feat: support batch SSL configuration for websites (#11339)

Refs #8250

Author: zhengkunwang223

agent/app/api/v2/website.go

@@ -1243,3 +1243,23 @@ func (b *BaseApi) UpdateStreamConfig(c *gin.Context) {
 	}
 	helper.Success(c)
 }
+
+// @Tags Website
+// @Summary Batch set HTTPS for websites
+// @Accept json
+// @Param request body request.BatchWebsiteHttps true "request"
+// @Success 200
+// @Security ApiKeyAuth
+// @Security Timestamp
+// @Router /websites/batch/https [post]
+func (b *BaseApi) BatchSetHttps(c *gin.Context) {
+	var req request.BatchWebsiteHttps
+	if err := helper.CheckBindAndValidate(&req, c); err != nil {
+		return
+	}
+	if err := websiteService.BatchSetHttps(c, req); err != nil {
+		helper.InternalServer(c, err)
+		return
+	}
+	helper.Success(c)
+}

agent/app/dto/request/website.go

@@ -129,6 +129,25 @@ type BatchWebsiteGroup struct {
 	GroupID uint   `json:"groupID" validate:"required"`
 }
 
+type BatchWebsiteHttps struct {
+	IDs                   []uint   `json:"ids" validate:"required"`
+	TaskID                string   `json:"taskID" validate:"required"`
+	WebsiteSSLID          uint     `json:"websiteSSLId"`
+	Type                  string   `json:"type"  validate:"oneof=existed auto manual"`
+	PrivateKey            string   `json:"privateKey"`
+	Certificate           string   `json:"certificate"`
+	PrivateKeyPath        string   `json:"privateKeyPath"`
+	CertificatePath       string   `json:"certificatePath"`
+	ImportType            string   `json:"importType"`
+	HttpConfig            string   `json:"httpConfig"  validate:"oneof=HTTPSOnly HTTPAlso HTTPToHTTPS"`
+	SSLProtocol           []string `json:"SSLProtocol"`
+	Algorithm             string   `json:"algorithm"`
+	Hsts                  bool     `json:"hsts"`
+	HstsIncludeSubDomains bool     `json:"hstsIncludeSubDomains"`
+	HttpsPorts            []int    `json:"httpsPorts"`
+	Http3                 bool     `json:"http3"`
+}
+
 type WebsiteRedirectUpdate struct {
 	WebsiteID uint   `json:"websiteId" validate:"required"`
 	Key       string `json:"key" validate:"required"`

agent/app/service/website.go

@@ -12,7 +12,6 @@ import (
 	"os"
 	"path"
 	"reflect"
-	"sort"
 	"strconv"
 	"strings"
 	"syscall"
@@ -58,9 +57,7 @@ type IWebsiteService interface {
 	UpdateWebsite(req request.WebsiteUpdate) error
 	DeleteWebsite(req request.WebsiteDelete) error
 	GetWebsite(id uint) (response.WebsiteDTO, error)
-	BatchOpWebsite(req request.BatchWebsiteOp) error
 
-	BatchSetGroup(req request.BatchWebsiteGroup) error
 	ChangePHPVersion(req request.WebsitePHPVersionReq) error
 	OperateCrossSiteAccess(req request.CrossSiteAccessOp) error
 	ExecComposer(req request.ExecComposerReq) error
@@ -130,6 +127,10 @@ type IWebsiteService interface {
 	UpdateAuthBasic(req request.NginxAuthUpdate) (err error)
 	GetPathAuthBasics(req request.NginxAuthReq) (res []response.NginxPathAuthRes, err error)
 	UpdatePathAuthBasic(req request.NginxPathAuthUpdate) error
+
+	BatchOpWebsite(req request.BatchWebsiteOp) error
+	BatchSetGroup(req request.BatchWebsiteGroup) error
+	BatchSetHttps(ctx context.Context, req request.BatchWebsiteHttps) error
 }
 
 func NewIWebsiteService() IWebsiteService {
@@ -540,63 +541,6 @@ func (w WebsiteService) OpWebsite(req request.WebsiteOp) error {
 	return websiteRepo.Save(context.Background(), &website)
 }
 
-func (w WebsiteService) BatchSetGroup(req request.BatchWebsiteGroup) error {
-	websites, _ := websiteRepo.List(repo.WithByIDs(req.IDs))
-	for _, web := range websites {
-		web.WebsiteGroupID = req.GroupID
-		if err := websiteRepo.Save(context.Background(), &web); err != nil {
-			return err
-		}
-	}
-	return nil
-}
-
-func (w WebsiteService) BatchOpWebsite(req request.BatchWebsiteOp) error {
-	websites, _ := websiteRepo.List(repo.WithByIDs(req.IDs))
-	opTask, err := task.NewTaskWithOps(i18n.GetMsgByKey("Status"), task.TaskBatch, task.TaskScopeWebsite, req.TaskID, 0)
-	if err != nil {
-		return err
-	}
-	sort.SliceStable(websites, func(i, j int) bool {
-		if websites[i].Type == constant.Subsite && websites[j].Type != constant.Subsite {
-			return true
-		}
-		if websites[i].Type != constant.Subsite && websites[j].Type == constant.Subsite {
-			return false
-		}
-		return false
-	})
-	opWebsiteTask := func(t *task.Task) error {
-		for _, web := range websites {
-			msg := fmt.Sprintf("%s %s", i18n.GetMsgByKey(req.Operate), web.PrimaryDomain)
-			switch req.Operate {
-			case constant.StopWeb, constant.StartWeb:
-				if err := opWebsite(&web, req.Operate); err != nil {
-					t.LogFailedWithErr(msg, err)
-					continue
-				}
-				_ = websiteRepo.Save(context.Background(), &web)
-			case "delete":
-				if err := w.DeleteWebsite(request.WebsiteDelete{
-					ID: web.ID,
-				}); err != nil {
-					t.LogFailedWithErr(msg, err)
-					continue
-				}
-			}
-
-			t.LogSuccess(msg)
-		}
-		return nil
-	}
-	opTask.AddSubTask("", opWebsiteTask, nil)
-
-	go func() {
-		_ = opTask.Execute()
-	}()
-	return nil
-}
-
 func (w WebsiteService) GetWebsiteOptions(req request.WebsiteOptionReq) ([]response.WebsiteOption, error) {
 	var options []repo.DBOption
 	if len(req.Types) > 0 {
@@ -2403,7 +2347,7 @@ func (w WebsiteService) ExecComposer(req request.ExecComposerReq) error {
 }
 
 func (w WebsiteService) UpdateStream(req request.StreamUpdate) error {
-	if req.StreamConfig.StreamPorts == ""{
+	if req.StreamConfig.StreamPorts == "" {
 		return buserr.New("ErrTypePortRange")
 	}
 	website, err := websiteRepo.GetFirst(repo.WithByID(req.WebsiteID))

agent/app/service/website_op.go

@@ -0,0 +1,115 @@
+package service
+
+import (
+	"context"
+	"fmt"
+	"github.com/1Panel-dev/1Panel/agent/app/dto/request"
+	"github.com/1Panel-dev/1Panel/agent/app/repo"
+	"github.com/1Panel-dev/1Panel/agent/app/task"
+	"github.com/1Panel-dev/1Panel/agent/constant"
+	"github.com/1Panel-dev/1Panel/agent/i18n"
+	"sort"
+)
+
+func (w WebsiteService) BatchOpWebsite(req request.BatchWebsiteOp) error {
+	websites, _ := websiteRepo.List(repo.WithByIDs(req.IDs))
+	opTask, err := task.NewTaskWithOps(i18n.GetMsgByKey("Status"), task.TaskBatch, task.TaskScopeWebsite, req.TaskID, 0)
+	if err != nil {
+		return err
+	}
+	sort.SliceStable(websites, func(i, j int) bool {
+		if websites[i].Type == constant.Subsite && websites[j].Type != constant.Subsite {
+			return true
+		}
+		if websites[i].Type != constant.Subsite && websites[j].Type == constant.Subsite {
+			return false
+		}
+		return false
+	})
+	opWebsiteTask := func(t *task.Task) error {
+		for _, web := range websites {
+			msg := fmt.Sprintf("%s %s", i18n.GetMsgByKey(req.Operate), web.PrimaryDomain)
+			switch req.Operate {
+			case constant.StopWeb, constant.StartWeb:
+				if err := opWebsite(&web, req.Operate); err != nil {
+					t.LogFailedWithErr(msg, err)
+					continue
+				}
+				_ = websiteRepo.Save(context.Background(), &web)
+			case "delete":
+				if err := w.DeleteWebsite(request.WebsiteDelete{
+					ID: web.ID,
+				}); err != nil {
+					t.LogFailedWithErr(msg, err)
+					continue
+				}
+			}
+
+			t.LogSuccess(msg)
+		}
+		return nil
+	}
+	opTask.AddSubTask("", opWebsiteTask, nil)
+
+	go func() {
+		_ = opTask.Execute()
+	}()
+	return nil
+}
+
+func (w WebsiteService) BatchSetGroup(req request.BatchWebsiteGroup) error {
+	websites, _ := websiteRepo.List(repo.WithByIDs(req.IDs))
+	for _, web := range websites {
+		web.WebsiteGroupID = req.GroupID
+		if err := websiteRepo.Save(context.Background(), &web); err != nil {
+			return err
+		}
+	}
+	return nil
+}
+
+func (w WebsiteService) BatchSetHttps(ctx context.Context, req request.BatchWebsiteHttps) error {
+	websites, _ := websiteRepo.List(repo.WithByIDs(req.IDs))
+	opTask, err := task.NewTaskWithOps(i18n.GetMsgByKey("SSL"), task.TaskBatch, task.TaskScopeWebsite, req.TaskID, 0)
+	if err != nil {
+		return err
+	}
+	websiteHttpsOp := request.WebsiteHTTPSOp{
+		Enable:                true,
+		WebsiteSSLID:          req.WebsiteSSLID,
+		Type:                  req.Type,
+		PrivateKey:            req.PrivateKey,
+		Certificate:           req.Certificate,
+		PrivateKeyPath:        req.PrivateKeyPath,
+		CertificatePath:       req.CertificatePath,
+		ImportType:            req.ImportType,
+		HttpConfig:            req.HttpConfig,
+		SSLProtocol:           req.SSLProtocol,
+		Algorithm:             req.Algorithm,
+		Hsts:                  req.Hsts,
+		HstsIncludeSubDomains: req.HstsIncludeSubDomains,
+		HttpsPorts:            req.HttpsPorts,
+		Http3:                 req.Http3,
+	}
+	opWebsiteTask := func(t *task.Task) error {
+		for _, web := range websites {
+			if web.Type == constant.Stream {
+				continue
+			}
+			websiteHttpsOp.WebsiteID = web.ID
+			msg := fmt.Sprintf("%s [%s] %s", i18n.GetMsgByKey("Set"), web.PrimaryDomain, i18n.GetMsgByKey("SSL"))
+			if _, err := w.OpWebsiteHTTPS(ctx, websiteHttpsOp); err != nil {
+				t.LogFailedWithErr(msg, err)
+				continue
+			}
+			t.LogSuccess(msg)
+		}
+		return nil
+	}
+
+	opTask.AddSubTask("", opWebsiteTask, nil)
+	go func() {
+		_ = opTask.Execute()
+	}()
+	return nil
+}

agent/constant/website.go

@@ -31,6 +31,7 @@ const (
 
 	StartWeb = "start"
 	StopWeb  = "stop"
+	SetHttps = "setHttps"
 
 	HTTPSOnly   = "HTTPSOnly"
 	HTTPAlso    = "HTTPAlso"

agent/i18n/lang/en.yaml

@@ -154,6 +154,8 @@ unpause: 'Resume'
 remove: 'Delete'
 delete: 'Delete'
 ErrDefaultWebsite: 'Default website has been set, please cancel it before setting!'
+SSL: 'Certificate'
+Set: 'Settings'
 
 #ssl
 ErrSSLCannotDelete: 'The {{ .name }} certificate is being used by a website and cannot be deleted'

agent/i18n/lang/es-ES.yaml

@@ -153,6 +153,8 @@ unpause: 'Reanudar'
 remove: 'Eliminar'
 delete: 'Eliminar'
 ErrDefaultWebsite: 'El sitio web predeterminado ya está configurado, ¡cancélelo antes de configurar!'
+SSL: 'Certificado'
+Set: 'Configuración'
 
 #ssl
 ErrSSLCannotDelete: 'El certificado {{ .name }} está siendo utilizado por un sitio web y no puede eliminarse'

agent/i18n/lang/ja.yaml

@@ -153,6 +153,8 @@ unpause: '再開'
 remove: '削除'
 delete: '削除'
 ErrDefaultWebsite: 'デフォルト Web サイトが既に設定されています。設定する前にキャンセルしてください！'
+SSL: '証明書'
+Set: '設定'
 
 #ssl
 ErrSSLCannotDelete: '{{ .name }} 証明書は Web サイトで使用されているため、削除できません'

agent/i18n/lang/ko.yaml

@@ -154,6 +154,8 @@ unpause: '재개'
 remove: '삭제'
 delete: '삭제'
 ErrDefaultWebsite: '기본 웹사이트가 이미 설정되었습니다. 설정하기 전에 취소하세요!'
+SSL: '인증서'
+Set: '설정'
 
 #SSL인증
 ErrSSLCannotDelete: '{{ .name }} 인증서는 웹사이트에서 사용 중이므로 삭제할 수 없습니다.'

agent/i18n/lang/ms.yaml

@@ -157,6 +157,8 @@ unpause: 'Sambung Semula'
 remove: 'Padam'
 delete: 'Padam'
 ErrDefaultWebsite: 'Laman web lalai telah ditetapkan, sila batalkan sebelum menetapkan!'
+SSL: 'Sijil'
+Set: 'Tetapan'
 
 #ssl
 ErrSSLCannotDelete: 'Sijil {{ .name }} sedang digunakan oleh tapak web dan tidak boleh dipadamkan'