用户状态发生变化时，同步服务状态

build/build.sh

@@ -1,76 +1,76 @@
 #!/usr/bin/env bash
 
 function build() {
-	ROOT=$(dirname $0)
+	ROOT=$(dirname "$0")
 	NAME="edge-api"
 	DIST=$ROOT/"../dist/${NAME}"
 	OS=${1}
 	ARCH=${2}
 	TAG=${3}
-	NODE_ARCHITECTS=("amd64" "386" "arm64" "mips64" "mips64le")
+	NODE_ARCHITECTS=("amd64" "arm64")
 
-	if [ -z $OS ]; then
+	if [ -z "$OS" ]; then
 		echo "usage: build.sh OS ARCH"
 		exit
 	fi
-	if [ -z $ARCH ]; then
+	if [ -z "$ARCH" ]; then
 		echo "usage: build.sh OS ARCH"
 		exit
 	fi
-	if [ -z $TAG ]; then
+	if [ -z "$TAG" ]; then
 		TAG="community"
 	fi
 
-	VERSION=$(lookup-version $ROOT/../internal/const/const.go)
+	VERSION=$(lookup-version "$ROOT"/../internal/const/const.go)
 	ZIP="${NAME}-${OS}-${ARCH}-${TAG}-v${VERSION}.zip"
 
 	# build edge-node
-	NodeVersion=$(lookup-version $ROOT"/../../EdgeNode/internal/const/const.go")
+	NodeVersion=$(lookup-version "$ROOT""/../../EdgeNode/internal/const/const.go")
 	echo "building edge-node v${NodeVersion} ..."
 	EDGE_NODE_BUILD_SCRIPT=$ROOT"/../../EdgeNode/build/build.sh"
-	if [ ! -f $EDGE_NODE_BUILD_SCRIPT ]; then
+	if [ ! -f "$EDGE_NODE_BUILD_SCRIPT" ]; then
 		echo "unable to find edge-node build script 'EdgeNode/build/build.sh'"
 		exit
 	fi
-	cd $ROOT"/../../EdgeNode/build"
+	cd "$ROOT""/../../EdgeNode/build" || exit
 	echo "=============================="
 	for arch in "${NODE_ARCHITECTS[@]}"; do
-		if [ ! -f $ROOT"/../../EdgeNode/dist/edge-node-linux-${arch}-${TAG}-v${NodeVersion}.zip" ]; then
-			./build.sh linux $arch $TAG
+		if [ ! -f "$ROOT""/../../EdgeNode/dist/edge-node-linux-${arch}-${TAG}-v${NodeVersion}.zip" ]; then
+			./build.sh linux "$arch" $TAG
 		else
 			echo "use built node linux/$arch/v${NodeVersion}"
 		fi
 	done
 	echo "=============================="
-	cd -
+	cd - || exit
 
-	rm -f $ROOT/deploy/*.zip
+	rm -f "$ROOT"/deploy/*.zip
 	for arch in "${NODE_ARCHITECTS[@]}"; do
-		cp $ROOT"/../../EdgeNode/dist/edge-node-linux-${arch}-${TAG}-v${NodeVersion}.zip" $ROOT/deploy/edge-node-linux-${arch}-v${NodeVersion}.zip
+		cp "$ROOT""/../../EdgeNode/dist/edge-node-linux-${arch}-${TAG}-v${NodeVersion}.zip" "$ROOT"/deploy/edge-node-linux-"${arch}"-v"${NodeVersion}".zip
 	done
 
 	# build edge-dns
 	if [ "$TAG" = "plus" ]; then
 		DNS_ROOT=$ROOT"/../../EdgeDNS"
-		if [ -d $DNS_ROOT  ]; then
-			DNSNodeVersion=$(lookup-version $ROOT"/../../EdgeDNS/internal/const/const.go")
+		if [ -d "$DNS_ROOT"  ]; then
+			DNSNodeVersion=$(lookup-version "$ROOT""/../../EdgeDNS/internal/const/const.go")
 			echo "building edge-dns ${DNSNodeVersion} ..."
 			EDGE_DNS_NODE_BUILD_SCRIPT=$ROOT"/../../EdgeDNS/build/build.sh"
-			if [ ! -f $EDGE_DNS_NODE_BUILD_SCRIPT ]; then
+			if [ ! -f "$EDGE_DNS_NODE_BUILD_SCRIPT" ]; then
 				echo "unable to find edge-dns build script 'EdgeDNS/build/build.sh'"
 				exit
 			fi
-			cd $ROOT"/../../EdgeDNS/build"
+			cd "$ROOT""/../../EdgeDNS/build" || exit
 			echo "=============================="
-			architects=("amd64")
+			architects=("amd64" "arm64")
 			for arch in "${architects[@]}"; do
-				./build.sh linux $arch $TAG
+				./build.sh linux "$arch" $TAG
 			done
 			echo "=============================="
-			cd -
+			cd - || exit
 
 			for arch in "${architects[@]}"; do
-				cp $ROOT"/../../EdgeDNS/dist/edge-dns-linux-${arch}-v${DNSNodeVersion}.zip" $ROOT/deploy/edge-dns-linux-${arch}-v${DNSNodeVersion}.zip
+				cp "$ROOT""/../../EdgeDNS/dist/edge-dns-linux-${arch}-v${DNSNodeVersion}.zip" "$ROOT"/deploy/edge-dns-linux-"${arch}"-v"${DNSNodeVersion}".zip
 			done
 		fi
 	fi
@@ -78,48 +78,48 @@ function build() {
 	# build sql
 	if [ $TAG = "plus" ]; then
 		echo "building sql ..."
-		${ROOT}/sql.sh
+		"${ROOT}"/sql.sh
 	fi
 
 	# copy files
 	echo "copying ..."
-	if [ ! -d $DIST ]; then
-		mkdir $DIST
-		mkdir $DIST/bin
-		mkdir $DIST/configs
-		mkdir $DIST/logs
+	if [ ! -d "$DIST" ]; then
+		mkdir "$DIST"
+		mkdir "$DIST"/bin
+		mkdir "$DIST"/configs
+		mkdir "$DIST"/logs
 	fi
-	cp $ROOT/configs/api.template.yaml $DIST/configs/
-	cp $ROOT/configs/db.template.yaml $DIST/configs/
-	cp -R $ROOT/deploy $DIST/
-	rm -f $dist/deploy/.gitignore
-	cp -R $ROOT/installers $DIST/
-	cp -R $ROOT/resources $DIST/
-	rm -f $DIST/resources/ipdata/ip2region/global_region.csv
-	rm -f $DIST/resources/ipdata/ip2region/ip.merge.txt
+	cp "$ROOT"/configs/api.template.yaml "$DIST"/configs/
+	cp "$ROOT"/configs/db.template.yaml "$DIST"/configs/
+	cp -R "$ROOT"/deploy "$DIST/"
+	rm -f "$DIST"/deploy/.gitignore
+	cp -R "$ROOT"/installers "$DIST"/
+	cp -R "$ROOT"/resources "$DIST"/
+	rm -f "$DIST"/resources/ipdata/ip2region/global_region.csv
+	rm -f "$DIST"/resources/ipdata/ip2region/ip.merge.txt
 
 	# building edge installer
 	echo "building node installer ..."
-	architects=("amd64" "386" "arm64")
+	architects=("amd64" "arm64")
 	for arch in "${architects[@]}"; do
 		# TODO support arm, mips ...
-		env GOOS=linux GOARCH=${arch} go build -tags $TAG --ldflags="-s -w" -o $ROOT/installers/edge-installer-helper-linux-${arch} $ROOT/../cmd/installer-helper/main.go
+		env GOOS=linux GOARCH="${arch}" go build -trimpath -tags $TAG --ldflags="-s -w" -o "$ROOT"/installers/edge-installer-helper-linux-"${arch}" "$ROOT"/../cmd/installer-helper/main.go
 	done
 
 	# building edge dns installer
 	echo "building dns node installer ..."
-	architects=("amd64" "386" "arm64")
+	architects=("amd64" "arm64")
 	for arch in "${architects[@]}"; do
 		# TODO support arm, mips ...
-		env GOOS=linux GOARCH=${arch} go build -tags $TAG --ldflags="-s -w" -o $ROOT/installers/edge-installer-dns-helper-linux-${arch} $ROOT/../cmd/installer-dns-helper/main.go
+		env GOOS=linux GOARCH="${arch}" go build -trimpath -tags $TAG --ldflags="-s -w" -o "$ROOT"/installers/edge-installer-dns-helper-linux-"${arch}" "$ROOT"/../cmd/installer-dns-helper/main.go
 	done
 
 	# building api node
-	env GOOS=$OS GOARCH=$ARCH go build -tags $TAG --ldflags="-s -w" -o $DIST/bin/edge-api $ROOT/../cmd/edge-api/main.go
+	env GOOS="$OS" GOARCH="$ARCH" go build -trimpath -tags $TAG --ldflags="-s -w" -o "$DIST"/bin/edge-api "$ROOT"/../cmd/edge-api/main.go
 
 	# delete hidden files
-	find $DIST -name ".DS_Store" -delete
-	find $DIST -name ".gitignore" -delete
+	find "$DIST" -name ".DS_Store" -delete
+	find "$DIST" -name ".gitignore" -delete
 
 	echo "zip files"
 	cd "${DIST}/../" || exit
@@ -135,15 +135,15 @@ function build() {
 
 function lookup-version() {
 	FILE=$1
-	VERSION_DATA=$(cat $FILE)
+	VERSION_DATA=$(cat "$FILE")
 	re="Version[ ]+=[ ]+\"([0-9.]+)\""
 	if [[ $VERSION_DATA =~ $re ]]; then
 		VERSION=${BASH_REMATCH[1]}
-		echo $VERSION
+		echo "$VERSION"
 	else
 		echo "could not match version"
 		exit
 	fi
 }
 
-build $1 $2 $3
+build "$1" "$2" "$3"

cmd/edge-api/main.go

@@ -161,6 +161,20 @@ func main() {
 			}
 		}
 	})
+	app.On("instance", func() {
+		var sock = gosock.NewTmpSock(teaconst.ProcessName)
+		reply, err := sock.Send(&gosock.Command{Code: "instance"})
+		if err != nil {
+			fmt.Println("[ERROR]" + err.Error())
+		} else {
+			replyJSON, err := json.MarshalIndent(reply.Params, "", "  ")
+			if err != nil {
+				fmt.Println("[ERROR]marshal result failed: " + err.Error())
+			} else {
+				fmt.Println(string(replyJSON))
+			}
+		}
+	})
 
 	app.Run(func() {
 		nodes.NewAPINode().Start()

dist/.gitignore

@@ -1 +1,2 @@
-*.zip
+*.zip
+edge-api

go.mod

@@ -1,6 +1,6 @@
 module github.com/TeaOSLab/EdgeAPI
 
-go 1.16
+go 1.18
 
 replace github.com/TeaOSLab/EdgeCommon => ../EdgeCommon
 
@@ -13,8 +13,7 @@ require (
 	github.com/go-sql-driver/mysql v1.5.0
 	github.com/golang/protobuf v1.5.2
 	github.com/iwind/TeaGo v0.0.0-20220408111647-f36b9bba3570
-	github.com/iwind/gosock v0.0.0-20210722083328-12b2d66abec3
-	github.com/json-iterator/go v1.1.12 // indirect
+	github.com/iwind/gosock v0.0.0-20220505115348-f88412125a62
 	github.com/mozillazg/go-pinyin v0.18.0
 	github.com/pkg/sftp v1.12.0
 	github.com/shirou/gopsutil/v3 v3.22.2
@@ -24,3 +23,25 @@ require (
 	google.golang.org/protobuf v1.27.1
 	gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b
 )
+
+require (
+	github.com/cenkalti/backoff/v4 v4.1.1 // indirect
+	github.com/go-ole/go-ole v1.2.6 // indirect
+	github.com/jmespath/go-jmespath v0.4.0 // indirect
+	github.com/json-iterator/go v1.1.12 // indirect
+	github.com/kr/fs v0.1.0 // indirect
+	github.com/lufia/plan9stats v0.0.0-20211012122336-39d0f177ccd0 // indirect
+	github.com/miekg/dns v1.1.43 // indirect
+	github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
+	github.com/modern-go/reflect2 v1.0.2 // indirect
+	github.com/pkg/errors v0.9.1 // indirect
+	github.com/power-devops/perfstat v0.0.0-20210106213030-5aafc221ea8c // indirect
+	github.com/tklauser/go-sysconf v0.3.9 // indirect
+	github.com/tklauser/numcpus v0.3.0 // indirect
+	github.com/yusufpapurcu/wmi v1.2.2 // indirect
+	golang.org/x/net v0.0.0-20220225172249-27dd8689420f // indirect
+	golang.org/x/text v0.3.7 // indirect
+	google.golang.org/genproto v0.0.0-20220317150908-0efb43f6373e // indirect
+	gopkg.in/ini.v1 v1.62.0 // indirect
+	gopkg.in/square/go-jose.v2 v2.6.0 // indirect
+)

go.sum

@@ -66,7 +66,6 @@ github.com/c-bata/go-prompt v0.2.5/go.mod h1:vFnjEGDIIA/Lib7giyE4E9c50Lvl8j0S+7F
 github.com/cenkalti/backoff/v4 v4.1.1 h1:G2HAfAmvm/GcKan2oOQpBXOd2tT2G57ZnZGWa1PxPBQ=
 github.com/cenkalti/backoff/v4 v4.1.1/go.mod h1:scbssz8iZGpm3xbr14ovlUdkxfGXNInqkPWOWmG2CLw=
 github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU=
-github.com/cespare/xxhash v1.1.0 h1:a6HrQnmkObjyL+Gs60czilIUGqrzKutQD6XZog3p+ko=
 github.com/cespare/xxhash v1.1.0/go.mod h1:XrSqR1VqqWfGrhpAt58auRo0WTKS1nRRg3ghfAqPWnc=
 github.com/cespare/xxhash/v2 v2.1.1 h1:6MnRN8NT7+YBpUIWxHtefFZOKTAPgGjpQSxqLNn0+qY=
 github.com/cespare/xxhash/v2 v2.1.1/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs=
@@ -238,14 +237,12 @@ github.com/inconshreveable/mousetrap v1.0.0/go.mod h1:PxqpIevigyE2G7u3NXJIT2ANyt
 github.com/infobloxopen/infoblox-go-client v1.1.1/go.mod h1:BXiw7S2b9qJoM8MS40vfgCNB2NLHGusk1DtO16BD9zI=
 github.com/iwind/TeaGo v0.0.0-20210411134150-ddf57e240c2f/go.mod h1:KU4mS7QNiZ7QWEuDBk1zw0/Q2LrAPZv3tycEFBsuUwc=
 github.com/iwind/TeaGo v0.0.0-20220304043459-0dd944a5b475/go.mod h1:HRHK0zoC/og3c9/hKosD9yYVMTnnzm3PgXUdhRYHaLc=
-github.com/iwind/TeaGo v0.0.0-20220322141208-22f88d04004d h1:e8fkTKras/RXQWECApM9fKlFWujjYjEClpshkmZmtYg=
-github.com/iwind/TeaGo v0.0.0-20220322141208-22f88d04004d/go.mod h1:HRHK0zoC/og3c9/hKosD9yYVMTnnzm3PgXUdhRYHaLc=
-github.com/iwind/TeaGo v0.0.0-20220408064305-92be81dc2f7c h1:ugjYZ74FJGWlfDKKraNgMyDTeS4vbXHe89JGUVQIJMo=
-github.com/iwind/TeaGo v0.0.0-20220408064305-92be81dc2f7c/go.mod h1:HRHK0zoC/og3c9/hKosD9yYVMTnnzm3PgXUdhRYHaLc=
 github.com/iwind/TeaGo v0.0.0-20220408111647-f36b9bba3570 h1:zqz2FiMMkSHXWO1EsTRJDPTwX9xQ4uuyD5GAE4JGlhM=
 github.com/iwind/TeaGo v0.0.0-20220408111647-f36b9bba3570/go.mod h1:HRHK0zoC/og3c9/hKosD9yYVMTnnzm3PgXUdhRYHaLc=
 github.com/iwind/gosock v0.0.0-20210722083328-12b2d66abec3 h1:aBSonas7vFcgTj9u96/bWGILGv1ZbUSTLiOzcI1ZT6c=
 github.com/iwind/gosock v0.0.0-20210722083328-12b2d66abec3/go.mod h1:H5Q7SXwbx3a97ecJkaS2sD77gspzE7HFUafBO0peEyA=
+github.com/iwind/gosock v0.0.0-20220505115348-f88412125a62 h1:HJH6RDheAY156DnIfJSD/bEvqyXzsZuE2gzs8PuUjoo=
+github.com/iwind/gosock v0.0.0-20220505115348-f88412125a62/go.mod h1:H5Q7SXwbx3a97ecJkaS2sD77gspzE7HFUafBO0peEyA=
 github.com/jarcoal/httpmock v1.0.5/go.mod h1:ATjnClrvW/3tijVmpL/va5Z3aAyGvqU3gCT8nX0Txik=
 github.com/jarcoal/httpmock v1.0.6/go.mod h1:ATjnClrvW/3tijVmpL/va5Z3aAyGvqU3gCT8nX0Txik=
 github.com/jmespath/go-jmespath v0.0.0-20180206201540-c2b33e8439af/go.mod h1:Nht3zPeWKUH0NzdCt2Blrr5ys8VGpn0CEB0cQHVjt7k=
@@ -561,7 +558,6 @@ golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod h1:p54w0d4576C0XHj96b
 golang.org/x/net v0.0.0-20210428140749-89ef3d95e781/go.mod h1:OJAsFXCWl8Ukc7SiCT/9KSuxbyM7479/AVlXFRxuMCk=
 golang.org/x/net v0.0.0-20210510120150-4163338589ed/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
 golang.org/x/net v0.0.0-20210614182718-04defd469f4e/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
-golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
 golang.org/x/net v0.0.0-20220225172249-27dd8689420f h1:oA4XRj0qtSt8Yo1Zms0CUlsT3KG69V2UGQWPBxujDmc=
 golang.org/x/net v0.0.0-20220225172249-27dd8689420f/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk=
 golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=

internal/const/const.go

@@ -1,7 +1,7 @@
 package teaconst
 
 const (
-	Version = "0.4.8"
+	Version = "0.4.10"
 
 	ProductName   = "Edge API"
 	ProcessName   = "edge-api"
@@ -18,13 +18,13 @@ const (
 
 	// 其他节点版本号，用来检测是否有需要升级的节点
 
-	NodeVersion          = "0.4.8.1"
-	UserNodeVersion      = "0.3.4"
+	NodeVersion          = "0.4.10"
+	UserNodeVersion      = "0.3.6"
 	AuthorityNodeVersion = "0.0.2"
 	MonitorNodeVersion   = "0.0.4"
-	DNSNodeVersion       = "0.2.3"
+	DNSNodeVersion       = "0.2.4"
 	ReportNodeVersion    = "0.1.1"
 
 	// SQLVersion SQL版本号
-	SQLVersion = "11"
+	SQLVersion = "2"
 )

internal/const/vars.go

@@ -2,9 +2,18 @@
 
 package teaconst
 
-var (
-	IsPlus         = false
-	MaxNodes int32 = 0
-	NodeId   int64 = 0
-	Debug          = false
+import (
+	"crypto/sha1"
+	"fmt"
+	"github.com/iwind/TeaGo/rands"
+	"github.com/iwind/TeaGo/types"
+	"time"
+)
+
+var (
+	IsPlus             = false
+	MaxNodes     int32 = 0
+	NodeId       int64 = 0
+	Debug              = false
+	InstanceCode       = fmt.Sprintf("%x", sha1.Sum([]byte("INSTANCE"+types.String(time.Now().UnixNano())+"@"+types.String(rands.Int64()))))
 )

internal/db/models/acme/acme_authentication_dao.go

@@ -29,7 +29,7 @@ func init() {
 
 // 创建认证信息
 func (this *ACMEAuthenticationDAO) CreateAuth(tx *dbs.Tx, taskId int64, domain string, token string, key string) error {
-	op := NewACMEAuthenticationOperator()
+	var op = NewACMEAuthenticationOperator()
 	op.TaskId = taskId
 	op.Domain = domain
 	op.Token = token

internal/db/models/acme/acme_task_dao.go

@@ -169,7 +169,7 @@ func (this *ACMETaskDAO) ListEnabledACMETasks(tx *dbs.Tx, adminId int64, userId
 
 // CreateACMETask 创建任务
 func (this *ACMETaskDAO) CreateACMETask(tx *dbs.Tx, adminId int64, userId int64, authType acmeutils.AuthType, acmeUserId int64, dnsProviderId int64, dnsDomain string, domains []string, autoRenew bool, authURL string) (int64, error) {
-	op := NewACMETaskOperator()
+	var op = NewACMETaskOperator()
 	op.AdminId = adminId
 	op.UserId = userId
 	op.AuthType = authType
@@ -204,7 +204,7 @@ func (this *ACMETaskDAO) UpdateACMETask(tx *dbs.Tx, acmeTaskId int64, acmeUserId
 		return errors.New("invalid acmeTaskId")
 	}
 
-	op := NewACMETaskOperator()
+	var op = NewACMETaskOperator()
 	op.Id = acmeTaskId
 	op.AcmeUserId = acmeUserId
 	op.DnsProviderId = dnsProviderId
@@ -240,7 +240,7 @@ func (this *ACMETaskDAO) UpdateACMETaskCert(tx *dbs.Tx, taskId int64, certId int
 		return errors.New("invalid taskId")
 	}
 
-	op := NewACMETaskOperator()
+	var op = NewACMETaskOperator()
 	op.Id = taskId
 	op.CertId = certId
 	err := this.Save(tx, op)

internal/db/models/acme/acme_task_log_dao.go

@@ -29,7 +29,7 @@ func init() {
 
 // 生成日志
 func (this *ACMETaskLogDAO) CreateACMETaskLog(tx *dbs.Tx, taskId int64, isOk bool, errMsg string) error {
-	op := NewACMETaskLogOperator()
+	var op = NewACMETaskLogOperator()
 	op.TaskId = taskId
 	op.Error = errMsg
 	op.IsOk = isOk

internal/db/models/acme/acme_user_dao.go

@@ -83,7 +83,7 @@ func (this *ACMEUserDAO) CreateACMEUser(tx *dbs.Tx, adminId int64, userId int64,
 	}
 	privateKeyText := base64.StdEncoding.EncodeToString(privateKeyData)
 
-	op := NewACMEUserOperator()
+	var op = NewACMEUserOperator()
 	op.AdminId = adminId
 	op.UserId = userId
 	op.ProviderCode = providerCode
@@ -104,7 +104,7 @@ func (this *ACMEUserDAO) UpdateACMEUser(tx *dbs.Tx, acmeUserId int64, descriptio
 	if acmeUserId <= 0 {
 		return errors.New("invalid acmeUserId")
 	}
-	op := NewACMEUserOperator()
+	var op = NewACMEUserOperator()
 	op.Id = acmeUserId
 	op.Description = description
 	err := this.Save(tx, op)
@@ -116,7 +116,7 @@ func (this *ACMEUserDAO) UpdateACMEUserRegistration(tx *dbs.Tx, acmeUserId int64
 	if acmeUserId <= 0 {
 		return errors.New("invalid acmeUserId")
 	}
-	op := NewACMEUserOperator()
+	var op = NewACMEUserOperator()
 	op.Id = acmeUserId
 	op.Registration = registrationJSON
 	err := this.Save(tx, op)

internal/db/models/admin_dao.go

@@ -115,7 +115,7 @@ func (this *AdminDAO) UpdateAdminPassword(tx *dbs.Tx, adminId int64, password st
 	if adminId <= 0 {
 		return errors.New("invalid adminId")
 	}
-	op := NewAdminOperator()
+	var op = NewAdminOperator()
 	op.Id = adminId
 	op.Password = stringutil.Md5(password)
 	err := this.Save(tx, op)
@@ -124,7 +124,7 @@ func (this *AdminDAO) UpdateAdminPassword(tx *dbs.Tx, adminId int64, password st
 
 // CreateAdmin 创建管理员
 func (this *AdminDAO) CreateAdmin(tx *dbs.Tx, username string, canLogin bool, password string, fullname string, isSuper bool, modulesJSON []byte) (int64, error) {
-	op := NewAdminOperator()
+	var op = NewAdminOperator()
 	op.IsOn = true
 	op.State = AdminStateEnabled
 	op.Username = username
@@ -149,7 +149,7 @@ func (this *AdminDAO) UpdateAdminInfo(tx *dbs.Tx, adminId int64, fullname string
 	if adminId <= 0 {
 		return errors.New("invalid adminId")
 	}
-	op := NewAdminOperator()
+	var op = NewAdminOperator()
 	op.Id = adminId
 	op.Fullname = fullname
 	err := this.Save(tx, op)
@@ -161,7 +161,7 @@ func (this *AdminDAO) UpdateAdmin(tx *dbs.Tx, adminId int64, username string, ca
 	if adminId <= 0 {
 		return errors.New("invalid adminId")
 	}
-	op := NewAdminOperator()
+	var op = NewAdminOperator()
 	op.Id = adminId
 	op.Fullname = fullname
 	op.Username = username
@@ -198,7 +198,7 @@ func (this *AdminDAO) UpdateAdminLogin(tx *dbs.Tx, adminId int64, username strin
 	if adminId <= 0 {
 		return errors.New("invalid adminId")
 	}
-	op := NewAdminOperator()
+	var op = NewAdminOperator()
 	op.Id = adminId
 	op.Username = username
 	if len(password) > 0 {
@@ -213,7 +213,7 @@ func (this *AdminDAO) UpdateAdminModules(tx *dbs.Tx, adminId int64, allowModules
 	if adminId <= 0 {
 		return errors.New("invalid adminId")
 	}
-	op := NewAdminOperator()
+	var op = NewAdminOperator()
 	op.Id = adminId
 	op.Modules = allowModulesJSON
 	err := this.Save(tx, op)

internal/db/models/api_access_token_dao.go

@@ -56,7 +56,7 @@ func (this *APIAccessTokenDAO) GenerateAccessToken(tx *dbs.Tx, adminId int64, us
 	token = rands.String(128) // TODO 增强安全性，将来使用 base64_encode(encrypt(salt+random)) 算法来代替
 	expiresAt = time.Now().Unix() + 7200
 
-	op := NewAPIAccessTokenOperator()
+	var op = NewAPIAccessTokenOperator()
 
 	if accessToken != nil {
 		op.Id = accessToken.(*APIAccessToken).Id

internal/db/models/api_node_dao.go

@@ -58,15 +58,22 @@ func (this *APINodeDAO) EnableAPINode(tx *dbs.Tx, id int64) error {
 }
 
 // DisableAPINode 禁用条目
-func (this *APINodeDAO) DisableAPINode(tx *dbs.Tx, id int64) error {
+func (this *APINodeDAO) DisableAPINode(tx *dbs.Tx, nodeId int64) error {
 	_, err := this.Query(tx).
-		Pk(id).
+		Pk(nodeId).
 		Set("state", APINodeStateDisabled).
 		Update()
 	if err != nil {
 		return err
 	}
-	return this.NotifyUpdate(tx, id)
+
+	err = this.NotifyUpdate(tx, nodeId)
+	if err != nil {
+		return err
+	}
+
+	// 删除运行日志
+	return SharedNodeLogDAO.DeleteNodeLogs(tx, nodeconfigs.NodeRoleAPI, nodeId)
 }
 
 // FindEnabledAPINode 查找启用中的条目
@@ -127,7 +134,7 @@ func (this *APINodeDAO) CreateAPINode(tx *dbs.Tx, name string, description strin
 		return
 	}
 
-	op := NewAPINodeOperator()
+	var op = NewAPINodeOperator()
 	op.IsOn = isOn
 	op.UniqueId = uniqueId
 	op.Secret = secret

internal/db/models/api_token_dao.go

@@ -112,7 +112,7 @@ func (this *ApiTokenDAO) FindEnabledTokenWithRole(tx *dbs.Tx, role string) (*Api
 
 // CreateAPIToken 保存API Token
 func (this *ApiTokenDAO) CreateAPIToken(tx *dbs.Tx, nodeId string, secret string, role nodeconfigs.NodeRole) error {
-	op := NewApiTokenOperator()
+	var op = NewApiTokenOperator()
 	op.NodeId = nodeId
 	op.Secret = secret
 	op.Role = role

internal/db/models/authority/authority_key_dao.go

@@ -42,7 +42,7 @@ func (this *AuthorityKeyDAO) UpdateKey(tx *dbs.Tx, value string, dayFrom string,
 	if err != nil {
 		return err
 	}
-	op := NewAuthorityKeyOperator()
+	var op = NewAuthorityKeyOperator()
 	if one != nil {
 		op.Id = one.(*AuthorityKey).Id
 	}

internal/db/models/authority/authority_node_dao.go

@@ -120,7 +120,7 @@ func (this *AuthorityNodeDAO) CreateAuthorityNode(tx *dbs.Tx, name string, descr
 		return
 	}
 
-	op := NewAuthorityNodeOperator()
+	var op = NewAuthorityNodeOperator()
 	op.IsOn = isOn
 	op.UniqueId = uniqueId
 	op.Secret = secret
@@ -141,7 +141,7 @@ func (this *AuthorityNodeDAO) UpdateAuthorityNode(tx *dbs.Tx, nodeId int64, name
 		return errors.New("invalid nodeId")
 	}
 
-	op := NewAuthorityNodeOperator()
+	var op = NewAuthorityNodeOperator()
 	op.Id = nodeId
 	op.Name = name
 	op.Description = description

internal/db/models/client_browser_dao.go

@@ -125,7 +125,7 @@ func (this *ClientBrowserDAO) CreateBrowser(tx *dbs.Tx, browserName string) (int
 		return browserId, nil
 	}
 
-	op := NewClientBrowserOperator()
+	var op = NewClientBrowserOperator()
 	op.Name = browserName
 	codes := []string{browserName}
 	codesJSON, err := json.Marshal(codes)

internal/db/models/client_system_dao.go

@@ -125,7 +125,7 @@ func (this *ClientSystemDAO) CreateSystem(tx *dbs.Tx, systemName string) (int64,
 		return systemId, nil
 	}
 
-	op := NewClientSystemOperator()
+	var op = NewClientSystemOperator()
 	op.Name = systemName
 
 	codes := []string{systemName}

internal/db/models/db_node_dao.go

@@ -4,6 +4,7 @@ import (
 	"encoding/base64"
 	"github.com/TeaOSLab/EdgeAPI/internal/encrypt"
 	"github.com/TeaOSLab/EdgeAPI/internal/errors"
+	"github.com/TeaOSLab/EdgeCommon/pkg/nodeconfigs"
 	_ "github.com/go-sql-driver/mysql"
 	"github.com/iwind/TeaGo/Tea"
 	"github.com/iwind/TeaGo/dbs"
@@ -49,12 +50,17 @@ func (this *DBNodeDAO) EnableDBNode(tx *dbs.Tx, id int64) error {
 }
 
 // DisableDBNode 禁用条目
-func (this *DBNodeDAO) DisableDBNode(tx *dbs.Tx, id int64) error {
+func (this *DBNodeDAO) DisableDBNode(tx *dbs.Tx, nodeId int64) error {
 	_, err := this.Query(tx).
-		Pk(id).
+		Pk(nodeId).
 		Set("state", DBNodeStateDisabled).
 		Update()
-	return err
+	if err != nil {
+		return err
+	}
+
+	// 删除运行日志
+	return SharedNodeLogDAO.DeleteNodeLogs(tx, nodeconfigs.NodeRoleDatabase, nodeId)
 }
 
 // FindEnabledDBNode 查找启用中的条目
@@ -103,7 +109,7 @@ func (this *DBNodeDAO) ListEnabledNodes(tx *dbs.Tx, offset int64, size int64) (r
 
 // CreateDBNode 创建节点
 func (this *DBNodeDAO) CreateDBNode(tx *dbs.Tx, isOn bool, name string, description string, host string, port int32, database string, username string, password string, charset string) (int64, error) {
-	op := NewDBNodeOperator()
+	var op = NewDBNodeOperator()
 	op.State = NodeStateEnabled
 	op.IsOn = isOn
 	op.Name = name
@@ -126,7 +132,7 @@ func (this *DBNodeDAO) UpdateNode(tx *dbs.Tx, nodeId int64, isOn bool, name stri
 	if nodeId <= 0 {
 		return errors.New("invalid nodeId")
 	}
-	op := NewDBNodeOperator()
+	var op = NewDBNodeOperator()
 	op.Id = nodeId
 	op.IsOn = isOn
 	op.Name = name

internal/db/models/dns/dns_domain_dao.go

@@ -91,7 +91,7 @@ func (this *DNSDomainDAO) FindDNSDomainName(tx *dbs.Tx, id int64) (string, error
 
 // CreateDomain 创建域名
 func (this *DNSDomainDAO) CreateDomain(tx *dbs.Tx, adminId int64, userId int64, providerId int64, name string) (int64, error) {
-	op := NewDNSDomainOperator()
+	var op = NewDNSDomainOperator()
 	op.ProviderId = providerId
 	op.AdminId = adminId
 	op.UserId = userId
@@ -111,7 +111,7 @@ func (this *DNSDomainDAO) UpdateDomain(tx *dbs.Tx, domainId int64, name string,
 	if domainId <= 0 {
 		return errors.New("invalid domainId")
 	}
-	op := NewDNSDomainOperator()
+	var op = NewDNSDomainOperator()
 	op.Id = domainId
 	op.Name = name
 	op.IsOn = isOn
@@ -146,7 +146,7 @@ func (this *DNSDomainDAO) UpdateDomainData(tx *dbs.Tx, domainId int64, data stri
 	if domainId <= 0 {
 		return errors.New("invalid domainId")
 	}
-	op := NewDNSDomainOperator()
+	var op = NewDNSDomainOperator()
 	op.Id = domainId
 	op.Data = data
 	err := this.Save(tx, op)
@@ -158,7 +158,7 @@ func (this *DNSDomainDAO) UpdateDomainRecords(tx *dbs.Tx, domainId int64, record
 	if domainId <= 0 {
 		return errors.New("invalid domainId")
 	}
-	op := NewDNSDomainOperator()
+	var op = NewDNSDomainOperator()
 	op.Id = domainId
 	op.Records = recordsJSON
 	op.DataUpdatedAt = time.Now().Unix()
@@ -171,7 +171,7 @@ func (this *DNSDomainDAO) UpdateDomainRoutes(tx *dbs.Tx, domainId int64, routesJ
 	if domainId <= 0 {
 		return errors.New("invalid domainId")
 	}
-	op := NewDNSDomainOperator()
+	var op = NewDNSDomainOperator()
 	op.Id = domainId
 	op.Routes = routesJSON
 	op.DataUpdatedAt = time.Now().Unix()

internal/db/models/dns/dns_provider_dao.go

@@ -68,7 +68,7 @@ func (this *DNSProviderDAO) FindEnabledDNSProvider(tx *dbs.Tx, id int64) (*DNSPr
 
 // CreateDNSProvider 创建服务商
 func (this *DNSProviderDAO) CreateDNSProvider(tx *dbs.Tx, adminId int64, userId int64, providerType string, name string, apiParamsJSON []byte) (int64, error) {
-	op := NewDNSProviderOperator()
+	var op = NewDNSProviderOperator()
 	op.AdminId = adminId
 	op.UserId = userId
 	op.Type = providerType
@@ -90,7 +90,7 @@ func (this *DNSProviderDAO) UpdateDNSProvider(tx *dbs.Tx, dnsProviderId int64, n
 		return errors.New("invalid dnsProviderId")
 	}
 
-	op := NewDNSProviderOperator()
+	var op = NewDNSProviderOperator()
 	op.Id = dnsProviderId
 	op.Name = name
 

internal/db/models/dns/dns_task_dao.go

@@ -143,7 +143,7 @@ func (this *DNSTaskDAO) UpdateDNSTaskError(tx *dbs.Tx, taskId int64, err string)
 	if taskId <= 0 {
 		return errors.New("invalid taskId")
 	}
-	op := NewDNSTaskOperator()
+	var op = NewDNSTaskOperator()
 	op.Id = taskId
 	op.IsDone = true
 	op.Error = err
@@ -156,7 +156,7 @@ func (this *DNSTaskDAO) UpdateDNSTaskDone(tx *dbs.Tx, taskId int64) error {
 	if taskId <= 0 {
 		return errors.New("invalid taskId")
 	}
-	op := NewDNSTaskOperator()
+	var op = NewDNSTaskOperator()
 	op.Id = taskId
 	op.IsDone = true
 	op.IsOk = true

internal/db/models/file_chunk_dao.go

@@ -29,9 +29,9 @@ func init() {
 	})
 }
 
-// 创建文件Chunk
+// CreateFileChunk 创建文件Chunk
 func (this *FileChunkDAO) CreateFileChunk(tx *dbs.Tx, fileId int64, data []byte) (int64, error) {
-	op := NewFileChunkOperator()
+	var op = NewFileChunkOperator()
 	op.FileId = fileId
 	op.Data = data
 	err := this.Save(tx, op)
@@ -41,7 +41,7 @@ func (this *FileChunkDAO) CreateFileChunk(tx *dbs.Tx, fileId int64, data []byte)
 	return types.Int64(op.Id), nil
 }
 
-// 列出所有的文件Chunk
+// FindAllFileChunks 列出所有的文件Chunk
 func (this *FileChunkDAO) FindAllFileChunks(tx *dbs.Tx, fileId int64) (result []*FileChunk, err error) {
 	_, err = this.Query(tx).
 		Attr("fileId", fileId).
@@ -51,7 +51,7 @@ func (this *FileChunkDAO) FindAllFileChunks(tx *dbs.Tx, fileId int64) (result []
 	return
 }
 
-// 读取文件的所有片段ID
+// FindAllFileChunkIds 读取文件的所有片段ID
 func (this *FileChunkDAO) FindAllFileChunkIds(tx *dbs.Tx, fileId int64) ([]int64, error) {
 	ones, err := this.Query(tx).
 		Attr("fileId", fileId).
@@ -68,7 +68,7 @@ func (this *FileChunkDAO) FindAllFileChunkIds(tx *dbs.Tx, fileId int64) ([]int64
 	return result, nil
 }
 
-// 删除以前的文件
+// DeleteFileChunks 删除以前的文件
 func (this *FileChunkDAO) DeleteFileChunks(tx *dbs.Tx, fileId int64) error {
 	if fileId <= 0 {
 		return errors.New("invalid fileId")
@@ -79,7 +79,7 @@ func (this *FileChunkDAO) DeleteFileChunks(tx *dbs.Tx, fileId int64) error {
 	return err
 }
 
-// 根据ID查找片段
+// FindFileChunk 根据ID查找片段
 func (this *FileChunkDAO) FindFileChunk(tx *dbs.Tx, chunkId int64) (*FileChunk, error) {
 	one, err := this.Query(tx).
 		Pk(chunkId).

internal/db/models/file_dao.go

@@ -1,6 +1,7 @@
 package models
 
 import (
+	"github.com/TeaOSLab/EdgeAPI/internal/utils"
 	_ "github.com/go-sql-driver/mysql"
 	"github.com/iwind/TeaGo/Tea"
 	"github.com/iwind/TeaGo/dbs"
@@ -33,7 +34,7 @@ func init() {
 	})
 }
 
-// 启用条目
+// EnableFile 启用条目
 func (this *FileDAO) EnableFile(tx *dbs.Tx, id int64) error {
 	_, err := this.Query(tx).
 		Pk(id).
@@ -42,7 +43,7 @@ func (this *FileDAO) EnableFile(tx *dbs.Tx, id int64) error {
 	return err
 }
 
-// 禁用条目
+// DisableFile 禁用条目
 func (this *FileDAO) DisableFile(tx *dbs.Tx, id int64) error {
 	_, err := this.Query(tx).
 		Pk(id).
@@ -51,7 +52,7 @@ func (this *FileDAO) DisableFile(tx *dbs.Tx, id int64) error {
 	return err
 }
 
-// 查找启用中的条目
+// FindEnabledFile 查找启用中的条目
 func (this *FileDAO) FindEnabledFile(tx *dbs.Tx, id int64) (*File, error) {
 	result, err := this.Query(tx).
 		Pk(id).
@@ -63,9 +64,9 @@ func (this *FileDAO) FindEnabledFile(tx *dbs.Tx, id int64) (*File, error) {
 	return result.(*File), err
 }
 
-// 创建文件
-func (this *FileDAO) CreateFile(tx *dbs.Tx, adminId int64, userId int64, businessType, description string, filename string, size int64, isPublic bool) (int64, error) {
-	op := NewFileOperator()
+// CreateFile 创建文件
+func (this *FileDAO) CreateFile(tx *dbs.Tx, adminId int64, userId int64, businessType string, description string, filename string, size int64, mimeType string, isPublic bool) (int64, error) {
+	var op = NewFileOperator()
 	op.AdminId = adminId
 	op.UserId = userId
 	op.Type = businessType
@@ -74,6 +75,8 @@ func (this *FileDAO) CreateFile(tx *dbs.Tx, adminId int64, userId int64, busines
 	op.Size = size
 	op.Filename = filename
 	op.IsPublic = isPublic
+	op.Code = utils.Sha1RandomString()
+	op.MimeType = mimeType
 	err := this.Save(tx, op)
 	if err != nil {
 		return 0, err
@@ -82,7 +85,22 @@ func (this *FileDAO) CreateFile(tx *dbs.Tx, adminId int64, userId int64, busines
 	return types.Int64(op.Id), nil
 }
 
-// 将文件置为已完成
+// CheckUserFile 检查用户ID
+func (this *FileDAO) CheckUserFile(tx *dbs.Tx, userId int64, fileId int64) error {
+	b, err := this.Query(tx).
+		Pk(fileId).
+		Attr("userId", userId).
+		Exist()
+	if err != nil {
+		return err
+	}
+	if !b {
+		return ErrNotFound
+	}
+	return nil
+}
+
+// UpdateFileIsFinished 将文件置为已完成
 func (this *FileDAO) UpdateFileIsFinished(tx *dbs.Tx, fileId int64) error {
 	_, err := this.Query(tx).
 		Pk(fileId).

internal/db/models/file_model.go

@@ -1,13 +1,15 @@
 package models
 
-// 文件管理
+// File 文件管理
 type File struct {
 	Id          uint32 `field:"id"`          // ID
 	AdminId     uint32 `field:"adminId"`     // 管理员ID
+	Code        string `field:"code"`        // 代号
 	UserId      uint32 `field:"userId"`      // 用户ID
 	Description string `field:"description"` // 文件描述
 	Filename    string `field:"filename"`    // 文件名
 	Size        uint32 `field:"size"`        // 文件尺寸
+	MimeType    string `field:"mimeType"`    // Mime类型
 	CreatedAt   uint64 `field:"createdAt"`   // 创建时间
 	Order       uint32 `field:"order"`       // 排序
 	Type        string `field:"type"`        // 类型
@@ -19,10 +21,12 @@ type File struct {
 type FileOperator struct {
 	Id          interface{} // ID
 	AdminId     interface{} // 管理员ID
+	Code        interface{} // 代号
 	UserId      interface{} // 用户ID
 	Description interface{} // 文件描述
 	Filename    interface{} // 文件名
 	Size        interface{} // 文件尺寸
+	MimeType    interface{} // Mime类型
 	CreatedAt   interface{} // 创建时间
 	Order       interface{} // 排序
 	Type        interface{} // 类型

internal/db/models/http_auth_policy_dao.go

@@ -69,7 +69,7 @@ func (this *HTTPAuthPolicyDAO) FindEnabledHTTPAuthPolicy(tx *dbs.Tx, id int64) (
 
 // CreateHTTPAuthPolicy 创建策略
 func (this *HTTPAuthPolicyDAO) CreateHTTPAuthPolicy(tx *dbs.Tx, name string, methodType string, paramsJSON []byte) (int64, error) {
-	op := NewHTTPAuthPolicyOperator()
+	var op = NewHTTPAuthPolicyOperator()
 	op.Name = name
 	op.Type = methodType
 	op.Params = paramsJSON
@@ -83,7 +83,7 @@ func (this *HTTPAuthPolicyDAO) UpdateHTTPAuthPolicy(tx *dbs.Tx, policyId int64,
 	if policyId <= 0 {
 		return errors.New("invalid policyId")
 	}
-	op := NewHTTPAuthPolicyOperator()
+	var op = NewHTTPAuthPolicyOperator()
 	op.Id = policyId
 	op.Name = name
 	op.Params = paramsJSON

internal/db/models/http_brotli_policy_dao.go

@@ -113,7 +113,7 @@ func (this *HTTPBrotliPolicyDAO) ComposeBrotliConfig(tx *dbs.Tx, policyId int64)
 
 // CreatePolicy 创建策略
 func (this *HTTPBrotliPolicyDAO) CreatePolicy(tx *dbs.Tx, level int, minLengthJSON []byte, maxLengthJSON []byte, condsJSON []byte) (int64, error) {
-	op := NewHTTPBrotliPolicyOperator()
+	var op = NewHTTPBrotliPolicyOperator()
 	op.State = HTTPBrotliPolicyStateEnabled
 	op.IsOn = true
 	op.Level = level
@@ -138,7 +138,7 @@ func (this *HTTPBrotliPolicyDAO) UpdatePolicy(tx *dbs.Tx, policyId int64, level
 	if policyId <= 0 {
 		return errors.New("invalid policyId")
 	}
-	op := NewHTTPBrotliPolicyOperator()
+	var op = NewHTTPBrotliPolicyOperator()
 	op.Id = policyId
 	op.Level = level
 	if len(minLengthJSON) > 0 {

internal/db/models/http_cache_policy_dao.go

@@ -97,7 +97,7 @@ func (this *HTTPCachePolicyDAO) FindAllEnabledCachePolicies(tx *dbs.Tx) (result
 
 // CreateCachePolicy 创建缓存策略
 func (this *HTTPCachePolicyDAO) CreateCachePolicy(tx *dbs.Tx, isOn bool, name string, description string, capacityJSON []byte, maxKeys int64, maxSizeJSON []byte, storageType string, storageOptionsJSON []byte, syncCompressionCache bool) (int64, error) {
-	op := NewHTTPCachePolicyOperator()
+	var op = NewHTTPCachePolicyOperator()
 	op.State = HTTPCachePolicyStateEnabled
 	op.IsOn = isOn
 	op.Name = name
@@ -209,7 +209,7 @@ func (this *HTTPCachePolicyDAO) UpdateCachePolicy(tx *dbs.Tx, policyId int64, is
 		return errors.New("invalid policyId")
 	}
 
-	op := NewHTTPCachePolicyOperator()
+	var op = NewHTTPCachePolicyOperator()
 	op.Id = policyId
 	op.IsOn = isOn
 	op.Name = name

internal/db/models/http_deflate_policy_dao.go

@@ -113,7 +113,7 @@ func (this *HTTPDeflatePolicyDAO) ComposeDeflateConfig(tx *dbs.Tx, policyId int6
 
 // CreatePolicy 创建策略
 func (this *HTTPDeflatePolicyDAO) CreatePolicy(tx *dbs.Tx, level int, minLengthJSON []byte, maxLengthJSON []byte, condsJSON []byte) (int64, error) {
-	op := NewHTTPDeflatePolicyOperator()
+	var op = NewHTTPDeflatePolicyOperator()
 	op.State = HTTPDeflatePolicyStateEnabled
 	op.IsOn = true
 	op.Level = level
@@ -138,7 +138,7 @@ func (this *HTTPDeflatePolicyDAO) UpdatePolicy(tx *dbs.Tx, policyId int64, level
 	if policyId <= 0 {
 		return errors.New("invalid policyId")
 	}
-	op := NewHTTPDeflatePolicyOperator()
+	var op = NewHTTPDeflatePolicyOperator()
 	op.Id = policyId
 	op.Level = level
 	if len(minLengthJSON) > 0 {

internal/db/models/http_fastcgi_dao.go

@@ -121,7 +121,7 @@ func (this *HTTPFastcgiDAO) ComposeFastcgiConfig(tx *dbs.Tx, fastcgiId int64) (*
 
 // CreateFastcgi 创建Fastcgi
 func (this *HTTPFastcgiDAO) CreateFastcgi(tx *dbs.Tx, adminId int64, userId int64, isOn bool, address string, paramsJSON []byte, readTimeoutJSON []byte, connTimeoutJSON []byte, poolSize int32, pathInfoPattern string) (int64, error) {
-	op := NewHTTPFastcgiOperator()
+	var op = NewHTTPFastcgiOperator()
 	op.AdminId = adminId
 	op.UserId = userId
 	op.IsOn = isOn
@@ -147,7 +147,7 @@ func (this *HTTPFastcgiDAO) UpdateFastcgi(tx *dbs.Tx, fastcgiId int64, isOn bool
 	if fastcgiId <= 0 {
 		return errors.New("invalid 'fastcgiId'")
 	}
-	op := NewHTTPFastcgiOperator()
+	var op = NewHTTPFastcgiOperator()
 	op.Id = fastcgiId
 	op.IsOn = isOn
 	op.Address = address

internal/db/models/http_firewall_policy_dao.go

@@ -233,7 +233,7 @@ func (this *HTTPFirewallPolicyDAO) UpdateFirewallPolicyInboundAndOutbound(tx *db
 	if policyId <= 0 {
 		return errors.New("invalid policyId")
 	}
-	op := NewHTTPFirewallPolicyOperator()
+	var op = NewHTTPFirewallPolicyOperator()
 	op.Id = policyId
 	if len(inboundJSON) > 0 {
 		op.Inbound = inboundJSON
@@ -262,7 +262,7 @@ func (this *HTTPFirewallPolicyDAO) UpdateFirewallPolicyInbound(tx *dbs.Tx, polic
 	if policyId <= 0 {
 		return errors.New("invalid policyId")
 	}
-	op := NewHTTPFirewallPolicyOperator()
+	var op = NewHTTPFirewallPolicyOperator()
 	op.Id = policyId
 	if len(inboundJSON) > 0 {
 		op.Inbound = inboundJSON

internal/db/models/http_firewall_rule_dao.go

@@ -116,7 +116,7 @@ func (this *HTTPFirewallRuleDAO) ComposeFirewallRule(tx *dbs.Tx, ruleId int64) (
 
 // CreateOrUpdateRuleFromConfig 从配置中配置规则
 func (this *HTTPFirewallRuleDAO) CreateOrUpdateRuleFromConfig(tx *dbs.Tx, ruleConfig *firewallconfigs.HTTPFirewallRule) (int64, error) {
-	op := NewHTTPFirewallRuleOperator()
+	var op = NewHTTPFirewallRuleOperator()
 	op.Id = ruleConfig.Id
 	op.State = HTTPFirewallRuleStateEnabled
 	op.IsOn = ruleConfig.IsOn

internal/db/models/http_firewall_rule_group_dao.go

@@ -120,7 +120,7 @@ func (this *HTTPFirewallRuleGroupDAO) ComposeFirewallRuleGroup(tx *dbs.Tx, group
 
 // CreateGroupFromConfig 从配置中创建分组
 func (this *HTTPFirewallRuleGroupDAO) CreateGroupFromConfig(tx *dbs.Tx, groupConfig *firewallconfigs.HTTPFirewallRuleGroup) (int64, error) {
-	op := NewHTTPFirewallRuleGroupOperator()
+	var op = NewHTTPFirewallRuleGroupOperator()
 	op.IsOn = groupConfig.IsOn
 	op.Name = groupConfig.Name
 	op.Description = groupConfig.Description
@@ -166,7 +166,7 @@ func (this *HTTPFirewallRuleGroupDAO) UpdateGroupIsOn(tx *dbs.Tx, groupId int64,
 
 // CreateGroup 创建分组
 func (this *HTTPFirewallRuleGroupDAO) CreateGroup(tx *dbs.Tx, isOn bool, name string, code string, description string) (int64, error) {
-	op := NewHTTPFirewallRuleGroupOperator()
+	var op = NewHTTPFirewallRuleGroupOperator()
 	op.State = HTTPFirewallRuleStateEnabled
 	op.IsOn = isOn
 	op.Name = name
@@ -184,7 +184,7 @@ func (this *HTTPFirewallRuleGroupDAO) UpdateGroup(tx *dbs.Tx, groupId int64, isO
 	if groupId <= 0 {
 		return errors.New("invalid groupId")
 	}
-	op := NewHTTPFirewallRuleGroupOperator()
+	var op = NewHTTPFirewallRuleGroupOperator()
 	op.Id = groupId
 	op.IsOn = isOn
 	op.Name = name
@@ -202,7 +202,7 @@ func (this *HTTPFirewallRuleGroupDAO) UpdateGroupSets(tx *dbs.Tx, groupId int64,
 	if groupId <= 0 {
 		return errors.New("invalid groupId")
 	}
-	op := NewHTTPFirewallRuleGroupOperator()
+	var op = NewHTTPFirewallRuleGroupOperator()
 	op.Id = groupId
 	op.Sets = setRefsJSON
 	err := this.Save(tx, op)

internal/db/models/http_firewall_rule_set_dao.go

@@ -133,7 +133,7 @@ func (this *HTTPFirewallRuleSetDAO) ComposeFirewallRuleSet(tx *dbs.Tx, setId int
 
 // CreateOrUpdateSetFromConfig 从配置中创建规则集
 func (this *HTTPFirewallRuleSetDAO) CreateOrUpdateSetFromConfig(tx *dbs.Tx, setConfig *firewallconfigs.HTTPFirewallRuleSet) (int64, error) {
-	op := NewHTTPFirewallRuleSetOperator()
+	var op = NewHTTPFirewallRuleSetOperator()
 	op.State = HTTPFirewallRuleSetStateEnabled
 	op.Id = setConfig.Id
 	op.IsOn = setConfig.IsOn

internal/db/models/http_gzip_dao.go

@@ -121,7 +121,7 @@ func (this *HTTPGzipDAO) ComposeGzipConfig(tx *dbs.Tx, gzipId int64) (*servercon
 
 // CreateGzip 创建Gzip
 func (this *HTTPGzipDAO) CreateGzip(tx *dbs.Tx, level int, minLengthJSON []byte, maxLengthJSON []byte, condsJSON []byte) (int64, error) {
-	op := NewHTTPGzipOperator()
+	var op = NewHTTPGzipOperator()
 	op.State = HTTPGzipStateEnabled
 	op.IsOn = true
 	op.Level = level
@@ -146,7 +146,7 @@ func (this *HTTPGzipDAO) UpdateGzip(tx *dbs.Tx, gzipId int64, level int, minLeng
 	if gzipId <= 0 {
 		return errors.New("invalid gzipId")
 	}
-	op := NewHTTPGzipOperator()
+	var op = NewHTTPGzipOperator()
 	op.Id = gzipId
 	op.Level = level
 	if len(minLengthJSON) > 0 {

internal/db/models/http_header_dao.go

@@ -81,7 +81,7 @@ func (this *HTTPHeaderDAO) FindHTTPHeaderName(tx *dbs.Tx, id int64) (string, err
 
 // CreateHeader 创建Header
 func (this *HTTPHeaderDAO) CreateHeader(tx *dbs.Tx, userId int64, name string, value string, status []int, disableRedirect bool, shouldAppend bool, shouldReplace bool, replaceValues []*shared.HTTPHeaderReplaceValue, methods []string, domains []string) (int64, error) {
-	op := NewHTTPHeaderOperator()
+	var op = NewHTTPHeaderOperator()
 	op.UserId = userId
 	op.State = HTTPHeaderStateEnabled
 	op.IsOn = true
@@ -156,7 +156,7 @@ func (this *HTTPHeaderDAO) UpdateHeader(tx *dbs.Tx, headerId int64, name string,
 		return errors.New("invalid headerId")
 	}
 
-	op := NewHTTPHeaderOperator()
+	var op = NewHTTPHeaderOperator()
 	op.Id = headerId
 	op.Name = name
 	op.Value = value

internal/db/models/http_header_policy_dao.go

@@ -77,7 +77,7 @@ func (this *HTTPHeaderPolicyDAO) FindEnabledHTTPHeaderPolicy(tx *dbs.Tx, id int6
 
 // CreateHeaderPolicy 创建策略
 func (this *HTTPHeaderPolicyDAO) CreateHeaderPolicy(tx *dbs.Tx) (int64, error) {
-	op := NewHTTPHeaderPolicyOperator()
+	var op = NewHTTPHeaderPolicyOperator()
 	op.IsOn = true
 	op.State = HTTPHeaderPolicyStateEnabled
 	err := this.Save(tx, op)
@@ -93,7 +93,7 @@ func (this *HTTPHeaderPolicyDAO) UpdateAddingHeaders(tx *dbs.Tx, policyId int64,
 		return errors.New("invalid policyId")
 	}
 
-	op := NewHTTPHeaderPolicyOperator()
+	var op = NewHTTPHeaderPolicyOperator()
 	op.Id = policyId
 	op.AddHeaders = headersJSON
 	err := this.Save(tx, op)
@@ -109,7 +109,7 @@ func (this *HTTPHeaderPolicyDAO) UpdateSettingHeaders(tx *dbs.Tx, policyId int64
 		return errors.New("invalid policyId")
 	}
 
-	op := NewHTTPHeaderPolicyOperator()
+	var op = NewHTTPHeaderPolicyOperator()
 	op.Id = policyId
 	op.SetHeaders = headersJSON
 	err := this.Save(tx, op)
@@ -125,7 +125,7 @@ func (this *HTTPHeaderPolicyDAO) UpdateReplacingHeaders(tx *dbs.Tx, policyId int
 		return errors.New("invalid policyId")
 	}
 
-	op := NewHTTPHeaderPolicyOperator()
+	var op = NewHTTPHeaderPolicyOperator()
 	op.Id = policyId
 	op.ReplaceHeaders = headersJSON
 	err := this.Save(tx, op)
@@ -141,7 +141,7 @@ func (this *HTTPHeaderPolicyDAO) UpdateAddingTrailers(tx *dbs.Tx, policyId int64
 		return errors.New("invalid policyId")
 	}
 
-	op := NewHTTPHeaderPolicyOperator()
+	var op = NewHTTPHeaderPolicyOperator()
 	op.Id = policyId
 	op.AddTrailers = headersJSON
 	err := this.Save(tx, op)
@@ -162,7 +162,7 @@ func (this *HTTPHeaderPolicyDAO) UpdateDeletingHeaders(tx *dbs.Tx, policyId int6
 		return err
 	}
 
-	op := NewHTTPHeaderPolicyOperator()
+	var op = NewHTTPHeaderPolicyOperator()
 	op.Id = policyId
 	op.DeleteHeaders = string(namesJSON)
 	err = this.Save(tx, op)

internal/db/models/http_location_dao.go

@@ -87,7 +87,7 @@ func (this *HTTPLocationDAO) FindHTTPLocationName(tx *dbs.Tx, id int64) (string,
 
 // CreateLocation 创建路由规则
 func (this *HTTPLocationDAO) CreateLocation(tx *dbs.Tx, parentId int64, name string, pattern string, description string, isBreak bool, condsJSON []byte, domains []string) (int64, error) {
-	op := NewHTTPLocationOperator()
+	var op = NewHTTPLocationOperator()
 	op.IsOn = true
 	op.State = HTTPLocationStateEnabled
 	op.ParentId = parentId
@@ -121,7 +121,7 @@ func (this *HTTPLocationDAO) UpdateLocation(tx *dbs.Tx, locationId int64, name s
 	if locationId <= 0 {
 		return errors.New("invalid locationId")
 	}
-	op := NewHTTPLocationOperator()
+	var op = NewHTTPLocationOperator()
 	op.Id = locationId
 	op.Name = name
 	op.Pattern = pattern
@@ -257,7 +257,7 @@ func (this *HTTPLocationDAO) UpdateLocationReverseProxy(tx *dbs.Tx, locationId i
 	if locationId <= 0 {
 		return errors.New("invalid locationId")
 	}
-	op := NewHTTPLocationOperator()
+	var op = NewHTTPLocationOperator()
 	op.Id = locationId
 	op.ReverseProxy = JSONBytes(reverseProxyJSON)
 	err := this.Save(tx, op)
@@ -281,7 +281,7 @@ func (this *HTTPLocationDAO) UpdateLocationWeb(tx *dbs.Tx, locationId int64, web
 	if locationId <= 0 {
 		return errors.New("invalid locationId")
 	}
-	op := NewHTTPLocationOperator()
+	var op = NewHTTPLocationOperator()
 	op.Id = locationId
 	op.WebId = webId
 	err := this.Save(tx, op)

internal/db/models/http_page_dao.go

@@ -78,7 +78,7 @@ func (this *HTTPPageDAO) FindEnabledHTTPPage(tx *dbs.Tx, id int64) (*HTTPPage, e
 
 // CreatePage 创建Page
 func (this *HTTPPageDAO) CreatePage(tx *dbs.Tx, userId int64, statusList []string, bodyType shared.BodyType, url string, body string, newStatus int) (pageId int64, err error) {
-	op := NewHTTPPageOperator()
+	var op = NewHTTPPageOperator()
 	op.UserId = userId
 	op.IsOn = true
 	op.State = HTTPPageStateEnabled
@@ -108,7 +108,7 @@ func (this *HTTPPageDAO) UpdatePage(tx *dbs.Tx, pageId int64, statusList []strin
 		return errors.New("invalid pageId")
 	}
 
-	op := NewHTTPPageOperator()
+	var op = NewHTTPPageOperator()
 	op.Id = pageId
 	op.IsOn = true
 	op.State = HTTPPageStateEnabled

internal/db/models/http_rewrite_rule_dao.go

@@ -125,7 +125,7 @@ func (this *HTTPRewriteRuleDAO) ComposeRewriteRule(tx *dbs.Tx, rewriteRuleId int
 
 // CreateRewriteRule 创建规则
 func (this *HTTPRewriteRuleDAO) CreateRewriteRule(tx *dbs.Tx, pattern string, replace string, mode string, redirectStatus int, isBreak bool, proxyHost string, withQuery bool, isOn bool, condsJSON []byte) (int64, error) {
-	op := NewHTTPRewriteRuleOperator()
+	var op = NewHTTPRewriteRuleOperator()
 	op.State = HTTPRewriteRuleStateEnabled
 	op.IsOn = isOn
 
@@ -150,7 +150,7 @@ func (this *HTTPRewriteRuleDAO) UpdateRewriteRule(tx *dbs.Tx, rewriteRuleId int6
 	if rewriteRuleId <= 0 {
 		return errors.New("invalid rewriteRuleId")
 	}
-	op := NewHTTPRewriteRuleOperator()
+	var op = NewHTTPRewriteRuleOperator()
 	op.Id = rewriteRuleId
 	op.IsOn = isOn
 	op.Pattern = pattern

internal/db/models/http_web_dao.go

@@ -466,7 +466,7 @@ func (this *HTTPWebDAO) ComposeWebConfig(tx *dbs.Tx, webId int64, cacheMap *util
 
 // CreateWeb 创建Web配置
 func (this *HTTPWebDAO) CreateWeb(tx *dbs.Tx, adminId int64, userId int64, rootJSON []byte) (int64, error) {
-	op := NewHTTPWebOperator()
+	var op = NewHTTPWebOperator()
 	op.State = HTTPWebStateEnabled
 	op.AdminId = adminId
 	op.UserId = userId
@@ -485,7 +485,7 @@ func (this *HTTPWebDAO) UpdateWeb(tx *dbs.Tx, webId int64, rootJSON []byte) erro
 	if webId <= 0 {
 		return errors.New("invalid webId")
 	}
-	op := NewHTTPWebOperator()
+	var op = NewHTTPWebOperator()
 	op.Id = webId
 	op.Root = JSONBytes(rootJSON)
 	err := this.Save(tx, op)
@@ -501,7 +501,7 @@ func (this *HTTPWebDAO) UpdateWebCompression(tx *dbs.Tx, webId int64, compressio
 	if webId <= 0 {
 		return errors.New("invalid webId")
 	}
-	op := NewHTTPWebOperator()
+	var op = NewHTTPWebOperator()
 	op.Id = webId
 	op.Compression = JSONBytes(compressionConfig)
 	err := this.Save(tx, op)
@@ -517,7 +517,7 @@ func (this *HTTPWebDAO) UpdateWebWebP(tx *dbs.Tx, webId int64, webpConfig []byte
 	if webId <= 0 {
 		return errors.New("invalid webId")
 	}
-	op := NewHTTPWebOperator()
+	var op = NewHTTPWebOperator()
 	op.Id = webId
 	op.Webp = JSONBytes(webpConfig)
 	err := this.Save(tx, op)
@@ -548,7 +548,7 @@ func (this *HTTPWebDAO) UpdateWebCharset(tx *dbs.Tx, webId int64, charsetJSON []
 	if webId <= 0 {
 		return errors.New("invalid webId")
 	}
-	op := NewHTTPWebOperator()
+	var op = NewHTTPWebOperator()
 	op.Id = webId
 	op.Charset = JSONBytes(charsetJSON)
 	err := this.Save(tx, op)
@@ -564,7 +564,7 @@ func (this *HTTPWebDAO) UpdateWebRequestHeaderPolicy(tx *dbs.Tx, webId int64, he
 	if webId <= 0 {
 		return errors.New("invalid webId")
 	}
-	op := NewHTTPWebOperator()
+	var op = NewHTTPWebOperator()
 	op.Id = webId
 	op.RequestHeader = JSONBytes(headerPolicyJSON)
 	err := this.Save(tx, op)
@@ -580,7 +580,7 @@ func (this *HTTPWebDAO) UpdateWebResponseHeaderPolicy(tx *dbs.Tx, webId int64, h
 	if webId <= 0 {
 		return errors.New("invalid webId")
 	}
-	op := NewHTTPWebOperator()
+	var op = NewHTTPWebOperator()
 	op.Id = webId
 	op.ResponseHeader = JSONBytes(headerPolicyJSON)
 	err := this.Save(tx, op)
@@ -596,7 +596,7 @@ func (this *HTTPWebDAO) UpdateWebPages(tx *dbs.Tx, webId int64, pagesJSON []byte
 	if webId <= 0 {
 		return errors.New("invalid webId")
 	}
-	op := NewHTTPWebOperator()
+	var op = NewHTTPWebOperator()
 	op.Id = webId
 	op.Pages = JSONBytes(pagesJSON)
 	err := this.Save(tx, op)
@@ -612,7 +612,7 @@ func (this *HTTPWebDAO) UpdateWebShutdown(tx *dbs.Tx, webId int64, shutdownJSON
 	if webId <= 0 {
 		return errors.New("invalid webId")
 	}
-	op := NewHTTPWebOperator()
+	var op = NewHTTPWebOperator()
 	op.Id = webId
 	op.Shutdown = JSONBytes(shutdownJSON)
 	err := this.Save(tx, op)
@@ -628,7 +628,7 @@ func (this *HTTPWebDAO) UpdateWebAccessLogConfig(tx *dbs.Tx, webId int64, access
 	if webId <= 0 {
 		return errors.New("invalid webId")
 	}
-	op := NewHTTPWebOperator()
+	var op = NewHTTPWebOperator()
 	op.Id = webId
 	op.AccessLog = JSONBytes(accessLogJSON)
 	err := this.Save(tx, op)
@@ -644,7 +644,7 @@ func (this *HTTPWebDAO) UpdateWebStat(tx *dbs.Tx, webId int64, statJSON []byte)
 	if webId <= 0 {
 		return errors.New("invalid webId")
 	}
-	op := NewHTTPWebOperator()
+	var op = NewHTTPWebOperator()
 	op.Id = webId
 	op.Stat = JSONBytes(statJSON)
 	err := this.Save(tx, op)
@@ -660,7 +660,7 @@ func (this *HTTPWebDAO) UpdateWebCache(tx *dbs.Tx, webId int64, cacheJSON []byte
 	if webId <= 0 {
 		return errors.New("invalid webId")
 	}
-	op := NewHTTPWebOperator()
+	var op = NewHTTPWebOperator()
 	op.Id = webId
 	op.Cache = JSONBytes(cacheJSON)
 	err := this.Save(tx, op)
@@ -676,7 +676,7 @@ func (this *HTTPWebDAO) UpdateWebFirewall(tx *dbs.Tx, webId int64, firewallJSON
 	if webId <= 0 {
 		return errors.New("invalid webId")
 	}
-	op := NewHTTPWebOperator()
+	var op = NewHTTPWebOperator()
 	op.Id = webId
 	op.Firewall = JSONBytes(firewallJSON)
 	err := this.Save(tx, op)
@@ -692,7 +692,7 @@ func (this *HTTPWebDAO) UpdateWebLocations(tx *dbs.Tx, webId int64, locationsJSO
 	if webId <= 0 {
 		return errors.New("invalid webId")
 	}
-	op := NewHTTPWebOperator()
+	var op = NewHTTPWebOperator()
 	op.Id = webId
 	op.Locations = JSONBytes(locationsJSON)
 	err := this.Save(tx, op)
@@ -708,7 +708,7 @@ func (this *HTTPWebDAO) UpdateWebRedirectToHTTPS(tx *dbs.Tx, webId int64, redire
 	if webId <= 0 {
 		return errors.New("invalid webId")
 	}
-	op := NewHTTPWebOperator()
+	var op = NewHTTPWebOperator()
 	op.Id = webId
 	op.RedirectToHttps = JSONBytes(redirectToHTTPSJSON)
 	err := this.Save(tx, op)
@@ -724,7 +724,7 @@ func (this *HTTPWebDAO) UpdateWebsocket(tx *dbs.Tx, webId int64, websocketJSON [
 	if webId <= 0 {
 		return errors.New("invalid webId")
 	}
-	op := NewHTTPWebOperator()
+	var op = NewHTTPWebOperator()
 	op.Id = webId
 	op.Websocket = JSONBytes(websocketJSON)
 	err := this.Save(tx, op)
@@ -740,7 +740,7 @@ func (this *HTTPWebDAO) UpdateWebFastcgi(tx *dbs.Tx, webId int64, fastcgiJSON []
 	if webId <= 0 {
 		return errors.New("invalid webId")
 	}
-	op := NewHTTPWebOperator()
+	var op = NewHTTPWebOperator()
 	op.Id = webId
 	op.Fastcgi = JSONBytes(fastcgiJSON)
 	err := this.Save(tx, op)
@@ -756,7 +756,7 @@ func (this *HTTPWebDAO) UpdateWebRewriteRules(tx *dbs.Tx, webId int64, rewriteRu
 	if webId <= 0 {
 		return errors.New("invalid webId")
 	}
-	op := NewHTTPWebOperator()
+	var op = NewHTTPWebOperator()
 	op.Id = webId
 	op.RewriteRules = JSONBytes(rewriteRulesJSON)
 	err := this.Save(tx, op)
@@ -772,7 +772,7 @@ func (this *HTTPWebDAO) UpdateWebAuth(tx *dbs.Tx, webId int64, authJSON []byte)
 	if webId <= 0 {
 		return errors.New("invalid webId")
 	}
-	op := NewHTTPWebOperator()
+	var op = NewHTTPWebOperator()
 	op.Id = webId
 	op.Auth = JSONBytes(authJSON)
 	err := this.Save(tx, op)

internal/db/models/http_websocket_dao.go

@@ -110,7 +110,7 @@ func (this *HTTPWebsocketDAO) ComposeWebsocketConfig(tx *dbs.Tx, websocketId int
 
 // CreateWebsocket 创建Websocket配置
 func (this *HTTPWebsocketDAO) CreateWebsocket(tx *dbs.Tx, handshakeTimeoutJSON []byte, allowAllOrigins bool, allowedOrigins []string, requestSameOrigin bool, requestOrigin string) (websocketId int64, err error) {
-	op := NewHTTPWebsocketOperator()
+	var op = NewHTTPWebsocketOperator()
 	op.IsOn = true
 	op.State = HTTPWebsocketStateEnabled
 	if len(handshakeTimeoutJSON) > 0 {
@@ -135,7 +135,7 @@ func (this *HTTPWebsocketDAO) UpdateWebsocket(tx *dbs.Tx, websocketId int64, han
 	if websocketId <= 0 {
 		return errors.New("invalid websocketId")
 	}
-	op := NewHTTPWebsocketOperator()
+	var op = NewHTTPWebsocketOperator()
 	op.Id = websocketId
 	if len(handshakeTimeoutJSON) > 0 {
 		op.HandshakeTimeout = handshakeTimeoutJSON

internal/db/models/ip_item_dao.go

@@ -207,14 +207,35 @@ func (this *IPItemDAO) FindEnabledIPItem(tx *dbs.Tx, id int64) (*IPItem, error)
 
 // DeleteOldItem 根据IP删除以前的旧记录
 func (this *IPItemDAO) DeleteOldItem(tx *dbs.Tx, listId int64, ipFrom string, ipTo string) error {
-	_, err := this.Query(tx).
+	ones, err := this.Query(tx).
+		ResultPk().
 		UseIndex("ipFrom").
 		Attr("listId", listId).
 		Attr("ipFrom", ipFrom).
 		Attr("ipTo", ipTo).
-		Delete()
-	// 这里不通知更新
-	return err
+		Set("state", IPItemStateEnabled).
+		FindAll()
+	if err != nil {
+		return err
+	}
+	for _, one := range ones {
+		var itemId = int64(one.(*IPItem).Id)
+		version, err := SharedIPListDAO.IncreaseVersion(tx)
+		if err != nil {
+			return err
+		}
+
+		err = this.Query(tx).
+			Pk(itemId).
+			Set("version", version).
+			Set("state", IPItemStateDisabled).
+			UpdateQuickly()
+		if err != nil {
+			return err
+		}
+	}
+
+	return nil
 }
 
 // CreateIPItem 创建IP
@@ -267,6 +288,8 @@ func (this *IPItemDAO) CreateIPItem(tx *dbs.Tx,
 	}
 
 	op.State = IPItemStateEnabled
+	op.UpdatedAt = time.Now().Unix()
+
 	err = this.Save(tx, op)
 	if err != nil {
 		return 0, err
@@ -307,7 +330,7 @@ func (this *IPItemDAO) UpdateIPItem(tx *dbs.Tx, itemId int64, ipFrom string, ipT
 		return err
 	}
 
-	op := NewIPItemOperator()
+	var op = NewIPItemOperator()
 	op.Id = itemId
 	op.IpFrom = ipFrom
 	op.IpTo = ipTo

internal/db/models/ip_library_dao.go

@@ -92,7 +92,7 @@ func (this *IPLibraryDAO) FindLatestIPLibraryWithType(tx *dbs.Tx, libraryType st
 
 // 创建新的IP库
 func (this *IPLibraryDAO) CreateIPLibrary(tx *dbs.Tx, libraryType string, fileId int64) (int64, error) {
-	op := NewIPLibraryOperator()
+	var op = NewIPLibraryOperator()
 	op.Type = libraryType
 	op.FileId = fileId
 	op.State = IPLibraryStateEnabled

internal/db/models/ip_list_dao.go

@@ -165,7 +165,7 @@ func (this *IPListDAO) UpdateIPList(tx *dbs.Tx, listId int64, name string, code
 	if listId <= 0 {
 		return errors.New("invalid listId")
 	}
-	op := NewIPListOperator()
+	var op = NewIPListOperator()
 	op.Id = listId
 	op.Name = name
 	op.Code = code

internal/db/models/log_dao.go

@@ -36,7 +36,7 @@ func init() {
 
 // CreateLog 创建管理员日志
 func (this *LogDAO) CreateLog(tx *dbs.Tx, adminType string, adminId int64, level string, description string, action string, ip string) error {
-	op := NewLogOperator()
+	var op = NewLogOperator()
 	op.Level = level
 	op.Description = description
 	op.Action = action

internal/db/models/login_dao.go

@@ -40,7 +40,7 @@ func init() {
 	})
 }
 
-// 启用条目
+// EnableLogin 启用条目
 func (this *LoginDAO) EnableLogin(tx *dbs.Tx, id int64) error {
 	_, err := this.Query(tx).
 		Pk(id).
@@ -49,7 +49,7 @@ func (this *LoginDAO) EnableLogin(tx *dbs.Tx, id int64) error {
 	return err
 }
 
-// 禁用条目
+// DisableLogin 禁用条目
 func (this *LoginDAO) DisableLogin(tx *dbs.Tx, id int64) error {
 	_, err := this.Query(tx).
 		Pk(id).
@@ -58,7 +58,7 @@ func (this *LoginDAO) DisableLogin(tx *dbs.Tx, id int64) error {
 	return err
 }
 
-// 查找启用中的条目
+// FindEnabledLogin 查找启用中的条目
 func (this *LoginDAO) FindEnabledLogin(tx *dbs.Tx, id int64) (*Login, error) {
 	result, err := this.Query(tx).
 		Pk(id).
@@ -70,7 +70,7 @@ func (this *LoginDAO) FindEnabledLogin(tx *dbs.Tx, id int64) (*Login, error) {
 	return result.(*Login), err
 }
 
-// 创建认证
+// CreateLogin 创建认证
 func (this *LoginDAO) CreateLogin(tx *dbs.Tx, Id int64, loginType LoginType, params maps.Map) (int64, error) {
 	if Id <= 0 {
 		return 0, errors.New("invalid Id")
@@ -78,7 +78,7 @@ func (this *LoginDAO) CreateLogin(tx *dbs.Tx, Id int64, loginType LoginType, par
 	if params == nil {
 		params = maps.Map{}
 	}
-	op := NewLoginOperator()
+	var op = NewLoginOperator()
 	op.Id = Id
 	op.Type = loginType
 	op.Params = params.AsJSON()
@@ -87,23 +87,34 @@ func (this *LoginDAO) CreateLogin(tx *dbs.Tx, Id int64, loginType LoginType, par
 	return this.SaveInt64(tx, op)
 }
 
-// 修改认证
-func (this *LoginDAO) UpdateLogin(tx *dbs.Tx, adminId int64, loginType LoginType, params maps.Map, isOn bool) error {
+// UpdateLogin 修改认证
+func (this *LoginDAO) UpdateLogin(tx *dbs.Tx, adminId int64, userId int64, loginType LoginType, params maps.Map, isOn bool) error {
+	if adminId <= 0 && userId <= 0 {
+		return errors.New("invalid adminId and userId")
+	}
+
 	// 是否已经存在
-	loginId, err := this.Query(tx).
-		Attr("adminId", adminId).
+	var query = this.Query(tx).
 		Attr("type", loginType).
 		State(LoginStateEnabled).
-		ResultPk().
-		FindInt64Col(0)
+		ResultPk()
+
+	if adminId > 0 {
+		query.Attr("adminId", adminId)
+	} else if userId > 0 {
+		query.Attr("userId", userId)
+	}
+
+	loginId, err := query.FindInt64Col(0)
 	if err != nil {
 		return err
 	}
-	op := NewLoginOperator()
+	var op = NewLoginOperator()
 	if loginId > 0 {
 		op.Id = loginId
 	} else {
 		op.AdminId = adminId
+		op.UserId = userId
 		op.Type = loginType
 		op.State = LoginStateEnabled
 	}
@@ -117,35 +128,54 @@ func (this *LoginDAO) UpdateLogin(tx *dbs.Tx, adminId int64, loginType LoginType
 	return this.Save(tx, op)
 }
 
-// 禁用相关认证
-func (this *LoginDAO) DisableLoginWithAdminId(tx *dbs.Tx, adminId int64, loginType LoginType) error {
-	_, err := this.Query(tx).
-		Attr("adminId", adminId).
+// DisableLoginWithType 禁用相关认证
+func (this *LoginDAO) DisableLoginWithType(tx *dbs.Tx, adminId int64, userId int64, loginType LoginType) error {
+	var query = this.Query(tx).
 		Attr("type", loginType).
-		Set("isOn", false).
+		Set("isOn", false)
+
+	if adminId > 0 {
+		query.Attr("adminId", adminId)
+	} else if userId > 0 {
+		query.Attr("userId", userId)
+	}
+
+	_, err := query.
 		Update()
 	return err
 }
 
-// 查找管理员相关的认证
-func (this *LoginDAO) FindEnabledLoginWithAdminId(tx *dbs.Tx, adminId int64, loginType LoginType) (*Login, error) {
-	one, err := this.Query(tx).
-		Attr("adminId", adminId).
+// FindEnabledLoginWithType 查找管理员和用户相关的认证
+func (this *LoginDAO) FindEnabledLoginWithType(tx *dbs.Tx, adminId int64, userId int64, loginType LoginType) (*Login, error) {
+	var query = this.Query(tx).
 		Attr("type", loginType).
-		State(LoginStateEnabled).
-		Find()
+		State(LoginStateEnabled)
+
+	if adminId > 0 {
+		query.Attr("adminId", adminId)
+	} else if userId > 0 {
+		query.Attr("userId", userId)
+	}
+
+	one, err := query.Find()
 	if err != nil || one == nil {
 		return nil, err
 	}
 	return one.(*Login), nil
 }
 
-// 检查某个认证是否启用
-func (this *LoginDAO) CheckLoginIsOn(tx *dbs.Tx, adminId int64, loginType LoginType) (bool, error) {
-	return this.Query(tx).
-		Attr("adminId", adminId).
+// CheckLoginIsOn 检查某个认证是否启用
+func (this *LoginDAO) CheckLoginIsOn(tx *dbs.Tx, adminId int64, userId int64, loginType LoginType) (bool, error) {
+	var query = this.Query(tx).
 		Attr("type", loginType).
 		State(LoginStateEnabled).
-		Attr("isOn", true).
-		Exist()
+		Attr("isOn", true)
+
+	if adminId > 0 {
+		query.Attr("adminId", adminId)
+	} else if userId > 0 {
+		query.Attr("userId", userId)
+	}
+
+	return query.Exist()
 }

internal/db/models/message_dao.go

@@ -154,7 +154,7 @@ func (this *MessageDAO) CreateNodeMessage(tx *dbs.Tx, role string, clusterId int
 
 // CreateMessage 创建普通消息
 func (this *MessageDAO) CreateMessage(tx *dbs.Tx, adminId int64, userId int64, messageType MessageType, level string, subject string, body string, paramsJSON []byte) error {
-	op := NewMessageOperator()
+	var op = NewMessageOperator()
 	op.AdminId = adminId
 	op.UserId = userId
 	op.Type = messageType
@@ -230,7 +230,7 @@ func (this *MessageDAO) UpdateMessageRead(tx *dbs.Tx, messageId int64, b bool) e
 	if messageId <= 0 {
 		return errors.New("invalid messageId")
 	}
-	op := NewMessageOperator()
+	var op = NewMessageOperator()
 	op.Id = messageId
 	op.IsRead = b
 	err := this.Save(tx, op)
@@ -286,7 +286,7 @@ func (this *MessageDAO) createMessage(tx *dbs.Tx, role string, clusterId int64,
 	// TODO 检查同样的消息最近是否发送过
 
 	// 创建新消息
-	op := NewMessageOperator()
+	var op = NewMessageOperator()
 	op.AdminId = 0 // TODO
 	op.UserId = 0  // TODO
 	op.Role = role

internal/db/models/message_media_dao.go

@@ -104,7 +104,7 @@ func (this *MessageMediaDAO) UpdateMessageMedias(tx *dbs.Tx, mediaMaps []maps.Ma
 		if err != nil {
 			return err
 		}
-		op := NewMessageMediaOperator()
+		var op = NewMessageMediaOperator()
 		if mediaId > 0 {
 			op.Id = mediaId
 		}

internal/db/models/message_media_instance_dao.go

@@ -84,7 +84,7 @@ func (this *MessageMediaInstanceDAO) FindEnabledMessageMediaInstance(tx *dbs.Tx,
 
 // CreateMediaInstance 创建媒介实例
 func (this *MessageMediaInstanceDAO) CreateMediaInstance(tx *dbs.Tx, name string, mediaType string, params maps.Map, description string, rateJSON []byte, hashLifeSeconds int32) (int64, error) {
-	op := NewMessageMediaInstanceOperator()
+	var op = NewMessageMediaInstanceOperator()
 	op.Name = name
 	op.MediaType = mediaType
 
@@ -116,7 +116,7 @@ func (this *MessageMediaInstanceDAO) UpdateMediaInstance(tx *dbs.Tx, instanceId
 		return errors.New("invalid instanceId")
 	}
 
-	op := NewMessageMediaInstanceOperator()
+	var op = NewMessageMediaInstanceOperator()
 	op.Id = instanceId
 	op.Name = name
 	op.MediaType = mediaType

internal/db/models/message_receiver_dao.go

@@ -76,7 +76,7 @@ func (this *MessageReceiverDAO) DisableReceivers(tx *dbs.Tx, clusterId int64, no
 
 // CreateReceiver 创建接收人
 func (this *MessageReceiverDAO) CreateReceiver(tx *dbs.Tx, role string, clusterId int64, nodeId int64, serverId int64, messageType MessageType, params maps.Map, recipientId int64, recipientGroupId int64) (int64, error) {
-	op := NewMessageReceiverOperator()
+	var op = NewMessageReceiverOperator()
 	op.Role = role
 	op.ClusterId = clusterId
 	op.NodeId = nodeId

internal/db/models/message_recipient_dao.go

@@ -86,7 +86,7 @@ func (this *MessageRecipientDAO) FindEnabledMessageRecipient(tx *dbs.Tx, recipie
 
 // CreateRecipient 创建接收人
 func (this *MessageRecipientDAO) CreateRecipient(tx *dbs.Tx, adminId int64, instanceId int64, user string, groupIds []int64, description string, timeFrom string, timeTo string) (int64, error) {
-	op := NewMessageRecipientOperator()
+	var op = NewMessageRecipientOperator()
 	op.AdminId = adminId
 	op.InstanceId = instanceId
 	op.User = user
@@ -122,7 +122,7 @@ func (this *MessageRecipientDAO) UpdateRecipient(tx *dbs.Tx, recipientId int64,
 		return errors.New("invalid recipientId")
 	}
 
-	op := NewMessageRecipientOperator()
+	var op = NewMessageRecipientOperator()
 	op.Id = recipientId
 	op.AdminId = adminId
 	op.InstanceId = instanceId

internal/db/models/message_recipient_group_dao.go

@@ -73,7 +73,7 @@ func (this *MessageRecipientGroupDAO) FindMessageRecipientGroupName(tx *dbs.Tx,
 
 // 创建分组
 func (this *MessageRecipientGroupDAO) CreateGroup(tx *dbs.Tx, name string) (int64, error) {
-	op := NewMessageRecipientGroupOperator()
+	var op = NewMessageRecipientGroupOperator()
 	op.Name = name
 	op.IsOn = true
 	op.State = MessageRecipientStateEnabled
@@ -85,7 +85,7 @@ func (this *MessageRecipientGroupDAO) UpdateGroup(tx *dbs.Tx, groupId int64, nam
 	if groupId <= 0 {
 		return errors.New("invalid groupId")
 	}
-	op := NewMessageRecipientGroupOperator()
+	var op = NewMessageRecipientGroupOperator()
 	op.Id = groupId
 	op.Name = name
 	op.IsOn = isOn

internal/db/models/message_task_dao.go

@@ -131,7 +131,7 @@ func (this *MessageTaskDAO) CreateMessageTask(tx *dbs.Tx, recipientId int64, ins
 		}
 	}
 
-	op := NewMessageTaskOperator()
+	var op = NewMessageTaskOperator()
 	op.RecipientId = recipientId
 	op.InstanceId = instanceId
 	op.Hash = hash
@@ -190,7 +190,7 @@ func (this *MessageTaskDAO) UpdateMessageTaskStatus(tx *dbs.Tx, taskId int64, st
 	if taskId <= 0 {
 		return errors.New("invalid taskId")
 	}
-	op := NewMessageTaskOperator()
+	var op = NewMessageTaskOperator()
 	op.Id = taskId
 	op.Status = status
 	op.SentAt = time.Now().Unix()

internal/db/models/message_task_log_dao.go

@@ -49,7 +49,7 @@ func init() {
 
 // CreateLog 创建日志
 func (this *MessageTaskLogDAO) CreateLog(tx *dbs.Tx, taskId int64, isOk bool, errMsg string, response string) error {
-	op := NewMessageTaskLogOperator()
+	var op = NewMessageTaskLogOperator()
 	op.TaskId = taskId
 	op.IsOk = isOk
 	op.Error = errMsg

internal/db/models/metric_chart_dao.go

@@ -75,7 +75,7 @@ func (this *MetricChartDAO) FindMetricChartName(tx *dbs.Tx, chartId int64) (stri
 
 // CreateChart 创建图表
 func (this *MetricChartDAO) CreateChart(tx *dbs.Tx, itemId int64, name string, chartType string, widthDiv int32, maxItems int32, params maps.Map, ignoreEmptyKeys bool, ignoredKeys []string) (int64, error) {
-	op := NewMetricChartOperator()
+	var op = NewMetricChartOperator()
 	op.ItemId = itemId
 	op.Name = name
 	op.Type = chartType
@@ -112,7 +112,7 @@ func (this *MetricChartDAO) UpdateChart(tx *dbs.Tx, chartId int64, name string,
 	if chartId <= 0 {
 		return errors.New("invalid chartId")
 	}
-	op := NewMetricChartOperator()
+	var op = NewMetricChartOperator()
 	op.Id = chartId
 	op.Name = name
 	op.Type = chartType

internal/db/models/metric_stat_dao.go

@@ -691,7 +691,6 @@ func (this *MetricStatDAO) Clean(tx *dbs.Tx) error {
 						Table(table).
 						Attr("itemId", item.Id).
 						Lte("createdDay", expiresDay).
-						UseIndex("createdDay").
 						Limit(10_000). // 一次性不要删除太多，防止阻塞其他操作
 						Delete()
 					return err

internal/db/models/metric_sum_stat_dao.go

@@ -237,7 +237,6 @@ func (this *MetricSumStatDAO) Clean(tx *dbs.Tx) error {
 						Attr("itemId", item.Id).
 						Where("(createdDay IS NULL OR createdDay<:day)").
 						Param("day", expiresDay).
-						UseIndex("createdDay").
 						Limit(10_000). // 一次性不要删除太多，防止阻塞其他操作
 						Delete()
 					return err

internal/db/models/monitor_node_dao.go

@@ -47,12 +47,17 @@ func (this *MonitorNodeDAO) EnableMonitorNode(tx *dbs.Tx, id int64) error {
 }
 
 // DisableMonitorNode 禁用条目
-func (this *MonitorNodeDAO) DisableMonitorNode(tx *dbs.Tx, id int64) error {
+func (this *MonitorNodeDAO) DisableMonitorNode(tx *dbs.Tx, nodeId int64) error {
 	_, err := this.Query(tx).
-		Pk(id).
+		Pk(nodeId).
 		Set("state", MonitorNodeStateDisabled).
 		Update()
-	return err
+	if err != nil {
+		return err
+	}
+
+	// 删除运行日志
+	return SharedNodeLogDAO.DeleteNodeLogs(tx, nodeconfigs.NodeRoleMonitor, nodeId)
 }
 
 // FindEnabledMonitorNode 查找启用中的条目
@@ -118,7 +123,7 @@ func (this *MonitorNodeDAO) CreateMonitorNode(tx *dbs.Tx, name string, descripti
 		return
 	}
 
-	op := NewMonitorNodeOperator()
+	var op = NewMonitorNodeOperator()
 	op.IsOn = isOn
 	op.UniqueId = uniqueId
 	op.Secret = secret
@@ -139,7 +144,7 @@ func (this *MonitorNodeDAO) UpdateMonitorNode(tx *dbs.Tx, nodeId int64, name str
 		return errors.New("invalid nodeId")
 	}
 
-	op := NewMonitorNodeOperator()
+	var op = NewMonitorNodeOperator()
 	op.Id = nodeId
 	op.Name = name
 	op.Description = description

internal/db/models/nameservers/ns_domain_dao.go

@@ -93,7 +93,7 @@ func (this *NSDomainDAO) CreateDomain(tx *dbs.Tx, clusterId int64, userId int64,
 		return 0, err
 	}
 
-	op := NewNSDomainOperator()
+	var op = NewNSDomainOperator()
 	op.ClusterId = clusterId
 	op.UserId = userId
 	op.Name = name
@@ -131,7 +131,7 @@ func (this *NSDomainDAO) UpdateDomain(tx *dbs.Tx, domainId int64, clusterId int6
 		return err
 	}
 
-	op := NewNSDomainOperator()
+	var op = NewNSDomainOperator()
 	op.Id = domainId
 	op.ClusterId = clusterId
 	op.UserId = userId

internal/db/models/nameservers/ns_key_dao.go

@@ -79,7 +79,7 @@ func (this *NSKeyDAO) FindNSKeyName(tx *dbs.Tx, id int64) (string, error) {
 
 // CreateKey 创建Key
 func (this *NSKeyDAO) CreateKey(tx *dbs.Tx, domainId int64, zoneId int64, name string, algo dnsconfigs.KeyAlgorithmType, secret string, secretType string) (int64, error) {
-	op := NewNSKeyOperator()
+	var op = NewNSKeyOperator()
 	op.DomainId = domainId
 	op.ZoneId = zoneId
 	op.Name = name
@@ -105,7 +105,7 @@ func (this *NSKeyDAO) UpdateKey(tx *dbs.Tx, keyId int64, name string, algo dnsco
 	if keyId <= 0 {
 		return errors.New("invalid keyId")
 	}
-	op := NewNSKeyOperator()
+	var op = NewNSKeyOperator()
 	op.Id = keyId
 	op.Name = name
 	op.Algo = algo

internal/db/models/nameservers/ns_record_dao.go

@@ -95,7 +95,7 @@ func (this *NSRecordDAO) CreateRecord(tx *dbs.Tx, domainId int64, description st
 		return 0, err
 	}
 
-	op := NewNSRecordOperator()
+	var op = NewNSRecordOperator()
 	op.DomainId = domainId
 	op.Description = description
 	op.Name = name
@@ -139,7 +139,7 @@ func (this *NSRecordDAO) UpdateRecord(tx *dbs.Tx, recordId int64, description st
 		return err
 	}
 
-	op := NewNSRecordOperator()
+	var op = NewNSRecordOperator()
 	op.Id = recordId
 	op.Description = description
 	op.Name = name

internal/db/models/nameservers/ns_route_dao.go

@@ -129,7 +129,7 @@ func (this *NSRouteDAO) CreateRoute(tx *dbs.Tx, clusterId int64, domainId int64,
 		return 0, err
 	}
 
-	op := NewNSRouteOperator()
+	var op = NewNSRouteOperator()
 	op.ClusterId = clusterId
 	op.DomainId = domainId
 	op.UserId = userId
@@ -166,7 +166,7 @@ func (this *NSRouteDAO) UpdateRoute(tx *dbs.Tx, routeId int64, name string, rang
 		return err
 	}
 
-	op := NewNSRouteOperator()
+	var op = NewNSRouteOperator()
 	op.Id = routeId
 	op.Name = name
 	if len(rangesJSON) > 0 {
@@ -214,7 +214,7 @@ func (this *NSRouteDAO) FindAllEnabledRoutes(tx *dbs.Tx, clusterId int64, domain
 		State(NSRouteStateEnabled).
 		Slice(&result).
 		Desc("order").
-		DescPk()
+		AscPk()
 	if clusterId > 0 {
 		query.Attr("clusterId", clusterId)
 	} else {

internal/db/models/node_cluster_dao.go

@@ -133,7 +133,7 @@ func (this *NodeClusterDAO) CreateCluster(tx *dbs.Tx, adminId int64, name string
 		return 0, err
 	}
 
-	op := NewNodeClusterOperator()
+	var op = NewNodeClusterOperator()
 	op.AdminId = adminId
 	op.Name = name
 	op.GrantId = grantId
@@ -142,10 +142,11 @@ func (this *NodeClusterDAO) CreateCluster(tx *dbs.Tx, adminId int64, name string
 	// DNS设置
 	op.DnsDomainId = dnsDomainId
 	op.DnsName = dnsName
-	dnsConfig := &dnsconfigs.ClusterDNSConfig{
+	var dnsConfig = &dnsconfigs.ClusterDNSConfig{
 		NodesAutoSync:   true,
 		ServersAutoSync: true,
 		CNameRecords:    []string{},
+		CNameAsDomain:   true,
 		TTL:             0,
 	}
 	dnsJSON, err := json.Marshal(dnsConfig)
@@ -185,7 +186,7 @@ func (this *NodeClusterDAO) UpdateCluster(tx *dbs.Tx, clusterId int64, name stri
 	if clusterId <= 0 {
 		return errors.New("invalid clusterId")
 	}
-	op := NewNodeClusterOperator()
+	var op = NewNodeClusterOperator()
 	op.Id = clusterId
 	op.Name = name
 	op.GrantId = grantId
@@ -324,7 +325,7 @@ func (this *NodeClusterDAO) UpdateClusterHealthCheck(tx *dbs.Tx, clusterId int64
 	if clusterId <= 0 {
 		return errors.New("invalid clusterId '" + strconv.FormatInt(clusterId, 10) + "'")
 	}
-	op := NewNodeClusterOperator()
+	var op = NewNodeClusterOperator()
 	op.Id = clusterId
 	op.HealthCheck = healthCheckJSON
 	// 不需要通知更新
@@ -463,7 +464,7 @@ func (this *NodeClusterDAO) ExistClusterDNSName(tx *dbs.Tx, dnsName string, excl
 }
 
 // UpdateClusterDNS 修改集群DNS相关信息
-func (this *NodeClusterDAO) UpdateClusterDNS(tx *dbs.Tx, clusterId int64, dnsName string, dnsDomainId int64, nodesAutoSync bool, serversAutoSync bool, cnameRecords []string, ttl int32) error {
+func (this *NodeClusterDAO) UpdateClusterDNS(tx *dbs.Tx, clusterId int64, dnsName string, dnsDomainId int64, nodesAutoSync bool, serversAutoSync bool, cnameRecords []string, ttl int32, cnameAsDomain bool) error {
 	if clusterId <= 0 {
 		return errors.New("invalid clusterId")
 	}
@@ -503,6 +504,7 @@ func (this *NodeClusterDAO) UpdateClusterDNS(tx *dbs.Tx, clusterId int64, dnsNam
 		ServersAutoSync: serversAutoSync,
 		CNameRecords:    cnameRecords,
 		TTL:             ttl,
+		CNameAsDomain:   cnameAsDomain,
 	}
 	dnsJSON, err := json.Marshal(dnsConfig)
 	if err != nil {
@@ -568,7 +570,7 @@ func (this *NodeClusterDAO) UpdateClusterTOA(tx *dbs.Tx, clusterId int64, toaJSO
 	if clusterId <= 0 {
 		return errors.New("invalid clusterId")
 	}
-	op := NewNodeClusterOperator()
+	var op = NewNodeClusterOperator()
 	op.Id = clusterId
 	op.Toa = toaJSON
 	err := this.Save(tx, op)
@@ -918,7 +920,7 @@ func (this *NodeClusterDAO) FindClusterBasicInfo(tx *dbs.Tx, clusterId int64, ca
 	cluster, err := this.Query(tx).
 		Pk(clusterId).
 		State(NodeClusterStateEnabled).
-		Result("id", "timeZone", "nodeMaxThreads", "cachePolicyId", "httpFirewallPolicyId", "autoOpenPorts", "webp", "isOn", "ddosProtection").
+		Result("id", "timeZone", "nodeMaxThreads", "cachePolicyId", "httpFirewallPolicyId", "autoOpenPorts", "webp", "uam", "isOn", "ddosProtection").
 		Find()
 	if err != nil || cluster == nil {
 		return nil, err
@@ -988,6 +990,65 @@ func (this *NodeClusterDAO) FindClusterWebPPolicy(tx *dbs.Tx, clusterId int64, c
 	return policy, nil
 }
 
+// UpdateClusterUAMPolicy 修改UAM设置
+func (this *NodeClusterDAO) UpdateClusterUAMPolicy(tx *dbs.Tx, clusterId int64, uamPolicy *nodeconfigs.UAMPolicy) error {
+	if uamPolicy == nil {
+		err := this.Query(tx).
+			Pk(clusterId).
+			Set("uam", dbs.SQL("null")).
+			UpdateQuickly()
+		if err != nil {
+			return err
+		}
+
+		return this.NotifyUpdate(tx, clusterId)
+	}
+
+	uamPolicyJSON, err := json.Marshal(uamPolicy)
+	if err != nil {
+		return err
+	}
+	err = this.Query(tx).
+		Pk(clusterId).
+		Set("uam", uamPolicyJSON).
+		UpdateQuickly()
+	if err != nil {
+		return err
+	}
+
+	return this.NotifyUpdate(tx, clusterId)
+}
+
+// FindClusterUAMPolicy 查询设置
+func (this *NodeClusterDAO) FindClusterUAMPolicy(tx *dbs.Tx, clusterId int64, cacheMap *utils.CacheMap) (*nodeconfigs.UAMPolicy, error) {
+	var cacheKey = this.Table + ":FindClusterUAMPolicy:" + types.String(clusterId)
+	if cacheMap != nil {
+		cache, ok := cacheMap.Get(cacheKey)
+		if ok {
+			return cache.(*nodeconfigs.UAMPolicy), nil
+		}
+	}
+
+	uamJSON, err := this.Query(tx).
+		Pk(clusterId).
+		Result("uam").
+		FindJSONCol()
+	if err != nil {
+		return nil, err
+	}
+
+	if IsNull(uamJSON) {
+		return nodeconfigs.DefaultUAMPolicy, nil
+	}
+
+	var policy = &nodeconfigs.UAMPolicy{}
+	err = json.Unmarshal(uamJSON, policy)
+	if err != nil {
+		return nil, err
+	}
+	return policy, nil
+}
+
 // FindClusterDDoSProtection 获取集群的DDoS设置
 func (this *NodeClusterDAO) FindClusterDDoSProtection(tx *dbs.Tx, clusterId int64) (*ddosconfigs.ProtectionConfig, error) {
 	one, err := this.Query(tx).

internal/db/models/node_cluster_firewall_action_dao.go

@@ -84,7 +84,7 @@ func (this *NodeClusterFirewallActionDAO) CreateFirewallAction(tx *dbs.Tx, admin
 		params = maps.Map{}
 	}
 
-	op := NewNodeClusterFirewallActionOperator()
+	var op = NewNodeClusterFirewallActionOperator()
 	op.AdminId = adminId
 	op.ClusterId = clusterId
 	op.Name = name
@@ -113,7 +113,7 @@ func (this *NodeClusterFirewallActionDAO) UpdateFirewallAction(tx *dbs.Tx, actio
 		params = maps.Map{}
 	}
 
-	op := NewNodeClusterFirewallActionOperator()
+	var op = NewNodeClusterFirewallActionOperator()
 	op.Id = actionId
 	op.Name = name
 	op.EventLevel = eventLevel

internal/db/models/node_cluster_model.go

@@ -34,6 +34,7 @@ type NodeCluster struct {
 	AutoOpenPorts        uint8    `field:"autoOpenPorts"`        // 是否自动尝试开放端口
 	IsPinned             bool     `field:"isPinned"`             // 是否置顶
 	Webp                 dbs.JSON `field:"webp"`                 // WebP设置
+	Uam                  dbs.JSON `field:"uam"`                  // UAM设置
 }
 
 type NodeClusterOperator struct {
@@ -67,6 +68,7 @@ type NodeClusterOperator struct {
 	AutoOpenPorts        interface{} // 是否自动尝试开放端口
 	IsPinned             interface{} // 是否置顶
 	Webp                 interface{} // WebP设置
+	Uam                  interface{} // UAM设置
 }
 
 func NewNodeClusterOperator() *NodeClusterOperator {

internal/db/models/node_cluster_model_ext.go

@@ -13,9 +13,12 @@ func (this *NodeCluster) DecodeDNSConfig() (*dnsconfigs.ClusterDNSConfig, error)
 		return &dnsconfigs.ClusterDNSConfig{
 			NodesAutoSync:   false,
 			ServersAutoSync: false,
+			CNameAsDomain:   true,
 		}, nil
 	}
-	dnsConfig := &dnsconfigs.ClusterDNSConfig{}
+	var dnsConfig = &dnsconfigs.ClusterDNSConfig{
+		CNameAsDomain: true,
+	}
 	err := json.Unmarshal(this.Dns, &dnsConfig)
 	if err != nil {
 		return nil, err

internal/db/models/node_dao.go

@@ -100,7 +100,8 @@ func (this *NodeDAO) DisableNode(tx *dbs.Tx, nodeId int64) (err error) {
 		return err
 	}
 
-	return nil
+	// 删除运行日志
+	return SharedNodeLogDAO.DeleteNodeLogs(tx, nodeconfigs.NodeRoleNode, nodeId)
 }
 
 // FindEnabledNode 查找启用中的条目
@@ -166,7 +167,7 @@ func (this *NodeDAO) CreateNode(tx *dbs.Tx, adminId int64, name string, clusterI
 		return
 	}
 
-	op := NewNodeOperator()
+	var op = NewNodeOperator()
 	op.AdminId = adminId
 	op.Name = name
 	op.UniqueId = uniqueId
@@ -1018,6 +1019,7 @@ func (this *NodeDAO) ComposeNodeConfig(tx *dbs.Tx, nodeId int64, cacheMap *utils
 	clusterIds = append(clusterIds, node.DecodeSecondaryClusterIds()...)
 	var clusterIndex = 0
 	config.WebPImagePolicies = map[int64]*nodeconfigs.WebPImagePolicy{}
+	config.UAMPolicies = map[int64]*nodeconfigs.UAMPolicy{}
 	var allowIPMaps = map[string]bool{}
 	for _, clusterId := range clusterIds {
 		nodeCluster, err := SharedNodeClusterDAO.FindClusterBasicInfo(tx, clusterId, cacheMap)
@@ -1077,7 +1079,7 @@ func (this *NodeDAO) ComposeNodeConfig(tx *dbs.Tx, nodeId int64, cacheMap *utils
 		// 最大线程数、TCP连接数
 		if clusterIndex == 0 {
 			config.MaxThreads = int(nodeCluster.NodeMaxThreads)
-			config.DDOSProtection = nodeCluster.DecodeDDoSProtection()
+			config.DDoSProtection = nodeCluster.DecodeDDoSProtection()
 			config.AutoOpenPorts = nodeCluster.AutoOpenPorts == 1
 		}
 
@@ -1091,6 +1093,16 @@ func (this *NodeDAO) ComposeNodeConfig(tx *dbs.Tx, nodeId int64, cacheMap *utils
 			config.WebPImagePolicies[clusterId] = webpPolicy
 		}
 
+		// UAM
+		if IsNotNull(nodeCluster.Uam) {
+			var uamPolicy = &nodeconfigs.UAMPolicy{}
+			err = json.Unmarshal(nodeCluster.Uam, uamPolicy)
+			if err != nil {
+				return nil, err
+			}
+			config.UAMPolicies[clusterId] = uamPolicy
+		}
+
 		clusterIndex++
 	}
 
@@ -1212,10 +1224,10 @@ func (this *NodeDAO) ComposeNodeConfig(tx *dbs.Tx, nodeId int64, cacheMap *utils
 	// DDOS Protection
 	var ddosProtection = node.DecodeDDoSProtection()
 	if ddosProtection != nil {
-		if config.DDOSProtection == nil {
-			config.DDOSProtection = ddosProtection
+		if config.DDoSProtection == nil {
+			config.DDoSProtection = ddosProtection
 		} else {
-			config.DDOSProtection.Merge(ddosProtection)
+			config.DDoSProtection.Merge(ddosProtection)
 		}
 	}
 
@@ -1234,7 +1246,7 @@ func (this *NodeDAO) UpdateNodeConnectedAPINodes(tx *dbs.Tx, nodeId int64, apiNo
 		return errors.New("invalid nodeId")
 	}
 
-	op := NewNodeOperator()
+	var op = NewNodeOperator()
 	op.Id = nodeId
 
 	if len(apiNodeIds) > 0 {
@@ -1464,7 +1476,7 @@ func (this *NodeDAO) UpdateNodeDNS(tx *dbs.Tx, nodeId int64, routes map[int64][]
 	if err != nil {
 		return err
 	}
-	op := NewNodeOperator()
+	var op = NewNodeOperator()
 	op.Id = nodeId
 	op.DnsRoutes = routesJSON
 	err = this.Save(tx, op)
@@ -1589,7 +1601,7 @@ func (this *NodeDAO) UpdateNodeUpCount(tx *dbs.Tx, nodeId int64, isUp bool, maxU
 	countUp := int(one.(*Node).CountUp)
 	countDown := int(one.(*Node).CountDown)
 
-	op := NewNodeOperator()
+	var op = NewNodeOperator()
 	op.Id = nodeId
 
 	if isUp {
@@ -1633,7 +1645,7 @@ func (this *NodeDAO) UpdateNodeUp(tx *dbs.Tx, nodeId int64, isUp bool) error {
 		return errors.New("invalid nodeId")
 	}
 
-	op := NewNodeOperator()
+	var op = NewNodeOperator()
 	op.Id = nodeId
 	op.IsUp = isUp
 	op.CountUp = 0
@@ -1755,7 +1767,7 @@ func (this *NodeDAO) DeleteNodeFromCluster(tx *dbs.Tx, nodeId int64, clusterId i
 	if err != nil {
 		return err
 	}
-	op := NewNodeOperator()
+	var op = NewNodeOperator()
 	op.Id = nodeId
 	op.ClusterId = newClusterId
 	op.SecondaryClusterIds = secondaryClusterIdsJSON

internal/db/models/node_grant_dao.go

@@ -75,7 +75,7 @@ func (this *NodeGrantDAO) FindNodeGrantName(tx *dbs.Tx, id uint32) (string, erro
 
 // CreateGrant 创建认证信息
 func (this *NodeGrantDAO) CreateGrant(tx *dbs.Tx, adminId int64, name string, method string, username string, password string, privateKey string, passphrase string, description string, nodeId int64, su bool) (grantId int64, err error) {
-	op := NewNodeGrantOperator()
+	var op = NewNodeGrantOperator()
 	op.AdminId = adminId
 	op.Name = name
 	op.Method = method
@@ -103,7 +103,7 @@ func (this *NodeGrantDAO) UpdateGrant(tx *dbs.Tx, grantId int64, name string, me
 		return errors.New("invalid grantId")
 	}
 
-	op := NewNodeGrantOperator()
+	var op = NewNodeGrantOperator()
 	op.Id = grantId
 	op.Name = name
 	op.Method = method

internal/db/models/node_group_dao.go

@@ -73,7 +73,7 @@ func (this *NodeGroupDAO) FindNodeGroupName(tx *dbs.Tx, id int64) (string, error
 
 // 创建分组
 func (this *NodeGroupDAO) CreateNodeGroup(tx *dbs.Tx, clusterId int64, name string) (int64, error) {
-	op := NewNodeGroupOperator()
+	var op = NewNodeGroupOperator()
 	op.ClusterId = clusterId
 	op.Name = name
 	op.State = NodeGroupStateEnabled
@@ -89,7 +89,7 @@ func (this *NodeGroupDAO) UpdateNodeGroup(tx *dbs.Tx, groupId int64, name string
 	if groupId <= 0 {
 		return errors.New("invalid groupId")
 	}
-	op := NewNodeGroupOperator()
+	var op = NewNodeGroupOperator()
 	op.Id = groupId
 	op.Name = name
 	err := this.Save(tx, op)

internal/db/models/node_ip_address_dao.go

@@ -161,7 +161,7 @@ func (this *NodeIPAddressDAO) UpdateAddress(tx *dbs.Tx, adminId int64, addressId
 		return errors.New("invalid addressId")
 	}
 
-	op := NewNodeIPAddressOperator()
+	var op = NewNodeIPAddressOperator()
 	op.Id = addressId
 	op.Name = name
 	op.Ip = ip
@@ -189,7 +189,7 @@ func (this *NodeIPAddressDAO) UpdateAddressIP(tx *dbs.Tx, addressId int64, ip st
 	if addressId <= 0 {
 		return errors.New("invalid addressId")
 	}
-	op := NewNodeIPAddressOperator()
+	var op = NewNodeIPAddressOperator()
 	op.Id = addressId
 	op.Ip = ip
 	err := this.Save(tx, op)

internal/db/models/node_log_dao.go

@@ -360,3 +360,12 @@ func (this *NodeLogDAO) UpdateAllNodeLogsRead(tx *dbs.Tx) error {
 		Set("isRead", true).
 		UpdateQuickly()
 }
+
+// DeleteNodeLogs 删除某个节点上的日志
+func (this *NodeLogDAO) DeleteNodeLogs(tx *dbs.Tx, role nodeconfigs.NodeRole, nodeId int64) error {
+	_, err := this.Query(tx).
+		Attr("nodeId", nodeId).
+		Attr("role", role).
+		Delete()
+	return err
+}

internal/db/models/node_price_item_dao.go

@@ -75,7 +75,7 @@ func (this *NodePriceItemDAO) FindNodePriceItemName(tx *dbs.Tx, id int64) (strin
 
 // CreateItem 创建价格
 func (this *NodePriceItemDAO) CreateItem(tx *dbs.Tx, name string, itemType string, bitsFrom, bitsTo int64) (int64, error) {
-	op := NewNodePriceItemOperator()
+	var op = NewNodePriceItemOperator()
 	op.Name = name
 	op.Type = itemType
 	op.BitsFrom = bitsFrom
@@ -90,7 +90,7 @@ func (this *NodePriceItemDAO) UpdateItem(tx *dbs.Tx, itemId int64, name string,
 	if itemId <= 0 {
 		return errors.New("invalid itemId")
 	}
-	op := NewNodePriceItemOperator()
+	var op = NewNodePriceItemOperator()
 	op.Id = itemId
 	op.Name = name
 	op.BitsFrom = bitsFrom

internal/db/models/node_region_dao.go

@@ -75,7 +75,7 @@ func (this *NodeRegionDAO) FindNodeRegionName(tx *dbs.Tx, id int64) (string, err
 
 // CreateRegion 创建区域
 func (this *NodeRegionDAO) CreateRegion(tx *dbs.Tx, adminId int64, name string, description string) (int64, error) {
-	op := NewNodeRegionOperator()
+	var op = NewNodeRegionOperator()
 	op.AdminId = adminId
 	op.Name = name
 	op.Description = description
@@ -89,7 +89,7 @@ func (this *NodeRegionDAO) UpdateRegion(tx *dbs.Tx, regionId int64, name string,
 	if regionId <= 0 {
 		return errors.New("invalid regionId")
 	}
-	op := NewNodeRegionOperator()
+	var op = NewNodeRegionOperator()
 	op.Id = regionId
 	op.Name = name
 	op.Description = description

internal/db/models/node_threshold_dao.go

@@ -72,7 +72,7 @@ func (this *NodeThresholdDAO) FindEnabledNodeThreshold(tx *dbs.Tx, id int64) (*N
 
 // CreateThreshold 创建阈值
 func (this *NodeThresholdDAO) CreateThreshold(tx *dbs.Tx, role string, clusterId int64, nodeId int64, item nodeconfigs.NodeValueItem, param string, operator nodeconfigs.NodeValueOperator, valueJSON []byte, message string, sumMethod nodeconfigs.NodeValueSumMethod, duration int32, durationUnit nodeconfigs.NodeValueDurationUnit, notifyDuration int32) (int64, error) {
-	op := NewNodeThresholdOperator()
+	var op = NewNodeThresholdOperator()
 	op.Role = role
 	op.ClusterId = clusterId
 	op.NodeId = nodeId
@@ -95,7 +95,7 @@ func (this *NodeThresholdDAO) UpdateThreshold(tx *dbs.Tx, thresholdId int64, ite
 	if thresholdId <= 0 {
 		return errors.New("invalid thresholdId")
 	}
-	op := NewNodeThresholdOperator()
+	var op = NewNodeThresholdOperator()
 	op.Id = thresholdId
 	op.Item = item
 	op.Param = param

internal/db/models/ns_cluster_dao.go

@@ -75,7 +75,7 @@ func (this *NSClusterDAO) FindEnabledNSClusterName(tx *dbs.Tx, id int64) (string
 
 // CreateCluster 创建集群
 func (this *NSClusterDAO) CreateCluster(tx *dbs.Tx, name string, accessLogRefJSON []byte) (int64, error) {
-	op := NewNSClusterOperator()
+	var op = NewNSClusterOperator()
 	op.Name = name
 
 	if len(accessLogRefJSON) > 0 {
@@ -92,7 +92,7 @@ func (this *NSClusterDAO) UpdateCluster(tx *dbs.Tx, clusterId int64, name string
 	if clusterId <= 0 {
 		return errors.New("invalid clusterId")
 	}
-	op := NewNSClusterOperator()
+	var op = NewNSClusterOperator()
 	op.Id = clusterId
 	op.Name = name
 	op.IsOn = isOn

internal/db/models/ns_node_dao.go

@@ -52,16 +52,23 @@ func (this *NSNodeDAO) EnableNSNode(tx *dbs.Tx, id int64) error {
 }
 
 // DisableNSNode 禁用条目
-func (this *NSNodeDAO) DisableNSNode(tx *dbs.Tx, id int64) error {
+func (this *NSNodeDAO) DisableNSNode(tx *dbs.Tx, nodeId int64) error {
 	_, err := this.Query(tx).
-		Pk(id).
+		Pk(nodeId).
 		Set("state", NSNodeStateDisabled).
 		Update()
 
 	if err != nil {
 		return err
 	}
-	return this.NotifyUpdate(tx, id)
+
+	err = this.NotifyUpdate(tx, nodeId)
+	if err != nil {
+		return err
+	}
+
+	// 删除运行日志
+	return SharedNodeLogDAO.DeleteNodeLogs(tx, nodeconfigs.NodeRoleDNS, nodeId)
 }
 
 // FindEnabledNSNode 查找启用中的条目
@@ -219,7 +226,7 @@ func (this *NSNodeDAO) CreateNode(tx *dbs.Tx, adminId int64, name string, cluste
 		return
 	}
 
-	op := NewNSNodeOperator()
+	var op = NewNSNodeOperator()
 	op.AdminId = adminId
 	op.Name = name
 	op.UniqueId = uniqueId
@@ -253,7 +260,7 @@ func (this *NSNodeDAO) UpdateNode(tx *dbs.Tx, nodeId int64, name string, cluster
 	if nodeId <= 0 {
 		return errors.New("invalid nodeId")
 	}
-	op := NewNSNodeOperator()
+	var op = NewNSNodeOperator()
 	op.Id = nodeId
 	op.Name = name
 	op.ClusterId = clusterId
@@ -480,7 +487,7 @@ func (this *NSNodeDAO) UpdateNodeConnectedAPINodes(tx *dbs.Tx, nodeId int64, api
 		return errors.New("invalid nodeId")
 	}
 
-	op := NewNSNodeOperator()
+	var op = NewNSNodeOperator()
 	op.Id = nodeId
 
 	if len(apiNodeIds) > 0 {

internal/db/models/origin_dao.go

@@ -101,7 +101,8 @@ func (this *OriginDAO) CreateOrigin(tx *dbs.Tx,
 	maxIdleConns int32,
 	certRef *sslconfigs.SSLCertRef,
 	domains []string,
-	host string) (originId int64, err error) {
+	host string,
+	followPort bool) (originId int64, err error) {
 	var op = NewOriginOperator()
 	op.AdminId = adminId
 	op.UserId = userId
@@ -167,6 +168,7 @@ func (this *OriginDAO) CreateOrigin(tx *dbs.Tx,
 	}
 
 	op.Host = host
+	op.FollowPort = followPort
 
 	op.State = OriginStateEnabled
 	err = this.Save(tx, op)
@@ -191,7 +193,8 @@ func (this *OriginDAO) UpdateOrigin(tx *dbs.Tx,
 	maxIdleConns int32,
 	certRef *sslconfigs.SSLCertRef,
 	domains []string,
-	host string) error {
+	host string,
+	followPort bool) error {
 	if originId <= 0 {
 		return errors.New("invalid originId")
 	}
@@ -262,6 +265,7 @@ func (this *OriginDAO) UpdateOrigin(tx *dbs.Tx,
 	}
 
 	op.Host = host
+	op.FollowPort = followPort
 
 	err := this.Save(tx, op)
 	if err != nil {
@@ -304,10 +308,11 @@ func (this *OriginDAO) ComposeOriginConfig(tx *dbs.Tx, originId int64, cacheMap
 		RequestURI:   origin.HttpRequestURI,
 		RequestHost:  origin.Host,
 		Domains:      origin.DecodeDomains(),
+		FollowPort:   origin.FollowPort,
 	}
 
 	if IsNotNull(origin.Addr) {
-		addr := &serverconfigs.NetworkAddressConfig{}
+		var addr = &serverconfigs.NetworkAddressConfig{}
 		err = json.Unmarshal(origin.Addr, addr)
 		if err != nil {
 			return nil, err
@@ -316,7 +321,7 @@ func (this *OriginDAO) ComposeOriginConfig(tx *dbs.Tx, originId int64, cacheMap
 	}
 
 	if IsNotNull(origin.ConnTimeout) {
-		connTimeout := &shared.TimeDuration{}
+		var connTimeout = &shared.TimeDuration{}
 		err = json.Unmarshal(origin.ConnTimeout, &connTimeout)
 		if err != nil {
 			return nil, err
@@ -325,7 +330,7 @@ func (this *OriginDAO) ComposeOriginConfig(tx *dbs.Tx, originId int64, cacheMap
 	}
 
 	if IsNotNull(origin.ReadTimeout) {
-		readTimeout := &shared.TimeDuration{}
+		var readTimeout = &shared.TimeDuration{}
 		err = json.Unmarshal(origin.ReadTimeout, &readTimeout)
 		if err != nil {
 			return nil, err
@@ -334,7 +339,7 @@ func (this *OriginDAO) ComposeOriginConfig(tx *dbs.Tx, originId int64, cacheMap
 	}
 
 	if IsNotNull(origin.IdleTimeout) {
-		idleTimeout := &shared.TimeDuration{}
+		var idleTimeout = &shared.TimeDuration{}
 		err = json.Unmarshal(origin.IdleTimeout, &idleTimeout)
 		if err != nil {
 			return nil, err
@@ -363,7 +368,7 @@ func (this *OriginDAO) ComposeOriginConfig(tx *dbs.Tx, originId int64, cacheMap
 	}
 
 	if IsNotNull(origin.HttpResponseHeader) {
-		ref := &shared.HTTPHeaderPolicyRef{}
+		var ref = &shared.HTTPHeaderPolicyRef{}
 		err = json.Unmarshal(origin.HttpResponseHeader, ref)
 		if err != nil {
 			return nil, err
@@ -382,7 +387,7 @@ func (this *OriginDAO) ComposeOriginConfig(tx *dbs.Tx, originId int64, cacheMap
 	}
 
 	if IsNotNull(origin.HealthCheck) {
-		healthCheck := &serverconfigs.HealthCheckConfig{}
+		var healthCheck = &serverconfigs.HealthCheckConfig{}
 		err = json.Unmarshal(origin.HealthCheck, healthCheck)
 		if err != nil {
 			return nil, err
@@ -391,7 +396,7 @@ func (this *OriginDAO) ComposeOriginConfig(tx *dbs.Tx, originId int64, cacheMap
 	}
 
 	if IsNotNull(origin.Cert) {
-		ref := &sslconfigs.SSLCertRef{}
+		var ref = &sslconfigs.SSLCertRef{}
 		err = json.Unmarshal(origin.Cert, ref)
 		if err != nil {
 			return nil, err
@@ -417,6 +422,19 @@ func (this *OriginDAO) ComposeOriginConfig(tx *dbs.Tx, originId int64, cacheMap
 	return config, nil
 }
 
+// CheckUserOrigin 检查源站权限
+func (this *OriginDAO) CheckUserOrigin(tx *dbs.Tx, userId int64, originId int64) error {
+	reverseProxyId, err := SharedReverseProxyDAO.FindReverseProxyContainsOriginId(tx, originId)
+	if err != nil {
+		return err
+	}
+	if reverseProxyId == 0 {
+		// 这里我们不允许源站没有被使用
+		return ErrNotFound
+	}
+	return SharedReverseProxyDAO.CheckUserReverseProxy(tx, userId, reverseProxyId)
+}
+
 // NotifyUpdate 通知更新
 func (this *OriginDAO) NotifyUpdate(tx *dbs.Tx, originId int64) error {
 	reverseProxyId, err := SharedReverseProxyDAO.FindReverseProxyContainsOriginId(tx, originId)

internal/db/models/origin_model.go

@@ -29,6 +29,7 @@ type Origin struct {
 	Ftp                dbs.JSON `field:"ftp"`                // FTP相关设置
 	CreatedAt          uint64   `field:"createdAt"`          // 创建时间
 	Domains            dbs.JSON `field:"domains"`            // 所属域名
+	FollowPort         bool     `field:"followPort"`         // 端口跟随
 	State              uint8    `field:"state"`              // 状态
 }
 
@@ -58,6 +59,7 @@ type OriginOperator struct {
 	Ftp                interface{} // FTP相关设置
 	CreatedAt          interface{} // 创建时间
 	Domains            interface{} // 所属域名
+	FollowPort         interface{} // 端口跟随
 	State              interface{} // 状态
 }
 

internal/db/models/plan_dao.go

@@ -217,7 +217,7 @@ func (this *PlanDAO) ListEnabledPlans(tx *dbs.Tx, offset int64, size int64) (res
 		Limit(size).
 		Slice(&result).
 		Desc("order").
-		DescPk().
+		AscPk().
 		FindAll()
 	return
 }

internal/db/models/regions/region_city_dao.go

@@ -86,7 +86,7 @@ func (this *RegionCityDAO) FindCityWithDataId(tx *dbs.Tx, dataId string) (int64,
 
 // CreateCity 创建城市
 func (this *RegionCityDAO) CreateCity(tx *dbs.Tx, provinceId int64, name string, dataId string) (int64, error) {
-	op := NewRegionCityOperator()
+	var op = NewRegionCityOperator()
 	op.ProvinceId = provinceId
 	op.Name = name
 	op.DataId = dataId

internal/db/models/regions/region_country_dao.go

@@ -133,7 +133,7 @@ func (this *RegionCountryDAO) FindCountryIdWithNameCacheable(tx *dbs.Tx, country
 
 // CreateCountry 根据数据ID创建国家
 func (this *RegionCountryDAO) CreateCountry(tx *dbs.Tx, name string, dataId string) (int64, error) {
-	op := NewRegionCountryOperator()
+	var op = NewRegionCountryOperator()
 	op.Name = name
 
 	pinyinPieces := pinyin.Pinyin(name, pinyin.NewArgs())

internal/db/models/regions/region_provider_dao.go

@@ -102,7 +102,7 @@ func (this *RegionProviderDAO) FindProviderIdWithNameCacheable(tx *dbs.Tx, provi
 
 // CreateProvider 创建Provider
 func (this *RegionProviderDAO) CreateProvider(tx *dbs.Tx, name string) (int64, error) {
-	op := NewRegionProviderOperator()
+	var op = NewRegionProviderOperator()
 	op.Name = name
 
 	codesJSON, err := json.Marshal([]string{name})

internal/db/models/regions/region_province_dao.go

@@ -119,7 +119,7 @@ func (this *RegionProvinceDAO) FindProvinceIdWithNameCacheable(tx *dbs.Tx, count
 
 // 创建省份
 func (this *RegionProvinceDAO) CreateProvince(tx *dbs.Tx, countryId int64, name string, dataId string) (int64, error) {
-	op := NewRegionProvinceOperator()
+	var op = NewRegionProvinceOperator()
 	op.CountryId = countryId
 	op.Name = name
 	op.DataId = dataId

internal/db/models/report_node_dao.go

@@ -50,12 +50,17 @@ func (this *ReportNodeDAO) EnableReportNode(tx *dbs.Tx, id int64) error {
 }
 
 // DisableReportNode 禁用条目
-func (this *ReportNodeDAO) DisableReportNode(tx *dbs.Tx, id int64) error {
+func (this *ReportNodeDAO) DisableReportNode(tx *dbs.Tx, nodeId int64) error {
 	_, err := this.Query(tx).
-		Pk(id).
+		Pk(nodeId).
 		Set("state", ReportNodeStateDisabled).
 		Update()
-	return err
+	if err != nil {
+		return err
+	}
+
+	// 删除运行日志
+	return SharedNodeLogDAO.DeleteNodeLogs(tx, nodeconfigs.NodeRoleReport, nodeId)
 }
 
 // FindEnabledReportNode 查找启用中的条目
@@ -93,7 +98,7 @@ func (this *ReportNodeDAO) CreateReportNode(tx *dbs.Tx, name string, location st
 		return 0, err
 	}
 
-	op := NewReportNodeOperator()
+	var op = NewReportNodeOperator()
 	op.UniqueId = uniqueId
 	op.Secret = secret
 	op.Name = name
@@ -131,7 +136,7 @@ func (this *ReportNodeDAO) UpdateReportNode(tx *dbs.Tx, nodeId int64, name strin
 		return errors.New("invalid nodeId")
 	}
 
-	op := NewReportNodeOperator()
+	var op = NewReportNodeOperator()
 	op.Id = nodeId
 	op.Name = name
 	op.Location = location

internal/db/models/reverse_proxy_dao.go

@@ -99,17 +99,18 @@ func (this *ReverseProxyDAO) ComposeReverseProxyConfig(tx *dbs.Tx, reverseProxyI
 		return nil, nil
 	}
 
-	config := &serverconfigs.ReverseProxyConfig{}
+	var config = &serverconfigs.ReverseProxyConfig{}
 	config.Id = int64(reverseProxy.Id)
 	config.IsOn = reverseProxy.IsOn
 	config.RequestHostType = types.Int8(reverseProxy.RequestHostType)
 	config.RequestHost = reverseProxy.RequestHost
+	config.RequestHostExcludingPort = reverseProxy.RequestHostExcludingPort
 	config.RequestURI = reverseProxy.RequestURI
 	config.StripPrefix = reverseProxy.StripPrefix
 	config.AutoFlush = reverseProxy.AutoFlush == 1
 	config.FollowRedirects = reverseProxy.FollowRedirects == 1
 
-	schedulingConfig := &serverconfigs.SchedulingConfig{}
+	var schedulingConfig = &serverconfigs.SchedulingConfig{}
 	if IsNotNull(reverseProxy.Scheduling) {
 		err = json.Unmarshal(reverseProxy.Scheduling, schedulingConfig)
 		if err != nil {
@@ -118,7 +119,7 @@ func (this *ReverseProxyDAO) ComposeReverseProxyConfig(tx *dbs.Tx, reverseProxyI
 		config.Scheduling = schedulingConfig
 	}
 	if IsNotNull(reverseProxy.PrimaryOrigins) {
-		originRefs := []*serverconfigs.OriginRef{}
+		var originRefs = []*serverconfigs.OriginRef{}
 		err = json.Unmarshal(reverseProxy.PrimaryOrigins, &originRefs)
 		if err != nil {
 			return nil, err
@@ -135,13 +136,13 @@ func (this *ReverseProxyDAO) ComposeReverseProxyConfig(tx *dbs.Tx, reverseProxyI
 	}
 
 	if IsNotNull(reverseProxy.BackupOrigins) {
-		originRefs := []*serverconfigs.OriginRef{}
+		var originRefs = []*serverconfigs.OriginRef{}
 		err = json.Unmarshal(reverseProxy.BackupOrigins, &originRefs)
 		if err != nil {
 			return nil, err
 		}
-		for _, originConfig := range originRefs {
-			originConfig, err := SharedOriginDAO.ComposeOriginConfig(tx, originConfig.OriginId, cacheMap)
+		for _, ref := range originRefs {
+			originConfig, err := SharedOriginDAO.ComposeOriginConfig(tx, ref.OriginId, cacheMap)
 			if err != nil {
 				return nil, err
 			}
@@ -153,7 +154,7 @@ func (this *ReverseProxyDAO) ComposeReverseProxyConfig(tx *dbs.Tx, reverseProxyI
 
 	// add headers
 	if IsNotNull(reverseProxy.AddHeaders) {
-		addHeaders := []string{}
+		var addHeaders = []string{}
 		err = json.Unmarshal(reverseProxy.AddHeaders, &addHeaders)
 		if err != nil {
 			return nil, err
@@ -166,7 +167,7 @@ func (this *ReverseProxyDAO) ComposeReverseProxyConfig(tx *dbs.Tx, reverseProxyI
 	config.MaxIdleConns = int(reverseProxy.MaxIdleConns)
 
 	if IsNotNull(reverseProxy.ConnTimeout) {
-		connTimeout := &shared.TimeDuration{}
+		var connTimeout = &shared.TimeDuration{}
 		err = json.Unmarshal(reverseProxy.ConnTimeout, &connTimeout)
 		if err != nil {
 			return nil, err
@@ -175,7 +176,7 @@ func (this *ReverseProxyDAO) ComposeReverseProxyConfig(tx *dbs.Tx, reverseProxyI
 	}
 
 	if IsNotNull(reverseProxy.ReadTimeout) {
-		readTimeout := &shared.TimeDuration{}
+		var readTimeout = &shared.TimeDuration{}
 		err = json.Unmarshal(reverseProxy.ReadTimeout, &readTimeout)
 		if err != nil {
 			return nil, err
@@ -184,7 +185,7 @@ func (this *ReverseProxyDAO) ComposeReverseProxyConfig(tx *dbs.Tx, reverseProxyI
 	}
 
 	if IsNotNull(reverseProxy.IdleTimeout) {
-		idleTimeout := &shared.TimeDuration{}
+		var idleTimeout = &shared.TimeDuration{}
 		err = json.Unmarshal(reverseProxy.IdleTimeout, &idleTimeout)
 		if err != nil {
 			return nil, err
@@ -211,7 +212,7 @@ func (this *ReverseProxyDAO) ComposeReverseProxyConfig(tx *dbs.Tx, reverseProxyI
 
 // CreateReverseProxy 创建反向代理
 func (this *ReverseProxyDAO) CreateReverseProxy(tx *dbs.Tx, adminId int64, userId int64, schedulingJSON []byte, primaryOriginsJSON []byte, backupOriginsJSON []byte) (int64, error) {
-	op := NewReverseProxyOperator()
+	var op = NewReverseProxyOperator()
 	op.IsOn = true
 	op.State = ReverseProxyStateEnabled
 	op.AdminId = adminId
@@ -247,7 +248,7 @@ func (this *ReverseProxyDAO) UpdateReverseProxyScheduling(tx *dbs.Tx, reversePro
 	if reverseProxyId <= 0 {
 		return errors.New("invalid reverseProxyId")
 	}
-	op := NewReverseProxyOperator()
+	var op = NewReverseProxyOperator()
 	op.Id = reverseProxyId
 	if len(schedulingJSON) > 0 {
 		op.Scheduling = string(schedulingJSON)
@@ -266,7 +267,7 @@ func (this *ReverseProxyDAO) UpdateReverseProxyPrimaryOrigins(tx *dbs.Tx, revers
 	if reverseProxyId <= 0 {
 		return errors.New("invalid reverseProxyId")
 	}
-	op := NewReverseProxyOperator()
+	var op = NewReverseProxyOperator()
 	op.Id = reverseProxyId
 	if len(origins) > 0 {
 		op.PrimaryOrigins = origins
@@ -285,7 +286,7 @@ func (this *ReverseProxyDAO) UpdateReverseProxyBackupOrigins(tx *dbs.Tx, reverse
 	if reverseProxyId <= 0 {
 		return errors.New("invalid reverseProxyId")
 	}
-	op := NewReverseProxyOperator()
+	var op = NewReverseProxyOperator()
 	op.Id = reverseProxyId
 	if len(origins) > 0 {
 		op.BackupOrigins = origins
@@ -304,6 +305,7 @@ func (this *ReverseProxyDAO) UpdateReverseProxy(tx *dbs.Tx,
 	reverseProxyId int64,
 	requestHostType int8,
 	requestHost string,
+	requestHostExcludingPort bool,
 	requestURI string,
 	stripPrefix string,
 	autoFlush bool,
@@ -328,6 +330,7 @@ func (this *ReverseProxyDAO) UpdateReverseProxy(tx *dbs.Tx,
 	op.RequestHostType = requestHostType
 
 	op.RequestHost = requestHost
+	op.RequestHostExcludingPort = requestHostExcludingPort
 	op.RequestURI = requestURI
 	op.StripPrefix = stripPrefix
 	op.AutoFlush = autoFlush

internal/db/models/reverse_proxy_model.go

@@ -4,55 +4,57 @@ import "github.com/iwind/TeaGo/dbs"
 
 // ReverseProxy 反向代理配置
 type ReverseProxy struct {
-	Id              uint32   `field:"id"`              // ID
-	AdminId         uint32   `field:"adminId"`         // 管理员ID
-	UserId          uint32   `field:"userId"`          // 用户ID
-	TemplateId      uint32   `field:"templateId"`      // 模版ID
-	IsOn            bool     `field:"isOn"`            // 是否启用
-	Scheduling      dbs.JSON `field:"scheduling"`      // 调度算法
-	PrimaryOrigins  dbs.JSON `field:"primaryOrigins"`  // 主要源站
-	BackupOrigins   dbs.JSON `field:"backupOrigins"`   // 备用源站
-	StripPrefix     string   `field:"stripPrefix"`     // 去除URL前缀
-	RequestHostType uint8    `field:"requestHostType"` // 请求Host类型
-	RequestHost     string   `field:"requestHost"`     // 请求Host
-	RequestURI      string   `field:"requestURI"`      // 请求URI
-	AutoFlush       uint8    `field:"autoFlush"`       // 是否自动刷新缓冲区
-	AddHeaders      dbs.JSON `field:"addHeaders"`      // 自动添加的Header列表
-	State           uint8    `field:"state"`           // 状态
-	CreatedAt       uint64   `field:"createdAt"`       // 创建时间
-	ConnTimeout     dbs.JSON `field:"connTimeout"`     // 连接超时时间
-	ReadTimeout     dbs.JSON `field:"readTimeout"`     // 读取超时时间
-	IdleTimeout     dbs.JSON `field:"idleTimeout"`     // 空闲超时时间
-	MaxConns        uint32   `field:"maxConns"`        // 最大并发连接数
-	MaxIdleConns    uint32   `field:"maxIdleConns"`    // 最大空闲连接数
-	ProxyProtocol   dbs.JSON `field:"proxyProtocol"`   // Proxy Protocol配置
-	FollowRedirects uint8    `field:"followRedirects"` // 回源跟随
+	Id                       uint32   `field:"id"`                       // ID
+	AdminId                  uint32   `field:"adminId"`                  // 管理员ID
+	UserId                   uint32   `field:"userId"`                   // 用户ID
+	TemplateId               uint32   `field:"templateId"`               // 模版ID
+	IsOn                     bool     `field:"isOn"`                     // 是否启用
+	Scheduling               dbs.JSON `field:"scheduling"`               // 调度算法
+	PrimaryOrigins           dbs.JSON `field:"primaryOrigins"`           // 主要源站
+	BackupOrigins            dbs.JSON `field:"backupOrigins"`            // 备用源站
+	StripPrefix              string   `field:"stripPrefix"`              // 去除URL前缀
+	RequestHostType          uint8    `field:"requestHostType"`          // 请求Host类型
+	RequestHost              string   `field:"requestHost"`              // 请求Host
+	RequestHostExcludingPort bool     `field:"requestHostExcludingPort"` // 移除请求Host中的域名
+	RequestURI               string   `field:"requestURI"`               // 请求URI
+	AutoFlush                uint8    `field:"autoFlush"`                // 是否自动刷新缓冲区
+	AddHeaders               dbs.JSON `field:"addHeaders"`               // 自动添加的Header列表
+	State                    uint8    `field:"state"`                    // 状态
+	CreatedAt                uint64   `field:"createdAt"`                // 创建时间
+	ConnTimeout              dbs.JSON `field:"connTimeout"`              // 连接超时时间
+	ReadTimeout              dbs.JSON `field:"readTimeout"`              // 读取超时时间
+	IdleTimeout              dbs.JSON `field:"idleTimeout"`              // 空闲超时时间
+	MaxConns                 uint32   `field:"maxConns"`                 // 最大并发连接数
+	MaxIdleConns             uint32   `field:"maxIdleConns"`             // 最大空闲连接数
+	ProxyProtocol            dbs.JSON `field:"proxyProtocol"`            // Proxy Protocol配置
+	FollowRedirects          uint8    `field:"followRedirects"`          // 回源跟随
 }
 
 type ReverseProxyOperator struct {
-	Id              interface{} // ID
-	AdminId         interface{} // 管理员ID
-	UserId          interface{} // 用户ID
-	TemplateId      interface{} // 模版ID
-	IsOn            interface{} // 是否启用
-	Scheduling      interface{} // 调度算法
-	PrimaryOrigins  interface{} // 主要源站
-	BackupOrigins   interface{} // 备用源站
-	StripPrefix     interface{} // 去除URL前缀
-	RequestHostType interface{} // 请求Host类型
-	RequestHost     interface{} // 请求Host
-	RequestURI      interface{} // 请求URI
-	AutoFlush       interface{} // 是否自动刷新缓冲区
-	AddHeaders      interface{} // 自动添加的Header列表
-	State           interface{} // 状态
-	CreatedAt       interface{} // 创建时间
-	ConnTimeout     interface{} // 连接超时时间
-	ReadTimeout     interface{} // 读取超时时间
-	IdleTimeout     interface{} // 空闲超时时间
-	MaxConns        interface{} // 最大并发连接数
-	MaxIdleConns    interface{} // 最大空闲连接数
-	ProxyProtocol   interface{} // Proxy Protocol配置
-	FollowRedirects interface{} // 回源跟随
+	Id                       interface{} // ID
+	AdminId                  interface{} // 管理员ID
+	UserId                   interface{} // 用户ID
+	TemplateId               interface{} // 模版ID
+	IsOn                     interface{} // 是否启用
+	Scheduling               interface{} // 调度算法
+	PrimaryOrigins           interface{} // 主要源站
+	BackupOrigins            interface{} // 备用源站
+	StripPrefix              interface{} // 去除URL前缀
+	RequestHostType          interface{} // 请求Host类型
+	RequestHost              interface{} // 请求Host
+	RequestHostExcludingPort interface{} // 移除请求Host中的域名
+	RequestURI               interface{} // 请求URI
+	AutoFlush                interface{} // 是否自动刷新缓冲区
+	AddHeaders               interface{} // 自动添加的Header列表
+	State                    interface{} // 状态
+	CreatedAt                interface{} // 创建时间
+	ConnTimeout              interface{} // 连接超时时间
+	ReadTimeout              interface{} // 读取超时时间
+	IdleTimeout              interface{} // 空闲超时时间
+	MaxConns                 interface{} // 最大并发连接数
+	MaxIdleConns             interface{} // 最大空闲连接数
+	ProxyProtocol            interface{} // Proxy Protocol配置
+	FollowRedirects          interface{} // 回源跟随
 }
 
 func NewReverseProxyOperator() *ReverseProxyOperator {

internal/db/models/server_bandwidth_stat_dao.go

@@ -0,0 +1,215 @@
+package models
+
+import (
+	"github.com/TeaOSLab/EdgeAPI/internal/errors"
+	"github.com/TeaOSLab/EdgeAPI/internal/goman"
+	"github.com/TeaOSLab/EdgeAPI/internal/remotelogs"
+	_ "github.com/go-sql-driver/mysql"
+	"github.com/iwind/TeaGo/Tea"
+	"github.com/iwind/TeaGo/dbs"
+	"github.com/iwind/TeaGo/maps"
+	"github.com/iwind/TeaGo/rands"
+	"github.com/iwind/TeaGo/types"
+	timeutil "github.com/iwind/TeaGo/utils/time"
+	"math"
+	"sync"
+	"time"
+)
+
+type ServerBandwidthStatDAO dbs.DAO
+
+const (
+	ServerBandwidthStatTablePartials = 20 // 分表数量
+)
+
+func init() {
+	dbs.OnReadyDone(func() {
+		// 清理数据任务
+		var ticker = time.NewTicker(time.Duration(rands.Int(24, 48)) * time.Hour)
+		goman.New(func() {
+			for range ticker.C {
+				err := SharedServerBandwidthStatDAO.Clean(nil)
+				if err != nil {
+					remotelogs.Error("SharedServerBandwidthStatDAO", "clean expired data failed: "+err.Error())
+				}
+			}
+		})
+	})
+}
+
+func NewServerBandwidthStatDAO() *ServerBandwidthStatDAO {
+	return dbs.NewDAO(&ServerBandwidthStatDAO{
+		DAOObject: dbs.DAOObject{
+			DB:     Tea.Env,
+			Table:  "edgeServerBandwidthStats",
+			Model:  new(ServerBandwidthStat),
+			PkName: "id",
+		},
+	}).(*ServerBandwidthStatDAO)
+}
+
+var SharedServerBandwidthStatDAO *ServerBandwidthStatDAO
+
+func init() {
+	dbs.OnReady(func() {
+		SharedServerBandwidthStatDAO = NewServerBandwidthStatDAO()
+	})
+}
+
+// UpdateServerBandwidth 写入数据
+func (this *ServerBandwidthStatDAO) UpdateServerBandwidth(tx *dbs.Tx, userId int64, serverId int64, day string, timeAt string, bytes int64) error {
+	if serverId <= 0 {
+		return errors.New("invalid server id '" + types.String(serverId) + "'")
+	}
+
+	return this.Query(tx).
+		Table(this.partialTable(serverId)).
+		Param("bytes", bytes).
+		InsertOrUpdateQuickly(maps.Map{
+			"userId":   userId,
+			"serverId": serverId,
+			"day":      day,
+			"timeAt":   timeAt,
+			"bytes":    bytes,
+		}, maps.Map{
+			"bytes": dbs.SQL("bytes+:bytes"),
+		})
+}
+
+// FindMinutelyPeekBandwidthBytes 获取某分钟的带宽峰值
+// day YYYYMMDD
+// minute HHII
+func (this *ServerBandwidthStatDAO) FindMinutelyPeekBandwidthBytes(tx *dbs.Tx, serverId int64, day string, minute string) (int64, error) {
+	return this.Query(tx).
+		Table(this.partialTable(serverId)).
+		Result("bytes").
+		Attr("serverId", serverId).
+		Attr("day", day).
+		Attr("timeAt", minute).
+		FindInt64Col(0)
+}
+
+// FindDailyPeekBandwidthBytes 获取某天的带宽峰值
+// day YYYYMMDD
+func (this *ServerBandwidthStatDAO) FindDailyPeekBandwidthBytes(tx *dbs.Tx, serverId int64, day string) (int64, error) {
+	return this.Query(tx).
+		Table(this.partialTable(serverId)).
+		Attr("day", day).
+		Result("MAX(bytes)").
+		FindInt64Col(0)
+}
+
+// FindMonthlyPeekBandwidthBytes 获取某月的带宽峰值
+// month YYYYMM
+func (this *ServerBandwidthStatDAO) FindMonthlyPeekBandwidthBytes(tx *dbs.Tx, serverId int64, month string) (int64, error) {
+	return this.Query(tx).
+		Table(this.partialTable(serverId)).
+		Between("day", month+"01", month+"31").
+		Result("MAX(bytes)").
+		FindInt64Col(0)
+}
+
+// FindServerStats 查找某个时间段的带宽统计
+// 参数：
+//   - day YYYYMMDD
+//   - timeAt HHII
+func (this *ServerBandwidthStatDAO) FindServerStats(tx *dbs.Tx, serverId int64, day string, timeFrom string, timeTo string) (result []*ServerBandwidthStat, err error) {
+	_, err = this.Query(tx).
+		Table(this.partialTable(serverId)).
+		Attr("serverId", serverId).
+		Attr("day", day).
+		Between("timeAt", timeFrom, timeTo).
+		Slice(&result).
+		FindAll()
+	return
+}
+
+// FindMonthlyPercentile 获取某月内百分位
+func (this *ServerBandwidthStatDAO) FindMonthlyPercentile(tx *dbs.Tx, serverId int64, month string, percentile int) (result int64, err error) {
+	if percentile <= 0 {
+		percentile = 95
+	}
+
+	// 如果是100%以上，则快速返回
+	if percentile >= 100 {
+		result, err = this.Query(tx).
+			Table(this.partialTable(serverId)).
+			Result("bytes").
+			Attr("serverId", serverId).
+			Between("day", month+"01", month+"31").
+			Desc("bytes").
+			Limit(1).
+			FindInt64Col(0)
+		return
+	}
+
+	// 总数量
+	total, err := this.Query(tx).
+		Table(this.partialTable(serverId)).
+		Attr("serverId", serverId).
+		Between("day", month+"01", month+"31").
+		Count()
+	if err != nil {
+		return 0, err
+	}
+	if total == 0 {
+		return 0, nil
+	}
+
+	var offset int64
+
+	if total > 1 {
+		offset = int64(math.Ceil(float64(total) * float64(100-percentile) / 100))
+	}
+
+	// 查询 nth 位置
+	result, err = this.Query(tx).
+		Table(this.partialTable(serverId)).
+		Result("bytes").
+		Attr("serverId", serverId).
+		Between("day", month+"01", month+"31").
+		Desc("bytes").
+		Offset(offset).
+		Limit(1).
+		FindInt64Col(0)
+
+	return
+}
+
+// Clean 清理过期数据
+func (this *ServerBandwidthStatDAO) Clean(tx *dbs.Tx) error {
+	var day = timeutil.Format("Ymd", time.Now().AddDate(0, 0, -62)) // 保留大约2个月的数据
+	return this.runBatch(func(table string, locker *sync.Mutex) error {
+		_, err := this.Query(tx).
+			Table(table).
+			Lt("day", day).
+			Delete()
+		return err
+	})
+}
+
+// 批量执行
+func (this *ServerBandwidthStatDAO) runBatch(f func(table string, locker *sync.Mutex) error) error {
+	var locker = &sync.Mutex{}
+	var wg = sync.WaitGroup{}
+	wg.Add(ServerBandwidthStatTablePartials)
+	var resultErr error
+	for i := 0; i < ServerBandwidthStatTablePartials; i++ {
+		var table = this.partialTable(int64(i))
+		go func(table string) {
+			defer wg.Done()
+
+			err := f(table, locker)
+			if err != nil {
+				resultErr = err
+			}
+		}(table)
+	}
+	wg.Wait()
+	return resultErr
+}
+
+// 获取分区表
+func (this *ServerBandwidthStatDAO) partialTable(serverId int64) string {
+	return this.Table + "_" + types.String(serverId%int64(ServerBandwidthStatTablePartials))
+}

internal/db/models/server_bandwidth_stat_dao_test.go

@@ -0,0 +1,55 @@
+package models_test
+
+import (
+	"fmt"
+	"github.com/TeaOSLab/EdgeAPI/internal/db/models"
+	_ "github.com/go-sql-driver/mysql"
+	_ "github.com/iwind/TeaGo/bootstrap"
+	"github.com/iwind/TeaGo/dbs"
+	"github.com/iwind/TeaGo/rands"
+	timeutil "github.com/iwind/TeaGo/utils/time"
+	"testing"
+	"time"
+)
+
+func TestServerBandwidthStatDAO_UpdateServerBandwidth(t *testing.T) {
+	var dao = models.NewServerBandwidthStatDAO()
+	var tx *dbs.Tx
+	err := dao.UpdateServerBandwidth(tx, 1, 1, timeutil.Format("Ymd"), timeutil.Format("Hi"), 1024)
+	if err != nil {
+		t.Fatal(err)
+	}
+	t.Log("ok")
+}
+
+func TestSeverBandwidthStatDAO_InsertManyStats(t *testing.T) {
+	var dao = models.NewServerBandwidthStatDAO()
+	var tx *dbs.Tx
+	var count = 1 // 测试时将此值设为一个比较大的数字
+	for i := 0; i < count; i++ {
+		var day = timeutil.Format("Ymd", time.Now().AddDate(0, 0, -rands.Int(0, 200)))
+		var minute = fmt.Sprintf("%02d%02d", rands.Int(0, 23), rands.Int(0, 59))
+		err := dao.UpdateServerBandwidth(tx, 1, 1, day, minute, 1024)
+		if err != nil {
+			t.Fatal(err)
+		}
+	}
+	t.Log("ok")
+}
+
+func TestServerBandwidthStatDAO_FindMonthlyPercentile(t *testing.T) {
+	var dao = models.NewServerBandwidthStatDAO()
+	var tx *dbs.Tx
+	t.Log(dao.FindMonthlyPercentile(tx, 23, timeutil.Format("Ym"), 95))
+}
+
+func TestServerBandwidthStatDAO_Clean(t *testing.T) {
+	var dao = models.NewServerBandwidthStatDAO()
+	var tx *dbs.Tx
+	var before = time.Now()
+	err := dao.Clean(tx)
+	if err != nil {
+		t.Fatal(err)
+	}
+	t.Log("ok", time.Since(before).Seconds()*1000, "ms")
+}

internal/db/models/server_bandwidth_stat_model.go

@@ -0,0 +1,24 @@
+package models
+
+// ServerBandwidthStat 服务峰值带宽统计
+type ServerBandwidthStat struct {
+	Id       uint64 `field:"id"`       // ID
+	UserId   uint64 `field:"userId"`   // 用户ID
+	ServerId uint64 `field:"serverId"` // 服务ID
+	Day      string `field:"day"`      // 日期YYYYMMDD
+	TimeAt   string `field:"timeAt"`   // 时间点HHMM
+	Bytes    uint64 `field:"bytes"`    // 带宽字节
+}
+
+type ServerBandwidthStatOperator struct {
+	Id       interface{} // ID
+	UserId   interface{} // 用户ID
+	ServerId interface{} // 服务ID
+	Day      interface{} // 日期YYYYMMDD
+	TimeAt   interface{} // 时间点HHMM
+	Bytes    interface{} // 带宽字节
+}
+
+func NewServerBandwidthStatOperator() *ServerBandwidthStatOperator {
+	return &ServerBandwidthStatOperator{}
+}

internal/db/models/server_bandwidth_stat_model_ext.go

@@ -0,0 +1 @@
+package models

internal/db/models/server_daily_stat_dao.go

@@ -12,7 +12,6 @@ import (
 	"github.com/iwind/TeaGo/maps"
 	"github.com/iwind/TeaGo/rands"
 	timeutil "github.com/iwind/TeaGo/utils/time"
-	"math"
 	"regexp"
 	"strings"
 	"time"
@@ -405,45 +404,6 @@ func (this *ServerDailyStatDAO) SumMonthlyBytes(tx *dbs.Tx, serverId int64, mont
 		FindInt64Col(0)
 }
 
-// FindMonthlyPercentile 获取某月内百分位
-func (this *ServerDailyStatDAO) FindMonthlyPercentile(tx *dbs.Tx, serverId int64, month string, percentile int) (result int64, err error) {
-	if percentile <= 0 {
-		percentile = 95
-	}
-	if percentile > 100 {
-		percentile = 100
-	}
-
-	total, err := this.Query(tx).
-		Attr("serverId", serverId).
-		Between("day", month+"01", month+"31").
-		Count()
-	if err != nil {
-		return 0, err
-	}
-	if total == 0 {
-		return 0, nil
-	}
-
-	var offset int64
-
-	if total > 1 {
-		offset = int64(math.Ceil(float64(total) * float64(100-percentile) / 100))
-	}
-	result, err = this.Query(tx).
-		Result("bytes").
-		Attr("serverId", serverId).
-		Between("day", month+"01", month+"31").
-		Desc("bytes").
-		Offset(offset).
-		Limit(1).
-		FindInt64Col(0)
-
-	// 因为是5分钟统计，所以需要除以300
-	result = result / 300
-	return
-}
-
 // FindDailyStats 按天统计
 func (this *ServerDailyStatDAO) FindDailyStats(tx *dbs.Tx, serverId int64, dayFrom string, dayTo string) (result []*ServerDailyStat, err error) {
 	ones, err := this.Query(tx).

internal/db/models/server_daily_stat_dao_test.go

@@ -83,13 +83,3 @@ func TestServerDailyStatDAO_FindDistinctPlanServerIdsBetweenDay(t *testing.T) {
 	}
 	t.Log(serverIds)
 }
-
-func TestServerDailyStatDAO_FindMonthlyPercentile(t *testing.T) {
-	var tx *dbs.Tx
-	var dao = NewServerDailyStatDAO()
-	result, err := dao.FindMonthlyPercentile(tx, 23, timeutil.Format("Ym"), 95)
-	if err != nil {
-		t.Fatal(err)
-	}
-	t.Log("result:", result)
-}

internal/db/models/server_dao.go

@@ -338,12 +338,31 @@ func (this *ServerDAO) UpdateServerBasic(tx *dbs.Tx, serverId int64, name string
 	return nil
 }
 
+// UpdateServerGroupIds 修改服务所在分组
+func (this *ServerDAO) UpdateServerGroupIds(tx *dbs.Tx, serverId int64, groupIds []int64) error {
+	if groupIds == nil {
+		groupIds = []int64{}
+	}
+	groupIdsJSON, err := json.Marshal(groupIds)
+	if err != nil {
+		return err
+	}
+	err = this.Query(tx).
+		Pk(serverId).
+		Set("groupIds", groupIdsJSON).
+		UpdateQuickly()
+	if err != nil {
+		return err
+	}
+	return this.NotifyUpdate(tx, serverId)
+}
+
 // UpdateUserServerBasic 设置用户相关的基本信息
 func (this *ServerDAO) UpdateUserServerBasic(tx *dbs.Tx, serverId int64, name string) error {
 	if serverId <= 0 {
 		return errors.New("serverId should not be smaller than 0")
 	}
-	op := NewServerOperator()
+	var op = NewServerOperator()
 	op.Id = serverId
 	op.Name = name
 
@@ -605,7 +624,7 @@ func (this *ServerDAO) UpdateServerNames(tx *dbs.Tx, serverId int64, serverNames
 		return errors.New("serverId should not be smaller than 0")
 	}
 
-	op := NewServerOperator()
+	var op = NewServerOperator()
 	op.Id = serverId
 
 	if IsNull(serverNamesJSON) {
@@ -638,7 +657,7 @@ func (this *ServerDAO) UpdateAuditingServerNames(tx *dbs.Tx, serverId int64, isA
 		return errors.New("serverId should not be smaller than 0")
 	}
 
-	op := NewServerOperator()
+	var op = NewServerOperator()
 	op.Id = serverId
 	op.IsAuditing = isAuditing
 	if isAuditing {
@@ -720,7 +739,7 @@ func (this *ServerDAO) UpdateServerReverseProxy(tx *dbs.Tx, serverId int64, conf
 	if serverId <= 0 {
 		return errors.New("serverId should not be smaller than 0")
 	}
-	op := NewServerOperator()
+	var op = NewServerOperator()
 	op.Id = serverId
 	op.ReverseProxy = JSONBytes(config)
 	err := this.Save(tx, op)
@@ -752,8 +771,9 @@ func (this *ServerDAO) CountAllEnabledServersMatch(tx *dbs.Tx, groupId int64, ke
 	}
 	if len(keyword) > 0 {
 		if regexp.MustCompile(`^\d+$`).MatchString(keyword) {
-			query.Where("(name LIKE :keyword OR serverNames LIKE :keyword OR JSON_CONTAINS(http, :portRange, '$.listen') OR JSON_CONTAINS(https, :portRange, '$.listen') OR JSON_CONTAINS(tcp, :portRange, '$.listen') OR JSON_CONTAINS(tls, :portRange, '$.listen'))").
+			query.Where("(id=:serverId OR name LIKE :keyword OR serverNames LIKE :keyword OR JSON_CONTAINS(http, :portRange, '$.listen') OR JSON_CONTAINS(https, :portRange, '$.listen') OR JSON_CONTAINS(tcp, :portRange, '$.listen') OR JSON_CONTAINS(tls, :portRange, '$.listen'))").
 				Param("portRange", maps.Map{"portRange": keyword}.AsJSON()).
+				Param("serverId", keyword).
 				Param("keyword", dbutils.QuoteLike(keyword))
 		} else {
 			query.Where("(name LIKE :keyword OR serverNames LIKE :keyword)").
@@ -806,8 +826,9 @@ func (this *ServerDAO) ListEnabledServersMatch(tx *dbs.Tx, offset int64, size in
 	}
 	if len(keyword) > 0 {
 		if regexp.MustCompile(`^\d+$`).MatchString(keyword) {
-			query.Where("(name LIKE :keyword OR serverNames LIKE :keyword OR JSON_CONTAINS(http, :portRange, '$.listen') OR JSON_CONTAINS(https, :portRange, '$.listen') OR JSON_CONTAINS(tcp, :portRange, '$.listen') OR JSON_CONTAINS(tls, :portRange, '$.listen'))").
+			query.Where("(id=:serverId OR name LIKE :keyword OR serverNames LIKE :keyword OR JSON_CONTAINS(http, :portRange, '$.listen') OR JSON_CONTAINS(https, :portRange, '$.listen') OR JSON_CONTAINS(tcp, :portRange, '$.listen') OR JSON_CONTAINS(tls, :portRange, '$.listen'))").
 				Param("portRange", string(maps.Map{"portRange": keyword}.AsJSON())).
+				Param("serverId", keyword).
 				Param("keyword", dbutils.QuoteLike(keyword))
 		} else {
 			query.Where("(name LIKE :keyword OR serverNames LIKE :keyword)").
@@ -897,6 +918,7 @@ func (this *ServerDAO) FindAllEnabledServersWithNode(tx *dbs.Tx, nodeId int64) (
 	for _, clusterId := range clusterIds {
 		ones, err := this.Query(tx).
 			Attr("clusterId", clusterId).
+			Where("(userId=0 OR userId IN (SELECT id FROM " + SharedUserDAO.Table + " WHERE isOn AND state=1))").
 			State(ServerStateEnabled).
 			AscPk().
 			FindAll()
@@ -1020,9 +1042,10 @@ func (this *ServerDAO) ComposeServerConfig(tx *dbs.Tx, server *Server, cacheMap
 		return cache.(*serverconfigs.ServerConfig), nil
 	}
 
-	config := &serverconfigs.ServerConfig{}
+	var config = &serverconfigs.ServerConfig{}
 	config.Id = int64(server.Id)
 	config.ClusterId = int64(server.ClusterId)
+	config.UserId = int64(server.UserId)
 	config.Type = server.Type
 	config.IsOn = server.IsOn
 	config.Name = server.Name
@@ -1044,7 +1067,7 @@ func (this *ServerDAO) ComposeServerConfig(tx *dbs.Tx, server *Server, cacheMap
 
 	// ServerNames
 	if IsNotNull(server.ServerNames) {
-		serverNames := []*serverconfigs.ServerNameConfig{}
+		var serverNames = []*serverconfigs.ServerNameConfig{}
 		err := json.Unmarshal(server.ServerNames, &serverNames)
 		if err != nil {
 			return nil, err
@@ -1060,20 +1083,29 @@ func (this *ServerDAO) ComposeServerConfig(tx *dbs.Tx, server *Server, cacheMap
 			return nil, err
 		}
 		if clusterDNS != nil && clusterDNS.DnsDomainId > 0 {
+			clusterDNSConfig, err := clusterDNS.DecodeDNSConfig()
+			if err != nil {
+				return nil, err
+			}
+
 			domain, err := dns.SharedDNSDomainDAO.FindEnabledDNSDomain(tx, int64(clusterDNS.DnsDomainId), cacheMap)
 			if err != nil {
 				return nil, err
 			}
 			if domain != nil {
-				cname := server.DnsName + "." + domain.Name
-				config.AliasServerNames = append(config.AliasServerNames, cname)
+				var cname = server.DnsName + "." + domain.Name
+				config.CNameDomain = cname
+				if clusterDNSConfig.CNameAsDomain {
+					config.CNameAsDomain = true
+					config.AliasServerNames = append(config.AliasServerNames, cname)
+				}
 			}
 		}
 	}
 
 	// HTTP
 	if IsNotNull(server.Http) {
-		httpConfig := &serverconfigs.HTTPProtocolConfig{}
+		var httpConfig = &serverconfigs.HTTPProtocolConfig{}
 		err := json.Unmarshal(server.Http, httpConfig)
 		if err != nil {
 			return nil, err
@@ -1083,7 +1115,7 @@ func (this *ServerDAO) ComposeServerConfig(tx *dbs.Tx, server *Server, cacheMap
 
 	// HTTPS
 	if IsNotNull(server.Https) {
-		httpsConfig := &serverconfigs.HTTPSProtocolConfig{}
+		var httpsConfig = &serverconfigs.HTTPSProtocolConfig{}
 		err := json.Unmarshal(server.Https, httpsConfig)
 		if err != nil {
 			return nil, err
@@ -1105,7 +1137,7 @@ func (this *ServerDAO) ComposeServerConfig(tx *dbs.Tx, server *Server, cacheMap
 
 	// TCP
 	if IsNotNull(server.Tcp) {
-		tcpConfig := &serverconfigs.TCPProtocolConfig{}
+		var tcpConfig = &serverconfigs.TCPProtocolConfig{}
 		err := json.Unmarshal(server.Tcp, tcpConfig)
 		if err != nil {
 			return nil, err
@@ -1115,7 +1147,7 @@ func (this *ServerDAO) ComposeServerConfig(tx *dbs.Tx, server *Server, cacheMap
 
 	// TLS
 	if IsNotNull(server.Tls) {
-		tlsConfig := &serverconfigs.TLSProtocolConfig{}
+		var tlsConfig = &serverconfigs.TLSProtocolConfig{}
 		err := json.Unmarshal(server.Tls, tlsConfig)
 		if err != nil {
 			return nil, err
@@ -1137,7 +1169,7 @@ func (this *ServerDAO) ComposeServerConfig(tx *dbs.Tx, server *Server, cacheMap
 
 	// Unix
 	if IsNotNull(server.Unix) {
-		unixConfig := &serverconfigs.UnixProtocolConfig{}
+		var unixConfig = &serverconfigs.UnixProtocolConfig{}
 		err := json.Unmarshal(server.Unix, unixConfig)
 		if err != nil {
 			return nil, err
@@ -1147,7 +1179,7 @@ func (this *ServerDAO) ComposeServerConfig(tx *dbs.Tx, server *Server, cacheMap
 
 	// UDP
 	if IsNotNull(server.Udp) {
-		udpConfig := &serverconfigs.UDPProtocolConfig{}
+		var udpConfig = &serverconfigs.UDPProtocolConfig{}
 		err := json.Unmarshal(server.Udp, udpConfig)
 		if err != nil {
 			return nil, err
@@ -1168,7 +1200,7 @@ func (this *ServerDAO) ComposeServerConfig(tx *dbs.Tx, server *Server, cacheMap
 
 	// ReverseProxy
 	if IsNotNull(server.ReverseProxy) {
-		reverseProxyRef := &serverconfigs.ReverseProxyRef{}
+		var reverseProxyRef = &serverconfigs.ReverseProxyRef{}
 		err := json.Unmarshal(server.ReverseProxy, reverseProxyRef)
 		if err != nil {
 			return nil, err
@@ -1185,7 +1217,7 @@ func (this *ServerDAO) ComposeServerConfig(tx *dbs.Tx, server *Server, cacheMap
 	}
 
 	// WAF策略
-	clusterId := int64(server.ClusterId)
+	var clusterId = int64(server.ClusterId)
 	httpFirewallPolicyId, err := SharedNodeClusterDAO.FindClusterHTTPFirewallPolicyId(tx, clusterId, cacheMap)
 	if err != nil {
 		return nil, err
@@ -1576,7 +1608,7 @@ func (this *ServerDAO) GenerateServerDNSName(tx *dbs.Tx, serverId int64) (string
 	if err != nil {
 		return "", err
 	}
-	op := NewServerOperator()
+	var op = NewServerOperator()
 	op.Id = serverId
 	op.DnsName = dnsName
 	err = this.Save(tx, op)
@@ -2495,6 +2527,28 @@ func (this *ServerDAO) FindServerUAM(tx *dbs.Tx, serverId int64) ([]byte, error)
 		FindJSONCol()
 }
 
+// FindUserServerClusterIds 获取用户相关服务的集群ID组合
+func (this *ServerDAO) FindUserServerClusterIds(tx *dbs.Tx, userId int64) ([]int64, error) {
+	if userId <= 0 {
+		return nil, nil
+	}
+	ones, err := this.Query(tx).
+		State(ServerStateEnabled).
+		Attr("userId", userId).
+		Gt("clusterId", 0).
+		Result("DISTINCT(clusterId) AS clusterId").
+		FindAll()
+	if err != nil {
+		return nil, err
+	}
+
+	var clusterIds = []int64{}
+	for _, one := range ones {
+		clusterIds = append(clusterIds, int64(one.(*Server).ClusterId))
+	}
+	return clusterIds, nil
+}
+
 // NotifyUpdate 同步服务所在的集群
 func (this *ServerDAO) NotifyUpdate(tx *dbs.Tx, serverId int64) error {
 	// 创建任务
@@ -2577,3 +2631,23 @@ func (this *ServerDAO) NotifyDisable(tx *dbs.Tx, serverId int64) error {
 
 	return nil
 }
+
+// NotifyUserClustersChange 通知用户相关集群更新
+func (this *ServerDAO) NotifyUserClustersChange(tx *dbs.Tx, userId int64) error {
+	if userId <= 0 {
+		return nil
+	}
+
+	clusterIds, err := this.FindUserServerClusterIds(tx, userId)
+	if err != nil {
+		return err
+	}
+	for _, clusterId := range clusterIds {
+		err = SharedNodeClusterDAO.NotifyUpdate(tx, clusterId)
+		if err != nil {
+			return err
+		}
+	}
+
+	return nil
+}

internal/db/models/server_group_dao.go

@@ -78,7 +78,7 @@ func (this *ServerGroupDAO) FindServerGroupName(tx *dbs.Tx, id int64) (string, e
 
 // CreateGroup 创建分组
 func (this *ServerGroupDAO) CreateGroup(tx *dbs.Tx, name string, userId int64) (groupId int64, err error) {
-	op := NewServerGroupOperator()
+	var op = NewServerGroupOperator()
 	op.State = ServerGroupStateEnabled
 	op.Name = name
 	op.UserId = userId
@@ -95,7 +95,7 @@ func (this *ServerGroupDAO) UpdateGroup(tx *dbs.Tx, groupId int64, name string)
 	if groupId <= 0 {
 		return errors.New("invalid groupId")
 	}
-	op := NewServerGroupOperator()
+	var op = NewServerGroupOperator()
 	op.Id = groupId
 	op.Name = name
 	err := this.Save(tx, op)
@@ -193,7 +193,7 @@ func (this *ServerGroupDAO) UpdateHTTPReverseProxy(tx *dbs.Tx, groupId int64, co
 	if groupId <= 0 {
 		return errors.New("groupId should not be smaller than 0")
 	}
-	op := NewServerGroupOperator()
+	var op = NewServerGroupOperator()
 	op.Id = groupId
 	op.HttpReverseProxy = JSONBytes(config)
 	err := this.Save(tx, op)
@@ -209,7 +209,7 @@ func (this *ServerGroupDAO) UpdateTCPReverseProxy(tx *dbs.Tx, groupId int64, con
 	if groupId <= 0 {
 		return errors.New("groupId should not be smaller than 0")
 	}
-	op := NewServerGroupOperator()
+	var op = NewServerGroupOperator()
 	op.Id = groupId
 	op.TcpReverseProxy = JSONBytes(config)
 	err := this.Save(tx, op)
@@ -225,7 +225,7 @@ func (this *ServerGroupDAO) UpdateUDPReverseProxy(tx *dbs.Tx, groupId int64, con
 	if groupId <= 0 {
 		return errors.New("groupId should not be smaller than 0")
 	}
-	op := NewServerGroupOperator()
+	var op = NewServerGroupOperator()
 	op.Id = groupId
 	op.UdpReverseProxy = JSONBytes(config)
 	err := this.Save(tx, op)
@@ -410,6 +410,17 @@ func (this *ServerGroupDAO) CheckUserGroup(tx *dbs.Tx, userId int64, groupId int
 	return nil
 }
 
+// ExistsGroup 检查分组ID是否存在
+func (this *ServerGroupDAO) ExistsGroup(tx *dbs.Tx, groupId int64) (bool, error) {
+	if groupId <= 0 {
+		return false, nil
+	}
+	return this.Query(tx).
+		Pk(groupId).
+		State(ServerGroupStateEnabled).
+		Exist()
+}
+
 // NotifyUpdate 通知更新
 func (this *ServerGroupDAO) NotifyUpdate(tx *dbs.Tx, groupId int64) error {
 	serverIds, err := SharedServerDAO.FindAllEnabledServerIdsWithGroupId(tx, groupId)

internal/db/models/server_stat_board_chart_dao.go

@@ -64,7 +64,7 @@ func (this *ServerStatBoardChartDAO) FindEnabledServerStatBoardChart(tx *dbs.Tx,
 
 // EnableChart 启用图表
 func (this *ServerStatBoardChartDAO) EnableChart(tx *dbs.Tx, boardId int64, chartId int64) error {
-	op := NewServerStatBoardChartOperator()
+	var op = NewServerStatBoardChartOperator()
 	op.BoardId = boardId
 	op.ChartId = chartId
 	op.State = ServerStatBoardChartStateEnabled

internal/db/models/ssl_cert_dao.go

@@ -89,7 +89,7 @@ func (this *SSLCertDAO) FindSSLCertName(tx *dbs.Tx, id int64) (string, error) {
 
 // CreateCert 创建证书
 func (this *SSLCertDAO) CreateCert(tx *dbs.Tx, adminId int64, userId int64, isOn bool, name string, description string, serverName string, isCA bool, certData []byte, keyData []byte, timeBeginAt int64, timeEndAt int64, dnsNames []string, commonNames []string) (int64, error) {
-	op := NewSSLCertOperator()
+	var op = NewSSLCertOperator()
 	op.AdminId = adminId
 	op.UserId = userId
 	op.State = SSLCertStateEnabled
@@ -343,7 +343,7 @@ func (this *SSLCertDAO) UpdateCertACME(tx *dbs.Tx, certId int64, acmeTaskId int6
 	if certId <= 0 {
 		return errors.New("invalid certId")
 	}
-	op := NewSSLCertOperator()
+	var op = NewSSLCertOperator()
 	op.Id = certId
 	op.AcmeTaskId = acmeTaskId
 	op.IsACME = true

internal/db/models/ssl_policy_dao.go

@@ -200,7 +200,7 @@ func (this *SSLPolicyDAO) FindAllEnabledPolicyIdsWithCertId(tx *dbs.Tx, certId i
 
 // CreatePolicy 创建Policy
 func (this *SSLPolicyDAO) CreatePolicy(tx *dbs.Tx, adminId int64, userId int64, http2Enabled bool, minVersion string, certsJSON []byte, hstsJSON []byte, ocspIsOn bool, clientAuthType int32, clientCACertsJSON []byte, cipherSuitesIsOn bool, cipherSuites []string) (int64, error) {
-	op := NewSSLPolicyOperator()
+	var op = NewSSLPolicyOperator()
 	op.State = SSLPolicyStateEnabled
 	op.IsOn = true
 	op.AdminId = adminId
@@ -244,7 +244,7 @@ func (this *SSLPolicyDAO) UpdatePolicy(tx *dbs.Tx, policyId int64, http2Enabled
 		return errors.New("invalid policyId")
 	}
 
-	op := NewSSLPolicyOperator()
+	var op = NewSSLPolicyOperator()
 	op.Id = policyId
 	op.Http2Enabled = http2Enabled
 	op.MinVersion = minVersion

internal/db/models/sys_event_dao.go

@@ -35,7 +35,7 @@ func (this *SysEventDAO) CreateEvent(tx *dbs.Tx, event EventInterface) error {
 		return errors.New("event should not be nil")
 	}
 
-	op := NewSysEventOperator()
+	var op = NewSysEventOperator()
 	op.Type = event.Type()
 
 	eventJSON, err := json.Marshal(event)