, { @@ -7669,7 +7671,9 @@ "responseMessageName": "RPCSuccess", "code": "rpc updateNSClusterDoH (UpdateNSClusterDoHRequest) returns (RPCSuccess);", "doc": "修改集群的DoH设置", - "roles": [], + "roles": [ + "admin" + ], "isDeprecated": false }, { @@ -10226,7 +10230,7 @@ "requestMessageName": "CreateServerRequest", "responseMessageName": "CreateServerResponse", "code": "rpc createServer (CreateServerRequest) returns (CreateServerResponse);", - "doc": "创建服务", + "doc": "创建网站", "roles": [ "admin", "user" @@ -11647,7 +11651,7 @@ "requestMessageName": "CreateSSLPolicyRequest", "responseMessageName": "CreateSSLPolicyResponse", "code": "rpc createSSLPolicy (CreateSSLPolicyRequest) returns (CreateSSLPolicyResponse);", - "doc": "创建Policy", + "doc": "创建策略", "roles": [ "admin", "user" @@ -11659,7 +11663,7 @@ "requestMessageName": "UpdateSSLPolicyRequest", "responseMessageName": "RPCSuccess", "code": "rpc updateSSLPolicy (UpdateSSLPolicyRequest) returns (RPCSuccess);", - "doc": "修改Policy", + "doc": "修改策略", "roles": [ "admin", "user" @@ -11671,7 +11675,7 @@ "requestMessageName": "FindEnabledSSLPolicyConfigRequest", "responseMessageName": "FindEnabledSSLPolicyConfigResponse", "code": "rpc findEnabledSSLPolicyConfig (FindEnabledSSLPolicyConfigRequest) returns (FindEnabledSSLPolicyConfigResponse);", - "doc": "查找Policy", + "doc": "查找策略", "roles": [ "user", "admin" @@ -15354,12 +15358,12 @@ }, { "name": "CreateSSLPolicyRequest", - "code": "message CreateSSLPolicyRequest {\n\tbool http2Enabled = 1; // 是否启用HTTP/2\n\tbool http3Enabled = 10; // 是否启用HTTP/3(在满足条件的基础上)\n\tstring minVersion = 2; // 支持的最低SSL版本\n\tbytes sslCertsJSON = 3; // 证书内容\n\tbytes hstsJSON = 4; // HSTS配置\n\tint32 clientAuthType = 5; //\n\tbytes clientCACertsJSON = 6; // CA证书内容\n\trepeated string cipherSuites = 7; // 自定义加密套件\n\tbool cipherSuitesIsOn = 8; // 是否启用自定义加密套件\n\tbool ocspIsOn = 9; // 是否启用OCSP\n}", - "doc": "创建Policy" + "code": "message CreateSSLPolicyRequest {\n\tbool http2Enabled = 1; // 可选项,是否启用HTTP/2\n\tbool http3Enabled = 10; // 可选项,是否启用HTTP/3(在满足条件的基础上)\n\tstring minVersion = 2; // 支持的最低SSL版本,可选择值: SSL 3.0, TLS 1.0, TLS 1.1, TLS 1.2, TLS 1.3\n\tbytes sslCertsJSON = 3; // 可选项,关联的证书信息,可以在创建后再通过修改策略来配置 @link json:ssl_cert_refs\n\tbytes hstsJSON = 4; // 可选项,HSTS配置 @link json:hsts\n\tint32 clientAuthType = 5; // 可选项,客户端校验类型:0 无需证书,1 需要客户端证书,2 需要任一客户端证书,3 如果客户端上传了证书才校验,4 需要客户端证书而且需要校验\n\tbytes clientCACertsJSON = 6; // 可选项,CA证书内容\n\trepeated string cipherSuites = 7; // 可选项,自定义加密套件\n\tbool cipherSuitesIsOn = 8; // 可选项,是否启用自定义加密套件\n\tbool ocspIsOn = 9; // 可选项,是否启用OCSP\n}", + "doc": "创建策略" }, { "name": "CreateSSLPolicyResponse", - "code": "message CreateSSLPolicyResponse {\n\tint64 sslPolicyId = 1;\n}", + "code": "message CreateSSLPolicyResponse {\n\tint64 sslPolicyId = 1; // 创建的策略ID\n}", "doc": "" }, { @@ -15384,8 +15388,8 @@ }, { "name": "CreateServerRequest", - "code": "message CreateServerRequest {\n\tint64 userId = 1;\n\tint64 adminId = 2;\n\tstring type = 3;\n\tstring name = 4;\n\tstring description = 5;\n\n\t// 配置相关\n\tbytes serverNamesJSON = 8; // @link json:server_names\n\tbytes serverNamesJON = 19 [deprecated = true]; // 已过期,请使用 serverNamesJSON 代替\n\tbytes httpJSON = 9;\n\tbytes httpsJSON = 10;\n\tbytes tcpJSON = 11;\n\tbytes tlsJSON = 12;\n\tbytes unixJSON = 13;\n\tbytes udpJSON = 14;\n\tint64 webId = 15;\n\tbytes reverseProxyJSON = 16;\n\trepeated int64 serverGroupIds = 17;\n\tint64 userPlanId = 18;\n\n\tint64 nodeClusterId = 30;\n\tbytes includeNodesJSON = 31;\n\tbytes excludeNodesJSON = 32;\n}", - "doc": "创建服务" + "code": "message CreateServerRequest {\n\tint64 userId = 1; // 可选参数,用户ID,如果不想指定用户,此值可以为0\n\tint64 adminId = 2; // 可选参数,管理员ID\n\tstring type = 3; // 类型:httpProxy(HTTP反向代理,一般CDN服务都选这个)、httpWeb(静态文件服务,只会从服务器上读取文件内容,不会转发到源站)、tcpProxy(TCP反向代理)、udpProxy(UDP反向代理)\n\tstring name = 4; // 网站名称,通常可以是一个域名\n\tstring description = 5; // 可选参数,网站描述\n\n\t// 配置相关\n\tbytes serverNamesJSON = 8; // 域名列表 @link json:server_names\n\tbytes serverNamesJON = 19 [deprecated = true]; // 已过期,请使用 serverNamesJSON 代替\n\tbytes httpJSON = 9; // HTTP协议,当type为httpProxy或者httpWeb时填写 @link json:http_protocol\n\tbytes httpsJSON = 10; // HTTPS协议,当type为httpProxy或者httpWeb时填写 @link json:https_protocol\n\tbytes tcpJSON = 11; // TCP协议,当type为tcpProxy时填写 @link json:tcp_protocol\n\tbytes tlsJSON = 12; // TLS协议,当type为tcpProxy时填写 @link json:tls_protocol\n\tbytes unixJSON = 13; // 备用参数,不用填写\n\tbytes udpJSON = 14; // UDP协议,当type为udpProxy时填写 @link json:udp_protocol\n\tint64 webId = 15; // 可选参数,Web配置ID,当type为httpProxy或者httpWeb时填写,可以通过 /HTTPWebService/createHTTPWeb 接口创建;如果你需要配置缓存等信息时需要在 HTTPWebService 接口操作\n\tbytes reverseProxyJSON = 16; // 反向代理(包含源站)设置\n\trepeated int64 serverGroupIds = 17; // 所属网站分组ID列表\n\tint64 userPlanId = 18; // 可选参数,套餐ID\n\n\tint64 nodeClusterId = 30; // 所部署的集群ID\n\tbytes includeNodesJSON = 31; // 备用参数,不用填写\n\tbytes excludeNodesJSON = 32; // 备用参数,不用填写\n}", + "doc": "创建网站" }, { "name": "CreateServerResponse", @@ -18244,12 +18248,12 @@ }, { "name": "FindEnabledSSLPolicyConfigRequest", - "code": "message FindEnabledSSLPolicyConfigRequest {\n\tint64 sslPolicyId = 1; // SSL策略ID\n\tbool ignoreData = 2; // 忽略证书内容数据\n}", - "doc": "查找Policy" + "code": "message FindEnabledSSLPolicyConfigRequest {\n\tint64 sslPolicyId = 1; // SSL策略ID\n\tbool ignoreData = 2; // 是否忽略证书内容数据\n}", + "doc": "查找策略" }, { "name": "FindEnabledSSLPolicyConfigResponse", - "code": "message FindEnabledSSLPolicyConfigResponse {\n\tbytes sslPolicyJSON = 1;\n}", + "code": "message FindEnabledSSLPolicyConfigResponse {\n\tbytes sslPolicyJSON = 1; // 策略配置信息\n}", "doc": "" }, { @@ -22384,8 +22388,8 @@ }, { "name": "UpdateSSLPolicyRequest", - "code": "message UpdateSSLPolicyRequest {\n\tint64 sslPolicyId = 1;\n\tbool http2Enabled = 2;\n\tbool http3Enabled = 11; // 是否启用HTTP/3(在满足条件的基础上)\n\tstring minVersion = 3;\n\tbytes sslCertsJSON = 4;\n\tbytes hstsJSON = 5;\n\tint32 clientAuthType = 6;\n\tbytes clientCACertsJSON = 7;\n\trepeated string cipherSuites = 8;\n\tbool cipherSuitesIsOn = 9;\n\tbool ocspIsOn = 10;\n}", - "doc": "修改Policy" + "code": "message UpdateSSLPolicyRequest {\n\tint64 sslPolicyId = 1; // 策略ID\n\tbool http2Enabled = 2; // 可选项,是否启用HTTP/2\n\tbool http3Enabled = 11; // 可选项,是否启用HTTP/3(在满足条件的基础上)\n\tstring minVersion = 3; // 支持的最低SSL版本,可选择值: SSL 3.0, TLS 1.0, TLS 1.1, TLS 1.2, TLS 1.3\n\tbytes sslCertsJSON = 4; // 关联的证书信息 @link json:ssl_cert_refs\n\tbytes hstsJSON = 5; // 可选项,HSTS配置 @link json:hsts\n\tint32 clientAuthType = 6; // 可选项,客户端校验类型:0 无需证书,1 需要客户端证书,2 需要任一客户端证书,3 如果客户端上传了证书才校验,4 需要客户端证书而且需要校验\n\tbytes clientCACertsJSON = 7; // 可选项,CA证书内容\n\trepeated string cipherSuites = 8; // 可选项,自定义加密套件\n\tbool cipherSuitesIsOn = 9; // 可选项,是否启用自定义加密套件\n\tbool ocspIsOn = 10; // 可选项,是否启用OCSP\n}", + "doc": "修改策略" }, { "name": "UpdateScriptRequest", @@ -22819,6 +22823,10 @@ } ], "links": [ + { + "name": "json:hsts", + "content": "# HSTS\n\n## 定义\n~~~json\n{\n \"isOn\": \"是否启用\",\n \"maxAge\": \"最大有效期,单位秒\",\n \"includeSubDomains\": \"可选项,是否包含子域名\",\n \"preload\": \"可选项,是否预加载\",\n \"domains\": [\"可选项,支持的域名1\", \"可选项,支持的域名2\" ...]\n}\n~~~\n\n其中:\n* `maxAge` 可以填写一天(86400秒)或者更长时间\n* 如果不填写 `domains` 则支持所有域名\n\n## 示例\n### 不限制任何域名\n~~~json\n{\n \"isOn\": true,\n \"maxAge\": 86400,\n \"includeSubDomains\":false, \n \"preload\":false,\n \"domains\":[]\n}\n~~~\n\n### 限制域名\n~~~json\n{\n \"isOn\": true,\n \"maxAge\": 86400,\n \"includeSubDomains\":false, \n \"preload\":false,\n \"domains\":[\"example.com\", \"www.example.com\"]\n}\n~~~" + }, { "name": "json:http_access_log_ref", "content": "# 访问日志引用\n## 定义\n~~~json\n{\n \"isPrior\": \"是否覆盖父级应用\",\n \"isOn\": \"是否启用配置\",\n \"fields\": [\"字段1\", \"字段2\", ...] // 可以留空\n \"status1\": \"是否启用状态1xx\",\n \"status2\": \"是否启用状态2xx\",\n \"status3\": \"是否启用状态3xx\",\n \"status4\": \"是否启用状态4xx\",\n \"status5\": \"是否启用状态5xx\",\n \"enableClientClosed\": \"是否记录客户端关闭事件\",\n \"firewallOnly\": \"是否只记录防火墙(WAF)相关日志\"\n}\n~~~\n\n### 字段值\n* `1` - 请求Header\n* `2` - 响应Header\n* `3` - 请求URL参数\n* `4` - Cookie\n* `5` - 扩展信息\n* `6` - Referer\n* `7` - UserAgent\n* `8` - 请求Body\n* `9` - 响应Body(目前不支持)\n\n## 示例\n~~~json\n{\n \"isPrior\": true,\n \"isOn\": true,\n \"fields\": [],\n \"status1\": true,\n \"status2\": true,\n \"status3\": true,\n \"status4\": true,\n \"status5\": true,\n \"enableClientClosed\": true,\n \"firewallOnly\": true\n}\n~~~" @@ -22835,6 +22843,10 @@ "name": "json:http_firewall_ref", "content": "# HTTP防火墙(即WAF)引用\n## 定义\n~~~json\n{\n \"isPrior\": \"是否覆盖上级配置\",\n \"isOn\": \"是否启用配置\",\n \"firewallPolicyId\": \"WAF策略ID\"\n}\n~~~\n\n## 示例\n~~~json\n{\n \"isPrior\": true,\n \"isOn\": true,\n \"firewallPolicyId\": 123\n}\n~~~" }, + { + "name": "json:http_protocol", + "content": "# HTTP协议配置\n\n## 定义\n~~~json\n{\n\t\"isOn\": \"是否启用\",\n \t\"listen\": [\n {\n\t\t\"protocol\": \"协议\",\n\t\t\"host\": \"主机地址,通常为空\",\n\t\t\"portRange\": \"端口或者端口范围\"\n\t },\n\t ...\n\t]\n}\n~~~\n\n## 示例\n\n### 监听80端口\n~~~json\n{\n \"isOn\": true,\n \"listen\": [\n {\n \"protocol\": \"http\",\n \"host\": \"\",\n \"portRange\": \"80\"\n\t}\n ]\n}\n~~~\n\n### 监听80和8080端口\n~~~json\n{\n \"isOn\": true,\n \"listen\": [\n {\n \"protocol\": \"http\",\n \"portRange\": \"80\"\n\t},\n {\n \"protocol\": \"http\",\n \"portRange\": \"8080\"\n\t}\n ]\n}\n~~~" + }, { "name": "json:http_remote_addr_config", "content": "# HTTP获取客户端IP地址方式配置\n## 定义\n~~~json\n{\n \"isPrior\": \"是否覆盖父级应用\",\n \"isOn\": \"是否启用配置\",\n \"value\": \"自定义值变量\",\n \"isCustomized\": \"是否自定义\"\n}\n~~~\n\n## 示例\n### 不启用自定义\n~~~json\n{\n \"isPrior\": false,\n \"isOn\": false,\n \"value\": \"\",\n \"isCustomized\": false\n}\n~~~\n\n### 启用自定义\n~~~json\n{\n \"isPrior\": true,\n \"isOn\": true,\n \"value\": \"${remoteAddr}\",\n \"isCustomized\": true\n}\n~~~" @@ -22847,6 +22859,10 @@ "name": "json:http_websocket_ref", "content": "# WebSocket引用\n\n## 定义\n~~~json\n{\n\t\"isPrior\": \"是否覆盖上级配置,true|false\",\n\t\"isOn\": \"是否启用,true|false\",\n\t\"websocketId\": \"Websocket配置ID\"\n}\n~~~\n其中:\n* `Websocket配置ID` - 需要调用 `HTTPWebsocketService.CreateHTTPWebsocketRequest()` 生成 \n\n## 示例\n~~~json\n{\n\t\"isPrior\": true,\n\t\"isOn\": true,\n\t\"websocketId\": 123\n}\n~~~" }, + { + "name": "json:https_protocol", + "content": "# HTTPS协议配置\n\n## 定义\n~~~json\n{\n\t\"isOn\": \"是否启用\",\n \t\"listen\": [\n {\n\t\t\"protocol\": \"协议\",\n\t\t\"host\": \"主机地址,通常为空\",\n\t\t\"portRange\": \"端口或者端口范围\"\n\t },\n\t ...\n\t],\n \t\"sslPolicyRef\": {\n\t \"isOn\": \"启用SSL策略\",\n\t \"sslPolicyId\": \"SSL策略ID\"\n\t}\n}\n~~~\n\n其中 `SSL策略ID` 通过 `/SSLPolicyService/createSSLPolicy` 接口创建。\n\n## 示例\n\n### 监听443端口\n~~~json\n{\n \"isOn\": true,\n \"listen\": [\n {\n \"protocol\": \"https\",\n \"host\": \"\",\n \"portRange\": \"443\"\n\t}\n ],\n \"sslPolicyRef\": {\n \"isOn\": true,\n \"sslPolicyId\": 123\n }\n}\n~~~\n\n其中SSL策略ID `123` 通过 `/SSLPolicyService/createSSLPolicy` 接口创建。\n\n### 监听443和8443端口\n~~~json\n{\n \"isOn\": true,\n \"listen\": [\n {\n \"protocol\": \"https\",\n \"portRange\": \"443\"\n\t},\n {\n \"protocol\": \"https\",\n \"portRange\": \"8443\"\n\t}\n ],\n \"sslPolicyRef\": {\n \"isOn\": true,\n \"sslPolicyId\": 123\n }\n}\n~~~\n\n其中SSL策略ID `123` 通过 `/SSLPolicyService/createSSLPolicy` 接口创建。" + }, { "name": "json:server_name", "content": "# 域名信息\n\n## 示例\n~~~json\n{\n \"name\": \"example.com\",\n \"type\": \"full\"\n}\n~~~" @@ -22857,7 +22873,19 @@ }, { "name": "json:ssl_cert_refs", - "content": "# SSL证书引用\n\n## 示例\n~~~\n[\n {\n \"isOn\": true,\n \"certId\": 12345\n },\n {\n \"isOn\": true,\n \"certId\": 12346\n }\n]\n~~~\n\n其中:\n* `certId` - 证书的ID" + "content": "# SSL证书引用\n\n可以用来引用一组证书。\n\n## 定义\n~~~json\n[\n {\n\t\"isOn\": \"是否启用\",\n\t\"certId\": \"证书ID 1\"\n },\n {\n \"isOn\": \"是否启用\",\n \"certId\": \"证书ID 2\"\n },\n ...\n]\n~~~\n\n## 示例\n~~~json\n[\n {\n \"isOn\": true,\n \"certId\": 12345\n },\n {\n \"isOn\": true,\n \"certId\": 12346\n }\n]\n~~~\n\n其中:\n* `certId` - 证书的ID" + }, + { + "name": "json:tcp_protocol", + "content": "# TCP协议配置\n\n## 定义\n~~~json\n{\n\t\"isOn\": \"是否启用\",\n \t\"listen\": [\n {\n\t\t\"protocol\": \"协议\",\n\t\t\"host\": \"主机地址,通常为空\",\n\t\t\"portRange\": \"端口或者端口范围\"\n\t },\n\t ...\n\t]\n}\n~~~\n\n## 示例\n\n### 监听1234端口\n~~~json\n{\n \"isOn\": true,\n \"listen\": [\n {\n \"protocol\": \"tcp\",\n \"host\": \"\",\n \"portRange\": \"1234\"\n\t}\n ]\n}\n~~~\n\n### 监听1234和2345端口\n~~~json\n{\n \"isOn\": true,\n \"listen\": [\n {\n \"protocol\": \"tcp\",\n \"portRange\": \"1234\"\n\t},\n {\n \"protocol\": \"tcp\",\n \"portRange\": \"2345\"\n\t}\n ]\n}\n~~~\n\n### 监听1234到1240之间的所有端口\n~~~json\n{\n \"isOn\": true,\n \"listen\": [\n {\n \"protocol\": \"tcp\",\n \"host\": \"\",\n \"portRange\": \"1234-1240\"\n\t}\n ]\n}\n~~~" + }, + { + "name": "json:tls_protocol", + "content": "# TLS协议配置\n\n## 定义\n~~~json\n{\n\t\"isOn\": \"是否启用\",\n \t\"listen\": [\n {\n\t\t\"protocol\": \"协议\",\n\t\t\"host\": \"主机地址,通常为空\",\n\t\t\"portRange\": \"端口或者端口范围\"\n\t },\n\t ...\n\t],\n \t\"sslPolicyRef\": {\n\t \"isOn\": \"启用SSL策略\",\n\t \"sslPolicyId\": \"SSL策略ID\"\n\t}\n}\n~~~\n\n其中 `SSL策略ID` 通过 `/SSLPolicyService/createSSLPolicy` 接口创建。\n\n## 示例\n\n### 监听8443端口\n~~~json\n{\n \"isOn\": true,\n \"listen\": [\n {\n \"protocol\": \"tls\",\n \"host\": \"\",\n \"portRange\": \"8443\"\n\t}\n ],\n \"sslPolicyRef\": {\n \"isOn\": true,\n \"sslPolicyId\": 123\n }\n}\n~~~\n\n其中SSL策略ID `123` 通过 `/SSLPolicyService/createSSLPolicy` 接口创建。\n\n### 监听8443和8543端口\n~~~json\n{\n \"isOn\": true,\n \"listen\": [\n {\n \"protocol\": \"tls\",\n \"portRange\": \"8443\"\n\t},\n {\n \"protocol\": \"tls\",\n \"portRange\": \"8543\"\n\t}\n ],\n \"sslPolicyRef\": {\n \"isOn\": true,\n \"sslPolicyId\": 123\n }\n}\n~~~\n\n其中SSL策略ID `123` 通过 `/SSLPolicyService/createSSLPolicy` 接口创建。\n\n" + }, + { + "name": "json:udp_protocol", + "content": "# UDP协议配置\n\n## 定义\n~~~json\n{\n\t\"isOn\": \"是否启用\",\n \t\"listen\": [\n {\n\t\t\"protocol\": \"协议\",\n\t\t\"host\": \"主机地址,通常为空\",\n\t\t\"portRange\": \"端口或者端口范围\"\n\t },\n\t ...\n\t]\n}\n~~~\n\n## 示例\n\n### 监听1234端口\n~~~json\n{\n \"isOn\": true,\n \"listen\": [\n {\n \"protocol\": \"udp\",\n \"host\": \"\",\n \"portRange\": \"1234\"\n\t}\n ]\n}\n~~~\n\n### 监听1234和2345端口\n~~~json\n{\n \"isOn\": true,\n \"listen\": [\n {\n \"protocol\": \"udp\",\n \"portRange\": \"1234\"\n\t},\n {\n \"protocol\": \"udp\",\n \"portRange\": \"2345\"\n\t}\n ]\n}\n~~~\n\n### 监听1234到1240之间的所有端口\n~~~json\n{\n \"isOn\": true,\n \"listen\": [\n {\n \"protocol\": \"udp\",\n \"host\": \"\",\n \"portRange\": \"1234-1240\"\n\t}\n ]\n}\n~~~" } ] } \ No newline at end of file diff --git a/pkg/rpc/jsons/hsts.md b/pkg/rpc/jsons/hsts.md new file mode 100644 index 0000000..7b070bc --- /dev/null +++ b/pkg/rpc/jsons/hsts.md @@ -0,0 +1,39 @@ +# HSTS + +## 定义 +~~~json +{ + "isOn": "是否启用", + "maxAge": "最大有效期,单位秒", + "includeSubDomains": "可选项,是否包含子域名", + "preload": "可选项,是否预加载", + "domains": ["可选项,支持的域名1", "可选项,支持的域名2" ...] +} +~~~ + +其中: +* `maxAge` 可以填写一天(86400秒)或者更长时间 +* 如果不填写 `domains` 则支持所有域名 + +## 示例 +### 不限制任何域名 +~~~json +{ + "isOn": true, + "maxAge": 86400, + "includeSubDomains":false, + "preload":false, + "domains":[] +} +~~~ + +### 限制域名 +~~~json +{ + "isOn": true, + "maxAge": 86400, + "includeSubDomains":false, + "preload":false, + "domains":["example.com", "www.example.com"] +} +~~~ \ No newline at end of file diff --git a/pkg/rpc/jsons/http_protocol.md b/pkg/rpc/jsons/http_protocol.md new file mode 100644 index 0000000..ee58e0d --- /dev/null +++ b/pkg/rpc/jsons/http_protocol.md @@ -0,0 +1,49 @@ +# HTTP协议配置 + +## 定义 +~~~json +{ + "isOn": "是否启用", + "listen": [ + { + "protocol": "协议", + "host": "主机地址,通常为空", + "portRange": "端口或者端口范围" + }, + ... + ] +} +~~~ + +## 示例 + +### 监听80端口 +~~~json +{ + "isOn": true, + "listen": [ + { + "protocol": "http", + "host": "", + "portRange": "80" + } + ] +} +~~~ + +### 监听80和8080端口 +~~~json +{ + "isOn": true, + "listen": [ + { + "protocol": "http", + "portRange": "80" + }, + { + "protocol": "http", + "portRange": "8080" + } + ] +} +~~~ \ No newline at end of file diff --git a/pkg/rpc/jsons/https_protocol.md b/pkg/rpc/jsons/https_protocol.md new file mode 100644 index 0000000..00d58c3 --- /dev/null +++ b/pkg/rpc/jsons/https_protocol.md @@ -0,0 +1,67 @@ +# HTTPS协议配置 + +## 定义 +~~~json +{ + "isOn": "是否启用", + "listen": [ + { + "protocol": "协议", + "host": "主机地址,通常为空", + "portRange": "端口或者端口范围" + }, + ... + ], + "sslPolicyRef": { + "isOn": "启用SSL策略", + "sslPolicyId": "SSL策略ID" + } +} +~~~ + +其中 `SSL策略ID` 通过 `/SSLPolicyService/createSSLPolicy` 接口创建。 + +## 示例 + +### 监听443端口 +~~~json +{ + "isOn": true, + "listen": [ + { + "protocol": "https", + "host": "", + "portRange": "443" + } + ], + "sslPolicyRef": { + "isOn": true, + "sslPolicyId": 123 + } +} +~~~ + +其中SSL策略ID `123` 通过 `/SSLPolicyService/createSSLPolicy` 接口创建。 + +### 监听443和8443端口 +~~~json +{ + "isOn": true, + "listen": [ + { + "protocol": "https", + "portRange": "443" + }, + { + "protocol": "https", + "portRange": "8443" + } + ], + "sslPolicyRef": { + "isOn": true, + "sslPolicyId": 123 + } +} +~~~ + +其中SSL策略ID `123` 通过 `/SSLPolicyService/createSSLPolicy` 接口创建。 \ No newline at end of file diff --git a/pkg/rpc/jsons/ssl_cert_refs.md b/pkg/rpc/jsons/ssl_cert_refs.md index 546c21b..66c8cd4 100644 --- a/pkg/rpc/jsons/ssl_cert_refs.md +++ b/pkg/rpc/jsons/ssl_cert_refs.md @@ -1,7 +1,24 @@ # SSL证书引用 -## 示例 +可以用来引用一组证书。 + +## 定义 +~~~json +[ + { + "isOn": "是否启用", + "certId": "证书ID 1" + }, + { + "isOn": "是否启用", + "certId": "证书ID 2" + }, + ... +] ~~~ + +## 示例 +~~~json [ { "isOn": true, diff --git a/pkg/rpc/jsons/tcp_protocol.md b/pkg/rpc/jsons/tcp_protocol.md new file mode 100644 index 0000000..1016c62 --- /dev/null +++ b/pkg/rpc/jsons/tcp_protocol.md @@ -0,0 +1,63 @@ +# TCP协议配置 + +## 定义 +~~~json +{ + "isOn": "是否启用", + "listen": [ + { + "protocol": "协议", + "host": "主机地址,通常为空", + "portRange": "端口或者端口范围" + }, + ... + ] +} +~~~ + +## 示例 + +### 监听1234端口 +~~~json +{ + "isOn": true, + "listen": [ + { + "protocol": "tcp", + "host": "", + "portRange": "1234" + } + ] +} +~~~ + +### 监听1234和2345端口 +~~~json +{ + "isOn": true, + "listen": [ + { + "protocol": "tcp", + "portRange": "1234" + }, + { + "protocol": "tcp", + "portRange": "2345" + } + ] +} +~~~ + +### 监听1234到1240之间的所有端口 +~~~json +{ + "isOn": true, + "listen": [ + { + "protocol": "tcp", + "host": "", + "portRange": "1234-1240" + } + ] +} +~~~ \ No newline at end of file diff --git a/pkg/rpc/jsons/tls_protocol.md b/pkg/rpc/jsons/tls_protocol.md new file mode 100644 index 0000000..47462cf --- /dev/null +++ b/pkg/rpc/jsons/tls_protocol.md @@ -0,0 +1,68 @@ +# TLS协议配置 + +## 定义 +~~~json +{ + "isOn": "是否启用", + "listen": [ + { + "protocol": "协议", + "host": "主机地址,通常为空", + "portRange": "端口或者端口范围" + }, + ... + ], + "sslPolicyRef": { + "isOn": "启用SSL策略", + "sslPolicyId": "SSL策略ID" + } +} +~~~ + +其中 `SSL策略ID` 通过 `/SSLPolicyService/createSSLPolicy` 接口创建。 + +## 示例 + +### 监听8443端口 +~~~json +{ + "isOn": true, + "listen": [ + { + "protocol": "tls", + "host": "", + "portRange": "8443" + } + ], + "sslPolicyRef": { + "isOn": true, + "sslPolicyId": 123 + } +} +~~~ + +其中SSL策略ID `123` 通过 `/SSLPolicyService/createSSLPolicy` 接口创建。 + +### 监听8443和8543端口 +~~~json +{ + "isOn": true, + "listen": [ + { + "protocol": "tls", + "portRange": "8443" + }, + { + "protocol": "tls", + "portRange": "8543" + } + ], + "sslPolicyRef": { + "isOn": true, + "sslPolicyId": 123 + } +} +~~~ + +其中SSL策略ID `123` 通过 `/SSLPolicyService/createSSLPolicy` 接口创建。 + diff --git a/pkg/rpc/jsons/udp_protocol.md b/pkg/rpc/jsons/udp_protocol.md new file mode 100644 index 0000000..4afa867 --- /dev/null +++ b/pkg/rpc/jsons/udp_protocol.md @@ -0,0 +1,63 @@ +# UDP协议配置 + +## 定义 +~~~json +{ + "isOn": "是否启用", + "listen": [ + { + "protocol": "协议", + "host": "主机地址,通常为空", + "portRange": "端口或者端口范围" + }, + ... + ] +} +~~~ + +## 示例 + +### 监听1234端口 +~~~json +{ + "isOn": true, + "listen": [ + { + "protocol": "udp", + "host": "", + "portRange": "1234" + } + ] +} +~~~ + +### 监听1234和2345端口 +~~~json +{ + "isOn": true, + "listen": [ + { + "protocol": "udp", + "portRange": "1234" + }, + { + "protocol": "udp", + "portRange": "2345" + } + ] +} +~~~ + +### 监听1234到1240之间的所有端口 +~~~json +{ + "isOn": true, + "listen": [ + { + "protocol": "udp", + "host": "", + "portRange": "1234-1240" + } + ] +} +~~~ \ No newline at end of file diff --git a/pkg/rpc/pb/service_server.pb.go b/pkg/rpc/pb/service_server.pb.go index 7d9d929..238154d 100644 --- a/pkg/rpc/pb/service_server.pb.go +++ b/pkg/rpc/pb/service_server.pb.go @@ -29,34 +29,34 @@ const ( // of the legacy proto package is being used. const _ = proto.ProtoPackageIsVersion4 -// 创建服务 +// 创建网站 type CreateServerRequest struct { state protoimpl.MessageState sizeCache protoimpl.SizeCache unknownFields protoimpl.UnknownFields - UserId int64 `protobuf:"varint,1,opt,name=userId,proto3" json:"userId,omitempty"` - AdminId int64 `protobuf:"varint,2,opt,name=adminId,proto3" json:"adminId,omitempty"` - Type string `protobuf:"bytes,3,opt,name=type,proto3" json:"type,omitempty"` - Name string `protobuf:"bytes,4,opt,name=name,proto3" json:"name,omitempty"` - Description string `protobuf:"bytes,5,opt,name=description,proto3" json:"description,omitempty"` + UserId int64 `protobuf:"varint,1,opt,name=userId,proto3" json:"userId,omitempty"` // 可选参数,用户ID,如果不想指定用户,此值可以为0 + AdminId int64 `protobuf:"varint,2,opt,name=adminId,proto3" json:"adminId,omitempty"` // 可选参数,管理员ID + Type string `protobuf:"bytes,3,opt,name=type,proto3" json:"type,omitempty"` // 类型:httpProxy(HTTP反向代理,一般CDN服务都选这个)、httpWeb(静态文件服务,只会从服务器上读取文件内容,不会转发到源站)、tcpProxy(TCP反向代理)、udpProxy(UDP反向代理) + Name string `protobuf:"bytes,4,opt,name=name,proto3" json:"name,omitempty"` // 网站名称,通常可以是一个域名 + Description string `protobuf:"bytes,5,opt,name=description,proto3" json:"description,omitempty"` // 可选参数,网站描述 // 配置相关 - ServerNamesJSON []byte `protobuf:"bytes,8,opt,name=serverNamesJSON,proto3" json:"serverNamesJSON,omitempty"` // @link json:server_names + ServerNamesJSON []byte `protobuf:"bytes,8,opt,name=serverNamesJSON,proto3" json:"serverNamesJSON,omitempty"` // 域名列表 @link json:server_names // Deprecated: Do not use. - ServerNamesJON []byte `protobuf:"bytes,19,opt,name=serverNamesJON,proto3" json:"serverNamesJON,omitempty"` // 已过期,请使用 serverNamesJSON 代替 - HttpJSON []byte `protobuf:"bytes,9,opt,name=httpJSON,proto3" json:"httpJSON,omitempty"` - HttpsJSON []byte `protobuf:"bytes,10,opt,name=httpsJSON,proto3" json:"httpsJSON,omitempty"` - TcpJSON []byte `protobuf:"bytes,11,opt,name=tcpJSON,proto3" json:"tcpJSON,omitempty"` - TlsJSON []byte `protobuf:"bytes,12,opt,name=tlsJSON,proto3" json:"tlsJSON,omitempty"` - UnixJSON []byte `protobuf:"bytes,13,opt,name=unixJSON,proto3" json:"unixJSON,omitempty"` - UdpJSON []byte `protobuf:"bytes,14,opt,name=udpJSON,proto3" json:"udpJSON,omitempty"` - WebId int64 `protobuf:"varint,15,opt,name=webId,proto3" json:"webId,omitempty"` - ReverseProxyJSON []byte `protobuf:"bytes,16,opt,name=reverseProxyJSON,proto3" json:"reverseProxyJSON,omitempty"` - ServerGroupIds []int64 `protobuf:"varint,17,rep,packed,name=serverGroupIds,proto3" json:"serverGroupIds,omitempty"` - UserPlanId int64 `protobuf:"varint,18,opt,name=userPlanId,proto3" json:"userPlanId,omitempty"` - NodeClusterId int64 `protobuf:"varint,30,opt,name=nodeClusterId,proto3" json:"nodeClusterId,omitempty"` - IncludeNodesJSON []byte `protobuf:"bytes,31,opt,name=includeNodesJSON,proto3" json:"includeNodesJSON,omitempty"` - ExcludeNodesJSON []byte `protobuf:"bytes,32,opt,name=excludeNodesJSON,proto3" json:"excludeNodesJSON,omitempty"` + ServerNamesJON []byte `protobuf:"bytes,19,opt,name=serverNamesJON,proto3" json:"serverNamesJON,omitempty"` // 已过期,请使用 serverNamesJSON 代替 + HttpJSON []byte `protobuf:"bytes,9,opt,name=httpJSON,proto3" json:"httpJSON,omitempty"` // HTTP协议,当type为httpProxy或者httpWeb时填写 @link json:http_protocol + HttpsJSON []byte `protobuf:"bytes,10,opt,name=httpsJSON,proto3" json:"httpsJSON,omitempty"` // HTTPS协议,当type为httpProxy或者httpWeb时填写 @link json:https_protocol + TcpJSON []byte `protobuf:"bytes,11,opt,name=tcpJSON,proto3" json:"tcpJSON,omitempty"` // TCP协议,当type为tcpProxy时填写 @link json:tcp_protocol + TlsJSON []byte `protobuf:"bytes,12,opt,name=tlsJSON,proto3" json:"tlsJSON,omitempty"` // TLS协议,当type为tcpProxy时填写 @link json:tls_protocol + UnixJSON []byte `protobuf:"bytes,13,opt,name=unixJSON,proto3" json:"unixJSON,omitempty"` // 备用参数,不用填写 + UdpJSON []byte `protobuf:"bytes,14,opt,name=udpJSON,proto3" json:"udpJSON,omitempty"` // UDP协议,当type为udpProxy时填写 @link json:udp_protocol + WebId int64 `protobuf:"varint,15,opt,name=webId,proto3" json:"webId,omitempty"` // 可选参数,Web配置ID,当type为httpProxy或者httpWeb时填写,可以通过 /HTTPWebService/createHTTPWeb 接口创建;如果你需要配置缓存等信息时需要在 HTTPWebService 接口操作 + ReverseProxyJSON []byte `protobuf:"bytes,16,opt,name=reverseProxyJSON,proto3" json:"reverseProxyJSON,omitempty"` // 反向代理(包含源站)设置 + ServerGroupIds []int64 `protobuf:"varint,17,rep,packed,name=serverGroupIds,proto3" json:"serverGroupIds,omitempty"` // 所属网站分组ID列表 + UserPlanId int64 `protobuf:"varint,18,opt,name=userPlanId,proto3" json:"userPlanId,omitempty"` // 可选参数,套餐ID + NodeClusterId int64 `protobuf:"varint,30,opt,name=nodeClusterId,proto3" json:"nodeClusterId,omitempty"` // 所部署的集群ID + IncludeNodesJSON []byte `protobuf:"bytes,31,opt,name=includeNodesJSON,proto3" json:"includeNodesJSON,omitempty"` // 备用参数,不用填写 + ExcludeNodesJSON []byte `protobuf:"bytes,32,opt,name=excludeNodesJSON,proto3" json:"excludeNodesJSON,omitempty"` // 备用参数,不用填写 } func (x *CreateServerRequest) Reset() { @@ -7266,7 +7266,7 @@ const _ = grpc.SupportPackageIsVersion6 // // For semantics around ctx use and closing/ending streaming RPCs, please refer to https://godoc.org/google.golang.org/grpc#ClientConn.NewStream. type ServerServiceClient interface { - // 创建服务 + // 创建网站 CreateServer(ctx context.Context, in *CreateServerRequest, opts ...grpc.CallOption) (*CreateServerResponse, error) // 修改服务基本信息 UpdateServerBasic(ctx context.Context, in *UpdateServerBasicRequest, opts ...grpc.CallOption) (*RPCSuccess, error) @@ -7883,7 +7883,7 @@ func (c *serverServiceClient) CopyServerConfig(ctx context.Context, in *CopyServ // ServerServiceServer is the server API for ServerService service. type ServerServiceServer interface { - // 创建服务 + // 创建网站 CreateServer(context.Context, *CreateServerRequest) (*CreateServerResponse, error) // 修改服务基本信息 UpdateServerBasic(context.Context, *UpdateServerBasicRequest) (*RPCSuccess, error) diff --git a/pkg/rpc/pb/service_ssl_policy.pb.go b/pkg/rpc/pb/service_ssl_policy.pb.go index 420ea8b..e46d9da 100644 --- a/pkg/rpc/pb/service_ssl_policy.pb.go +++ b/pkg/rpc/pb/service_ssl_policy.pb.go @@ -29,22 +29,22 @@ const ( // of the legacy proto package is being used. const _ = proto.ProtoPackageIsVersion4 -// 创建Policy +// 创建策略 type CreateSSLPolicyRequest struct { state protoimpl.MessageState sizeCache protoimpl.SizeCache unknownFields protoimpl.UnknownFields - Http2Enabled bool `protobuf:"varint,1,opt,name=http2Enabled,proto3" json:"http2Enabled,omitempty"` // 是否启用HTTP/2 - Http3Enabled bool `protobuf:"varint,10,opt,name=http3Enabled,proto3" json:"http3Enabled,omitempty"` // 是否启用HTTP/3(在满足条件的基础上) - MinVersion string `protobuf:"bytes,2,opt,name=minVersion,proto3" json:"minVersion,omitempty"` // 支持的最低SSL版本 - SslCertsJSON []byte `protobuf:"bytes,3,opt,name=sslCertsJSON,proto3" json:"sslCertsJSON,omitempty"` // 证书内容 - HstsJSON []byte `protobuf:"bytes,4,opt,name=hstsJSON,proto3" json:"hstsJSON,omitempty"` // HSTS配置 - ClientAuthType int32 `protobuf:"varint,5,opt,name=clientAuthType,proto3" json:"clientAuthType,omitempty"` // - ClientCACertsJSON []byte `protobuf:"bytes,6,opt,name=clientCACertsJSON,proto3" json:"clientCACertsJSON,omitempty"` // CA证书内容 - CipherSuites []string `protobuf:"bytes,7,rep,name=cipherSuites,proto3" json:"cipherSuites,omitempty"` // 自定义加密套件 - CipherSuitesIsOn bool `protobuf:"varint,8,opt,name=cipherSuitesIsOn,proto3" json:"cipherSuitesIsOn,omitempty"` // 是否启用自定义加密套件 - OcspIsOn bool `protobuf:"varint,9,opt,name=ocspIsOn,proto3" json:"ocspIsOn,omitempty"` // 是否启用OCSP + Http2Enabled bool `protobuf:"varint,1,opt,name=http2Enabled,proto3" json:"http2Enabled,omitempty"` // 可选项,是否启用HTTP/2 + Http3Enabled bool `protobuf:"varint,10,opt,name=http3Enabled,proto3" json:"http3Enabled,omitempty"` // 可选项,是否启用HTTP/3(在满足条件的基础上) + MinVersion string `protobuf:"bytes,2,opt,name=minVersion,proto3" json:"minVersion,omitempty"` // 支持的最低SSL版本,可选择值: SSL 3.0, TLS 1.0, TLS 1.1, TLS 1.2, TLS 1.3 + SslCertsJSON []byte `protobuf:"bytes,3,opt,name=sslCertsJSON,proto3" json:"sslCertsJSON,omitempty"` // 可选项,关联的证书信息,可以在创建后再通过修改策略来配置 @link json:ssl_cert_refs + HstsJSON []byte `protobuf:"bytes,4,opt,name=hstsJSON,proto3" json:"hstsJSON,omitempty"` // 可选项,HSTS配置 @link json:hsts + ClientAuthType int32 `protobuf:"varint,5,opt,name=clientAuthType,proto3" json:"clientAuthType,omitempty"` // 可选项,客户端校验类型:0 无需证书,1 需要客户端证书,2 需要任一客户端证书,3 如果客户端上传了证书才校验,4 需要客户端证书而且需要校验 + ClientCACertsJSON []byte `protobuf:"bytes,6,opt,name=clientCACertsJSON,proto3" json:"clientCACertsJSON,omitempty"` // 可选项,CA证书内容 + CipherSuites []string `protobuf:"bytes,7,rep,name=cipherSuites,proto3" json:"cipherSuites,omitempty"` // 可选项,自定义加密套件 + CipherSuitesIsOn bool `protobuf:"varint,8,opt,name=cipherSuitesIsOn,proto3" json:"cipherSuitesIsOn,omitempty"` // 可选项,是否启用自定义加密套件 + OcspIsOn bool `protobuf:"varint,9,opt,name=ocspIsOn,proto3" json:"ocspIsOn,omitempty"` // 可选项,是否启用OCSP } func (x *CreateSSLPolicyRequest) Reset() { @@ -154,7 +154,7 @@ type CreateSSLPolicyResponse struct { sizeCache protoimpl.SizeCache unknownFields protoimpl.UnknownFields - SslPolicyId int64 `protobuf:"varint,1,opt,name=sslPolicyId,proto3" json:"sslPolicyId,omitempty"` + SslPolicyId int64 `protobuf:"varint,1,opt,name=sslPolicyId,proto3" json:"sslPolicyId,omitempty"` // 创建的策略ID } func (x *CreateSSLPolicyResponse) Reset() { @@ -196,23 +196,23 @@ func (x *CreateSSLPolicyResponse) GetSslPolicyId() int64 { return 0 } -// 修改Policy +// 修改策略 type UpdateSSLPolicyRequest struct { state protoimpl.MessageState sizeCache protoimpl.SizeCache unknownFields protoimpl.UnknownFields - SslPolicyId int64 `protobuf:"varint,1,opt,name=sslPolicyId,proto3" json:"sslPolicyId,omitempty"` - Http2Enabled bool `protobuf:"varint,2,opt,name=http2Enabled,proto3" json:"http2Enabled,omitempty"` - Http3Enabled bool `protobuf:"varint,11,opt,name=http3Enabled,proto3" json:"http3Enabled,omitempty"` // 是否启用HTTP/3(在满足条件的基础上) - MinVersion string `protobuf:"bytes,3,opt,name=minVersion,proto3" json:"minVersion,omitempty"` - SslCertsJSON []byte `protobuf:"bytes,4,opt,name=sslCertsJSON,proto3" json:"sslCertsJSON,omitempty"` - HstsJSON []byte `protobuf:"bytes,5,opt,name=hstsJSON,proto3" json:"hstsJSON,omitempty"` - ClientAuthType int32 `protobuf:"varint,6,opt,name=clientAuthType,proto3" json:"clientAuthType,omitempty"` - ClientCACertsJSON []byte `protobuf:"bytes,7,opt,name=clientCACertsJSON,proto3" json:"clientCACertsJSON,omitempty"` - CipherSuites []string `protobuf:"bytes,8,rep,name=cipherSuites,proto3" json:"cipherSuites,omitempty"` - CipherSuitesIsOn bool `protobuf:"varint,9,opt,name=cipherSuitesIsOn,proto3" json:"cipherSuitesIsOn,omitempty"` - OcspIsOn bool `protobuf:"varint,10,opt,name=ocspIsOn,proto3" json:"ocspIsOn,omitempty"` + SslPolicyId int64 `protobuf:"varint,1,opt,name=sslPolicyId,proto3" json:"sslPolicyId,omitempty"` // 策略ID + Http2Enabled bool `protobuf:"varint,2,opt,name=http2Enabled,proto3" json:"http2Enabled,omitempty"` // 可选项,是否启用HTTP/2 + Http3Enabled bool `protobuf:"varint,11,opt,name=http3Enabled,proto3" json:"http3Enabled,omitempty"` // 可选项,是否启用HTTP/3(在满足条件的基础上) + MinVersion string `protobuf:"bytes,3,opt,name=minVersion,proto3" json:"minVersion,omitempty"` // 支持的最低SSL版本,可选择值: SSL 3.0, TLS 1.0, TLS 1.1, TLS 1.2, TLS 1.3 + SslCertsJSON []byte `protobuf:"bytes,4,opt,name=sslCertsJSON,proto3" json:"sslCertsJSON,omitempty"` // 关联的证书信息 @link json:ssl_cert_refs + HstsJSON []byte `protobuf:"bytes,5,opt,name=hstsJSON,proto3" json:"hstsJSON,omitempty"` // 可选项,HSTS配置 @link json:hsts + ClientAuthType int32 `protobuf:"varint,6,opt,name=clientAuthType,proto3" json:"clientAuthType,omitempty"` // 可选项,客户端校验类型:0 无需证书,1 需要客户端证书,2 需要任一客户端证书,3 如果客户端上传了证书才校验,4 需要客户端证书而且需要校验 + ClientCACertsJSON []byte `protobuf:"bytes,7,opt,name=clientCACertsJSON,proto3" json:"clientCACertsJSON,omitempty"` // 可选项,CA证书内容 + CipherSuites []string `protobuf:"bytes,8,rep,name=cipherSuites,proto3" json:"cipherSuites,omitempty"` // 可选项,自定义加密套件 + CipherSuitesIsOn bool `protobuf:"varint,9,opt,name=cipherSuitesIsOn,proto3" json:"cipherSuitesIsOn,omitempty"` // 可选项,是否启用自定义加密套件 + OcspIsOn bool `protobuf:"varint,10,opt,name=ocspIsOn,proto3" json:"ocspIsOn,omitempty"` // 可选项,是否启用OCSP } func (x *UpdateSSLPolicyRequest) Reset() { @@ -324,14 +324,14 @@ func (x *UpdateSSLPolicyRequest) GetOcspIsOn() bool { return false } -// 查找Policy +// 查找策略 type FindEnabledSSLPolicyConfigRequest struct { state protoimpl.MessageState sizeCache protoimpl.SizeCache unknownFields protoimpl.UnknownFields SslPolicyId int64 `protobuf:"varint,1,opt,name=sslPolicyId,proto3" json:"sslPolicyId,omitempty"` // SSL策略ID - IgnoreData bool `protobuf:"varint,2,opt,name=ignoreData,proto3" json:"ignoreData,omitempty"` // 忽略证书内容数据 + IgnoreData bool `protobuf:"varint,2,opt,name=ignoreData,proto3" json:"ignoreData,omitempty"` // 是否忽略证书内容数据 } func (x *FindEnabledSSLPolicyConfigRequest) Reset() { @@ -385,7 +385,7 @@ type FindEnabledSSLPolicyConfigResponse struct { sizeCache protoimpl.SizeCache unknownFields protoimpl.UnknownFields - SslPolicyJSON []byte `protobuf:"bytes,1,opt,name=sslPolicyJSON,proto3" json:"sslPolicyJSON,omitempty"` + SslPolicyJSON []byte `protobuf:"bytes,1,opt,name=sslPolicyJSON,proto3" json:"sslPolicyJSON,omitempty"` // 策略配置信息 } func (x *FindEnabledSSLPolicyConfigResponse) Reset() { @@ -655,11 +655,11 @@ const _ = grpc.SupportPackageIsVersion6 // // For semantics around ctx use and closing/ending streaming RPCs, please refer to https://godoc.org/google.golang.org/grpc#ClientConn.NewStream. type SSLPolicyServiceClient interface { - // 创建Policy + // 创建策略 CreateSSLPolicy(ctx context.Context, in *CreateSSLPolicyRequest, opts ...grpc.CallOption) (*CreateSSLPolicyResponse, error) - // 修改Policy + // 修改策略 UpdateSSLPolicy(ctx context.Context, in *UpdateSSLPolicyRequest, opts ...grpc.CallOption) (*RPCSuccess, error) - // 查找Policy + // 查找策略 FindEnabledSSLPolicyConfig(ctx context.Context, in *FindEnabledSSLPolicyConfigRequest, opts ...grpc.CallOption) (*FindEnabledSSLPolicyConfigResponse, error) } @@ -700,11 +700,11 @@ func (c *sSLPolicyServiceClient) FindEnabledSSLPolicyConfig(ctx context.Context, // SSLPolicyServiceServer is the server API for SSLPolicyService service. type SSLPolicyServiceServer interface { - // 创建Policy + // 创建策略 CreateSSLPolicy(context.Context, *CreateSSLPolicyRequest) (*CreateSSLPolicyResponse, error) - // 修改Policy + // 修改策略 UpdateSSLPolicy(context.Context, *UpdateSSLPolicyRequest) (*RPCSuccess, error) - // 查找Policy + // 查找策略 FindEnabledSSLPolicyConfig(context.Context, *FindEnabledSSLPolicyConfigRequest) (*FindEnabledSSLPolicyConfigResponse, error) } diff --git a/pkg/rpc/protos/service_server.proto b/pkg/rpc/protos/service_server.proto index d829bdd..17e8ad7 100644 --- a/pkg/rpc/protos/service_server.proto +++ b/pkg/rpc/protos/service_server.proto @@ -11,7 +11,7 @@ import "models/model_user_plan.proto"; // 网站服务相关服务 service ServerService { - // 创建服务 + // 创建网站 rpc createServer (CreateServerRequest) returns (CreateServerResponse); // 修改服务基本信息 @@ -177,31 +177,31 @@ service ServerService { rpc copyServerConfig(CopyServerConfigRequest) returns (RPCSuccess); } -// 创建服务 +// 创建网站 message CreateServerRequest { - int64 userId = 1; - int64 adminId = 2; - string type = 3; - string name = 4; - string description = 5; + int64 userId = 1; // 可选参数,用户ID,如果不想指定用户,此值可以为0 + int64 adminId = 2; // 可选参数,管理员ID + string type = 3; // 类型:httpProxy(HTTP反向代理,一般CDN服务都选这个)、httpWeb(静态文件服务,只会从服务器上读取文件内容,不会转发到源站)、tcpProxy(TCP反向代理)、udpProxy(UDP反向代理) + string name = 4; // 网站名称,通常可以是一个域名 + string description = 5; // 可选参数,网站描述 // 配置相关 - bytes serverNamesJSON = 8; // @link json:server_names + bytes serverNamesJSON = 8; // 域名列表 @link json:server_names bytes serverNamesJON = 19 [deprecated = true]; // 已过期,请使用 serverNamesJSON 代替 - bytes httpJSON = 9; - bytes httpsJSON = 10; - bytes tcpJSON = 11; - bytes tlsJSON = 12; - bytes unixJSON = 13; - bytes udpJSON = 14; - int64 webId = 15; - bytes reverseProxyJSON = 16; - repeated int64 serverGroupIds = 17; - int64 userPlanId = 18; + bytes httpJSON = 9; // HTTP协议,当type为httpProxy或者httpWeb时填写 @link json:http_protocol + bytes httpsJSON = 10; // HTTPS协议,当type为httpProxy或者httpWeb时填写 @link json:https_protocol + bytes tcpJSON = 11; // TCP协议,当type为tcpProxy时填写 @link json:tcp_protocol + bytes tlsJSON = 12; // TLS协议,当type为tcpProxy时填写 @link json:tls_protocol + bytes unixJSON = 13; // 备用参数,不用填写 + bytes udpJSON = 14; // UDP协议,当type为udpProxy时填写 @link json:udp_protocol + int64 webId = 15; // 可选参数,Web配置ID,当type为httpProxy或者httpWeb时填写,可以通过 /HTTPWebService/createHTTPWeb 接口创建;如果你需要配置缓存等信息时需要在 HTTPWebService 接口操作 + bytes reverseProxyJSON = 16; // 反向代理(包含源站)设置 + repeated int64 serverGroupIds = 17; // 所属网站分组ID列表 + int64 userPlanId = 18; // 可选参数,套餐ID - int64 nodeClusterId = 30; - bytes includeNodesJSON = 31; - bytes excludeNodesJSON = 32; + int64 nodeClusterId = 30; // 所部署的集群ID + bytes includeNodesJSON = 31; // 备用参数,不用填写 + bytes excludeNodesJSON = 32; // 备用参数,不用填写 } message CreateServerResponse { diff --git a/pkg/rpc/protos/service_ssl_policy.proto b/pkg/rpc/protos/service_ssl_policy.proto index fa1f8de..dad2503 100644 --- a/pkg/rpc/protos/service_ssl_policy.proto +++ b/pkg/rpc/protos/service_ssl_policy.proto @@ -7,55 +7,55 @@ import "models/rpc_messages.proto"; // SSL/TLS策略管理服务 service SSLPolicyService { - // 创建Policy + // 创建策略 rpc createSSLPolicy (CreateSSLPolicyRequest) returns (CreateSSLPolicyResponse); - // 修改Policy + // 修改策略 rpc updateSSLPolicy (UpdateSSLPolicyRequest) returns (RPCSuccess); - // 查找Policy + // 查找策略 rpc findEnabledSSLPolicyConfig (FindEnabledSSLPolicyConfigRequest) returns (FindEnabledSSLPolicyConfigResponse); } -// 创建Policy +// 创建策略 message CreateSSLPolicyRequest { - bool http2Enabled = 1; // 是否启用HTTP/2 - bool http3Enabled = 10; // 是否启用HTTP/3(在满足条件的基础上) - string minVersion = 2; // 支持的最低SSL版本 - bytes sslCertsJSON = 3; // 证书内容 - bytes hstsJSON = 4; // HSTS配置 - int32 clientAuthType = 5; // - bytes clientCACertsJSON = 6; // CA证书内容 - repeated string cipherSuites = 7; // 自定义加密套件 - bool cipherSuitesIsOn = 8; // 是否启用自定义加密套件 - bool ocspIsOn = 9; // 是否启用OCSP + bool http2Enabled = 1; // 可选项,是否启用HTTP/2 + bool http3Enabled = 10; // 可选项,是否启用HTTP/3(在满足条件的基础上) + string minVersion = 2; // 支持的最低SSL版本,可选择值: SSL 3.0, TLS 1.0, TLS 1.1, TLS 1.2, TLS 1.3 + bytes sslCertsJSON = 3; // 可选项,关联的证书信息,可以在创建后再通过修改策略来配置 @link json:ssl_cert_refs + bytes hstsJSON = 4; // 可选项,HSTS配置 @link json:hsts + int32 clientAuthType = 5; // 可选项,客户端校验类型:0 无需证书,1 需要客户端证书,2 需要任一客户端证书,3 如果客户端上传了证书才校验,4 需要客户端证书而且需要校验 + bytes clientCACertsJSON = 6; // 可选项,CA证书内容 + repeated string cipherSuites = 7; // 可选项,自定义加密套件 + bool cipherSuitesIsOn = 8; // 可选项,是否启用自定义加密套件 + bool ocspIsOn = 9; // 可选项,是否启用OCSP } message CreateSSLPolicyResponse { - int64 sslPolicyId = 1; + int64 sslPolicyId = 1; // 创建的策略ID } -// 修改Policy +// 修改策略 message UpdateSSLPolicyRequest { - int64 sslPolicyId = 1; - bool http2Enabled = 2; - bool http3Enabled = 11; // 是否启用HTTP/3(在满足条件的基础上) - string minVersion = 3; - bytes sslCertsJSON = 4; - bytes hstsJSON = 5; - int32 clientAuthType = 6; - bytes clientCACertsJSON = 7; - repeated string cipherSuites = 8; - bool cipherSuitesIsOn = 9; - bool ocspIsOn = 10; + int64 sslPolicyId = 1; // 策略ID + bool http2Enabled = 2; // 可选项,是否启用HTTP/2 + bool http3Enabled = 11; // 可选项,是否启用HTTP/3(在满足条件的基础上) + string minVersion = 3; // 支持的最低SSL版本,可选择值: SSL 3.0, TLS 1.0, TLS 1.1, TLS 1.2, TLS 1.3 + bytes sslCertsJSON = 4; // 关联的证书信息 @link json:ssl_cert_refs + bytes hstsJSON = 5; // 可选项,HSTS配置 @link json:hsts + int32 clientAuthType = 6; // 可选项,客户端校验类型:0 无需证书,1 需要客户端证书,2 需要任一客户端证书,3 如果客户端上传了证书才校验,4 需要客户端证书而且需要校验 + bytes clientCACertsJSON = 7; // 可选项,CA证书内容 + repeated string cipherSuites = 8; // 可选项,自定义加密套件 + bool cipherSuitesIsOn = 9; // 可选项,是否启用自定义加密套件 + bool ocspIsOn = 10; // 可选项,是否启用OCSP } -// 查找Policy +// 查找策略 message FindEnabledSSLPolicyConfigRequest { int64 sslPolicyId = 1; // SSL策略ID - bool ignoreData = 2; // 忽略证书内容数据 + bool ignoreData = 2; // 是否忽略证书内容数据 } message FindEnabledSSLPolicyConfigResponse { - bytes sslPolicyJSON = 1; + bytes sslPolicyJSON = 1; // 策略配置信息 } \ No newline at end of file