diff --git a/plugins/fail2ban/config/redis.conf b/plugins/fail2ban/config/redis.conf new file mode 100644 index 000000000..d32b11ee6 --- /dev/null +++ b/plugins/fail2ban/config/redis.conf @@ -0,0 +1,92 @@ +daemonize yes +pidfile {$SERVER_PATH}/redis/redis.pid + +bind 127.0.0.1 +port 6379 +requirepass {$REDIS_PASS} + +timeout 3 +tcp-keepalive 0 + +loglevel notice + +logfile {$SERVER_PATH}/redis/data/redis.log +databases 16 + +################################ SNAPSHOTTING ################################# + +save 900 100 +save 300 1000 +save 60 1000000 +stop-writes-on-bgsave-error yes +rdbcompression yes +rdbchecksum yes +dbfilename dump.rdb +dir {$SERVER_PATH}/redis/data/ + +################################# REPLICATION ################################# + +slave-serve-stale-data yes +slave-read-only yes + +repl-disable-tcp-nodelay no +slave-priority 100 + +################################## SECURITY ################################### + + +################################### LIMITS #################################### +maxclients 10000 +#maxmemory-samples 3 +maxmemory 218mb +maxmemory-policy volatile-ttl +#maxmemory-policy allkeys-lru + +############################## APPEND ONLY MODE ############################### + + +# appendonly no + +# appendfsync always +# appendfsync everysec +# appendfsync no + +# appendfilename "appendonly.aof" + +# no-appendfsync-on-rewrite no + +auto-aof-rewrite-percentage 100 +auto-aof-rewrite-min-size 64mb + +################################ LUA SCRIPTING ############################### + +lua-time-limit 5000 + +################################## SLOW LOG ################################### + + +slowlog-log-slower-than 10000 +slowlog-max-len 128 + +############################### ADVANCED CONFIG ############################### + +hash-max-ziplist-entries 512 +hash-max-ziplist-value 64 + +list-max-ziplist-entries 512 +list-max-ziplist-value 64 + +set-max-intset-entries 512 + +zset-max-ziplist-entries 128 +zset-max-ziplist-value 64 + +activerehashing yes + +client-output-buffer-limit normal 0 0 0 +client-output-buffer-limit slave 256mb 64mb 60 +client-output-buffer-limit pubsub 32mb 8mb 60 + +hz 10 + +aof-rewrite-incremental-fsync yes \ No newline at end of file diff --git a/plugins/fail2ban/ico.png b/plugins/fail2ban/ico.png new file mode 100644 index 000000000..64912b452 Binary files /dev/null and b/plugins/fail2ban/ico.png differ diff --git a/plugins/fail2ban/index.html b/plugins/fail2ban/index.html new file mode 100755 index 000000000..edf3581f2 --- /dev/null +++ b/plugins/fail2ban/index.html @@ -0,0 +1,33 @@ + + +
+
+
+
+

服务

+

自启动

+

配置修改

+

性能调整

+

负载状态

+

复制状态

+

集群状态

+

集群节点

+

运行日志

+
+
+
+
+
+
+ \ No newline at end of file diff --git a/plugins/fail2ban/index.py b/plugins/fail2ban/index.py new file mode 100755 index 000000000..26307eac3 --- /dev/null +++ b/plugins/fail2ban/index.py @@ -0,0 +1,314 @@ +# coding:utf-8 + +import sys +import io +import os +import time +import re + +sys.path.append(os.getcwd() + "/class/core") +import mw + +app_debug = False +if mw.isAppleSystem(): + app_debug = True + + +def getPluginName(): + return 'fail2ban' + + +def getPluginDir(): + return mw.getPluginDir() + '/' + getPluginName() + + +def getServerDir(): + return mw.getServerDir() + '/' + getPluginName() + + +def getInitDFile(): + current_os = mw.getOs() + if current_os == 'darwin': + return '/tmp/' + getPluginName() + + if current_os.startswith('freebsd'): + return '/etc/rc.d/' + getPluginName() + + return '/etc/init.d/' + getPluginName() + + +def getConf(): + path = getServerDir() + "/redis.conf" + return path + + +def getConfTpl(): + path = getPluginDir() + "/config/redis.conf" + return path + + +def getInitDTpl(): + path = getPluginDir() + "/init.d/" + getPluginName() + ".tpl" + return path + + +def getArgs(): + args = sys.argv[3:] + tmp = {} + args_len = len(args) + + if args_len == 1: + t = args[0].strip('{').strip('}') + if t.strip() == '': + tmp = [] + else: + t = t.split(':') + tmp[t[0]] = t[1] + tmp[t[0]] = t[1] + elif args_len > 1: + for i in range(len(args)): + t = args[i].split(':') + tmp[t[0]] = t[1] + return tmp + +def checkArgs(data, ck=[]): + for i in range(len(ck)): + if not ck[i] in data: + return (False, mw.returnJson(False, '参数:(' + ck[i] + ')没有!')) + return (True, mw.returnJson(True, 'ok')) + +def configTpl(): + path = getPluginDir() + '/tpl' + pathFile = os.listdir(path) + tmp = [] + for one in pathFile: + file = path + '/' + one + tmp.append(file) + return mw.getJson(tmp) + + +def readConfigTpl(): + args = getArgs() + data = checkArgs(args, ['file']) + if not data[0]: + return data[1] + + content = mw.readFile(args['file']) + content = contentReplace(content) + return mw.returnJson(True, 'ok', content) + +def getPidFile(): + file = getConf() + content = mw.readFile(file) + rep = r'pidfile\s*(.*)' + tmp = re.search(rep, content) + return tmp.groups()[0].strip() + +def status(): + pid_file = getPidFile() + if not os.path.exists(pid_file): + return 'stop' + + # data = mw.execShell( + # "ps aux|grep redis |grep -v grep | grep -v python | grep -v mdserver-web | awk '{print $2}'") + + # if data[0] == '': + # return 'stop' + return 'start' + +def contentReplace(content): + service_path = mw.getServerDir() + content = content.replace('{$ROOT_PATH}', mw.getRootDir()) + content = content.replace('{$SERVER_PATH}', service_path) + return content + + + +def initDreplace(): + + file_tpl = getInitDTpl() + service_path = os.path.dirname(os.getcwd()) + + initD_path = getServerDir() + '/init.d' + if not os.path.exists(initD_path): + os.mkdir(initD_path) + file_bin = initD_path + '/' + getPluginName() + + # initd replace + if not os.path.exists(file_bin): + content = mw.readFile(file_tpl) + content = content.replace('{$SERVER_PATH}', service_path) + mw.writeFile(file_bin, content) + mw.execShell('chmod +x ' + file_bin) + + # log + dataLog = getServerDir() + '/data' + if not os.path.exists(dataLog): + mw.execShell('chmod +x ' + file_bin) + + # config replace + dst_conf = getServerDir() + '/redis.conf' + dst_conf_init = getServerDir() + '/init.pl' + if not os.path.exists(dst_conf_init): + conf_content = mw.readFile(getConfTpl()) + conf_content = conf_content.replace('{$SERVER_PATH}', service_path) + conf_content = conf_content.replace( + '{$REDIS_PASS}', mw.getRandomString(10)) + + mw.writeFile(dst_conf, conf_content) + mw.writeFile(dst_conf_init, 'ok') + + # systemd + systemDir = mw.systemdCfgDir() + systemService = systemDir + '/' + getPluginName() + '.service' + if os.path.exists(systemDir) and not os.path.exists(systemService): + systemServiceTpl = getPluginDir() + '/init.d/' + getPluginName() + '.service.tpl' + service_path = mw.getServerDir() + se_content = mw.readFile(systemServiceTpl) + se_content = se_content.replace('{$SERVER_PATH}', service_path) + mw.writeFile(systemService, se_content) + mw.execShell('systemctl daemon-reload') + + return file_bin + + +def f2bOp(method): + file = initDreplace() + + current_os = mw.getOs() + if current_os == "darwin": + data = mw.execShell(file + ' ' + method) + if data[1] == '': + return 'ok' + return data[1] + + if current_os.startswith("freebsd"): + data = mw.execShell('service ' + getPluginName() + ' ' + method) + if data[1] == '': + return 'ok' + return data[1] + + data = mw.execShell('systemctl ' + method + ' ' + getPluginName()) + if data[1] == '': + return 'ok' + return data[1] + + +def start(): + return redisOp('start') + + +def stop(): + return redisOp('stop') + + +def restart(): + status = redisOp('restart') + + log_file = runLog() + mw.execShell("echo '' > " + log_file) + return status + + +def reload(): + return redisOp('reload') + + +def getPort(): + conf = getServerDir() + '/redis.conf' + content = mw.readFile(conf) + + rep = r"^(" + r'port' + r')\s*([.0-9A-Za-z_& ~]+)' + tmp = re.search(rep, content, re.M) + if tmp: + return tmp.groups()[1] + + return '6379' + + +def initdStatus(): + current_os = mw.getOs() + if current_os == 'darwin': + return "Apple Computer does not support" + + if current_os.startswith('freebsd'): + initd_bin = getInitDFile() + if os.path.exists(initd_bin): + return 'ok' + + shell_cmd = 'systemctl status ' + \ + getPluginName() + ' | grep loaded | grep "enabled;"' + data = mw.execShell(shell_cmd) + if data[0] == '': + return 'fail' + return 'ok' + + +def initdInstall(): + current_os = mw.getOs() + if current_os == 'darwin': + return "Apple Computer does not support" + + # freebsd initd install + if current_os.startswith('freebsd'): + import shutil + source_bin = initDreplace() + initd_bin = getInitDFile() + shutil.copyfile(source_bin, initd_bin) + mw.execShell('chmod +x ' + initd_bin) + mw.execShell('sysrc ' + getPluginName() + '_enable="YES"') + return 'ok' + + mw.execShell('systemctl enable ' + getPluginName()) + return 'ok' + + +def initdUinstall(): + current_os = mw.getOs() + if current_os == 'darwin': + return "Apple Computer does not support" + + if current_os.startswith('freebsd'): + initd_bin = getInitDFile() + os.remove(initd_bin) + mw.execShell('sysrc ' + getPluginName() + '_enable="NO"') + return 'ok' + + mw.execShell('systemctl disable ' + getPluginName()) + return 'ok' + + +def runLog(): + return getServerDir() + '/data/redis.log' + + +if __name__ == "__main__": + func = sys.argv[1] + if func == 'status': + print(status()) + elif func == 'start': + print(start()) + elif func == 'stop': + print(stop()) + elif func == 'restart': + print(restart()) + elif func == 'reload': + print(reload()) + elif func == 'initd_status': + print(initdStatus()) + elif func == 'initd_install': + print(initdInstall()) + elif func == 'initd_uninstall': + print(initdUinstall()) + elif func == 'run_info': + print(runInfo()) + elif func == 'conf': + print(getConf()) + elif func == 'run_log': + print(runLog()) + elif func == 'config_tpl': + print(configTpl()) + elif func == 'read_config_tpl': + print(readConfigTpl()) + else: + print('error') diff --git a/plugins/fail2ban/info.json b/plugins/fail2ban/info.json new file mode 100755 index 000000000..024a55088 --- /dev/null +++ b/plugins/fail2ban/info.json @@ -0,0 +1,18 @@ +{ + "sort": 7, + "ps": "防止恶意IP地址暴力破解服务、站点,禁止导致多个身份验证错误的主机", + "name": "fail2ban", + "title": "fail2ban", + "shell": "install.sh", + "versions":["1.1.0"], + "updates":["1.1.0"], + "tip": "soft", + "checks": "server/fail2ban", + "path": "server/fail2ban", + "display": 1, + "author": "fail2ban", + "date": "2025-07-28", + "home": "https://www.fail2ban.org", + "type": 0, + "pid": "2" +} diff --git a/plugins/fail2ban/init.d/redis.service.tpl b/plugins/fail2ban/init.d/redis.service.tpl new file mode 100644 index 000000000..8e8eb5693 --- /dev/null +++ b/plugins/fail2ban/init.d/redis.service.tpl @@ -0,0 +1,12 @@ +[Unit] +Description=Redis In-Memory Data Store +After=network.target + +[Service] +Type=forking +ExecStart={$SERVER_PATH}/redis/bin/redis-server {$SERVER_PATH}/redis/redis.conf +ExecReload=/bin/kill -USR2 $MAINPID +Restart=on-failure + +[Install] +WantedBy=multi-user.target \ No newline at end of file diff --git a/plugins/fail2ban/init.d/redis.tpl b/plugins/fail2ban/init.d/redis.tpl new file mode 100644 index 000000000..fb4f76e46 --- /dev/null +++ b/plugins/fail2ban/init.d/redis.tpl @@ -0,0 +1,77 @@ +#!/bin/sh +# chkconfig: 2345 55 25 +# description: Redis Service + +### BEGIN INIT INFO +# Provides: Redis +# Required-Start: $all +# Required-Stop: $all +# Default-Start: 2 3 4 5 +# Default-Stop: 0 1 6 +# Short-Description: starts Redis +# Description: starts the MDW-Web +### END INIT INFO + +# Simple Redis init.d script conceived to work on Linux systems +# as it does use of the /proc filesystem. + +CONF="{$SERVER_PATH}/redis/redis.conf" +REDISPORT=$(cat $CONF |grep port|grep -v '#'|awk '{print $2}') +REDISPASS=$(cat $CONF |grep requirepass|grep -v '#'|awk '{print $2}') +if [ "$REDISPASS" != "" ];then + REDISPASS=" -a $REDISPASS" +fi +EXEC={$SERVER_PATH}/redis/bin/redis-server +CLIEXEC="{$SERVER_PATH}/redis/bin/redis-cli -p $REDISPORT$REDISPASS" +PIDFILE={$SERVER_PATH}/redis/redis.pid + +echo $REDISPASS +echo $REDISPORT +echo $CLIEXEC + +mkdir -p {$SERVER_PATH}/redis/data + +redis_start(){ + if [ -f $PIDFILE ];then + kill -9 `cat $PIDFILE` + fi + + echo "Starting Redis server..." + nohup $EXEC $CONF >> {$SERVER_PATH}/redis/logs.pl 2>&1 & +} +redis_stop(){ + if [ ! -f $PIDFILE ] + then + echo "$PIDFILE does not exist, process is not running" + else + PID=$(cat $PIDFILE) + echo "Stopping ..." + $CLIEXEC shutdown save 2>/dev/null + while [ -x /proc/${PID} ] + do + echo "Waiting for Redis to shutdown ..." + sleep 1 + done + echo "Redis stopped" + rm -rf $PIDFILE + fi +} + + +case "$1" in + start) + redis_start + ;; + stop) + redis_stop + ;; + restart|reload) + redis_stop + sleep 0.3 + redis_start + ;; + *) + echo "Please use start or stop as first argument" + ;; +esac + diff --git a/plugins/fail2ban/install.sh b/plugins/fail2ban/install.sh new file mode 100755 index 000000000..07aab5919 --- /dev/null +++ b/plugins/fail2ban/install.sh @@ -0,0 +1,62 @@ +#!/bin/bash +PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin:~/bin:/opt/homebrew/bin +export PATH + +curPath=`pwd` +rootPath=$(dirname "$curPath") +rootPath=$(dirname "$rootPath") +serverPath=$(dirname "$rootPath") + +install_tmp=${rootPath}/tmp/mw_install.pl +VERSION=$2 + +Install_App() +{ + echo '正在安装脚本文件...' > $install_tmp + mkdir -p $serverPath/source + + mkdir -p $serverPath/fail2ban + sed '/^ *#/d' fail2ban.conf > $serverPath/fail2ban/redis.conf + + echo "${VERSION}" > $serverPath/fail2ban/version.pl + echo '安装fail2ban完成' + + cd ${rootPath} && python3 ${rootPath}/plugins/fail2ban/index.py start + cd ${rootPath} && python3 ${rootPath}/plugins/fail2ban/index.py initd_install + + +} + +Uninstall_App() +{ + if [ -f /usr/lib/systemd/system/fail2ban.service ];then + systemctl stop fail2ban + systemctl disable fail2ban + rm -rf /usr/lib/systemd/system/fail2ban.service + systemctl daemon-reload + fi + + if [ -f /lib/systemd/system/fail2ban.service ];then + systemctl stop fail2ban + systemctl disable fail2ban + rm -rf /lib/systemd/system/fail2ban.service + systemctl daemon-reload + fi + + if [ -f $serverPath/fail2ban/initd/fail2ban ];then + $serverPath/fail2ban/initd/fail2ban stop + fi + + if [ -d $serverPath/fail2ban ];then + rm -rf $serverPath/fail2ban + fi + + echo "卸载fail2ban成功" +} + +action=$1 +if [ "${1}" == 'install' ];then + Install_App +else + Uninstall_App +fi diff --git a/plugins/fail2ban/js/fail2ban.js b/plugins/fail2ban/js/fail2ban.js new file mode 100755 index 000000000..1697e96aa --- /dev/null +++ b/plugins/fail2ban/js/fail2ban.js @@ -0,0 +1,297 @@ +function redisPost(method, version, args,callback){ + var loadT = layer.msg('正在获取...', { icon: 16, time: 0, shade: 0.3 }); + + var req_data = {}; + req_data['name'] = 'redis'; + req_data['func'] = method; + req_data['version'] = version; + + if (typeof(args) == 'string'){ + req_data['args'] = JSON.stringify(toArrayObject(args)); + } else { + req_data['args'] = JSON.stringify(args); + } + + $.post('/plugins/run', req_data, function(data) { + layer.close(loadT); + if (!data.status){ + //错误展示10S + layer.msg(data.msg,{icon:0,time:2000,shade: [10, '#000']}); + return; + } + + if(typeof(callback) == 'function'){ + callback(data); + } + },'json'); +} + +function redisPostCallbak(method, version, args,callback){ + var loadT = layer.msg('正在获取...', { icon: 16, time: 0, shade: 0.3 }); + + var req_data = {}; + req_data['name'] = 'redis'; + req_data['func'] = method; + args['version'] = version; + + if (typeof(args) == 'string'){ + req_data['args'] = JSON.stringify(toArrayObject(args)); + } else { + req_data['args'] = JSON.stringify(args); + } + + $.post('/plugins/callback', req_data, function(data) { + layer.close(loadT); + if (!data.status){ + layer.msg(data.msg,{icon:0,time:2000,shade: [0.3, '#000']}); + return; + } + + if(typeof(callback) == 'function'){ + callback(data); + } + },'json'); +} + +//redis状态 start +function redisStatus(version) { + + redisPost('run_info',version, {},function(data){ + var rdata = $.parseJSON(data.data); + + if ('status' in rdata && !rdata.status){ + layer.msg(rdata.msg,{icon:0,time:2000,shade: [0.3, '#000']}); + return; + } + + hit = (parseInt(rdata.keyspace_hits) / (parseInt(rdata.keyspace_hits) + parseInt(rdata.keyspace_misses)) * 100).toFixed(2); + var con = '
\ + \ + \ + \ + \ + \ + \ + \ + \ + \ + \ + \ + \ + \ + \ + \ + \ + \ + \ +
字段当前值说明
uptime_in_days' + rdata.uptime_in_days + '已运行天数
tcp_port' + rdata.tcp_port + '当前监听端口
connected_clients' + rdata.connected_clients + '连接的客户端数量
used_memory_rss' + toSize(rdata.used_memory_rss) + 'Redis当前占用的系统内存总量
used_memory' + toSize(rdata.used_memory) + 'Redis当前已分配的内存总量
used_memory_peak' + toSize(rdata.used_memory_peak) + 'Redis历史分配内存的峰值
mem_fragmentation_ratio' + rdata.mem_fragmentation_ratio + '%内存碎片比率
total_connections_received' + rdata.total_connections_received + '运行以来连接过的客户端的总数量
total_commands_processed' + rdata.total_commands_processed + '运行以来执行过的命令的总数量
instantaneous_ops_per_sec' + rdata.instantaneous_ops_per_sec + '服务器每秒钟执行的命令数量
keyspace_hits' + rdata.keyspace_hits + '查找数据库键成功的次数
keyspace_misses' + rdata.keyspace_misses + '查找数据库键失败的次数
hit' + hit + '%查找数据库键命中率
latest_fork_usec' + rdata.latest_fork_usec + '最近一次 fork() 操作耗费的微秒数
'; + $(".soft-man-con").html(con); + }); +} + +function replStatus(version){ + redisPost('info_replication', version, {},function(data){ + var rdata = $.parseJSON(data.data); + + if ('status' in rdata && !rdata.status){ + layer.msg(rdata.msg,{icon:0,time:2000,shade: [0.3, '#000']}); + return; + } + + var kv = { + 'role':'角色', + 'master_host':'连接主库HOST', + 'master_port':'连接主库PORT', + 'master_link_status':'连接主库状态', + 'master_last_io_seconds_ago':'上次同步时间', + 'master_sync_in_progress':'正在同步中', + 'slave_read_repl_offset':'从库读取复制位置', + 'slave_repl_offset':'从库复制位置', + 'slave_read_only':'从库是否仅读', + 'replica_announced':'已复制副本', + 'connected_slaves':'连接数量', + 'master_failover_state':'主库故障状态', + 'master_replid':'主库复制ID', + 'master_repl_offset':'主库复制位置', + 'repl_backlog_size':'backlog复制大小', + 'second_repl_offset':'复制位置时间', + 'repl_backlog_first_byte_offset':'第一个字节偏移量', + 'repl_backlog_histlen':'backlog中数据的长度', + 'repl_backlog_active':'开启复制缓冲区', + 'slave_priority':'同步优先级', + } + + var tbody_text = ''; + for (k in rdata){ + if (k == 'master_replid'){ + tbody_text += ''+k+'' + rdata[k] + ''+kv[k]+''; + } else{ + + if (k.substring(0,5) == 'slave' && !isNaN(k.substring(5))){ + tbody_text += ''+k+'' + rdata[k] + '从库配置信息'; + } else{ + tbody_text += ''+k+'' + rdata[k] + ''+kv[k]+''; + } + + + } + } + + var con = '
\ + \ + \ + '+tbody_text+'\ +
字段当前值说明
'; + $(".soft-man-con").html(con); + }); +} + +function clusterStatus(version){ + redisPost('cluster_info', version, {},function(data){ + var rdata = $.parseJSON(data.data); + + if ('status' in rdata && !rdata.status){ + layer.msg(rdata.msg,{icon:0,time:2000,shade: [0.3, '#000']}); + return; + } + + var kv = { + 'cluster_state':'集群状态', + 'cluster_slots_assigned':'被分配的槽', + 'cluster_slots_ok':'被分配的槽状态', + 'cluster_known_nodes':'知道的节点', + 'cluster_size':'大小', + 'cluster_stats_messages_sent':'发送', + 'cluster_stats_messages_received':'接收', + 'cluster_current_epoch':'集群当前epoch', + 'cluster_my_epoch':'当前我的epoch', + 'cluster_slots_pfail':'处于PFAIL状态的槽数', + 'cluster_slots_fail':'处于FAIL状态的槽数', + 'total_cluster_links_buffer_limit_exceeded':'超出缓冲区总数', + } + + var tbody_text = ''; + for (k in rdata){ + var desc = k; + if (k in kv){ + desc = kv[k]; + } + + if (k == 'master_replid'){ + tbody_text += ''+k+'' + rdata[k] + ''+desc+''; + } else{ + tbody_text += ''+k+'' + rdata[k] + ''+desc+''; + } + } + + if (tbody_text == ''){ + tbody_text += '无数据/未设置集群'; + } + + var con = '
\ + \ + \ + '+tbody_text+'\ +
字段当前值说明
'; + $(".soft-man-con").html(con); + }); +} + +function clusterNodes(version){ + redisPost('cluster_nodes', version, {},function(data){ + var rdata = $.parseJSON(data.data); + + if ('status' in rdata && !rdata.status){ + layer.msg(rdata.msg,{icon:0,time:2000,shade: [0.3, '#000']}); + return; + } + + // console.log(rdata); + var tbody_text = ''; + for (k in rdata){ + tbody_text += ''+ rdata[k] +''; + } + + if (tbody_text == ''){ + tbody_text += '无数据/未设置集群'; + } + + var con = '
\ + \ + \ + '+tbody_text+'\ +
节点信息
'; + $(".soft-man-con").html(con); + }); +} + +//redis状态 end + +//配置修改 +function getRedisConfig(version) { + redisPost('get_redis_conf', version,'',function(data){ + // console.log(data); + var rdata = $.parseJSON(data.data); + // console.log(rdata); + var mlist = ''; + for (var i = 0; i < rdata.length; i++) { + var w = '70' + if (rdata[i].name == 'error_reporting') w = '250'; + var ibody = ''; + switch (rdata[i].type) { + case 0: + var selected_1 = (rdata[i].value == 1) ? 'selected' : ''; + var selected_0 = (rdata[i].value == 0) ? 'selected' : ''; + ibody = '' + break; + case 1: + var selected_1 = (rdata[i].value == 'On') ? 'selected' : ''; + var selected_0 = (rdata[i].value == 'Off') ? 'selected' : ''; + ibody = '' + break; + } + mlist += '

' + rdata[i].name + '' + ibody + ', ' + rdata[i].ps + '

' + } + var con = '
' + mlist + '\ +
\ +
\ +
' + $(".soft-man-con").html(con); + }); +} + +//提交配置 +function submitConf(version) { + var data = { + version: version, + bind: $("input[name='bind']").val(), + 'port': $("input[name='port']").val(), + 'timeout': $("input[name='timeout']").val(), + maxclients: $("input[name='maxclients']").val(), + databases: $("input[name='databases']").val(), + requirepass: $("input[name='requirepass']").val(), + maxmemory: $("input[name='maxmemory']").val(), + }; + + redisPost('submit_redis_conf', version, data, function(ret_data){ + var rdata = $.parseJSON(ret_data.data); + layer.msg(rdata.msg, { icon: rdata.status ? 1 : 2 }); + }); +} + + +function redisReadme(){ + var cmd_01 = '/www/server/redis/bin/redis-cli --cluster create 127.0.0.1:6379 127.0.0.1:6380 127.0.0.1:6381 --cluster-replicas 0'; + var cmd_02 = '/www/server/redis/bin/redis-cli --cluster create 127.0.0.1:6379 127.0.0.1:6380 127.0.0.1:6381 127.0.0.1:6382 127.0.0.1:6383 127.0.0.1:6384 --cluster-replicas 1'; + + + var readme = ''; + + $('.soft-man-con').html(readme); +} + diff --git a/plugins/fail2ban/tpl/fail2ban.conf b/plugins/fail2ban/tpl/fail2ban.conf new file mode 100644 index 000000000..bbe35527f --- /dev/null +++ b/plugins/fail2ban/tpl/fail2ban.conf @@ -0,0 +1,75 @@ +daemonize yes +pidfile {$SERVER_PATH}/redis/redis.pid + +loglevel notice +logfile {$SERVER_PATH}/redis/data/redis.log +databases 16 + +timeout 0 +tcp-keepalive 0 + +bind 127.0.0.1 +port 6379 +requirepass {$REDIS_PASS} + +################################ SNAPSHOTTING ################################# + +save "" +stop-writes-on-bgsave-error no + +################################# REPLICATION ################################# + +slave-serve-stale-data yes +slave-read-only yes + +repl-disable-tcp-nodelay no +slave-priority 100 + +# 填写主库信息 +#slaveof 127.0.0.1 6379 +#masterauth 123123 + +################################## SECURITY ################################### + + +################################### LIMITS #################################### +maxclients 10000 +#maxmemory-samples 3 +maxmemory 218mb +maxmemory-policy allkeys-lru + +############################## APPEND ONLY MODE ############################### + + +################################ LUA SCRIPTING ############################### + +lua-time-limit 5000 + +################################## SLOW LOG ################################### + + +slowlog-log-slower-than 10000 +slowlog-max-len 128 + +############################### ADVANCED CONFIG ############################### + +hash-max-ziplist-entries 512 +hash-max-ziplist-value 64 + +list-max-ziplist-entries 512 +list-max-ziplist-value 64 + +set-max-intset-entries 512 + +zset-max-ziplist-entries 128 +zset-max-ziplist-value 64 + +activerehashing no + +client-output-buffer-limit normal 0 0 0 +client-output-buffer-limit slave 256mb 64mb 60 +client-output-buffer-limit pubsub 32mb 8mb 60 + +hz 10 + +aof-rewrite-incremental-fsync yes \ No newline at end of file