🆕 更新readme

⬆️ Bump cross-spawn from 7.0.3 to 7.0.6

.dockerignore

@@ -0,0 +1,15 @@
+node_modules
+!.gitkeep
+dist
+easynode-server.zip
+server/app/static/*
+server/app/socket/sftp-cache/*
+!server/app/socket/sftp-cache/.gitkeep
+server/app/logs/*
+server/app/db/*
+!server/app/db/README.md
+plan.md
+.env
+.env.local
+.git
+doc_images

.github/workflows/client-builder.yml

@@ -0,0 +1,79 @@
+name: Build Client to Release
+
+on:
+  push:
+    branches:
+      - main
+    paths:
+      - 'client/**'
+  workflow_dispatch:
+
+jobs:
+  build:
+    runs-on: ubuntu-22.04
+    steps:
+      - name: Checkout Repository
+        uses: actions/checkout@v3
+
+      - name: Set up Node.js
+        uses: actions/setup-node@v3
+        with:
+          node-version: '20'
+
+      - name: Install dependencies
+        run: npm install
+        working-directory: client
+
+      - name: Build for Linux x64
+        run: npm run pkglinux:x64
+        working-directory: client
+
+      - name: Install QEMU # 设置qemu 支持arm的虚拟环境
+        run: sudo apt-get update && sudo apt-get install -y qemu qemu-user-static binfmt-support
+
+      - name: Setup QEMU ARM64
+        run: |
+          sudo update-binfmts --enable qemu-aarch64
+          sudo cp /usr/bin/qemu-aarch64-static /usr/local/bin
+          uname -a
+
+      - name: Build for Linux arm64
+        run: npm run pkglinux:arm64
+        working-directory: client
+
+      - name: Set tag name
+        id: tag_name
+        run: echo "TAG_NAME=client-$(date +'%Y-%m-%d')" >> $GITHUB_ENV
+
+      - name: Create Release
+        id: create_release
+        uses: actions/create-release@v1
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        with:
+          tag_name: ${{ env.TAG_NAME }}
+          release_name: ${{ env.TAG_NAME }}
+          draft: false
+          prerelease: false
+
+      - name: Upload Release Asset
+        id: upload-release-asset
+        uses: actions/upload-release-asset@v1
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        with:
+          upload_url: ${{ steps.create_release.outputs.upload_url }} # This pulls from the CREATE RELEASE step above, referencing it's ID to get its outputs object, which include a `upload_url`. See this blog post for more info: https://jasonet.co/posts/new-features-of-github-actions/#passing-data-to-future-steps
+          asset_path: client/dist/easynode-client-x64
+          asset_name: easynode-client-x64
+          asset_content_type: application/octet-stream
+
+
+      - name: Upload Linux ARM64 Binary to Release
+        uses: actions/upload-release-asset@v1
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        with:
+          upload_url: ${{ steps.create_release.outputs.upload_url }}
+          asset_path: client/dist/easynode-client-arm64
+          asset_name: easynode-client-arm64
+          asset_content_type: application/octet-stream

.github/workflows/docker-builder.yml

@@ -0,0 +1,40 @@
+name: Build Server to DockerHub
+
+on:
+  release:
+    types: [published]
+  workflow_dispatch:
+    inputs:
+      tag_name:
+        description: 'Tag Name (leave empty for default latest)'
+        required: false
+        default: 'latest'
+jobs:
+  build-and-push:
+    runs-on: ubuntu-latest
+    steps:
+    - name: Check out the repository
+      uses: actions/checkout@v3
+
+    - name: Log in to Docker Hub
+      uses: docker/login-action@v2
+      with:
+        username: ${{ secrets.DOCKER_USERNAME }}
+        password: ${{ secrets.DOCKER_PASSWORD }}
+
+    - name: Set up Docker Buildx
+      uses: docker/setup-buildx-action@v2
+
+    - name: Build and push Docker image
+      uses: docker/build-push-action@v3
+      with:
+        context: .
+        file: ./Dockerfile
+        push: true
+        platforms: linux/amd64,linux/arm64
+        tags: |
+          chaoszhu/easynode:${{ github.event.release.tag_name || inputs.tag_name }}
+          chaoszhu/easynode:latest
+
+    # - name: Clean up post-build
+    #   run: docker system prune -af

.gitignore

@@ -2,6 +2,16 @@ node_modules
 !.gitkeep
 dist
 easynode-server.zip
-server/app/static/upload/*
-server/app/socket/temp/*
-server/app/logs/*
+server/app/static/*
+server/app/socket/sftp-cache/*
+!server/app/socket/sftp-cache/.gitkeep
+server/app/logs/*
+server/app/db/*
+!server/app/db/README.md
+plan.md
+.env
+.env.local
+.env-encrypt-key
+*clear.js
+local-script
+版本发布.md

.vscode/settings.json

@@ -0,0 +1,5 @@
+{
+  "cSpell.ignoreWords": [
+    "Onekey"
+  ]
+}

CHANGELOG.md

@@ -1,3 +1,219 @@
+## [3.0.3](https://github.com/chaos-zhu/easynode/releases) (2024-12-22)
+
+* 支持keyboard-interactive服务器验证(serv00验证通过)
+* 支持TG Bot通知方式
+* 添加web端Plus授权功能
+* 修复一些UI问题
+* 修复MFA2登录验证码为0开头无法输入的bug
+
+## [3.0.2](https://github.com/chaos-zhu/easynode/releases) (2024-11-20)
+
+* 修复添加实例错误禁用的bug
+
+
+## [3.0.1](https://github.com/chaos-zhu/easynode/releases) (2024-11-18)
+
+* 修复同IP实例SFTP连接到其他的实例的bug
+* 修复一些UI问题
+
+
+## [3.0.0](https://github.com/chaos-zhu/easynode/releases) (2024-11-09)
+
+* 新增跳板机功能,支持选择多台机器跳转
+* 脚本库批量导出导入
+* 本地socket断开自动重连,无需手动重新连接
+* 支持脚本库模糊搜索功能
+* 分组添加实例数量标识
+* 优化登录逻辑
+* 默认登录有效期更改为当天有效
+* 优化脚本库新增脚本时序号自动累加
+* 修复一些小bug
+
+## [2.3.0](https://github.com/chaos-zhu/easynode/releases) (2024-10-24)
+
+* 重构本地数据库存储方式(性能提升一个level~)
+* 支持MFA2二次登录验证
+* 优化了一些页面在移动端的展示
+* 修复偶现刷新页面需重新登录的bug
+
+
+## [2.2.8](https://github.com/chaos-zhu/easynode/releases) (2024-10-20)
+
+### Features
+
+* 兼容移动端UI
+* 新增移动端虚拟功能按键映射
+* 调整终端功能菜单
+* 登录日志本地化储存
+* 修复终端选中文本无法复制的bug
+* 修复无法展示服务端ping客户端延迟ms的bug
+* 修复暗黑模式下的一些样式问题
+
+## [2.2.7](https://github.com/chaos-zhu/easynode/releases) (2024-10-17)
+
+### Features
+
+* 终端连接页新增展示服务端ping客户端延迟ms
+* 修复自定义客户端端口默认字符串的bug
+* 终端支持快捷设置开关: 快捷复制、快捷粘贴、选中脚本自动执行
+
+## [2.2.6](https://github.com/chaos-zhu/easynode/releases) (2024-10-14)
+
+### Features
+
+* 支持自定义客户端端口,方便穿透内网机器
+* 修复监控数据意外注入bug
+
+## [2.2.5](https://github.com/chaos-zhu/easynode/releases) (2024-10-11)
+
+### Features
+
+* 不再对同IP:PORT的实例进行校验
+* 支持同IP任意端口的服务器录入
+* 支持关闭所有终端连接
+* 修复第三方git代理地址
+
+## [2.2.4](https://github.com/chaos-zhu/easynode/releases) (2024-08-31)
+
+### Features
+
+* SFTP支持输入路径跳转
+
+## [2.2.3](https://github.com/chaos-zhu/easynode/releases) (2024-08-20)
+
+### Features
+
+* 添加环境变量 ✔
+* 支持IP访问白名单设置 ✔
+* 修复一些小bug ✔
+* 优化Eslint规则 ✔
+
+## [2.2.2](https://github.com/chaos-zhu/easynode/releases) (2024-08-19)
+
+### Features
+
+* 支持菜单栏的折叠与展开 ✔
+* 优化终端回显 ✔
+* 优化暗黑模式下滚动条样式 ✔
+
+## [2.2.1](https://github.com/chaos-zhu/easynode/releases) (2024-08-18)
+
+### Features
+
+* 支持暗黑主题切换 ✔
+* 批量脚本下发执行结果通知重复的bug ✔
+* 修复交换内存占比的bug ✔
+* 优化服务端代码引用 ✔
+* 修复Code scanning提到的依赖风险 ✔
+
+## [2.2.0](https://github.com/chaos-zhu/easynode/releases) (2024-08-17)
+
+### Features
+
+* 重构通知模块 ✔
+* 支持大多数邮箱SMTP配置通知 ✔
+* 支持Server酱通知 ✔
+* 新增批量指令执行结果提醒 ✔
+* 新增终端登录与登录状态提醒 ✔
+* 新增服务器到期提醒 ✔
+* 修复上传同一个文件无法选择的bug ✔
+* 修复终端连接失败抛出异常的bug ✔
+* 调整客户端安装脚本 ✔
+
+## [2.1.9](https://github.com/chaos-zhu/easynode/releases) (2024-08-16)
+
+### Features
+
+* 过滤客户端检测更新 ✔
+
+## [2.1.8](https://github.com/chaos-zhu/easynode/releases) (2024-08-15)
+
+### Features
+
+* 终端连接逻辑重写,断线自动重连 ✔
+* 终端连接状态展示 ✔
+* 终端支持选中复制&右键粘贴 ✔
+* 终端设置支持字体大小 ✔
+* 终端默认字体样式更改为`Cascadia Code` ✔
+
+## [2.1.7](https://github.com/chaos-zhu/easynode/releases) (2024-08-14)
+
+### Features
+
+* 客户端监控服务支持swap内存交换回传 ✔
+* 面板支持展示swap内存交换状态展示 ✔
+* 添加初始账户登录警告 ✔
+
+## [2.1.6](https://github.com/chaos-zhu/easynode/releases) (2024-08-13)
+
+### Features
+
+* SFTP支持上传嵌套文件夹 ✔
+* 修复面板服务缓存文件夹偶尔不存在的bug  ✔
+
+## [2.1.5](https://github.com/chaos-zhu/easynode/releases) (2024-08-12)
+
+### Features
+
+* 新增终端设置 ✔
+* 支持更多终端主题 ✔
+* 支持终端背景图片(当前版本只缓存在前端且只可以使用内置背景图片) ✔
+
+## [2.1.4](https://github.com/chaos-zhu/easynode/releases) (2024-08-12)
+
+### Features
+
+* 新增cd全路径命令联动SFTP面板 ✔
+* 修复SFTP文件编辑文件名称显示错误的bug ✔
+
+## [2.1.3](https://github.com/chaos-zhu/easynode/releases) (2024-08-11)
+
+### Features
+
+* 修复开启or关闭SFTP功能开关时，终端光标位置错误的bug ✔
+
+## [2.1.2](https://github.com/chaos-zhu/easynode/releases) (2024-08-09)
+
+### Features
+
+* 新增导入导出功能(EasyNode JSON) ✔
+* 新增服务器列表排序与排序缓存 ✔
+* 优化客户端连接状态展示 ✔
+* 优化版本更新提示 ✔
+
+## [2.1.1](https://github.com/chaos-zhu/easynode/releases) (2024-08-05)
+
+### Features
+
+* 支持批量操作：批量修改实例通用信息(ssh配置等)、批量删除、批量安装客户端监控应用 ✔
+* 自动化构建镜像 ✔
+* 调整&优化面板UI ✔
+* 内置常用脚本(逐渐添加中...) ✔
+
+## [2.1.0](https://github.com/chaos-zhu/easynode/releases) (2024-08-02)
+
+### Features
+
+* 支持脚本库功能 ✔
+* 支持批量指令下发功能 ✔
+* 支持多会话同步指令 ✔
+* 重写Dockerfile,大幅减少镜像体积 ✔
+* 调整优化面板UI ✔
+
+## [2.0.0](https://github.com/chaos-zhu/easynode/releases) (2024-07-29)
+
+### Features
+
+* 重构前端UI ✔
+* 新增多个功能菜单 ✔
+* 重构文件储存方式 ✔
+* 升级前后端依赖 ✔
+* 优化前端工程 ✔
+* 修复不同ssh密钥算法登录失败的bug ✔
+* 移除上一次IP登录校验的判断 ✔
+* 前端工程迁移至项目根目录 ✔
+* 添加ssh密钥or密码保存至本地功能 ✔
+
 ## [1.2.1](https://github.com/chaos-zhu/easynode/releases) (2022-12-12)
 
 ### Features

Dockerfile

@@ -0,0 +1,21 @@
+FROM node:20.16-alpine3.20 AS builder_web
+WORKDIR /easynode/web
+COPY ./web .
+COPY yarn.lock .
+RUN yarn
+RUN yarn build
+
+FROM node:20.16-alpine3.20 AS builder_server
+WORKDIR /easynode/server
+COPY ./server .
+COPY yarn.lock .
+COPY --from=builder_web /easynode/web/dist ./app/static
+RUN yarn
+
+FROM node:20.16-alpine3.20
+RUN apk add --no-cache iputils
+WORKDIR /easynode
+COPY --from=builder_server /easynode/server .
+ENV HOST=0.0.0.0
+EXPOSE 8082
+CMD ["npm", "start"]

Q&A.md

@@ -1,5 +1,23 @@
 # Q&A
 
+## ssh连接失败
+
+首先确定用户名/密码/密钥没错，接着排查服务端ssh登录日志，例如Debian12 `journalctl -u ssh -f`
+
+如果出现类似以下日志:
+```shell
+Jul 10 12:29:11 iZ2ze5f4ne9xf8n3h5Z sshd[8020]: userauth_pubkey: signature algorithm ssh-rsa not in PubkeyAcceptedAlgorithms [preauth]
+```
+
+说明客户端 `ssh-rsa` 签名算法不在 `PubkeyAcceptedAlgorithms` 列表中，目标服务器不接受 ssh-rsa 签名算法的公钥认证。
+
+**解决： **
+编辑 /etc/ssh/sshd_config 文件，添加或修改以下配置
+```shell
+PubkeyAcceptedAlgorithms +ssh-rsa
+```
+重新启动 SSH 服务： `sudo systemctl restart sshd`
+
 ## CentOS7/8启动服务失败
 
 > 先关闭SELinux
@@ -7,7 +25,7 @@
 ```shell
 vi /etc/selinux/config
 SELINUX=enforcing
-// 修改为禁用
+# 修改为禁用
 SELINUX=disabled
 ```
 
@@ -17,4 +35,6 @@ SELINUX=disabled
 
 ## 客户端服务启动成功，无法连接？
 
-> 端口未开放：`iptables -I INPUT -s 0.0.0.0/0 -p tcp --dport 22022 -j ACCEPT` 或者 `rm -rf /etc/iptables && reboot`
+> 1. 检查防火墙配置
+
+> 2. iptables端口未开放：`iptables -I INPUT -s 0.0.0.0/0 -p tcp --dport 22022 -j ACCEPT` 或者 `rm -rf /etc/iptables && reboot`

README.md

@@ -1,173 +1,123 @@
-# EasyNode v1.2
+<div align="center">
 
-> 一个简易的个人Linux服务器管理面板(基于Node.js).
+# EasyNode
 
-> 前端仓库地址：https://github.com/chaos-zhu/easynode_web
+_✨ 一个多功能Linux服务器WEB终端面板(webSSH&webSFTP) ✨_
 
-<!-- - [EasyNode](#easynode) -->
-  - [功能简介](#功能简介)
-  - [安装指南](#安装指南)
-    - [服务端安装](#服务端安装)
-      - [Docker镜像](#docker镜像)
-      - [一键脚本](#一键脚本)
-      - [手动部署](#手动部署)
-    - [客户端安装](#客户端安装)
-      - [X86架构](#x86架构)
-      - [ARM架构](#arm架构)
-  - [升级指南](#升级指南)
-    - [服务端](#服务端)
-    - [客户端](#客户端)
-    - [版本日志](#版本日志)
-  - [安全与说明](#安全与说明)
-  - [Q&A](#qa)
-  - [感谢Star](#感谢star)
-  - [License](#license)
+</div>
 
-## 功能简介
+<p align="center">
+  <a href="https://github.com/chaos-zhu/easynode/releases/latest">
+    <img src="https://img.shields.io/github/v/release/chaos-zhu/easynode?color=brightgreen" alt="release">
+  </a>
+  <a href="https://github.com/chaos-zhu/easynode/actions">
+    <img src="https://img.shields.io/github/actions/workflow/status/chaos-zhu/easynode/docker-builder.yml?branch=main" alt="deployment status">
+  </a>
+  <a href="https://hub.docker.com/repository/docker/chaoszhu/easynode">
+    <img src="https://img.shields.io/docker/pulls/chaoszhu/easynode?color=brightgreen" alt="docker pull">
+  </a>
+  <a href="https://github.com/chaos-zhu/easynode/releases/latest">
+    <img src="https://img.shields.io/github/downloads/chaos-zhu/easynode/total?color=brightgreen&include_prereleases" alt="release">
+  </a>
+  <a href="https://raw.githubusercontent.com/chaos-zhu/easynode/main/LICENSE">
+    <img src="https://img.shields.io/github/license/chaos-zhu/easynode?color=brightgreen" alt="license">
+  </a>
+</p>
 
-> 多服务器管理; 通过`websocket实时更新`服务器基本信息: **系统、公网IP、CPU、内存、硬盘、网卡**等
+<p align="center">
+  <a href="#功能">功能</a>
+  ·
+  <a href="#面板展示">面板展示</a>
+  ·
+  <a href="#项目部署">项目部署</a>
+  ·
+  <a href="#监控服务安装">监控服务安装</a>
+  ·
+  <a href="#安全与建议">安全与建议</a>
+  ·
+  <a href="#常见问题">常见问题</a>
+  <!-- ·
+  <a href="#Plus功能">Plus版功能</a> -->
+</p>
 
-![服务器面板](./images/v1.2-1.png)
+## 功能
 
-> 基于浏览器解决`SSH&SFTP跨端`烦恼——**Web SSH**&**Web SFTP**
++ [x] 功能完善的**SSH终端**&**SFTP**
++ [x] 批量导入、导出、编辑服务器配置、脚本等
++ [x] 脚本库
++ [x] 实例分组
++ [x] 凭据托管
++ [x] 多渠道通知
++ [x] 批量下发指令
++ [x] 自定义终端主题
 
+## 面板展示
 
-![websftp功能](./images/v1.2-2.png)
+![面板展示](./doc_images/merge.gif)
 
-> 在线编辑文件
+## 项目部署
 
-![edit](./images/v1.2-3.png)
+- 默认账户密码 `admin/admin`
+- web端口：8082
 
-## 安装指南
+### docker镜像
 
-### 服务端安装
-
-- 依赖Node.js环境
-
-- 占用端口：8082(http端口)、22022(客户端端口)
-
-- 建议使用**境外服务器**(最好延迟低)安装服务端，客户端信息监控与webssh功能都将以`该服务器作为跳板机`
-
-#### Docker镜像
-
-> 注意：网速统计功能可能受限，docker网络将使用host模式(与宿主机共享端口，占用: 8082、22022)
-
-- 如果你是第一次运行，先创建一个volume用于保存数据
 ```shell
-docker volume create --name easynode-server
+docker run -d -p 8082:8082 --restart=always -v /root/easynode/db:/easynode/app/db chaoszhu/easynode
 ```
+环境变量：
+- `DEBUG`: 启动debug日志 0：关闭 1：开启, 默认关闭
+- `ALLOWED_IPS`: 可以访问服务的IP白名单, 多个使用逗号分隔, 支持填写部分ip前缀, 例如: `-e ALLOWED_IPS=127.0.0.1,196.168`
+
+## 监控服务安装
+
+- 监控服务用于实时向服务端&web端推送**系统、公网IP、CPU、内存、硬盘、网卡**等基础信息
+
+- 默认端口：**22022**
+
+> 安装
 
 ```shell
-docker run -d --net=host --name=easynode-server -v easynode-server:/easynode-server/app/storage/ chaoszhu/easynode:v1.2.1
-```
+# 使用默认端口22022安装
+curl -o- https://git.221022.xyz/https://raw.githubusercontent.com/chaos-zhu/easynode/main/client/easynode-client-install.sh | bash
 
-- 如果你想清除容器与数据
-```shell
-docker rm -f easynode-server && docker volume remove easynode-server
-```
-
-访问：http://yourip:8082
-
-#### 一键脚本
-
-- **依赖Linux基础命令工具：curl wget git zip tar；如未安装请先安装：**
-
-> ubuntu/debian: `apt install curl wget git zip tar -y`
->
-> centos: `yum install curl wget git zip tar -y`
-
-- 运行环境：[Node.js](https://nodejs.org/en/download/) **v14+**
-
-```shell
-wget -qO- --no-check-certificate https://ghproxy.com/https://raw.githubusercontent.com/chaos-zhu/easynode/v1.2/easynode-server-install.sh | bash
-```
-
-访问：http://yourip:8082
-
-- 查看日志：`pm2 log easynode-server`
-- 启动服务：`pm2 start easynode-server`
-- 停止服务：`pm2 stop easynode-server`
-- 删除服务：`pm2 delete easynode-server`
-
-#### 手动部署
-
-1. 安装Node.js
-2. 安装pm2、安装yarn
-3. 拉取代码：git clone https://github.com/chaos-zhu/easynode.git
-4. 安装依赖：yarn
-5. 启动服务：pm2 start server/app/main.js --name easynode-server
-6. 访问：http://yourip:8082
-
-- 默认登录密码：admin(首次部署完成后请及时修改).
-
----
-
-### 客户端安装
-
-- 占用端口：22022
-
-#### X86架构
-
-```shell
-wget -qO- --no-check-certificate https://ghproxy.com/https://raw.githubusercontent.com/chaos-zhu/easynode/v1.2/easynode-client-install-x86.sh | bash
-```
-
-#### ARM架构
-
-```shell
-wget -qO- --no-check-certificate https://ghproxy.com/https://raw.githubusercontent.com/chaos-zhu/easynode/v1.1/easynode-client-install-arm.sh | bash
+# 使用自定义端口安装, 例如54321
+curl -o- https://git.221022.xyz/https://raw.githubusercontent.com/chaos-zhu/easynode/main/client/easynode-client-install.sh | bash -s -- 54321
 ```
 
 > 卸载
 
 ```shell
-wget -qO- --no-check-certificate https://ghproxy.com/https://raw.githubusercontent.com/chaos-zhu/easynode/v1.2/easynode-client-uninstall.sh | bash
+curl -o- https://git.221022.xyz/https://raw.githubusercontent.com/chaos-zhu/easynode/main/client/easynode-client-uninstall.sh | bash
 ```
 
-> 查看客户端状态：`systemctl status easynode-client`
+> 查看监控服务状态：`systemctl status easynode-client`
 >
-> 查看客户端日志: `journalctl --follow -u easynode-client`
+> 查看监控服务日志: `journalctl --follow -u easynode-client`
 >
 > 查看详细日志：journalctl -xe
 
 ---
 
-## 升级指南
 
-- **v1.1 to v1.2**
+## 安全与建议
 
-### 服务端
+首先声明，任何系统无法保障没有bug的存在，EasyNode也一样。
 
-> v1.1对所有的敏感信息全部加密，所有的v1.0为加密的信息全部失效. 主要影响已存储的ssh密钥.
->
-> **还原客户端列表：** 先备份`app\config\storage\host-list.json`, 使用一键脚本或者手动部署的同志安装好使用备份文件覆盖`\app\storage`下的同名文件即可。
->
-> 由于加密文件调整，使用docker镜像的v1.1一键脚本自己从镜像里把备份抠出来再重新构建镜像.
+面板提供MFA2功能，并且可配置访问此服务的IP白名单, 如需加强可以使用**iptables**进一步限制IP访问。
+如果需要更高级别的安全性，建议面板服务不要暴露到公网。
 
-### 客户端
+webssh与监控服务都将以`该服务器作为中转`。中国大陆用户建议使用香港、新加坡、日本、韩国等地区的低延迟服务器来安装服务端面板
 
-> v1.2未对客户端包进行改动，客户端无需重复安装. 不会备份的在面板重新添加客户端机器即可.
+## 常见问题
 
-### 版本日志
+- [QA](./Q%26A.md)
 
-- [CHANGELOG](./CHANGELOG.md)
+<!-- ## Plus版功能
 
-## 安全与说明
-
-> 本人非专业后端，此服务全凭兴趣开发. 由于知识受限，并不能保证没有漏洞的存在，重要生产服务器最好不要使用此服务!!!
-
-> 所有服务器信息相关接口已做`jwt鉴权`, 安全信息均使用加密传输与储存!
-
-> webssh功能需要的密钥信息全部保存在服务端服务器的`app\storage\ssh-record.json`中. 在保存ssh密钥信息到服务器储存与传输过程皆已加密，`不过最好还是套https使用`
-
-## Q&A
-
-- [Q&A](./Q%26A.md)
-
-## 感谢Star
-
-- 你的Star是我更新的动力，感谢~
-
-## License
-
-[MIT](LICENSE). Copyright (c).
+- 跳板机功能,拯救被墙实例与龟速终端输入
+- 本地socket断开自动重连,无需手动重新连接
+- 批量修改实例配置(优化版)
+- 脚本库批量导出导入
+- 凭据管理支持解密带密码保护的密钥
+- 提出的功能需求享有更高的开发优先级 -->

client/.eslintrc.js

@@ -1,6 +1,9 @@
 // 规则参见：https://cn.eslint.org/docs/rules/
 module.exports = {
   root: true, // 当前配置文件不能往父级查找
+  'globals': {
+    'consola': true
+  },
   env: {
     node: true,
     es6: true
@@ -20,6 +23,7 @@ module.exports = {
     'no-debugger': process.env.NODE_ENV === 'production' ? 'error' : 'off',
     'template-curly-spacing': ['error', 'always'], // 模板字符串空格
     'default-case': 0,
+    'no-empty': 0,
     'object-curly-spacing': ['error', 'always'],
     'no-multi-spaces': ['error'],
     indent: ['error', 2, { 'SwitchCase': 1 }], // 缩进：2
@@ -58,7 +62,6 @@ module.exports = {
     'no-dupe-args': 2, // 禁止function重复参数
     'no-dupe-keys': 2, // 禁止object重复key
     'no-duplicate-case': 2,
-    'no-empty': 2, // 禁止空语句块
     'no-func-assign': 2, // 禁止重复声明函数
     'no-inner-declarations': 2, // 禁止在嵌套的语句块中出现变量或 function 声明
     'no-sparse-arrays': 2, // 禁止稀缺数组

client/app/config/index.js

@@ -1,3 +1,3 @@
 module.exports = {
-  httpPort: 22022
+  defaultPort: 22022
 }

client/app/lib/swap.js

@@ -0,0 +1,59 @@
+let exec = require('child_process').exec
+let os = require('os')
+
+function getSwapMemory() {
+  return new Promise((resolve, reject) => {
+    if (os.platform() === 'win32') {
+      // Windows-specific command
+      const command = 'powershell -command "Get-CimInstance Win32_OperatingSystem | Select-Object TotalVirtualMemorySize, FreeVirtualMemory"'
+      exec(command, { encoding: 'utf8' }, (error, stdout, stderr) => {
+        if (error) {
+          console.error('exec error:', error)
+          return reject(error)
+        }
+        if (stderr) {
+          console.error('stderr:', stderr)
+          return reject(stderr)
+        }
+
+        const lines = stdout.trim().split('\n')
+        const values = lines[lines.length - 1].trim().split(/\s+/)
+        const totalVirtualMemory = parseInt(values[0], 10) / 1024
+        const freeVirtualMemory = parseInt(values[1], 10) / 1024
+        const usedVirtualMemory = totalVirtualMemory - freeVirtualMemory
+
+        resolve({
+          swapTotal: totalVirtualMemory,
+          swapFree: freeVirtualMemory,
+          swapUsed: usedVirtualMemory,
+          swapPercentage: ((usedVirtualMemory / totalVirtualMemory) * 100).toFixed(1)
+        })
+      })
+    } else {
+      exec('free -m | grep Swap', (error, stdout, stderr) => {
+        if (error) {
+          console.error('exec error:', error)
+          return reject(error)
+        }
+        if (stderr) {
+          console.error('stderr:', stderr)
+          return reject(stderr)
+        }
+
+        const swapInfo = stdout.trim().split(/\s+/)
+        const swapTotal = parseInt(swapInfo[1], 10)
+        const swapUsed = parseInt(swapInfo[2], 10)
+        const swapFree = parseInt(swapInfo[3], 10)
+
+        resolve({
+          swapTotal,
+          swapUsed,
+          swapFree,
+          swapPercentage: ((swapUsed / swapTotal) * 100).toFixed(1)
+        })
+      })
+    }
+  })
+}
+
+module.exports = getSwapMemory

client/app/server.js

@@ -1,14 +1,15 @@
 const http = require('http')
 const Koa = require('koa')
-const { httpPort } = require('./config')
+const { defaultPort } = require('./config')
 const wsOsInfo = require('./socket/monitor')
 
 const httpServer = () => {
   const app = new Koa()
   const server = http.createServer(app.callback())
   serverHandler(app, server)
-  server.listen(httpPort, () => {
-    console.log(`Server(http) is running on port:${ httpPort }`)
+  const port = process.env.clientPort || defaultPort
+  server.listen(port, () => {
+    console.log(`Server(http) is running on port:${ port }`)
   })
 }
 

client/app/socket/monitor.js

@@ -25,13 +25,13 @@ function ipSchedule() {
     getIpInfo()
   })
 
-  // 每日凌晨两点整,刷新ip信息(兼容动态ip服务器)
+  // 每日凌晨两点整,刷新ip信息
   let rule2 = new schedule.RecurrenceRule()
   rule2.hour = 2
   rule2.minute = 0
   rule2.second = 0
   schedule.scheduleJob(rule2, () => {
-    console.log('Task: refresh ip info', new Date())
+    console.log('Task: refresh ip info: ', new Date())
     getIpInfo()
   })
 }

client/app/utils/os-data.js

@@ -1,4 +1,5 @@
 const osu = require('node-os-utils')
+const osSwap = require('../lib/swap')
 const os = require('os')
 
 let cpu = osu.cpu
@@ -9,7 +10,7 @@ let osuOs = osu.os
 let users = osu.users
 
 async function cpuInfo() {
-  let cpuUsage = await cpu.usage(200)
+  let cpuUsage = await cpu.usage(500)
   let cpuCount = cpu.count()
   let cpuModel = cpu.model()
   return {
@@ -26,6 +27,13 @@ async function memInfo() {
   }
 }
 
+async function swapInfo() {
+  let swapInfo = await osSwap()
+  return {
+    ...swapInfo
+  }
+}
+
 async function driveInfo() {
   let driveInfo = {}
   try {
@@ -71,6 +79,7 @@ module.exports = async () => {
     data = {
       cpuInfo: await cpuInfo(),
       memInfo: await memInfo(),
+      swapInfo: await swapInfo(),
       driveInfo: await driveInfo(),
       netstatInfo: await netstatInfo(),
       osInfo: await osInfo(),

client/easynode-client-install.sh

@@ -5,12 +5,18 @@ if [ "$(id -u)" != "0" ] ; then
 	exit 1
 fi
 
+clientPort=${clientPort:-22022}
 SERVER_NAME=easynode-client
 FILE_PATH=/root/local/easynode-client
 SERVICE_PATH=/etc/systemd/system
-SERVER_VERSION=v1.0
+CLIENT_VERSION=client-2024-10-13 # 目前监控客户端版本发布需手动更改为最新版本号
+SERVER_PROXY="https://git.221022.xyz/"
 
-echo "***********************开始安装 easynode-client_${SERVER_VERSION}***********************"
+if [ ! -z "$1" ]; then
+  clientPort=$1
+fi
+
+echo "***********************开始安装EasyNode监控客户端端,当前版本号: ${CLIENT_VERSION}, 端口: ${clientPort}***********************"
 
 systemctl status ${SERVER_NAME} > /dev/null 2>&1
 if [ $? != 4 ]
@@ -42,8 +48,18 @@ echo "***********************创建文件PATH***********************"
 mkdir -p ${FILE_PATH}
 
 echo "***********************下载开始***********************"
-DOWNLOAD_FILE_URL="https://ghproxy.com/https://github.com/chaos-zhu/easynode/releases/download/v1.1/easynode-client-arm"
-DOWNLOAD_SERVICE_URL="https://ghproxy.com/https://raw.githubusercontent.com/chaos-zhu/easynode/v1.1/client/easynode-client.service"
+
+ARCH=$(uname -m)
+
+echo "***********************系统架构: $ARCH***********************"
+if [ "$ARCH" = "x86_64" ] ; then
+  DOWNLOAD_FILE_URL="${SERVER_PROXY}https://github.com/chaos-zhu/easynode/releases/download/${CLIENT_VERSION}/easynode-client-x64"
+elif [ "$ARCH" = "aarch64" ] ; then
+  DOWNLOAD_FILE_URL="${SERVER_PROXY}https://github.com/chaos-zhu/easynode/releases/download/${CLIENT_VERSION}/easynode-client-arm64"
+else
+  echo "不支持的架构：$ARCH. 只支持x86_64和aarch64，其他架构请自行构建"
+  exit 1
+fi
 
 # -O 指定路径和文件名(这里是二进制文件, 不需要扩展名)
 wget -O ${FILE_PATH}/${SERVER_NAME} --no-check-certificate --no-cache ${DOWNLOAD_FILE_URL}
@@ -53,6 +69,8 @@ then
   exit 1
 fi
 
+DOWNLOAD_SERVICE_URL="${SERVER_PROXY}https://raw.githubusercontent.com/chaos-zhu/easynode/main/client/easynode-client.service"
+
 wget -O ${FILE_PATH}/${SERVER_NAME}.service --no-check-certificate --no-cache ${DOWNLOAD_SERVICE_URL}
 
 if [ $? != 0 ]
@@ -67,6 +85,8 @@ echo "***********************下载成功***********************"
 chmod +x ${FILE_PATH}/${SERVER_NAME}
 chmod 777 ${FILE_PATH}/${SERVER_NAME}.service
 
+sed -i "s/clientPort=22022/clientPort=${clientPort}/g" ${FILE_PATH}/${SERVER_NAME}.service
+
 # echo "***********************移动service&reload***********************"
 mv ${FILE_PATH}/${SERVER_NAME}.service ${SERVICE_PATH}
 
@@ -76,7 +96,6 @@ systemctl daemon-reload
 echo "***********************启动服务***********************"
 systemctl start ${SERVER_NAME}
 
-
 # echo "***********************设置开机启动***********************"
 systemctl enable ${SERVER_NAME}
 

client/easynode-client.service

@@ -1,7 +1,8 @@
 [Unit]
-Description=easynode client server port_22022
+Description=easynode client server
 
 [Service]
+Environment="clientPort=22022"
 ExecStart=/root/local/easynode-client/easynode-client
 WorkingDirectory=/root/local/easynode-client
 Restart=always

client/package.json

@@ -1,6 +1,6 @@
 {
   "name": "easynode-client",
-  "version": "1.0.0",
+  "version": "1.0.1",
   "description": "easynode-client",
   "bin": "./bin/www",
   "pkg": {
@@ -9,8 +9,8 @@
   "scripts": {
     "client": "nodemon ./app/main.js",
     "pkgwin": "pkg . -t node16-win-x64",
-    "pkglinux:x86": "pkg . -t node16-linux-x64",
-    "pkglinux:arm": "pkg . -t node16-linux-arm64"
+    "pkglinux:x64": "pkg . -t node16-linux-x64 -o  dist/easynode-client-x64",
+    "pkglinux:arm64": "pkg . -t node16-linux-arm64 -o dist/easynode-client-arm64"
   },
   "keywords": [],
   "author": "",
@@ -21,15 +21,15 @@
     ]
   },
   "dependencies": {
-    "axios": "^0.21.4",
-    "koa": "^2.13.1",
-    "node-os-utils": "^1.3.6",
-    "node-schedule": "^2.1.0",
-    "socket.io": "^4.4.1"
+    "axios": "0.27.2",
+    "eslint": "8.56.0",
+    "koa": "2.15.3",
+    "node-os-utils": "1.3.7",
+    "node-schedule": "2.1.1",
+    "socket.io": "4.7.5"
   },
   "devDependencies": {
-    "eslint": "^7.32.0",
-    "nodemon": "^2.0.15",
-    "pkg": "5.6"
+    "nodemon": "^3.1.4",
+    "pkg": "5.8"
   }
 }

easynode-client-install-x86.sh

@@ -1,90 +0,0 @@
-#!/bin/bash
-
-if [ "$(id -u)" != "0" ] ; then
-  echo "***********************请切换到root再尝试执行***********************"
-	exit 1
-fi
-
-SERVER_NAME=easynode-client
-FILE_PATH=/root/local/easynode-client
-SERVICE_PATH=/etc/systemd/system
-SERVER_VERSION=v1.0
-
-echo "***********************开始安装 easynode-client_${SERVER_VERSION}***********************"
-
-systemctl status ${SERVER_NAME} > /dev/null 2>&1
-if [ $? != 4 ]
-then
-  echo "***********************停用旧服务***********************"
-	systemctl stop ${SERVER_NAME}
-	systemctl disable ${SERVER_NAME}
-	systemctl daemon-reload
-fi
-
-if [ -f "${SERVICE_PATH}/${SERVER_NAME}.service" ]
-then
-  echo "***********************移除旧服务***********************"
-  chmod 777 ${SERVICE_PATH}/${SERVER_NAME}.service
-	rm -Rf ${SERVICE_PATH}/${SERVER_NAME}.service
-	systemctl daemon-reload
-fi
-
-if [ -d ${FILE_PATH} ]
-then
-  echo "***********************移除旧文件***********************"
-  chmod 777 ${FILE_PATH}
-	rm -Rf ${FILE_PATH}
-fi
-
-# 开始安装
-
-echo "***********************创建文件PATH***********************"
-mkdir -p ${FILE_PATH}
-
-echo "***********************下载开始***********************"
-DOWNLOAD_FILE_URL="https://ghproxy.com/https://github.com/chaos-zhu/easynode/releases/download/v1.1/easynode-client-x86"
-DOWNLOAD_SERVICE_URL="https://ghproxy.com/https://raw.githubusercontent.com/chaos-zhu/easynode/v1.1/client/easynode-client.service"
-
-# -O 指定路径和文件名(这里是二进制文件, 不需要扩展名)
-wget -O ${FILE_PATH}/${SERVER_NAME} --no-check-certificate --no-cache ${DOWNLOAD_FILE_URL}
-if [ $? != 0 ]
-then
-  echo "***********************下载${SERVER_NAME}失败***********************"
-  exit 1
-fi
-
-wget -O ${FILE_PATH}/${SERVER_NAME}.service --no-check-certificate --no-cache ${DOWNLOAD_SERVICE_URL}
-
-if [ $? != 0 ]
-then
-  echo "***********************下载${SERVER_NAME}.service失败***********************"
-  exit 1
-fi
-
-echo "***********************下载成功***********************"
-
-# echo "***********************设置权限***********************"
-chmod +x ${FILE_PATH}/${SERVER_NAME}
-chmod 777 ${FILE_PATH}/${SERVER_NAME}.service
-
-# echo "***********************移动service&reload***********************"
-mv ${FILE_PATH}/${SERVER_NAME}.service ${SERVICE_PATH}
-
-# echo "***********************daemon-reload***********************"
-systemctl daemon-reload
-
-echo "***********************准备启动服务***********************"
-systemctl start ${SERVER_NAME}
-
-if [ $? != 0 ]
-then
-  echo "***********************${SERVER_NAME}.service启动失败***********************"
-  echo "***********************可能是服务器开启了SELinux, 参见Q&A***********************"
-  exit 1
-fi
-echo "***********************服务启动成功***********************"
-
-# echo "***********************设置开机启动***********************"
-systemctl enable ${SERVER_NAME}
-
-echo "***********************安装成功***********************"

easynode-server-install.sh

@@ -1,74 +0,0 @@
-#!/bin/bash
-
-if [ "$(id -u)" != "0" ] ; then
-  echo "***********************请切换到root再尝试执行***********************"
-	exit 1
-fi
-
-echo "***********************检测node环境***********************"
-node -v
-if [ $? != 0 ]
-then
-  echo "未安装node运行环境"
-  exit 1
-fi
-echo "已安装"
-
-
-echo "***********************检测pm2守护进程***********************"
-pm2 list
-if [ $? != 0 ]
-then
-  echo "未安装pm2,正在安装..."
-  npm i -g pm2
-fi
-echo "已安装"
-
-echo "***********************开始下载EasyNode***********************"
-
-DOWNLOAD_FILE_URL="https://ghproxy.com/https://github.com/chaos-zhu/easynode/releases/download/v1.2.1/easynode-server.zip"
-SERVER_NAME=easynode-server
-SERVER_ZIP=easynode-server.zip
-FILE_PATH=/root
-wget -O ${FILE_PATH}/${SERVER_ZIP} --no-check-certificate --no-cache ${DOWNLOAD_FILE_URL}
-
-if [ $? != 0 ]
-then
-  echo "下载EasyNode.zip失败,请检查网络环境或稍后再试"
-  exit 1
-fi
-echo "下载成功"
-
-echo '***********************开始解压***********************'
-
-unzip -o -d ${FILE_PATH}/${SERVER_NAME} ${SERVER_ZIP}
-if [ $? != 0 ]
-then
-  echo "解压失败, 请确保已安装zip、tar基础工具"
-  exit 1
-fi
-echo "解压成功"
-
-cd ${FILE_PATH}/${SERVER_NAME} || exit
-
-echo '***********************开始安装依赖***********************'
-yarn -v
-if [ $? != 0 ]
-then
-  echo "未安装yarn管理工具,正在安装..."
-  npm i -g yarn
-fi
-yarn
-
-if [ $? != 0 ]
-then
-  echo "yarn安装失败，请检测网络环境. 使用大陆vps请执行以下命令设置镜像源，再重新运行该脚本：npm config set registry https://registry.npm.taobao.org
-"
-fi
-echo "依赖安装成功"
-
-echo '启动服务'
-
-pm2 start ${FILE_PATH}/${SERVER_NAME}/app/main.js --name easynode-server
-
-echo '查看日志请输入: pm2 log easynode-server'

package.json

@@ -1,9 +1,12 @@
 {
   "name": "easynode",
-  "version": "1.0.0",
-  "description": "easy to manage the server",
+  "description": "web ssh",
   "private": true,
-  "workspaces": ["server", "client"],
+  "workspaces": [
+    "server",
+    "web",
+    "client"
+  ],
   "repository": {
     "type": "git",
     "url": "git+https://github.com/chaos-zhu/easynode.git"
@@ -17,8 +20,17 @@
   ],
   "author": "chaoszhu",
   "license": "ISC",
+  "scripts": {
+    "dev": "concurrently \"yarn workspace web run dev\" \"yarn workspace server run local\"",
+    "clean": "rimraf web/node_modules server/node_modules client/node_modules node_modules",
+    "encrypt": "node ./local-script/encrypt-file.js"
+  },
   "bugs": {
     "url": "https://github.com/chaos-zhu/easynode/issues"
   },
-  "homepage": "https://github.com/chaos-zhu/easynode#readme"
+  "homepage": "https://github.com/chaos-zhu/easynode#readme",
+  "devDependencies": {
+    "concurrently": "^8.2.2",
+    "rimraf": "^6.0.1"
+  }
 }

server/.env.template

@@ -0,0 +1,8 @@
+# 启动debug日志 0：关闭 1：开启
+DEBUG=1
+
+# 访问IP限制
+allowedIPs=['127.0.0.1']
+
+# 激活PLUS功能的授权码
+PLUS_KEY=

server/.eslintrc.js

@@ -1,9 +1,7 @@
 // 规则参见：https://cn.eslint.org/docs/rules/
 module.exports = {
   root: true, // 当前配置文件不能往父级查找
-  'globals': {
-    'consola': true
-  },
+  'globals': { 'consola': true },
   env: {
     node: true,
     es6: true
@@ -30,10 +28,15 @@ module.exports = {
     quotes: ['error', 'single'], // 引号：single单引 double双引
     semi: ['error', 'never'], // 结尾分号：never禁止 always必须
     'comma-dangle': ['error', 'never'], // 对象拖尾逗号
+    'space-before-blocks': ['error', 'always'],
+    'space-in-parens': ['error', 'never'],
+    'keyword-spacing': ['error', { 'before': true, 'after': true }],
     'no-redeclare': ['error', { builtinGlobals: true }], // 禁止重复对象声明
     'no-multi-assign': 0,
     'no-restricted-globals': 0,
+    'no-case-declarations': 0,
     'space-before-function-paren': 0, // 函数定义时括号前面空格
+    'no-async-promise-executor': 0, // 允许在回调中使用async函数
     'one-var': 0, // 允许连续声明
     // 'no-undef': 0, // 允许未定义的变量【会使env配置无效】
     'linebreak-style': 0, // 检测CRLF/LF检测【默认LF】

server/.gitignore

@@ -1,7 +0,0 @@
-node_modules
-app/static/upload/*
-app/socket/temp/*
-app/socket/.sftp-cache/*
-app/logs/*
-!.gitkeep
-dist

server/Dockerfile

@@ -1,13 +0,0 @@
-FROM node:16.15.0-alpine3.14
-ARG TARGET_DIR=/easynode-server
-WORKDIR ${TARGET_DIR}
-RUN yarn config set registry https://registry.npm.taobao.org
-COPY package.json ${TARGET_DIR}
-COPY yarn.lock ${TARGET_DIR}
-RUN yarn
-COPY . ${TARGET_DIR}
-ENV HOST 0.0.0.0
-EXPOSE 8082
-EXPOSE 8083
-EXPOSE 22022
-CMD ["npm", "run", "server"]

server/README.md

@@ -2,15 +2,6 @@
 
 - 基于Koa
 
-## docker
-
-<!-- 修改版本号 -->
-- 构建镜像：docker build -t chaoszhu/easynode:v1.1 .
-- 推送镜像：docker push chaoszhu/easynode:v1.1
-
-> `docker run -d --net=host easynode-server`
-<!-- > `docker run -d -p 8888:8082 -p 22022:22022 easynode-server` -->
-
 ## 遇到的问题
 
 > MaxListenersExceededWarning: Possible EventEmitter memory leak detected. 11 input listeners added to [Socket]. Use emitter.setMaxListeners() to increase limit

server/app/config/index.js

@@ -1,20 +1,26 @@
 const path = require('path')
 
+consola.info('debug日志：', process.env.DEBUG === '1' ? '开启' : '关闭')
+
 module.exports = {
   httpPort: 8082,
-  clientPort: 22022, // 勿更改
-  uploadDir: path.join(process.cwd(),'app/static/upload'),
+  defaultClientPort: 22022,
+  uploadDir: path.join(process.cwd(),'app/db'),
   staticDir: path.join(process.cwd(),'app/static'),
   sftpCacheDir: path.join(process.cwd(),'app/socket/sftp-cache'),
-  sshRecordPath: path.join(process.cwd(),'app/storage/ssh-record.json'),
-  keyPath: path.join(process.cwd(),'app/storage/key.json'),
-  hostListPath: path.join(process.cwd(),'app/storage/host-list.json'),
-  emailPath: path.join(process.cwd(),'app/storage/email.json'),
-  notifyPath: path.join(process.cwd(),'app/storage/notify.json'),
-  groupPath: path.join(process.cwd(),'app/storage/group.json'),
+  credentialsDBPath: path.join(process.cwd(),'app/db/credentials.db'),
+  keyDBPath: path.join(process.cwd(),'app/db/key.db'),
+  hostListDBPath: path.join(process.cwd(),'app/db/host.db'),
+  groupConfDBPath: path.join(process.cwd(),'app/db/group.db'),
+  scriptsDBPath: path.join(process.cwd(),'app/db/scripts.db'),
+  notifyDBPath: path.join(process.cwd(),'app/db/notify.db'),
+  notifyConfigDBPath: path.join(process.cwd(),'app/db/notify-config.db'),
+  onekeyDBPath: path.join(process.cwd(),'app/db/onekey.db'),
+  logDBPath: path.join(process.cwd(),'app/db/log.db'),
+  plusDBPath: path.join(process.cwd(),'app/db/plus.db'),
   apiPrefix: '/api/v1',
   logConfig: {
     outDir: path.join(process.cwd(),'./app/logs'),
-    recordLog: false // 是否记录日志
+    recordLog: process.env.DEBUG === '1' // 是否记录日志
   }
 }

server/app/config/shell.json

@@ -0,0 +1,22 @@
+[
+  {
+    "name": "easynode监控服务安装",
+    "command": "curl -o- https://git.221022.xyz/https://raw.githubusercontent.com/chaos-zhu/easynode/main/client/easynode-client-install.sh | bash",
+    "description": "easynode-监控服务-安装脚本"
+  },
+  {
+    "name": "easynode监控服务卸载",
+    "command": "curl -o- https://git.221022.xyz/https://raw.githubusercontent.com/chaos-zhu/easynode/main/client/easynode-client-uninstall.sh | bash",
+    "description": "easynode-监控服务-卸载脚本"
+  },
+  {
+    "name": "查询本机公网IP",
+    "command": "curl ifconfig.me",
+    "description": "查询本机公网IP"
+  },
+  {
+    "name": "生成ssh密钥对",
+    "command": "ssh-keygen -t rsa -b 2048",
+    "description": "生成ssh密钥对"
+  }
+]

server/app/controller/group.js

@@ -1,53 +1,47 @@
-const { readGroupList, writeGroupList, readHostList, writeHostList,randomStr } = require('../utils')
+const { HostListDB, GroupDB } = require('../utils/db-class')
 
-function getGroupList({ res }) {
-  const data = readGroupList()
+const hostListDB = new HostListDB().getInstance()
+const groupDB = new GroupDB().getInstance()
+
+async function getGroupList({ res }) {
+  let data = await groupDB.findAsync({})
+  data = data.map(item => ({ ...item, id: item._id }))
+  data?.sort((a, b) => Number(b.index || 0) - Number(a.index || 0))
   res.success({ data })
 }
 
 const addGroupList = async ({ res, request }) => {
   let { body: { name, index } } = request
-  if(!name) return res.fail({ data: false, msg: '参数错误' })
-  let groupList = readGroupList()
-  let group = { id: randomStr(), name, index }
-  groupList.push(group)
-  groupList.sort((a, b) => a.index - b.index)
-  writeGroupList(groupList)
-  res.success({ data: '新增成功' })
+  if (!name) return res.fail({ data: false, msg: '参数错误' })
+  let group = { name, index }
+  await groupDB.insertAsync(group)
+  res.success({ data: '添加成功' })
 }
 
 const updateGroupList = async ({ res, request }) => {
   let { params: { id } } = request
   let { body: { name, index } } = request
-  if(!id || !name) return res.fail({ data: false, msg: '参数错误' })
-  let groupList = readGroupList()
-  let idx = groupList.findIndex(item => item.id === id)
-  let group = { id, name, index }
-  if(idx === -1) return res.fail({ data: false, msg: `分组ID${ id }不存在` })
-  groupList.splice(idx, 1, group)
-  groupList.sort((a, b) => a.index - b.index)
-  writeGroupList(groupList)
+  if (!id || !name) return res.fail({ data: false, msg: '参数错误' })
+  let target = await groupDB.findOneAsync({ _id: id })
+  if (!target) return res.fail({ data: false, msg: `分组ID${ id }不存在` })
+  await groupDB.updateAsync({ _id: id }, { name, index: Number(index) || 0 })
   res.success({ data: '修改成功' })
 }
 
 const removeGroup = async ({ res, request }) => {
   let { params: { id } } = request
-  if(id ==='default') return res.fail({ data: false, msg: '保留分组, 禁止删除' })
-  let groupList = readGroupList()
-  let idx = groupList.findIndex(item => item.id === id)
-  if(idx === -1) return res.fail({ msg: '分组不存在' })
-
+  if (id === 'default') return res.fail({ data: false, msg: '保留分组, 禁止删除' })
   // 移除分组将所有该分组下host分配到default中去
-  let hostList = readHostList()
-  hostList = hostList.map((item) => {
-    if(item.group === groupList[idx].id) item.group = 'default'
-    return item
-  })
-  writeHostList(hostList)
-
-  groupList.splice(idx, 1)
-  writeGroupList(groupList)
-
+  let hostList = await hostListDB.findAsync({})
+  if (Array.isArray(hostList) && hostList.length > 0) {
+    for (let item of hostList) {
+      if (item.group === id) {
+        item.group = 'default'
+        await hostListDB.updateAsync({ _id: item._id }, item)
+      }
+    }
+  }
+  await groupDB.removeAsync({ _id: id })
   res.success({ data: '移除成功' })
 }
 

server/app/controller/host.js

@@ -1,68 +1,116 @@
-const { readHostList, writeHostList, readSSHRecord, writeSSHRecord } = require('../utils')
+const path = require('path')
+const decryptAndExecuteAsync = require('../utils/decrypt-file')
+const { RSADecryptAsync, AESEncryptAsync, AESDecryptAsync } = require('../utils/encrypt')
+const { HostListDB } = require('../utils/db-class')
+const hostListDB = new HostListDB().getInstance()
 
-function getHostList({ res }) {
-  const data = readHostList()
+async function getHostList({ res }) {
+  let data = await hostListDB.findAsync({})
+  data?.sort((a, b) => Number(b.index || 0) - Number(a.index || 0))
+  for (const item of data) {
+    try {
+      let { authType, _id: id, credential } = item
+      if (credential) credential = await AESDecryptAsync(credential)
+      const isConfig = Boolean(authType && item[authType])
+      Object.assign(item, { id, isConfig, password: '', privateKey: '', credential })
+    } catch (error) {
+      consola.error('getHostList error: ', error.message)
+    }
+  }
   res.success({ data })
 }
 
-function saveHost({ res, request }) {
-  let { body: { host: newHost, name, expired, expiredNotify, group, consoleUrl, remark } } = request
-  if(!newHost || !name) return res.fail({ msg: 'missing params: name or host' })
-  let hostList = readHostList()
-  if(hostList.some(({ host }) => host === newHost)) return res.fail({ msg: `主机${ newHost }已存在` })
-  hostList.push({ host: newHost, name, expired, expiredNotify, group, consoleUrl, remark })
-  writeHostList(hostList)
-  res.success()
-}
-
-function updateHost({ res, request }) {
-  let { body: { host: newHost, name: newName, oldHost, expired, expiredNotify, group, consoleUrl, remark } } = request
-  if(!newHost || !newName || !oldHost) return res.fail({ msg: '参数错误' })
-  let hostList = readHostList()
-  if(!hostList.some(({ host }) => host === oldHost)) return res.fail({ msg: `主机${ newHost }不存在` })
-  let targetIdx = hostList.findIndex(({ host }) => host === oldHost)
-  hostList.splice(targetIdx, 1, { name: newName, host: newHost, expired, expiredNotify, group, consoleUrl, remark })
-  writeHostList(hostList)
-  res.success()
-}
-
-function removeHost({ res, request }) {
-  let { body: { host } } = request
-  let hostList = readHostList()
-  let hostIdx = hostList.findIndex(item => item.host === host)
-  if(hostIdx === -1) return res.fail({ msg: `${ host }不存在` })
-  hostList.splice(hostIdx, 1)
-  writeHostList(hostList)
-  // 查询是否存在ssh记录
-  let sshRecord = readSSHRecord()
-  let sshIdx = sshRecord.findIndex(item => item.host === host)
-  let flag = sshIdx !== -1
-  if(flag) sshRecord.splice(sshIdx, 1)
-  writeSSHRecord(sshRecord)
-
-  res.success({ data: `${ host }已移除, ${ flag ? '并移除ssh记录' : '' }` })
-}
-
-function updateHostSort({ res, request }) {
-  let { body: { list } } = request
-  if(!list) return res.fail({ msg: '参数错误' })
-  let hostList = readHostList()
-  if(hostList.length !== list.length) return res.fail({ msg: '失败: host数量不匹配' })
-  let sortResult = []
-  for (let i = 0; i < list.length; i++) {
-    const curHost = list[i]
-    let temp = hostList.find(({ host }) => curHost.host === host)
-    if(!temp) return res.fail({ msg: `查找失败: ${ curHost.name }` })
-    sortResult.push(temp)
+async function addHost({ res, request }) {
+  let { body } = request
+  if (!body.name || !body.host) return res.fail({ msg: 'missing params: name or host' })
+  let newRecord = { ...body }
+  const { authType, tempKey } = newRecord
+  if (newRecord[authType] && tempKey) {
+    const clearTempKey = await RSADecryptAsync(tempKey)
+    const clearSSHKey = await AESDecryptAsync(newRecord[authType], clearTempKey)
+    newRecord[authType] = await AESEncryptAsync(clearSSHKey)
   }
-  writeHostList(sortResult)
-  res.success({ msg: 'success' })
+  await hostListDB.insertAsync(newRecord)
+  res.success()
+}
+
+async function updateHost({ res, request }) {
+  let {
+    body
+  } = request
+  if (typeof body !== 'object') return res.fail({ msg: '参数错误' })
+  const updateFiled = { ...body }
+  const { id, authType, tempKey } = updateFiled
+  if (authType && updateFiled[authType]) {
+    const clearTempKey = await RSADecryptAsync(tempKey)
+    const clearSSHKey = await AESDecryptAsync(updateFiled[authType], clearTempKey)
+    updateFiled[authType] = await AESEncryptAsync(clearSSHKey)
+    delete updateFiled.tempKey
+  } else {
+    delete updateFiled.authType
+    delete updateFiled.password
+    delete updateFiled.privateKey
+    delete updateFiled.credential
+  }
+  console.log('updateFiled: ', updateFiled)
+  await hostListDB.updateAsync({ _id: id }, { $set: { ...updateFiled } })
+  res.success({ msg: '修改成功' })
+}
+
+async function batchUpdateHost({ res, request }) {
+  let { updateHosts } = (await decryptAndExecuteAsync(path.join(__dirname, 'plus.js'))) || {}
+  if (updateHosts) {
+    await updateHosts({ res, request })
+  } else {
+    return res.fail({ data: false, msg: 'Plus专属功能!' })
+  }
+}
+
+async function removeHost({ res, request }) {
+  let { body: { ids } } = request
+  if (!Array.isArray(ids)) return res.fail({ msg: '参数错误' })
+  const numRemoved = await hostListDB.removeAsync({ _id: { $in: ids } }, { multi: true })
+  res.success({ data: `已移除,数量: ${ numRemoved }` })
+}
+
+async function importHost({ res, request }) {
+  let { body: { importHost, isEasyNodeJson = false } } = request
+  if (!Array.isArray(importHost)) return res.fail({ msg: '参数错误' })
+  let hostList = await hostListDB.findAsync({})
+  // 考虑到批量导入可能会重复太多,先过滤已存在的host:port
+  let hostListSet = new Set(hostList.map(({ host, port }) => `${ host }:${ port }`))
+  let newHostList = importHost.filter(({ host, port }) => !hostListSet.has(`${ host }:${ port }`))
+  let newHostListLen = newHostList.length
+  if (newHostListLen === 0) return res.fail({ msg: '导入的实例已存在' })
+
+  if (isEasyNodeJson) {
+    newHostList = newHostList.map((item) => {
+      item.credential = ''
+      item.isConfig = false
+      delete item.id
+      delete item.isConfig
+      return item
+    })
+  } else {
+    let extraFiels = {
+      expired: null, expiredNotify: false, group: 'default', consoleUrl: '', remark: '',
+      authType: 'privateKey', password: '', privateKey: '', credential: '', command: ''
+    }
+    newHostList = newHostList.map((item, index) => {
+      item.port = Number(item.port) || 0
+      item.index = newHostListLen - index
+      return Object.assign(item, { ...extraFiels })
+    })
+  }
+  await hostListDB.insertAsync(newHostList)
+  res.success({ data: { len: newHostList.length } })
 }
 
 module.exports = {
   getHostList,
-  saveHost,
+  addHost,
   updateHost,
   removeHost,
-  updateHostSort
+  importHost,
+  batchUpdateHost
 }

server/app/controller/log.js

@@ -0,0 +1,17 @@
+const { LogDB } = require('../utils/db-class')
+const logDB = new LogDB().getInstance()
+
+let whiteList = process.env.ALLOWED_IPS ? process.env.ALLOWED_IPS.split(',') : []
+
+async function getLog({ res }) {
+  let list = await logDB.findAsync({})
+  list = list.map(item => {
+    return { ...item, id: item._id }
+  })
+  list?.sort((a, b) => Number(b.date) - Number(a.date))
+  res.success({ data: { list, whiteList } })
+}
+
+module.exports = {
+  getLog
+}

server/app/controller/notify.js

@@ -1,89 +1,56 @@
-const {
-  readSupportEmailList,
-  readUserEmailList,
-  writeUserEmailList,
-  emailTransporter,
-  readNotifyList,
-  writeNotifyList } = require('../utils')
-const commonTemp = require('../template/commonTemp')
+const path = require('path')
+const decryptAndExecuteAsync = require('../utils/decrypt-file')
+const { sendServerChan, sendEmail } = require('../utils/notify')
+const { NotifyConfigDB, NotifyDB } = require('../utils/db-class')
+const notifyDB = new NotifyDB().getInstance()
+const notifyConfigDB = new NotifyConfigDB().getInstance()
 
-function getSupportEmailList({ res }) {
-  const data = readSupportEmailList()
+async function getNotifyConfig({ res }) {
+  const data = await notifyConfigDB.findOneAsync({})
+  return res.success({ data })
+}
+
+async function updateNotifyConfig({ res, request }) {
+  let { body: { noticeConfig } } = request
+  let { type } = noticeConfig
+  try {
+    // console.log('noticeConfig: ', noticeConfig[type])
+    switch (type) {
+      case 'sct':
+        await sendServerChan(noticeConfig[type]['sendKey'], 'EasyNode通知测试', '这是一条测试通知')
+        break
+      case 'email':
+        await sendEmail(noticeConfig[type], 'EasyNode通知测试', '这是一条测试通知')
+        break
+      case 'tg':
+        let { sendTg } = await decryptAndExecuteAsync(path.join(__dirname, '../utils/plus.js')) || {}
+        console.log('sendTg: ', sendTg)
+        if (!sendTg) return res.fail({ msg: 'Plus专属功能点，请激活Plus' })
+        await sendTg(noticeConfig[type], 'EasyNode通知测试', '这是一条测试通知')
+        break
+    }
+    await notifyConfigDB.update({}, { $set: noticeConfig }, { upsert: true })
+    return res.success({ msg: '测试通过 | 保存成功' })
+  } catch (error) {
+    return res.fail({ msg: error.message })
+  }
+}
+
+async function getNotifyList({ res }) {
+  const data = await notifyDB.findAsync({})
   res.success({ data })
 }
 
-function getUserEmailList({ res }) {
-  const userEmailList = readUserEmailList().map(({ target, auth: { user } }) => ({ target, user }))
-  const supportEmailList = readSupportEmailList()
-  const data = userEmailList.map(({ target: userTarget, user: email }) => {
-    let name = supportEmailList.find(({ target: supportTarget }) => supportTarget === userTarget).name
-    return { name, email }
-  })
-  res.success({ data })
-}
-
-async function pushEmail({ res, request }) {
-  let { body: { toEmail, isTest } } = request
-  if(!isTest) return res.fail({ msg: '此接口暂时只做测试邮件使用, 需传递参数isTest: true' })
-  consola.info('发送测试邮件：', toEmail)
-  let { code, msg } = await emailTransporter({ toEmail, title: '测试邮件', html: commonTemp('邮件通知测试邮件') })
-  msg = msg && msg.message || msg
-  if(code === 0) return res.success({ msg })
-  return res.fail({ msg })
-}
-
-function updateUserEmailList({ res, request }) {
-  let { body: { target, auth } } = request
-  const supportList = readSupportEmailList()
-  let flag = supportList.some((item) => item.target === target)
-  if(!flag) return res.fail({ msg: `不支持的邮箱类型：${ target }` })
-  if(!auth.user || !auth.pass) return res.fail({ msg: 'missing params: auth.' })
-
-  let newUserEmail = { target, auth }
-  let userEmailList = readUserEmailList()
-  let idx = userEmailList.findIndex(({ auth: { user } }) => auth.user === user)
-  if(idx !== -1) userEmailList.splice(idx, 1, newUserEmail)
-  else userEmailList.unshift(newUserEmail)
-
-  const { code, msg } = writeUserEmailList(userEmailList)
-  if(code === 0) return res.success()
-  return res.fail({ msg })
-}
-
-function removeUserEmail({ res, request }) {
-  let { params: { email } } = request
-  const userEmailList = readUserEmailList()
-  let idx = userEmailList.findIndex(({ auth: { user } }) => user === email)
-  if(idx === -1) return res.fail({ msg: `删除失败, 不存在该邮箱：${ email }` })
-  userEmailList.splice(idx, 1)
-  const { code, msg } = writeUserEmailList(userEmailList)
-  if(code === 0) return res.success()
-  return res.fail({ msg })
-}
-
-function getNotifyList({ res }) {
-  const data = readNotifyList()
-  res.success({ data })
-}
-
-function updateNotifyList({ res, request }) {
+async function updateNotifyList({ res, request }) {
   let { body: { type, sw } } = request
-  if(!([true, false].includes(sw))) return res.fail({ msg: `Error type for sw：${ sw }, must be Boolean` })
-  const notifyList = readNotifyList()
-  let target = notifyList.find((item) => item.type === type)
-  if(!target) return res.fail({ msg: `更新失败, 不存在该通知类型：${ type }` })
-  target.sw = sw
-  console.log(notifyList)
-  writeNotifyList(notifyList)
+  if (!([true, false].includes(sw))) return res.fail({ msg: `Error type for sw：${ sw }, must be Boolean` })
+  await notifyDB.updateAsync({ type }, { $set: { sw } })
   res.success()
 }
 
 module.exports = {
-  pushEmail,
-  getSupportEmailList,
-  getUserEmailList,
-  updateUserEmailList,
-  removeUserEmail,
+  getNotifyConfig,
+  updateNotifyConfig,
   getNotifyList,
   updateNotifyList
 }

server/app/controller/onekey.js

@@ -0,0 +1,27 @@
+const { OnekeyDB } = require('../utils/db-class')
+const onekeyDB = new OnekeyDB().getInstance()
+
+async function getOnekeyRecord({ res }) {
+  let data = await onekeyDB.findAsync({})
+  data = data.map(item => {
+    return { ...item, id: item._id }
+  })
+  data?.sort((a, b) => Number(b.date) - Number(a.date))
+  res.success({ data })
+}
+
+const removeOnekeyRecord = async ({ res, request }) => {
+  let { body: { ids } } = request
+  if (ids === 'ALL') {
+    await onekeyDB.removeAsync({}, { multi: true })
+    res.success({ data: '移除全部成功' })
+  } else {
+    await onekeyDB.removeAsync({ _id: { $in: ids } })
+    res.success({ data: '移除成功' })
+  }
+}
+
+module.exports = {
+  getOnekeyRecord,
+  removeOnekeyRecord
+}

server/app/controller/plus.js

@@ -0,0 +1 @@
+U2FsdGVkX18Hh5ifqReKzxVcNwA8NC2cGnvuPCHW9V4+sVMxFFE7NxliY3R9Pyu2jZvnRb80+VpkEinfaZX0H1xx+I5PU2/mqIUU+1yxKrmWQtwJm6EwNwyDFrj3Epbl1zkfTUXLhk1a5lff+s1Qic02SbnLMtThV9Pg2m6w7HeJJiYOdaRFGlHvgGL4m7O9Ps135wdsdLU9y5aRiXF+1fi35Y6ZlDwPJGEMfZyIQKF87QksAW6LOP/Y1+mgIfLS6WwJnf8kW4l0KQktfvmsWtn00neZRQJc9I6WVMEN2jq4vbeE0KqtoOV0B/+Y/nLFnJjSYs5VE4qQ3gTFzuHe/dPoWXcBX5J5RhAxeY1qVQUtgKxUVwnBeGyjCmM7scX001AoxMcZFnpl+rx1ccOHYF2wB8GsuhsRlAAgWiyPXVJFSMYW3mFm61wvy1dWFad+kNYNFJo+SW8YUSkUCs3sXHXHn8eFsy75ChgHqMp1hvvyug8eFVPwp3IgtLK1D1Et096h8EhhvCvR7VecWwFi4AeMvuZWSmn+gkgGinx9zKUjkA5Bi65tyXmCa4ozyoi+TtuWKqJZyRQ8K2Kw0fc1AUCN8Cp/89Omb9thA10lvVtEJ+k1anao1llY9tPJsYlb0lNGYUlff29cDQnKIbV8P9mHXAyjRJatypWfLPfvqBT81iEDdB5dMASgm3gZqQPrSE50hBsCjzeNaCQF32TPfEFeOWRS1M1tOFpjanJZwfUreMLR77lANkSjiPYOgUvSzgAu0JVIehjXW2vYhC3+Sg7ETbdeV74pAx+Tc8qNWPyZtbNvdg+5wegr5ICgvXObf/btDUL9Jl7x+x7SY7dDrDj6AJRQROcUCdtNisG8HBKnvWS8nqNaUmR7d2E8pQ6qEFKX1ISvkxUp5RTD+9Vos0BfL4+mUB9iovxhDTfSXCIdJa69obTvvLD9xOJvNDrd72zLTQZSI74i/cFeNlersYiQAgL26oyqkv1eFL7Xd3bzq24EbZjP3hrBEqktW5qFeUAe8cPuA3bwDQwGI5BGkQ2hsS7G8xvx0dwllUOE3XVjxEuH8hkGO/GfFdqPRHfkizoNu1yNQEQeY6s9cMp5ovY20YIPRl8bhakjcUtUjMqee5kDdmScELKzoam8TwNiTBrBiuCwA2DcaC6dWDgOjhRs1Y4LEiQ8KZptuO/zTbJc5qcoKA6CUiVTN7vD4u5DHN60mGU9hoS46hfCe++U6L5FR4lafjRdUR0qkCEtf2SKnXyWqLUTgS2kNLQr4ZZbLMi7Mm+5+Q1JIIjzqqfjOlzeO9T4F9lknUkFXD5bc0Q5g+it89KG8xDbISUznv/UTXSxh485VKecT9Cjgd7I438N6xeL1CcJZiluLOvZ0Z3FDxkrW4Tmwbi852Z7tghFAamMW7GPL8LJRt5q2fhe0/U5oKBuGglRvga2tju3wBfzQdpavyNVyRjN2pywO4fk3qhez0suF9wVOc6GU9PUU2jCRm/gEF/qrj32tUjpDbxS9D1nCs441La7bYV8eCtb+2pEjgvjtIp+BM0lz+aHnseKT/iUGHlubKhrTMJQ7jEAPKtcl2OpS4fXiVIiy0qK4rI8S/vkdcRd07H77FfPDqEHTxTMQhHMGqi+d+YpFgrXSin4vcn8KXS87MEILjn5kmUDOsXAWZCqlD3oQ5ADVt91R+Ty5DcIZgaiQkB1aq6feIfSx4rsioNCOgFqmx4mcCds4Ar6gzsRdXN4Kcw8plrrePttZLyNOleoIX5Diy3GAiq6ENCkbYtsaic5EqCQ6AV5qBzEDu0DKZkdqxUWd0wf5+gJwEFQAMj+lD/UhlHuD8ArSI56jYQUbrcfdLnXutfrNA2Ogte9RltQxiUb6N90uNW1rT/2vlUgmQgbvZriKqpm+K3CZ9+6zsCDSUgr/cJmkSvu5gIpvC81IAQX6K8sUqtc9l3vn5vEvqqIp2yb5N25xs0NB0/yglyAHgXLXbG/sE73TrRMj4W+3HGlF35YSQnsLcyzvqEIoAhjngDf/6HXCkNpUQjyc8+uzIsKTh73WV9rh1/7xoY0lxHGabI+c8j5+WlWD1K0Xec83Sodqf+XStr90w1ceK73/DZGdgJIbdKfgO4Xn9ZY8AlzbeJq0W2/WWi/nPE9UZtVK6EEuOcmG2L5/gv2hTMjko6KG+ygrn0+bSvClXL51Brq7IvfO9mMlAGV8zK8vp82RM0KH38xPaJGTHbdawB1gaatkXywzXw0YTmzfaswt46WcWlLZ8vgr01zMp7pfp6A4GAT952rSprlfE014osCZj2oe+j2FQ0QOIYPSj3IatoqlDGfMOxPAbId8sx3anls9Zbk4feeVEvy0+VEmeZVIyDSzjZWuQYQ7VQLEcyaARRtOnfDYt2STIXy61ScWepdj1tmuhw/Kc0Aov61tEZ1apHHxrugzmN96A/2FST2KkbCtsYvbBqE9bZ3F4dLAfVazWidSQv4wPKgkZHFY94jlXxkN0dkA0yildyiQC5k3Iiw3zSwZO9a91K8uSQbbL54C4Y7aCW1HG//OabzNSg9Qty5a1hoiovpCiziAc3xoxuT+75ICozxKLG8+UN3vEZ2QXMv3b/qlXhRr7t8LtlFiA9nmUMfCAieovrZSB4OzrKHe37mg17USWsF1by73YTriFRTiE7JO5E6GMFz3bloppT64svf0SHgFELOuc4xclZfJTYAhLLxkiwDzmKWWheEz5TOOL/8p+5n7+/AuffGykVu6NlmSXH1uIg9JYNUy6UFnd2vOhx+8DxSVFd+1VdW+u2zpPAgiFAiNZJGx+6BVS05kO2mQ++0BHlmbXTw2tdt/BF1N07J5kIY0yRqrMtlwAb6cNbb+yWHkYX/C+3MDLBd

server/app/controller/scripts.js

@@ -0,0 +1,73 @@
+const path = require('path')
+const decryptAndExecuteAsync = require('../utils/decrypt-file')
+const { randomStr } = require('../utils/tools')
+const { ScriptsDB } = require('../utils/db-class')
+const localShellJson = require('../config/shell.json')
+const scriptsDB = new ScriptsDB().getInstance()
+
+let localShell = JSON.parse(JSON.stringify(localShellJson)).map((item) => {
+  return { ...item, id: randomStr(10), index: '--', description: item.description + '|内置脚本' }
+})
+
+async function getScriptList({ res }) {
+  let data = await scriptsDB.findAsync({})
+  data = data.map(item => {
+    return { ...item, id: item._id }
+  })
+  data?.sort((a, b) => Number(b.index || 0) - Number(a.index || 0))
+  data.push(...localShell)
+  res.success({ data })
+}
+
+async function getLocalScriptList({ res }) {
+  res.success({ data: localShell })
+}
+
+const addScript = async ({ res, request }) => {
+  let { body: { name, description, command, index } } = request
+  if (!name || !command) return res.fail({ data: false, msg: '参数错误' })
+  index = Number(index) || 0
+  let record = { name, description, command, index }
+  await scriptsDB.insertAsync(record)
+  res.success({ data: '添加成功' })
+}
+
+const updateScriptList = async ({ res, request }) => {
+  let { params: { id } } = request
+  let { body: { name, description, command, index } } = request
+  if (!name || !command) return res.fail({ data: false, msg: '参数错误' })
+  await scriptsDB.updateAsync({ _id: id }, { name, description, command, index })
+  res.success({ data: '修改成功' })
+}
+
+const removeScript = async ({ res, request }) => {
+  let { params: { id } } = request
+  await scriptsDB.removeAsync({ _id: id })
+  res.success({ data: '移除成功' })
+}
+
+const batchRemoveScript = async ({ res, request }) => {
+  let { body: { ids } } = request
+  if (!Array.isArray(ids)) return res.fail({ msg: '参数错误' })
+  const numRemoved = await scriptsDB.removeAsync({ _id: { $in: ids } }, { multi: true })
+  res.success({ data: `批量移除成功,数量: ${ numRemoved }` })
+}
+
+const importScript = async ({ res, request }) => {
+  let { impScript } = (await decryptAndExecuteAsync(path.join(__dirname, 'plus.js'))) || {}
+  if (impScript) {
+    await impScript({ res, request })
+  } else {
+    return res.fail({ data: false, msg: 'Plus专属功能!' })
+  }
+}
+
+module.exports = {
+  addScript,
+  getScriptList,
+  getLocalScriptList,
+  updateScriptList,
+  removeScript,
+  batchRemoveScript,
+  importScript
+}

server/app/controller/ssh.js

@@ -1,57 +1,109 @@
-const { readSSHRecord, writeSSHRecord, AESEncrypt } = require('../utils')
+const path = require('path')
+const { RSADecryptAsync, AESEncryptAsync, AESDecryptAsync } = require('../utils/encrypt')
+const { HostListDB, CredentialsDB } = require('../utils/db-class')
+const decryptAndExecuteAsync = require('../utils/decrypt-file')
+const hostListDB = new HostListDB().getInstance()
+const credentialsDB = new CredentialsDB().getInstance()
+
+async function getSSHList({ res }) {
+  let data = await credentialsDB.findAsync({})
+  data = data?.map(item => {
+    const { name, authType, _id: id, date } = item
+    return { id, name, authType, privateKey: '', password: '', date }
+  }) || []
+  data.sort((a, b) => b.date - a.date)
+  res.success({ data })
+}
+
+const addSSH = async ({ res, request }) => {
+  let { body: { name, authType, password, privateKey, tempKey } } = request
+  let record = { name, authType, password, privateKey }
+  if (!name || !record[authType]) return res.fail({ data: false, msg: '参数错误' })
+  let count = await credentialsDB.countAsync({ name })
+  if (count > 0) return res.fail({ data: false, msg: '已存在同名凭证' })
+
+  const clearTempKey = await RSADecryptAsync(tempKey)
+  console.log('clearTempKey:', clearTempKey)
+  const clearSSHKey = await AESDecryptAsync(record[authType], clearTempKey)
+  // console.log(`${ authType }原密文: `, clearSSHKey)
+  record[authType] = await AESEncryptAsync(clearSSHKey)
+  // console.log(`${ authType }__commonKey加密存储: `, record[authType])
+  await credentialsDB.insertAsync({ ...record, date: Date.now() })
+  consola.info('添加凭证：', name)
+  res.success({ data: '保存成功' })
+}
 
 const updateSSH = async ({ res, request }) => {
-  let { body: { host, port, username, type, password, privateKey, randomKey, command } } = request
-  let record = { host, port, username, type, password, privateKey, randomKey, command }
-  if(!host || !port || !username || !type || !randomKey) return res.fail({ data: false, msg: '参数错误' })
-  // 再做一次对称加密(方便ssh连接时解密)
-  record.randomKey = AESEncrypt(randomKey)
-  let sshRecord = readSSHRecord()
-  let idx = sshRecord.findIndex(item => item.host === host)
-  if(idx === -1)
-    sshRecord.push(record)
-  else
-    sshRecord.splice(idx, 1, record)
-  writeSSHRecord(sshRecord)
-  consola.info('新增凭证：', host)
+  let { body: { id, name, authType, password, privateKey, date, tempKey } } = request
+  let record = { name, authType, password, privateKey, date }
+  if (!id || !name) return res.fail({ data: false, msg: '请输入凭据名称' })
+  let oldRecord = await credentialsDB.findOneAsync({ _id: id })
+  if (!oldRecord) return res.fail({ data: false, msg: '凭证不存在' })
+  // 判断原记录是否存在当前更新记录的认证方式
+  if (!oldRecord[authType] && !record[authType]) return res.fail({ data: false, msg: `请输入${ authType === 'password' ? '密码' : '密钥' }` })
+  if (!record[authType] && oldRecord[authType]) {
+    record[authType] = oldRecord[authType]
+  } else {
+    const clearTempKey = await RSADecryptAsync(tempKey)
+    console.log('clearTempKey:', clearTempKey)
+    const clearSSHKey = await AESDecryptAsync(record[authType], clearTempKey)
+    // console.log(`${ authType }原密文: `, clearSSHKey)
+    record[authType] = await AESEncryptAsync(clearSSHKey)
+    // console.log(`${ authType }__commonKey加密存储: `, record[authType])
+  }
+  await credentialsDB.updateAsync({ _id: id }, record)
+  consola.info('修改凭证：', name)
   res.success({ data: '保存成功' })
 }
 
 const removeSSH = async ({ res, request }) => {
-  let { body: { host } } = request
-  let sshRecord = readSSHRecord()
-  let idx = sshRecord.findIndex(item => item.host === host)
-  if(idx === -1) return res.fail({ msg: '凭证不存在' })
-  sshRecord.splice(idx, 1)
-  consola.info('移除凭证：', host)
-  writeSSHRecord(sshRecord)
+  let { params: { id } } = request
+  let count = await credentialsDB.countAsync({ _id: id })
+  if (count === 0) return res.fail({ msg: '凭证不存在' })
+  // 将删除的凭证id从host中删除
+  let hostList = await hostListDB.findAsync({})
+  if (Array.isArray(hostList) && hostList.length > 0) {
+    for (let host of hostList) {
+      let { credential } = host
+      credential = await AESDecryptAsync(credential)
+      if (credential === id) {
+        host.credential = ''
+        await hostListDB.updateAsync({ _id: host._id }, host)
+      }
+    }
+  }
+  await hostListDB.compactDatafileAsync()
+  consola.info('移除凭证：', id)
+  await credentialsDB.removeAsync({ _id: id })
   res.success({ data: '移除成功' })
 }
 
-const existSSH = async ({ res, request }) => {
-  let { body: { host } } = request
-  let sshRecord = readSSHRecord()
-  let idx = sshRecord.findIndex(item => item.host === host)
-  consola.info('查询凭证：', host)
-  if(idx === -1) return res.success({ data: false }) // host不存在
-  res.success({ data: true }) // 存在
+const getCommand = async ({ res, request }) => {
+  let { hostId } = request.query
+  if (!hostId) return res.fail({ data: false, msg: '参数错误' })
+  let hostInfo = await hostListDB.findAsync({})
+  let record = hostInfo?.find(item => item._id === hostId)
+  consola.info('查询登录后执行的指令：', hostId)
+  if (!record) return res.fail({ data: false, msg: 'host not found' })
+  const { command } = record
+  if (!command) return res.success({ data: false })
+  res.success({ data: command })
 }
 
-const getCommand = async ({ res, request }) => {
-  let { host } = request.query
-  if(!host) return res.fail({ data: false, msg: '参数错误' })
-  let sshRecord = readSSHRecord()
-  let record = sshRecord.find(item => item.host === host)
-  consola.info('查询登录后执行的指令：', host)
-  if(!record) return res.fail({ data: false, msg: 'host not found' }) // host不存在
-  const { command } = record
-  if(!command) return res.success({ data: false }) // command不存在
-  res.success({ data: command }) // 存在
+const decryptPrivateKey = async ({ res, request }) => {
+  let { dePrivateKey } = (await decryptAndExecuteAsync(path.join(__dirname, 'plus.js'))) || {}
+  if (dePrivateKey) {
+    await dePrivateKey({ res, request })
+  } else {
+    return res.fail({ data: false, msg: 'Plus专属功能，无法解密私钥!' })
+  }
 }
 
 module.exports = {
+  getSSHList,
+  addSSH,
   updateSSH,
   removeSSH,
-  existSSH,
-  getCommand
+  getCommand,
+  decryptPrivateKey
 }

server/app/controller/user.js

@@ -1,9 +1,22 @@
 const jwt = require('jsonwebtoken')
-const { getNetIPInfo, readKey, writeKey, RSADecrypt, AESEncrypt, SHA1Encrypt, sendEmailToConfList, getNotifySwByType } = require('../utils')
+const axios = require('axios')
+const speakeasy = require('speakeasy')
+const QRCode = require('qrcode')
+const version = require('../../package.json').version
+const getLicenseInfo = require('../utils/get-plus')
+const { plusServer1, plusServer2 } = require('../utils/plus-server')
+const { sendNoticeAsync } = require('../utils/notify')
+const { RSADecryptAsync, AESEncryptAsync, SHA1Encrypt } = require('../utils/encrypt')
+const { getNetIPInfo } = require('../utils/tools')
+const { KeyDB, LogDB, PlusDB } = require('../utils/db-class')
 
-const getpublicKey = ({ res }) => {
-  let { publicKey: data } = readKey()
-  if(!data) return res.fail({ msg: 'publicKey not found, Try to restart the server', status: 500 })
+const keyDB = new KeyDB().getInstance()
+const logDB = new LogDB().getInstance()
+const plusDB = new PlusDB().getInstance()
+
+const getpublicKey = async ({ res }) => {
+  let { publicKey: data } = await keyDB.findOneAsync({})
+  if (!data) return res.fail({ msg: 'publicKey not found, Try to restart the server', status: 500 })
   res.success({ data })
 }
 
@@ -16,18 +29,15 @@ let loginCountDown = forbidTimer
 let forbidLogin = false
 
 const login = async ({ res, request }) => {
-  let { body: { ciphertext, jwtExpires }, ip: clientIp } = request
-  if(!ciphertext) return res.fail({ msg: '参数错误' })
-
-  if(forbidLogin) return res.fail({ msg: `禁止登录! 倒计时[${ loginCountDown }s]后尝试登录或重启面板服务` })
-
+  let { body: { loginName, ciphertext, jwtExpires, mfa2Token }, ip: clientIp } = request
+  if (!loginName && !ciphertext) return res.fail({ msg: '请求非法!' })
+  if (forbidLogin) return res.fail({ msg: `禁止登录! 倒计时[${ loginCountDown }s]后尝试登录或重启面板服务` })
   loginErrCount++
   loginErrTotal++
-  if(loginErrCount >= allowErrCount) {
+  if (loginErrCount >= allowErrCount) {
     const { ip, country, city } = await getNetIPInfo(clientIp)
-    // 发送通知&禁止登录
-    let sw = getNotifySwByType('err_login')
-    if(sw) sendEmailToConfList('登录错误提醒', `重新登录次数: ${ loginErrTotal }<br/>地点：${ country + city }<br/>IP: ${ ip }`)
+    // 异步发送通知&禁止登录
+    sendNoticeAsync('err_login', '登录错误提醒', `错误登录次数: ${ loginErrTotal }\n地点：${ country + city }\nIP: ${ ip }`)
     forbidLogin = true
     loginErrCount = 0
 
@@ -38,8 +48,9 @@ const login = async ({ res, request }) => {
 
     // 计算登录倒计时
     timer = setInterval(() => {
-      if(loginCountDown <= 0){
+      if (loginCountDown <= 0) {
         clearInterval(timer)
+        timer = null
         loginCountDown = forbidTimer
         return
       }
@@ -49,21 +60,24 @@ const login = async ({ res, request }) => {
 
   // 登录流程
   try {
-    // console.log('ciphertext', ciphertext)
-    let password = RSADecrypt(ciphertext)
-    // console.log('Decrypt解密password:', password)
-    let { pwd } = readKey()
-    if(password === 'admin' && pwd === 'admin') {
-      const token = await beforeLoginHandler(clientIp, jwtExpires)
-      return res.success({ data: { token, jwtExpires }, msg: '登录成功，请及时修改默认密码' })
+    let loginPwd = await RSADecryptAsync(ciphertext)
+    let { user, pwd, enableMFA2, secret } = await keyDB.findOneAsync({})
+    if (enableMFA2) {
+      const isValid = speakeasy.totp.verify({ secret, encoding: 'base32', token: mfa2Token, window: 1 })
+      console.log('MFA2 verfify:', isValid)
+      if (!isValid) return res.fail({ msg: '验证失败' })
     }
-    password = SHA1Encrypt(password)
-    if(password !== pwd) return res.fail({ msg: '密码错误' })
+    if (loginName === user && loginPwd === 'admin' && pwd === 'admin') {
+      const token = await beforeLoginHandler(clientIp, jwtExpires)
+      return res.success({ data: { token, jwtExpires }, msg: '登录成功，请及时修改默认用户名和密码' })
+    }
+    loginPwd = SHA1Encrypt(loginPwd)
+    if (loginName !== user || loginPwd !== pwd) return res.fail({ msg: `用户名或密码错误 ${ loginErrTotal }/${ allowErrCount }` })
     const token = await beforeLoginHandler(clientIp, jwtExpires)
     return res.success({ data: { token, jwtExpires }, msg: '登录成功' })
   } catch (error) {
-    console.log('解密失败：', error)
-    res.fail({ msg: '解密失败, 请查看服务端日志' })
+    console.log('登录失败：', error.message)
+    res.fail({ msg: '登录失败, 请查看服务端日志' })
   }
 }
 
@@ -72,47 +86,141 @@ const beforeLoginHandler = async (clientIp, jwtExpires) => {
 
   // consola.success('登录成功, 准备生成token', new Date())
   // 生产token
-  let { commonKey } = readKey()
+  let { commonKey } = await keyDB.findOneAsync({})
   let token = jwt.sign({ date: Date.now() }, commonKey, { expiresIn: jwtExpires }) // 生成token
-  token = AESEncrypt(token) // 对称加密token后再传输给前端
+  token = await AESEncryptAsync(token) // 对称加密token后再传输给前端
 
-  // 记录客户端登录IP(用于判断是否异地且只保留最近10条)
+  // 记录客户端登录IP(用于判断是否异地且只保留最近10<EFBFBD><EFBFBD>)
   const clientIPInfo = await getNetIPInfo(clientIp)
   const { ip, country, city } = clientIPInfo || {}
+  consola.info('登录成功:', new Date(), { ip, country, city })
 
-  // 邮件登录通知
-  let sw = getNotifySwByType('login')
-  if(sw) sendEmailToConfList('登录提醒', `地点：${ country + city }<br/>IP: ${ ip }`)
+  // 登录通知
+  sendNoticeAsync('login', '登录提醒', `地点：${ country + city }\nIP: ${ ip }`)
 
-  global.loginRecord.unshift(clientIPInfo)
-  if(global.loginRecord.length > 10) global.loginRecord = global.loginRecord.slice(0, 10)
+  await logDB.insertAsync({ ip, country, city, date: Date.now(), type: 'login' })
   return token
 }
 
 const updatePwd = async ({ res, request }) => {
-  let { body: { oldPwd, newPwd } } = request
-  let rsaOldPwd = RSADecrypt(oldPwd)
+  let { body: { oldLoginName, oldPwd, newLoginName, newPwd } } = request
+  let rsaOldPwd = await RSADecryptAsync(oldPwd)
   oldPwd = rsaOldPwd === 'admin' ? 'admin' : SHA1Encrypt(rsaOldPwd)
-  let keyObj = readKey()
-  if(oldPwd !== keyObj.pwd) return res.fail({ data: false, msg: '旧密码校验失败' })
+  let keyObj = await keyDB.findOneAsync({})
+  let { user, pwd } = keyObj
+  if (oldLoginName !== user || oldPwd !== pwd) return res.fail({ data: false, msg: '原用户名或密码校验失败' })
   // 旧密钥校验通过，加密保存新密码
-  newPwd = RSADecrypt(newPwd) === 'admin' ? 'admin' : SHA1Encrypt(RSADecrypt(newPwd))
+  newPwd = await RSADecryptAsync(newPwd) === 'admin' ? 'admin' : SHA1Encrypt(await RSADecryptAsync(newPwd))
+  keyObj.user = newLoginName
   keyObj.pwd = newPwd
-  writeKey(keyObj)
-
-  let sw = getNotifySwByType('updatePwd')
-  if(sw) sendEmailToConfList('密码修改提醒', '面板登录密码已更改')
-
+  await keyDB.updateAsync({}, keyObj)
+  sendNoticeAsync('updatePwd', '用户密码修改提醒', `原用户名：${ user }\n更新用户名: ${ newLoginName }`)
   res.success({ data: true, msg: 'success' })
 }
 
-const getLoginRecord = async ({ res }) => {
-  res.success({ data: global.loginRecord, msg: 'success' })
+const getEasynodeVersion = async ({ res }) => {
+  try {
+    // const { data } = await axios.get('https://api.github.com/repos/chaos-zhu/easynode/releases/latest')
+    const { data } = await axios.get('https://get-easynode-latest-version.chaoszhu.workers.dev/version')
+    res.success({ data, msg: 'success' })
+  } catch (error) {
+    consola.error('Failed to fetch Easynode latest version:', error)
+    res.fail({ msg: 'Failed to fetch Easynode latest version' })
+  }
+}
+
+let tempSecret = null
+const getMFA2Status = async ({ res }) => {
+  const { enableMFA2 = false } = await keyDB.findOneAsync({})
+  res.success({ data: enableMFA2, msg: 'success' })
+}
+const getMFA2Code = async ({ res }) => {
+  const { user } = await keyDB.findOneAsync({})
+  let { otpauth_url, base32 } = speakeasy.generateSecret({ name: `EasyNode-${ user }`, length: 20 })
+  tempSecret = base32
+  const qrImage = await QRCode.toDataURL(otpauth_url)
+  const data = { qrImage, secret: tempSecret }
+  res.success({ data, msg: 'success' })
+}
+
+const enableMFA2 = async ({ res, request }) => {
+  const { body: { token } } = request
+  if (!token) return res.fail({ data: false, msg: '参数错误' })
+  try {
+    // const isValid = authenticator.verify({ token, secret: tempSecret })
+    const isValid = speakeasy.totp.verify({ secret: tempSecret, encoding: 'base32', token, window: 1 })
+    if (!isValid) return res.fail({ msg: '验证失败' })
+    const keyConfig = await keyDB.findOneAsync({})
+    keyConfig.enableMFA2 = true
+    keyConfig.secret = tempSecret
+    tempSecret = null
+    await keyDB.updateAsync({}, keyConfig)
+    res.success({ msg: '验证成功' })
+  } catch (error) {
+    res.fail({ msg: `验证失败: ${ error.message }` })
+  }
+}
+
+const disableMFA2 = async ({ res }) => {
+  const keyConfig = await keyDB.findOneAsync({})
+  keyConfig.enableMFA2 = false
+  keyConfig.secret = null
+  await keyDB.updateAsync({}, keyConfig)
+  res.success({ msg: 'success' })
+}
+
+const getPlusInfo = async ({ res }) => {
+  let data = await plusDB.findOneAsync({})
+  delete data?._id
+  delete data?.decryptKey
+  res.success({ data, msg: 'success' })
+}
+
+const getPlusDiscount = async ({ res } = {}) => {
+  if (process.env.EXEC_ENV === 'local') return res.success({ discount: false })
+  const servers = [plusServer1, plusServer2]
+  for (const server of servers) {
+    try {
+      const url = `${ server }/api/announcement/public?version=${ version }`
+      const response = await fetch(url)
+      if (!response.ok) {
+        throw new Error(`HTTP error! status: ${ response.status }`)
+      }
+      const data = await response.json()
+      return res.success({ data, msg: 'success' })
+    } catch (error) {
+      if (server === servers[servers.length - 1]) {
+        consola.error('All servers failed:', error.message)
+        return res.success({ discount: false })
+      }
+      continue
+    }
+  }
+}
+
+const getPlusConf = async ({ res }) => {
+  const { key } = await plusDB.findOneAsync({}) || {}
+  res.success({ data: key || '', msg: 'success' })
+}
+
+const updatePlusKey = async ({ res, request }) => {
+  const { body: { key } } = request
+  const { success, msg } = await getLicenseInfo(key)
+  if (!success) return res.fail({ msg })
+  res.success({ msg: 'success' })
 }
 
 module.exports = {
   login,
   getpublicKey,
   updatePwd,
-  getLoginRecord
+  getEasynodeVersion,
+  getMFA2Status,
+  getMFA2Code,
+  enableMFA2,
+  disableMFA2,
+  getPlusInfo,
+  getPlusDiscount,
+  getPlusConf,
+  updatePlusKey
 }

server/app/db.js

@@ -0,0 +1,104 @@
+const NodeRSA = require('node-rsa')
+const { randomStr } = require('./utils/tools')
+const { AESEncryptAsync } = require('./utils/encrypt')
+const { KeyDB, GroupDB, NotifyDB, NotifyConfigDB } = require('./utils/db-class')
+
+async function initKeyDB() {
+  const keyDB = new KeyDB().getInstance()
+  let count = await keyDB.countAsync({})
+  if (count !== 0) return consola.info('公私钥已存在[重新生成会导致已保存的ssh密钥信息失效]')
+  let newConfig = {
+    user: 'admin',
+    pwd: 'admin',
+    commonKey: randomStr(16),
+    publicKey: '',
+    privateKey: ''
+  }
+  await keyDB.insertAsync(newConfig)
+  let key = new NodeRSA({ b: 1024 })
+  key.setOptions({ encryptionScheme: 'pkcs1', environment: 'browser' })
+  let privateKey = key.exportKey('pkcs1-private-pem')
+  let publicKey = key.exportKey('pkcs8-public-pem')
+  newConfig.privateKey = await AESEncryptAsync(privateKey, newConfig.commonKey) // 加密私钥
+  newConfig.publicKey = publicKey // 公开公钥
+  await keyDB.updateAsync({}, { $set: newConfig }, { upsert: true })
+  consola.info('Task: 已生成新的非对称加密公私钥')
+}
+
+async function initGroupDB() {
+  const groupDB = new GroupDB().getInstance()
+  let count = await groupDB.countAsync({})
+  if (count === 0) {
+    consola.log('初始化groupDB✔')
+    const defaultData = [{ '_id': 'default', 'name': '默认分组', 'index': 0 }]
+    return groupDB.insertAsync(defaultData)
+  }
+  return Promise.resolve()
+}
+
+async function initNotifyDB() {
+  const notifyDB = new NotifyDB().getInstance()
+  let count = await notifyDB.countAsync({})
+  if (count !== 0) return
+  consola.log('初始化notifyDB✔')
+  let defaultData = [{
+    'type': 'login',
+    'desc': '登录面板提醒',
+    'sw': false
+  }, {
+    'type': 'err_login',
+    'desc': '登录错误提醒(连续5次)',
+    'sw': false
+  }, {
+    'type': 'updatePwd',
+    'desc': '修改密码提醒',
+    'sw': false
+  }, {
+    'type': 'host_login',
+    'desc': '服务器登录提醒',
+    'sw': false
+  }, {
+    'type': 'onekey_complete',
+    'desc': '批量指令执行完成提醒',
+    'sw': false
+  }, {
+    'type': 'host_expired',
+    'desc': '服务器到期提醒',
+    'sw': false
+  }]
+  return notifyDB.insertAsync(defaultData)
+}
+
+async function initNotifyConfigDB() {
+  const notifyConfigDB = new NotifyConfigDB().getInstance()
+  let notifyConfig = await notifyConfigDB.findOneAsync({})
+  consola.log('初始化NotifyConfigDB✔')
+  const defaultData = {
+    type: 'sct',
+    sct: {
+      sendKey: ''
+    },
+    email: {
+      service: 'QQ',
+      user: '',
+      pass: ''
+    },
+    tg: {
+      token: '',
+      chatId: ''
+    }
+  }
+  if (notifyConfig) {
+    await notifyConfigDB.removeAsync({ _id: notifyConfig._id })
+    delete notifyConfig._id
+    return notifyConfigDB.insertAsync(Object.assign({}, defaultData, notifyConfig))
+  }
+  return notifyConfigDB.insertAsync(defaultData)
+}
+
+module.exports = async () => {
+  await initKeyDB()
+  await initNotifyDB()
+  await initGroupDB()
+  await initNotifyConfigDB()
+}

server/app/init.js

@@ -1,49 +0,0 @@
-const NodeRSA = require('node-rsa')
-const { getNetIPInfo, readHostList, writeHostList, readKey, writeKey, randomStr, isProd, AESEncrypt } = require('./utils')
-
-const isDev = !isProd()
-
-// 存储本机IP, 供host列表接口调用
-async function initLocalIp() {
-  if(isDev) return consola.info('非生产环境不初始化保存本地IP')
-  const localNetIPInfo = await getNetIPInfo()
-  let vpsList = readHostList()
-  let { ip: localNetIP } = localNetIPInfo
-  if(vpsList.some(({ host }) => host === localNetIP)) return consola.info('本机IP已储存: ', localNetIP)
-  vpsList.unshift({ name: 'server-side-host', host: localNetIP, group: 'default' })
-  writeHostList(vpsList)
-  consola.info('Task: 生产环境首次启动储存本机IP: ', localNetIP)
-}
-
-// 初始化公私钥, 供登录、保存ssh密钥/密码等加解密
-async function initRsa() {
-  let keyObj = readKey()
-  if(keyObj.privateKey && keyObj.publicKey) return consola.info('公私钥已存在[重新生成会导致已保存的ssh密钥信息失效]')
-
-  let key = new NodeRSA({ b: 1024 })
-  key.setOptions({ encryptionScheme: 'pkcs1' })
-  let privateKey = key.exportKey('pkcs1-private-pem')
-  let publicKey = key.exportKey('pkcs8-public-pem')
-  keyObj.privateKey = AESEncrypt(privateKey) // 加密私钥
-  keyObj.publicKey = publicKey // 公开公钥
-  writeKey(keyObj)
-  consola.info('Task: 已生成新的非对称加密公私钥')
-}
-
-// 随机的commonKey secret
-function randomJWTSecret() {
-  let keyObj = readKey()
-  if(keyObj.commonKey) return consola.info('commonKey密钥已存在')
-
-  keyObj.commonKey = randomStr(16)
-  writeKey(keyObj)
-  consola.info('Task: 已生成新的随机commonKey密钥')
-}
-
-module.exports = () => {
-  randomJWTSecret() // 先生成全局唯一密钥
-  initLocalIp()
-  initRsa()
-  // 用于记录客户端登录IP的列表
-  global.loginRecord = []
-}

server/app/main.js

@@ -1,13 +1,13 @@
-const consola = require('consola')
-global.consola = consola
-const { httpServer, clientHttpServer } = require('./server')
-const initLocal = require('./init')
+const { httpServer } = require('./server')
+const initDB = require('./db')
 const scheduleJob = require('./schedule')
+const getLicenseInfo = require('./utils/get-plus')
 
-scheduleJob()
+async function main() {
+  await initDB()
+  httpServer()
+  scheduleJob()
+  getLicenseInfo()
+}
 
-initLocal()
-
-httpServer()
-
-clientHttpServer()
+main()

server/app/middlewares/auth.js

@@ -1,5 +1,5 @@
-const { verifyAuth } = require('../utils')
 const { apiPrefix } = require('../config')
+const { verifyAuthSync } = require('../utils/verify-auth')
 
 let whitePath = [
   '/login',
@@ -10,11 +10,11 @@ consola.info('路由白名单：', whitePath)
 const useAuth = async ({ request, res }, next) => {
   const { path, headers: { token } } = request
   consola.info('verify path: ', path)
-  if(whitePath.includes(path)) return next()
-  if(!token) return res.fail({ msg: '未登录', status: 403 })
+  if (whitePath.includes(path)) return next()
+  if (!token) return res.fail({ msg: '未登录', status: 403 })
   // 验证token
-  const { code, msg } = verifyAuth(token, request.ip)
-  switch(code) {
+  const { code, msg } = await verifyAuthSync(token, request.ip)
+  switch (code) {
     case 1:
       return await next()
     case -1:

server/app/middlewares/body.js

@@ -1,4 +1,4 @@
-const koaBody = require('koa-body')
+const { koaBody } = require('koa-body')
 const { uploadDir } = require('../config')
 
 module.exports = koaBody({

server/app/middlewares/compress.js

@@ -1,3 +1,4 @@
+// 响应压缩模块，自适应头部压缩方式
 const compress = require('koa-compress')
 
 const options = { threshold: 2048 }

server/app/middlewares/index.js

@@ -1,3 +1,4 @@
+const ipFilter = require('./ipFilter') // IP过滤
 const responseHandler = require('./response') // 统一返回格式, 错误捕获
 const useAuth = require('./auth') // 鉴权
 // const useCors = require('./cors') // 处理跨域[暂时禁止]
@@ -8,8 +9,8 @@ const useStatic = require('./static') // 静态目录
 const compress = require('./compress') // br/gzip压缩
 const history = require('./history') // vue-router的history模式
 
-// 注意注册顺序
 module.exports = [
+  ipFilter,
   compress,
   history,
   useStatic, // staic先注册，不然会被jwt拦截

server/app/middlewares/ipFilter.js

@@ -0,0 +1,16 @@
+// 白名单IP
+const fs = require('fs')
+const path = require('path')
+const { isAllowedIp } = require('../utils/tools')
+
+const htmlPath = path.join(__dirname, '../template/ipForbidden.html')
+const ipForbiddenHtml = fs.readFileSync(htmlPath, 'utf8')
+
+const ipFilter = async (ctx, next) => {
+  // console.log('requestIP:', ctx.request.ip)
+  if (isAllowedIp(ctx.request.ip)) return await next()
+  ctx.status = 403
+  ctx.body = ipForbiddenHtml
+}
+
+module.exports = ipFilter

server/app/middlewares/log4.js

@@ -3,27 +3,28 @@ const { outDir, recordLog } = require('../config').logConfig
 
 log4js.configure({
   appenders: {
-    // 控制台输出
-    out: {
+    console: {
       type: 'stdout',
       layout: {
-        type: 'colored'
+        type: 'pattern',
+        pattern: '%[%d{yyyy-MM-dd hh:mm:ss.SSS} [%p] -%] %m'
       }
     },
-    // 保存日志文件
     cheese: {
       type: 'file',
-      maxLogSize: 512*1024, // unit: bytes     1KB = 1024bytes
-      filename: `${ outDir }/receive.log`
+      maxLogSize: 10 * 1024 * 1024, // unit: bytes     1KB = 1024bytes
+      filename: `${ outDir }/receive.log`,
+      backups: 10,
+      compress: true,
+      keepFileExt: true
     }
   },
   categories: {
     default: {
-      appenders: [ 'out', 'cheese' ], // 配置
-      level: 'info' // 只输出info以上级别的日志
+      appenders: ['console', 'cheese'],
+      level: 'debug'
     }
   }
-  // pm2: true
 })
 
 const logger = log4js.getLogger()
@@ -55,4 +56,7 @@ const useLog = () => {
   }
 }
 
-module.exports = useLog()
+module.exports = useLog()
+
+// 可以先测试一下日志是否正常工作
+logger.info('日志系统启动')

server/app/middlewares/response.js

@@ -22,6 +22,7 @@ const responseHandler = async (ctx, next) => {
   try {
     await next() // 每个中间件都需等待next完成调用，不然会返回404给前端!!!
   } catch (err) {
+    console.dir(err)
     consola.error('中间件错误：', err)
     if (err.status)
       ctx.res.fail({ status: err.status, msg: err.message }) // 自己主动抛出的错误 throwError

server/app/middlewares/static.js

@@ -5,7 +5,7 @@ const useStatic = koaStatic(staticDir, {
   maxage: 1000 * 60 * 60 * 24 * 30,
   gzip: true,
   setHeaders: (res, path) => {
-    if(path && path.endsWith('.html')) {
+    if (path && path.endsWith('.html')) {
       res.setHeader('Cache-Control', 'max-age=0')
     }
   }

server/app/router/routes.js

@@ -1,29 +1,42 @@
-const { updateSSH, removeSSH, existSSH, getCommand } = require('../controller/ssh')
-const { getHostList, saveHost, updateHost, removeHost, updateHostSort } = require('../controller/host')
-const { login, getpublicKey, updatePwd, getLoginRecord } = require('../controller/user')
-const { getSupportEmailList, getUserEmailList, updateUserEmailList, removeUserEmail, pushEmail, getNotifyList, updateNotifyList } = require('../controller/notify')
+const { getSSHList, addSSH, updateSSH, removeSSH, getCommand, decryptPrivateKey } = require('../controller/ssh')
+const { getHostList, addHost, updateHost, batchUpdateHost, removeHost, importHost } = require('../controller/host')
+const { login, getpublicKey, updatePwd, getEasynodeVersion, getMFA2Status, getMFA2Code, enableMFA2, disableMFA2, getPlusInfo, getPlusDiscount, getPlusConf, updatePlusKey } = require('../controller/user')
+const { getNotifyConfig, updateNotifyConfig, getNotifyList, updateNotifyList } = require('../controller/notify')
 const { getGroupList, addGroupList, updateGroupList, removeGroup } = require('../controller/group')
+const { getScriptList, getLocalScriptList, addScript, updateScriptList, removeScript, batchRemoveScript, importScript } = require('../controller/scripts')
+const { getOnekeyRecord, removeOnekeyRecord } = require('../controller/onekey')
+const { getLog } = require('../controller/log')
 
 const ssh = [
+  {
+    method: 'get',
+    path: '/get-ssh-list',
+    controller: getSSHList
+  },
+  {
+    method: 'post',
+    path: '/add-ssh',
+    controller: addSSH
+  },
   {
     method: 'post',
     path: '/update-ssh',
     controller: updateSSH
   },
   {
-    method: 'post',
-    path: '/remove-ssh',
+    method: 'delete',
+    path: '/remove-ssh/:id',
     controller: removeSSH
   },
-  {
-    method: 'post',
-    path: '/exist-ssh',
-    controller: existSSH
-  },
   {
     method: 'get',
     path: '/command',
     controller: getCommand
+  },
+  {
+    method: 'post',
+    path: '/decrypt-private-key',
+    controller: decryptPrivateKey
   }
 ]
 const host = [
@@ -35,22 +48,27 @@ const host = [
   {
     method: 'post',
     path: '/host-save',
-    controller: saveHost
+    controller: addHost
   },
   {
     method: 'put',
     path: '/host-save',
     controller: updateHost
   },
+  {
+    method: 'put',
+    path: '/batch-update-host',
+    controller: batchUpdateHost
+  },
   {
     method: 'post',
     path: '/host-remove',
     controller: removeHost
   },
   {
-    method: 'put',
-    path: '/host-sort',
-    controller: updateHostSort
+    method: 'post',
+    path: '/import-host',
+    controller: importHost
   }
 ]
 const user = [
@@ -71,35 +89,60 @@ const user = [
   },
   {
     method: 'get',
-    path: '/get-login-record',
-    controller: getLoginRecord
+    path: '/version',
+    controller: getEasynodeVersion
+  },
+  {
+    method: 'get',
+    path: '/mfa2-status',
+    controller: getMFA2Status
+  },
+  {
+    method: 'post',
+    path: '/mfa2-code',
+    controller: getMFA2Code
+  },
+  {
+    method: 'post',
+    path: '/mfa2-enable',
+    controller: enableMFA2
+  },
+  {
+    method: 'post',
+    path: '/mfa2-disable',
+    controller: disableMFA2
+  },
+  {
+    method: 'get',
+    path: '/plus-info',
+    controller: getPlusInfo
+  },
+  {
+    method: 'get',
+    path: '/plus-discount',
+    controller: getPlusDiscount
+  },
+  {
+    method: 'get',
+    path: '/plus-conf',
+    controller: getPlusConf
+  },
+  {
+    method: 'post',
+    path: '/plus-conf',
+    controller: updatePlusKey
   }
 ]
 const notify = [
   {
     method: 'get',
-    path: '/support-email',
-    controller: getSupportEmailList
+    path: '/notify-config',
+    controller: getNotifyConfig
   },
   {
-    method: 'get',
-    path: '/user-email',
-    controller: getUserEmailList
-  },
-  {
-    method: 'post',
-    path: '/push-email',
-    controller: pushEmail
-  },
-  {
-    method: 'post',
-    path: '/user-email',
-    controller: updateUserEmailList
-  },
-  {
-    method: 'delete',
-    path: '/user-email/:email',
-    controller: removeUserEmail
+    method: 'put',
+    path: '/notify-config',
+    controller: updateNotifyConfig
   },
   {
     method: 'get',
@@ -136,4 +179,62 @@ const group = [
   }
 ]
 
-module.exports = [].concat(ssh, host, user, notify, group)
+const scripts = [
+  {
+    method: 'get',
+    path: '/script',
+    controller: getScriptList
+  },
+  {
+    method: 'get',
+    path: '/local-script',
+    controller: getLocalScriptList
+  },
+  {
+    method: 'post',
+    path: '/script',
+    controller: addScript
+  },
+  {
+    method: 'delete',
+    path: '/script/:id',
+    controller: removeScript
+  },
+  {
+    method: 'post',
+    path: '/batch-remove-script',
+    controller: batchRemoveScript
+  },
+  {
+    method: 'put',
+    path: '/script/:id',
+    controller: updateScriptList
+  },
+  {
+    method: 'post',
+    path: '/import-script',
+    controller: importScript
+  }
+]
+
+const onekey = [
+  {
+    method: 'get',
+    path: '/onekey',
+    controller: getOnekeyRecord
+  },
+  {
+    method: 'post',
+    path: '/onekey',
+    controller: removeOnekeyRecord
+  }
+]
+
+const log = [
+  {
+    method: 'get',
+    path: '/log',
+    controller: getLog
+  }
+]
+module.exports = [].concat(ssh, host, user, notify, group, scripts, onekey, log)

server/app/schedule/expired-notify.js

@@ -1,29 +0,0 @@
-const schedule = require('node-schedule')
-const { readHostList, sendEmailToConfList, formatTimestamp } = require('../utils')
-
-const expiredNotifyJob = () => {
-  consola.info('=====开始检测服务器到期时间=====', new Date())
-  const hostList = readHostList()
-  for (const item of hostList) {
-    if(!item.expiredNotify) continue
-    const { host, name, expired, consoleUrl } = item
-    const restDay = Number(((expired - Date.now()) / (1000 * 60 * 60 * 24)).toFixed(1))
-    console.log(Date.now(), restDay)
-    let title = '服务器到期提醒'
-    let content = `别名: ${ name }<br/>IP: ${ host }<br/>到期时间：${ formatTimestamp(expired, 'week') }<br/>控制台: ${ consoleUrl || '未填写' }`
-    if(0 <= restDay && restDay <= 1) {
-      let temp = '有服务器将在一天后到期，请关注<br/>'
-      sendEmailToConfList(title, temp + content)
-    }else if(3 <= restDay && restDay < 4) {
-      let temp = '有服务器将在三天后到期，请关注<br/>'
-      sendEmailToConfList(title, temp + content)
-    }else if(7 <= restDay && restDay < 8) {
-      let temp = '有服务器将在七天后到期，请关注<br/>'
-      sendEmailToConfList(title, temp + content)
-    }
-  }
-}
-
-module.exports = () => {
-  schedule.scheduleJob('0 0 12 1/1 * ?', expiredNotifyJob)
-}

server/app/schedule/index.js

@@ -1,7 +1,32 @@
-const offlineInspect = require('./offline-inspect')
-const expiredNotify = require('./expired-notify')
+const schedule = require('node-schedule')
+const { sendNoticeAsync } = require('../utils/notify')
+const { formatTimestamp } = require('../utils/tools')
+const { HostListDB } = require('../utils/db-class')
+const hostListDB = new HostListDB().getInstance()
+
+const expiredNotifyJob = async () => {
+  consola.info('=====开始检测服务器到期时间=====', new Date())
+  const hostList = await hostListDB.findAsync({})
+  for (const item of hostList) {
+    if (!item.expiredNotify) continue
+    const { host, name, expired, consoleUrl } = item
+    const restDay = Number(((expired - Date.now()) / (1000 * 60 * 60 * 24)).toFixed(1))
+    console.log(Date.now(), restDay)
+    let title = '服务器到期提醒'
+    let content = `别名: ${ name }\nIP: ${ host }\n到期时间：${ formatTimestamp(expired, 'week') }\n控制台: ${ consoleUrl || '未填写' }`
+    if (0 <= restDay && restDay <= 1) {
+      let temp = '有服务器将在一天后到期，请关注\n'
+      sendNoticeAsync('host_expired', title, temp + content)
+    } else if (3 <= restDay && restDay < 4) {
+      let temp = '有服务器将在三天后到期，请关注\n'
+      sendNoticeAsync('host_expired', title, temp + content)
+    } else if (7 <= restDay && restDay < 8) {
+      let temp = '有服务器将在七天后到期，请关注\n'
+      sendNoticeAsync('host_expired', title, temp + content)
+    }
+  }
+}
 
 module.exports = () => {
-  offlineInspect()
-  expiredNotify()
+  schedule.scheduleJob('0 0 12 1/1 * ?', expiredNotifyJob)
 }

server/app/schedule/offline-inspect.js

@@ -1,39 +0,0 @@
-const schedule = require('node-schedule')
-const { clientPort } = require('../config')
-const { readHostList, sendEmailToConfList, getNotifySwByType, formatTimestamp, isProd } = require('../utils')
-const testConnectAsync = require('../utils/test-connect')
-
-let sendNotifyRecord = new Map()
-const offlineJob = () => {
-  let sw = getNotifySwByType('host_offline')
-  if(!sw) return
-  consola.info('=====开始检测服务器状态=====', new Date())
-  for (const item of readHostList()) {
-    const { host, name } = item
-    // consola.info('start inpect:', host, name )
-    testConnectAsync({
-      port: clientPort ,
-      host: `http://${ host }`,
-      timeout: 3000,
-      retryTimes: 20 // 尝试重连次数
-    })
-      .then(() => {
-        // consola.success('测试连接成功:', host, name)
-      })
-      .catch((error) => {
-        consola.error('测试连接失败: ', host, name)
-        // 当前小时是否发送过通知
-        let curHourIsSend = sendNotifyRecord.has(host) && (sendNotifyRecord.get(host).sendTime === formatTimestamp(Date.now(), 'hour'))
-        if(curHourIsSend) return consola.info('当前小时已发送过通知: ', sendNotifyRecord.get(host).sendTime)
-        sendEmailToConfList('服务器离线提醒', `别名: ${ name }<br/>IP: ${ host }<br/>错误信息：${ error.message }`)
-          .then(() => {
-            sendNotifyRecord.set(host, { 'sendTime': formatTimestamp(Date.now(), 'hour') })
-          })
-      })
-  }
-}
-
-module.exports = () => {
-  if(!isProd()) return consola.info('本地开发不检测服务器离线状态')
-  schedule.scheduleJob('0 0/5 12 1/1 * ?', offlineJob)
-}

server/app/server.js

@@ -1,15 +1,13 @@
 const Koa = require('koa')
 const compose = require('koa-compose') // 组合中间件，简化写法
 const http = require('http')
-const { clientPort } = require('./config')
 const { httpPort } = require('./config')
 const middlewares = require('./middlewares')
-const wsMonitorOsInfo = require('./socket/monitor')
 const wsTerminal = require('./socket/terminal')
 const wsSftp = require('./socket/sftp')
-const wsHostStatus = require('./socket/host-status')
 const wsClientInfo = require('./socket/clients')
-const { throwError } = require('./utils')
+const wsOnekey = require('./socket/onekey')
+const { throwError } = require('./utils/tools')
 
 const httpServer = () => {
   const app = new Koa()
@@ -21,21 +19,12 @@ const httpServer = () => {
   })
 }
 
-const clientHttpServer = () => {
-  const app = new Koa()
-  const server = http.createServer(app.callback())
-  wsMonitorOsInfo(server) // 监控本机信息
-  server.listen(clientPort, () => {
-    consola.success(`Client(http) is running on: http://localhost:${ clientPort }`)
-  })
-}
-
 // 服务
 function serverHandler(app, server) {
   app.proxy = true // 用于nginx反代时获取真实客户端ip
   wsTerminal(server) // 终端
   wsSftp(server) // sftp
-  wsHostStatus(server) // 终端侧边栏host信息
+  wsOnekey(server) // 一键指令
   wsClientInfo(server) // 客户端信息
   app.context.throwError = throwError // 常用方法挂载全局ctx上
   app.use(compose(middlewares))
@@ -50,6 +39,5 @@ function serverHandler(app, server) {
 }
 
 module.exports = {
-  httpServer,
-  clientHttpServer
+  httpServer
 }

server/app/socket/clients.js

@@ -1,48 +1,62 @@
 const { Server: ServerIO } = require('socket.io')
 const { io: ClientIO } = require('socket.io-client')
-const { readHostList } = require('../utils')
-const { clientPort } = require('../config')
-const { verifyAuth } = require('../utils')
+const { defaultClientPort } = require('../config')
+const { verifyAuthSync } = require('../utils/verify-auth')
+const { isAllowedIp } = require('../utils/tools')
+const { HostListDB } = require('../utils/db-class')
+const hostListDB = new HostListDB().getInstance()
 
-let clientSockets = {}, clientsData = {}
+let clientSockets = []
+let clientsData = {}
 
-function getClientsInfo(socketId) {
-  let hostList = readHostList()
+async function getClientsInfo(clientSockets) {
+  let hostList = await hostListDB.findAsync({})
+  clientSockets.forEach((clientItem) => {
+    // 被删除的客户端断开连接
+    if (!hostList.some(item => item.host === clientItem.host)) clientItem.close && clientItem.close()
+  })
   hostList
-    .map(({ host, name }) => {
-      let clientSocket = ClientIO(`http://${ host }:${ clientPort }`, {
+    .map(({ host, name, clientPort }) => {
+      // 已经建立io连接(无论是否连接成功)的host不再重复建立连接,因为存在多次(reconnectionAttempts)的重试机制
+      if (clientSockets.some(item => `${ item.host }:${ item.clientPort || defaultClientPort }` === `${ host }:${ clientPort || defaultClientPort }`)) return { name, isIo: true }
+      // console.log(name, 'clientPort:', clientPort)
+      let clientSocket = ClientIO(`http://${ host }:${ clientPort || defaultClientPort }`, {
         path: '/client/os-info',
         forceNew: true,
         timeout: 5000,
-        reconnectionDelay: 3000,
-        reconnectionAttempts: 100
+        reconnectionDelay: 5000,
+        reconnectionAttempts: 1000
       })
       // 将与客户端连接的socket实例保存起来，web端断开时关闭这些连接
-      clientSockets[socketId].push(clientSocket)
+      clientSockets.push({ host, name, clientPort, clientSocket })
       return {
         host,
         name,
+        clientPort,
         clientSocket
       }
     })
-    .map(({ host, name, clientSocket }) => {
+    .forEach((item) => {
+      if (item.isIo) return // console.log('已经建立io连接的host不再重复建立连接', item.name)
+      const { host, name, clientPort, clientSocket } = item
+      // eslint-disable-next-line no-unused-vars
       clientSocket
         .on('connect', () => {
           consola.success('client connect success:', host, name)
           clientSocket.on('client_data', (osData) => {
-            clientsData[host] = osData
+            clientsData[`${ host }:${ clientPort || defaultClientPort }`] = { connect: true, ...osData }
           })
           clientSocket.on('client_error', (error) => {
-            clientsData[host] = error
+            clientsData[`${ host }:${ clientPort || defaultClientPort }`] = { connect: true, error: `client_error: ${ error }` }
           })
         })
-        .on('connect_error', (error) => {
-          consola.error('client connect fail:', host, name, error.message)
-          clientsData[host] = null
+        .on('connect_error', (error) => { // 连接失败
+          // consola.error('client connect fail:', host, name, error.message)
+          clientsData[`${ host }:${ clientPort || defaultClientPort }`] = { connect: false, error: `client_connect_error: ${ error }` }
         })
-        .on('disconnect', () => {
-          consola.info('client connect disconnect:', host, name)
-          clientsData[host] = null
+        .on('disconnect', (error) => { // 一方主动断开连接
+          // consola.info('client connect disconnect:', host, name)
+          clientsData[`${ host }:${ clientPort || defaultClientPort }`] = { connect: false, error: `client_disconnect: ${ error }` }
         })
     })
 }
@@ -57,40 +71,38 @@ module.exports = (httpServer) => {
 
   serverIo.on('connection', (socket) => {
     // 前者兼容nginx反代, 后者兼容nodejs自身服务
-    let clientIp = socket.handshake.headers['x-forwarded-for'] || socket.handshake.address
-    socket.on('init_clients_data', ({ token }) => {
-      // 校验登录态
-      const { code, msg } = verifyAuth(token, clientIp)
-      if(code !== 1) {
+    let requestIP = socket.handshake.headers['x-forwarded-for'] || socket.handshake.address
+    if (!isAllowedIp(requestIP)) {
+      socket.emit('ip_forbidden', 'IP地址不在白名单中')
+      socket.disconnect()
+      return
+    }
+    socket.on('init_clients_data', async ({ token }) => {
+      const { code, msg } = await verifyAuthSync(token, requestIP)
+      if (code !== 1) {
         socket.emit('token_verify_fail', msg || '鉴权失败')
         socket.disconnect()
         return
       }
 
-      // 收集web端连接的id
-      clientSockets[socket.id] = []
-      consola.info('client连接socketId: ', socket.id, 'clients-socket已连接数: ', Object.keys(clientSockets).length)
+      getClientsInfo(clientSockets)
 
-      // 获取客户端数据
-      getClientsInfo(socket.id)
+      socket.on('refresh_clients_data', async () => {
+        consola.info('refresh clients-socket')
+        getClientsInfo(clientSockets)
+      })
 
-      // 立即推送一次
-      socket.emit('clients_data', clientsData)
-
-      // 向web端推送数据
       let timer = null
       timer = setInterval(() => {
         socket.emit('clients_data', clientsData)
       }, 1000)
 
-      // 关闭连接
       socket.on('disconnect', () => {
-        // 防止内存泄漏
-        if(timer) clearInterval(timer)
-        // 当web端与服务端断开连接时, 服务端与每个客户端的socket也应该断开连接
-        clientSockets[socket.id].forEach(socket => socket.close && socket.close())
-        delete clientSockets[socket.id]
-        consola.info('断开socketId: ', socket.id, 'clients-socket剩余连接数: ', Object.keys(clientSockets).length)
+        if (timer) clearInterval(timer)
+        clientSockets.forEach(item => item.clientSocket.close && item.clientSocket.close())
+        clientSockets = []
+        clientsData = {}
+        consola.info('clients-socket 连接断开: ', socket.id)
       })
     })
   })

server/app/socket/host-status.js

@@ -1,74 +0,0 @@
-const { Server: ServerIO } = require('socket.io')
-const { io: ClientIO } = require('socket.io-client')
-const { clientPort } = require('../config')
-const { verifyAuth } = require('../utils')
-
-let hostSockets = {}
-
-function getHostInfo(serverSocket, host) {
-  let hostSocket = ClientIO(`http://${ host }:${ clientPort }`, {
-    path: '/client/os-info',
-    forceNew: false,
-    timeout: 5000,
-    reconnectionDelay: 3000,
-    reconnectionAttempts: 100
-  })
-  // 将与客户端连接的socket实例保存起来，web端断开时关闭与客户端的连接
-  hostSockets[serverSocket.id] = hostSocket
-
-  hostSocket
-    .on('connect', () => {
-      consola.success('host-status-socket连接成功:', host)
-      hostSocket.on('client_data', (data) => {
-        serverSocket.emit('host_data', data)
-      })
-      hostSocket.on('client_error', () => {
-        serverSocket.emit('host_data', null)
-      })
-    })
-    .on('connect_error', (error) => {
-      consola.error('host-status-socket连接[失败]:', host, error.message)
-      serverSocket.emit('host_data', null)
-    })
-    .on('disconnect', () => {
-      consola.info('host-status-socket连接[断开]:', host)
-      serverSocket.emit('host_data', null)
-    })
-}
-
-module.exports = (httpServer) => {
-  const serverIo = new ServerIO(httpServer, {
-    path: '/host-status',
-    cors: {
-      origin: '*' // 需配置跨域
-    }
-  })
-
-  serverIo.on('connection', (serverSocket) => {
-    // 前者兼容nginx反代, 后者兼容nodejs自身服务
-    let clientIp = serverSocket.handshake.headers['x-forwarded-for'] || serverSocket.handshake.address
-    serverSocket.on('init_host_data', ({ token, host }) => {
-      // 校验登录态
-      const { code, msg } = verifyAuth(token, clientIp)
-      if(code !== 1) {
-        serverSocket.emit('token_verify_fail', msg || '鉴权失败')
-        serverSocket.disconnect()
-        return
-      }
-
-      // 获取客户端数据
-      getHostInfo(serverSocket, host)
-
-      consola.info('host-status-socket连接socketId: ', serverSocket.id, 'host-status-socket已连接数: ', Object.keys(hostSockets).length)
-
-      // 关闭连接
-      serverSocket.on('disconnect', () => {
-        // 当web端与服务端断开连接时, 服务端与每个客户端的socket也应该断开连接
-        let socket = hostSockets[serverSocket.id]
-        socket.close && socket.close()
-        delete hostSockets[serverSocket.id]
-        consola.info('host-status-socket剩余连接数: ', Object.keys(hostSockets).length)
-      })
-    })
-  })
-}

server/app/socket/monitor.js

@@ -1,71 +0,0 @@
-const { Server } = require('socket.io')
-const schedule = require('node-schedule')
-const axios = require('axios')
-let getOsData = require('../utils/os-data')
-const consola = require('consola')
-
-let serverSockets = {}, ipInfo = {}, osData = {}
-
-async function getIpInfo() {
-  try {
-    let { data } = await axios.get('http://ip-api.com/json?lang=zh-CN')
-    consola.success('getIpInfo Success: ', new Date())
-    ipInfo = data
-  } catch (error) {
-    consola.error('getIpInfo Error: ', new Date(), error)
-  }
-}
-
-function ipSchedule() {
-  let rule1 = new schedule.RecurrenceRule()
-  rule1.second = [0, 30]
-  schedule.scheduleJob(rule1, () => {
-    let { query, country, city } = ipInfo || {}
-    if(query && country && city) return
-    consola.success('Task: start getIpInfo', new Date())
-    getIpInfo()
-  })
-
-  // 每日凌晨两点整,刷新ip信息(兼容动态ip服务器)
-  let rule2 = new schedule.RecurrenceRule()
-  rule2.hour = 2
-  rule2.minute = 0
-  rule2.second = 0
-  schedule.scheduleJob(rule2, () => {
-    consola.info('Task: refresh ip info', new Date())
-    getIpInfo()
-  })
-}
-
-ipSchedule()
-
-module.exports = (httpServer) => {
-  const serverIo = new Server(httpServer, {
-    path: '/client/os-info',
-    cors: {
-      origin: '*'
-    }
-  })
-
-  serverIo.on('connection', (socket) => {
-    // 存储对应websocket连接的定时器
-    serverSockets[socket.id] = setInterval(async () => {
-      try {
-        osData = await getOsData()
-        socket && socket.emit('client_data', Object.assign(osData, { ipInfo }))
-      } catch (error) {
-        consola.error('客户端错误：', error)
-        socket && socket.emit('client_error', { error })
-      }
-    }, 1000)
-
-    socket.on('disconnect', () => {
-      // 断开时清楚对应的websocket连接
-      if(serverSockets[socket.id]) clearInterval(serverSockets[socket.id])
-      delete serverSockets[socket.id]
-      socket.close && socket.close()
-      socket = null
-      // console.log('断开socketId: ', socket.id, '剩余链接数: ', Object.keys(serverSockets).length)
-    })
-  })
-}

server/app/socket/onekey.js

@@ -0,0 +1,217 @@
+const { Server } = require('socket.io')
+const { Client: SSHClient } = require('ssh2')
+const { sendNoticeAsync } = require('../utils/notify')
+const { verifyAuthSync } = require('../utils/verify-auth')
+const { shellThrottle } = require('../utils/tools')
+const { AESDecryptAsync } = require('../utils/encrypt')
+const { isAllowedIp } = require('../utils/tools')
+const { HostListDB, CredentialsDB, OnekeyDB } = require('../utils/db-class')
+const hostListDB = new HostListDB().getInstance()
+const credentialsDB = new CredentialsDB().getInstance()
+const onekeyDB = new OnekeyDB().getInstance()
+
+const execStatusEnum = {
+  connecting: '连接中',
+  connectFail: '连接失败',
+  executing: '执行中',
+  execSuccess: '执行成功',
+  execFail: '执行失败',
+  execTimeout: '执行超时',
+  socketInterrupt: '执行中断'
+}
+
+let isExecuting = false
+let execResult = []
+let execClient = []
+
+function disconnectAllExecClient() {
+  execClient.forEach((sshClient) => {
+    if (sshClient) {
+      sshClient.end()
+      sshClient.destroy()
+      sshClient = null
+    }
+  })
+}
+
+function execShell(socket, sshClient, curRes, resolve) {
+  const throttledDataHandler = shellThrottle(() => {
+    socket.emit('output', execResult)
+    // const memoryUsage = process.memoryUsage()
+    // const formattedMemoryUsage = {
+    //   rss: (memoryUsage.rss / 1024 / 1024).toFixed(2) + ' MB', // Resident Set Size: total memory allocated for the process execution
+    //   heapTotal: (memoryUsage.heapTotal / 1024 / 1024).toFixed(2) + ' MB', // Total size of the allocated heap
+    //   heapUsed: (memoryUsage.heapUsed / 1024 / 1024).toFixed(2) + ' MB', // Actual memory used during the execution
+    //   external: (memoryUsage.external / 1024 / 1024).toFixed(2) + ' MB', // Memory used by "external" components like V8 external memory
+    //   arrayBuffers: (memoryUsage.arrayBuffers / 1024 / 1024).toFixed(2) + ' MB' // Memory allocated for ArrayBuffer and SharedArrayBuffer, including all Node.js Buffers
+    // }
+    // console.log(formattedMemoryUsage)
+  }, 500) // 防止内存爆破
+  sshClient.exec(curRes.command, function(err, stream) {
+    if (err) {
+      console.log(curRes.host, '命令执行失败:', err)
+      curRes.status = execStatusEnum.execFail
+      curRes.result += err.toString()
+      socket.emit('output', execResult)
+      return
+    }
+    stream
+      .on('close', async () => {
+        // shell关闭后，再执行一次输出，防止最后一次节流函数发生在延迟时间内导致终端的输出数据丢失
+        await throttledDataHandler.last() // 等待最后一次节流函数执行完成，再执行一次数据输出
+        // console.log('onekey终端执行完成, 关闭连接: ', curRes.host)
+        if (curRes.status === execStatusEnum.executing) {
+          curRes.status = execStatusEnum.execSuccess
+        }
+        socket.emit('output', execResult)
+        resolve(curRes)
+        sshClient.end()
+      })
+      .on('data', (data) => {
+        // console.log(curRes.host, '执行中: \n' + data)
+        curRes.status = execStatusEnum.executing
+        curRes.result += data.toString()
+        // socket.emit('output', execResult)
+        throttledDataHandler(data)
+      })
+      .stderr
+      .on('data', (data) => {
+        // console.log(curRes.host, '命令执行过程中产生错误: ' + data)
+        curRes.status = execStatusEnum.executing
+        curRes.result += data.toString()
+        // socket.emit('output', execResult)
+        throttledDataHandler(data)
+      })
+  })
+}
+
+module.exports = (httpServer) => {
+  const serverIo = new Server(httpServer, {
+    path: '/onekey',
+    cors: {
+      origin: '*'
+    }
+  })
+  serverIo.on('connection', (socket) => {
+    // 前者兼容nginx反代, 后者兼容nodejs自身服务
+    let requestIP = socket.handshake.headers['x-forwarded-for'] || socket.handshake.address
+    if (!isAllowedIp(requestIP)) {
+      socket.emit('ip_forbidden', 'IP地址不在白名单中')
+      socket.disconnect()
+      return
+    }
+    consola.success('onekey-terminal websocket 已连接')
+    if (isExecuting) {
+      socket.emit('create_fail', '正在执行中, 请稍后再试')
+      socket.disconnect()
+      return
+    }
+    isExecuting = true
+    socket.on('create', async ({ hostIds, token, command, timeout }) => {
+      const { code } = await verifyAuthSync(token, requestIP)
+      if (code !== 1) {
+        socket.emit('token_verify_fail')
+        socket.disconnect()
+        return
+      }
+      setTimeout(() => {
+        // 超时未执行完成，强制断开连接
+        const { connecting, executing } = execStatusEnum
+        execResult.forEach(item => {
+          // 连接中和执行中的状态设定为超时
+          if ([connecting, executing].includes(item.status)) {
+            item.status = execStatusEnum.execTimeout
+          }
+        })
+        let reason = `执行超时,已强制终止执行 - 超时时间${ timeout }秒`
+        sendNoticeAsync('onekey_complete', '批量指令执行超时', reason)
+        socket.emit('timeout', { reason, result: execResult })
+        socket.disconnect()
+        disconnectAllExecClient()
+      }, timeout * 1000)
+      console.log('hostIds:', hostIds)
+      // console.log('token:', token)
+      console.log('command:', command)
+      const hostList = await hostListDB.findAsync({})
+      const targetHostsInfo = hostList.filter(item => hostIds.some(id => item._id === id)) || {}
+      // console.log('targetHostsInfo:', targetHostsInfo)
+      if (!targetHostsInfo.length) return socket.emit('create_fail', `未找到【${ hostIds }】服务器信息`)
+      // 查找 hostInfo -> 并发执行
+      socket.emit('ready')
+      let execPromise = targetHostsInfo.map((hostInfo, index) => {
+        // eslint-disable-next-line no-async-promise-executor
+        return new Promise(async (resolve, reject) => {
+          setTimeout(() => reject('执行超时'), timeout * 1000)
+          let { authType, host, port, username } = hostInfo
+          let authInfo = { host, port, username }
+          let curRes = { command, host, port, name: hostInfo.name, result: '', status: execStatusEnum.connecting, date: Date.now() - (targetHostsInfo.length - index) } // , execStatusEnum
+          execResult.push(curRes)
+          try {
+            if (authType === 'credential') {
+              let credentialId = await AESDecryptAsync(hostInfo['credential'])
+              const sshRecordList = await credentialsDB.findAsync({})
+              const sshRecord = sshRecordList.find(item => item._id === credentialId)
+              authInfo.authType = sshRecord.authType
+              authInfo[authInfo.authType] = await AESDecryptAsync(sshRecord[authInfo.authType])
+            } else {
+              authInfo[authType] = await AESDecryptAsync(hostInfo[authType])
+            }
+            consola.info('准备连接终端执行一次性指令：', host)
+            consola.log('连接信息', { username, port, authType })
+            let sshClient = new SSHClient()
+            execClient.push(sshClient)
+            sshClient
+              .on('ready', () => {
+                consola.success('连接终端成功：', host)
+                // socket.emit('connect_success', `已连接到终端：${ host }`)
+                execShell(socket, sshClient, curRes, resolve)
+              })
+              .on('error', (err) => {
+                console.log(err)
+                consola.error('onekey终端连接失败:', err.level)
+                curRes.status = execStatusEnum.connectFail
+                curRes.result += err.message
+                socket.emit('output', execResult)
+                resolve(curRes)
+              })
+              .connect({
+                ...authInfo
+              // debug: (info) => console.log(info)
+              })
+          } catch (err) {
+            consola.error('创建终端错误:', err.message)
+            curRes.status = execStatusEnum.connectFail
+            curRes.result += err.message
+            socket.emit('output', execResult)
+            resolve(curRes)
+          }
+        })
+      })
+      try {
+        await Promise.all(execPromise)
+        consola.success('onekey执行完成')
+        socket.emit('exec_complete')
+        sendNoticeAsync('onekey_complete', '批量指令执行完成', '请登录面板查看执行结果')
+        socket.disconnect()
+      } catch (error) {
+        consola.error('onekey执行失败', error)
+      }
+    })
+
+    socket.on('disconnect', async (reason) => {
+      consola.info('onekey终端连接断开:', reason)
+      disconnectAllExecClient()
+      const { execSuccess, connectFail, execFail, execTimeout } = execStatusEnum
+      execResult.forEach(item => {
+        // 非服务端手动断开连接且命令执行状态为非完成\失败\超时, 判定为客户端主动中断
+        if (reason !== 'server namespace disconnect' && ![execSuccess, execFail, execTimeout, connectFail].includes(item.status)) {
+          item.status = execStatusEnum.socketInterrupt
+        }
+      })
+      await onekeyDB.insertAsync(execResult)
+      isExecuting = false
+      execResult = []
+      execClient = []
+    })
+  })
+}

server/app/socket/plus.js

@@ -0,0 +1 @@
+U2FsdGVkX1+P63MsIfF2N9/XM16sWy0/pZMWy+0Ptf+FhySv/AiawI4Pcf/HQU7Auxde+GszGb7+t+i1Ckngo6VK9PkwALR87GbqCJtGeMazZTkEGkmNuePdpej0O3oAuwITI1FOKPW4Xe4RIFAkJfghqCgUD0Ps0Y6sPwIxOX7fTi4TopNksRMQ5X+UvezrGnPsF5EC2CAPmKwtRFWVqx5csAFhifvMxwEA+WCA7l9KLLvcybGtY4RZf0uSLb6qGxrJBN/zbQ1MMxVw9JbUML09uQ3VKLvQMJZmjctIpZDr4YEMMMdDD/qDk64feV8Tc5VPENsyl2i9kxZ4Z3s5pUu6oDm+/GE2ag0OMITgg7Wc6QpeqlWJwgAeGuqxz2nnuQfGbhHv4g800Hwc7C6ylYgHHeSY+gx39PyDQy1tE7vtW/83ZQUSgWRXxMYTMHUgYKh6P3XG+HxJz6vRjpZqwjPIc3jd253EQnHVG4YZ7VxjBFwpcmidnkvKMa+dvQSZypOL3XLKlMSGdMWFbtVuw4MMYnTBadWkS3eekdVFtvpG5NRqga0TBxPeoISLsn717u9BYcROHvPzvX/MKG7S9CGClZb4mYbOPxKmENPT6AvQbCrzOlK6X/kHTLOxivc2O5uzL4CRXBKFDeaAUJqs/PLZuCfvdmMBKPiMQpCLtFBYCXoxDarggu2D8EZYcoxFPJ/YE7sy/bFa52hQ0V1wYXkhwez1Q4Q3PH1dqdzOESOI30KEOk9TwkEhdV69ymZ6rb6cXWy1KOph2Vo8dQhgNItgvNCCyEuojR54eXnh8x7R1FHmITrobfRZZOYmpFFRZntirTpkEDvt8sPR7G+STcfKc+OgNVoCSV2Ca79Ex0BVACRxWTrafC+VX80mQGldt3wwTk2P+7mcTl0NqH6F7hfzaDjHLy/pbd/78lJLToMz7K1/PaPfOAlVsD5MTh2hefAmqTDZRKfBHyQQjwgh2hNqpmzP2tcQqO5qeigk3fzvZjyXAX2Zqu85hc6QI0Quc4zRS1hb0uY93mnOLnOksTgCNPZHDCTmzT7N0v4D/oABq2VyFFDIvMlzy1kD1WnpmhPldfm+J268QnGfMoR7ob6quZB660xc3V/9zN16ZeVKAhFfzwVHApubxTOYtIIQWLzGj9Q2eqYCXf2p3n8CYF8YV3L1LT6FxEK//MOBXZZbf7JC7tkSWb0EdRf2wuxlDocrxXzSTuIFlpBuG4Dcjf9wVCn3NuQJhqVAdxSX98K/sJpKYPELyYwTvSwG8v2MApAAgv7v+NfgSswXGCVlYpeildrVM4AafoZjBVb4OJK5YvDgmhyhzKP8copwAwi2/tGK8x/fiT0oTQhR60c7wZBuaj3/D0uDxNCcRct5/DYvb3dU1qMDmPfw0BNE7xhHouVLM12tdSnZxxFWgq5747aOpD+yYfgQBxToXsAbfEZLZLfRXPqcNjJWdnY1ZlqARyrzFKbBlGu/HhdEpldDxhdOFLkjytrA7NzvKJKfWvxbtv+jkVYL6SNdLfRoaUe0ecPJH/Gq12FhRXXudPRQT/xqQ5TXCJZ41gkmd7B9oMuVrmpDhaSKkX1loSj/Mhezzq5vIrZPd3+qK7wMeFrxvY7E4wIlK1gZdyQXBzUh8VPQzY6KFEDV4fekqkxkdKm4oX8Ij3IJfuX52+lIJdhL3t3p/j7mLLc1L9hvRudgWnujLEOi8syJv8EkKARC9OmO0S1okf1R805fenbS6MiM7zoFqza6iNn/9uJwgzCjxoTqpLoPwU2OYQyN3h4LnRoV5qsCo/RUunrdkAAQp85iTMSTWm0ux9R/jy+IHe62zwfrCq9xsdqMZ/0MZPRAyGIh5Cr0JbhXwT5s8meI5MgjJ107+hfSdo0ufSqGnceTfvfNVGUt8KO2PWFwgb7fyAiirnIL53lgKOo8dD4tDVZjfClGdIG7KJFty5M3rzyCyPl5ZeQJRD6YZVZG3HPFt4BDPDecPMK63zvrX9zSK3FV5GyBgZQQVMQbou+gpnGdSGw3NI0agN47hRYjFsbvGPrVjBKiPrfnBKkd2lyqKvd2cns/yYmgGXtehYasnPLU01dvRHicQ+TduvMR4NYMCytiDbiKqwBaYI+yt7cKNSf4cQQT9b3DD8pl9dQhzrnAY0tHxSLCVZzl7LCbYzaITQRLzBoIzCmPrFGLj6j2HuGc+gQ3Hd2/HisVAYxbW6Fu0SXQa9nnGW7k+3AJFRs5EvF++QffNW2rMYaBqr+c1jfwURzc7dGD8PNtDJkx3T6eSKx9l4iWR5/LDW+SXrk2OCzMdznsBNCJJbaKzUqs1HlIEuwQ/hHMjk4M+f4/SmbECE3cQXd+nseEoUnKbn/MiWi2lNyjacXuLTtrjDITK9jIZD0Ixfci5Eer2fuPJw7RXr1rb8bjlZWttpjN45NORLB8usjiiEdklPjQMUmTjXgALATorkWt6vc76zB4Fbk5jOwJ53+W1RqvUxt5S+WIhH55jOxYHqrEppguVMw1w4RIceaL/CYunwHxiD5w58hjJ4bR5fXjwARwM/EDGHgPvfV0dDxhBxbBtKrcemUYlBI40wwbOuDgfdnfcJNVCxaVX0Hto/VuqXvfP3eoQT2Vasz96y2/GbSS0rBGtNn9EzPwGZvBrumbl4ezQJp+HjSN65GLXjDNY+ZajGaOs+pK1O8ooAqODnfAhPd3LkMxQxlkqNy8l4KFUPA1lqd8ohK+4UThmfRCQDKPLTdFV/oTvEdBo0d/oN3xJM9ValH+0e3w86b+cmXnLzUxUzeIhmXWW8ctGtNmzV2fewh8ChPl75MCU5d88uzC03YbfZHOOtokTqkhLYhz4il7KSnA+EFEWB7GOvVqnkM/LAwDcJ/1qvqBah+WnDs9uQXTF+QXn/N1q/+83lu9JQWK0crV2mTJHk8efTHBn6oEN8P9pXf2BCJQzbukA/q50QvQU33p8P2VOqL/bHwsaolIhWrys5lyM4pwpMqxvnP5YIFjEhGhcCHLtqL5jvETh3X78HHiEhjmNzwtj3wa/NrgvzJhepqWWGGBK1DEYoMj21cFPpUeB/+2

server/app/socket/sftp.js

@@ -1,29 +1,18 @@
-const { Server } = require('socket.io')
-const SFTPClient = require('ssh2-sftp-client')
 const rawPath = require('path')
-const fs = require('fs')
-const { readSSHRecord, verifyAuth, RSADecrypt, AESDecrypt } = require('../utils')
-const { sftpCacheDir } = require('../config')
+const fs = require('fs-extra')
+const SFTPClient = require('ssh2-sftp-client')
 const CryptoJS = require('crypto-js')
+const { Server } = require('socket.io')
+const { sftpCacheDir } = require('../config')
+const { verifyAuthSync } = require('../utils/verify-auth')
+const { AESDecryptAsync } = require('../utils/encrypt')
+const { isAllowedIp } = require('../utils/tools')
+const { HostListDB, CredentialsDB } = require('../utils/db-class')
+const hostListDB = new HostListDB().getInstance()
+const credentialsDB = new CredentialsDB().getInstance()
 
-function clearDir(path, rmSelf = false) {
-  let files = []
-  if(!fs.existsSync(path)) return consola.info('clearDir: 目标文件夹不存在')
-  files = fs.readdirSync(path)
-  files.forEach((file) => {
-    let curPath = path + '/' + file
-    if(fs.statSync(curPath).isDirectory()){
-      clearDir(curPath) //递归删除文件夹
-      fs.rmdirSync(curPath) // 删除文件夹
-    } else {
-      fs.unlinkSync(curPath) //删除文件
-    }
-  })
-  if(rmSelf) fs.rmdirSync(path)
-  consola.success('clearDir: 已清空缓存文件')
-}
+// 读取切片
 const pipeStream = (path, writeStream) => {
-  // console.log('path', path)
   return new Promise(resolve => {
     const readStream = fs.createReadStream(path)
     readStream.on('end', () => {
@@ -35,12 +24,12 @@ const pipeStream = (path, writeStream) => {
 }
 
 function listenInput(sftpClient, socket) {
-  socket.on('open_dir', async (path) => {
+  socket.on('open_dir', async (path, tips = true) => {
     const exists = await sftpClient.exists(path)
-    if(!exists) return socket.emit('not_exists_dir', '目录不存在或当前不可访问')
+    if (!exists) return socket.emit('not_exists_dir', tips ? '目录不存在或当前不可访问' : '')
     try {
       let dirLs = await sftpClient.list(path)
-      socket.emit('dir_ls', dirLs)
+      socket.emit('dir_ls', dirLs, path)
     } catch (error) {
       consola.error('open_dir Error', error.message)
       socket.emit('sftp_error', error.message)
@@ -48,7 +37,8 @@ function listenInput(sftpClient, socket) {
   })
   socket.on('rm_dir', async (path) => {
     const exists = await sftpClient.exists(path)
-    if(!exists) return socket.emit('not_exists_dir', '目录不存在或当前不可访问')
+    if (!exists) return socket.emit('not_exists_dir', '目录不存在或当前不可访问')
+    consola.info('rm_dir: ', path)
     try {
       let res = await sftpClient.rmdir(path, true) // 递归删除
       socket.emit('rm_success', res)
@@ -59,7 +49,7 @@ function listenInput(sftpClient, socket) {
   })
   socket.on('rm_file', async (path) => {
     const exists = await sftpClient.exists(path)
-    if(!exists) return socket.emit('not_exists_dir', '文件不存在或当前不可访问')
+    if (!exists) return socket.emit('not_exists_dir', '文件不存在或当前不可访问')
     try {
       let res = await sftpClient.delete(path)
       socket.emit('rm_success', res)
@@ -70,32 +60,34 @@ function listenInput(sftpClient, socket) {
   })
   // socket.on('down_dir', async (path) => {
   //   const exists = await sftpClient.exists(path)
-  //   if(!exists) return socket.emit('not_exists_dir', '文件夹不存在或当前不可访问')
+  //   if(!exists) return socket.emit('not_exists_dir', '目录不存在或当前不可访问')
   //   let res = await sftpClient.downloadDir(path, sftpCacheDir)
   //   socket.emit('down_dir_success', res)
   // })
+
+  // 下载
   socket.on('down_file', async ({ path, name, size, target = 'down' }) => {
     // target: down or preview
     const exists = await sftpClient.exists(path)
-    if(!exists) return socket.emit('not_exists_dir', '文件不存在或当前不可访问')
+    if (!exists) return socket.emit('not_exists_dir', '文件不存在或当前不可访问')
     try {
       const localPath = rawPath.join(sftpCacheDir, name)
       let timer = null
       let res = await sftpClient.fastGet(path, localPath, {
         step: step => {
-          if(timer) return
+          if (timer) return
           timer = setTimeout(() => {
             const percent = Math.ceil((step / size) * 100) // 下载进度为服务器下载到服务端的进度，前端无需*2
             console.log(`从服务器下载进度：${ percent }%`)
             socket.emit('down_file_progress', percent)
             timer = null
-          }, 200)
+          }, 1500)
         }
       })
       consola.success('sftp下载成功: ', res)
       let buffer = fs.readFileSync(localPath)
       let data = { buffer, name }
-      switch(target) {
+      switch (target) {
         case 'down':
           socket.emit('down_file_success', data)
           break
@@ -109,10 +101,12 @@ function listenInput(sftpClient, socket) {
       socket.emit('sftp_error', error.message)
     }
   })
+
+  // 上传
   socket.on('up_file', async ({ targetPath, fullPath, name, file }) => {
-    console.log({ targetPath, fullPath, name, file })
+    // console.log({ targetPath, fullPath, name, file })
     const exists = await sftpClient.exists(targetPath)
-    if(!exists) return socket.emit('not_exists_dir', '文件夹不存在或当前不可访问')
+    if (!exists) return socket.emit('not_exists_dir', '目录不存在或当前不可访问')
     try {
       const localPath = rawPath.join(sftpCacheDir, name)
       fs.writeFileSync(localPath, file)
@@ -125,43 +119,60 @@ function listenInput(sftpClient, socket) {
     }
   })
 
+  // 上传目录先在目标sftp服务器创建目录
+  socket.on('create_remote_dir', async ({ targetDirPath, foldersName }) => {
+    let baseFolderPath = rawPath.posix.join(targetDirPath, foldersName[0].split('/')[0])
+    let baseFolderPathExists = await sftpClient.exists(baseFolderPath)
+    if (baseFolderPathExists) return socket.emit('create_remote_dir_exists', `远程目录已存在: ${ baseFolderPath }`)
+    consola.info('准备创建远程服务器目录:', foldersName)
+    for (const folderName of foldersName) {
+      const fullPath = rawPath.posix.join(targetDirPath, folderName)
+      const exists = await sftpClient.exists(fullPath)
+      if (exists) continue
+      await sftpClient.mkdir(fullPath, true)
+      socket.emit('create_remote_dir_progress', fullPath)
+      consola.info('创建目录:', fullPath)
+    }
+    socket.emit('create_remote_dir_success')
+  })
+
   /** 分片上传 */
-  // 1. 创建本地缓存文件夹
+  // 1. 创建本地缓存目录
   let md5List = []
-  socket.on('create_cache_dir', async ({ targetPath, name }) => {
-    // console.log({ targetPath, name })
-    const exists = await sftpClient.exists(targetPath)
-    if(!exists) return socket.emit('not_exists_dir', '文件夹不存在或当前不可访问')
+  socket.on('create_cache_dir', async ({ targetDirPath, name }) => {
+    // console.log({ targetDirPath, name })
+    const exists = await sftpClient.exists(targetDirPath)
+    if (!exists) return socket.emit('not_exists_dir', '目录不存在或当前不可访问')
     md5List = []
     const localPath = rawPath.join(sftpCacheDir, name)
-    if(fs.existsSync(localPath)) clearDir(localPath) // 清空目录
-    fs.mkdirSync(localPath, { recursive: true })
-    console.log('================create_cache_success================')
+    fs.emptyDirSync(localPath) // 不存在会创建，存在则清空
     socket.emit('create_cache_success')
   })
+  // 2. 上传分片到面板服务
   socket.on('up_file_slice', async ({ name, sliceFile, fileIndex }) => {
     // console.log('up_file_slice:', fileIndex, name)
     try {
       let md5 = `${ fileIndex }.${ CryptoJS.MD5(fileIndex+name).toString() }`
-      const localPath = rawPath.join(sftpCacheDir, name, md5)
-      md5List.push(localPath)
-      fs.writeFileSync(localPath, sliceFile)
+      const md5LocalPath = rawPath.join(sftpCacheDir, name, md5)
+      md5List.push(md5LocalPath)
+      fs.writeFileSync(md5LocalPath, sliceFile)
       socket.emit('up_file_slice_success', md5)
     } catch (error) {
       consola.error('up_file_slice Error', error.message)
       socket.emit('up_file_slice_fail', error.message)
     }
   })
-  socket.on('up_file_slice_over', async ({ name, fullPath, range, size }) => {
-    const resultDirPath = rawPath.join(sftpCacheDir, name)
+  // 3. 合并分片上传到服务器
+  socket.on('up_file_slice_over', async ({ name, targetFilePath, range, size }) => {
+    const md5CacheDirPath = rawPath.join(sftpCacheDir, name)
     const resultFilePath = rawPath.join(sftpCacheDir, name, name)
+    fs.ensureDirSync(md5CacheDirPath)
     try {
 	    console.log('md5List: ', md5List)
 	    const arr = md5List.map((chunkFilePath, index) => {
 	      return pipeStream(
 	        chunkFilePath,
-	        // 指定位置创建可写流
-	        fs.createWriteStream(resultFilePath, {
+	        fs.createWriteStream(resultFilePath, { // 指定位置创建可写流
 	          start: index * range,
 	          end: (index + 1) * range
 	        })
@@ -170,9 +181,9 @@ function listenInput(sftpClient, socket) {
 	    md5List = []
 	    await Promise.all(arr)
 	    let timer = null
-	    let res = await sftpClient.fastPut(resultFilePath, fullPath, {
+	    let res = await sftpClient.fastPut(resultFilePath, targetFilePath, {
 	      step: step => {
-	        if(timer) return
+	        if (timer) return
 	        timer = setTimeout(() => {
 	          const percent = Math.ceil((step / size) * 100)
 	          console.log(`上传服务器进度：${ percent }%`)
@@ -183,11 +194,14 @@ function listenInput(sftpClient, socket) {
 	    })
 	    consola.success('sftp上传成功: ', res)
 	    socket.emit('up_file_success', res)
-	    clearDir(resultDirPath, true) // 传服务器后移除文件夹及其文件
     } catch (error) {
 	    consola.error('sftp上传失败: ', error.message)
       socket.emit('up_file_fail', error.message)
-	    clearDir(resultDirPath, true) // 传服务器后移除文件夹及其文件
+    } finally {
+      fs.remove(md5CacheDirPath)
+        .then(() => {
+          console.log('clean md5CacheDirPath:', md5CacheDirPath)
+        })
     }
   })
 }
@@ -201,34 +215,52 @@ module.exports = (httpServer) => {
   })
   serverIo.on('connection', (socket) => {
     // 前者兼容nginx反代, 后者兼容nodejs自身服务
-    let clientIp = socket.handshake.headers['x-forwarded-for'] || socket.handshake.address
+    let requestIP = socket.handshake.headers['x-forwarded-for'] || socket.handshake.address
+    if (!isAllowedIp(requestIP)) {
+      socket.emit('ip_forbidden', 'IP地址不在白名单中')
+      socket.disconnect()
+      return
+    }
     let sftpClient = new SFTPClient()
     consola.success('terminal websocket 已连接')
 
-    socket.on('create', ({ host: ip, token }) => {
-      const { code } = verifyAuth(token, clientIp)
-      if(code !== 1) {
+    socket.on('create', async ({ hostId, token }) => {
+      const { code } = await verifyAuthSync(token, requestIP)
+      consola.log('code:', code)
+      if (code !== 1) {
         socket.emit('token_verify_fail')
         socket.disconnect()
         return
       }
-      const sshRecord = readSSHRecord()
-      let loginInfo = sshRecord.find(item => item.host === ip)
-      if(!sshRecord.some(item => item.host === ip)) return socket.emit('create_fail', `未找到【${ ip }】凭证`)
-      let { type, host, port, username, randomKey } = loginInfo
-      // 解密放到try里面，防止报错【公私钥必须配对, 否则需要重新添加服务器密钥】
-      randomKey = AESDecrypt(randomKey) // 先对称解密key
-      randomKey = RSADecrypt(randomKey) // 再非对称解密key
-      loginInfo[type] = AESDecrypt(loginInfo[type], randomKey) // 对称解密ssh密钥
-      consola.info('准备连接Sftp：', host)
-      const authInfo = { host, port, username, [type]: loginInfo[type] }
-      sftpClient.connect(authInfo)
+      const targetHostInfo = await hostListDB.findOneAsync({ _id: hostId })
+      if (!targetHostInfo) throw new Error(`Host with ID ${ hostId } not found`)
+      let { authType, host, port, username } = targetHostInfo
+      if (!host) return socket.emit('create_fail', `查找id【${ hostId }】凭证信息失败`)
+      let authInfo = { host, port, username }
+
+      // 解密放到try里面，防止报错【commonKey必须配对, 否则需要重新添加服务器密钥】
+      if (authType === 'credential') {
+        let credentialId = await AESDecryptAsync(targetHostInfo[authType])
+        const sshRecordList = await credentialsDB.findAsync({})
+        const sshRecord = sshRecordList.find(item => item._id === credentialId)
+        authInfo.authType = sshRecord.authType
+        authInfo[authInfo.authType] = await AESDecryptAsync(sshRecord[authInfo.authType])
+      } else {
+        authInfo[authType] = await AESDecryptAsync(targetHostInfo[authType])
+      }
+      consola.info('准备连接Sftp面板：', host)
+      targetHostInfo[targetHostInfo.authType] = await AESDecryptAsync(targetHostInfo[targetHostInfo.authType])
+
+      consola.log('连接信息', { username, port, authType })
+      sftpClient
+        .connect(authInfo)
         .then(() => {
           consola.success('连接Sftp成功：', host)
+          fs.ensureDirSync(sftpCacheDir)
           return sftpClient.list('/')
         })
         .then((rootLs) => {
-        // 普通文件-、目录文件d、链接文件l
+          // 普通文件-、目录文件d、链接文件l
           socket.emit('root_ls', rootLs) // 先返回根目录
           listenInput(sftpClient, socket) // 监听前端请求
         })
@@ -248,8 +280,10 @@ module.exports = (httpServer) => {
         })
         .finally(() => {
           sftpClient = null
-          const cacheDir = rawPath.join(sftpCacheDir)
-          clearDir(cacheDir)
+          fs.emptyDir(sftpCacheDir)
+            .then(() => {
+              consola.success('clean sftpCacheDir: ', sftpCacheDir)
+            })
         })
     })
   })

server/app/socket/terminal.js

@@ -1,87 +1,163 @@
+const path = require('path')
 const { Server } = require('socket.io')
 const { Client: SSHClient } = require('ssh2')
-const { readSSHRecord, verifyAuth, RSADecrypt, AESDecrypt } = require('../utils')
+const { verifyAuthSync } = require('../utils/verify-auth')
+const { sendNoticeAsync } = require('../utils/notify')
+const { isAllowedIp, ping } = require('../utils/tools')
+const { AESDecryptAsync } = require('../utils/encrypt')
+const { HostListDB, CredentialsDB } = require('../utils/db-class')
+const decryptAndExecuteAsync = require('../utils/decrypt-file')
+const hostListDB = new HostListDB().getInstance()
+const credentialsDB = new CredentialsDB().getInstance()
 
-function createTerminal(socket, sshClient) {
-  sshClient.shell({ term: 'xterm-color' }, (err, stream) => {
-    if (err) return socket.emit('output', err.toString())
-    // 终端输出
-    stream
-      .on('data', (data) => {
-        socket.emit('output', data.toString())
-      })
-      .on('close', () => {
-        consola.info('关闭终端')
-        sshClient.end()
-      })
-    // web端输入
-    socket.on('input', key => {
-      if(sshClient._sock.writable === false) return consola.info('终端连接已关闭')
-      stream.write(key)
-    })
-    socket.emit('connect_terminal') // 已连接终端，web端可以执行指令了
+async function getConnectionOptions(hostId) {
+  const hostInfo = await hostListDB.findOneAsync({ _id: hostId })
+  if (!hostInfo) throw new Error(`Host with ID ${ hostId } not found`)
+  let { authType, host, port, username, name } = hostInfo
+  let authInfo = { host, port, username }
+  try {
+    if (authType === 'credential') {
+      let credentialId = await AESDecryptAsync(hostInfo[authType])
+      const sshRecord = await credentialsDB.findOneAsync({ _id: credentialId })
+      authInfo.authType = sshRecord.authType
+      authInfo[authInfo.authType] = await AESDecryptAsync(sshRecord[authInfo.authType])
+    } else {
+      authInfo[authType] = await AESDecryptAsync(hostInfo[authType])
+    }
+    return { authInfo, name }
+  } catch (err) {
+    throw new Error(`解密认证信息失败: ${ err.message }`)
+  }
+}
 
-    // 监听按键重置终端大小
-    socket.on('resize', ({ rows, cols }) => {
-      consola.info('更改tty终端行&列: ', { rows, cols })
-      stream.setWindow(rows, cols)
+function createInteractiveShell(socket, targetSSHClient) {
+  return new Promise((resolve) => {
+    targetSSHClient.shell({ term: 'xterm-color' }, (err, stream) => {
+      resolve(stream)
+      if (err) return socket.emit('output', err.toString())
+      stream
+        .on('data', (data) => {
+          socket.emit('output', data.toString())
+        })
+        .on('close', () => {
+          consola.info('交互终端已关闭')
+          targetSSHClient.end()
+        })
+      socket.emit('connect_shell_success') // 已连接终端，web端可以执行指令了
     })
   })
 }
 
+async function createTerminal(hostId, socket, targetSSHClient) {
+  return new Promise(async (resolve) => {
+    const targetHostInfo = await hostListDB.findOneAsync({ _id: hostId })
+    if (!targetHostInfo) return socket.emit('create_fail', `查找hostId【${ hostId }】凭证信息失败`)
+    let { connectByJumpHosts = null } = (await decryptAndExecuteAsync(path.join(__dirname, 'plus.js'))) || {}
+    let { authType, host, port, username, name, jumpHosts } = targetHostInfo
+    try {
+      let { authInfo: targetConnectionOptions } = await getConnectionOptions(hostId)
+      let jumpHostResult = connectByJumpHosts && (await connectByJumpHosts(jumpHosts, targetConnectionOptions.host, targetConnectionOptions.port, socket))
+      if (jumpHostResult) {
+        targetConnectionOptions.sock = jumpHostResult.sock
+      }
+
+      socket.emit('terminal_print_info', `准备连接目标终端: ${ name } - ${ host }`)
+      socket.emit('terminal_print_info', `连接信息: ssh ${ username }@${ host } -p ${ port }  ->  ${ authType }`)
+
+      consola.info('准备连接目标终端：', host)
+      consola.log('连接信息', { username, port, authType })
+      let closeNoticeFlag = false // 避免重复发送通知
+      targetSSHClient
+        .on('ready', async () => {
+          sendNoticeAsync('host_login', '终端登录', `别名: ${ name } \n IP：${ host } \n 端口：${ port } \n 状态: 登录成功`)
+          socket.emit('terminal_print_info', `终端连接成功: ${ name } - ${ host }`)
+          consola.success('终端连接成功：', host)
+          socket.emit('connect_terminal_success', `终端连接成功：${ host }`)
+          let stream = await createInteractiveShell(socket, targetSSHClient)
+          resolve(stream)
+        })
+        .on('close', (err) => {
+          if (closeNoticeFlag) return closeNoticeFlag = false
+          const closeReason = err ? '发生错误导致连接断开' : '正常断开连接'
+          consola.info(`终端连接断开(${ closeReason }): ${ host }`)
+          socket.emit('connect_close', { reason: closeReason })
+        })
+        .on('error', (err) => {
+          closeNoticeFlag = true
+          sendNoticeAsync('host_login', '终端登录', `别名: ${ name } \n IP：${ host } \n 端口：${ port } \n 状态: 登录失败`)
+          consola.error('连接终端失败:', host, err.message)
+          socket.emit('connect_terminal_fail', err.message)
+        })
+        .on('keyboard-interactive', function (name, instructions, instructionsLang, prompts, finish) {
+          finish([targetConnectionOptions[authType]])
+        })
+        .connect({
+          tryKeyboard: true,
+          ...targetConnectionOptions
+          // debug: (info) => console.log(info)
+        })
+    } catch (err) {
+      consola.error('创建终端失败: ', host, err.message)
+      socket.emit('create_terminal_fail', err.message)
+    }
+  })
+}
+
 module.exports = (httpServer) => {
   const serverIo = new Server(httpServer, {
     path: '/terminal',
     cors: {
-      origin: '*' // 'http://localhost:8080'
+      origin: '*'
     }
   })
-  serverIo.on('connection', (socket) => {
-    // 前者兼容nginx反代, 后者兼容nodejs自身服务
-    let clientIp = socket.handshake.headers['x-forwarded-for'] || socket.handshake.address
-    let sshClient = new SSHClient()
-    consola.success('terminal websocket 已连接')
 
-    socket.on('create', ({ host: ip, token }) => {
-      const { code } = verifyAuth(token, clientIp)
-      if(code !== 1) {
+  let connectionCount = 0
+
+  serverIo.on('connection', (socket) => {
+    connectionCount++
+    consola.success(`terminal websocket 已连接 - 当前连接数: ${ connectionCount }`)
+    let requestIP = socket.handshake.headers['x-forwarded-for'] || socket.handshake.address
+    if (!isAllowedIp(requestIP)) {
+      socket.emit('ip_forbidden', 'IP地址不在白名单中')
+      socket.disconnect()
+      return
+    }
+    consola.success('terminal websocket 已连接')
+    let targetSSHClient = null
+    socket.on('create', async ({ hostId, token }) => {
+      const { code } = await verifyAuthSync(token, requestIP)
+      if (code !== 1) {
         socket.emit('token_verify_fail')
         socket.disconnect()
         return
       }
-      const sshRecord = readSSHRecord()
-      let loginInfo = sshRecord.find(item => item.host === ip)
-      if(!sshRecord.some(item => item.host === ip)) return socket.emit('create_fail', `未找到【${ ip }】凭证`)
-      let { type, host, port, username, randomKey } = loginInfo
+      targetSSHClient = new SSHClient()
+      let stream = null
+      function listenerInput(key) {
+        if (targetSSHClient._sock.writable === false) return consola.info('终端连接已关闭,禁止输入')
+        stream && stream.write(key)
+      }
+      function resizeShell({ rows, cols }) {
+        stream && stream.setWindow(rows, cols)
+      }
+      socket.on('input', listenerInput)
+      socket.on('resize', resizeShell)
+      stream = await createTerminal(hostId, socket, targetSSHClient)
+    })
+
+    socket.on('get_ping', async (ip) => {
       try {
-        // 解密放到try里面，防止报错【公私钥必须配对, 否则需要重新添加服务器密钥】
-        randomKey = AESDecrypt(randomKey) // 先对称解密key
-        randomKey = RSADecrypt(randomKey) // 再非对称解密key
-        loginInfo[type] = AESDecrypt(loginInfo[type], randomKey) // 对称解密ssh密钥
-        consola.info('准备连接终端：', host)
-        const authInfo = { host, port, username, [type]: loginInfo[type] }
-        sshClient
-          .on('ready', () => {
-            consola.success('已连接到终端：', host)
-            socket.emit('connect_success', `已连接到终端：${ host }`)
-            createTerminal(socket, sshClient)
-          })
-          .on('error', (err) => {
-            consola.error('连接终端失败:', err.level)
-            socket.emit('connect_fail', err.message)
-          })
-          .connect(authInfo)
-      } catch (err) {
-        consola.error('创建终端失败:', err.message)
-        socket.emit('create_fail', err.message)
+        socket.emit('ping_data', await ping(ip, 2500))
+      } catch (error) {
+        socket.emit('ping_data', { success: false, msg: error.message })
       }
     })
 
     socket.on('disconnect', (reason) => {
-      consola.info('终端连接断开:', reason)
-      sshClient.end()
-      sshClient.destroy()
-      sshClient = null
+      connectionCount--
+      consola.info(`终端socket连接断开: ${ reason } - 当前连接数: ${ connectionCount }`)
     })
   })
 }
+
+module.exports.getConnectionOptions = getConnectionOptions

server/app/static/index.html

@@ -1 +0,0 @@
-<html lang="zh"> <head> <meta charset="UTF-8" /> <link rel="icon" href="/favicon.ico" /> <meta name="viewport" content="width=device-width, initial-scale=0,user-scalable=yes"> <title>EasyNode</title> <script src="//at.alicdn.com/t/c/font_3309550_flid0kihu36.js"></script> <script type="module" crossorigin src="/assets/index.be6b9da9.js"></script> <link rel="stylesheet" href="/assets/index.de24ebdf.css"> </head> <body> <div id="app"></div> <script> var _hmt = _hmt || []; (function() { var hm = document.createElement("script"); hm.src = "https://hm.baidu.com/hm.js?9cd0d4e4da3a7f1d4f6e4aaaa0ce8f25"; var s = document.getElementsByTagName("script")[0]; s.parentNode.insertBefore(hm, s); })(); </script> </body> </html>

server/app/storage/README.md

@@ -1,38 +0,0 @@
-# host-list.json
-
-> 存储服务器基本信息
-
-# key.json
-
-> 用于加密的密钥相关
-
-# ssh-record.json
-
-> ssh密钥记录(加密存储)
-
-# email.json
-
-> 邮件配置
-
-- port: 587 --> secure: false
-```json
-// Gmail调试不通过, 暂缓
-{
-  "name": "Google邮箱",
-  "target": "google",
-  "host": "smtp.gmail.com",
-  "port": 465,
-  "secure": true,
-  "tls": {
-    "rejectUnauthorized": false
-  }
-}
-```
-
-# notify.json
-
-> 通知配置
-
-# group.json
-
-> 服务器分组配置

server/app/storage/email.json

@@ -1,36 +0,0 @@
-{
-  "support": [
-    {
-      "name": "QQ邮箱",
-      "target": "qq",
-      "host": "smtp.qq.com",
-      "port": 465,
-      "secure": true,
-      "tls": {
-        "rejectUnauthorized": false
-      }
-    },
-    {
-      "name": "网易126",
-      "target": "wangyi126",
-      "host": "smtp.126.com",
-      "port": 465,
-      "secure": true,
-      "tls": {
-        "rejectUnauthorized": false
-      }
-    },
-    {
-      "name": "网易163",
-      "target": "wangyi163",
-      "host": "smtp.163.com",
-      "port": 465,
-      "secure": true,
-      "tls": {
-        "rejectUnauthorized": false
-      }
-    }
-  ],
-  "user": [
-  ]
-}

server/app/storage/group.json

@@ -1,7 +0,0 @@
-[
-  {
-    "id": "default",
-    "name": "默认分组",
-    "index": 0
-  }
-]

server/app/storage/host-list.json

@@ -1 +0,0 @@
-[]

server/app/storage/key.json

@@ -1,6 +0,0 @@
-{
-  "pwd": "admin",
-  "commonKey": "",
-  "publicKey": "",
-  "privateKey": ""
-}

server/app/storage/notify.json

@@ -1,22 +0,0 @@
-[
-  {
-    "type": "login",
-    "desc": "登录面板提醒",
-    "sw": true
-  },
-  {
-    "type": "err_login",
-    "desc": "登录错误提醒(连续5次)",
-    "sw": true
-  },
-  {
-    "type": "updatePwd",
-    "desc": "修改密码提醒",
-    "sw": true
-  },
-  {
-    "type": "host_offline",
-    "desc": "客户端离线提醒(每小时最多发送一次提醒)",
-    "sw": true
-  }
-]

server/app/storage/ssh-record.json

@@ -1 +0,0 @@
-[]

server/app/template/commonTemp.js

@@ -1,26 +1,40 @@
 module.exports = (content) => {
-  return `<!DOCTYPE html
-  PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
-
-<html xmlns="http://www.w3.org/1999/xhtml">
-
-<head>
-  <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
-  <meta name="viewport" content="width=device-width, initial-scale=1.0" />
-</head>
-
-<body style="margin: 0; padding: 0;text-align: center;">
-  <table border="0" cellpadding="0" cellspacing="0" width="100%">
-    <tr>
-      <td>
-        <h3 style="font-size: 18px;color: #5992D3;padding:0 0 0 10px;">
-          ${ content }
-        </h3>
-      </td>
-    </tr>
-  </table>
-</body>
-
-</html>
+  return `<!DOCTYPE html>
+    <html>
+    <head>
+        <style>
+            body {
+                font-family: Arial, sans-serif;
+                margin: 15px 5px;
+                color: #333;
+                background-color: #f4f4f4;
+                line-height: 1.6;
+            }
+            .container {
+                background-color: #fff;
+                padding: 20px;
+                border-radius: 8px;
+                box-shadow: 0 0 10px rgba(0, 0, 0, 0.1);
+            }
+            h1 {
+                color: #4CAF50;
+            }
+            p {
+                margin: 12px 0;
+            }
+            .footer {
+                text-align: center;
+                font-size: 0.9em;
+                color: #777;
+            }
+        </style>
+    </head>
+    <body>
+        <div class="container">
+            <p>${ content }</p>
+            <p class="footer">通知发送时间: ${ new Date() }</p>
+        </div>
+    </body>
+    </html>
   `
 }

server/app/template/ipForbidden.html

@@ -0,0 +1,43 @@
+<!DOCTYPE html>
+<html lang="zh-CN">
+
+<head>
+  <meta charset="UTF-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1.0">
+  <title>403 禁止访问</title>
+  <link rel="icon" href="data:;base64,=">
+  <style>
+    body {
+      font-family: Arial, sans-serif;
+      background-color: #f4f4f4;
+      display: flex;
+      justify-content: center;
+      align-items: center;
+      height: 100vh;
+      margin: 0;
+    }
+
+    .container {
+      text-align: center;
+      padding: 20px;
+      border-radius: 8px;
+    }
+
+    h1 {
+      color: #d9534f;
+    }
+
+    p {
+      color: #333;
+    }
+  </style>
+</head>
+
+<body>
+  <div class="container">
+    <h1>403 禁止访问</h1>
+    <p>抱歉，您没有权限访问此页面。</p>
+  </div>
+</body>
+
+</html>

server/app/utils/db-class.js

@@ -0,0 +1,132 @@
+const Datastore = require('@seald-io/nedb')
+const {
+  credentialsDBPath,
+  hostListDBPath,
+  keyDBPath,
+  notifyDBPath,
+  notifyConfigDBPath,
+  groupConfDBPath,
+  scriptsDBPath,
+  onekeyDBPath,
+  logDBPath,
+  plusDBPath
+} = require('../config')
+
+module.exports.KeyDB = class KeyDB {
+  constructor() {
+    if (!KeyDB.instance) {
+      KeyDB.instance = new Datastore({ filename: keyDBPath, autoload: true })
+      // KeyDB.instance.setAutocompactionInterval(5000)
+    }
+  }
+  getInstance() {
+    return KeyDB.instance
+  }
+}
+
+module.exports.HostListDB = class HostListDB {
+  constructor() {
+    if (!HostListDB.instance) {
+      HostListDB.instance = new Datastore({ filename: hostListDBPath, autoload: true })
+      // HostListDB.instance.setAutocompactionInterval(5000)
+    }
+  }
+  getInstance() {
+    return HostListDB.instance
+  }
+}
+
+module.exports.CredentialsDB = class CredentialsDB {
+  constructor() {
+    if (!CredentialsDB.instance) {
+      CredentialsDB.instance = new Datastore({ filename: credentialsDBPath, autoload: true })
+      // CredentialsDB.instance.setAutocompactionInterval(5000)
+    }
+  }
+  getInstance() {
+    return CredentialsDB.instance
+  }
+}
+
+module.exports.NotifyDB = class NotifyDB {
+  constructor() {
+    if (!NotifyDB.instance) {
+      NotifyDB.instance = new Datastore({ filename: notifyDBPath, autoload: true })
+      // NotifyDB.instance.setAutocompactionInterval(5000)
+    }
+  }
+  getInstance() {
+    return NotifyDB.instance
+  }
+}
+
+module.exports.NotifyConfigDB = class NotifyConfigDB {
+  constructor() {
+    if (!NotifyConfigDB.instance) {
+      NotifyConfigDB.instance = new Datastore({ filename: notifyConfigDBPath, autoload: true })
+      // NotifyConfigDB.instance.setAutocompactionInterval(5000)
+    }
+  }
+  getInstance() {
+    return NotifyConfigDB.instance
+  }
+}
+
+module.exports.GroupDB = class GroupDB {
+  constructor() {
+    if (!GroupDB.instance) {
+      GroupDB.instance = new Datastore({ filename: groupConfDBPath, autoload: true })
+      // GroupDB.instance.setAutocompactionInterval(5000)
+    }
+  }
+  getInstance() {
+    return GroupDB.instance
+  }
+}
+
+module.exports.ScriptsDB = class ScriptsDB {
+  constructor() {
+    if (!ScriptsDB.instance) {
+      ScriptsDB.instance = new Datastore({ filename: scriptsDBPath, autoload: true })
+      // ScriptsDB.instance.setAutocompactionInterval(5000)
+    }
+  }
+  getInstance() {
+    return ScriptsDB.instance
+  }
+}
+
+module.exports.OnekeyDB = class OnekeyDB {
+  constructor() {
+    if (!OnekeyDB.instance) {
+      OnekeyDB.instance = new Datastore({ filename: onekeyDBPath, autoload: true })
+      // OnekeyDB.instance.setAutocompactionInterval(5000)
+    }
+  }
+  getInstance() {
+    return OnekeyDB.instance
+  }
+}
+
+module.exports.LogDB = class LogDB {
+  constructor() {
+    if (!LogDB.instance) {
+      LogDB.instance = new Datastore({ filename: logDBPath, autoload: true })
+      // LogDB.instance.setAutocompactionInterval(5000)
+    }
+  }
+  getInstance() {
+    return LogDB.instance
+  }
+}
+
+module.exports.PlusDB = class PlusDB {
+  constructor() {
+    if (!PlusDB.instance) {
+      PlusDB.instance = new Datastore({ filename: plusDBPath, autoload: true })
+    }
+  }
+  getInstance() {
+    return PlusDB.instance
+  }
+}

server/app/utils/decrypt-file.js

@@ -0,0 +1,53 @@
+const fs = require('fs-extra')
+const path = require('path')
+const CryptoJS = require('crypto-js')
+const { AESDecryptAsync } = require('./encrypt')
+const { PlusDB } = require('./db-class')
+const plusDB = new PlusDB().getInstance()
+
+function decryptAndExecuteAsync(plusPath) {
+  return new Promise(async (resolve) => {
+    try {
+      let { decryptKey } = await plusDB.findOneAsync({})
+      if (!decryptKey) {
+        throw new Error('缺少解密密钥')
+      }
+      decryptKey = await AESDecryptAsync(decryptKey)
+      const encryptedContent = fs.readFileSync(plusPath, 'utf-8')
+      const bytes = CryptoJS.AES.decrypt(encryptedContent, decryptKey)
+      const decryptedContent = bytes.toString(CryptoJS.enc.Utf8)
+      if (!decryptedContent) {
+        throw new Error('解密失败,请检查密钥是否正确')
+      }
+      const customRequire = (modulePath) => {
+        if (modulePath.startsWith('.')) {
+          const absolutePath = path.resolve(path.dirname(plusPath), modulePath)
+          return require(absolutePath)
+        }
+        return require(modulePath)
+      }
+      const module = {
+        exports: {},
+        require: customRequire,
+        __filename: plusPath,
+        __dirname: path.dirname(plusPath)
+      }
+      const wrapper = Function('module', 'exports', 'require', '__filename', '__dirname',
+        decryptedContent + '\n return module.exports;'
+      )
+      const exports = wrapper(
+        module,
+        module.exports,
+        customRequire,
+        module.__filename,
+        module.__dirname
+      )
+      resolve(exports)
+    } catch (error) {
+      consola.info('解锁plus功能失败: ', error.message)
+      resolve(null)
+    }
+  })
+}
+
+module.exports = decryptAndExecuteAsync

server/app/utils/email.js

@@ -1,60 +0,0 @@
-const nodemailer = require('nodemailer')
-const { readSupportEmailList, readUserEmailList } = require('./storage')
-const commonTemp = require('../template/commonTemp')
-
-const emailCode = {
-  SUCCESS: 0,
-  FAIL: -1
-}
-
-const emailTransporter = async (params = {}) => {
-  let { toEmail, title, html } = params
-  try {
-    if(!toEmail) throw Error('missing params: toEmail')
-    let userEmail = readUserEmailList().find(({ auth }) => auth.user === toEmail)
-    if(!userEmail) throw Error(`${ toEmail } 不存在已保存的配置文件中, 请移除后重新添加`)
-    let { target } = userEmail
-    let emailServerConf = readSupportEmailList().find((item) => item.target === target)
-    if(!emailServerConf) throw Error(`邮箱类型不支持：${ target }`)
-    const timeout = 1000*6
-    let options = Object.assign({}, userEmail, emailServerConf, { greetingTimeout: timeout, connectionTimeout: timeout })
-    let transporter = nodemailer.createTransport(options)
-    let info = await transporter.sendMail({
-      from: userEmail.auth.user, // sender address
-      to: userEmail.auth.user, // list of receivers
-      subject: `EasyNode: ${ title }`,
-      html
-    })
-    // consola.success('email发送成功：', info.accepted)
-    return { code: emailCode.SUCCESS, msg: `send successful：${ info.accepted }` }
-  } catch(error) {
-    // consola.error(`email发送失败(${ toEmail })：`, error.message || error)
-    return { code: emailCode.FAIL, msg: error }
-  }
-}
-
-const sendEmailToConfList = (title, content) => {
-  // eslint-disable-next-line
-  return new Promise(async (res, rej) => {
-    let emailList = readUserEmailList()
-    if(Array.isArray(emailList) && emailList.length >= 1) {
-      for (const item of emailList) {
-        const toEmail = item.auth.user
-        await emailTransporter({ toEmail, title, html: commonTemp(content) })
-          .then(({ code }) => {
-            if(code === 0) {
-              consola.success('已发送邮件通知: ', toEmail, title)
-              return res({ code: emailCode.SUCCESS })
-            }
-            consola.error('邮件通知发送失败: ', toEmail, title)
-            return rej({ code: emailCode.FAIL })
-          })
-      }
-    }
-  })
-}
-
-module.exports = {
-  emailTransporter,
-  sendEmailToConfList
-}

server/app/utils/encrypt.js

@@ -1,31 +1,32 @@
 const CryptoJS = require('crypto-js')
 const rawCrypto = require('crypto')
 const NodeRSA = require('node-rsa')
-const { readKey } = require('./storage.js')
+const { KeyDB } = require('./db-class')
+const keyDB = new KeyDB().getInstance()
 
 // rsa非对称 私钥解密
-const RSADecrypt = (ciphertext) => {
-  if(!ciphertext) return
-  let { privateKey } = readKey()
-  privateKey = AESDecrypt(privateKey) // 先解密私钥
+const RSADecryptAsync = async (ciphertext) => {
+  if (!ciphertext) return
+  let { privateKey } = await keyDB.findOneAsync({})
+  privateKey = await AESDecryptAsync(privateKey) // 先解密私钥
   const rsakey = new NodeRSA(privateKey)
-  rsakey.setOptions({ encryptionScheme: 'pkcs1' }) // Must Set It When Frontend Use jsencrypt
+  rsakey.setOptions({ encryptionScheme: 'pkcs1', environment: 'browser' }) // Must Set It When Frontend Use jsencrypt
   const plaintext = rsakey.decrypt(ciphertext, 'utf8')
   return plaintext
 }
 
 // aes对称 加密(default commonKey)
-const AESEncrypt = (text, key) => {
-  if(!text) return
-  let { commonKey } = readKey()
+const AESEncryptAsync = async (text, key) => {
+  if (!text) return
+  let { commonKey } = await keyDB.findOneAsync({})
   let ciphertext = CryptoJS.AES.encrypt(text, key || commonKey).toString()
   return ciphertext
 }
 
 // aes对称 解密(default commonKey)
-const AESDecrypt = (ciphertext, key) => {
-  if(!ciphertext) return
-  let { commonKey } = readKey()
+const AESDecryptAsync = async (ciphertext, key) => {
+  if (!ciphertext) return
+  let { commonKey } = await keyDB.findOneAsync({})
   let bytes = CryptoJS.AES.decrypt(ciphertext, key || commonKey)
   let originalText = bytes.toString(CryptoJS.enc.Utf8)
   return originalText
@@ -37,8 +38,8 @@ const SHA1Encrypt = (clearText) => {
 }
 
 module.exports = {
-  RSADecrypt,
-  AESEncrypt,
-  AESDecrypt,
+  RSADecryptAsync,
+  AESEncryptAsync,
+  AESDecryptAsync,
   SHA1Encrypt
 }

server/app/utils/get-plus.js

@@ -0,0 +1,93 @@
+const { getLocalNetIP } = require('./tools')
+const { AESEncryptAsync } = require('./encrypt')
+const version = require('../../package.json').version
+const { plusServer1, plusServer2 } = require('./plus-server')
+const { PlusDB } = require('./db-class')
+const plusDB = new PlusDB().getInstance()
+
+async function getLicenseInfo(key = '') {
+  const { key: plusKey } = await plusDB.findOneAsync({}) || {}
+  // console.log('plusKey: ', plusKey)
+  // console.log('key: ', key)
+  // console.log('process.env.PLUS_KEY: ', process.env.PLUS_KEY)
+  key = key || plusKey || process.env.PLUS_KEY
+  if (!key || key.length < 16) return { success: false, msg: 'Invalid Plus Key' }
+  let ip = ''
+  if (global.serverIp && (Date.now() - global.getServerIpLastTime) / 1000 / 60 < 60) {
+    ip = global.serverIp
+    consola.log('get server ip by cache: ', ip)
+  } else {
+    ip = await getLocalNetIP()
+    global.serverIp = ip
+    global.getServerIpLastTime = Date.now()
+    consola.log('get server ip by net: ', ip)
+  }
+  if (!ip) {
+    consola.error('activate plus failed: get public ip failed')
+    global.serverIp = ''
+    return { success: false, msg: 'get public ip failed' }
+  }
+  try {
+    let response
+    let method = 'POST'
+    let body = JSON.stringify({ ip, key, version })
+    let headers = { 'Content-Type': 'application/json' }
+    let timeout = 10000
+    try {
+      response = await fetch(plusServer1 + '/api/licenses/activate', {
+        method,
+        headers,
+        body,
+        timeout
+      })
+
+      if (!response.ok && (response.status !== 403)) {
+        throw new Error('port1 error')
+      }
+
+    } catch (error) {
+      consola.log('retry to activate plus by backup server')
+      response = await fetch(plusServer2 + '/api/licenses/activate', {
+        method,
+        headers,
+        body,
+        timeout
+      })
+    }
+
+    if (!response.ok) {
+      consola.log('activate plus failed: ', response.status)
+      if (response.status === 403) {
+        const errMsg = await response.json()
+        throw { errMsg, clear: true }
+      }
+      throw Error({ errMsg: `HTTP error! status: ${ response.status }` })
+    }
+
+    const { success, data } = await response.json()
+    if (success) {
+      let { decryptKey, expiryDate, usedIPCount, maxIPs, usedIPs } = data
+      decryptKey = await AESEncryptAsync(decryptKey)
+      consola.success('activate plus success')
+      const plusData = { key, decryptKey, expiryDate, usedIPCount, maxIPs, usedIPs }
+      let count = await plusDB.countAsync({})
+      if (count === 0) {
+        await plusDB.insertAsync(plusData)
+      } else {
+        await plusDB.removeAsync({}, { multi: true })
+        await plusDB.insertAsync(plusData)
+      }
+      return { success: true, msg: '激活成功' }
+    }
+    consola.error('activate plus failed: ', data)
+    return { success: false, msg: '激活失败' }
+  } catch (error) {
+    consola.error(`activate plus failed: ${ error.message || error.errMsg?.message }`)
+    if (error.clear) {
+      await plusDB.removeAsync({}, { multi: true })
+    }
+    return { success: false, msg: error.message || error.errMsg?.message }
+  }
+}
+
+module.exports = getLicenseInfo

server/app/utils/index.js

@@ -1,50 +0,0 @@
-const {
-  readSSHRecord,
-  writeSSHRecord,
-  readHostList,
-  writeHostList,
-  readKey,
-  writeKey,
-  readSupportEmailList,
-  readUserEmailList,
-  writeUserEmailList,
-  readNotifyList,
-  getNotifySwByType,
-  writeNotifyList,
-  readGroupList,
-  writeGroupList } = require('./storage')
-const { RSADecrypt, AESEncrypt, AESDecrypt, SHA1Encrypt } = require('./encrypt')
-const { verifyAuth, isProd } = require('./verify-auth')
-const { getNetIPInfo, throwError, isIP, randomStr, getUTCDate, formatTimestamp } = require('./tools')
-const { emailTransporter, sendEmailToConfList } = require('./email')
-
-module.exports = {
-  getNetIPInfo,
-  throwError,
-  isIP,
-  randomStr,
-  getUTCDate,
-  formatTimestamp,
-  verifyAuth,
-  isProd,
-  RSADecrypt,
-  AESEncrypt,
-  AESDecrypt,
-  SHA1Encrypt,
-  readSSHRecord,
-  writeSSHRecord,
-  readHostList,
-  writeHostList,
-  readKey,
-  writeKey,
-  readSupportEmailList,
-  readUserEmailList,
-  writeUserEmailList,
-  emailTransporter,
-  sendEmailToConfList,
-  readNotifyList,
-  getNotifySwByType,
-  writeNotifyList,
-  readGroupList,
-  writeGroupList
-}

server/app/utils/notify.js

@@ -0,0 +1,101 @@
+const path = require('path')
+const decryptAndExecuteAsync = require('./decrypt-file')
+const nodemailer = require('nodemailer')
+const axios = require('axios')
+const commonTemp = require('../template/commonTemp')
+const { NotifyDB, NotifyConfigDB } = require('./db-class')
+const notifyConfigDB = new NotifyConfigDB().getInstance()
+const notifyDB = new NotifyDB().getInstance()
+
+function sendServerChan(sendKey, title, content) {
+  return new Promise((async (resolve, reject) => {
+    try {
+      consola.info('server酱通知预发送: ', title)
+      const url = `https://sctapi.ftqq.com/${ sendKey }.send`
+      const params = new URLSearchParams({ text: title, desp: content })
+      let { data } = await axios.post(url, params, {
+        headers: {
+          'Content-Type': 'application/x-www-form-urlencoded'
+        }
+      })
+      resolve(data)
+      consola.info('server酱通知发送成功: ', title)
+    } catch (error) {
+      reject(error)
+      consola.error('server酱通知发送失败: ', error)
+    }
+  }))
+
+}
+
+function sendEmail({ service, user, pass }, title, content) {
+  return new Promise((async (resolve, reject) => {
+    try {
+      consola.info('邮箱通知预发送: ', title)
+      let transporter = nodemailer.createTransport({
+        service,
+        auth: {
+          user,
+          pass
+        }
+      })
+      await transporter.sendMail({
+        from: user,
+        to: user,
+        subject: title,
+        // text: '', // 纯文本版本内容，如果收件人的邮件客户端不支持HTML显示，就会显示这个文本
+        html: commonTemp(content)
+      })
+      consola.info('邮件通知发送成功: ', title)
+      resolve()
+    } catch (error) {
+      reject(error)
+      consola.error('邮件通知发送失败: ', error)
+    }
+  }))
+}
+
+// 异步发送通知
+async function sendNoticeAsync(noticeAction, title, content) {
+  try {
+    let notifyList = await notifyDB.findAsync({})
+    let { sw } = notifyList.find((item) => item.type === noticeAction) // 获取对应动作的通知开关
+    // console.log('notify swtich: ', noticeAction, sw)
+    if (!sw) return consola.info('通知开关关闭, 不发送通知: ', noticeAction)
+    let notifyConfig = await notifyConfigDB.findOneAsync({})
+    let { type } = notifyConfig
+    if (!type) return consola.error('通知类型不存在: ', type)
+    title = `EasyNode-${ title }`
+    content += `\n通知发送时间：${ new Date() }`
+    switch (type) {
+      case 'sct':
+        let { sendKey } = notifyConfig['sct']
+        if (!sendKey) return consola.info('未发送server酱通知, sendKey 为空')
+        await sendServerChan(sendKey, title, content)
+        break
+      case 'email':
+        let { service, user, pass } = notifyConfig['email']
+        if (!service || !user || !pass) return consola.info('未发送邮件通知通知, 未配置邮箱: ', { service, user, pass })
+        await sendEmail({ service, user, pass }, title, content)
+        break
+      case 'tg':
+        let { token, chatId } = notifyConfig['tg']
+        if (!token || !chatId) return consola.info('未发送Telegram通知, 未配置token或chatId: ', { token, chatId })
+        let { sendTg } = await decryptAndExecuteAsync(path.join(__dirname, 'plus.js'))
+        if (!sendTg) return consola.info('未发送Telegram通知, Plus功能解析失败')
+        await sendTg({ token, chatId }, title, content)
+        break
+      default:
+        consola.info('未配置通知类型: ', type)
+        break
+    }
+  } catch (error) {
+    consola.error('通知发送失败: ', error)
+  }
+}
+
+module.exports = {
+  sendNoticeAsync,
+  sendServerChan,
+  sendEmail
+}

server/app/utils/os-data.js

@@ -1,84 +0,0 @@
-const osu = require('node-os-utils')
-const os = require('os')
-
-let cpu = osu.cpu
-let mem = osu.mem
-let drive = osu.drive
-let netstat = osu.netstat
-let osuOs = osu.os
-let users = osu.users
-
-async function cpuInfo() {
-  let cpuUsage = await cpu.usage(200)
-  let cpuCount = cpu.count()
-  let cpuModel = cpu.model()
-  return {
-    cpuUsage,
-    cpuCount,
-    cpuModel
-  }
-}
-
-async function memInfo() {
-  let memInfo = await mem.info()
-  return {
-    ...memInfo
-  }
-}
-
-async function driveInfo() {
-  let driveInfo = {}
-  try {
-    driveInfo = await drive.info()
-  } catch {
-    // console.log(driveInfo)
-  }
-  return driveInfo
-}
-
-async function netstatInfo() {
-  let netstatInfo = await netstat.inOut()
-  return netstatInfo === 'not supported' ? {} : netstatInfo
-}
-
-async function osInfo() {
-  let type = os.type()
-  let platform = os.platform()
-  let release = os.release()
-  let uptime = osuOs.uptime()
-  let ip = osuOs.ip()
-  let hostname = osuOs.hostname()
-  let arch = osuOs.arch()
-  return {
-    type,
-    platform,
-    release,
-    ip,
-    hostname,
-    arch,
-    uptime
-  }
-}
-
-async function openedCount() {
-  let openedCount = await users.openedCount()
-  return openedCount === 'not supported' ? 0 : openedCount
-}
-
-module.exports = async () => {
-  let data = {}
-  try {
-    data = {
-      cpuInfo: await cpuInfo(),
-      memInfo: await memInfo(),
-      driveInfo: await driveInfo(),
-      netstatInfo: await netstatInfo(),
-      osInfo: await osInfo(),
-      openedCount: await openedCount()
-    }
-    return data
-  } catch(err){
-    console.error('获取系统信息出错：', err)
-    return err.toString()
-  }
-}

server/app/utils/plus-server.js

@@ -0,0 +1,4 @@
+module.exports = {
+  plusServer1: 'https://en1.221022.xyz',
+  plusServer2: 'https://en2.221022.xyz'
+}

server/app/utils/plus.js

@@ -0,0 +1 @@
+U2FsdGVkX1+Gus2FIC0WsNp0rUXPA+Ui1NQUjtnqP6Ycb1pyHglCADvKu51oxYaGJ0ZdoRZYo7YP3tQgIhp3f96WxP1/QFdypVrVlS7+jbAH6Gzc4CPlD3UeFsCm1j32ArFX60tPSSkq6+DJ3OF6pIVxstGIbCkmv5NQaf0J95zCxgqGm+fo/nZmZ6oj21uspGWZjhHssFRol0KpzINFDSWE9+/hJ43ybT5G6OHvEiaF83YH6h3CXAa6zz2zV18LKvnO8A4nTYR2/EBmGiP6NE3YqQ7hTE7SFmEDtRaxKJfyBxs0bHDCcFifVZh8GE25VyDwvOihUHztgvIRMh9vkgehzx9YN3sZdAsBJqcWyqi1mEPZU/l+zq2tbO+EczCvz6JQ77RZToQxm0vXzJc/ctcCEoVvjDx1pJhsQiTj5tJirFgcYz4VC7ihFYIq2XUQNISZaLynpYUUPdjvIfXGcvk0500SK9VAKb6603Z3fABdsENDGuxl2UKXMed4sL/PFwLy9siEX3BgMg1hFFiwoqqEp/x75341BoeRavEIJBEv8BdTS66mel1lUa/L3so7LyjGpdgfzOZlv+0t6Uhzy82HwYkAWmvuYpK6s6JItsG1ftYrOBzHZbpu36wn0e4N4NLqBnm6Hx1+tQJY7lTmgokgUy+5sVtp4LEsTbgE64HbDLYhME4m/3Yw5ij5D1OhoNwm/9r6MEYyJOyv8j8nDjudLRe1YQ0D2JLQsr04LYpVrjU1+Tsg780K0j0JdnFfVhe/SdkVU8nbkIIfRkv/86N6U2ZQaCYaScZmKYdBQmsK//I2yuYym0tM5q2d5kesYTxy8uAtVIXL1rE065eZFPlg/7Mgu0sqUsspG+EeDJE=

server/app/utils/storage.js

@@ -1,139 +0,0 @@
-const fs = require('fs')
-const { sshRecordPath, hostListPath, keyPath, emailPath, notifyPath, groupPath } = require('../config')
-
-const readSSHRecord = () => {
-  let list
-  try {
-    list = JSON.parse(fs.readFileSync(sshRecordPath, 'utf8'))
-  } catch (error) {
-    consola.error('读取ssh-record错误, 即将重置ssh列表: ', error)
-    writeSSHRecord([])
-  }
-  return list || []
-}
-
-const writeSSHRecord = (record = []) => {
-  fs.writeFileSync(sshRecordPath, JSON.stringify(record, null, 2))
-}
-
-const readHostList = () => {
-  let list
-  try {
-    list = JSON.parse(fs.readFileSync(hostListPath, 'utf8'))
-  } catch (error) {
-    consola.error('读取host-list错误, 即将重置host列表: ', error)
-    writeHostList([])
-  }
-  return list || []
-}
-
-const writeHostList = (record = []) => {
-  fs.writeFileSync(hostListPath, JSON.stringify(record, null, 2))
-}
-
-const readKey = () => {
-  let keyObj = JSON.parse(fs.readFileSync(keyPath, 'utf8'))
-  return keyObj
-}
-
-const writeKey = (keyObj = {}) => {
-  fs.writeFileSync(keyPath, JSON.stringify(keyObj, null, 2))
-}
-
-const readEmailJson = () => {
-  let emailJson = {}
-  try {
-    emailJson = JSON.parse(fs.readFileSync(emailPath, 'utf8'))
-  } catch (error) {
-    consola.error('读取email.json错误: ', error)
-  }
-  return emailJson
-}
-
-const readSupportEmailList = () => {
-  let supportEmailList = []
-  try {
-    supportEmailList = readEmailJson().support
-  } catch (error) {
-    consola.error('读取email support错误: ', error)
-  }
-  return supportEmailList
-}
-
-const readUserEmailList = () => {
-  let configEmailList = []
-  try {
-    configEmailList = readEmailJson().user
-  } catch (error) {
-    consola.error('读取email config错误: ', error)
-  }
-  return configEmailList
-}
-
-const writeUserEmailList = (user) => {
-  let support = readSupportEmailList()
-  const emailJson = { support, user }
-  try {
-    fs.writeFileSync(emailPath, JSON.stringify(emailJson, null, 2))
-    return { code: 0 }
-  } catch (error) {
-    return { code: -1, msg: error.message || error }
-  }
-}
-
-const readNotifyList = () => {
-  let notifyList = []
-  try {
-    notifyList = JSON.parse(fs.readFileSync(notifyPath, 'utf8'))
-  } catch (error) {
-    consola.error('读取notify list错误: ', error)
-  }
-  return notifyList
-}
-
-const getNotifySwByType = (type) => {
-  if(!type) throw Error('missing params: type')
-  try {
-    let { sw } = readNotifyList().find((item) => item.type === type)
-    return sw
-  } catch (error) {
-    consola.error(`通知类型[${ type }]不存在`)
-    return false
-  }
-}
-
-const writeNotifyList = (notifyList) => {
-  fs.writeFileSync(notifyPath, JSON.stringify(notifyList, null, 2))
-}
-
-const readGroupList = () => {
-  let list
-  try {
-    list = JSON.parse(fs.readFileSync(groupPath, 'utf8'))
-  } catch (error) {
-    consola.error('读取group-list错误, 即将重置group列表: ', error)
-    writeSSHRecord([])
-  }
-  return list || []
-}
-
-const writeGroupList = (list = []) => {
-  fs.writeFileSync(groupPath, JSON.stringify(list, null, 2))
-}
-
-module.exports = {
-  readSSHRecord,
-  writeSSHRecord,
-  readHostList,
-  writeHostList,
-  readKey,
-  writeKey,
-  readSupportEmailList,
-  readUserEmailList,
-  writeUserEmailList,
-  readNotifyList,
-  getNotifySwByType,
-  writeNotifyList,
-  readGroupList,
-  writeGroupList
-}

server/app/utils/test-connect.js

@@ -1,47 +0,0 @@
-// based off of https://github.com/apaszke/tcp-ping
-// rewritten with modern es6 syntax & promises
-const { io: ClientIO } = require('socket.io-client')
-
-const testConnectAsync = (options) => {
-  let connectTimes = 0
-  options = Object.assign({ retryTimes: 3, timeout: 5000, host: 'http://localhost', port: '80' }, options)
-  const { retryTimes, host, port, timeout } = options
-  // eslint-disable-next-line
-  return new Promise(async (resolve, reject) => {
-    while (connectTimes < retryTimes) {
-      try {
-        connectTimes++
-        await connect({ host, port, timeout })
-        break
-      } catch (error) {
-        // 重连次数达到限制仍未连接成功
-        if(connectTimes === retryTimes) {
-          reject({ message: error.message, host, port, connectTimes })
-          return
-        }
-      }
-    }
-    resolve({ status: 'connect_success', host, port, connectTimes })
-  })
-}
-
-const connect = (options) => {
-  const { host, port, timeout } = options
-  return new Promise((resolve, reject) => {
-    let io = ClientIO(`${ host }:${ port }`, {
-      path: '/client/os-info',
-      forceNew: false,
-      timeout,
-      reconnection: false
-    })
-      .on('connect', () => {
-        resolve()
-        io.disconnect()
-      })
-      .on('connect_error', (error) => {
-        reject(error)
-      })
-  })
-}
-
-module.exports = testConnectAsync