/* eslint-disable prefer-promise-reject-errors */ // eslint-disable-next-line strict const Service = require('egg').Service; const fs = require('fs'); const path = require('path'); const exec = require('child_process').exec; class FileService extends Service { // 上传证书 async upload({ uuid, stream, uri }) { return new Promise((resolve, reject) => { const name = `${uuid}.cer`; const target = path.join(`${uri}${name}`); const remoteFileStream = fs.createWriteStream(target); stream.pipe(remoteFileStream); let errFlag; remoteFileStream.on('error', err => { errFlag = true; remoteFileStream.destroy(); reject(err); }); remoteFileStream.on('finish', async () => { if (errFlag) return; resolve({ errcode: 0, errmsg: '' }); }); }); } // 证书下载 async download({ filePath }) { const target = path.join(filePath); this.ctx.attachment(target); this.ctx.set('Content-Type', 'application/octet-stream'); const msg = fs.createReadStream(target); return msg; } // 解析ca证书 async read({ filePath }) { return new Promise((resolve, reject) => { exec(`openssl x509 -in ${filePath} -noout -text -certopt no_header,no_version,no_extensions,no_sigdump,no_serial`, function(error, stdout) { if (error) { reject(error); } resolve({ errcode: 0, errmsg: '', data: stdout }); }); }); } // 创建key async applykey({ pwatype, uuid }) { return new Promise((resolve, reject) => { const keyname = `${this.app.config.filePath.key}${uuid}.key`; // 创建密钥对 exec(`pki --gen --type ${pwatype} ${pwatype === 'rsa' ? '--size 2048' : ''} --outform pem`, function(error, stdout) { if (error) { reject(error); } fs.writeFile(keyname, stdout, {}, function(err) { if (err) { reject(err); } resolve({ errmsg: '', errcode: 0 }); }); }); }); } async applyreq({ dn, uuid }) { return new Promise((resolve, reject) => { const keyname = `${this.app.config.filePath.key}${uuid}.key`; const reqname = `${this.app.config.filePath.req}${uuid}.pem`; // 创建申请书 exec(`pki --req --type priv --in ${keyname} \ --dn ${dn} \ --outform pem`, function(error, stdout) { if (error) { reject(error); } fs.writeFile(reqname, stdout, {}, function(err) { if (err) { fs.unlink(keyname, function(err) { if (err) { reject(err); } }); reject(err); } resolve({ errmsg: '', errcode: 0 }); }); }); }); } // 文件写入 async write({ filePath, str }) { return new Promise((resolve, reject) => { fs.writeFile(path.resolve(filePath), str, {}, function(err) { if (err) { reject(err); } resolve({ errmsg: '', errcode: 0 }); }); }); } async filewrite({ filePath, stream }) { return new Promise((resolve, reject) => { const target = path.join(filePath); const remoteFileStream = fs.createWriteStream(target); stream.pipe(remoteFileStream); let errFlag; remoteFileStream.on('error', err => { errFlag = true; remoteFileStream.destroy(); reject(err); }); remoteFileStream.on('finish', async () => { if (errFlag) return; resolve({ errcode: 0, errmsg: '' }); }); }); } // 解析key async keys({ target, password }) { return new Promise((resolve, reject) => { exec(`openssl pkcs12 -info -in ${target} -nodes -nocerts -password pass:${password}`, function(error, stdout) { if (error) { reject(error); } const srart = stdout.indexOf('-----BEGIN PRIVATE KEY-----'); const data = stdout.slice(srart, stdout.length); resolve({ errcode: 0, errmsg: '', data }); }); }); } // key格式转换 async transform({ files, target }) { return new Promise((resolve, reject) => { exec(`openssl pkcs8 -in ${this.app.config.filePath.key}${files} -traditional -out ${this.app.config.filePath.key}${target} -nocrypt`, function(error, stdout) { if (error) { reject(error); } console.log(stdout); resolve({ errcode: 0, errmsg: '', data: stdout }); }); }); } // 解析证书 async certs({ target, password }) { return new Promise((resolve, reject) => { exec(`openssl pkcs12 -info -in ${target} -password pass:${password} -nokeys -clcerts`, function(error, stdout) { if (error) { reject(error); } const srart = stdout.indexOf('-----BEGIN CERTIFICATE-----'); const data = stdout.slice(srart, stdout.length); resolve({ errcode: 0, errmsg: '', data }); }); }); } // 权限验证 async login() { const { userName } = this.ctx.state.user; if (userName !== 'admin') { return { errcode: 403, errmsg: '没有权限' }; } return { errcode: 0, errmsg: '' }; } // 开机运行dhcp async dhcp({ type }) { return new Promise((resolve, reject) => { exec(`systemctl ${type} isc-dhcp-server.service`, function(error) { if (error) { reject(error); } resolve({ errcode: 0, errmsg: '' }); }); }); } // 开机运行openvpn enable 开机运行 disable 开机不运行 restart 重新启动服务 async openvpn({ type }) { return new Promise((resolve, reject) => { exec(`systemctl ${type} openvpn.service`, function(error) { if (error) { reject(error); } resolve({ errcode: 0, errmsg: '' }); }); }); } // ipseca async ipsecas({ type }) { return new Promise((resolve, reject) => { exec(`systemctl ${type} strongswan-swanctl`, function(error) { if (error) { reject(error); } resolve({ errcode: 0, errmsg: '' }); }); }); } // 重启服务器 async reboot() { return new Promise((resolve, reject) => { exec('reboot', function(error) { if (error) { reject(error); } resolve({ errcode: 0, errmsg: '' }); }); }); } } module.exports = FileService;