feat: 全局移除waf

internal/data/website.go

@@ -140,21 +140,6 @@ func (r *websiteRepo) Get(id uint) (*types.WebsiteSetting, error) {
 		setting.SSLDNSNames = decode.DNSNames
 	}
 
-	waf := str.Cut(config, "# waf标记位开始", "# waf标记位结束")
-	setting.Waf = strings.Contains(waf, "waf on;")
-	match = regexp.MustCompile(`waf_mode\s+([^;]*);?`).FindStringSubmatch(waf)
-	if len(match) > 1 {
-		setting.WafMode = match[1]
-	}
-	match = regexp.MustCompile(`waf_cc_deny\s+([^;]*);?`).FindStringSubmatch(waf)
-	if len(match) > 1 {
-		setting.WafCcDeny = match[1]
-	}
-	match = regexp.MustCompile(`waf_cache\s+([^;]*);?`).FindStringSubmatch(waf)
-	if len(match) > 1 {
-		setting.WafCache = match[1]
-	}
-
 	rewrite, _ := io.Read(filepath.Join(app.Root, "server/vhost/rewrite", website.Name+".conf"))
 	setting.Rewrite = rewrite
 	log, _ := shell.Execf(`tail -n 100 '%s/wwwlogs/%s.log'`, app.Root, website.Name)
@@ -268,14 +253,6 @@ server
     include enable-php-%s.conf;
     # php标记位结束
 
-    # waf标记位开始
-    waf off;
-    waf_rule_path %s/server/openresty/ngx_waf/assets/rules/;
-    waf_mode DYNAMIC;
-    waf_cc_deny rate=1000r/m duration=60m;
-    waf_cache capacity=50;
-    # waf标记位结束
-
     # 错误页配置，可自行设置
     error_page 404 /404.html;
     #error_page 502 /502.html;
@@ -302,7 +279,7 @@ server
     access_log %s/wwwlogs/%s.log;
     error_log %s/wwwlogs/%s.log;
 }
-`, portList, domainList, req.Path, req.PHP, app.Root, app.Root, req.Name, app.Root, req.Name, app.Root, req.Name, app.Root, req.Name)
+`, portList, domainList, req.Path, req.PHP, app.Root, req.Name, app.Root, req.Name, app.Root, req.Name, app.Root, req.Name)
 
 	if err = io.Write(filepath.Join(app.Root, "server/vhost", req.Name+".conf"), nginxConf, 0644); err != nil {
 		return nil, err
@@ -479,24 +456,6 @@ func (r *websiteRepo) Update(req *request.WebsiteUpdate) error {
 		}
 	}
 
-	// WAF
-	wafStr := "off"
-	if req.Waf {
-		wafStr = "on"
-	}
-	wafConfig := fmt.Sprintf(`# waf标记位开始
-    waf %s;
-    waf_rule_path %s/server/openresty/ngx_waf/assets/rules/;
-    waf_mode %s;
-    waf_cc_deny %s;
-    waf_cache %s;
-    `, wafStr, app.Root, req.WafMode, req.WafCcDeny, req.WafCache)
-	wafConfigOld := str.Cut(raw, "# waf标记位开始", "# waf标记位结束")
-	if len(strings.TrimSpace(wafConfigOld)) != 0 {
-		raw = strings.Replace(raw, wafConfigOld, "", -1)
-	}
-	raw = strings.Replace(raw, "# waf标记位开始", wafConfig, -1)
-
 	// SSL
 	if err = io.Write(filepath.Join(app.Root, "server/vhost/ssl", website.Name+".pem"), req.SSLCertificate, 0644); err != nil {
 		return err
@@ -689,14 +648,6 @@ server
     include enable-php-%d.conf;
     # php标记位结束
 
-    # waf标记位开始
-    waf off;
-    waf_rule_path %s/server/openresty/ngx_waf/assets/rules/;
-    waf_mode DYNAMIC;
-    waf_cc_deny rate=1000r/m duration=60m;
-    waf_cache capacity=50;
-    # waf标记位结束
-
     # 错误页配置，可自行设置
     error_page 404 /404.html;
     #error_page 502 /502.html;
@@ -724,7 +675,7 @@ server
     error_log %s/wwwlogs/%s.log;
 }
 
-`, website.Path, website.PHP, app.Root, app.Root, website.Name, app.Root, website.Name, app.Root, website.Name, app.Root, website.Name)
+`, website.Path, website.PHP, app.Root, website.Name, app.Root, website.Name, app.Root, website.Name, app.Root, website.Name)
 	if err := io.Write(filepath.Join(app.Root, "server/vhost", website.Name+".conf"), raw, 0644); err != nil {
 		return nil
 	}

internal/http/request/website.go

@@ -1,7 +1,5 @@
 package request
 
-import "net/http"
-
 type WebsiteDefaultConfig struct {
 	Index string `json:"index" form:"index"`
 	Stop  string `json:"stop" form:"stop"`
@@ -37,10 +35,6 @@ type WebsiteUpdate struct {
 	SSL               bool     `form:"ssl" json:"ssl"`
 	HTTPRedirect      bool     `form:"http_redirect" json:"http_redirect"`
 	OpenBasedir       bool     `form:"open_basedir" json:"open_basedir"`
-	Waf               bool     `form:"waf" json:"waf"`
-	WafCache          string   `form:"waf_cache" json:"waf_cache"`
-	WafMode           string   `form:"waf_mode" json:"waf_mode"`
-	WafCcDeny         string   `form:"waf_cc_deny" json:"waf_cc_deny"`
 	Index             string   `form:"index" json:"index"`
 	Path              string   `form:"path" json:"path"`
 	Root              string   `form:"root" json:"root"`
@@ -51,20 +45,6 @@ type WebsiteUpdate struct {
 	SSLCertificateKey string   `form:"ssl_certificate_key" json:"ssl_certificate_key"`
 }
 
-func (r *WebsiteUpdate) Prepare(_ *http.Request) error {
-	if r.WafMode == "" {
-		r.WafMode = "DYNAMIC"
-	}
-	if r.WafCcDeny == "" {
-		r.WafCcDeny = "rate=1000r/m duration=60m"
-	}
-	if r.WafCache == "" {
-		r.WafCache = "capacity=50"
-	}
-
-	return nil
-}
-
 type WebsiteUpdateRemark struct {
 	ID     uint   `form:"id" json:"id"`
 	Remark string `form:"remark" json:"remark"`

pkg/types/website.go

@@ -23,10 +23,6 @@ type WebsiteSetting struct {
 	HTTPRedirect      bool     `json:"http_redirect"`
 	HSTS              bool     `json:"hsts"`
 	OCSP              bool     `json:"ocsp"`
-	Waf               bool     `json:"waf"`
-	WafMode           string   `json:"waf_mode"`
-	WafCcDeny         string   `json:"waf_cc_deny"`
-	WafCache          string   `json:"waf_cache"`
 	Rewrite           string   `json:"rewrite"`
 	Raw               string   `json:"raw"`
 	Log               string   `json:"log"`

web/src/api/panel/website/index.ts

@@ -6,8 +6,8 @@ export default {
   // 列表
   list: (page: number, limit: number): Promise<AxiosResponse<any>> =>
     request.get('/website', { params: { page, limit } }),
-  // 添加
-  add: (data: any): Promise<AxiosResponse<any>> => request.post('/website', data),
+  // 创建
+  create: (data: any): Promise<AxiosResponse<any>> => request.post('/website', data),
   // 删除
   delete: (data: any): Promise<AxiosResponse<any>> => request.post('/website/' + data.id, data),
   // 获取默认配置

web/src/views/website/EditView.vue

@@ -31,10 +31,6 @@ const setting = ref<WebsiteSetting>({
   http_redirect: false,
   hsts: false,
   ocsp: false,
-  waf: false,
-  waf_mode: '',
-  waf_cc_deny: '',
-  waf_cache: '',
   rewrite: '',
   raw: '',
   log: ''
@@ -173,35 +169,6 @@ onMounted(() => {
         </n-form>
         <n-skeleton v-else text :repeat="10" />
       </n-tab-pane>
-      <n-tab-pane name="waf" tab="防火墙">
-        <n-alert type="info" mb-20>
-          面板自带开源的 ngx_waf 防火墙
-          <br />
-          文档参考：<a
-            href="https://docs.addesp.com/ngx_waf/zh-cn/advance/directive.html"
-            target="_blank"
-            >https://docs.addesp.com/ngx_waf/zh-cn/advance/directive.html</a
-          >
-        </n-alert>
-        <n-form v-if="setting">
-          <n-form-item label="总开关">
-            <n-space vertical>
-              <n-switch v-model:value="setting.waf" />
-              <n-tag>只有打开了总开关，下面的设置才会生效！</n-tag>
-            </n-space>
-          </n-form-item>
-          <n-form-item label="模式">
-            <n-input v-model:value="setting.waf_mode" placeholder="DYNAMIC" />
-          </n-form-item>
-          <n-form-item label="CC">
-            <n-input v-model:value="setting.waf_cc_deny" placeholder="rate=1000r/m duration=60m" />
-          </n-form-item>
-          <n-form-item label="缓存">
-            <n-input v-model:value="setting.waf_cache" placeholder="capacity=50" />
-          </n-form-item>
-        </n-form>
-        <n-skeleton v-else text :repeat="10" />
-      </n-tab-pane>
       <n-tab-pane name="https" tab="HTTPS">
         <n-flex vertical v-if="setting">
           <n-alert type="info">开启 HTTPS 前，请先在域名端口处添加 443 端口！</n-alert>

web/src/views/website/IndexView.vue

@@ -190,7 +190,7 @@ const buttonDisabled = ref(false)
 const addModel = ref({
   name: '',
   domains: [] as Array<string>,
-  ports: [] as Array<string>,
+  ports: [] as Array<number>,
   php: '0',
   db: false,
   db_type: '0',
@@ -307,15 +307,15 @@ const handleAdd = async () => {
   buttonDisabled.value = true
   // 去除空的域名和端口
   addModel.value.domains = addModel.value.domains.filter((item) => item !== '')
-  addModel.value.ports = addModel.value.ports.filter((item) => item !== '')
+  addModel.value.ports = addModel.value.ports.filter((item) => item !== 0)
   // 端口为空自动添加 80 端口
   if (addModel.value.ports.length === 0) {
-    addModel.value.ports.push('80')
+    addModel.value.ports.push(80)
   }
   await website
-    .add(addModel.value)
+    .create(addModel.value)
     .then(() => {
-      window.$message.success('添加成功')
+      window.$message.success('创建成功')
       getWebsiteList(pagination.page, pagination.pageSize).then((res) => {
         data.value = res.items
         pagination.itemCount = res.total
@@ -325,7 +325,7 @@ const handleAdd = async () => {
       addModel.value = {
         name: '',
         domains: [] as Array<string>,
-        ports: [] as Array<string>,
+        ports: [] as Array<number>,
         php: '0',
         db: false,
         db_type: '0',
@@ -448,12 +448,11 @@ onMounted(() => {
         <n-col :span="2"></n-col>
         <n-col :span="11">
           <n-form-item :label="$t('websiteIndex.create.fields.port.label')">
-            <n-dynamic-input
-              v-model:value="addModel.ports"
-              placeholder="80"
-              :min="1"
-              show-sort-button
-            />
+            <n-dynamic-input v-model:value="addModel.ports" show-sort-button>
+              <template #default="{ index }">
+                <n-input-number v-model:value="addModel.ports[index]" :min="1" :max="65535" />
+              </template>
+            </n-dynamic-input>
           </n-form-item>
         </n-col>
       </n-row>

web/src/views/website/types.ts

@@ -32,10 +32,6 @@ export interface WebsiteSetting {
   http_redirect: boolean
   hsts: boolean
   ocsp: boolean
-  waf: boolean
-  waf_mode: string
-  waf_cc_deny: string
-  waf_cache: string
   rewrite: string
   raw: string
   log: string