refactor: 网站nginx配置解析生成

2026-02-04 12:40:25 +08:00 · 2024-10-14 21:34:24 +08:00
parent bdee27541c
commit e8a01e2d04
14 changed files with 488 additions and 477 deletions
--- a/pkg/nginx/data.go
+++ b/pkg/nginx/data.go
@@ -11,8 +11,6 @@ const defaultConf = `server {
    root /www/wwwroot/default;
    # 错误页配置
    error_page 404 /404.html;
-    # 伪静态规则
-    include /www/server/vhost/rewrite/default.conf;
    include enable-php-0.conf;
    # 不记录静态文件日志
    location ~ .*\.(bmp|jpg|jpeg|png|gif|svg|ico|tiff|webp|avif|heif|heic|jxl)$ {
--- a/pkg/nginx/getter.go
+++ b/pkg/nginx/getter.go
@@ -38,6 +38,15 @@ func (p *Parser) GetIndex() ([]string, error) {
 	return directive.GetParameters(), nil
 }

+func (p *Parser) GetIndexWithComment() ([]string, []string, error) {
+	directive, err := p.FindOne("server.index")
+	if err != nil {
+		return nil, nil, err
+	}
+
+	return directive.GetParameters(), directive.GetComment(), nil
+}
+
 func (p *Parser) GetRoot() (string, error) {
 	directive, err := p.FindOne("server.root")
 	if err != nil {
@@ -50,6 +59,18 @@ func (p *Parser) GetRoot() (string, error) {
 	return directive.GetParameters()[0], nil
 }

+func (p *Parser) GetRootWithComment() (string, []string, error) {
+	directive, err := p.FindOne("server.root")
+	if err != nil {
+		return "", nil, err
+	}
+	if len(directive.GetParameters()) == 0 {
+		return "", directive.GetComment(), nil
+	}
+
+	return directive.GetParameters()[0], directive.GetComment(), nil
+}
+
 func (p *Parser) GetIncludes() (includes []string, comments [][]string, err error) {
 	directives, err := p.Find("server.include")
 	if err != nil {
@@ -67,10 +88,10 @@ func (p *Parser) GetIncludes() (includes []string, comments [][]string, err erro
 	return includes, comments, nil
 }

-func (p *Parser) GetPHP() (int, error) {
+func (p *Parser) GetPHP() int {
 	directives, err := p.Find("server.include")
 	if err != nil {
-		return 0, err
+		return 0
 	}

 	var result int
@@ -82,7 +103,7 @@ func (p *Parser) GetPHP() (int, error) {
 		}
 	}

-	return result, err
+	return result
 }

 func (p *Parser) GetHTTPS() bool {
@@ -145,21 +166,21 @@ func (p *Parser) GetHSTS() bool {
 	return false
 }

-func (p *Parser) GetHTTPSRedirect() (bool, error) {
+func (p *Parser) GetHTTPSRedirect() bool {
 	directives, err := p.Find("server.if")
 	if err != nil {
-		return false, err
+		return false
 	}

 	for _, dir := range directives {
 		for _, dir2 := range dir.GetBlock().GetDirectives() {
 			if dir2.GetName() == "return" && slices.Contains(dir2.GetParameters(), "https://$host$request_uri") {
-				return true, nil
+				return true
 			}
 		}
 	}

-	return false, nil
+	return false
 }

 func (p *Parser) GetAccessLog() (string, error) {
--- a/pkg/nginx/parser_test.go
+++ b/pkg/nginx/parser_test.go
@@ -68,8 +68,8 @@ func (s *NginxTestSuite) TestIncludes() {
 	s.NoError(err)
 	includes, comments, err := parser.GetIncludes()
 	s.NoError(err)
-	s.Equal([]string{"/www/server/vhost/rewrite/default.conf", "enable-php-0.conf"}, includes)
-	s.Equal([][]string{{"# 伪静态规则"}, []string(nil)}, comments)
+	s.Equal([]string{"enable-php-0.conf"}, includes)
+	s.Equal([][]string{[]string(nil)}, comments)
 	s.NoError(parser.SetIncludes([]string{"/www/server/vhost/rewrite/default.conf"}, nil))
 	includes, comments, err = parser.GetIncludes()
 	s.NoError(err)
@@ -82,6 +82,16 @@ func (s *NginxTestSuite) TestIncludes() {
 	s.Equal([][]string{{"# 伪静态规则测试"}}, comments)
 }

+func (s *NginxTestSuite) TestPHP() {
+	parser, err := NewParser()
+	s.NoError(err)
+	s.Equal(0, parser.GetPHP())
+	s.NoError(parser.SetPHP(80))
+	s.Equal(80, parser.GetPHP())
+	s.NoError(parser.SetPHP(0))
+	s.Equal(0, parser.GetPHP())
+}
+
 func (s *NginxTestSuite) TestHTTP() {
 	parser, err := NewParser()
 	s.NoError(err)
@@ -126,6 +136,8 @@ func (s *NginxTestSuite) TestOCSP() {
 	s.NoError(err)
 	s.NoError(parser.SetHTTPS("/www/server/vhost/ssl/default.pem", "/www/server/vhost/ssl/default.key"))
 	s.False(parser.GetOCSP())
+	s.NoError(parser.SetOCSP(false))
+	s.False(parser.GetOCSP())
 	s.NoError(parser.SetOCSP(true))
 	s.True(parser.GetOCSP())
 	s.NoError(parser.SetOCSP(false))
@@ -137,6 +149,8 @@ func (s *NginxTestSuite) TestHSTS() {
 	s.NoError(err)
 	s.NoError(parser.SetHTTPS("/www/server/vhost/ssl/default.pem", "/www/server/vhost/ssl/default.key"))
 	s.False(parser.GetHSTS())
+	s.NoError(parser.SetHSTS(false))
+	s.False(parser.GetHSTS())
 	s.NoError(parser.SetHSTS(true))
 	s.True(parser.GetHSTS())
 	s.NoError(parser.SetHSTS(false))
@@ -148,9 +162,11 @@ func (s *NginxTestSuite) TestHTTPSRedirect() {
 	s.NoError(err)
 	s.NoError(parser.SetHTTPS("/www/server/vhost/ssl/default.pem", "/www/server/vhost/ssl/default.key"))
 	s.False(parser.GetHTTPSRedirect())
-	s.NoError(parser.SetHTTPSRedirect(true))
+	s.NoError(parser.SetHTTPRedirect(false))
+	s.False(parser.GetHTTPSRedirect())
+	s.NoError(parser.SetHTTPRedirect(true))
 	s.True(parser.GetHTTPSRedirect())
-	s.NoError(parser.SetHTTPSRedirect(false))
+	s.NoError(parser.SetHTTPRedirect(false))
 	s.False(parser.GetHTTPSRedirect())
 }

--- a/pkg/nginx/setter.go
+++ b/pkg/nginx/setter.go
@@ -50,6 +50,20 @@ func (p *Parser) SetIndex(index []string) error {
 	})
 }

+func (p *Parser) SetIndexWithComment(index []string, comment []string) error {
+	if err := p.Clear("server.index"); err != nil {
+		return err
+	}
+
+	return p.Set("server", []*config.Directive{
+		{
+			Name:       "index",
+			Parameters: index,
+			Comment:    comment,
+		},
+	})
+}
+
 func (p *Parser) SetRoot(root string) error {
 	if err := p.Clear("server.root"); err != nil {
 		return err
@@ -63,6 +77,20 @@ func (p *Parser) SetRoot(root string) error {
 	})
 }

+func (p *Parser) SetRootWithComment(root string, comment []string) error {
+	if err := p.Clear("server.root"); err != nil {
+		return err
+	}
+
+	return p.Set("server", []*config.Directive{
+		{
+			Name:       "root",
+			Parameters: []string{root},
+			Comment:    comment,
+		},
+	})
+}
+
 func (p *Parser) SetIncludes(includes []string, comments [][]string) error {
 	if err := p.Clear("server.include"); err != nil {
 		return err
@@ -127,7 +155,7 @@ func (p *Parser) SetPHP(php int) error {
 	return p.Set("server", directives)
 }

-func (p *Parser) UnSetHTTPS() error {
+func (p *Parser) ClearSetHTTPS() error {
 	if err := p.Clear("server.ssl_certificate"); err != nil {
 		return err
 	}
@@ -157,7 +185,7 @@ func (p *Parser) UnSetHTTPS() error {
 }

 func (p *Parser) SetHTTPS(cert, key string) error {
-	if err := p.UnSetHTTPS(); err != nil {
+	if err := p.ClearSetHTTPS(); err != nil {
 		return err
 	}

@@ -287,7 +315,7 @@ func (p *Parser) SetHSTS(hsts bool) error {
 	return p.Set("server", directives)
 }

-func (p *Parser) SetHTTPSRedirect(httpRedirect bool) error {
+func (p *Parser) SetHTTPRedirect(httpRedirect bool) error {
 	// if 重定向
 	ifs, err := p.Find("server.if")
 	if err != nil {
--- a/pkg/nginx/testdata/http.conf
+++ b/pkg/nginx/testdata/http.conf
@@ -5,8 +5,6 @@ server {
    root /www/wwwroot/default;
    # 错误页配置
    error_page 404 /404.html;
-    # 伪静态规则
-    include /www/server/vhost/rewrite/default.conf;
    include enable-php-0.conf;
    # 不记录静态文件日志
    location ~ .*\.(bmp|jpg|jpeg|png|gif|svg|ico|tiff|webp|avif|heif|heic|jxl)$ {
--- a/pkg/nginx/testdata/https.conf
+++ b/pkg/nginx/testdata/https.conf
@@ -13,8 +13,6 @@ server {
    ssl_early_data on;
    # 错误页配置
    error_page 404 /404.html;
-    # 伪静态规则
-    include /www/server/vhost/rewrite/default.conf;
    include enable-php-0.conf;
    # 不记录静态文件日志
    location ~ .*\.(bmp|jpg|jpeg|png|gif|svg|ico|tiff|webp|avif|heif|heic|jxl)$ {
--- a/pkg/punycode/punycode.go
+++ b/pkg/punycode/punycode.go
@@ -0,0 +1,52 @@
+package punycode
+
+import (
+	"fmt"
+	"slices"
+
+	"golang.org/x/net/idna"
+)
+
+// EncodeDomain 将 Unicode 域名编码为 Punycode
+func EncodeDomain(domain string) (string, error) {
+	ascii, err := idna.ToASCII(domain)
+	if err != nil {
+		return "", fmt.Errorf("domain encode failed: %w", err)
+	}
+	return ascii, nil
+}
+
+// EncodeDomains 将 Unicode 域名列表编码为 Punycode
+func EncodeDomains(domain []string) (encoded []string, err error) {
+	var punycode string
+	for item := range slices.Values(domain) {
+		punycode, err = EncodeDomain(item)
+		if err != nil {
+			return nil, err
+		}
+		encoded = append(encoded, punycode)
+	}
+	return encoded, nil
+}
+
+// DecodeDomain 将 Punycode 域名解码为 Unicode 域名
+func DecodeDomain(punycodeDomain string) (string, error) {
+	unicode, err := idna.ToUnicode(punycodeDomain)
+	if err != nil {
+		return "", fmt.Errorf("domain decode failed: %w", err)
+	}
+	return unicode, nil
+}
+
+// DecodeDomains 将 Punycode 域名列表解码为 Unicode 域名
+func DecodeDomains(punycode []string) (decoded []string, err error) {
+	var unicode string
+	for item := range slices.Values(punycode) {
+		unicode, err = DecodeDomain(item)
+		if err != nil {
+			return nil, err
+		}
+		decoded = append(decoded, unicode)
+	}
+	return decoded, nil
+}
--- a/pkg/types/website.go
+++ b/pkg/types/website.go
@@ -1,30 +1,35 @@
 package types

+// WebsiteListen 网站监听配置
+type WebsiteListen struct {
+	Address string `form:"address" json:"address" validate:"required"` // 监听地址 e.g. 80 0.0.0.0:80 [::]:80
+	HTTPS   bool   `form:"https" json:"https" validate:"required"`     // 是否启用HTTPS
+	QUIC    bool   `form:"quic" json:"quic"`                           // 是否启用QUIC
+}
+
 // WebsiteSetting 网站设置
 type WebsiteSetting struct {
-	ID                uint     `json:"id"`
-	Name              string   `json:"name"`
-	Domains           []string `json:"domains"`
-	Ports             []uint   `json:"ports"`
-	SSLPorts          []uint   `json:"ssl_ports"`
-	QUICPorts         []uint   `json:"quic_ports"`
-	Root              string   `json:"root"`
-	Path              string   `json:"path"`
-	Index             string   `json:"index"`
-	PHP               int      `json:"php"`
-	OpenBasedir       bool     `json:"open_basedir"`
-	SSL               bool     `json:"ssl"`
-	SSLCertificate    string   `json:"ssl_certificate"`
-	SSLCertificateKey string   `json:"ssl_certificate_key"`
-	SSLNotBefore      string   `json:"ssl_not_before"`
-	SSLNotAfter       string   `json:"ssl_not_after"`
-	SSLDNSNames       []string `json:"ssl_dns_names"`
-	SSLIssuer         string   `json:"ssl_issuer"`
-	SSLOCSPServer     []string `json:"ssl_ocsp_server"`
-	HTTPRedirect      bool     `json:"http_redirect"`
-	HSTS              bool     `json:"hsts"`
-	OCSP              bool     `json:"ocsp"`
-	Rewrite           string   `json:"rewrite"`
-	Raw               string   `json:"raw"`
-	Log               string   `json:"log"`
+	ID                uint            `json:"id"`
+	Name              string          `json:"name"`
+	Listens           []WebsiteListen `form:"listens" json:"listens" validate:"required"`
+	Domains           []string        `json:"domains"`
+	Path              string          `json:"path"` // 网站目录
+	Root              string          `json:"root"` // 运行目录
+	Index             []string        `json:"index"`
+	PHP               int             `json:"php"`
+	OpenBasedir       bool            `json:"open_basedir"`
+	HTTPS             bool            `json:"https"`
+	SSLCertificate    string          `json:"ssl_certificate"`
+	SSLCertificateKey string          `json:"ssl_certificate_key"`
+	SSLNotBefore      string          `json:"ssl_not_before"`
+	SSLNotAfter       string          `json:"ssl_not_after"`
+	SSLDNSNames       []string        `json:"ssl_dns_names"`
+	SSLIssuer         string          `json:"ssl_issuer"`
+	SSLOCSPServer     []string        `json:"ssl_ocsp_server"`
+	HTTPRedirect      bool            `json:"http_redirect"`
+	HSTS              bool            `json:"hsts"`
+	OCSP              bool            `json:"ocsp"`
+	Rewrite           string          `json:"rewrite"`
+	Raw               string          `json:"raw"`
+	Log               string          `json:"log"`
 }