带阿里标识的版本

2026-02-28 18:55:33 +08:00
parent 150799f41d
commit 5d0b7c7e91
477 changed files with 10813 additions and 4044 deletions
--- a/EdgeAPI/internal/installers/installer_httpdns_node.go
+++ b/EdgeAPI/internal/installers/installer_httpdns_node.go
@@ -104,11 +104,16 @@ func (i *HTTPDNSNodeInstaller) Install(dir string, params interface{}, installSt
 		_, _, _ = i.client.Exec("chown " + i.client.User() + " " + filepath.Dir(configFile))
 	}

+	listenAddr := strings.TrimSpace(nodeParams.HTTPDNSListenAddr)
+	if len(listenAddr) == 0 {
+		listenAddr = ":443"
+	}
+
 	configData := []byte(`rpc.endpoints: [ ${endpoints} ]
 nodeId: "${nodeId}"
 secret: "${nodeSecret}"

-https.listenAddr: ":443"
+https.listenAddr: "${listenAddr}"
 https.cert: "${certFile}"
 https.key: "${keyFile}"`)
 	certFileClean := strings.ReplaceAll(certFile, "\\", "/")
@@ -117,6 +122,7 @@ https.key: "${keyFile}"`)
 	configData = bytes.ReplaceAll(configData, []byte("${endpoints}"), []byte(nodeParams.QuoteEndpoints()))
 	configData = bytes.ReplaceAll(configData, []byte("${nodeId}"), []byte(nodeParams.NodeId))
 	configData = bytes.ReplaceAll(configData, []byte("${nodeSecret}"), []byte(nodeParams.Secret))
+	configData = bytes.ReplaceAll(configData, []byte("${listenAddr}"), []byte(listenAddr))
 	configData = bytes.ReplaceAll(configData, []byte("${certFile}"), []byte(certFileClean))
 	configData = bytes.ReplaceAll(configData, []byte("${keyFile}"), []byte(keyFileClean))

--- a/EdgeAPI/internal/installers/params_node.go
+++ b/EdgeAPI/internal/installers/params_node.go
@@ -6,12 +6,13 @@ import (
 )

 type NodeParams struct {
-	Endpoints   []string
-	NodeId      string
-	Secret      string
-	TLSCertData []byte
-	TLSKeyData  []byte
-	IsUpgrading bool // 是否为升级
+	Endpoints         []string
+	NodeId            string
+	Secret            string
+	TLSCertData       []byte
+	TLSKeyData        []byte
+	HTTPDNSListenAddr string
+	IsUpgrading       bool // 是否为升级
 }

 func (this *NodeParams) Validate() error {
--- a/EdgeAPI/internal/installers/queue_httpdns_node.go
+++ b/EdgeAPI/internal/installers/queue_httpdns_node.go
@@ -1,15 +1,19 @@
-package installers
+package installers

 import (
 	"encoding/json"
 	"errors"
 	"fmt"
+	"net"
+	"strconv"
+	"strings"
 	"time"

 	"github.com/TeaOSLab/EdgeAPI/internal/db/models"
 	"github.com/TeaOSLab/EdgeAPI/internal/goman"
 	"github.com/TeaOSLab/EdgeAPI/internal/utils"
 	"github.com/TeaOSLab/EdgeAPI/internal/utils/numberutils"
+	"github.com/TeaOSLab/EdgeCommon/pkg/serverconfigs"
 	"github.com/TeaOSLab/EdgeCommon/pkg/serverconfigs/sslconfigs"
 	"github.com/iwind/TeaGo/logs"
 	"github.com/iwind/TeaGo/maps"
@@ -136,14 +140,20 @@ func (q *HTTPDNSNodeQueue) InstallNode(nodeId int64, installStatus *models.NodeI
 		installStatus.ErrorCode = "EMPTY_TLS_CERT"
 		return err
 	}
+	httpdnsListenAddr, err := q.resolveClusterTLSListenAddr(cluster)
+	if err != nil {
+		installStatus.ErrorCode = "INVALID_TLS_LISTEN"
+		return err
+	}

 	params := &NodeParams{
-		Endpoints:   apiEndpoints,
-		NodeId:      node.UniqueId,
-		Secret:      node.Secret,
-		TLSCertData: tlsCertData,
-		TLSKeyData:  tlsKeyData,
-		IsUpgrading: isUpgrading,
+		Endpoints:         apiEndpoints,
+		NodeId:            node.UniqueId,
+		Secret:            node.Secret,
+		TLSCertData:       tlsCertData,
+		TLSKeyData:        tlsKeyData,
+		HTTPDNSListenAddr: httpdnsListenAddr,
+		IsUpgrading:       isUpgrading,
 	}

 	installer := &HTTPDNSNodeInstaller{}
@@ -246,6 +256,37 @@ func (q *HTTPDNSNodeQueue) resolveClusterTLSCertPair(cluster *models.HTTPDNSClus
 	return nil, nil, errors.New("cluster tls certificate is not configured")
 }

+func (q *HTTPDNSNodeQueue) resolveClusterTLSListenAddr(cluster *models.HTTPDNSCluster) (string, error) {
+	const defaultListenAddr = ":443"
+
+	if cluster == nil || len(cluster.TLSPolicy) == 0 {
+		return defaultListenAddr, nil
+	}
+
+	tlsConfig, err := serverconfigs.NewTLSProtocolConfigFromJSON(cluster.TLSPolicy)
+	if err != nil {
+		return "", fmt.Errorf("decode cluster tls listen failed: %w", err)
+	}
+
+	for _, listen := range tlsConfig.Listen {
+		if listen == nil {
+			continue
+		}
+
+		if err := listen.Init(); err != nil {
+			return "", fmt.Errorf("invalid cluster tls listen address '%s': %w", listen.PortRange, err)
+		}
+		if listen.MinPort <= 0 {
+			continue
+		}
+
+		host := strings.TrimSpace(listen.Host)
+		return net.JoinHostPort(host, strconv.Itoa(listen.MinPort)), nil
+	}
+
+	return defaultListenAddr, nil
+}
+
 func (q *HTTPDNSNodeQueue) parseSSHInfo(node *models.HTTPDNSNode) (string, int, int64, error) {
 	if node == nil {
 		return "", 0, 0, errors.New("node should not be nil")