acepanel/panel
2
0
Fork 0
mirror of https://github.com/acepanel/panel.git synced 2026-02-06 13:37:13 +08:00
Code Issues Packages Releases Activity

特性:修复一堆问题

Browse Source
This commit is contained in:
耗子
2022-11-21 23:22:39 +08:00
parent e9ffcac3b1
commit 397d96d0ed
8305 changed files with 1996 additions and 1005109 deletions
Download Patch File Download Diff File Expand all files Collapse all files

35
app/Http/Controllers/Api/InfosController.php
View File

@@ -241,7 +241,7 @@ class InfosController extends Controller
*/
public function getHomePlugins(): JsonResponse
{
$plugins = Plugin::where('show', 1)->get();
$plugins = Plugin::query()->where('show', 1)->get();
// 判空
if ($plugins->isEmpty()) {
$res['code'] = 0;
@@ -310,17 +310,29 @@ class InfosController extends Controller
/**
* 获取已安装的数据库和PHP版本
*/
public function getInstalledDbAndPhp()
public function getInstalledDbAndPhp(): JsonResponse
{
// 判断mysql插件目录是否存在
if (is_dir('/www/panel/plugins/mysql')) {
$mysql_version = 80;
$dbVersions = [];
// 判断mysql插件是否安装
if (isset(PLUGINS['mysql'])) {
$dbVersions['mysql'] = PLUGINS['mysql']['version'];
} else {
$mysql_version = false;
$dbVersions['mysql'] = false;
}
/**
* TODO: PostgreSQL版本
*/
// 判断postgresql插件是否安装
if (isset(PLUGINS['postgresql15'])) {
$dbVersions['postgresql15'] = PLUGINS['postgresql15']['version'];
} else {
$dbVersions['postgresql15'] = false;
}
// 循环获取已安装的PHP版本
$php_versions = Plugin::query()->where('slug', 'like', 'php%')->get();
$php_versions = $php_versions->toArray();
$php_versions = array_column($php_versions, 'slug');
$php_versions = array_map(function ($item) {
return str_replace('php', '', $item);
}, $php_versions);
$php_version = shell_exec('ls /www/server/php');
$php_version = trim($php_version);
@@ -333,10 +345,7 @@ class InfosController extends Controller
$res['code'] = 0;
$res['msg'] = 'success';
$res['data'] = array(
'db_version' => [
'mysql' => $mysql_version,
'postgresql' => false
],
'db_version' => $dbVersions,
'php_version' => $php_versions
);
return response()->json($res);

102
app/Http/Controllers/Api/MonitorsController.php Normal file
View File

@@ -0,0 +1,102 @@
<?php
/**
* 耗子Linux面板 - 监控控制器
* @author 耗子
*/
namespace App\Http\Controllers\Api;
use App\Http\Controllers\Controller;
use App\Models\Monitor;
use App\Models\Setting;
use Illuminate\Http\JsonResponse;
use Illuminate\Http\Request;
use Illuminate\Support\Carbon;
class MonitorsController extends Controller
{
/**
* 修改监控开关
*/
public function setMonitorSwitch(Request $request): JsonResponse
{
$switch = $request->input('switch');
if ($switch) {
$status = true;
} else {
$status = false;
}
Setting::query()->where('name', 'monitor')->update(['value' => $status]);
return response()->json(['code' => 0, 'msg' => '修改成功']);
}
/**
* 修改保存天数
*/
public function setMonitorSaveDays(Request $request): JsonResponse
{
$days = $request->input('days');
Setting::query()->where('name', 'monitor_days')->update(['value' => $days]);
return response()->json(['code' => 0, 'msg' => '修改成功']);
}
/**
* 清空监控数据
*/
public function clearMonitorData(): JsonResponse
{
Monitor::query()->truncate();
return response()->json(['code' => 0, 'msg' => '清空成功']);
}
/**
* 获取监控开关和保存天数
*/
public function getMonitorSwitchAndDays(): JsonResponse
{
$monitor = Setting::query()->where('name', 'monitor')->first();
$monitor_days = Setting::query()->where('name', 'monitor_days')->first();
return response()->json([
'code' => 0, 'msg' => '获取成功',
'data' => ['monitor' => $monitor->value, 'monitor_days' => $monitor_days->value]
]);
}
/**
* 获取监控数据
*/
public function getMonitorData(Request $request): JsonResponse
{
$start = $request->input('start') ?? now();
$end = $request->input('end') ?? now();
$start = Carbon::create($start)->startOfDay();
$end = Carbon::create($end)->endOfDay();
$data = Monitor::query()->where('created_at', '>=', $start)->where('created_at', '<=', $end)->get()->toArray();
$res['code'] = 0;
$res['msg'] = 'success';
if (empty($data)) {
$res['data']['times'] = [];
$res['data']['uptime'] = [];
$res['data']['cpu']['use'] = [];
$res['data']['memory']['mem_use'] = [];
$res['data']['memory']['mem_use_p'] = [];
$res['data']['memory']['swap_use'] = [];
$res['data']['memory']['swap_use_p'] = [];
$res['data']['network']['tx_now'] = [];
$res['data']['network']['rx_now'] = [];
}
foreach ($data as $key => $value) {
$info = json_decode($value['info'], true);
$res['data']['times'][] = Carbon::create($value['created_at'])->tz(config('app.timezone', 'PRC'))->isoFormat('MM-DD HH:mm');
$res['data']['uptime']['uptime'][] = round($info['uptime'], 2);
$res['data']['cpu']['use'][] = round($info['cpu_use'], 2);
$res['data']['memory']['mem_use'][] = round($info['mem_use'], 2);
$res['data']['memory']['mem_use_p'][] = round($info['mem_use_p'], 2);
$res['data']['memory']['swap_use'][] = round($info['swap_use'], 2);
$res['data']['memory']['swap_use_p'][] = round($info['swap_use_p'], 2);
$res['data']['network']['tx_now'][] = round($info['tx_now'] / 1024, 2);
$res['data']['network']['rx_now'][] = round($info['rx_now'] / 1024, 2);
}
return response()->json($res);
}
}

31
app/Http/Controllers/Api/PluginsController.php
View File

@@ -30,20 +30,20 @@ class PluginsController extends Controller
$data['msg'] = 'success';
$data['data'] = $this->pluginList(false);
foreach ($data['data'] as $k => $v) {
// 获取已装版本
$installVersion = Plugin::query()->where('slug', $v['slug'])->first();
// 判空
if ($installVersion) {
$data['data'][$k]['install_version'] = $installVersion->version;
} else {
$data['data'][$k]['install_version'] = '';
}
// 获取首页显示状态
$shows = Plugin::query()->pluck('show', 'slug');
// 如果本地已安装,则显示本地名称
$data['data'][$k]['name'] = PLUGINS[$v['slug']]['name'] ?? $data['data'][$k]['name'];
// 已装版本
$data['data'][$k]['install_version'] = PLUGINS[$v['slug']]['version'] ?? '';
// 首页显示
$data['data'][$k]['show'] = $shows[$v['slug']] ?? 0;
// 去除不需要的字段
unset($data['data'][$k]['url']);
unset($data['data'][$k]['install']);
unset($data['data'][$k]['uninstall']);
unset($data['data'][$k]['update']);
if (!empty(Plugin::query()->where('slug', $v['slug'])->first())) {
if (isset(PLUGINS[$v['slug']])) {
$data['data'][$k]['control']['installed'] = true;
$data['data'][$k]['control']['allow_uninstall'] = true;
// 判断是否有更新
@@ -109,7 +109,7 @@ class PluginsController extends Controller
// 入库等待安装
$task = new Task();
$task->name = '安装' . $plugin_data['name'];
$task->shell = $plugin_data['install_shell'];
$task->shell = $plugin_data['install'];
$task->status = 'waiting';
$task->log = '/tmp/' . $plugin_data['slug'] . '.log';
$task->save();
@@ -124,7 +124,8 @@ class PluginsController extends Controller
/**
* 卸载插件
* @return
* @param Request $request
* @return JsonResponse
*/
public function uninstall(Request $request): JsonResponse
{
@@ -162,12 +163,12 @@ class PluginsController extends Controller
return response()->json($data);
}
// 判断插件是否未安装
$installed = Task::query()->where('slug', $slug)->first();
/*$installed = Task::query()->where('slug', $slug)->first();
if (!$installed) {
$data['code'] = 1;
$data['msg'] = '请不要重复卸载!';
$data['msg'] = '插件未安装,无需卸载!';
return response()->json($data);
}
}*/
// 判断是否是操作openresty
if ($slug == 'openresty') {
@@ -179,7 +180,7 @@ class PluginsController extends Controller
// 入库等待卸载
$task = new Task();
$task->name = '卸载' . $plugin_data['name'];
$task->shell = $plugin_data['uninstall_shell'];
$task->shell = $plugin_data['uninstall'];
$task->status = 'waiting';
$task->log = '/tmp/' . $plugin_data['slug'] . '.log';
$task->save();

248
app/Http/Controllers/Api/SafesController.php Normal file
View File

@@ -0,0 +1,248 @@
<?php
/**
* 耗子Linux面板 - 安全控制器
* @author 耗子
*/
namespace App\Http\Controllers\Api;
use App\Http\Controllers\Controller;
use Illuminate\Http\JsonResponse;
use Illuminate\Http\Request;
class SafesController extends Controller
{
/**
* 获取防火墙状态
* @return JsonResponse
*/
public function getFirewallStatus(): JsonResponse
{
$firewallStatus = trim(shell_exec("systemctl status firewalld | grep Active | awk '{print $3}'"));
$res['code'] = 0;
$res['msg'] = 'success';
if ($firewallStatus == '(running)') {
$res['data'] = 1;
} else {
$res['data'] = 0;
}
return response()->json($res);
}
/**
* 设置防火墙状态
* @param Request $request
* @return JsonResponse
*/
public function setFirewallStatus(Request $request): JsonResponse
{
$status = $request->input('status');
if ($status) {
shell_exec("systemctl enable firewalld");
shell_exec("systemctl start firewalld");
} else {
shell_exec("systemctl stop firewalld");
shell_exec("systemctl disable firewalld");
}
$res['code'] = 0;
$res['msg'] = 'success';
return response()->json($res);
}
/**
* 获取SSH状态
* @return JsonResponse
*/
public function getSshStatus(): JsonResponse
{
$sshStatus = trim(shell_exec("systemctl status sshd | grep Active | awk '{print $3}'"));
$res['code'] = 0;
$res['msg'] = 'success';
if ($sshStatus == '(running)') {
$res['data'] = 1;
} else {
$res['data'] = 0;
}
return response()->json($res);
}
/**
* 设置SSH状态
* @param Request $request
* @return JsonResponse
*/
public function setSshStatus(Request $request): JsonResponse
{
$status = $request->input('status');
if ($status) {
shell_exec("systemctl enable sshd");
shell_exec("systemctl start sshd");
} else {
shell_exec("systemctl stop sshd");
shell_exec("systemctl disable sshd");
}
$res['code'] = 0;
$res['msg'] = 'success';
return response()->json($res);
}
/**
* 获取SSH端口
* @return JsonResponse
*/
public function getSshPort(): JsonResponse
{
$sshPort = trim(shell_exec("cat /etc/ssh/sshd_config | grep 'Port ' | awk '{print $2}'"));
$res['code'] = 0;
$res['msg'] = 'success';
$res['data'] = $sshPort;
return response()->json($res);
}
/**
* 设置SSH端口
* @param Request $request
* @return JsonResponse
*/
public function setSshPort(Request $request): JsonResponse
{
$port = $request->input('port');
$oldPort = trim(shell_exec("cat /etc/ssh/sshd_config | grep 'Port ' | awk '{print $2}'"));
shell_exec("sed -i 's/#Port ".$oldPort."/Port ".$port."/g' /etc/ssh/sshd_config");
shell_exec("sed -i 's/Port ".$oldPort."/Port ".$port."/g' /etc/ssh/sshd_config");
// 判断ssh是否开启
$sshStatus = trim(shell_exec("systemctl status sshd | grep Active | awk '{print $3}'"));
if ($sshStatus == '(running)') {
shell_exec("systemctl restart sshd");
}
$res['code'] = 0;
$res['msg'] = 'success';
return response()->json($res);
}
/**
* 获取ping状态
* @return JsonResponse
*/
public function getPingStatus(): JsonResponse
{
$pingStatus = trim(shell_exec("cat /etc/sysctl.conf | grep 'net.ipv4.icmp_echo_ignore_all = 1'"));
$res['code'] = 0;
$res['msg'] = 'success';
if ($pingStatus && !str_starts_with($pingStatus, '#')) {
$res['data'] = 0;
} else {
$res['data'] = 1;
}
return response()->json($res);
}
/**
* 设置ping状态
* @param Request $request
* @return JsonResponse
*/
public function setPingStatus(Request $request): JsonResponse
{
$status = $request->input('status');
shell_exec("sed -i '/net.ipv4.icmp_echo_ignore_all/d' /etc/sysctl.conf");
if (!$status) {
// 禁止ping
shell_exec("echo 'net.ipv4.icmp_echo_ignore_all = 1' >> /etc/sysctl.conf");
}
shell_exec("sysctl -p");
$res['code'] = 0;
$res['msg'] = 'success';
return response()->json($res);
}
/**
* 获取防火墙规则
* @return JsonResponse
*/
public function getFirewallRules(): JsonResponse
{
$firewallRules = trim(shell_exec("firewall-cmd --list-all 2>&1"));
// 判断是否开启
if (str_contains($firewallRules, 'not running')) {
$res['code'] = 0;
$res['msg'] = 'success';
$res['data'] = [];
return response()->json($res);
}
// 正则匹配出ports
preg_match('/ports: (.*)/', $firewallRules, $matches);
$rawPorts = $matches[1];
// 22/tcp 80/tcp 443/tcp 8888/tcp 5432/tcp
$ports = explode(' ', $rawPorts);
// 对ports进行分割为port=>protocol形式
$rules = [];
foreach ($ports as $port) {
$rule = explode('/', $port);
$rules[] = [
'port' => $rule[0],
'protocol' => $rule[1],
];
}
$res['code'] = 0;
$res['msg'] = 'success';
$res['data'] = $rules;
return response()->json($res);
}
/**
* 添加防火墙规则
* @param Request $request
* @return JsonResponse
*/
public function addFirewallRule(Request $request): JsonResponse
{
$port = $request->input('port');
$protocol = $request->input('protocol');
// 判断是否开启
$firewallStatus = trim(shell_exec("firewall-cmd --state 2>&1"));
if ($firewallStatus != 'running') {
$res['code'] = 1;
$res['msg'] = '防火墙未开启';
return response()->json($res);
}
// 清空当前规则
shell_exec("firewall-cmd --remove-port=".$port."/".$protocol." --permanent");
// 添加新的防火墙规则
shell_exec("firewall-cmd --add-port=".$port."/".$protocol." --permanent");
// 重启防火墙
shell_exec("firewall-cmd --reload");
$res['code'] = 0;
$res['msg'] = 'success';
return response()->json($res);
}
/**
* 删除防火墙规则
* @param Request $request
* @return JsonResponse
*/
public function deleteFirewallRule(Request $request): JsonResponse
{
$port = $request->input('port');
$protocol = $request->input('protocol');
// 判断是否开启
$firewallStatus = trim(shell_exec("firewall-cmd --state 2>&1"));
if ($firewallStatus != 'running') {
$res['code'] = 1;
$res['msg'] = '防火墙未开启';
return response()->json($res);
}
// 清空当前规则
shell_exec("firewall-cmd --remove-port=".$port."/".$protocol." --permanent");
// 重启防火墙
shell_exec("firewall-cmd --reload");
$res['code'] = 0;
$res['msg'] = 'success';
return response()->json($res);
}
}

37
app/Http/Controllers/Api/SettingsController.php
View File

@@ -3,69 +3,64 @@
* 耗子Linux面板 - 设置控制器
* @author 耗子
*/
namespace App\Http\Controllers\Api;
use App\Http\Controllers\Controller;
use App\Models\Setting;
use Illuminate\Http\JsonResponse;
use Illuminate\Http\Request;
class SettingsController extends Controller
{
/**
* 获取面板设置
* @return
* @param Request $request
* @return JsonResponse
*/
public function get_settings(Request $request)
public function get(Request $request)
{
$settings = Db::table('setting')->select()->toArray();
$settings = Setting::query()->get()->toArray();
foreach ($settings as $setting) {
$res['data'][$setting['name']] = $setting['value'];
}
$user_password = Db::table('user')->where('username', $request->username)->value('password');
$res['data']['username'] = $request->username;
$res['data']['password'] = $user_password;
if (!empty($settings)) {
$res['code'] = 0;
$res['msg'] = 'success';
return response()->json($res);
} else {
$res['code'] = 1;
$res['msg'] = '面板设置获取失败';
$res['data'] = null;
return response()->json($res);
}
return response()->json($res);
}
/**
* 保存面板设置
* @return
* @param Request $request
* @return JsonResponse
*/
public function save_settings(Request $request)
public function save(Request $request): JsonResponse
{
// 获取前端传递过来的数据
$settings = Request::post();
$settings = $request->all();
// 将数据入库
foreach ($settings as $key => $value) {
if ($key == 'access_token' || $key == 'username' || $key == 'password') {
continue;
}
if ($key == 'mysql_root_password') {
$old_mysql_password = Db::table('setting')->where('name', 'mysql_root_password')->value('value');
$old_mysql_password = Setting::query()->where('name', 'mysql_root_password')->value('value');
if ($old_mysql_password != $value) {
shell_exec('/www/server/mysql/bin/mysqladmin -uroot -p' . $old_mysql_password . ' password ' . $value);
shell_exec('mysql -uroot -p'.$old_mysql_password.' -e "ALTER USER \'root\'@\'localhost\' IDENTIFIED BY \''.$value.'\';"');
shell_exec('mysql -uroot -p'.$old_mysql_password.' -e "flush privileges;"');
}
}
Db::table('setting')->where('name', $key)->update(['value' => $value]);
Setting::query()->where('name', $key)->update(['value' => $value]);
}
$res['code'] = 0;
$res['msg'] = 'success';
$old_user_info = Db::table('user')->where('username', $request->username)->select()->toArray();
if ($old_user_info[0]['username'] != $settings['username'] || $old_user_info[0]['password'] != $settings['password']) {
$res['msg'] = 'change';
Db::table('user')->where('username', $request->username)->update(['username' => $settings['username']]);
Db::table('user')->where('username', $settings['username'])->update(['password' => $settings['password']]);
}
return response()->json($res);
}
}

15
app/Http/Controllers/Api/UsersController.php
View File

@@ -19,16 +19,6 @@ class UsersController extends Controller
*/
public function login(Request $request)
{
/*$user = User::create([
'id' => '',
'username' => 'haozi',
'password' => Hash::make('haozi'),
]);
return response()->json([
'code' => 200,
'message' => '注册成功',
'data' => $user,
]);*/
// 消毒数据
try {
$credentials = $this->validate($request, [
@@ -38,7 +28,8 @@ class UsersController extends Controller
]);
} catch (ValidationException $e) {
return response()->json([
'message' => '参数错误',
'code' => 1,
'msg' => '参数错误',
'errors' => $e->errors()
], 422);
}
@@ -56,7 +47,7 @@ class UsersController extends Controller
$user = $request->user();
$res['code'] = 0;
$res['msg'] = 'success';
$res['data']['username'] = 'haozi';
$res['data']['username'] = $user->username;
return response()->json($res);
}
}

281
app/Http/Controllers/Api/WebsitesController.php
View File

@@ -3,6 +3,7 @@
* 耗子Linux面板 - 网站控制器
* @author 耗子
*/
namespace App\Http\Controllers\Api;
use App\Http\Controllers\Controller;
@@ -11,6 +12,7 @@ use App\Models\Setting;
use Illuminate\Database\Eloquent\Model;
use Illuminate\Http\JsonResponse;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Storage;
use Illuminate\Validation\ValidationException;
class WebsitesController extends Controller
@@ -53,20 +55,21 @@ class WebsitesController extends Controller
'php' => 'required|integer',
'note' => 'string|nullable|max:255',
'db' => 'required|boolean',
'db_type' => 'required_if:db,true|string|max:10',
'db_name' => 'required_if:db,true|string|max:255',
'db_username' => 'required_if:db,true|string|max:255',
'db_password' => 'required_if:db,true|string|max:255',
'db_type' => 'required_if:db,true|max:10',
'db_name' => 'required_if:db,true|max:255',
'db_username' => 'required_if:db,true|max:255',
'db_password' => 'required_if:db,true|max:255',
]);
} catch (ValidationException $e) {
return response()->json([
'message' => '参数错误',
'code' => 1,
'msg' => '参数错误',
'errors' => $e->errors()
], 422);
], 200);
}
// path为空时设置默认值
if (empty($credentials['path'])) {
$credentials['path'] = '/www/wwwroot/' . $credentials['name'];
$credentials['path'] = '/www/wwwroot/'.$credentials['name'];
}
// ssl默认设置为0
$credentials['ssl'] = 0;
@@ -76,9 +79,9 @@ class WebsitesController extends Controller
// 入库
Website::query()->create($credentials);
// 创建网站目录
shell_exec("mkdir -p " . $credentials['path']);
shell_exec("mkdir -p ".$credentials['path']);
// 创建index.html
shell_exec("touch " . $credentials['path'] . "/index.html");
shell_exec("touch ".$credentials['path']."/index.html");
// 写入到index.html
$index_html = <<<EOF
<!DOCTYPE html>
@@ -95,7 +98,7 @@ class WebsitesController extends Controller
</html>
EOF;
file_put_contents($credentials['path'] . "/index.html", $index_html);
file_put_contents($credentials['path']."/index.html", $index_html);
// 创建nginx配置
$port_list = "";
@@ -103,18 +106,18 @@ EOF;
$domain_arr = explode(PHP_EOL, $domain);
foreach ($domain_arr as $key => $value) {
$temp = explode(":", $value);
$domain_list .= " " . $temp[0];
$domain_list .= " ".$temp[0];
if (!isset($temp[1])) {
if ($key == count($domain_arr) - 1) {
$port_list .= " listen 80;";
} else {
$port_list .= " listen 80;" . PHP_EOL;
$port_list .= " listen 80;".PHP_EOL;
}
} else {
if ($key == count($domain_arr) - 1) {
$port_list .= " listen " . $temp[1] . ";";
$port_list .= " listen ".$temp[1].";";
} else {
$port_list .= " listen " . $temp[1] . ";" . PHP_EOL;
$port_list .= " listen ".$temp[1].";".PHP_EOL;
}
}
@@ -143,7 +146,7 @@ $port_list
# php标记位开始
include enable-php-$credentials[php].conf;
# php标记位结束
# waf标记位开始
waf on;
waf_rule_path /www/server/nginx/ngx_waf/assets/rules/;
@@ -176,20 +179,20 @@ $port_list
}
EOF;
// 写入nginx配置
file_put_contents('/www/server/vhost/' . $credentials['name'] . '.conf', $nginx_config);
shell_exec('echo "" > /www/server/vhost/rewrite/' . $credentials['name'] . '.conf');
shell_exec('echo "" > /www/server/vhost/ssl/' . $credentials['name'] . '.pem');
shell_exec('echo "" > /www/server/vhost/ssl/' . $credentials['name'] . '.key');
file_put_contents('/www/server/vhost/'.$credentials['name'].'.conf', $nginx_config);
shell_exec('echo "" > /www/server/vhost/rewrite/'.$credentials['name'].'.conf');
shell_exec('echo "" > /www/server/vhost/ssl/'.$credentials['name'].'.pem');
shell_exec('echo "" > /www/server/vhost/ssl/'.$credentials['name'].'.key');
shell_exec("systemctl reload nginx");
// 创建数据库
if ($credentials['db']) {
if ($credentials['db_type'] == 'mysql') {
$password = Setting::query()->where('name', 'mysql_root_password')->value('value');
shell_exec("/www/server/mysql/bin/mysql -u root -p" . $password . " -e \"CREATE DATABASE IF NOT EXISTS " . $credentials['db_name'] . " DEFAULT CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci;\" 2>&1");
shell_exec("/www/server/mysql/bin/mysql -u root -p" . $password . " -e \"CREATE USER '" . $credentials['db_username'] . "'@'localhost' IDENTIFIED BY '" . $credentials['db_password'] . "';\"");
shell_exec("/www/server/mysql/bin/mysql -u root -p" . $password . " -e \"GRANT ALL PRIVILEGES ON " . $credentials['db_name'] . ".* TO '" . $credentials['db_username'] . "'@'localhost';\"");
shell_exec("/www/server/mysql/bin/mysql -u root -p" . $password . " -e \"flush privileges;\"");
shell_exec("/www/server/mysql/bin/mysql -u root -p".$password." -e \"CREATE DATABASE IF NOT EXISTS ".$credentials['db_name']." DEFAULT CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci;\" 2>&1");
shell_exec("/www/server/mysql/bin/mysql -u root -p".$password." -e \"CREATE USER '".$credentials['db_username']."'@'localhost' IDENTIFIED BY '".$credentials['db_password']."';\"");
shell_exec("/www/server/mysql/bin/mysql -u root -p".$password." -e \"GRANT ALL PRIVILEGES ON ".$credentials['db_name'].".* TO '".$credentials['db_username']."'@'localhost';\"");
shell_exec("/www/server/mysql/bin/mysql -u root -p".$password." -e \"flush privileges;\"");
}
}
$res['code'] = 0;
@@ -251,7 +254,7 @@ EOF;
$name = $request->input('name');
$website = Website::query()->where('name', $name)->first();
// 通过name读取相应的nginx配置
$nginx_config = file_get_contents('/www/server/vhost/' . $name . '.conf');
$nginx_config = file_get_contents('/www/server/vhost/'.$name.'.conf');
// 从nginx配置中port标记位提取全部端口
$port_raw = $this->cut('# port标记位开始', '# port标记位结束', $nginx_config);
preg_match_all('/listen\s+(.*);/', $port_raw, $matches);
@@ -259,7 +262,7 @@ EOF;
if ($k == 0) {
$website['port'] = $v;
} else {
$website['port'] .= PHP_EOL . $v;
$website['port'] .= PHP_EOL.$v;
}
}
// 从nginx配置中server_name标记位提取全部域名
@@ -270,18 +273,30 @@ EOF;
if ($k == 0) {
$website['domain'] = $v;
} else {
$website['domain'] .= PHP_EOL . $v;
$website['domain'] .= PHP_EOL.$v;
}
}
// 从nginx配置中root标记位提取全部根目录
$root_raw = $this->cut('# root标记位开始', '# root标记位结束', $nginx_config);
preg_match_all('/root\s+(.+);/', $root_raw, $matches2);
$website['root'] = $matches2[1][0];
$website['path'] = $matches2[1][0];
// 从nginx配置中index标记位提取全部默认文件
$index_raw = $this->cut('# index标记位开始', '# index标记位结束', $nginx_config);
preg_match_all('/index\s+(.+);/', $index_raw, $matches3);
$website['index'] = $matches3[1][0];
// 检查网站目录下是否存在.user.ini文件且设置了open_basedir
if (file_exists($website['path'].'/.user.ini')) {
$user_ini = file_get_contents($website['path'].'/.user.ini');
if (str_contains($user_ini, 'open_basedir')) {
$website['open_basedir'] = 1;
} else {
$website['open_basedir'] = 0;
}
} else {
$website['open_basedir'] = 0;
}
if ($website['ssl'] == '1') {
$ssl_certificate_raw = $this->cut('# ssl标记位开始', '# ssl标记位结束', $nginx_config);
// 从nginx配置中ssl_certificate标记位提取全部证书路径
@@ -291,15 +306,36 @@ EOF;
preg_match_all('/ssl_certificate_key\s+(.+);/', $ssl_certificate_raw, $matches5);
$website['ssl_certificate_key'] = file_get_contents($matches5[1][0]);
$website['http_redirect'] = str_contains($nginx_config, '# http重定向标记位');
$website['hsts'] = str_contains($nginx_config, '# hsts标记位');
} else {
$website['ssl_certificate'] = @file_get_contents('/www/server/vhost/ssl/'.$name.'.pem');
$website['ssl_certificate_key'] = @file_get_contents('/www/server/vhost/ssl/'.$name.'.key');
$website['http_redirect'] = 0;
$website['hsts'] = 0;
}
// 从nginx配置中ssl标记位提取waf配置
$waf_raw = $this->cut('# waf标记位开始', '# waf标记位结束', $nginx_config);
if (str_contains($waf_raw, 'waf on;')) {
$website['waf'] = 1;
} else {
$website['waf'] = 0;
}
preg_match_all('/waf_mode\s+(.+);/', $waf_raw, $matches6);
$website['waf_mode'] = $matches6[1][0];
preg_match_all('/waf_cc_deny\s+(.+);/', $waf_raw, $matches7);
$website['waf_cc_deny'] = $matches7[1][0];
preg_match_all('/waf_cache\s+(.+);/', $waf_raw, $matches8);
$website['waf_cache'] = $matches8[1][0];
// 读取伪静态文件的内容
$website['rewrite'] = file_get_contents('/www/server/vhost/rewrite/' . $name . '.conf');
$website['rewrite'] = file_get_contents('/www/server/vhost/rewrite/'.$name.'.conf');
// 读取配置原文
$website['config_raw'] = file_get_contents('/www/server/vhost/' . $name . '.conf');
$website['config_raw'] = file_get_contents('/www/server/vhost/'.$name.'.conf');
// 读取访问日志
$website['log'] = shell_exec('tail -n 100 /www/wwwlogs/' . $name . '.log');
$website['log'] = shell_exec('tail -n 100 /www/wwwlogs/'.$name.'.log');
$res['code'] = 0;
$res['msg'] = 'success';
@@ -315,15 +351,23 @@ EOF;
public function saveSiteSettings(Request $request): JsonResponse
{
// 获取前端传递过来的数据
$name = $request->input('name');
$config = $request->input('config');
$res['code'] = 0;
$res['msg'] = 'success';
// 如果config_raw与本地配置文件不一致则更新配置文件然后返回
$config_raw = shell_exec('cat /www/server/vhost/' . $config['name'] . '.conf');
if (trim($config_raw) != trim($config['config_raw'])) {
file_put_contents('/www/server/vhost/' . $config['name'] . '.conf', $config['config_raw']);
// 如果config_raw与本地配置文件不一致则更新配置文件然后直接返回
$configRaw = shell_exec('cat /www/server/vhost/'.$name.'.conf');
if (trim($configRaw) != trim($config['config_raw'])) {
file_put_contents('/www/server/vhost/'.$name.'.conf', $config['config_raw']);
return response()->json($res);
}
// 检查网站目录是否存在
if (!is_dir($config['path'])) {
$res['code'] = 1;
$res['msg'] = '网站目录不存在';
return response()->json($res);
}
@@ -331,40 +375,112 @@ EOF;
$domain = "server_name";
$domain_arr = explode(PHP_EOL, $config['domain']);
foreach ($domain_arr as $v) {
$domain .= " " . $v;
$domain .= " ".$v;
}
$domain .= ';';
$domain_config_old = $this->cut('# server_name标记位开始', '# server_name标记位结束', $config_raw);
$domain_config_old = $this->cut('# server_name标记位开始', '# server_name标记位结束', $configRaw);
if (!empty(trim($domain_config_old)) && $domain_config_old != PHP_EOL) {
$config_raw = str_replace($domain_config_old, PHP_EOL . " " . $domain . PHP_EOL . ' ', $config_raw);
$configRaw = str_replace($domain_config_old, PHP_EOL." ".$domain.PHP_EOL.' ', $configRaw);
}
// 端口
$port = "";
$port_arr = explode(PHP_EOL, $config['port']);
foreach ($port_arr as $k => $v) {
if ($k != count($port_arr) - 1) {
$port .= " listen " . $v . ';' . PHP_EOL;
$portArr = explode(PHP_EOL, $config['port']);
foreach ($portArr as $k => $v) {
// 检查端口是否均为数字
if (!is_numeric($v) && $v != '443 ssl http2') {
$res['code'] = 1;
$res['msg'] = '端口必须为数字';
return response()->json($res);
}
// 检查是否443端口
if ($v == '443' && $config['ssl'] == '1') {
$v = '443 ssl http2';
}
if ($k != count($portArr) - 1) {
$port .= " listen ".$v.';'.PHP_EOL;
} else {
$port .= " listen " . $v . ';';
$port .= " listen ".$v.';';
}
}
$port_config_old = $this->cut('# port标记位开始', '# port标记位结束', $config_raw);
$port_config_old = $this->cut('# port标记位开始', '# port标记位结束', $configRaw);
if (!empty(trim($port_config_old)) && $port_config_old != PHP_EOL) {
$config_raw = str_replace($port_config_old, PHP_EOL . $port . PHP_EOL . ' ', $config_raw);
$configRaw = str_replace($port_config_old, PHP_EOL.$port.PHP_EOL.' ', $configRaw);
}
// 网站目录
$pathConfig = $this->cut('# root标记位开始', '# root标记位结束', $configRaw);
preg_match_all('/root\s+(.+);/', $pathConfig, $matches1);
$pathConfigOld = $matches1[1][0];
if (!empty(trim($pathConfigOld)) && $pathConfigOld != PHP_EOL) {
$pathConfigNew = str_replace($pathConfigOld, $config['path'], $pathConfig);
$configRaw = str_replace($pathConfig, $pathConfigNew, $configRaw);
}
// 如果开启ssl则更新nginx配置文件
// 默认文件
$indexConfig = $this->cut('# index标记位开始', '# index标记位结束', $configRaw);
preg_match_all('/index\s+(.+);/', $indexConfig, $matches2);
$indexConfigOld = $matches2[1][0];
if (!empty(trim($indexConfigOld)) && $indexConfigOld != PHP_EOL) {
$indexConfigNew = str_replace($indexConfigOld, $config['index'], $indexConfig);
$configRaw = str_replace($indexConfig, $indexConfigNew, $configRaw);
}
// open_basedir
if ($config['open_basedir'] == 1) {
// 判断$config['path']是否为'/'结尾
if (str_ends_with($config['path'], '/')) {
$open_basedir = "open_basedir=".$config['path'].":/tmp/";
} else {
$open_basedir = "open_basedir=".$config['path']."/:/tmp/";
}
// 写入open_basedir配置到.user.ini文件
if (is_dir($config['path'])) {
file_put_contents($config['path'].'/.user.ini', $open_basedir);
// 为.user.ini文件添加i权限
shell_exec('chattr +i '.$config['path'].'/.user.ini');
}
} else {
// 移除.user.ini文件的i权限
shell_exec('chattr -i '.$config['path'].'/.user.ini');
// 删除.user.ini文件
if (file_exists($config['path'].'/.user.ini')) {
unlink($config['path'].'/.user.ini');
}
}
// waf
$waf = $config['waf'] == 1 ? 'on' : 'off';
$wafMode = empty($config['waf_mode']) ? 'DYNAMIC' : $config['waf_mode'];
$wafCcDeny = empty($config['waf_cc_deny']) ? 'rate=1000r/m duration=60m' : $config['waf_cc_deny'];
$wafCache = empty($config['waf_cache']) ? 'capacity=50' : $config['waf_cache'];
$wafConfig = <<<EOF
# waf标记位开始
waf $waf;
waf_rule_path /www/server/nginx/ngx_waf/assets/rules/;
waf_mode $wafMode;
waf_cc_deny $wafCcDeny;
waf_cache $wafCache;
EOF;
$wafConfig .= PHP_EOL.' ';
$wafConfigOld = $this->cut('# waf标记位开始', '# waf标记位结束', $configRaw);
if (!empty(trim($wafConfigOld)) && $wafConfigOld != PHP_EOL) {
$configRawClean = str_replace($wafConfigOld, "", $configRaw);
} else {
$configRawClean = $configRaw;
}
$configRaw = str_replace('# waf标记位开始', $wafConfig, $configRawClean);
// ssl
if ($config['ssl'] == '1') {
// 写入证书
file_put_contents("/www/server/vhost/ssl/" . $config['name'] . '.pem', $config['ssl_certificate']);
file_put_contents("/www/server/vhost/ssl/" . $config['name'] . '.key', $config['ssl_certificate_key']);
file_put_contents("/www/server/vhost/ssl/".$name.'.pem', $config['ssl_certificate']);
file_put_contents("/www/server/vhost/ssl/".$name.'.key', $config['ssl_certificate_key']);
$ssl_config = <<<EOF
# ssl标记位开始
ssl_certificate /www/server/vhost/ssl/$config[name].pem;
ssl_certificate_key /www/server/vhost/ssl/$config[name].key;
ssl_certificate /www/server/vhost/ssl/$name.pem;
ssl_certificate_key /www/server/vhost/ssl/$name.key;
ssl_session_timeout 1d;
ssl_session_cache shared:SSL:10m;
ssl_session_tickets off;
@@ -380,52 +496,55 @@ EOF;
if (\$server_port !~ 443){
return 301 https://\$host\$request_uri;
}
if (\$server_port ~ 443){
add_header Strict-Transport-Security "max-age=63072000" always;
}
error_page 497 https://\$host\$request_uri;
# http重定向标记位结束
EOF;
}
$ssl_config .= PHP_EOL . ' ';
$ssl_config_old = $this->cut('# ssl标记位开始', '# ssl标记位结束', $config_raw);
if (!empty(trim($ssl_config_old)) && $ssl_config_old != PHP_EOL) {
$config_raw_clean = str_replace($ssl_config_old, "", $config_raw);
} else {
$config_raw_clean = $config_raw;
if ($config['hsts'] == '1') {
$ssl_config .= PHP_EOL;
$ssl_config .= <<<EOF
# hsts标记位开始
add_header Strict-Transport-Security "max-age=63072000" always;
# hsts标记位结束
EOF;
}
$config_raw = str_replace('# ssl标记位开始', $ssl_config, $config_raw_clean);
$ssl_config .= PHP_EOL.' ';
$ssl_config_old = $this->cut('# ssl标记位开始', '# ssl标记位结束', $configRaw);
if (!empty(trim($ssl_config_old)) && $ssl_config_old != PHP_EOL) {
$configRaw_clean = str_replace($ssl_config_old, "", $configRaw);
} else {
$configRaw_clean = $configRaw;
}
$configRaw = str_replace('# ssl标记位开始', $ssl_config, $configRaw_clean);
} else {
// 更新nginx配置文件
$ssl_config_old = $this->cut('# ssl标记位开始', '# ssl标记位结束', $config_raw);
$ssl_config_old = $this->cut('# ssl标记位开始', '# ssl标记位结束', $configRaw);
if (!empty(trim($ssl_config_old)) && $ssl_config_old != PHP_EOL) {
$config_raw = str_replace($ssl_config_old, PHP_EOL . ' ', $config_raw);
$configRaw = str_replace($ssl_config_old, PHP_EOL.' ', $configRaw);
}
}
// 如果PHP版本不一致则更新PHP版本
$php_old = Website::query()->where('name', $config['name'])->value('php');
$php_old = Website::query()->where('name', $name)->value('php');
if ($config['php'] != $php_old) {
$php_config_old = $this->cut('# php标记位开始', '# php标记位结束', $config_raw);
$php_config_old = $this->cut('# php标记位开始', '# php标记位结束', $configRaw);
$php_config_new = PHP_EOL;
$php_config_new .= <<<EOL
include enable-php-$config[php].conf;
EOL;
$php_config_new .= PHP_EOL . ' ';
$php_config_new .= PHP_EOL.' ';
if (!empty(trim($php_config_old)) && $php_config_old != PHP_EOL) {
$config_raw = str_replace($php_config_old, $php_config_new, $config_raw);
$configRaw = str_replace($php_config_old, $php_config_new, $configRaw);
}
}
// 将数据入库
Website::query()->where('name', $config['name'])->update(['php' => $config['php']]);
Website::query()->where('name', $config['name'])->update(['ssl' => $config['ssl']]);
file_put_contents('/www/server/vhost/' . $config['name'] . '.conf', $config_raw);
file_put_contents('/www/server/vhost/rewrite/' . $config['name'] . '.conf', $config['rewrite_raw']);
Website::query()->where('name', $name)->update(['php' => $config['php']]);
Website::query()->where('name', $name)->update(['ssl' => $config['ssl']]);
file_put_contents('/www/server/vhost/'.$name.'.conf', $configRaw);
file_put_contents('/www/server/vhost/rewrite/'.$name.'.conf', $config['rewrite']);
shell_exec('systemctl reload nginx');
return response()->json($res);
}
@@ -435,15 +554,29 @@ EOL;
* @param Request $request
* @return JsonResponse
*/
public function cleanSiteLog(Request $request): JsonResponse
public function clearSiteLog(Request $request): JsonResponse
{
$name = $request->input('name');
shell_exec('echo "" > /www/wwwlogs/' . $name . '.log');
shell_exec('echo "" > /www/wwwlogs/'.$name.'.log');
$res['code'] = 0;
$res['msg'] = 'success';
return response()->json($res);
}
/**
* 修改网站备注
* @param Request $request
* @return JsonResponse
*/
public function updateSiteNote(Request $request): JsonResponse
{
$name = $request->input('name');
$note = $request->input('note');
Website::query()->where('name', $name)->update(['note' => $note]);
$res['code'] = 0;
$res['msg'] = 'success';
return response()->json($res);
}
// 裁剪字符串
private function cut($begin, $end, $str): string