diff --git a/.github/workflows/sync2gitee.yml b/.github/workflows/sync2gitee.yml index 637a22b9e..60513f0c9 100644 --- a/.github/workflows/sync2gitee.yml +++ b/.github/workflows/sync2gitee.yml @@ -9,7 +9,7 @@ jobs: uses: Yikun/hub-mirror-action@master with: src: 'github/1Panel-dev' - dst: 'gitee/fit2cloud-xlab' + dst: 'gitee/fit2cloud-feizhiyun' dst_key: ${{ secrets.GITEE_PRIVATE_KEY }} dst_token: ${{ secrets.GITEE_TOKEN }} static_list: "1Panel" diff --git a/SECURITY.md b/SECURITY.md index 4102e26e9..ea3a05589 100644 --- a/SECURITY.md +++ b/SECURITY.md @@ -3,9 +3,6 @@ 如果您发现安全问题,请直接联系我们: - wanghe@fit2cloud.com -- zhengkun@fit2cloud.com -- support@fit2cloud.com -- 400-052-0755 感谢您的支持! @@ -14,8 +11,5 @@ All security bugs should be reported to the contact as below: - wanghe@fit2cloud.com -- zhengkun@fit2cloud.com -- support@fit2cloud.com -- +86 400-052-0755 Thanks for your support! diff --git a/backend/utils/ps/ps_test.go b/backend/utils/ps/ps_test.go deleted file mode 100644 index bda0ad144..000000000 --- a/backend/utils/ps/ps_test.go +++ /dev/null @@ -1,79 +0,0 @@ -package ps - -import ( - "fmt" - "strconv" - "testing" - "time" - - "github.com/shirou/gopsutil/v3/host" - "github.com/shirou/gopsutil/v3/process" -) - -func TestPs(t *testing.T) { - processes, err := process.Processes() - if err != nil { - panic(err) - } - for _, pro := range processes { - var ( - name string - parentID int32 - userName string - status string - startTime string - numThreads int32 - numConnections int - cpuPercent float64 - //mem string - rss string - ioRead string - ioWrite string - ) - name, _ = pro.Name() - parentID, _ = pro.Ppid() - userName, _ = pro.Username() - array, err := pro.Status() - if err == nil { - status = array[0] - } - createTime, err := pro.CreateTime() - if err == nil { - t := time.Unix(createTime/1000, 0) - startTime = t.Format("2006-1-2 15:04:05") - } - numThreads, _ = pro.NumThreads() - connections, err := pro.Connections() - if err == nil && len(connections) > 0 { - numConnections = len(connections) - } - cpuPercent, _ = pro.CPUPercent() - menInfo, err := pro.MemoryInfo() - if err == nil { - rssF := float64(menInfo.RSS) / 1048576 - rss = fmt.Sprintf("%.2f", rssF) - } - ioStat, err := pro.IOCounters() - if err == nil { - ioWrite = strconv.FormatUint(ioStat.WriteBytes, 10) - ioRead = strconv.FormatUint(ioStat.ReadBytes, 10) - } - - cmdLine, err := pro.Cmdline() - if err == nil { - fmt.Println(cmdLine) - } - ss, err := pro.Terminal() - if err == nil { - fmt.Println(ss) - } - - fmt.Printf("Name: %s PId: %v ParentID: %v Username: %v status:%s startTime: %s numThreads: %v numConnections:%v cpuPercent:%v rss:%s MB IORead: %s IOWrite: %s \n", - name, pro.Pid, parentID, userName, status, startTime, numThreads, numConnections, cpuPercent, rss, ioRead, ioWrite) - } - users, err := host.Users() - if err == nil { - fmt.Println(users) - } - -} diff --git a/backend/utils/ssl/acme_test.go b/backend/utils/ssl/acme_test.go deleted file mode 100644 index c241cef54..000000000 --- a/backend/utils/ssl/acme_test.go +++ /dev/null @@ -1,457 +0,0 @@ -package ssl - -import ( - "bytes" - "crypto" - "crypto/ecdsa" - "crypto/elliptic" - "crypto/rand" - "crypto/rsa" - "crypto/x509" - "crypto/x509/pkix" - "encoding/json" - "encoding/pem" - "fmt" - "github.com/go-acme/lego/v4/providers/dns/cloudflare" - "os" - "path" - "testing" - "time" - - "github.com/1Panel-dev/1Panel/backend/utils/files" - "gopkg.in/yaml.v3" - - "github.com/go-acme/lego/v4/acme/api" - "github.com/go-acme/lego/v4/certcrypto" - "github.com/go-acme/lego/v4/certificate" - "github.com/go-acme/lego/v4/challenge" - "github.com/go-acme/lego/v4/challenge/dns01" - "github.com/go-acme/lego/v4/lego" - "github.com/go-acme/lego/v4/registration" - - "log" -) - -type AppList struct { - Version string `json:"version"` - Tags []Tag `json:"tags"` - Items []AppDefine `json:"items"` -} - -type NewAppDefine struct { - Name string `yaml:"name"` - Tags []string `yaml:"tags"` - Title string `yaml:"title"` - Type string `yaml:"type"` - Description string `yaml:"description"` - AdditionalProperties AppDefine `yaml:"additionalProperties"` -} - -type NewAppConfig struct { - AdditionalProperties map[string]interface{} `yaml:"additionalProperties"` -} - -type AppDefine struct { - Key string `json:"key" yaml:"key"` - Name string `json:"name" yaml:"name"` - Tags []string `json:"tags" yaml:"tags"` - Versions []string `json:"versions" yaml:"-"` - ShortDescZh string `json:"shortDescZh" yaml:"shortDescZh"` - ShortDescEn string `json:"shortDescEn" yaml:"shortDescEn"` - Type string `json:"type" yaml:"type"` - CrossVersionUpdate bool `json:"crossVersionUpdate" yaml:"crossVersionUpdate"` - Limit int `json:"limit" yaml:"limit"` - Recommend int `json:"recommend" yaml:"recommend"` - Website string `json:"website" yaml:"website"` - Github string `json:"github" yaml:"github"` - Document string `json:"document" yaml:"document"` -} - -type Tag struct { - Key string `json:"key" yaml:"key"` - Name string `json:"name" yaml:"name"` -} - -func getTagName(key string, tags []Tag) string { - result := "应用" - for _, tag := range tags { - if tag.Key == key { - return tag.Name - } - } - return result -} - -func TestAppToV2(t *testing.T) { - oldDir := "/Users/wangzhengkun/projects/github.com/1Panel-dev/appstore/apps" - newDir := "/Users/wangzhengkun/projects/github.com/1Panel-dev/appstore/apps_new" - listJsonDir := path.Join(oldDir, "list.json") - fileOp := files.NewFileOp() - content, err := fileOp.GetContent(listJsonDir) - if err != nil { - panic(err) - } - appList := &AppList{} - if err = json.Unmarshal(content, appList); err != nil { - panic(err) - } - - for _, appDefine := range appList.Items { - newAppDefine := &NewAppDefine{ - Name: appDefine.Name, - Tags: []string{getTagName(appDefine.Tags[0], appList.Tags)}, - Type: getTagName(appDefine.Tags[0], appList.Tags), - Title: appDefine.ShortDescZh, - Description: appDefine.ShortDescZh, - AdditionalProperties: appDefine, - } - - yamlContent, err := yaml.Marshal(newAppDefine) - if err != nil { - panic(err) - } - oldAppDir := oldDir + "/" + appDefine.Key - newAppDir := newDir + "/" + appDefine.Key - if !fileOp.Stat(newAppDir) { - if err := fileOp.CreateDir(newAppDir, 0755); err != nil { - panic(err) - } - } - // logo - oldLogoPath := oldAppDir + "/metadata/logo.png" - if err := fileOp.CopyFile(oldLogoPath, newAppDir); err != nil { - panic(err) - } - for _, version := range appDefine.Versions { - oldVersionDir := oldAppDir + "/versions/" + version - if err := fileOp.CopyDir(oldVersionDir, newAppDir); err != nil { - panic(err) - } - oldConfigPath := oldVersionDir + "/config.json" - configContent, err := fileOp.GetContent(oldConfigPath) - if err != nil { - panic(err) - } - var result map[string]interface{} - if err := json.Unmarshal(configContent, &result); err != nil { - panic(err) - } - newConfigD := &NewAppConfig{} - newConfigD.AdditionalProperties = result - configYamlByte, err := yaml.Marshal(newConfigD) - if err != nil { - panic(err) - } - newVersionDir := newAppDir + "/" + version - if err := fileOp.WriteFile(newVersionDir+"/data.yml", bytes.NewReader(configYamlByte), 0755); err != nil { - panic(err) - } - if err := fileOp.WriteFile(newAppDir+"/data.yml", bytes.NewReader(yamlContent), 0755); err != nil { - panic(err) - } - _ = fileOp.DeleteFile(newVersionDir + "/config.json") - oldReadMefile := newVersionDir + "/README.md" - _ = fileOp.Cut([]string{oldReadMefile}, newAppDir, "", false) - _ = fileOp.DeleteFile(oldReadMefile) - } - } -} - -func TestCreatePrivate(t *testing.T) { - priKey, err := rsa.GenerateKey(rand.Reader, 2048) - if err != nil { - panic(err) - } - derStream := x509.MarshalPKCS1PrivateKey(priKey) - block := &pem.Block{ - Type: "privateKey", - Bytes: derStream, - } - file, err := os.Create("private.key") - if err != nil { - return - } - if err = pem.Encode(file, block); err != nil { - return - } -} - -func TestSSL(t *testing.T) { - - priKey, err := ecdsa.GenerateKey(elliptic.P256(), rand.Reader) - if err != nil { - log.Fatalf("Failed to generate private key: %v", err) - } - - myUser := AcmeUser{ - Email: "you2@yours.com", - Key: priKey, - } - - config := lego.NewConfig(&myUser) - //config.CADirURL = "https://acme-v02.api.letsencrypt.org/directory" - config.CADirURL = "https://acme-staging-v02.api.letsencrypt.org/directory" - config.CADirURL = "https://acme.zerossl.com/v2/DV90" - config.UserAgent = "acm_go/0.0.1" - - config.Certificate.KeyType = certcrypto.RSA2048 - //config.HTTPClient = httpClient - - client, err := lego.NewClient(config) - if err != nil { - panic(err) - } - - reg, err := client.Registration.Register(registration.RegisterOptions{TermsOfServiceAgreed: true}) - if err != nil { - panic(err) - } - - myUser.Registration = reg - - //获取证书 - //certificates, err := client.Certificate.Get("https://acme-v02.api.letsencrypt.org/acme/cert/049cb98a8b3ea5a73f08dcdcf89263af8323", true) - //if err != nil { - // panic(err) - //} - //certificates, err = client.Certificate.Renew(*certificates, true, true, "") - //if err != nil { - // panic(err) - //} - - //申请证书 - ewDomain := "tuxpanel.com" - - request := certificate.ObtainRequest{ - Domains: []string{ewDomain}, - // 证书链 - Bundle: true, - } - - err = client.Challenge.SetDNS01Provider(&manualDnsProvider{}, dns01.AddDNSTimeout(6*time.Minute)) - if err != nil { - panic(err) - } - - core, err := api.New(config.HTTPClient, config.UserAgent, config.CADirURL, reg.URI, priKey) - if err != nil { - panic(err) - } - order, err := core.Orders.New([]string{ewDomain}) - if err != nil { - panic(err) - } - - auth, err := core.Authorizations.Get(order.Authorizations[0]) - if err != nil { - panic(err) - } - - domain := challenge.GetTargetedDomain(auth) - chlng, err := challenge.FindChallenge(challenge.DNS01, auth) - if err != nil { - panic(err) - } - keyAuth, err := core.GetKeyAuthorization(chlng.Token) - if err != nil { - panic(err) - } - fqdn, value := dns01.GetRecord(domain, keyAuth) - fmt.Println("fqdn", fqdn, value) - - // - //keyAuth, err := client.Challenge.core.GetKeyAuthorization(chlng.Token) - //if err != nil { - // panic(err) - //} - // - - //httpProvider, err := webroot.NewHTTPProvider("/opt/1Panel/data/apps/nginx/nginx-1/www/wwwroot") - //if err != nil { - // panic(err) - //} - // - //err = client.Challenge.SetHTTP01Provider(httpProvider) - //if err != nil { - // panic(err) - //} - //err = client.Challenge.SetTLSALPN01Provider(tlsalpn01.NewProviderServer("43.142.178.16", "443")) - //if err != nil { - // panic(err) - //} - - certificates, err := client.Certificate.Obtain(request) - if err != nil { - panic(err) - } - - fmt.Println("---private---") - fmt.Println(string(certificates.PrivateKey)) - fmt.Println("---.pem---") - fmt.Println(string(certificates.Certificate)) - fmt.Println("---.domain---") - fmt.Println(certificates.Domain) - fmt.Println("---.certUrl---") - fmt.Println(certificates.CertURL) - fmt.Println("---.csr---") - fmt.Println(certificates.CSR) - fmt.Println("---.cert string---") - fmt.Println(string(certificates.IssuerCertificate)) - - cer1, _ := pem.Decode(certificates.Certificate) - - cert, err := x509.ParseCertificate(cer1.Bytes) - if err != nil { - panic(err) - } - fmt.Println(cert) - - cer2, _ := pem.Decode(certificates.IssuerCertificate) - - cert2, err := x509.ParseCertificate(cer2.Bytes) - if err != nil { - panic(err) - } - fmt.Println(cert2) - -} - -func generateCSR(privateKey crypto.PrivateKey, domain string) ([]byte, error) { - // 创建证书请求的模板 - template := x509.CertificateRequest{ - Subject: pkix.Name{ - CommonName: domain, - }, - SignatureAlgorithm: x509.ECDSAWithSHA256, - } - - // 生成 CSR - csrBytes, err := x509.CreateCertificateRequest(rand.Reader, &template, privateKey) - if err != nil { - return nil, err - } - - // 将 CSR 编码为 PEM 格式 - csrPEM := pem.EncodeToMemory(&pem.Block{Type: "CERTIFICATE REQUEST", Bytes: csrBytes}) - - // 这里可以将 CSR 写入文件或者返回 - err = os.WriteFile("csr.pem", csrPEM, 0644) - if err != nil { - return nil, err - } - - return csrPEM, nil -} - -func TestZeroSSL(t *testing.T) { - - domain := "1panel.store" - acmeServer := "https://acme.zerossl.com/v2/DV90" - - //acmeServer = "https://api.test4.buypass.no/acme/directory" - // - //acmeServer = "https://api.buypass.com/acme/directory" - - priKey, err := ecdsa.GenerateKey(elliptic.P256(), rand.Reader) - if err != nil { - log.Fatalf("Failed to generate private key: %v", err) - } - - user := AcmeUser{ - Email: "zhengkunwang123@sina.com", - Key: priKey, - } - - //logFile, err := os.OpenFile("/opt/1panel/ssl.log", os.O_CREATE|os.O_WRONLY|os.O_APPEND, 0666) - //if err != nil { - // log.Fatalf("Failed to open log file: %v", err) - //} - //defer logFile.Close() - // - //logger := log.New(logFile, "", log.LstdFlags) - //legoLogger.Logger = logger - - config := lego.NewConfig(&user) - - // 设置ACME服务器URL - config.CADirURL = acmeServer - config.Certificate.KeyType = certcrypto.RSA2048 - config.UserAgent = "acm_go/0.0.1" - - // 创建ACME客户端 - client, err := lego.NewClient(config) - if err != nil { - log.Fatal(err) - } - - // ZeroSSl - - kid := "" - hmacEncoded := "" - - eabOptions := registration.RegisterEABOptions{ - TermsOfServiceAgreed: true, - Kid: kid, - HmacEncoded: hmacEncoded, - } - - reg, err := client.Registration.RegisterWithExternalAccountBinding(eabOptions) - if err != nil { - log.Fatal(err) - } - - // ZeroSSl - - //reg, err := client.Registration.Register(registration.RegisterOptions{TermsOfServiceAgreed: true}) - //if err != nil { - // log.Fatal(err) - //} - - user.Registration = reg - - cloudflareConfig := cloudflare.NewDefaultConfig() - cloudflareConfig.AuthEmail = "" - cloudflareConfig.AuthKey = "" - p, err := cloudflare.NewDNSProviderConfig(cloudflareConfig) - if err != nil { - log.Fatal(err) - } - - if err := client.Challenge.SetDNS01Provider(p, dns01.AddDNSTimeout(3*time.Minute)); err != nil { - log.Fatal(err) - } - - // 申请证书 - pk, err := certcrypto.GeneratePrivateKey(certcrypto.EC256) - if err != nil { - return - } - - request := certificate.ObtainRequest{ - Domains: []string{domain}, - Bundle: true, - PrivateKey: pk, - } - certificates, err := client.Certificate.Obtain(request) - if err != nil { - log.Fatal(err) - } - - // 保存证书 - err = os.WriteFile("certificate.crt", certificates.Certificate, 0644) - if err != nil { - log.Fatal(err) - } - err = os.WriteFile("private.key", certificates.PrivateKey, 0644) - if err != nil { - log.Fatal(err) - } -} - -func TestGetEABCre(t *testing.T) { - res, err := getZeroSSLEabCredentials("zen@11.com") - if err != nil { - panic(err) - } - fmt.Printf("%v", res) -}