feat: update to go1.24 & support listening https (#1002)

* feat: support listening https

* refactor

* modernize

* support snake case in config

* more precise control of config fields

* update goreleaser config

* remove kubeyaml

* fix: expose agent_secret

* chore

model/alertrule.go

@@ -1,7 +1,7 @@
 package model
 
 import (
-	"github.com/nezhahq/nezha/pkg/utils"
+	"github.com/goccy/go-json"
 	"gorm.io/gorm"
 )
 
@@ -25,17 +25,17 @@ type AlertRule struct {
 }
 
 func (r *AlertRule) BeforeSave(tx *gorm.DB) error {
-	if data, err := utils.Json.Marshal(r.Rules); err != nil {
+	if data, err := json.Marshal(r.Rules); err != nil {
 		return err
 	} else {
 		r.RulesRaw = string(data)
 	}
-	if data, err := utils.Json.Marshal(r.FailTriggerTasks); err != nil {
+	if data, err := json.Marshal(r.FailTriggerTasks); err != nil {
 		return err
 	} else {
 		r.FailTriggerTasksRaw = string(data)
 	}
-	if data, err := utils.Json.Marshal(r.RecoverTriggerTasks); err != nil {
+	if data, err := json.Marshal(r.RecoverTriggerTasks); err != nil {
 		return err
 	} else {
 		r.RecoverTriggerTasksRaw = string(data)
@@ -45,13 +45,13 @@ func (r *AlertRule) BeforeSave(tx *gorm.DB) error {
 
 func (r *AlertRule) AfterFind(tx *gorm.DB) error {
 	var err error
-	if err = utils.Json.Unmarshal([]byte(r.RulesRaw), &r.Rules); err != nil {
+	if err = json.Unmarshal([]byte(r.RulesRaw), &r.Rules); err != nil {
 		return err
 	}
-	if err = utils.Json.Unmarshal([]byte(r.FailTriggerTasksRaw), &r.FailTriggerTasks); err != nil {
+	if err = json.Unmarshal([]byte(r.FailTriggerTasksRaw), &r.FailTriggerTasks); err != nil {
 		return err
 	}
-	if err = utils.Json.Unmarshal([]byte(r.RecoverTriggerTasksRaw), &r.RecoverTriggerTasks); err != nil {
+	if err = json.Unmarshal([]byte(r.RecoverTriggerTasksRaw), &r.RecoverTriggerTasks); err != nil {
 		return err
 	}
 	return nil

model/common.go

@@ -77,7 +77,7 @@ func SearchByIDCtx[S ~[]E, E CommonInterface](c *gin.Context, x S) S {
 		return any(l).(S)
 	default:
 		var s S
-		for _, idStr := range strings.Split(c.Query("id"), ",") {
+		for idStr := range strings.SplitSeq(c.Query("id"), ",") {
 			id, err := strconv.ParseUint(idStr, 10, 64)
 			if err != nil {
 				continue
@@ -93,7 +93,7 @@ func searchByIDCtxServer(c *gin.Context, x []*Server) []*Server {
 	list1, list2 := SplitList(x)
 
 	var clist1, clist2 []*Server
-	for _, idStr := range strings.Split(c.Query("id"), ",") {
+	for idStr := range strings.SplitSeq(c.Query("id"), ",") {
 		id, err := strconv.ParseUint(idStr, 10, 64)
 		if err != nil {
 			continue

model/config.go

@@ -1,18 +1,16 @@
 package model
 
 import (
-	"maps"
 	"os"
 	"path/filepath"
-	"slices"
 	"strconv"
 	"strings"
 
+	"github.com/go-viper/mapstructure/v2"
 	kyaml "github.com/knadh/koanf/parsers/yaml"
 	"github.com/knadh/koanf/providers/env"
 	"github.com/knadh/koanf/providers/file"
 	"github.com/knadh/koanf/v2"
-	"gopkg.in/yaml.v3"
 
 	"github.com/nezhahq/nezha/pkg/utils"
 )
@@ -24,52 +22,56 @@ const (
 )
 
 type ConfigForGuests struct {
-	Language            string   `json:"language"`
-	SiteName            string   `json:"site_name"`
-	CustomCode          string   `json:"custom_code,omitempty"`
-	CustomCodeDashboard string   `json:"custom_code_dashboard,omitempty"`
-	Oauth2Providers     []string `json:"oauth2_providers,omitempty"`
+	Language            string   `koanf:"language" json:"language"` // 系统语言，默认 zh_CN
+	SiteName            string   `koanf:"site_name" json:"site_name"`
+	CustomCode          string   `koanf:"custom_code" json:"custom_code,omitempty"`
+	CustomCodeDashboard string   `koanf:"custom_code_dashboard" json:"custom_code_dashboard,omitempty"`
+	Oauth2Providers     []string `koanf:"-" json:"oauth2_providers,omitempty"` // oauth2 供应商列表，无需配置，自动生成
 
-	InstallHost string `json:"install_host,omitempty"`
-	TLS         bool   `json:"tls,omitempty"`
+	InstallHost string `koanf:"install_host" json:"install_host,omitempty"`
+	AgentTLS    bool   `koanf:"tls" json:"tls,omitempty"` // 用于前端判断生成的安装命令是否启用 TLS
+}
+
+type ConfigDashboard struct {
+	Debug          bool   `koanf:"debug" json:"debug,omitempty"`                   // debug模式开关
+	RealIPHeader   string `koanf:"real_ip_header" json:"real_ip_header,omitempty"` // 真实IP
+	UserTemplate   string `koanf:"user_template" json:"user_template,omitempty"`
+	AdminTemplate  string `koanf:"admin_template" json:"admin_template,omitempty"`
+	Location       string `koanf:"location" json:"location,omitempty"`     // 时区，默认为 Asia/Shanghai
+	ForceAuth      bool   `koanf:"force_auth" json:"force_auth,omitempty"` // 强制要求认证
+	AgentSecretKey string `koanf:"agent_secret_key" json:"agent_secret_key,omitempty"`
+
+	EnablePlainIPInNotification bool `koanf:"enable_plain_ip_in_notification" json:"enable_plain_ip_in_notification,omitempty"` // 通知信息IP不打码
+
+	// IP变更提醒
+	EnableIPChangeNotification  bool   `koanf:"enable_ip_change_notification" json:"enable_ip_change_notification,omitempty"`
+	IPChangeNotificationGroupID uint64 `koanf:"ip_change_notification_group_id" json:"ip_change_notification_group_id"`
+	Cover                       uint8  `koanf:"cover" json:"cover"`                                               // 覆盖范围（0:提醒未被 IgnoredIPNotification 包含的所有服务器; 1:仅提醒被 IgnoredIPNotification 包含的服务器;）
+	IgnoredIPNotification       string `koanf:"ignored_ip_notification" json:"ignored_ip_notification,omitempty"` // 特定服务器IP（多个服务器用逗号分隔）
+
+	IgnoredIPNotificationServerIDs map[uint64]bool `koanf:"ignored_ip_notification_server_ids" json:"ignored_ip_notification_server_ids,omitempty"` // [ServerID] -> bool(值为true代表当前ServerID在特定服务器列表内）
+	AvgPingCount                   int             `koanf:"avg_ping_count" json:"avg_ping_count,omitempty"`
+	DNSServers                     string          `koanf:"dns_servers" json:"dns_servers,omitempty"`
 }
 
 type Config struct {
-	Debug        bool   `mapstructure:"debug" json:"debug,omitempty"`                   // debug模式开关
-	RealIPHeader string `mapstructure:"real_ip_header" json:"real_ip_header,omitempty"` // 真实IP
+	ConfigForGuests
+	ConfigDashboard
 
-	Language       string `mapstructure:"language" json:"language"` // 系统语言，默认 zh_CN
-	SiteName       string `mapstructure:"site_name" json:"site_name"`
-	UserTemplate   string `mapstructure:"user_template" json:"user_template,omitempty"`
-	AdminTemplate  string `mapstructure:"admin_template" json:"admin_template,omitempty"`
-	JWTSecretKey   string `mapstructure:"jwt_secret_key" json:"jwt_secret_key,omitempty"`
-	AgentSecretKey string `mapstructure:"agent_secret_key" json:"agent_secret_key,omitempty"`
-	ListenPort     uint   `mapstructure:"listen_port" json:"listen_port,omitempty"`
-	ListenHost     string `mapstructure:"listen_host" json:"listen_host,omitempty"`
-	InstallHost    string `mapstructure:"install_host" json:"install_host,omitempty"`
-	TLS            bool   `mapstructure:"tls" json:"tls,omitempty"`
-	Location       string `mapstructure:"location" json:"location,omitempty"`     // 时区，默认为 Asia/Shanghai
-	ForceAuth      bool   `mapstructure:"force_auth" json:"force_auth,omitempty"` // 强制要求认证
-
-	EnablePlainIPInNotification bool `mapstructure:"enable_plain_ip_in_notification" json:"enable_plain_ip_in_notification,omitempty"` // 通知信息IP不打码
-
-	// IP变更提醒
-	EnableIPChangeNotification  bool   `mapstructure:"enable_ip_change_notification" json:"enable_ip_change_notification,omitempty"`
-	IPChangeNotificationGroupID uint64 `mapstructure:"ip_change_notification_group_id" json:"ip_change_notification_group_id"`
-	Cover                       uint8  `mapstructure:"cover" json:"cover"`                                               // 覆盖范围（0:提醒未被 IgnoredIPNotification 包含的所有服务器; 1:仅提醒被 IgnoredIPNotification 包含的服务器;）
-	IgnoredIPNotification       string `mapstructure:"ignored_ip_notification" json:"ignored_ip_notification,omitempty"` // 特定服务器IP（多个服务器用逗号分隔）
-
-	IgnoredIPNotificationServerIDs map[uint64]bool `mapstructure:"ignored_ip_notification_server_ids" json:"ignored_ip_notification_server_ids,omitempty"` // [ServerID] -> bool(值为true代表当前ServerID在特定服务器列表内）
-	AvgPingCount                   int             `mapstructure:"avg_ping_count" json:"avg_ping_count,omitempty"`
-	DNSServers                     string          `mapstructure:"dns_servers" json:"dns_servers,omitempty"`
-
-	CustomCode          string `mapstructure:"custom_code" json:"custom_code,omitempty"`
-	CustomCodeDashboard string `mapstructure:"custom_code_dashboard" json:"custom_code_dashboard,omitempty"`
+	JWTSecretKey string `koanf:"jwt_secret_key" json:"jwt_secret_key,omitempty"`
+	ListenPort   uint16 `koanf:"listen_port" json:"listen_port,omitempty"`
+	ListenHost   string `koanf:"listen_host" json:"listen_host,omitempty"`
 
 	// oauth2 配置
-	Oauth2 map[string]*Oauth2Config `mapstructure:"oauth2" json:"oauth2,omitempty"`
-	// oauth2 供应商列表，无需配置，自动生成
-	Oauth2Providers []string `yaml:"-" json:"oauth2_providers,omitempty"`
+	Oauth2 map[string]*Oauth2Config `koanf:"oauth2" json:"oauth2,omitempty"`
+
+	// HTTPS 配置
+	HTTPS struct {
+		ListenPort  uint16 `koanf:"listen_port" json:"listen_port,omitempty"`
+		TLSCertPath string `koanf:"tls_cert_path" json:"tls_cert_path,omitempty"`
+		TLSKeyPath  string `koanf:"tls_key_path" json:"tls_key_path,omitempty"`
+		InsecureTLS bool   `koanf:"insecure_tls" json:"insecure_tls,omitempty"`
+	} `koanf:"https" json:"https"`
 
 	k        *koanf.Koanf `json:"-"`
 	filePath string       `json:"-"`
@@ -94,10 +96,11 @@ func (c *Config) Read(path string, frontendTemplates []FrontendTemplate) error {
 		}
 	}
 
-	err = c.k.Unmarshal("", c)
+	err = c.k.UnmarshalWithConf("", c, koanfConf(c))
 	if err != nil {
 		return err
 	}
+
 	if c.ListenPort == 0 {
 		c.ListenPort = 8008
 	}
@@ -151,7 +154,7 @@ func (c *Config) Read(path string, frontendTemplates []FrontendTemplate) error {
 		}
 	}
 
-	c.Oauth2Providers = slices.Collect(maps.Keys(c.Oauth2))
+	c.Oauth2Providers = utils.MapKeysToSlice(c.Oauth2)
 
 	c.updateIgnoredIPNotificationID()
 	return nil
@@ -160,9 +163,8 @@ func (c *Config) Read(path string, frontendTemplates []FrontendTemplate) error {
 // updateIgnoredIPNotificationID 更新用于判断服务器ID是否属于特定服务器的map
 func (c *Config) updateIgnoredIPNotificationID() {
 	c.IgnoredIPNotificationServerIDs = make(map[uint64]bool)
-	splitedIDs := strings.Split(c.IgnoredIPNotification, ",")
-	for i := 0; i < len(splitedIDs); i++ {
-		id, _ := strconv.ParseUint(splitedIDs[i], 10, 64)
+	for splitedID := range strings.SplitSeq(c.IgnoredIPNotification, ",") {
+		id, _ := strconv.ParseUint(splitedID, 10, 64)
 		if id > 0 {
 			c.IgnoredIPNotificationServerIDs[id] = true
 		}
@@ -172,7 +174,7 @@ func (c *Config) updateIgnoredIPNotificationID() {
 // Save 保存配置文件
 func (c *Config) Save() error {
 	c.updateIgnoredIPNotificationID()
-	data, err := yaml.Marshal(c)
+	data, err := c.k.Marshal(kyaml.Parser())
 	if err != nil {
 		return err
 	}
@@ -184,3 +186,21 @@ func (c *Config) Save() error {
 
 	return os.WriteFile(c.filePath, data, 0600)
 }
+
+func koanfConf(c any) koanf.UnmarshalConf {
+	return koanf.UnmarshalConf{
+		DecoderConfig: &mapstructure.DecoderConfig{
+			DecodeHook: mapstructure.ComposeDecodeHookFunc(
+				mapstructure.StringToTimeDurationHookFunc(),
+				utils.TextUnmarshalerHookFunc()),
+			Metadata:         nil,
+			Result:           c,
+			WeaklyTypedInput: true,
+			MatchName: func(mapKey, fieldName string) bool {
+				return strings.EqualFold(mapKey, fieldName) ||
+					strings.EqualFold(mapKey, strings.ReplaceAll(fieldName, "_", ""))
+			},
+			Squash: true,
+		},
+	}
+}

model/cron.go

@@ -3,7 +3,7 @@ package model
 import (
 	"time"
 
-	"github.com/nezhahq/nezha/pkg/utils"
+	"github.com/goccy/go-json"
 	"github.com/robfig/cron/v3"
 	"gorm.io/gorm"
 )
@@ -34,7 +34,7 @@ type Cron struct {
 }
 
 func (c *Cron) BeforeSave(tx *gorm.DB) error {
-	if data, err := utils.Json.Marshal(c.Servers); err != nil {
+	if data, err := json.Marshal(c.Servers); err != nil {
 		return err
 	} else {
 		c.ServersRaw = string(data)
@@ -43,5 +43,5 @@ func (c *Cron) BeforeSave(tx *gorm.DB) error {
 }
 
 func (c *Cron) AfterFind(tx *gorm.DB) error {
-	return utils.Json.Unmarshal([]byte(c.ServersRaw), &c.Servers)
+	return json.Unmarshal([]byte(c.ServersRaw), &c.Servers)
 }

model/ddns.go

@@ -1,7 +1,7 @@
 package model
 
 import (
-	"github.com/nezhahq/nezha/pkg/utils"
+	"github.com/goccy/go-json"
 	"gorm.io/gorm"
 )
 
@@ -39,7 +39,7 @@ func (d DDNSProfile) TableName() string {
 }
 
 func (d *DDNSProfile) BeforeSave(tx *gorm.DB) error {
-	if data, err := utils.Json.Marshal(d.Domains); err != nil {
+	if data, err := json.Marshal(d.Domains); err != nil {
 		return err
 	} else {
 		d.DomainsRaw = string(data)
@@ -48,5 +48,5 @@ func (d *DDNSProfile) BeforeSave(tx *gorm.DB) error {
 }
 
 func (d *DDNSProfile) AfterFind(tx *gorm.DB) error {
-	return utils.Json.Unmarshal([]byte(d.DomainsRaw), &d.Domains)
+	return json.Unmarshal([]byte(d.DomainsRaw), &d.Domains)
 }

model/notification.go

@@ -9,6 +9,7 @@ import (
 	"strings"
 	"time"
 
+	"github.com/goccy/go-json"
 	"github.com/nezhahq/nezha/pkg/utils"
 )
 
@@ -66,7 +67,7 @@ func (ns *NotificationServerBundle) reqBody(message string) (string, error) {
 	switch n.RequestType {
 	case NotificationRequestTypeJSON:
 		return ns.replaceParamsInString(n.RequestBody, message, func(msg string) string {
-			msgBytes, _ := utils.Json.Marshal(msg)
+			msgBytes, _ := json.Marshal(msg)
 			return string(msgBytes)[1 : len(msgBytes)-1]
 		}), nil
 	case NotificationRequestTypeForm:

model/server.go

@@ -5,9 +5,9 @@ import (
 	"slices"
 	"time"
 
+	"github.com/goccy/go-json"
 	"gorm.io/gorm"
 
-	"github.com/nezhahq/nezha/pkg/utils"
 	pb "github.com/nezhahq/nezha/proto"
 )
 
@@ -59,13 +59,13 @@ func (s *Server) CopyFromRunningServer(old *Server) {
 
 func (s *Server) AfterFind(tx *gorm.DB) error {
 	if s.DDNSProfilesRaw != "" {
-		if err := utils.Json.Unmarshal([]byte(s.DDNSProfilesRaw), &s.DDNSProfiles); err != nil {
+		if err := json.Unmarshal([]byte(s.DDNSProfilesRaw), &s.DDNSProfiles); err != nil {
 			log.Println("NEZHA>> Server.AfterFind:", err)
 			return nil
 		}
 	}
 	if s.OverrideDDNSDomainsRaw != "" {
-		if err := utils.Json.Unmarshal([]byte(s.OverrideDDNSDomainsRaw), &s.OverrideDDNSDomains); err != nil {
+		if err := json.Unmarshal([]byte(s.OverrideDDNSDomainsRaw), &s.OverrideDDNSDomains); err != nil {
 			log.Println("NEZHA>> Server.AfterFind:", err)
 			return nil
 		}

model/service.go

@@ -4,10 +4,10 @@ import (
 	"fmt"
 	"log"
 
+	"github.com/goccy/go-json"
 	"github.com/robfig/cron/v3"
 	"gorm.io/gorm"
 
-	"github.com/nezhahq/nezha/pkg/utils"
 	pb "github.com/nezhahq/nezha/proto"
 )
 
@@ -91,17 +91,17 @@ func (m *Service) CronSpec() string {
 }
 
 func (m *Service) BeforeSave(tx *gorm.DB) error {
-	if data, err := utils.Json.Marshal(m.SkipServers); err != nil {
+	if data, err := json.Marshal(m.SkipServers); err != nil {
 		return err
 	} else {
 		m.SkipServersRaw = string(data)
 	}
-	if data, err := utils.Json.Marshal(m.FailTriggerTasks); err != nil {
+	if data, err := json.Marshal(m.FailTriggerTasks); err != nil {
 		return err
 	} else {
 		m.FailTriggerTasksRaw = string(data)
 	}
-	if data, err := utils.Json.Marshal(m.RecoverTriggerTasks); err != nil {
+	if data, err := json.Marshal(m.RecoverTriggerTasks); err != nil {
 		return err
 	} else {
 		m.RecoverTriggerTasksRaw = string(data)
@@ -111,16 +111,16 @@ func (m *Service) BeforeSave(tx *gorm.DB) error {
 
 func (m *Service) AfterFind(tx *gorm.DB) error {
 	m.SkipServers = make(map[uint64]bool)
-	if err := utils.Json.Unmarshal([]byte(m.SkipServersRaw), &m.SkipServers); err != nil {
+	if err := json.Unmarshal([]byte(m.SkipServersRaw), &m.SkipServers); err != nil {
 		log.Println("NEZHA>> Service.AfterFind:", err)
 		return nil
 	}
 
 	// 加载触发任务列表
-	if err := utils.Json.Unmarshal([]byte(m.FailTriggerTasksRaw), &m.FailTriggerTasks); err != nil {
+	if err := json.Unmarshal([]byte(m.FailTriggerTasksRaw), &m.FailTriggerTasks); err != nil {
 		return err
 	}
-	if err := utils.Json.Unmarshal([]byte(m.RecoverTriggerTasksRaw), &m.RecoverTriggerTasks); err != nil {
+	if err := json.Unmarshal([]byte(m.RecoverTriggerTasksRaw), &m.RecoverTriggerTasks); err != nil {
 		return err
 	}
 

model/setting_api.go

@@ -13,11 +13,16 @@ type SettingForm struct {
 	RealIPHeader                string `json:"real_ip_header,omitempty" validate:"optional"` // 真实IP
 	UserTemplate                string `json:"user_template,omitempty" validate:"optional"`
 
-	TLS                         bool `json:"tls,omitempty" validate:"optional"`
+	AgentTLS                    bool `json:"tls,omitempty" validate:"optional"`
 	EnableIPChangeNotification  bool `json:"enable_ip_change_notification,omitempty" validate:"optional"`
 	EnablePlainIPInNotification bool `json:"enable_plain_ip_in_notification,omitempty" validate:"optional"`
 }
 
+type Setting struct {
+	ConfigForGuests
+	ConfigDashboard
+}
+
 type FrontendTemplate struct {
 	Path       string `json:"path,omitempty"`
 	Name       string `json:"name,omitempty"`
@@ -28,8 +33,8 @@ type FrontendTemplate struct {
 	IsOfficial bool   `json:"is_official,omitempty"`
 }
 
-type SettingResponse[T any] struct {
-	Config T `json:"config,omitempty"`
+type SettingResponse struct {
+	Config Setting `json:"config"`
 
 	Version           string             `json:"version,omitempty"`
 	FrontendTemplates []FrontendTemplate `json:"frontend_templates,omitempty"`

model/waf.go

@@ -117,7 +117,7 @@ func BlockIP(db *gorm.DB, ip string, reason uint8, uid int64) error {
 	}
 	now := uint64(time.Now().Unix())
 
-	var count interface{}
+	var count any
 	if reason == WAFBlockReasonTypeManual {
 		count = 99999
 	} else {