From ea4c32e922cdd71d81a6ff1f7afe58c7988f42e9 Mon Sep 17 00:00:00 2001
From: zhangchenhao <zch@bt.cn>
Date: Thu, 8 May 2025 15:02:13 +0800
Subject: [PATCH] =?UTF-8?q?=E4=BF=AE=E6=94=B9=E7=AB=AF=E5=8F=A3=E8=87=AA?=
 =?UTF-8?q?=E5=8A=A8=E6=94=BE=E8=A1=8C=E7=AB=AF=E5=8F=A3?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 backend/internal/overview/overview.go |  4 +-
 backend/scheduler/scheduler.go        | 34 -------------
 script/allinssl.sh                    | 69 +++++++++++++++++++++++++++
 3 files changed, 71 insertions(+), 36 deletions(-)

diff --git a/backend/internal/overview/overview.go b/backend/internal/overview/overview.go
index 36bf68c..a088b5c 100644
--- a/backend/internal/overview/overview.go
+++ b/backend/internal/overview/overview.go
@@ -15,7 +15,7 @@ func GetWorkflowCount() (map[string]any, error) {
 	s.Connect()
 	defer s.Close()
 	workflow, err := s.Query(`select count(*) as count,
-       count(case when active=1 then 1 end ) as active,
+       count(case when exec_type='auto' then 1 end ) as active,
        count(case when last_run_status='fail' then 1 end ) as failure
        from workflow
 `)
@@ -126,7 +126,7 @@ func GetWorkflowHistory() ([]map[string]any, error) {
 		} else {
 			name = "未知"
 		}
-
+		
 		result = append(result, map[string]any{
 			"name":      name,
 			"state":     state,
diff --git a/backend/scheduler/scheduler.go b/backend/scheduler/scheduler.go
index 398d0db..aed3062 100644
--- a/backend/scheduler/scheduler.go
+++ b/backend/scheduler/scheduler.go
@@ -93,37 +93,3 @@ func (s *Scheduler) loop() {
 		}
 	}
 }
-
-// package scheduler
-//
-// import (
-// 	"sync"
-// 	"time"
-// )
-//
-// var funcs = []func(){
-// 	SiteMonitor,
-// 	RunWorkflows,
-// }
-//
-// func Scheduler() {
-// 	for {
-// 		start := time.Now()
-//
-// 		var wg sync.WaitGroup
-// 		wg.Add(len(funcs))
-//
-// 		for _, f := range funcs {
-// 			go func(fn func()) {
-// 				defer wg.Done()
-// 				fn()
-// 			}(f)
-// 		}
-// 		wg.Wait()
-// 		// 保证每轮间隔至少10秒
-// 		elapsed := time.Since(start)
-// 		if elapsed < 10*time.Second {
-// 			time.Sleep(10*time.Second - elapsed)
-// 		}
-// 	}
-// }
diff --git a/script/allinssl.sh b/script/allinssl.sh
index 6a44e08..bfe69fd 100644
--- a/script/allinssl.sh
+++ b/script/allinssl.sh
@@ -134,6 +134,57 @@ function update_allinssl() {
     fi
 }
 
+function get_pack_manager(){
+	if [ -f "/usr/bin/yum" ] && [ -d "/etc/yum.repos.d" ]; then
+		PM="yum"
+	elif [ -f "/usr/bin/apt-get" ] && [ -f "/usr/bin/dpkg" ]; then
+		PM="apt-get"
+	fi
+}
+
+function set_firewall(){
+	sshPort=$(cat /etc/ssh/sshd_config | grep 'Port '|awk '{print $2}')
+	if [ "${PM}" = "apt-get" ]; then
+		apt-get install -y ufw
+		if [ -f "/usr/sbin/ufw" ];then
+			ufw allow 22/tcp
+			ufw allow ${panelPort}/tcp
+			ufw allow ${sshPort}/tcp
+			ufw status
+			echo y|ufw enable
+			ufw default deny
+			ufw reload
+		fi
+	else
+		if [ -f "/etc/init.d/iptables" ];then
+			iptables -I INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT
+			iptables -I INPUT -p tcp -m state --state NEW -m tcp --dport ${panelPort} -j ACCEPT
+			iptables -I INPUT -p tcp -m state --state NEW -m tcp --dport ${sshPort} -j ACCEPT
+			iptables -A INPUT -p icmp --icmp-type any -j ACCEPT
+			iptables -A INPUT -s localhost -d localhost -j ACCEPT
+			iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
+			iptables -P INPUT DROP
+			service iptables save
+			sed -i "s#IPTABLES_MODULES=\"\"#IPTABLES_MODULES=\"ip_conntrack_netbios_ns ip_conntrack_ftp ip_nat_ftp\"#" /etc/sysconfig/iptables-config
+			iptables_status=$(service iptables status | grep 'not running')
+			if [ "${iptables_status}" == '' ];then
+				service iptables restart
+			fi
+		else
+			AliyunCheck=$(cat /etc/redhat-release|grep "Aliyun Linux")
+			[ "${AliyunCheck}" ] && return
+			yum install firewalld -y
+			systemctl enable firewalld
+			systemctl start firewalld
+			firewall-cmd --set-default-zone=public > /dev/null 2>&1
+			firewall-cmd --permanent --zone=public --add-port=22/tcp > /dev/null 2>&1
+			firewall-cmd --permanent --zone=public --add-port=${panelPort}/tcp > /dev/null 2>&1
+			firewall-cmd --permanent --zone=public --add-port=${sshPort}/tcp > /dev/null 2>&1
+			firewall-cmd --reload
+		fi
+	fi
+}
+
 # 判断特殊操作
 if [ "$1" == "16" ]; then
   echo "⚠️ 正在准备执行 ALLinSSL 更新操作..."
@@ -160,6 +211,24 @@ elif [ "$1" == "17" ]; then
   # 删除工作目录
   rm -rf "$WORK_DIR"
   exit 0
+elif [ "$1" == "7" ]; then
+  # 先调用二进制程序修改端口
+  "./$BINARY_FILE" "$@"
+  
+  # 获取修改后的端口
+  panelPort=$("./$BINARY_FILE" 15 | grep -o ":[0-9]\+" | grep -o "[0-9]\+" | head -n 1)
+  echo "检测到新的端口: ${panelPort}"
+  
+  # 放行新端口
+  get_pack_manager
+  echo "正在放行端口 ${panelPort}..."
+  set_firewall
+  
+  echo "✅ 端口修改并放行完成！"
+  exit 0
+elif [ "$1" == "status" ]; then
+  # 检查服务状态
+  exit 0
 fi
 
 # 运行二进制文件