mirror of https://github.com/1Panel-dev/1Panel
appstorecrontabdatabasedockerdocker-composedocker-containerdocker-imagedocker-uifilemanagerlamplnmppanel
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
159 lines
5.5 KiB
159 lines
5.5 KiB
local file_utils = require "file" |
|
local lfs = require "lfs" |
|
local cjson = require "cjson" |
|
|
|
local read_rule = file_utils.read_rule |
|
local read_file2string = file_utils.read_file2string |
|
local read_file2table = file_utils.read_file2table |
|
local list_dir = lfs.dir |
|
local attributes = lfs.attributes |
|
local match_str = string.match |
|
|
|
local waf_dir = "/usr/local/openresty/1pwaf/" |
|
local config_dir = waf_dir .. 'conf/' |
|
local global_rule_dir = waf_dir .. 'rules/' |
|
local site_dir = waf_dir .. 'sites/' |
|
|
|
local _M = {} |
|
local config = {} |
|
|
|
local function init_sites_config() |
|
local site_config = {} |
|
local site_rules = {} |
|
for entry in list_dir(site_dir) do |
|
if entry ~= "." and entry ~= ".." then |
|
local site_path = site_dir .. entry .. "/" |
|
if attributes(site_path, "mode") == "directory" then |
|
local site_key = entry |
|
for s_entry in list_dir(site_path) do |
|
local s_entry_path = site_path .. s_entry |
|
if attributes(s_entry_path, "mode") == "file" and s_entry == "config.json" then |
|
local s_config = read_file2table(s_entry_path) |
|
site_config[site_key] = s_config |
|
end |
|
if attributes(s_entry_path, "mode") == "directory" and s_entry == "rules" then |
|
local s_rules = {} |
|
local rule_dir = s_entry_path .. "/" |
|
for r_file in list_dir(rule_dir) do |
|
if r_file ~= "." and r_file ~= ".." then |
|
local rule_path = rule_dir .. r_file |
|
local rule_type = match_str(r_file, "(.-)%.json$") |
|
if attributes(rule_path, "mode") == "file" then |
|
local s_rule = nil |
|
if rule_type == "methodWhite" then |
|
s_rule = read_rule(rule_dir, rule_type, true) |
|
else |
|
s_rule = read_rule(rule_dir, rule_type) |
|
end |
|
s_rules[rule_type] = s_rule |
|
end |
|
end |
|
end |
|
site_rules[site_key] = s_rules |
|
end |
|
end |
|
end |
|
end |
|
end |
|
ngx.log(ngx.NOTICE, "Load config" .. cjson.encode(site_config)) |
|
config.site_config = site_config |
|
ngx.log(ngx.NOTICE, "Load rules" .. cjson.encode(site_rules)) |
|
config.site_rules = site_rules |
|
end |
|
|
|
local function ini_waf_info() |
|
local waf_info = read_file2table(waf_dir .. 'waf.json') |
|
if waf_info then |
|
ngx.log(ngx.NOTICE, "Load " .. waf_info.name .. " Version:" .. waf_info.version) |
|
end |
|
end |
|
|
|
local function init_global_config() |
|
local global_config = read_file2table(config_dir .. 'global.json') |
|
config.global_config = global_config |
|
config.isProtectionMode = global_config["mode"] == "protection" and true or false |
|
|
|
local rules = {} |
|
rules.uaBlack = read_rule(global_rule_dir, "uaBlack") |
|
rules.uaWhite = read_rule(global_rule_dir, "uaWhite") |
|
rules.urlBlack = read_rule(global_rule_dir, "urlBlack") |
|
rules.urlWhite = read_rule(global_rule_dir, "urlWhite") |
|
rules.ipBlack = read_rule(global_rule_dir, "ipBlack") |
|
rules.ipWhite = read_rule(global_rule_dir, "ipWhite") |
|
rules.args = read_rule(global_rule_dir, "args") |
|
rules.cookie = read_rule(global_rule_dir, "cookie") |
|
rules.defaultUaBlack = read_rule(global_rule_dir, "defaultUaBlack") |
|
rules.defaultUrlBlack = read_rule(global_rule_dir, "defaultUrlBlack") |
|
rules.header = read_rule(global_rule_dir, "header") |
|
|
|
config.global_rules = rules |
|
|
|
local html_res = {} |
|
local htmDir = waf_dir .. "html/" |
|
html_res.slide = read_file2string(htmDir .. "slide.html") |
|
html_res.slide_js = read_file2string(htmDir .. "slide.js") |
|
html_res.five_second = read_file2string(htmDir .. "5s.html") |
|
html_res.five_second_js = read_file2string(htmDir .. "5s.js") |
|
html_res.redirect = read_file2string(htmDir .. "redirect.html") |
|
html_res.ip = read_file2string(htmDir .. "ip.html") |
|
|
|
config.html_res = html_res |
|
|
|
_M.waf_dir = waf_dir |
|
_M.waf_db_dir = waf_dir .. "db/" |
|
_M.waf_db_path = _M.waf_db_dir .. "1pwaf.db" |
|
_M.waf_log_db_path = _M.waf_db_dir .. "req_log.db" |
|
_M.config_dir = config_dir |
|
end |
|
|
|
function _M.load_config_file() |
|
ini_waf_info() |
|
init_global_config() |
|
init_sites_config() |
|
end |
|
|
|
function _M.get_site_config(website_key) |
|
return config.site_config[website_key] |
|
end |
|
|
|
function _M.get_site_rules(website_key) |
|
return config.site_rules[website_key] |
|
end |
|
|
|
function _M.get_global_config(name) |
|
return config.global_config[name] |
|
end |
|
|
|
function _M.get_global_rules(name) |
|
return config.global_rules[name] |
|
end |
|
|
|
function _M.is_global_state_on(name) |
|
return config.global_config[name]["state"] == "on" and true or false |
|
end |
|
|
|
function _M.is_site_state_on(name) |
|
return config.site_config[name]["state"] == "on" and true or false |
|
end |
|
|
|
function _M.get_redis_config() |
|
return config.global_config["redis"] |
|
end |
|
|
|
function _M.get_html_res(name) |
|
return config.html_res[name] |
|
end |
|
|
|
function _M.is_waf_on() |
|
return config.global_config["waf"] == "on" and true or false |
|
end |
|
|
|
function _M.is_redis_on() |
|
return config.global_config["redis"] == "on" and true or false |
|
end |
|
|
|
function _M.get_secret() |
|
return config.global_config["secret"] |
|
end |
|
|
|
return _M |