Merge pull request midoks#387 from midoks/dev

0.13.1

.gitignore

@@ -162,6 +162,7 @@ plugins/openlitespeed
 plugins/system_safe
 plugins/tamper_proof
 plugins/tamper_proof_*
+plugins/cryptocurrency_trade
 plugins/op_load_balance
 plugins/gdrive
 plugins/mtproxy

README.md

@@ -29,6 +29,7 @@
 基本上可以使用,后续会继续优化!欢迎提供意见！
 
 - 吹水组 - https://t.me/mdserver_web
+- 交流论坛 - https://bbs.midoks.me
 
 ```
 如果出现问题，最好私给我面板信息。不要让我猜。如果不提供，不要提出问题，自行解决。  — 座右铭
@@ -98,12 +99,12 @@ docker run -itd --name mw-server --privileged=true -p 7200:7200 -p 80:80 -p 443:
 ```
 
 
-### 版本更新 0.13.0
+### 版本更新 0.13.1
 
-* 一键迁移插件。
-* 修复acme ssl申请。
-* IP识别优化。
-* 解决删除站点残留的问题。
+* 关闭issue，建立bbs.midoks.me。问题集中处理，发挥群众的力量。
+* 添加站操作回调钩子site_cb。 网站统计和OP防火墙不再手动重载配置
+* 修复ubuntu20 pureftp 安装时,端口没有加入安全里
+* 增加global_static hook关键字,并优化menu的文件加载hook
 * 各种细节优化。
 
 ### JSDelivr安装地址
@@ -112,7 +113,6 @@ docker run -itd --name mw-server --privileged=true -p 7200:7200 -p 80:80 -p 443:
 
 ```
 curl -fsSL https://cdn.jsdelivr.net/gh/midoks/mdserver-web@latest/scripts/install.sh | bash
-
 ```
 
 - 直接更新

class/core/cert_api.py

@@ -1522,7 +1522,7 @@ def renewCert(self, index):
                             self.__config['orders'][i]['auth_to'] = auth_to
 
                     # 是否到了允许重试的时间
-                    if 'next_retry_time' in self._config['orders'][i]:
+                    if 'next_retry_time' in self.__config['orders'][i]:
                         timeout = self.__config['orders'][i][
                             'next_retry_time'] - int(time.time())
                         if timeout > 0:

class/core/config_api.py

@@ -27,7 +27,7 @@
 
 class config_api:
 
-    __version = '0.13.0'
+    __version = '0.13.1'
     __api_addr = 'data/api.json'
 
     def __init__(self):
@@ -824,7 +824,9 @@ def get(self):
         data['username'] = mw.M('users').where(
             "id=?", (1,)).getField('username')
 
-        # databases hook 获取
+        data['hook_tag'] = request.args.get('tag', '')
+
+        # databases hook
         database_hook_file = 'data/hook_database.json'
         if os.path.exists(database_hook_file):
             df = mw.readFile(database_hook_file)
@@ -833,7 +835,7 @@ def get(self):
         else:
             data['hook_database'] = []
 
-        # menu hook 获取
+        # menu hook
         menu_hook_file = 'data/hook_menu.json'
         if os.path.exists(menu_hook_file):
             df = mw.readFile(menu_hook_file)
@@ -842,4 +844,13 @@ def get(self):
         else:
             data['hook_menu'] = []
 
+        # global_static hook
+        global_static_hook_file = 'data/hook_global_static.json'
+        if os.path.exists(global_static_hook_file):
+            df = mw.readFile(global_static_hook_file)
+            df = json.loads(df)
+            data['hook_global_static'] = df
+        else:
+            data['hook_global_static'] = []
+
         return data

class/core/firewall_api.py

@@ -123,12 +123,12 @@ def delDropAddressApi(self):
         address = port
         if self.__isUfw:
             mw.execShell('ufw delete deny from ' + address + ' to any')
-        elif self.__isIptables:
-            cmd = 'iptables -D INPUT -s ' + address + ' -j DROP'
-            mw.execShell(cmd)
         elif self.__isFirewalld:
             mw.execShell(
                 'firewall-cmd --permanent --remove-rich-rule=\'rule family=ipv4 source address="' + address + '" drop\'')
+        elif self.__isIptables:
+            cmd = 'iptables -D INPUT -s ' + address + ' -j DROP'
+            mw.execShell(cmd)
         else:
             pass
 
@@ -149,14 +149,15 @@ def delAcceptPortApi(self):
                 return mw.returnJson(False, '失败，不能删除当前面板端口!')
             if self.__isUfw:
                 mw.execShell('ufw delete allow ' + port + '/tcp')
-            elif self.__isIptables:
-                mw.execShell(
-                    'iptables -D INPUT -p tcp -m state --state NEW -m tcp --dport ' + port + ' -j ACCEPT')
             elif self.__isFirewalld:
+                port = port.replace(':', '-')
                 mw.execShell(
                     'firewall-cmd --permanent --zone=public --remove-port=' + port + '/tcp')
                 mw.execShell(
                     'firewall-cmd --permanent --zone=public --remove-port=' + port + '/udp')
+            elif self.__isIptables:
+                mw.execShell(
+                    'iptables -D INPUT -p tcp -m state --state NEW -m tcp --dport ' + port + ' -j ACCEPT')
             else:
                 pass
             msg = mw.getInfo('删除防火墙放行端口[{1}]成功!', (port,))
@@ -438,13 +439,13 @@ def getLogList(self, page, limit, search=''):
     def addAcceptPort(self, port):
         if self.__isUfw:
             mw.execShell('ufw allow ' + port + '/tcp')
-        elif self.__isIptables:
-            cmd = 'iptables -I INPUT -p tcp -m state --state NEW -m tcp --dport ' + port + ' -j ACCEPT'
-            mw.execShell(cmd)
         elif self.__isFirewalld:
             port = port.replace(':', '-')
             cmd = 'firewall-cmd --permanent --zone=public --add-port=' + port + '/tcp'
             mw.execShell(cmd)
+        elif self.__isIptables:
+            cmd = 'iptables -I INPUT -p tcp -m state --state NEW -m tcp --dport ' + port + ' -j ACCEPT'
+            mw.execShell(cmd)
         else:
             pass
         return True

class/core/plugins_api.py

@@ -91,7 +91,7 @@ def menuApi(self):
             t = mw.readFile(menu_file)
             tlist = json.loads(t)
             for menu_data in tlist:
-                if 'path' in menu_data:
+                if tag == menu_data['name'] and 'path' in menu_data:
                     tpath = self.menuGetAbsPath(tag, menu_data['path'])
                     content = mw.readFile(tpath)
         data['plugin_content'] = content
@@ -256,13 +256,14 @@ def hookUninstallFile(self, hook_name, info):
             data = json.loads(t)
 
         for idx in range(len(data)):
-            if data[idx]['title'] == info['title'] and data[idx]['name'] == info['name']:
+            if data[idx]['name'] == info['name']:
                 data.remove(data[idx])
+                break
         mw.writeFile(hookPath, json.dumps(data))
 
     def hookInstall(self, info):
         valid_hook = ['backup', 'database']
-        valid_list_hook = ['menu']
+        valid_list_hook = ['menu', 'global_static', 'site_cb']
         if 'hook' in info:
             hooks = info['hook']
             for h in hooks:
@@ -280,7 +281,7 @@ def hookInstall(self, info):
 
     def hookUninstall(self, info):
         valid_hook = ['backup', 'database']
-        valid_list_hook = ['menu']
+        valid_list_hook = ['menu', 'global_static', 'site_cb']
         if 'hook' in info:
             hooks = info['hook']
             for h in hooks:
@@ -795,7 +796,8 @@ def getAllListPage(self, sType='0', page=1, pageSize=10):
                         for index in range(len(tmp_data)):
                             plugins_info.append(tmp_data[index])
                     except Exception as e:
-                        print(e)
+                        print(json_file)
+                        print(mw.getTracebackInfo())
 
         start = (page - 1) * pageSize
         end = start + pageSize

class/core/site_api.py

@@ -72,6 +72,30 @@ def __init__(self):
             mw.execShell("mkdir -p " + self.sslLetsDir +
                          " && chmod -R 755 " + self.sslLetsDir)
 
+    def runHook(self, hook_name, func_name):
+        # 站点操作Hook
+        hook_file = 'data/hook_site_cb.json'
+        hook_cfg = []
+        if os.path.exists(hook_file):
+            t = mw.readFile(hook_file)
+            hook_cfg = json.loads(t)
+
+        hook_num = len(hook_cfg)
+        if hook_num == 0:
+            return
+
+        import plugins_api
+        pa = plugins_api.plugins_api()
+
+        for x in range(hook_num):
+            hook_data = hook_cfg[x]
+            if func_name in hook_data:
+                app_name = hook_data["name"]
+                run_func = hook_data[func_name]['func']
+                # print(app_name, run_func)
+                pa.run(app_name, run_func)
+        return True
+
     ##### ----- start ----- ###
     def listApi(self):
         limit = request.form.get('limit', '10')
@@ -1272,6 +1296,7 @@ def addDomain(self, domain, webname, pid):
             mw.M('domain').add('pid,name,port,addtime',
                                (pid, domain_name, domain_port, mw.getDate()))
 
+        self.runHook('site_cb', 'add')
         return mw.returnJson(True, '域名添加成功!')
 
     def addDirBindApi(self):
@@ -1401,7 +1426,7 @@ def getDirBindRewriteApi(self):
             data['filename'] = filename
         return mw.getJson(data)
 
-        # 修改物理路径
+    # 修改物理路径
     def setPathApi(self):
         mid = request.form.get('id', '')
         path = request.form.get('path', '')
@@ -2530,16 +2555,18 @@ def add(self, webname, port, ps, path, version):
         self.createRootDir(self.sitePath)
         self.nginxAddConf()
 
+        mw.M('domain').add('pid,name,port,addtime',
+                           (pid, self.siteName, self.sitePort, mw.getDate()))
+
         # 添加更多域名
         for domain in siteMenu['domainlist']:
             self.addDomain(domain, self.siteName, pid)
 
-        mw.M('domain').add('pid,name,port,addtime',
-                           (pid, self.siteName, self.sitePort, mw.getDate()))
-
         data = {}
         data['siteStatus'] = False
         mw.restartWeb()
+
+        self.runHook('site_cb', 'add')
         return mw.returnJson(True, '添加成功')
 
     def deleteWSLogs(self, webname):
@@ -2608,6 +2635,8 @@ def delete(self, sid, webname, path):
 
         mw.M('binding').where("pid=?", (sid,)).delete()
         mw.restartWeb()
+
+        self.runHook('site_cb', 'delete')
         return mw.returnJson(True, '站点删除成功!')
 
     def setEndDate(self, sid, edate):

plugins/gitea/hook/commit.tpl

@@ -33,7 +33,11 @@ if [ ! -d $WEB_PATH ];then
 	mkdir -p $WEB_PATH
 	rsync -vauP --delete --exclude=".*" $GIT_PROJECT_DIR/ $WEB_PATH
 else
-	rsync -vauP --exclude=".*" $GIT_PROJECT_DIR/ $WEB_PATH
+	if [ -f $GIT_PROJECT_DIR/exclude.list ];then
+		rsync -vauP --delete --exclude-from="$GIT_PROJECT_DIR/exclude.list" $GIT_PROJECT_DIR/ $WEB_PATH
+	else
+		rsync -vauP --exclude=".*" $GIT_PROJECT_DIR/ $WEB_PATH
+	fi
 fi
 
 sysName=`uname`

plugins/op_waf/info.json

@@ -1,4 +1,16 @@
 {
+	"hook":[
+		{
+			"tag":"site_cb",
+			"site_cb": {
+				"title":"网站统计",
+				"name":"op_waf",
+				"add":{"func":"reload"},
+				"update":{"func":"reload"},
+				"delete":{"func":"reload"}
+			}
+		}
+	],
 	"title":"OP防火墙",
 	"tip":"soft",
 	"name":"op_waf",
@@ -12,5 +24,5 @@
 	"home":"https://github.com/loveshell/ngx_lua_waf",
 	"date":"2019-04-21",
 	"pid": "1",
-	"versions": ["0.2.5"]
+	"versions": ["0.2.6"]
 }

plugins/openresty/install.sh

@@ -59,11 +59,11 @@ Install_openresty()
 	mkdir -p ${openrestyDir}
 	echo '正在安装脚本文件...' > $install_tmp
 
+	# wget -O openresty-1.21.4.1.tar.gz https://openresty.org/download/openresty-1.21.4.1.tar.gz
 	if [ ! -f ${openrestyDir}/openresty-${VERSION}.tar.gz ];then
 		wget -O ${openrestyDir}/openresty-${VERSION}.tar.gz https://openresty.org/download/openresty-${VERSION}.tar.gz
 	fi
 
-
 	cd ${openrestyDir} && tar -zxvf openresty-${VERSION}.tar.gz
 
 	# --with-openssl=$serverPath/source/lib/openssl-1.0.2q

plugins/pureftp/conf/pure-ftpd.conf

@@ -26,7 +26,6 @@ AutoRename                   no
 AnonymousCantUpload          no
 MaxDiskUsage                 99
 CustomerProof                yes
-PassivePortRange 			 48000 50000
 PIDFile                      {$SERVER_PATH}/pureftp/etc/pure-ftpd.pid
 PureDB                       {$SERVER_PATH}/pureftp/etc/pureftpd.pdb
 

plugins/pureftp/install.sh

@@ -9,6 +9,11 @@ serverPath=$(dirname "$rootPath")
 
 install_tmp=${rootPath}/tmp/mw_install.pl
 
+
+if [ -f ${rootPath}/bin/activate ];then
+	source ${rootPath}/bin/activate
+fi
+
 sysName=`uname`
 echo "use system: ${sysName}"
 

plugins/rsyncd/install.sh

@@ -16,6 +16,10 @@ bash ${rootPath}/scripts/getos.sh
 OSNAME=`cat ${rootPath}/data/osname.pl`
 
 
+if [ -f ${rootPath}/bin/activate ];then
+	source ${rootPath}/bin/activate
+fi
+
 if id www &> /dev/null ;then 
     echo "www uid is `id -u www`"
     echo "www shell is `grep "^www:" /etc/passwd |cut -d':' -f7 `"