Beta#10
Merged
Merged
Conversation
实现了完整的.env文件交互式配置流程,包括: 1. 新增环境变量配置页面和编辑交互逻辑 2. 自动备份原有.env文件并记录备份名称 3. 支持自动生成Django密钥和Celery配置 4. 在部署结果页展示配置状态和.env备份信息 5. 适配各类数据库、Redis、Celery等场景的配置项
1. 新增`_generate_secret`函数生成带特殊字符的安全密钥 2. 重构环境变量配置系统,新增配置类型分类:bool/secret/text/auto 3. 替换原有的单页配置为分步配置流程,支持不同类型字段的专属编辑交互 4. 为密钥类配置新增自动生成和手动输入两种模式 5. 优化配置预览页面,支持显示自动配置和密钥预览 6. 自动为数据库密码、Bootstrap盐值等缺失的密钥自动生成安全值
本次提交包含多项核心改进: 1. 统一替换硬编码的"提供商"用户组判断为常量PROVIDER_GROUP_NAME 2. 重构Beta推送插件,仅保留PostgreSQL支持并更新相关配置 3. 为插件列表/详情视图添加登录校验,新增测试插件示例 4. 优化审计日志、统计接口的参数校验与查询性能,改用aggregate简化统计逻辑 5. 将云电脑用户操作、开户流程改为异步Celery任务,避免阻塞主线程 6. 重构邀请页面,新增邀请确认流程 7. 优化插件管理器的日志输出,替换print为标准logging 8. 修复InitialToken的令牌校验逻辑,使用F表达式避免竞态条件 9. 更新部署脚本,新增列表类型环境变量配置与数据库迁移校验 10. 重构主机提供商分配页面,新增分组批量分配功能
- 新增: wizard中生成初始化命令(一行命令+备用命令) - 新增: SSE实时监听初始化状态(waiting/cert_uploading/connected) - 新增: upload_host_cert API接收PFX并提取PEM保存 - 新增: InitialToken.host可为null(生成命令时先创建token) - 新增: 证书认证主机test_connection跳过(证书未上传时) - 新增: 证书认证连接使用server_cert_validation=ignore - 修复: auth_method hidden input重复导致永远提交ntlm - 修复: SSE被中间件拦截(添加排除路径) - 修复: 证书认证不再强制要求用户名 - 重构: 快速配置模式不显示证书上传字段 - 重构: SSE等待host_status=online而非仅CONSUMED
- upload_host_cert now auto-creates a pending host if token.host is None - Wizard form adds init_token hidden field to track the token - When saving wizard, if token already has a host, update it instead of creating duplicate - Associates token with host when wizard creates a new host
- Add cert_data JSONField to InitialToken for temporary cert storage - upload_host_cert stores cert on token when host not yet associated - Wizard reads cert_data from token and writes to host on save - Clean up expired orphaned tokens on generate_init_command - No more orphaned Host records from abandoned flows
- SSE now reports cert_uploaded=true when cert data stored on token - Frontend shows '证书上传成功!保存主机后将完成配置' state - Resolves stuck '正在上传证书并测试连接' when host=None
The SSE inner polling loop only checked host_status but not cert_data. When cert was uploaded after SSE entered CONSUMED state, the loop would never detect it because it didn't refresh cert_data from DB.
x-model on nested object (initData.token) inside template x-if may not reliably sync to the hidden input. Explicitly set the value in onSubmit before native form submission.
Previously test_connection silently returned 'pending' when cert files didn't exist, making it impossible to diagnose why connection tests weren't running.
…inding x-model on hidden input inside template x-if with nested object (initData.token) is unreliable for native form submission. Move the input outside the template and use :value binding instead.
…ert tokens Instead of passing init_token through the form (which was unreliable with Alpine x-model), simply look for any InitialToken with cert_data and no host when saving the wizard. This eliminates the complex form binding issue entirely.
…e binding Alpine :value and x-model bindings on hidden inputs are unreliable for native form submission. Now onSubmit dynamically creates/updates the hidden input right before this.$el.submit(), guaranteeing the value is present in POST data.
主要变更: 1. 替换第三方验证码为天爱验证码,移除旧的极验/turnstile相关代码 2. 新增证书配置流程相关的模型、迁移、工具类和API端点 3. 优化WinRM客户端,修复证书认证逻辑与证书校验 4. 添加产品每人限购功能 5. 重构系统配置表单与界面,移除旧验证码配置项 6. 新增自动CA初始化逻辑与定时清理任务 7. 优化主机连接客户端复用逻辑
start_beta_test
调整winrm连接的端口配置,不再使用硬编码的5986端口,改为使用主机配置的实际端口
fix(hosts): use host port instead of fixed 5986 for winrm connection
调整winrm连接的端口配置,不再使用硬编码的5986端口,改为使用主机配置的实际端口
fix(hosts): use host port instead of fixed 5986 for winrm connection
![github-code-quality[bot]](https://avatars.githubusercontent.com/u/9919?s=60&v=4){kind=small}
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
| + datetime.timedelta(days=3650) | ||
| ) | ||
| ca.save() | ||
| except Exception: |
| san_entries.append( | ||
| x509.IPAddress(ipaddress.ip_address(ip_address)) | ||
| ) | ||
| except ValueError: |
| parent_dir = cert_dir.parent | ||
| try: | ||
| parent_dir.rmdir() | ||
| except OSError: |
|
|
||
| try: | ||
| stdscr.move(ry, input_x + min(cursor_offset, input_w - 1)) | ||
| except curses.error: |
| from cryptography.hazmat.primitives.serialization import load_pem_private_key | ||
| from cryptography.hazmat.backends import default_backend | ||
| load_pem_private_key(content, password=None, backend=default_backend()) | ||
| except ImportError: |
| plugin_name = inst.name | ||
| plugin_version = inst.version | ||
| plugin_desc = inst.description | ||
| except Exception: |
| return True | ||
| if 'PLUGIN_INFO' in content: | ||
| return True | ||
| except Exception: |
|
|
||
| try: | ||
| plugin_instance.initialize() | ||
| except Exception: |
| shutil.rmtree(sub_dir, ignore_errors=True) | ||
| try: | ||
| root_dir.rmdir() | ||
| except OSError: |
| host = Host.objects.get(id=host_id) | ||
| if host.auth_method == 'certificate' and host.cert_provision_status in ('pending', 'ready'): | ||
| Host.objects.filter(pk=host.pk).update(cert_provision_status='failed') | ||
| except Host.DoesNotExist: |
Co-authored-by: Copilot Autofix powered by AI <223894421+github-code-quality[bot]@users.noreply.github.com>
Co-authored-by: Copilot Autofix powered by AI <223894421+github-code-quality[bot]@users.noreply.github.com>
Co-authored-by: Copilot Autofix powered by AI <223894421+github-code-quality[bot]@users.noreply.github.com>
Co-authored-by: Copilot Autofix powered by AI <223894421+github-code-quality[bot]@users.noreply.github.com>
Co-authored-by: Copilot Autofix powered by AI <223894421+github-code-quality[bot]@users.noreply.github.com>
Co-authored-by: Copilot Autofix powered by AI <223894421+github-code-quality[bot]@users.noreply.github.com>
Co-authored-by: Copilot Autofix powered by AI <223894421+github-code-quality[bot]@users.noreply.github.com>
Co-authored-by: Copilot Autofix powered by AI <223894421+github-code-quality[bot]@users.noreply.github.com>
Co-authored-by: Copilot Autofix powered by AI <223894421+github-code-quality[bot]@users.noreply.github.com>
Co-authored-by: Copilot Autofix powered by AI <223894421+github-code-quality[bot]@users.noreply.github.com>
… through an exception' Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.