From 2fbd0c45767782802d7327d2d4f3117ce9fc1bd0 Mon Sep 17 00:00:00 2001 From: ssongliu Date: Wed, 3 Sep 2025 16:20:12 +0800 Subject: [PATCH] fix: Add Docker restart option to firewall operations --- agent/app/api/v2/firewall.go | 2 +- agent/app/dto/firewall.go | 3 +- agent/app/service/firewall.go | 10 ++-- frontend/src/api/modules/host.ts | 11 +++- .../docker-proxy/docker-restart.vue | 50 +++++++++++++++++++ frontend/src/lang/modules/en.ts | 1 + frontend/src/lang/modules/ja.ts | 1 + frontend/src/lang/modules/ko.ts | 1 + frontend/src/lang/modules/ms.ts | 1 + frontend/src/lang/modules/pt-br.ts | 1 + frontend/src/lang/modules/ru.ts | 1 + frontend/src/lang/modules/tr.ts | 1 + frontend/src/lang/modules/zh-Hant.ts | 1 + frontend/src/lang/modules/zh.ts | 1 + .../src/views/host/firewall/status/index.vue | 49 ++++++++++-------- 15 files changed, 104 insertions(+), 30 deletions(-) create mode 100644 frontend/src/components/docker-proxy/docker-restart.vue diff --git a/agent/app/api/v2/firewall.go b/agent/app/api/v2/firewall.go index 82da28c23af8..62e2a44a740d 100644 --- a/agent/app/api/v2/firewall.go +++ b/agent/app/api/v2/firewall.go @@ -63,7 +63,7 @@ func (b *BaseApi) OperateFirewall(c *gin.Context) { return } - if err := firewallService.OperateFirewall(req.Operation); err != nil { + if err := firewallService.OperateFirewall(req); err != nil { helper.InternalServer(c, err) return } diff --git a/agent/app/dto/firewall.go b/agent/app/dto/firewall.go index 9d8830ddc880..20955df7f5b9 100644 --- a/agent/app/dto/firewall.go +++ b/agent/app/dto/firewall.go @@ -17,7 +17,8 @@ type RuleSearch struct { } type FirewallOperation struct { - Operation string `json:"operation" validate:"required,oneof=start stop restart disablePing enablePing"` + Operation string `json:"operation" validate:"required,oneof=start stop restart disablePing enablePing"` + WithDockerRestart bool `json:"withDockerRestart"` } type PortRuleOperate struct { diff --git a/agent/app/service/firewall.go b/agent/app/service/firewall.go index eb32139ae9e7..4a8bd9df4cb2 100644 --- a/agent/app/service/firewall.go +++ b/agent/app/service/firewall.go @@ -28,7 +28,7 @@ type FirewallService struct{} type IFirewallService interface { LoadBaseInfo() (dto.FirewallBaseInfo, error) SearchWithPage(search dto.RuleSearch) (int64, interface{}, error) - OperateFirewall(operation string) error + OperateFirewall(req dto.FirewallOperation) error OperatePortRule(req dto.PortRuleOperate, reload bool) error OperateForwardRule(req dto.ForwardRuleOperate) error OperateAddressRule(req dto.AddrRuleOperate, reload bool) error @@ -177,13 +177,13 @@ func (u *FirewallService) SearchWithPage(req dto.RuleSearch) (int64, interface{} return int64(total), backDatas, nil } -func (u *FirewallService) OperateFirewall(operation string) error { +func (u *FirewallService) OperateFirewall(req dto.FirewallOperation) error { client, err := firewall.NewFirewallClient() if err != nil { return err } needRestartDocker := false - switch operation { + switch req.Operation { case "start": if err := client.Start(); err != nil { return err @@ -208,9 +208,9 @@ func (u *FirewallService) OperateFirewall(operation string) error { case "enablePing": return u.updatePingStatus("1") default: - return fmt.Errorf("not supported operation: %s", operation) + return fmt.Errorf("not supported operation: %s", req.Operation) } - if needRestartDocker { + if needRestartDocker && req.WithDockerRestart { if err := restartDocker(); err != nil { return err } diff --git a/frontend/src/api/modules/host.ts b/frontend/src/api/modules/host.ts index 1c4512591961..dceb0c4ba22e 100644 --- a/frontend/src/api/modules/host.ts +++ b/frontend/src/api/modules/host.ts @@ -12,8 +12,15 @@ export const loadFireBaseInfo = () => { export const searchFireRule = (params: Host.RuleSearch) => { return http.post>(`/hosts/firewall/search`, params, TimeoutEnum.T_40S); }; -export const operateFire = (operation: string) => { - return http.post(`/hosts/firewall/operate`, { operation: operation }, TimeoutEnum.T_40S); +export const operateFire = (operation: string, withDockerRestart: boolean) => { + return http.post( + `/hosts/firewall/operate`, + { + operation: operation, + withDockerRestart: withDockerRestart, + }, + TimeoutEnum.T_60S, + ); }; export const operatePortRule = (params: Host.RulePort) => { return http.post(`/hosts/firewall/port`, params, TimeoutEnum.T_40S); diff --git a/frontend/src/components/docker-proxy/docker-restart.vue b/frontend/src/components/docker-proxy/docker-restart.vue new file mode 100644 index 000000000000..d03be5387059 --- /dev/null +++ b/frontend/src/components/docker-proxy/docker-restart.vue @@ -0,0 +1,50 @@ + + + diff --git a/frontend/src/lang/modules/en.ts b/frontend/src/lang/modules/en.ts index 44beed4d37ea..c3020694a55d 100644 --- a/frontend/src/lang/modules/en.ts +++ b/frontend/src/lang/modules/en.ts @@ -2725,6 +2725,7 @@ const message = { quickJump: 'Quick access', used: 'Used', unUsed: 'Unused', + dockerRestart: 'Firewall operations require restarting the Docker service', firewallHelper: '{0} system firewall', firewallNotStart: `The system firewall isn't enabled at present. Enable it first.`, restartFirewallHelper: 'This operation will restart the current firewall. Do you want to continue?', diff --git a/frontend/src/lang/modules/ja.ts b/frontend/src/lang/modules/ja.ts index 89f44a4d0769..46da60e0e7a3 100644 --- a/frontend/src/lang/modules/ja.ts +++ b/frontend/src/lang/modules/ja.ts @@ -2640,6 +2640,7 @@ const message = { quickJump: 'クイックアクセス', used: '使用済み', unUsed: '未使用', + dockerRestart: 'ファイアウォール操作にはDockerサービスの再起動が必要です', firewallHelper: '{0}システムファイアウォール', firewallNotStart: `現在、システムファイアウォールは有効になっていません。最初に有効にします。`, restartFirewallHelper: 'この操作は、現在のファイアウォールを再起動します。続けたいですか?', diff --git a/frontend/src/lang/modules/ko.ts b/frontend/src/lang/modules/ko.ts index dd75093d8e63..3051025569e6 100644 --- a/frontend/src/lang/modules/ko.ts +++ b/frontend/src/lang/modules/ko.ts @@ -2593,6 +2593,7 @@ const message = { quickJump: '빠른 접근', used: '사용됨', unUsed: '사용 안 함', + dockerRestart: '방화벽 작업에는 Docker 서비스 재시작이 필요합니다', firewallHelper: '{0} 시스템 방화벽', firewallNotStart: '현재 시스템 방화벽이 활성화되지 않았습니다. 먼저 활성화하세요.', restartFirewallHelper: '이 작업은 현재 방화벽을 재시작합니다. 계속하시겠습니까?', diff --git a/frontend/src/lang/modules/ms.ts b/frontend/src/lang/modules/ms.ts index f8b64254b60e..51a92c7c9f14 100644 --- a/frontend/src/lang/modules/ms.ts +++ b/frontend/src/lang/modules/ms.ts @@ -2700,6 +2700,7 @@ const message = { quickJump: 'Akses pantas', used: 'Digunakan', unUsed: 'Tidak Digunakan', + dockerRestart: 'Operasi firewall memerlukan memulakan semula perkhidmatan Docker', firewallHelper: '{0} firewall sistem', firewallNotStart: `Firewall sistem belum diaktifkan. Aktifkannya dahulu.`, restartFirewallHelper: 'Operasi ini akan memulakan semula firewall semasa. Adakah anda mahu meneruskan?', diff --git a/frontend/src/lang/modules/pt-br.ts b/frontend/src/lang/modules/pt-br.ts index 285413303ae8..83c38c18ecea 100644 --- a/frontend/src/lang/modules/pt-br.ts +++ b/frontend/src/lang/modules/pt-br.ts @@ -2703,6 +2703,7 @@ const message = { quickJump: 'Acesso rápido', used: 'Usado', unUsed: 'Não usado', + dockerRestart: 'Operações de firewall exigem reinicialização do serviço Docker', firewallHelper: 'Firewall do sistema {0}', firewallNotStart: 'O firewall do sistema não está habilitado atualmente. Habilite-o primeiro.', restartFirewallHelper: 'Esta operação reiniciará o firewall atual. Deseja continuar?', diff --git a/frontend/src/lang/modules/ru.ts b/frontend/src/lang/modules/ru.ts index dbfb3f44c992..bedd814537aa 100644 --- a/frontend/src/lang/modules/ru.ts +++ b/frontend/src/lang/modules/ru.ts @@ -2697,6 +2697,7 @@ const message = { quickJump: 'Быстрый доступ', used: 'Используется', unUsed: 'Не используется', + dockerRestart: 'Операции с брандмауэром требуют перезапуска службы Docker', firewallHelper: '{0} межсетевой экран', firewallNotStart: 'Межсетевой экран в настоящее время не включен. Сначала включите его.', restartFirewallHelper: 'Эта операция перезапустит текущий межсетевой экран. Хотите продолжить?', diff --git a/frontend/src/lang/modules/tr.ts b/frontend/src/lang/modules/tr.ts index d6fdd45000a6..63648a85f01e 100644 --- a/frontend/src/lang/modules/tr.ts +++ b/frontend/src/lang/modules/tr.ts @@ -2759,6 +2759,7 @@ const message = { quickJump: 'Hızlı erişim', used: 'Kullanıldı', unUsed: 'Kullanılmadı', + dockerRestart: 'Güvenlik duvarı işlemleri Docker hizmetinin yeniden başlatılmasını gerektirir', firewallHelper: '{0} sistem güvenlik duvarı', firewallNotStart: 'Sistem güvenlik duvarı şu anda etkin değil. Önce etkinleştirin.', restartFirewallHelper: 'Bu işlem mevcut güvenlik duvarını yeniden başlatacak. Devam etmek istiyor musunuz?', diff --git a/frontend/src/lang/modules/zh-Hant.ts b/frontend/src/lang/modules/zh-Hant.ts index 41d332833350..001a5d8b274d 100644 --- a/frontend/src/lang/modules/zh-Hant.ts +++ b/frontend/src/lang/modules/zh-Hant.ts @@ -2541,6 +2541,7 @@ const message = { quickJump: '快速跳轉', used: '已使用', unUsed: '未使用', + dockerRestart: '防火牆操作需要重啟 Docker 服務', firewallHelper: '{0}系統防火墻', firewallNotStart: '當前未開啟系統防火墻,請先開啟!', restartFirewallHelper: '該操作將對當前防火牆進行重啟操作,是否繼續?', diff --git a/frontend/src/lang/modules/zh.ts b/frontend/src/lang/modules/zh.ts index 74af68eb53bf..63f3267de372 100644 --- a/frontend/src/lang/modules/zh.ts +++ b/frontend/src/lang/modules/zh.ts @@ -2531,6 +2531,7 @@ const message = { quickJump: '快速跳转', used: '已使用', unUsed: '未使用', + dockerRestart: '防火墙操作需要重启 Docker 服务', firewallHelper: '{0}系统防火墙', firewallNotStart: '当前未开启系统防火墙,请先开启!', restartFirewallHelper: '该操作将对当前防火墙进行重启操作,是否继续?', diff --git a/frontend/src/views/host/firewall/status/index.vue b/frontend/src/views/host/firewall/status/index.vue index 034446fa11cc..253ff10537e6 100644 --- a/frontend/src/views/host/firewall/status/index.vue +++ b/frontend/src/views/host/firewall/status/index.vue @@ -36,6 +36,16 @@ + + + @@ -44,6 +54,7 @@ import { Host } from '@/api/interface/host'; import { loadFireBaseInfo, operateFire } from '@/api/modules/host'; import i18n from '@/lang'; import NoSuchService from '@/components/layout-content/no-such-service.vue'; +import DockerRestart from '@/components/docker-proxy/docker-restart.vue'; import { MsgSuccess } from '@/utils/message'; import { ElMessageBox } from 'element-plus'; import { ref } from 'vue'; @@ -51,6 +62,9 @@ import { ref } from 'vue'; const baseInfo = ref({ isActive: false, isExist: true, name: '', version: '', pingStatus: '' }); const onPing = ref('Disable'); const oldStatus = ref(); +const dockerRef = ref(); +const operation = ref('restart'); +const withDockerRestart = ref(false); const acceptParams = (): void => { loadBaseInfo(true); @@ -78,28 +92,21 @@ const loadBaseInfo = async (search: boolean) => { }); }; -const onOperate = async (operation: string) => { - emit('update:maskShow', false); - let operationHelper = i18n.global.t('firewall.' + operation + 'FirewallHelper'); - let title = i18n.global.t('firewall.firewallHelper', [i18n.global.t('commons.button.' + operation)]); - ElMessageBox.confirm(operationHelper, title, { - confirmButtonText: i18n.global.t('commons.button.confirm'), - cancelButtonText: i18n.global.t('commons.button.cancel'), - }) - .then(async () => { - emit('update:loading', true); - emit('update:maskShow', true); - await operateFire(operation) - .then(() => { - MsgSuccess(i18n.global.t('commons.msg.operationSuccess')); - loadBaseInfo(true); - }) - .catch(() => { - loadBaseInfo(true); - }); +const onOperate = async (op: string) => { + operation.value = op; + dockerRef.value.acceptParams({ title: i18n.global.t('firewall.dockerRestart') }); +}; + +const onSubmit = async () => { + emit('update:loading', true); + emit('update:maskShow', true); + await operateFire(operation.value, withDockerRestart.value) + .then(() => { + MsgSuccess(i18n.global.t('commons.msg.operationSuccess')); + loadBaseInfo(true); }) .catch(() => { - emit('update:maskShow', true); + loadBaseInfo(true); }); }; @@ -115,7 +122,7 @@ const onPingOperate = async (operation: string) => { emit('update:loading', true); operation = operation === 'Disable' ? 'disablePing' : 'enablePing'; emit('update:maskShow', true); - await operateFire(operation) + await operateFire(operation, false) .then(() => { MsgSuccess(i18n.global.t('commons.msg.operationSuccess')); loadBaseInfo(false);