add host management and authentication

cylonchau · Apr 10, 2023 · 8adf81d · 8adf81d
1 parent 49ec23d
commit 8adf81d
Show file tree

Hide file tree

Showing 56 changed files with 1,566 additions and 490 deletions.
diff --git a/.gitignore b/.gitignore
@@ -20,3 +20,4 @@ _output
 1/*
 1
 .idea
+*.db
diff --git a/Dockerfile b/Dockerfile
@@ -13,7 +13,7 @@ RUN \
 FROM alpine AS runner
 WORKDIR /go/firewalld
 COPY --from=builder /firewalld/_output/firewalld-gateway ./bin/
-COPY --from=builder /firewalld/firewalld-gateway.conf .
-CMD  ["firewalld-gateway", "-v", "5", "--config", "./firewalld-gateway.conf"]
+COPY --from=builder /firewalld/firewalld-gateway.toml .
+CMD  ["firewalld-gateway", "-v", "5"]
 ENV PATH "$PATH:/go/firewalld/bin"
 VOLUME ["/firewall"]
diff --git a/README.md b/README.md
@@ -1,15 +1,14 @@
 ## Fiewall Gateway Uranus
 
-Fiewall gateway Uranus is a Linux firewalld central controller. In Greek mythology, Uranus king of gods. The firewall gateway is the Uranus for iptables.
+Firewalld gateway Uranus is a Linux firewalld central controller. In Greek mythology, Uranus king of gods. The firewall gateway is the Uranus for iptables.
 
 ## Features
 
-- Full firewalld features
+- Full firewalld features (currently only covert Redhat7)
 - Full D-BUS API convert to REST API.
 - Based dbus remotely.
 - HTTP restful API.
 - Declarative API and Imperative API.
-- Support HA (Based Kubernetes)
 - Asynchronous batch interface (only add).
 - Can control thousands of linux machine via firewall gateway remotely.
 - Support change tempate of thousands of machine fastly.
@@ -18,17 +17,16 @@ Fiewall gateway Uranus is a Linux firewalld central controller. In Greek mytholo
 - Support iptables NAT ipset timer task.
 - Support template switch (only enable db).
 - Only HTTP Service (without store).
+- UI based VUE-element-admin.
+- Support datacenter tag and machine management.
 
 ## TODO
-- [X] Asynchronous batch process (Signal thread)
-- [ ] Asynchronous batch process (Multi thread)
+- [X] Asynchronous batch process
 - [X] optional API on (v3 only)
 - [X] security policy
 - [X] Delay task
-- [X] rpm spec
-- [ ] UI
-- [ ] Authtication.
-- [ ] Based Kubernetes HA.
+- [ ] UI doing
+- [X] Authtication.
 - [ ] Prometheus Metics.
 - [ ] WAF SDK.
 - [X] Deplyment on Kubernetes

diff --git a/apis/firewalld_request.go b/apis/firewalld_request.go
diff --git a/config/config.go b/config/config.go
@@ -1,37 +1,58 @@
 package config
 
 import (
+	"reflect"
+
 	"github.com/spf13/viper"
 )
 
 var CONFIG *Config
 
-type MysqlConfig struct {
-	Ip       string //公有访问
-	Port     string
-	User     string
-	Password string
-	Database string
+type MySQLConfig struct {
+	Ip                string //公有访问
+	Port              string
+	User              string
+	Password          string
+	Database          string
+	MaxIdleConnection int `mapstructure:"max_idle_connection"`
+	MaxOpenConnection int `mapstructure:"max_open_connection"`
+}
+
+func (this *MySQLConfig) IsEmpty() bool {
+	return reflect.DeepEqual(this, MySQLConfig{})
+}
+
+type SQLiteConfig struct {
+	File              string
+	Database          string
+	MaxIdleConnection int `mapstructure:"max_idle_connection"`
+	MaxOpenConnection int `mapstructure:"max_open_connection"`
+}
+
+func (this *SQLiteConfig) IsEmpty() bool {
+	return reflect.DeepEqual(this, SQLiteConfig{})
 }
 
-func (this *MysqlConfig) IsEmpty() bool {
-	return this == nil
+//Config对象和config.toml文件保持一致
+type Config struct {
+	AppName            string
+	Address            string
+	Port               string
+	DbusPort           string       `mapstructure:"dbus_port"`
+	AsyncProcess       bool         `mapstructure:"async_process"`
+	MissionRetryNumber int          `mapstructure:"mission_retry_number"`
+	DatabaseDriver     string       `mapstructure:"database_driver"`
+	MySQL              MySQLConfig  //需要定义子类型对应的变量，如果不定义映射不成功
+	SQLite             SQLiteConfig //需要定义子类型对应的变量，如果不定义映射不成功
+	HA                 ha
 }
 
-type Config struct { //Config对象和config.toml文件保持一致
-	AppName              string
-	LogLevel             string
-	Address              string
-	Port                 string
-	Dbus_Port            string
-	Async_Process        bool
-	Mission_Retry_Number int
-	Mysql                MysqlConfig //需要定义子类型对应的变量，如果不定义映射不成功
+type ha struct {
+	Namespace string
 }
 
 func InitConfiguration(configFile string) error {
-	viper.SetDefault("LogLevel", "info")
-	viper.SetDefault("Port", "7777")
+	viper.SetDefault("Port", "2952")
 	viper.SetDefault("Address", "127.0.0.1")
 	viper.SetConfigType("toml")
 	viper.SetConfigFile(configFile)

diff --git a/firewalld-gateway.conf b/firewalld-gateway.conf
diff --git a/firewalld-gateway.toml b/firewalld-gateway.toml
@@ -0,0 +1,22 @@
+appname = "Uranus"
+port = 2952
+address = "0.0.0.0"
+dbus_port = 55556
+mission_retry_number = 3
+async_process = true
+database_driver = "sqlite"
+
+[mysql]
+ip = "192.168.56.19"
+port = 3310
+user = "root"
+password = 123456
+database = "cmp"
+max_open_connection = 100
+max_idle_connection = 100
+
+[sqlite]
+file = "uranus"
+database = "uranus"
+max_open_connection = 100
+max_idle_connection = 100
diff --git a/go.mod b/go.mod
@@ -8,45 +8,59 @@ replace k8s.io/client-go => k8s.io/client-go v0.24.5
 
 require (
 	github.com/gin-gonic/gin v1.7.4
+	github.com/glebarez/sqlite v1.7.0
 	github.com/godbus/dbus/v5 v5.0.5
+	github.com/golang-jwt/jwt v3.2.2+incompatible
+	github.com/praserx/ipconv v1.2.1
 	github.com/spf13/cobra v1.6.1
 	github.com/spf13/pflag v1.0.5
 	github.com/spf13/viper v1.9.0
 	github.com/ulule/deepcopier v0.0.0-20200430083143-45decc6639b6
+	gorm.io/gorm v1.24.6
 	k8s.io/apimachinery v0.24.5
 	k8s.io/client-go v0.0.0-00010101000000-000000000000
 	k8s.io/klog/v2 v2.80.1
 )
 
 require (
+	github.com/dustin/go-humanize v1.0.1 // indirect
 	github.com/fsnotify/fsnotify v1.5.1 // indirect
 	github.com/gin-contrib/sse v0.1.0 // indirect
+	github.com/glebarez/go-sqlite v1.20.3 // indirect
 	github.com/go-logr/logr v1.2.3 // indirect
 	github.com/go-playground/locales v0.13.0 // indirect
 	github.com/go-playground/universal-translator v0.17.0 // indirect
 	github.com/go-playground/validator/v10 v10.4.1 // indirect
 	github.com/golang/protobuf v1.5.2 // indirect
+	github.com/google/uuid v1.3.0 // indirect
 	github.com/hashicorp/hcl v1.0.0 // indirect
 	github.com/inconshreveable/mousetrap v1.0.1 // indirect
+	github.com/jinzhu/inflection v1.0.0 // indirect
+	github.com/jinzhu/now v1.1.5 // indirect
 	github.com/json-iterator/go v1.1.12 // indirect
 	github.com/leodido/go-urn v1.2.0 // indirect
 	github.com/magiconair/properties v1.8.5 // indirect
-	github.com/mattn/go-isatty v0.0.14 // indirect
+	github.com/mattn/go-isatty v0.0.17 // indirect
 	github.com/mitchellh/mapstructure v1.4.2 // indirect
 	github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
 	github.com/modern-go/reflect2 v1.0.2 // indirect
 	github.com/pelletier/go-toml v1.9.4 // indirect
+	github.com/remyoudompheng/bigfft v0.0.0-20230126093431-47fa9a501578 // indirect
 	github.com/spf13/afero v1.6.0 // indirect
 	github.com/spf13/cast v1.4.1 // indirect
 	github.com/spf13/jwalterweatherman v1.1.0 // indirect
 	github.com/subosito/gotenv v1.2.0 // indirect
 	github.com/ugorji/go/codec v1.1.7 // indirect
 	golang.org/x/crypto v0.0.0-20220214200702-86341886e292 // indirect
-	golang.org/x/sys v0.5.0 // indirect
-	golang.org/x/text v0.7.0 // indirect
+	golang.org/x/sys v0.7.0 // indirect
+	golang.org/x/text v0.8.0 // indirect
 	golang.org/x/time v0.0.0-20220210224613-90d013bbcef8 // indirect
 	google.golang.org/protobuf v1.28.1 // indirect
 	gopkg.in/ini.v1 v1.63.2 // indirect
 	gopkg.in/yaml.v2 v2.4.0 // indirect
 	k8s.io/utils v0.0.0-20221107191617-1a15be271d1d // indirect
+	modernc.org/libc v1.22.2 // indirect
+	modernc.org/mathutil v1.5.0 // indirect
+	modernc.org/memory v1.5.0 // indirect
+	modernc.org/sqlite v1.20.3 // indirect
 )