Skip to content

A
aaPanel
Commit 1ea4c504 authored by jose's avatar jose
Browse files
Options

update 6.1.5

parent 3fe14911
Expand all Hide whitespace changes
Inline Side-by-side
Showing with 900 additions and 436 deletions
BTPanel/__init__.py
View file @ 1ea4c504
......@@ -20,6 +20,7 @@ from werkzeug.contrib.cache import SimpleCache
from werkzeug.wrappers import Response
from flask_socketio import SocketIO,emit,send
dns_client = None
app.config['DEBUG'] = os.path.exists('data/debug.pl')
#设置BasicAuth
basic_auth_conf = 'config/basic_auth.json'
......@@ -413,9 +414,11 @@ def config(pdata = None):
data['basic_auth'] = c_obj.get_basic_auth_stat(None)
data['basic_auth']['value'] = public.GetMsg("CLOSE")
if data['basic_auth']['open']: data['basic_auth']['value'] = public.GetMsg("OPEN")
data['debug'] = ''
if app.config['DEBUG']: data['debug'] = 'checked'
return render_template( 'config.html',data=data)
import config
defs = ('get_panel_error_logs','clean_panel_error_logs','get_basic_auth_stat','set_basic_auth','get_cli_php_version','get_tmp_token','set_cli_php_version','DelOldSession', 'GetSessionCount', 'SetSessionConf', 'GetSessionConf','get_ipv6_listen','set_ipv6_status','GetApacheValue','SetApacheValue','GetNginxValue','SetNginxValue','get_token','set_token','set_admin_path','is_pro','get_php_config','get_config','SavePanelSSL','GetPanelSSL','GetPHPConf','SetPHPConf','GetPanelList','AddPanelInfo','SetPanelInfo','DelPanelInfo','ClickPanelInfo','SetPanelSSL','SetTemplates','Set502','setPassword','setUsername','setPanel','setPathInfo','setPHPMaxSize','getFpmConfig','setFpmConfig','setPHPMaxTime','syncDate','setPHPDisable','SetControl','ClosePanel','AutoUpdatePanel','SetPanelLock')
defs = ('get_cert_source','set_debug','get_panel_error_logs','clean_panel_error_logs','get_basic_auth_stat','set_basic_auth','get_cli_php_version','get_tmp_token','set_cli_php_version','DelOldSession', 'GetSessionCount', 'SetSessionConf', 'GetSessionConf','get_ipv6_listen','set_ipv6_status','GetApacheValue','SetApacheValue','GetNginxValue','SetNginxValue','get_token','set_token','set_admin_path','is_pro','get_php_config','get_config','SavePanelSSL','GetPanelSSL','GetPHPConf','SetPHPConf','GetPanelList','AddPanelInfo','SetPanelInfo','DelPanelInfo','ClickPanelInfo','SetPanelSSL','SetTemplates','Set502','setPassword','setUsername','setPanel','setPathInfo','setPHPMaxSize','getFpmConfig','setFpmConfig','setPHPMaxTime','syncDate','setPHPDisable','SetControl','ClosePanel','AutoUpdatePanel','SetPanelLock')
return publicObject(config.config(),defs,None,pdata);
@app.route('/ajax',methods=method_all)
......@@ -918,6 +921,7 @@ def connected_msg(msg):
def check_csrf():
if app.config['DEBUG']: return True
request_token = request.cookies.get('request_token')
if session['request_token'] != request_token: return False
http_token = request.headers.get('x-http-token')
......
BTPanel/static/css/site.css
View file @ 1ea4c504
......@@ -582,74 +582,6 @@ html {
overflow: hidden
}
.sidebar-auto {
overflow: auto;
height: 100%;
margin-right: -18px
}
.mypcip {
display: block;
padding: 0 10px;
position: relative;
transition-duration: 500ms;
transition-property: background;
transition-timing-function: ease;
width: 100%;
cursor: pointer;
margin: 1px 0
}
.mypcip:hover {
background: #20a53a;
opacity: 1
}
.mypcip span {
background: url("data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABYAAAAQCAYAAAAS7Y8mAAAABHNCSVQICAgIfAhkiAAAAAlwSFlzAAAAdgAAAHYBTnsmCAAAABx0RVh0U29mdHdhcmUAQWRvYmUgRmlyZXdvcmtzIENTNui8sowAAAGPSURBVDiNldQ9ixRBEAbgZ3Zn1fVOuQU/wK9AMDDS1MvuRxj5CwTBP2CiYmYmGBsYGRsaa2qkkSiCgRd4y3ri3XqzbdDV7Lgs7uwLRc90V1dXv29VVymluxiiRoVkNaoYG7wN+9chpTTBBn7jKA5YhYR+JPQEDxYd6rAPeIwDnOgQuMEIz3F8mUMdC9/wqkPAxb1P0Yv/6ziLX/hTy9c6jXPYXSPwBQywF+Mz7GCCSRGMbqK1Ufwbmb4beI9TuNZFqFWoZCH7Mp0XcaX33y3dUDKfmRdD1bM+BYuoWtaEKeIdyqSvg5+RZSWX6Ri3ZUqmRbxjcqnsx3cyF7Utbpmf4YxcapXcWFNcjiSbOk7Yxhu5BocRaGBeoyXYNII32MTJsJ7cvR/D92aN1xFsFA6HYZ/iiiWjTVyVGyrhBz7jXSQxxq3wPahxJ7JuX30sd9IoshviC77KzdSmag+XYm4QNq0tF+0e7sc1SwPs4xFeLPHvt2ibsfwl24rFl/KLV/jdCho2ZC3a+I6HOB9rR38B10ZjDE49T6kAAAAASUVORK5CYII=") no-repeat 0 center;
display: inline-block;
line-height: 46px;
padding-left: 30px;
white-space: nowrap;
max-width: 146px;
overflow: hidden;
}
.btpc-plus {
line-height: 40px;
color: #aaa;
font-family: arial;
font-size: 26px;
cursor: pointer;
padding-left: 80px;
transition-duration: 500ms;
transition-property: background;
transition-timing-function: ease
}
.btpc-plus:hover {
background-color: #20a53a;
color: #fff
}
.mypcip .btedit {
background: url(data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAABHNCSVQICAgIfAhkiAAAAAlwSFlzAAALEgAACxIB0t1+/AAAABx0RVh0U29mdHdhcmUAQWRvYmUgRmlyZXdvcmtzIENTNui8sowAAAFVSURBVDiNndO/ahRRFMfxz+zOav6goKC1S54gBBUECy0lIKTeyrXwFcROyBuENCHdNhaCoCgiWoggGPAJxFgIsbEJJBmTrCfFnBFZNjHrDy4z5849935/Z84tIsJ/6gneFhFR4AHuYHjM4jN4iZWM13ALSyWWcR+rOERrzAYFNvP9Ka7jKrZExKeIWI8IpxivIuJrRFxo5lqJXfzDbwfvcQU3cAnTUOIsfif6zeYDfuEDzuM5LuIatrGBu/hcInCAy1mH2STawyLmknI+56bykFZDsJsUP7CAdhIMUeELXo9YGmbOn4o3Nah6vd5Ot9vd6ff7lfr3dXKMVZnIVVp4MRgMZtLW6LpneJhxpB1lJnfwE49yblRtfPsrLhoLpbqA7fT15jjUERXNQeO6biK11DXYnyCnymdIjI+4jXuJdlJXHqq7cArf620izkXEu5hMj5u7cAQCwbENi6a1WQAAAABJRU5ErkJggg==) no-repeat center center;
width: 16px;
height: 16px;
display: none;
position: absolute;
left: 156px;
top: 14px
}
.mypcip:hover .btedit {
display: block
}
.task {
position: absolute;
right: 6px;
......@@ -5209,4 +5141,85 @@ select[disabled]{
border-bottom: 2px solid #20a53a;
color: #20a53a;
font-weight: bold;
}
\ No newline at end of file
}
.ssl_cert_from .layui-layer-ico{
width: 30px;
height: 30px;
display: inline-block;
position: absolute;
left: 50px;
}
.ssl_cert_from h3{
font-weight: bolder;
font-size: 18px;
margin-left: 75px;
display: inline-block;
height: 30px;
line-height: 30px;
}
.ssl_cert_from ul{
border: 1px solid #ececec;
border-radius: 10px;
margin: 0 auto;
margin-top: 20px;
margin-bottom: 20px;
background: #f7f7f7;
width: 80%;
padding: 15px;
list-style-type: inherit;
}
.ssl_cert_from ul li:nth-child(0){
margin-top: 12px;
color:red;
}
.ssl_cert_from ul li{
margin-left: 20px;
height: 25px;
line-height: 25px;
}
.ssl_cert_from>.line{
padding-top: 15px;
border-top: 1px solid #ececec;
width: 81%;
margin: 0 auto;
margin-top: 15px;
padding-bottom: 15px;
border-bottom: 1px solid #ececec;
}
.ssl_cert_from>.line .tname{
width:105px;
}
.ssl_cert_from>.line .info-r{
margin-left:70px;
height:30px;
line-height:30px;
}
.ssl_cert_from label{
font-weight: 400;
margin: 3px 5px 0px;
vertical-align: top;
}
.ssl_cert_from .details{
padding-top:10px;
width:80%;
margin:0 auto;
}
.ssl_cert_from .details a{
float: right;
position: relative;
top: 3px;
}
.ssl_cert_from>.line .line {
padding-bottom:0;
}
.ssl_cert_from>.line .line .info-r{
margin-bottom:0;
}
BTPanel/static/js/config.js
View file @ 1ea4c504
......@@ -176,41 +176,111 @@ function setTemplate(){
//设置面板SSL
function setPanelSSL(){
var status = $("#sshswitch").prop("checked")==true?1:0;
var msg = $("#panelSSL").attr('checked')?lan.config.ssl_close_msg:'<a style="font-weight: bolder;font-size: 16px;">'+lan.config.ssl_open_ps+'</a><li style="margin-top: 12px;color:red;">'+lan.config.ssl_open_ps_1+'</li><li>'+lan.config.ssl_open_ps_2+'</li><li>'+lan.config.ssl_open_ps_3+'</li><p style="margin-top: 10px;"><input type="checkbox" id="checkSSL" /><label style="font-weight: 400;margin: 3px 5px 0px;" for="checkSSL">'+lan.config.ssl_open_ps_4+'</label><a target="_blank" class="btlink" href="https://www.bt.cn/bbs/thread-4689-1-1.html" style="float: right;">'+lan.config.ssl_open_ps_5+'</a></p>';
layer.confirm(msg,{title:lan.config.ssl_title,closeBtn:2,icon:3,area:'550px',cancel:function(){
if(status == 0){
$("#panelSSL").prop("checked",false);
}
else{
$("#panelSSL").prop("checked",true);
}
}},function(){
if(window.location.protocol.indexOf('https') == -1){
if(!$("#checkSSL").prop('checked')){
layer.msg(lan.config.ssl_ps,{icon:2});
return false;
}
}
var loadT = layer.msg(lan.config.ssl_msg,{icon:16,time:0,shade: [0.3, '#000']});
$.post('/config?action=SetPanelSSL','',function(rdata){
layer.close(loadT);
layer.msg(rdata.msg,{icon:rdata.status?1:5});
if(rdata.status === true){
$.get('/system?action=ReWeb',function(){});
setTimeout(function(){
window.location.href = ((window.location.protocol.indexOf('https') != -1)?'http://':'https://') + window.location.host + window.location.pathname;
},1500);
}
});
},function(){
if(status == 0){
$("#panelSSL").prop("checked",false);
}
else{
$("#panelSSL").prop("checked",true);
}
});
var status = $("#panelSSL").prop("checked");
var loadT = layer.msg(lan.config.ssl_msg,{icon:16,time:0,shade: [0.3, '#000']});
if(status){
var confirm = layer.confirm('Whether to close the panel SSL certificate', {title:'Tips',btn: ['Confirm','Cancel'],icon:0,closeBtn:2}, function() {
bt.send('SetPanelSSL', 'config/SetPanelSSL', {}, function (rdata) {
layer.close(loadT);
if (rdata.status) {
layer.msg(rdata.msg,{icon:1});
$.get('/system?action=ReWeb', function () {
});
setTimeout(function () {
window.location.href = ((window.location.protocol.indexOf('https') != -1) ? 'http://' : 'https://') + window.location.host + window.location.pathname;
}, 1500);
}
else {
layer.msg(res.rdata,{icon:2});
}
});
return;
})
}
else {
bt.send('get_cert_source', 'config/get_cert_source', {}, function (rdata) {
layer.close(loadT);
var sdata = rdata;
var _data = {
title: 'Panel SSL',
area: '630px',
class:'ssl_cert_from',
list: [
{
html:'<div><i class="layui-layer-ico layui-layer-ico3"></i><h3>'+lan.config.ssl_open_ps+'</h3><ul><li style="color:red;">'+lan.config.ssl_open_ps_1+'</li><li>'+lan.config.ssl_open_ps_2+'</li><li>'+lan.config.ssl_open_ps_3+'</li></ul></div>'
},
{
title: 'Cert Type',
name: 'cert_type',
type: 'select',
width: '200px',
value: sdata.cert_type,
items: [{value: '1', title: 'Self-signed certificate'}, {value: '2', title: 'Let\'s Encrypt'}],
callback: function (obj) {
var subid = obj.attr('name') + '_subid';
$('#' + subid).remove();
if (obj.val() == '2') {
var _tr = bt.render_form_line({
title: 'Admin E-Mail',
name: 'email',
width: '320px',
placeholder: 'Admin E-Mail',
value: sdata.email
});
obj.parents('div.line').append('<div class="line" id=' + subid + '>' + _tr.html + '</div>');
}
}
},
{
html:'<div class="details"><input type="checkbox" id="checkSSL" /><label style="font-weight: 400;margin: 3px 5px 0px;" for="checkSSL">'+lan.config.ssl_open_ps_4+'</label><a target="_blank" class="btlink" href="https://forum.aapanel.com/d/167-common-problems-after-opening-the-panel-certificate">'+lan.config.ssl_open_ps_5+'</a></p></div>'
}
],
btns: [
{
title: 'Close', name: 'close', callback: function (rdata, load, callback) {
load.close();
$("#panelSSL").prop("checked", false);
}
},
{
title: 'Submit', name: 'submit', css: 'btn-success', callback: function (rdata, load, callback) {
if(!$('#checkSSL').is(':checked')){
bt.msg({status:false,msg:'Please confirm the risk first!'})
return;
}
var confirm = layer.confirm('Whether to open the panel SSL certificate', {title:'Tips',btn: ['Confirm','Cancel'],icon:0,closeBtn:2}, function() {
var loading = bt.load();
bt.send('SetPanelSSL', 'config/SetPanelSSL', rdata, function (rdata) {
loading.close()
if (rdata.status) {
layer.msg(rdata.msg,{icon:1});
$.get('/system?action=ReWeb', function () {
});
setTimeout(function () {
window.location.href = ((window.location.protocol.indexOf('https') != -1) ? 'http://' : 'https://') + window.location.host + window.location.pathname;
}, 1500);
}
else {
layer.msg(rdata.msg,{icon:2});
}
})
});
}
}
],
end: function () {
$("#panelSSL").prop("checked", false);
}
};
var _bs = bt.render_form(_data);
setTimeout(function () {
$('.cert_type' + _bs).trigger('change')
}, 200);
});
}
}
function GetPanelSSL(){
......@@ -261,8 +331,29 @@ function SavePanelSSL(){
});
}
function SetDebug() {
var status_s = {false:'Open',true:'Close'}
var debug_stat = $("#panelDebug").prop('checked');
bt.confirm({
title: status_s[debug_stat] + "Developer mode",
msg: "Do you really want "+ status_s[debug_stat]+" developer mode?",
cancel: function () {
$("#panelDebug").prop('checked',debug_stat);
}}, function () {
var loadT = layer.msg(lan.public.the, { icon: 16, time: 0, shade: [0.3, '#000'] });
$.post('/config?action=set_debug', {}, function (rdata) {
layer.close(loadT);
if (rdata.status) layer.closeAll()
layer.msg(rdata.msg, { icon: rdata.status ? 1 : 2 });
});
},function () {
console.log('index.html');
$("#panelDebug").prop('checked',debug_stat);
});
}
if(window.location.protocol.indexOf('https') != -1){
$("#panelSSL").attr('checked',true);
$("#panelSSL").prop('checked',true);
}
var weChat = {
......
BTPanel/static/js/public_backup.js
View file @ 1ea4c504
......@@ -533,7 +533,7 @@ var bt =
layer.msg(msg,btnObj);
},
confirm : function(config,callback){
confirm : function(config,callback,callback1){
var btnObj = {
title:config.title?config.title:false,
time : config.time?config.time:0,
......@@ -541,10 +541,13 @@ var bt =
closeBtn: config.closeBtn?config.closeBtn:2,
scrollbar:true,
shade:0.3,
icon:3
icon:3,
cancel: (config.cancel?config.cancel:function(){})
};
layer.confirm(config.msg, btnObj, function(index){
if(callback) callback(index);
},function(index){
if(callback1) callback1(index);
});
},
load : function(msg)
......@@ -776,13 +779,20 @@ var bt =
render_form:function(data,callback){
if(data){
var bs = '_' + bt.get_random(6);
var _form = $("<div data-id='form"+bs+"' class='bt-form bt-form pd20 pb70'></div>");
var _form = $("<div data-id='form"+bs+"' class='bt-form bt-form pd20 pb70 "+ (data.class?data.class:'') +"'></div>");
var _lines = data.list;
var clicks = [];
for (var i = 0;i<_lines.length;i++){
var rRet = bt.render_form_line(_lines[i],bs);
for(var s = 0;s<rRet.clicks.length;s++) clicks.push(rRet.clicks[s]);
_form.append(rRet.html);
for (var i = 0; i < _lines.length; i++)
{
var _obj = _lines[i]
if (_obj.hasOwnProperty("html")) {
_form.append(_obj.html)
}
else {
var rRet = bt.render_form_line(_obj, bs);
for (var s = 0; s < rRet.clicks.length; s++) clicks.push(rRet.clicks[s]);
_form.append(rRet.html);
}
}
var _btn_html = '';
......@@ -799,7 +809,8 @@ var bt =
area: data.area,
title: data.title,
closeBtn: 2,
content:_form.prop("outerHTML")
content:_form.prop("outerHTML"),
end: data.end ? data.end : false
})
setTimeout(function(){
bt.render_clicks(clicks,loadOpen,callback);
......
BTPanel/templates/default/config.html
View file @ 1ea4c504
......@@ -38,6 +38,13 @@
<label class='btswitch-btn' for='panelApi' onclick="SetPanelApi(2)"></label>
</div>
</div>
<div class="ss-text pull-left mr50">
<em title="Developer mode">Developer mode</em>
<div class='ssh-item'>
<input class='btswitch btswitch-ios' id='panelDebug' type='checkbox' {{data['debug']}}>
<label class='btswitch-btn' for='panelDebug' onclick="SetDebug()"></label>
</div>
</div>
</div>
</div>
<div class="setbox bgw mtb15">
......
class/common.py
View file @ 1ea4c504
......@@ -27,7 +27,7 @@ class panelSetup:
if ua:
ua = ua.lower();
if ua.find('spider') != -1 or ua.find('bot') != -1: return redirect('https://www.baidu.com');
g.version = '6.1.4'
g.version = '6.1.5'
g.title = public.GetConfigValue('title')
g.uri = request.path
session['version'] = g.version;
......
class/config.py
View file @ 1ea4c504
......@@ -416,20 +416,29 @@ class config:
#设置面板SSL
def SetPanelSSL(self,get):
sslConf = '/www/server/panel/data/ssl.pl';
if os.path.exists(sslConf):
os.system('rm -f ' + sslConf);
return public.returnMsg(True,'PANEL_SSL_CLOSE');
if hasattr(get,"email"):
rep_mail = "^[a-zA-Z0-9_-]+@[a-zA-Z0-9_-]+(\.[a-zA-Z0-9_-]+)+$"
if not re.search(rep_mail,get.email):
return public.returnMsg(False,'The E-Mail format is illegal')
import setPanelLets
sp = setPanelLets.setPanelLets()
sps = sp.set_lets(get)
return sps
else:
os.system('pip install cffi');
os.system('pip install cryptography');
os.system('pip install pyOpenSSL');
try:
if not self.CreateSSL(): return public.returnMsg(False,'PANEL_SSL_ERR');
public.writeFile(sslConf,'True')
except Exception as ex:
return public.returnMsg(False,'PANEL_SSL_ERR');
return public.returnMsg(True,'PANEL_SSL_OPEN');
sslConf = '/www/server/panel/data/ssl.pl';
if os.path.exists(sslConf):
os.system('rm -f ' + sslConf);
return public.returnMsg(True,'PANEL_SSL_CLOSE');
else:
os.system('pip install cffi');
os.system('pip install cryptography');
os.system('pip install pyOpenSSL');
try:
if not self.CreateSSL(): return public.returnMsg(False,'PANEL_SSL_ERR');
public.writeFile(sslConf,'True')
except Exception as ex:
return public.returnMsg(False,'PANEL_SSL_ERR');
return public.returnMsg(True,'PANEL_SSL_OPEN');
#自签证书
def CreateSSL(self):
if os.path.exists('ssl/input.pl'): return True;
......@@ -447,8 +456,8 @@ class config:
cert_ca = OpenSSL.crypto.dump_certificate(OpenSSL.crypto.FILETYPE_PEM, cert)
private_key = OpenSSL.crypto.dump_privatekey(OpenSSL.crypto.FILETYPE_PEM, key)
if len(cert_ca) > 100 and len(private_key) > 100:
public.writeFile('ssl/certificate.pem',cert_ca)
public.writeFile('ssl/privateKey.pem',private_key)
public.writeFile('ssl/certificate.pem',cert_ca,'wb+')
public.writeFile('ssl/privateKey.pem',private_key,'wb+')
return True
return False
......@@ -912,4 +921,24 @@ class config:
filename = 'logs/error.log'
public.writeFile(filename,'')
public.WriteLog('P_CONF','CLEARING_LOG')
return public.returnMsg(True,'CLEARED')
\ No newline at end of file
return public.returnMsg(True,'CLEARED')
# 获取lets证书
def get_cert_source(self,get):
import setPanelLets
sp = setPanelLets.setPanelLets()
spg = sp.get_cert_source()
return spg
#设置debug模式
def set_debug(self,get):
debug_path = 'data/debug.pl'
if os.path.exists(debug_path):
t_str = 'Close'
os.remove(debug_path)
else:
t_str = 'Open'
public.writeFile(debug_path,'True')
public.WriteLog('TYPE_PANEL','%sDeveloper mode(debug)' % t_str)
public.restart_panel()
return public.returnMsg(True,'Successful setup!')
\ No newline at end of file
class/files.py
View file @ 1ea4c504
......@@ -135,9 +135,11 @@ class files:
s_path = os.path.dirname(path)
p_stat = os.stat(s_path)
os.chown(path,p_stat.st_uid,p_stat.st_gid)
os.chmod(path,p_stat.st_mode)
if os.path.isfile(path):
os.chmod(path,0644)
else:
os.chmod(path,p_stat.st_mode)
#取文件/目录列表
def GetDir(self,get):
if not hasattr(get,'path'):
......@@ -796,7 +798,7 @@ class files:
data['chmod'] = str(oct(stat.st_mode)[-3:])
data['chown'] = pwd.getpwuid(stat.st_uid).pw_name
except:
data['chmod'] = 755
data['chmod'] = 644
data['chown'] = 'www'
return data
......@@ -819,7 +821,7 @@ class files:
def SetFileAccept(self,filename):
os.system('chown -R www:www ' + filename)
os.system('chmod -R 755 ' + filename)
os.system('chmod -R 644 ' + filename)
......
class/panelSite.py
View file @ 1ea4c504
......@@ -151,7 +151,7 @@ class panelSite(panelRedirect):
htaccess = self.sitePath+'/.htaccess'
if not os.path.exists(htaccess): public.writeFile(htaccess, ' ');
public.ExecShell('chmod -R 755 ' + htaccess);
public.ExecShell('chmod -R 644 ' + htaccess);
public.ExecShell('chown -R www:www ' + htaccess);
filename = self.setupPath+'/panel/vhost/apache/'+self.siteName+'.conf'
......@@ -298,21 +298,21 @@ class panelSite(panelRedirect):
if not os.path.exists(userIni):
public.writeFile(userIni, 'open_basedir='+self.sitePath+'/:/tmp/:/proc/');
public.ExecShell('chmod 644 ' + userIni);
public.ExecShell('chown root:root ' + userIni);
public.ExecShell('chown www:www ' + userIni);
public.ExecShell('chattr +i '+userIni);
#创建默认文档
index = self.sitePath+'/index.html'
if not os.path.exists(index):
public.writeFile(index, public.readFile('data/defaultDoc.html'))
public.ExecShell('chmod -R 755 ' + index);
public.ExecShell('chmod -R 644 ' + index);
public.ExecShell('chown -R www:www ' + index);
#创建自定义404页
doc404 = self.sitePath+'/404.html'
if not os.path.exists(doc404):
public.writeFile(doc404, public.readFile('data/404.html'));
public.ExecShell('chmod -R 755 ' + doc404);
public.ExecShell('chmod -R 644 ' + doc404);
public.ExecShell('chown -R www:www ' + doc404);
#写入配置
......@@ -864,7 +864,15 @@ class panelSite(panelRedirect):
if self.GetRedirectList(get): return public.returnMsg(False, 'SITE_SSL_ERR_301');
if self.GetProxyList(get): return public.returnMsg(False,'Sites that have reverse proxy turned on cannot request SSL!');
data = self.get_site_info(get.siteName)
get.site_dir = data['path']
get.id = data['id']
runPath = self.GetRunPath(get)
if runPath != '/':
if runPath[:1] != '/': runPath = '/' + runPath
else:
runPath = ''
get.site_dir = data['path'] + runPath
print(get.site_dir)
else:
dns_api_list = self.GetDnsApi(get)
get.dns_param = None
......@@ -2084,7 +2092,9 @@ server
n = 0
for w in ["nginx", "apache"]:
conf_path = "%s/panel/vhost/%s/%s.conf" % (self.setupPath, w, get.sitename)
old_conf = public.readFile(conf_path)
old_conf = ""
if os.path.exists(conf_path):
old_conf = public.readFile(conf_path)
rep = "(#PROXY-START(\n|.)+#PROXY-END)"
url_rep = "proxy_pass (.*);|ProxyPass\s/\s(.*)|Host\s(.*);"
host_rep = "Host\s(.*);"
......
class/public.py
View file @ 1ea4c504
This diff is collapsed.
class/setPanelLets.py 0 → 100644
View file @ 1ea4c504
#coding: utf-8
# +-------------------------------------------------------------------
# | 宝塔Linux面板
# +-------------------------------------------------------------------
# | Copyright (c) 2015-2099 宝塔软件(http://bt.cn) All rights reserved.
# +-------------------------------------------------------------------
# | Author: 邹浩文 <627622230@qq.com>
# +-------------------------------------------------------------------
import os
os.chdir("/www/server/panel")
import public,db,panelSSL,json
class setPanelLets:
__vhost_cert_path = "/www/server/panel/vhost/ssl/"
__panel_cert_path = "/www/server/panel/ssl/"
__tmp_key = ""
__tmp_cert = ""
def __init__(self):
pass
# 保存面板证书
def __save_panel_cert(self,cert,key):
keyPath = 'ssl/privateKey.pem'
certPath = 'ssl/certificate.pem'
checkCert = '/tmp/cert.pl'
public.writeFile(checkCert,cert)
if key:
public.writeFile(keyPath,key)
if cert:
public.writeFile(certPath,cert)
if not public.CheckCert(checkCert): return public.returnMsg(False,'Certificate error, please check!')
public.writeFile('ssl/input.pl','True')
return public.returnMsg(True,'The certificate has been saved!')
# 检查是否存在站点aapanel主机名站点
def __check_host_name(self, domain):
sql = db.Sql()
path = sql.table('sites').where('name=?', (domain,)).getField('path')
return path
# 创建证书使用的站点
def __create_site_of_panel_lets(self,get):
import panelSite
ps = panelSite.panelSite()
get.webname = json.dumps({"domain":get.domain,"domainlist":[],"count":0})
get.ps = "For panel Let's Encrypt certificate request and renewal, please do not delete"
get.path = "/www/wwwroot/panel_ssl_site"
get.ftp = "false"
get.sql = "false"
get.codeing = "utf8"
get.type = "PHP"
get.version = "00"
get.type_id = "0"
get.port = "80"
psa = ps.AddSite(get)
if "status" in psa.keys():
return psa
# 申请面板域名证书
def __create_lets(self,get):
import panelSite
ps = panelSite.panelSite()
get.siteName = get.domain
get.updateOf = "1"
get.domains = json.dumps([get.domain])
get.force = "true"
psc = ps.CreateLet(get)
if "False" in psc.values():
return psc
# 检查证书夹是否存在可用证书
def __check_cert_dir(self,get):
pssl = panelSSL.panelSSL()
gcl = pssl.GetCertList(get)
for i in gcl:
if get.domain in i.values():
return i
# 读取可用站点证书
def __read_site_cert(self,domain_cert):
self.__tmp_key = public.readFile("{path}{domain}/{key}".format(path=self.__vhost_cert_path,domain=domain_cert["subject"],key="privkey.pem"))
self.__tmp_cert = public.readFile(
"{path}{domain}/{cert}".format(path=self.__vhost_cert_path, domain=domain_cert["subject"],
cert="fullchain.pem"))
public.writeFile("/tmp/2",str(self.__tmp_cert))
# 检查面板证书是否存在
def __check_panel_cert(self):
key = public.readFile(self.__panel_cert_path+"privateKey.pem")
cert = public.readFile(self.__panel_cert_path+"certificate.pem")
if key and cert:
return {"key":key,"cert":cert}
# 写面板证书
def __write_panel_cert(self):
public.writeFile(self.__panel_cert_path + "privateKey.pem", self.__tmp_key)
public.writeFile(self.__panel_cert_path + "certificate.pem", self.__tmp_cert)
# 记录证书源
def __save_cert_source(self,domain,email):
public.writeFile(self.__panel_cert_path+"lets.info",json.dumps({"domain":domain,"cert_type":"2","email":email}))
# 获取证书源
def get_cert_source(self):
data = public.readFile(self.__panel_cert_path+"lets.info")
if not data:
return {"cert_type":"","email":"","domain":""}
return json.loads(data)
# 检查面板是否绑定域名
def __check_panel_domain(self):
domain = public.readFile("/www/server/panel/data/domain.conf")
if not domain:
return False
return domain
# 复制证书
def copy_cert(self,domain_cert):
self.__read_site_cert(domain_cert)
panel_cert_data = self.__check_panel_cert()
if not panel_cert_data:
self.__write_panel_cert()
return True
else:
if panel_cert_data["key"] == self.__tmp_key and panel_cert_data["cert"] == self.__tmp_cert:
pass
else:
self.__write_panel_cert()
return True
# 设置lets证书
def set_lets(self,get):
"""
传入参数
get.domain 面板域名
get.email 管理员email
"""
create_site = ""
domain = self.__check_panel_domain()
get.domain = domain
if not domain:
return public.returnMsg(False, "You need to bind the domain name to the panel before you can apply for the Let\'s Encrypt certificate.")
if not self.__check_host_name(domain):
create_site = self.__create_site_of_panel_lets(get)
domain_cert = self.__check_cert_dir(get)
if domain_cert:
self.copy_cert(domain_cert)
public.writeFile("/www/server/panel/data/ssl.pl", "True")
public.writeFile("/www/server/panel/data/reload.pl","1")
self.__save_cert_source(domain,get.email)
return public.returnMsg(True, 'Panel lets set successfully')
if not create_site:
create_lets = self.__create_lets(get)
if not create_lets:
domain_cert = self.__check_cert_dir(get)
self.copy_cert(domain_cert)
public.writeFile("/www/server/panel/data/ssl.pl", "True")
public.writeFile("/www/server/panel/data/reload.pl", "1")
self.__save_cert_source(domain, get.email)
return public.returnMsg(True, 'Panel lets set successfully')
else:
return create_lets
else:
return create_site
class/sewer/client.py
View file @ 1ea4c504
......@@ -13,7 +13,9 @@ import cryptography
from . import __version__ as sewer_version
from .config import ACME_DIRECTORY_URL_PRODUCTION
requests.packages.urllib3.disable_warnings()
try:
requests.packages.urllib3.disable_warnings()
except:pass
class Client(object):
......@@ -585,6 +587,7 @@ class Client(object):
"""
self.logger.debug("get_acme_header")
header = {"alg": "RS256", "nonce": self.get_nonce(), "url": url}
if url in [self.ACME_NEW_ACCOUNT_URL, self.ACME_REVOKE_CERT_URL, "GET_THUMBPRINT"]:
private_key = cryptography.hazmat.primitives.serialization.load_pem_private_key(
self.account_key.encode(),
......@@ -605,6 +608,7 @@ class Client(object):
header["jwk"] = jwk
else:
header["kid"] = self.kid
print('h:',url,header)
return header
def make_signed_acme_request(self, url, payload):
......
runconfig.py
View file @ 1ea4c504
......@@ -8,22 +8,30 @@ if os.path.exists('data/ipv6.pl'):
bind.append('[0:0:0:0:0:0:0:0]:%s' % bt_port)
else:
bind.append('0.0.0.0:%s' % bt_port)
workers = 1
threads = 4
w_num = 'data/workers.pl'
if not os.path.exists(w_num): public.writeFile(w_num,'1')
workers = int(public.readFile(w_num))
if not workers: workers = 1
threads = 3
backlog = 512
reload = False
daemon = True
timeout = 7200
keepalive = 60
preload_app = True
debug = os.path.exists('data/debug.pl')
reload = debug
preload_app = not debug
worker_class = 'geventwebsocket.gunicorn.workers.GeventWebSocketWorker'
chdir = '/www/server/panel'
capture_output = True
access_log_format = '%(t)s %(p)s %(h)s "%(r)s" %(s)s %(L)s %(b)s %(f)s" "%(a)s"'
loglevel = 'info'
graceful_timeout=0
loglevel = 'debug'
access_log_format = '%(h) - %(t)s - %(u)s - %(s)s %(H)s'
errorlog = chdir + '/logs/error.log'
accesslog = chdir + '/logs/access.log'
pidfile = chdir + '/logs/panel.pid'
if os.path.exists(chdir + '/data/ssl.pl'):
certfile = 'ssl/certificate.pem'
keyfile = 'ssl/privateKey.pem'
\ No newline at end of file
keyfile = 'ssl/privateKey.pem'
ciphers = 'TLSv1 TLSv1.1 TLSv1.2'
ssl_version = 2
\ No newline at end of file
tools.py
View file @ 1ea4c504
......@@ -25,14 +25,12 @@ def set_mysql_root(password):
PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin:~/bin
export PATH
pwd=$1
service mysqld stop
/etc/init.d/mysqld stop
mysqld_safe --skip-grant-tables&
echo 'Changing password...';
sleep 6
m_version=$(cat /www/server/mysql/version.pl|grep -E "(5.1.|5.5.|5.6.|mariadb)")
m_version=$(cat /www/server/mysql/version.pl|grep -E "(5.1.|5.5.|5.6.|mariadb|10.)")
if [ "$m_version" != "" ];then
mysql -uroot -e "insert into mysql.user(Select_priv,Insert_priv,Update_priv,Delete_priv,Create_priv,Drop_priv,Reload_priv,Shutdown_priv,Process_priv,File_priv,Grant_priv,References_priv,Index_priv,Alter_priv,Show_db_priv,Super_priv,Create_tmp_table_priv,Lock_tables_priv,Execute_priv,Repl_slave_priv,Repl_client_priv,Create_view_priv,Show_view_priv,Create_routine_priv,Alter_routine_priv,Create_user_priv,Event_priv,Trigger_priv,Create_tablespace_priv,User,Password,host)values('Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','root',password('${pwd}'),'127.0.0.1')"
mysql -uroot -e "insert into mysql.user(Select_priv,Insert_priv,Update_priv,Delete_priv,Create_priv,Drop_priv,Reload_priv,Shutdown_priv,Process_priv,File_priv,Grant_priv,References_priv,Index_priv,Alter_priv,Show_db_priv,Super_priv,Create_tmp_table_priv,Lock_tables_priv,Execute_priv,Repl_slave_priv,Repl_client_priv,Create_view_priv,Show_view_priv,Create_routine_priv,Alter_routine_priv,Create_user_priv,Event_priv,Trigger_priv,Create_tablespace_priv,User,Password,host)values('Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','root',password('${pwd}'),'localhost')"
mysql -uroot -e "UPDATE mysql.user SET password=PASSWORD('${pwd}') WHERE user='root'";
else
mysql -uroot -e "UPDATE mysql.user SET authentication_string='' WHERE user='root'";
......@@ -43,7 +41,7 @@ mysql -uroot -e "FLUSH PRIVILEGES";
pkill -9 mysqld_safe
pkill -9 mysqld
sleep 2
service mysqld start
/etc/init.d/mysqld start
echo '==========================================='
echo "The root password set ${pwd} successuful"''';
......@@ -80,7 +78,7 @@ if [ ! -d "${newDir}" ];then
exit
fi
echo "Stopping MySQL service..."
service mysqld stop
/etc/init.d/mysqld stop
echo "Copying files, please wait..."
\cp -r -a $oldDir/* $newDir
......@@ -88,7 +86,7 @@ chown -R mysql.mysql $newDir
sed -i "s#$oldDir#$newDir#" /etc/my.cnf
echo "Starting MySQL service..."
service mysqld start
/etc/init.d/mysqld start
echo ''
echo 'Successful'
echo '---------------------------------------------------------------------'
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment

Technounit-GROUP 2023