From e6c89fad1bbfccd49b264fd015bd793da0d6941f Mon Sep 17 00:00:00 2001
From: fudawei <fudawei@yunlizhihui.com>
Date: Thu, 23 Oct 2025 15:29:27 +0800
Subject: [PATCH] =?UTF-8?q?feat(es):=E5=A2=9E=E5=8A=A0ES=E5=AE=9E=E4=BE=8B?=
 =?UTF-8?q?=E4=B8=AD=E5=AF=B9HTTPS=E5=8D=8F=E8=AE=AE=E7=9A=84=E6=94=AF?=
 =?UTF-8?q?=E6=8C=81=EF=BC=8C=E9=BB=98=E8=AE=A4=E8=AF=81=E4=B9=A6=E5=85=8D?=
 =?UTF-8?q?=E6=A0=A1=E9=AA=8C?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 frontend/src/i18n/en/es.ts                    |  1 +
 frontend/src/i18n/zh-cn/es.ts                 |  1 +
 frontend/src/views/ops/es/EsInstanceEdit.vue  |  8 ++++++
 server/internal/es/api/form/instance.go       |  1 +
 server/internal/es/api/vo/instance.go         | 15 ++++++-----
 .../internal/es/domain/entity/es_instance.go  |  1 +
 server/internal/es/esm/esi/conn.go            | 11 ++++++++
 server/internal/es/esm/esi/es_info.go         | 19 +++++++++++---
 server/migration/migrations/v1_10.go          | 26 +++++++++++++++++++
 server/pkg/httpx/httpx.go                     | 11 ++++++++
 10 files changed, 84 insertions(+), 10 deletions(-)

diff --git a/frontend/src/i18n/en/es.ts b/frontend/src/i18n/en/es.ts
index cc7824fd..8ae697a6 100644
--- a/frontend/src/i18n/en/es.ts
+++ b/frontend/src/i18n/en/es.ts
@@ -1,6 +1,7 @@
 export default {
     es: {
         keywordPlaceholder: 'host / name / code',
+        protocol: 'Protocol',
         port: 'Port',
         size: 'size',
         docs: 'docs',
diff --git a/frontend/src/i18n/zh-cn/es.ts b/frontend/src/i18n/zh-cn/es.ts
index 967d7284..dd886fde 100644
--- a/frontend/src/i18n/zh-cn/es.ts
+++ b/frontend/src/i18n/zh-cn/es.ts
@@ -1,6 +1,7 @@
 export default {
     es: {
         keywordPlaceholder: 'host / 名称 / 编号',
+        protocol: '协议',
         port: '端口',
         size: '存储大小',
         docs: '文档数',
diff --git a/frontend/src/views/ops/es/EsInstanceEdit.vue b/frontend/src/views/ops/es/EsInstanceEdit.vue
index 1e103eec..6e41cea9 100644
--- a/frontend/src/views/ops/es/EsInstanceEdit.vue
+++ b/frontend/src/views/ops/es/EsInstanceEdit.vue
@@ -19,6 +19,13 @@
                 <el-form-item prop="version" :label="t('common.version')">
                     <el-input v-model.trim="form.version" auto-complete="off" disabled></el-input>
                 </el-form-item>
+                <!-- 增加协议下拉框 http和https，默认http-->
+                 <el-form-item prop="protocol" :label="t('es.protocol')">
+                    <el-select v-model="form.protocol" placeholder="http">
+                        <el-option label="http" value="http"></el-option>
+                        <el-option label="https" value="https"></el-option>
+                    </el-select>
+                </el-form-item>
 
                 <el-form-item prop="host" label="Host" required>
                     <el-col :span="18">
@@ -105,6 +112,7 @@ const DefaultForm = {
     id: null,
     code: '',
     name: null,
+    protocol: 'http',
     host: '',
     version: '',
     port: 9200,
diff --git a/server/internal/es/api/form/instance.go b/server/internal/es/api/form/instance.go
index b8f2d5d0..78853ca6 100644
--- a/server/internal/es/api/form/instance.go
+++ b/server/internal/es/api/form/instance.go
@@ -6,6 +6,7 @@ import (
 
 type InstanceForm struct {
 	Id                 uint64  `json:"id"`
+	Protocol           string  `binding:"required" json:"protocol"`
 	Name               string  `binding:"required" json:"name"`
 	Host               string  `binding:"required" json:"host"`
 	Port               int     `binding:"required" json:"port"`
diff --git a/server/internal/es/api/vo/instance.go b/server/internal/es/api/vo/instance.go
index 3852a722..8d13cd3d 100644
--- a/server/internal/es/api/vo/instance.go
+++ b/server/internal/es/api/vo/instance.go
@@ -9,13 +9,14 @@ type InstanceListVO struct {
 	tagentity.AuthCerts // 授权凭证信息
 	tagentity.ResourceTags
 
-	Id      *int64  `json:"id"`
-	Code    string  `json:"code"`
-	Name    *string `json:"name"`
-	Host    *string `json:"host"`
-	Port    *int    `json:"port"`
-	Version *string `json:"version"`
-	Remark  *string `json:"remark"`
+	Id       *int64  `json:"id"`
+	Code     string  `json:"code"`
+	Name     *string `json:"name"`
+	Protocol *string `json:"protocol"`
+	Host     *string `json:"host"`
+	Port     *int    `json:"port"`
+	Version  *string `json:"version"`
+	Remark   *string `json:"remark"`
 
 	CreateTime *time.Time `json:"createTime"`
 	Creator    *string    `json:"creator"`
diff --git a/server/internal/es/domain/entity/es_instance.go b/server/internal/es/domain/entity/es_instance.go
index cecdf395..79c75f22 100644
--- a/server/internal/es/domain/entity/es_instance.go
+++ b/server/internal/es/domain/entity/es_instance.go
@@ -10,6 +10,7 @@ type EsInstance struct {
 
 	Code               string  `json:"code" gorm:"size:32;not null;"`
 	Name               string  `json:"name" gorm:"size:32;not null;"`
+	Protocol           string  `json:"protocol" gorm:"size:10;not null;"`
 	Host               string  `json:"host" gorm:"size:255;not null;"`
 	Port               int     `json:"port"`
 	Network            string  `json:"network" gorm:"size:20;"`
diff --git a/server/internal/es/esm/esi/conn.go b/server/internal/es/esm/esi/conn.go
index 784064fa..1a17f3c7 100644
--- a/server/internal/es/esm/esi/conn.go
+++ b/server/internal/es/esm/esi/conn.go
@@ -1,6 +1,7 @@
 package esi
 
 import (
+	"crypto/tls"
 	"fmt"
 	"mayfly-go/internal/machine/mcm"
 	"mayfly-go/pkg/logx"
@@ -52,6 +53,16 @@ func (d *EsConn) StartProxy() error {
 	d.proxy = httputil.NewSingleHostReverseProxy(targetURL)
 	// 设置 proxy buffer pool
 	d.proxy.BufferPool = NewBufferPool()
+
+	// Configure TLS to skip certificate verification for non-compliant certificates
+	if targetURL.Scheme == "https" {
+		d.proxy.Transport = &http.Transport{
+			TLSClientConfig: &tls.Config{
+				InsecureSkipVerify: true,
+			},
+		}
+	}
+
 	return nil
 }
 
diff --git a/server/internal/es/esm/esi/es_info.go b/server/internal/es/esm/esi/es_info.go
index 19cfec60..4b9941ed 100644
--- a/server/internal/es/esm/esi/es_info.go
+++ b/server/internal/es/esm/esi/es_info.go
@@ -23,6 +23,7 @@ type EsInfo struct {
 	InstanceId uint64 // 实例id
 	Name       string
 
+	Protocol string // 协议，默认http
 	Host     string
 	Port     int
 	Network  string
@@ -90,7 +91,14 @@ func (di *EsInfo) Ping() (map[string]any, error) {
 
 // ExecApi 执行api
 func (di *EsInfo) ExecApi(method, path string, data any, timeoutSecond ...int) (map[string]any, error) {
-	request := httpx.NewReq(di.baseUrl + path)
+	var request *httpx.Req
+	// Use insecure TLS client for HTTPS connections to handle non-compliant certificates
+	if di.Protocol == "https" {
+		request = httpx.NewReqWithInsecureTLS(di.baseUrl + path)
+	} else {
+		request = httpx.NewReq(di.baseUrl + path)
+	}
+
 	if di.authorization != "" {
 		request.Header("Authorization", di.authorization)
 	}
@@ -117,6 +125,11 @@ func (di *EsInfo) ExecApi(method, path string, data any, timeoutSecond ...int) (
 
 // 如果使用了ssh隧道，将其host port改变其本地映射host port
 func (di *EsInfo) IfUseSshTunnelChangeIpPort(ctx context.Context) error {
+	// 设置默认协议
+	if di.Protocol == "" {
+		di.Protocol = "http"
+	}
+
 	// 开启ssh隧道
 	if di.SshTunnelMachineId > 0 {
 		stm, err := GetSshTunnel(ctx, di.SshTunnelMachineId)
@@ -130,9 +143,9 @@ func (di *EsInfo) IfUseSshTunnelChangeIpPort(ctx context.Context) error {
 		di.Host = exposedIp
 		di.Port = exposedPort
 		di.useSshTunnel = true
-		di.baseUrl = fmt.Sprintf("http://%s:%d", exposedIp, exposedPort)
+		di.baseUrl = fmt.Sprintf("%s://%s:%d", di.Protocol, exposedIp, exposedPort)
 	} else {
-		di.baseUrl = fmt.Sprintf("http://%s:%d", di.Host, di.Port)
+		di.baseUrl = fmt.Sprintf("%s://%s:%d", di.Protocol, di.Host, di.Port)
 	}
 	return nil
 }
diff --git a/server/migration/migrations/v1_10.go b/server/migration/migrations/v1_10.go
index 25e92670..33a27369 100644
--- a/server/migration/migrations/v1_10.go
+++ b/server/migration/migrations/v1_10.go
@@ -20,6 +20,7 @@ func V1_10() []*gormigrate.Migration {
 	migrations = append(migrations, V1_10_1()...)
 	migrations = append(migrations, V1_10_2()...)
 	migrations = append(migrations, V1_10_3()...)
+	migrations = append(migrations, V1_10_4()...)
 	return migrations
 }
 
@@ -326,3 +327,28 @@ func V1_10_3() []*gormigrate.Migration {
 		},
 	}
 }
+
+func V1_10_4() []*gormigrate.Migration {
+	return []*gormigrate.Migration{
+		{
+			ID: "20251023-v1.10.4",
+			Migrate: func(tx *gorm.DB) error {
+				// 给EsInstance表添加protocol列，默认值为http, 20251023,fudawei
+				if !tx.Migrator().HasColumn(&esentity.EsInstance{}, "protocol") {
+					// 先添加可为空的列
+					if err := tx.Exec("ALTER TABLE t_es_instance ADD COLUMN protocol VARCHAR(10) DEFAULT 'http'").Error; err != nil {
+						return err
+					}
+					// 更新所有现有记录为默认值http
+					if err := tx.Exec("UPDATE t_es_instance SET protocol = 'http' WHERE protocol IS NULL OR protocol = ''").Error; err != nil {
+						return err
+					}
+				}
+				return nil
+			},
+			Rollback: func(tx *gorm.DB) error {
+				return nil
+			},
+		},
+	}
+}
diff --git a/server/pkg/httpx/httpx.go b/server/pkg/httpx/httpx.go
index 25e7a76b..43315bbd 100644
--- a/server/pkg/httpx/httpx.go
+++ b/server/pkg/httpx/httpx.go
@@ -2,6 +2,7 @@ package httpx
 
 import (
 	"bytes"
+	"crypto/tls"
 	"encoding/json"
 	"errors"
 	"fmt"
@@ -41,6 +42,16 @@ func NewReq(url string) *Req {
 	return &Req{url: url, client: http.Client{}}
 }
 
+// 创建一个请求(不验证TLS证书)
+func NewReqWithInsecureTLS(url string) *Req {
+	transport := &http.Transport{
+		TLSClientConfig: &tls.Config{
+			InsecureSkipVerify: true,
+		},
+	}
+	return &Req{url: url, client: http.Client{Transport: transport}}
+}
+
 func (r *Req) Url(url string) *Req {
 	r.url = url
 	return r