修改`宝塔面板`部分功能

静凇 Lv3
  2025-05-29 16:50:44 2025-05-29 16:50:44 创建   2025-06-18 19:11:26 2025-06-18 19:11:26 更新  

一、修改获取登录IP的功能

修改/www/server/panel/class/public.pyGetClientIp()函数:

1
2
3
4
5
6
7
8
9
10
11
12
13
def GetClientIp():
    from flask import request
    headers = ["X-Real-IP", "X-Forwarded-For", "Proxy-Client-IP", "WL-Proxy-Client-IP", "HTTP_CLIENT_IP", "HTTP_X_FORWARDED_FOR"]
    ipaddr = None
    for header in headers:
        ipaddr = request.headers.get(header, None)
        if ipaddr is not None:
            break
    if ipaddr is None:
        ipaddr = request.remote_addr.replace('::ffff:', '')
    if not check_ip(ipaddr):
        ipaddr = '未知IP地址'
    return ipaddr

修改之后,使用Nginx反向代理宝塔面板链接时,可以正确获取到登录IP

这里是反向代理的配置
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
location ^~ / {
	proxy_pass http://127.0.0.1:12321;
	proxy_set_header Host $http_host;
	proxy_set_header X-Real-IP $remote_addr;
	proxy_set_header X-Real-Port $remote_port;
	proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
	proxy_set_header X-Forwarded-Proto $scheme;
	proxy_set_header X-Forwarded-Host $host;
	proxy_set_header X-Forwarded-Port $server_port;
	proxy_set_header REMOTE-HOST $remote_addr;
	proxy_ssl_server_name on;
	proxy_connect_timeout 60s;
	proxy_send_timeout 600s;
	proxy_read_timeout 600s;
	proxy_http_version 1.1;
	proxy_set_header Upgrade $http_upgrade;
	proxy_set_header Connection $connection_upgrade;
}

二、修改DNS和SSL中Clouflare的身份验证方式

1、修改文件/www/server/panel/class/panelDnsapi.pyCloudFlareDns类的私有方法_get_auth_headers为:

1
2
3
4
5
def _get_auth_headers(self) -> dict:
    if (self.CLOUDFLARE_EMAIL is None or not self.CLOUDFLARE_EMAIL) and isinstance(self.CLOUDFLARE_API_KEY, str):
        return {"Authorization": "Bearer " + self.CLOUDFLARE_API_KEY}
    else:
        return {"X-Auth-Email": self.CLOUDFLARE_EMAIL, "X-Auth-Key": self.CLOUDFLARE_API_KEY}

修改后,在配置CloudflareDNS接口时,E-Mail输入空格 API Key输入API Token,这样可以避免使用 Global API Key

2、修改文件/www/server/panel/class/sslModel/cloudflareModel.pymain类的私有方法__init_data为:

1
2
3
4
5
6
7
8
9
10
def __init_data(self, data):
        self.CLOUDFLARE_EMAIL = data['E-Mail'].strip()
        self.CLOUDFLARE_API_KEY = data['API Key']
        self.CLOUDFLARE_API_BASE_URL = 'https://api.cloudflare.com/client/v4/'
        self.HTTP_TIMEOUT = 65  # seconds
        
        if (self.CLOUDFLARE_EMAIL is None or not self.CLOUDFLARE_EMAIL) and isinstance(self.CLOUDFLARE_API_KEY, str):
            self.headers = {"Authorization": f"Bearer {self.CLOUDFLARE_API_KEY}"}
        else:
            self.headers = {"X-Auth-Email": self.CLOUDFLARE_EMAIL, "X-Auth-Key": self.CLOUDFLARE_API_KEY}

修改后,在用CloudflareDNS申请证书时,可以使用API Token的方式申请。

三、修改生成下载SSL证书时的链接

在使用反向代理宝塔面板时,下载证书会带上端口,这会导致下载不了证书,为了正常下载和更好地隐藏端口,需要修改文件/www/server/panel/class/sslModel/certModel.py中的download_cert函数和batch_download_cert函数:

1
2
3
4
# 将函数中的:
zfile = '{}://{}:{}/download?filename={}'.format(ssl, host, port, zfile)
# 改为:
zfile = '{}://{}/download?filename={}'.format(ssl, host, zfile)

或者像下面这样改:

1
2
3
4
5
6
7
8
9
10
11
# 将下面两行代码
# host = request.host.split(":")[0]
# ssl = "https" if public.is_ssl() else "http"
# 改为
ssl = "https" if public.is_ssl() else "http"
host_port =  request.host.split(":")
host = host_port[0]
if len(host_port) > 1:
    port = host_port[1]
else:
	port = "443" if public.is_ssl() else "80"
  • 标题: 修改`宝塔面板`部分功能
  • 作者: 静凇
  • 创建于 : 2025-05-29 16:50:44
  • 更新于 : 2025-06-18 19:11:26
  • 链接: https://blog.zhangyirui.cn/2025/05/29/Modify-the-functions-of-the-Baota-Panel-section/
  • 版权声明: 本文章采用 CC BY-NC-SA 4.0 进行许可。
目录
修改`宝塔面板`部分功能
  1. 一、修改获取登录IP的功能
  2. 二、修改DNS和SSL中Clouflare的身份验证方式
  3. 三、修改生成下载SSL证书时的链接