hhyo · hhyo · Jan 13, 2022 · Dec 28, 2021 · Dec 28, 2021 · Dec 28, 2021
diff --git a/archery/settings.py b/archery/settings.py
@@ -257,3 +257,11 @@
         # },
     }
 }
+
+MEDIA_ROOT = os.path.join(BASE_DIR, 'media')
+if not os.path.exists(MEDIA_ROOT):
+    os.mkdir(MEDIA_ROOT)
+
+PKEY_ROOT = os.path.join(MEDIA_ROOT, 'keys')
+if not os.path.exists(PKEY_ROOT):
+    os.mkdir(PKEY_ROOT)
diff --git a/sql/admin.py b/sql/admin.py
@@ -11,6 +11,8 @@
     WorkflowAudit, WorkflowLog, ParamTemplate, ParamHistory, InstanceTag, \
     Tunnel, AuditEntry
 
+from sql.form import TunnelForm
+
 
 # 用户管理
 @admin.register(Users)
@@ -87,13 +89,14 @@ class TunnelAdmin(admin.ModelAdmin):
     search_fields = ('id', 'tunnel_name')
     fieldsets = (
                     None,
-                    {'fields': ('tunnel_name', 'host', 'port', 'user', 'password', 'pkey_path', 'pkey_password',), }),
+                    {'fields': ('tunnel_name', 'host', 'port', 'user', 'password', 'pkey_path', 'pkey_password', 'pkey'), }),
     ordering = ('id',)
     # 添加页显示内容
     add_fieldsets = (
         ('隧道信息', {'fields': ('tunnel_name', 'host', 'port')}),
-        ('连接信息', {'fields': ('user', 'password', 'pkey_path', 'pkey_password')}),
+        ('连接信息', {'fields': ('user', 'password', 'pkey_path', 'pkey_password', 'pkey')}),
     )
+    form = TunnelForm
 
     def formfield_for_dbfield(self, db_field, **kwargs):
         if db_field.name in ['password', 'pkey_password']:

diff --git a/sql/engines/__init__.py b/sql/engines/__init__.py
@@ -27,7 +27,7 @@ def __init__(self, instance=None):
                     instance.tunnel.port,
                     instance.tunnel.user,
                     instance.tunnel.password,
-                    instance.tunnel.pkey_path,
+                    instance.tunnel.pkey,
                     instance.tunnel.pkey_password,
                 )
                 self.host,self.port = self.ssh.get_ssh()
@@ -48,7 +48,7 @@ def remote_instance_conn(self, instance=None):
                 instance.tunnel.port,
                 instance.tunnel.user,
                 instance.tunnel.password,
-                instance.tunnel.pkey_path,
+                instance.tunnel.pkey,
                 instance.tunnel.pkey_password,
             )
             self.remote_host, self.remote_port = self.remotessh.get_ssh()

diff --git a/sql/form.py b/sql/form.py
@@ -0,0 +1,27 @@
+#!/usr/bin/python
+# -*- coding:utf-8 -*-
+"""
+---------------------------------------------------------
+@project: issacmarkArchery
+@file: form
+@date: 2021/12/30 17:43
+@author: mayp
+---------------------------------------------------------
+"""
+from django.forms import ModelForm, Textarea
+from sql.models import Tunnel
+
+
+class TunnelForm(ModelForm):
+    class Meta:
+        model = Tunnel
+        fields = "__all__"
+        widgets = {
+            'PKey': Textarea(attrs={'cols': 40, 'rows': 8}),
+        }
+
+    def clean(self):
+        cleaned_data = super().clean()
+        pkey_path = cleaned_data.get('pkey_path').read()
+        if pkey_path:
+            cleaned_data['pkey'] = str(pkey_path, 'utf-8').replace(r'\r', '').replace(r'\n', '')
diff --git a/sql/models.py b/sql/models.py
@@ -5,6 +5,10 @@
 
 from django.utils.translation import gettext as _
 from mirage.crypto import Crypto
+from django.conf import settings
+
+pkey_root = settings.PKEY_ROOT
+
 
 class ResourceGroup(models.Model):
     """
@@ -99,14 +103,21 @@ class Tunnel(models.Model):
     port = models.IntegerField('端口', default=0)
     user = fields.EncryptedCharField(verbose_name='用户名', max_length=200, default='', blank=True, null=True)
     password = fields.EncryptedCharField(verbose_name='密码', max_length=300, default='', blank=True, null=True)
-    pkey_path = fields.EncryptedCharField(verbose_name='密钥地址', max_length=300, default='', blank=True, null=True)
+    pkey = models.TextField(verbose_name="密钥", blank=True, null=True)
+    pkey_path = models.FileField(verbose_name="密钥地址", blank=True, null=True, upload_to='keys/')
     pkey_password = fields.EncryptedCharField(verbose_name='密钥密码', max_length=300, default='', blank=True, null=True)
     create_time = models.DateTimeField('创建时间', auto_now_add=True)
     update_time = models.DateTimeField('更新时间', auto_now=True)
 
     def __str__(self):
         return self.tunnel_name
 
+    def short_pkey(self):
+        if len(str(self.pkey)) > 20:
+            return '{}...'.format(str(self.pkey)[0:19])
+        else:
+            return str(self.pkey)
+
     class Meta:
         managed = True
         db_table = 'ssh_tunnel'
@@ -853,28 +864,3 @@ class Meta:
         index_together = ('hostname_max', 'ts_min')
         verbose_name = u'慢日志明细'
         verbose_name_plural = u'慢日志明细'
-
-
-class AuditEntry(models.Model):
-    """
-    登录审计日志
-    """
-    user_id = models.IntegerField('用户ID')
-    user_name = models.CharField('用户名称', max_length=255, null=True)
-    action = models.CharField('动作', max_length=255)
-    ip = models.GenericIPAddressField('IP', null=True)
-    action_time = models.DateTimeField('操作时间', auto_now_add=True)
-
-    class Meta:
-        managed = True
-        db_table = 'audit_log'
-        verbose_name = u'审计日志'
-        verbose_name_plural = u'审计日志'
-
-    def __unicode__(self):
-        return '{0} - {1} - {2} - {3} - {4}'.format(self.user_id, self.user_name, self.ip
-                                                    , self.action, self.action_time)
-
-    def __str__(self):
-        return '{0} - {1} - {2} - {3} - {4}'.format(self.user_id, self.user_name, self.ip
-                                                    , self.action, self.action_time)
diff --git a/sql/utils/ssh_tunnel.py b/sql/utils/ssh_tunnel.py
@@ -7,21 +7,26 @@
 """
 from sshtunnel import SSHTunnelForwarder
 from paramiko import RSAKey
+import io
+
 
 class SSHConnection(object):
     """
     ssh隧道连接类，用于映射ssh隧道端口到本地，连接结束时需要清理
     """
-    def __init__(self, host, port, tun_host, tun_port, tun_user, tun_password, pkey_path, pkey_password):
+    def __init__(self, host, port, tun_host, tun_port, tun_user, tun_password, pkey, pkey_password):
         self.host = host
         self.port = int(port)
         self.tun_host = tun_host
         self.tun_port = int(tun_port)
         self.tun_user = tun_user
         self.tun_password = tun_password
 
-        if pkey_path:
-            self.private_key = RSAKey.from_private_key_file(pkey_path, password=pkey_password)
+        if pkey:
+            private_key_file_obj = io.StringIO()
+            private_key_file_obj.write(pkey)
+            private_key_file_obj.seek(0)
+            self.private_key = RSAKey.from_private_key(private_key_file_obj, password=pkey_password)
             self.server = SSHTunnelForwarder(
                 ssh_address_or_host=(self.tun_host, self.tun_port),
                 ssh_username=self.tun_user,

diff --git a/src/docker-compose/docker-compose.yml b/src/docker-compose/docker-compose.yml
@@ -53,6 +53,7 @@ services:
       - "./archery/downloads:/opt/archery/downloads"
       - "./archery/sql/migrations:/opt/archery/sql/migrations"
       - "./archery/logs:/opt/archery/logs"
+      - "./archery/keys:/opt/archery/keys"
     entrypoint: "dockerize -wait tcp://mysql:3306 -wait tcp://redis:6379 -timeout 60s /opt/archery/src/docker/startup.sh"
     environment:
       NGINX_PORT: 9123