update v0.7.3 for anylink

anylink/Dockerfile

@@ -1,6 +1,6 @@
 # web
 FROM node:lts-alpine as builder_node
-ENV VERSION 0.7.2
+ENV VERSION 0.7.3
 WORKDIR /web
 COPY ./web /web
 RUN npm install --registry=https://registry.npm.taobao.org \

anylink/README.md

@@ -8,6 +8,7 @@ Docker [stilleshan/anylink](https://hub.docker.com/r/stilleshan/anylink)
 基于 [bjdgyc/anylink](https://github.com/bjdgyc/anylink) 项目的 docker 镜像.
 
 ## 更新
+- **2022-02-16** 更新`0.7.3`版 docker 镜像.
 - **2021-12-31** 更新`0.7.2`版 docker 镜像.
 - **2021-12-29** 更新`0.7.1`版 docker 镜像.
 - **2021-08-26** 更新`0.6.2`版 docker 镜像.
@@ -34,6 +35,9 @@ docker-compose up -d
 ```
 
 ### 配置
+```shell
+https://ip:8800
+```
 关于初始配置,修改密码,网络等更多信息请参考: GitHub [bjdgyc/anylink](https://github.com/bjdgyc/anylink)
 
 
@@ -41,4 +45,3 @@ docker-compose up -d
 - GitHub [bjdgyc/anylink](https://github.com/bjdgyc/anylink)
 - [开源企业级远程办公 VPN 软件 AnyLink 的 docker 部署及使用心得](https://www.ioiox.com/archives/128.html)
 - [群晖NAS高级服务 - docker 部署 AnyLink 企业级远程办公 VPN 服务](https://www.ioiox.com/archives/129.html)
-

anylink/server/admin/server.go

@@ -69,7 +69,7 @@ func StartAdmin() {
 	}
 
 	base.Info("Listen admin", base.Cfg.AdminAddr)
-	err := http.ListenAndServe(base.Cfg.AdminAddr, r)
+	err := http.ListenAndServeTLS(base.Cfg.AdminAddr, base.Cfg.CertFile, base.Cfg.CertKey, r)
 	if err != nil {
 		base.Fatal(err)
 	}

anylink/server/base/app_ver.go

@@ -3,5 +3,5 @@ package base
 const (
 	APP_NAME = "AnyLink"
 	// 修复前端bug
-	APP_VER = "0.7.2"
+	APP_VER = "0.7.3"
 )

anylink/server/conf/server-sample.toml

@@ -7,7 +7,7 @@
 db_type = "sqlite3"
 db_source = "./conf/anylink.db"
 #证书文件 使用跟nginx一样的证书即可
-cert_file = "./conf/vpn_cert.pem"
+cert_file = "./conf/vpn_cert.crt"
 cert_key = "./conf/vpn_cert.key"
 files_path = "./conf/files"
 profile = "./conf/profile.xml"

anylink/server/conf/server.toml

@@ -7,9 +7,10 @@
 db_type = "sqlite3"
 db_source = "./conf/anylink.db"
 #证书文件
-cert_file = "./conf/vpn_cert.pem"
+cert_file = "./conf/vpn_cert.crt"
 cert_key = "./conf/vpn_cert.key"
 files_path = "./conf/files"
+log_level = "debug"
 
 #系统名称
 issuer = "XX公司VPN"

anylink/server/dbdata/db.go

@@ -102,7 +102,23 @@ func addInitData() error {
 		return err
 	}
 
-	return sess.Commit()
+	err = sess.Commit()
+	if err != nil {
+		return err
+	}
+
+	g1 := Group{
+		Name:         "ops",
+		AllowLan:     true,
+		ClientDns:    []ValData{{Val: "114.114.114.114"}},
+		RouteInclude: []ValData{{Val: "10.0.0.0/8"}},
+	}
+	err = SetGroup(&g1)
+	if err != nil {
+		return err
+	}
+
+	return nil
 }
 
 func CheckErrNotFound(err error) bool {

anylink/server/dbdata/group.go

@@ -12,6 +12,7 @@ import (
 const (
 	Allow = "allow"
 	Deny  = "deny"
+	All   = "all"
 )
 
 type GroupLinkAcl struct {
@@ -65,25 +66,10 @@ func SetGroup(g *Group) error {
 	}
 
 	// 判断数据
-	clientDns := []ValData{}
-	for _, v := range g.ClientDns {
-		if v.Val != "" {
-			ip := net.ParseIP(v.Val)
-			if ip.String() != v.Val {
-				return errors.New("DNS IP 错误")
-			}
-			clientDns = append(clientDns, v)
-		}
-	}
-	if len(clientDns) == 0 {
-		return errors.New("必须设置一个DNS")
-	}
-	g.ClientDns = clientDns
-
 	routeInclude := []ValData{}
 	for _, v := range g.RouteInclude {
 		if v.Val != "" {
-			if v.Val == "all" {
+			if v.Val == All {
 				routeInclude = append(routeInclude, v)
 				continue
 			}
@@ -124,6 +110,24 @@ func SetGroup(g *Group) error {
 	}
 	g.LinkAcl = linkAcl
 
+	// DNS 判断
+	clientDns := []ValData{}
+	for _, v := range g.ClientDns {
+		if v.Val != "" {
+			ip := net.ParseIP(v.Val)
+			if ip.String() != v.Val {
+				return errors.New("DNS IP 错误")
+			}
+			clientDns = append(clientDns, v)
+		}
+	}
+	if len(routeInclude) == 0 || (len(routeInclude) == 1 && routeInclude[0].Val == "all") {
+		if len(clientDns) == 0 {
+			return errors.New("默认路由，必须设置一个DNS")
+		}
+	}
+	g.ClientDns = clientDns
+
 	g.UpdatedAt = time.Now()
 	if g.Id > 0 {
 		err = Set(g)

anylink/server/handler/link_tunnel.go

@@ -10,6 +10,7 @@ import (
 	"strings"
 
 	"github.com/bjdgyc/anylink/base"
+	"github.com/bjdgyc/anylink/dbdata"
 	"github.com/bjdgyc/anylink/sessdata"
 )
 
@@ -23,11 +24,11 @@ func init() {
 }
 
 func HttpSetHeader(w http.ResponseWriter, key string, value string) {
-   w.Header()[key] = []string{value}
+	w.Header()[key] = []string{value}
 }
 
 func HttpAddHeader(w http.ResponseWriter, key string, value string) {
-   w.Header()[key] = append(w.Header()[key], value)
+	w.Header()[key] = append(w.Header()[key], value)
 }
 
 func LinkTunnel(w http.ResponseWriter, r *http.Request) {
@@ -95,7 +96,7 @@ func LinkTunnel(w http.ResponseWriter, r *http.Request) {
 	HttpSetHeader(w, "X-CSTP-Address", cSess.IpAddr.String())             // 分配的ip地址
 	HttpSetHeader(w, "X-CSTP-Netmask", sessdata.IpPool.Ipv4Mask.String()) // 子网掩码
 	HttpSetHeader(w, "X-CSTP-Hostname", hn)                               // 机器名称
-	//HttpSetHeader(w, "X-CSTP-Default-Domain", cSess.LocalIp)          
+	//HttpSetHeader(w, "X-CSTP-Default-Domain", cSess.LocalIp)
 	HttpSetHeader(w, "X-CSTP-Base-MTU", cstpBaseMtu)
 
 	// 允许本地LAN访问vpn网络，必须放在路由的第一个
@@ -108,7 +109,7 @@ func LinkTunnel(w http.ResponseWriter, r *http.Request) {
 	}
 	// 允许的路由
 	for _, v := range cSess.Group.RouteInclude {
-		if v.Val == "all" {
+		if v.Val == dbdata.All {
 			continue
 		}
 		HttpAddHeader(w, "X-CSTP-Split-Include", v.IpMask)

anylink/web/src/pages/group/List.vue

@@ -423,6 +423,7 @@ export default {
           if (rdata.code === 0) {
             this.$message.success(rdata.msg);
             this.getData(1);
+            this.user_edit_dialog = false
           } else {
             this.$message.error(rdata.msg);
           }

anylink/web/src/pages/user/List.vue

@@ -388,6 +388,7 @@ export default {
           if (data.code === 0) {
             this.$message.success(data.msg);
             this.getData(1);
+            this.user_edit_dialog = false
           } else {
             this.$message.error(data.msg);
           }