Optimize the ssl application process

df1ca5bb · jose · 1af51411 · df1ca5bb · df1ca5bb · df1ca5bb
Commit df1ca5bb authored Jul 13, 2019 by jose
8 changed files
--- a/class/common.py
+++ b/class/common.py
@@ -27,7 +27,7 @@ class panelSetup:
        if ua:
            ua = ua.lower();
            if ua.find('spider') != -1 or ua.find('bot') != -1: return redirect('https://www.baidu.com');
-        g.version = '6.1.2'
+        g.version = '6.1.3'
        g.title =  public.GetConfigValue('title')
        g.uri = request.path
        session['version'] = g.version;

--- a/class/crontab.py
+++ b/class/crontab.py
@@ -259,20 +259,26 @@ class crontab:
    def GetDataList(self,get):
        data = {}
        data['data'] = public.M(get['type']).field('name,ps').select()
-        data['orderOpt'] = [];
+        data['orderOpt'] = []
        import json
-        tmp = public.readFile('data/libList.conf');
+        tmp = public.readFile('data/libList.conf')
        libs = json.loads(tmp)
-        import imp;
+        import imp
        for lib in libs:
            try:
-                imp.find_module(lib['module']);
+                imp.find_module(lib['module'])
                tmp = {}
-                tmp['name'] = lib['name'];
+                tmp['name'] = lib['name']
                tmp['value']= lib['opt']
-                data['orderOpt'].append(tmp);
+                data['orderOpt'].append(tmp)
            except:
-                continue;
+                import sys
+                if lib['module'] == "google.cloud" and "google.cloud" in sys.modules.keys():
+                    tmp1 = {}
+                    tmp1['name'] = lib['name']
+                    tmp1['value'] = lib['opt']
+                    data['orderOpt'].append(tmp1)
+                continue
        return data
    
    #取任务日志

--- a/class/panelDnsapi.py
+++ b/class/panelDnsapi.py
@@ -110,9 +110,9 @@ class AliyunDns(object):
        req = requests.get(url=self.url, params=paramsdata)
        if req.status_code != 200:
            if req.json()['Code'] == 'IncorrectDomainUser' or req.json()['Code'] == 'InvalidDomainName.NoExist':
-                raise ValueError(json.dumps({"data": "这个阿里云账户下面不存在这个域名，添加解析失败", "msg": req.json()}))
+                raise ValueError(json.dumps({"data": "This domain name does not exist under this Ali cloud account. Adding parsing failed.", "msg": req.json()}))
            elif req.json()['Code'] == 'InvalidAccessKeyId.NotFound' or req.json()['Code'] == 'SignatureDoesNotMatch':
-                raise ValueError(json.dumps({"data": "API密钥错误，添加解析失败", "msg": req.json()}))
+                raise ValueError(json.dumps({"data": "API key error, add parsing failed", "msg": req.json()}))
            else:
                raise ValueError(json.dumps({"data": req.json()['Message'], "msg": req.json()}))
        print("create_dns_record end")
@@ -165,7 +165,7 @@ class AliyunDns(object):
        paramsdata['Signature'] = Signature
        req = requests.get(url=self.url, params=paramsdata)
        if req.status_code != 200:
-            raise ValueError(json.dumps({"data": "删除解析记录失败", "msg": req.json()}))
+            raise ValueError(json.dumps({"data": "Deleting a parse record failed", "msg": req.json()}))
        print("delete_dns_record end: ", acme_txt)

 class CloudxnsDns(object):
@@ -216,7 +216,7 @@ class CloudxnsDns(object):
        root, _, acme_txt = self.extract_zone(domain_name)
        domain = self.get_domain_id(root)
        if not domain:
-            raise ValueError('域名不存在这个cloudxns用户下面，添加解析失败。')
+            raise ValueError('The domain name does not exist under this cloudxns user, adding parsing failed.')

        print("create_dns_record,", acme_txt, domain_dns_value)
        url = "https://www.cloudxns.net/api2/record"
@@ -278,15 +278,17 @@ class Dns_com(object):

    def create_dns_record(self, domain_name, domain_dns_value):
        root, _, acme_txt = self.extract_zone(domain_name)
-        print("[DNS]创建TXT记录,", acme_txt, domain_dns_value)
+        print("[DNS]Create a TXT record,", acme_txt, domain_dns_value)
        result = self.get_dns_obj().add_txt(acme_txt + '.' + root,domain_dns_value)
        if result == "False":
-            raise ValueError('[DNS]当前绑定的宝塔DNS云解析账户里面不存在这个域名,添加解析失败!')
-        print("[DNS]TXT记录创建成功")
+            raise ValueError('[DNS] This domain name does not exist in the currently bound Pagoda DNS cloud resolution account. Adding parsing failed!')
+        print("[DNS] TXT record created successfully")
+        print("[DNS] Try to verify TXT record")
+        time.sleep(10)

    def delete_dns_record(self, domain_name, domain_dns_value):
        root, _, acme_txt = self.extract_zone(domain_name)
-        print("[DNS]准备删除TXT记录: ", acme_txt, domain_dns_value)
+        print("[DNS] ready to delete TXT records: ", acme_txt, domain_dns_value)
        result = self.get_dns_obj().remove_txt(acme_txt + '.' + root)
-        print("[DNS]TXT记录删除成功")
+        print("[DNS] TXT record deleted successfully")

--- a/class/panelLets.py
+++ b/class/panelLets.py
--- a/class/panelSite.py
+++ b/class/panelSite.py
@@ -934,7 +934,9 @@ class panelSite(panelRedirect):
                if match: apis[i]['data'][j]['value'] = match.groups()[0]
                if apis[i]['data'][j]['value']: is_write = True
        if is_write: public.writeFile('./config/dns_api.json',json.dumps(apis))
-        return apis
+        result = []
+        for i in apis: result.insert(0,i)
+        return result

    #设置DNS-API
    def SetDnsApi(self,get):

--- a/class/public.py
+++ b/class/public.py
@@ -778,12 +778,17 @@ def getStrBetween(startStr,endStr,srcStr):

 #取CPU类型
 def getCpuType():
-    cpuinfo = open('/proc/cpuinfo','r').read();
+    cpuinfo = open('/proc/cpuinfo','r').read()
    rep = "model\s+name\s+:\s+(.+)"
-    tmp = re.search(rep,cpuinfo);
-    cpuType = None
+    tmp = re.search(rep,cpuinfo,re.I);
+    cpuType = ''
    if tmp:
-        cpuType = tmp.groups()[0];
+        cpuType = tmp.groups()[0]
+    else:
+        cpuinfo = ExecShell('LANG="en_US.UTF-8" && lscpu')[0]
+        rep = "Model\s+name:\s+(.+)"
+        tmp = re.search(rep,cpuinfo,re.I)
+        if tmp: cpuType = tmp.groups()[0]
    return cpuType;


@@ -1259,3 +1264,13 @@ def set_own(filename,user,group=None):
        group = user_info.pw_gid
    os.chown(filename,user,group)
    return True
+
+#校验路径安全
+def path_safe_check(path):
+    checks = ['..','./','\\','%','$','^','&','*','~','@','#']
+    for c in checks:
+        if path.find(c) != -1: return False
+    rep = "^[\w\s\.\/-]+$"
+    if not re.match(rep,path): return False
+    return True
+
--- a/data/libList.conf
+++ b/data/libList.conf
 [{
-	"name":"七牛云存储",
-	"type":"计划任务",
-	"ps":"将网站或数据库打包备份到七牛对象存储空间,七牛提供10GB免费存储空间, <a class='link' href='https://portal.qiniu.com/signup?code=3liz7nbopjd5e' target='_blank'>点击申请</a>",
-	"status":false,
-	"opt":"qiniu",
-	"module":"qiniu",
-	"script":"qiniu",
-	"help":"http://www.bt.cn/bbs/thread-839-1-1.html",
-	"key":"access_key|请输入AccessKey|七牛秘钥中的AK",
-	"secret":"secret_key|请输入SecretKey|七牛秘钥中的SK",
-	"bucket":"存储空间|请输入对象存储空间名称|七牛对象存储中您创建的空间名称",
-	"domain":"外链域名|请输入绑定域名或测试域名|绑定的七牛外链域名，若没有则填测试域名",
-	"check":["/usr/lib/python2.6/site-packages/qiniu/auth.py","/usr/lib/python2.7/site-packages/qiniu/auth.py"]
-},{
-	"name":"阿里云OSS",
-	"type":"计划任务",
-	"ps":"将网站或数据库打包备份到阿里云OSS对象存储空间,阿里云OSS提供5GB免费存储空间, <a class='link' href='https://www.aliyun.com/product/oss?spm=5176.8142029.388261.46.psCRgl' target='_blank'>点击申请</a>",
-	"status":false,
-	"opt":"alioss",
-	"module":"oss2",
-	"script":"alioss",
-	"help":"http://www.bt.cn/bbs/thread-1061-1-1.html",
-	"key":"AccessKeyId|请输入AccessKeyId|阿里云的AccessKeyId",
-	"secret":"AccessKeySecret|请输入AccessKeySecret|阿里云的AccessKeySecret",
-	"bucket":"Bucket|请输入Bucket名称|阿里云OSS中您创建的Bucket名称",
-	"domain":"外链域名|请输入Endpoint域名|阿里云OSS外链域名，不包括Bucket名",
-	"check":["/usr/lib/python2.6/site-packages/oss2/auth.py","/usr/lib/python2.7/site-packages/oss2/auth.py"]
-},{
-	"name":"FTP storage",
+	"name":"Google Cloud Storage",
 	"type":"Cron job",
-	"ps":"将网站或数据库打包备份到FTP存储空间.",
-	"status":false,
-	"opt":"ftp",
-	"module":"ftp",
-	"script":"ftp",
-	"help":"http://www.bt.cn/bbs",
-	"key":"Host|请输入主机地址|FTP服务器地址,例：192.168.0.1:21",
-	"secret":"用户名|请输入登陆用户名|指定FTP用户名",
-	"bucket":"密码|请输入登陆密码|指定FTP密码",
-	"domain":"存储位置|请输入存储位置|相对于FTP根目录的路径，如 /backup",
-	"check":["/www/server/panel/script/backup_ftp.py"]
-},{
-	"name":"申请内测资格",
-	"type":"其它",
-	"ps":"申请内测资格，审核完成后将会获得内测版本更新推送，并可在宝塔论坛内测专用版块参与讨论",
+	"ps":"Back up your website or database to Google Cloud Storage.",
 	"status":false,
-	"opt":"beta",
-	"module":"beta",
-	"script":"beta",
-	"help":"http://www.bt.cn/bbs/thread-1392-1-1.html",
+	"opt":"gcloud",
+	"module":"google.cloud",
+	"script":"google",
+	"help":"http://forum.aapanel.com",
 	"key":"",
 	"secret":"",
 	"bucket":"",
 	"domain":"",
-	"check":["data/beta.pl"]
+	"check":["/www/server/panel/plugin/gcloud_storage/gcloud_storage_main.py","/www/server/panel/script/backup_gcloud.py"]
 }]
\ No newline at end of file
--- a/init.sh
+++ b/init.sh
@@ -78,7 +78,7 @@ echo "
 +----------------------------------------------------------------------
 "
 get_node_url(){
-	nodes=(http://125.88.182.172:5880 http://183.235.223.101:3389 http://103.224.251.67 http://128.1.164.196);
+	nodes=(http://183.235.223.101:3389 http://119.188.210.21:5880 http://125.88.182.172:5880 http://103.224.251.67 http://45.32.116.160 http://download.bt.cn);
 	i=1;
 	if [ ! -f /bin/curl ];then
 		if [ -f /usr/local/curl/bin/curl ];then
@@ -201,7 +201,7 @@ timedatectl set-ntp 1
 #ln -s /usr/share/zoneinfo/Asia/Shanghai /etc/localtime

 #echo 'Synchronizing system time...'
-#ntpdate 0.asia.pool.ntp.org
+ntpdate 0.asia.pool.ntp.org
 startTime=`date +%s`
 setenforce 0
 sed -i 's/SELINUX=enforcing/SELINUX=disabled/' /etc/selinux/config
@@ -374,18 +374,7 @@ Install_chardet()
 Install_setuptools
 Install_pip

-if [ "${download_Url}" = "$CN" ]; then
-	if [ ! -d "/root/.pip" ];then
-		mkdir ~/.pip
-	fi
-    cat > ~/.pip/pip.conf <<EOF
-[global]
-index-url = https://pypi.doubanio.com/simple/
-
-[install]
-trusted-host=pypi.doubanio.com
-EOF
-fi
+curl -Ss --connect-timeout 3 -m 60 http://download.bt.cn/install/pip_select.sh|bash

 isPsutil=`python -m psutil 2>&1|grep package`
 if [ "$isPsutil" != "" ];then
@@ -403,7 +392,9 @@ pip install paramiko==2.0.2
 pip install flask-socketio==3.0.2
 pip install python-socketio==2.1.2
 pip install Werkzeug==0.15.1
-for p_name in psutil chardet virtualenv Flask Flask-Session Flask-SocketIO flask-sqlalchemy Pillow gunicorn gevent-websocket requests;
+pip install Pillow==5.4.1
+pip install -I requests==2.20
+for p_name in psutil chardet virtualenv Flask Flask-Session Flask-SocketIO flask-sqlalchemy Pillow gunicorn gevent-websocket pyopenssl cryptography;
 do
 	pip install ${p_name}
 done
@@ -418,7 +409,7 @@ if [ "$is_gevent" = "" ];then
 	fi
 fi

-pip install psutil chardet virtualenv Flask Flask-Session Flask-SocketIO flask-sqlalchemy Pillow gunicorn gevent-websocket paramiko
+pip install psutil chardet virtualenv Flask Flask-Session Flask-SocketIO flask-sqlalchemy Pillow gunicorn gevent-websocket paramiko requests pyopenssl cryptography
 Install_Pillow
 Install_psutil

@@ -493,6 +484,9 @@ chkconfig --add bt
 chkconfig --level 2345 bt on
 chmod -R 600 $setup_path/server/panel
 chmod -R +x $setup_path/server/panel/script
+chmod 655 $setup_path/server/panel
+chmod 655 $setup_path/server/panel/data
+chmod 655 $setup_path/server/panel/data/empty.html
 ln -sf /etc/init.d/bt /usr/bin/bt
 echo "$port" > $setup_path/server/panel/data/port.pl
 /etc/init.d/bt start
@@ -617,6 +611,11 @@ fi

 curl -sS --connect-timeout 10 -m 60 https://www.bt.cn/Api/SetupCount?type=Linux\&o=EN > /dev/null 2>&1
 curl -sS --connect-timeout 10 -m 60 https://www.aapanel.com/Api/SetupCount?type=Linux > /dev/null 2>&1
+if [ "$1" != "" ];then
+	echo $1 > /www/server/panel/data/o.pl
+	cd /www/server/panel
+	python tools.py o
+fi
 echo /www > /var/bt_setupPath.conf
 /etc/init.d/bt start