add some

2019-02-08 19:54:09 +08:00 · 2019-02-08 19:54:09 +08:00 · 84b27c3d17
commit 84b27c3d17
parent 7a752c1c97
2 changed files with 45 additions and 32 deletions
--- a/src/contexts/ssh/ssh.go
+++ b/src/contexts/ssh/ssh.go
@ -50,9 +50,21 @@ var Index = &ctx.Context{Name: "ssh", Help: "集群中心",
 				return
 			}

+			if !m.Confs("runtime", "node.cert") { // 设备证书
+				msg := m.Cmd("aaa.rsa", "gen", "common", m.Confv("runtime", "node"))
+				m.Conf("runtime", "node.cert", msg.Append("certificate"))
+				m.Conf("runtime", "node.key", msg.Append("private"))
+			}
+
+			if !m.Confs("runtime", "user.cert") { // 用户证书
+				msg := m.Cmd("aaa.rsa", "gen", "common", m.Confv("runtime", "user"))
+				m.Conf("runtime", "user.cert", msg.Append("certificate"))
+				m.Conf("runtime", "user.key", msg.Append("private"))
+			}
+
 			switch arg[0] {
 			case "auto":
-				if m.Cmd("ssh.remote", "dial", "consul", "/shadow"); !m.Confs("runtime", "ctx_box") && m.Confs("runtime", "ssh_port") {
+				if m.Cmd("ssh.remote", "dial", "consul", "/shadow"); !m.Confs("runtime", "ctx_box") {
 					m.Cmd("ssh.remote", "listen", m.Conf("runtime", "ssh_port"))
 					m.Cmd("web.serve", "usr", m.Conf("runtime", "web_port"))
 				}
@ -60,25 +72,24 @@ var Index = &ctx.Context{Name: "ssh", Help: "集群中心",
 			case "listen":
 				m.Call(func(nfs *ctx.Message) *ctx.Message {
 					if nfs.Has("hostport") {
+						m.Log("info", "ssh_ports %v", nfs.Optionv("hostport"))
 						m.Conf("runtime", "ssh_ports", nfs.Optionv("hostport"))
-					}
-
-					if !m.Confs("runtime", "node.sess") {
-						if !m.Confs("runtime", "node.cert") { // 设备注册
-							msg := m.Cmd("aaa.rsa", "gen", "common", m.Confv("runtime", "node"))
-							m.Conf("runtime", "node.cert", msg.Append("certificate"))
-							m.Conf("runtime", "node.key", msg.Append("private"))
-							m.Cmd("aaa.auth", "nodes", m.Conf("runtime", "node.route"), "cert", msg.Append("certificate"))
-
-							sess := m.Cmdx("aaa.sess", "nodes", "username", m.Conf("runtime", "USER"))
-							m.Cmdx("aaa.auth", sess, "nodes", m.Conf("runtime", "node.route"))
-							m.Cmdx("aaa.auth", "username", m.Conf("runtime", "USER"), "userrole", "root")

+						if !m.Confs("runtime", "node.sess") { // 注册设备
+							m.Conf("runtime", "node.sess", m.Cmdx("web.get", "dev", "/login", "cert", m.Confv("runtime", "node.cert"), "temp", "sess.0"))
 						}
-						m.Conf("runtime", "node.sess", m.Cmdx("web.get", "dev", "/login",
-							"cert", m.Confv("runtime", "node.cert"), "temp", "sess.0"))
 					}

+					// 创建会话
+					sess := m.Cmd("aaa.auth", "nodes", m.Conf("runtime", "node.route"), "session", "nodes").Append("key")
+					if sess == "" {
+						sess = m.Cmdx("aaa.sess", "nodes", "nodes", m.Conf("runtime", "node.route"))
+						m.Cmd("aaa.auth", "nodes", m.Conf("runtime", "node.route"), "cert", m.Conf("runtime", "node.cert"))
+					}
+
+					m.Cmd("aaa.auth", "username", m.Conf("runtime", "USER"), "userrole", "root")
+					m.Cmdx("aaa.sess", sess, m.Conf("runtime", "USER"), "cert", m.Conf("runtime", "user.cert"))
+
 					return nil
 				}, "nfs.remote", arg)

@ -92,7 +103,11 @@ var Index = &ctx.Context{Name: "ssh", Help: "集群中心",
 						m.Conf("timer", m.Cmdx("cli.timer", "delete", m.Conf("timer")))
 					}

-					m.Spawn(nfs.Target()).Call(func(node *ctx.Message) *ctx.Message {
+					msg := m.Spawn(nfs.Target())
+					msg.Option("node.cert", m.Conf("runtime", "node.cert"))
+					msg.Option("user.cert", m.Conf("runtime", "user.cert"))
+
+					msg.Call(func(node *ctx.Message) *ctx.Message {
 						m.Confv("node", node.Result(1), map[string]interface{}{ // 添加主机
 							"create_time": m.Time(),
 							"access_time": m.Time(),
--- a/src/contexts/web/web.go
+++ b/src/contexts/web/web.go
@ -263,10 +263,9 @@ func (web *WEB) Spawn(m *ctx.Message, c *ctx.Context, arg ...string) ctx.Server
 	return s
 }
 func (web *WEB) Begin(m *ctx.Message, arg ...string) ctx.Server {
-	web.Caches["directory"] = &ctx.Cache{Name: "directory", Value: kit.Select(m.Conf("serve", "directory"), arg, 0), Help: "服务目录"}
-	web.Caches["route"] = &ctx.Cache{Name: "route", Value: "/" + web.Context.Name + "/", Help: "模块路由"}
-	web.Caches["register"] = &ctx.Cache{Name: "register(yes/no)", Value: "no", Help: "是否已初始化"}
 	web.Caches["master"] = &ctx.Cache{Name: "master(yes/no)", Value: "no", Help: "服务入口"}
+	web.Caches["register"] = &ctx.Cache{Name: "register(yes/no)", Value: "no", Help: "是否已初始化"}
+	web.Caches["route"] = &ctx.Cache{Name: "route", Value: "/" + web.Context.Name + "/", Help: "模块路由"}

 	web.ServeMux = http.NewServeMux()
 	web.Template = template.New("render").Funcs(ctx.CGI)
@ -274,7 +273,10 @@ func (web *WEB) Begin(m *ctx.Message, arg ...string) ctx.Server {
 	return web
 }
 func (web *WEB) Start(m *ctx.Message, arg ...string) bool {
-	m.Cap("directory", kit.Select(m.Conf("serve", "directory"), arg, 0))
+	web.Caches["directory"] = &ctx.Cache{Name: "directory", Value: kit.Select(m.Conf("serve", "directory"), arg, 0), Help: "服务目录"}
+	web.Caches["protocol"] = &ctx.Cache{Name: "protocol", Value: kit.Select(m.Conf("serve", "protocol"), arg, 2), Help: "服务协议"}
+	web.Caches["address"] = &ctx.Cache{Name: "address", Value: kit.Select(m.Conf("serve", "address"), arg, 1), Help: "服务地址"}
+	m.Log("info", "%d %s %s://%s", m.Capi("nserve", 1), m.Cap("directory"), m.Cap("protocol"), m.Cap("stream", m.Cap("address")))

 	render := m.Target().Commands["/render"]
 	proxy := m.Target().Commands["/proxy/"]
@ -283,12 +285,14 @@ func (web *WEB) Start(m *ctx.Message, arg ...string) bool {
 		if h, ok := m.Target().Server.(MUX); ok && m.Cap("register") == "no" {
 			m.Cap("register", "yes")

+			// 路由级联
 			p := m.Target().Context()
 			if s, ok := p.Server.(MUX); ok {
 				m.Log("info", "route: /%s <- %s", p.Name, m.Cap("route"))
 				s.Handle(m.Cap("route"), http.StripPrefix(path.Dir(m.Cap("route")), h))
 			}

+			// 通用响应
 			if m.Target().Commands["/render"] == nil {
 				m.Target().Commands["/render"] = render
 			}
@ -296,15 +300,16 @@ func (web *WEB) Start(m *ctx.Message, arg ...string) bool {
 				m.Target().Commands["/proxy/"] = proxy
 			}

+			// 路由节点
 			msg := m.Target().Message()
 			for k, x := range m.Target().Commands {
 				if k[0] == '/' {
-					m.Log("info", "route: %s", k)
+					m.Log("info", "%d route: %s", m.Capi("nroute", 1), k)
 					h.HandleCmd(msg, k, x)
-					m.Capi("nroute", 1)
 				}
 			}

+			// 路由文件
 			if m.Cap("directory") != "" {
 				m.Log("info", "route: %sstatic/ <- [%s]\n", m.Cap("route"), m.Cap("directory"))
 				h.Handle("/static/", http.StripPrefix("/static/", http.FileServer(http.Dir(m.Cap("directory")))))
@ -313,10 +318,7 @@ func (web *WEB) Start(m *ctx.Message, arg ...string) bool {
 		return false
 	})

-	web.Caches["protocol"] = &ctx.Cache{Name: "protocol", Value: kit.Select(m.Conf("serve", "protocol"), arg, 2), Help: "服务协议"}
-	web.Caches["address"] = &ctx.Cache{Name: "address", Value: kit.Select(m.Conf("serve", "address"), arg, 1), Help: "服务地址"}
-	m.Log("info", "%d %s://%s", m.Capi("nserve", 1), m.Cap("protocol"), m.Cap("stream", m.Cap("address")))
-
+	// SSO认证
 	var handler http.Handler
 	if cas_url, e := url.Parse(m.Conf("login", "cas_url")); e == nil && m.Confs("login", "cas_url") {
 		m.Log("info", "cas url: %s", m.Conf("login", "cas_url"))
@ -326,14 +328,10 @@ func (web *WEB) Start(m *ctx.Message, arg ...string) bool {
 		handler = web
 	}

+	// 启动服务
 	web.Server = &http.Server{Addr: m.Cap("address"), Handler: handler}
-
 	if m.Caps("master", true); m.Cap("protocol") == "https" {
-		web.Caches["cert"] = &ctx.Cache{Name: "cert", Value: kit.Select(m.Conf("serve", "cert"), arg, 3), Help: "服务证书"}
-		web.Caches["key"] = &ctx.Cache{Name: "key", Value: kit.Select(m.Conf("serve", "key"), arg, 4), Help: "服务密钥"}
-		m.Log("info", "cert [%s]", m.Cap("cert"))
-		m.Log("info", "key [%s]", m.Cap("key"))
-		web.Server.ListenAndServeTLS(m.Cap("cert"), m.Cap("key"))
+		web.Server.ListenAndServeTLS(m.Conf("runtime", "node.cert"), m.Conf("runtime", "node.key"))
 	} else {
 		web.Server.ListenAndServe()
 	}