Merge pull request #350 from midoks/dev

0.12.2
midoks · Jan 27, 2023 · 696797f · 696797f
2 parents 2b0b697 + fcfad78
commit 696797f
Show file tree

Hide file tree

Showing 40 changed files with 2,598 additions and 419 deletions.
diff --git a/.gitignore b/.gitignore
@@ -156,7 +156,9 @@ data/bind_domain.pl
 
 plugins/l2tp
 plugins/openlitespeed
+plugins/migration_api
 plugins/system_safe
+plugins/tamper_proof
 plugins/gdrive
 plugins/mtproxy
 plugins/zimg
@@ -165,6 +167,7 @@ plugins/mail
 plugins/fastdfs
 plugins/v2ray
 plugins/frp
+plugins/file_search
 debug.out
 
 
diff --git a/README.md b/README.md
@@ -72,7 +72,6 @@ PHP[72-81]支持phpMyAdmin[5.2.0]
 # 特别赞助
 
 - [找资源 - 阿里云盘资源搜索引擎](https://zhaoziyuan.la/)
-- [奈飞丝 - 奈飞中国 Netflix MOD首发](https://naifeis.com/index.php#/register?code=k7P7V6Ur)
 
 # AD - VPS推荐 - 🙏
 
@@ -92,14 +91,17 @@ docker run -itd --name mw-server --privileged=true -p 7200:7200 -p 80:80 -p 443:
 ```
 
 
-### 版本更新 0.12.1
+### 版本更新 0.12.2
 
-* mysql/mariadb/mysql-apt/mysql-yum增加新的同步方式[同步账户]。
-* pureftp安装时自动放行端口。
-* 面板ssl，添加【申请Lets证书】功能。
-* 站点子域名绑定优化。
-* 修复添加数据库名字判断。
-* 增加PHP52的隐藏和显示指令。
+* 开放菜单权限配置。
+* 升级SSH终端2.0。
+* 增加已安装类型。
+* 加入切换linux软件源的命令。
+* iptables安装优化。
+* 网站统计POST获取数据优化。
+* mysql[apt/yum]迁移优化。
+* 优化防火墙导入。
+* 图标可设置。
 * 各种细节优化。
 
 

diff --git a/app.py b/app.py
@@ -40,12 +40,12 @@
             PORT = int(f.read())
             f.close()
 
-        HOST = '0.0.0.0'
+        # HOST = '0.0.0.0'
+        # app.run(host=HOST, port=PORT)
+
         http_server = WSGIServer(
             (HOST, PORT), app, handler_class=WebSocketHandler)
-
         http_server.serve_forever()
-
         socketio.run(app, host=HOST, port=PORT)
 except Exception as ex:
     print(ex)
diff --git a/class/core/config_api.py b/class/core/config_api.py
@@ -27,7 +27,7 @@
 
 class config_api:
 
-    __version = '0.12.1'
+    __version = '0.12.2'
     __api_addr = 'data/api.json'
 
     def __init__(self):
@@ -781,12 +781,21 @@ def get(self):
             "id=?", (1,)).getField('username')
 
         # databases hook 获取
-        database_file = 'data/hook_database.json'
-        if os.path.exists(database_file):
-            df = mw.readFile(database_file)
+        database_hook_file = 'data/hook_database.json'
+        if os.path.exists(database_hook_file):
+            df = mw.readFile(database_hook_file)
             df = json.loads(df)
             data['hook_database'] = df
         else:
             data['hook_database'] = []
 
+        # menu hook 获取
+        menu_hook_file = 'data/hook_menu.json'
+        if os.path.exists(menu_hook_file):
+            df = mw.readFile(menu_hook_file)
+            df = json.loads(df)
+            data['hook_menu'] = df
+        else:
+            data['hook_menu'] = []
+
         return data
diff --git a/class/core/firewall_api.py b/class/core/firewall_api.py
@@ -33,7 +33,8 @@ class firewall_api:
     __isMac = False
 
     def __init__(self):
-        if os.path.exists('/usr/sbin/iptables'):
+        iptables_file = mw.systemdCfgDir() + '/iptables.service'
+        if os.path.exists(iptables_file):
             self.__isIptables = True
         if os.path.exists('/usr/sbin/firewalld'):
             self.__isFirewalld = True
@@ -254,26 +255,15 @@ def setSshPortApi(self):
         conf = re.sub(rep, "Port " + port + "\n", conf)
         mw.writeFile(file, conf)
 
+        self.addAcceptPortArgs(port, 'SSH端口修改', 'port')
         if self.__isUfw:
-            mw.execShell('ufw allow ' + port + '/tcp')
             mw.execShell("service ssh restart")
         elif self.__isIptables:
-            mw.execShell(
-                'iptables -I INPUT -p tcp -m state --state NEW -m tcp --dport ' + port + ' -j ACCEPT')
             mw.execShell("/etc/init.d/sshd restart")
         elif self.__isFirewalld:
-            mw.execShell('setenforce 0')
-            mw.execShell(
-                'sed -i "s#SELINUX=enforcing#SELINUX=disabled#" /etc/selinux/config')
             mw.execShell("systemctl restart sshd.service")
         else:
-            pass
-
-        self.firewallReload()
-        # mw.M('firewall').where(
-        #     "ps=?", ('SSH远程管理服务',)).setField('port', port)
-        msg = "改SSH端口为[{}]成功!".format(port)
-        mw.writeLog("防火墙管理", msg)
+            return mw.returnJson(False, '修改失败!')
         return mw.returnJson(True, '修改成功!')
 
     def setSshStatusApi(self):
@@ -359,6 +349,8 @@ def setFwIptables(self, status):
             _list = mw.M('firewall').field('id,port,ps,addtime').limit(
                 '0,1000').order('id desc').select()
 
+            mw.execShell('iptables -P INPUT DROP')
+            mw.execShell('iptables -P OUTPUT ACCEPT')
             for x in _list:
                 port = x['port']
                 if mw.isIpAddr(port):

diff --git a/class/core/mw.py b/class/core/mw.py
@@ -454,6 +454,12 @@ def getDate():
     return time.strftime('%Y-%m-%d %X', time.localtime())
 
 
+def getDataFromInt(val):
+    time_format = '%Y-%m-%d %H:%M:%S'
+    time_str = time.localtime(val)
+    return time.strftime(time_format, time_str)
+
+
 def writeLog(stype, msg, args=()):
     # 写日志
     try:
@@ -573,28 +579,37 @@ def dePunycode(domain):
 def enCrypt(key, strings):
     # 加密字符串
     try:
+        import base64
+        _key = md5(key).encode('utf-8')
+        _key = base64.urlsafe_b64encode(_key)
+
         if type(strings) != bytes:
             strings = strings.encode('utf-8')
+        import cryptography
         from cryptography.fernet import Fernet
-        f = Fernet(key)
+        f = Fernet(_key)
         result = f.encrypt(strings)
         return result.decode('utf-8')
     except:
-        # print(get_error_info())
+        print(getTracebackInfo())
         return strings
 
 
 def deCrypt(key, strings):
     # 解密字符串
     try:
+        import base64
+        _key = md5(key).encode('utf-8')
+        _key = base64.urlsafe_b64encode(_key)
+
         if type(strings) != bytes:
-            strings = strings.decode('utf-8')
+            strings = strings.encode('utf-8')
         from cryptography.fernet import Fernet
-        f = Fernet(key)
+        f = Fernet(_key)
         result = f.decrypt(strings).decode('utf-8')
         return result
     except:
-        # print(get_error_info())
+        print(getTracebackInfo())
         return strings
 
 
@@ -1275,6 +1290,10 @@ def toSize(size):
     return str(round(size, 2)) + ' ' + b
 
 
+def getPathSuffix(path):
+    return os.path.splitext(path)[-1]
+
+
 def getMacAddress():
     # 获取mac
     import uuid
@@ -1483,8 +1502,95 @@ def getMyORMDb():
     o = ormDb.ORM()
     return o
 
+
+##################### ssh  start #########################################
+def getSshDir():
+    if isAppleSystem():
+        user = execShell("who | sed -n '2, 1p' |awk '{print $1}'")[0].strip()
+        return '/Users/' + user + '/.ssh'
+    return '/root/.ssh'
+
+
+def createRsa():
+    # ssh-keygen -t rsa -P "" -C "[email protected]"
+    ssh_dir = getSshDir()
+    # mw.execShell("rm -f /root/.ssh/*")
+    if not os.path.exists(ssh_dir + '/authorized_keys'):
+        execShell('touch ' + ssh_dir + '/authorized_keys')
+
+    if not os.path.exists(ssh_dir + '/id_rsa.pub') and os.path.exists(ssh_dir + '/id_rsa'):
+        execShell('echo y | ssh-keygen -q -t rsa -P "" -f ' +
+                  ssh_dir + '/id_rsa')
+    else:
+        execShell('ssh-keygen -q -t rsa -P "" -f ' + ssh_dir + '/id_rsa')
+
+    execShell('cat ' + ssh_dir + '/id_rsa.pub >> ' +
+              ssh_dir + '/authorized_keys')
+    execShell('chmod 600 ' + ssh_dir + '/authorized_keys')
+
+
+def createSshInfo():
+    ssh_dir = getSshDir()
+    if not os.path.exists(ssh_dir + '/id_rsa') or not os.path.exists(ssh_dir + '/id_rsa.pub'):
+        createRsa()
+
+    # 检查是否写入authorized_keys
+    data = execShell("cat " + ssh_dir + "/id_rsa.pub | awk '{print $3}'")
+    if data[0] != "":
+        cmd = "cat " + ssh_dir + "/authorized_keys | grep " + data[0]
+        ak_data = execShell(cmd)
+        if ak_data[0] == "":
+            cmd = 'cat ' + ssh_dir + '/id_rsa.pub >> ' + ssh_dir + '/authorized_keys'
+            execShell(cmd)
+            execShell('chmod 600 ' + ssh_dir + '/authorized_keys')
+
+
+def connectSsh():
+    import paramiko
+    ssh = paramiko.SSHClient()
+    createSshInfo()
+    ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
+
+    port = getSSHPort()
+    try:
+        ssh.connect('127.0.0.1', port, timeout=5)
+    except Exception as e:
+        ssh.connect('localhost', port, timeout=5)
+    except Exception as e:
+        ssh.connect(getHostAddr(), port, timeout=30)
+    except Exception as e:
+        return False
+
+    shell = ssh.invoke_shell(term='xterm', width=83, height=21)
+    shell.setblocking(0)
+    return shell
+
+
+def clearSsh():
+    # 服务器IP
+    ip = getHostAddr()
+    sh = '''
+#!/bin/bash
+PLIST=`who | grep localhost | awk '{print $2}'`
+for i in $PLIST
+do
+    ps -t /dev/$i |grep -v TTY | awk '{print $1}' | xargs kill -9
+done
+
+# getHostAddr
+PLIST=`who | grep "${ip}" | awk '{print $2}'`
+for i in $PLIST
+do
+    ps -t /dev/$i |grep -v TTY | awk '{print $1}' | xargs kill -9
+done
+'''
+    if not isAppleSystem():
+        info = execShell(sh)
+        print(info[0], info[1])
+##################### ssh  end   #########################################
+
 # ---------------------------------------------------------------------------------
-# 打印相关
+# 打印相关 START
 # ---------------------------------------------------------------------------------
 
 
@@ -1503,3 +1609,7 @@ def echoEnd(tag):
 
 def echoInfo(msg):
     print("|-{}".format(msg))
+
+# ---------------------------------------------------------------------------------
+# 打印相关 END
+# ---------------------------------------------------------------------------------