diff --git a/backend/app/api/v1/ssh.go b/backend/app/api/v1/ssh.go index 80bada30d..a7adc7930 100644 --- a/backend/app/api/v1/ssh.go +++ b/backend/app/api/v1/ssh.go @@ -47,18 +47,18 @@ func (b *BaseApi) OperateSSH(c *gin.Context) { // @Summary Update host SSH setting // @Description 更新 SSH 配置 // @Accept json -// @Param request body dto.SettingUpdate true "request" +// @Param request body dto.SSHUpdate true "request" // @Success 200 // @Security ApiKeyAuth // @Router /host/ssh/update [post] // @x-panel-log {"bodyKeys":["key","value"],"paramKeys":[],"BeforeFunctions":[],"formatZH":"修改 SSH 配置 [key] => [value]","formatEN":"update SSH setting [key] => [value]"} func (b *BaseApi) UpdateSSH(c *gin.Context) { - var req dto.SettingUpdate + var req dto.SSHUpdate if err := helper.CheckBindAndValidate(&req, c); err != nil { return } - if err := sshService.Update(req.Key, req.Value); err != nil { + if err := sshService.Update(req); err != nil { helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrTypeInternalServer, err) return } diff --git a/backend/app/dto/ssh.go b/backend/app/dto/ssh.go index a2a05477e..85623ca47 100644 --- a/backend/app/dto/ssh.go +++ b/backend/app/dto/ssh.go @@ -2,6 +2,12 @@ package dto import "time" +type SSHUpdate struct { + Key string `json:"key" validate:"required"` + OldValue string `json:"oldValue"` + NewValue string `json:"newValue"` +} + type SSHInfo struct { AutoStart bool `json:"authStart"` Status string `json:"status"` diff --git a/backend/app/service/ssh.go b/backend/app/service/ssh.go index 946f265f8..2b26aea26 100644 --- a/backend/app/service/ssh.go +++ b/backend/app/service/ssh.go @@ -30,7 +30,7 @@ type ISSHService interface { GetSSHInfo() (*dto.SSHInfo, error) OperateSSH(operation string) error UpdateByFile(value string) error - Update(key, value string) error + Update(req dto.SSHUpdate) error GenerateSSH(req dto.GenerateSSH) error AnalysisLog(req dto.SearchForAnalysis) (*dto.AnalysisRes, error) LoadSSHSecret(mode string) (string, error) @@ -114,7 +114,7 @@ func (u *SSHService) OperateSSH(operation string) error { return nil } -func (u *SSHService) Update(key, value string) error { +func (u *SSHService) Update(req dto.SSHUpdate) error { serviceName, err := loadServiceName() if err != nil { return err @@ -125,10 +125,7 @@ func (u *SSHService) Update(key, value string) error { return err } lines := strings.Split(string(sshConf), "\n") - newFiles := updateSSHConf(lines, key, value) - if err := settingRepo.Update(key, value); err != nil { - return err - } + newFiles := updateSSHConf(lines, req.Key, req.NewValue) file, err := os.OpenFile(sshPath, os.O_WRONLY|os.O_TRUNC, 0666) if err != nil { return err @@ -138,10 +135,28 @@ func (u *SSHService) Update(key, value string) error { return err } sudo := cmd.SudoHandleCmd() - if key == "Port" { + if req.Key == "Port" { stdout, _ := cmd.Execf("%s getenforce", sudo) if stdout == "Enforcing\n" { - _, _ = cmd.Execf("%s semanage port -a -t ssh_port_t -p tcp %s", sudo, value) + _, _ = cmd.Execf("%s semanage port -a -t ssh_port_t -p tcp %s", sudo, req.NewValue) + } + + ruleItem := dto.PortRuleUpdate{ + OldRule: dto.PortRuleOperate{ + Operation: "remove", + Port: req.OldValue, + Protocol: "tcp", + Strategy: "accept", + }, + NewRule: dto.PortRuleOperate{ + Operation: "add", + Port: req.NewValue, + Protocol: "tcp", + Strategy: "accept", + }, + } + if err := NewIFirewallService().UpdatePortRule(ruleItem); err != nil { + global.LOG.Errorf("reset firewall rules %s -> %s failed, err: %v", req.OldValue, req.OldValue, err) } } diff --git a/cmd/server/docs/docs.go b/cmd/server/docs/docs.go index 07a693780..5a227bbf1 100644 --- a/cmd/server/docs/docs.go +++ b/cmd/server/docs/docs.go @@ -1,5 +1,5 @@ -// Package docs GENERATED BY SWAG; DO NOT EDIT -// This file was generated by swaggo/swag +// Code generated by swaggo/swag. DO NOT EDIT. + package docs import "github.com/swaggo/swag" @@ -6565,7 +6565,7 @@ const docTemplate = `{ "in": "body", "required": true, "schema": { - "$ref": "#/definitions/dto.SettingUpdate" + "$ref": "#/definitions/dto.SSHUpdate" } } ], @@ -15439,6 +15439,23 @@ const docTemplate = `{ } } }, + "dto.SSHUpdate": { + "type": "object", + "required": [ + "key" + ], + "properties": { + "key": { + "type": "string" + }, + "newValue": { + "type": "string" + }, + "oldValue": { + "type": "string" + } + } + }, "dto.SSLUpdate": { "type": "object", "required": [ diff --git a/cmd/server/docs/swagger.json b/cmd/server/docs/swagger.json index 5b31ce3a6..c0b0099b7 100644 --- a/cmd/server/docs/swagger.json +++ b/cmd/server/docs/swagger.json @@ -6558,7 +6558,7 @@ "in": "body", "required": true, "schema": { - "$ref": "#/definitions/dto.SettingUpdate" + "$ref": "#/definitions/dto.SSHUpdate" } } ], @@ -15432,6 +15432,23 @@ } } }, + "dto.SSHUpdate": { + "type": "object", + "required": [ + "key" + ], + "properties": { + "key": { + "type": "string" + }, + "newValue": { + "type": "string" + }, + "oldValue": { + "type": "string" + } + } + }, "dto.SSLUpdate": { "type": "object", "required": [ diff --git a/cmd/server/docs/swagger.yaml b/cmd/server/docs/swagger.yaml index 437774acc..91f6bd4e6 100644 --- a/cmd/server/docs/swagger.yaml +++ b/cmd/server/docs/swagger.yaml @@ -1989,6 +1989,17 @@ definitions: successfulCount: type: integer type: object + dto.SSHUpdate: + properties: + key: + type: string + newValue: + type: string + oldValue: + type: string + required: + - key + type: object dto.SSLUpdate: properties: cert: @@ -8499,7 +8510,7 @@ paths: name: request required: true schema: - $ref: '#/definitions/dto.SettingUpdate' + $ref: '#/definitions/dto.SSHUpdate' responses: "200": description: OK diff --git a/frontend/src/api/interface/host.ts b/frontend/src/api/interface/host.ts index b0af66242..4c78f0818 100644 --- a/frontend/src/api/interface/host.ts +++ b/frontend/src/api/interface/host.ts @@ -128,6 +128,11 @@ export namespace Host { permitRootLogin: string; useDNS: string; } + export interface SSHUpdate { + key: string; + oldValue: string; + newValue: string; + } export interface SSHGenerate { encryptionMode: string; password: string; diff --git a/frontend/src/api/modules/host.ts b/frontend/src/api/modules/host.ts index 12f4d54df..70e1b3b50 100644 --- a/frontend/src/api/modules/host.ts +++ b/frontend/src/api/modules/host.ts @@ -111,8 +111,8 @@ export const getSSHConf = () => { export const operateSSH = (operation: string) => { return http.post(`/hosts/ssh/operate`, { operation: operation }); }; -export const updateSSH = (key: string, value: string) => { - return http.post(`/hosts/ssh/update`, { key: key, value: value }); +export const updateSSH = (params: Host.SSHUpdate) => { + return http.post(`/hosts/ssh/update`, params); }; export const updateSSHByfile = (file: string) => { return http.post(`/hosts/ssh/conffile/update`, { file: file }); diff --git a/frontend/src/views/host/ssh/ssh/address/index.vue b/frontend/src/views/host/ssh/ssh/address/index.vue index 528eb1496..582469615 100644 --- a/frontend/src/views/host/ssh/ssh/address/index.vue +++ b/frontend/src/views/host/ssh/ssh/address/index.vue @@ -76,8 +76,13 @@ const onSave = async (formEl: FormInstance | undefined) => { }, ) .then(async () => { + let params = { + key: 'ListenAddress', + oldValue: '', + newValue: form.listenAddress, + }; loading.value = true; - await updateSSH('ListenAddress', form.listenAddress) + await updateSSH(params) .then(() => { loading.value = false; handleClose(); diff --git a/frontend/src/views/host/ssh/ssh/index.vue b/frontend/src/views/host/ssh/ssh/index.vue index c107dcba8..c462bbd23 100644 --- a/frontend/src/views/host/ssh/ssh/index.vue +++ b/frontend/src/views/host/ssh/ssh/index.vue @@ -267,8 +267,13 @@ const onSave = async (formEl: FormInstance | undefined, key: string, value: stri }, ) .then(async () => { + let params = { + key: key, + oldValue: '', + newValue: value, + }; loading.value = true; - await updateSSH(key, value) + await updateSSH(params) .then(() => { loading.value = false; MsgSuccess(i18n.global.t('commons.msg.operationSuccess')); diff --git a/frontend/src/views/host/ssh/ssh/port/index.vue b/frontend/src/views/host/ssh/ssh/port/index.vue index 5c152ead5..a78d681ad 100644 --- a/frontend/src/views/host/ssh/ssh/port/index.vue +++ b/frontend/src/views/host/ssh/ssh/port/index.vue @@ -46,6 +46,7 @@ interface DialogProps { } const drawerVisible = ref(); const loading = ref(); +const oldPort = ref(); const form = reactive({ port: 22, @@ -55,6 +56,7 @@ const formRef = ref(); const acceptParams = (params: DialogProps): void => { form.port = params.port; + oldPort.value = params.port; drawerVisible.value = true; }; @@ -72,8 +74,13 @@ const onSave = async (formEl: FormInstance | undefined) => { }, ) .then(async () => { + let params = { + key: 'Port', + oldValue: oldPort.value + '', + newValue: form.port + '', + }; loading.value = true; - await updateSSH('Port', form.port + '') + await updateSSH(params) .then(() => { loading.value = false; handleClose(); diff --git a/frontend/src/views/host/ssh/ssh/root/index.vue b/frontend/src/views/host/ssh/ssh/root/index.vue index 6aa8cb538..fabae100b 100644 --- a/frontend/src/views/host/ssh/ssh/root/index.vue +++ b/frontend/src/views/host/ssh/ssh/root/index.vue @@ -79,8 +79,13 @@ const onSave = async (formEl: FormInstance | undefined) => { }, ) .then(async () => { + let params = { + key: 'PermitRootLogin', + oldValue: '', + newValue: form.permitRootLogin, + }; loading.value = true; - await updateSSH('PermitRootLogin', form.permitRootLogin) + await updateSSH(params) .then(() => { loading.value = false; handleClose();