admin/yakpanel-core
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
0732a2eba693ad160508052a717ab73af14e1777
yakpanel-core/tools.py
Niranjan 2826d3e7f3 Initial YakPanel commit
2026-04-07 02:04:22 +05:30

936 lines
38 KiB
Python
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
#coding: utf-8
# +-------------------------------------------------------------------
# | YakPanel
# +-------------------------------------------------------------------
# | Copyright (c) 2015-2099 YakPanel(www.yakpanel.com) All rights reserved.
# +-------------------------------------------------------------------
# | Author: hwliang <hwl@yakpanel.com>
# +-------------------------------------------------------------------
#------------------------------
# 工具箱
#------------------------------
import sys
import os
import re
panelPath = '/www/server/panel/'
os.chdir(panelPath)
sys.path.insert(0,panelPath + "class/")
import public,time,json
if sys.version_info[0] == 3: raw_input = input
#设置MySQL密码
def set_mysql_root(password):
import db,os
sql = db.Sql()
root_mysql = r'''#!/bin/bash
PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin:~/bin
export PATH
pwd=$1
/etc/init.d/mysqld stop
mysqld_safe --skip-grant-tables&
echo 'Changing password...';
sleep 6
m_version=$(cat /www/server/mysql/version.pl)
if echo "$m_version" | grep -E "(5\.1\.|5\.5\.|5\.6\.|10\.0\.|10\.1\.)" >/dev/null; then
mysql -uroot -e "UPDATE mysql.user SET password=PASSWORD('${pwd}') WHERE user='root';"
elif echo "$m_version" | grep -E "(10\.4\.|10\.5\.|10\.6\.|10\.7\.|10\.11\.|11\.3\.|11\.4\.)" >/dev/null; then
mysql -uroot -e "
FLUSH PRIVILEGES;
ALTER USER 'root'@'localhost' IDENTIFIED BY '${pwd}';
ALTER USER 'root'@'127.0.0.1' IDENTIFIED BY '${pwd}';
FLUSH PRIVILEGES;
"
elif echo "$m_version" | grep -E "(5\.7\.|8\.[0-9]+\..*|9\.[0-9]+\..*)" >/dev/null; then
mysql -uroot -e "
FLUSH PRIVILEGES;
update mysql.user set authentication_string='' where user='root' and (host='127.0.0.1' or host='localhost');
ALTER USER 'root'@'localhost' IDENTIFIED BY '${pwd}';
ALTER USER 'root'@'127.0.0.1' IDENTIFIED BY '${pwd}';
FLUSH PRIVILEGES;
"
else
mysql -uroot -e "UPDATE mysql.user SET authentication_string=PASSWORD('${pwd}') WHERE user='root';"
fi
mysql -uroot -e "FLUSH PRIVILEGES";
pkill -9 mysqld_safe
pkill -9 mysqld
sleep 2
/etc/init.d/mysqld start
echo '==========================================='
echo "The root password set ${pwd} successuful"'''
public.writeFile('mysql_root.sh',root_mysql)
os.system("/bin/bash mysql_root.sh " + password)
os.system("rm -f mysql_root.sh")
result = public.M('config').where('id=?', (1,)).setField('mysql_root', password)
print(result)
#设置面板密码
def set_panel_pwd(password,ncli = False):
password = password.strip()
re_list = re.findall(r"[^\w\d,.]+", password)
if re_list:
print("|-Error: password cannot contain special characters: {}".format(" ".join(re_list)))
return
import db
sql = db.Sql()
result = sql.table('users').where('id=?',(1,)).setField('password',public.password_salt(public.md5(password),uid=1))
username = sql.table('users').where('id=?',(1,)).getField('username')
if ncli:
print("|-%s: " % public.GetMsg("USER_NAME") + username)
print("|-%s: " % public.GetMsg("NEW_PASS") + password)
else:
print(username)
#设置数据库目录
def set_mysql_dir(path):
mysql_dir = r'''#!/bin/bash
PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin:~/bin
export PATH
oldDir=`cat /etc/my.cnf |grep 'datadir'|awk '{print $3}'`
newDir=$1
mkdir $newDir
if [ ! -d "${newDir}" ];then
echo 'The specified storage path does not exist!'
exit
fi
echo "Stopping MySQL service..."
/etc/init.d/mysqld stop
echo "Copying files, please wait..."
\cp -r -a $oldDir/* $newDir
chown -R mysql.mysql $newDir
sed -i "s#$oldDir#$newDir#" /etc/my.cnf
echo "Starting MySQL service..."
/etc/init.d/mysqld start
echo ''
echo 'Successful'
echo '---------------------------------------------------------------------'
echo "Has changed the MySQL storage directory to: $newDir"
echo '---------------------------------------------------------------------'
'''
public.writeFile('mysql_dir.sh',mysql_dir)
os.system("/bin/bash mysql_dir.sh " + path)
os.system("rm -f mysql_dir.sh")
#封装
def PackagePanel():
print('========================================================')
print('|-'+public.GetMsg("CLEARING_LOG")+'...'),
public.M('logs').where('id!=?',(0,)).delete()
print('\t\t\033[1;32m[done]\033[0m')
print('|-'+public.GetMsg("CLEARING_TASK_HISTORY")+'...'),
public.M('tasks').where('id!=?',(0,)).delete()
print('\t\t\033[1;32m[done]\033[0m')
print('|-'+public.GetMsg("CLEARING_NET_MO")+'...'),
public.M('network').dbfile('system').where('id!=?',(0,)).delete()
print('\t\033[1;32m[done]\033[0m')
print('|-'+public.GetMsg("CLEARING_CPU_MO")+'...'),
public.M('cpuio').dbfile('system').where('id!=?',(0,)).delete()
print('\t\033[1;32m[done]\033[0m')
print('|-'+public.GetMsg("CLEARING_DISK_MO")+'...'),
public.M('diskio').dbfile('system').where('id!=?',(0,)).delete()
print('\t\033[1;32m[done]\033[0m')
print('|-'+public.GetMsg("CLEARING_IP")+'...'),
os.system('rm -f /www/server/panel/data/iplist.txt')
os.system('rm -f /www/server/panel/data/address.pl')
os.system('rm -f /www/server/panel/data/*.login')
os.system('rm -f /www/server/panel/data/domain.conf')
os.system('rm -f /www/server/panel/data/user*')
os.system('rm -f /www/server/panel/data/admin_path.pl')
os.system('rm -f /root/.ssh/*')
print('\t\033[1;32m[done]\033[0m')
print('|-'+public.GetMsg("CLEARING_SYS_HISTORY")+'...'),
command = '''cat /dev/null > /var/log/boot.log
cat /dev/null > /var/log/btmp
cat /dev/null > /var/log/cron
cat /dev/null > /var/log/dmesg
cat /dev/null > /var/log/firewalld
cat /dev/null > /var/log/grubby
cat /dev/null > /var/log/lastlog
cat /dev/null > /var/log/mail.info
cat /dev/null > /var/log/maillog
cat /dev/null > /var/log/messages
cat /dev/null > /var/log/secure
cat /dev/null > /var/log/spooler
cat /dev/null > /var/log/syslog
cat /dev/null > /var/log/tallylog
cat /dev/null > /var/log/wpa_supplicant.log
cat /dev/null > /var/log/wtmp
cat /dev/null > /var/log/yum.log
history -c
'''
os.system(command)
print('\t\033[1;32m[done]\033[0m')
print("|-Please select user initialization method:")
print("="*50)
print(" (1) Display the initialization page when accessing the panel page")
print(" (2) A new account password is automatically generated randomly when first started")
print("="*50)
p_input = input("Please select the initialization method (default: 1):")
print(p_input)
if p_input in [2,'2']:
public.writeFile('/www/server/panel/aliyun.pl',"True")
s_file = '/www/server/panel/install.pl'
if os.path.exists(s_file): os.remove(s_file)
public.M('config').where("id=?",('1',)).setField('status',1)
else:
public.writeFile('/www/server/panel/install.pl',"True")
public.M('config').where("id=?",('1',)).setField('status',0)
port = public.readFile('data/port.pl').strip()
print('========================================================')
print('\033[1;32m|-The panel packaging is successful, please do not log in to the panel to do any other operations!\033[0m')
if not p_input in [2,'2']:
print('\033[1;41m|-Panel initialization address:http://{SERVERIP}:'+port+'/install\033[0m')
else:
print('\033[1;41m|-Get the initial account password command:bt default \033[0m')
#清空正在执行的任务
def CloseTask():
ncount = public.M('tasks').where('status!=?',(1,)).delete()
os.system("kill `ps -ef |grep 'python panelSafe.pyc'|grep -v grep|grep -v panelExec|awk '{print $2}'`")
os.system("kill `ps -ef |grep 'install_soft.sh'|grep -v grep|grep -v panelExec|awk '{print $2}'`")
os.system('/etc/init.d/bt restart')
print(public.GetMsg("CLEAR_TASK",(int(ncount),)))
def get_ipaddress():
'''
@name 获取本机IP地址
@author hwliang<2020-11-24>
@return list
'''
ipa_tmp = public.ExecShell("ip a |grep inet|grep -v inet6|grep -v 127.0.0.1|awk '{print $2}'|sed 's#/[0-9]*##g'")[0].strip()
iplist = ipa_tmp.split('\n')
return iplist
def get_host_all():
local_ip = ['127.0.0.1','::1','localhost']
ip_list = []
bind_ip = get_ipaddress()
for ip in bind_ip:
ip = ip.strip()
if ip in local_ip: continue
if ip in ip_list: continue
ip_list.append(ip)
if public.is_self_hosted():
try:
net_ip = public.GetLocalIp().strip()
except:
net_ip = ''
if net_ip and net_ip not in ip_list:
ip_list.append(net_ip)
else:
net_ip = public.httpGet("https://ifconfig.me/ip")
if net_ip:
net_ip = net_ip.strip()
if not net_ip in ip_list:
ip_list.append(net_ip)
if len(ip_list) > 1:
ip_list = [ip_list[-1],ip_list[0]]
return ip_list
#自签证书
def CreateSSL():
import base64
if public.is_self_hosted():
if os.path.exists('ssl/input.pl'):
print('1')
return True
import OpenSSL
key = OpenSSL.crypto.PKey()
key.generate_key(OpenSSL.crypto.TYPE_RSA, 2048)
cert = OpenSSL.crypto.X509()
cert.set_serial_number(0)
cert.get_subject().CN = public.GetLocalIp()
cert.set_issuer(cert.get_subject())
cert.gmtime_adj_notBefore(0)
cert.gmtime_adj_notAfter(86400 * 3650)
cert.set_pubkey(key)
cert.sign(key, 'md5')
cert_ca = OpenSSL.crypto.dump_certificate(OpenSSL.crypto.FILETYPE_PEM, cert)
private_key = OpenSSL.crypto.dump_privatekey(OpenSSL.crypto.FILETYPE_PEM, key)
if len(cert_ca) > 100 and len(private_key) > 100:
public.writeFile('ssl/certificate.pem', cert_ca, 'wb+')
public.writeFile('ssl/privateKey.pem', private_key, 'wb+')
public.writeFile('data/ssl.pl', 'True')
public.ExecShell("/etc/init.d/bt reload")
print('1')
return True
print('0')
return False
userInfo = public.get_user_info()
if not userInfo:
userInfo['uid'] = 0
userInfo['access_key'] = 'B' * 32
if 'access_key' not in userInfo or not userInfo['access_key']:
userInfo['access_key'] = 'B' * 32
domains = get_host_all()
pdata = {
"action":"get_domain_cert",
"company":"yakpanel.com",
"domain":','.join(domains),
"uid":userInfo['uid'],
"access_key":userInfo['access_key'],
"panel":1
}
cert_api = 'https://api.yakpanel.com/yakpanel_cert'
result = json.loads(public.httpPost(cert_api,{'data': json.dumps(pdata)}))
if 'status' in result:
if result['status']:
public.writeFile('ssl/certificate.pem',result['cert'])
public.writeFile('ssl/privateKey.pem',result['key'])
for _rpfx in ('ssl/yakpanel_root.pfx', 'ssl/baota_root.pfx'):
if os.path.exists(_rpfx):
os.remove(_rpfx)
public.writeFile('ssl/yakpanel_root.pfx',base64.b64decode(result['pfx']),'wb+')
public.writeFile('ssl/root_password.pl',result['password'])
public.writeFile('data/ssl.pl','True')
public.ExecShell("/etc/init.d/bt reload")
print('1')
return True
print('0')
return False
#创建文件
def CreateFiles(path,num):
if not os.path.exists(path): os.system('mkdir -p ' + path)
import time
for i in range(num):
filename = path + '/' + str(time.time()) + '__' + str(i)
open(path,'w+').close()
#计算文件数量
def GetFilesCount(path):
i=0
for name in os.listdir(path): i += 1
return i
#清理系统垃圾
def ClearSystem():
count = total = 0
tmp_total,tmp_count = ClearMail()
count += tmp_count
total += tmp_total
print('=======================================================================')
tmp_total,tmp_count = ClearSession()
count += tmp_count
total += tmp_total
print('=======================================================================')
tmp_total,tmp_count = ClearOther()
count += tmp_count
total += tmp_total
print('=======================================================================')
print('\033[1;32m|-'+public.GetMsg("CLEAR_RUBBISH",(str(count),ToSize(total)))+'\033[0m')
#清理邮件日志
def ClearMail():
rpath = '/var/spool'
total = count = 0
import shutil
con = ['cron','anacron','mail']
for d in os.listdir(rpath):
if d in con: continue
dpath = rpath + '/' + d
print('|-Cleaning up' + dpath + ' ...')
time.sleep(0.2)
num = size = 0
for n in os.listdir(dpath):
filename = dpath + '/' + n
fsize = os.path.getsize(filename)
print('|---['+ToSize(fsize)+'] del ' + filename),
size += fsize
if os.path.isdir(filename):
shutil.rmtree(filename)
else:
os.remove(filename)
print('\t\033[1;32m[OK]\033[0m')
num += 1
print(public.GetMsg("CLEAR_RUBBISH1",(dpath,str(num),ToSize(size))))
total += size;
count += num;
print('=======================================================================')
print(public.GetMsg('CLEAR_RUBBISH2',(str(count),ToSize(total))))
return total,count
#清理php_session文件
def ClearSession():
spath = '/tmp'
total = count = 0
import shutil
print(public.GetMsg("CLEAR_PHP_SESSION"))
for d in os.listdir(spath):
if d.find('sess_') == -1: continue
filename = spath + '/' + d
fsize = os.path.getsize(filename)
print('|---['+ToSize(fsize)+'] del ' + filename),
total += fsize
if os.path.isdir(filename):
shutil.rmtree(filename)
else:
os.remove(filename)
print('\t\033[1;32m[OK]\033[0m')
count += 1;
print(public.GetMsg("CLEAR_PHP_SESSION1",(str(count),ToSize(total))))
return total,count
#清空回收站
def ClearRecycle_Bin():
import files
f = files.files();
f.Close_Recycle_bin(None);
#清理其它
def ClearOther():
clearPath = [
{'path':'/www/server/panel','find':'testDisk_'},
{'path':'/www/wwwlogs','find':'log'},
{'path':'/tmp','find':'panelBoot.pl'},
{'path':'/www/server/panel/install','find':'.rpm'},
{'path':'/www/server/panel/install','find':'.zip'},
{'path':'/www/server/panel/install','find':'.gz'}
]
total = count = 0
print(public.GetMsg("CLEAR_RUBBISH3"))
for c in clearPath:
for d in os.listdir(c['path']):
if d.find(c['find']) == -1: continue
filename = c['path'] + '/' + d
if os.path.isdir(filename): continue
fsize = os.path.getsize(filename)
print('|---['+ToSize(fsize)+'] del ' + filename),
total += fsize
os.remove(filename)
print('\t\033[1;32m[OK]\033[0m')
count += 1
public.serviceReload()
os.system('sleep 1 && /etc/init.d/bt reload > /dev/null &')
print(public.GetMsg("CLEAR_RUBBISH4",(str(count),ToSize(total))))
return total,count
#关闭普通日志
def CloseLogs():
try:
paths = ['/usr/lib/python2.7/site-packages/web/httpserver.py','/usr/lib/python2.6/site-packages/web/httpserver.py']
for path in paths:
if not os.path.exists(path): continue
hsc = public.readFile(path)
if hsc.find('500 Internal Server Error') != -1: continue
rstr = '''def log(self, status, environ):
if status != '500 Internal Server Error': return;'''
hsc = hsc.replace("def log(self, status, environ):",rstr)
if hsc.find('500 Internal Server Error') == -1: return False
public.writeFile(path,hsc)
except:pass
#字节单位转换
def ToSize(size):
ds = ['b','KB','MB','GB','TB']
for d in ds:
if size < 1024: return str(size)+d
size = size / 1024
return '0b'
#随机面板用户名
def set_panel_username(username = None):
import db
sql = db.Sql()
if username:
re_list = re.findall(r"[^\w\d,.]+", username)
if re_list:
print("|-Error: username cannot contain special characters: {}".format(" ".join(re_list)))
return
if len(username) < 3:
print(public.GetMsg("USER_NAME_LEN_ERR"))
return;
if username in ['admin','root']:
print(public.GetMsg("EASY_NAME"))
return;
sql.table('users').where('id=?',(1,)).setField('username',username)
print(public.GetMsg("NEW_NAME",(username,)))
return;
try:
count = 0
while count <= 5:
count += 1
username = sql.table('users').where('id=?',(1,)).getField('username')
if username == 'admin':
username = public.GetRandomString(8).lower()
sql.table('users').where('id=?',(1,)).setField('username',username)
current_username = sql.table('users').where('id=?',(1,)).getField('username')
if current_username in ['admin', None]:
time.sleep(1)
continue
else:
break
except Exception as e:
public.print_log("set_panel_username error: {}".format(str(e)))
print('username: ' + username)
#设定idc
def setup_idc():
try:
if public.is_self_hosted():
return False
panelPath = '/www/server/panel'
filename = panelPath + '/data/o.pl'
if not os.path.exists(filename): return False
o = public.readFile(filename).strip()
c_url = 'https://wafapi2.yakpanel.com/api/idc/get_idc_info_bycode?o=%s' % o
idcInfo = json.loads(public.httpGet(c_url))
if not idcInfo['status']: return False
pFile = panelPath + '/config/config.json'
pInfo = json.loads(public.readFile(pFile))
pInfo['brand'] = idcInfo['msg']['name']
pInfo['product'] = public.GetMsg("WITH_BT_CUSTOM_EDITION")
public.writeFile(pFile,json.dumps(pInfo))
tFile = panelPath + '/data/title.pl'
titleNew = (pInfo['brand'] + public.GetMsg("PANEL")).encode('utf-8')
if os.path.exists(tFile):
title = public.GetConfigValue('title')
if title == 'YakPanel' or title == '':
public.writeFile(tFile,titleNew)
public.SetConfigValue('title',titleNew)
else:
public.writeFile(tFile,titleNew)
public.SetConfigValue('title',titleNew)
return True
except:pass
#将插件升级到6.0
def update_to6():
print("====================================================")
print(public.GetMsg("PLUG_UPDATEING"))
print("====================================================")
download_address = public.get_url()
exlodes = ['gitlab','pm2','mongodb','deployment_jd','logs','docker','beta','btyw']
for pname in os.listdir('plugin/'):
if not os.path.isdir('plugin/' + pname): continue
if pname in exlodes: continue
print("|-upgrading [ %s ]..." % pname),
download_url = download_address + '/install/plugin/' + pname + '/install.sh'
to_file = '/tmp/%s.sh' % pname
public.downloadFile(download_url,to_file)
os.system('/bin/bash ' + to_file + ' install &> /tmp/plugin_update.log 2>&1')
print(" \033[32m[success]\033[0m")
print("====================================================")
print("\033[32m"+public.GetMsg("PLUG_UPDATE_TO_6")+"\033[0m")
print("====================================================")
#命令行菜单
def bt_cli(u_input = 0):
raw_tip = "==============================================="
if not u_input:
print("==============="+public.GetMsg("PANEL_SHELL")+"==================")
print("(1) %s (8) %s" % (public.GetMsg("RESTART_PANEL"),public.GetMsg("CHANGE_PANEL_PORT")))
print("(2) %s (9) %s"% (public.GetMsg("STOP_PANEL"),public.GetMsg("CLEAR_PANEL_CACHE")))
print("(3) %s (10) %s"% (public.GetMsg("START_PANEL"),public.GetMsg("CLEAR_PANEL_LIMIT")))
print("(4) %s (11) Turn on/off IP + User-Agent Authenticator "% (public.GetMsg("RELOAD_PANEL")))
print("(5) %s (12) %s"% (public.GetMsg("CHANGE_PANEL_PASS"),public.GetMsg("CANCEL_DOMAIN_BIND")))
print("(6) %s (13) %s"% (public.GetMsg("CHANGE_PANEL_USER"),public.GetMsg("CANCEL_IP_LIMIT")))
print("(7) %s (14) %s"% (public.GetMsg("CHANGE_MYSQL_PASS_FORCE"),public.GetMsg("GET_PANEL_DEFAULT_MSG")))
print("(22) %s (15) %s"% ("Display panel error log",public.GetMsg("CLEAR_SYS_RUBBISH")))
print("(23) %s (16) %s"% ("Turn off BasicAuth Authenticator","Repair panel (check for errors and update panel files to the latest version)"))
print("(24) Turn off Google Authenticator (17) Set log cutting on/off compression")
print("(25) Save copy when modify file in panel (18) Set whether to back up the panel automatically")
# if not os.path.exists('/www/server/panel/data/panel_pro.pl'):
# print(" (19) Update to yakpanel pro version")
print("(26) Keep/Remove local backup when backing up to cloud storage")
print("(27) Turn on/off panel SSL (28) Modify panel security entrance")
print("(33) lift the explosion-proof limit on the panel")
print("(0) Cancel")
print(raw_tip)
try:
u_input = input(public.GetMsg("INPUT_CMD_NUM"))
if sys.version_info[0] == 3: u_input = int(u_input)
except: u_input = 0
try:
if u_input in ['log','logs','error','err','tail','debug','info']:
os.system("tail -f {}".format(public.get_panel_log_file()))
return
if u_input[:6] in ['install','update']:
print("Tip: Example of command parameter transfer (compile and install php7.4):bt install/0/php/7.4")
print(sys.argv)
install_args = u_input.split('/')
if len(install_args) < 2:
try:
install_input = input("Please select the installation method (0 compile install, 1 speed install, default: 1):")
install_input = int(install_input)
except:
install_input = 1
else:
install_input = int(install_args[1])
print(raw_tip)
soft_list = 'nginx apache php mysql memcached redis pure-ftpd phpmyadmin pm2 docker openlitespeed mongodb'
soft_list_arr = soft_list.split(' ')
if len(install_args) < 3:
install_soft = ''
while not install_soft:
print("Supported software:{}".format(soft_list))
print(raw_tip)
install_soft = input("Please enter the name of the software to be installed (eg: nginx)")
if install_soft not in soft_list_arr:
print("Software that does not support command line installation")
install_soft = ''
else:
install_soft = install_args[2]
print(raw_tip)
if len(install_args) < 4:
install_version = ''
while not install_version:
print(raw_tip)
install_version = input("Please enter the version number to be installed (for example: 1.18):")
else:
install_version = install_args[3]
print(raw_tip)
os.system("bash /www/server/panel/install/install_soft.sh {} {} {} {}".format(install_input,install_args[0],install_soft,install_version))
exit()
print("Unsupported command")
exit()
except: pass
nums = [1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,22,23,24,25,26,27,28,33]
if not u_input in nums:
print(raw_tip)
print(public.GetMsg("CANCELLED"))
exit()
print(raw_tip)
print(public.GetMsg("EXECUTING",(u_input,)))
print(raw_tip)
# 开启或者关闭面板SSL
if u_input == 27:
ssl_file = '/www/server/panel/data/ssl.pl'
if os.path.exists(ssl_file):
os.remove(ssl_file)
os.system("/etc/init.d/bt reload")
os.system("/etc/init.d/bt default")
print("Please use http access panel, If cannot login, please change the browser or use the incognito mode of browser access")
else:
certificate_file="/www/server/panel/ssl/certificate.pem"
privateKey_file="/www/server/panel/ssl/privateKey.pem"
if os.path.exists(certificate_file) and os.path.exists(privateKey_file):
public.writeFile(ssl_file, 'True')
os.system("/etc/init.d/bt reload")
os.system("/etc/init.d/bt default")
print("If cannot login, please change the browser or use the incognito mode of browser access")
elif not os.path.exists(certificate_file):
try:
if not os.path.exists("/www/server/panel/ssl/"):
os.makedirs("/www/server/panel/ssl/")
CreateSSL()
os.system("/etc/init.d/bt default")
print("If cannot login, please change the browser or use the incognito mode of browser access")
except:
print("Failed turn on panel ssl, Please use http access panel")
# 修改安全入口
if u_input == 28:
admin_path = input('Please enter new security entrance:')
msg = ''
from YakPanel import admin_path_checks
if len(admin_path) < 6: msg = 'The security entrance address length cannot be less than 6 digits!'
if admin_path in admin_path_checks: msg = 'This entrance is already occupied by the panel, please use another entrance!'
if not public.path_safe_check(admin_path) or admin_path[-1] == '.': msg = 'The entrance address format is incorrect, example: /my_panel'
if admin_path[0] != '/': msg = 'The entrance address format is incorrect, ex: /my_panel'
admin_path_file = 'data/admin_path.pl'
admin_path1 = '/'
if os.path.exists(admin_path_file): admin_path1 = public.readFile(admin_path_file).strip()
if msg != '':
print('setting error:{}'.format(msg))
return
public.writeFile(admin_path_file, admin_path)
public.restart_panel()
print('Security entrance set successfully{}'.format(admin_path))
if u_input == 1:
os.system("/etc/init.d/bt restart")
elif u_input == 2:
os.system("/etc/init.d/bt stop")
elif u_input == 3:
os.system("/etc/init.d/bt start")
elif u_input == 4:
os.system("/etc/init.d/bt reload")
elif u_input == 5:
if sys.version_info[0] == 2:
input_pwd = raw_input(public.GetMsg("INPUT_NEW_PASS"))
else:
input_pwd = input(public.GetMsg("INPUT_NEW_PASS"))
set_panel_pwd(input_pwd.strip(),True)
elif u_input == 6:
if sys.version_info[0] == 2:
input_user = raw_input(public.GetMsg("INPUT_NEW_USER"))
else:
input_user = input(public.GetMsg("INPUT_NEW_USER"))
set_panel_username(input_user.strip())
elif u_input == 7:
if sys.version_info[0] == 2:
input_mysql = raw_input(public.GetMsg("INPUT_NEW_MYSQL_PASS"))
else:
input_mysql = input(public.GetMsg("INPUT_NEW_MYSQL_PASS"))
if not input_mysql:
print(public.GetMsg("PASS_NOT_EMPTY"))
return;
if len(input_mysql) < 8:
print(public.GetMsg("PASS_LEN_ERR"))
return;
import re
rep = r"^[\w@\._]+$"
if not re.match(rep, input_mysql):
print(public.GetMsg("PASS_SPECIAL_CHARACTRES_ERR"))
return;
print(input_mysql)
set_mysql_root(input_mysql.strip())
elif u_input == 8:
input_port = input(public.GetMsg("INPUT_NEW_PANEL_PORT"))
if sys.version_info[0] == 3: input_port = int(input_port)
if not input_port:
print(public.GetMsg("INPUT_PANEL_PORT_ERR"))
return;
if input_port in [80,443,21,20,22]:
print(public.GetMsg("CANT_USE_USUALLY_PORT_ERR"))
return;
old_port = int(public.readFile('data/port.pl'))
if old_port == input_port:
print(public.GetMsg("NEW_PORT_SAMEAS_OLD"))
return;
is_exists = public.ExecShell("lsof -i:%s|grep LISTEN|grep -v grep" % input_port)
if len(is_exists[0]) > 5:
print(public.GetMsg("PORT_ALREADY_IN_USE"))
return;
public.writeFile('data/port.pl',str(input_port))
if os.path.exists("/usr/bin/firewall-cmd"):
os.system("firewall-cmd --permanent --zone=public --add-port=%s/tcp" % input_port)
os.system("firewall-cmd --reload")
elif os.path.exists("/etc/sysconfig/iptables"):
os.system("iptables -I INPUT -p tcp -m state --state NEW -m tcp --dport %s -j ACCEPT" % input_port)
os.system("service iptables save")
else:
os.system("ufw allow %s" % input_port)
os.system("ufw reload")
os.system("/etc/init.d/bt reload")
print(public.GetMsg("CHANGE_PORT_SUCCESS",(input_port,)))
print(public.GetMsg("CLOUD_RELEASE_PORT",(input_port,)))
elif u_input == 9:
sess_file = '/www/server/panel/data/session'
if os.path.exists(sess_file):
os.system("rm -f {}/*".format(sess_file))
os.system("/etc/init.d/bt reload")
elif u_input == 10:
os.system("/etc/init.d/bt reload")
elif u_input == 11:
# auth_file = 'data/admin_path.pl'
# if os.path.exists(auth_file): os.remove(auth_file)
# os.system("/etc/init.d/bt reload")
# print(public.GetMsg("CHANGE_LIMITED_CANCEL"))
not_tip = '{}/data/not_check_ip.pl'.format(public.get_panel_path())
if os.path.exists(not_tip):
os.remove(not_tip)
print("|-Turned on IP + User-Agent Authenticator")
print("|-This feature can effectively prevent [replay attacks]")
else:
public.writeFile(not_tip, 'True')
print("|-Turned off IP + User-Agent Authenticator")
print("|-Note: Turned off this function has the risk of being [replay attack]")
elif u_input == 12:
auth_file = 'data/domain.conf'
if os.path.exists(auth_file): os.remove(auth_file)
os.system("/etc/init.d/bt reload")
print(public.GetMsg("CHANGE_DOMAIN_CANCEL"))
elif u_input == 13:
auth_file = 'data/limitip.conf'
if os.path.exists(auth_file): os.remove(auth_file)
os.system("/etc/init.d/bt reload")
print(public.GetMsg("CHANGE_IP_CANCEL"))
elif u_input == 14:
os.system("/etc/init.d/bt default")
elif u_input == 15:
ClearSystem()
elif u_input == 16:
pro_path = '/www/server/panel/data/panel_pro.pl'
base = public.OfficialDownloadBase().rstrip('/')
if public.is_self_hosted():
print("|-Self-hosted mode: run update scripts from the panel install/ directory or switch self_hosted off.")
elif os.path.exists(pro_path):
print("|-Updating yakpanel version to pro version...")
os.system("curl -k {}/install/update_pro_en.sh|bash".format(base))
else:
# os.system("/www/server/panel/pyenv/bin/pip install cachelib")
only_update_pyenv312 = '/tmp/only_update_pyenv312.pl'
if os.path.exists(only_update_pyenv312): os.remove(only_update_pyenv312)
os.system("curl -k {}/install/update_7.x_en.sh|bash".format(base))
elif u_input == 17:
l_path = '/www/server/panel/data/log_not_gzip.pl'
if os.path.exists(l_path):
print("|-Detected that gzip compression is turned off and is being turned on...")
os.remove(l_path)
print("|-Gzip compression is turned on")
else:
print("|-Detected that gzip compression is turned on, closing ...")
public.writeFile(l_path,'True')
print("|-Gzip compression turned off")
elif u_input == 18:
l_path = '/www/server/panel/data/not_auto_backup.pl'
if os.path.exists(l_path):
print("|-Detected that the panel auto backup function is turned off and is being turned on...")
os.remove(l_path)
print("|-Panel auto backup function is turned on")
else:
print("|-Detected that the panel automatic backup function is turned on and is closing...")
public.writeFile(l_path,'True')
print("|-Panel auto-backup function turned off")
elif u_input == 19:
if os.path.exists('/tmp/update_to7.pl'):os.remove('/tmp/update_to7.pl')
print("|-Updating yakpanel version to pro version...")
if public.is_self_hosted():
print("|-Self-hosted mode: run update_pro_en.sh from local panel install/ path or disable self_hosted in config.")
else:
os.system("curl -k {}/install/update_pro_en.sh|bash".format(public.OfficialDownloadBase().rstrip('/')))
elif u_input == 22:
os.system('tail -100 /www/server/panel/logs/error.log')
elif u_input == 23:
filename = '/www/server/panel/config/basic_auth.json'
if os.path.exists(filename): os.remove(filename)
os.system('bt reload')
print("|-BasicAuth authentication has been turned off")
elif u_input == 24:
filename = '/www/server/panel/data/two_step_auth.txt'
if os.path.exists(filename): os.remove(filename)
print("|-Google authentication turned off")
elif u_input == 25:
l_path = '/www/server/panel/data/not_file_history.pl'
if os.path.exists(l_path):
print("|-Detected that the file copy function is turned off and is being turned on...")
os.remove(l_path)
print("|-Document copy function turned on")
else:
print("|-Detected that the file copy function is turned on and is closing...")
public.writeFile(l_path,'True')
print("|-File copy function turned off")
elif u_input == 26:
keep_local = "/www/server/panel/data/is_save_local_backup.pl"
if os.path.exists(keep_local):
print("|-The local file retention setting is turned off")
os.remove(keep_local)
else:
print("|-The local file retention setting is turned on")
os.mknod(keep_local)
elif u_input== 33:
_config_file='/www/server/panel/data/breaking_through.json'
_config={"based_on_username":{"limit":5,"count":8,"type":0,"limit_root":False},"based_on_ip":{"limit":5,"count":8,"command":"","ipset_filter":True},"history_limit":60,"history_start":0,'global_status':True,'username_status':False,'ip_status':True}
if os.path.exists(_config_file):
try:
tmp_config = public.readFile(_config_file)
_config = json.loads(tmp_config)
except:pass
_config['username_status']=False
public.writeFile(_config_file,json.dumps(_config))
public.ExecShell('rm -f /www/server/panel/data/limit_login.pl')
print("|-Yakpanel explosion-proof has been turned off")
# 旧的插件系统升级到新的插件系统
def upgrade_plugins():
print("====================================================")
print(public.GetMsg("PLUG_UPDATEING"))
print("====================================================")
exlodes = ['gitlab', 'pm2', 'mongodb', 'deployment_jd', 'logs', 'docker', 'beta', 'btyw']
for pname in os.listdir('plugin/'):
if not os.path.isdir('plugin/' + pname): continue
if pname in exlodes: continue
print("|-upgrading [ %s ]..." % pname)
try:
# 查找是否存在主程序SO文件
specified_so_file = 'plugin/{plugin_name}/{plugin_name}_main.cpython-{major}{minor}m-x86_64-linux-gnu.so'.format(plugin_name=pname, major=sys.version_info.major, minor=sys.version_info.minor)
if os.path.isfile(specified_so_file):
# 存在SO文件则将其删除
os.remove(specified_so_file)
so_file = 'plugin/{plugin_name}/{plugin_name}_main.so'.format(plugin_name=pname)
if os.path.isfile(so_file):
# 存在SO文件则将其删除
os.remove(so_file)
# 检查主程序py文件是否为空
main_file = 'plugin/{plugin_name}/{plugin_name}_main.py'.format(plugin_name=pname)
if os.path.isfile(main_file) and os.path.getsize(main_file) < 10:
# 主程序py文件为空时重新下载py文件
public.re_download_main(pname)
print(" \033[32m[success]\033[0m")
except Exception as e:
print(" \033[31m[fail] {}\033[0m".format(str(e)))
upgrade_plugins_exists = '/www/server/panel/data/upgrade_plugins_3.12.pl'
public.writeFile(upgrade_plugins_exists, 'True')
print("====================================================")
print("\033[32m" + public.GetMsg("PLUG_UPDATE_TO_6") + "\033[0m")
print("====================================================")
if __name__ == "__main__":
type = sys.argv[1]
if type == 'root':
set_mysql_root(sys.argv[2])
elif type == 'panel':
set_panel_pwd(sys.argv[2])
elif type == 'username':
set_panel_username()
elif type == 'o':
setup_idc()
elif type == 'mysql_dir':
set_mysql_dir(sys.argv[2])
elif type == 'package':
PackagePanel()
elif type == 'ssl':
CreateSSL()
elif type == 'clear':
ClearSystem()
elif type == 'closelog':
CloseLogs()
elif type == 'update_to6':
update_to6()
elif type == "cli":
clinum = 0
try:
if len(sys.argv) > 2:
clinum = int(sys.argv[2]) if sys.argv[2][:6] not in ['instal','update'] else sys.argv[2]
except:
clinum = sys.argv[2]
bt_cli(clinum)
elif type == "upgrade_plugins":
upgrade_plugins()
else:
print('ERROR: Parameter error')
Reference in New Issue View Git Blame Copy Permalink