github
/
1Panel
mirror of https://github.com/1Panel-dev/1Panel
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

fix: 修改 SSH 端口时自动放开防火墙 (#2760) 

Refs #2729
pull/2764/head
ssongliu 2023-11-01 17:12:01 +08:00 committed by GitHub
parent 30c23a237f
commit f6b094039b
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
12 changed files with 115 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
backend/app/api/v1/ssh.go
View File

@ -47,18 +47,18 @@ func (b *BaseApi) OperateSSH(c *gin.Context) {
// @Summary Update host SSH setting
// @Description 更新 SSH 配置
// @Accept json
// @Param request body dto.SettingUpdate true "request"
// @Param request body dto.SSHUpdate true "request"
// @Success 200
// @Security ApiKeyAuth
// @Router /host/ssh/update [post]
// @x-panel-log {"bodyKeys":["key","value"],"paramKeys":[],"BeforeFunctions":[],"formatZH":"修改 SSH 配置 [key] => [value]","formatEN":"update SSH setting [key] => [value]"}
func (b *BaseApi) UpdateSSH(c *gin.Context) {
var req dto.SettingUpdate
var req dto.SSHUpdate
if err := helper.CheckBindAndValidate(&req, c); err != nil {
return
}
if err := sshService.Update(req.Key, req.Value); err != nil {
if err := sshService.Update(req); err != nil {
helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrTypeInternalServer, err)
return
}

6
backend/app/dto/ssh.go
View File

@ -2,6 +2,12 @@ package dto
import "time"
type SSHUpdate struct {
Key string `json:"key" validate:"required"`
OldValue string `json:"oldValue"`
NewValue string `json:"newValue"`
}
type SSHInfo struct {
AutoStart bool `json:"authStart"`
Status string `json:"status"`

31
backend/app/service/ssh.go
View File

@ -30,7 +30,7 @@ type ISSHService interface {
GetSSHInfo() (*dto.SSHInfo, error)
OperateSSH(operation string) error
UpdateByFile(value string) error
Update(key, value string) error
Update(req dto.SSHUpdate) error
GenerateSSH(req dto.GenerateSSH) error
AnalysisLog(req dto.SearchForAnalysis) (*dto.AnalysisRes, error)
LoadSSHSecret(mode string) (string, error)
@ -114,7 +114,7 @@ func (u *SSHService) OperateSSH(operation string) error {
return nil
}
func (u *SSHService) Update(key, value string) error {
func (u *SSHService) Update(req dto.SSHUpdate) error {
serviceName, err := loadServiceName()
if err != nil {
return err
@ -125,10 +125,7 @@ func (u *SSHService) Update(key, value string) error {
return err
}
lines := strings.Split(string(sshConf), "\n")
newFiles := updateSSHConf(lines, key, value)
if err := settingRepo.Update(key, value); err != nil {
return err
}
newFiles := updateSSHConf(lines, req.Key, req.NewValue)
file, err := os.OpenFile(sshPath, os.O_WRONLY|os.O_TRUNC, 0666)
if err != nil {
return err
@ -138,10 +135,28 @@ func (u *SSHService) Update(key, value string) error {
return err
}
sudo := cmd.SudoHandleCmd()
if key == "Port" {
if req.Key == "Port" {
stdout, _ := cmd.Execf("%s getenforce", sudo)
if stdout == "Enforcing\n" {
_, _ = cmd.Execf("%s semanage port -a -t ssh_port_t -p tcp %s", sudo, value)
_, _ = cmd.Execf("%s semanage port -a -t ssh_port_t -p tcp %s", sudo, req.NewValue)
}
ruleItem := dto.PortRuleUpdate{
OldRule: dto.PortRuleOperate{
Operation: "remove",
Port: req.OldValue,
Protocol: "tcp",
Strategy: "accept",
},
NewRule: dto.PortRuleOperate{
Operation: "add",
Port: req.NewValue,
Protocol: "tcp",
Strategy: "accept",
},
}
if err := NewIFirewallService().UpdatePortRule(ruleItem); err != nil {
global.LOG.Errorf("reset firewall rules %s -> %s failed, err: %v", req.OldValue, req.OldValue, err)
}
}

23
cmd/server/docs/docs.go
View File

@ -1,5 +1,5 @@
// Package docs GENERATED BY SWAG; DO NOT EDIT
// This file was generated by swaggo/swag
// Code generated by swaggo/swag. DO NOT EDIT.
package docs
import "github.com/swaggo/swag"
@ -6565,7 +6565,7 @@ const docTemplate = `{
"in": "body",
"required": true,
"schema": {
"$ref": "#/definitions/dto.SettingUpdate"
"$ref": "#/definitions/dto.SSHUpdate"
}
}
],
@ -15439,6 +15439,23 @@ const docTemplate = `{
}
}
},
"dto.SSHUpdate": {
"type": "object",
"required": [
"key"
],
"properties": {
"key": {
"type": "string"
},
"newValue": {
"type": "string"
},
"oldValue": {
"type": "string"
}
}
},
"dto.SSLUpdate": {
"type": "object",
"required": [

19
cmd/server/docs/swagger.json
View File

@ -6558,7 +6558,7 @@
"in": "body",
"required": true,
"schema": {
"$ref": "#/definitions/dto.SettingUpdate"
"$ref": "#/definitions/dto.SSHUpdate"
}
}
],
@ -15432,6 +15432,23 @@
}
}
},
"dto.SSHUpdate": {
"type": "object",
"required": [
"key"
],
"properties": {
"key": {
"type": "string"
},
"newValue": {
"type": "string"
},
"oldValue": {
"type": "string"
}
}
},
"dto.SSLUpdate": {
"type": "object",
"required": [

13
cmd/server/docs/swagger.yaml
View File

@ -1989,6 +1989,17 @@ definitions:
successfulCount:
type: integer
type: object
dto.SSHUpdate:
properties:
key:
type: string
newValue:
type: string
oldValue:
type: string
required:
- key
type: object
dto.SSLUpdate:
properties:
cert:
@ -8499,7 +8510,7 @@ paths:
name: request
required: true
schema:
$ref: '#/definitions/dto.SettingUpdate'
$ref: '#/definitions/dto.SSHUpdate'
responses:
"200":
description: OK

5
frontend/src/api/interface/host.ts
View File

@ -128,6 +128,11 @@ export namespace Host {
permitRootLogin: string;
useDNS: string;
}
export interface SSHUpdate {
key: string;
oldValue: string;
newValue: string;
}
export interface SSHGenerate {
encryptionMode: string;
password: string;

4
frontend/src/api/modules/host.ts
View File

@ -111,8 +111,8 @@ export const getSSHConf = () => {
export const operateSSH = (operation: string) => {
return http.post(`/hosts/ssh/operate`, { operation: operation });
};
export const updateSSH = (key: string, value: string) => {
return http.post(`/hosts/ssh/update`, { key: key, value: value });
export const updateSSH = (params: Host.SSHUpdate) => {
return http.post(`/hosts/ssh/update`, params);
};
export const updateSSHByfile = (file: string) => {
return http.post(`/hosts/ssh/conffile/update`, { file: file });

7
frontend/src/views/host/ssh/ssh/address/index.vue
View File

@ -76,8 +76,13 @@ const onSave = async (formEl: FormInstance | undefined) => {
},
)
.then(async () => {
let params = {
key: 'ListenAddress',
oldValue: '',
newValue: form.listenAddress,
};
loading.value = true;
await updateSSH('ListenAddress', form.listenAddress)
await updateSSH(params)
.then(() => {
loading.value = false;
handleClose();

7
frontend/src/views/host/ssh/ssh/index.vue
View File

@ -267,8 +267,13 @@ const onSave = async (formEl: FormInstance | undefined, key: string, value: stri
},
)
.then(async () => {
let params = {
key: key,
oldValue: '',
newValue: value,
};
loading.value = true;
await updateSSH(key, value)
await updateSSH(params)
.then(() => {
loading.value = false;
MsgSuccess(i18n.global.t('commons.msg.operationSuccess'));

9
frontend/src/views/host/ssh/ssh/port/index.vue
View File

@ -46,6 +46,7 @@ interface DialogProps {
}
const drawerVisible = ref();
const loading = ref();
const oldPort = ref();
const form = reactive({
port: 22,
@ -55,6 +56,7 @@ const formRef = ref<FormInstance>();
const acceptParams = (params: DialogProps): void => {
form.port = params.port;
oldPort.value = params.port;
drawerVisible.value = true;
};
@ -72,8 +74,13 @@ const onSave = async (formEl: FormInstance | undefined) => {
},
)
.then(async () => {
let params = {
key: 'Port',
oldValue: oldPort.value + '',
newValue: form.port + '',
};
loading.value = true;
await updateSSH('Port', form.port + '')
await updateSSH(params)
.then(() => {
loading.value = false;
handleClose();

7
frontend/src/views/host/ssh/ssh/root/index.vue
View File

@ -79,8 +79,13 @@ const onSave = async (formEl: FormInstance | undefined) => {
},
)
.then(async () => {
let params = {
key: 'PermitRootLogin',
oldValue: '',
newValue: form.permitRootLogin,
};
loading.value = true;
await updateSSH('PermitRootLogin', form.permitRootLogin)
await updateSSH(params)
.then(() => {
loading.value = false;
handleClose();