阶段性提交

README.md

@@ -10,7 +10,8 @@
 
 ## 文档
 * [新手指南](https://edge.teaos.cn/docs/QuickStart/Index.md)
-* [文档](http://edge.teaos.cn/docs)
+* [完整文档](https://edge.teaos.cn/docs)
+* [开发者指南](https://edge.teaos.cn/docs/Developer/Build.md)
 
 ## 架构
 ![架构](doc/architect-zh.jpg)

build/configs/.gitignore

@@ -1,4 +1,5 @@
 api.yaml
 server.yaml
 api_db.yaml
-*.pem
+*.pem
+tip.json

go.mod

@@ -9,12 +9,18 @@ require (
 	github.com/cespare/xxhash v1.1.0
 	github.com/go-sql-driver/mysql v1.5.0
 	github.com/go-yaml/yaml v2.1.0+incompatible
+	github.com/golang/protobuf v1.5.2 // indirect
+	github.com/google/go-cmp v0.5.6 // indirect
 	github.com/iwind/TeaGo v0.0.0-20210411134150-ddf57e240c2f
 	github.com/miekg/dns v1.1.35
+	github.com/shirou/gopsutil v3.21.5+incompatible // indirect
 	github.com/skip2/go-qrcode v0.0.0-20200617195104-da1b6568686e
 	github.com/tealeg/xlsx/v3 v3.2.3
 	github.com/xlzd/gotp v0.0.0-20181030022105-c8557ba2c119
-	golang.org/x/sys v0.0.0-20200724161237-0e2f3a69832c
-	google.golang.org/grpc v1.32.0
+	golang.org/x/net v0.0.0-20210614182718-04defd469f4e // indirect
+	golang.org/x/sys v0.0.0-20210616094352-59db8d763f22
+	google.golang.org/genproto v0.0.0-20210617175327-b9e0b3197ced // indirect
+	google.golang.org/grpc v1.38.0
+	google.golang.org/protobuf v1.26.0 // indirect
 	gopkg.in/yaml.v3 v3.0.0-20200615113413-eeeca48fe776
 )

go.sum

@@ -13,6 +13,7 @@ github.com/cespare/xxhash/v2 v2.1.1 h1:6MnRN8NT7+YBpUIWxHtefFZOKTAPgGjpQSxqLNn0+
 github.com/cespare/xxhash/v2 v2.1.1/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs=
 github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw=
 github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod h1:M8M6+tZqaGXZJjfX53e64911xZQV5JYwmTeXPW+k8Sc=
+github.com/cncf/udpa/go v0.0.0-20201120205902-5459f2c99403/go.mod h1:WmhPx2Nbnhtbo57+VJT5O0JRkEi1Wbu0z5j0R8u5Hbk=
 github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
@@ -20,6 +21,7 @@ github.com/dgryski/go-rendezvous v0.0.0-20200624174652-8d2f3be8b2d9/go.mod h1:cu
 github.com/envoyproxy/go-control-plane v0.9.0/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4=
 github.com/envoyproxy/go-control-plane v0.9.1-0.20191026205805-5f8ba28d4473/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4=
 github.com/envoyproxy/go-control-plane v0.9.4/go.mod h1:6rpuAdCZL397s3pYoYcLgu1mIlRU8Am5FuJP05cCM98=
+github.com/envoyproxy/go-control-plane v0.9.9-0.20210217033140-668b12f5399d/go.mod h1:cXg6YxExXjJnVBQHBLXeUAgxn2UodCpnH306RInaBQk=
 github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c=
 github.com/frankban/quicktest v1.5.0 h1:Tb4jWdSpdjKzTUicPnY61PZxKbDoGa7ABbrReT3gQVY=
 github.com/frankban/quicktest v1.5.0/go.mod h1:jaStnuzAqU1AJdCO0l53JDCJrVDKcS03DbaAcR7Ks/o=
@@ -44,6 +46,9 @@ github.com/golang/protobuf v1.4.0/go.mod h1:jodUvKwWbYaEsadDk5Fwe5c77LiNKVO9IDvq
 github.com/golang/protobuf v1.4.1/go.mod h1:U8fpvMrcmy5pZrNK1lt4xCsGvpyWQ/VVv6QDs8UjoX8=
 github.com/golang/protobuf v1.4.2 h1:+Z5KGCizgyZCbGh1KZqA0fcLLkwbsjIzS4aV2v7wJX0=
 github.com/golang/protobuf v1.4.2/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI=
+github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk=
+github.com/golang/protobuf v1.5.2 h1:ROPKBNFfQgOUMifHyP+KYbvpjbdoFNs+aK7DXlji0Tw=
+github.com/golang/protobuf v1.5.2/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY=
 github.com/google/btree v1.0.0 h1:0udJVsspx3VBr5FwtLhQQtuAsVc79tTq0ocGIPAU6qo=
 github.com/google/btree v1.0.0/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ=
 github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M=
@@ -52,7 +57,11 @@ github.com/google/go-cmp v0.3.1/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMyw
 github.com/google/go-cmp v0.4.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
 github.com/google/go-cmp v0.5.0 h1:/QaMHBdZ26BB3SSst0Iwl10Epc+xhTquomWX0oZEB6w=
 github.com/google/go-cmp v0.5.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
+github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
+github.com/google/go-cmp v0.5.6 h1:BKbKCqvP6I+rmFHt06ZmyQtvB8xAkWdhFyr0ZUNZcxQ=
+github.com/google/go-cmp v0.5.6/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
 github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg=
+github.com/google/uuid v1.1.2/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
 github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpOxQnU=
 github.com/iwind/TeaGo v0.0.0-20210411134150-ddf57e240c2f h1:r2O8PONj/KiuZjJHVHn7KlCePUIjNtgAmvLfgRafQ8o=
 github.com/iwind/TeaGo v0.0.0-20210411134150-ddf57e240c2f/go.mod h1:KU4mS7QNiZ7QWEuDBk1zw0/Q2LrAPZv3tycEFBsuUwc=
@@ -91,18 +100,22 @@ github.com/rogpeppe/fastuuid v1.2.0 h1:Ppwyp6VYCF1nvBTXL3trRso7mXMlRrw9ooo375wvi
 github.com/rogpeppe/fastuuid v1.2.0/go.mod h1:jVj6XXZzXRy/MSR5jhDC/2q6DgLz+nrA6LYCDYWNEvQ=
 github.com/shabbyrobe/xmlwriter v0.0.0-20200208144257-9fca06d00ffa h1:2cO3RojjYl3hVTbEvJVqrMaFmORhL6O06qdW42toftk=
 github.com/shabbyrobe/xmlwriter v0.0.0-20200208144257-9fca06d00ffa/go.mod h1:Yjr3bdWaVWyME1kha7X0jsz3k2DgXNa1Pj3XGyUAbx8=
+github.com/shirou/gopsutil v3.21.5+incompatible h1:OloQyEerMi7JUrXiNzy8wQ5XN+baemxSl12QgIzt0jc=
+github.com/shirou/gopsutil v3.21.5+incompatible/go.mod h1:5b4v6he4MtMOwMlS0TUMTu2PcXUg8+E1lC7eC3UO/RA=
 github.com/skip2/go-qrcode v0.0.0-20200617195104-da1b6568686e h1:MRM5ITcdelLK2j1vwZ3Je0FKVCfqOLp5zO6trqMLYs0=
 github.com/skip2/go-qrcode v0.0.0-20200617195104-da1b6568686e/go.mod h1:XV66xRDqSt+GTGFMVlhk3ULuV0y9ZmzeVGR4mloJI3M=
 github.com/spaolacci/murmur3 v0.0.0-20180118202830-f09979ecbc72 h1:qLC7fQah7D6K1B0ujays3HV9gkFtllcxhzImRR7ArPQ=
 github.com/spaolacci/murmur3 v0.0.0-20180118202830-f09979ecbc72/go.mod h1:JwIasOWyU6f++ZhiEuf87xNszmSA2myDM2Kzu9HwQUA=
 github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
 github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI=
+github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA=
 github.com/stretchr/testify v1.6.1 h1:hDPOHmpOpP40lSULcqw7IrRb/u7w6RpDC9399XyoNd0=
 github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
 github.com/tealeg/xlsx/v3 v3.2.3 h1:MXnVh+9Y8cUglowItTy2HL3Kv6z+q/0aNjeKuTsVqZQ=
 github.com/tealeg/xlsx/v3 v3.2.3/go.mod h1:0hGmAEoZ48SS1ZAE6eqZJkJVXgOMY+8a33vjXa8S8HA=
 github.com/xlzd/gotp v0.0.0-20181030022105-c8557ba2c119 h1:YyPWX3jLOtYKulBR6AScGIs74lLrJcgeKRwcbAuQOG4=
 github.com/xlzd/gotp v0.0.0-20181030022105-c8557ba2c119/go.mod h1:/nuTSlK+okRfR/vnIPqR89fFKonnWPiZymN5ydRJkX8=
+github.com/yuin/goldmark v1.3.5/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k=
 go.opentelemetry.io/otel v0.7.0/go.mod h1:aZMyHG5TqDOXEgH2tyLiXSUKly1jT3yqE9PmrzIeCdo=
 golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
 golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550 h1:ObdrDkeb4kJdCP557AjRjq69pTHfNouLtWZG7j9rPN8=
@@ -115,9 +128,11 @@ golang.org/x/image v0.0.0-20190802002840-cff245a6509b/go.mod h1:FeLwcggjj3mMvU+o
 golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE=
 golang.org/x/lint v0.0.0-20190227174305-5b3e6a55c961/go.mod h1:wehouNa3lNwaWXcvxsM5YxQ5yQlVC4a0KAMCusXpPoU=
 golang.org/x/lint v0.0.0-20190313153728-d0100b6bd8b3/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc=
+golang.org/x/lint v0.0.0-20210508222113-6edffad5e616/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY=
 golang.org/x/mobile v0.0.0-20190719004257-d2bd2a29d028/go.mod h1:E/iHnbuqvinMTCcRqshq8CkpyQDoeVncDDYHnLhea+o=
 golang.org/x/mod v0.1.1-0.20191105210325-c90efee705ee/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg=
 golang.org/x/mod v0.1.1-0.20191107180719-034126e5016b/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg=
+golang.org/x/mod v0.4.2/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
 golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
 golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
 golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
@@ -128,11 +143,15 @@ golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLL
 golang.org/x/net v0.0.0-20190923162816-aa69164e4478/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
 golang.org/x/net v0.0.0-20200520004742-59133d7f0dd7 h1:AeiKBIuRw3UomYXSbLy0Mc2dDLfdtbT/IVn4keq83P0=
 golang.org/x/net v0.0.0-20200520004742-59133d7f0dd7/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A=
+golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod h1:p54w0d4576C0XHj96bSt6lcn1PtDYWL6XObtHCRCNQM=
+golang.org/x/net v0.0.0-20210614182718-04defd469f4e h1:XpT3nA5TvE525Ne3hInMh6+GETgn27Zfm9dxsThnX2Q=
+golang.org/x/net v0.0.0-20210614182718-04defd469f4e/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
 golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
 golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20190423024810-112230192c58 h1:8gQV6CLnAEikrhgkHFbMAEhagSSnXWGV915qUMm9mrU=
 golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20180909124046-d0be0721c37e/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
@@ -148,19 +167,35 @@ golang.org/x/sys v0.0.0-20200323222414-85ca7c5b95cd/go.mod h1:h1NjWce9XRLGQEsW7w
 golang.org/x/sys v0.0.0-20200519105757-fe76b779f299/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20200724161237-0e2f3a69832c h1:UIcGWL6/wpCfyGuJnRFJRurA+yj8RrW7Q6x2YMCXt6c=
 golang.org/x/sys v0.0.0-20200724161237-0e2f3a69832c/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20210330210617-4fbd30eecc44/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20210510120138-977fb7262007/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.0.0-20210616094352-59db8d763f22 h1:RqytpXGR1iVNX7psjB3ff8y7sNFinVFvkx1c8SjBkio=
+golang.org/x/sys v0.0.0-20210616094352-59db8d763f22/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.2 h1:tW2bmiBqwgJj/UpqtC8EpXEZVYOwU0yG4iWbprSVAcs=
 golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk=
+golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
+golang.org/x/text v0.3.5/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
+golang.org/x/text v0.3.6 h1:aRYxNxv6iGQlyVaZmk6ZgYEDa+Jg18DxebPSrd6bg1M=
+golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
 golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
 golang.org/x/tools v0.0.0-20190114222345-bf090417da8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
 golang.org/x/tools v0.0.0-20190226205152-f727befe758c/go.mod h1:9Yl7xja0Znq3iFh3HoIrodX9oNMXvdceNzlUR8zjMvY=
 golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs=
 golang.org/x/tools v0.0.0-20190524140312-2c0ae7006135/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q=
+golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
 golang.org/x/tools v0.0.0-20191216052735-49a3e744a425/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28=
+golang.org/x/tools v0.0.0-20200130002326-2f3ba24bd6e7/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28=
 golang.org/x/tools v0.0.0-20200207183749-b753a1ba74fa/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28=
+golang.org/x/tools v0.1.3/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk=
+golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543 h1:E7g+9GITq07hpfrRu66IVDexMakfv52eLZ2CXBWiKr4=
 golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
+golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM=
 google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4=
 google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc=
@@ -168,6 +203,8 @@ google.golang.org/genproto v0.0.0-20190819201941-24fa4b261c55/go.mod h1:DMBHOl98
 google.golang.org/genproto v0.0.0-20191009194640-548a555dbc03/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc=
 google.golang.org/genproto v0.0.0-20200526211855-cb27e3aa2013 h1:+kGHl1aib/qcwaRi1CbqBZ1rk19r85MNUf8HaBghugY=
 google.golang.org/genproto v0.0.0-20200526211855-cb27e3aa2013/go.mod h1:NbSheEEYHJ7i3ixzK3sjbqSGDJWnxyFXZblF3eUsNvo=
+google.golang.org/genproto v0.0.0-20210617175327-b9e0b3197ced h1:c5geK1iMU3cDKtFrCVQIcjR3W+JOZMuhIyICMCTbtus=
+google.golang.org/genproto v0.0.0-20210617175327-b9e0b3197ced/go.mod h1:SzzZ/N+nwJDaO1kznhnlzqS8ocJICar6hYhVyhi++24=
 google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c=
 google.golang.org/grpc v1.23.0/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyacEbxg=
 google.golang.org/grpc v1.25.1/go.mod h1:c3i+UQWmh7LiEpx4sFZnkU36qjEYZ0imhYfXVyQciAY=
@@ -175,6 +212,8 @@ google.golang.org/grpc v1.27.0/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8
 google.golang.org/grpc v1.30.0/go.mod h1:N36X2cJ7JwdamYAgDz+s+rVMFjt3numwzf/HckM8pak=
 google.golang.org/grpc v1.32.0 h1:zWTV+LMdc3kaiJMSTOFz2UgSBgx8RNQoTGiZu3fR9S0=
 google.golang.org/grpc v1.32.0/go.mod h1:N36X2cJ7JwdamYAgDz+s+rVMFjt3numwzf/HckM8pak=
+google.golang.org/grpc v1.38.0 h1:/9BgsAsa5nWe26HqOlvlgJnqBuktYOLCgjCPqsa56W0=
+google.golang.org/grpc v1.38.0/go.mod h1:NREThFqKR1f3iQ6oBuvc5LadQuXVGo9rkm5ZGrQdJfM=
 google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8=
 google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0=
 google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQJ+fmap5saPgwCLgHXTUD7jkjRqWcaiX5VyM=
@@ -185,6 +224,9 @@ google.golang.org/protobuf v1.23.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2
 google.golang.org/protobuf v1.23.1-0.20200526195155-81db48ad09cc/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU=
 google.golang.org/protobuf v1.25.0 h1:Ejskq+SyPohKW+1uil0JJMtmHCgJPJ/qWTxr8qp+R4c=
 google.golang.org/protobuf v1.25.0/go.mod h1:9JNX74DMeImyA3h4bdi1ymwjUzf21/xIlbajtzgsN7c=
+google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw=
+google.golang.org/protobuf v1.26.0 h1:bxAC2xTBsZGibn2RTntX0oH50xLsqy1OxA9tTL3p/lk=
+google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/check.v1 v1.0.0-20200227125254-8fa46927fb4f h1:BLraFXnmrev5lT+xlilqcH8XK9/i0At2xKjWk4p6zsU=
@@ -192,6 +234,7 @@ gopkg.in/check.v1 v1.0.0-20200227125254-8fa46927fb4f/go.mod h1:Co6ibVJAznAaIkqp8
 gopkg.in/fsnotify.v1 v1.4.7/go.mod h1:Tz8NjZHkW78fSQdbUxIjBTcgA1z1m8ZHf0WmKUhAMys=
 gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw=
 gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
+gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
 gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
 gopkg.in/yaml.v2 v2.2.7/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
 gopkg.in/yaml.v2 v2.3.0/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=

internal/const/const.go

@@ -1,7 +1,7 @@
 package teaconst
 
 const (
-	Version = "0.2.1"
+	Version = "0.2.4"
 
 	ProductName   = "Edge Admin"
 	ProcessName   = "edge-admin"

internal/rpc/rpc_client.go

@@ -228,6 +228,10 @@ func (this *RPCClient) HTTPFastcgiRPC() pb.HTTPFastcgiServiceClient {
 	return pb.NewHTTPFastcgiServiceClient(this.pickConn())
 }
 
+func (this *RPCClient) HTTPAuthPolicyRPC() pb.HTTPAuthPolicyServiceClient {
+	return pb.NewHTTPAuthPolicyServiceClient(this.pickConn())
+}
+
 func (this *RPCClient) SSLCertRPC() pb.SSLCertServiceClient {
 	return pb.NewSSLCertServiceClient(this.pickConn())
 }
@@ -384,6 +388,14 @@ func (this *RPCClient) NSAccessLogRPC() pb.NSAccessLogServiceClient {
 	return pb.NewNSAccessLogServiceClient(this.pickConn())
 }
 
+func (this *RPCClient) MetricItemRPC() pb.MetricItemServiceClient {
+	return pb.NewMetricItemServiceClient(this.pickConn())
+}
+
+func (this *RPCClient) NodeClusterMetricItemRPC() pb.NodeClusterMetricItemServiceClient {
+	return pb.NewNodeClusterMetricItemServiceClient(this.pickConn())
+}
+
 // Context 构造Admin上下文
 func (this *RPCClient) Context(adminId int64) context.Context {
 	ctx := context.Background()

internal/web/actions/default/admins/accesskeys/createPopup.go

@@ -0,0 +1,49 @@
+// Copyright 2021 Liuxiangchao iwind.liu@gmail.com. All rights reserved.
+
+package accesskeys
+
+import (
+	"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
+	"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
+	"github.com/iwind/TeaGo/actions"
+)
+
+type CreatePopupAction struct {
+	actionutils.ParentAction
+}
+
+func (this *CreatePopupAction) Init() {
+	this.Nav("", "", "")
+}
+
+func (this *CreatePopupAction) RunGet(params struct {
+	AdminId int64
+}) {
+	this.Data["adminId"] = params.AdminId
+	this.Show()
+}
+
+func (this *CreatePopupAction) RunPost(params struct {
+	AdminId     int64
+	Description string
+
+	Must *actions.Must
+	CSRF *actionutils.CSRF
+}) {
+	params.Must.
+		Field("description", params.Description).
+		Require("请输入备注")
+
+	accessKeyIdResp, err := this.RPC().UserAccessKeyRPC().CreateUserAccessKey(this.AdminContext(), &pb.CreateUserAccessKeyRequest{
+		AdminId:     params.AdminId,
+		Description: params.Description,
+	})
+	if err != nil {
+		this.ErrorPage(err)
+		return
+	}
+
+	defer this.CreateLogInfo("创建AccessKey %d", accessKeyIdResp.UserAccessKeyId)
+
+	this.Success()
+}

internal/web/actions/default/admins/accesskeys/delete.go

@@ -0,0 +1,24 @@
+package accesskeys
+
+import (
+	"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
+	"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
+)
+
+type DeleteAction struct {
+	actionutils.ParentAction
+}
+
+func (this *DeleteAction) RunPost(params struct {
+	AccessKeyId int64
+}) {
+	defer this.CreateLogInfo("删除AccessKey %d", params.AccessKeyId)
+
+	_, err := this.RPC().UserAccessKeyRPC().DeleteUserAccessKey(this.AdminContext(), &pb.DeleteUserAccessKeyRequest{UserAccessKeyId: params.AccessKeyId})
+	if err != nil {
+		this.ErrorPage(err)
+		return
+	}
+
+	this.Success()
+}

internal/web/actions/default/admins/accesskeys/index.go

@@ -0,0 +1,54 @@
+// Copyright 2021 Liuxiangchao iwind.liu@gmail.com. All rights reserved.
+
+package accesskeys
+
+import (
+	"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
+	"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/default/admins/adminutils"
+	"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
+	"github.com/iwind/TeaGo/maps"
+	timeutil "github.com/iwind/TeaGo/utils/time"
+)
+
+type IndexAction struct {
+	actionutils.ParentAction
+}
+
+func (this *IndexAction) Init() {
+	this.Nav("", "", "accessKey")
+}
+
+func (this *IndexAction) RunGet(params struct {
+	AdminId int64
+}) {
+	err := adminutils.InitAdmin(this.Parent(), params.AdminId)
+	if err != nil {
+		this.ErrorPage(err)
+		return
+	}
+
+	accessKeysResp, err := this.RPC().UserAccessKeyRPC().FindAllEnabledUserAccessKeys(this.AdminContext(), &pb.FindAllEnabledUserAccessKeysRequest{AdminId: params.AdminId})
+	if err != nil {
+		this.ErrorPage(err)
+		return
+	}
+
+	accessKeyMaps := []maps.Map{}
+	for _, accessKey := range accessKeysResp.UserAccessKeys {
+		var accessedTime string
+		if accessKey.AccessedAt > 0 {
+			accessedTime = timeutil.FormatTime("Y-m-d H:i:s", accessKey.AccessedAt)
+		}
+		accessKeyMaps = append(accessKeyMaps, maps.Map{
+			"id":           accessKey.Id,
+			"isOn":         accessKey.IsOn,
+			"uniqueId":     accessKey.UniqueId,
+			"secret":       accessKey.Secret,
+			"description":  accessKey.Description,
+			"accessedTime": accessedTime,
+		})
+	}
+	this.Data["accessKeys"] = accessKeyMaps
+
+	this.Show()
+}

internal/web/actions/default/admins/accesskeys/updateIsOn.go

@@ -0,0 +1,28 @@
+package accesskeys
+
+import (
+	"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
+	"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
+)
+
+type UpdateIsOnAction struct {
+	actionutils.ParentAction
+}
+
+func (this *UpdateIsOnAction) RunPost(params struct {
+	AccessKeyId int64
+	IsOn        bool
+}) {
+	defer this.CreateLogInfo("设置AccessKey %d 启用状态", params.AccessKeyId)
+
+	_, err := this.RPC().UserAccessKeyRPC().UpdateUserAccessKeyIsOn(this.AdminContext(), &pb.UpdateUserAccessKeyIsOnRequest{
+		UserAccessKeyId: params.AccessKeyId,
+		IsOn:            params.IsOn,
+	})
+	if err != nil {
+		this.ErrorPage(err)
+		return
+	}
+
+	this.Success()
+}

internal/web/actions/default/admins/admin.go

@@ -30,13 +30,22 @@ func (this *AdminAction) RunGet(params struct {
 		return
 	}
 
+	// AccessKey数量
+	countAccessKeyResp, err := this.RPC().UserAccessKeyRPC().CountAllEnabledUserAccessKeys(this.AdminContext(), &pb.CountAllEnabledUserAccessKeysRequest{AdminId: params.AdminId})
+	if err != nil {
+		this.ErrorPage(err)
+		return
+	}
+	countAccessKeys := countAccessKeyResp.Count
+
 	this.Data["admin"] = maps.Map{
-		"id":       admin.Id,
-		"fullname": admin.Fullname,
-		"username": admin.Username,
-		"isOn":     admin.IsOn,
-		"isSuper":  admin.IsSuper,
-		"canLogin": admin.CanLogin,
+		"id":              admin.Id,
+		"fullname":        admin.Fullname,
+		"username":        admin.Username,
+		"isOn":            admin.IsOn,
+		"isSuper":         admin.IsSuper,
+		"canLogin":        admin.CanLogin,
+		"countAccessKeys": countAccessKeys,
 	}
 
 	// 权限

internal/web/actions/default/admins/adminutils/utils.go

@@ -0,0 +1,38 @@
+package adminutils
+
+import (
+	"errors"
+	"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
+	"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
+	"github.com/iwind/TeaGo/maps"
+)
+
+// InitAdmin 查找管理员基本信息
+func InitAdmin(p *actionutils.ParentAction, adminId int64) error {
+	// 管理员信息
+	resp, err := p.RPC().AdminRPC().FindEnabledAdmin(p.AdminContext(), &pb.FindEnabledAdminRequest{AdminId: adminId})
+	if err != nil {
+		return err
+	}
+	if resp.Admin == nil {
+		return errors.New("not found admin")
+	}
+	var admin = resp.Admin
+
+	// AccessKey数量
+	countAccessKeysResp, err := p.RPC().UserAccessKeyRPC().CountAllEnabledUserAccessKeys(p.AdminContext(), &pb.CountAllEnabledUserAccessKeysRequest{
+		AdminId: adminId,
+		UserId:  0,
+	})
+	if err != nil {
+		return err
+	}
+
+	p.Data["admin"] = maps.Map{
+		"id":              admin.Id,
+		"username":        admin.Username,
+		"fullname":        admin.Fullname,
+		"countAccessKeys": countAccessKeysResp.Count,
+	}
+	return nil
+}

internal/web/actions/default/admins/init.go

@@ -2,6 +2,7 @@ package admins
 
 import (
 	"github.com/TeaOSLab/EdgeAdmin/internal/configloaders"
+	"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/default/admins/accesskeys"
 	"github.com/TeaOSLab/EdgeAdmin/internal/web/helpers"
 	"github.com/iwind/TeaGo"
 )
@@ -19,6 +20,15 @@ func init() {
 			Get("/admin", new(AdminAction)).
 			Get("/otpQrcode", new(OtpQrcodeAction)).
 			Post("/options", new(OptionsAction)).
+
+			// AccessKeys
+			Prefix("/admins/accessKeys").
+			Get("", new(accesskeys.IndexAction)).
+			GetPost("/createPopup", new(accesskeys.CreatePopupAction)).
+			Post("/delete", new(accesskeys.DeleteAction)).
+			Post("/updateIsOn", new(accesskeys.UpdateIsOnAction)).
+
+
 			EndAll()
 	})
 }

internal/web/actions/default/admins/update.go

@@ -39,14 +39,23 @@ func (this *UpdateAction) RunGet(params struct {
 		otpLoginIsOn = admin.OtpLogin.IsOn
 	}
 
+	// AccessKey数量
+	countAccessKeyResp, err := this.RPC().UserAccessKeyRPC().CountAllEnabledUserAccessKeys(this.AdminContext(), &pb.CountAllEnabledUserAccessKeysRequest{AdminId: params.AdminId})
+	if err != nil {
+		this.ErrorPage(err)
+		return
+	}
+	countAccessKeys := countAccessKeyResp.Count
+
 	this.Data["admin"] = maps.Map{
-		"id":           admin.Id,
-		"fullname":     admin.Fullname,
-		"username":     admin.Username,
-		"isOn":         admin.IsOn,
-		"isSuper":      admin.IsSuper,
-		"canLogin":     admin.CanLogin,
-		"otpLoginIsOn": otpLoginIsOn,
+		"id":              admin.Id,
+		"fullname":        admin.Fullname,
+		"username":        admin.Username,
+		"isOn":            admin.IsOn,
+		"isSuper":         admin.IsSuper,
+		"canLogin":        admin.CanLogin,
+		"otpLoginIsOn":    otpLoginIsOn,
+		"countAccessKeys": countAccessKeys,
 	}
 
 	// 权限

internal/web/actions/default/clusters/cluster/settings/health/runPopup.go

@@ -32,6 +32,9 @@ func (this *RunPopupAction) RunPost(params struct {
 		this.Fail(err.Error())
 	}
 
+	if resp.Results == nil {
+		resp.Results = []*pb.ExecuteNodeClusterHealthCheckResponse_Result{}
+	}
 	this.Data["results"] = resp.Results
 	this.Success()
 }

internal/web/actions/default/clusters/cluster/settings/init.go

@@ -7,6 +7,7 @@ import (
 	firewallActions "github.com/TeaOSLab/EdgeAdmin/internal/web/actions/default/clusters/cluster/settings/firewall-actions"
 	"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/default/clusters/cluster/settings/health"
 	"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/default/clusters/cluster/settings/message"
+	"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/default/clusters/cluster/settings/metrics"
 	"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/default/clusters/cluster/settings/services"
 	"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/default/clusters/cluster/settings/thresholds"
 	"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/default/clusters/cluster/settings/toa"
@@ -67,6 +68,12 @@ func init() {
 			GetPost("/updatePopup", new(thresholds.UpdatePopupAction)).
 			Post("/delete", new(thresholds.DeleteAction)).
 
+			// 指标
+			Prefix("/clusters/cluster/settings/metrics").
+			Get("", new(metrics.IndexAction)).
+			GetPost("/createPopup", new(metrics.CreatePopupAction)).
+			Post("/delete", new(metrics.DeleteAction)).
+
 			EndAll()
 	})
 }

internal/web/actions/default/clusters/cluster/settings/metrics/createPopup.go

@@ -0,0 +1,61 @@
+// Copyright 2021 Liuxiangchao iwind.liu@gmail.com. All rights reserved.
+
+package metrics
+
+import (
+	"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
+	"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
+	"github.com/iwind/TeaGo/maps"
+)
+
+type CreatePopupAction struct {
+	actionutils.ParentAction
+}
+
+func (this *CreatePopupAction) Init() {
+	this.Nav("", "", "")
+}
+
+func (this *CreatePopupAction) RunGet(params struct {
+	Category string
+}) {
+	if len(params.Category) == 0 {
+		params.Category = "http"
+	}
+	this.Data["category"] = params.Category
+
+	countResp, err := this.RPC().MetricItemRPC().CountAllEnabledMetricItems(this.AdminContext(), &pb.CountAllEnabledMetricItemsRequest{Category: params.Category})
+	if err != nil {
+		this.ErrorPage(err)
+		return
+	}
+	var count = countResp.Count
+	page := this.NewPage(count)
+	this.Data["page"] = page.AsHTML()
+
+	itemsResp, err := this.RPC().MetricItemRPC().ListEnabledMetricItems(this.AdminContext(), &pb.ListEnabledMetricItemsRequest{
+		Category: params.Category,
+		Offset:   page.Offset,
+		Size:     page.Size,
+	})
+	if err != nil {
+		this.ErrorPage(err)
+		return
+	}
+	var itemMaps = []maps.Map{}
+	for _, item := range itemsResp.MetricItems {
+		itemMaps = append(itemMaps, maps.Map{
+			"id":         item.Id,
+			"name":       item.Name,
+			"isOn":       item.IsOn,
+			"period":     item.Period,
+			"periodUnit": item.PeriodUnit,
+			"keys":       item.Keys,
+			"value":      item.Value,
+			"category":   item.Category,
+		})
+	}
+	this.Data["items"] = itemMaps
+
+	this.Show()
+}

internal/web/actions/default/clusters/cluster/settings/metrics/delete.go

@@ -0,0 +1,13 @@
+// Copyright 2021 Liuxiangchao iwind.liu@gmail.com. All rights reserved.
+
+package metrics
+
+import "github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
+
+type DeleteAction struct {
+	actionutils.ParentAction
+}
+
+func (this *DeleteAction) RunPost(params struct{}) {
+	this.Success()
+}

internal/web/actions/default/clusters/cluster/settings/metrics/index.go

@@ -0,0 +1,51 @@
+// Copyright 2021 Liuxiangchao iwind.liu@gmail.com. All rights reserved.
+
+package metrics
+
+import (
+	"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
+	"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
+	"github.com/iwind/TeaGo/maps"
+)
+
+type IndexAction struct {
+	actionutils.ParentAction
+}
+
+func (this *IndexAction) Init() {
+	this.Nav("", "setting", "setting")
+	this.SecondMenu("metric")
+}
+
+func (this *IndexAction) RunGet(params struct {
+	ClusterId int64
+	Category  string
+}) {
+	if len(params.Category) == 0 {
+		params.Category = "http"
+	}
+	this.Data["category"] = params.Category
+
+	itemsResp, err := this.RPC().NodeClusterMetricItemRPC().FindAllNodeClusterMetricItems(this.AdminContext(), &pb.FindAllNodeClusterMetricItemsRequest{NodeClusterId: params.ClusterId})
+	if err != nil {
+		this.ErrorPage(err)
+		return
+	}
+
+	var itemMaps = []maps.Map{}
+	for _, item := range itemsResp.MetricItems {
+		itemMaps = append(itemMaps, maps.Map{
+			"id":         item.Id,
+			"name":       item.Name,
+			"isOn":       item.IsOn,
+			"period":     item.Period,
+			"periodUnit": item.PeriodUnit,
+			"keys":       item.Keys,
+			"value":      item.Value,
+			"category":   item.Category,
+		})
+	}
+	this.Data["items"] = itemMaps
+
+	this.Show()
+}

internal/web/actions/default/clusters/clusterutils/cluster_helper.go

@@ -1,14 +1,12 @@
 package clusterutils
 
 import (
-	"encoding/json"
 	teaconst "github.com/TeaOSLab/EdgeAdmin/internal/const"
 	"github.com/TeaOSLab/EdgeAdmin/internal/rpc"
 	"github.com/TeaOSLab/EdgeAdmin/internal/utils/numberutils"
 	"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
 	"github.com/TeaOSLab/EdgeCommon/pkg/rpc/dao"
 	"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
-	"github.com/TeaOSLab/EdgeCommon/pkg/serverconfigs"
 	"github.com/iwind/TeaGo/actions"
 	"github.com/iwind/TeaGo/logs"
 	"github.com/iwind/TeaGo/maps"
@@ -38,7 +36,8 @@ func (this *ClusterHelper) BeforeAction(actionPtr actions.ActionWrapper) (goNext
 	action.Data["clusterId"] = clusterId
 
 	if clusterId > 0 {
-		cluster, err := dao.SharedNodeClusterDAO.FindEnabledNodeCluster(actionPtr.(rpc.ContextInterface).AdminContext(), clusterId)
+		var ctx = actionPtr.(rpc.ContextInterface).AdminContext()
+		cluster, err := dao.SharedNodeClusterDAO.FindEnabledNodeCluster(ctx, clusterId)
 		if err != nil {
 			logs.Error(err)
 			return
@@ -48,6 +47,16 @@ func (this *ClusterHelper) BeforeAction(actionPtr actions.ActionWrapper) (goNext
 			return
 		}
 
+		clusterInfo, err := dao.SharedNodeClusterDAO.FindEnabledNodeClusterConfigInfo(ctx, clusterId)
+		if err != nil {
+			logs.Error(err)
+			return
+		}
+		if clusterInfo == nil {
+			action.WriteString("can not find cluster info")
+			return
+		}
+
 		tabbar := actionutils.NewTabbar()
 		tabbar.Add("集群列表", "", "/clusters", "", false)
 		tabbar.Add("集群节点", "", "/clusters/cluster?clusterId="+clusterIdString, "server", selectedTabbar == "node")
@@ -64,7 +73,7 @@ func (this *ClusterHelper) BeforeAction(actionPtr actions.ActionWrapper) (goNext
 		secondMenuItem := action.Data.GetString("secondMenuItem")
 		switch selectedTabbar {
 		case "setting":
-			action.Data["leftMenuItems"] = this.createSettingMenu(cluster, secondMenuItem)
+			action.Data["leftMenuItems"] = this.createSettingMenu(cluster, clusterInfo, secondMenuItem)
 		}
 	}
 
@@ -72,7 +81,7 @@ func (this *ClusterHelper) BeforeAction(actionPtr actions.ActionWrapper) (goNext
 }
 
 // 设置菜单
-func (this *ClusterHelper) createSettingMenu(cluster *pb.NodeCluster, selectedItem string) (items []maps.Map) {
+func (this *ClusterHelper) createSettingMenu(cluster *pb.NodeCluster, info *pb.FindEnabledNodeClusterConfigInfoResponse, selectedItem string) (items []maps.Map) {
 	clusterId := numberutils.FormatInt64(cluster.Id)
 	items = append(items, maps.Map{
 		"name":     "基础设置",
@@ -92,25 +101,19 @@ func (this *ClusterHelper) createSettingMenu(cluster *pb.NodeCluster, selectedIt
 		"isOn":     cluster.HttpFirewallPolicyId > 0,
 	})
 
-	{
-		hasActions, _ := this.checkFirewallActions(cluster.Id)
-		items = append(items, maps.Map{
-			"name":     "WAF动作",
-			"url":      "/clusters/cluster/settings/firewall-actions?clusterId=" + clusterId,
-			"isActive": selectedItem == "firewallAction",
-			"isOn":     hasActions,
-		})
-	}
+	items = append(items, maps.Map{
+		"name":     "WAF动作",
+		"url":      "/clusters/cluster/settings/firewall-actions?clusterId=" + clusterId,
+		"isActive": selectedItem == "firewallAction",
+		"isOn":     info != nil && info.HasFirewallActions,
+	})
 
-	{
-		healthCheckIsOn, _ := this.checkHealthCheckIsOn(cluster.Id)
-		items = append(items, maps.Map{
-			"name":     "健康检查",
-			"url":      "/clusters/cluster/settings/health?clusterId=" + clusterId,
-			"isActive": selectedItem == "health",
-			"isOn":     healthCheckIsOn,
-		})
-	}
+	items = append(items, maps.Map{
+		"name":     "健康检查",
+		"url":      "/clusters/cluster/settings/health?clusterId=" + clusterId,
+		"isActive": selectedItem == "health",
+		"isOn":     info != nil && info.HealthCheckIsOn,
+	})
 
 	items = append(items, maps.Map{
 		"name":     "DNS设置",
@@ -118,22 +121,26 @@ func (this *ClusterHelper) createSettingMenu(cluster *pb.NodeCluster, selectedIt
 		"isActive": selectedItem == "dns",
 		"isOn":     cluster.DnsDomainId > 0 || len(cluster.DnsName) > 0,
 	})
+	/**items = append(items, maps.Map{
+		"name":     "统计指标",
+		"url":      "/clusters/cluster/settings/metrics?clusterId=" + clusterId,
+		"isActive": selectedItem == "metric",
+		"isOn":     info != nil && info.HasMetricItems,
+	})**/
+
 	if teaconst.IsPlus {
-		hasThresholds, _ := this.checkThresholds(cluster.Id)
 		items = append(items, maps.Map{
 			"name":     "阈值设置",
 			"url":      "/clusters/cluster/settings/thresholds?clusterId=" + clusterId,
 			"isActive": selectedItem == "threshold",
-			"isOn":     hasThresholds,
+			"isOn":     info != nil && info.HasThresholds,
 		})
-	}
-	if teaconst.IsPlus {
-		hasMessageReceivers, _ := this.checkMessages(cluster.Id)
+
 		items = append(items, maps.Map{
 			"name":     "消息通知",
 			"url":      "/clusters/cluster/settings/message?clusterId=" + clusterId,
 			"isActive": selectedItem == "message",
-			"isOn":     hasMessageReceivers,
+			"isOn":     info != nil && info.HasMessageReceivers,
 		})
 	}
 
@@ -148,75 +155,13 @@ func (this *ClusterHelper) createSettingMenu(cluster *pb.NodeCluster, selectedIt
 		"url":      "/clusters/cluster/settings/services?clusterId=" + clusterId,
 		"isActive": selectedItem == "service",
 	})
-	items = append(items, maps.Map{
-		"name":     "TOA设置",
-		"url":      "/clusters/cluster/settings/toa?clusterId=" + clusterId,
-		"isActive": selectedItem == "toa",
-	})
+	{
+		items = append(items, maps.Map{
+			"name":     "TOA设置",
+			"url":      "/clusters/cluster/settings/toa?clusterId=" + clusterId,
+			"isActive": selectedItem == "toa",
+			"isOn":     info != nil && info.IsTOAEnabled,
+		})
+	}
 	return
 }
-
-// 检查健康检查是否开启
-func (this *ClusterHelper) checkHealthCheckIsOn(clusterId int64) (bool, error) {
-	rpcClient, err := rpc.SharedRPC()
-	if err != nil {
-		return false, err
-	}
-	resp, err := rpcClient.NodeClusterRPC().FindNodeClusterHealthCheckConfig(rpcClient.Context(0), &pb.FindNodeClusterHealthCheckConfigRequest{NodeClusterId: clusterId})
-	if err != nil {
-		return false, err
-	}
-	if len(resp.HealthCheckJSON) > 0 {
-		healthCheckConfig := &serverconfigs.HealthCheckConfig{}
-		err = json.Unmarshal(resp.HealthCheckJSON, healthCheckConfig)
-		if err != nil {
-			return false, err
-		}
-		return healthCheckConfig.IsOn, nil
-	}
-	return false, nil
-}
-
-// 检查是否有WAF动作
-func (this *ClusterHelper) checkFirewallActions(clusterId int64) (bool, error) {
-	rpcClient, err := rpc.SharedRPC()
-	if err != nil {
-		return false, err
-	}
-	resp, err := rpcClient.NodeClusterFirewallActionRPC().CountAllEnabledNodeClusterFirewallActions(rpcClient.Context(0), &pb.CountAllEnabledNodeClusterFirewallActionsRequest{NodeClusterId: clusterId})
-	if err != nil {
-		return false, err
-	}
-	return resp.Count > 0, nil
-}
-
-// 检查阈值是否已经设置
-func (this *ClusterHelper) checkThresholds(clusterId int64) (bool, error) {
-	rpcClient, err := rpc.SharedRPC()
-	if err != nil {
-		return false, err
-	}
-	resp, err := rpcClient.NodeThresholdRPC().CountAllEnabledNodeThresholds(rpcClient.Context(0), &pb.CountAllEnabledNodeThresholdsRequest{
-		Role:          "node",
-		NodeClusterId: clusterId,
-	})
-	if err != nil {
-		return false, err
-	}
-	return resp.Count > 0, nil
-}
-
-// 检查消息通知是否已经设置
-func (this *ClusterHelper) checkMessages(clusterId int64) (bool, error) {
-	rpcClient, err := rpc.SharedRPC()
-	if err != nil {
-		return false, err
-	}
-	resp, err := rpcClient.MessageReceiverRPC().CountAllEnabledMessageReceivers(rpcClient.Context(0), &pb.CountAllEnabledMessageReceiversRequest{
-		NodeClusterId: clusterId,
-	})
-	if err != nil {
-		return false, err
-	}
-	return resp.Count > 0, nil
-}

internal/web/actions/default/servers/certs/acme/create.go

@@ -72,6 +72,7 @@ func (this *CreateAction) RunPost(params struct {
 	DnsDomain     string
 	Domains       []string
 	AutoRenew     bool
+	AuthURL       string
 
 	Must *actions.Must
 }) {
@@ -123,6 +124,7 @@ func (this *CreateAction) RunPost(params struct {
 			DnsDomain:     dnsDomain,
 			Domains:       realDomains,
 			AutoRenew:     params.AutoRenew,
+			AuthURL:       params.AuthURL,
 		})
 		if err != nil {
 			this.ErrorPage(err)
@@ -138,6 +140,7 @@ func (this *CreateAction) RunPost(params struct {
 			DnsDomain:     dnsDomain,
 			Domains:       realDomains,
 			AutoRenew:     params.AutoRenew,
+			AuthURL:       params.AuthURL,
 		})
 		if err != nil {
 			this.ErrorPage(err)

internal/web/actions/default/servers/certs/acme/updateTaskPopup.go

@@ -61,6 +61,7 @@ func (this *UpdateTaskPopupAction) RunGet(params struct {
 		"domains":     task.Domains,
 		"autoRenew":   task.AutoRenew,
 		"isOn":        task.IsOn,
+		"authURL":     task.AuthURL,
 		"dnsProvider": dnsProviderMap,
 	}
 
@@ -94,6 +95,7 @@ func (this *UpdateTaskPopupAction) RunPost(params struct {
 	DnsDomain     string
 	Domains       []string
 	AutoRenew     bool
+	AuthURL       string
 
 	Must *actions.Must
 	CSRF *actionutils.CSRF
@@ -146,6 +148,7 @@ func (this *UpdateTaskPopupAction) RunPost(params struct {
 		DnsDomain:     dnsDomain,
 		Domains:       realDomains,
 		AutoRenew:     params.AutoRenew,
+		AuthURL:       params.AuthURL,
 	})
 	if err != nil {
 		this.ErrorPage(err)

internal/web/actions/default/servers/components/waf/ipadmin/lists.go

@@ -22,6 +22,7 @@ func (this *ListsAction) RunGet(params struct {
 	Type             string
 }) {
 	this.Data["subMenuItem"] = params.Type
+	this.Data["type"] = params.Type
 
 	listId, err := dao.SharedHTTPFirewallPolicyDAO.FindEnabledPolicyIPListIdWithType(this.AdminContext(), params.FirewallPolicyId, params.Type)
 	if err != nil {

internal/web/actions/default/servers/iplists/bindHTTPFirewallPopup.go

@@ -0,0 +1,141 @@
+// Copyright 2021 Liuxiangchao iwind.liu@gmail.com. All rights reserved.
+
+package iplists
+
+import (
+	"encoding/json"
+	"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
+	"github.com/TeaOSLab/EdgeCommon/pkg/rpc/dao"
+	"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
+	"github.com/TeaOSLab/EdgeCommon/pkg/serverconfigs/firewallconfigs"
+	"github.com/iwind/TeaGo/actions"
+	"github.com/iwind/TeaGo/lists"
+	"github.com/iwind/TeaGo/maps"
+)
+
+type BindHTTPFirewallPopupAction struct {
+	actionutils.ParentAction
+}
+
+func (this *BindHTTPFirewallPopupAction) Init() {
+	this.Nav("", "", "")
+}
+
+func (this *BindHTTPFirewallPopupAction) RunGet(params struct {
+	HttpFirewallPolicyId int64
+	Type                 string
+}) {
+	this.Data["httpFirewallPolicyId"] = params.HttpFirewallPolicyId
+
+	// 获取已经选中的名单IDs
+	var selectedIds = []int64{}
+	inboundConfig, err := dao.SharedHTTPFirewallPolicyDAO.FindEnabledHTTPFirewallPolicyInboundConfig(this.AdminContext(), params.HttpFirewallPolicyId)
+	if err != nil {
+		this.ErrorPage(err)
+		return
+	}
+	if inboundConfig != nil {
+		for _, ref := range inboundConfig.PublicAllowListRefs {
+			selectedIds = append(selectedIds, ref.ListId)
+		}
+		for _, ref := range inboundConfig.PublicDenyListRefs {
+			selectedIds = append(selectedIds, ref.ListId)
+		}
+	}
+
+	// 公共的名单
+	countResp, err := this.RPC().IPListRPC().CountAllEnabledIPLists(this.AdminContext(), &pb.CountAllEnabledIPListsRequest{
+		Type:     params.Type,
+		IsPublic: true,
+		Keyword:  "",
+	})
+	if err != nil {
+		this.ErrorPage(err)
+		return
+	}
+	count := countResp.Count
+	page := this.NewPage(count)
+	this.Data["page"] = page.AsHTML()
+
+	listsResp, err := this.RPC().IPListRPC().ListEnabledIPLists(this.AdminContext(), &pb.ListEnabledIPListsRequest{
+		Type:     params.Type,
+		IsPublic: true,
+		Keyword:  "",
+		Offset:   page.Offset,
+		Size:     page.Size,
+	})
+	if err != nil {
+		this.ErrorPage(err)
+		return
+	}
+	var listMaps = []maps.Map{}
+	for _, list := range listsResp.IpLists {
+		// 包含的IP数量
+		countItemsResp, err := this.RPC().IPItemRPC().CountIPItemsWithListId(this.AdminContext(), &pb.CountIPItemsWithListIdRequest{IpListId: list.Id})
+		if err != nil {
+			this.ErrorPage(err)
+			return
+		}
+		var countItems = countItemsResp.Count
+
+		listMaps = append(listMaps, maps.Map{
+			"id":          list.Id,
+			"isOn":        list.IsOn,
+			"name":        list.Name,
+			"description": list.Description,
+			"countItems":  countItems,
+			"type":        list.Type,
+			"isSelected":  lists.ContainsInt64(selectedIds, list.Id),
+		})
+	}
+	this.Data["lists"] = listMaps
+
+	this.Show()
+}
+
+func (this *BindHTTPFirewallPopupAction) RunPost(params struct {
+	HttpFirewallPolicyId int64
+	ListId               int64
+
+	Must *actions.Must
+}) {
+	defer this.CreateLogInfo("绑定IP名单 %d 到WAF策略 %d", params.ListId, params.HttpFirewallPolicyId)
+
+	// List类型
+	listResp, err := this.RPC().IPListRPC().FindEnabledIPList(this.AdminContext(), &pb.FindEnabledIPListRequest{IpListId: params.ListId})
+	if err != nil {
+		this.ErrorPage(err)
+		return
+	}
+	var list = listResp.IpList
+	if list == nil {
+		this.Fail("找不到要使用的IP名单")
+	}
+
+	// 已经绑定的
+	inboundConfig, err := dao.SharedHTTPFirewallPolicyDAO.FindEnabledHTTPFirewallPolicyInboundConfig(this.AdminContext(), params.HttpFirewallPolicyId)
+	if err != nil {
+		this.ErrorPage(err)
+		return
+	}
+	if inboundConfig == nil {
+		inboundConfig = &firewallconfigs.HTTPFirewallInboundConfig{IsOn: true}
+	}
+	inboundConfig.AddPublicList(list.Id, list.Type)
+
+	inboundJSON, err := json.Marshal(inboundConfig)
+	if err != nil {
+		this.ErrorPage(err)
+		return
+	}
+	_, err = this.RPC().HTTPFirewallPolicyRPC().UpdateHTTPFirewallInboundConfig(this.AdminContext(), &pb.UpdateHTTPFirewallInboundConfigRequest{
+		HttpFirewallPolicyId: params.HttpFirewallPolicyId,
+		InboundJSON:          inboundJSON,
+	})
+	if err != nil {
+		this.ErrorPage(err)
+		return
+	}
+
+	this.Success()
+}

internal/web/actions/default/servers/iplists/createIPPopup.go

@@ -0,0 +1,103 @@
+package iplists
+
+import (
+	"github.com/TeaOSLab/EdgeAdmin/internal/oplogs"
+	"github.com/TeaOSLab/EdgeAdmin/internal/utils"
+	"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
+	"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
+	"github.com/iwind/TeaGo/actions"
+)
+
+type CreateIPPopupAction struct {
+	actionutils.ParentAction
+}
+
+func (this *CreateIPPopupAction) Init() {
+	this.Nav("", "", "")
+}
+
+func (this *CreateIPPopupAction) RunGet(params struct {
+	ListId int64
+}) {
+	this.Data["listId"] = params.ListId
+
+	this.Show()
+}
+
+func (this *CreateIPPopupAction) RunPost(params struct {
+	ListId     int64
+	IpFrom     string
+	IpTo       string
+	ExpiredAt  int64
+	Reason     string
+	Type       string
+	EventLevel string
+
+	Must *actions.Must
+	CSRF *actionutils.CSRF
+}) {
+	// 校验IPList
+	existsResp, err := this.RPC().IPListRPC().ExistsEnabledIPList(this.AdminContext(), &pb.ExistsEnabledIPListRequest{IpListId: params.ListId})
+	if err != nil {
+		this.ErrorPage(err)
+		return
+	}
+	if !existsResp.Exists {
+		this.Fail("IP名单不存在")
+	}
+
+	switch params.Type {
+	case "ipv4":
+		params.Must.
+			Field("ipFrom", params.IpFrom).
+			Require("请输入开始IP")
+
+		// 校验IP格式（ipFrom/ipTo）
+		var ipFromLong uint64
+		if !utils.IsIPv4(params.IpFrom) {
+			this.Fail("请输入正确的开始IP")
+		}
+		ipFromLong = utils.IP2Long(params.IpFrom)
+
+		var ipToLong uint64
+		if len(params.IpTo) > 0 && !utils.IsIPv4(params.IpTo) {
+			ipToLong = utils.IP2Long(params.IpTo)
+			this.Fail("请输入正确的结束IP")
+		}
+
+		if ipFromLong > 0 && ipToLong > 0 && ipFromLong > ipToLong {
+			params.IpTo, params.IpFrom = params.IpFrom, params.IpTo
+		}
+	case "ipv6":
+		params.Must.
+			Field("ipFrom", params.IpFrom).
+			Require("请输入IP")
+
+		// 校验IP格式（ipFrom）
+		if !utils.IsIPv6(params.IpFrom) {
+			this.Fail("请输入正确的IPv6地址")
+		}
+	case "all":
+		params.IpFrom = "0.0.0.0"
+	}
+
+	createResp, err := this.RPC().IPItemRPC().CreateIPItem(this.AdminContext(), &pb.CreateIPItemRequest{
+		IpListId:   params.ListId,
+		IpFrom:     params.IpFrom,
+		IpTo:       params.IpTo,
+		ExpiredAt:  params.ExpiredAt,
+		Reason:     params.Reason,
+		Type:       params.Type,
+		EventLevel: params.EventLevel,
+	})
+	if err != nil {
+		this.ErrorPage(err)
+		return
+	}
+	itemId := createResp.IpItemId
+
+	// 日志
+	defer this.CreateLog(oplogs.LevelInfo, "在IP名单中添加IP %d", itemId)
+
+	this.Success()
+}

internal/web/actions/default/servers/iplists/createPopup.go

@@ -0,0 +1,64 @@
+// Copyright 2021 Liuxiangchao iwind.liu@gmail.com. All rights reserved.
+
+package iplists
+
+import (
+	"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
+	"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
+	"github.com/iwind/TeaGo/actions"
+	"github.com/iwind/TeaGo/maps"
+)
+
+type CreatePopupAction struct {
+	actionutils.ParentAction
+}
+
+func (this *CreatePopupAction) Init() {
+	this.Nav("", "", "")
+}
+
+func (this *CreatePopupAction) RunGet(params struct {
+	Type string
+}) {
+	this.Data["type"] = params.Type
+
+	this.Show()
+}
+
+func (this *CreatePopupAction) RunPost(params struct {
+	Name        string
+	Type        string
+	Description string
+
+	Must *actions.Must
+	CSRF *actionutils.CSRF
+}) {
+	var listId int64 = 0
+	defer func() {
+		defer this.CreateLogInfo("创建IP名单 %d", listId)
+	}()
+
+	params.Must.
+		Field("name", params.Name).
+		Require("请输入名称")
+
+	createResp, err := this.RPC().IPListRPC().CreateIPList(this.AdminContext(), &pb.CreateIPListRequest{
+		Type:        params.Type,
+		Name:        params.Name,
+		Code:        "",
+		TimeoutJSON: nil,
+		IsPublic:    true,
+		Description: params.Description,
+	})
+	if err != nil {
+		this.ErrorPage(err)
+		return
+	}
+	listId = createResp.IpListId
+
+	this.Data["list"] = maps.Map{
+		"type": params.Type,
+	}
+
+	this.Success()
+}

internal/web/actions/default/servers/iplists/delete.go

@@ -0,0 +1,27 @@
+// Copyright 2021 Liuxiangchao iwind.liu@gmail.com. All rights reserved.
+
+package iplists
+
+import (
+	"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
+	"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
+)
+
+type DeleteAction struct {
+	actionutils.ParentAction
+}
+
+func (this *DeleteAction) RunPost(params struct {
+	ListId int64
+}) {
+	defer this.CreateLogInfo("删除IP名单 %d", params.ListId)
+
+	// 删除
+	_, err := this.RPC().IPListRPC().DeleteIPList(this.AdminContext(), &pb.DeleteIPListRequest{IpListId: params.ListId})
+	if err != nil {
+		this.ErrorPage(err)
+		return
+	}
+
+	this.Success()
+}

internal/web/actions/default/servers/iplists/deleteIP.go

@@ -0,0 +1,26 @@
+package iplists
+
+import (
+	"github.com/TeaOSLab/EdgeAdmin/internal/oplogs"
+	"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
+	"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
+)
+
+type DeleteIPAction struct {
+	actionutils.ParentAction
+}
+
+func (this *DeleteIPAction) RunPost(params struct {
+	ItemId int64
+}) {
+	// 日志
+	defer this.CreateLog(oplogs.LevelInfo, "从IP名单中删除IP %d", params.ItemId)
+
+	_, err := this.RPC().IPItemRPC().DeleteIPItem(this.AdminContext(), &pb.DeleteIPItemRequest{IpItemId: params.ItemId})
+	if err != nil {
+		this.ErrorPage(err)
+		return
+	}
+
+	this.Success()
+}

internal/web/actions/default/servers/iplists/export.go

@@ -0,0 +1,25 @@
+// Copyright 2021 Liuxiangchao iwind.liu@gmail.com. All rights reserved.
+
+package iplists
+
+import "github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
+
+type ExportAction struct {
+	actionutils.ParentAction
+}
+
+func (this *ExportAction) Init() {
+	this.Nav("", "", "export")
+}
+
+func (this *ExportAction) RunGet(params struct {
+	ListId int64
+}) {
+	err := InitIPList(this.Parent(), params.ListId)
+	if err != nil {
+		this.ErrorPage(err)
+		return
+	}
+
+	this.Show()
+}

internal/web/actions/default/servers/iplists/exportData.go

@@ -0,0 +1,57 @@
+// Copyright 2021 Liuxiangchao iwind.liu@gmail.com. All rights reserved.
+
+package iplists
+
+import (
+	"github.com/TeaOSLab/EdgeAdmin/internal/utils/numberutils"
+	"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
+	"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
+	"github.com/golang/protobuf/proto"
+	"strconv"
+)
+
+type ExportDataAction struct {
+	actionutils.ParentAction
+}
+
+func (this *ExportDataAction) Init() {
+	this.Nav("", "", "")
+}
+
+func (this *ExportDataAction) RunGet(params struct {
+	ListId int64
+}) {
+	defer this.CreateLogInfo("导出IP名单 %d", params.ListId)
+
+	resp := &pb.ListIPItemsWithListIdResponse{}
+	var offset int64 = 0
+	var size int64 = 1000
+	for {
+		itemsResp, err := this.RPC().IPItemRPC().ListIPItemsWithListId(this.AdminContext(), &pb.ListIPItemsWithListIdRequest{
+			IpListId: params.ListId,
+			Offset:   offset,
+			Size:     size,
+		})
+		if err != nil {
+			this.ErrorPage(err)
+			return
+		}
+		if len(itemsResp.IpItems) == 0 {
+			break
+		}
+		for _, item := range itemsResp.IpItems {
+			resp.IpItems = append(resp.IpItems, item)
+		}
+		offset += size
+	}
+
+	data, err := proto.Marshal(resp)
+	if err != nil {
+		this.ErrorPage(err)
+		return
+	}
+
+	this.AddHeader("Content-Disposition", "attachment; filename=\"ip-list-"+numberutils.FormatInt64(params.ListId)+".data\";")
+	this.AddHeader("Content-Length", strconv.Itoa(len(data)))
+	this.Write(data)
+}

internal/web/actions/default/servers/iplists/httpFirewall.go

@@ -0,0 +1,59 @@
+// Copyright 2021 Liuxiangchao iwind.liu@gmail.com. All rights reserved.
+
+package iplists
+
+import (
+	"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
+	"github.com/TeaOSLab/EdgeCommon/pkg/rpc/dao"
+	"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
+	"github.com/TeaOSLab/EdgeCommon/pkg/serverconfigs/firewallconfigs"
+	"github.com/TeaOSLab/EdgeCommon/pkg/serverconfigs/ipconfigs"
+	"github.com/iwind/TeaGo/maps"
+)
+
+// HttpFirewallAction 显示已经绑定的IP名单
+type HttpFirewallAction struct {
+	actionutils.ParentAction
+}
+
+func (this *HttpFirewallAction) RunPost(params struct {
+	HttpFirewallPolicyId int64
+	Type                 string
+}) {
+	inboundConfig, err := dao.SharedHTTPFirewallPolicyDAO.FindEnabledHTTPFirewallPolicyInboundConfig(this.AdminContext(), params.HttpFirewallPolicyId)
+	if err != nil {
+		this.ErrorPage(err)
+		return
+	}
+	if inboundConfig == nil {
+		inboundConfig = &firewallconfigs.HTTPFirewallInboundConfig{IsOn: true}
+	}
+	var refs []*ipconfigs.IPListRef
+	switch params.Type {
+	case ipconfigs.IPListTypeBlack:
+		refs = inboundConfig.PublicDenyListRefs
+	case ipconfigs.IPListTypeWhite:
+		refs = inboundConfig.PublicAllowListRefs
+	}
+
+	listMaps := []maps.Map{}
+	for _, ref := range refs {
+		listResp, err := this.RPC().IPListRPC().FindEnabledIPList(this.AdminContext(), &pb.FindEnabledIPListRequest{IpListId: ref.ListId})
+		if err != nil {
+			this.ErrorPage(err)
+			return
+		}
+		var list = listResp.IpList
+		if list == nil {
+			continue
+		}
+
+		listMaps = append(listMaps, maps.Map{
+			"id":   list.Id,
+			"name": list.Name,
+		})
+	}
+	this.Data["lists"] = listMaps
+
+	this.Success()
+}

internal/web/actions/default/servers/iplists/import.go

@@ -0,0 +1,87 @@
+// Copyright 2021 Liuxiangchao iwind.liu@gmail.com. All rights reserved.
+
+package iplists
+
+import (
+	"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
+	"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
+	"github.com/golang/protobuf/proto"
+	"github.com/iwind/TeaGo/actions"
+)
+
+type ImportAction struct {
+	actionutils.ParentAction
+}
+
+func (this *ImportAction) Init() {
+	this.Nav("", "", "import")
+}
+
+func (this *ImportAction) RunGet(params struct {
+	ListId int64
+}) {
+	err := InitIPList(this.Parent(), params.ListId)
+	if err != nil {
+		this.ErrorPage(err)
+		return
+	}
+
+	this.Show()
+}
+
+func (this *ImportAction) RunPost(params struct {
+	ListId int64
+	File   *actions.File
+
+	Must *actions.Must
+	CSRF *actionutils.CSRF
+}) {
+	defer this.CreateLogInfo("导入IP名单 %d", params.ListId)
+
+	existsResp, err := this.RPC().IPListRPC().ExistsEnabledIPList(this.AdminContext(), &pb.ExistsEnabledIPListRequest{IpListId: params.ListId})
+	if err != nil {
+		this.ErrorPage(err)
+		return
+	}
+	if !existsResp.Exists {
+		this.Fail("IP名单不存在")
+	}
+
+	if params.File == nil {
+		this.Fail("请选择要导入的IP文件")
+	}
+
+	data, err := params.File.Read()
+	if err != nil {
+		this.ErrorPage(err)
+		return
+	}
+	resp := &pb.ListIPItemsWithListIdResponse{}
+	err = proto.Unmarshal(data, resp)
+	if err != nil {
+		this.Fail("导入失败，文件格式错误：" + err.Error())
+	}
+
+	var count = 0
+	var countIgnore = 0
+	for _, item := range resp.IpItems {
+		_, err = this.RPC().IPItemRPC().CreateIPItem(this.AdminContext(), &pb.CreateIPItemRequest{
+			IpListId:   params.ListId,
+			IpFrom:     item.IpFrom,
+			IpTo:       item.IpTo,
+			ExpiredAt:  item.ExpiredAt,
+			Reason:     item.Reason,
+			Type:       item.Type,
+			EventLevel: item.EventLevel,
+		})
+		if err != nil {
+			this.Fail("导入过程中出错：" + err.Error())
+		}
+		count++
+	}
+
+	this.Data["count"] = count
+	this.Data["countIgnore"] = countIgnore
+
+	this.Success()
+}

internal/web/actions/default/servers/iplists/index.go

@@ -0,0 +1,76 @@
+// Copyright 2021 Liuxiangchao iwind.liu@gmail.com. All rights reserved.
+
+package iplists
+
+import (
+	"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
+	"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
+	"github.com/TeaOSLab/EdgeCommon/pkg/serverconfigs/ipconfigs"
+	"github.com/iwind/TeaGo/maps"
+)
+
+type IndexAction struct {
+	actionutils.ParentAction
+}
+
+func (this *IndexAction) Init() {
+	this.Nav("", "", "index")
+}
+
+func (this *IndexAction) RunGet(params struct {
+	Type    string
+	Keyword string
+}) {
+	if len(params.Type) == 0 {
+		params.Type = ipconfigs.IPListTypeBlack
+	}
+	this.Data["type"] = params.Type
+	this.Data["keyword"] = params.Keyword
+
+	countResp, err := this.RPC().IPListRPC().CountAllEnabledIPLists(this.AdminContext(), &pb.CountAllEnabledIPListsRequest{
+		Type:     params.Type,
+		IsPublic: true,
+		Keyword:  params.Keyword,
+	})
+	if err != nil {
+		this.ErrorPage(err)
+		return
+	}
+	count := countResp.Count
+	page := this.NewPage(count)
+	this.Data["page"] = page.AsHTML()
+
+	listsResp, err := this.RPC().IPListRPC().ListEnabledIPLists(this.AdminContext(), &pb.ListEnabledIPListsRequest{
+		Type:     params.Type,
+		IsPublic: true,
+		Keyword:  params.Keyword,
+		Offset:   page.Offset,
+		Size:     page.Size,
+	})
+	if err != nil {
+		this.ErrorPage(err)
+		return
+	}
+	var listMaps = []maps.Map{}
+	for _, list := range listsResp.IpLists {
+		// 包含的IP数量
+		countItemsResp, err := this.RPC().IPItemRPC().CountIPItemsWithListId(this.AdminContext(), &pb.CountIPItemsWithListIdRequest{IpListId: list.Id})
+		if err != nil {
+			this.ErrorPage(err)
+			return
+		}
+		var countItems = countItemsResp.Count
+
+		listMaps = append(listMaps, maps.Map{
+			"id":          list.Id,
+			"isOn":        list.IsOn,
+			"name":        list.Name,
+			"description": list.Description,
+			"countItems":  countItems,
+			"type":        list.Type,
+		})
+	}
+	this.Data["lists"] = listMaps
+
+	this.Show()
+}

internal/web/actions/default/servers/iplists/init.go

@@ -0,0 +1,39 @@
+package iplists
+
+import (
+	"github.com/TeaOSLab/EdgeAdmin/internal/configloaders"
+	"github.com/TeaOSLab/EdgeAdmin/internal/web/helpers"
+	"github.com/iwind/TeaGo"
+)
+
+func init() {
+	TeaGo.BeforeStart(func(server *TeaGo.Server) {
+		server.
+			Helper(helpers.NewUserMustAuth(configloaders.AdminModuleCodeServer)).
+			Data("teaMenu", "servers").
+			Data("teaSubMenu", "iplist").
+			Prefix("/servers/iplists").
+			Get("", new(IndexAction)).
+			GetPost("/createPopup", new(CreatePopupAction)).
+			Get("/list", new(ListAction)).
+			GetPost("/import", new(ImportAction)).
+			GetPost("/export", new(ExportAction)).
+			Get("/exportData", new(ExportDataAction)).
+			Post("/delete", new(DeleteAction)).
+			GetPost("/test", new(TestAction)).
+			GetPost("/update", new(UpdateAction)).
+			Get("/items", new(ItemsAction)).
+
+			// IP相关
+			GetPost("/createIPPopup", new(CreateIPPopupAction)).
+			GetPost("/updateIPPopup", new(UpdateIPPopupAction)).
+			Post("/deleteIP", new(DeleteIPAction)).
+
+			// 防火墙
+			GetPost("/bindHTTPFirewallPopup", new(BindHTTPFirewallPopupAction)).
+			Post("/unbindHTTPFirewall", new(UnbindHTTPFirewallAction)).
+			Post("/httpFirewall", new(HttpFirewallAction)).
+
+			EndAll()
+	})
+}

internal/web/actions/default/servers/iplists/items.go

@@ -0,0 +1,71 @@
+// Copyright 2021 Liuxiangchao iwind.liu@gmail.com. All rights reserved.
+
+package iplists
+
+import (
+	"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
+	"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
+	"github.com/TeaOSLab/EdgeCommon/pkg/serverconfigs/firewallconfigs"
+	"github.com/iwind/TeaGo/maps"
+	timeutil "github.com/iwind/TeaGo/utils/time"
+)
+
+type ItemsAction struct {
+	actionutils.ParentAction
+}
+
+func (this *ItemsAction) Init() {
+	this.Nav("", "", "item")
+}
+
+func (this *ItemsAction) RunGet(params struct {
+	ListId int64
+}) {
+	err := InitIPList(this.Parent(), params.ListId)
+	if err != nil {
+		this.ErrorPage(err)
+		return
+	}
+
+	// 数量
+	var listId = params.ListId
+	countResp, err := this.RPC().IPItemRPC().CountIPItemsWithListId(this.AdminContext(), &pb.CountIPItemsWithListIdRequest{IpListId: listId})
+	if err != nil {
+		this.ErrorPage(err)
+		return
+	}
+	count := countResp.Count
+	page := this.NewPage(count)
+	this.Data["page"] = page.AsHTML()
+
+	// 列表
+	itemsResp, err := this.RPC().IPItemRPC().ListIPItemsWithListId(this.AdminContext(), &pb.ListIPItemsWithListIdRequest{
+		IpListId: listId,
+		Offset:   page.Offset,
+		Size:     page.Size,
+	})
+	if err != nil {
+		this.ErrorPage(err)
+		return
+	}
+	itemMaps := []maps.Map{}
+	for _, item := range itemsResp.IpItems {
+		expiredTime := ""
+		if item.ExpiredAt > 0 {
+			expiredTime = timeutil.FormatTime("Y-m-d H:i:s", item.ExpiredAt)
+		}
+
+		itemMaps = append(itemMaps, maps.Map{
+			"id":             item.Id,
+			"ipFrom":         item.IpFrom,
+			"ipTo":           item.IpTo,
+			"expiredTime":    expiredTime,
+			"reason":         item.Reason,
+			"type":           item.Type,
+			"eventLevelName": firewallconfigs.FindFirewallEventLevelName(item.EventLevel),
+		})
+	}
+	this.Data["items"] = itemMaps
+
+	this.Show()
+}

internal/web/actions/default/servers/iplists/list.go

@@ -0,0 +1,25 @@
+// Copyright 2021 Liuxiangchao iwind.liu@gmail.com. All rights reserved.
+
+package iplists
+
+import "github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
+
+type ListAction struct {
+	actionutils.ParentAction
+}
+
+func (this *ListAction) Init() {
+	this.Nav("", "", "list")
+}
+
+func (this *ListAction) RunGet(params struct{
+	ListId int64
+}) {
+	err := InitIPList(this.Parent(), params.ListId)
+	if err != nil {
+		this.ErrorPage(err)
+		return
+	}
+
+	this.Show()
+}

internal/web/actions/default/servers/iplists/test.go

@@ -0,0 +1,74 @@
+// Copyright 2021 Liuxiangchao iwind.liu@gmail.com. All rights reserved.
+
+package iplists
+
+import (
+	"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
+	"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
+	"github.com/TeaOSLab/EdgeCommon/pkg/serverconfigs/firewallconfigs"
+	"github.com/iwind/TeaGo/actions"
+	"github.com/iwind/TeaGo/maps"
+	timeutil "github.com/iwind/TeaGo/utils/time"
+)
+
+type TestAction struct {
+	actionutils.ParentAction
+}
+
+func (this *TestAction) Init() {
+	this.Nav("", "", "test")
+}
+
+func (this *TestAction) RunGet(params struct {
+	ListId int64
+}) {
+	err := InitIPList(this.Parent(), params.ListId)
+	if err != nil {
+		this.ErrorPage(err)
+		return
+	}
+
+	this.Show()
+}
+
+func (this *TestAction) RunPost(params struct {
+	ListId int64
+	Ip     string
+
+	Must *actions.Must
+	CSRF *actionutils.CSRF
+}) {
+	resp, err := this.RPC().IPItemRPC().CheckIPItemStatus(this.AdminContext(), &pb.CheckIPItemStatusRequest{
+		IpListId: params.ListId,
+		Ip:       params.Ip,
+	})
+	if err != nil {
+		this.ErrorPage(err)
+		return
+	}
+
+	resultMap := maps.Map{
+		"isDone":    true,
+		"isFound":   resp.IsFound,
+		"isOk":      resp.IsOk,
+		"error":     resp.Error,
+		"isAllowed": resp.IsAllowed,
+	}
+
+	if resp.IpItem != nil {
+		resultMap["item"] = maps.Map{
+			"id":             resp.IpItem.Id,
+			"ipFrom":         resp.IpItem.IpFrom,
+			"ipTo":           resp.IpItem.IpTo,
+			"reason":         resp.IpItem.Reason,
+			"expiredAt":      resp.IpItem.ExpiredAt,
+			"expiredTime":    timeutil.FormatTime("Y-m-d H:i:s", resp.IpItem.ExpiredAt),
+			"type":           resp.IpItem.Type,
+			"eventLevelName": firewallconfigs.FindFirewallEventLevelName(resp.IpItem.EventLevel),
+		}
+	}
+
+	this.Data["result"] = resultMap
+
+	this.Success()
+}

internal/web/actions/default/servers/iplists/unbindHTTPFirewall.go

@@ -0,0 +1,60 @@
+// Copyright 2021 Liuxiangchao iwind.liu@gmail.com. All rights reserved.
+
+package iplists
+
+import (
+	"encoding/json"
+	"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
+	"github.com/TeaOSLab/EdgeCommon/pkg/rpc/dao"
+	"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
+	"github.com/TeaOSLab/EdgeCommon/pkg/serverconfigs/firewallconfigs"
+)
+
+type UnbindHTTPFirewallAction struct {
+	actionutils.ParentAction
+}
+
+func (this *UnbindHTTPFirewallAction) RunPost(params struct {
+	HttpFirewallPolicyId int64
+	ListId               int64
+}) {
+	defer this.CreateLogInfo("接触绑定IP名单 %d WAF策略 %d", params.ListId, params.HttpFirewallPolicyId)
+
+	// List类型
+	listResp, err := this.RPC().IPListRPC().FindEnabledIPList(this.AdminContext(), &pb.FindEnabledIPListRequest{IpListId: params.ListId})
+	if err != nil {
+		this.ErrorPage(err)
+		return
+	}
+	var list = listResp.IpList
+	if list == nil {
+		this.Fail("找不到要使用的IP名单")
+	}
+
+	// 已经绑定的
+	inboundConfig, err := dao.SharedHTTPFirewallPolicyDAO.FindEnabledHTTPFirewallPolicyInboundConfig(this.AdminContext(), params.HttpFirewallPolicyId)
+	if err != nil {
+		this.ErrorPage(err)
+		return
+	}
+	if inboundConfig == nil {
+		inboundConfig = &firewallconfigs.HTTPFirewallInboundConfig{IsOn: true}
+	}
+	inboundConfig.RemovePublicList(list.Id, list.Type)
+
+	inboundJSON, err := json.Marshal(inboundConfig)
+	if err != nil {
+		this.ErrorPage(err)
+		return
+	}
+	_, err = this.RPC().HTTPFirewallPolicyRPC().UpdateHTTPFirewallInboundConfig(this.AdminContext(), &pb.UpdateHTTPFirewallInboundConfigRequest{
+		HttpFirewallPolicyId: params.HttpFirewallPolicyId,
+		InboundJSON:          inboundJSON,
+	})
+	if err != nil {
+		this.ErrorPage(err)
+		return
+	}
+
+	this.Success()
+}

internal/web/actions/default/servers/iplists/update.go

@@ -0,0 +1,58 @@
+// Copyright 2021 Liuxiangchao iwind.liu@gmail.com. All rights reserved.
+
+package iplists
+
+import (
+	"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
+	"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
+	"github.com/iwind/TeaGo/actions"
+)
+
+type UpdateAction struct {
+	actionutils.ParentAction
+}
+
+func (this *UpdateAction) Init() {
+	this.Nav("", "", "update")
+}
+
+func (this *UpdateAction) RunGet(params struct {
+	ListId int64
+}) {
+	err := InitIPList(this.Parent(), params.ListId)
+	if err != nil {
+		this.ErrorPage(err)
+		return
+	}
+
+	this.Show()
+}
+
+func (this *UpdateAction) RunPost(params struct {
+	ListId      int64
+	Name        string
+	Type        string
+	Description string
+
+	Must *actions.Must
+	CSRF *actionutils.CSRF
+}) {
+	defer this.CreateLogInfo("修改IP名单 %d", params.ListId)
+
+	params.Must.
+		Field("name", params.Name).
+		Require("请输入名称")
+
+	_, err := this.RPC().IPListRPC().UpdateIPList(this.AdminContext(), &pb.UpdateIPListRequest{
+		IpListId:    params.ListId,
+		Name:        params.Name,
+		Code:        "",
+		TimeoutJSON: nil,
+		Description: params.Description,
+	})
+	if err != nil {
+		this.ErrorPage(err)
+		return
+	}
+	this.Success()
+}

internal/web/actions/default/servers/iplists/updateIPPopup.go

@@ -0,0 +1,117 @@
+package iplists
+
+import (
+	"github.com/TeaOSLab/EdgeAdmin/internal/oplogs"
+	"github.com/TeaOSLab/EdgeAdmin/internal/utils"
+	"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
+	"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
+	"github.com/iwind/TeaGo/actions"
+	"github.com/iwind/TeaGo/maps"
+)
+
+type UpdateIPPopupAction struct {
+	actionutils.ParentAction
+}
+
+func (this *UpdateIPPopupAction) Init() {
+	this.Nav("", "", "")
+}
+
+func (this *UpdateIPPopupAction) RunGet(params struct {
+	ItemId int64
+}) {
+	itemResp, err := this.RPC().IPItemRPC().FindEnabledIPItem(this.AdminContext(), &pb.FindEnabledIPItemRequest{IpItemId: params.ItemId})
+	if err != nil {
+		this.ErrorPage(err)
+		return
+	}
+	item := itemResp.IpItem
+	if item == nil {
+		this.NotFound("ipItem", params.ItemId)
+		return
+	}
+
+	this.Data["item"] = maps.Map{
+		"id":         item.Id,
+		"ipFrom":     item.IpFrom,
+		"ipTo":       item.IpTo,
+		"expiredAt":  item.ExpiredAt,
+		"reason":     item.Reason,
+		"type":       item.Type,
+		"eventLevel": item.EventLevel,
+	}
+
+	this.Data["type"] = item.Type
+
+	this.Show()
+}
+
+func (this *UpdateIPPopupAction) RunPost(params struct {
+	ItemId int64
+
+	IpFrom     string
+	IpTo       string
+	ExpiredAt  int64
+	Reason     string
+	Type       string
+	EventLevel string
+
+	Must *actions.Must
+	CSRF *actionutils.CSRF
+}) {
+	// 日志
+	defer this.CreateLog(oplogs.LevelInfo, "修改IP名单中IP %d", params.ItemId)
+
+	// TODO 校验ItemId所属用户
+
+	switch params.Type {
+	case "ipv4":
+		params.Must.
+			Field("ipFrom", params.IpFrom).
+			Require("请输入开始IP")
+
+		// 校验IP格式（ipFrom/ipTo）
+		var ipFromLong uint64
+		if !utils.IsIPv4(params.IpFrom) {
+			this.Fail("请输入正确的开始IP")
+		}
+		ipFromLong = utils.IP2Long(params.IpFrom)
+
+		var ipToLong uint64
+		if len(params.IpTo) > 0 && !utils.IsIPv4(params.IpTo) {
+			ipToLong = utils.IP2Long(params.IpTo)
+			this.Fail("请输入正确的结束IP")
+		}
+
+		if ipFromLong > 0 && ipToLong > 0 && ipFromLong > ipToLong {
+			params.IpTo, params.IpFrom = params.IpFrom, params.IpTo
+		}
+	case "ipv6":
+		params.Must.
+			Field("ipFrom", params.IpFrom).
+			Require("请输入IP")
+
+		// 校验IP格式（ipFrom）
+		if !utils.IsIPv6(params.IpFrom) {
+			this.Fail("请输入正确的IPv6地址")
+		}
+	case "all":
+		params.IpFrom = "0.0.0.0"
+	}
+
+	_, err := this.RPC().IPItemRPC().UpdateIPItem(this.AdminContext(), &pb.UpdateIPItemRequest{
+		IpItemId:   params.ItemId,
+		IpFrom:     params.IpFrom,
+		IpTo:       params.IpTo,
+		ExpiredAt:  params.ExpiredAt,
+		Reason:     params.Reason,
+		Type:       params.Type,
+		EventLevel: params.EventLevel,
+	})
+	if err != nil {
+		this.ErrorPage(err)
+		return
+	}
+
+	this.Success()
+}

internal/web/actions/default/servers/iplists/utils.go

@@ -0,0 +1,52 @@
+// Copyright 2021 Liuxiangchao iwind.liu@gmail.com. All rights reserved.
+
+package iplists
+
+import (
+	"errors"
+	"github.com/TeaOSLab/EdgeAdmin/internal/rpc"
+	"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
+	"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
+	"github.com/iwind/TeaGo/maps"
+)
+
+func InitIPList(action *actionutils.ParentAction, listId int64) error {
+	client, err := rpc.SharedRPC()
+	if err != nil {
+		return err
+	}
+	listResp, err := client.IPListRPC().FindEnabledIPList(action.AdminContext(), &pb.FindEnabledIPListRequest{IpListId: listId})
+	if err != nil {
+		return err
+	}
+	list := listResp.IpList
+	if list == nil {
+		return errors.New("not found")
+	}
+
+	var typeName = ""
+	switch list.Type {
+	case "black":
+		typeName = "黑名单"
+	case "white":
+		typeName = "白名单"
+	}
+
+	// IP数量
+	countItemsResp, err := client.IPItemRPC().CountIPItemsWithListId(action.AdminContext(), &pb.CountIPItemsWithListIdRequest{IpListId: listId})
+	if err != nil {
+		return err
+	}
+	countItems := countItemsResp.Count
+
+	action.Data["list"] = maps.Map{
+		"id":          list.Id,
+		"name":        list.Name,
+		"type":        list.Type,
+		"typeName":    typeName,
+		"description": list.Description,
+		"isOn":        list.IsOn,
+		"countItems":  countItems,
+	}
+	return nil
+}

internal/web/actions/default/servers/metrics/charts.go

@@ -0,0 +1,25 @@
+// Copyright 2021 Liuxiangchao iwind.liu@gmail.com. All rights reserved.
+
+package metrics
+
+import "github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
+
+type ChartsAction struct {
+	actionutils.ParentAction
+}
+
+func (this *ChartsAction) Init() {
+	this.Nav("", "", "chart")
+}
+
+func (this *ChartsAction) RunGet(params struct {
+	ItemId int64
+}) {
+	err := InitItem(this.Parent(), params.ItemId)
+	if err != nil {
+		this.ErrorPage(err)
+		return
+	}
+
+	this.Show()
+}

internal/web/actions/default/servers/metrics/createPopup.go

@@ -0,0 +1,83 @@
+// Copyright 2021 Liuxiangchao iwind.liu@gmail.com. All rights reserved.
+
+package metrics
+
+import (
+	"encoding/json"
+	"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
+	"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
+	"github.com/iwind/TeaGo/actions"
+	"github.com/iwind/TeaGo/maps"
+)
+
+type CreatePopupAction struct {
+	actionutils.ParentAction
+}
+
+func (this *CreatePopupAction) Init() {
+	this.Nav("", "", "")
+}
+
+func (this *CreatePopupAction) RunGet(params struct {
+	Category string
+}) {
+	this.Data["category"] = params.Category
+
+	this.Show()
+}
+
+func (this *CreatePopupAction) RunPost(params struct {
+	Name       string
+	Category   string
+	KeysJSON   []byte
+	PeriodJSON []byte
+	Value      string
+
+	Must *actions.Must
+	CSRF *actionutils.CSRF
+}) {
+	params.Must.
+		Field("name", params.Name).
+		Require("请输入指标名称")
+
+	if len(params.Category) == 0 {
+		this.Fail("请选择指标类型")
+	}
+
+	// 统计对象
+	if len(params.KeysJSON) == 0 {
+		this.FailField("keys", "请选择指标统计的对象")
+	}
+	var keys = []string{}
+	err := json.Unmarshal(params.KeysJSON, &keys)
+	if err != nil {
+		this.FailField("keys", "解析指标对象失败")
+	}
+	if len(keys) == 0 {
+		this.FailField("keys", "请选择指标统计的对象")
+	}
+
+	var periodMap = maps.Map{}
+	err = json.Unmarshal(params.PeriodJSON, &periodMap)
+	if err != nil {
+		this.FailField("period", "解析统计周期失败")
+	}
+	var period = periodMap.GetInt32("period")
+	var periodUnit = periodMap.GetString("unit")
+
+	createResp, err := this.RPC().MetricItemRPC().CreateMetricItem(this.AdminContext(), &pb.CreateMetricItemRequest{
+		Code:       "", // TODO 未来实现
+		Category:   params.Category,
+		Name:       params.Name,
+		Keys:       keys,
+		Period:     period,
+		PeriodUnit: periodUnit,
+		Value:      params.Value,
+	})
+	if err != nil {
+		this.ErrorPage(err)
+		return
+	}
+	defer this.CreateLogInfo("创建统计指标 %d", createResp.MetricItemId)
+	this.Success()
+}

internal/web/actions/default/servers/metrics/delete.go

@@ -0,0 +1,26 @@
+// Copyright 2021 Liuxiangchao iwind.liu@gmail.com. All rights reserved.
+
+package metrics
+
+import (
+	"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
+	"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
+)
+
+type DeleteAction struct {
+	actionutils.ParentAction
+}
+
+func (this *DeleteAction) RunPost(params struct {
+	ItemId int64
+}) {
+	defer this.CreateLogInfo("删除统计指标")
+
+	_, err := this.RPC().MetricItemRPC().DeleteMetricItem(this.AdminContext(), &pb.DeleteMetricItemRequest{MetricItemId: params.ItemId})
+	if err != nil {
+		this.ErrorPage(err)
+		return
+	}
+
+	this.Success()
+}

internal/web/actions/default/servers/metrics/index.go

@@ -0,0 +1,61 @@
+// Copyright 2021 Liuxiangchao iwind.liu@gmail.com. All rights reserved.
+
+package metrics
+
+import (
+	"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
+	"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
+	"github.com/iwind/TeaGo/maps"
+)
+
+type IndexAction struct {
+	actionutils.ParentAction
+}
+
+func (this *IndexAction) Init() {
+	this.Nav("", "", "")
+}
+
+func (this *IndexAction) RunGet(params struct {
+	Category string
+}) {
+	if len(params.Category) == 0 {
+		params.Category = "http"
+	}
+	this.Data["category"] = params.Category
+
+	countResp, err := this.RPC().MetricItemRPC().CountAllEnabledMetricItems(this.AdminContext(), &pb.CountAllEnabledMetricItemsRequest{Category: params.Category})
+	if err != nil {
+		this.ErrorPage(err)
+		return
+	}
+	var count = countResp.Count
+	page := this.NewPage(count)
+	this.Data["page"] = page.AsHTML()
+
+	itemsResp, err := this.RPC().MetricItemRPC().ListEnabledMetricItems(this.AdminContext(), &pb.ListEnabledMetricItemsRequest{
+		Category: params.Category,
+		Offset:   page.Offset,
+		Size:     page.Size,
+	})
+	if err != nil {
+		this.ErrorPage(err)
+		return
+	}
+	var itemMaps = []maps.Map{}
+	for _, item := range itemsResp.MetricItems {
+		itemMaps = append(itemMaps, maps.Map{
+			"id":         item.Id,
+			"name":       item.Name,
+			"isOn":       item.IsOn,
+			"period":     item.Period,
+			"periodUnit": item.PeriodUnit,
+			"keys":       item.Keys,
+			"value":      item.Value,
+			"category":   item.Category,
+		})
+	}
+	this.Data["items"] = itemMaps
+
+	this.Show()
+}

internal/web/actions/default/servers/metrics/init.go

@@ -0,0 +1,24 @@
+package metrics
+
+import (
+	"github.com/TeaOSLab/EdgeAdmin/internal/configloaders"
+	"github.com/TeaOSLab/EdgeAdmin/internal/web/helpers"
+	"github.com/iwind/TeaGo"
+)
+
+func init() {
+	TeaGo.BeforeStart(func(server *TeaGo.Server) {
+		server.
+			Helper(helpers.NewUserMustAuth(configloaders.AdminModuleCodeServer)).
+			Data("teaMenu", "servers").
+			Data("teaSubMenu", "metric").
+			Prefix("/servers/metrics").
+			Get("", new(IndexAction)).
+			GetPost("/createPopup", new(CreatePopupAction)).
+			GetPost("/update", new(UpdateAction)).
+			Post("/delete", new(DeleteAction)).
+			Get("/item", new(ItemAction)).
+			Get("/charts", new(ChartsAction)).
+			EndAll()
+	})
+}

internal/web/actions/default/servers/metrics/item.go

@@ -0,0 +1,25 @@
+// Copyright 2021 Liuxiangchao iwind.liu@gmail.com. All rights reserved.
+
+package metrics
+
+import "github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
+
+type ItemAction struct {
+	actionutils.ParentAction
+}
+
+func (this *ItemAction) Init() {
+	this.Nav("", "", "item")
+}
+
+func (this *ItemAction) RunGet(params struct {
+	ItemId int64
+}) {
+	err := InitItem(this.Parent(), params.ItemId)
+	if err != nil {
+		this.ErrorPage(err)
+		return
+	}
+
+	this.Show()
+}

internal/web/actions/default/servers/metrics/update.go

@@ -0,0 +1,84 @@
+// Copyright 2021 Liuxiangchao iwind.liu@gmail.com. All rights reserved.
+
+package metrics
+
+import (
+	"encoding/json"
+	"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
+	"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
+	"github.com/iwind/TeaGo/actions"
+	"github.com/iwind/TeaGo/maps"
+)
+
+type UpdateAction struct {
+	actionutils.ParentAction
+}
+
+func (this *UpdateAction) Init() {
+	this.Nav("", "", "update")
+}
+
+func (this *UpdateAction) RunGet(params struct {
+	ItemId int64
+}) {
+	err := InitItem(this.Parent(), params.ItemId)
+	if err != nil {
+		this.ErrorPage(err)
+		return
+	}
+
+	this.Show()
+}
+
+func (this *UpdateAction) RunPost(params struct {
+	ItemId     int64
+	Name       string
+	KeysJSON   []byte
+	PeriodJSON []byte
+	Value      string
+	IsOn       bool
+
+	Must *actions.Must
+	CSRF *actionutils.CSRF
+}) {
+	params.Must.
+		Field("name", params.Name).
+		Require("请输入指标名称")
+
+	// 统计对象
+	if len(params.KeysJSON) == 0 {
+		this.FailField("keys", "请选择指标统计的对象")
+	}
+	var keys = []string{}
+	err := json.Unmarshal(params.KeysJSON, &keys)
+	if err != nil {
+		this.FailField("keys", "解析指标对象失败")
+	}
+	if len(keys) == 0 {
+		this.FailField("keys", "请选择指标统计的对象")
+	}
+
+	var periodMap = maps.Map{}
+	err = json.Unmarshal(params.PeriodJSON, &periodMap)
+	if err != nil {
+		this.FailField("period", "解析统计周期失败")
+	}
+	var period = periodMap.GetInt32("period")
+	var periodUnit = periodMap.GetString("unit")
+
+	_, err = this.RPC().MetricItemRPC().UpdateMetricItem(this.AdminContext(), &pb.UpdateMetricItemRequest{
+		MetricItemId: params.ItemId,
+		Name:         params.Name,
+		Keys:         keys,
+		Period:       period,
+		PeriodUnit:   periodUnit,
+		Value:        params.Value,
+		IsOn:         params.IsOn,
+	})
+	if err != nil {
+		this.ErrorPage(err)
+		return
+	}
+	defer this.CreateLogInfo("修改统计指标 %d", params.ItemId)
+	this.Success()
+}

internal/web/actions/default/servers/metrics/utils.go

@@ -0,0 +1,37 @@
+// Copyright 2021 Liuxiangchao iwind.liu@gmail.com. All rights reserved.
+
+package metrics
+
+import (
+	"errors"
+	"github.com/TeaOSLab/EdgeAdmin/internal/rpc"
+	"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
+	"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
+	"github.com/iwind/TeaGo/maps"
+)
+
+func InitItem(parent *actionutils.ParentAction, itemId int64) error {
+	client, err := rpc.SharedRPC()
+	if err != nil {
+		return err
+	}
+	resp, err := client.MetricItemRPC().FindEnabledMetricItem(parent.AdminContext(), &pb.FindEnabledMetricItemRequest{MetricItemId: itemId})
+	if err != nil {
+		return err
+	}
+	var item = resp.MetricItem
+	if item == nil {
+		return errors.New("not found")
+	}
+	parent.Data["item"] = maps.Map{
+		"id":         item.Id,
+		"name":       item.Name,
+		"isOn":       item.IsOn,
+		"keys":       item.Keys,
+		"value":      item.Value,
+		"period":     item.Period,
+		"periodUnit": item.PeriodUnit,
+		"category":   item.Category,
+	}
+	return nil
+}

internal/web/actions/default/servers/server/settings/access/createPopup.go

@@ -0,0 +1,123 @@
+// Copyright 2021 Liuxiangchao iwind.liu@gmail.com. All rights reserved.
+
+package access
+
+import (
+	"encoding/json"
+	"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
+	"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
+	"github.com/TeaOSLab/EdgeCommon/pkg/serverconfigs"
+	"github.com/iwind/TeaGo/actions"
+)
+
+type CreatePopupAction struct {
+	actionutils.ParentAction
+}
+
+func (this *CreatePopupAction) Init() {
+	this.Nav("", "", "")
+}
+
+func (this *CreatePopupAction) RunGet(params struct{}) {
+	this.Data["authTypes"] = serverconfigs.FindAllHTTPAuthTypes()
+	this.Show()
+}
+
+func (this *CreatePopupAction) RunPost(params struct {
+	Name string
+	Type string
+
+	// BasicAuth
+	HttpAuthBasicAuthUsersJSON []byte
+	BasicAuthRealm             string
+	BasicAuthCharset           string
+
+	// SubRequest
+	SubRequestURL           string
+	SubRequestMethod        string
+	SubRequestFollowRequest bool
+
+	Must *actions.Must
+	CSRF *actionutils.CSRF
+}) {
+	params.Must.
+		Field("name", params.Name).
+		Require("请输入名称").
+		Field("type", params.Type).
+		Require("请输入认证类型")
+
+	var ref = &serverconfigs.HTTPAuthPolicyRef{IsOn: true}
+	var paramsJSON []byte
+
+	switch params.Type {
+	case serverconfigs.HTTPAuthTypeBasicAuth:
+		users := []*serverconfigs.HTTPAuthBasicMethodUser{}
+		err := json.Unmarshal(params.HttpAuthBasicAuthUsersJSON, &users)
+		if err != nil {
+			this.ErrorPage(err)
+			return
+		}
+		if len(users) == 0 {
+			this.Fail("请添加至少一个用户")
+		}
+		method := &serverconfigs.HTTPAuthBasicMethod{
+			Users:   users,
+			Realm:   params.BasicAuthRealm,
+			Charset: params.BasicAuthCharset,
+		}
+		methodJSON, err := json.Marshal(method)
+		if err != nil {
+			this.ErrorPage(err)
+			return
+		}
+
+		paramsJSON = methodJSON
+	case serverconfigs.HTTPAuthTypeSubRequest:
+		params.Must.Field("subRequestURL", params.SubRequestURL).
+			Require("请输入子请求URL")
+		if params.SubRequestFollowRequest {
+			params.SubRequestMethod = ""
+		}
+		method := &serverconfigs.HTTPAuthSubRequestMethod{
+			URL:    params.SubRequestURL,
+			Method: params.SubRequestMethod,
+		}
+		methodJSON, err := json.Marshal(method)
+		if err != nil {
+			this.ErrorPage(err)
+			return
+		}
+		paramsJSON = methodJSON
+	default:
+		this.Fail("不支持的认证类型'" + params.Type + "'")
+	}
+
+	var paramsMap map[string]interface{}
+	err := json.Unmarshal(paramsJSON, &paramsMap)
+	if err != nil {
+		this.ErrorPage(err)
+		return
+	}
+
+	createResp, err := this.RPC().HTTPAuthPolicyRPC().CreateHTTPAuthPolicy(this.AdminContext(), &pb.CreateHTTPAuthPolicyRequest{
+		Name:       params.Name,
+		Type:       params.Type,
+		ParamsJSON: paramsJSON,
+	})
+	if err != nil {
+		this.ErrorPage(err)
+		return
+	}
+	defer this.CreateLogInfo("创建HTTP认证 %d", createResp.HttpAuthPolicyId)
+	ref.AuthPolicyId = createResp.HttpAuthPolicyId
+	ref.AuthPolicy = &serverconfigs.HTTPAuthPolicy{
+		Id:     createResp.HttpAuthPolicyId,
+		Name:   params.Name,
+		IsOn:   true,
+		Type:   params.Type,
+		Params: paramsMap,
+	}
+
+	this.Data["policyRef"] = ref
+	this.Success()
+}

internal/web/actions/default/servers/server/settings/access/index.go

@@ -1,7 +1,12 @@
 package access
 
 import (
+	"encoding/json"
 	"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
+	"github.com/TeaOSLab/EdgeCommon/pkg/rpc/dao"
+	"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
+	"github.com/TeaOSLab/EdgeCommon/pkg/serverconfigs"
+	"github.com/iwind/TeaGo/actions"
 )
 
 type IndexAction struct {
@@ -16,7 +21,56 @@ func (this *IndexAction) Init() {
 func (this *IndexAction) RunGet(params struct {
 	ServerId int64
 }) {
-	// TODO
+	webConfig, err := dao.SharedHTTPWebDAO.FindWebConfigWithServerId(this.AdminContext(), params.ServerId)
+	if err != nil {
+		this.ErrorPage(err)
+		return
+	}
+
+	this.Data["webId"] = webConfig.Id
+	this.Data["authConfig"] = webConfig.Auth
 
 	this.Show()
 }
+
+func (this *IndexAction) RunPost(params struct {
+	WebId    int64
+	AuthJSON []byte
+
+	Must *actions.Must
+	CSRF *actionutils.CSRF
+}) {
+	defer this.CreateLogInfo("修改Web %d 的认证设置", params.WebId)
+
+	var authConfig = &serverconfigs.HTTPAuthConfig{}
+	err := json.Unmarshal(params.AuthJSON, authConfig)
+	if err != nil {
+		this.ErrorPage(err)
+		return
+	}
+	err = authConfig.Init()
+	if err != nil {
+		this.Fail("配置校验失败：" + err.Error())
+	}
+
+	// 保存之前删除多于的配置信息
+	for _, ref := range authConfig.PolicyRefs {
+		ref.AuthPolicy = nil
+	}
+
+	configJSON, err := json.Marshal(authConfig)
+	if err != nil {
+		this.ErrorPage(err)
+		return
+	}
+	_, err = this.RPC().HTTPWebRPC().UpdateHTTPWebAuth(this.AdminContext(), &pb.UpdateHTTPWebAuthRequest{
+		WebId:    params.WebId,
+		AuthJSON: configJSON,
+	})
+	if err != nil {
+		this.ErrorPage(err)
+		return
+	}
+
+	this.Success()
+}

internal/web/actions/default/servers/server/settings/access/init.go

@@ -13,7 +13,9 @@ func init() {
 			Helper(helpers.NewUserMustAuth(configloaders.AdminModuleCodeServer)).
 			Helper(serverutils.NewServerHelper()).
 			Prefix("/servers/server/settings/access").
-			Get("", new(IndexAction)).
+			GetPost("", new(IndexAction)).
+			GetPost("/createPopup", new(CreatePopupAction)).
+			GetPost("/updatePopup", new(UpdatePopupAction)).
 			EndAll()
 	})
 }

internal/web/actions/default/servers/server/settings/access/updatePopup.go

@@ -0,0 +1,167 @@
+// Copyright 2021 Liuxiangchao iwind.liu@gmail.com. All rights reserved.
+
+package access
+
+import (
+	"encoding/json"
+	"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
+	"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
+	"github.com/TeaOSLab/EdgeCommon/pkg/serverconfigs"
+	"github.com/iwind/TeaGo/actions"
+	"github.com/iwind/TeaGo/maps"
+)
+
+type UpdatePopupAction struct {
+	actionutils.ParentAction
+}
+
+func (this *UpdatePopupAction) Init() {
+	this.Nav("", "", "")
+}
+
+func (this *UpdatePopupAction) RunGet(params struct {
+	PolicyId int64
+}) {
+	this.Data["authTypes"] = serverconfigs.FindAllHTTPAuthTypes()
+
+	policyResp, err := this.RPC().HTTPAuthPolicyRPC().FindEnabledHTTPAuthPolicy(this.AdminContext(), &pb.FindEnabledHTTPAuthPolicyRequest{HttpAuthPolicyId: params.PolicyId})
+	if err != nil {
+		this.ErrorPage(err)
+		return
+	}
+	policy := policyResp.HttpAuthPolicy
+	if policy == nil {
+		this.NotFound("httpAuthPolicy", params.PolicyId)
+		return
+	}
+
+	var authParams = map[string]interface{}{}
+	if len(policy.ParamsJSON) > 0 {
+		err = json.Unmarshal(policy.ParamsJSON, &authParams)
+		if err != nil {
+			this.ErrorPage(err)
+			return
+		}
+	}
+	this.Data["policy"] = maps.Map{
+		"id":     policy.Id,
+		"isOn":   policy.IsOn,
+		"name":   policy.Name,
+		"type":   policy.Type,
+		"params": authParams,
+	}
+
+	this.Show()
+}
+
+func (this *UpdatePopupAction) RunPost(params struct {
+	PolicyId int64
+
+	Name string
+	IsOn bool
+
+	// BasicAuth
+	HttpAuthBasicAuthUsersJSON []byte
+	BasicAuthRealm             string
+	BasicAuthCharset           string
+
+	// SubRequest
+	SubRequestURL           string
+	SubRequestMethod        string
+	SubRequestFollowRequest bool
+
+	Must *actions.Must
+	CSRF *actionutils.CSRF
+}) {
+	defer this.CreateLogInfo("修改HTTP认证 %d", params.PolicyId)
+
+	policyResp, err := this.RPC().HTTPAuthPolicyRPC().FindEnabledHTTPAuthPolicy(this.AdminContext(), &pb.FindEnabledHTTPAuthPolicyRequest{HttpAuthPolicyId: params.PolicyId})
+	if err != nil {
+		this.ErrorPage(err)
+		return
+	}
+	policy := policyResp.HttpAuthPolicy
+	if policy == nil {
+		this.NotFound("httpAuthPolicy", params.PolicyId)
+		return
+	}
+	policyType := policy.Type
+
+	params.Must.
+		Field("name", params.Name).
+		Require("请输入名称")
+
+	var ref = &serverconfigs.HTTPAuthPolicyRef{IsOn: true}
+	var paramsJSON []byte
+
+	switch policyType {
+	case serverconfigs.HTTPAuthTypeBasicAuth:
+		users := []*serverconfigs.HTTPAuthBasicMethodUser{}
+		err := json.Unmarshal(params.HttpAuthBasicAuthUsersJSON, &users)
+		if err != nil {
+			this.ErrorPage(err)
+			return
+		}
+		if len(users) == 0 {
+			this.Fail("请添加至少一个用户")
+		}
+		method := &serverconfigs.HTTPAuthBasicMethod{
+			Users:   users,
+			Realm:   params.BasicAuthRealm,
+			Charset: params.BasicAuthCharset,
+		}
+		methodJSON, err := json.Marshal(method)
+		if err != nil {
+			this.ErrorPage(err)
+			return
+		}
+
+		paramsJSON = methodJSON
+	case serverconfigs.HTTPAuthTypeSubRequest:
+		params.Must.Field("subRequestURL", params.SubRequestURL).
+			Require("请输入子请求URL")
+		if params.SubRequestFollowRequest {
+			params.SubRequestMethod = ""
+		}
+		method := &serverconfigs.HTTPAuthSubRequestMethod{
+			URL:    params.SubRequestURL,
+			Method: params.SubRequestMethod,
+		}
+		methodJSON, err := json.Marshal(method)
+		if err != nil {
+			this.ErrorPage(err)
+			return
+		}
+		paramsJSON = methodJSON
+	default:
+		this.Fail("不支持的认证类型'" + policyType + "'")
+	}
+
+	var paramsMap map[string]interface{}
+	err = json.Unmarshal(paramsJSON, &paramsMap)
+	if err != nil {
+		this.ErrorPage(err)
+		return
+	}
+
+	_, err = this.RPC().HTTPAuthPolicyRPC().UpdateHTTPAuthPolicy(this.AdminContext(), &pb.UpdateHTTPAuthPolicyRequest{
+		HttpAuthPolicyId: params.PolicyId,
+		Name:             params.Name,
+		ParamsJSON:       paramsJSON,
+		IsOn:             params.IsOn,
+	})
+	if err != nil {
+		this.ErrorPage(err)
+		return
+	}
+	ref.AuthPolicy = &serverconfigs.HTTPAuthPolicy{
+		Id:     params.PolicyId,
+		Name:   params.Name,
+		IsOn:   params.IsOn,
+		Type:   policyType,
+		Params: paramsMap,
+	}
+
+	this.Data["policyRef"] = ref
+	this.Success()
+}

internal/web/actions/default/servers/server/settings/locations/access/index.go

@@ -1,7 +1,12 @@
 package access
 
 import (
+	"encoding/json"
 	"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
+	"github.com/TeaOSLab/EdgeCommon/pkg/rpc/dao"
+	"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
+	"github.com/TeaOSLab/EdgeCommon/pkg/serverconfigs"
+	"github.com/iwind/TeaGo/actions"
 )
 
 type IndexAction struct {
@@ -9,12 +14,63 @@ type IndexAction struct {
 }
 
 func (this *IndexAction) Init() {
+	this.Nav("", "setting", "index")
+	this.SecondMenu("access")
 }
 
 func (this *IndexAction) RunGet(params struct {
-	ServerId int64
+	LocationId int64
 }) {
-	// TODO
+	webConfig, err := dao.SharedHTTPWebDAO.FindWebConfigWithLocationId(this.AdminContext(), params.LocationId)
+	if err != nil {
+		this.ErrorPage(err)
+		return
+	}
+
+	this.Data["webId"] = webConfig.Id
+	this.Data["authConfig"] = webConfig.Auth
 
 	this.Show()
 }
+
+func (this *IndexAction) RunPost(params struct {
+	WebId    int64
+	AuthJSON []byte
+
+	Must *actions.Must
+	CSRF *actionutils.CSRF
+}) {
+	defer this.CreateLogInfo("修改Web %d 的认证设置", params.WebId)
+
+	var authConfig = &serverconfigs.HTTPAuthConfig{}
+	err := json.Unmarshal(params.AuthJSON, authConfig)
+	if err != nil {
+		this.ErrorPage(err)
+		return
+	}
+	err = authConfig.Init()
+	if err != nil {
+		this.Fail("配置校验失败：" + err.Error())
+	}
+
+	// 保存之前删除多于的配置信息
+	for _, ref := range authConfig.PolicyRefs {
+		ref.AuthPolicy = nil
+	}
+
+	configJSON, err := json.Marshal(authConfig)
+	if err != nil {
+		this.ErrorPage(err)
+		return
+	}
+	_, err = this.RPC().HTTPWebRPC().UpdateHTTPWebAuth(this.AdminContext(), &pb.UpdateHTTPWebAuthRequest{
+		WebId:    params.WebId,
+		AuthJSON: configJSON,
+	})
+	if err != nil {
+		this.ErrorPage(err)
+		return
+	}
+
+	this.Success()
+}

internal/web/actions/default/servers/server/settings/locations/access/init.go

@@ -16,7 +16,7 @@ func init() {
 			Helper(serverutils.NewServerHelper()).
 			Data("tinyMenuItem", "access").
 			Prefix("/servers/server/settings/locations/access").
-			Get("", new(IndexAction)).
+			GetPost("", new(IndexAction)).
 			EndAll()
 	})
 }

internal/web/actions/default/servers/server/settings/locations/locationutils/location_helper.go

@@ -100,12 +100,13 @@ func (this *LocationHelper) createMenus(serverIdString string, locationIdString
 		"name":     "缓存",
 		"url":      "/servers/server/settings/locations/cache?serverId=" + serverIdString + "&locationId=" + locationIdString,
 		"isActive": secondMenuItem == "cache",
-		"isOn":     locationConfig != nil && locationConfig.Web != nil && locationConfig.Web.Cache != nil && locationConfig.Web.Cache.IsOn && len(locationConfig.Web.Cache.CacheRefs) > 0,
+		"isOn":     locationConfig != nil && locationConfig.Web != nil && locationConfig.Web.Cache != nil && locationConfig.Web.Cache.IsPrior && locationConfig.Web.Cache.IsOn && len(locationConfig.Web.Cache.CacheRefs) > 0,
 	})
 	menuItems = append(menuItems, maps.Map{
 		"name":     "访问控制",
 		"url":      "/servers/server/settings/locations/access?serverId=" + serverIdString + "&locationId=" + locationIdString,
 		"isActive": secondMenuItem == "access",
+		"isOn":     locationConfig != nil && locationConfig.Web != nil && locationConfig.Web.Auth != nil && locationConfig.Web.Auth.IsPrior,
 	})
 	menuItems = append(menuItems, maps.Map{
 		"name":     "字符编码",

internal/web/actions/default/servers/serverutils/server_helper.go

@@ -275,6 +275,7 @@ func (this *ServerHelper) createSettingsMenu(secondMenuItem string, serverIdStri
 			"name":     "访问控制",
 			"url":      "/servers/server/settings/access?serverId=" + serverIdString,
 			"isActive": secondMenuItem == "access",
+			"isOn":     serverConfig.Web != nil && serverConfig.Web.Auth != nil && serverConfig.Web.Auth.IsOn,
 		})
 		menuItems = append(menuItems, maps.Map{
 			"name":     "字符编码",

internal/web/actions/default/setup/install.go

@@ -8,6 +8,7 @@ import (
 	"github.com/TeaOSLab/EdgeAdmin/internal/rpc"
 	"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
 	"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
+	"github.com/TeaOSLab/EdgeCommon/pkg/systemconfigs"
 	"github.com/go-yaml/yaml"
 	"github.com/iwind/TeaGo/Tea"
 	"github.com/iwind/TeaGo/actions"
@@ -191,7 +192,7 @@ func (this *InstallAction) RunPost(params struct {
 				Username: adminMap.GetString("username"),
 				Password: adminMap.GetString("password"),
 			})
-			// 这里我们尝试多次是为了当代API节点启动完毕
+			// 这里我们尝试多次是为了等待API节点启动完毕
 			if err != nil {
 				time.Sleep(1 * time.Second)
 			}
@@ -200,6 +201,26 @@ func (this *InstallAction) RunPost(params struct {
 			this.Fail("设置管理员账号出错：" + err.Error())
 		}
 
+		// 设置访问日志保留天数
+		var accessLogKeepDays = dbMap.GetInt("accessLogKeepDays")
+		if accessLogKeepDays > 0 {
+			var config = &systemconfigs.DatabaseConfig{}
+			config.ServerAccessLog.Clean.Days = accessLogKeepDays
+			configJSON, err := json.Marshal(config)
+			if err != nil {
+				this.Fail("配置设置访问日志保留天数出错：" + err.Error())
+				return
+			}
+			_, err = client.SysSettingRPC().UpdateSysSetting(ctx, &pb.UpdateSysSettingRequest{
+				Code:      systemconfigs.SettingCodeDatabaseConfigSetting,
+				ValueJSON: configJSON,
+			})
+			if err != nil {
+				this.Fail("配置设置访问日志保留天数出错：" + err.Error())
+				return
+			}
+		}
+
 		err = apiConfig.WriteFile(Tea.ConfigFile("api.yaml"))
 		if err != nil {
 			this.Fail("保存配置失败，原因：" + err.Error())
@@ -232,6 +253,26 @@ func (this *InstallAction) RunPost(params struct {
 			this.Fail("设置管理员账号出错：" + err.Error())
 		}
 
+		// 设置访问日志保留天数
+		var accessLogKeepDays = dbMap.GetInt("accessLogKeepDays")
+		if accessLogKeepDays > 0 {
+			var config = &systemconfigs.DatabaseConfig{}
+			config.ServerAccessLog.Clean.Days = accessLogKeepDays
+			configJSON, err := json.Marshal(config)
+			if err != nil {
+				this.Fail("配置设置访问日志保留天数出错：" + err.Error())
+				return
+			}
+			_, err = client.SysSettingRPC().UpdateSysSetting(ctx, &pb.UpdateSysSettingRequest{
+				Code:      systemconfigs.SettingCodeDatabaseConfigSetting,
+				ValueJSON: configJSON,
+			})
+			if err != nil {
+				this.Fail("配置设置访问日志保留天数出错：" + err.Error())
+				return
+			}
+		}
+
 		// 写入API节点配置，完成安装
 		err = apiConfig.WriteFile(Tea.ConfigFile("api.yaml"))
 		if err != nil {

internal/web/actions/default/setup/validateDb.go

@@ -15,11 +15,12 @@ type ValidateDbAction struct {
 }
 
 func (this *ValidateDbAction) RunPost(params struct {
-	Host     string
-	Port     string
-	Database string
-	Username string
-	Password string
+	Host              string
+	Port              string
+	Database          string
+	Username          string
+	Password          string
+	AccessLogKeepDays int
 
 	Must *actions.Must
 }) {
@@ -98,12 +99,13 @@ func (this *ValidateDbAction) RunPost(params struct {
 	}
 
 	this.Data["db"] = maps.Map{
-		"host":         params.Host,
-		"port":         params.Port,
-		"database":     params.Database,
-		"username":     params.Username,
-		"password":     params.Password,
-		"passwordMask": strings.Repeat("*", len(params.Password)),
+		"host":              params.Host,
+		"port":              params.Port,
+		"database":          params.Database,
+		"username":          params.Username,
+		"password":          params.Password,
+		"passwordMask":      strings.Repeat("*", len(params.Password)),
+		"accessLogKeepDays": params.AccessLogKeepDays,
 	}
 
 	this.Success()

internal/web/actions/default/ui/components.go

@@ -2,22 +2,33 @@ package ui
 
 import (
 	"bytes"
+	"crypto/md5"
 	"encoding/json"
+	"fmt"
 	"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/default/servers/server/settings/conds/condutils"
 	"github.com/TeaOSLab/EdgeCommon/pkg/serverconfigs/shared"
 	"github.com/iwind/TeaGo/Tea"
 	"github.com/iwind/TeaGo/actions"
 	"github.com/iwind/TeaGo/files"
 	"github.com/iwind/TeaGo/logs"
+	"net/http"
 )
 
 type ComponentsAction actions.Action
 
 var componentsData = []byte{}
+var componentsDataSum string
 
 func (this *ComponentsAction) RunGet(params struct{}) {
 	this.AddHeader("Content-Type", "text/javascript; charset=utf-8")
 
+	// etag
+	var requestETag = this.Header("If-None-Match")
+	if len(requestETag) > 0 && requestETag == "\""+componentsDataSum+"\"" {
+		this.ResponseWriter.WriteHeader(http.StatusNotModified)
+		return
+	}
+
 	if !Tea.IsTesting() && len(componentsData) > 0 {
 		this.AddHeader("Last-Modified", "Fri, 06 Sep 2019 08:29:50 GMT")
 		this.Write(componentsData)
@@ -81,5 +92,12 @@ func (this *ComponentsAction) RunGet(params struct{}) {
 	}
 
 	componentsData = buffer.Bytes()
+
+	// ETag
+	var h = md5.New()
+	h.Write(buffer.Bytes())
+	componentsDataSum = fmt.Sprintf("%x", h.Sum(nil))
+	this.AddHeader("ETag", "\""+componentsDataSum+"\"")
+
 	this.Write(componentsData)
 }

internal/web/actions/default/ui/hideTip.go

@@ -0,0 +1,30 @@
+// Copyright 2021 Liuxiangchao iwind.liu@gmail.com. All rights reserved.
+
+package ui
+
+import (
+	"encoding/json"
+	"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
+	"github.com/iwind/TeaGo/Tea"
+	"io/ioutil"
+)
+
+type HideTipAction struct {
+	actionutils.ParentAction
+}
+
+func (this *HideTipAction) RunPost(params struct {
+	Code string
+}) {
+	tipKeyLocker.Lock()
+	tipKeyMap[params.Code] = true
+	tipKeyLocker.Unlock()
+
+	// 保存到文件
+	tipJSON, err := json.Marshal(tipKeyMap)
+	if err == nil {
+		_ = ioutil.WriteFile(Tea.ConfigFile(tipConfigFile), tipJSON, 0666)
+	}
+
+	this.Success()
+}

internal/web/actions/default/ui/init.go

@@ -27,6 +27,8 @@ func init() {
 			GetPost("/selectProvincesPopup", new(SelectProvincesPopupAction)).
 			GetPost("/selectCountriesPopup", new(SelectCountriesPopupAction)).
 			Post("/eventLevelOptions", new(EventLevelOptionsAction)).
+			Post("/showTip", new(ShowTipAction)).
+			Post("/hideTip", new(HideTipAction)).
 
 			EndAll()
 	})

internal/web/actions/default/ui/showTip.go

@@ -0,0 +1,48 @@
+// Copyright 2021 Liuxiangchao iwind.liu@gmail.com. All rights reserved.
+
+package ui
+
+import (
+	"encoding/json"
+	"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
+	"github.com/iwind/TeaGo"
+	"github.com/iwind/TeaGo/Tea"
+	"io/ioutil"
+	"sync"
+)
+
+var tipKeyMap = map[string]bool{}
+var tipKeyLocker = sync.Mutex{}
+var tipConfigFile = "tip.json"
+
+func init() {
+	TeaGo.BeforeStart(func(server *TeaGo.Server) {
+		// 从配置文件中加载已关闭的tips
+		data, err := ioutil.ReadFile(Tea.ConfigFile(tipConfigFile))
+		if err == nil {
+			var m = map[string]bool{}
+			err = json.Unmarshal(data, &m)
+			if err == nil {
+				tipKeyLocker.Lock()
+				tipKeyMap = m
+				tipKeyLocker.Unlock()
+			}
+		}
+	})
+}
+
+type ShowTipAction struct {
+	actionutils.ParentAction
+}
+
+func (this *ShowTipAction) RunPost(params struct {
+	Code string
+}) {
+	tipKeyLocker.Lock()
+	_, ok := tipKeyMap[params.Code]
+	tipKeyLocker.Unlock()
+
+	this.Data["visible"] = !ok
+
+	this.Success()
+}

internal/web/actions/default/users/update.go

@@ -36,15 +36,24 @@ func (this *UpdateAction) RunGet(params struct {
 		return
 	}
 
+	// AccessKey数量
+	countAccessKeyResp, err := this.RPC().UserAccessKeyRPC().CountAllEnabledUserAccessKeys(this.AdminContext(), &pb.CountAllEnabledUserAccessKeysRequest{UserId: params.UserId})
+	if err != nil {
+		this.ErrorPage(err)
+		return
+	}
+	countAccessKeys := countAccessKeyResp.Count
+
 	this.Data["user"] = maps.Map{
-		"id":       user.Id,
-		"username": user.Username,
-		"fullname": user.Fullname,
-		"email":    user.Email,
-		"tel":      user.Tel,
-		"remark":   user.Remark,
-		"mobile":   user.Mobile,
-		"isOn":     user.IsOn,
+		"id":              user.Id,
+		"username":        user.Username,
+		"fullname":        user.Fullname,
+		"email":           user.Email,
+		"tel":             user.Tel,
+		"remark":          user.Remark,
+		"mobile":          user.Mobile,
+		"isOn":            user.IsOn,
+		"countAccessKeys": countAccessKeys,
 	}
 
 	this.Data["clusterId"] = 0

internal/web/actions/default/users/user.go

@@ -43,16 +43,25 @@ func (this *UserAction) RunGet(params struct {
 		}
 	}
 
+	// AccessKey数量
+	countAccessKeyResp, err := this.RPC().UserAccessKeyRPC().CountAllEnabledUserAccessKeys(this.AdminContext(), &pb.CountAllEnabledUserAccessKeysRequest{UserId: params.UserId})
+	if err != nil {
+		this.ErrorPage(err)
+		return
+	}
+	countAccessKeys := countAccessKeyResp.Count
+
 	this.Data["user"] = maps.Map{
-		"id":       user.Id,
-		"username": user.Username,
-		"fullname": user.Fullname,
-		"email":    user.Email,
-		"tel":      user.Tel,
-		"remark":   user.Remark,
-		"mobile":   user.Mobile,
-		"isOn":     user.IsOn,
-		"cluster":  clusterMap,
+		"id":              user.Id,
+		"username":        user.Username,
+		"fullname":        user.Fullname,
+		"email":           user.Email,
+		"tel":             user.Tel,
+		"remark":          user.Remark,
+		"mobile":          user.Mobile,
+		"isOn":            user.IsOn,
+		"cluster":         clusterMap,
+		"countAccessKeys": countAccessKeys,
 	}
 
 	this.Show()

internal/web/actions/default/users/userutils/utils.go

@@ -7,7 +7,7 @@ import (
 	"github.com/iwind/TeaGo/maps"
 )
 
-// 查找用户基本信息
+// InitUser 查找用户基本信息
 func InitUser(p *actionutils.ParentAction, userId int64) error {
 	resp, err := p.RPC().UserRPC().FindEnabledUser(p.AdminContext(), &pb.FindEnabledUserRequest{UserId: userId})
 	if err != nil {
@@ -16,10 +16,21 @@ func InitUser(p *actionutils.ParentAction, userId int64) error {
 	if resp.User == nil {
 		return errors.New("not found user")
 	}
+
+	// AccessKey数量
+	countAccessKeysResp, err := p.RPC().UserAccessKeyRPC().CountAllEnabledUserAccessKeys(p.AdminContext(), &pb.CountAllEnabledUserAccessKeysRequest{
+		AdminId: 0,
+		UserId:  userId,
+	})
+	if err != nil {
+		return err
+	}
+
 	p.Data["user"] = maps.Map{
-		"id":       userId,
-		"fullname": resp.User.Fullname,
-		"username": resp.User.Username,
+		"id":              userId,
+		"fullname":        resp.User.Fullname,
+		"username":        resp.User.Username,
+		"countAccessKeys": countAccessKeysResp.Count,
 	}
 	return nil
 }

internal/web/helpers/user_must_auth.go

@@ -167,11 +167,21 @@ func (this *userMustAuth) modules(adminId int64) []maps.Map {
 					"url":  "/servers/components/waf",
 					"code": "waf",
 				},
+				{
+					"name": "IP名单",
+					"url":  "/servers/iplists",
+					"code": "iplist",
+				},
 				{
 					"name": "证书管理",
 					"url":  "/servers/certs",
 					"code": "cert",
 				},
+				/**{
+					"name": "统计指标",
+					"url":  "/servers/metrics",
+					"code": "metric",
+				},**/
 			},
 		},
 		{

internal/web/import.go

@@ -109,6 +109,9 @@ import (
 	_ "github.com/TeaOSLab/EdgeAdmin/internal/web/actions/default/servers/server/settings/websocket"
 	_ "github.com/TeaOSLab/EdgeAdmin/internal/web/actions/default/servers/server/stat"
 
+	_ "github.com/TeaOSLab/EdgeAdmin/internal/web/actions/default/servers/iplists"
+	_ "github.com/TeaOSLab/EdgeAdmin/internal/web/actions/default/servers/metrics"
+
 	// 设置相关
 	_ "github.com/TeaOSLab/EdgeAdmin/internal/web/actions/default/settings"
 	_ "github.com/TeaOSLab/EdgeAdmin/internal/web/actions/default/settings/authority"

web/public/js/components/common/health-check-config-box.js

@@ -176,6 +176,7 @@ Vue.component("health-check-config-box", {
                         <td>域名</td>
                         <td>
                             <input type="text" v-model="urlHost"/>
+							<p class="comment">在此集群上可以访问到的一个域名。</p>
                         </td>
                     </tr>
                     <tr>

web/public/js/components/common/links.js

@@ -62,7 +62,7 @@ Vue.component("tip-icon", {
 			teaweb.popupTip(this.content)
 		}
 	},
-	template: `<a href="" title="查看帮助" @click.prevent="showTip"><i class="icon question circle"></i></a>`
+	template: `<a href="" title="查看帮助" @click.prevent="showTip"><i class="icon question circle grey"></i></a>`
 })
 
 // 提交点击事件

web/public/js/components/common/tip-message-box.js

@@ -0,0 +1,37 @@
+// 信息提示窗口
+Vue.component("tip-message-box", {
+	props: ["code"],
+	mounted: function () {
+		let that = this
+		Tea.action("/ui/showTip")
+			.params({
+				code: this.code
+			})
+			.success(function (resp) {
+				that.visible = resp.data.visible
+			})
+			.post()
+	},
+	data: function () {
+		return {
+			visible: false
+		}
+	},
+	methods: {
+		close: function () {
+			this.visible = false
+			Tea.action("/ui/hideTip")
+				.params({
+					code: this.code
+				})
+				.post()
+		}
+	},
+	template: `<div class="ui icon message" v-if="visible">
+	<i class="icon info circle"></i>
+	<i class="close icon" title="取消" @click.prevent="close"></i>
+	<div class="content">
+		<slot></slot>
+	</div>
+</div>`
+})

web/public/js/components/iplist/ip-list-bind-box.js

@@ -0,0 +1,62 @@
+// 绑定IP列表
+Vue.component("ip-list-bind-box", {
+	props: ["v-http-firewall-policy-id", "v-type"],
+	mounted: function () {
+		this.refresh()
+	},
+	data: function () {
+		return {
+			policyId: this.vHttpFirewallPolicyId,
+			type: this.vType,
+			lists: []
+		}
+	},
+	methods: {
+		bind: function () {
+			let that = this
+			teaweb.popup("/servers/iplists/bindHTTPFirewallPopup?httpFirewallPolicyId=" + this.policyId + "&type=" + this.type, {
+				width: "50em",
+				height: "34em",
+				callback: function () {
+
+				},
+				onClose: function () {
+					that.refresh()
+				}
+			})
+		},
+		remove: function (index, listId) {
+			let that = this
+			teaweb.confirm("确定要删除这个绑定的IP名单吗？", function () {
+				Tea.action("/servers/iplists/unbindHTTPFirewall")
+					.params({
+						httpFirewallPolicyId: that.policyId,
+						listId: listId
+					})
+					.post()
+					.success(function (resp) {
+						that.lists.$remove(index)
+					})
+			})
+		},
+		refresh: function () {
+			let that = this
+			Tea.action("/servers/iplists/httpFirewall")
+				.params({
+					httpFirewallPolicyId: this.policyId,
+					type: this.vType
+				})
+				.post()
+				.success(function (resp) {
+					that.lists = resp.data.lists
+				})
+		}
+	},
+	template: `<div>
+	<a href="" @click.prevent="bind()">绑定+</a> &nbsp; <span v-if="lists.length > 0"><span class="disabled small">|&nbsp;</span> 已绑定：</span>
+	<div class="ui label basic small" v-for="(list, index) in lists">
+		{{list.name}}
+		<a href="" title="删除" @click.prevent="remove(index, list.id)"><i class="icon remove small"></i></a>
+	</div>
+</div>`
+})

web/public/js/components/server/http-access-log-box.js

@@ -34,7 +34,7 @@ Vue.component("http-access-log-box", {
 			this.select()
 			teaweb.popup("/servers/server/log/viewPopup?requestId=" + requestId, {
 				width: "50em",
-				height: "24em",
+				height: "28em",
 				onClose: function () {
 					that.deselect()
 				}

web/public/js/components/server/http-auth-basic-auth-user-box.js

@@ -0,0 +1,101 @@
+// 基本认证用户配置
+Vue.component("http-auth-basic-auth-user-box", {
+	props: ["v-users"],
+	data: function () {
+		let users = this.vUsers
+		if (users == null) {
+			users = []
+		}
+		return {
+			users: users,
+			isAdding: false,
+			updatingIndex: -1,
+
+			username: "",
+			password: ""
+		}
+	},
+	methods: {
+		add: function () {
+			this.isAdding = true
+			this.username = ""
+			this.password = ""
+
+			let that = this
+			setTimeout(function () {
+				that.$refs.username.focus()
+			}, 100)
+		},
+		cancel: function () {
+			this.isAdding = false
+			this.updatingIndex = -1
+		},
+		confirm: function () {
+			let that = this
+			if (this.username.length == 0) {
+				teaweb.warn("请输入用户名", function () {
+					that.$refs.username.focus()
+				})
+				return
+			}
+			if (this.password.length == 0) {
+				teaweb.warn("请输入密码", function () {
+					that.$refs.password.focus()
+				})
+				return
+			}
+			if (this.updatingIndex < 0) {
+				this.users.push({
+					username: this.username,
+					password: this.password
+				})
+			} else {
+				this.users[this.updatingIndex].username = this.username
+				this.users[this.updatingIndex].password = this.password
+			}
+			this.cancel()
+		},
+		update: function (index, user) {
+			this.updatingIndex = index
+
+			this.isAdding = true
+			this.username = user.username
+			this.password = user.password
+
+			let that = this
+			setTimeout(function () {
+				that.$refs.username.focus()
+			}, 100)
+		},
+		remove: function (index) {
+			this.users.$remove(index)
+		}
+	},
+	template: `<div>
+	<input type="hidden" name="httpAuthBasicAuthUsersJSON" :value="JSON.stringify(users)"/>
+	<div v-if="users.length > 0">
+		<div class="ui label small basic" v-for="(user, index) in users">
+			{{user.username}} <a href="" title="修改" @click.prevent="update(index, user)"><i class="icon pencil tiny"></i></a>
+			<a href="" title="删除" @click.prevent="remove(index)"><i class="icon remove small"></i></a>
+		</div>
+		<div class="ui divider"></div>
+	</div>
+	<div v-show="isAdding">
+		<div class="ui fields inline">
+			<div class="ui field">
+				<input type="text" placeholder="用户名" v-model="username" size="15" ref="username"/>
+			</div>
+			<div class="ui field">
+				<input type="password" placeholder="密码" v-model="password" size="15" ref="password"/>
+			</div>
+			<div class="ui field">
+				<button class="ui button tiny" type="button" @click.prevent="confirm">确定</button>&nbsp;
+				<a href="" title="取消" @click.prevent="cancel"><i class="icon remove small"></i></a>
+			</div>
+		</div>
+	</div>
+	<div v-if="!isAdding" style="margin-top: 1em">
+		<button class="ui button tiny" type="button" @click.prevent="add">+</button>
+	</div>
+</div>`
+})

web/public/js/components/server/http-auth-config-box.js

@@ -0,0 +1,113 @@
+// 认证设置
+Vue.component("http-auth-config-box", {
+	props: ["v-auth-config", "v-is-location"],
+	data: function () {
+		let authConfig = this.vAuthConfig
+		if (authConfig == null) {
+			authConfig = {
+				isPrior: false,
+				isOn: false
+			}
+		}
+		if (authConfig.policyRefs == null) {
+			authConfig.policyRefs = []
+		}
+		return {
+			authConfig: authConfig
+		}
+	},
+	methods: {
+		isOn: function () {
+			return (!this.vIsLocation || this.authConfig.isPrior) && this.authConfig.isOn
+		},
+		add: function () {
+			let that = this
+			teaweb.popup("/servers/server/settings/access/createPopup", {
+				callback: function (resp) {
+					that.authConfig.policyRefs.push(resp.data.policyRef)
+				},
+				height: "28em"
+			})
+		},
+		update: function (index, policyId) {
+			let that = this
+			teaweb.popup("/servers/server/settings/access/updatePopup?policyId=" + policyId, {
+				callback: function (resp) {
+					teaweb.success("保存成功", function () {
+						teaweb.reload()
+					})
+				},
+				height: "28em"
+			})
+		},
+		remove: function (index) {
+			this.authConfig.policyRefs.$remove(index)
+		},
+		methodName: function (methodType) {
+			switch (methodType) {
+				case "basicAuth":
+					return "BasicAuth"
+				case "subRequest":
+					return "子请求"
+			}
+			return ""
+		}
+	},
+	template: `<div>
+<input type="hidden" name="authJSON" :value="JSON.stringify(authConfig)"/> 
+<table class="ui table selectable definition">
+	<prior-checkbox :v-config="authConfig" v-if="vIsLocation"></prior-checkbox>
+	<tbody v-show="!vIsLocation || authConfig.isPrior">
+		<tr>
+			<td class="title">启用认证</td>
+			<td>
+				<div class="ui checkbox">
+					<input type="checkbox" v-model="authConfig.isOn"/>
+					<label></label>
+				</div>
+			</td>
+		</tr>
+	</tbody>
+</table>
+<div class="margin"></div>
+<!-- 认证方式 -->
+<div v-show="isOn()">
+	<h4>认证方式</h4>
+	<table class="ui table selectable celled" v-show="authConfig.policyRefs.length > 0">
+		<thead>
+			<tr>
+				<th class="three wide">名称</th>
+				<th class="three wide">认证方法</th>
+				<th>参数</th>
+				<th class="two wide">状态</th>
+				<th class="two op">操作</th>
+			</tr>
+		</thead>
+		<tbody v-for="(ref, index) in authConfig.policyRefs" :key="ref.authPolicyId">
+			<tr>
+				<td>{{ref.authPolicy.name}}</td>
+				<td>
+					{{methodName(ref.authPolicy.type)}}
+				</td>
+				<td>
+					<span v-if="ref.authPolicy.type == 'basicAuth'">{{ref.authPolicy.params.users.length}}个用户</span>
+					<span v-if="ref.authPolicy.type == 'subRequest'">
+						<span v-if="ref.authPolicy.params.method.length > 0" class="grey">[{{ref.authPolicy.params.method}}]</span>
+						{{ref.authPolicy.params.url}}
+					</span>
+				</td>
+				<td>
+					<label-on :v-is-on="ref.authPolicy.isOn"></label-on>
+				</td>
+				<td>
+					<a href="" @click.prevent="update(index, ref.authPolicyId)">修改</a> &nbsp;
+					<a href="" @click.prevent="remove(index)">删除</a>
+				</td>
+			</tr>
+		</tbody>
+	</table>
+	<button class="ui button small" type="button" @click.prevent="add">+添加认证方式</button>
+</div>
+<div class="margin"></div>
+</div>`
+})

web/public/js/components/server/metric-keys-config-box.js

@@ -0,0 +1,59 @@
+// 指标对象
+Vue.component("metric-keys-config-box", {
+	props: ["v-keys"],
+	data: function () {
+		let keys = this.vKeys
+		if (keys == null) {
+			keys = []
+		}
+		return {
+			keys: keys,
+			isAdding: false,
+			key: ""
+		}
+	},
+	methods: {
+		cancel: function () {
+			this.key = ""
+			this.isAdding = false
+		},
+		confirm: function () {
+			if (this.key.length > 0) {
+				this.keys.push(this.key)
+				this.cancel()
+			}
+		},
+		add: function () {
+			this.isAdding = true
+			let that = this
+			setTimeout(function () {
+				that.$refs.key.focus()
+			}, 100)
+		},
+		remove: function (index) {
+			this.keys.$remove(index)
+		}
+	},
+	template: `<div>
+	<input type="hidden" name="keysJSON" :value="JSON.stringify(keys)"/>
+	<div>
+		<div v-for="(key, index) in keys" class="ui label small basic">
+			{{key}} &nbsp; <a href="" title="删除" @click.prevent="remove"><i class="icon remove small"></i></a>
+		</div>
+	</div>
+	<div v-if="isAdding" style="margin-top: 1em">
+		<div class="ui fields inline">
+			<div class="ui field">
+				<input type="text" v-model="key" ref="key" @keyup.enter="confirm()" @keypress.enter.prevent="1"/>
+			</div>
+			<div class="ui field">
+				<button type="button" class="ui button tiny" @click.prevent="confirm">确定</button>
+				<a href="" @click.prevent="cancel"><i class="icon remove small"></i></a>
+			</div>
+		</div>
+	</div>
+	<div style="margin-top: 1em" v-if="!isAdding">
+		<button type="button" class="ui button tiny" @click.prevent="add">+</button>
+	</div>
+</div>`
+})

web/public/js/components/server/metric-period-config-box.js

@@ -0,0 +1,47 @@
+// 指标周期设置
+Vue.component("metric-period-config-box", {
+	props: ["v-period", "v-period-unit"],
+	data: function () {
+		let period = this.vPeriod
+		let periodUnit = this.vPeriodUnit
+		if (period == null || period.toString().length == 0) {
+			period = 1
+		}
+		if (periodUnit == null || periodUnit.length == 0) {
+			periodUnit = "day"
+		}
+		return {
+			periodConfig: {
+				period: period,
+				unit: periodUnit
+			}
+		}
+	},
+	watch: {
+		"periodConfig.period": function (v) {
+			v = parseInt(v)
+			if (isNaN(v) || v <= 0) {
+				v = 1
+			}
+			this.periodConfig.period = v
+		}
+	},
+	template: `<div>
+	<input type="hidden" name="periodJSON" :value="JSON.stringify(periodConfig)"/>
+	<div class="ui fields inline">
+		<div class="ui field">
+			<input type="text" v-model="periodConfig.period" maxlength="4" size="4"/>
+		</div>
+		<div class="ui field">
+			<select class="ui dropdown" v-model="periodConfig.unit">
+				<option value="minute">分钟</option>
+				<option value="hour">小时</option>
+				<option value="day">天</option>
+				<option value="week">周</option>
+				<option value="month">月</option>
+			</select>
+		</div>
+	</div>
+	<p class="comment">在此周期内同一对象累积为同一数据。</p>
+</div>`
+})

web/public/js/utils.js

@@ -219,9 +219,9 @@ window.teaweb = {
 	},
 	popupTip: function (html) {
 		Swal.fire({
-			html: '<i class="icon question circle"></i><span style="line-height: 1.7">' + html + "</span>",
+			html: '<div style="line-height: 1.7;text-align: left "><i class="icon question circle"></i>' + html + "</div>",
 			width: "30em",
-			padding: "5em",
+			padding: "4em",
 			showConfirmButton: false,
 			showCloseButton: true,
 			focusConfirm: false

web/views/@default/@layout.css

@@ -197,9 +197,6 @@ p.margin {
     padding-top: 2em;
     padding-bottom: 2.4em;
   }
-  .main-menu .ui.menu .item span {
-    display: none;
-  }
 }
 .main-menu .ui.labeled.icon.menu .item {
   font-size: 0.9em;
@@ -214,9 +211,24 @@ p.margin {
   margin-top: 0.5em;
   color: grey;
 }
+@media screen and (max-width: 512px) {
+  .main-menu .ui.menu .item.expend .subtitle {
+    display: none;
+  }
+}
 .main-menu .ui.menu .sub-items .item {
   padding-left: 2.8em !important;
 }
+.main-menu .ui.menu .sub-items .item .icon {
+  position: absolute;
+  left: 1.1em;
+  top: 0.93em;
+}
+@media screen and (max-width: 512px) {
+  .main-menu .ui.menu .sub-items .item {
+    padding-left: 1em !important;
+  }
+}
 .main-menu .ui.menu .sub-items .item.active {
   background-color: #2185d0 !important;
 }

web/views/@default/@layout.html

@@ -80,12 +80,12 @@
 					<span v-if="module.code.length > 0">
 						<i class="window restore outline icon" v-if="module.icon == null"></i>
 						<i class="ui icon" v-if="module.icon != null" :class="module.icon"></i>
-						<span>{{module.name}}</span>
+						<span class="module-name">{{module.name}}</span>
 					</span>
                     <div class="subtitle" v-if="module.subtitle != null && module.subtitle.length > 0">{{module.subtitle}}</div>
 				</a>
 				<div v-if="teaMenu == module.code" class="sub-items">
-					<a class="item" v-for="subItem in module.subItems" v-if="subItem.isOn !== false" :href="subItem.url" :class="{active:subItem.code == teaSubMenu}">{{subItem.name}}</a>
+					<a class="item" v-for="subItem in module.subItems" v-if="subItem.isOn !== false" :href="subItem.url"><i class="icon angle right" v-if="subItem.code == teaSubMenu"></i> {{subItem.name}}</a>
 				</div>
 			</div>
         </div>

web/views/@default/@layout.less

@@ -139,7 +139,7 @@ div.margin, p.margin {
 	}
 
 	.main-menu .ui.menu .item span {
-		display: none;
+
 	}
 }
 
@@ -163,9 +163,27 @@ div.margin, p.margin {
 			color: grey;
 		}
 
+		@media screen and (max-width: 512px) {
+			.item.expend .subtitle {
+				display: none;
+			}
+		}
+
 		.sub-items {
 			.item {
 				padding-left: 2.8em !important;
+
+				.icon {
+					position: absolute;
+					left: 1.1em;
+					top: 0.93em;
+				}
+			}
+
+			@media screen and (max-width: 512px) {
+				.item {
+					padding-left: 1em !important;
+				}
 			}
 
 			.item.active {

web/views/@default/admins/@admin_menu.html

@@ -3,4 +3,5 @@
     <span class="item">|</span>
     <menu-item :href="'/admins/admin?adminId=' + admin.id" code="index">"{{admin.fullname}}" 详情</menu-item>
     <menu-item :href="'/admins/update?adminId=' + admin.id" code="update">修改</menu-item>
+    <menu-item :href="'/admins/accessKeys?adminId=' + admin.id" code="accessKey">API AccessKey({{admin.countAccessKeys}})</menu-item>
 </first-menu>

web/views/@default/admins/accesskeys/createPopup.html

@@ -0,0 +1,28 @@
+{$layout "layout_popup"}
+
+<h3>创建新AccessKey</h3>
+
+<form class="ui form" method="post" data-tea-action="$" data-tea-success="success">
+    <csrf-token></csrf-token>
+    <input type="hidden" name="adminId" :value="adminId"/>
+
+    <table class="ui table definition selectable">
+        <tr>
+            <td class="title">AccessKey ID</td>
+            <td><span class="disabled">自动生成</span></td>
+        </tr>
+        <tr>
+            <td>AccessKey密钥</td>
+            <td><span class="disabled">自动生成</span></td>
+        </tr>
+        <tr>
+            <td class="title">备注 *</td>
+            <td>
+                <textarea rows="2" name="description" maxlength="100" ref="focus"></textarea>
+                <p class="comment">描述AccessKey的用途等。</p>
+            </td>
+        </tr>
+    </table>
+
+    <submit-btn></submit-btn>
+</form>

web/views/@default/admins/accesskeys/index.html

@@ -0,0 +1,39 @@
+{$layout}
+{$template "../admin_menu"}
+
+<second-menu>
+    <menu-item @click.prevent="createAccessKey()">[创建AccessKey]</menu-item>
+</second-menu>
+
+<p class="comment" v-if="accessKeys.length == 0">暂时还没有AccessKey。</p>
+
+<table class="ui table selectable" v-if="accessKeys.length > 0">
+    <thead>
+        <tr>
+            <th>AccessKey ID</th>
+            <th>AccessKey密钥</th>
+            <th>备注</th>
+            <th>最后访问</th>
+            <th>状态</th>
+            <th class="two op">操作</th>
+        </tr>
+    </thead>
+    <tr v-for="accessKey in accessKeys">
+        <td :class="{disabled: !accessKey.isOn}">{{accessKey.uniqueId}}</td>
+        <td :class="{disabled: !accessKey.isOn}">{{accessKey.secret}}</td>
+        <td :class="{disabled: !accessKey.isOn}">{{accessKey.description}}</td>
+        <td :class="{disabled: !accessKey.isOn}">
+            <span v-if="accessKey.accessedTime.length > 0">{{accessKey.accessedTime}}</span>
+            <span v-else class="disabled">尚无访问</span>
+        </td>
+        <td>
+            <span v-if="accessKey.isOn" class="green">已启用</span>
+            <span v-else class="disabled">已禁用</span>
+        </td>
+        <td>
+            <a href="" v-if="accessKey.isOn" @click.prevent="updateAccessKeyIsOn(accessKey.id, false)">禁用</a>
+            <a href="" v-if="!accessKey.isOn" @click.prevent="updateAccessKeyIsOn(accessKey.id, true)">启用</a>
+            &nbsp; <a href="" @click.prevent="deleteAccessKey(accessKey.id)">删除</a>
+        </td>
+    </tr>
+</table>

web/views/@default/admins/accesskeys/index.js

@@ -0,0 +1,41 @@
+Tea.context(function () {
+	this.createAccessKey = function () {
+		teaweb.popup("/admins/accessKeys/createPopup?adminId=" + this.admin.id, {
+			callback: function () {
+				teaweb.success("保存成功", function () {
+					teaweb.reload()
+				})
+			}
+		})
+	}
+
+	this.updateAccessKeyIsOn = function (accessKeyId, isOn) {
+		let that = this
+
+		let message = ""
+		if (isOn) {
+			message = "确定要启用此AccessKey吗？"
+		} else {
+			message = "确定要禁用此AccessKey吗？"
+		}
+		teaweb.confirm(message, function () {
+			that.$post(".updateIsOn")
+				.params({
+					accessKeyId: accessKeyId,
+					isOn: isOn ? 1 : 0
+				})
+				.refresh()
+		})
+	}
+
+	this.deleteAccessKey = function (accessKeyId) {
+		let that = this
+		teaweb.confirm("确定要删除此AccessKey吗？", function () {
+			that.$post(".delete")
+				.params({
+					accessKeyId: accessKeyId
+				})
+				.refresh()
+		})
+	}
+})

web/views/@default/clusters/cluster/settings/health/runPopup.html

@@ -6,7 +6,7 @@
 
 <form method="post" class="ui form" v-if="!isRequesting">
 	<p>成功节点：<span class="green">{{countSuccess}}</span> &nbsp; 失败节点：<span class="red">{{countFail}}</span></p>
-	<table class="ui table selectable celled">
+	<table class="ui table selectable celled" v-if="results.length > 0">
 		<thead>
 			<tr>
 				<th>节点</th>

web/views/@default/clusters/cluster/settings/metrics/createPopup.html

@@ -0,0 +1,38 @@
+{$layout "layout_popup"}
+
+<h3>添加指标</h3>
+
+<p class="comment" v-if="items.length == 0">暂时还没有指标。</p>
+<table class="ui table celled selectable" v-if="items.length > 0">
+    <thead>
+    <tr>
+        <th>指标名称</th>
+        <th>统计对象</th>
+        <th>统计周期</th>
+        <th class="three wide">统计数值</th>
+        <th class="two wide">状态</th>
+        <th class="two op">操作</th>
+    </tr>
+    </thead>
+    <tr v-for="item in items">
+        <td>{{item.name}}</td>
+        <td>
+            <span v-if="item.keys != null" v-for="key in item.keys" class="ui label basic small">{{key}}</span>
+        </td>
+        <td>
+            {{item.period}} {{item.periodUnit}}
+        </td>
+        <td>
+            <span class="ui label small basic">{{item.value}}</span>
+        </td>
+        <td>
+            <label-on :v-is-on="item.isOn"></label-on>
+        </td>
+        <td>
+            <a href="" v-if="!item.isChecked">添加</a>
+            <a href="" v-if="item.isChecked"><span class="grey">已添加</span></a>
+        </td>
+    </tr>
+</table>
+
+<div class="page" v-html="page"></div>

web/views/@default/clusters/cluster/settings/metrics/index.html

@@ -0,0 +1,47 @@
+{$layout}
+{$template "/left_menu"}
+
+<div class="right-box">
+    <first-menu>
+        <menu-item :href="'/clusters/cluster/settings/metrics?category=http&clusterId=' + clusterId" :active="category == 'http'">HTTP</menu-item>
+        <menu-item :href="'/clusters/cluster/settings/metrics?category=tcp&clusterId=' + clusterId" :active="category == 'tcp'">TCP</menu-item>
+        <menu-item :href="'/clusters/cluster/settings/metrics?category=udp&clusterId=' + clusterId" :active="category == 'udp'">UDP</menu-item>
+        <span class="item disabled">|</span>
+        <menu-item @click.prevent="createItem">[添加指标]</menu-item>
+        <span class="item disabled">|</span>
+        <span class="item"><tip-icon content="在这里设置的指标，会自动应用到部署在当前集群上的所有服务上。"></tip-icon></span>
+    </first-menu>
+
+    <p class="comment" v-if="items.length == 0">暂时还没有设置指标。</p>
+
+    <table class="ui table celled selectable" v-if="items.length > 0">
+        <thead>
+        <tr>
+            <th>指标名称</th>
+            <th>统计对象</th>
+            <th>统计周期</th>
+            <th class="three wide">统计数值</th>
+            <th class="two wide">状态</th>
+            <th class="two op">操作</th>
+        </tr>
+        </thead>
+        <tr v-for="item in items">
+            <td>{{item.name}}</td>
+            <td>
+                <span v-if="item.keys != null" v-for="key in item.keys" class="ui label basic small">{{key}}</span>
+            </td>
+            <td>
+                {{item.period}} {{item.periodUnit}}
+            </td>
+            <td>
+                <span class="ui label small basic">{{item.value}}</span>
+            </td>
+            <td>
+                <label-on :v-is-on="item.isOn"></label-on>
+            </td>
+            <td>
+                <a href="" @click.prevent="deleteItem(item.id)">删除</a>
+            </td>
+        </tr>
+    </table>
+</div>

web/views/@default/clusters/cluster/settings/metrics/index.js

@@ -0,0 +1,30 @@
+Tea.context(function () {
+	this.createItem = function () {
+		teaweb.popup(Tea.url(".createPopup", {
+			clusterId: this.clusterId
+		}), {
+			callback: function () {
+				teaweb.success("保存成功", function () {
+					teaweb.reload()
+				})
+			},
+			width: "50em",
+			height: "25em"
+		})
+	}
+
+	this.deleteItem = function (itemId) {
+		let that = this
+		teaweb.confirm("确定要删除这个指标吗？", function () {
+			that.$post(".delete")
+				.params({
+					itemId: itemId
+				})
+				.success(function () {
+					teaweb.success("删除成功", function () {
+						teaweb.reload()
+					})
+				})
+		})
+	}
+})

web/views/@default/clusters/cluster/settings/toa/index.html

@@ -12,7 +12,7 @@
 				<td class="title">是否启用TOA</td>
 				<td>
 					<checkbox name="isOn" v-model="toa.isOn"></checkbox>
-					<p class="comment">在启用之前，请确保当前集群下所有节点服务器已经安装TOA模块和libnetfilter_queue，并启用了IPTables。</p>
+					<p class="comment">在启用之前，请确保当前集群下所有节点服务器已经安装libnetfilter_queue，并启用了IPTables。</p>
 				</td>
 			</tr>
 			<tbody v-show="toa.isOn">

web/views/@default/servers/certs/acme/create.html

@@ -24,16 +24,37 @@
 
 		<!-- 准备工作 -->
 		<div v-show="step == 'prepare'">
-			<div style="margin-bottom: 1em">
-				<radio name="authType" :v-value="'http'" v-model="authType">使用HTTP认证</radio> &nbsp;
-				<radio name="authType" :v-value="'dns'" v-model="authType">使用DNS认证</radio>
-			</div>
-			<div v-if="authType == 'http'">
-				使用HTTP的方式请求网址<code-label>/.well-known/acme-challenge/令牌</code-label>校验，该方式要求需要实现将域名解析到集群上，之后系统会自动生成网址信息。
-			</div>
-			<div v-if="authType == 'dns'">
-				我们在申请免费证书的过程中需要自动增加或修改相关域名的TXT记录，请先确保你已经在"域名解析" -- <a href="/dns/providers" target="_blank">"DNS服务商"</a> 中已经添加了对应的DNS服务商账号。
-			</div>
+            <table class="ui table definition selectable">
+                <tr>
+                    <td class="title">认证方式</td>
+                    <td>
+                        <div style="margin-bottom: 1em">
+                            <radio name="authType" :v-value="'http'" v-model="authType">使用HTTP认证</radio> &nbsp;
+                            <radio name="authType" :v-value="'dns'" v-model="authType">使用DNS认证</radio>
+                        </div>
+                        <div v-if="authType == 'http'">
+                            <p class="comment">使用HTTP的方式请求网址<code-label>/.well-known/acme-challenge/令牌</code-label>校验，该方式要求需要实现将域名解析到集群上，之后系统会自动生成网址信息。</p>
+                        </div>
+                        <div v-if="authType == 'dns'">
+                            <p class="comment">我们在申请免费证书的过程中需要自动增加或修改相关域名的TXT记录，请先确保你已经在"域名解析" -- <a href="/dns/providers" target="_blank">"DNS服务商"</a> 中已经添加了对应的DNS服务商账号。</p>
+                        </div>
+                    </td>
+                </tr>
+			    <tr>
+                    <td colspan="2">
+                        <a href="" @click.prevent="showPrepareMoreOptionsVisible">更多选项<i class="icon angle" :class="{up: prepareMoreOptionsVisible, down: !prepareMoreOptionsVisible}"></i></a>
+                    </td>
+                </tr>
+                <tbody v-show="prepareMoreOptionsVisible">
+                    <tr>
+                        <td>回调URL</td>
+                        <td>
+                            <input type="text" name="authURL" v-model="authURL" maxlength="200"/>
+                            <p class="comment">将认证数据以JSON的方式POST到此URL上，可以依此生成认证文件或者设置DNS域名解析。</p>
+                        </td>
+                    </tr>
+                </tbody>
+            </table>
 
 			<div class="button-group">
 				<button type="button" class="ui button primary"  @click.prevent="doPrepare">下一步</button>

web/views/@default/servers/certs/acme/create.js

@@ -10,6 +10,12 @@ Tea.context(function () {
 		this.step = "user"
 	}
 
+	this.prepareMoreOptionsVisible = false
+	this.authURL = ""
+	this.showPrepareMoreOptionsVisible = function () {
+		this.prepareMoreOptionsVisible = !this.prepareMoreOptionsVisible
+	}
+
 	/**
 	 * 选择用户
 	 */
@@ -78,7 +84,8 @@ Tea.context(function () {
 				dnsDomain: this.dnsDomain,
 				domains: this.domains,
 				autoRenew: this.autoRenew ? 1 : 0,
-				taskId: this.taskId
+				taskId: this.taskId,
+				authURL: this.authURL
 			})
 			.success(function (resp) {
 				this.taskId = resp.data.taskId

web/views/@default/servers/certs/acme/updateTaskPopup.html

@@ -41,6 +41,18 @@
 				<p class="comment">在免费证书临近到期之前，是否尝试自动续期。</p>
 			</td>
 		</tr>
+        <tr>
+            <td colspan="2"><more-options-indicator></more-options-indicator></td>
+        </tr>
+        <tbody v-show="moreOptionsVisible">
+            <tr>
+                <td>回调URL</td>
+                <td>
+                    <input type="text" name="authURL" v-model="task.authURL" maxlength="200"/>
+                    <p class="comment">将认证数据以JSON的方式POST到此URL上，可以依此生成认证文件或者设置DNS域名解析。</p>
+                </td>
+            </tr>
+        </tbody>
 	</table>
 
 	<submit-btn></submit-btn>

web/views/@default/servers/components/waf/ipadmin/index.js

@@ -56,10 +56,13 @@ Tea.context(function () {
 	 * 添加IP名单菜单
 	 */
 	this.createIP = function (type) {
+		let that = this
 		teaweb.popup("/servers/components/waf/ipadmin/createIPPopup?firewallPolicyId=" + this.firewallPolicyId + '&type=' + type, {
 			height: "23em",
 			callback: function () {
-				window.location = "/servers/components/waf/ipadmin/lists?firewallPolicyId=" + this.firewallPolicyId + "&type=" + type
+				teaweb.success("保存成功", function () {
+					window.location = "/servers/components/waf/ipadmin/lists?firewallPolicyId=" + that.firewallPolicyId + "&type=" + type
+				})
 			}
 		})
 	}

web/views/@default/servers/components/waf/ipadmin/lists.html

@@ -1,10 +1,15 @@
 {$layout}
+{$template "../waf_menu"}
+{$template "menu"}
 
-	{$template "../waf_menu"}
-	{$template "menu"}
+<second-menu style="margin-top: -1em">
+    <span class="item">ID: {{listId}} &nbsp; <tip-icon content="ID可以用于使用API操作此IP名单"></tip-icon></span>
+    <span class="item disabled">|</span>
+    <div class="item"><ip-list-bind-box :v-http-firewall-policy-id="firewallPolicyId" :v-type="type"></ip-list-bind-box></div>
+</second-menu>
 
-	<p class="comment" v-if="items.length == 0">暂时还没有IP。</p>
+<p class="comment" v-if="items.length == 0">暂时还没有IP。</p>
 
-    <ip-list-table v-if="items.length > 0" :v-items="items" @update-item="updateItem" @delete-item="deleteItem"></ip-list-table>
+<ip-list-table v-if="items.length > 0" :v-items="items" @update-item="updateItem" @delete-item="deleteItem"></ip-list-table>
 
-	<div class="page" v-html="page"></div>
+<div class="page" v-html="page"></div>

web/views/@default/servers/components/waf/ipadmin/lists.js

@@ -26,10 +26,13 @@ Tea.context(function () {
 	 * 添加IP名单菜单
 	 */
 	this.createIP = function (type) {
+		let that = this
 		teaweb.popup("/servers/components/waf/ipadmin/createIPPopup?firewallPolicyId=" + this.firewallPolicyId + '&type=' + type, {
 			height: "26em",
 			callback: function () {
-				window.location = "/servers/components/waf/ipadmin/lists?firewallPolicyId=" + this.firewallPolicyId + "&type=" + type
+				teaweb.success("保存成功", function () {
+					window.location = "/servers/components/waf/ipadmin/lists?firewallPolicyId=" + that.firewallPolicyId + "&type=" + type
+				})
 			}
 		})
 	}

web/views/@default/servers/components/waf/ipadmin/provinces.js

@@ -42,10 +42,13 @@ Tea.context(function () {
 	 * 添加IP名单菜单
 	 */
 	this.createIP = function (type) {
+		let that = this
 		teaweb.popup("/servers/components/waf/ipadmin/createIPPopup?firewallPolicyId=" + this.firewallPolicyId + '&type=' + type, {
 			height: "23em",
 			callback: function () {
-				window.location = "/servers/components/waf/ipadmin/lists?firewallPolicyId=" + this.firewallPolicyId + "&type=" + type
+				teaweb.success("保存成功", function () {
+					window.location = "/servers/components/waf/ipadmin/lists?firewallPolicyId=" + that.firewallPolicyId + "&type=" + type
+				})
 			}
 		})
 	}

web/views/@default/servers/components/waf/ipadmin/test.js

@@ -1,47 +1,50 @@
 Tea.context(function () {
-    this.ip = ""
-    this.result = {
-        isDone: false,
-        isOk: false,
-        isFound: false,
-        isAllowed: false,
-        error: "",
-        province: null,
-        country: null,
-        ipItem: null,
-        ipList: null
-    }
+	this.ip = ""
+	this.result = {
+		isDone: false,
+		isOk: false,
+		isFound: false,
+		isAllowed: false,
+		error: "",
+		province: null,
+		country: null,
+		ipItem: null,
+		ipList: null
+	}
 
-    this.$delay(function () {
-        this.$watch("ip", function () {
-            this.result.isDone = false
-        })
-    })
+	this.$delay(function () {
+		this.$watch("ip", function () {
+			this.result.isDone = false
+		})
+	})
 
-    this.success = function (resp) {
-        this.result = resp.data.result
-    }
+	this.success = function (resp) {
+		this.result = resp.data.result
+	}
 
-    this.updateItem = function (itemId) {
-        teaweb.popup(Tea.url(".updateIPPopup?firewallPolicyId=" + this.firewallPolicyId, {itemId: itemId}), {
-            height: "26em",
-            callback: function () {
-                teaweb.success("保存成功", function () {
-                    teaweb.reload()
-                })
-            }
-        })
-    }
+	this.updateItem = function (itemId) {
+		teaweb.popup(Tea.url(".updateIPPopup?firewallPolicyId=" + this.firewallPolicyId, {itemId: itemId}), {
+			height: "26em",
+			callback: function () {
+				teaweb.success("保存成功", function () {
+					teaweb.reload()
+				})
+			}
+		})
+	}
 
-    /**
-     * 添加IP名单菜单
-     */
-    this.createIP = function (type) {
-        teaweb.popup("/servers/components/waf/ipadmin/createIPPopup?firewallPolicyId=" + this.firewallPolicyId + '&type=' + type, {
-            height: "26em",
-            callback: function () {
-                window.location = "/servers/components/waf/ipadmin/lists?firewallPolicyId=" + this.firewallPolicyId + "&type=" + type
-            }
-        })
-    }
+	/**
+	 * 添加IP名单菜单
+	 */
+	this.createIP = function (type) {
+		let that = this
+		teaweb.popup("/servers/components/waf/ipadmin/createIPPopup?firewallPolicyId=" + this.firewallPolicyId + '&type=' + type, {
+			height: "26em",
+			callback: function () {
+				teaweb.success("保存成功", function () {
+					window.location = "/servers/components/waf/ipadmin/lists?firewallPolicyId=" + that.firewallPolicyId + "&type=" + type
+				})
+			}
+		})
+	}
 })

web/views/@default/servers/create.html

@@ -41,6 +41,7 @@
 			<td>绑定域名</td>
 			<td>
 				<server-name-box></server-name-box>
+                <p class="comment">绑定后，才能通过域名可以访问不同的服务。</p>
 			</td>
 		</tr>