diff --git a/agent/app/dto/request/website.go b/agent/app/dto/request/website.go
index b713dcc2d..b85d53515 100644
--- a/agent/app/dto/request/website.go
+++ b/agent/app/dto/request/website.go
@@ -145,6 +145,7 @@ type WebsiteHTTPSOp struct {
SSLProtocol []string `json:"SSLProtocol"`
Algorithm string `json:"algorithm"`
Hsts bool `json:"hsts"`
+ HttpsPort int `json:"httpsPort"`
}
type WebsiteNginxUpdate struct {
diff --git a/agent/app/dto/response/website.go b/agent/app/dto/response/website.go
index 4aaff56b6..a61a89462 100644
--- a/agent/app/dto/response/website.go
+++ b/agent/app/dto/response/website.go
@@ -59,6 +59,7 @@ type WebsiteHTTPS struct {
SSLProtocol []string `json:"SSLProtocol"`
Algorithm string `json:"algorithm"`
Hsts bool `json:"hsts"`
+ HttpsPort int `json:"httpsPort"`
}
type WebsiteLog struct {
diff --git a/agent/app/model/website.go b/agent/app/model/website.go
index 15748739c..1b49bb2ac 100644
--- a/agent/app/model/website.go
+++ b/agent/app/model/website.go
@@ -28,6 +28,8 @@ type Website struct {
AppInstallID uint `gorm:"type:integer" json:"appInstallId"`
FtpID uint `gorm:"type:integer" json:"ftpId"`
+ HttpsPort int `json:"httpsPort"`
+
User string `gorm:"type:varchar;" json:"user"`
Group string `gorm:"type:varchar;" json:"group"`
diff --git a/agent/app/service/website.go b/agent/app/service/website.go
index 705f8544a..e3bc9fb2e 100644
--- a/agent/app/service/website.go
+++ b/agent/app/service/website.go
@@ -225,6 +225,7 @@ func (w WebsiteService) CreateWebsite(create request.WebsiteCreate) (err error)
return err
}
defaultHttpPort := nginxInstall.HttpPort
+ defaultHttpsPort := nginxInstall.HttpsPort
var (
otherDomains []model.WebsiteDomain
@@ -239,6 +240,9 @@ func (w WebsiteService) CreateWebsite(create request.WebsiteCreate) (err error)
return err
}
domains = append(domains, otherDomains...)
+ if len(domains) == 1 && domains[0].Port != defaultHttpPort {
+ defaultHttpsPort = domains[0].Port
+ }
defaultDate, _ := time.Parse(constant.DateLayout, constant.DefaultDate)
website := &model.Website{
@@ -255,6 +259,7 @@ func (w WebsiteService) CreateWebsite(create request.WebsiteCreate) (err error)
AccessLog: true,
ErrorLog: true,
IPV6: create.IPV6,
+ HttpsPort: defaultHttpsPort,
}
var (
@@ -459,8 +464,9 @@ func (w WebsiteService) CreateWebsite(create request.WebsiteCreate) (err error)
SSLProtocol: []string{"TLSv1.3", "TLSv1.2", "TLSv1.1", "TLSv1"},
Algorithm: "ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:!aNULL:!eNULL:!EXPORT:!DSS:!DES:!RC4:!3DES:!MD5:!PSK:!KRB5:!SRP:!CAMELLIA:!SEED",
Hsts: true,
+ HttpsPort: website.HttpsPort,
}
- if err = applySSL(*website, *websiteModel, appSSLReq); err != nil {
+ if err = applySSL(website, *websiteModel, appSSLReq); err != nil {
return err
}
if err = websiteRepo.Save(context.Background(), website); err != nil {
@@ -863,6 +869,7 @@ func (w WebsiteService) GetWebsiteHTTPS(websiteId uint) (response.WebsiteHTTPS,
return response.WebsiteHTTPS{}, err
}
var res response.WebsiteHTTPS
+ res.HttpsPort = website.HttpsPort
if website.WebsiteSSLID == 0 {
res.Enable = false
return res, nil
@@ -918,9 +925,12 @@ func (w WebsiteService) OpWebsiteHTTPS(ctx context.Context, req request.WebsiteH
if !req.Enable {
website.Protocol = constant.ProtocolHTTP
website.WebsiteSSLID = 0
- _, httpsPort, err := getAppInstallPort(constant.AppOpenresty)
- if err != nil {
- return nil, err
+ httpsPort := website.HttpsPort
+ if httpsPort == 0 {
+ _, httpsPort, err = getAppInstallPort(constant.AppOpenresty)
+ if err != nil {
+ return nil, err
+ }
}
httpsPortStr := strconv.Itoa(httpsPort)
if err := deleteListenAndServerName(website, []string{httpsPortStr, "[::]:" + httpsPortStr}, []string{}); err != nil {
@@ -1025,7 +1035,7 @@ func (w WebsiteService) OpWebsiteHTTPS(ctx context.Context, req request.WebsiteH
}
website.Protocol = constant.ProtocolHTTPS
- if err := applySSL(website, websiteSSL, req); err != nil {
+ if err := applySSL(&website, websiteSSL, req); err != nil {
return nil, err
}
website.HttpConfig = req.HttpConfig
diff --git a/agent/app/service/website_utils.go b/agent/app/service/website_utils.go
index d3732d44b..83bf0c245 100644
--- a/agent/app/service/website_utils.go
+++ b/agent/app/service/website_utils.go
@@ -568,8 +568,8 @@ func createPemFile(website model.Website, websiteSSL model.WebsiteSSL) error {
return nil
}
-func applySSL(website model.Website, websiteSSL model.WebsiteSSL, req request.WebsiteHTTPSOp) error {
- nginxFull, err := getNginxFull(&website)
+func applySSL(website *model.Website, websiteSSL model.WebsiteSSL, req request.WebsiteHTTPSOp) error {
+ nginxFull, err := getNginxFull(website)
if err != nil {
return nil
}
@@ -587,11 +587,15 @@ func applySSL(website model.Website, websiteSSL model.WebsiteSSL, req request.We
server := config.FindServers()[0]
httpPort := strconv.Itoa(nginxFull.Install.HttpPort)
- httpsPort := strconv.Itoa(nginxFull.Install.HttpsPort)
+ httpsPort := nginxFull.Install.HttpsPort
+ if req.HttpsPort > 0 {
+ httpsPort = req.HttpsPort
+ }
+ website.HttpsPort = httpsPort
httpPortIPV6 := "[::]:" + httpPort
- httpsPortIPV6 := "[::]:" + httpsPort
+ httpsPortIPV6 := "[::]:" + strconv.Itoa(httpsPort)
- server.UpdateListen(httpsPort, website.DefaultServer, "ssl", "http2")
+ server.UpdateListen(strconv.Itoa(httpsPort), website.DefaultServer, "ssl", "http2")
if website.IPV6 {
server.UpdateListen(httpsPortIPV6, website.DefaultServer, "ssl", "http2")
}
@@ -626,7 +630,7 @@ func applySSL(website model.Website, websiteSSL model.WebsiteSSL, req request.We
if err := nginx.WriteConfig(config, nginx.IndentedStyle); err != nil {
return err
}
- if err := createPemFile(website, websiteSSL); err != nil {
+ if err := createPemFile(*website, websiteSSL); err != nil {
return err
}
nginxParams := getNginxParamsFromStaticFile(dto.SSL, []dto.NginxParam{})
@@ -651,7 +655,7 @@ func applySSL(website model.Website, websiteSSL model.WebsiteSSL, req request.We
})
}
- if err := updateNginxConfig(constant.NginxScopeServer, nginxParams, &website); err != nil {
+ if err := updateNginxConfig(constant.NginxScopeServer, nginxParams, website); err != nil {
return err
}
return nil
diff --git a/agent/init/migration/migrations/init.go b/agent/init/migration/migrations/init.go
index 79e579d00..bacc40c47 100644
--- a/agent/init/migration/migrations/init.go
+++ b/agent/init/migration/migrations/init.go
@@ -297,7 +297,7 @@ var AddTask = &gormigrate.Migration{
}
var UpdateWebsite = &gormigrate.Migration{
- ID: "20240803-update-website",
+ ID: "20240807-update-website",
Migrate: func(tx *gorm.DB) error {
return tx.AutoMigrate(
&model.Website{})
diff --git a/frontend/src/api/interface/website.ts b/frontend/src/api/interface/website.ts
index 53056653d..b5e902ee0 100644
--- a/frontend/src/api/interface/website.ts
+++ b/frontend/src/api/interface/website.ts
@@ -288,6 +288,7 @@ export namespace Website {
SSLProtocol: string[];
algorithm: string;
hsts: boolean;
+ httpsPort: number;
}
export interface CheckReq {
diff --git a/frontend/src/views/website/website/config/basic/https/index.vue b/frontend/src/views/website/website/config/basic/https/index.vue
index 067022a9f..138771710 100644
--- a/frontend/src/views/website/website/config/basic/https/index.vue
+++ b/frontend/src/views/website/website/config/basic/https/index.vue
@@ -13,10 +13,13 @@
+
+
+
{{ $t('website.ipWebsiteWarn') }}
{{ $t('website.SSLConfig') }}
-
+
@@ -101,7 +104,7 @@
-
+
{{ websiteSSL.primaryDomain }}
@@ -170,7 +173,7 @@ import { GetHTTPSConfig, ListSSL, SearchAcmeAccount, UpdateHTTPSConfig } from '@
import { ElMessageBox, FormInstance } from 'element-plus';
import { computed, onMounted, reactive, ref } from 'vue';
import i18n from '@/lang';
-import { Rules } from '@/global/form-rules';
+import { Rules, checkNumberRange } from '@/global/form-rules';
import { dateFormatSimple, getProvider, getAccountName } from '@/utils/util';
import { MsgSuccess } from '@/utils/message';
import FileList from '@/components/file-list/index.vue';
@@ -201,6 +204,7 @@ const form = reactive({
algorithm:
'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:!aNULL:!eNULL:!EXPORT:!DSS:!DES:!RC4:!3DES:!MD5:!PSK:!KRB5:!SRP:!CAMELLIA:!SEED',
SSLProtocol: ['TLSv1.3', 'TLSv1.2', 'TLSv1.1', 'TLSv1'],
+ httpsPort: 443,
});
const loading = ref(false);
const ssls = ref();
@@ -218,6 +222,7 @@ const rules = ref({
SSLProtocol: [Rules.requiredSelect],
algorithm: [Rules.requiredInput],
acmeAccountID: [Rules.requiredInput],
+ httpsPort: [Rules.requiredInput, checkNumberRange(1, 65535)],
});
const resData = ref();
const sslReq = reactive({
@@ -278,23 +283,27 @@ const get = () => {
GetHTTPSConfig(id.value).then((res) => {
if (res.data) {
form.type = 'existed';
- resData.value = res.data;
- form.enable = res.data.enable;
- if (res.data.httpConfig != '') {
- form.httpConfig = res.data.httpConfig;
+ const data = res.data;
+ resData.value = data;
+ form.enable = data.enable;
+ if (data.httpConfig != '') {
+ form.httpConfig = data.httpConfig;
}
- if (res.data.SSLProtocol && res.data.SSLProtocol.length > 0) {
- form.SSLProtocol = res.data.SSLProtocol;
+ if (data.SSLProtocol && data.SSLProtocol.length > 0) {
+ form.SSLProtocol = data.SSLProtocol;
}
- if (res.data.algorithm != '') {
- form.algorithm = res.data.algorithm;
+ if (data.algorithm != '') {
+ form.algorithm = data.algorithm;
}
- if (res.data.SSL && res.data.SSL.id > 0) {
- form.websiteSSLId = res.data.SSL.id;
- websiteSSL.value = res.data.SSL;
- form.acmeAccountID = res.data.SSL.acmeAccountId;
+ if (data.SSL && data.SSL.id > 0) {
+ form.websiteSSLId = data.SSL.id;
+ websiteSSL.value = data.SSL;
+ form.acmeAccountID = data.SSL.acmeAccountId;
+ }
+ form.hsts = data.hsts;
+ if (data.httpsPort > 0) {
+ form.httpsPort = data.httpsPort;
}
- form.hsts = res.data.hsts;
}
listSSL();
listAcmeAccount();