commit components.js

优化文字提示
2023-06-18 19:51:47 +08:00 · 2023-06-18 16:19:16 +08:00 · 2023-06-17 21:53:08 +08:00 · 2023-06-17 21:53:00 +08:00 · 2023-06-16 11:34:39 +08:00 · 2023-06-16 09:54:51 +08:00
390 changed files with 8495 additions and 1956 deletions
--- a/README.md
+++ b/README.md
@@ -54,7 +54,10 @@
 * [管理平台](https://github.com/TeaOSLab/EdgeAdmin)

 ## 联系我们
-有什么问题和建议都可以加入QQ群 `659832182` 或者 [Telegram群](https://t.me/+5kVCMGxQhZxiODY9) 。
+有什么问题和建议都可以加入 [Telegram群](https://t.me/+5kVCMGxQhZxiODY9) 
+
+## 企业版
+* [GoEdge企业版](https://goedge.cn/commercial) - 功能更强大的CDN系统

 ## 感谢
 * 感谢 [Gitee](https://gitee.com/) 提供国内源代码托管平台
--- a/build/build.sh
+++ b/build/build.sh
@@ -105,8 +105,8 @@ function build() {
 	find "$DIST" -name ".DS_Store" -delete
 	find "$DIST" -name ".gitignore" -delete
 	find "$DIST" -name "*.less" -delete
-	find "$DIST" -name "*.css.map" -delete
-	find "$DIST" -name "*.js.map" -delete
+	#find "$DIST" -name "*.css.map" -delete
+	#find "$DIST" -name "*.js.map" -delete

 	# zip
 	echo "zip files ..."
--- a/build/licenses/README.md
+++ b/build/licenses/README.md
@@ -1 +1 @@
-这个目录下我们列举了所有需要公开声明的第三方License，如果有遗漏，烦请告知 iwind.liu@gmail.com。再次感谢这些开源软件项目和贡献人员！ 
+这个目录下我们列举了所有需要公开声明的第三方License，如果有遗漏，烦请告知 goedge.cdn@gmail.com。再次感谢这些开源软件项目和贡献人员！ 
--- a/docker/Dockerfile
+++ b/docker/Dockerfile
@@ -1,7 +1,7 @@
 FROM alpine:latest
-LABEL maintainer="iwind.liu@gmail.com"
+LABEL maintainer="goedge.cdn@gmail.com"
 ENV TZ "Asia/Shanghai"
-ENV VERSION 0.6.4
+ENV VERSION 1.1.0
 ENV ROOT_DIR /usr/local/goedge
 ENV TAR_FILE edge-admin-linux-amd64-plus-v${VERSION}.zip
 ENV TAR_URL "https://dl.goedge.cn/edge/v${VERSION}/edge-admin-linux-amd64-plus-v${VERSION}.zip"
--- a/go.mod
+++ b/go.mod
@@ -15,7 +15,8 @@ require (
 	github.com/skip2/go-qrcode v0.0.0-20200617195104-da1b6568686e
 	github.com/tealeg/xlsx/v3 v3.2.3
 	github.com/xlzd/gotp v0.0.0-20181030022105-c8557ba2c119
-	golang.org/x/sys v0.5.0
+	golang.org/x/crypto v0.7.0
+	golang.org/x/sys v0.6.0
 	google.golang.org/grpc v1.45.0
 	gopkg.in/yaml.v3 v3.0.1
 )
@@ -33,8 +34,8 @@ require (
 	github.com/rogpeppe/fastuuid v1.2.0 // indirect
 	github.com/shabbyrobe/xmlwriter v0.0.0-20200208144257-9fca06d00ffa // indirect
 	github.com/yusufpapurcu/wmi v1.2.2 // indirect
-	golang.org/x/net v0.7.0 // indirect
-	golang.org/x/text v0.7.0 // indirect
+	golang.org/x/net v0.8.0 // indirect
+	golang.org/x/text v0.8.0 // indirect
 	google.golang.org/genproto v0.0.0-20220317150908-0efb43f6373e // indirect
 	google.golang.org/protobuf v1.27.1 // indirect
 	gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c // indirect
--- a/go.sum
+++ b/go.sum
@@ -74,10 +74,6 @@ github.com/google/uuid v1.1.2/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+
 github.com/grpc-ecosystem/grpc-gateway v1.16.0/go.mod h1:BDjrQk3hbvj6Nolgz8mAMFbcEtjT1g+wF4CSlocrBnw=
 github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpOxQnU=
 github.com/iwind/TeaGo v0.0.0-20210411134150-ddf57e240c2f/go.mod h1:KU4mS7QNiZ7QWEuDBk1zw0/Q2LrAPZv3tycEFBsuUwc=
-github.com/iwind/TeaGo v0.0.0-20230207032553-d6dcde0cd518 h1:zuWjQ57zc67ZSTHpxNK95JYoa9Ph/JRSnapsTY/hlhQ=
-github.com/iwind/TeaGo v0.0.0-20230207032553-d6dcde0cd518/go.mod h1:fi/Pq+/5m2HZoseM+39dMF57ANXRt6w4PkGu3NXPc5s=
-github.com/iwind/TeaGo v0.0.0-20230303070415-9d0689db6456 h1:xv3AVaxuwjThkBDptAfsFSmuHQIrRrvt8BRaekWnsvs=
-github.com/iwind/TeaGo v0.0.0-20230303070415-9d0689db6456/go.mod h1:fi/Pq+/5m2HZoseM+39dMF57ANXRt6w4PkGu3NXPc5s=
 github.com/iwind/TeaGo v0.0.0-20230304012706-c1f4a4e27470 h1:TuRxvKRv9PxKVijWOkUnZm5TeanQqWGUJyPx9u6cra4=
 github.com/iwind/TeaGo v0.0.0-20230304012706-c1f4a4e27470/go.mod h1:fi/Pq+/5m2HZoseM+39dMF57ANXRt6w4PkGu3NXPc5s=
 github.com/iwind/gosock v0.0.0-20211103081026-ee4652210ca4 h1:VWGsCqTzObdlbf7UUE3oceIpcEKi4C/YBUszQXk118A=
@@ -142,6 +138,8 @@ go.opentelemetry.io/proto/otlp v0.7.0/go.mod h1:PqfVotwruBrMGOCsRd/89rSnXhoiJIqe
 golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
 golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
 golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
+golang.org/x/crypto v0.7.0 h1:AvwMYaRytfdeVt3u6mLaxYtErKYjxA2OXjJ1HHq6t3A=
+golang.org/x/crypto v0.7.0/go.mod h1:pYwdfH91IfpZVANVyUOhSIPZaFoJGxTFbZhFTx+dXZU=
 golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
 golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
 golang.org/x/exp v0.0.0-20200513190911-00229845015e/go.mod h1:4M0jN8W1tt0AVLNr8HDosyJCDCDuyL9N9+3m7wDWgKw=
@@ -166,8 +164,8 @@ golang.org/x/net v0.0.0-20200520004742-59133d7f0dd7/go.mod h1:qpuaurCH72eLCgpAm/
 golang.org/x/net v0.0.0-20200822124328-c89045814202/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA=
 golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
 golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod h1:p54w0d4576C0XHj96bSt6lcn1PtDYWL6XObtHCRCNQM=
-golang.org/x/net v0.7.0 h1:rJrUqqhjsgNp7KqAIc25s9pZnjU7TUcSY7HcVZjdn1g=
-golang.org/x/net v0.7.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs=
+golang.org/x/net v0.8.0 h1:Zrh2ngAOFYneWTAIAPethzeaQLuHwhuBkuV6ZiRnUaQ=
+golang.org/x/net v0.8.0/go.mod h1:QVkue5JL9kW//ek3r6jTKnTFis1tRmNAW2P1shuFdJc=
 golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
 golang.org/x/oauth2 v0.0.0-20200107190931-bf48bf16ab8d/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
 golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
@@ -195,15 +193,16 @@ golang.org/x/sys v0.0.0-20210303074136-134d130e1a04/go.mod h1:h1NjWce9XRLGQEsW7w
 golang.org/x/sys v0.0.0-20210330210617-4fbd30eecc44/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20210510120138-977fb7262007/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20220128215802-99c3d69c2c27/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.5.0 h1:MUK/U/4lj1t1oPg0HfuXDN/Z1wv31ZJ/YcPiGccS4DU=
-golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.6.0 h1:MVltZSvRTcU2ljQOhs94SXPftV6DCNnZViHeQps87pQ=
+golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
+golang.org/x/term v0.6.0 h1:clScbb1cHjoCkyRbWwBEUZ5H/tIFu5TAXIqaZD0Gcjw=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk=
 golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
 golang.org/x/text v0.3.5/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
-golang.org/x/text v0.7.0 h1:4BRB4x83lYWy72KwLD/qYDuTu7q9PjSagHvijDw7cLo=
-golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8=
+golang.org/x/text v0.8.0 h1:57P1ETyNKtuIjB4SRd15iJxuhj8Gc416Y78H3qgMh68=
+golang.org/x/text v0.8.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8=
 golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
 golang.org/x/tools v0.0.0-20190114222345-bf090417da8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
 golang.org/x/tools v0.0.0-20190226205152-f727befe758c/go.mod h1:9Yl7xja0Znq3iFh3HoIrodX9oNMXvdceNzlUR8zjMvY=
--- a/internal/configloaders/admin_module.go
+++ b/internal/configloaders/admin_module.go
@@ -167,7 +167,7 @@ func AllModuleMaps() []maps.Map {
 			"url":  "/dashboard",
 		},
 		{
-			"name": "网站服务",
+			"name": "网站列表",
 			"code": AdminModuleCodeServer,
 			"url":  "/servers",
 		},
--- a/internal/configloaders/security_config.go
+++ b/internal/configloaders/security_config.go
@@ -29,7 +29,7 @@ func LoadSecurityConfig() (*systemconfigs.SecurityConfig, error) {
 		return nil, err
 	}

-	v := reflect.Indirect(reflect.ValueOf(config)).Interface().(systemconfigs.SecurityConfig)
+	var v = reflect.Indirect(reflect.ValueOf(config)).Interface().(systemconfigs.SecurityConfig)
 	return &v, nil
 }

@@ -83,7 +83,12 @@ func loadSecurityConfig() (*systemconfigs.SecurityConfig, error) {
 		return sharedSecurityConfig, nil
 	}

-	config := &systemconfigs.SecurityConfig{}
+	var config = &systemconfigs.SecurityConfig{
+		Frame:                  FrameSameOrigin,
+		AllowLocal:             true,
+		CheckClientFingerprint: false,
+		CheckClientRegion:      true,
+	}
 	err = json.Unmarshal(resp.ValueJSON, config)
 	if err != nil {
 		logs.Println("[SECURITY_MANAGER]" + err.Error())
@@ -100,7 +105,9 @@ func loadSecurityConfig() (*systemconfigs.SecurityConfig, error) {

 func defaultSecurityConfig() *systemconfigs.SecurityConfig {
 	return &systemconfigs.SecurityConfig{
-		Frame:      FrameSameOrigin,
-		AllowLocal: true,
+		Frame:                  FrameSameOrigin,
+		AllowLocal:             true,
+		CheckClientFingerprint: false,
+		CheckClientRegion:      true,
 	}
 }
--- a/internal/configs/api_config.go
+++ b/internal/configs/api_config.go
@@ -21,9 +21,9 @@ type APIConfig struct {
 // LoadAPIConfig 加载API配置
 func LoadAPIConfig() (*APIConfig, error) {
 	// 候选文件
-	localFile := Tea.ConfigFile("api.yaml")
-	isFromLocal := false
-	paths := []string{localFile}
+	var localFile = Tea.ConfigFile("api.yaml")
+	var isFromLocal = false
+	var paths = []string{localFile}
 	homeDir, homeErr := os.UserHomeDir()
 	if homeErr == nil {
 		paths = append(paths, homeDir+"/."+teaconst.ProcessName+"/api.yaml")
@@ -45,7 +45,7 @@ func LoadAPIConfig() (*APIConfig, error) {
 		return nil, err
 	}

-	config := &APIConfig{}
+	var config = &APIConfig{}
 	err = yaml.Unmarshal(data, config)
 	if err != nil {
 		return nil, err
--- a/internal/const/const.go
+++ b/internal/const/const.go
@@ -1,9 +1,9 @@
 package teaconst

 const (
-	Version = "0.6.4.1"
+	Version = "1.2.0"

-	APINodeVersion = "0.6.4.1"
+	APINodeVersion = "1.2.0"

 	ProductName   = "Edge Admin"
 	ProcessName   = "edge-admin"
--- a/internal/const/vars.go
+++ b/internal/const/vars.go
@@ -2,6 +2,11 @@

 package teaconst

+import (
+	"os"
+	"strings"
+)
+
 var (
 	IsRecoverMode = false

@@ -10,4 +15,18 @@ var (

 	NewVersionCode        = "" // 有新的版本
 	NewVersionDownloadURL = "" // 新版本下载地址
+
+	IsMain = checkMain()
 )
+
+// 检查是否为主程序
+func checkMain() bool {
+	if len(os.Args) == 1 ||
+		(len(os.Args) >= 2 && os.Args[1] == "pprof") {
+		return true
+	}
+	exe, _ := os.Executable()
+	return strings.HasSuffix(exe, ".test") ||
+		strings.HasSuffix(exe, ".test.exe") ||
+		strings.Contains(exe, "___")
+}
--- a/internal/nodes/admin_node.go
+++ b/internal/nodes/admin_node.go
@@ -85,6 +85,9 @@ func (this *AdminNode) Run() {
 	// 启动API节点
 	this.startAPINode()

+	// 启动IP库
+	this.startIPLibrary()
+
 	// 启动Web服务
 	sessionManager, err := NewSessionManager()
 	if err != nil {
--- a/internal/nodes/admin_node_ext.go
+++ b/internal/nodes/admin_node_ext.go
@@ -0,0 +1,18 @@
+// Copyright 2023 Liuxiangchao iwind.liu@gmail.com. All rights reserved. Official site: https://goedge.cn .
+//go:build !plus
+
+package nodes
+
+import (
+	"github.com/TeaOSLab/EdgeCommon/pkg/iplibrary"
+	"github.com/iwind/TeaGo/logs"
+)
+
+// 启动IP库
+func (this *AdminNode) startIPLibrary() {
+	logs.Println("[NODE]initializing ip library ...")
+	err := iplibrary.InitDefault()
+	if err != nil {
+		logs.Println("[NODE]initialize ip library failed: "+err.Error())
+	}
+}
--- a/internal/nodes/session_manager.go
+++ b/internal/nodes/session_manager.go
@@ -11,6 +11,7 @@ import (
 	"strings"
 )

+// SessionManager SESSION管理
 type SessionManager struct {
 	life uint
 }
@@ -39,6 +40,7 @@ func (this *SessionManager) Read(sid string) map[string]string {
 	resp, err := rpcClient.LoginSessionRPC().FindLoginSession(rpcClient.Context(0), &pb.FindLoginSessionRequest{Sid: sid})
 	if err != nil {
 		logs.Println("SESSION", "read '"+sid+"' failed: "+err.Error())
+		result["@error"] = err.Error()
 		return result
 	}

--- a/internal/rpc/rpc_client.go
+++ b/internal/rpc/rpc_client.go
@@ -544,8 +544,11 @@ func (this *RPCClient) init() error {
 		}

 		var conn *grpc.ClientConn
-		var callOptions = grpc.WithDefaultCallOptions(grpc.MaxCallRecvMsgSize(128*1024*1024),
-			grpc.UseCompressor(gzip.Name))
+		var callOptions = grpc.WithDefaultCallOptions(
+			grpc.MaxCallRecvMsgSize(128<<20),
+			grpc.MaxCallSendMsgSize(128<<20),
+			grpc.UseCompressor(gzip.Name),
+		)
 		if u.Scheme == "http" {
 			conn, err = grpc.Dial(apiHost, grpc.WithTransportCredentials(insecure.NewCredentials()), callOptions)
 		} else if u.Scheme == "https" {
--- a/internal/rpc/rpc_utils.go
+++ b/internal/rpc/rpc_utils.go
@@ -2,6 +2,9 @@ package rpc

 import (
 	"github.com/TeaOSLab/EdgeAdmin/internal/configs"
+	"google.golang.org/grpc/codes"
+	"google.golang.org/grpc/status"
+	"strings"
 	"sync"
 )

@@ -28,3 +31,39 @@ func SharedRPC() (*RPCClient, error) {
 	sharedRPC = client
 	return sharedRPC, nil
 }
+
+// IsConnError 是否为连接错误
+func IsConnError(err error) bool {
+	if err == nil {
+		return false
+	}
+
+	// 检查是否为连接错误
+	statusErr, ok := status.FromError(err)
+	if ok {
+		var errorCode = statusErr.Code()
+		return errorCode == codes.Unavailable || errorCode == codes.Canceled
+	}
+
+	if strings.Contains(err.Error(), "code = Canceled") {
+		return true
+	}
+
+	return false
+}
+
+// IsUnimplementedError 检查是否为未实现错误
+func IsUnimplementedError(err error) bool {
+	if err == nil {
+		return false
+	}
+
+	statusErr, ok := status.FromError(err)
+	if ok {
+		if statusErr.Code() == codes.Unimplemented {
+			return true
+		}
+	}
+
+	return false
+}
--- a/internal/tasks/task_check_updates.go
+++ b/internal/tasks/task_check_updates.go
@@ -119,7 +119,7 @@ func (this *CheckUpdatesTask) Loop() error {
 			var vMap = maps.NewMap(version)
 			if vMap.GetString("code") == "admin" {
 				var latestVersion = vMap.GetString("version")
-				if stringutil.VersionCompare(teaconst.Version, latestVersion) < 0 {
+				if stringutil.VersionCompare(teaconst.Version, latestVersion) < 0 && (len(config.IgnoredVersion) == 0 || stringutil.VersionCompare(latestVersion, config.IgnoredVersion) > 0) {
 					teaconst.NewVersionCode = latestVersion
 					teaconst.NewVersionDownloadURL = dlHost + vMap.GetString("url")
 					return nil
--- a/internal/utils/apinodeutils/deploy_file.go
+++ b/internal/utils/apinodeutils/deploy_file.go
@@ -0,0 +1,79 @@
+// Copyright 2021 Liuxiangchao iwind.liu@gmail.com. All rights reserved.
+
+package apinodeutils
+
+import (
+	"crypto/md5"
+	"fmt"
+	"io"
+	"os"
+)
+
+// DeployFile 部署文件描述
+type DeployFile struct {
+	OS      string
+	Arch    string
+	Version string
+	Path    string
+}
+
+// Sum 计算概要
+func (this *DeployFile) Sum() (string, error) {
+	fp, err := os.Open(this.Path)
+	if err != nil {
+		return "", err
+	}
+	defer func() {
+		_ = fp.Close()
+	}()
+
+	m := md5.New()
+	buffer := make([]byte, 128*1024)
+	for {
+		n, err := fp.Read(buffer)
+		if err != nil {
+			if err == io.EOF {
+				break
+			}
+			return "", err
+		}
+		_, err = m.Write(buffer[:n])
+		if err != nil {
+			return "", err
+		}
+	}
+	sum := m.Sum(nil)
+	return fmt.Sprintf("%x", sum), nil
+}
+
+// Read 读取一个片段数据
+func (this *DeployFile) Read(offset int64) (data []byte, newOffset int64, err error) {
+	fp, err := os.Open(this.Path)
+	if err != nil {
+		return nil, offset, err
+	}
+	defer func() {
+		_ = fp.Close()
+	}()
+
+	stat, err := fp.Stat()
+	if err != nil {
+		return nil, offset, err
+	}
+	if offset >= stat.Size() {
+		return nil, offset, io.EOF
+	}
+
+	_, err = fp.Seek(offset, io.SeekStart)
+	if err != nil {
+		return nil, offset, err
+	}
+
+	buffer := make([]byte, 128*1024)
+	n, err := fp.Read(buffer)
+	if err != nil {
+		return nil, offset, err
+	}
+
+	return buffer[:n], offset + int64(n), nil
+}
--- a/internal/utils/apinodeutils/deploy_manager.go
+++ b/internal/utils/apinodeutils/deploy_manager.go
@@ -0,0 +1,96 @@
+package apinodeutils
+
+import (
+	"github.com/iwind/TeaGo/Tea"
+	"github.com/iwind/TeaGo/files"
+	stringutil "github.com/iwind/TeaGo/utils/string"
+	"regexp"
+)
+
+// DeployManager 节点部署文件管理器
+// 如果节点部署文件有变化，需要重启API节点以便于生效
+type DeployManager struct {
+	dir string
+}
+
+// NewDeployManager 获取新节点部署文件管理器
+func NewDeployManager() *DeployManager {
+	var manager = &DeployManager{
+		dir: Tea.Root + "/edge-api/deploy",
+	}
+	manager.LoadNodeFiles()
+	manager.LoadNSNodeFiles()
+	return manager
+}
+
+// LoadNodeFiles 加载所有边缘节点文件
+func (this *DeployManager) LoadNodeFiles() []*DeployFile {
+	var keyMap = map[string]*DeployFile{} // key => File
+
+	var reg = regexp.MustCompile(`^edge-node-(\w+)-(\w+)-v([0-9.]+)\.zip$`)
+	for _, file := range files.NewFile(this.dir).List() {
+		var name = file.Name()
+		if !reg.MatchString(name) {
+			continue
+		}
+		var matches = reg.FindStringSubmatch(name)
+		var osName = matches[1]
+		var arch = matches[2]
+		var version = matches[3]
+
+		var key = osName + "_" + arch
+		oldFile, ok := keyMap[key]
+		if ok && stringutil.VersionCompare(oldFile.Version, version) > 0 {
+			continue
+		}
+		keyMap[key] = &DeployFile{
+			OS:      osName,
+			Arch:    arch,
+			Version: version,
+			Path:    file.Path(),
+		}
+	}
+
+	var result = []*DeployFile{}
+	for _, v := range keyMap {
+		result = append(result, v)
+	}
+
+	return result
+}
+
+// LoadNSNodeFiles 加载所有NS节点安装文件
+func (this *DeployManager) LoadNSNodeFiles() []*DeployFile {
+	var keyMap = map[string]*DeployFile{} // key => File
+
+	var reg = regexp.MustCompile(`^edge-dns-(\w+)-(\w+)-v([0-9.]+)\.zip$`)
+	for _, file := range files.NewFile(this.dir).List() {
+		var name = file.Name()
+		if !reg.MatchString(name) {
+			continue
+		}
+		var matches = reg.FindStringSubmatch(name)
+		var osName = matches[1]
+		var arch = matches[2]
+		var version = matches[3]
+
+		var key = osName + "_" + arch
+		oldFile, ok := keyMap[key]
+		if ok && stringutil.VersionCompare(oldFile.Version, version) > 0 {
+			continue
+		}
+		keyMap[key] = &DeployFile{
+			OS:      osName,
+			Arch:    arch,
+			Version: version,
+			Path:    file.Path(),
+		}
+	}
+
+	var result = []*DeployFile{}
+	for _, v := range keyMap {
+		result = append(result, v)
+	}
+
+	return result
+}
--- a/internal/utils/apinodeutils/upgrader.go
+++ b/internal/utils/apinodeutils/upgrader.go
@@ -4,6 +4,7 @@ package apinodeutils

 import (
 	"compress/gzip"
+	"context"
 	"crypto/md5"
 	"errors"
 	"fmt"
@@ -62,7 +63,36 @@ func (this *Upgrader) Upgrade() error {
 	if err != nil {
 		return err
 	}
-	versionResp, err := rpcClient.APINodeRPC().FindCurrentAPINodeVersion(sharedClient.Context(0), &pb.FindCurrentAPINodeVersionRequest{})
+
+	// 升级边缘节点
+	err = this.upgradeNodes(sharedClient.Context(0), rpcClient)
+	if err != nil {
+		return err
+	}
+
+	// 升级NS节点
+	err = this.upgradeNSNodes(sharedClient.Context(0), rpcClient)
+	if err != nil {
+		return err
+	}
+
+	// 升级API节点
+	err = this.upgradeAPINode(sharedClient.Context(0), rpcClient)
+	if err != nil {
+		return errors.New("upgrade api node failed: " + err.Error())
+	}
+
+	return nil
+}
+
+// Progress 查看升级进程
+func (this *Upgrader) Progress() *Progress {
+	return this.progress
+}
+
+// 升级API节点
+func (this *Upgrader) upgradeAPINode(ctx context.Context, rpcClient *rpc.RPCClient) error {
+	versionResp, err := rpcClient.APINodeRPC().FindCurrentAPINodeVersion(ctx, &pb.FindCurrentAPINodeVersionRequest{})
 	if err != nil {
 		return err
 	}
@@ -77,7 +107,7 @@ func (this *Upgrader) Upgrade() error {
 		return errors.New(reason)
 	}

-	localVersion, err := localVersion()
+	localVersion, err := lookupLocalVersion()
 	if err != nil {
 		return errors.New("lookup version failed: " + err.Error())
 	}
@@ -196,6 +226,124 @@ func (this *Upgrader) Upgrade() error {
 	return nil
 }

-func (this *Upgrader) Progress() *Progress {
-	return this.progress
+// 升级边缘节点
+func (this *Upgrader) upgradeNodes(ctx context.Context, rpcClient *rpc.RPCClient) error {
+	// 本地的
+	var manager = NewDeployManager()
+	var localFileMap = map[string]*DeployFile{} // os_arch => *DeployFile
+	for _, deployFile := range manager.LoadNodeFiles() {
+		localFileMap[deployFile.OS+"_"+deployFile.Arch] = deployFile
+	}
+
+	remoteFilesResp, err := rpcClient.APINodeRPC().FindLatestDeployFiles(ctx, &pb.FindLatestDeployFilesRequest{})
+	if err != nil {
+		return err
+	}
+
+	var remoteFileMap = map[string]*pb.FindLatestDeployFilesResponse_DeployFile{} // os_arch => *DeployFile
+	for _, nodeFile := range remoteFilesResp.NodeDeployFiles {
+		remoteFileMap[nodeFile.Os+"_"+nodeFile.Arch] = nodeFile
+	}
+
+	// 对比版本
+	for key, deployFile := range localFileMap {
+		remoteDeployFile, ok := remoteFileMap[key]
+		if !ok || stringutil.VersionCompare(remoteDeployFile.Version, deployFile.Version) < 0 {
+			err = this.uploadNodeDeployFile(ctx, rpcClient, deployFile.Path)
+			if err != nil {
+				return errors.New("upload deploy file '" + filepath.Base(deployFile.Path) + "' failed: " + err.Error())
+			}
+		}
+	}
+
+	return nil
+}
+
+// 升级NS节点
+func (this *Upgrader) upgradeNSNodes(ctx context.Context, rpcClient *rpc.RPCClient) error {
+	// 本地的
+	var manager = NewDeployManager()
+	var localFileMap = map[string]*DeployFile{} // os_arch => *DeployFile
+	for _, deployFile := range manager.LoadNSNodeFiles() {
+		localFileMap[deployFile.OS+"_"+deployFile.Arch] = deployFile
+	}
+
+	remoteFilesResp, err := rpcClient.APINodeRPC().FindLatestDeployFiles(ctx, &pb.FindLatestDeployFilesRequest{})
+	if err != nil {
+		return err
+	}
+
+	var remoteFileMap = map[string]*pb.FindLatestDeployFilesResponse_DeployFile{} // os_arch => *DeployFile
+	for _, nodeFile := range remoteFilesResp.NsNodeDeployFiles {
+		remoteFileMap[nodeFile.Os+"_"+nodeFile.Arch] = nodeFile
+	}
+
+	// 对比版本
+	for key, deployFile := range localFileMap {
+		remoteDeployFile, ok := remoteFileMap[key]
+		if !ok || stringutil.VersionCompare(remoteDeployFile.Version, deployFile.Version) < 0 {
+			err = this.uploadNodeDeployFile(ctx, rpcClient, deployFile.Path)
+			if err != nil {
+				return errors.New("upload deploy file '" + filepath.Base(deployFile.Path) + "' failed: " + err.Error())
+			}
+		}
+	}
+
+	return nil
+}
+
+// 上传节点文件
+func (this *Upgrader) uploadNodeDeployFile(ctx context.Context, rpcClient *rpc.RPCClient, path string) error {
+	fp, err := os.Open(path)
+	if err != nil {
+		return err
+	}
+	defer func() {
+		_ = fp.Close()
+	}()
+
+	var buf = make([]byte, 128*4096)
+	var isFirst = true
+
+	var hash = md5.New()
+
+	for {
+		n, err := fp.Read(buf)
+		if n > 0 {
+			hash.Write(buf[:n])
+
+			_, uploadErr := rpcClient.APINodeRPC().UploadDeployFileToAPINode(ctx, &pb.UploadDeployFileToAPINodeRequest{
+				Filename:     filepath.Base(path),
+				Sum:          "",
+				ChunkData:    buf[:n],
+				IsFirstChunk: isFirst,
+				IsLastChunk:  false,
+			})
+			if uploadErr != nil {
+				return uploadErr
+			}
+			isFirst = false
+		}
+		if err != nil {
+			if err == io.EOF {
+				err = nil
+
+				_, uploadErr := rpcClient.APINodeRPC().UploadDeployFileToAPINode(ctx, &pb.UploadDeployFileToAPINodeRequest{
+					Filename:     filepath.Base(path),
+					Sum:          fmt.Sprintf("%x", hash.Sum(nil)),
+					ChunkData:    nil,
+					IsFirstChunk: false,
+					IsLastChunk:  true,
+				})
+				if uploadErr != nil {
+					return uploadErr
+				}
+
+				break
+			}
+			return err
+		}
+	}
+
+	return nil
 }
--- a/internal/utils/apinodeutils/utils.go
+++ b/internal/utils/apinodeutils/utils.go
@@ -39,7 +39,7 @@ func CanUpgrade(apiVersion string, osName string, arch string) (canUpgrade bool,
 		return false, "is directory"
 	}

-	localVersion, err := localVersion()
+	localVersion, err := lookupLocalVersion()
 	if err != nil {
 		return false, "lookup version failed: " + err.Error()
 	}
@@ -53,9 +53,7 @@ func CanUpgrade(apiVersion string, osName string, arch string) (canUpgrade bool,
 	return true, ""
 }

-
-
-func localVersion() (string, error) {
+func lookupLocalVersion() (string, error) {
 	var cmd = exec.Command(apiExe(), "-V")
 	var output = &bytes.Buffer{}
 	cmd.Stdout = output
@@ -74,7 +72,6 @@ func localVersion() (string, error) {
 	return localVersion, nil
 }

-
 func apiExe() string {
 	return Tea.Root + "/edge-api/bin/edge-api"
-}
+}
--- a/internal/utils/lookup.go
+++ b/internal/utils/lookup.go
@@ -1,26 +1,40 @@
 package utils

 import (
+	teaconst "github.com/TeaOSLab/EdgeAdmin/internal/const"
 	"github.com/TeaOSLab/EdgeCommon/pkg/configutils"
+	"github.com/iwind/TeaGo/logs"
 	"github.com/miekg/dns"
 )

-// LookupCNAME 获取CNAME
-func LookupCNAME(host string) (string, error) {
-	config, err := dns.ClientConfigFromFile("/etc/resolv.conf")
-	if err != nil {
-		return "", err
+var sharedDNSClient *dns.Client
+var sharedDNSConfig *dns.ClientConfig
+
+func init() {
+	if !teaconst.IsMain {
+		return
 	}

-	c := new(dns.Client)
-	m := new(dns.Msg)
+	config, err := dns.ClientConfigFromFile("/etc/resolv.conf")
+	if err != nil {
+		logs.Println("ERROR: configure dns client failed: " + err.Error())
+		return
+	}
+
+	sharedDNSConfig = config
+	sharedDNSClient = &dns.Client{}
+}
+
+// LookupCNAME 获取CNAME
+func LookupCNAME(host string) (string, error) {
+	var m = new(dns.Msg)

 	m.SetQuestion(host+".", dns.TypeCNAME)
 	m.RecursionDesired = true

 	var lastErr error
-	for _, serverAddr := range config.Servers {
-		r, _, err := c.Exchange(m, configutils.QuoteIP(serverAddr)+":"+config.Port)
+	for _, serverAddr := range sharedDNSConfig.Servers {
+		r, _, err := sharedDNSClient.Exchange(m, configutils.QuoteIP(serverAddr)+":"+sharedDNSConfig.Port)
 		if err != nil {
 			lastErr = err
 			continue
--- a/internal/utils/lookup_test.go
+++ b/internal/utils/lookup_test.go
@@ -0,0 +1,12 @@
+// Copyright 2021 Liuxiangchao iwind.liu@gmail.com. All rights reserved.
+
+package utils_test
+
+import (
+	"github.com/TeaOSLab/EdgeAdmin/internal/utils"
+	"testing"
+)
+
+func TestLookupCNAME(t *testing.T) {
+	t.Log(utils.LookupCNAME("www.yun4s.cn"))
+}
--- a/internal/utils/numberutils/utils.go
+++ b/internal/utils/numberutils/utils.go
@@ -75,7 +75,7 @@ func FormatCount(count int64) string {
 	return fmt.Sprintf("%.1fB", float32(count)/1000/1000/1000)
 }

-func FormatFloat(f interface{}, decimal int) string {
+func FormatFloat(f any, decimal int) string {
 	if f == nil {
 		return ""
 	}
@@ -101,10 +101,29 @@ func FormatFloat(f interface{}, decimal int) string {
 	return ""
 }

-func FormatFloat2(f interface{}) string {
+func FormatFloat2(f any) string {
 	return FormatFloat(f, 2)
 }

+// PadFloatZero 为浮点型数字字符串填充足够的0
+func PadFloatZero(s string, countZero int) string {
+	if countZero <= 0 {
+		return s
+	}
+	if len(s) == 0 {
+		s = "0"
+	}
+	var index = strings.Index(s, ".")
+	if index < 0 {
+		return s + "." + strings.Repeat("0", countZero)
+	}
+	var decimalLen = len(s) - 1 - index
+	if decimalLen < countZero {
+		return s + strings.Repeat("0", countZero-decimalLen)
+	}
+	return s
+}
+
 var decimalReg = regexp.MustCompile(`^(\d+\.\d+)([a-zA-Z]+)?$`)

 // TrimZeroSuffix 去除小数数字尾部多余的0
--- a/internal/utils/numberutils/utils_test.go
+++ b/internal/utils/numberutils/utils_test.go
@@ -4,6 +4,7 @@ package numberutils_test

 import (
 	"github.com/TeaOSLab/EdgeAdmin/internal/utils/numberutils"
+	"github.com/iwind/TeaGo/assert"
 	"testing"
 )

@@ -49,6 +50,24 @@ func TestFormatFloat(t *testing.T) {
 	t.Log(numberutils.FormatFloat(-221745.12, 2))
 }

+func TestFormatFloat2(t *testing.T) {
+	t.Log(numberutils.FormatFloat2(0))
+	t.Log(numberutils.FormatFloat2(0.0))
+	t.Log(numberutils.FormatFloat2(1.23456))
+	t.Log(numberutils.FormatFloat2(1.0))
+}
+
+func TestPadFloatZero(t *testing.T) {
+	var a = assert.NewAssertion(t)
+	a.IsTrue(numberutils.PadFloatZero("1", 0) == "1")
+	a.IsTrue(numberutils.PadFloatZero("1", 2) == "1.00")
+	a.IsTrue(numberutils.PadFloatZero("1.1", 2) == "1.10")
+	a.IsTrue(numberutils.PadFloatZero("1.12", 2) == "1.12")
+	a.IsTrue(numberutils.PadFloatZero("1.123", 2) == "1.123")
+	a.IsTrue(numberutils.PadFloatZero("10000.123", 2) == "10000.123")
+	a.IsTrue(numberutils.PadFloatZero("", 2) == "0.00")
+}
+
 func TestTrimZeroSuffix(t *testing.T) {
 	for _, s := range []string{
 		"1",
--- a/internal/utils/service_linux.go
+++ b/internal/utils/service_linux.go
@@ -128,7 +128,7 @@ After=network-online.target
 [Service]
 Type=simple
 Restart=always
-RestartSec=1s
+RestartSec=5s
 ExecStart=` + exePath + ` daemon
 ExecStop=` + exePath + ` stop
 ExecReload=` + exePath + ` reload
--- a/internal/utils/taskutils/concurrent.go
+++ b/internal/utils/taskutils/concurrent.go
@@ -0,0 +1,56 @@
+// Copyright 2023 GoEdge CDN goedge.cdn@gmail.com. All rights reserved. Official site: https://goedge.cn .
+
+package taskutils
+
+import (
+	"errors"
+	"reflect"
+	"sync"
+)
+
+func RunConcurrent(tasks any, concurrent int, f func(task any)) error {
+	if tasks == nil {
+		return nil
+	}
+	var tasksValue = reflect.ValueOf(tasks)
+	if tasksValue.Type().Kind() != reflect.Slice {
+		return errors.New("ony works for slice")
+	}
+
+	var countTasks = tasksValue.Len()
+	if countTasks == 0 {
+		return nil
+	}
+
+	if concurrent <= 0 {
+		concurrent = 8
+	}
+	if concurrent > countTasks {
+		concurrent = countTasks
+	}
+
+	var taskChan = make(chan any, countTasks)
+	for i := 0; i < countTasks; i++ {
+		taskChan <- tasksValue.Index(i).Interface()
+	}
+
+	var wg = &sync.WaitGroup{}
+	wg.Add(concurrent)
+	for i := 0; i < concurrent; i++ {
+		go func() {
+			defer wg.Done()
+
+			for {
+				select {
+				case task := <-taskChan:
+					f(task)
+				default:
+					return
+				}
+			}
+		}()
+	}
+	wg.Wait()
+
+	return nil
+}
--- a/internal/utils/taskutils/concurrent_test.go
+++ b/internal/utils/taskutils/concurrent_test.go
@@ -0,0 +1,17 @@
+// Copyright 2023 GoEdge CDN goedge.cdn@gmail.com. All rights reserved. Official site: https://goedge.cn .
+
+package taskutils_test
+
+import (
+	"github.com/TeaOSLab/EdgeAdmin/internal/utils/taskutils"
+	"testing"
+)
+
+func TestRunConcurrent(t *testing.T) {
+	err := taskutils.RunConcurrent([]string{"a", "b", "c", "d", "e"}, 3, func(task any) {
+		t.Log("run", task)
+	})
+	if err != nil {
+		t.Fatal(err)
+	}
+}
--- a/internal/utils/upgrade_manager_test.go
+++ b/internal/utils/upgrade_manager_test.go
@@ -9,7 +9,7 @@ import (
 )

 func TestNewUpgradeManager(t *testing.T) {
-	var manager = utils.NewUpgradeManager("admin")
+	var manager = utils.NewUpgradeManager("admin", "")

 	var ticker = time.NewTicker(2 * time.Second)
 	go func() {
--- a/internal/web/actions/actionutils/tabbar.go
+++ b/internal/web/actions/actionutils/tabbar.go
@@ -2,37 +2,49 @@ package actionutils

 import (
 	"github.com/iwind/TeaGo/actions"
-	"github.com/iwind/TeaGo/maps"
 )

+type TabItem struct {
+	Name       string `json:"name"`
+	SubName    string `json:"subName"`
+	URL        string `json:"url"`
+	Icon       string `json:"icon"`
+	IsActive   bool   `json:"isActive"`
+	IsRight    bool   `json:"isRight"`
+	IsTitle    bool   `json:"isTitle"`
+	IsDisabled bool   `json:"isDisabled"`
+}
+
 // Tabbar Tabbar定义
 type Tabbar struct {
-	items []maps.Map
+	items []*TabItem
 }

 // NewTabbar 获取新对象
 func NewTabbar() *Tabbar {
 	return &Tabbar{
-		items: []maps.Map{},
+		items: []*TabItem{},
 	}
 }

 // Add 添加菜单项
-func (this *Tabbar) Add(name string, subName string, url string, icon string, active bool) maps.Map {
-	m := maps.Map{
-		"name":    name,
-		"subName": subName,
-		"url":     url,
-		"icon":    icon,
-		"active":  active,
-		"right":   false,
+func (this *Tabbar) Add(name string, subName string, url string, icon string, active bool) *TabItem {
+	var m = &TabItem{
+		Name:       name,
+		SubName:    subName,
+		URL:        url,
+		Icon:       icon,
+		IsActive:   active,
+		IsRight:    false,
+		IsTitle:    false,
+		IsDisabled: false,
 	}
 	this.items = append(this.items, m)
 	return m
 }

 // Items 取得所有的Items
-func (this *Tabbar) Items() []maps.Map {
+func (this *Tabbar) Items() []*TabItem {
 	return this.items
 }

--- a/internal/web/actions/actionutils/utils.go
+++ b/internal/web/actions/actionutils/utils.go
@@ -24,10 +24,19 @@ import (

 // Fail 提示服务器错误信息
 func Fail(action actions.ActionWrapper, err error) {
-	if err != nil {
-		logs.Println("[" + reflect.TypeOf(action).String() + "]" + findStack(err.Error()))
+	if err == nil {
+		err = errors.New("unknown error")
 	}
-	action.Object().Fail(teaconst.ErrServer + "（" + err.Error() + "）")
+
+	logs.Println("[" + reflect.TypeOf(action).String() + "]" + findStack(err.Error()))
+
+	_, _, isLocalAPI, issuesHTML := parseAPIErr(action, err)
+	if isLocalAPI && len(issuesHTML) > 0 {
+		action.Object().Fail(teaconst.ErrServer + "（" + err.Error() + "；最近一次错误提示：" + issuesHTML + "）")
+	} else {
+		action.Object().Fail(teaconst.ErrServer + "（" + err.Error() + "）")
+	}
+
 }

 // FailPage 提示页面错误信息
@@ -38,71 +47,15 @@ func FailPage(action actions.ActionWrapper, err error) {

 	logs.Println("[" + reflect.TypeOf(action).String() + "]" + findStack(err.Error()))

-	// 当前API终端地址
-	var apiEndpoints = []string{}
-	apiConfig, apiConfigErr := configs.LoadAPIConfig()
-	if apiConfigErr == nil && apiConfig != nil {
-		apiEndpoints = append(apiEndpoints, apiConfig.RPC.Endpoints...)
-	}
-
-	var isRPCConnError bool
-	err, isRPCConnError = rpcerrors.HumanError(err, apiEndpoints, Tea.ConfigFile("api.yaml"))
-	var apiNodeIsStarting = false
-	var apiNodeProgress = ""
-	if isRPCConnError {
-		// API节点是否正在启动
-		var sock = gosock.NewTmpSock("edge-api")
-		reply, err := sock.SendTimeout(&gosock.Command{
-			Code:   "starting",
-			Params: nil,
-		}, 1*time.Second)
-		if err == nil && reply != nil {
-			var params = maps.NewMap(reply.Params)
-			if params.GetBool("isStarting") {
-				apiNodeIsStarting = true
-
-				var progressMap = params.GetMap("progress")
-				apiNodeProgress = progressMap.GetString("description")
-			}
-		}
-	}
-
 	action.Object().ResponseWriter.WriteHeader(http.StatusInternalServerError)
 	if len(action.Object().Request.Header.Get("X-Requested-With")) > 0 {
 		action.Object().WriteString(teaconst.ErrServer)
 	} else {
-		// 本地的一些错误提示
-		var isLocalAPI = false
-		if isRPCConnError {
-			host, _, hostErr := net.SplitHostPort(action.Object().Request.Host)
-			if hostErr == nil {
-				for _, endpoint := range apiEndpoints {
-					if strings.HasPrefix(endpoint, "http://"+host) || strings.HasPrefix(endpoint, "https://"+host) || strings.HasPrefix(endpoint, host) {
-						isLocalAPI = true
-						break
-					}
-				}
-			}
-		}
-
-		var issuesHTML = ""
-		if isLocalAPI {
-			// 读取本地API节点的issues
-			issuesData, issuesErr := os.ReadFile(Tea.Root + "/edge-api/logs/issues.log")
-			if issuesErr == nil {
-				var issueMaps = []maps.Map{}
-				issuesErr = json.Unmarshal(issuesData, &issueMaps)
-				if issuesErr == nil && len(issueMaps) > 0 {
-					var issueMap = issueMaps[0]
-					issuesHTML = "本地API节点启动错误：" + issueMap.GetString("message") + "，处理建议：" + issueMap.GetString("suggestion")
-				}
-			}
-		}
-
+		apiNodeIsStarting, apiNodeProgress, _, issuesHTML := parseAPIErr(action, err)
 		var html = `<!DOCTYPE html>
 <html>
 	<head>
-		<title>有系统错误需要处理</title>
+		<title>正在处理...</title>
 		<meta charset="UTF-8"/>
 		<style type="text/css">
 		hr { border-top: 1px #ccc solid; }
@@ -116,7 +69,7 @@ func FailPage(action actions.ActionWrapper, err error) {
 			html += "<div class=\"red\">API节点正在启动，请耐心等待完成"

 			if len(apiNodeProgress) > 0 {
-				html += "：" + apiNodeProgress
+				html += "：" + apiNodeProgress + "（刷新当前页面查看最新状态）"
 			}

 			html += "</div>"
@@ -187,3 +140,61 @@ func findStack(err string) string {

 	return err
 }
+
+// 分析API节点的错误信息
+func parseAPIErr(action actions.ActionWrapper, err error) (apiNodeIsStarting bool, apiNodeProgress string, isLocalAPI bool, issuesHTML string) {
+	// 当前API终端地址
+	var apiEndpoints = []string{}
+	apiConfig, apiConfigErr := configs.LoadAPIConfig()
+	if apiConfigErr == nil && apiConfig != nil {
+		apiEndpoints = append(apiEndpoints, apiConfig.RPC.Endpoints...)
+	}
+
+	var isRPCConnError bool
+	err, isRPCConnError = rpcerrors.HumanError(err, apiEndpoints, Tea.ConfigFile("api.yaml"))
+	if isRPCConnError {
+		// API节点是否正在启动
+		var sock = gosock.NewTmpSock("edge-api")
+		reply, err := sock.SendTimeout(&gosock.Command{
+			Code:   "starting",
+			Params: nil,
+		}, 1*time.Second)
+		if err == nil && reply != nil {
+			var params = maps.NewMap(reply.Params)
+			if params.GetBool("isStarting") {
+				apiNodeIsStarting = true
+
+				var progressMap = params.GetMap("progress")
+				apiNodeProgress = progressMap.GetString("description")
+			}
+		}
+	}
+
+	// 本地的一些错误提示
+	if isRPCConnError {
+		host, _, hostErr := net.SplitHostPort(action.Object().Request.Host)
+		if hostErr == nil {
+			for _, endpoint := range apiEndpoints {
+				if strings.HasPrefix(endpoint, "http://"+host) || strings.HasPrefix(endpoint, "https://"+host) || strings.HasPrefix(endpoint, host) {
+					isLocalAPI = true
+					break
+				}
+			}
+		}
+	}
+
+	if isLocalAPI {
+		// 读取本地API节点的issues
+		issuesData, issuesErr := os.ReadFile(Tea.Root + "/edge-api/logs/issues.log")
+		if issuesErr == nil {
+			var issueMaps = []maps.Map{}
+			issuesErr = json.Unmarshal(issuesData, &issueMaps)
+			if issuesErr == nil && len(issueMaps) > 0 {
+				var issueMap = issueMaps[0]
+				issuesHTML = "本地API节点启动错误：" + issueMap.GetString("message") + "，处理建议：" + issueMap.GetString("suggestion")
+			}
+		}
+	}
+
+	return
+}
--- a/internal/web/actions/default/admins/admin.go
+++ b/internal/web/actions/default/admins/admin.go
@@ -45,6 +45,7 @@ func (this *AdminAction) RunGet(params struct {
 		"isOn":            admin.IsOn,
 		"isSuper":         admin.IsSuper,
 		"canLogin":        admin.CanLogin,
+		"hasWeakPassword": admin.HasWeakPassword,
 		"countAccessKeys": countAccessKeys,
 	}

--- a/internal/web/actions/default/admins/index.go
+++ b/internal/web/actions/default/admins/index.go
@@ -15,34 +15,46 @@ func (this *IndexAction) Init() {
 	this.Nav("", "", "")
 }

-func (this *IndexAction) RunGet(params struct{}) {
-	countResp, err := this.RPC().AdminRPC().CountAllEnabledAdmins(this.AdminContext(), &pb.CountAllEnabledAdminsRequest{})
-	if err != nil {
-		this.ErrorPage(err)
-		return
-	}
-	page := this.NewPage(countResp.Count)
-	this.Data["page"] = page.AsHTML()
+func (this *IndexAction) RunGet(params struct {
+	Keyword         string
+	HasWeakPassword bool
+}) {
+	this.Data["keyword"] = params.Keyword
+	this.Data["hasWeakPassword"] = params.HasWeakPassword

-	adminsResp, err := this.RPC().AdminRPC().ListEnabledAdmins(this.AdminContext(), &pb.ListEnabledAdminsRequest{
-		Offset: page.Offset,
-		Size:   page.Size,
+	countResp, err := this.RPC().AdminRPC().CountAllEnabledAdmins(this.AdminContext(), &pb.CountAllEnabledAdminsRequest{
+		Keyword:         params.Keyword,
+		HasWeakPassword: params.HasWeakPassword,
 	})
 	if err != nil {
 		this.ErrorPage(err)
 		return
 	}
-	adminMaps := []maps.Map{}
+	var page = this.NewPage(countResp.Count)
+	this.Data["page"] = page.AsHTML()
+
+	adminsResp, err := this.RPC().AdminRPC().ListEnabledAdmins(this.AdminContext(), &pb.ListEnabledAdminsRequest{
+		Keyword:         params.Keyword,
+		HasWeakPassword: params.HasWeakPassword,
+		Offset:          page.Offset,
+		Size:            page.Size,
+	})
+	if err != nil {
+		this.ErrorPage(err)
+		return
+	}
+	var adminMaps = []maps.Map{}
 	for _, admin := range adminsResp.Admins {
 		adminMaps = append(adminMaps, maps.Map{
-			"id":           admin.Id,
-			"isOn":         admin.IsOn,
-			"isSuper":      admin.IsSuper,
-			"username":     admin.Username,
-			"fullname":     admin.Fullname,
-			"createdTime":  timeutil.FormatTime("Y-m-d H:i:s", admin.CreatedAt),
-			"otpLoginIsOn": admin.OtpLogin != nil && admin.OtpLogin.IsOn,
-			"canLogin":     admin.CanLogin,
+			"id":              admin.Id,
+			"isOn":            admin.IsOn,
+			"isSuper":         admin.IsSuper,
+			"username":        admin.Username,
+			"fullname":        admin.Fullname,
+			"createdTime":     timeutil.FormatTime("Y-m-d H:i:s", admin.CreatedAt),
+			"otpLoginIsOn":    admin.OtpLogin != nil && admin.OtpLogin.IsOn,
+			"canLogin":        admin.CanLogin,
+			"hasWeakPassword": admin.HasWeakPassword,
 		})
 	}
 	this.Data["admins"] = adminMaps
--- a/internal/web/actions/default/clusters/cluster/createBatch.go
+++ b/internal/web/actions/default/clusters/cluster/createBatch.go
@@ -39,6 +39,17 @@ func (this *CreateBatchAction) RunGet(params struct {
 	}
 	this.Data["leftMenuItems"] = leftMenuItems

+	// 限额
+	maxNodes, leftNodes, err := this.findNodesQuota()
+	if err != nil {
+		this.ErrorPage(err)
+		return
+	}
+	this.Data["quota"] = maps.Map{
+		"maxNodes":  maxNodes,
+		"leftNodes": leftNodes,
+	}
+
 	this.Show()
 }

--- a/internal/web/actions/default/clusters/cluster/createBatch_ext.go
+++ b/internal/web/actions/default/clusters/cluster/createBatch_ext.go
@@ -0,0 +1,8 @@
+// Copyright 2023 GoEdge CDN goedge.cdn@gmail.com. All rights reserved. Official site: https://goedge.cn .
+//go:build !plus
+
+package cluster
+
+func (this *CreateBatchAction) findNodesQuota() (maxNodes int32, leftNodes int32, err error) {
+	return
+}
--- a/internal/web/actions/default/clusters/cluster/createNode.go
+++ b/internal/web/actions/default/clusters/cluster/createNode.go
@@ -30,6 +30,11 @@ func (this *CreateNodeAction) Init() {
 func (this *CreateNodeAction) RunGet(params struct {
 	ClusterId int64
 }) {
+	if params.ClusterId <= 0 {
+		this.RedirectURL("/clusters")
+		return
+	}
+
 	var leftMenuItems = []maps.Map{
 		{
 			"name":     "单个创建",
@@ -92,6 +97,17 @@ func (this *CreateNodeAction) RunGet(params struct {
 	// 安装文件下载
 	this.Data["installerFiles"] = clusterutils.ListInstallerFiles()

+	// 限额
+	maxNodes, leftNodes, err := this.findNodesQuota()
+	if err != nil {
+		this.ErrorPage(err)
+		return
+	}
+	this.Data["quota"] = maps.Map{
+		"maxNodes":  maxNodes,
+		"leftNodes": leftNodes,
+	}
+
 	this.Show()
 }

--- a/internal/web/actions/default/clusters/cluster/createNode_ext.go
+++ b/internal/web/actions/default/clusters/cluster/createNode_ext.go
@@ -0,0 +1,8 @@
+// Copyright 2023 GoEdge CDN goedge.cdn@gmail.com. All rights reserved. Official site: https://goedge.cn .
+//go:build !plus
+
+package cluster
+
+func (this *CreateNodeAction) findNodesQuota() (maxNodes int32, leftNodes int32, err error) {
+	return
+}
--- a/internal/web/actions/default/clusters/cluster/init.go
+++ b/internal/web/actions/default/clusters/cluster/init.go
@@ -20,6 +20,7 @@ func init() {
 			Helper(helpers.NewUserMustAuth(configloaders.AdminModuleCodeNode)).
 			Helper(clusters.NewClusterHelper()).
 			Data("teaMenu", "clusters").
+			Data("teaSubMenu", "cluster").
 			Prefix("/clusters/cluster").
 			Get("", new(IndexAction)).
 			Get("/nodes", new(NodesAction)).
--- a/internal/web/actions/default/clusters/cluster/node/detail.go
+++ b/internal/web/actions/default/clusters/cluster/node/detail.go
@@ -187,6 +187,8 @@ func (this *DetailAction) RunGet(params struct {
 					"route":       route.Name,
 					"value":       addr.Ip,
 					"clusterName": cluster.Name,
+					"isBackup":    dnsInfo.IsBackupForCluster || dnsInfo.IsBackupForGroup,
+					"isOffline":   dnsInfo.IsOffline,
 				})
 			}
 		}
@@ -343,25 +345,29 @@ func (this *DetailAction) RunGet(params struct {
 	}

 	this.Data["node"] = maps.Map{
-		"id":                node.Id,
-		"name":              node.Name,
-		"ipAddresses":       ipAddressMaps,
-		"cluster":           clusterMap,
-		"secondaryClusters": secondaryClustersMaps,
-		"login":             loginMap,
-		"installDir":        node.InstallDir,
-		"isInstalled":       node.IsInstalled,
-		"uniqueId":          node.UniqueId,
-		"secret":            node.Secret,
-		"maxCPU":            node.MaxCPU,
-		"isOn":              node.IsOn,
-		"records":           recordMaps,
-		"routes":            routeMaps,
-		"level":             node.Level,
-		"levelInfo":         nodeconfigs.FindNodeLevel(int(node.Level)),
-		"lnAddrs":           lnAddrs,
-		"enableIPLists":     node.EnableIPLists,
-		"apiNodeAddrs":      apiNodeAddrStrings,
+		"id":                 node.Id,
+		"name":               node.Name,
+		"ipAddresses":        ipAddressMaps,
+		"cluster":            clusterMap,
+		"secondaryClusters":  secondaryClustersMaps,
+		"login":              loginMap,
+		"installDir":         node.InstallDir,
+		"isInstalled":        node.IsInstalled,
+		"uniqueId":           node.UniqueId,
+		"secret":             node.Secret,
+		"maxCPU":             node.MaxCPU,
+		"isOn":               node.IsOn,
+		"records":            recordMaps,
+		"routes":             routeMaps,
+		"level":              node.Level,
+		"levelInfo":          nodeconfigs.FindNodeLevel(int(node.Level)),
+		"lnAddrs":            lnAddrs,
+		"enableIPLists":      node.EnableIPLists,
+		"apiNodeAddrs":       apiNodeAddrStrings,
+		"offlineDay":         node.OfflineDay,
+		"isOffline":          len(node.OfflineDay) > 0 && node.OfflineDay < timeutil.Format("Ymd"),
+		"isBackupForCluster": node.IsBackupForCluster,
+		"isBackupForGroup":   node.IsBackupForGroup,

 		"status": maps.Map{
 			"isActive":             status.IsActive,
--- a/internal/web/actions/default/clusters/cluster/nodes.go
+++ b/internal/web/actions/default/clusters/cluster/nodes.go
@@ -32,11 +32,12 @@ func (this *NodesAction) RunGet(params struct {
 	Keyword        string
 	Level          int32

-	CpuOrder        string
-	MemoryOrder     string
-	TrafficInOrder  string
-	TrafficOutOrder string
-	LoadOrder       string
+	CpuOrder         string
+	MemoryOrder      string
+	TrafficInOrder   string
+	TrafficOutOrder  string
+	LoadOrder        string
+	ConnectionsOrder string
 }) {
 	this.Data["groupId"] = params.GroupId
 	this.Data["regionId"] = params.RegionId
@@ -44,7 +45,7 @@ func (this *NodesAction) RunGet(params struct {
 	this.Data["activeState"] = params.ActiveState
 	this.Data["keyword"] = params.Keyword
 	this.Data["level"] = params.Level
-	this.Data["hasOrder"] = len(params.CpuOrder) > 0 || len(params.MemoryOrder) > 0 || len(params.TrafficInOrder) > 0 || len(params.TrafficOutOrder) > 0 || len(params.LoadOrder) > 0
+	this.Data["hasOrder"] = len(params.CpuOrder) > 0 || len(params.MemoryOrder) > 0 || len(params.TrafficInOrder) > 0 || len(params.TrafficOutOrder) > 0 || len(params.LoadOrder) > 0 || len(params.ConnectionsOrder) > 0

 	// 集群是否已经设置了线路
 	clusterDNSResp, err := this.RPC().NodeClusterRPC().FindEnabledNodeClusterDNS(this.AdminContext(), &pb.FindEnabledNodeClusterDNSRequest{NodeClusterId: params.ClusterId})
@@ -112,6 +113,10 @@ func (this *NodesAction) RunGet(params struct {
 		req.LoadAsc = true
 	} else if params.LoadOrder == "desc" {
 		req.LoadDesc = true
+	} else if params.ConnectionsOrder == "asc" {
+		req.ConnectionsAsc = true
+	} else if params.ConnectionsOrder == "desc" {
+		req.ConnectionsDesc = true
 	}
 	nodesResp, err := this.RPC().NodeRPC().ListEnabledNodesMatch(this.AdminContext(), req)
 	if err != nil {
@@ -121,8 +126,8 @@ func (this *NodesAction) RunGet(params struct {
 	var nodeMaps = []maps.Map{}
 	for _, node := range nodesResp.Nodes {
 		// 状态
-		isSynced := false
-		status := &nodeconfigs.NodeStatus{}
+		var isSynced = false
+		var status = &nodeconfigs.NodeStatus{}
 		if len(node.StatusJSON) > 0 {
 			err = json.Unmarshal(node.StatusJSON, &status)
 			if err != nil {
@@ -204,6 +209,8 @@ func (this *NodesAction) RunGet(params struct {
 			"isInstalled": node.IsInstalled,
 			"isOn":        node.IsOn,
 			"isUp":        node.IsUp,
+			"isBackup":    node.IsBackupForCluster || node.IsBackupForGroup,
+			"offlineDay":  node.OfflineDay,
 			"installStatus": maps.Map{
 				"isRunning":  node.InstallStatus.IsRunning,
 				"isFinished": node.InstallStatus.IsFinished,
@@ -211,16 +218,17 @@ func (this *NodesAction) RunGet(params struct {
 				"error":      node.InstallStatus.Error,
 			},
 			"status": maps.Map{
-				"isActive":        status.IsActive,
-				"updatedAt":       status.UpdatedAt,
-				"hostname":        status.Hostname,
-				"cpuUsage":        status.CPUUsage,
-				"cpuUsageText":    fmt.Sprintf("%.2f%%", status.CPUUsage*100),
-				"memUsage":        status.MemoryUsage,
-				"memUsageText":    fmt.Sprintf("%.2f%%", status.MemoryUsage*100),
-				"trafficInBytes":  status.TrafficInBytes,
-				"trafficOutBytes": status.TrafficOutBytes,
-				"load1m":          numberutils.FormatFloat2(status.Load1m),
+				"isActive":         status.IsActive,
+				"updatedAt":        status.UpdatedAt,
+				"hostname":         status.Hostname,
+				"cpuUsage":         status.CPUUsage,
+				"cpuUsageText":     fmt.Sprintf("%.2f%%", status.CPUUsage*100),
+				"memUsage":         status.MemoryUsage,
+				"memUsageText":     fmt.Sprintf("%.2f%%", status.MemoryUsage*100),
+				"trafficInBytes":   status.TrafficInBytes,
+				"trafficOutBytes":  status.TrafficOutBytes,
+				"load1m":           numberutils.PadFloatZero(numberutils.FormatFloat2(status.Load1m), 2),
+				"countConnections": status.ConnectionCount,
 			},
 			"cluster": maps.Map{
 				"id":   node.NodeCluster.Id,
--- a/internal/web/actions/default/clusters/cluster/settings/global-server-config/index.go
+++ b/internal/web/actions/default/clusters/cluster/settings/global-server-config/index.go
@@ -64,6 +64,7 @@ p { color: grey; }
 </body>
 </html>`
 	}
+
 	this.Data["httpAllDomainMismatchActionContentHTML"] = httpAllDomainMismatchActionContentHTML

 	this.Show()
@@ -77,6 +78,12 @@ func (this *IndexAction) RunPost(params struct {
 	HttpAllAllowMismatchDomainsJSON        []byte
 	HttpAllAllowNodeIP                     bool
 	HttpAllDefaultDomain                   string
+	HttpAllNodeIPPageHTML                  string
+	HttpAllNodeIPShowPage                  bool
+	HttpAllForceLnRequest                  bool
+
+	HttpAllSupportsLowVersionHTTP  bool
+	HttpAllMatchCertFromAllServers bool

 	HttpAccessLogEnableRequestHeaders     bool
 	HttpAccessLogEnableResponseHeaders    bool
@@ -133,6 +140,13 @@ func (this *IndexAction) RunPost(params struct {
 	config.HTTPAll.AllowMismatchDomains = allowMismatchDomains
 	config.HTTPAll.AllowNodeIP = params.HttpAllAllowNodeIP
 	config.HTTPAll.DefaultDomain = params.HttpAllDefaultDomain
+	config.HTTPAll.NodeIPShowPage = params.HttpAllNodeIPShowPage
+	config.HTTPAll.NodeIPPageHTML = params.HttpAllNodeIPPageHTML
+
+	// HTTP All
+	config.HTTPAll.SupportsLowVersionHTTP = params.HttpAllSupportsLowVersionHTTP
+	config.HTTPAll.MatchCertFromAllServers = params.HttpAllMatchCertFromAllServers
+	config.HTTPAll.ForceLnRequest = params.HttpAllForceLnRequest

 	// 访问日志
 	config.HTTPAccessLog.EnableRequestHeaders = params.HttpAccessLogEnableRequestHeaders
--- a/internal/web/actions/default/clusters/cluster/settings/health/runPopup.go
+++ b/internal/web/actions/default/clusters/cluster/settings/health/runPopup.go
@@ -15,7 +15,17 @@ func (this *RunPopupAction) Init() {
 	this.Nav("", "", "")
 }

-func (this *RunPopupAction) RunGet(params struct{}) {
+func (this *RunPopupAction) RunGet(params struct {
+	ClusterId int64
+}) {
+	// 检查是否已部署服务
+	countServersResp, err := this.RPC().ServerRPC().CountAllEnabledServersWithNodeClusterId(this.AdminContext(), &pb.CountAllEnabledServersWithNodeClusterIdRequest{NodeClusterId: params.ClusterId})
+	if err != nil {
+		this.ErrorPage(err)
+		return
+	}
+	this.Data["hasServers"] = countServersResp.Count > 0
+
 	this.Show()
 }

--- a/internal/web/actions/default/clusters/cluster/settings/init.go
+++ b/internal/web/actions/default/clusters/cluster/settings/init.go
@@ -24,6 +24,7 @@ func init() {
 			Helper(helpers.NewUserMustAuth(configloaders.AdminModuleCodeNode)).
 			Helper(clusters.NewClusterHelper()).
 			Prefix("/clusters/cluster/settings").
+			Data("teaSubMenu", "cluster").
 			GetPost("", new(IndexAction)).

 			// 健康检查
--- a/internal/web/actions/default/clusters/clusterutils/cluster_helper.go
+++ b/internal/web/actions/default/clusters/clusterutils/cluster_helper.go
@@ -29,9 +29,9 @@ func (this *ClusterHelper) BeforeAction(actionPtr actions.ActionWrapper) (goNext

 	action.Data["teaMenu"] = "clusters"

-	selectedTabbar := action.Data.GetString("mainTab")
-	clusterId := action.ParamInt64("clusterId")
-	clusterIdString := strconv.FormatInt(clusterId, 10)
+	var selectedTabbar = action.Data.GetString("mainTab")
+	var clusterId = action.ParamInt64("clusterId")
+	var clusterIdString = strconv.FormatInt(clusterId, 10)
 	action.Data["clusterId"] = clusterId

 	if clusterId > 0 {
@@ -57,14 +57,45 @@ func (this *ClusterHelper) BeforeAction(actionPtr actions.ActionWrapper) (goNext
 			return
 		}

+		var nodeId = action.ParamInt64("nodeId")
+		var isInCluster = nodeId <= 0
+
 		var tabbar = actionutils.NewTabbar()
-		tabbar.Add("集群列表", "", "/clusters", "", false)
-		if teaconst.IsPlus {
-			tabbar.Add("集群看板", "", "/clusters/cluster/boards?clusterId="+clusterIdString, "chart line area", selectedTabbar == "board")
+		{
+			var url = "/clusters"
+			if !isInCluster {
+				url = "/clusters/cluster/nodes?clusterId=" + clusterIdString
+			}
+			tabbar.Add("", "", url, "arrow left", false)
+		}
+		{
+			var url = "/clusters/cluster?clusterId=" + clusterIdString
+			if !isInCluster {
+				url = "/clusters/cluster/nodes?clusterId=" + clusterIdString
+			}
+
+			var item = tabbar.Add(cluster.Name, "", url, "angle right", true)
+			item.IsTitle = true
+		}
+		if teaconst.IsPlus {
+			{
+				var item = tabbar.Add("集群看板", "", "/clusters/cluster/boards?clusterId="+clusterIdString, "chart line area", selectedTabbar == "board")
+				item.IsDisabled = !isInCluster
+			}
+		}
+		{
+			var item = tabbar.Add("节点列表", "", "/clusters/cluster/nodes?clusterId="+clusterIdString, "server", selectedTabbar == "node")
+			item.IsDisabled = !isInCluster
+		}
+
+		{
+			var item = tabbar.Add("集群设置", "", "/clusters/cluster/settings?clusterId="+clusterIdString, "setting", selectedTabbar == "setting")
+			item.IsDisabled = !isInCluster
+		}
+		{
+			var item = tabbar.Add("删除集群", "", "/clusters/cluster/delete?clusterId="+clusterIdString, "trash", selectedTabbar == "delete")
+			item.IsDisabled = !isInCluster
 		}
-		tabbar.Add("集群节点", "", "/clusters/cluster/nodes?clusterId="+clusterIdString, "server", selectedTabbar == "node")
-		tabbar.Add("集群设置", "", "/clusters/cluster/settings?clusterId="+clusterIdString, "setting", selectedTabbar == "setting")
-		tabbar.Add("删除集群", "", "/clusters/cluster/delete?clusterId="+clusterIdString, "trash", selectedTabbar == "delete")
 		actionutils.SetTabbar(action, tabbar)

 		// 左侧菜单
@@ -97,14 +128,39 @@ func (this *ClusterHelper) createSettingMenu(cluster *pb.NodeCluster, info *pb.F
 		"isActive": selectedItem == "basic",
 		"isOn":     true,
 	})
+
 	items = append(items, maps.Map{
-		"name":     "缓存设置",
+		"name":     "DNS设置",
+		"url":      "/clusters/cluster/settings/dns?clusterId=" + clusterId,
+		"isActive": selectedItem == "dns",
+		"isOn":     cluster.DnsDomainId > 0 || len(cluster.DnsName) > 0,
+	})
+	items = append(items, maps.Map{
+		"name":     "健康检查",
+		"url":      "/clusters/cluster/settings/health?clusterId=" + clusterId,
+		"isActive": selectedItem == "health",
+		"isOn":     info != nil && info.HealthCheckIsOn,
+	})
+
+	items = append(items, maps.Map{
+		"name": "-",
+	})
+
+	items = append(items, maps.Map{
+		"name":     "网站设置",
+		"url":      "/clusters/cluster/settings/global-server-config?clusterId=" + clusterId,
+		"isActive": selectedItem == "globalServerConfig",
+		"isOn":     true,
+	})
+
+	items = append(items, maps.Map{
+		"name":     "缓存策略",
 		"url":      "/clusters/cluster/settings/cache?clusterId=" + clusterId,
 		"isActive": selectedItem == "cache",
 		"isOn":     cluster.HttpCachePolicyId > 0,
 	})
 	items = append(items, maps.Map{
-		"name":     "WAF设置",
+		"name":     "WAF策略",
 		"url":      "/clusters/cluster/settings/waf?clusterId=" + clusterId,
 		"isActive": selectedItem == "waf",
 		"isOn":     cluster.HttpFirewallPolicyId > 0,
@@ -132,20 +188,6 @@ func (this *ClusterHelper) createSettingMenu(cluster *pb.NodeCluster, info *pb.F
 		"isActive": false,
 	})

-	items = append(items, maps.Map{
-		"name":     "DNS设置",
-		"url":      "/clusters/cluster/settings/dns?clusterId=" + clusterId,
-		"isActive": selectedItem == "dns",
-		"isOn":     cluster.DnsDomainId > 0 || len(cluster.DnsName) > 0,
-	})
-
-	items = append(items, maps.Map{
-		"name":     "健康检查",
-		"url":      "/clusters/cluster/settings/health?clusterId=" + clusterId,
-		"isActive": selectedItem == "health",
-		"isOn":     info != nil && info.HealthCheckIsOn,
-	})
-
 	items = append(items, maps.Map{
 		"name":     "DDoS防护",
 		"url":      "/clusters/cluster/settings/ddos-protection?clusterId=" + clusterId,
@@ -153,12 +195,6 @@ func (this *ClusterHelper) createSettingMenu(cluster *pb.NodeCluster, info *pb.F
 		"isOn":     info != nil && info.HasDDoSProtection,
 	})

-	items = append(items, maps.Map{
-		"name":     "服务设置",
-		"url":      "/clusters/cluster/settings/global-server-config?clusterId=" + clusterId,
-		"isActive": selectedItem == "globalServerConfig",
-	})
-
 	items = append(items, maps.Map{
 		"name": "-",
 	})
--- a/internal/web/actions/default/clusters/createNode.go
+++ b/internal/web/actions/default/clusters/createNode.go
@@ -0,0 +1,52 @@
+// Copyright 2023 GoEdge CDN goedge.cdn@gmail.com. All rights reserved. Official site: https://goedge.cn .
+
+package clusters
+
+import (
+	"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
+	"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
+	"github.com/iwind/TeaGo/types"
+)
+
+type CreateNodeAction struct {
+	actionutils.ParentAction
+}
+
+func (this *CreateNodeAction) Init() {
+	this.Nav("", "cluster", "createNode")
+}
+
+func (this *CreateNodeAction) RunGet(params struct{}) {
+	// 集群总数
+	totalClustersResp, err := this.RPC().NodeClusterRPC().CountAllEnabledNodeClusters(this.AdminContext(), &pb.CountAllEnabledNodeClustersRequest{})
+	if err != nil {
+		this.ErrorPage(err)
+		return
+	}
+	this.Data["totalNodeClusters"] = totalClustersResp.Count
+
+	// 节点总数
+	totalNodesResp, err := this.RPC().NodeRPC().CountAllEnabledNodes(this.AdminContext(), &pb.CountAllEnabledNodesRequest{})
+	if err != nil {
+		this.ErrorPage(err)
+		return
+	}
+	this.Data["totalNodes"] = totalNodesResp.Count
+
+	// 如果只有一个默认集群，那么直接跳转到集群
+	clustersResp, err := this.RPC().NodeClusterRPC().ListEnabledNodeClusters(this.AdminContext(), &pb.ListEnabledNodeClustersRequest{
+		Offset:  0,
+		Size:    2,
+		Keyword: "",
+	})
+	if err != nil {
+		this.ErrorPage(err)
+		return
+	}
+	if len(clustersResp.NodeClusters) == 1 {
+		this.RedirectURL("/clusters/cluster/createNode?clusterId=" + types.String(clustersResp.NodeClusters[0].Id))
+		return
+	}
+
+	this.Show()
+}
--- a/internal/web/actions/default/clusters/grants/create.go
+++ b/internal/web/actions/default/clusters/grants/create.go
@@ -6,6 +6,7 @@ import (
 	"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/default/clusters/grants/grantutils"
 	"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
 	"github.com/iwind/TeaGo/actions"
+	"golang.org/x/crypto/ssh"
 )

 type CreateAction struct {
@@ -50,6 +51,18 @@ func (this *CreateAction) RunPost(params struct {
 		if len(params.PrivateKey) == 0 {
 			this.FailField("privateKey", "请输入RSA私钥")
 		}
+
+		// 验证私钥
+		var err error
+		if len(params.Passphrase) > 0 {
+			_, err = ssh.ParsePrivateKeyWithPassphrase([]byte(params.PrivateKey), []byte(params.Passphrase))
+		} else {
+			_, err = ssh.ParsePrivateKey([]byte(params.PrivateKey))
+		}
+		if err != nil {
+			this.Fail("私钥验证失败，请检查格式：" + err.Error())
+			return
+		}
 	default:
 		this.Fail("请选择正确的认证方式")
 	}
--- a/internal/web/actions/default/clusters/grants/createPopup.go
+++ b/internal/web/actions/default/clusters/grants/createPopup.go
@@ -7,6 +7,7 @@ import (
 	"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
 	"github.com/iwind/TeaGo/actions"
 	"github.com/iwind/TeaGo/maps"
+	"golang.org/x/crypto/ssh"
 )

 type CreatePopupAction struct {
@@ -51,6 +52,18 @@ func (this *CreatePopupAction) RunPost(params struct {
 		if len(params.PrivateKey) == 0 {
 			this.FailField("privateKey", "请输入RSA私钥")
 		}
+
+		// 验证私钥
+		var err error
+		if len(params.Passphrase) > 0 {
+			_, err = ssh.ParsePrivateKeyWithPassphrase([]byte(params.PrivateKey), []byte(params.Passphrase))
+		} else {
+			_, err = ssh.ParsePrivateKey([]byte(params.PrivateKey))
+		}
+		if err != nil {
+			this.Fail("私钥验证失败，请检查格式：" + err.Error())
+			return
+		}
 	default:
 		this.Fail("请选择正确的认证方式")
 	}
--- a/internal/web/actions/default/clusters/grants/update.go
+++ b/internal/web/actions/default/clusters/grants/update.go
@@ -7,6 +7,7 @@ import (
 	"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
 	"github.com/iwind/TeaGo/actions"
 	"github.com/iwind/TeaGo/maps"
+	"golang.org/x/crypto/ssh"
 )

 type UpdateAction struct {
@@ -83,6 +84,18 @@ func (this *UpdateAction) RunPost(params struct {
 		if len(params.PrivateKey) == 0 {
 			this.FailField("privateKey", "请输入RSA私钥")
 		}
+
+		// 验证私钥
+		var err error
+		if len(params.Passphrase) > 0 {
+			_, err = ssh.ParsePrivateKeyWithPassphrase([]byte(params.PrivateKey), []byte(params.Passphrase))
+		} else {
+			_, err = ssh.ParsePrivateKey([]byte(params.PrivateKey))
+		}
+		if err != nil {
+			this.Fail("私钥验证失败，请检查格式：" + err.Error())
+			return
+		}
 	default:
 		this.Fail("请选择正确的认证方式")
 	}
--- a/internal/web/actions/default/clusters/grants/updatePopup.go
+++ b/internal/web/actions/default/clusters/grants/updatePopup.go
@@ -7,6 +7,7 @@ import (
 	"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
 	"github.com/iwind/TeaGo/actions"
 	"github.com/iwind/TeaGo/maps"
+	"golang.org/x/crypto/ssh"
 )

 type UpdatePopupAction struct {
@@ -83,6 +84,18 @@ func (this *UpdatePopupAction) RunPost(params struct {
 		if len(params.PrivateKey) == 0 {
 			this.FailField("privateKey", "请输入RSA私钥")
 		}
+
+		// 验证私钥
+		var err error
+		if len(params.Passphrase) > 0 {
+			_, err = ssh.ParsePrivateKeyWithPassphrase([]byte(params.PrivateKey), []byte(params.Passphrase))
+		} else {
+			_, err = ssh.ParsePrivateKey([]byte(params.PrivateKey))
+		}
+		if err != nil {
+			this.Fail("私钥验证失败，请检查格式：" + err.Error())
+			return
+		}
 	default:
 		this.Fail("请选择正确的认证方式")
 	}
--- a/internal/web/actions/default/clusters/init.go
+++ b/internal/web/actions/default/clusters/init.go
@@ -13,9 +13,11 @@ func init() {
 			Helper(helpers.NewUserMustAuth(configloaders.AdminModuleCodeNode)).
 			Helper(clusterutils.NewClustersHelper()).
 			Data("teaMenu", "clusters").
+			Data("teaSubMenu", "cluster").
 			Prefix("/clusters").
 			Get("", new(IndexAction)).
 			GetPost("/create", new(CreateAction)).
+			GetPost("/createNode", new(CreateNodeAction)).
 			Post("/pin", new(PinAction)).
 			Get("/nodes", new(NodesAction)).

--- a/internal/web/actions/default/clusters/nodes.go
+++ b/internal/web/actions/default/clusters/nodes.go
@@ -33,11 +33,12 @@ func (this *NodesAction) RunGet(params struct {
 	Keyword        string
 	Level          int32

-	CpuOrder        string
-	MemoryOrder     string
-	TrafficInOrder  string
-	TrafficOutOrder string
-	LoadOrder       string
+	CpuOrder         string
+	MemoryOrder      string
+	TrafficInOrder   string
+	TrafficOutOrder  string
+	LoadOrder        string
+	ConnectionsOrder string
 }) {
 	this.Data["groupId"] = params.GroupId
 	this.Data["regionId"] = params.RegionId
@@ -46,7 +47,7 @@ func (this *NodesAction) RunGet(params struct {
 	this.Data["keyword"] = params.Keyword
 	this.Data["level"] = params.Level
 	this.Data["clusterId"] = params.ClusterId
-	this.Data["hasOrder"] = len(params.CpuOrder) > 0 || len(params.MemoryOrder) > 0 || len(params.TrafficInOrder) > 0 || len(params.TrafficOutOrder) > 0 || len(params.LoadOrder) > 0
+	this.Data["hasOrder"] = len(params.CpuOrder) > 0 || len(params.MemoryOrder) > 0 || len(params.TrafficInOrder) > 0 || len(params.TrafficOutOrder) > 0 || len(params.LoadOrder) > 0 || len(params.ConnectionsOrder) > 0

 	// 集群是否已经设置了线路
 	clusterDNSResp, err := this.RPC().NodeClusterRPC().FindEnabledNodeClusterDNS(this.AdminContext(), &pb.FindEnabledNodeClusterDNSRequest{NodeClusterId: params.ClusterId})
@@ -114,6 +115,10 @@ func (this *NodesAction) RunGet(params struct {
 		req.LoadAsc = true
 	} else if params.LoadOrder == "desc" {
 		req.LoadDesc = true
+	} else if params.ConnectionsOrder == "asc" {
+		req.ConnectionsAsc = true
+	} else if params.ConnectionsOrder == "desc" {
+		req.ConnectionsDesc = true
 	}
 	nodesResp, err := this.RPC().NodeRPC().ListEnabledNodesMatch(this.AdminContext(), req)
 	if err != nil {
@@ -123,8 +128,8 @@ func (this *NodesAction) RunGet(params struct {
 	var nodeMaps = []maps.Map{}
 	for _, node := range nodesResp.Nodes {
 		// 状态
-		isSynced := false
-		status := &nodeconfigs.NodeStatus{}
+		var isSynced = false
+		var status = &nodeconfigs.NodeStatus{}
 		if len(node.StatusJSON) > 0 {
 			err = json.Unmarshal(node.StatusJSON, &status)
 			if err != nil {
@@ -206,6 +211,8 @@ func (this *NodesAction) RunGet(params struct {
 			"isInstalled": node.IsInstalled,
 			"isOn":        node.IsOn,
 			"isUp":        node.IsUp,
+			"isBackup":    node.IsBackupForCluster || node.IsBackupForGroup,
+			"offlineDay":  node.OfflineDay,
 			"installStatus": maps.Map{
 				"isRunning":  node.InstallStatus.IsRunning,
 				"isFinished": node.InstallStatus.IsFinished,
@@ -213,16 +220,17 @@ func (this *NodesAction) RunGet(params struct {
 				"error":      node.InstallStatus.Error,
 			},
 			"status": maps.Map{
-				"isActive":        status.IsActive,
-				"updatedAt":       status.UpdatedAt,
-				"hostname":        status.Hostname,
-				"cpuUsage":        status.CPUUsage,
-				"cpuUsageText":    numberutils.FormatFloat2(status.CPUUsage * 100),
-				"memUsage":        status.MemoryUsage,
-				"memUsageText":    numberutils.FormatFloat2(status.MemoryUsage * 100),
-				"trafficInBytes":  status.TrafficInBytes,
-				"trafficOutBytes": status.TrafficOutBytes,
-				"load1m":          numberutils.FormatFloat2(status.Load1m),
+				"isActive":         status.IsActive,
+				"updatedAt":        status.UpdatedAt,
+				"hostname":         status.Hostname,
+				"cpuUsage":         status.CPUUsage,
+				"cpuUsageText":     numberutils.FormatFloat2(status.CPUUsage*100) + "%",
+				"memUsage":         status.MemoryUsage,
+				"memUsageText":     numberutils.FormatFloat2(status.MemoryUsage*100) + "%",
+				"trafficInBytes":   status.TrafficInBytes,
+				"trafficOutBytes":  status.TrafficOutBytes,
+				"load1m":           numberutils.PadFloatZero(numberutils.FormatFloat2(status.Load1m), 2),
+				"countConnections": status.ConnectionCount,
 			},
 			"cluster": maps.Map{
 				"id":   node.NodeCluster.Id,
--- a/internal/web/actions/default/clusters/tasks/check.go
+++ b/internal/web/actions/default/clusters/tasks/check.go
@@ -15,6 +15,9 @@ func (this *CheckAction) RunPost(params struct {
 	HasError  bool
 	IsUpdated bool
 }) {
+	var isStream = this.Request.ProtoMajor >= 2
+	this.Data["isStream"] = isStream
+
 	var maxTries = 10
 	for i := 0; i < maxTries; i++ {
 		resp, err := this.RPC().NodeTaskRPC().ExistsNodeTasks(this.AdminContext(), &pb.ExistsNodeTasksRequest{
@@ -26,7 +29,7 @@ func (this *CheckAction) RunPost(params struct {
 		}

 		// 如果没有数据变化，继续查询
-		if i < maxTries-1 && params.IsUpdated && resp.ExistTasks == params.IsDoing && resp.ExistError == params.HasError {
+		if i < maxTries-1 && params.IsUpdated && resp.ExistTasks == params.IsDoing && resp.ExistError == params.HasError && isStream {
 			time.Sleep(3 * time.Second)
 			continue
 		}
--- a/internal/web/actions/default/dashboard/index.go
+++ b/internal/web/actions/default/dashboard/index.go
@@ -30,7 +30,7 @@ func (this *IndexAction) RunGet(params struct{}) {
 	helpers.NotifyIPItemsCountChanges()
 	helpers.NotifyNodeLogsCountChange()

-	if teaconst.IsPlus {
+	if this.checkPlus() {
 		this.RedirectURL("/dashboard/boards")
 		return
 	}
@@ -276,5 +276,13 @@ func (this *IndexAction) RunPost(params struct{}) {
 		}
 	}

+	// 弱密码提示
+	countWeakAdminsResp, err := this.RPC().AdminRPC().CountAllEnabledAdmins(this.AdminContext(), &pb.CountAllEnabledAdminsRequest{HasWeakPassword: true})
+	if err != nil {
+		this.ErrorPage(err)
+		return
+	}
+	this.Data["countWeakAdmins"] = countWeakAdminsResp.Count
+
 	this.Success()
 }
--- a/internal/web/actions/default/dashboard/index_ext.go
+++ b/internal/web/actions/default/dashboard/index_ext.go
@@ -0,0 +1,8 @@
+// Copyright 2023 Liuxiangchao iwind.liu@gmail.com. All rights reserved. Official site: https://goedge.cn .
+//go:build !plus
+
+package dashboard
+
+func (this *IndexAction) checkPlus() bool {
+	return false
+}
--- a/internal/web/actions/default/db/node.go
+++ b/internal/web/actions/default/db/node.go
@@ -6,6 +6,7 @@ import (
 	"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
 	"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/default/db/dbnodeutils"
 	"github.com/iwind/TeaGo/maps"
+	"strings"
 )

 type NodeAction struct {
@@ -33,7 +34,7 @@ func (this *NodeAction) RunGet(params struct {
 		"host":        node.Host,
 		"port":        node.Port,
 		"username":    node.Username,
-		"password":    node.Password,
+		"password":    strings.Repeat("*", len(node.Password)),
 		"description": node.Description,
 	}

--- a/internal/web/actions/default/dns/clusters/cluster.go
+++ b/internal/web/actions/default/dns/clusters/cluster.go
@@ -25,7 +25,7 @@ func (this *ClusterAction) RunGet(params struct {
 		this.ErrorPage(err)
 		return
 	}
-	cluster := clusterResp.NodeCluster
+	var cluster = clusterResp.NodeCluster
 	if cluster == nil {
 		this.NotFound("nodeCluster", params.ClusterId)
 		return
@@ -42,7 +42,7 @@ func (this *ClusterAction) RunGet(params struct {
 		return
 	}
 	var defaultRoute = dnsResp.DefaultRoute
-	domainName := ""
+	var domainName = ""
 	var dnsMap = maps.Map{
 		"dnsName":          dnsResp.Name,
 		"domainId":         0,
@@ -70,19 +70,42 @@ func (this *ClusterAction) RunGet(params struct {

 	this.Data["dnsInfo"] = dnsMap

-	// 节点DNS解析记录
-	nodesResp, err := this.RPC().NodeRPC().FindAllEnabledNodesDNSWithNodeClusterId(this.AdminContext(), &pb.FindAllEnabledNodesDNSWithNodeClusterIdRequest{NodeClusterId: params.ClusterId})
+	// 未安装的节点
+	notInstalledNodesResp, err := this.RPC().NodeRPC().FindAllEnabledNodesDNSWithNodeClusterId(this.AdminContext(), &pb.FindAllEnabledNodesDNSWithNodeClusterIdRequest{
+		NodeClusterId: params.ClusterId,
+		IsInstalled:   false,
+	})
 	if err != nil {
 		this.ErrorPage(err)
 		return
 	}
-	var nodeMaps = []maps.Map{}
+	var allNodes = notInstalledNodesResp.Nodes
+
+	// 节点DNS解析记录
+	nodesResp, err := this.RPC().NodeRPC().FindAllEnabledNodesDNSWithNodeClusterId(this.AdminContext(), &pb.FindAllEnabledNodesDNSWithNodeClusterIdRequest{
+		NodeClusterId: params.ClusterId,
+		IsInstalled:   true,
+	})
+	if err != nil {
+		this.ErrorPage(err)
+		return
+	}
+	var installedNodeIdsMap = map[int64]bool{}
 	for _, node := range nodesResp.Nodes {
+		installedNodeIdsMap[node.Id] = true
+	}
+
+	allNodes = append(allNodes, nodesResp.Nodes...)
+
+	var nodeMaps = []maps.Map{}
+	for _, node := range allNodes {
+		var isInstalled = installedNodeIdsMap[node.Id]
+
 		if len(node.Routes) > 0 {
 			for _, route := range node.Routes {
 				// 检查是否已解析
 				var isResolved = false
-				if cluster.DnsDomainId > 0 && len(cluster.DnsName) > 0 && len(node.IpAddr) > 0 {
+				if isInstalled && cluster.DnsDomainId > 0 && len(cluster.DnsName) > 0 && len(node.IpAddr) > 0 {
 					var recordType = "A"
 					if utils.IsIPv6(node.IpAddr) {
 						recordType = "AAAA"
@@ -110,14 +133,17 @@ func (this *ClusterAction) RunGet(params struct {
 						"name": route.Name,
 						"code": route.Code,
 					},
-					"clusterId":  node.NodeClusterId,
-					"isResolved": isResolved,
+					"clusterId":   node.NodeClusterId,
+					"isResolved":  isResolved,
+					"isInstalled": isInstalled,
+					"isBackup":    node.IsBackupForCluster || node.IsBackupForGroup,
+					"isOffline":   node.IsOffline,
 				})
 			}
 		} else {
 			// 默认线路
 			var isResolved = false
-			if len(defaultRoute) > 0 {
+			if isInstalled && len(defaultRoute) > 0 {
 				var recordType = "A"
 				if utils.IsIPv6(node.IpAddr) {
 					recordType = "AAAA"
@@ -144,8 +170,11 @@ func (this *ClusterAction) RunGet(params struct {
 					"name": "",
 					"code": "",
 				},
-				"clusterId":  node.NodeClusterId,
-				"isResolved": isResolved,
+				"clusterId":   node.NodeClusterId,
+				"isResolved":  isResolved,
+				"isInstalled": isInstalled,
+				"isBackup":    node.IsBackupForCluster || node.IsBackupForGroup,
+				"isOffline":   node.IsOffline,
 			})
 		}
 	}
--- a/internal/web/actions/default/dns/domainOptions.go
+++ b/internal/web/actions/default/dns/domainOptions.go
@@ -4,6 +4,7 @@ import (
 	"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
 	"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
 	"github.com/iwind/TeaGo/maps"
+	"sort"
 )

 // DomainOptionsAction 域名列表选项
@@ -21,10 +22,18 @@ func (this *DomainOptionsAction) RunPost(params struct {
 		this.ErrorPage(err)
 		return
 	}
-	domainMaps := []maps.Map{}
+
+	// 排序
+	if len(domainsResp.DnsDomains) > 0 {
+		sort.Slice(domainsResp.DnsDomains, func(i, j int) bool {
+			return domainsResp.DnsDomains[i].Name < domainsResp.DnsDomains[j].Name
+		})
+	}
+
+	var domainMaps = []maps.Map{}
 	for _, domain := range domainsResp.DnsDomains {
 		// 未开启或者已删除的先跳过
-		if !domain.IsOn || domain.IsDeleted {
+		if !domain.IsOn || domain.IsDeleted || !domain.IsUp {
 			continue
 		}

--- a/internal/web/actions/default/dns/domains/nodesPopup.go
+++ b/internal/web/actions/default/dns/domains/nodesPopup.go
@@ -18,6 +18,8 @@ func (this *NodesPopupAction) Init() {
 func (this *NodesPopupAction) RunGet(params struct {
 	DomainId int64
 }) {
+	this.Data["domainId"] = params.DomainId
+
 	// 域名信息
 	domainResp, err := this.RPC().DNSDomainRPC().FindBasicDNSDomain(this.AdminContext(), &pb.FindBasicDNSDomainRequest{
 		DnsDomainId: params.DomainId,
@@ -26,7 +28,7 @@ func (this *NodesPopupAction) RunGet(params struct {
 		this.ErrorPage(err)
 		return
 	}
-	domain := domainResp.DnsDomain
+	var domain = domainResp.DnsDomain
 	if domain == nil {
 		this.NotFound("dnsDomain", params.DomainId)
 		return
@@ -35,7 +37,7 @@ func (this *NodesPopupAction) RunGet(params struct {
 	this.Data["domain"] = domain.Name

 	// 集群
-	clusterMaps := []maps.Map{}
+	var clusterMaps = []maps.Map{}
 	clustersResp, err := this.RPC().NodeClusterRPC().FindAllEnabledNodeClustersWithDNSDomainId(this.AdminContext(), &pb.FindAllEnabledNodeClustersWithDNSDomainIdRequest{DnsDomainId: params.DomainId})
 	if err != nil {
 		this.ErrorPage(err)
@@ -43,18 +45,24 @@ func (this *NodesPopupAction) RunGet(params struct {
 	}

 	for _, cluster := range clustersResp.NodeClusters {
+		// 默认值
+		var defaultRoute = cluster.DnsDefaultRoute
+
 		// 节点DNS解析记录
-		nodesResp, err := this.RPC().NodeRPC().FindAllEnabledNodesDNSWithNodeClusterId(this.AdminContext(), &pb.FindAllEnabledNodesDNSWithNodeClusterIdRequest{NodeClusterId: cluster.Id})
+		nodesResp, err := this.RPC().NodeRPC().FindAllEnabledNodesDNSWithNodeClusterId(this.AdminContext(), &pb.FindAllEnabledNodesDNSWithNodeClusterIdRequest{
+			NodeClusterId: cluster.Id,
+			IsInstalled:   true,
+		})
 		if err != nil {
 			this.ErrorPage(err)
 			return
 		}
-		nodeMaps := []maps.Map{}
+		var nodeMaps = []maps.Map{}
 		for _, node := range nodesResp.Nodes {
 			if len(node.Routes) > 0 {
 				for _, route := range node.Routes {
 					// 检查是否有域名解析记录
-					isOk := false
+					var isResolved = false
 					if len(route.Name) > 0 && len(node.IpAddr) > 0 && len(cluster.DnsName) > 0 {
 						var recordType = "A"
 						if utils.IsIPv6(node.IpAddr) {
@@ -71,7 +79,7 @@ func (this *NodesPopupAction) RunGet(params struct {
 							this.ErrorPage(err)
 							return
 						}
-						isOk = checkResp.IsOk
+						isResolved = checkResp.IsOk
 					}

 					nodeMaps = append(nodeMaps, maps.Map{
@@ -83,10 +91,30 @@ func (this *NodesPopupAction) RunGet(params struct {
 							"code": route.Code,
 						},
 						"clusterId": node.NodeClusterId,
-						"isOk":      isOk,
+						"isOk":      isResolved,
 					})
 				}
 			} else {
+				// 默认线路
+				var isResolved = false
+				if len(defaultRoute) > 0 {
+					var recordType = "A"
+					if utils.IsIPv6(node.IpAddr) {
+						recordType = "AAAA"
+					}
+					checkResp, err := this.RPC().DNSDomainRPC().ExistDNSDomainRecord(this.AdminContext(), &pb.ExistDNSDomainRecordRequest{
+						DnsDomainId: cluster.DnsDomainId,
+						Name:        cluster.DnsName,
+						Type:        recordType,
+						Route:       defaultRoute,
+						Value:       node.IpAddr,
+					})
+					if err != nil {
+						this.ErrorPage(err)
+						return
+					}
+					isResolved = checkResp.IsOk
+				}
 				nodeMaps = append(nodeMaps, maps.Map{
 					"id":     node.Id,
 					"name":   node.Name,
@@ -96,7 +124,7 @@ func (this *NodesPopupAction) RunGet(params struct {
 						"code": "",
 					},
 					"clusterId": node.NodeClusterId,
-					"isOk":      false,
+					"isOk":      isResolved,
 				})
 			}
 		}
--- a/internal/web/actions/default/dns/domains/serversPopup.go
+++ b/internal/web/actions/default/dns/domains/serversPopup.go
@@ -17,6 +17,8 @@ func (this *ServersPopupAction) Init() {
 func (this *ServersPopupAction) RunGet(params struct {
 	DomainId int64
 }) {
+	this.Data["domainId"] = params.DomainId
+
 	// 域名信息
 	domainResp, err := this.RPC().DNSDomainRPC().FindBasicDNSDomain(this.AdminContext(), &pb.FindBasicDNSDomainRequest{
 		DnsDomainId: params.DomainId,
@@ -25,7 +27,7 @@ func (this *ServersPopupAction) RunGet(params struct {
 		this.ErrorPage(err)
 		return
 	}
-	domain := domainResp.DnsDomain
+	var domain = domainResp.DnsDomain
 	if domain == nil {
 		this.NotFound("dnsDomain", params.DomainId)
 		return
@@ -34,7 +36,7 @@ func (this *ServersPopupAction) RunGet(params struct {
 	this.Data["domain"] = domain.Name

 	// 服务信息
-	clusterMaps := []maps.Map{}
+	var clusterMaps = []maps.Map{}
 	clustersResp, err := this.RPC().NodeClusterRPC().FindAllEnabledNodeClustersWithDNSDomainId(this.AdminContext(), &pb.FindAllEnabledNodeClustersWithDNSDomainIdRequest{DnsDomainId: params.DomainId})
 	if err != nil {
 		this.ErrorPage(err)
@@ -46,9 +48,9 @@ func (this *ServersPopupAction) RunGet(params struct {
 			this.ErrorPage(err)
 			return
 		}
-		serverMaps := []maps.Map{}
+		var serverMaps = []maps.Map{}
 		for _, server := range serversResp.Servers {
-			isOk := false
+			var isOk = false
 			if len(cluster.DnsName) > 0 && len(server.DnsName) > 0 {
 				checkResp, err := this.RPC().DNSDomainRPC().ExistDNSDomainRecord(this.AdminContext(), &pb.ExistDNSDomainRecordRequest{
 					DnsDomainId: params.DomainId,
--- a/internal/web/actions/default/dns/init.go
+++ b/internal/web/actions/default/dns/init.go
@@ -16,6 +16,7 @@ func init() {
 			Helper(helpers.NewUserMustAuth(configloaders.AdminModuleCodeDNS)).
 			Helper(new(Helper)).
 			Prefix("/dns").
+			Data("teaSubMenu", "cluster").
 			Get("", new(IndexAction)).
 			GetPost("/updateClusterPopup", new(UpdateClusterPopupAction)).
 			Post("/providerOptions", new(ProviderOptionsAction)).
--- a/internal/web/actions/default/dns/tasks/check.go
+++ b/internal/web/actions/default/dns/tasks/check.go
@@ -15,6 +15,9 @@ func (this *CheckAction) RunPost(params struct {
 	HasError  bool
 	IsUpdated bool
 }) {
+	var isStream = this.Request.ProtoMajor >= 2
+	this.Data["isStream"] = isStream
+
 	var maxTries = 10
 	for i := 0; i < maxTries; i++ {
 		resp, err := this.RPC().DNSTaskRPC().ExistsDNSTasks(this.AdminContext(), &pb.ExistsDNSTasksRequest{})
@@ -24,7 +27,7 @@ func (this *CheckAction) RunPost(params struct {
 		}

 		// 如果没有数据变化，继续查询
-		if i < maxTries-1 && params.IsUpdated && resp.ExistTasks == params.IsDoing && resp.ExistError == params.HasError {
+		if i < maxTries-1 && params.IsUpdated && resp.ExistTasks == params.IsDoing && resp.ExistError == params.HasError && isStream {
 			time.Sleep(3 * time.Second)
 			continue
 		}
--- a/internal/web/actions/default/index/index.go
+++ b/internal/web/actions/default/index/index.go
@@ -9,15 +9,23 @@ import (
 	"github.com/TeaOSLab/EdgeAdmin/internal/setup"
 	"github.com/TeaOSLab/EdgeAdmin/internal/utils"
 	"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
+	"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/default/index/loginutils"
+	adminserverutils "github.com/TeaOSLab/EdgeAdmin/internal/web/actions/default/settings/server/admin-server-utils"
 	"github.com/TeaOSLab/EdgeAdmin/internal/web/helpers"
+	"github.com/TeaOSLab/EdgeCommon/pkg/configutils"
+	"github.com/TeaOSLab/EdgeCommon/pkg/iplibrary"
 	"github.com/TeaOSLab/EdgeCommon/pkg/rpc/dao"
 	"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
 	"github.com/iwind/TeaGo/actions"
+	"github.com/iwind/TeaGo/lists"
 	"github.com/iwind/TeaGo/types"
 	stringutil "github.com/iwind/TeaGo/utils/string"
+	"net"
 	"time"
 )

+const regionDenyMessage = "当前软件系统暂时不为你所在的区域提供服务。"
+
 type IndexAction struct {
 	actionutils.ParentAction
 }
@@ -32,6 +40,33 @@ func (this *IndexAction) RunGet(params struct {

 	Auth *helpers.UserShouldAuth
 }) {
+	if !this.checkRegion() {
+		this.WriteString(regionDenyMessage)
+		return
+	}
+
+	// 是否自动从HTTP跳转到HTTPS
+	if this.Request.TLS == nil {
+		httpsPort, _ := adminserverutils.ReadServerHTTPS()
+		if httpsPort > 0 {
+			currentHost, _, err := net.SplitHostPort(this.Request.Host)
+			if err != nil {
+				currentHost = this.Request.Host
+			}
+
+			var newHost = configutils.QuoteIP(currentHost)
+			if httpsPort != 443 /** default https port **/ {
+				newHost += ":" + types.String(httpsPort)
+			}
+
+			// 如果没有前端反向代理，则跳转
+			if len(this.Request.Header.Get("X-Forwarded-For")) == 0 && len(this.Request.Header.Get("X-Real-Ip")) == 0 {
+				this.RedirectURL("https://" + newHost + this.Request.RequestURI)
+				return
+			}
+		}
+	}
+
 	// DEMO模式
 	this.Data["isDemo"] = teaconst.IsDemoMode

@@ -81,6 +116,9 @@ func (this *IndexAction) RunGet(params struct {
 		this.Data["rememberLogin"] = securityConfig.AllowRememberLogin
 	}

+	// 删除Cookie
+	loginutils.UnsetCookie(this.Object())
+
 	this.Show()
 }

@@ -96,6 +134,11 @@ func (this *IndexAction) RunPost(params struct {
 	Auth *helpers.UserShouldAuth
 	CSRF *actionutils.CSRF
 }) {
+	if !this.checkRegion() {
+		this.Fail(regionDenyMessage)
+		return
+	}
+
 	params.Must.
 		Field("username", params.Username).
 		Require("请输入用户名").
@@ -187,3 +230,13 @@ func (this *IndexAction) RunPost(params struct {

 	this.Success()
 }
+
+// 检查登录区域
+func (this *IndexAction) checkRegion() bool {
+	var ip = this.RequestRemoteIP()
+	var result = iplibrary.LookupIP(ip)
+	if result != nil && result.IsOk() && result.CountryId() > 0 && lists.ContainsInt64([]int64{9, 10}, result.CountryId()) {
+		return false
+	}
+	return true
+}
--- a/internal/web/actions/default/index/loginutils/utils.go
+++ b/internal/web/actions/default/index/loginutils/utils.go
@@ -0,0 +1,86 @@
+// Copyright 2023 Liuxiangchao iwind.liu@gmail.com. All rights reserved. Official site: https://goedge.cn .
+
+package loginutils
+
+import (
+	teaconst "github.com/TeaOSLab/EdgeAdmin/internal/const"
+	"github.com/TeaOSLab/EdgeCommon/pkg/iplibrary"
+	"github.com/iwind/TeaGo/actions"
+	stringutil "github.com/iwind/TeaGo/utils/string"
+	"net"
+	"net/http"
+)
+
+// CalculateClientFingerprint 计算客户端指纹
+func CalculateClientFingerprint(action *actions.ActionObject) string {
+	return stringutil.Md5(RemoteIP(action) + "@" + action.Request.UserAgent())
+}
+
+// RemoteIP 获取客户端IP
+// TODO 将来增加是否使用代理设置（即从X-Real-IP中获取IP）
+func RemoteIP(action *actions.ActionObject) string {
+	ip, _, _ := net.SplitHostPort(action.Request.RemoteAddr)
+	return ip
+}
+
+// LookupIPRegion 查找登录区域
+func LookupIPRegion(ip string) string {
+	if len(ip) == 0 {
+		return ""
+	}
+
+	var result = iplibrary.LookupIP(ip)
+	if result != nil && result.IsOk() {
+		// 这里不需要网络运营商信息
+		return result.CountryName() + "@" + result.ProvinceName() + "@" + result.CityName() + "@" + result.TownName()
+	}
+
+	return ""
+}
+
+// SetCookie 设置Cookie
+func SetCookie(action *actions.ActionObject, remember bool) {
+	if remember {
+		var cookie = &http.Cookie{
+			Name:     teaconst.CookieSID,
+			Value:    action.Session().Sid,
+			Path:     "/",
+			MaxAge:   14 * 86400,
+			HttpOnly: true,
+		}
+		if action.Request.TLS != nil {
+			cookie.SameSite = http.SameSiteStrictMode
+			cookie.Secure = true
+		}
+		action.AddCookie(cookie)
+	} else {
+		var cookie = &http.Cookie{
+			Name:     teaconst.CookieSID,
+			Value:    action.Session().Sid,
+			Path:     "/",
+			MaxAge:   0,
+			HttpOnly: true,
+		}
+		if action.Request.TLS != nil {
+			cookie.SameSite = http.SameSiteStrictMode
+			cookie.Secure = true
+		}
+		action.AddCookie(cookie)
+	}
+}
+
+// UnsetCookie 重置Cookie
+func UnsetCookie(action *actions.ActionObject) {
+	cookie := &http.Cookie{
+		Name:     teaconst.CookieSID,
+		Value:    action.Session().Sid,
+		Path:     "/",
+		MaxAge:   -1,
+		HttpOnly: true,
+	}
+	if action.Request.TLS != nil {
+		cookie.SameSite = http.SameSiteStrictMode
+		cookie.Secure = true
+	}
+	action.AddCookie(cookie)
+}
--- a/internal/web/actions/default/log/exportExcel.go
+++ b/internal/web/actions/default/log/exportExcel.go
@@ -23,6 +23,7 @@ func (this *ExportExcelAction) RunGet(params struct {
 	DayTo    string
 	Keyword  string
 	UserType string
+	Level    string
 }) {
 	logsResp, err := this.RPC().LogRPC().ListLogs(this.AdminContext(), &pb.ListLogsRequest{
 		Offset:   0,
@@ -31,6 +32,7 @@ func (this *ExportExcelAction) RunGet(params struct {
 		DayTo:    params.DayTo,
 		Keyword:  params.Keyword,
 		UserType: params.UserType,
+		Level:    params.Level,
 	})
 	if err != nil {
 		this.ErrorPage(err)
@@ -56,6 +58,7 @@ func (this *ExportExcelAction) RunGet(params struct {
 		row.AddCell().SetString("区域")
 		row.AddCell().SetString("运营商")
 		row.AddCell().SetString("页面地址")
+		row.AddCell().SetString("级别")
 	}

 	// 数据
@@ -95,6 +98,17 @@ func (this *ExportExcelAction) RunGet(params struct {
 		row.AddCell().SetString(regionName)
 		row.AddCell().SetString(ispName)
 		row.AddCell().SetString(log.Action)
+
+		var levelName = ""
+		switch log.Level {
+		case "info":
+			levelName = "信息"
+		case "warn", "warning":
+			levelName = "警告"
+		case "error":
+			levelName = "错误"
+		}
+		row.AddCell().SetString(levelName)
 	}

 	this.AddHeader("Content-Type", "application/vnd.ms-excel")
--- a/internal/web/actions/default/log/index.go
+++ b/internal/web/actions/default/log/index.go
@@ -21,6 +21,7 @@ func (this *IndexAction) RunGet(params struct {
 	DayTo    string
 	Keyword  string
 	UserType string
+	Level    string
 }) {
 	// 读取配置
 	config, err := configloaders.LoadLogConfig()
@@ -35,18 +36,36 @@ func (this *IndexAction) RunGet(params struct {
 	this.Data["keyword"] = params.Keyword
 	this.Data["userType"] = params.UserType

+	// 级别
+	this.Data["level"] = params.Level
+	this.Data["levelOptions"] = []maps.Map{
+		{
+			"code": "info",
+			"name": "信息",
+		},
+		{
+			"code": "warn",
+			"name": "警告",
+		},
+		{
+			"code": "error",
+			"name": "错误",
+		},
+	}
+
 	countResp, err := this.RPC().LogRPC().CountLogs(this.AdminContext(), &pb.CountLogRequest{
 		DayFrom:  params.DayFrom,
 		DayTo:    params.DayTo,
 		Keyword:  params.Keyword,
 		UserType: params.UserType,
+		Level:    params.Level,
 	})
 	if err != nil {
 		this.ErrorPage(err)
 		return
 	}
-	count := countResp.Count
-	page := this.NewPage(count)
+	var count = countResp.Count
+	var page = this.NewPage(count)
 	this.Data["page"] = page.AsHTML()

 	logsResp, err := this.RPC().LogRPC().ListLogs(this.AdminContext(), &pb.ListLogsRequest{
@@ -56,12 +75,13 @@ func (this *IndexAction) RunGet(params struct {
 		DayTo:    params.DayTo,
 		Keyword:  params.Keyword,
 		UserType: params.UserType,
+		Level:    params.Level,
 	})
 	if err != nil {
 		this.ErrorPage(err)
 		return
 	}
-	logMaps := []maps.Map{}
+	var logMaps = []maps.Map{}
 	for _, log := range logsResp.Logs {
 		regionName := ""
 		regionResp, err := this.RPC().IPLibraryRPC().LookupIPRegion(this.AdminContext(), &pb.LookupIPRegionRequest{Ip: log.Ip})
--- a/internal/web/actions/default/servers/addOriginPopup.go
+++ b/internal/web/actions/default/servers/addOriginPopup.go
@@ -8,6 +8,7 @@ import (
 	"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
 	"github.com/TeaOSLab/EdgeCommon/pkg/serverconfigs"
 	"github.com/iwind/TeaGo/actions"
+	"github.com/iwind/TeaGo/maps"
 	"github.com/iwind/TeaGo/types"
 	"net/url"
 	"regexp"
@@ -27,6 +28,8 @@ func (this *AddOriginPopupAction) RunGet(params struct {
 }) {
 	this.Data["serverType"] = params.ServerType

+	this.getOSSHook()
+
 	this.Show()
 }

@@ -40,50 +43,93 @@ func (this *AddOriginPopupAction) RunPost(params struct {

 	Must *actions.Must
 }) {
-	params.Must.
-		Field("addr", params.Addr).
-		Require("请输入源站地址")
-
-	var addr = params.Addr
-
-	// 是否是完整的地址
-	if (params.Protocol == "http" || params.Protocol == "https") && regexp.MustCompile(`^(http|https)://`).MatchString(addr) {
-		u, err := url.Parse(addr)
-		if err == nil {
-			addr = u.Host
-		}
+	ossConfig, goNext, err := this.postOSSHook(params.Protocol)
+	if err != nil {
+		this.ErrorPage(err)
+		return
+	}
+	if !goNext {
+		return
 	}

-	addr = regexp.MustCompile(`\s+`).ReplaceAllString(addr, "")
-	var portIndex = strings.LastIndex(addr, ":")
-	if portIndex < 0 {
-		if params.Protocol == "http" {
-			addr += ":80"
-		} else if params.Protocol == "https" {
-			addr += ":443"
-		} else {
-			this.Fail("地址中需要带有端口")
-		}
-		portIndex = strings.LastIndex(addr, ":")
+	// 初始化
+	var pbAddr = &pb.NetworkAddress{
+		Protocol: params.Protocol,
 	}
-	var host = addr[:portIndex]
-	var port = addr[portIndex+1:]
+	var addrConfig = &serverconfigs.NetworkAddressConfig{
+		Protocol: serverconfigs.Protocol(params.Protocol),
+	}
+	var ossJSON []byte

-	// 检查端口号
-	if port == "0" {
-		this.Fail("端口号不能为0")
-	}
-	if !configutils.HasVariables(port) {
-		// 必须是整数
-		if !regexp.MustCompile(`^\d+$`).MatchString(port) {
-			this.Fail("端口号只能为整数")
+	if ossConfig != nil { // OSS
+		ossJSON, err = json.Marshal(ossConfig)
+		if err != nil {
+			this.ErrorPage(err)
+			return
 		}
-		var portInt = types.Int(port)
-		if portInt == 0 {
+		err = ossConfig.Init()
+		if err != nil {
+			this.Fail("校验OSS配置时出错：" + err.Error())
+			return
+		}
+	} else { // 普通源站
+		params.Must.
+			Field("addr", params.Addr).
+			Require("请输入源站地址")
+
+		var addr = params.Addr
+
+		// 是否是完整的地址
+		if (params.Protocol == "http" || params.Protocol == "https") && regexp.MustCompile(`^(http|https)://`).MatchString(addr) {
+			u, err := url.Parse(addr)
+			if err == nil {
+				addr = u.Host
+			}
+		}
+
+		addr = regexp.MustCompile(`\s+`).ReplaceAllString(addr, "")
+		var portIndex = strings.LastIndex(addr, ":")
+		if portIndex < 0 {
+			if params.Protocol == "http" {
+				addr += ":80"
+			} else if params.Protocol == "https" {
+				addr += ":443"
+			} else {
+				this.Fail("地址中需要带有端口")
+			}
+			portIndex = strings.LastIndex(addr, ":")
+		}
+		var host = addr[:portIndex]
+		var port = addr[portIndex+1:]
+
+		// 检查端口号
+		if port == "0" {
 			this.Fail("端口号不能为0")
 		}
-		if portInt > 65535 {
-			this.Fail("端口号不能大于65535")
+		if !configutils.HasVariables(port) {
+			// 必须是整数
+			if !regexp.MustCompile(`^\d+$`).MatchString(port) {
+				this.Fail("端口号只能为整数")
+			}
+			var portInt = types.Int(port)
+			if portInt == 0 {
+				this.Fail("端口号不能为0")
+			}
+			if portInt > 65535 {
+				this.Fail("端口号不能大于65535")
+			}
+		}
+
+		pbAddr = &pb.NetworkAddress{
+			Protocol:  params.Protocol,
+			Host:      host,
+			PortRange: port,
+		}
+
+		addrConfig = &serverconfigs.NetworkAddressConfig{
+			Protocol:  serverconfigs.Protocol(params.Protocol),
+			Host:      host,
+			PortRange: port,
 		}
 	}

@@ -103,12 +149,9 @@ func (this *AddOriginPopupAction) RunPost(params struct {
 	}

 	resp, err := this.RPC().OriginRPC().CreateOrigin(this.AdminContext(), &pb.CreateOriginRequest{
-		Name: "",
-		Addr: &pb.NetworkAddress{
-			Protocol:  params.Protocol,
-			Host:      host,
-			PortRange: port,
-		},
+		Name:        "",
+		Addr:        pbAddr,
+		OssJSON:     ossJSON,
 		Description: "",
 		Weight:      10,
 		IsOn:        true,
@@ -124,14 +167,16 @@ func (this *AddOriginPopupAction) RunPost(params struct {
 	var origin = &serverconfigs.OriginConfig{
 		Id:   resp.OriginId,
 		IsOn: true,
-		Addr: &serverconfigs.NetworkAddressConfig{
-			Protocol:  serverconfigs.Protocol(params.Protocol),
-			Host:      host,
-			PortRange: port,
-		},
+		Addr: addrConfig,
+		OSS:  ossConfig,
 	}

-	this.Data["origin"] = origin
+	this.Data["origin"] = maps.Map{
+		"id":          resp.OriginId,
+		"isOn":        true,
+		"addr":        addrConfig,
+		"addrSummary": origin.AddrSummary(),
+	}

 	// 创建日志
 	defer this.CreateLog(oplogs.LevelInfo, "创建源站 %d", resp.OriginId)
--- a/internal/web/actions/default/servers/addOriginPopup_ext.go
+++ b/internal/web/actions/default/servers/addOriginPopup_ext.go
@@ -0,0 +1,20 @@
+// Copyright 2023 GoEdge CDN goedge.cdn@gmail.com. All rights reserved. Official site: https://goedge.cn .
+//go:build !plus
+
+package servers
+
+import (
+	"github.com/TeaOSLab/EdgeCommon/pkg/serverconfigs/ossconfigs"
+	"github.com/iwind/TeaGo/maps"
+)
+
+func (this *AddOriginPopupAction) getOSSHook() {
+	this.Data["ossTypes"] = []maps.Map{}
+	this.Data["ossBucketParams"] = []maps.Map{}
+	this.Data["ossForm"] = ""
+}
+
+func (this *AddOriginPopupAction) postOSSHook(protocol string) (config *ossconfigs.OSSConfig, goNext bool, err error) {
+	goNext = true
+	return
+}
--- a/internal/web/actions/default/servers/certs/acme/create.go
+++ b/internal/web/actions/default/servers/certs/acme/create.go
@@ -18,31 +18,6 @@ func (this *CreateAction) Init() {
 }

 func (this *CreateAction) RunGet(params struct{}) {
-	// 获取所有可用的用户
-	usersResp, err := this.RPC().ACMEUserRPC().FindAllACMEUsers(this.AdminContext(), &pb.FindAllACMEUsersRequest{
-		AdminId: this.AdminId(),
-		UserId:  0,
-	})
-	if err != nil {
-		this.ErrorPage(err)
-		return
-	}
-	userMaps := []maps.Map{}
-	for _, user := range usersResp.AcmeUsers {
-		description := user.Description
-		if len(description) > 0 {
-			description = "（" + description + "）"
-		}
-
-		userMaps = append(userMaps, maps.Map{
-			"id":           user.Id,
-			"description":  description,
-			"email":        user.Email,
-			"providerCode": user.AcmeProviderCode,
-		})
-	}
-	this.Data["users"] = userMaps
-
 	// 证书服务商
 	providersResp, err := this.RPC().ACMEProviderRPC().FindAllACMEProviders(this.AdminContext(), &pb.FindAllACMEProvidersRequest{})
 	if err != nil {
@@ -81,14 +56,15 @@ func (this *CreateAction) RunGet(params struct{}) {
 }

 func (this *CreateAction) RunPost(params struct {
-	TaskId        int64
-	AuthType      string
-	AcmeUserId    int64
-	DnsProviderId int64
-	DnsDomain     string
-	Domains       []string
-	AutoRenew     bool
-	AuthURL       string
+	PlatformUserId int64
+	TaskId         int64
+	AuthType       string
+	AcmeUserId     int64
+	DnsProviderId  int64
+	DnsDomain      string
+	Domains        []string
+	AutoRenew      bool
+	AuthURL        string

 	Must *actions.Must
 }) {
@@ -117,7 +93,7 @@ func (this *CreateAction) RunPost(params struct {
 	if len(params.Domains) == 0 {
 		this.Fail("请输入证书域名列表")
 	}
-	realDomains := []string{}
+	var realDomains = []string{}
 	for _, domain := range params.Domains {
 		domain = strings.ToLower(domain)
 		if params.AuthType == "dns" { // DNS认证
@@ -134,6 +110,7 @@ func (this *CreateAction) RunPost(params struct {

 	if params.TaskId == 0 {
 		createResp, err := this.RPC().ACMETaskRPC().CreateACMETask(this.AdminContext(), &pb.CreateACMETaskRequest{
+			UserId:        params.PlatformUserId,
 			AuthType:      params.AuthType,
 			AcmeUserId:    params.AcmeUserId,
 			DnsProviderId: params.DnsProviderId,
--- a/internal/web/actions/default/servers/certs/acme/index.go
+++ b/internal/web/actions/default/servers/certs/acme/index.go
@@ -17,22 +17,48 @@ func (this *IndexAction) Init() {
 }

 func (this *IndexAction) RunGet(params struct {
+	UserId  int64
 	Type    string
 	Keyword string
 }) {
 	this.Data["type"] = params.Type
 	this.Data["keyword"] = params.Keyword

-	countAll := int64(0)
-	countAvailable := int64(0)
-	countExpired := int64(0)
-	count7Days := int64(0)
-	count30Days := int64(0)
+	// 当前用户
+	this.Data["searchingUserId"] = params.UserId
+	var userMap = maps.Map{
+		"id":       0,
+		"username": "",
+		"fullname": "",
+	}
+	if params.UserId > 0 {
+		userResp, err := this.RPC().UserRPC().FindEnabledUser(this.AdminContext(), &pb.FindEnabledUserRequest{UserId: params.UserId})
+		if err != nil {
+			this.ErrorPage(err)
+			return
+		}
+		var user = userResp.User
+		if user != nil {
+			userMap = maps.Map{
+				"id":       user.Id,
+				"username": user.Username,
+				"fullname": user.Fullname,
+			}
+		}
+	}
+	this.Data["user"] = userMap
+
+	var countAll int64
+	var countAvailable int64
+	var countExpired int64
+	var count7Days int64
+	var count30Days int64

 	// 计算数量
 	{
 		// all
 		resp, err := this.RPC().ACMETaskRPC().CountAllEnabledACMETasks(this.AdminContext(), &pb.CountAllEnabledACMETasksRequest{
+			UserId:  params.UserId,
 			Keyword: params.Keyword,
 		})
 		if err != nil {
@@ -43,6 +69,7 @@ func (this *IndexAction) RunGet(params struct {

 		// available
 		resp, err = this.RPC().ACMETaskRPC().CountAllEnabledACMETasks(this.AdminContext(), &pb.CountAllEnabledACMETasksRequest{
+			UserId:      params.UserId,
 			IsAvailable: true,
 			Keyword:     params.Keyword,
 		})
@@ -54,6 +81,7 @@ func (this *IndexAction) RunGet(params struct {

 		// expired
 		resp, err = this.RPC().ACMETaskRPC().CountAllEnabledACMETasks(this.AdminContext(), &pb.CountAllEnabledACMETasksRequest{
+			UserId:    params.UserId,
 			IsExpired: true,
 			Keyword:   params.Keyword,
 		})
@@ -65,6 +93,7 @@ func (this *IndexAction) RunGet(params struct {

 		// expire in 7 days
 		resp, err = this.RPC().ACMETaskRPC().CountAllEnabledACMETasks(this.AdminContext(), &pb.CountAllEnabledACMETasksRequest{
+			UserId:       params.UserId,
 			ExpiringDays: 7,
 			Keyword:      params.Keyword,
 		})
@@ -76,6 +105,7 @@ func (this *IndexAction) RunGet(params struct {

 		// expire in 30 days
 		resp, err = this.RPC().ACMETaskRPC().CountAllEnabledACMETasks(this.AdminContext(), &pb.CountAllEnabledACMETasksRequest{
+			UserId:       params.UserId,
 			ExpiringDays: 30,
 			Keyword:      params.Keyword,
 		})
@@ -100,25 +130,51 @@ func (this *IndexAction) RunGet(params struct {
 	case "":
 		page = this.NewPage(countAll)
 		tasksResp, err = this.RPC().ACMETaskRPC().ListEnabledACMETasks(this.AdminContext(), &pb.ListEnabledACMETasksRequest{
+			UserId:  params.UserId,
 			Offset:  page.Offset,
 			Size:    page.Size,
 			Keyword: params.Keyword,
 		})
 	case "available":
 		page = this.NewPage(countAvailable)
-		tasksResp, err = this.RPC().ACMETaskRPC().ListEnabledACMETasks(this.AdminContext(), &pb.ListEnabledACMETasksRequest{IsAvailable: true, Offset: page.Offset, Size: page.Size, Keyword: params.Keyword})
+		tasksResp, err = this.RPC().ACMETaskRPC().ListEnabledACMETasks(this.AdminContext(), &pb.ListEnabledACMETasksRequest{
+			UserId:      params.UserId,
+			IsAvailable: true,
+			Offset:      page.Offset,
+			Size:        page.Size,
+			Keyword:     params.Keyword,
+		})
 	case "expired":
 		page = this.NewPage(countExpired)
-		tasksResp, err = this.RPC().ACMETaskRPC().ListEnabledACMETasks(this.AdminContext(), &pb.ListEnabledACMETasksRequest{IsExpired: true, Offset: page.Offset, Size: page.Size, Keyword: params.Keyword})
+		tasksResp, err = this.RPC().ACMETaskRPC().ListEnabledACMETasks(this.AdminContext(), &pb.ListEnabledACMETasksRequest{
+			UserId:    params.UserId,
+			IsExpired: true,
+			Offset:    page.Offset,
+			Size:      page.Size,
+			Keyword:   params.Keyword,
+		})
 	case "7days":
 		page = this.NewPage(count7Days)
-		tasksResp, err = this.RPC().ACMETaskRPC().ListEnabledACMETasks(this.AdminContext(), &pb.ListEnabledACMETasksRequest{ExpiringDays: 7, Offset: page.Offset, Size: page.Size, Keyword: params.Keyword})
+		tasksResp, err = this.RPC().ACMETaskRPC().ListEnabledACMETasks(this.AdminContext(), &pb.ListEnabledACMETasksRequest{
+			UserId:       params.UserId,
+			ExpiringDays: 7,
+			Offset:       page.Offset,
+			Size:         page.Size,
+			Keyword:      params.Keyword,
+		})
 	case "30days":
 		page = this.NewPage(count30Days)
-		tasksResp, err = this.RPC().ACMETaskRPC().ListEnabledACMETasks(this.AdminContext(), &pb.ListEnabledACMETasksRequest{ExpiringDays: 30, Offset: page.Offset, Size: page.Size, Keyword: params.Keyword})
+		tasksResp, err = this.RPC().ACMETaskRPC().ListEnabledACMETasks(this.AdminContext(), &pb.ListEnabledACMETasksRequest{
+			UserId:       params.UserId,
+			ExpiringDays: 30,
+			Offset:       page.Offset,
+			Size:         page.Size,
+			Keyword:      params.Keyword,
+		})
 	default:
 		page = this.NewPage(countAll)
 		tasksResp, err = this.RPC().ACMETaskRPC().ListEnabledACMETasks(this.AdminContext(), &pb.ListEnabledACMETasksRequest{
+			UserId:  params.UserId,
 			Keyword: params.Keyword,
 			Offset:  page.Offset,
 			Size:    page.Size,
@@ -131,7 +187,7 @@ func (this *IndexAction) RunGet(params struct {

 	this.Data["page"] = page.AsHTML()

-	taskMaps := []maps.Map{}
+	var taskMaps = []maps.Map{}
 	for _, task := range tasksResp.AcmeTasks {
 		if task.AcmeUser == nil {
 			continue
--- a/internal/web/actions/default/servers/certs/acme/run.go
+++ b/internal/web/actions/default/servers/certs/acme/run.go
@@ -12,6 +12,8 @@ type RunAction struct {
 func (this *RunAction) RunPost(params struct {
 	TaskId int64
 }) {
+	defer this.CreateLogInfo("执行ACME任务 %d", params.TaskId)
+
 	runResp, err := this.RPC().ACMETaskRPC().RunACMETask(this.AdminContext(), &pb.RunACMETaskRequest{AcmeTaskId: params.TaskId})
 	if err != nil {
 		this.ErrorPage(err)
--- a/internal/web/actions/default/servers/certs/acme/userOptions.go
+++ b/internal/web/actions/default/servers/certs/acme/userOptions.go
@@ -0,0 +1,44 @@
+// Copyright 2023 Liuxiangchao iwind.liu@gmail.com. All rights reserved. Official site: https://goedge.cn .
+
+package acme
+
+import (
+	"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
+	"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
+	"github.com/iwind/TeaGo/maps"
+)
+
+type UserOptionsAction struct {
+	actionutils.ParentAction
+}
+
+func (this *UserOptionsAction) RunPost(params struct {
+	PlatformUserId int64
+}) {
+	// 获取所有可用的用户
+	usersResp, err := this.RPC().ACMEUserRPC().FindAllACMEUsers(this.AdminContext(), &pb.FindAllACMEUsersRequest{
+		AdminId: 0,
+		UserId:  params.PlatformUserId,
+	})
+	if err != nil {
+		this.ErrorPage(err)
+		return
+	}
+	var userMaps = []maps.Map{}
+	for _, user := range usersResp.AcmeUsers {
+		description := user.Description
+		if len(description) > 0 {
+			description = "（" + description + "）"
+		}
+
+		userMaps = append(userMaps, maps.Map{
+			"id":           user.Id,
+			"description":  description,
+			"email":        user.Email,
+			"providerCode": user.AcmeProviderCode,
+		})
+	}
+	this.Data["users"] = userMaps
+
+	this.Success()
+}
--- a/internal/web/actions/default/servers/certs/acme/users/createPopup.go
+++ b/internal/web/actions/default/servers/certs/acme/users/createPopup.go
@@ -16,10 +16,30 @@ func (this *CreatePopupAction) Init() {
 }

 func (this *CreatePopupAction) RunGet(params struct {
-	ProviderCode string
+	PlatformUserId int64
+	ProviderCode   string
 }) {
+	this.Data["platformUserId"] = params.PlatformUserId
 	this.Data["providerCode"] = params.ProviderCode

+	// 平台用户信息
+	this.Data["platformUser"] = nil
+	if params.PlatformUserId > 0 {
+		platformUserResp, err := this.RPC().UserRPC().FindEnabledUser(this.AdminContext(), &pb.FindEnabledUserRequest{UserId: params.PlatformUserId})
+		if err != nil {
+			this.ErrorPage(err)
+			return
+		}
+		var platformUser = platformUserResp.User
+		if platformUser != nil {
+			this.Data["platformUser"] = maps.Map{
+				"id":       platformUser.Id,
+				"username": platformUser.Username,
+				"fullname": platformUser.Fullname,
+			}
+		}
+	}
+
 	// 服务商
 	providersResp, err := this.RPC().ACMEProviderRPC().FindAllACMEProviders(this.AdminContext(), &pb.FindAllACMEProvidersRequest{})
 	if err != nil {
@@ -40,10 +60,11 @@ func (this *CreatePopupAction) RunGet(params struct {
 }

 func (this *CreatePopupAction) RunPost(params struct {
-	Email        string
-	ProviderCode string
-	AccountId    int64
-	Description  string
+	PlatformUserId int64
+	Email          string
+	ProviderCode   string
+	AccountId      int64
+	Description    string

 	Must *actions.Must
 	CSRF *actionutils.CSRF
@@ -85,6 +106,7 @@ func (this *CreatePopupAction) RunPost(params struct {
 	}

 	createResp, err := this.RPC().ACMEUserRPC().CreateACMEUser(this.AdminContext(), &pb.CreateACMEUserRequest{
+		UserId:                params.PlatformUserId,
 		Email:                 params.Email,
 		Description:           params.Description,
 		AcmeProviderCode:      params.ProviderCode,
--- a/internal/web/actions/default/servers/certs/index.go
+++ b/internal/web/actions/default/servers/certs/index.go
@@ -19,12 +19,37 @@ func (this *IndexAction) Init() {
 }

 func (this *IndexAction) RunGet(params struct {
+	UserId  int64
 	Type    string
 	Keyword string
 }) {
 	this.Data["type"] = params.Type
 	this.Data["keyword"] = params.Keyword

+	// 当前用户
+	this.Data["searchingUserId"] = params.UserId
+	var userMap = maps.Map{
+		"id":       0,
+		"username": "",
+		"fullname": "",
+	}
+	if params.UserId > 0 {
+		userResp, err := this.RPC().UserRPC().FindEnabledUser(this.AdminContext(), &pb.FindEnabledUserRequest{UserId: params.UserId})
+		if err != nil {
+			this.ErrorPage(err)
+			return
+		}
+		var user = userResp.User
+		if user != nil {
+			userMap = maps.Map{
+				"id":       user.Id,
+				"username": user.Username,
+				"fullname": user.Fullname,
+			}
+		}
+	}
+	this.Data["user"] = userMap
+
 	var countAll = int64(0)
 	var countCA = int64(0)
 	var countAvailable = int64(0)
@@ -36,6 +61,7 @@ func (this *IndexAction) RunGet(params struct {
 	{
 		// all
 		resp, err := this.RPC().SSLCertRPC().CountSSLCerts(this.AdminContext(), &pb.CountSSLCertRequest{
+			UserId:  params.UserId,
 			Keyword: params.Keyword,
 		})
 		if err != nil {
@@ -46,6 +72,7 @@ func (this *IndexAction) RunGet(params struct {

 		// CA
 		resp, err = this.RPC().SSLCertRPC().CountSSLCerts(this.AdminContext(), &pb.CountSSLCertRequest{
+			UserId:  params.UserId,
 			IsCA:    true,
 			Keyword: params.Keyword,
 		})
@@ -57,6 +84,7 @@ func (this *IndexAction) RunGet(params struct {

 		// available
 		resp, err = this.RPC().SSLCertRPC().CountSSLCerts(this.AdminContext(), &pb.CountSSLCertRequest{
+			UserId:      params.UserId,
 			IsAvailable: true,
 			Keyword:     params.Keyword,
 		})
@@ -68,6 +96,7 @@ func (this *IndexAction) RunGet(params struct {

 		// expired
 		resp, err = this.RPC().SSLCertRPC().CountSSLCerts(this.AdminContext(), &pb.CountSSLCertRequest{
+			UserId:    params.UserId,
 			IsExpired: true,
 			Keyword:   params.Keyword,
 		})
@@ -79,6 +108,7 @@ func (this *IndexAction) RunGet(params struct {

 		// expire in 7 days
 		resp, err = this.RPC().SSLCertRPC().CountSSLCerts(this.AdminContext(), &pb.CountSSLCertRequest{
+			UserId:       params.UserId,
 			ExpiringDays: 7,
 			Keyword:      params.Keyword,
 		})
@@ -90,6 +120,7 @@ func (this *IndexAction) RunGet(params struct {

 		// expire in 30 days
 		resp, err = this.RPC().SSLCertRPC().CountSSLCerts(this.AdminContext(), &pb.CountSSLCertRequest{
+			UserId:       params.UserId,
 			ExpiringDays: 30,
 			Keyword:      params.Keyword,
 		})
@@ -115,28 +146,60 @@ func (this *IndexAction) RunGet(params struct {
 	case "":
 		page = this.NewPage(countAll)
 		listResp, err = this.RPC().SSLCertRPC().ListSSLCerts(this.AdminContext(), &pb.ListSSLCertsRequest{
+			UserId:  params.UserId,
 			Offset:  page.Offset,
 			Size:    page.Size,
 			Keyword: params.Keyword,
 		})
 	case "ca":
 		page = this.NewPage(countCA)
-		listResp, err = this.RPC().SSLCertRPC().ListSSLCerts(this.AdminContext(), &pb.ListSSLCertsRequest{IsCA: true, Offset: page.Offset, Size: page.Size, Keyword: params.Keyword})
+		listResp, err = this.RPC().SSLCertRPC().ListSSLCerts(this.AdminContext(), &pb.ListSSLCertsRequest{
+			UserId:  params.UserId,
+			IsCA:    true,
+			Offset:  page.Offset,
+			Size:    page.Size,
+			Keyword: params.Keyword,
+		})
 	case "available":
 		page = this.NewPage(countAvailable)
-		listResp, err = this.RPC().SSLCertRPC().ListSSLCerts(this.AdminContext(), &pb.ListSSLCertsRequest{IsAvailable: true, Offset: page.Offset, Size: page.Size, Keyword: params.Keyword})
+		listResp, err = this.RPC().SSLCertRPC().ListSSLCerts(this.AdminContext(), &pb.ListSSLCertsRequest{
+			UserId:      params.UserId,
+			IsAvailable: true,
+			Offset:      page.Offset,
+			Size:        page.Size,
+			Keyword:     params.Keyword,
+		})
 	case "expired":
 		page = this.NewPage(countExpired)
-		listResp, err = this.RPC().SSLCertRPC().ListSSLCerts(this.AdminContext(), &pb.ListSSLCertsRequest{IsExpired: true, Offset: page.Offset, Size: page.Size, Keyword: params.Keyword})
+		listResp, err = this.RPC().SSLCertRPC().ListSSLCerts(this.AdminContext(), &pb.ListSSLCertsRequest{
+			UserId:    params.UserId,
+			IsExpired: true,
+			Offset:    page.Offset,
+			Size:      page.Size,
+			Keyword:   params.Keyword,
+		})
 	case "7days":
 		page = this.NewPage(count7Days)
-		listResp, err = this.RPC().SSLCertRPC().ListSSLCerts(this.AdminContext(), &pb.ListSSLCertsRequest{ExpiringDays: 7, Offset: page.Offset, Size: page.Size, Keyword: params.Keyword})
+		listResp, err = this.RPC().SSLCertRPC().ListSSLCerts(this.AdminContext(), &pb.ListSSLCertsRequest{
+			UserId:       params.UserId,
+			ExpiringDays: 7,
+			Offset:       page.Offset,
+			Size:         page.Size,
+			Keyword:      params.Keyword,
+		})
 	case "30days":
 		page = this.NewPage(count30Days)
-		listResp, err = this.RPC().SSLCertRPC().ListSSLCerts(this.AdminContext(), &pb.ListSSLCertsRequest{ExpiringDays: 30, Offset: page.Offset, Size: page.Size, Keyword: params.Keyword})
+		listResp, err = this.RPC().SSLCertRPC().ListSSLCerts(this.AdminContext(), &pb.ListSSLCertsRequest{
+			UserId:       params.UserId,
+			ExpiringDays: 30,
+			Offset:       page.Offset,
+			Size:         page.Size,
+			Keyword:      params.Keyword,
+		})
 	default:
 		page = this.NewPage(countAll)
 		listResp, err = this.RPC().SSLCertRPC().ListSSLCerts(this.AdminContext(), &pb.ListSSLCertsRequest{
+			UserId:  params.UserId,
 			Keyword: params.Keyword,
 			Offset:  page.Offset,
 			Size:    page.Size,
@@ -158,7 +221,9 @@ func (this *IndexAction) RunGet(params struct {
 	var certMaps = []maps.Map{}
 	var nowTime = time.Now().Unix()
 	for _, certConfig := range certConfigs {
-		countServersResp, err := this.RPC().ServerRPC().CountAllEnabledServersWithSSLCertId(this.AdminContext(), &pb.CountAllEnabledServersWithSSLCertIdRequest{SslCertId: certConfig.Id})
+		countServersResp, err := this.RPC().ServerRPC().CountAllEnabledServersWithSSLCertId(this.AdminContext(), &pb.CountAllEnabledServersWithSSLCertIdRequest{
+			SslCertId: certConfig.Id,
+		})
 		if err != nil {
 			this.ErrorPage(err)
 			return
--- a/internal/web/actions/default/servers/certs/init.go
+++ b/internal/web/actions/default/servers/certs/init.go
@@ -21,6 +21,7 @@ func init() {
 			Data("leftMenuItem", "cert").
 			Get("", new(IndexAction)).
 			GetPost("/uploadPopup", new(UploadPopupAction)).
+			GetPost("/uploadBatchPopup", new(UploadBatchPopupAction)).
 			Post("/delete", new(DeleteAction)).
 			GetPost("/updatePopup", new(UpdatePopupAction)).
 			Get("/certPopup", new(CertPopupAction)).
@@ -40,6 +41,7 @@ func init() {
 			Post("/run", new(acme.RunAction)).
 			GetPost("/updateTaskPopup", new(acme.UpdateTaskPopupAction)).
 			Post("/deleteTask", new(acme.DeleteTaskAction)).
+			Post("/userOptions", new(acme.UserOptionsAction)).

 			// ACME用户
 			Prefix("/servers/certs/acme/users").
--- a/internal/web/actions/default/servers/certs/selectPopup.go
+++ b/internal/web/actions/default/servers/certs/selectPopup.go
@@ -2,9 +2,11 @@ package certs

 import (
 	"encoding/json"
+	"errors"
 	"github.com/TeaOSLab/EdgeAdmin/internal/utils/numberutils"
 	"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
 	"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
+	"github.com/TeaOSLab/EdgeCommon/pkg/serverconfigs"
 	"github.com/TeaOSLab/EdgeCommon/pkg/serverconfigs/sslconfigs"
 	"github.com/iwind/TeaGo/lists"
 	"github.com/iwind/TeaGo/maps"
@@ -23,15 +25,86 @@ func (this *SelectPopupAction) Init() {
 }

 func (this *SelectPopupAction) RunGet(params struct {
+	ServerId         int64  // 搜索的服务
+	UserId           int64  // 搜索的用户名
+	SearchingDomains string // 搜索的域名
+	SearchingType    string // 搜索类型：match|all
+
 	ViewSize        string
 	SelectedCertIds string
 	Keyword         string
 }) {
-	// TODO 列出常用和最新的证书供用户选择
+	this.Data["searchingServerId"] = params.ServerId
+
+	// 服务相关
+	if params.ServerId > 0 {
+		serverResp, err := this.RPC().ServerRPC().FindEnabledUserServerBasic(this.AdminContext(), &pb.FindEnabledUserServerBasicRequest{ServerId: params.ServerId})
+		if err != nil {
+			this.ErrorPage(err)
+			return
+		}
+		var server = serverResp.Server
+		if server != nil {
+			if server.UserId > 0 {
+				params.UserId = server.UserId
+			}
+
+			// 读取所有ServerNames
+			serverNamesResp, err := this.RPC().ServerRPC().FindServerNames(this.AdminContext(), &pb.FindServerNamesRequest{ServerId: params.ServerId})
+			if err != nil {
+				this.ErrorPage(err)
+				return
+			}
+			if len(serverNamesResp.ServerNamesJSON) > 0 {
+				var serverNames = []*serverconfigs.ServerNameConfig{}
+				err = json.Unmarshal(serverNamesResp.ServerNamesJSON, &serverNames)
+				if err != nil {
+					this.ErrorPage(err)
+					return
+				}
+				params.SearchingDomains = strings.Join(serverconfigs.PlainServerNames(serverNames), ",")
+			}
+		}
+	}
+
+	// 用户相关
+	this.Data["userId"] = params.UserId // 可变
+	this.Data["searchingUserId"] = params.UserId
+
+	// 域名搜索相关
+	var url = this.Request.URL.Path
+	var query = this.Request.URL.Query()
+	query.Del("searchingType")
+	this.Data["baseURL"] = url + "?" + query.Encode()
+
+	var searchingDomains = []string{}
+	if len(params.SearchingDomains) > 0 {
+		searchingDomains = strings.Split(params.SearchingDomains, ",")
+	}
+	const maxDomains = 2_000 // 限制搜索的域名数量
+	if len(searchingDomains) > maxDomains {
+		searchingDomains = searchingDomains[:maxDomains]
+	}
+	this.Data["allSearchingDomains"] = params.SearchingDomains
+	this.Data["searchingDomains"] = searchingDomains

 	this.Data["keyword"] = params.Keyword
 	this.Data["selectedCertIds"] = params.SelectedCertIds

+	var searchingType = params.SearchingType
+	if len(searchingType) == 0 {
+		if len(params.SearchingDomains) == 0 {
+			searchingType = "all"
+		} else {
+			searchingType = "match"
+		}
+	}
+	if searchingType != "all" && searchingType != "match" {
+		this.ErrorPage(errors.New("invalid searching type '" + searchingType + "'"))
+		return
+	}
+	this.Data["searchingType"] = searchingType
+
 	// 已经选择的证书
 	var selectedCertIds = []string{}
 	if len(params.SelectedCertIds) > 0 {
@@ -43,24 +116,68 @@ func (this *SelectPopupAction) RunGet(params struct {
 	}
 	this.Data["viewSize"] = params.ViewSize

-	countResp, err := this.RPC().SSLCertRPC().CountSSLCerts(this.AdminContext(), &pb.CountSSLCertRequest{
+	// 全部证书数量
+	countAllResp, err := this.RPC().SSLCertRPC().CountSSLCerts(this.AdminContext(), &pb.CountSSLCertRequest{
+		UserId:  params.UserId,
 		Keyword: params.Keyword,
 	})
 	if err != nil {
 		this.ErrorPage(err)
 		return
 	}
+	var totalAll = countAllResp.Count
+	this.Data["totalAll"] = totalAll

-	page := this.NewPage(countResp.Count)
+	// 已匹配证书数量
+	var totalMatch int64 = 0
+	if len(searchingDomains) > 0 {
+		countMatchResp, err := this.RPC().SSLCertRPC().CountSSLCerts(this.AdminContext(), &pb.CountSSLCertRequest{
+			UserId:  params.UserId,
+			Keyword: params.Keyword,
+			Domains: searchingDomains,
+		})
+		if err != nil {
+			this.ErrorPage(err)
+			return
+		}
+		totalMatch = countMatchResp.Count
+	}
+	this.Data["totalMatch"] = totalMatch
+
+	var totalCerts int64
+	if searchingType == "all" {
+		totalCerts = totalAll
+	} else if searchingType == "match" {
+		totalCerts = totalMatch
+	}
+
+	var page = this.NewPage(totalCerts)
 	this.Data["page"] = page.AsHTML()

-	listResp, err := this.RPC().SSLCertRPC().ListSSLCerts(this.AdminContext(), &pb.ListSSLCertsRequest{
-		Keyword: params.Keyword,
-		Offset:  page.Offset,
-		Size:    page.Size,
-	})
+	var listResp *pb.ListSSLCertsResponse
+	if searchingType == "all" {
+		listResp, err = this.RPC().SSLCertRPC().ListSSLCerts(this.AdminContext(), &pb.ListSSLCertsRequest{
+			UserId:  params.UserId,
+			Keyword: params.Keyword,
+			Offset:  page.Offset,
+			Size:    page.Size,
+		})
+	} else if searchingType == "match" {
+		listResp, err = this.RPC().SSLCertRPC().ListSSLCerts(this.AdminContext(), &pb.ListSSLCertsRequest{
+			UserId:  params.UserId,
+			Keyword: params.Keyword,
+			Domains: searchingDomains,
+			Offset:  page.Offset,
+			Size:    page.Size,
+		})
+	}

-	certConfigs := []*sslconfigs.SSLCertConfig{}
+	if listResp == nil {
+		this.ErrorPage(errors.New("'listResp' should not be nil"))
+		return
+	}
+
+	var certConfigs = []*sslconfigs.SSLCertConfig{}
 	err = json.Unmarshal(listResp.SslCertsJSON, &certConfigs)
 	if err != nil {
 		this.ErrorPage(err)
@@ -68,8 +185,8 @@ func (this *SelectPopupAction) RunGet(params struct {
 	}
 	this.Data["certs"] = certConfigs

-	certMaps := []maps.Map{}
-	nowTime := time.Now().Unix()
+	var certMaps = []maps.Map{}
+	var nowTime = time.Now().Unix()
 	for _, certConfig := range certConfigs {
 		countServersResp, err := this.RPC().ServerRPC().CountAllEnabledServersWithSSLCertId(this.AdminContext(), &pb.CountAllEnabledServersWithSSLCertIdRequest{SslCertId: certConfig.Id})
 		if err != nil {
--- a/internal/web/actions/default/servers/certs/updatePopup.go
+++ b/internal/web/actions/default/servers/certs/updatePopup.go
@@ -26,18 +26,20 @@ func (this *UpdatePopupAction) RunGet(params struct {
 		this.ErrorPage(err)
 		return
 	}
-	certConfigJSON := certConfigResp.SslCertJSON
+	var certConfigJSON = certConfigResp.SslCertJSON
 	if len(certConfigJSON) == 0 {
 		this.NotFound("cert", params.CertId)
 		return
 	}

-	certConfig := &sslconfigs.SSLCertConfig{}
+	var certConfig = &sslconfigs.SSLCertConfig{}
 	err = json.Unmarshal(certConfigJSON, certConfig)
 	if err != nil {
 		this.ErrorPage(err)
 		return
 	}
+	certConfig.CertData = nil // cert & key 不需要在界面上显示
+	certConfig.KeyData = nil
 	this.Data["certConfig"] = certConfig

 	this.Show()
@@ -118,7 +120,7 @@ func (this *UpdatePopupAction) RunPost(params struct {

 	// 校验
 	certConfig.IsCA = params.IsCA
-	err = certConfig.Init()
+	err = certConfig.Init(nil)
 	if err != nil {
 		if params.IsCA {
 			this.Fail("证书校验错误：" + err.Error())
--- a/internal/web/actions/default/servers/certs/uploadBatchPopup.go
+++ b/internal/web/actions/default/servers/certs/uploadBatchPopup.go
@@ -0,0 +1,225 @@
+// Copyright 2023 Liuxiangchao iwind.liu@gmail.com. All rights reserved. Official site: https://goedge.cn .
+
+package certs
+
+import (
+	"bytes"
+	"crypto/tls"
+	"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
+	"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
+	"github.com/TeaOSLab/EdgeCommon/pkg/serverconfigs/sslconfigs"
+	"github.com/iwind/TeaGo/actions"
+	"github.com/iwind/TeaGo/types"
+	"io"
+	"mime/multipart"
+	"strings"
+)
+
+// UploadBatchPopupAction 批量上传证书
+type UploadBatchPopupAction struct {
+	actionutils.ParentAction
+}
+
+func (this *UploadBatchPopupAction) Init() {
+	this.Nav("", "", "")
+}
+
+func (this *UploadBatchPopupAction) RunGet(params struct {
+	ServerId int64
+	UserId   int64
+}) {
+	// 读取服务用户
+	if params.ServerId > 0 {
+		serverResp, err := this.RPC().ServerRPC().FindEnabledUserServerBasic(this.AdminContext(), &pb.FindEnabledUserServerBasicRequest{ServerId: params.ServerId})
+		if err != nil {
+			this.ErrorPage(err)
+			return
+		}
+		var server = serverResp.Server
+		if server != nil {
+			params.UserId = server.UserId
+		}
+	}
+
+	this.Data["userId"] = params.UserId
+	this.Data["maxFiles"] = this.maxFiles()
+
+	this.Show()
+}
+
+func (this *UploadBatchPopupAction) RunPost(params struct {
+	UserId int64
+
+	Must *actions.Must
+	CSRF *actionutils.CSRF
+}) {
+	defer this.CreateLogInfo("批量上传证书")
+
+	var files = this.Request.MultipartForm.File["certFiles"]
+	if len(files) == 0 {
+		this.Fail("请选择要上传的证书和私钥文件")
+		return
+	}
+
+	// 限制每次上传的文件数量
+	var maxFiles = this.maxFiles()
+	if len(files) > maxFiles {
+		this.Fail("每次上传最多不能超过" + types.String(maxFiles) + "个文件")
+		return
+	}
+
+	type certInfo struct {
+		filename string
+		data     []byte
+	}
+
+	var certDataList = []*certInfo{}
+	var keyDataList = [][]byte{}
+
+	var failMessages = []string{}
+	for _, file := range files {
+		func(file *multipart.FileHeader) {
+			fp, err := file.Open()
+			if err != nil {
+				failMessages = append(failMessages, "文件"+file.Filename+"读取失败："+err.Error())
+				return
+			}
+
+			defer func() {
+				_ = fp.Close()
+			}()
+
+			data, err := io.ReadAll(fp)
+			if err != nil {
+				failMessages = append(failMessages, "文件"+file.Filename+"读取失败："+err.Error())
+				return
+			}
+
+			if bytes.Contains(data, []byte("CERTIFICATE-")) {
+				certDataList = append(certDataList, &certInfo{
+					filename: file.Filename,
+					data:     data,
+				})
+			} else if bytes.Contains(data, []byte("PRIVATE KEY-")) {
+				keyDataList = append(keyDataList, data)
+			} else {
+				failMessages = append(failMessages, "文件"+file.Filename+"读取失败：文件格式错误，无法识别是证书还是私钥")
+				return
+			}
+		}(file)
+	}
+
+	if len(failMessages) > 0 {
+		this.Fail("发生了错误：" + strings.Join(failMessages, "；"))
+		return
+	}
+
+	// 对比证书和私钥数量是否一致
+	if len(certDataList) != len(keyDataList) {
+		this.Fail("证书文件数量（" + types.String(len(certDataList)) + "）和私钥文件数量（" + types.String(len(keyDataList)) + "）不一致")
+		return
+	}
+
+	// 自动匹配
+	var pairs = [][2][]byte{}        // [] { cert, key }
+	var keyIndexMap = map[int]bool{} // 方便下面跳过已匹配的Key
+	for _, cert := range certDataList {
+		var found = false
+		for keyIndex, keyData := range keyDataList {
+			if keyIndexMap[keyIndex] {
+				continue
+			}
+
+			_, err := tls.X509KeyPair(cert.data, keyData)
+			if err == nil {
+				found = true
+				pairs = append(pairs, [2][]byte{cert.data, keyData})
+				keyIndexMap[keyIndex] = true
+				break
+			}
+		}
+		if !found {
+			this.Fail("找不到" + cert.filename + "对应的私钥")
+			return
+		}
+	}
+
+	// 组织 CertConfig
+	var pbCerts = []*pb.CreateSSLCertsRequestCert{}
+	var certConfigs = []*sslconfigs.SSLCertConfig{}
+	for _, pair := range pairs {
+		certData, keyData := pair[0], pair[1]
+
+		var certConfig = &sslconfigs.SSLCertConfig{
+			IsCA:     false,
+			CertData: certData,
+			KeyData:  keyData,
+		}
+		err := certConfig.Init(nil)
+		if err != nil {
+			this.Fail("证书验证失败：" + err.Error())
+			return
+		}
+
+		certConfigs = append(certConfigs, certConfig)
+
+		var certName = ""
+		if len(certConfig.DNSNames) > 0 {
+			certName = certConfig.DNSNames[0]
+			if len(certConfig.DNSNames) > 1 {
+				certName += "等" + types.String(len(certConfig.DNSNames)) + "个域名"
+			}
+		}
+		certConfig.Name = certName
+
+		pbCerts = append(pbCerts, &pb.CreateSSLCertsRequestCert{
+			IsOn:        true,
+			Name:        certName,
+			Description: "",
+			ServerName:  "",
+			IsCA:        false,
+			CertData:    certData,
+			KeyData:     keyData,
+			TimeBeginAt: certConfig.TimeBeginAt,
+			TimeEndAt:   certConfig.TimeEndAt,
+			DnsNames:    certConfig.DNSNames,
+			CommonNames: certConfig.CommonNames,
+		})
+	}
+
+	createResp, err := this.RPC().SSLCertRPC().CreateSSLCerts(this.AdminContext(), &pb.CreateSSLCertsRequest{
+		UserId:   params.UserId,
+		SSLCerts: pbCerts,
+	})
+	if err != nil {
+		this.ErrorPage(err)
+		return
+	}
+	var certIds = createResp.SslCertIds
+	if len(certIds) != len(certConfigs) {
+		this.Fail("上传成功但API返回的证书ID数量错误，请反馈给开发者")
+		return
+	}
+
+	// 返回数据
+	this.Data["count"] = len(pbCerts)
+
+	var certRefs = []*sslconfigs.SSLCertRef{}
+	for index, cert := range certConfigs {
+		// ID
+		cert.Id = certIds[index]
+
+		// 减少不必要的数据
+		cert.CertData = nil
+		cert.KeyData = nil
+
+		certRefs = append(certRefs, &sslconfigs.SSLCertRef{
+			IsOn:   true,
+			CertId: cert.Id,
+		})
+	}
+	this.Data["certs"] = certConfigs
+	this.Data["certRefs"] = certRefs
+
+	this.Success()
+}
--- a/internal/web/actions/default/servers/certs/uploadBatchPopup_ext.go
+++ b/internal/web/actions/default/servers/certs/uploadBatchPopup_ext.go
@@ -0,0 +1,8 @@
+// Copyright 2023 Liuxiangchao iwind.liu@gmail.com. All rights reserved. Official site: https://goedge.cn .
+//go:build !plus
+
+package certs
+
+func (this *UploadBatchPopupAction) maxFiles() int {
+	return 20
+}
--- a/internal/web/actions/default/servers/certs/uploadPopup.go
+++ b/internal/web/actions/default/servers/certs/uploadPopup.go
@@ -18,11 +18,30 @@ func (this *UploadPopupAction) Init() {
 	this.Nav("", "", "")
 }

-func (this *UploadPopupAction) RunGet(params struct{}) {
+func (this *UploadPopupAction) RunGet(params struct {
+	ServerId int64
+	UserId   int64
+}) {
+	// 读取服务用户
+	if params.ServerId > 0 {
+		serverResp, err := this.RPC().ServerRPC().FindEnabledUserServerBasic(this.AdminContext(), &pb.FindEnabledUserServerBasicRequest{ServerId: params.ServerId})
+		if err != nil {
+			this.ErrorPage(err)
+			return
+		}
+		var server = serverResp.Server
+		if server != nil {
+			params.UserId = server.UserId
+		}
+	}
+	this.Data["userId"] = params.UserId
+
 	this.Show()
 }

 func (this *UploadPopupAction) RunPost(params struct {
+	UserId int64
+
 	TextMode    bool
 	Name        string
 	IsCA        bool
@@ -85,7 +104,7 @@ func (this *UploadPopupAction) RunPost(params struct {
 		CertData: certData,
 		KeyData:  keyData,
 	}
-	err := certConfig.Init()
+	err := certConfig.Init(nil)
 	if err != nil {
 		if params.IsCA {
 			this.Fail("证书校验错误：" + err.Error())
@@ -107,6 +126,7 @@ func (this *UploadPopupAction) RunPost(params struct {
 	// 保存
 	createResp, err := this.RPC().SSLCertRPC().CreateSSLCert(this.AdminContext(), &pb.CreateSSLCertRequest{
 		IsOn:        params.IsOn,
+		UserId:      params.UserId,
 		Name:        params.Name,
 		Description: params.Description,
 		ServerName:  "",
--- a/internal/web/actions/default/servers/components/cache/cacheutils/utils.go
+++ b/internal/web/actions/default/servers/components/cache/cacheutils/utils.go
@@ -45,7 +45,7 @@ func KeyFailReason(reasonCode string) string {
 	case "requireDomain":
 		return "找不到Key对应的域名"
 	case "requireServer":
-		return "找不到Key对应的网站服务"
+		return "找不到Key对应的网站"
 	case "requireUser":
 		return "该域名不属于当前用户"
 	case "requireClusterId":
--- a/internal/web/actions/default/servers/components/index.go
+++ b/internal/web/actions/default/servers/components/index.go
@@ -64,7 +64,7 @@ func (this *IndexAction) RunPost(params struct {
 	DefaultDomain string
 }) {
 	// 创建日志
-	defer this.CreateLog(oplogs.LevelInfo, "保存网站服务全局配置")
+	defer this.CreateLog(oplogs.LevelInfo, "保存网站全局配置")

 	if len(params.GlobalConfigJSON) == 0 {
 		this.Fail("错误的配置信息，请刷新当前页面后重试")
--- a/internal/web/actions/default/servers/create.go
+++ b/internal/web/actions/default/servers/create.go
@@ -36,24 +36,6 @@ func (this *CreateAction) RunGet(params struct{}) {
 	}
 	this.Data["countAuditing"] = countAuditingResp.Count

-	// 所有集群
-	resp, err := this.RPC().NodeClusterRPC().FindAllEnabledNodeClusters(this.AdminContext(), &pb.FindAllEnabledNodeClustersRequest{})
-	if err != nil {
-		this.ErrorPage(err)
-	}
-	if err != nil {
-		this.ErrorPage(err)
-		return
-	}
-	clusterMaps := []maps.Map{}
-	for _, cluster := range resp.NodeClusters {
-		clusterMaps = append(clusterMaps, maps.Map{
-			"id":   cluster.Id,
-			"name": cluster.Name,
-		})
-	}
-	this.Data["clusters"] = clusterMaps
-
 	// 服务类型
 	this.Data["serverTypes"] = serverconfigs.AllServerTypes()

@@ -95,10 +77,6 @@ func (this *CreateAction) RunPost(params struct {

 	Must *actions.Must
 }) {
-	params.Must.
-		Field("name", params.Name).
-		Require("请输入服务名称")
-
 	var clusterId = params.ClusterId

 	// 用户
@@ -129,7 +107,7 @@ func (this *CreateAction) RunPost(params struct {

 	switch params.ServerType {
 	case serverconfigs.ServerTypeHTTPProxy, serverconfigs.ServerTypeHTTPWeb:
-		listen := []*serverconfigs.NetworkAddressConfig{}
+		var listen = []*serverconfigs.NetworkAddressConfig{}
 		err := json.Unmarshal([]byte(params.Addresses), &listen)
 		if err != nil {
 			this.Fail("端口地址解析失败：" + err.Error())
@@ -166,7 +144,7 @@ func (this *CreateAction) RunPost(params struct {
 			this.Fail("DEMO模式下不能创建TCP反向代理")
 		}

-		listen := []*serverconfigs.NetworkAddressConfig{}
+		var listen = []*serverconfigs.NetworkAddressConfig{}
 		err := json.Unmarshal([]byte(params.Addresses), &listen)
 		if err != nil {
 			this.Fail("端口地址解析失败：" + err.Error())
@@ -197,13 +175,17 @@ func (this *CreateAction) RunPost(params struct {
 				tlsConfig.AddListen(addr)
 			}
 		}
+
+		if len(params.Name) == 0 {
+			params.Name = "TCP负载均衡"
+		}
 	case serverconfigs.ServerTypeUDPProxy:
 		// 在DEMO模式下不能创建
 		if teaconst.IsDemoMode {
 			this.Fail("DEMO模式下不能创建UDP反向代理")
 		}

-		listen := []*serverconfigs.NetworkAddressConfig{}
+		var listen = []*serverconfigs.NetworkAddressConfig{}
 		err := json.Unmarshal([]byte(params.Addresses), &listen)
 		if err != nil {
 			this.Fail("端口地址解析失败：" + err.Error())
@@ -225,20 +207,24 @@ func (this *CreateAction) RunPost(params struct {
 				udpConfig.AddListen(addr)
 			}
 		}
+
+		if len(params.Name) == 0 {
+			params.Name = "UDP负载均衡"
+		}
 	default:
 		this.Fail("请选择正确的服务类型")
 	}

 	// 证书
 	if len(params.CertIdsJSON) > 0 {
-		certIds := []int64{}
+		var certIds = []int64{}
 		err := json.Unmarshal(params.CertIdsJSON, &certIds)
 		if err != nil {
 			this.ErrorPage(err)
 			return
 		}
 		if len(certIds) > 0 {
-			certRefs := []*sslconfigs.SSLCertRef{}
+			var certRefs = []*sslconfigs.SSLCertRef{}
 			for _, certId := range certIds {
 				certRefs = append(certRefs, &sslconfigs.SSLCertRef{
 					IsOn:   true,
@@ -252,7 +238,8 @@ func (this *CreateAction) RunPost(params struct {
 			}

 			sslPolicyIdResp, err := this.RPC().SSLPolicyRPC().CreateSSLPolicy(this.AdminContext(), &pb.CreateSSLPolicyRequest{
-				Http2Enabled:      false,     // 默认值
+				Http2Enabled:      false, // 默认值
+				Http3Enabled:      false,
 				MinVersion:        "TLS 1.1", // 默认值
 				SslCertsJSON:      certRefsJSON,
 				HstsJSON:          nil,
@@ -265,7 +252,7 @@ func (this *CreateAction) RunPost(params struct {
 				this.ErrorPage(err)
 				return
 			}
-			sslPolicyId := sslPolicyIdResp.SslPolicyId
+			var sslPolicyId = sslPolicyIdResp.SslPolicyId
 			httpsConfig.SSLPolicyRef = &sslconfigs.SSLPolicyRef{
 				IsOn:        true,
 				SSLPolicyId: sslPolicyId,
@@ -282,8 +269,13 @@ func (this *CreateAction) RunPost(params struct {
 		}

 		// 检查域名是否已经存在
-		allServerNames := serverconfigs.PlainServerNames(serverNames)
+		var allServerNames = serverconfigs.PlainServerNames(serverNames)
 		if len(allServerNames) > 0 {
+			// 指定默认名称
+			if len(params.Name) == 0 {
+				params.Name = allServerNames[0]
+			}
+
 			dupResp, err := this.RPC().ServerRPC().CheckServerNameDuplicationInNodeCluster(this.AdminContext(), &pb.CheckServerNameDuplicationInNodeClusterRequest{
 				ServerNames:   allServerNames,
 				NodeClusterId: clusterId,
@@ -396,7 +388,7 @@ func (this *CreateAction) RunPost(params struct {
 		AdminId:          this.AdminId(),
 		Type:             params.ServerType,
 		Name:             params.Name,
-		ServerNamesJON:   params.ServerNames,
+		ServerNamesJSON:  params.ServerNames,
 		Description:      params.Description,
 		NodeClusterId:    clusterId,
 		IncludeNodesJSON: includeNodesJSON,
--- a/internal/web/actions/default/servers/groups/createPopup.go
+++ b/internal/web/actions/default/servers/groups/createPopup.go
@@ -42,7 +42,7 @@ func (this *CreatePopupAction) RunPost(params struct {
 	}

 	// 创建日志
-	defer this.CreateLog(oplogs.LevelInfo, "创建服务分组 %d", createResp.ServerGroupId)
+	defer this.CreateLog(oplogs.LevelInfo, "创建网站分组 %d", createResp.ServerGroupId)

 	this.Success()
 }
--- a/internal/web/actions/default/servers/groups/group/delete.go
+++ b/internal/web/actions/default/servers/groups/group/delete.go
@@ -14,7 +14,7 @@ func (this *DeleteAction) RunPost(params struct {
 	GroupId int64
 }) {
 	// 创建日志
-	defer this.CreateLog(oplogs.LevelInfo, "删除代理服务分组 %d", params.GroupId)
+	defer this.CreateLog(oplogs.LevelInfo, "删除代理网站分组 %d", params.GroupId)

 	// 检查是否正在使用
 	countResp, err := this.RPC().ServerRPC().CountAllEnabledServersWithServerGroupId(this.AdminContext(), &pb.CountAllEnabledServersWithServerGroupIdRequest{ServerGroupId: params.GroupId})
--- a/internal/web/actions/default/servers/groups/group/settings/httpReverseProxy/index.go
+++ b/internal/web/actions/default/servers/groups/group/settings/httpReverseProxy/index.go
@@ -59,7 +59,8 @@ func (this *IndexAction) RunGet(params struct {
 		var m = maps.Map{
 			"id":         originConfig.Id,
 			"weight":     originConfig.Weight,
-			"addr":       originConfig.Addr.Protocol.String() + "://" + originConfig.Addr.Host + ":" + originConfig.Addr.PortRange,
+			"addr":       originConfig.AddrSummary(),
+			"isOSS":      originConfig.IsOSS(),
 			"name":       originConfig.Name,
 			"isOn":       originConfig.IsOn,
 			"domains":    originConfig.Domains,
@@ -76,7 +77,8 @@ func (this *IndexAction) RunGet(params struct {
 		var m = maps.Map{
 			"id":         originConfig.Id,
 			"weight":     originConfig.Weight,
-			"addr":       originConfig.Addr.Protocol.String() + "://" + originConfig.Addr.Host + ":" + originConfig.Addr.PortRange,
+			"addr":       originConfig.AddrSummary(),
+			"isOSS":      originConfig.IsOSS(),
 			"name":       originConfig.Name,
 			"isOn":       originConfig.IsOn,
 			"domains":    originConfig.Domains,
--- a/internal/web/actions/default/servers/groups/group/settings/httpReverseProxy/setting.go
+++ b/internal/web/actions/default/servers/groups/group/settings/httpReverseProxy/setting.go
@@ -65,14 +65,14 @@ func (this *SettingAction) RunPost(params struct {

 	// TODO 校验配置

-	reverseProxyConfig := &serverconfigs.ReverseProxyConfig{}
+	var reverseProxyConfig = &serverconfigs.ReverseProxyConfig{}
 	err := json.Unmarshal(params.ReverseProxyJSON, reverseProxyConfig)
 	if err != nil {
 		this.ErrorPage(err)
 		return
 	}

-	err = reverseProxyConfig.Init()
+	err = reverseProxyConfig.Init(nil)
 	if err != nil {
 		this.Fail("配置校验失败：" + err.Error())
 	}
--- a/internal/web/actions/default/servers/groups/group/settings/tcpReverseProxy/index.go
+++ b/internal/web/actions/default/servers/groups/group/settings/tcpReverseProxy/index.go
@@ -59,7 +59,8 @@ func (this *IndexAction) RunGet(params struct {
 		m := maps.Map{
 			"id":         originConfig.Id,
 			"weight":     originConfig.Weight,
-			"addr":       originConfig.Addr.Protocol.String() + "://" + originConfig.Addr.Host + ":" + originConfig.Addr.PortRange,
+			"addr":       originConfig.AddrSummary(),
+			"isOSS":      originConfig.IsOSS(),
 			"name":       originConfig.Name,
 			"isOn":       originConfig.IsOn,
 			"domains":    originConfig.Domains,
@@ -76,7 +77,8 @@ func (this *IndexAction) RunGet(params struct {
 		m := maps.Map{
 			"id":         originConfig.Id,
 			"weight":     originConfig.Weight,
-			"addr":       originConfig.Addr.Protocol.String() + "://" + originConfig.Addr.Host + ":" + originConfig.Addr.PortRange,
+			"addr":       originConfig.AddrSummary(),
+			"isOSS":      originConfig.IsOSS(),
 			"name":       originConfig.Name,
 			"isOn":       originConfig.IsOn,
 			"domains":    originConfig.Domains,
--- a/internal/web/actions/default/servers/groups/group/settings/tcpReverseProxy/setting.go
+++ b/internal/web/actions/default/servers/groups/group/settings/tcpReverseProxy/setting.go
@@ -65,14 +65,14 @@ func (this *SettingAction) RunPost(params struct {

 	// TODO 校验配置

-	reverseProxyConfig := &serverconfigs.ReverseProxyConfig{}
+	var reverseProxyConfig = &serverconfigs.ReverseProxyConfig{}
 	err := json.Unmarshal(params.ReverseProxyJSON, reverseProxyConfig)
 	if err != nil {
 		this.ErrorPage(err)
 		return
 	}

-	err = reverseProxyConfig.Init()
+	err = reverseProxyConfig.Init(nil)
 	if err != nil {
 		this.Fail("配置校验失败：" + err.Error())
 	}
--- a/internal/web/actions/default/servers/groups/group/settings/udpReverseProxy/index.go
+++ b/internal/web/actions/default/servers/groups/group/settings/udpReverseProxy/index.go
@@ -59,7 +59,8 @@ func (this *IndexAction) RunGet(params struct {
 		var m = maps.Map{
 			"id":         originConfig.Id,
 			"weight":     originConfig.Weight,
-			"addr":       originConfig.Addr.Protocol.String() + "://" + originConfig.Addr.Host + ":" + originConfig.Addr.PortRange,
+			"addr":       originConfig.AddrSummary(),
+			"isOSS":      originConfig.IsOSS(),
 			"name":       originConfig.Name,
 			"isOn":       originConfig.IsOn,
 			"domains":    originConfig.Domains,
@@ -76,7 +77,8 @@ func (this *IndexAction) RunGet(params struct {
 		var m = maps.Map{
 			"id":         originConfig.Id,
 			"weight":     originConfig.Weight,
-			"addr":       originConfig.Addr.Protocol.String() + "://" + originConfig.Addr.Host + ":" + originConfig.Addr.PortRange,
+			"addr":       originConfig.AddrSummary(),
+			"isOSS":      originConfig.IsOSS(),
 			"name":       originConfig.Name,
 			"isOn":       originConfig.IsOn,
 			"domains":    originConfig.Domains,
--- a/internal/web/actions/default/servers/groups/group/settings/udpReverseProxy/setting.go
+++ b/internal/web/actions/default/servers/groups/group/settings/udpReverseProxy/setting.go
@@ -72,7 +72,7 @@ func (this *SettingAction) RunPost(params struct {
 		return
 	}

-	err = reverseProxyConfig.Init()
+	err = reverseProxyConfig.Init(nil)
 	if err != nil {
 		this.Fail("配置校验失败：" + err.Error())
 	}
--- a/internal/web/actions/default/servers/groups/group/update.go
+++ b/internal/web/actions/default/servers/groups/group/update.go
@@ -41,7 +41,7 @@ func (this *UpdateAction) RunPost(params struct {
 	Must *actions.Must
 }) {
 	// 创建日志
-	defer this.CreateLog(oplogs.LevelInfo, "修改代理服务分组 %d", params.GroupId)
+	defer this.CreateLog(oplogs.LevelInfo, "修改网站分组 %d", params.GroupId)

 	params.Must.
 		Field("name", params.Name).
--- a/internal/web/actions/default/servers/groups/sort.go
+++ b/internal/web/actions/default/servers/groups/sort.go
@@ -14,7 +14,7 @@ func (this *SortAction) RunPost(params struct {
 	GroupIds []int64
 }) {
 	// 创建日志
-	defer this.CreateLog(oplogs.LevelInfo, "修改服务分组排序")
+	defer this.CreateLog(oplogs.LevelInfo, "修改网站分组排序")

 	_, err := this.RPC().ServerGroupRPC().UpdateServerGroupOrders(this.AdminContext(), &pb.UpdateServerGroupOrdersRequest{ServerGroupIds: params.GroupIds})
 	if err != nil {
--- a/internal/web/actions/default/servers/iplists/index.go
+++ b/internal/web/actions/default/servers/iplists/index.go
@@ -21,6 +21,7 @@ func (this *IndexAction) Init() {
 }

 func (this *IndexAction) RunGet(params struct {
+	Ip         string
 	Keyword    string
 	GlobalOnly bool
 	Unread     bool
@@ -40,6 +41,7 @@ func (this *IndexAction) RunGet(params struct {
 		Unread:     true,
 		EventLevel: params.EventLevel,
 		ListType:   params.ListType,
+		Ip:         params.Ip,
 	})
 	if err != nil {
 		this.ErrorPage(err)
@@ -53,6 +55,7 @@ func (this *IndexAction) RunGet(params struct {
 		Unread:     params.Unread,
 		EventLevel: params.EventLevel,
 		ListType:   params.ListType,
+		Ip:         params.Ip,
 	})
 	if err != nil {
 		this.ErrorPage(err)
@@ -68,6 +71,7 @@ func (this *IndexAction) RunGet(params struct {
 		Unread:     params.Unread,
 		EventLevel: params.EventLevel,
 		ListType:   params.ListType,
+		Ip:         params.Ip,
 		Offset:     page.Offset,
 		Size:       page.Size,
 	})
--- a/internal/web/actions/default/servers/server/settings/cache/updateRefs.go
+++ b/internal/web/actions/default/servers/server/settings/cache/updateRefs.go
@@ -41,6 +41,10 @@ func (this *UpdateRefsAction) RunPost(params struct {

 	// 校验配置
 	var cacheConfig = webConfig.Cache
+	if cacheConfig == nil {
+		this.Success()
+		return
+	}

 	var refs = []*serverconfigs.HTTPCacheRef{}
 	err = json.Unmarshal(params.RefsJSON, &refs)
--- a/internal/web/actions/default/servers/server/settings/headers/createDeletePopup.go
+++ b/internal/web/actions/default/servers/server/settings/headers/createDeletePopup.go
@@ -45,14 +45,14 @@ func (this *CreateDeletePopupAction) RunPost(params struct {
 		this.ErrorPage(err)
 		return
 	}
-	policyConfig := &shared.HTTPHeaderPolicy{}
+	var policyConfig = &shared.HTTPHeaderPolicy{}
 	err = json.Unmarshal(policyConfigResp.HttpHeaderPolicyJSON, policyConfig)
 	if err != nil {
 		this.ErrorPage(err)
 		return
 	}

-	deleteHeaders := policyConfig.DeleteHeaders
+	var deleteHeaders = policyConfig.DeleteHeaders
 	deleteHeaders = append(deleteHeaders, params.Name)
 	_, err = this.RPC().HTTPHeaderPolicyRPC().UpdateHTTPHeaderPolicyDeletingHeaders(this.AdminContext(), &pb.UpdateHTTPHeaderPolicyDeletingHeadersRequest{
 		HttpHeaderPolicyId: params.HeaderPolicyId,
--- a/internal/web/actions/default/servers/server/settings/headers/createNonStandardHeaderPopup.go
+++ b/internal/web/actions/default/servers/server/settings/headers/createNonStandardHeaderPopup.go
@@ -0,0 +1,67 @@
+package headers
+
+import (
+	"encoding/json"
+	"github.com/TeaOSLab/EdgeAdmin/internal/oplogs"
+	"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
+	"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
+	"github.com/TeaOSLab/EdgeCommon/pkg/serverconfigs/shared"
+	"github.com/iwind/TeaGo/actions"
+)
+
+type CreateNonStandardPopupAction struct {
+	actionutils.ParentAction
+}
+
+func (this *CreateNonStandardPopupAction) Init() {
+	this.Nav("", "", "")
+}
+
+func (this *CreateNonStandardPopupAction) RunGet(params struct {
+	HeaderPolicyId int64
+	Type           string
+}) {
+	this.Data["headerPolicyId"] = params.HeaderPolicyId
+	this.Data["type"] = params.Type
+
+	this.Show()
+}
+
+func (this *CreateNonStandardPopupAction) RunPost(params struct {
+	HeaderPolicyId int64
+	Name           string
+
+	Must *actions.Must
+}) {
+	// 日志
+	defer this.CreateLog(oplogs.LevelInfo, "添加非标的Header HeaderPolicyId: %d, Name: %s", params.HeaderPolicyId, params.Name)
+
+	params.Must.
+		Field("name", params.Name).
+		Require("名称不能为空")
+
+	policyConfigResp, err := this.RPC().HTTPHeaderPolicyRPC().FindEnabledHTTPHeaderPolicyConfig(this.AdminContext(), &pb.FindEnabledHTTPHeaderPolicyConfigRequest{HttpHeaderPolicyId: params.HeaderPolicyId})
+	if err != nil {
+		this.ErrorPage(err)
+		return
+	}
+	var policyConfig = &shared.HTTPHeaderPolicy{}
+	err = json.Unmarshal(policyConfigResp.HttpHeaderPolicyJSON, policyConfig)
+	if err != nil {
+		this.ErrorPage(err)
+		return
+	}
+
+	var nonStandardHeaders = policyConfig.NonStandardHeaders
+	nonStandardHeaders = append(nonStandardHeaders, params.Name)
+	_, err = this.RPC().HTTPHeaderPolicyRPC().UpdateHTTPHeaderPolicyNonStandardHeaders(this.AdminContext(), &pb.UpdateHTTPHeaderPolicyNonStandardHeadersRequest{
+		HttpHeaderPolicyId: params.HeaderPolicyId,
+		HeaderNames:        nonStandardHeaders,
+	})
+	if err != nil {
+		this.ErrorPage(err)
+		return
+	}
+
+	this.Success()
+}
--- a/internal/web/actions/default/servers/server/settings/headers/deleteDeletingHeader.go
+++ b/internal/web/actions/default/servers/server/settings/headers/deleteDeletingHeader.go
@@ -17,22 +17,22 @@ func (this *DeleteDeletingHeaderAction) RunPost(params struct {
 	HeaderName     string
 }) {
 	// 日志
-	defer this.CreateLog(oplogs.LevelInfo, "删除需要删除的请求Header，HeaderPolicyId:%d, HeaderName:%s", params.HeaderPolicyId, params.HeaderName)
+	defer this.CreateLog(oplogs.LevelInfo, "删除需要删除的Header，HeaderPolicyId:%d, HeaderName:%s", params.HeaderPolicyId, params.HeaderName)

 	policyConfigResp, err := this.RPC().HTTPHeaderPolicyRPC().FindEnabledHTTPHeaderPolicyConfig(this.AdminContext(), &pb.FindEnabledHTTPHeaderPolicyConfigRequest{HttpHeaderPolicyId: params.HeaderPolicyId})
 	if err != nil {
 		this.ErrorPage(err)
 		return
 	}
-	policyConfigJSON := policyConfigResp.HttpHeaderPolicyJSON
-	policyConfig := &shared.HTTPHeaderPolicy{}
+	var policyConfigJSON = policyConfigResp.HttpHeaderPolicyJSON
+	var policyConfig = &shared.HTTPHeaderPolicy{}
 	err = json.Unmarshal(policyConfigJSON, policyConfig)
 	if err != nil {
 		this.ErrorPage(err)
 		return
 	}

-	headerNames := []string{}
+	var headerNames = []string{}
 	for _, h := range policyConfig.DeleteHeaders {
 		if h == params.HeaderName {
 			continue
--- a/internal/web/actions/default/servers/server/settings/headers/deleteNonStandardHeader.go
+++ b/internal/web/actions/default/servers/server/settings/headers/deleteNonStandardHeader.go
@@ -0,0 +1,52 @@
+package headers
+
+import (
+	"encoding/json"
+	"github.com/TeaOSLab/EdgeAdmin/internal/oplogs"
+	"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
+	"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
+	"github.com/TeaOSLab/EdgeCommon/pkg/serverconfigs/shared"
+)
+
+type DeleteNonStandardHeaderAction struct {
+	actionutils.ParentAction
+}
+
+func (this *DeleteNonStandardHeaderAction) RunPost(params struct {
+	HeaderPolicyId int64
+	HeaderName     string
+}) {
+	// 日志
+	defer this.CreateLog(oplogs.LevelInfo, "删除需要非标的Header，HeaderPolicyId:%d, HeaderName:%s", params.HeaderPolicyId, params.HeaderName)
+
+	policyConfigResp, err := this.RPC().HTTPHeaderPolicyRPC().FindEnabledHTTPHeaderPolicyConfig(this.AdminContext(), &pb.FindEnabledHTTPHeaderPolicyConfigRequest{HttpHeaderPolicyId: params.HeaderPolicyId})
+	if err != nil {
+		this.ErrorPage(err)
+		return
+	}
+	var policyConfigJSON = policyConfigResp.HttpHeaderPolicyJSON
+	var policyConfig = &shared.HTTPHeaderPolicy{}
+	err = json.Unmarshal(policyConfigJSON, policyConfig)
+	if err != nil {
+		this.ErrorPage(err)
+		return
+	}
+
+	var headerNames = []string{}
+	for _, h := range policyConfig.NonStandardHeaders {
+		if h == params.HeaderName {
+			continue
+		}
+		headerNames = append(headerNames, h)
+	}
+	_, err = this.RPC().HTTPHeaderPolicyRPC().UpdateHTTPHeaderPolicyNonStandardHeaders(this.AdminContext(), &pb.UpdateHTTPHeaderPolicyNonStandardHeadersRequest{
+		HttpHeaderPolicyId: params.HeaderPolicyId,
+		HeaderNames:        headerNames,
+	})
+	if err != nil {
+		this.ErrorPage(err)
+		return
+	}
+
+	this.Success()
+}
--- a/internal/web/actions/default/servers/server/settings/headers/init.go
+++ b/internal/web/actions/default/servers/server/settings/headers/init.go
@@ -18,6 +18,8 @@ func init() {
 			GetPost("/updateSetPopup", new(UpdateSetPopupAction)).
 			GetPost("/createDeletePopup", new(CreateDeletePopupAction)).
 			Post("/deleteDeletingHeader", new(DeleteDeletingHeaderAction)).
+			GetPost("/createNonStandardPopup", new(CreateNonStandardPopupAction)).
+			Post("/deleteNonStandardHeader", new(DeleteNonStandardHeaderAction)).
 			Post("/delete", new(DeleteAction)).
 			GetPost("/updateCORSPopup", new(UpdateCORSPopupAction)).
 			EndAll()
--- a/internal/web/actions/default/servers/server/settings/headers/updateCORSPopup.go
+++ b/internal/web/actions/default/servers/server/settings/headers/updateCORSPopup.go
@@ -49,7 +49,7 @@ func (this *UpdateCORSPopupAction) RunPost(params struct {
 	Must *actions.Must
 	CSRF *actionutils.CSRF
 }) {
-	var config = &shared.HTTPCORSHeaderConfig{}
+	var config = shared.NewHTTPCORSHeaderConfig()
 	err := json.Unmarshal(params.CorsJSON, config)
 	if err != nil {
 		this.Fail("配置校验失败：" + err.Error())
--- a/Show More
+++ b/Show More
Author	SHA1	Message	Date
刘祥超	0ff8aecbea	commit components.js	2023-06-18 19:51:47 +08:00
刘祥超	e6cae84764	优化文字提示	2023-06-18 16:19:16 +08:00
刘祥超	2d2d2931f1	commit components.js	2023-06-17 21:53:08 +08:00
刘祥超	69ad5e7d1f	安装mysql时预先安装 numactl-libs	2023-06-17 21:53:00 +08:00
刘祥超	97abc6aeb9	缓存条件类型增加“URL通配符”	2023-06-16 11:34:39 +08:00
刘祥超	8cf37dd37c	优化文字提示	2023-06-16 09:54:51 +08:00
刘祥超	e11d091ac5	优化错误提示	2023-06-16 08:17:16 +08:00
刘祥超	e952dfcedd	提交components.js	2023-06-15 15:25:01 +08:00
刘祥超	2565d5cab2	缓存条件增加"强制返回区间内容"选项	2023-06-15 15:15:11 +08:00
刘祥超	e4e66c74bc	更新Components.js	2023-06-13 20:52:46 +08:00
刘祥超	6607c41823	实现自动下载升级版本	2023-06-13 20:52:37 +08:00
刘祥超	43570f20b5	优化OSS源站相关代码	2023-06-13 15:40:40 +08:00
刘祥超	9ea7a93206	优化左侧主菜单显示	2023-06-12 19:50:53 +08:00
刘祥超	dec4922fe5	优化左侧主菜单显示	2023-06-12 19:46:37 +08:00
刘祥超	ef1f95b347	IP列表可以搜索单个IP	2023-06-12 18:29:11 +08:00
刘祥超	7317312f68	版本号改为1.2.0	2023-06-12 14:42:48 +08:00
刘祥超	2965e8df65	commit components.js	2023-06-12 11:16:56 +08:00
刘祥超	4fdcc7fae9	优化缓存条件添加表单	2023-06-10 17:58:03 +08:00
刘祥超	6be8f7539d	缓存条件类型支持“全站”	2023-06-10 17:35:45 +08:00
刘祥超	a6de65fe39	迁移后API地址确认页面提示更详细的API节点配置错误	2023-06-10 16:31:20 +08:00
刘祥超	fc5dae5a8e	优化源站列表界面	2023-06-09 17:46:15 +08:00
刘祥超	db69454d32	压缩utils.js	2023-06-09 17:29:14 +08:00
刘祥超	c824335b0e	增加备用音频	2023-06-09 17:28:49 +08:00
刘祥超	1f1ce11078	优化OSS相关代码	2023-06-08 17:50:22 +08:00
刘祥超	0ec1571d37	初步实现对象存储源站	2023-06-07 17:24:56 +08:00
刘祥超	407e8b52a5	允许在集群设置 -- “网站设置” 中设置节点IP访问显示的内容	2023-06-05 19:26:55 +08:00
刘祥超	1be13a151d	网站全局设置增加“强制Ln请求“选项	2023-06-05 17:05:42 +08:00
刘祥超	4d9d417d7a	增加<dns-resolvers-config-box>组件	2023-06-05 12:33:30 +08:00
刘祥超	aaff8f0c4a	将API设置URL从/api改为/settings/api	2023-06-05 09:41:52 +08:00
刘祥超	8c064daf3f	“服务分组”改为“网站分组”	2023-06-04 10:30:57 +08:00
刘祥超	b0b3dae147	增加并发任务函数	2023-06-03 11:13:05 +08:00
刘祥超	2ea2be43d3	更新components.js	2023-06-03 09:09:18 +08:00
刘祥超	81f7364e93	改进文字提示	2023-06-02 16:33:24 +08:00
刘祥超	c530869530	优化代码	2023-06-01 18:07:46 +08:00
刘祥超	586ccd90ec	初步实现HTTP3	2023-06-01 17:44:39 +08:00
刘祥超	ece237c49f	增加不能登录的敏感区域	2023-06-01 15:56:45 +08:00
刘祥超	11da5ca98c	线图坐标增加xColorFunc参数	2023-05-29 13:56:32 +08:00
刘祥超	276a68bda6	Update Dockerfile	2023-05-29 09:08:59 +08:00
刘祥超	fba89d197a	优化交互	2023-05-28 20:24:58 +08:00
刘祥超	b3259e2489	commit components.js	2023-05-28 19:22:05 +08:00
刘祥超	880704dda0	优化WAF“跳转‘动作显示	2023-05-28 17:22:20 +08:00
刘祥超	d5e92e9c09	WAF增加“跳转”动作	2023-05-28 17:11:45 +08:00
刘祥超	df2f5692bd	版本号改为1.1.0	2023-05-28 16:06:05 +08:00
刘祥超	dacc99b8b6	优化文字	2023-05-28 15:17:33 +08:00
刘祥超	0e8ade3b61	手动执行健康检查时提示用户当前集群尚未部署网站	2023-05-28 15:06:53 +08:00
刘祥超	fe2d8f6261	优化界面	2023-05-28 14:41:38 +08:00
刘祥超	927381039b	优化界面	2023-05-28 11:31:59 +08:00
刘祥超	6b95947acb	集群列表页也增加“创建节点”链接	2023-05-27 19:55:06 +08:00
刘祥超	b05e53ce58	登录界面屏蔽个别敏感区域	2023-05-27 18:12:40 +08:00
刘祥超	a2546582f2	优化界面	2023-05-27 17:11:18 +08:00
刘祥超	a023b3401e	优化界面	2023-05-27 17:05:17 +08:00
刘祥超	07142e9872	删除EdgePlus	2023-05-27 16:46:30 +08:00
刘祥超	f5fea6c34d	创建节点表单显示剩余配额	2023-05-27 15:33:08 +08:00
刘祥超	5eb0fb3422	正则表达式填写多行时提示用户需要转换成竖杠（｜）符号	2023-05-27 14:44:39 +08:00
刘祥超	fa915e7c35	部分“服务”文字改为“网站”	2023-05-26 11:55:21 +08:00
刘祥超	2b7905d31c	优化文字和界面	2023-05-26 10:52:45 +08:00
刘祥超	9cbbf37add	优化界面	2023-05-26 10:31:03 +08:00
刘祥超	642a0c3b0d	优化界面	2023-05-25 17:42:22 +08:00
刘祥超	ff47a19250	优化界面	2023-05-25 17:29:55 +08:00
刘祥超	1fc1a3fbe3	WAF国家/地区封禁、省份封禁增加例外URL、限制URL	2023-05-25 12:02:19 +08:00
刘祥超	996172bd69	改进界面	2023-05-25 10:59:18 +08:00
刘祥超	df038314ef	commit components.js	2023-05-24 17:21:05 +08:00
刘祥超	67881c2e34	网站全局设置中增加“自动匹配证书”选项	2023-05-24 17:20:28 +08:00
刘祥超	9c691a17b2	优化集群菜单	2023-05-23 19:50:19 +08:00
刘祥超	54df86a4a2	优化文字提示	2023-05-23 19:15:35 +08:00
刘祥超	70aff759d7	优化文字显示	2023-05-23 11:25:25 +08:00
刘祥超	d903cc6e3b	优化源站列表专属域名显示	2023-05-23 11:25:13 +08:00
刘祥超	c520271ab5	实现自定义页面组件	2023-05-22 17:30:46 +08:00
刘祥超	f6936224d9	调整集群设置菜单位置	2023-05-22 09:49:56 +08:00
刘祥超	283984a6a6	HTTP Header中支持设置非标Header	2023-05-19 19:52:10 +08:00
刘祥超	c4fc09f72a	优化HTTP Header页面	2023-05-19 17:40:00 +08:00
刘祥超	efdbabfa04	优化HTTP Header页面文字提示	2023-05-19 17:34:54 +08:00
刘祥超	a43af333fd	优化文字提示	2023-05-19 16:51:49 +08:00
刘祥超	1f5894ff82	HTTP Header - CORS跨域设置增加多个选项	2023-05-19 16:32:28 +08:00
刘祥超	79b4054e31	在节点列表显示租期、是否为备用节点等信息	2023-05-19 11:11:34 +08:00
刘祥超	376d7d0c78	修改部分代码的联系方式	2023-05-19 11:09:57 +08:00
刘祥超	c8b85330ed	删除QQ群信息	2023-05-17 19:22:56 +08:00
刘祥超	c65dffee13	实现基础的智能调度	2023-05-17 18:41:27 +08:00
刘祥超	275320ad9b	如果管理系统前端有反向代理，则不要自动从HTTP跳转到HTTPS	2023-05-07 09:28:18 +08:00
刘祥超	f71cdf9065	防盗链增加”同时检查Origin选项“	2023-05-02 17:05:35 +08:00
刘祥超	8e0a239de9	优化WAF CC2规则说明文字	2023-05-02 17:04:40 +08:00
刘祥超	ed2b95bc3f	集群设置中“服务设置”改为“网站设置”	2023-04-26 14:04:49 +08:00
刘祥超	2e23ee4c66	优化健康检查界面	2023-04-26 10:48:44 +08:00
刘祥超	58def52e30	数据库手动清理页面增加按表名和按占用空间排序/优化数据库相关界面	2023-04-26 09:49:28 +08:00
刘祥超	aea5ef3b68	Update Dockerfile	2023-04-24 10:29:31 +08:00
刘祥超	f2e14cf0a6	版本号修改为1.0.4	2023-04-24 10:17:05 +08:00
刘祥超	bc9b6d1595	为集群选择DNS域名时自动排序并不显示已下线域名	2023-04-24 09:38:57 +08:00
刘祥超	fd11b62390	更新components.js	2023-04-23 20:13:23 +08:00
刘祥超	8db00a5ab5	远程升级API节点时自动上传边缘节点安装文件	2023-04-23 19:48:07 +08:00
刘祥超	a6757e9374	申请ACME证书时可以指定平台用户	2023-04-23 15:01:43 +08:00
刘祥超	e0fe385404	证书申请任务可以使用用户筛选	2023-04-23 11:03:07 +08:00
刘祥超	f9f4258ec1	证书列表可以使用用户筛选	2023-04-23 10:44:37 +08:00
刘祥超	f939d563ad	选择证书时，如果证书列表为空，则提示可以搜索未指定用户证书	2023-04-22 12:04:04 +08:00
刘祥超	fad03add54	“网站服务”改为“网站”、“网站列表”	2023-04-21 17:51:25 +08:00
刘祥超	9ab6dab081	SESSION读取失败时不强制重新登录	2023-04-21 15:39:51 +08:00
刘祥超	5a55268830	修复在HTTP/1.x下开多个窗口访问非常慢的问题	2023-04-19 21:03:46 +08:00
刘祥超	fc3769239d	节点列表页CPU、内存使用比例增加百分号	2023-04-19 19:26:49 +08:00
刘祥超	c9fb3153eb	安全设置增加“检查客户端指纹"和"检查客户端区域"选项	2023-04-19 18:25:10 +08:00
刘祥超	a31f9ed9c5	节点列表负载数据如果是0，则显示0.00	2023-04-18 11:23:49 +08:00
刘祥超	2f75828ba4	优化滚动条在firefox上的显示	2023-04-11 16:33:22 +08:00
刘祥超	89679ec358	版本号改为1.1.0	2023-04-10 21:03:41 +08:00
刘祥超	98f77f52df	Update Dockerfile	2023-04-10 09:20:59 +08:00
刘祥超	ca647d44bb	版本号修改为1.0.1	2023-04-10 09:17:37 +08:00
刘祥超	838b7dab5b	Update Dockerfile	2023-04-10 08:48:09 +08:00
刘祥超	4f7fe247b4	更新components.js	2023-04-09 22:32:30 +08:00
刘祥超	cee20bd7d2	上传证书私钥时可以选择pem文件	2023-04-09 21:29:44 +08:00
刘祥超	f99ed0c4d9	优化grpc参数	2023-04-09 21:05:49 +08:00
刘祥超	4ae6523164	修复一个单词拼写错误	2023-04-09 20:09:12 +08:00
刘祥超	2ece764dcb	优化<combo-box>组件上下键盘键移动速度	2023-04-09 20:08:38 +08:00
刘祥超	f3bdd98af5	优化API升级处理提示文字	2023-04-09 17:29:29 +08:00
刘祥超	3c3c511c5b	版本号更改为1.0.0	2023-04-09 17:24:04 +08:00
刘祥超	45167b87e5	提交components.js	2023-04-09 17:23:51 +08:00
刘祥超	f7d5755744	提升Cookie安全性	2023-04-09 17:10:53 +08:00
刘祥超	e2adafd16b	服务配置菜单项增加配置代号	2023-04-09 15:59:37 +08:00
刘祥超	9d178b238d	审计日志列表增加级别筛选	2023-04-06 10:06:22 +08:00
刘祥超	431054a1be	自动检查管理员弱密码并提醒	2023-04-04 17:26:28 +08:00
刘祥超	5bf6428253	调整表单中注释颜色	2023-04-04 15:22:57 +08:00
刘祥超	6a4a03267b	优化文字提示	2023-04-03 10:03:48 +08:00
刘祥超	6598e16974	优化MySQL系统服务参数	2023-04-03 10:01:35 +08:00
刘祥超	b1943a4cec	优化MySQL系统服务参数	2023-04-02 18:05:54 +08:00
刘祥超	5f70d5afd3	优化文字提示	2023-04-02 10:17:56 +08:00
刘祥超	7dead36212	更新components.js	2023-04-02 10:17:47 +08:00
刘祥超	1f68a7830b	集群服务设置增加“支持低版本HTTP”选项	2023-04-01 09:51:44 +08:00
刘祥超	42c5b7a181	修复在未初始化缓存设置时添加缓存条件产生的panic错误	2023-03-31 17:42:33 +08:00
刘祥超	6596b47e54	证书即将到期提示	2023-03-28 16:52:21 +08:00
刘祥超	02e4a3e244	安装MySQL时指定 innodb_buffer_pool_size 为系统内存的一半	2023-03-28 11:42:19 +08:00
刘祥超	d9af90c76b	优化代码	2023-03-27 17:37:48 +08:00
刘祥超	a54405f24f	自动安装mysql时调整innodb_sort_buffer_size参数值	2023-03-27 17:22:13 +08:00
刘祥超	2b39c5d517	优化代码	2023-03-27 16:31:52 +08:00
刘祥超	a09d295948	优化<combo-box>组件	2023-03-27 11:28:06 +08:00
刘祥超	2c0b0be8c4	优化<combo-box>组件	2023-03-27 11:01:28 +08:00
刘祥超	b289877273	README中增加企业版链接	2023-03-26 20:50:45 +08:00
刘祥超	869d54b9a8	如果管理系统同时设置了HTTP和HTTPS端口，那么访问HTTP登录页时自动跳转到HTTPS地址	2023-03-26 15:54:14 +08:00
刘祥超	df48ae8316	优化缓存策略相关文字提示	2023-03-26 12:23:12 +08:00
刘祥超	e42cf2a420	创建服务和修改服务HTTPS设置时也支持批量上传证书	2023-03-26 12:00:41 +08:00
刘祥超	bd899b649d	创建服务时如果选择了所属用户，则证书列表中默认显示该用户的证书	2023-03-26 10:36:47 +08:00
刘祥超	2bc43ee2a5	实现自动匹配证书和批量选择证书功能	2023-03-25 20:50:27 +08:00
刘祥超	48e2907426	开源版本默认每次只能上传20个证书文件	2023-03-24 15:29:51 +08:00
刘祥超	4e33cce128	批量上传时如果证书文件和私钥文件不一致，也会提示错误	2023-03-24 15:13:28 +08:00
刘祥超	6658028f90	增加批量上传证书功能	2023-03-24 15:05:31 +08:00
刘祥超	3fe67bb179	优化系统设置--Web服务文字提示。	2023-03-24 10:53:40 +08:00
刘祥超	ce9a2d0cc3	证书内容输入框支持拖动文件上传	2023-03-24 10:17:05 +08:00
刘祥超	45b7c7af15	优化界面显示	2023-03-23 15:47:11 +08:00
刘祥超	3116aaeccb	节点列表节点IP超出4个后可以自动隐藏和显示	2023-03-23 14:50:12 +08:00
刘祥超	bfd5517c6c	优化创建网站服务界面	2023-03-22 17:52:22 +08:00
刘祥超	c83598a4f9	优化创建网站服务界面	2023-03-21 16:56:45 +08:00
刘祥超	3dc983871f	优化CNAME查询程序	2023-03-21 11:41:40 +08:00
刘祥超	ac6fcefffd	修改<columns-grid>组件文件名	2023-03-21 11:00:35 +08:00
刘祥超	094080cc9f	优化界面文字	2023-03-20 21:32:18 +08:00
刘祥超	d2dff968fb	自动安装MySQL时自动生成所需的动态库软链接	2023-03-20 21:32:10 +08:00
刘祥超	496f82a01f	日志数据库节点详情中密码使用星号（*）代替	2023-03-20 17:00:54 +08:00
刘祥超	9293c3e861	优化界面	2023-03-20 12:10:08 +08:00
刘祥超	da7d42edd5	修复<file-textarea>组件在firefox上无法复制内容的Bug	2023-03-20 09:43:21 +08:00
刘祥超	87b96d6526	SSH认证添加私钥时可以从私钥文件中直接拖入	2023-03-19 17:49:07 +08:00
刘祥超	a371821ff8	创建SSH认证私钥时校验私钥内容	2023-03-19 17:48:43 +08:00
刘祥超	748cb6eb8f	更新相关库	2023-03-19 17:46:28 +08:00
刘祥超	05bee642e9	配置初始化时增加context参数	2023-03-18 22:12:22 +08:00
刘祥超	081be04592	优化文字提示	2023-03-18 16:08:25 +08:00
刘祥超	f77518d086	生成节点DNS解析时区分节点是否已安装	2023-03-18 16:05:46 +08:00
刘祥超	35e6202b3c	创建节点时自动从节点名称中提取节点IP	2023-03-18 11:36:10 +08:00
刘祥超	1d84ea6ab9	更新components.js	2023-03-18 11:35:42 +08:00
刘祥超	df461d81d8	版本号更改为0.6.5	2023-03-17 15:53:01 +08:00
刘祥超	821d5aa595	优化节点列表连接数显示	2023-03-17 15:25:07 +08:00
刘祥超	c25bd71592	节点列表带宽保存两位小数数字	2023-03-17 15:20:53 +08:00
刘祥超	7e9224680e	当HTTP和HTTPS端口冲突时提示用户	2023-03-17 11:11:54 +08:00
刘祥超	bc89116d3d	编译脚本中暂时不删除.css.map和.js.map文件	2023-03-17 10:20:11 +08:00
刘祥超	aabe75ee13	优化文字提示	2023-03-17 10:19:38 +08:00
刘祥超	8903adc523	优化文字提示	2023-03-16 10:09:17 +08:00
刘祥超	61d8c8cd39	优化节点列表统计项宽度	2023-03-16 09:48:45 +08:00
刘祥超	2e1d991e0c	在开源版本看板增加检查是否为Plus的钩子	2023-03-16 09:37:16 +08:00
刘祥超	5a57167832	更新Dockerfile中的版本号	2023-03-16 09:27:36 +08:00
刘祥超	c3df181dcc	版本号改为0.6.4.2	2023-03-16 08:55:12 +08:00
刘祥超	699ea47ac5	更新components.js	2023-03-16 08:55:01 +08:00
刘祥超	fba69f3109	节点列表增加连接数列	2023-03-15 17:57:32 +08:00
刘祥超	063583dda1	调整节点任务和DNS同步任务弹窗高度	2023-03-15 16:24:14 +08:00
刘祥超	a31ca5cfb6	提高消息弹窗高度	2023-03-15 15:48:35 +08:00
刘祥超	c0a13305ad	管理系统增加两种背景风格	2023-03-15 15:35:11 +08:00
刘祥超	9d8cbf87dc	URL跳转之域名跳转增加跳转后域名校验	2023-03-15 15:07:55 +08:00
刘祥超	009f7da26b	优化看板中的统计图表	2023-03-15 14:39:45 +08:00
刘祥超	f1d0359dc4	优化代码	2023-03-13 16:24:37 +08:00
刘祥超	473baa8c5b	版本号改为0.6.5	2023-03-13 16:16:26 +08:00
刘祥超	1a5dda6c72	Update Dockerfile	2023-03-13 12:12:44 +08:00