删除不必要的代码

cmd/edge-admin/main.go

@@ -7,17 +7,20 @@ import (
 	teaconst "github.com/TeaOSLab/EdgeAdmin/internal/const"
 	"github.com/TeaOSLab/EdgeAdmin/internal/gen"
 	"github.com/TeaOSLab/EdgeAdmin/internal/nodes"
+	"github.com/TeaOSLab/EdgeAdmin/internal/utils"
 	_ "github.com/TeaOSLab/EdgeAdmin/internal/web"
 	_ "github.com/iwind/TeaGo/bootstrap"
 	"github.com/iwind/TeaGo/maps"
 	"github.com/iwind/gosock/pkg/gosock"
+	"log"
+	"time"
 )
 
 func main() {
-	app := apps.NewAppCmd().
+	var app = apps.NewAppCmd().
 		Version(teaconst.Version).
 		Product(teaconst.ProductName).
-		Usage(teaconst.ProcessName+" [-v|start|stop|restart|service|daemon|reset|recover|demo]").
+		Usage(teaconst.ProcessName+" [-v|start|stop|restart|service|daemon|reset|recover|demo|upgrade]").
 		Usage(teaconst.ProcessName+" [dev|prod]").
 		Option("-h", "show this help").
 		Option("-v", "show version").
@@ -30,7 +33,8 @@ func main() {
 		Option("recover", "enter recovery mode").
 		Option("demo", "switch to demo mode").
 		Option("dev", "switch to 'dev' mode").
-		Option("prod", "switch to 'prod' mode")
+		Option("prod", "switch to 'prod' mode").
+		Option("upgrade", "upgrade from official site")
 
 	app.On("daemon", func() {
 		nodes.NewAdminNode().Daemon()
@@ -115,8 +119,42 @@ func main() {
 			fmt.Println("switch to '" + env + "' ok")
 		}
 	})
+	app.On("upgrade", func() {
+		var manager = utils.NewUpgradeManager("admin")
+		log.Println("checking latest version ...")
+		var ticker = time.NewTicker(1 * time.Second)
+		go func() {
+			var lastProgress float32 = 0
+			var isStarted = false
+			for range ticker.C {
+				if manager.IsDownloading() {
+					if !isStarted {
+						log.Println("start downloading v" + manager.NewVersion() + " ...")
+						isStarted = true
+					}
+					var progress = manager.Progress()
+					if progress >= 0 {
+						if progress == 0 || progress == 1 || progress-lastProgress >= 0.1 {
+							lastProgress = progress
+							log.Println(fmt.Sprintf("%.2f%%", manager.Progress()*100))
+						}
+					}
+				} else {
+					break
+				}
+			}
+		}()
+		err := manager.Start()
+		if err != nil {
+			log.Println("upgrade failed: " + err.Error())
+			return
+		}
+		log.Println("finished!")
+		log.Println("restarting ...")
+		app.RunRestart()
+	})
 	app.Run(func() {
-		adminNode := nodes.NewAdminNode()
+		var adminNode = nodes.NewAdminNode()
 		adminNode.Run()
 	})
 }

internal/apps/app_cmd.go

@@ -123,7 +123,7 @@ func (this *AppCmd) On(arg string, callback func()) {
 // Run 运行
 func (this *AppCmd) Run(main func()) {
 	// 获取参数
-	args := os.Args[1:]
+	var args = os.Args[1:]
 	if len(args) > 0 {
 		switch args[0] {
 		case "-v", "version", "-version", "--version":
@@ -139,7 +139,7 @@ func (this *AppCmd) Run(main func()) {
 			this.runStop()
 			return
 		case "restart":
-			this.runRestart()
+			this.RunRestart()
 			return
 		case "status":
 			this.runStatus()
@@ -160,7 +160,7 @@ func (this *AppCmd) Run(main func()) {
 	}
 
 	// 日志
-	writer := new(LogWriter)
+	var writer = new(LogWriter)
 	writer.Init()
 	logs.SetWriter(writer)
 
@@ -210,7 +210,7 @@ func (this *AppCmd) runStop() {
 }
 
 // 重启
-func (this *AppCmd) runRestart() {
+func (this *AppCmd) RunRestart() {
 	this.runStop()
 	time.Sleep(1 * time.Second)
 	this.runStart()

internal/configloaders/admin_module_test.go

@@ -6,7 +6,7 @@ import (
 )
 
 func TestLoadAdminModuleMapping(t *testing.T) {
-	m, err := LoadAdminModuleMapping()
+	m, err := loadAdminModuleMapping()
 	if err != nil {
 		t.Fatal(err)
 	}

internal/configloaders/admin_ui_config_test.go

@@ -9,7 +9,7 @@ import (
 func TestLoadUIConfig(t *testing.T) {
 	for i := 0; i < 10; i++ {
 		before := time.Now()
-		config, err := LoadUIConfig()
+		config, err := LoadAdminUIConfig()
 		if err != nil {
 			t.Fatal(err)
 		}
@@ -20,7 +20,7 @@ func TestLoadUIConfig(t *testing.T) {
 
 func TestLoadUIConfig2(t *testing.T) {
 	for i := 0; i < 10; i++ {
-		config, err := LoadUIConfig()
+		config, err := LoadAdminUIConfig()
 		if err != nil {
 			t.Fatal(err)
 		}

internal/configs/api_config_test.go

@@ -14,13 +14,7 @@ func TestLoadAPIConfig(t *testing.T) {
 }
 
 func TestAPIConfig_WriteFile(t *testing.T) {
-	config := &APIConfig{
-		RPC: struct {
-			Endpoints []string `yaml:"endpoints"`
-		}{},
-		NodeId: "1",
-		Secret: "2",
-	}
+	config := &APIConfig{}
 	err := config.WriteFile("/tmp/api_config.yaml")
 	if err != nil {
 		t.Fatal(err)

internal/const/const.go

@@ -1,9 +1,9 @@
 package teaconst
 
 const (
-	Version = "0.5.0"
+	Version = "0.5.5"
 
-	APINodeVersion = "0.5.0"
+	APINodeVersion = "0.5.5"
 
 	ProductName   = "Edge Admin"
 	ProcessName   = "edge-admin"

internal/csrf/utils.go

@@ -10,7 +10,7 @@ import (
 	"time"
 )
 
-// 生成Token
+// Generate 生成Token
 func Generate() string {
 	timestamp := strconv.FormatInt(time.Now().Unix(), 10)
 
@@ -23,7 +23,7 @@ func Generate() string {
 	return token
 }
 
-// 校验Token
+// Validate 校验Token
 func Validate(token string) (b bool) {
 	if len(token) == 0 {
 		return

internal/nodes/admin_node.go

@@ -1,9 +1,9 @@
 package nodes
 
 import (
+	"errors"
 	"github.com/TeaOSLab/EdgeAdmin/internal/configs"
 	teaconst "github.com/TeaOSLab/EdgeAdmin/internal/const"
-	"github.com/TeaOSLab/EdgeAdmin/internal/errors"
 	"github.com/TeaOSLab/EdgeAdmin/internal/events"
 	"github.com/TeaOSLab/EdgeAdmin/internal/utils"
 	"github.com/iwind/TeaGo"
@@ -90,7 +90,7 @@ func (this *AdminNode) Run() {
 		EndAll().
 		Session(sessions.NewFileSessionManager(86400, secret), teaconst.CookieSID).
 		ReadHeaderTimeout(3 * time.Second).
-		ReadTimeout(600 * time.Second).
+		ReadTimeout(1200 * time.Second).
 		Start()
 }
 

internal/rpc/rpc_client.go

@@ -11,6 +11,7 @@ import (
 	"github.com/TeaOSLab/EdgeAdmin/internal/utils"
 	"github.com/TeaOSLab/EdgeCommon/pkg/rpc/dao"
 	"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
+	"github.com/iwind/TeaGo/lists"
 	"github.com/iwind/TeaGo/maps"
 	"github.com/iwind/TeaGo/rands"
 	"google.golang.org/grpc"
@@ -19,7 +20,9 @@ import (
 	"google.golang.org/grpc/credentials/insecure"
 	"google.golang.org/grpc/encoding/gzip"
 	"google.golang.org/grpc/metadata"
+	"net"
 	"net/url"
+	"strings"
 	"sync"
 	"time"
 )
@@ -38,7 +41,7 @@ func NewRPCClient(apiConfig *configs.APIConfig, isPrimary bool) (*RPCClient, err
 		return nil, errors.New("api config should not be nil")
 	}
 
-	client := &RPCClient{
+	var client = &RPCClient{
 		apiConfig: apiConfig,
 	}
 
@@ -123,6 +126,10 @@ func (this *RPCClient) ServerRPC() pb.ServerServiceClient {
 	return pb.NewServerServiceClient(this.pickConn())
 }
 
+func (this *RPCClient) ServerBandwidthStatRPC() pb.ServerBandwidthStatServiceClient {
+	return pb.NewServerBandwidthStatServiceClient(this.pickConn())
+}
+
 func (this *RPCClient) ServerClientSystemMonthlyStatRPC() pb.ServerClientSystemMonthlyStatServiceClient {
 	return pb.NewServerClientSystemMonthlyStatServiceClient(this.pickConn())
 }
@@ -167,18 +174,10 @@ func (this *RPCClient) APIMethodStatRPC() pb.APIMethodStatServiceClient {
 	return pb.NewAPIMethodStatServiceClient(this.pickConn())
 }
 
-func (this *RPCClient) UserNodeRPC() pb.UserNodeServiceClient {
-	return pb.NewUserNodeServiceClient(this.pickConn())
-}
-
 func (this *RPCClient) DBNodeRPC() pb.DBNodeServiceClient {
 	return pb.NewDBNodeServiceClient(this.pickConn())
 }
 
-func (this *RPCClient) MonitorNodeRPC() pb.MonitorNodeServiceClient {
-	return pb.NewMonitorNodeServiceClient(this.pickConn())
-}
-
 func (this *RPCClient) DBRPC() pb.DBServiceClient {
 	return pb.NewDBServiceClient(this.pickConn())
 }
@@ -320,6 +319,10 @@ func (this *RPCClient) IPLibraryFileRPC() pb.IPLibraryFileServiceClient {
 	return pb.NewIPLibraryFileServiceClient(this.pickConn())
 }
 
+func (this *RPCClient) IPLibraryArtifactRPC() pb.IPLibraryArtifactServiceClient {
+	return pb.NewIPLibraryArtifactServiceClient(this.pickConn())
+}
+
 func (this *RPCClient) IPListRPC() pb.IPListServiceClient {
 	return pb.NewIPListServiceClient(this.pickConn())
 }
@@ -396,26 +399,6 @@ func (this *RPCClient) UserRPC() pb.UserServiceClient {
 	return pb.NewUserServiceClient(this.pickConn())
 }
 
-func (this *RPCClient) UserBillRPC() pb.UserBillServiceClient {
-	return pb.NewUserBillServiceClient(this.pickConn())
-}
-
-func (this *RPCClient) ServerBillRPC() pb.ServerBillServiceClient {
-	return pb.NewServerBillServiceClient(this.pickConn())
-}
-
-func (this *RPCClient) UserAccountRPC() pb.UserAccountServiceClient {
-	return pb.NewUserAccountServiceClient(this.pickConn())
-}
-
-func (this *RPCClient) UserAccountLogRPC() pb.UserAccountLogServiceClient {
-	return pb.NewUserAccountLogServiceClient(this.pickConn())
-}
-
-func (this *RPCClient) UserAccountDailyStatRPC() pb.UserAccountDailyStatServiceClient {
-	return pb.NewUserAccountDailyStatServiceClient(this.pickConn())
-}
-
 func (this *RPCClient) UserAccessKeyRPC() pb.UserAccessKeyServiceClient {
 	return pb.NewUserAccessKeyServiceClient(this.pickConn())
 }
@@ -486,8 +469,8 @@ func (this *RPCClient) TrafficDailyStatRPC() pb.TrafficDailyStatServiceClient {
 
 // Context 构造Admin上下文
 func (this *RPCClient) Context(adminId int64) context.Context {
-	ctx := context.Background()
-	m := maps.Map{
+	var ctx = context.Background()
+	var m = maps.Map{
 		"timestamp": time.Now().Unix(),
 		"type":      "admin",
 		"userId":    adminId,
@@ -502,15 +485,15 @@ func (this *RPCClient) Context(adminId int64) context.Context {
 		utils.PrintError(err)
 		return context.Background()
 	}
-	token := base64.StdEncoding.EncodeToString(data)
+	var token = base64.StdEncoding.EncodeToString(data)
 	ctx = metadata.AppendToOutgoingContext(ctx, "nodeId", this.apiConfig.NodeId, "token", token)
 	return ctx
 }
 
 // APIContext 构造API上下文
 func (this *RPCClient) APIContext(apiNodeId int64) context.Context {
-	ctx := context.Background()
-	m := maps.Map{
+	var ctx = context.Background()
+	var m = maps.Map{
 		"timestamp": time.Now().Unix(),
 		"type":      "api",
 		"userId":    apiNodeId,
@@ -525,7 +508,7 @@ func (this *RPCClient) APIContext(apiNodeId int64) context.Context {
 		utils.PrintError(err)
 		return context.Background()
 	}
-	token := base64.StdEncoding.EncodeToString(data)
+	var token = base64.StdEncoding.EncodeToString(data)
 	ctx = metadata.AppendToOutgoingContext(ctx, "nodeId", this.apiConfig.NodeId, "token", token)
 	return ctx
 }
@@ -542,20 +525,39 @@ func (this *RPCClient) UpdateConfig(config *configs.APIConfig) error {
 
 // 初始化
 func (this *RPCClient) init() error {
+	// 当前的IP地址
+	var localIPAddrs = this.localIPAddrs()
+
 	// 重新连接
-	conns := []*grpc.ClientConn{}
+	var conns = []*grpc.ClientConn{}
 	for _, endpoint := range this.apiConfig.RPC.Endpoints {
 		u, err := url.Parse(endpoint)
 		if err != nil {
 			return errors.New("parse endpoint failed: " + err.Error())
 		}
+
+		var apiHost = u.Host
+
+		// 如果本机，则将地址修改为回路地址
+		if lists.ContainsString(localIPAddrs, u.Hostname()) {
+			if strings.Contains(apiHost, "[") { // IPv6 [host]:port
+				apiHost = "[::1]"
+			} else {
+				apiHost = "127.0.0.1"
+			}
+			var port = u.Port()
+			if len(port) > 0 {
+				apiHost += ":" + port
+			}
+		}
+
 		var conn *grpc.ClientConn
 		var callOptions = grpc.WithDefaultCallOptions(grpc.MaxCallRecvMsgSize(128*1024*1024),
 			grpc.UseCompressor(gzip.Name))
 		if u.Scheme == "http" {
-			conn, err = grpc.Dial(u.Host, grpc.WithTransportCredentials(insecure.NewCredentials()), callOptions)
+			conn, err = grpc.Dial(apiHost, grpc.WithTransportCredentials(insecure.NewCredentials()), callOptions)
 		} else if u.Scheme == "https" {
-			conn, err = grpc.Dial(u.Host, grpc.WithTransportCredentials(credentials.NewTLS(&tls.Config{
+			conn, err = grpc.Dial(apiHost, grpc.WithTransportCredentials(credentials.NewTLS(&tls.Config{
 				InsecureSkipVerify: true,
 			})), callOptions)
 		} else {
@@ -582,7 +584,7 @@ func (this *RPCClient) pickConn() *grpc.ClientConn {
 
 	// 检查连接状态
 	if len(this.conns) > 0 {
-		availableConns := []*grpc.ClientConn{}
+		var availableConns = []*grpc.ClientConn{}
 		for _, state := range []connectivity.State{connectivity.Ready, connectivity.Idle, connectivity.Connecting} {
 			for _, conn := range this.conns {
 				if conn.GetState() == state {
@@ -634,3 +636,18 @@ func (this *RPCClient) Close() error {
 
 	return lastErr
 }
+
+func (this *RPCClient) localIPAddrs() []string {
+	localInterfaceAddrs, err := net.InterfaceAddrs()
+	var localIPAddrs = []string{}
+	if err == nil {
+		for _, addr := range localInterfaceAddrs {
+			var addrString = addr.String()
+			var index = strings.Index(addrString, "/")
+			if index > 0 {
+				localIPAddrs = append(localIPAddrs, addrString[:index])
+			}
+		}
+	}
+	return localIPAddrs
+}

internal/rpc/rpc_client_test.go

@@ -35,7 +35,8 @@ func TestRPCClient_NodeRPC(t *testing.T) {
 func TestRPC_Dial_HTTP(t *testing.T) {
 	client, err := NewRPCClient(&configs.APIConfig{
 		RPC: struct {
-			Endpoints []string `yaml:"endpoints"`
+			Endpoints     []string `yaml:"endpoints"`
+			DisableUpdate bool     `yaml:"disableUpdate"`
 		}{
 			Endpoints: []string{"http://127.0.0.1:8004"},
 		},
@@ -56,7 +57,8 @@ func TestRPC_Dial_HTTP(t *testing.T) {
 func TestRPC_Dial_HTTP_2(t *testing.T) {
 	client, err := NewRPCClient(&configs.APIConfig{
 		RPC: struct {
-			Endpoints []string `yaml:"endpoints"`
+			Endpoints     []string `yaml:"endpoints"`
+			DisableUpdate bool     `yaml:"disableUpdate"`
 		}{
 			Endpoints: []string{"https://127.0.0.1:8003"},
 		},
@@ -77,7 +79,8 @@ func TestRPC_Dial_HTTP_2(t *testing.T) {
 func TestRPC_Dial_HTTPS(t *testing.T) {
 	client, err := NewRPCClient(&configs.APIConfig{
 		RPC: struct {
-			Endpoints []string `yaml:"endpoints"`
+			Endpoints     []string `yaml:"endpoints"`
+			DisableUpdate bool     `yaml:"disableUpdate"`
 		}{
 			Endpoints: []string{"https://127.0.0.1:8004"},
 		},
@@ -94,3 +97,53 @@ func TestRPC_Dial_HTTPS(t *testing.T) {
 	}
 	t.Log(resp.Node)
 }
+
+func BenchmarkNewRPCClient(b *testing.B) {
+	config, err := configs.LoadAPIConfig()
+	if err != nil {
+		b.Fatal(err)
+	}
+	rpc, err := NewRPCClient(config, true)
+	if err != nil {
+		b.Fatal(err)
+	}
+
+	b.ResetTimer()
+
+	for i := 0; i < b.N; i++ {
+		resp, err := rpc.AdminRPC().LoginAdmin(rpc.Context(0), &pb.LoginAdminRequest{
+			Username: "admin",
+			Password: stringutil.Md5("123456"),
+		})
+		if err != nil {
+			b.Fatal(err)
+		}
+		_ = resp
+	}
+}
+
+func BenchmarkNewRPCClient_2(b *testing.B) {
+	config, err := configs.LoadAPIConfig()
+	if err != nil {
+		b.Fatal(err)
+	}
+	rpc, err := NewRPCClient(config, true)
+	if err != nil {
+		b.Fatal(err)
+	}
+
+	var conn = rpc.AdminRPC()
+
+	b.ResetTimer()
+
+	for i := 0; i < b.N; i++ {
+		resp, err := conn.LoginAdmin(rpc.Context(0), &pb.LoginAdminRequest{
+			Username: "admin",
+			Password: stringutil.Md5("123456"),
+		})
+		if err != nil {
+			b.Fatal(err)
+		}
+		_ = resp
+	}
+}

internal/tasks/task_sync_api_nodes.go

@@ -14,6 +14,7 @@ import (
 	"github.com/iwind/TeaGo/logs"
 	"google.golang.org/grpc"
 	"google.golang.org/grpc/credentials"
+	"google.golang.org/grpc/credentials/insecure"
 	"net/url"
 	"sort"
 	"strings"
@@ -143,8 +144,9 @@ func (this *SyncAPINodesTask) testEndpoints(endpoints []string) bool {
 				cancel()
 			}()
 			var conn *grpc.ClientConn
+
 			if u.Scheme == "http" {
-				conn, err = grpc.DialContext(ctx, u.Host, grpc.WithInsecure(), grpc.WithBlock())
+				conn, err = grpc.DialContext(ctx, u.Host, grpc.WithTransportCredentials(insecure.NewCredentials()), grpc.WithBlock())
 			} else if u.Scheme == "https" {
 				conn, err = grpc.DialContext(ctx, u.Host, grpc.WithTransportCredentials(credentials.NewTLS(&tls.Config{
 					InsecureSkipVerify: true,

internal/utils/email.go

@@ -0,0 +1,12 @@
+// Copyright 2022 Liuxiangchao iwind.liu@gmail.com. All rights reserved. Official site: https://goedge.cn .
+
+package utils
+
+import "regexp"
+
+var emailReg = regexp.MustCompile(`(?i)^[a-z\d]+([._+-]*[a-z\d]+)*@([a-z\d]+[a-z\d-]*[a-z\d]+\.)+[a-z\d]+$`)
+
+// ValidateEmail 校验电子邮箱格式
+func ValidateEmail(email string) bool {
+	return emailReg.MatchString(email)
+}

internal/utils/email_test.go

@@ -0,0 +1,22 @@
+// Copyright 2022 Liuxiangchao iwind.liu@gmail.com. All rights reserved. Official site: https://goedge.cn .
+
+package utils_test
+
+import (
+	"github.com/TeaOSLab/EdgeAPI/internal/utils"
+	"github.com/iwind/TeaGo/assert"
+	"testing"
+)
+
+func TestValidateEmail(t *testing.T) {
+	var a = assert.NewAssertion(t)
+	a.IsTrue(utils.ValidateEmail("aaaa@gmail.com"))
+	a.IsTrue(utils.ValidateEmail("a.b@gmail.com"))
+	a.IsTrue(utils.ValidateEmail("a.b.c.d@gmail.com"))
+	a.IsTrue(utils.ValidateEmail("aaaa@gmail.com.cn"))
+	a.IsTrue(utils.ValidateEmail("hello.world.123@gmail.123.com"))
+	a.IsTrue(utils.ValidateEmail("10000@qq.com"))
+	a.IsFalse(utils.ValidateEmail("aaaa.@gmail.com"))
+	a.IsFalse(utils.ValidateEmail("aaaa@gmail"))
+	a.IsFalse(utils.ValidateEmail("aaaa@123"))
+}

internal/utils/service_linux.go

@@ -111,7 +111,8 @@ func (this *ServiceManager) installSystemdService(systemd, exePath string, args
 	shortName := teaconst.SystemdServiceName
 	longName := "GoEdge Admin" // TODO 将来可以修改
 
-	desc := `# Provides:          ` + shortName + `
+	desc := `### BEGIN INIT INFO
+# Provides:          ` + shortName + `
 # Required-Start:    $all
 # Required-Stop:
 # Default-Start:     2 3 4 5

internal/utils/strings.go

@@ -5,7 +5,7 @@ import (
 	"strings"
 )
 
-// format address
+// FormatAddress format address
 func FormatAddress(addr string) string {
 	if strings.HasSuffix(addr, "unix:") {
 		return addr
@@ -17,7 +17,7 @@ func FormatAddress(addr string) string {
 	return addr
 }
 
-// 分割数字
+// SplitNumbers 分割数字
 func SplitNumbers(numbers string) (result []int64) {
 	if len(numbers) == 0 {
 		return

internal/utils/strings_stream.go

@@ -0,0 +1,67 @@
+// Copyright 2022 Liuxiangchao iwind.liu@gmail.com. All rights reserved. Official site: https://goedge.cn .
+
+package utils
+
+import (
+	"github.com/iwind/TeaGo/lists"
+	"strings"
+)
+
+func FilterNotEmpty(item string) bool {
+	return len(item) > 0
+}
+
+func MapAddPrefixFunc(prefix string) func(item string) string {
+	return func(item string) string {
+		if !strings.HasPrefix(item, prefix) {
+			return prefix + item
+		}
+		return item
+	}
+}
+
+type StringsStream struct {
+	s []string
+}
+
+func NewStringsStream(s []string) *StringsStream {
+	return &StringsStream{s: s}
+}
+
+func (this *StringsStream) Map(f ...func(item string) string) *StringsStream {
+	for index, item := range this.s {
+		for _, f1 := range f {
+			item = f1(item)
+		}
+		this.s[index] = item
+	}
+	return this
+}
+
+func (this *StringsStream) Filter(f ...func(item string) bool) *StringsStream {
+	for _, f1 := range f {
+		var newStrings = []string{}
+		for _, item := range this.s {
+			if f1(item) {
+				newStrings = append(newStrings, item)
+			}
+		}
+		this.s = newStrings
+	}
+	return this
+}
+
+func (this *StringsStream) Unique() *StringsStream {
+	var newStrings = []string{}
+	for _, item := range this.s {
+		if !lists.ContainsString(newStrings, item) {
+			newStrings = append(newStrings, item)
+		}
+	}
+	this.s = newStrings
+	return this
+}
+
+func (this *StringsStream) Result() []string {
+	return this.s
+}

internal/utils/strings_stream_test.go

@@ -0,0 +1,25 @@
+// Copyright 2022 Liuxiangchao iwind.liu@gmail.com. All rights reserved. Official site: https://goedge.cn .
+
+package utils_test
+
+import (
+	"github.com/TeaOSLab/EdgeAdmin/internal/utils"
+	"strings"
+	"testing"
+)
+
+func TestStringsStream_Filter(t *testing.T) {
+	var stream = utils.NewStringsStream([]string{"a", "b", "1", "2", "", "png", "a"})
+	stream.Filter(func(item string) bool {
+		return len(item) > 0
+	})
+	t.Log(stream.Result())
+	stream.Map(func(item string) string {
+		return "." + item
+	})
+	t.Log(stream.Result())
+	stream.Unique()
+	t.Log(stream.Result())
+	stream.Map(strings.ToUpper, strings.ToLower)
+	t.Log(stream.Result())
+}

internal/utils/upgrade_manager.go

@@ -0,0 +1,292 @@
+// Copyright 2022 Liuxiangchao iwind.liu@gmail.com. All rights reserved. Official site: https://goedge.cn .
+
+package utils
+
+import (
+	"bytes"
+	"crypto/tls"
+	"encoding/json"
+	"errors"
+	teaconst "github.com/TeaOSLab/EdgeAdmin/internal/const"
+	"github.com/iwind/TeaGo/Tea"
+	"github.com/iwind/TeaGo/maps"
+	"github.com/iwind/TeaGo/types"
+	stringutil "github.com/iwind/TeaGo/utils/string"
+	"io"
+	"net/http"
+	"os"
+	"os/exec"
+	"path/filepath"
+	"runtime"
+	"strings"
+	"time"
+)
+
+type UpgradeFileWriter struct {
+	rawWriter io.Writer
+	written   int64
+}
+
+func NewUpgradeFileWriter(rawWriter io.Writer) *UpgradeFileWriter {
+	return &UpgradeFileWriter{rawWriter: rawWriter}
+}
+
+func (this *UpgradeFileWriter) Write(p []byte) (n int, err error) {
+	n, err = this.rawWriter.Write(p)
+	this.written += int64(n)
+	return
+}
+
+func (this *UpgradeFileWriter) TotalWritten() int64 {
+	return this.written
+}
+
+type UpgradeManager struct {
+	client *http.Client
+
+	component string
+
+	newVersion    string
+	contentLength int64
+	isDownloading bool
+	writer        *UpgradeFileWriter
+	body          io.ReadCloser
+	isCancelled   bool
+}
+
+func NewUpgradeManager(component string) *UpgradeManager {
+	return &UpgradeManager{
+		component: component,
+		client: &http.Client{
+			Transport: &http.Transport{
+				TLSClientConfig: &tls.Config{
+					InsecureSkipVerify: true,
+				},
+			},
+			CheckRedirect: nil,
+			Jar:           nil,
+			Timeout:       30 * time.Minute,
+		},
+	}
+}
+
+func (this *UpgradeManager) Start() error {
+	if this.isDownloading {
+		return errors.New("another process is running")
+	}
+
+	this.isDownloading = true
+
+	defer func() {
+		this.client.CloseIdleConnections()
+		this.isDownloading = false
+	}()
+
+	// 检查unzip
+	unzipExe, _ := exec.LookPath("unzip")
+	if len(unzipExe) == 0 {
+		// TODO install unzip automatically or pack with a static 'unzip' file
+		return errors.New("can not find 'unzip' command")
+	}
+
+	// 检查cp
+	cpExe, _ := exec.LookPath("cp")
+	if len(cpExe) == 0 {
+		return errors.New("can not find 'cp' command")
+	}
+
+	// 检查新版本
+	var downloadURL = ""
+	{
+		var url = teaconst.UpdatesURL
+		var osName = runtime.GOOS
+		if Tea.IsTesting() && osName == "darwin" {
+			osName = "linux"
+		}
+		url = strings.ReplaceAll(url, "${os}", osName)
+		url = strings.ReplaceAll(url, "${arch}", runtime.GOARCH)
+		req, err := http.NewRequest(http.MethodGet, url, nil)
+		if err != nil {
+			return errors.New("create url request failed: " + err.Error())
+		}
+
+		resp, err := this.client.Do(req)
+		if err != nil {
+			return errors.New("read latest version failed: " + err.Error())
+		}
+
+		defer func() {
+			_ = resp.Body.Close()
+		}()
+
+		if resp.StatusCode != http.StatusOK {
+			return errors.New("read latest version failed: invalid response code '" + types.String(resp.StatusCode) + "'")
+		}
+
+		data, err := io.ReadAll(resp.Body)
+		if err != nil {
+			return errors.New("read latest version failed: " + err.Error())
+		}
+
+		var m = maps.Map{}
+		err = json.Unmarshal(data, &m)
+		if err != nil {
+			return errors.New("invalid response data: " + err.Error() + ", origin data: " + string(data))
+		}
+
+		var code = m.GetInt("code")
+		if code != 200 {
+			return errors.New(m.GetString("message"))
+		}
+
+		var dataMap = m.GetMap("data")
+		var downloadHost = dataMap.GetString("host")
+		var versions = dataMap.GetSlice("versions")
+		var downloadPath = ""
+		for _, component := range versions {
+			var componentMap = maps.NewMap(component)
+			if componentMap.Has("version") {
+				if componentMap.GetString("code") == this.component {
+					var version = componentMap.GetString("version")
+					if stringutil.VersionCompare(version, teaconst.Version) > 0 {
+						this.newVersion = version
+						downloadPath = componentMap.GetString("url")
+						break
+					}
+				}
+			}
+		}
+
+		if len(downloadPath) == 0 {
+			return errors.New("no latest version to download")
+		}
+
+		downloadURL = downloadHost + downloadPath
+	}
+
+	{
+		req, err := http.NewRequest(http.MethodGet, downloadURL, nil)
+		if err != nil {
+			return errors.New("create download request failed: " + err.Error())
+		}
+
+		resp, err := this.client.Do(req)
+		if err != nil {
+			return errors.New("download failed: " + downloadURL + ": " + err.Error())
+		}
+
+		defer func() {
+			_ = resp.Body.Close()
+		}()
+
+		if resp.StatusCode != http.StatusOK {
+			return errors.New("download failed: " + downloadURL + ": invalid response code '" + types.String(resp.StatusCode) + "'")
+		}
+
+		this.contentLength = resp.ContentLength
+		this.body = resp.Body
+
+		// download to tmp
+		var tmpDir = os.TempDir()
+		var filename = filepath.Base(downloadURL)
+
+		var destFile = tmpDir + "/" + filename
+		_ = os.Remove(destFile)
+
+		fp, err := os.Create(destFile)
+		if err != nil {
+			return errors.New("create file failed: " + err.Error())
+		}
+
+		defer func() {
+			// 删除安装文件
+			_ = os.Remove(destFile)
+		}()
+
+		this.writer = NewUpgradeFileWriter(fp)
+
+		_, err = io.Copy(this.writer, resp.Body)
+		if err != nil {
+			_ = fp.Close()
+			if this.isCancelled {
+				return nil
+			}
+			return errors.New("download failed: " + err.Error())
+		}
+
+		_ = fp.Close()
+
+		// unzip
+		var unzipDir = tmpDir + "/edge-" + this.component + "-tmp"
+		stat, err := os.Stat(unzipDir)
+		if err == nil && stat.IsDir() {
+			err = os.RemoveAll(unzipDir)
+			if err != nil {
+				return errors.New("remove old dir '" + unzipDir + "' failed: " + err.Error())
+			}
+		}
+		var unzipCmd = exec.Command(unzipExe, "-q", "-o", destFile, "-d", unzipDir)
+		var unzipStderr = &bytes.Buffer{}
+		unzipCmd.Stderr = unzipStderr
+		err = unzipCmd.Run()
+		if err != nil {
+			return errors.New("unzip installation file failed: " + err.Error() + ": " + unzipStderr.String())
+		}
+
+		installationFiles, err := filepath.Glob(unzipDir + "/edge-" + this.component + "/*")
+		if err != nil {
+			return errors.New("lookup installation files failed: " + err.Error())
+		}
+
+		// cp to target dir
+		currentExe, err := os.Executable()
+		if err != nil {
+			return errors.New("reveal current executable file path failed: " + err.Error())
+		}
+		var targetDir = filepath.Dir(filepath.Dir(currentExe))
+		if !Tea.IsTesting() {
+			for _, installationFile := range installationFiles {
+				var cpCmd = exec.Command(cpExe, "-R", "-f", installationFile, targetDir)
+				var cpStderr = &bytes.Buffer{}
+				cpCmd.Stderr = cpStderr
+				err = cpCmd.Run()
+				if err != nil {
+					return errors.New("overwrite installation files failed: '" + cpCmd.String() + "': " + cpStderr.String())
+				}
+			}
+		}
+
+		// remove tmp
+		_ = os.RemoveAll(unzipDir)
+	}
+
+	return nil
+}
+
+func (this *UpgradeManager) IsDownloading() bool {
+	return this.isDownloading
+}
+
+func (this *UpgradeManager) Progress() float32 {
+	if this.contentLength <= 0 {
+		return -1
+	}
+	if this.writer == nil {
+		return -1
+	}
+	return float32(this.writer.TotalWritten()) / float32(this.contentLength)
+}
+
+func (this *UpgradeManager) NewVersion() string {
+	return this.newVersion
+}
+
+func (this *UpgradeManager) Cancel() error {
+	this.isCancelled = true
+	this.isDownloading = false
+
+	if this.body != nil {
+		_ = this.body.Close()
+	}
+	return nil
+}

internal/utils/upgrade_manager_test.go

@@ -0,0 +1,35 @@
+// Copyright 2022 Liuxiangchao iwind.liu@gmail.com. All rights reserved. Official site: https://goedge.cn .
+
+package utils_test
+
+import (
+	"github.com/TeaOSLab/EdgeAdmin/internal/utils"
+	"testing"
+	"time"
+)
+
+func TestNewUpgradeManager(t *testing.T) {
+	var manager = utils.NewUpgradeManager("admin")
+
+	var ticker = time.NewTicker(2 * time.Second)
+	go func() {
+		for range ticker.C {
+			if manager.IsDownloading() {
+				t.Logf("%.2f%%", manager.Progress()*100)
+			}
+		}
+	}()
+
+	/**go func() {
+		time.Sleep(5 * time.Second)
+		if manager.IsDownloading() {
+			t.Log("cancel downloading")
+			_ = manager.Cancel()
+		}
+	}()**/
+
+	err := manager.Start()
+	if err != nil {
+		t.Fatal(err)
+	}
+}

internal/web/actions/actionutils/utils.go

@@ -11,6 +11,7 @@ import (
 	"github.com/iwind/TeaGo/actions"
 	"github.com/iwind/TeaGo/logs"
 	"github.com/iwind/TeaGo/maps"
+	"github.com/iwind/gosock/pkg/gosock"
 	"net"
 	"net/http"
 	"os"
@@ -18,6 +19,7 @@ import (
 	"reflect"
 	"runtime"
 	"strings"
+	"time"
 )
 
 // Fail 提示服务器错误信息
@@ -45,6 +47,25 @@ func FailPage(action actions.ActionWrapper, err error) {
 
 	var isRPCConnError bool
 	err, isRPCConnError = rpcerrors.HumanError(err, apiEndpoints, Tea.ConfigFile("api.yaml"))
+	var apiNodeIsStarting = false
+	var apiNodeProgress = ""
+	if isRPCConnError {
+		// API节点是否正在启动
+		var sock = gosock.NewTmpSock("edge-api")
+		reply, err := sock.SendTimeout(&gosock.Command{
+			Code:   "starting",
+			Params: nil,
+		}, 1*time.Second)
+		if err == nil && reply != nil {
+			var params = maps.NewMap(reply.Params)
+			if params.GetBool("isStarting") {
+				apiNodeIsStarting = true
+
+				var progressMap = params.GetMap("progress")
+				apiNodeProgress = progressMap.GetString("description")
+			}
+		}
+	}
 
 	action.Object().ResponseWriter.WriteHeader(http.StatusInternalServerError)
 	if len(action.Object().Request.Header.Get("X-Requested-With")) > 0 {
@@ -90,14 +111,25 @@ func FailPage(action actions.ActionWrapper, err error) {
 	</head>
 	<body>
 	<div style="background: #eee; border: 1px #ccc solid; padding: 10px; font-size: 12px; line-height: 1.8">
-	` + teaconst.ErrServer + `
+	`
+		if apiNodeIsStarting { // API节点正在启动
+			html += "<div class=\"red\">API节点正在启动，请耐心等待完成"
+
+			if len(apiNodeProgress) > 0 {
+				html += "：" + apiNodeProgress
+			}
+
+			html += "</div>"
+		} else {
+			html += teaconst.ErrServer + `
 		<div>可以通过查看 <strong><em>$安装目录/logs/run.log</em></strong> 日志文件查看具体的错误提示。</div>
 		<hr/>
 		<div class="red">Error: ` + err.Error() + `</div>`
 
-		if len(issuesHTML) > 0 {
-			html += `        <hr/>
+			if len(issuesHTML) > 0 {
+				html += `        <hr/>
         <div class="red">` + issuesHTML + `</div>`
+			}
 		}
 
 		action.Object().WriteString(html + `

internal/web/actions/default/api/delete.go

@@ -25,6 +25,7 @@ func (this *DeleteAction) RunPost(params struct {
 	var apiNode = nodeResp.ApiNode
 	if apiNode == nil {
 		this.Success()
+		return
 	}
 	if apiNode.IsOn {
 		countResp, err := this.RPC().APINodeRPC().CountAllEnabledAndOnAPINodes(this.AdminContext(), &pb.CountAllEnabledAndOnAPINodesRequest{})

internal/web/actions/default/clusters/cluster/createNode.go

@@ -5,11 +5,14 @@ import (
 	"github.com/TeaOSLab/EdgeAdmin/internal/oplogs"
 	"github.com/TeaOSLab/EdgeAdmin/internal/utils"
 	"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
+	"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/default/clusters/clusterutils"
 	"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/default/clusters/grants/grantutils"
 	"github.com/TeaOSLab/EdgeCommon/pkg/nodeconfigs"
 	"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
 	"github.com/iwind/TeaGo/actions"
 	"github.com/iwind/TeaGo/maps"
+	"net"
+	"regexp"
 	"strconv"
 	"strings"
 )
@@ -27,7 +30,7 @@ func (this *CreateNodeAction) Init() {
 func (this *CreateNodeAction) RunGet(params struct {
 	ClusterId int64
 }) {
-	leftMenuItems := []maps.Map{
+	var leftMenuItems = []maps.Map{
 		{
 			"name":     "单个创建",
 			"url":      "/clusters/cluster/createNode?clusterId=" + strconv.FormatInt(params.ClusterId, 10),
@@ -47,7 +50,7 @@ func (this *CreateNodeAction) RunGet(params struct {
 		this.ErrorPage(err)
 		return
 	}
-	dnsRouteMaps := []maps.Map{}
+	var dnsRouteMaps = []maps.Map{}
 	this.Data["dnsDomainId"] = 0
 	if clusterDNSResp.Domain != nil {
 		domainId := clusterDNSResp.Domain.Id
@@ -76,8 +79,8 @@ func (this *CreateNodeAction) RunGet(params struct {
 		this.ErrorPage(err)
 		return
 	}
-	apiNodes := apiNodesResp.ApiNodes
-	apiEndpoints := []string{}
+	var apiNodes = apiNodesResp.ApiNodes
+	var apiEndpoints = []string{}
 	for _, apiNode := range apiNodes {
 		if !apiNode.IsOn {
 			continue
@@ -86,6 +89,9 @@ func (this *CreateNodeAction) RunGet(params struct {
 	}
 	this.Data["apiEndpoints"] = "\"" + strings.Join(apiEndpoints, "\", \"") + "\""
 
+	// 安装文件下载
+	this.Data["installerFiles"] = clusterutils.ListInstallerFiles()
+
 	this.Show()
 }
 
@@ -118,7 +124,7 @@ func (this *CreateNodeAction) RunPost(params struct {
 	}
 
 	// IP地址
-	ipAddresses := []maps.Map{}
+	var ipAddresses = []maps.Map{}
 	if len(params.IpAddressesJSON) > 0 {
 		err := json.Unmarshal(params.IpAddressesJSON, &ipAddresses)
 		if err != nil {
@@ -127,10 +133,29 @@ func (this *CreateNodeAction) RunPost(params struct {
 		}
 	}
 	if len(ipAddresses) == 0 {
-		this.Fail("请至少输入一个IP地址")
+		// 检查Name中是否包含IP
+		var ipv4Reg = regexp.MustCompile(`\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}`)
+		var ipMatches = ipv4Reg.FindStringSubmatch(params.Name)
+		if len(ipMatches) > 0 {
+			var nodeIP = ipMatches[0]
+			if net.ParseIP(nodeIP) != nil {
+				ipAddresses = []maps.Map{
+					{
+						"ip":        nodeIP,
+						"canAccess": true,
+						"isOn":      true,
+						"isUp":      true,
+					},
+				}
+			}
+		}
+
+		if len(ipAddresses) == 0 {
+			this.Fail("请至少输入一个IP地址")
+		}
 	}
 
-	dnsRouteCodes := []string{}
+	var dnsRouteCodes = []string{}
 	if len(params.DnsRoutesJSON) > 0 {
 		err := json.Unmarshal(params.DnsRoutesJSON, &dnsRouteCodes)
 		if err != nil {
@@ -140,7 +165,7 @@ func (this *CreateNodeAction) RunPost(params struct {
 	}
 
 	// TODO 检查登录授权
-	loginInfo := &pb.NodeLogin{
+	var loginInfo = &pb.NodeLogin{
 		Id:   0,
 		Name: "SSH",
 		Type: "ssh",
@@ -165,7 +190,7 @@ func (this *CreateNodeAction) RunPost(params struct {
 		this.ErrorPage(err)
 		return
 	}
-	nodeId := createResp.NodeId
+	var nodeId = createResp.NodeId
 
 	// IP地址
 	var resultIPAddresses = []string{}

internal/web/actions/default/clusters/cluster/downloadInstaller.go

@@ -0,0 +1,70 @@
+// Copyright 2022 Liuxiangchao iwind.liu@gmail.com. All rights reserved. Official site: https://goedge.cn .
+
+package cluster
+
+import (
+	"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
+	"github.com/iwind/TeaGo/Tea"
+	"github.com/iwind/TeaGo/types"
+	"io"
+	"net/http"
+	"os"
+	"regexp"
+)
+
+type DownloadInstallerAction struct {
+	actionutils.ParentAction
+}
+
+func (this *DownloadInstallerAction) Init() {
+	this.Nav("", "", "")
+}
+
+func (this *DownloadInstallerAction) RunGet(params struct {
+	Name string
+}) {
+	if len(params.Name) == 0 {
+		this.ResponseWriter.WriteHeader(http.StatusNotFound)
+		this.WriteString("file not found")
+		return
+	}
+
+	// 检查文件名
+	// 以防止路径穿越等风险
+	if !regexp.MustCompile(`^[a-zA-Z0-9.-]+$`).MatchString(params.Name) {
+		this.ResponseWriter.WriteHeader(http.StatusNotFound)
+		this.WriteString("file not found")
+		return
+	}
+
+	var zipFile = Tea.Root + "/edge-api/deploy/" + params.Name
+	fp, err := os.OpenFile(zipFile, os.O_RDWR, 0444)
+	if err != nil {
+		if os.IsNotExist(err) {
+			this.ResponseWriter.WriteHeader(http.StatusNotFound)
+			this.WriteString("file not found")
+			return
+		}
+
+		this.ResponseWriter.WriteHeader(http.StatusInternalServerError)
+		this.WriteString("file can not be opened")
+
+		return
+	}
+
+	defer func() {
+		_ = fp.Close()
+	}()
+
+	stat, err := fp.Stat()
+	if err != nil {
+		this.ResponseWriter.WriteHeader(http.StatusInternalServerError)
+		this.WriteString("file can not be opened")
+		return
+	}
+
+	this.AddHeader("Content-Disposition", "attachment; filename=\""+params.Name+"\";")
+	this.AddHeader("Content-Type", "application/zip")
+	this.AddHeader("Content-Length", types.String(stat.Size()))
+	_, _ = io.Copy(this.ResponseWriter, fp)
+}

internal/web/actions/default/clusters/cluster/groups/createPopup.go

@@ -48,7 +48,7 @@ func (this *CreatePopupAction) RunPost(params struct {
 	}
 
 	// 创建日志
-	defer this.CreateLog(oplogs.LevelInfo, "创建节点分组", createResp.NodeGroupId)
+	defer this.CreateLog(oplogs.LevelInfo, "创建节点分组 %d", createResp.NodeGroupId)
 
 	this.Success()
 }

internal/web/actions/default/clusters/cluster/init.go

@@ -35,6 +35,7 @@ func init() {
 			GetPost("/updateNodeSSH", new(UpdateNodeSSHAction)).
 			GetPost("/installManual", new(InstallManualAction)).
 			Post("/suggestLoginPorts", new(SuggestLoginPortsAction)).
+			Get("/downloadInstaller", new(DownloadInstallerAction)).
 
 			// 节点相关
 			Prefix("/clusters/cluster/node").

internal/web/actions/default/clusters/cluster/node/detail.go

@@ -25,7 +25,8 @@ func (this *DetailAction) Init() {
 }
 
 func (this *DetailAction) RunGet(params struct {
-	NodeId int64
+	NodeId    int64
+	ClusterId int64
 }) {
 	this.Data["nodeId"] = params.NodeId
 
@@ -43,13 +44,13 @@ func (this *DetailAction) RunGet(params struct {
 	// 主集群
 	var clusterMap maps.Map = nil
 	if node.NodeCluster != nil {
-		clusterId := node.NodeCluster.Id
+		var clusterId = node.NodeCluster.Id
 		clusterResp, err := this.RPC().NodeClusterRPC().FindEnabledNodeCluster(this.AdminContext(), &pb.FindEnabledNodeClusterRequest{NodeClusterId: clusterId})
 		if err != nil {
 			this.ErrorPage(err)
 			return
 		}
-		cluster := clusterResp.NodeCluster
+		var cluster = clusterResp.NodeCluster
 		if cluster != nil {
 			clusterMap = maps.Map{
 				"id":         cluster.Id,
@@ -69,6 +70,14 @@ func (this *DetailAction) RunGet(params struct {
 		})
 	}
 
+	// 当前访问集群的DNS设置
+	clusterDNSInfo, err := this.RPC().NodeClusterRPC().FindEnabledNodeClusterDNS(this.AdminContext(), &pb.FindEnabledNodeClusterDNSRequest{NodeClusterId: params.ClusterId})
+	if err != nil {
+		this.ErrorPage(err)
+		return
+	}
+	this.Data["dnsIsExcludingLnNode"] = clusterDNSInfo != nil && !clusterDNSInfo.IncludingLnNodes && node.Level > 1
+
 	// IP地址
 	ipAddressesResp, err := this.RPC().NodeIPAddressRPC().FindAllEnabledNodeIPAddressesWithNodeId(this.AdminContext(), &pb.FindAllEnabledNodeIPAddressesWithNodeIdRequest{
 		NodeId: params.NodeId,
@@ -286,6 +295,11 @@ func (this *DetailAction) RunGet(params struct {
 		}
 	}
 
+	var lnAddrs = node.LnAddrs
+	if lnAddrs == nil {
+		lnAddrs = []string{}
+	}
+
 	this.Data["node"] = maps.Map{
 		"id":                node.Id,
 		"name":              node.Name,
@@ -303,6 +317,7 @@ func (this *DetailAction) RunGet(params struct {
 		"routes":            routeMaps,
 		"level":             node.Level,
 		"levelInfo":         nodeconfigs.FindNodeLevel(int(node.Level)),
+		"lnAddrs":           lnAddrs,
 
 		"status": maps.Map{
 			"isActive":             status.IsActive,

internal/web/actions/default/clusters/cluster/node/install.go

@@ -1,12 +1,16 @@
 package node
 
 import (
+	"encoding/json"
 	"github.com/TeaOSLab/EdgeAdmin/internal/oplogs"
 	"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
 	"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/default/clusters/cluster/node/nodeutils"
+	"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/default/clusters/clusterutils"
+	"github.com/TeaOSLab/EdgeCommon/pkg/nodeconfigs"
 	"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
 	"github.com/iwind/TeaGo/actions"
 	"github.com/iwind/TeaGo/maps"
+	"path/filepath"
 	"strings"
 )
 
@@ -32,6 +36,20 @@ func (this *InstallAction) RunGet(params struct {
 		return
 	}
 
+	// 最近运行目录
+	var exeRoot = ""
+	if len(node.StatusJSON) > 0 {
+		var nodeStatus = &nodeconfigs.NodeStatus{}
+		err = json.Unmarshal(node.StatusJSON, nodeStatus)
+		if err == nil {
+			var exePath = nodeStatus.ExePath
+			if len(exePath) > 0 {
+				exeRoot = filepath.Dir(filepath.Dir(exePath))
+			}
+		}
+	}
+	this.Data["exeRoot"] = exeRoot
+
 	// 安装信息
 	if node.InstallStatus != nil {
 		this.Data["installStatus"] = maps.Map{
@@ -70,7 +88,7 @@ func (this *InstallAction) RunGet(params struct {
 		this.ErrorPage(err)
 		return
 	}
-	apiNodes := apiNodesResp.ApiNodes
+	var apiNodes = apiNodesResp.ApiNodes
 	apiEndpoints := []string{}
 	for _, apiNode := range apiNodes {
 		if !apiNode.IsOn {
@@ -87,6 +105,10 @@ func (this *InstallAction) RunGet(params struct {
 	nodeMap["secret"] = node.Secret
 	nodeMap["cluster"] = clusterMap
 
+	// 安装文件
+	var installerFiles = clusterutils.ListInstallerFiles()
+	this.Data["installerFiles"] = installerFiles
+
 	this.Show()
 }
 

internal/web/actions/default/clusters/cluster/node/settings/ddos-protection/index.go

@@ -102,8 +102,12 @@ func (this *IndexAction) RunPost(params struct {
 			this.FailField("tcpMaxConnectionsPerIP", "TCP: 单IP TCP最大连接数不能小于"+types.String(nodeconfigs.DefaultTCPMinConnectionsPerIP))
 		}
 
-		if tcpConfig.NewConnectionsRate > 0 && tcpConfig.NewConnectionsRate < nodeconfigs.DefaultTCPNewConnectionsMinRate {
-			this.FailField("tcpNewConnectionsRate", "TCP: 单IP连接速率不能小于"+types.String(nodeconfigs.DefaultTCPNewConnectionsMinRate))
+		if tcpConfig.NewConnectionsMinutelyRate > 0 && tcpConfig.NewConnectionsMinutelyRate < nodeconfigs.DefaultTCPNewConnectionsMinMinutelyRate {
+			this.FailField("tcpNewConnectionsMinutelyRate", "TCP: 单IP连接速率不能小于"+types.String(nodeconfigs.DefaultTCPNewConnectionsMinMinutelyRate))
+		}
+
+		if tcpConfig.NewConnectionsSecondlyRate > 0 && tcpConfig.NewConnectionsSecondlyRate < nodeconfigs.DefaultTCPNewConnectionsMinSecondlyRate {
+			this.FailField("tcpNewConnectionsSecondlyRate", "TCP: 单IP连接速率不能小于"+types.String(nodeconfigs.DefaultTCPNewConnectionsMinSecondlyRate))
 		}
 
 		// Port

internal/web/actions/default/clusters/cluster/node/update.go

@@ -11,6 +11,7 @@ import (
 	"github.com/iwind/TeaGo/actions"
 	"github.com/iwind/TeaGo/maps"
 	"github.com/iwind/TeaGo/types"
+	"net"
 )
 
 type UpdateAction struct {
@@ -61,7 +62,7 @@ func (this *UpdateAction) RunGet(params struct {
 		this.ErrorPage(err)
 		return
 	}
-	ipAddressMaps := []maps.Map{}
+	var ipAddressMaps = []maps.Map{}
 	for _, addr := range ipAddressesResp.NodeIPAddresses {
 		thresholds, err := ipaddressutils.InitNodeIPAddressThresholds(this.Parent(), addr.Id)
 		if err != nil {
@@ -109,6 +110,12 @@ func (this *UpdateAction) RunGet(params struct {
 		"level":       node.Level,
 	}
 
+	if node.LnAddrs == nil {
+		nodeMap["lnAddrs"] = []string{}
+	} else {
+		nodeMap["lnAddrs"] = node.LnAddrs
+	}
+
 	if node.NodeCluster != nil {
 		nodeMap["primaryCluster"] = maps.Map{
 			"id":   node.NodeCluster.Id,
@@ -149,6 +156,7 @@ func (this *UpdateAction) RunPost(params struct {
 	SecondaryClusterIds []byte
 	IsOn                bool
 	Level               int32
+	LnAddrs             []string
 
 	Must *actions.Must
 }) {
@@ -178,7 +186,7 @@ func (this *UpdateAction) RunPost(params struct {
 	}
 
 	// IP地址
-	ipAddresses := []maps.Map{}
+	var ipAddresses = []maps.Map{}
 	if len(params.IPAddressesJSON) > 0 {
 		err := json.Unmarshal(params.IPAddressesJSON, &ipAddresses)
 		if err != nil {
@@ -195,6 +203,27 @@ func (this *UpdateAction) RunPost(params struct {
 		this.Fail("没有权限修改节点级别：" + types.String(params.Level))
 	}
 
+	// 检查Ln节点地址
+	var lnAddrs = []string{}
+	if params.Level > 1 {
+		for _, lnAddr := range params.LnAddrs {
+			if len(lnAddr) == 0 {
+				continue
+			}
+
+			// 处理 host:port
+			host, _, err := net.SplitHostPort(lnAddr)
+			if err == nil {
+				lnAddr = host
+			}
+
+			if net.ParseIP(lnAddr) == nil {
+				this.Fail("L2级别访问地址 '" + lnAddr + "' 格式错误，请纠正后再提交")
+			}
+			lnAddrs = append(lnAddrs, lnAddr)
+		}
+	}
+
 	_, err := this.RPC().NodeRPC().UpdateNode(this.AdminContext(), &pb.UpdateNodeRequest{
 		NodeId:                  params.NodeId,
 		NodeGroupId:             params.GroupId,
@@ -204,6 +233,7 @@ func (this *UpdateAction) RunPost(params struct {
 		SecondaryNodeClusterIds: secondaryClusterIds,
 		IsOn:                    params.IsOn,
 		Level:                   params.Level,
+		LnAddrs:                 lnAddrs,
 	})
 	if err != nil {
 		this.ErrorPage(err)

internal/web/actions/default/clusters/cluster/settings/ddos-protection/index.go

@@ -75,8 +75,12 @@ func (this *IndexAction) RunPost(params struct {
 			this.FailField("tcpMaxConnectionsPerIP", "TCP: 单IP TCP最大连接数不能小于"+types.String(nodeconfigs.DefaultTCPMinConnectionsPerIP))
 		}
 
-		if tcpConfig.NewConnectionsRate > 0 && tcpConfig.NewConnectionsRate < nodeconfigs.DefaultTCPNewConnectionsMinRate {
-			this.FailField("tcpNewConnectionsRate", "TCP: 单IP连接速率不能小于"+types.String(nodeconfigs.DefaultTCPNewConnectionsMinRate))
+		if tcpConfig.NewConnectionsMinutelyRate > 0 && tcpConfig.NewConnectionsMinutelyRate < nodeconfigs.DefaultTCPNewConnectionsMinMinutelyRate {
+			this.FailField("tcpNewConnectionsMinutelyRate", "TCP: 单IP连接速率不能小于"+types.String(nodeconfigs.DefaultTCPNewConnectionsMinMinutelyRate))
+		}
+
+		if tcpConfig.NewConnectionsSecondlyRate > 0 && tcpConfig.NewConnectionsSecondlyRate < nodeconfigs.DefaultTCPNewConnectionsMinSecondlyRate {
+			this.FailField("tcpNewConnectionsSecondlyRate", "TCP: 单IP连接速率不能小于"+types.String(nodeconfigs.DefaultTCPNewConnectionsMinSecondlyRate))
 		}
 
 		// Port

internal/web/actions/default/clusters/cluster/settings/dns/index.go

@@ -6,6 +6,7 @@ import (
 	"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/default/dns/domains/domainutils"
 	"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
 	"github.com/iwind/TeaGo/actions"
+	"github.com/iwind/TeaGo/maps"
 )
 
 type IndexAction struct {
@@ -41,10 +42,23 @@ func (this *IndexAction) RunGet(params struct {
 	this.Data["dnsName"] = dnsInfoResp.Name
 	this.Data["nodesAutoSync"] = dnsInfoResp.NodesAutoSync
 	this.Data["serversAutoSync"] = dnsInfoResp.ServersAutoSync
+
+	var domainProviderMap = maps.Map{
+		"id":   0,
+		"name": "",
+	}
 	if dnsInfoResp.Domain != nil {
 		this.Data["domainId"] = dnsInfoResp.Domain.Id
 		this.Data["domainName"] = dnsInfoResp.Domain.Name
+
+		if dnsInfoResp.Provider != nil {
+			domainProviderMap = maps.Map{
+				"id":   dnsInfoResp.Provider.Id,
+				"name": dnsInfoResp.Provider.Name,
+			}
+		}
 	}
+	this.Data["domainProvider"] = domainProviderMap
 
 	if len(dnsInfoResp.CnameRecords) == 0 {
 		this.Data["cnameRecords"] = []string{}
@@ -53,6 +67,7 @@ func (this *IndexAction) RunGet(params struct {
 	}
 	this.Data["ttl"] = dnsInfoResp.Ttl
 	this.Data["cnameAsDomain"] = dnsInfoResp.CnameAsDomain
+	this.Data["includingLnNodes"] = dnsInfoResp.IncludingLnNodes
 
 	this.Show()
 }
@@ -60,13 +75,14 @@ func (this *IndexAction) RunGet(params struct {
 func (this *IndexAction) RunPost(params struct {
 	ClusterId int64
 
-	DnsDomainId     int64
-	DnsName         string
-	NodesAutoSync   bool
-	ServersAutoSync bool
-	CnameRecords    []string
-	Ttl             int32
-	CnameAsDomain   bool
+	DnsDomainId      int64
+	DnsName          string
+	NodesAutoSync    bool
+	ServersAutoSync  bool
+	CnameRecords     []string
+	Ttl              int32
+	CnameAsDomain    bool
+	IncludingLnNodes bool
 
 	ConfirmResetDomain bool // 是否确认重置域名
 
@@ -107,14 +123,15 @@ func (this *IndexAction) RunPost(params struct {
 	}
 
 	_, err := this.RPC().NodeClusterRPC().UpdateNodeClusterDNS(this.AdminContext(), &pb.UpdateNodeClusterDNSRequest{
-		NodeClusterId:   params.ClusterId,
-		DnsName:         params.DnsName,
-		DnsDomainId:     params.DnsDomainId,
-		NodesAutoSync:   params.NodesAutoSync,
-		ServersAutoSync: params.ServersAutoSync,
-		CnameRecords:    params.CnameRecords,
-		Ttl:             params.Ttl,
-		CnameAsDomain:   params.CnameAsDomain,
+		NodeClusterId:    params.ClusterId,
+		DnsName:          params.DnsName,
+		DnsDomainId:      params.DnsDomainId,
+		NodesAutoSync:    params.NodesAutoSync,
+		ServersAutoSync:  params.ServersAutoSync,
+		CnameRecords:     params.CnameRecords,
+		Ttl:              params.Ttl,
+		CnameAsDomain:    params.CnameAsDomain,
+		IncludingLnNodes: params.IncludingLnNodes,
 	})
 	if err != nil {
 		this.ErrorPage(err)

internal/web/actions/default/clusters/cluster/settings/global-server-config/index.go

@@ -0,0 +1,150 @@
+// Copyright 2022 Liuxiangchao iwind.liu@gmail.com. All rights reserved. Official site: https://goedge.cn .
+
+package globalServerConfig
+
+import (
+	"encoding/json"
+	"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
+	"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
+	"github.com/TeaOSLab/EdgeCommon/pkg/serverconfigs"
+	"github.com/iwind/TeaGo/actions"
+	"github.com/iwind/TeaGo/maps"
+)
+
+type IndexAction struct {
+	actionutils.ParentAction
+}
+
+func (this *IndexAction) Init() {
+	this.Nav("", "setting", "")
+	this.SecondMenu("globalServerConfig")
+}
+
+func (this *IndexAction) RunGet(params struct {
+	ClusterId int64
+}) {
+	configResp, err := this.RPC().NodeClusterRPC().FindNodeClusterGlobalServerConfig(this.AdminContext(), &pb.FindNodeClusterGlobalServerConfigRequest{NodeClusterId: params.ClusterId})
+	if err != nil {
+		this.ErrorPage(err)
+		return
+	}
+
+	var configJSON = configResp.GlobalServerConfigJSON
+	var config = serverconfigs.DefaultGlobalServerConfig()
+	if len(configJSON) > 0 {
+		err = json.Unmarshal(configJSON, config)
+		if err != nil {
+			this.ErrorPage(err)
+			return
+		}
+	}
+	this.Data["config"] = config
+
+	var httpAllDomainMismatchActionContentHTML = ""
+	if config.HTTPAll.DomainMismatchAction != nil {
+		httpAllDomainMismatchActionContentHTML = config.HTTPAll.DomainMismatchAction.Options.GetString("contentHTML")
+	} else {
+		httpAllDomainMismatchActionContentHTML = `<!DOCTYPE html>
+<html lang="en">
+<head>
+<meta charset="UTF-8"/>
+<title>404 not found</title>
+<style>
+	* { font-family: Roboto, system-ui, sans-serif; }
+h3, p { text-align: center; }
+p { color: grey; }
+</style>
+</head>
+<body>
+<h3>Error: 404 Page Not Found</h3>
+<h3>找不到您要访问的页面。</h3>
+
+<p>原因：找不到当前访问域名对应的网站，请联系网站管理员。</p>
+
+</body>
+</html>`
+	}
+	this.Data["httpAllDomainMismatchActionContentHTML"] = httpAllDomainMismatchActionContentHTML
+
+	this.Show()
+}
+
+func (this *IndexAction) RunPost(params struct {
+	ClusterId int64
+
+	HttpAllMatchDomainStrictly             bool
+	HttpAllDomainMismatchActionContentHTML string
+	HttpAllAllowMismatchDomainsJSON        []byte
+	HttpAllAllowNodeIP                     bool
+	HttpAllDefaultDomain                   string
+
+	LogRecordServerError bool
+
+	Must *actions.Must
+	CSRF *actionutils.CSRF
+}) {
+	defer this.CreateLogInfo("修改集群 %d 全局配置", params.ClusterId)
+
+	configResp, err := this.RPC().NodeClusterRPC().FindNodeClusterGlobalServerConfig(this.AdminContext(), &pb.FindNodeClusterGlobalServerConfigRequest{NodeClusterId: params.ClusterId})
+	if err != nil {
+		this.ErrorPage(err)
+		return
+	}
+
+	var configJSON = configResp.GlobalServerConfigJSON
+	var config = serverconfigs.DefaultGlobalServerConfig()
+	if len(configJSON) > 0 {
+		err = json.Unmarshal(configJSON, config)
+		if err != nil {
+			this.ErrorPage(err)
+			return
+		}
+	}
+
+	config.HTTPAll.MatchDomainStrictly = params.HttpAllMatchDomainStrictly
+	config.HTTPAll.DomainMismatchAction = &serverconfigs.DomainMismatchAction{
+		Code: serverconfigs.DomainMismatchActionPage,
+		Options: maps.Map{
+			"statusCode":  404,
+			"contentHTML": params.HttpAllDomainMismatchActionContentHTML,
+		},
+	}
+
+	var allowMismatchDomains = []string{}
+	if len(params.HttpAllAllowMismatchDomainsJSON) > 0 {
+		err = json.Unmarshal(params.HttpAllAllowMismatchDomainsJSON, &allowMismatchDomains)
+		if err != nil {
+			this.ErrorPage(err)
+			return
+		}
+	}
+
+	config.HTTPAll.AllowMismatchDomains = allowMismatchDomains
+	config.HTTPAll.AllowNodeIP = params.HttpAllAllowNodeIP
+	config.HTTPAll.DefaultDomain = params.HttpAllDefaultDomain
+
+	config.Log.RecordServerError = params.LogRecordServerError
+
+	err = config.Init()
+	if err != nil {
+		this.Fail("配置校验失败：" + err.Error())
+		return
+	}
+
+	configJSON, err = json.Marshal(config)
+	if err != nil {
+		this.ErrorPage(err)
+		return
+	}
+
+	_, err = this.RPC().NodeClusterRPC().UpdateNodeClusterGlobalServerConfig(this.AdminContext(), &pb.UpdateNodeClusterGlobalServerConfigRequest{
+		NodeClusterId:          params.ClusterId,
+		GlobalServerConfigJSON: configJSON,
+	})
+	if err != nil {
+		this.ErrorPage(err)
+		return
+	}
+
+	this.Success()
+}

internal/web/actions/default/clusters/cluster/settings/health/checkDomain.go

@@ -0,0 +1,52 @@
+// Copyright 2022 Liuxiangchao iwind.liu@gmail.com. All rights reserved. Official site: https://goedge.cn .
+
+package health
+
+import (
+	"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
+	"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
+	"net"
+	"strings"
+)
+
+type CheckDomainAction struct {
+	actionutils.ParentAction
+}
+
+func (this *CheckDomainAction) RunPost(params struct {
+	Host      string
+	ClusterId int64
+}) {
+	this.Data["isOk"] = true // 默认为TRUE
+
+	var host = params.Host
+	if len(host) > 0 &&
+		!strings.Contains(host, "{") /** 包含变量 **/ {
+		h, _, err := net.SplitHostPort(host)
+		if err == nil && len(h) > 0 {
+			host = h
+		}
+
+		// 是否为IP
+		if net.ParseIP(host) != nil {
+			this.Success()
+			return
+		}
+
+		host = strings.ToLower(host)
+		resp, err := this.RPC().ServerRPC().CheckServerNameDuplicationInNodeCluster(this.AdminContext(), &pb.CheckServerNameDuplicationInNodeClusterRequest{
+			NodeClusterId:   params.ClusterId,
+			ServerNames:     []string{host},
+			SupportWildcard: true,
+		})
+		if err != nil {
+			this.ErrorPage(err)
+			return
+		}
+		if len(resp.DuplicatedServerNames) == 0 {
+			this.Data["isOk"] = false
+		}
+	}
+
+	this.Success()
+}

internal/web/actions/default/clusters/cluster/settings/index.go

@@ -1,6 +1,7 @@
 package settings
 
 import (
+	"encoding/json"
 	"github.com/TeaOSLab/EdgeAdmin/internal/oplogs"
 	"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
 	"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/default/clusters/grants/grantutils"
@@ -65,13 +66,29 @@ func (this *IndexAction) RunGet(params struct {
 	}
 	this.Data["timeZoneLocation"] = nodeconfigs.FindTimeZoneLocation(cluster.TimeZone)
 
+	// 时钟
+	var clockConfig = nodeconfigs.DefaultClockConfig()
+	if len(cluster.ClockJSON) > 0 {
+		err = json.Unmarshal(cluster.ClockJSON, clockConfig)
+		if err != nil {
+			this.ErrorPage(err)
+			return
+		}
+		if clockConfig == nil {
+			clockConfig = nodeconfigs.DefaultClockConfig()
+		}
+	}
+
 	this.Data["cluster"] = maps.Map{
-		"id":             cluster.Id,
-		"name":           cluster.Name,
-		"installDir":     cluster.InstallDir,
-		"timeZone":       cluster.TimeZone,
-		"nodeMaxThreads": cluster.NodeMaxThreads,
-		"autoOpenPorts":  cluster.AutoOpenPorts,
+		"id":                  cluster.Id,
+		"name":                cluster.Name,
+		"installDir":          cluster.InstallDir,
+		"timeZone":            cluster.TimeZone,
+		"nodeMaxThreads":      cluster.NodeMaxThreads,
+		"autoOpenPorts":       cluster.AutoOpenPorts,
+		"clock":               clockConfig,
+		"autoRemoteStart":     cluster.AutoRemoteStart,
+		"autoInstallNftables": cluster.AutoInstallNftables,
 	}
 
 	// 默认值
@@ -84,13 +101,17 @@ func (this *IndexAction) RunGet(params struct {
 
 // RunPost 保存设置
 func (this *IndexAction) RunPost(params struct {
-	ClusterId      int64
-	Name           string
-	GrantId        int64
-	InstallDir     string
-	TimeZone       string
-	NodeMaxThreads int32
-	AutoOpenPorts  bool
+	ClusterId           int64
+	Name                string
+	GrantId             int64
+	InstallDir          string
+	TimeZone            string
+	NodeMaxThreads      int32
+	AutoOpenPorts       bool
+	ClockAutoSync       bool
+	ClockServer         string
+	AutoRemoteStart     bool
+	AutoInstallNftables bool
 
 	Must *actions.Must
 }) {
@@ -108,14 +129,32 @@ func (this *IndexAction) RunPost(params struct {
 			Lte(int64(nodeconfigs.DefaultMaxThreadsMax), "单节点最大线程数最大值不能大于"+types.String(nodeconfigs.DefaultMaxThreadsMax))
 	}
 
-	_, err := this.RPC().NodeClusterRPC().UpdateNodeCluster(this.AdminContext(), &pb.UpdateNodeClusterRequest{
-		NodeClusterId:  params.ClusterId,
-		Name:           params.Name,
-		NodeGrantId:    params.GrantId,
-		InstallDir:     params.InstallDir,
-		TimeZone:       params.TimeZone,
-		NodeMaxThreads: params.NodeMaxThreads,
-		AutoOpenPorts:  params.AutoOpenPorts,
+	var clockConfig = nodeconfigs.DefaultClockConfig()
+	clockConfig.AutoSync = params.ClockAutoSync
+	clockConfig.Server = params.ClockServer
+	clockConfigJSON, err := json.Marshal(clockConfig)
+	if err != nil {
+		this.ErrorPage(err)
+		return
+	}
+
+	err = clockConfig.Init()
+	if err != nil {
+		this.ErrorPage(err)
+		return
+	}
+
+	_, err = this.RPC().NodeClusterRPC().UpdateNodeCluster(this.AdminContext(), &pb.UpdateNodeClusterRequest{
+		NodeClusterId:       params.ClusterId,
+		Name:                params.Name,
+		NodeGrantId:         params.GrantId,
+		InstallDir:          params.InstallDir,
+		TimeZone:            params.TimeZone,
+		NodeMaxThreads:      params.NodeMaxThreads,
+		AutoOpenPorts:       params.AutoOpenPorts,
+		ClockJSON:           clockConfigJSON,
+		AutoRemoteStart:     params.AutoRemoteStart,
+		AutoInstallNftables: params.AutoInstallNftables,
 	})
 	if err != nil {
 		this.ErrorPage(err)

internal/web/actions/default/clusters/cluster/settings/init.go

@@ -6,6 +6,7 @@ import (
 	ddosProtection "github.com/TeaOSLab/EdgeAdmin/internal/web/actions/default/clusters/cluster/settings/ddos-protection"
 	"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/default/clusters/cluster/settings/dns"
 	firewallActions "github.com/TeaOSLab/EdgeAdmin/internal/web/actions/default/clusters/cluster/settings/firewall-actions"
+	globalServerConfig "github.com/TeaOSLab/EdgeAdmin/internal/web/actions/default/clusters/cluster/settings/global-server-config"
 	"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/default/clusters/cluster/settings/health"
 	"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/default/clusters/cluster/settings/metrics"
 	"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/default/clusters/cluster/settings/services"
@@ -28,6 +29,7 @@ func init() {
 			// 健康检查
 			GetPost("/health", new(health.IndexAction)).
 			GetPost("/health/runPopup", new(health.RunPopupAction)).
+			Post("/health/checkDomain", new(health.CheckDomainAction)).
 
 			// 缓存
 			GetPost("/cache", new(cache.IndexAction)).
@@ -71,6 +73,10 @@ func init() {
 			GetPost("", new(ddosProtection.IndexAction)).
 			GetPost("/status", new(ddosProtection.StatusAction)).
 
+			// 全局服务配置
+			Prefix("/clusters/cluster/settings/global-server-config").
+			GetPost("", new(globalServerConfig.IndexAction)).
+
 			//
 			EndAll()
 	})

internal/web/actions/default/clusters/clusterutils/cluster_helper.go

@@ -153,6 +153,12 @@ func (this *ClusterHelper) createSettingMenu(cluster *pb.NodeCluster, info *pb.F
 		"isOn":     info != nil && info.HasDDoSProtection,
 	})
 
+	items = append(items, maps.Map{
+		"name":     "服务设置",
+		"url":      "/clusters/cluster/settings/global-server-config?clusterId=" + clusterId,
+		"isActive": selectedItem == "globalServerConfig",
+	})
+
 	items = append(items, maps.Map{
 		"name": "-",
 	})

internal/web/actions/default/clusters/clusterutils/installer.go

@@ -0,0 +1,66 @@
+// Copyright 2022 Liuxiangchao iwind.liu@gmail.com. All rights reserved. Official site: https://goedge.cn .
+
+package clusterutils
+
+import (
+	teaconst "github.com/TeaOSLab/EdgeAdmin/internal/const"
+	"github.com/iwind/TeaGo/Tea"
+	"path/filepath"
+	"regexp"
+	"sort"
+	"strings"
+)
+
+type installerFile struct {
+	Name    string `json:"name"`
+	OS      string `json:"os"`
+	Arch    string `json:"arch"`
+	Version string `json:"version"`
+}
+
+func ListInstallerFiles() []*installerFile {
+	var dir = Tea.Root + "/edge-api/deploy"
+	matches, err := filepath.Glob(dir + "/edge-node-*.zip")
+	if err != nil {
+		return nil
+	}
+
+	var result = []*installerFile{}
+	var reg = regexp.MustCompile(`^edge-node-(\w+)-(\w+)-v([\w.]+)\.zip$`)
+	for _, match := range matches {
+		var baseName = filepath.Base(match)
+		var subMatches = reg.FindStringSubmatch(baseName)
+		if len(subMatches) >= 4 {
+			var osName = subMatches[1]
+			if len(osName) > 0 {
+				osName = strings.ToUpper(osName[:1]) + osName[1:]
+			}
+
+			var arch = subMatches[2]
+			if arch == "amd64" {
+				arch = "x86_64"
+			}
+
+			var version = subMatches[3]
+			if version != teaconst.Version { // 只能下载当前版本
+				continue
+			}
+
+			result = append(result, &installerFile{
+				Name:    subMatches[0],
+				OS:      osName,
+				Arch:    arch,
+				Version: version,
+			})
+		}
+	}
+
+	// 排序，将x86_64排在最上面
+	if len(result) > 0 {
+		sort.Slice(result, func(i, j int) bool {
+			return result[i].Arch == "x86_64"
+		})
+	}
+
+	return result
+}

internal/web/actions/default/clusters/create.go

@@ -7,6 +7,7 @@ import (
 	"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/default/dns/domains/domainutils"
 	"github.com/TeaOSLab/EdgeCommon/pkg/nodeconfigs"
 	"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
+	"github.com/TeaOSLab/EdgeCommon/pkg/serverconfigs"
 	"github.com/iwind/TeaGo/actions"
 )
 
@@ -55,14 +56,19 @@ func (this *CreateAction) RunPost(params struct {
 	// WAF策略
 	HttpFirewallPolicyId int64
 
+	// 服务配置
+	MatchDomainStrictly bool
+
 	// SSH相关
-	GrantId            int64
-	InstallDir         string
-	SystemdServiceIsOn bool
+	GrantId             int64
+	InstallDir          string
+	SystemdServiceIsOn  bool
+	AutoInstallNftables bool
 
 	// DNS相关
 	DnsDomainId int64
 	DnsName     string
+	DnsTTL      int32
 
 	Must *actions.Must
 }) {
@@ -92,8 +98,17 @@ func (this *CreateAction) RunPost(params struct {
 
 	// TODO 检查DnsDomainId的有效性
 
+	// 全局服务配置
+	var globalServerConfig = serverconfigs.DefaultGlobalServerConfig()
+	globalServerConfig.HTTPAll.MatchDomainStrictly = params.MatchDomainStrictly
+	globalServerConfigJSON, err := json.Marshal(globalServerConfig)
+	if err != nil {
+		this.ErrorPage(err)
+		return
+	}
+
 	// 系统服务
-	systemServices := map[string]interface{}{}
+	var systemServices = map[string]any{}
 	if params.SystemdServiceIsOn {
 		systemServices[nodeconfigs.SystemServiceTypeSystemd] = &nodeconfigs.SystemdServiceConfig{
 			IsOn: true,
@@ -106,14 +121,17 @@ func (this *CreateAction) RunPost(params struct {
 	}
 
 	createResp, err := this.RPC().NodeClusterRPC().CreateNodeCluster(this.AdminContext(), &pb.CreateNodeClusterRequest{
-		Name:                 params.Name,
-		NodeGrantId:          params.GrantId,
-		InstallDir:           params.InstallDir,
-		DnsDomainId:          params.DnsDomainId,
-		DnsName:              params.DnsName,
-		HttpCachePolicyId:    params.CachePolicyId,
-		HttpFirewallPolicyId: params.HttpFirewallPolicyId,
-		SystemServicesJSON:   systemServicesJSON,
+		Name:                   params.Name,
+		NodeGrantId:            params.GrantId,
+		InstallDir:             params.InstallDir,
+		DnsDomainId:            params.DnsDomainId,
+		DnsName:                params.DnsName,
+		DnsTTL:                 params.DnsTTL,
+		HttpCachePolicyId:      params.CachePolicyId,
+		HttpFirewallPolicyId:   params.HttpFirewallPolicyId,
+		SystemServicesJSON:     systemServicesJSON,
+		GlobalServerConfigJSON: globalServerConfigJSON,
+		AutoInstallNftables:    params.AutoInstallNftables,
 	})
 	if err != nil {
 		this.ErrorPage(err)

internal/web/actions/default/clusters/logs/fix.go

@@ -4,6 +4,7 @@ package logs
 
 import (
 	"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
+	"github.com/TeaOSLab/EdgeAdmin/internal/web/helpers"
 	"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
 	"github.com/iwind/TeaGo/types"
 	"strings"
@@ -29,5 +30,8 @@ func (this *FixAction) RunPost(params struct {
 		return
 	}
 
+	// 通知左侧数字Badge更新
+	helpers.NotifyNodeLogsCountChange()
+
 	this.Success()
 }

internal/web/actions/default/clusters/logs/fixAll.go

@@ -4,6 +4,7 @@ package logs
 
 import (
 	"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
+	"github.com/TeaOSLab/EdgeAdmin/internal/web/helpers"
 	"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
 )
 
@@ -21,5 +22,8 @@ func (this *FixAllAction) RunPost(params struct {
 		return
 	}
 
+	// 通知左侧数字Badge更新
+	helpers.NotifyNodeLogsCountChange()
+
 	this.Success()
 }

internal/web/actions/default/clusters/logs/index.go

@@ -120,6 +120,8 @@ func (this *IndexAction) RunGet(params struct {
 		return
 	}
 
+	var firstUnreadNodeMap maps.Map = nil
+
 	var logs = []maps.Map{}
 	for _, log := range logsResp.NodeLogs {
 		// 节点信息
@@ -132,6 +134,13 @@ func (this *IndexAction) RunGet(params struct {
 			continue
 		}
 
+		if params.Type == "unread" && firstUnreadNodeMap == nil {
+			firstUnreadNodeMap = maps.Map{
+				"id":   node.Id,
+				"name": node.Name,
+			}
+		}
+
 		// 服务信息
 		var serverMap = maps.Map{"id": 0}
 		if log.ServerId > 0 {
@@ -174,5 +183,7 @@ func (this *IndexAction) RunGet(params struct {
 	}
 	this.Data["logs"] = logs
 
+	this.Data["firstUnreadNode"] = firstUnreadNodeMap
+
 	this.Show()
 }

internal/web/actions/default/clusters/logs/readAllLogs.go

@@ -4,6 +4,7 @@ package logs
 
 import (
 	"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
+	"github.com/TeaOSLab/EdgeAdmin/internal/web/helpers"
 	"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
 )
 
@@ -20,5 +21,8 @@ func (this *ReadAllLogsAction) RunPost(params struct {
 		return
 	}
 
+	// 通知左侧数字Badge更新
+	helpers.NotifyNodeLogsCountChange()
+
 	this.Success()
 }

internal/web/actions/default/clusters/logs/readLogs.go

@@ -4,6 +4,8 @@ package logs
 
 import (
 	"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
+	"github.com/TeaOSLab/EdgeAdmin/internal/web/helpers"
+	"github.com/TeaOSLab/EdgeCommon/pkg/nodeconfigs"
 	"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
 )
 
@@ -13,14 +15,21 @@ type ReadLogsAction struct {
 
 func (this *ReadLogsAction) RunPost(params struct {
 	LogIds []int64
+
+	NodeId int64
 }) {
 	_, err := this.RPC().NodeLogRPC().UpdateNodeLogsRead(this.AdminContext(), &pb.UpdateNodeLogsReadRequest{
 		NodeLogIds: params.LogIds,
+		NodeId:     params.NodeId,
+		Role:       nodeconfigs.NodeRoleNode,
 	})
 	if err != nil {
 		this.ErrorPage(err)
 		return
 	}
 
+	// 通知左侧数字Badge更新
+	helpers.NotifyNodeLogsCountChange()
+
 	this.Success()
 }

internal/web/actions/default/clusters/regions/items/updatePopup.go

@@ -48,7 +48,7 @@ func (this *UpdatePopupAction) RunPost(params struct {
 	Must *actions.Must
 	CSRF *actionutils.CSRF
 }) {
-	defer this.CreateLogInfo("修改流量价格项目", params.ItemId)
+	defer this.CreateLogInfo("修改流量价格项目 %d", params.ItemId)
 
 	params.Must.
 		Field("name", params.Name).

internal/web/actions/default/dashboard/index.go

@@ -9,6 +9,7 @@ import (
 	"github.com/TeaOSLab/EdgeAdmin/internal/utils/numberutils"
 	"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
 	"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/default/dashboard/dashboardutils"
+	"github.com/TeaOSLab/EdgeAdmin/internal/web/helpers"
 	"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
 	"github.com/TeaOSLab/EdgeCommon/pkg/serverconfigs"
 	"github.com/iwind/TeaGo/maps"
@@ -25,6 +26,10 @@ func (this *IndexAction) Init() {
 }
 
 func (this *IndexAction) RunGet(params struct{}) {
+	// 通知菜单数字Badge更新
+	helpers.NotifyIPItemsCountChanges()
+	helpers.NotifyNodeLogsCountChange()
+
 	if teaconst.IsPlus {
 		this.RedirectURL("/dashboard/boards")
 		return

internal/web/actions/default/dns/domainOptions.go

@@ -14,7 +14,7 @@ type DomainOptionsAction struct {
 func (this *DomainOptionsAction) RunPost(params struct {
 	ProviderId int64
 }) {
-	domainsResp, err := this.RPC().DNSDomainRPC().FindAllEnabledBasicDNSDomainsWithDNSProviderId(this.AdminContext(), &pb.FindAllEnabledBasicDNSDomainsWithDNSProviderIdRequest{
+	domainsResp, err := this.RPC().DNSDomainRPC().FindAllBasicDNSDomainsWithDNSProviderId(this.AdminContext(), &pb.FindAllBasicDNSDomainsWithDNSProviderIdRequest{
 		DnsProviderId: params.ProviderId,
 	})
 	if err != nil {

internal/web/actions/default/dns/domains/clustersPopup.go

@@ -18,7 +18,7 @@ func (this *ClustersPopupAction) RunGet(params struct {
 	DomainId int64
 }) {
 	// 域名信息
-	domainResp, err := this.RPC().DNSDomainRPC().FindEnabledBasicDNSDomain(this.AdminContext(), &pb.FindEnabledBasicDNSDomainRequest{
+	domainResp, err := this.RPC().DNSDomainRPC().FindBasicDNSDomain(this.AdminContext(), &pb.FindBasicDNSDomainRequest{
 		DnsDomainId: params.DomainId,
 	})
 	if err != nil {

internal/web/actions/default/dns/domains/domainutils/utils.go

@@ -17,9 +17,9 @@ func ValidateDomainFormat(domain string) bool {
 		if piece == "-" ||
 			strings.HasPrefix(piece, "-") ||
 			strings.HasSuffix(piece, "-") ||
-			//strings.Contains(piece, "--") ||
 			len(piece) > 63 ||
-			!regexp.MustCompile(`^[a-z0-9-]+$`).MatchString(piece) {
+			// 我们允许中文、大写字母、下划线，防止有些特殊场景下需要
+			!regexp.MustCompile(`^[\p{Han}_a-zA-Z0-9-]+$`).MatchString(piece) {
 			return false
 		}
 	}
@@ -77,7 +77,8 @@ func ValidateRecordName(name string) bool {
 			strings.HasSuffix(piece, "-") ||
 			//strings.Contains(piece, "--") ||
 			len(piece) > 63 ||
-			!regexp.MustCompile(`^[_a-z0-9-]+$`).MatchString(piece) {
+			// 我们允许中文、大写字母、下划线，防止有些特殊场景下需要
+			!regexp.MustCompile(`^[\p{Han}_a-zA-Z0-9-]+$`).MatchString(piece) {
 			return false
 		}
 	}

internal/web/actions/default/dns/domains/nodesPopup.go

@@ -19,7 +19,7 @@ func (this *NodesPopupAction) RunGet(params struct {
 	DomainId int64
 }) {
 	// 域名信息
-	domainResp, err := this.RPC().DNSDomainRPC().FindEnabledBasicDNSDomain(this.AdminContext(), &pb.FindEnabledBasicDNSDomainRequest{
+	domainResp, err := this.RPC().DNSDomainRPC().FindBasicDNSDomain(this.AdminContext(), &pb.FindBasicDNSDomainRequest{
 		DnsDomainId: params.DomainId,
 	})
 	if err != nil {

internal/web/actions/default/dns/domains/selectPopup.go

@@ -25,12 +25,12 @@ func (this *SelectPopupAction) RunGet(params struct {
 
 	// 域名信息
 	if params.DomainId > 0 {
-		domainResp, err := this.RPC().DNSDomainRPC().FindEnabledDNSDomain(this.AdminContext(), &pb.FindEnabledDNSDomainRequest{DnsDomainId: params.DomainId})
+		domainResp, err := this.RPC().DNSDomainRPC().FindDNSDomain(this.AdminContext(), &pb.FindDNSDomainRequest{DnsDomainId: params.DomainId})
 		if err != nil {
 			this.ErrorPage(err)
 			return
 		}
-		domain := domainResp.DnsDomain
+		var domain = domainResp.DnsDomain
 		if domain != nil {
 			this.Data["domainId"] = domain.Id
 			this.Data["domainName"] = domain.Name
@@ -53,7 +53,7 @@ func (this *SelectPopupAction) RunGet(params struct {
 		this.ErrorPage(err)
 		return
 	}
-	providerTypeMaps := []maps.Map{}
+	var providerTypeMaps = []maps.Map{}
 	for _, providerType := range providerTypesResp.ProviderTypes {
 		providerTypeMaps = append(providerTypeMaps, maps.Map{
 			"name": providerType.Name,
@@ -73,15 +73,29 @@ func (this *SelectPopupAction) RunPost(params struct {
 }) {
 	this.Data["domainId"] = params.DomainId
 	this.Data["domainName"] = ""
+	this.Data["providerName"] = ""
 
 	if params.DomainId > 0 {
-		domainResp, err := this.RPC().DNSDomainRPC().FindEnabledDNSDomain(this.AdminContext(), &pb.FindEnabledDNSDomainRequest{DnsDomainId: params.DomainId})
+		domainResp, err := this.RPC().DNSDomainRPC().FindDNSDomain(this.AdminContext(), &pb.FindDNSDomainRequest{DnsDomainId: params.DomainId})
 		if err != nil {
 			this.ErrorPage(err)
 			return
 		}
 		if domainResp.DnsDomain != nil {
 			this.Data["domainName"] = domainResp.DnsDomain.Name
+
+			// 服务商名称
+			var providerId = domainResp.DnsDomain.ProviderId
+			if providerId > 0 {
+				providerResp, err := this.RPC().DNSProviderRPC().FindEnabledDNSProvider(this.AdminContext(), &pb.FindEnabledDNSProviderRequest{DnsProviderId: providerId})
+				if err != nil {
+					this.ErrorPage(err)
+					return
+				}
+				if providerResp.DnsProvider != nil {
+					this.Data["providerName"] = providerResp.DnsProvider.Name
+				}
+			}
 		} else {
 			this.Data["domainId"] = 0
 		}

internal/web/actions/default/dns/domains/serversPopup.go

@@ -18,7 +18,7 @@ func (this *ServersPopupAction) RunGet(params struct {
 	DomainId int64
 }) {
 	// 域名信息
-	domainResp, err := this.RPC().DNSDomainRPC().FindEnabledBasicDNSDomain(this.AdminContext(), &pb.FindEnabledBasicDNSDomainRequest{
+	domainResp, err := this.RPC().DNSDomainRPC().FindBasicDNSDomain(this.AdminContext(), &pb.FindBasicDNSDomainRequest{
 		DnsDomainId: params.DomainId,
 	})
 	if err != nil {

internal/web/actions/default/dns/domains/updatePopup.go

@@ -21,7 +21,7 @@ func (this *UpdatePopupAction) Init() {
 func (this *UpdatePopupAction) RunGet(params struct {
 	DomainId int64
 }) {
-	domainResp, err := this.RPC().DNSDomainRPC().FindEnabledDNSDomain(this.AdminContext(), &pb.FindEnabledDNSDomainRequest{DnsDomainId: params.DomainId})
+	domainResp, err := this.RPC().DNSDomainRPC().FindDNSDomain(this.AdminContext(), &pb.FindDNSDomainRequest{DnsDomainId: params.DomainId})
 	if err != nil {
 		this.ErrorPage(err)
 		return

internal/web/actions/default/dns/index.go

@@ -47,7 +47,7 @@ func (this *IndexAction) RunGet(params struct {
 		providerTypeName := ""
 
 		if cluster.DnsDomainId > 0 {
-			domainResp, err := this.RPC().DNSDomainRPC().FindEnabledBasicDNSDomain(this.AdminContext(), &pb.FindEnabledBasicDNSDomainRequest{DnsDomainId: domainId})
+			domainResp, err := this.RPC().DNSDomainRPC().FindBasicDNSDomain(this.AdminContext(), &pb.FindBasicDNSDomainRequest{DnsDomainId: domainId})
 			if err != nil {
 				this.ErrorPage(err)
 				return

internal/web/actions/default/dns/providers/createPopup.go

@@ -73,6 +73,12 @@ func (this *CreatePopupAction) RunPost(params struct {
 	ParamCustomHTTPURL    string
 	ParamCustomHTTPSecret string
 
+	// EdgeDNS API
+	ParamEdgeDNSAPIRole            string
+	ParamEdgeDNSAPIHost            string
+	ParamEdgeDNSAPIAccessKeyId     string
+	ParamEdgeDNSAPIAccessKeySecret string
+
 	Must *actions.Must
 	CSRF *actionutils.CSRF
 }) {
@@ -121,6 +127,20 @@ func (this *CreatePopupAction) RunPost(params struct {
 			Email("请输入正确格式的邮箱地址")
 		apiParams["apiKey"] = params.ParamCloudFlareAPIKey
 		apiParams["email"] = params.ParamCloudFlareEmail
+	case "edgeDNSAPI":
+		params.Must.
+			Field("paramEdgeDNSAPIHost", params.ParamEdgeDNSAPIHost).
+			Require("请输入API地址").
+			Field("paramEdgeDNSAPIRole", params.ParamEdgeDNSAPIRole).
+			Require("请选择AccessKey类型").
+			Field("paramEdgeDNSAPIAccessKeyId", params.ParamEdgeDNSAPIAccessKeyId).
+			Require("请输入AccessKey ID").
+			Field("paramEdgeDNSAPIAccessKeySecret", params.ParamEdgeDNSAPIAccessKeySecret).
+			Require("请输入AccessKey密钥")
+		apiParams["host"] = params.ParamEdgeDNSAPIHost
+		apiParams["role"] = params.ParamEdgeDNSAPIRole
+		apiParams["accessKeyId"] = params.ParamEdgeDNSAPIAccessKeyId
+		apiParams["accessKeySecret"] = params.ParamEdgeDNSAPIAccessKeySecret
 	case "customHTTP":
 		params.Must.
 			Field("paramCustomHTTPURL", params.ParamCustomHTTPURL).

internal/web/actions/default/dns/providers/index.go

@@ -65,7 +65,7 @@ func (this *IndexAction) RunGet(params struct {
 		}
 
 		// 域名
-		countDomainsResp, err := this.RPC().DNSDomainRPC().CountAllEnabledDNSDomainsWithDNSProviderId(this.AdminContext(), &pb.CountAllEnabledDNSDomainsWithDNSProviderIdRequest{
+		countDomainsResp, err := this.RPC().DNSDomainRPC().CountAllDNSDomainsWithDNSProviderId(this.AdminContext(), &pb.CountAllDNSDomainsWithDNSProviderIdRequest{
 			DnsProviderId: provider.Id,
 		})
 		if err != nil {

internal/web/actions/default/dns/providers/provider.go

@@ -18,19 +18,24 @@ func (this *ProviderAction) Init() {
 
 func (this *ProviderAction) RunGet(params struct {
 	ProviderId int64
+	Page       int
+	Filter     string
 }) {
+	this.Data["pageNo"] = params.Page
+	this.Data["filter"] = params.Filter
+
 	providerResp, err := this.RPC().DNSProviderRPC().FindEnabledDNSProvider(this.AdminContext(), &pb.FindEnabledDNSProviderRequest{DnsProviderId: params.ProviderId})
 	if err != nil {
 		this.ErrorPage(err)
 		return
 	}
-	provider := providerResp.DnsProvider
+	var provider = providerResp.DnsProvider
 	if provider == nil {
 		this.NotFound("dnsProvider", params.ProviderId)
 		return
 	}
 
-	apiParams := maps.Map{}
+	var apiParams = maps.Map{}
 	if len(provider.ApiParamsJSON) > 0 {
 		err = json.Unmarshal(provider.ApiParamsJSON, &apiParams)
 		if err != nil {
@@ -55,13 +60,33 @@ func (this *ProviderAction) RunGet(params struct {
 		"localEdgeDNS": localEdgeDNSMap,
 	}
 
-	// 域名
-	domainsResp, err := this.RPC().DNSDomainRPC().FindAllEnabledDNSDomainsWithDNSProviderId(this.AdminContext(), &pb.FindAllEnabledDNSDomainsWithDNSProviderIdRequest{DnsProviderId: provider.Id})
+	// 域名数量
+	countDomainsResp, err := this.RPC().DNSDomainRPC().CountAllDNSDomainsWithDNSProviderId(this.AdminContext(), &pb.CountAllDNSDomainsWithDNSProviderIdRequest{
+		DnsProviderId: params.ProviderId,
+		IsDeleted:     params.Filter == "deleted",
+		IsDown:        params.Filter == "down",
+	})
 	if err != nil {
 		this.ErrorPage(err)
 		return
 	}
-	domainMaps := []maps.Map{}
+	var countDomains = countDomainsResp.Count
+	var page = this.NewPage(countDomains)
+	this.Data["page"] = page.AsHTML()
+
+	// 域名
+	domainsResp, err := this.RPC().DNSDomainRPC().ListBasicDNSDomainsWithDNSProviderId(this.AdminContext(), &pb.ListBasicDNSDomainsWithDNSProviderIdRequest{
+		DnsProviderId: params.ProviderId,
+		IsDeleted:     params.Filter == "deleted",
+		IsDown:        params.Filter == "down",
+		Offset:        page.Offset,
+		Size:          page.Size,
+	})
+	if err != nil {
+		this.ErrorPage(err)
+		return
+	}
+	var domainMaps = []maps.Map{}
 	for _, domain := range domainsResp.DnsDomains {
 		dataUpdatedTime := ""
 		if domain.DataUpdatedAt > 0 {

internal/web/actions/default/dns/providers/updatePopup.go

@@ -100,6 +100,12 @@ func (this *UpdatePopupAction) RunPost(params struct {
 	ParamCustomHTTPURL    string
 	ParamCustomHTTPSecret string
 
+	// EdgeDNS API
+	ParamEdgeDNSAPIHost            string
+	ParamEdgeDNSAPIRole            string
+	ParamEdgeDNSAPIAccessKeyId     string
+	ParamEdgeDNSAPIAccessKeySecret string
+
 	Must *actions.Must
 	CSRF *actionutils.CSRF
 }) {
@@ -150,6 +156,20 @@ func (this *UpdatePopupAction) RunPost(params struct {
 			Email("请输入正确格式的邮箱地址")
 		apiParams["apiKey"] = params.ParamCloudFlareAPIKey
 		apiParams["email"] = params.ParamCloudFlareEmail
+	case "edgeDNSAPI":
+		params.Must.
+			Field("paramEdgeDNSAPIHost", params.ParamEdgeDNSAPIHost).
+			Require("请输入API地址").
+			Field("paramEdgeDNSAPIRole", params.ParamEdgeDNSAPIRole).
+			Require("请选择AccessKey类型").
+			Field("paramEdgeDNSAPIAccessKeyId", params.ParamEdgeDNSAPIAccessKeyId).
+			Require("请输入AccessKey ID").
+			Field("paramEdgeDNSAPIAccessKeySecret", params.ParamEdgeDNSAPIAccessKeySecret).
+			Require("请输入AccessKey密钥")
+		apiParams["host"] = params.ParamEdgeDNSAPIHost
+		apiParams["role"] = params.ParamEdgeDNSAPIRole
+		apiParams["accessKeyId"] = params.ParamEdgeDNSAPIAccessKeyId
+		apiParams["accessKeySecret"] = params.ParamEdgeDNSAPIAccessKeySecret
 	case "customHTTP":
 		params.Must.
 			Field("paramCustomHTTPURL", params.ParamCustomHTTPURL).

internal/web/actions/default/dns/updateClusterPopup.go

@@ -23,36 +23,38 @@ func (this *UpdateClusterPopupAction) RunGet(params struct {
 }) {
 	this.Data["clusterId"] = params.ClusterId
 
-	dnsResp, err := this.RPC().NodeClusterRPC().FindEnabledNodeClusterDNS(this.AdminContext(), &pb.FindEnabledNodeClusterDNSRequest{NodeClusterId: params.ClusterId})
+	dnsInfoResp, err := this.RPC().NodeClusterRPC().FindEnabledNodeClusterDNS(this.AdminContext(), &pb.FindEnabledNodeClusterDNSRequest{NodeClusterId: params.ClusterId})
 	if err != nil {
 		this.ErrorPage(err)
 		return
 	}
-	this.Data["dnsName"] = dnsResp.Name
-	this.Data["nodesAutoSync"] = dnsResp.NodesAutoSync
-	this.Data["serversAutoSync"] = dnsResp.ServersAutoSync
-	if dnsResp.Domain != nil {
-		this.Data["domainId"] = dnsResp.Domain.Id
-		this.Data["domain"] = dnsResp.Domain.Name
+	this.Data["dnsName"] = dnsInfoResp.Name
+	this.Data["nodesAutoSync"] = dnsInfoResp.NodesAutoSync
+	this.Data["serversAutoSync"] = dnsInfoResp.ServersAutoSync
+	if dnsInfoResp.Domain != nil {
+		this.Data["domainId"] = dnsInfoResp.Domain.Id
+		this.Data["domain"] = dnsInfoResp.Domain.Name
 	} else {
 		this.Data["domainId"] = 0
 		this.Data["domain"] = ""
 	}
-	if dnsResp.Provider != nil {
-		this.Data["providerType"] = dnsResp.Provider.Type
-		this.Data["providerId"] = dnsResp.Provider.Id
+	if dnsInfoResp.Provider != nil {
+		this.Data["providerType"] = dnsInfoResp.Provider.Type
+		this.Data["providerId"] = dnsInfoResp.Provider.Id
 	} else {
 		this.Data["providerType"] = ""
 		this.Data["providerId"] = 0
 	}
 
-	if len(dnsResp.CnameRecords) == 0 {
+	if len(dnsInfoResp.CnameRecords) == 0 {
 		this.Data["cnameRecords"] = []string{}
 	} else {
-		this.Data["cnameRecords"] = dnsResp.CnameRecords
+		this.Data["cnameRecords"] = dnsInfoResp.CnameRecords
 	}
 
-	this.Data["ttl"] = dnsResp.Ttl
+	this.Data["ttl"] = dnsInfoResp.Ttl
+	this.Data["cnameAsDomain"] = dnsInfoResp.CnameAsDomain
+	this.Data["includingLnNodes"] = dnsInfoResp.IncludingLnNodes
 
 	// 所有服务商
 	providerTypesResp, err := this.RPC().DNSProviderRPC().FindAllDNSProviderTypes(this.AdminContext(), &pb.FindAllDNSProviderTypesRequest{})
@@ -73,13 +75,15 @@ func (this *UpdateClusterPopupAction) RunGet(params struct {
 }
 
 func (this *UpdateClusterPopupAction) RunPost(params struct {
-	ClusterId       int64
-	DnsName         string
-	DomainId        int64
-	NodesAutoSync   bool
-	ServersAutoSync bool
-	CnameRecords    []string
-	Ttl             int32
+	ClusterId        int64
+	DnsName          string
+	DomainId         int64
+	NodesAutoSync    bool
+	ServersAutoSync  bool
+	CnameRecords     []string
+	Ttl              int32
+	CnameAsDomain    bool
+	IncludingLnNodes bool
 
 	Must *actions.Must
 	CSRF *actionutils.CSRF
@@ -108,13 +112,15 @@ func (this *UpdateClusterPopupAction) RunPost(params struct {
 	}
 
 	_, err = this.RPC().NodeClusterRPC().UpdateNodeClusterDNS(this.AdminContext(), &pb.UpdateNodeClusterDNSRequest{
-		NodeClusterId:   params.ClusterId,
-		DnsName:         params.DnsName,
-		DnsDomainId:     params.DomainId,
-		NodesAutoSync:   params.NodesAutoSync,
-		ServersAutoSync: params.ServersAutoSync,
-		CnameRecords:    params.CnameRecords,
-		Ttl:             params.Ttl,
+		NodeClusterId:    params.ClusterId,
+		DnsName:          params.DnsName,
+		DnsDomainId:      params.DomainId,
+		NodesAutoSync:    params.NodesAutoSync,
+		ServersAutoSync:  params.ServersAutoSync,
+		CnameRecords:     params.CnameRecords,
+		Ttl:              params.Ttl,
+		CnameAsDomain:    params.CnameAsDomain,
+		IncludingLnNodes: params.IncludingLnNodes,
 	})
 	if err != nil {
 		this.ErrorPage(err)

internal/web/actions/default/index/index.go

@@ -58,7 +58,7 @@ func (this *IndexAction) RunGet(params struct {
 	this.Data["isUser"] = false
 	this.Data["menu"] = "signIn"
 
-	timestamp := fmt.Sprintf("%d", time.Now().Unix())
+	var timestamp = fmt.Sprintf("%d", time.Now().Unix())
 	this.Data["token"] = stringutil.Md5(TokenSalt+timestamp) + timestamp
 	this.Data["from"] = params.From
 
@@ -111,11 +111,11 @@ func (this *IndexAction) RunPost(params struct {
 	if len(params.Token) <= 32 {
 		this.Fail("请通过登录页面登录")
 	}
-	timestampString := params.Token[32:]
+	var timestampString = params.Token[32:]
 	if stringutil.Md5(TokenSalt+timestampString) != params.Token[:32] {
 		this.FailField("refresh", "登录页面已过期，请刷新后重试")
 	}
-	timestamp := types.Int64(timestampString)
+	var timestamp = types.Int64(timestampString)
 	if timestamp < time.Now().Unix()-1800 {
 		this.FailField("refresh", "登录页面已过期，请刷新后重试")
 	}
@@ -157,7 +157,7 @@ func (this *IndexAction) RunPost(params struct {
 		return
 	}
 	if otpLoginResp.Login != nil && otpLoginResp.Login.IsOn {
-		loginParams := maps.Map{}
+		var loginParams = maps.Map{}
 		err = json.Unmarshal(otpLoginResp.Login.ParamsJSON, &loginParams)
 		if err != nil {
 			this.ErrorPage(err)
@@ -169,7 +169,7 @@ func (this *IndexAction) RunPost(params struct {
 		}
 	}
 
-	adminId := resp.AdminId
+	var adminId = resp.AdminId
 	params.Auth.StoreAdmin(adminId, params.Remember)
 
 	// 记录日志

internal/web/actions/default/log/exportExcel.go

@@ -4,7 +4,6 @@ import (
 	"bytes"
 	"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
 	"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
-	"github.com/iwind/TeaGo/lists"
 	timeutil "github.com/iwind/TeaGo/utils/time"
 	"github.com/tealeg/xlsx/v3"
 	"strconv"
@@ -69,17 +68,13 @@ func (this *ExportExcelAction) RunGet(params struct {
 			return
 		}
 		if regionResp.IpRegion != nil {
-			pieces := []string{}
-			if len(regionResp.IpRegion.Country) > 0 {
-				pieces = append(pieces, regionResp.IpRegion.Country)
+			regionName = regionResp.IpRegion.Summary
+
+			// remove isp from regionName
+			var index = strings.LastIndex(regionName, "|")
+			if index > 0 {
+				regionName = regionName[:index]
 			}
-			if len(regionResp.IpRegion.Province) > 0 && !lists.ContainsString(pieces, regionResp.IpRegion.Province) {
-				pieces = append(pieces, regionResp.IpRegion.Province)
-			}
-			if len(regionResp.IpRegion.City) > 0 && !lists.ContainsString(pieces, regionResp.IpRegion.City) && !lists.ContainsString(pieces, strings.TrimSuffix(regionResp.IpRegion.Province, "市")) {
-				pieces = append(pieces, regionResp.IpRegion.City)
-			}
-			regionName = strings.Join(pieces, " ")
 
 			if len(regionResp.IpRegion.Isp) > 0 {
 				ispName = regionResp.IpRegion.Isp

internal/web/actions/default/log/index.go

@@ -4,10 +4,8 @@ import (
 	"github.com/TeaOSLab/EdgeAdmin/internal/configloaders"
 	"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
 	"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
-	"github.com/iwind/TeaGo/lists"
 	"github.com/iwind/TeaGo/maps"
 	timeutil "github.com/iwind/TeaGo/utils/time"
-	"strings"
 )
 
 type IndexAction struct {
@@ -72,11 +70,7 @@ func (this *IndexAction) RunGet(params struct {
 			return
 		}
 		if regionResp.IpRegion != nil {
-			pieces := []string{regionResp.IpRegion.Summary}
-			if len(regionResp.IpRegion.Isp) > 0 && !lists.ContainsString(pieces, regionResp.IpRegion.Isp) {
-				pieces = append(pieces, "| "+regionResp.IpRegion.Isp)
-			}
-			regionName = strings.Join(pieces, " ")
+			regionName = regionResp.IpRegion.Summary
 		}
 
 		logMaps = append(logMaps, maps.Map{

internal/web/actions/default/servers/components/index.go

@@ -7,7 +7,6 @@ import (
 	"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
 	"github.com/TeaOSLab/EdgeCommon/pkg/serverconfigs"
 	"github.com/iwind/TeaGo/actions"
-	"github.com/iwind/TeaGo/maps"
 )
 
 const (
@@ -65,7 +64,7 @@ func (this *IndexAction) RunPost(params struct {
 	DefaultDomain string
 }) {
 	// 创建日志
-	defer this.CreateLog(oplogs.LevelInfo, "保存代理服务全局配置")
+	defer this.CreateLog(oplogs.LevelInfo, "保存网站服务全局配置")
 
 	if len(params.GlobalConfigJSON) == 0 {
 		this.Fail("错误的配置信息，请刷新当前页面后重试")
@@ -84,27 +83,6 @@ func (this *IndexAction) RunPost(params struct {
 			allowMismatchDomains = append(allowMismatchDomains, domain)
 		}
 	}
-	globalConfig.HTTPAll.AllowMismatchDomains = allowMismatchDomains
-
-	// 不匹配域名的动作
-	switch params.DomainMismatchAction {
-	case "close":
-		globalConfig.HTTPAll.DomainMismatchAction = &serverconfigs.DomainMismatchAction{
-			Code:    "close",
-			Options: nil,
-		}
-	case "page":
-		if params.DomainMismatchActionPageStatusCode <= 0 {
-			params.DomainMismatchActionPageStatusCode = 404
-		}
-		globalConfig.HTTPAll.DomainMismatchAction = &serverconfigs.DomainMismatchAction{
-			Code: "page",
-			Options: maps.Map{
-				"statusCode":  params.DomainMismatchActionPageStatusCode,
-				"contentHTML": params.DomainMismatchActionPageContentHTML,
-			},
-		}
-	}
 
 	// TCP端口范围
 	if params.TcpAllPortRangeMin < 1024 {

internal/web/actions/default/servers/components/waf/ipadmin/index.go

@@ -36,7 +36,7 @@ func (this *IndexAction) RunGet(params struct {
 		this.NotFound("firewallPolicy", params.FirewallPolicyId)
 		return
 	}
-	selectedCountryIds := []int64{}
+	var selectedCountryIds = []int64{}
 	if policyConfig.Inbound != nil && policyConfig.Inbound.Region != nil {
 		selectedCountryIds = policyConfig.Inbound.Region.DenyCountryIds
 	}
@@ -46,11 +46,11 @@ func (this *IndexAction) RunGet(params struct {
 		this.ErrorPage(err)
 		return
 	}
-	countryMaps := []maps.Map{}
+	var countryMaps = []maps.Map{}
 	for _, country := range countriesResp.RegionCountries {
 		countryMaps = append(countryMaps, maps.Map{
 			"id":        country.Id,
-			"name":      country.Name,
+			"name":      country.DisplayName,
 			"letter":    strings.ToUpper(string(country.Pinyin[0][0])),
 			"isChecked": lists.ContainsInt64(selectedCountryIds, country.Id),
 		})

internal/web/actions/default/servers/components/waf/ipadmin/provinces.go

@@ -37,7 +37,7 @@ func (this *ProvincesAction) RunGet(params struct {
 		this.NotFound("firewallPolicy", params.FirewallPolicyId)
 		return
 	}
-	selectedProvinceIds := []int64{}
+	var selectedProvinceIds = []int64{}
 	if policyConfig.Inbound != nil && policyConfig.Inbound.Region != nil {
 		selectedProvinceIds = policyConfig.Inbound.Region.DenyProvinceIds
 	}
@@ -49,11 +49,11 @@ func (this *ProvincesAction) RunGet(params struct {
 		this.ErrorPage(err)
 		return
 	}
-	provinceMaps := []maps.Map{}
+	var provinceMaps = []maps.Map{}
 	for _, province := range provincesResp.RegionProvinces {
 		provinceMaps = append(provinceMaps, maps.Map{
 			"id":        province.Id,
-			"name":      province.Name,
+			"name":      province.DisplayName,
 			"isChecked": lists.ContainsInt64(selectedProvinceIds, province.Id),
 		})
 	}

internal/web/actions/default/servers/components/waf/ipadmin/updateIPPopup.go

@@ -80,9 +80,9 @@ func (this *UpdateIPPopupAction) RunPost(params struct {
 
 		var ipToLong uint64
 		if len(params.IpTo) > 0 && !utils.IsIPv4(params.IpTo) {
-			ipToLong = utils.IP2Long(params.IpTo)
 			this.Fail("请输入正确的结束IP")
 		}
+		ipToLong = utils.IP2Long(params.IpTo)
 
 		if ipFromLong > 0 && ipToLong > 0 && ipFromLong > ipToLong {
 			params.IpTo, params.IpFrom = params.IpFrom, params.IpTo

internal/web/actions/default/servers/groups/group/settings/httpReverseProxy/setting.go

@@ -109,6 +109,10 @@ func (this *SettingAction) RunPost(params struct {
 		FollowRedirects:   reverseProxyConfig.FollowRedirects,
 		ProxyProtocolJSON: proxyProtocolJSON,
 	})
+	if err != nil {
+		this.ErrorPage(err)
+		return
+	}
 
 	this.Success()
 }

internal/web/actions/default/servers/groups/group/settings/index/index.go

@@ -24,5 +24,4 @@ func (this *IndexAction) RunGet(params struct {
 	} else {
 		this.RedirectURL("/servers/groups/group/settings/httpReverseProxy?groupId=" + types.String(params.GroupId))
 	}
-	return
 }

internal/web/actions/default/servers/groups/group/settings/tcpReverseProxy/setting.go

@@ -109,6 +109,10 @@ func (this *SettingAction) RunPost(params struct {
 		FollowRedirects:   reverseProxyConfig.FollowRedirects,
 		ProxyProtocolJSON: proxyProtocolJSON,
 	})
+	if err != nil {
+		this.ErrorPage(err)
+		return
+	}
 
 	this.Success()
 }

internal/web/actions/default/servers/groups/group/settings/udpReverseProxy/setting.go

@@ -96,8 +96,12 @@ func (this *SettingAction) RunPost(params struct {
 		StripPrefix:     reverseProxyConfig.StripPrefix,
 		AutoFlush:       reverseProxyConfig.AutoFlush,
 		AddHeaders:      reverseProxyConfig.AddHeaders,
-		FollowRedirects:   reverseProxyConfig.FollowRedirects,
+		FollowRedirects: reverseProxyConfig.FollowRedirects,
 	})
+	if err != nil {
+		this.ErrorPage(err)
+		return
+	}
 
 	this.Success()
 }

internal/web/actions/default/servers/groups/group/settings/waf/ipadmin/countries.go

@@ -55,7 +55,7 @@ func (this *CountriesAction) RunGet(params struct {
 	for _, country := range countriesResp.RegionCountries {
 		countryMaps = append(countryMaps, maps.Map{
 			"id":        country.Id,
-			"name":      country.Name,
+			"name":      country.DisplayName,
 			"letter":    strings.ToUpper(string(country.Pinyin[0][0])),
 			"isChecked": lists.ContainsInt64(selectedCountryIds, country.Id),
 		})

internal/web/actions/default/servers/groups/group/settings/waf/ipadmin/provinces.go

@@ -46,7 +46,7 @@ func (this *ProvincesAction) RunGet(params struct {
 		selectedProvinceIds = policyConfig.Inbound.Region.DenyProvinceIds
 	}
 
-	provincesResp, err := this.RPC().RegionProvinceRPC().FindAllRegionProvincesWithCountryId(this.AdminContext(), &pb.FindAllRegionProvincesWithCountryIdRequest{
+	provincesResp, err := this.RPC().RegionProvinceRPC().FindAllRegionProvincesWithRegionCountryId(this.AdminContext(), &pb.FindAllRegionProvincesWithRegionCountryIdRequest{
 		RegionCountryId: int64(ChinaCountryId),
 	})
 	if err != nil {
@@ -57,7 +57,7 @@ func (this *ProvincesAction) RunGet(params struct {
 	for _, province := range provincesResp.RegionProvinces {
 		provinceMaps = append(provinceMaps, maps.Map{
 			"id":        province.Id,
-			"name":      province.Name,
+			"name":      province.DisplayName,
 			"isChecked": lists.ContainsInt64(selectedProvinceIds, province.Id),
 		})
 	}

internal/web/actions/default/servers/groups/group/settings/waf/ipadmin/updateIPPopup.go

@@ -79,9 +79,9 @@ func (this *UpdateIPPopupAction) RunPost(params struct {
 
 		var ipToLong uint64
 		if len(params.IpTo) > 0 && !utils.IsIPv4(params.IpTo) {
-			ipToLong = utils.IP2Long(params.IpTo)
 			this.Fail("请输入正确的结束IP")
 		}
+		ipToLong = utils.IP2Long(params.IpTo)
 
 		if ipFromLong > 0 && ipToLong > 0 && ipFromLong > ipToLong {
 			params.IpTo, params.IpFrom = params.IpFrom, params.IpTo

internal/web/actions/default/servers/index.go

@@ -90,15 +90,16 @@ func (this *IndexAction) RunGet(params struct {
 
 	// 服务列表
 	serversResp, err := this.RPC().ServerRPC().ListEnabledServersMatch(this.AdminContext(), &pb.ListEnabledServersMatchRequest{
-		Offset:         page.Offset,
-		Size:           page.Size,
-		NodeClusterId:  params.ClusterId,
-		ServerGroupId:  params.GroupId,
-		Keyword:        params.Keyword,
-		AuditingFlag:   params.AuditingFlag,
-		TrafficOutDesc: params.TrafficOutOrder == "desc",
-		TrafficOutAsc:  params.TrafficOutOrder == "asc",
-		UserId:         params.UserId,
+		Offset:            page.Offset,
+		Size:              page.Size,
+		NodeClusterId:     params.ClusterId,
+		ServerGroupId:     params.GroupId,
+		Keyword:           params.Keyword,
+		AuditingFlag:      params.AuditingFlag,
+		TrafficOutDesc:    params.TrafficOutOrder == "desc",
+		TrafficOutAsc:     params.TrafficOutOrder == "asc",
+		UserId:            params.UserId,
+		IgnoreServerNames: true,
 	})
 	if err != nil {
 		this.ErrorPage(err)
@@ -176,27 +177,35 @@ func (this *IndexAction) RunGet(params struct {
 		}
 
 		// 域名列表
-		var serverNames = []*serverconfigs.ServerNameConfig{}
 		if server.IsAuditing || (server.AuditingResult != nil && !server.AuditingResult.IsOk) {
 			server.ServerNamesJSON = server.AuditingServerNamesJSON
+
+			if len(config.ServerNames) == 0 {
+				// 审核中的域名
+				if len(server.ServerNamesJSON) > 0 {
+					var serverNames = []*serverconfigs.ServerNameConfig{}
+					err = json.Unmarshal(server.ServerNamesJSON, &serverNames)
+					if err != nil {
+						this.ErrorPage(err)
+						return
+					}
+					config.ServerNames = serverNames
+				}
+			}
 		}
 		var auditingIsOk = true
 		if !server.IsAuditing && server.AuditingResult != nil && !server.AuditingResult.IsOk {
 			auditingIsOk = false
 		}
-		if len(server.ServerNamesJSON) > 0 {
-			err = json.Unmarshal(server.ServerNamesJSON, &serverNames)
-			if err != nil {
-				this.ErrorPage(err)
-				return
+		var firstServerName = ""
+		for _, serverNameConfig := range config.ServerNames {
+			if len(serverNameConfig.Name) > 0 {
+				firstServerName = serverNameConfig.Name
+				break
 			}
-		}
-		var countServerNames = 0
-		for _, serverName := range serverNames {
-			if len(serverName.SubNames) == 0 {
-				countServerNames++
-			} else {
-				countServerNames += len(serverName.SubNames)
+			if len(serverNameConfig.SubNames) > 0 {
+				firstServerName = serverNameConfig.SubNames[0]
+				break
 			}
 		}
 
@@ -217,11 +226,8 @@ func (this *IndexAction) RunGet(params struct {
 
 		// 统计数据
 		var bandwidth = ""
-		if server.LatestServerDailyStat != nil {
-			var bytesPerSecond = server.LatestServerDailyStat.Bytes / 300
-			if bytesPerSecond > 0 {
-				bandwidth = numberutils.FormatBytes(bytesPerSecond)
-			}
+		if server.BandwidthBytes > 0 {
+			bandwidth = numberutils.FormatBytes(server.BandwidthBytes)
 		}
 
 		serverMaps = append(serverMaps, maps.Map{
@@ -235,8 +241,8 @@ func (this *IndexAction) RunGet(params struct {
 			"ports":            portMaps,
 			"serverTypeName":   serverconfigs.FindServerType(server.Type).GetString("name"),
 			"groups":           groupMaps,
-			"serverNames":      serverNames,
-			"countServerNames": countServerNames,
+			"firstServerName":  firstServerName,
+			"countServerNames": server.CountServerNames,
 			"isAuditing":       server.IsAuditing,
 			"auditingIsOk":     auditingIsOk,
 			"user":             userMap,

internal/web/actions/default/servers/ipbox/index.go

@@ -7,6 +7,7 @@ import (
 	"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
 	"github.com/iwind/TeaGo/maps"
 	timeutil "github.com/iwind/TeaGo/utils/time"
+	"strings"
 	"time"
 )
 
@@ -30,7 +31,14 @@ func (this *IndexAction) RunGet(params struct {
 		return
 	}
 	if regionResp.IpRegion != nil {
-		this.Data["regions"] = regionResp.IpRegion.Summary
+		var regionName = regionResp.IpRegion.Summary
+
+		// remove isp from regionName
+		var index = strings.LastIndex(regionName, "|")
+		if index > 0 {
+			regionName = regionName[:index]
+		}
+		this.Data["regions"] = regionName
 	} else {
 		this.Data["regions"] = ""
 	}

internal/web/actions/default/servers/iplists/createIPPopup.go

@@ -97,9 +97,9 @@ func (this *CreateIPPopupAction) RunPost(params struct {
 
 			var ipToLong uint64
 			if len(params.IpTo) > 0 && !utils.IsIPv4(params.IpTo) {
-				ipToLong = utils.IP2Long(params.IpTo)
 				this.Fail("请输入正确的结束IP")
 			}
+			ipToLong = utils.IP2Long(params.IpTo)
 
 			if ipFromLong > 0 && ipToLong > 0 && ipFromLong > ipToLong {
 				params.IpTo, params.IpFrom = params.IpFrom, params.IpTo

internal/web/actions/default/servers/iplists/delete.go

@@ -4,6 +4,7 @@ package iplists
 
 import (
 	"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
+	"github.com/TeaOSLab/EdgeAdmin/internal/web/helpers"
 	"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
 )
 
@@ -23,5 +24,8 @@ func (this *DeleteAction) RunPost(params struct {
 		return
 	}
 
+	// 通知左侧菜单Badge更新
+	helpers.NotifyIPItemsCountChanges()
+
 	this.Success()
 }

internal/web/actions/default/servers/iplists/deleteIP.go

@@ -3,6 +3,7 @@ package iplists
 import (
 	"github.com/TeaOSLab/EdgeAdmin/internal/oplogs"
 	"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
+	"github.com/TeaOSLab/EdgeAdmin/internal/web/helpers"
 	"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
 )
 
@@ -22,5 +23,8 @@ func (this *DeleteIPAction) RunPost(params struct {
 		return
 	}
 
+	// 通知左侧菜单Badge更新
+	helpers.NotifyIPItemsCountChanges()
+
 	this.Success()
 }

internal/web/actions/default/servers/iplists/deleteItems.go

@@ -4,6 +4,7 @@ package iplists
 
 import (
 	"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
+	"github.com/TeaOSLab/EdgeAdmin/internal/web/helpers"
 	"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
 	"github.com/iwind/TeaGo/types"
 	"strings"
@@ -33,5 +34,8 @@ func (this *DeleteItemsAction) RunPost(params struct {
 		return
 	}
 
+	// 通知左侧菜单Badge更新
+	helpers.NotifyIPItemsCountChanges()
+
 	this.Success()
 }

internal/web/actions/default/servers/iplists/index.go

@@ -8,6 +8,7 @@ import (
 	"github.com/TeaOSLab/EdgeCommon/pkg/serverconfigs/firewallconfigs"
 	"github.com/iwind/TeaGo/maps"
 	timeutil "github.com/iwind/TeaGo/utils/time"
+	"strings"
 	"time"
 )
 
@@ -165,6 +166,13 @@ func (this *IndexAction) RunGet(params struct {
 			var ipRegion = regionResp.IpRegion
 			if ipRegion != nil {
 				region = ipRegion.Summary
+
+				// remove isp from regionName
+				var index = strings.LastIndex(region, "|")
+				if index > 0 {
+					region = region[:index]
+				}
+
 				isp = ipRegion.Isp
 			}
 		}

internal/web/actions/default/servers/iplists/items.go

@@ -8,6 +8,7 @@ import (
 	"github.com/TeaOSLab/EdgeCommon/pkg/serverconfigs/firewallconfigs"
 	"github.com/iwind/TeaGo/maps"
 	timeutil "github.com/iwind/TeaGo/utils/time"
+	"strings"
 	"time"
 )
 
@@ -116,6 +117,13 @@ func (this *ItemsAction) RunGet(params struct {
 			var ipRegion = regionResp.IpRegion
 			if ipRegion != nil {
 				region = ipRegion.Summary
+
+				// remove isp from regionName
+				var index = strings.LastIndex(region, "|")
+				if index > 0 {
+					region = region[:index]
+				}
+
 				isp = ipRegion.Isp
 			}
 		}

internal/web/actions/default/servers/iplists/readAll.go

@@ -4,6 +4,7 @@ package iplists
 
 import (
 	"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
+	"github.com/TeaOSLab/EdgeAdmin/internal/web/helpers"
 	"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
 )
 
@@ -20,5 +21,8 @@ func (this *ReadAllAction) RunPost(params struct{}) {
 		return
 	}
 
+	// 通知左侧菜单Badge更新
+	helpers.NotifyIPItemsCountChanges()
+
 	this.Success()
 }

internal/web/actions/default/servers/iplists/updateIPPopup.go

@@ -79,9 +79,9 @@ func (this *UpdateIPPopupAction) RunPost(params struct {
 
 		var ipToLong uint64
 		if len(params.IpTo) > 0 && !utils.IsIPv4(params.IpTo) {
-			ipToLong = utils.IP2Long(params.IpTo)
 			this.Fail("请输入正确的结束IP")
 		}
+		ipToLong = utils.IP2Long(params.IpTo)
 
 		if ipFromLong > 0 && ipToLong > 0 && ipFromLong > ipToLong {
 			params.IpTo, params.IpFrom = params.IpFrom, params.IpTo

internal/web/actions/default/servers/logs/hasLogs.go

@@ -0,0 +1,67 @@
+// Copyright 2022 Liuxiangchao iwind.liu@gmail.com. All rights reserved. Official site: https://goedge.cn .
+
+package logs
+
+import (
+	"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
+	"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
+	timeutil "github.com/iwind/TeaGo/utils/time"
+	"regexp"
+	"strings"
+)
+
+// HasLogsAction 检查某个分区是否有日志
+type HasLogsAction struct {
+	actionutils.ParentAction
+}
+
+func (this *HasLogsAction) RunPost(params struct {
+	ClusterId int64
+	NodeId    int64
+	Day       string
+	Hour      string
+	Keyword   string
+	Ip        string
+	Domain    string
+	HasError  int
+	HasWAF    int
+	Partition int32 `default:"-1"`
+
+	RequestId string
+	ServerId  int64
+}) {
+	if len(params.Day) == 0 {
+		params.Day = timeutil.Format("Y-m-d")
+	}
+
+	var day = params.Day
+
+	if len(day) > 0 && regexp.MustCompile(`\d{4}-\d{2}-\d{2}`).MatchString(day) {
+		day = strings.ReplaceAll(day, "-", "")
+	}
+
+	resp, err := this.RPC().HTTPAccessLogRPC().ListHTTPAccessLogs(this.AdminContext(), &pb.ListHTTPAccessLogsRequest{
+		Partition:         params.Partition,
+		RequestId:         params.RequestId,
+		NodeClusterId:     params.ClusterId,
+		NodeId:            params.NodeId,
+		ServerId:          params.ServerId,
+		HasError:          params.HasError > 0,
+		HasFirewallPolicy: params.HasWAF > 0,
+		Day:               day,
+		HourFrom:          params.Hour,
+		HourTo:            params.Hour,
+		Keyword:           params.Keyword,
+		Ip:                params.Ip,
+		Domain:            params.Domain,
+		Size:              1,
+	})
+	if err != nil {
+		this.ErrorPage(err)
+		return
+	}
+
+	this.Data["hasLogs"] = len(resp.HttpAccessLogs) > 0
+
+	this.Success()
+}

internal/web/actions/default/servers/logs/init.go

@@ -18,6 +18,7 @@ func init() {
 			Get("", new(IndexAction)).
 			GetPost("/settings", new(SettingsAction)).
 			Post("/partitionData", new(PartitionDataAction)).
+			Post("/hasLogs", new(HasLogsAction)).
 			EndAll()
 	})
 }

internal/web/actions/default/servers/server/log/viewPopup.go

@@ -93,8 +93,16 @@ func (this *ViewPopupAction) RunGet(params struct {
 	}
 	region := regionResp.IpRegion
 	if region != nil {
+		var regionName = region.Summary
+
+		// remove isp from regionName
+		var index = strings.LastIndex(regionName, "|")
+		if index > 0 {
+			regionName = regionName[:index]
+		}
+
 		regionMap = maps.Map{
-			"full": region.Summary,
+			"full": regionName,
 			"isp":  region.Isp,
 		}
 	}

internal/web/actions/default/servers/server/settings/access/createPopup.go

@@ -1,13 +1,16 @@
 // Copyright 2021 Liuxiangchao iwind.liu@gmail.com. All rights reserved.
+//go:build !plus
 
 package access
 
 import (
 	"encoding/json"
+	"github.com/TeaOSLab/EdgeAdmin/internal/utils"
 	"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
 	"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
 	"github.com/TeaOSLab/EdgeCommon/pkg/serverconfigs"
 	"github.com/iwind/TeaGo/actions"
+	"strings"
 )
 
 type CreatePopupAction struct {
@@ -37,6 +40,9 @@ func (this *CreatePopupAction) RunPost(params struct {
 	SubRequestMethod        string
 	SubRequestFollowRequest bool
 
+	Exts        []string
+	DomainsJSON []byte
+
 	Must *actions.Must
 	CSRF *actionutils.CSRF
 }) {
@@ -44,14 +50,42 @@ func (this *CreatePopupAction) RunPost(params struct {
 		Field("name", params.Name).
 		Require("请输入名称").
 		Field("type", params.Type).
-		Require("请输入认证类型")
+		Require("请输入鉴权类型")
 
 	var ref = &serverconfigs.HTTPAuthPolicyRef{IsOn: true}
-	var paramsJSON []byte
+
+	// 扩展名
+	var exts = utils.NewStringsStream(params.Exts).
+		Map(strings.TrimSpace, strings.ToLower).
+		Filter(utils.FilterNotEmpty).
+		Map(utils.MapAddPrefixFunc(".")).
+		Unique().
+		Result()
+
+	// 域名
+	var domains = []string{}
+	if len(params.DomainsJSON) > 0 {
+		var rawDomains = []string{}
+		err := json.Unmarshal(params.DomainsJSON, &rawDomains)
+		if err != nil {
+			this.ErrorPage(err)
+			return
+		}
+
+		// TODO 如果用户填写了一个网址，应该分析域名并填入
+
+		domains = utils.NewStringsStream(rawDomains).
+			Map(strings.TrimSpace, strings.ToLower).
+			Filter(utils.FilterNotEmpty).
+			Unique().
+			Result()
+	}
+
+	var method serverconfigs.HTTPAuthMethodInterface
 
 	switch params.Type {
 	case serverconfigs.HTTPAuthTypeBasicAuth:
-		users := []*serverconfigs.HTTPAuthBasicMethodUser{}
+		var users = []*serverconfigs.HTTPAuthBasicMethodUser{}
 		err := json.Unmarshal(params.HttpAuthBasicAuthUsersJSON, &users)
 		if err != nil {
 			this.ErrorPage(err)
@@ -60,40 +94,39 @@ func (this *CreatePopupAction) RunPost(params struct {
 		if len(users) == 0 {
 			this.Fail("请添加至少一个用户")
 		}
-		method := &serverconfigs.HTTPAuthBasicMethod{
+		method = &serverconfigs.HTTPAuthBasicMethod{
 			Users:   users,
 			Realm:   params.BasicAuthRealm,
 			Charset: params.BasicAuthCharset,
 		}
-		methodJSON, err := json.Marshal(method)
-		if err != nil {
-			this.ErrorPage(err)
-			return
-		}
-
-		paramsJSON = methodJSON
 	case serverconfigs.HTTPAuthTypeSubRequest:
 		params.Must.Field("subRequestURL", params.SubRequestURL).
 			Require("请输入子请求URL")
 		if params.SubRequestFollowRequest {
 			params.SubRequestMethod = ""
 		}
-		method := &serverconfigs.HTTPAuthSubRequestMethod{
+		method = &serverconfigs.HTTPAuthSubRequestMethod{
 			URL:    params.SubRequestURL,
 			Method: params.SubRequestMethod,
 		}
-		methodJSON, err := json.Marshal(method)
-		if err != nil {
-			this.ErrorPage(err)
-			return
-		}
-		paramsJSON = methodJSON
 	default:
-		this.Fail("不支持的认证类型'" + params.Type + "'")
+		this.Fail("不支持的鉴权类型'" + params.Type + "'")
+	}
+
+	if method == nil {
+		this.Fail("无法找到对应的鉴权方式")
+	}
+	method.SetExts(exts)
+	method.SetDomains(domains)
+
+	paramsJSON, err := json.Marshal(method)
+	if err != nil {
+		this.ErrorPage(err)
+		return
 	}
 
 	var paramsMap map[string]interface{}
-	err := json.Unmarshal(paramsJSON, &paramsMap)
+	err = json.Unmarshal(paramsJSON, &paramsMap)
 	if err != nil {
 		this.ErrorPage(err)
 		return
@@ -108,7 +141,7 @@ func (this *CreatePopupAction) RunPost(params struct {
 		this.ErrorPage(err)
 		return
 	}
-	defer this.CreateLogInfo("创建HTTP认证 %d", createResp.HttpAuthPolicyId)
+	defer this.CreateLogInfo("创建HTTP鉴权 %d", createResp.HttpAuthPolicyId)
 	ref.AuthPolicyId = createResp.HttpAuthPolicyId
 	ref.AuthPolicy = &serverconfigs.HTTPAuthPolicy{
 		Id:     createResp.HttpAuthPolicyId,

internal/web/actions/default/servers/server/settings/access/index.go

@@ -7,6 +7,7 @@ import (
 	"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
 	"github.com/TeaOSLab/EdgeCommon/pkg/serverconfigs"
 	"github.com/iwind/TeaGo/actions"
+	"github.com/iwind/TeaGo/lists"
 )
 
 type IndexAction struct {
@@ -28,6 +29,28 @@ func (this *IndexAction) RunGet(params struct {
 	}
 
 	this.Data["webId"] = webConfig.Id
+
+	// 移除不存在的鉴权方法
+	var allTypes = []string{}
+	for _, def := range serverconfigs.FindAllHTTPAuthTypes() {
+		allTypes = append(allTypes, def.Code)
+	}
+
+	if webConfig.Auth != nil {
+		var refs = webConfig.Auth.PolicyRefs
+		var realRefs = []*serverconfigs.HTTPAuthPolicyRef{}
+		for _, ref := range refs {
+			if ref.AuthPolicy == nil {
+				continue
+			}
+			if !lists.ContainsString(allTypes, ref.AuthPolicy.Type) {
+				continue
+			}
+			realRefs = append(realRefs, ref)
+		}
+		webConfig.Auth.PolicyRefs = realRefs
+	}
+
 	this.Data["authConfig"] = webConfig.Auth
 
 	this.Show()
@@ -38,9 +61,8 @@ func (this *IndexAction) RunPost(params struct {
 	AuthJSON []byte
 
 	Must *actions.Must
-	CSRF *actionutils.CSRF
 }) {
-	defer this.CreateLogInfo("修改Web %d 的认证设置", params.WebId)
+	defer this.CreateLogInfo("修改Web %d 的鉴权设置", params.WebId)
 
 	var authConfig = &serverconfigs.HTTPAuthConfig{}
 	err := json.Unmarshal(params.AuthJSON, authConfig)
@@ -53,7 +75,7 @@ func (this *IndexAction) RunPost(params struct {
 		this.Fail("配置校验失败：" + err.Error())
 	}
 
-	// 保存之前删除多于的配置信息
+	// 保存之前删除多余的配置信息
 	for _, ref := range authConfig.PolicyRefs {
 		ref.AuthPolicy = nil
 	}

internal/web/actions/default/servers/server/settings/access/init.go

@@ -16,6 +16,7 @@ func init() {
 			GetPost("", new(IndexAction)).
 			GetPost("/createPopup", new(CreatePopupAction)).
 			GetPost("/updatePopup", new(UpdatePopupAction)).
+			Post("/random", new(RandomAction)).
 			EndAll()
 	})
 }

internal/web/actions/default/servers/server/settings/access/random.go

@@ -0,0 +1,18 @@
+// Copyright 2022 Liuxiangchao iwind.liu@gmail.com. All rights reserved. Official site: https://goedge.cn .
+
+package access
+
+import (
+	"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
+	"github.com/iwind/TeaGo/rands"
+)
+
+type RandomAction struct {
+	actionutils.ParentAction
+}
+
+func (this *RandomAction) RunPost(params struct{}) {
+	this.Data["random"] = rands.HexString(32)
+
+	this.Success()
+}

internal/web/actions/default/servers/server/settings/access/updatePopup.go

@@ -1,14 +1,17 @@
 // Copyright 2021 Liuxiangchao iwind.liu@gmail.com. All rights reserved.
+//go:build !plus
 
 package access
 
 import (
 	"encoding/json"
+	"github.com/TeaOSLab/EdgeAdmin/internal/utils"
 	"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
 	"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
 	"github.com/TeaOSLab/EdgeCommon/pkg/serverconfigs"
 	"github.com/iwind/TeaGo/actions"
 	"github.com/iwind/TeaGo/maps"
+	"strings"
 )
 
 type UpdatePopupAction struct {
@@ -70,17 +73,20 @@ func (this *UpdatePopupAction) RunPost(params struct {
 	SubRequestMethod        string
 	SubRequestFollowRequest bool
 
+	Exts        []string
+	DomainsJSON []byte
+
 	Must *actions.Must
 	CSRF *actionutils.CSRF
 }) {
-	defer this.CreateLogInfo("修改HTTP认证 %d", params.PolicyId)
+	defer this.CreateLogInfo("修改HTTP鉴权 %d", params.PolicyId)
 
 	policyResp, err := this.RPC().HTTPAuthPolicyRPC().FindEnabledHTTPAuthPolicy(this.AdminContext(), &pb.FindEnabledHTTPAuthPolicyRequest{HttpAuthPolicyId: params.PolicyId})
 	if err != nil {
 		this.ErrorPage(err)
 		return
 	}
-	policy := policyResp.HttpAuthPolicy
+	var policy = policyResp.HttpAuthPolicy
 	if policy == nil {
 		this.NotFound("httpAuthPolicy", params.PolicyId)
 		return
@@ -91,12 +97,40 @@ func (this *UpdatePopupAction) RunPost(params struct {
 		Field("name", params.Name).
 		Require("请输入名称")
 
+	// 扩展名
+	var exts = utils.NewStringsStream(params.Exts).
+		Map(strings.TrimSpace, strings.ToLower).
+		Filter(utils.FilterNotEmpty).
+		Map(utils.MapAddPrefixFunc(".")).
+		Unique().
+		Result()
+
+	// 域名
+	var domains = []string{}
+	if len(params.DomainsJSON) > 0 {
+		var rawDomains = []string{}
+		err := json.Unmarshal(params.DomainsJSON, &rawDomains)
+		if err != nil {
+			this.ErrorPage(err)
+			return
+		}
+
+		// TODO 如果用户填写了一个网址，应该分析域名并填入
+
+		domains = utils.NewStringsStream(rawDomains).
+			Map(strings.TrimSpace, strings.ToLower).
+			Filter(utils.FilterNotEmpty).
+			Unique().
+			Result()
+	}
+
 	var ref = &serverconfigs.HTTPAuthPolicyRef{IsOn: true}
-	var paramsJSON []byte
+
+	var method serverconfigs.HTTPAuthMethodInterface
 
 	switch policyType {
 	case serverconfigs.HTTPAuthTypeBasicAuth:
-		users := []*serverconfigs.HTTPAuthBasicMethodUser{}
+		var users = []*serverconfigs.HTTPAuthBasicMethodUser{}
 		err := json.Unmarshal(params.HttpAuthBasicAuthUsersJSON, &users)
 		if err != nil {
 			this.ErrorPage(err)
@@ -105,36 +139,35 @@ func (this *UpdatePopupAction) RunPost(params struct {
 		if len(users) == 0 {
 			this.Fail("请添加至少一个用户")
 		}
-		method := &serverconfigs.HTTPAuthBasicMethod{
+		method = &serverconfigs.HTTPAuthBasicMethod{
 			Users:   users,
 			Realm:   params.BasicAuthRealm,
 			Charset: params.BasicAuthCharset,
 		}
-		methodJSON, err := json.Marshal(method)
-		if err != nil {
-			this.ErrorPage(err)
-			return
-		}
-
-		paramsJSON = methodJSON
 	case serverconfigs.HTTPAuthTypeSubRequest:
 		params.Must.Field("subRequestURL", params.SubRequestURL).
 			Require("请输入子请求URL")
 		if params.SubRequestFollowRequest {
 			params.SubRequestMethod = ""
 		}
-		method := &serverconfigs.HTTPAuthSubRequestMethod{
+		method = &serverconfigs.HTTPAuthSubRequestMethod{
 			URL:    params.SubRequestURL,
 			Method: params.SubRequestMethod,
 		}
-		methodJSON, err := json.Marshal(method)
-		if err != nil {
-			this.ErrorPage(err)
-			return
-		}
-		paramsJSON = methodJSON
 	default:
-		this.Fail("不支持的认证类型'" + policyType + "'")
+		this.Fail("不支持的鉴权类型'" + policyType + "'")
+	}
+
+	if method == nil {
+		this.Fail("无法找到对应的鉴权方式")
+	}
+	method.SetExts(exts)
+	method.SetDomains(domains)
+
+	paramsJSON, err := json.Marshal(method)
+	if err != nil {
+		this.ErrorPage(err)
+		return
 	}
 
 	var paramsMap map[string]interface{}

internal/web/actions/default/servers/server/settings/cache/createPopup.go

@@ -5,6 +5,7 @@ import (
 	"github.com/TeaOSLab/EdgeAdmin/internal/utils"
 	"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
 	"github.com/TeaOSLab/EdgeCommon/pkg/serverconfigs"
+	"github.com/TeaOSLab/EdgeCommon/pkg/serverconfigs/shared"
 	"github.com/iwind/TeaGo/actions"
 )
 
@@ -27,19 +28,45 @@ func (this *CreatePopupAction) RunGet(params struct {
 func (this *CreatePopupAction) RunPost(params struct {
 	CacheRefJSON []byte
 
+	CondType              string
+	CondJSON              []byte
+	CondIsCaseInsensitive bool
+
 	Must *actions.Must
 }) {
 	var cacheRef = &serverconfigs.HTTPCacheRef{}
 	err := json.Unmarshal(params.CacheRefJSON, cacheRef)
 	if err != nil {
-		this.ErrorPage(err)
+		this.Fail("解析条件出错：" + err.Error() + ", JSON: " + string(params.CacheRefJSON))
 		return
 	}
+
+	if len(params.CondJSON) > 0 {
+		var cond = &shared.HTTPRequestCond{}
+		err = json.Unmarshal(params.CondJSON, cond)
+		if err != nil {
+			this.Fail("解析条件出错：" + err.Error() + ", JSON: " + string(params.CondJSON))
+			return
+		}
+		cond.Type = params.CondType
+		cond.IsCaseInsensitive = params.CondIsCaseInsensitive
+		cacheRef.SimpleCond = cond
+
+		// 将组合条件置为空
+		cacheRef.Conds = &shared.HTTPRequestCondsConfig{}
+	}
+
+	err = cacheRef.Init()
+	if err != nil {
+		this.Fail("解析条件出错：" + err.Error())
+		return
+	}
+
 	if len(cacheRef.Key) == 0 {
 		this.Fail("请输入缓存Key")
 	}
 
-	if cacheRef.Conds == nil || len(cacheRef.Conds.Groups) == 0 {
+	if (cacheRef.Conds == nil || len(cacheRef.Conds.Groups) == 0) && cacheRef.SimpleCond == nil {
 		this.Fail("请填写匹配条件分组")
 	}
 

internal/web/actions/default/servers/server/settings/cache/updateRefs.go

@@ -41,9 +41,6 @@ func (this *UpdateRefsAction) RunPost(params struct {
 
 	// 校验配置
 	var cacheConfig = webConfig.Cache
-	if webConfig == nil {
-		this.Success()
-	}
 
 	var refs = []*serverconfigs.HTTPCacheRef{}
 	err = json.Unmarshal(params.RefsJSON, &refs)

internal/web/actions/default/servers/server/settings/dns/init.go

@@ -15,6 +15,7 @@ func init() {
 			Prefix("/servers/server/settings/dns").
 			GetPost("", new(IndexAction)).
 			Post("/regenerateCNAME", new(RegenerateCNAMEAction)).
+			GetPost("/updateCNAMEPopup", new(UpdateCNAMEPopupAction)).
 			EndAll()
 	})
 }

internal/web/actions/default/servers/server/settings/dns/regenerateCNAME.go

@@ -16,7 +16,7 @@ func (this *RegenerateCNAMEAction) RunPost(params struct {
 }) {
 	defer this.CreateLogInfo("重新生成服务 %d 的CNAME", params.ServerId)
 
-	_, err := this.RPC().ServerRPC().RegenerateServerCNAME(this.AdminContext(), &pb.RegenerateServerCNAMERequest{ServerId: params.ServerId})
+	_, err := this.RPC().ServerRPC().RegenerateServerDNSName(this.AdminContext(), &pb.RegenerateServerDNSNameRequest{ServerId: params.ServerId})
 	if err != nil {
 		this.ErrorPage(err)
 		return

internal/web/actions/default/servers/server/settings/dns/updateCNAMEPopup.go

@@ -0,0 +1,94 @@
+// Copyright 2022 Liuxiangchao iwind.liu@gmail.com. All rights reserved. Official site: https://goedge.cn .
+
+package dns
+
+import (
+	"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
+	"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
+	"github.com/iwind/TeaGo/types"
+	"regexp"
+	"strings"
+)
+
+type UpdateCNAMEPopupAction struct {
+	actionutils.ParentAction
+}
+
+func (this *UpdateCNAMEPopupAction) RunGet(params struct {
+	ServerId int64
+}) {
+	this.Data["serverId"] = params.ServerId
+
+	dnsInfoResp, err := this.RPC().ServerRPC().FindEnabledServerDNS(this.AdminContext(), &pb.FindEnabledServerDNSRequest{ServerId: params.ServerId})
+	if err != nil {
+		this.ErrorPage(err)
+		return
+	}
+	this.Data["dnsName"] = dnsInfoResp.DnsName
+
+	this.Show()
+}
+
+func (this *UpdateCNAMEPopupAction) RunPost(params struct {
+	ServerId int64
+	DnsName  string
+}) {
+	defer this.CreateLogInfo("修改服务 %d CNAME为 %s", params.ServerId, params.DnsName)
+
+	var dnsName = strings.ToLower(params.DnsName)
+	if len(dnsName) == 0 {
+		this.FailField("dnsName", "CNAME不能为空")
+	}
+
+	const maxLen = 30
+	if len(dnsName) > maxLen {
+		this.FailField("dnsName", "CNAME长度不能超过"+types.String(maxLen)+"个字符")
+	}
+	if !regexp.MustCompile(`^[a-z0-9]{1,` + types.String(maxLen) + `}$`).MatchString(dnsName) {
+		this.FailField("dnsName", "CNAME中只能包含数字、英文字母")
+	}
+
+	serverResp, err := this.RPC().ServerRPC().FindEnabledServer(this.AdminContext(), &pb.FindEnabledServerRequest{ServerId: params.ServerId})
+	if err != nil {
+		this.ErrorPage(err)
+		return
+	}
+
+	var server = serverResp.Server
+	if server == nil {
+		this.Fail("找不到要修改的服务")
+	}
+	if server.NodeCluster == nil {
+		this.Fail("服务必须先分配到一个集群才能修改")
+	}
+	var clusterId = server.NodeCluster.Id
+
+	if server.DnsName == params.DnsName {
+		// 没有修改则直接返回
+		this.Success()
+	}
+
+	serverIdResp, err := this.RPC().ServerRPC().FindServerIdWithDNSName(this.AdminContext(), &pb.FindServerIdWithDNSNameRequest{
+		NodeClusterId: clusterId,
+		DnsName:       dnsName,
+	})
+	if err != nil {
+		this.ErrorPage(err)
+		return
+	}
+
+	if serverIdResp.ServerId > 0 && serverIdResp.ServerId != params.ServerId {
+		this.FailField("dnsName", "当前CNAME已被别的服务占用，请换一个")
+	}
+
+	_, err = this.RPC().ServerRPC().UpdateServerDNSName(this.AdminContext(), &pb.UpdateServerDNSNameRequest{
+		ServerId: params.ServerId,
+		DnsName:  dnsName,
+	})
+	if err != nil {
+		this.ErrorPage(err)
+		return
+	}
+
+	this.Success()
+}

internal/web/actions/default/servers/server/settings/headers/createSetPopup.go

@@ -7,6 +7,7 @@ import (
 	"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
 	"github.com/TeaOSLab/EdgeCommon/pkg/serverconfigs/shared"
 	"github.com/iwind/TeaGo/actions"
+	"strings"
 )
 
 type CreateSetPopupAction struct {
@@ -45,6 +46,8 @@ func (this *CreateSetPopupAction) RunPost(params struct {
 	// 日志
 	defer this.CreateLog(oplogs.LevelInfo, "设置请求Header，HeaderPolicyId:%d, Name:%s, Value:%s", params.HeaderPolicyId, params.Name, params.Value)
 
+	params.Name = strings.TrimSuffix(params.Name, ":")
+
 	params.Must.
 		Field("name", params.Name).
 		Require("请输入Header名称")

internal/web/actions/default/servers/server/settings/headers/updateSetPopup.go

@@ -7,6 +7,7 @@ import (
 	"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
 	"github.com/TeaOSLab/EdgeCommon/pkg/serverconfigs/shared"
 	"github.com/iwind/TeaGo/actions"
+	"strings"
 )
 
 type UpdateSetPopupAction struct {
@@ -60,6 +61,8 @@ func (this *UpdateSetPopupAction) RunPost(params struct {
 	// 日志
 	defer this.CreateLog(oplogs.LevelInfo, "修改设置请求Header，HeaderPolicyId:%d, Name:%s, Value:%s", params.HeaderId, params.Name, params.Value)
 
+	params.Name = strings.TrimSuffix(params.Name, ":")
+
 	params.Must.
 		Field("name", params.Name).
 		Require("请输入Header名称")

internal/web/actions/default/servers/server/settings/locations/access/index.go

@@ -7,6 +7,7 @@ import (
 	"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
 	"github.com/TeaOSLab/EdgeCommon/pkg/serverconfigs"
 	"github.com/iwind/TeaGo/actions"
+	"github.com/iwind/TeaGo/lists"
 )
 
 type IndexAction struct {
@@ -28,6 +29,28 @@ func (this *IndexAction) RunGet(params struct {
 	}
 
 	this.Data["webId"] = webConfig.Id
+
+	// 移除不存在的鉴权方法
+	var allTypes = []string{}
+	for _, def := range serverconfigs.FindAllHTTPAuthTypes() {
+		allTypes = append(allTypes, def.Code)
+	}
+
+	if webConfig.Auth != nil {
+		var refs = webConfig.Auth.PolicyRefs
+		var realRefs = []*serverconfigs.HTTPAuthPolicyRef{}
+		for _, ref := range refs {
+			if ref.AuthPolicy == nil {
+				continue
+			}
+			if !lists.ContainsString(allTypes, ref.AuthPolicy.Type) {
+				continue
+			}
+			realRefs = append(realRefs, ref)
+		}
+		webConfig.Auth.PolicyRefs = realRefs
+	}
+
 	this.Data["authConfig"] = webConfig.Auth
 
 	this.Show()
@@ -38,7 +61,6 @@ func (this *IndexAction) RunPost(params struct {
 	AuthJSON []byte
 
 	Must *actions.Must
-	CSRF *actionutils.CSRF
 }) {
 	defer this.CreateLogInfo("修改Web %d 的认证设置", params.WebId)
 

internal/web/actions/default/servers/server/settings/locations/locationutils/location_helper.go

@@ -98,11 +98,17 @@ func (this *LocationHelper) createMenus(serverIdString string, locationIdString
 		"isOn":     locationConfig != nil && locationConfig.Web != nil && locationConfig.Web.Cache != nil && locationConfig.Web.Cache.IsPrior && locationConfig.Web.Cache.IsOn,
 	})
 	menuItems = append(menuItems, maps.Map{
-		"name":     "访问控制",
+		"name":     "访问鉴权",
 		"url":      "/servers/server/settings/locations/access?serverId=" + serverIdString + "&locationId=" + locationIdString,
 		"isActive": secondMenuItem == "access",
 		"isOn":     locationConfig != nil && locationConfig.Web != nil && locationConfig.Web.Auth != nil && locationConfig.Web.Auth.IsPrior,
 	})
+	menuItems = append(menuItems, maps.Map{
+		"name":     "防盗链",
+		"url":      "/servers/server/settings/locations/referers?serverId=" + serverIdString + "&locationId=" + locationIdString,
+		"isActive": secondMenuItem == "referer",
+		"isOn":     locationConfig.Web != nil && locationConfig.Web.Referers != nil && locationConfig.Web.Referers.IsPrior,
+	})
 	menuItems = append(menuItems, maps.Map{
 		"name":     "字符编码",
 		"url":      "/servers/server/settings/locations/charset?serverId=" + serverIdString + "&locationId=" + locationIdString,

internal/web/actions/default/servers/server/settings/locations/referers/index.go

@@ -0,0 +1,68 @@
+// Copyright 2021 Liuxiangchao iwind.liu@gmail.com. All rights reserved.
+
+package uam
+
+import (
+	"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
+	"github.com/TeaOSLab/EdgeCommon/pkg/rpc/dao"
+	"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
+	"github.com/TeaOSLab/EdgeCommon/pkg/serverconfigs"
+	"github.com/iwind/TeaGo/actions"
+)
+
+type IndexAction struct {
+	actionutils.ParentAction
+}
+
+func (this *IndexAction) Init() {
+	this.Nav("", "setting", "index")
+	this.SecondMenu("referer")
+}
+
+func (this *IndexAction) RunGet(params struct {
+	LocationId int64
+}) {
+	webConfig, err := dao.SharedHTTPWebDAO.FindWebConfigWithLocationId(this.AdminContext(), params.LocationId)
+	if err != nil {
+		this.ErrorPage(err)
+		return
+	}
+
+	this.Data["webId"] = webConfig.Id
+
+	var referersConfig = webConfig.Referers
+	if referersConfig == nil {
+		referersConfig = &serverconfigs.ReferersConfig{
+			IsPrior:         false,
+			IsOn:            false,
+			AllowEmpty:      true,
+			AllowSameDomain: true,
+			AllowDomains:    nil,
+		}
+	}
+
+	this.Data["referersConfig"] = referersConfig
+
+	this.Show()
+}
+
+func (this *IndexAction) RunPost(params struct {
+	WebId        int64
+	ReferersJSON []byte
+
+	Must *actions.Must
+	CSRF *actionutils.CSRF
+}) {
+	defer this.CreateLogInfo("修改Web %d 防盗链设置", params.WebId)
+
+	_, err := this.RPC().HTTPWebRPC().UpdateHTTPWebReferers(this.AdminContext(), &pb.UpdateHTTPWebReferersRequest{
+		HttpWebId:    params.WebId,
+		ReferersJSON: params.ReferersJSON,
+	})
+	if err != nil {
+		this.ErrorPage(err)
+		return
+	}
+
+	this.Success()
+}