System arch optimization

- Optimized types and definitions
- Moved shutdown seq to start.go file
- Moved authelia to auth/sso module
- Added different auth types support (wip)
- Updated proxy config structure
- Added v3.1.4 to v3.1.5 auto upgrade utilities
- Fixed #426
- Optimized status page UI
- Added options to disable uptime montior in config

src/mod/update/updatelogic.go

@@ -1,6 +1,9 @@
 package update
 
-import v308 "imuslab.com/zoraxy/mod/update/v308"
+import (
+	v308 "imuslab.com/zoraxy/mod/update/v308"
+	v315 "imuslab.com/zoraxy/mod/update/v315"
+)
 
 // Updater Core logic
 func runUpdateRoutineWithVersion(fromVersion int, toVersion int) {
@@ -10,6 +13,12 @@ func runUpdateRoutineWithVersion(fromVersion int, toVersion int) {
 		if err != nil {
 			panic(err)
 		}
+	} else if fromVersion == 314 && toVersion == 315 {
+		//Updating from v3.1.4 to v3.1.5
+		err := v315.UpdateFrom314To315()
+		if err != nil {
+			panic(err)
+		}
 	}
 
 	//ADD MORE VERSIONS HERE

src/mod/update/updateutil/updateutil.go

@@ -0,0 +1,24 @@
+package updateutil
+
+import (
+	"io"
+	"os"
+)
+
+// Helper function to copy files
+func CopyFile(src, dst string) error {
+	sourceFile, err := os.Open(src)
+	if err != nil {
+		return err
+	}
+	defer sourceFile.Close()
+
+	destinationFile, err := os.Create(dst)
+	if err != nil {
+		return err
+	}
+	defer destinationFile.Close()
+
+	_, err = io.Copy(destinationFile, sourceFile)
+	return err
+}

src/mod/update/v315/typedef314.go

@@ -0,0 +1,50 @@
+package v315
+
+import (
+	"imuslab.com/zoraxy/mod/dynamicproxy/loadbalance"
+	"imuslab.com/zoraxy/mod/dynamicproxy/permissionpolicy"
+	"imuslab.com/zoraxy/mod/dynamicproxy/rewrite"
+)
+
+// A proxy endpoint record, a general interface for handling inbound routing
+type v314ProxyEndpoint struct {
+	ProxyType            int                     //The type of this proxy, see const def
+	RootOrMatchingDomain string                  //Matching domain for host, also act as key
+	MatchingDomainAlias  []string                //A list of domains that alias to this rule
+	ActiveOrigins        []*loadbalance.Upstream //Activated Upstream or origin servers IP or domain to proxy to
+	InactiveOrigins      []*loadbalance.Upstream //Disabled Upstream or origin servers IP or domain to proxy to
+	UseStickySession     bool                    //Use stick session for load balancing
+	UseActiveLoadBalance bool                    //Use active loadbalancing, default passive
+	Disabled             bool                    //If the rule is disabled
+
+	//Inbound TLS/SSL Related
+	BypassGlobalTLS bool //Bypass global TLS setting options if TLS Listener enabled (parent.tlsListener != nil)
+
+	//Virtual Directories
+	VirtualDirectories []*VirtualDirectoryEndpoint
+
+	//Custom Headers
+	UserDefinedHeaders           []*rewrite.UserDefinedHeader        //Custom headers to append when proxying requests from this endpoint
+	RequestHostOverwrite         string                              //If not empty, this domain will be used to overwrite the Host field in request header
+	HSTSMaxAge                   int64                               //HSTS max age, set to 0 for disable HSTS headers
+	EnablePermissionPolicyHeader bool                                //Enable injection of permission policy header
+	PermissionPolicy             *permissionpolicy.PermissionsPolicy //Permission policy header
+	DisableHopByHopHeaderRemoval bool                                //Do not remove hop-by-hop headers
+
+	//Authentication
+	RequireBasicAuth        bool                      //Set to true to request basic auth before proxy
+	BasicAuthCredentials    []*BasicAuthCredentials   //Basic auth credentials
+	BasicAuthExceptionRules []*BasicAuthExceptionRule //Path to exclude in a basic auth enabled proxy target
+	UseSSOIntercept         bool                      //Allow SSO to intercept this endpoint and provide authentication via Oauth2 credentials
+
+	// Rate Limiting
+	RequireRateLimit bool
+	RateLimit        int64 // Rate limit in requests per second
+
+	//Access Control
+	AccessFilterUUID string //Access filter ID
+
+	//Fallback routing logic (Special Rule Sets Only)
+	DefaultSiteOption int    //Fallback routing logic options
+	DefaultSiteValue  string //Fallback routing target, optional
+}

src/mod/update/v315/typedef315.go

@@ -0,0 +1,106 @@
+package v315
+
+import (
+	"imuslab.com/zoraxy/mod/dynamicproxy/loadbalance"
+	"imuslab.com/zoraxy/mod/dynamicproxy/permissionpolicy"
+	"imuslab.com/zoraxy/mod/dynamicproxy/rewrite"
+)
+
+type ProxyType int
+
+const (
+	ProxyTypeRoot ProxyType = iota //Root Proxy, everything not matching will be routed here
+	ProxyTypeHost                  //Host Proxy, match by host (domain) name
+	ProxyTypeVdir                  //Virtual Directory Proxy, match by path prefix
+)
+
+/* Basic Auth Related Data structure*/
+// Auth credential for basic auth on certain endpoints
+type BasicAuthCredentials struct {
+	Username     string
+	PasswordHash string
+}
+
+// Auth credential for basic auth on certain endpoints
+type BasicAuthUnhashedCredentials struct {
+	Username string
+	Password string
+}
+
+// Paths to exclude in basic auth enabled proxy handler
+type BasicAuthExceptionRule struct {
+	PathPrefix string
+}
+
+/* Routing Rule Data Structures */
+
+// A Virtual Directory endpoint, provide a subset of ProxyEndpoint for better
+// program structure than directly using ProxyEndpoint
+type VirtualDirectoryEndpoint struct {
+	MatchingPath        string //Matching prefix of the request path, also act as key
+	Domain              string //Domain or IP to proxy to
+	RequireTLS          bool   //Target domain require TLS
+	SkipCertValidations bool   //Set to true to accept self signed certs
+	Disabled            bool   //If the rule is enabled
+}
+
+// Rules and settings for header rewriting
+type HeaderRewriteRules struct {
+	UserDefinedHeaders           []*rewrite.UserDefinedHeader        //Custom headers to append when proxying requests from this endpoint
+	RequestHostOverwrite         string                              //If not empty, this domain will be used to overwrite the Host field in request header
+	HSTSMaxAge                   int64                               //HSTS max age, set to 0 for disable HSTS headers
+	EnablePermissionPolicyHeader bool                                //Enable injection of permission policy header
+	PermissionPolicy             *permissionpolicy.PermissionsPolicy //Permission policy header
+	DisableHopByHopHeaderRemoval bool                                //Do not remove hop-by-hop headers
+}
+
+type AuthProvider int
+
+const (
+	AuthProviderNone AuthProvider = iota
+	AuthProviderBasicAuth
+	AuthProviderAuthelia
+	AuthProviderOauth2
+)
+
+type AuthenticationProvider struct {
+	AuthProvider            AuthProvider              //The type of authentication provider
+	RequireBasicAuth        bool                      //Set to true to request basic auth before proxy
+	BasicAuthCredentials    []*BasicAuthCredentials   //Basic auth credentials
+	BasicAuthExceptionRules []*BasicAuthExceptionRule //Path to exclude in a basic auth enabled proxy target
+}
+
+// A proxy endpoint record, a general interface for handling inbound routing
+type v315ProxyEndpoint struct {
+	ProxyType            ProxyType               //The type of this proxy, see const def
+	RootOrMatchingDomain string                  //Matching domain for host, also act as key
+	MatchingDomainAlias  []string                //A list of domains that alias to this rule
+	ActiveOrigins        []*loadbalance.Upstream //Activated Upstream or origin servers IP or domain to proxy to
+	InactiveOrigins      []*loadbalance.Upstream //Disabled Upstream or origin servers IP or domain to proxy to
+	UseStickySession     bool                    //Use stick session for load balancing
+	UseActiveLoadBalance bool                    //Use active loadbalancing, default passive
+	Disabled             bool                    //If the rule is disabled
+
+	//Inbound TLS/SSL Related
+	BypassGlobalTLS bool //Bypass global TLS setting options if TLS Listener enabled (parent.tlsListener != nil)
+
+	//Virtual Directories
+	VirtualDirectories []*VirtualDirectoryEndpoint
+
+	//Custom Headers
+	HeaderRewriteRules *HeaderRewriteRules
+
+	//Authentication
+	AuthenticationProvider *AuthenticationProvider
+
+	// Rate Limiting
+	RequireRateLimit bool
+	RateLimit        int64 // Rate limit in requests per second
+
+	//Access Control
+	AccessFilterUUID string //Access filter ID
+
+	//Fallback routing logic (Special Rule Sets Only)
+	DefaultSiteOption int    //Fallback routing logic options
+	DefaultSiteValue  string //Fallback routing target, optional
+}

src/mod/update/v315/v315.go

@@ -0,0 +1,124 @@
+package v315
+
+import (
+	"encoding/json"
+	"log"
+	"os"
+	"path/filepath"
+
+	"imuslab.com/zoraxy/mod/update/updateutil"
+)
+
+func UpdateFrom314To315() error {
+	//Load the configs
+	oldConfigFiles, err := filepath.Glob("./conf/proxy/*.config")
+	if err != nil {
+		return err
+	}
+
+	//Backup all the files
+	err = os.MkdirAll("./conf/proxy-314.old/", 0775)
+	if err != nil {
+		return err
+	}
+
+	for _, oldConfigFile := range oldConfigFiles {
+		// Extract the file name from the path
+		fileName := filepath.Base(oldConfigFile)
+		// Construct the backup file path
+		backupFile := filepath.Join("./conf/proxy-314.old/", fileName)
+
+		// Copy the file to the backup directory
+		err := updateutil.CopyFile(oldConfigFile, backupFile)
+		if err != nil {
+			return err
+		}
+	}
+
+	//read the config into the old struct
+	for _, oldConfigFile := range oldConfigFiles {
+		configContent, err := os.ReadFile(oldConfigFile)
+		if err != nil {
+			log.Println("Unable to read config file "+filepath.Base(oldConfigFile), err.Error())
+			continue
+		}
+
+		thisOldConfigStruct := v314ProxyEndpoint{}
+		err = json.Unmarshal(configContent, &thisOldConfigStruct)
+		if err != nil {
+			log.Println("Unable to parse file "+filepath.Base(oldConfigFile), err.Error())
+			continue
+		}
+
+		//Convert the old struct to the new struct
+		thisNewConfigStruct := convertV314ToV315(thisOldConfigStruct)
+
+		//Write the new config to file
+		newConfigContent, err := json.MarshalIndent(thisNewConfigStruct, "", "    ")
+		if err != nil {
+			log.Println("Unable to marshal new config "+filepath.Base(oldConfigFile), err.Error())
+			continue
+		}
+
+		err = os.WriteFile(oldConfigFile, newConfigContent, 0664)
+		if err != nil {
+			log.Println("Unable to write new config "+filepath.Base(oldConfigFile), err.Error())
+			continue
+		}
+	}
+
+	return nil
+}
+
+func convertV314ToV315(thisOldConfigStruct v314ProxyEndpoint) v315ProxyEndpoint {
+	//Move old header and auth configs into struct
+	newHeaderRewriteRules := HeaderRewriteRules{
+		UserDefinedHeaders:           thisOldConfigStruct.UserDefinedHeaders,
+		RequestHostOverwrite:         thisOldConfigStruct.RequestHostOverwrite,
+		HSTSMaxAge:                   thisOldConfigStruct.HSTSMaxAge,
+		EnablePermissionPolicyHeader: thisOldConfigStruct.EnablePermissionPolicyHeader,
+		PermissionPolicy:             thisOldConfigStruct.PermissionPolicy,
+		DisableHopByHopHeaderRemoval: thisOldConfigStruct.DisableHopByHopHeaderRemoval,
+	}
+
+	newAuthenticationProvider := AuthenticationProvider{
+		RequireBasicAuth:        thisOldConfigStruct.RequireBasicAuth,
+		BasicAuthCredentials:    thisOldConfigStruct.BasicAuthCredentials,
+		BasicAuthExceptionRules: thisOldConfigStruct.BasicAuthExceptionRules,
+	}
+
+	//Convert proxy type int to enum
+	var newConfigProxyType ProxyType
+	if thisOldConfigStruct.ProxyType == 0 {
+		newConfigProxyType = ProxyTypeRoot
+	} else if thisOldConfigStruct.ProxyType == 1 {
+		newConfigProxyType = ProxyTypeHost
+	} else if thisOldConfigStruct.ProxyType == 2 {
+		newConfigProxyType = ProxyTypeVdir
+	}
+
+	//Update the config struct
+	thisNewConfigStruct := v315ProxyEndpoint{
+		ProxyType:            newConfigProxyType,
+		RootOrMatchingDomain: thisOldConfigStruct.RootOrMatchingDomain,
+		MatchingDomainAlias:  thisOldConfigStruct.MatchingDomainAlias,
+		ActiveOrigins:        thisOldConfigStruct.ActiveOrigins,
+		InactiveOrigins:      thisOldConfigStruct.InactiveOrigins,
+		UseStickySession:     thisOldConfigStruct.UseStickySession,
+		UseActiveLoadBalance: thisOldConfigStruct.UseActiveLoadBalance,
+		Disabled:             thisOldConfigStruct.Disabled,
+		BypassGlobalTLS:      thisOldConfigStruct.BypassGlobalTLS,
+		VirtualDirectories:   thisOldConfigStruct.VirtualDirectories,
+		RequireRateLimit:     thisOldConfigStruct.RequireRateLimit,
+		RateLimit:            thisOldConfigStruct.RateLimit,
+		AccessFilterUUID:     thisOldConfigStruct.AccessFilterUUID,
+		DefaultSiteOption:    thisOldConfigStruct.DefaultSiteOption,
+		DefaultSiteValue:     thisOldConfigStruct.DefaultSiteValue,
+
+		//Append the new struct into the new config
+		HeaderRewriteRules:     &newHeaderRewriteRules,
+		AuthenticationProvider: &newAuthenticationProvider,
+	}
+
+	return thisNewConfigStruct
+}