2025-09-20 07:35:50 +00:00
|
|
|
// Package database provides database initialization, migration, and management utilities
|
2026-04-03 01:39:53 +00:00
|
|
|
// for the 3x-ui panel using GORM with SQLite or MariaDB.
|
2023-02-09 19:18:06 +00:00
|
|
|
package database
|
|
|
|
|
|
|
|
|
|
import (
|
2023-05-05 18:21:39 +00:00
|
|
|
"bytes"
|
2025-10-14 20:03:17 +00:00
|
|
|
"errors"
|
2023-05-05 18:21:39 +00:00
|
|
|
"io"
|
2023-02-09 19:18:06 +00:00
|
|
|
"io/fs"
|
2024-07-13 23:22:02 +00:00
|
|
|
"log"
|
2023-02-09 19:18:06 +00:00
|
|
|
"os"
|
|
|
|
|
"path"
|
2025-05-03 09:27:53 +00:00
|
|
|
"slices"
|
2023-07-01 12:26:43 +00:00
|
|
|
|
2025-09-19 08:05:43 +00:00
|
|
|
"github.com/mhsanaei/3x-ui/v2/config"
|
|
|
|
|
"github.com/mhsanaei/3x-ui/v2/database/model"
|
|
|
|
|
"github.com/mhsanaei/3x-ui/v2/util/crypto"
|
|
|
|
|
"github.com/mhsanaei/3x-ui/v2/xray"
|
2023-02-16 15:58:20 +00:00
|
|
|
|
2026-04-03 01:53:20 +00:00
|
|
|
mysql2 "github.com/go-sql-driver/mysql"
|
2026-04-03 01:26:42 +00:00
|
|
|
"gorm.io/driver/mysql"
|
2023-02-16 15:58:20 +00:00
|
|
|
"gorm.io/driver/sqlite"
|
|
|
|
|
"gorm.io/gorm"
|
|
|
|
|
"gorm.io/gorm/logger"
|
2023-02-09 19:18:06 +00:00
|
|
|
)
|
|
|
|
|
|
|
|
|
|
var db *gorm.DB
|
|
|
|
|
|
2024-07-13 23:22:02 +00:00
|
|
|
const (
|
|
|
|
|
defaultUsername = "admin"
|
|
|
|
|
defaultPassword = "admin"
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
func initModels() error {
|
2025-03-12 19:13:51 +00:00
|
|
|
models := []any{
|
2024-07-13 23:22:02 +00:00
|
|
|
&model.User{},
|
|
|
|
|
&model.Inbound{},
|
|
|
|
|
&model.OutboundTraffics{},
|
2025-02-04 10:27:58 +00:00
|
|
|
&model.Setting{},
|
2024-07-13 23:22:02 +00:00
|
|
|
&model.InboundClientIps{},
|
|
|
|
|
&xray.ClientTraffic{},
|
2025-05-03 09:27:53 +00:00
|
|
|
&model.HistoryOfSeeders{},
|
2026-04-10 03:16:16 +00:00
|
|
|
&model.SharedState{},
|
|
|
|
|
&model.NodeState{},
|
2024-07-13 23:22:02 +00:00
|
|
|
}
|
2025-02-04 10:27:58 +00:00
|
|
|
for _, model := range models {
|
2024-07-13 23:22:02 +00:00
|
|
|
if err := db.AutoMigrate(model); err != nil {
|
2025-02-04 10:27:58 +00:00
|
|
|
log.Printf("Error auto migrating model: %v", err)
|
2024-07-13 23:22:02 +00:00
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
}
|
2026-04-10 03:16:16 +00:00
|
|
|
if err := seedSharedAccountsVersion(db); err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
2024-07-13 23:22:02 +00:00
|
|
|
return nil
|
2023-05-22 23:13:15 +00:00
|
|
|
}
|
|
|
|
|
|
2025-09-20 07:35:50 +00:00
|
|
|
// initUser creates a default admin user if the users table is empty.
|
2023-02-09 19:18:06 +00:00
|
|
|
func initUser() error {
|
2024-07-13 23:22:02 +00:00
|
|
|
empty, err := isTableEmpty("users")
|
2023-02-09 19:18:06 +00:00
|
|
|
if err != nil {
|
2024-07-13 23:22:02 +00:00
|
|
|
log.Printf("Error checking if users table is empty: %v", err)
|
2023-02-09 19:18:06 +00:00
|
|
|
return err
|
|
|
|
|
}
|
2024-07-13 23:22:02 +00:00
|
|
|
if empty {
|
2025-05-03 09:27:53 +00:00
|
|
|
hashedPassword, err := crypto.HashPasswordAsBcrypt(defaultPassword)
|
|
|
|
|
|
|
|
|
|
if err != nil {
|
|
|
|
|
log.Printf("Error hashing default password: %v", err)
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
|
2023-02-09 19:18:06 +00:00
|
|
|
user := &model.User{
|
2025-05-08 14:20:58 +00:00
|
|
|
Username: defaultUsername,
|
|
|
|
|
Password: hashedPassword,
|
2026-04-02 15:49:30 +00:00
|
|
|
Role: "admin",
|
2023-02-09 19:18:06 +00:00
|
|
|
}
|
2026-04-03 01:34:17 +00:00
|
|
|
if err := db.Create(user).Error; err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Mark password hashing seeder as done since initUser already uses bcrypt
|
|
|
|
|
hashSeeder := &model.HistoryOfSeeders{
|
|
|
|
|
SeederName: "UserPasswordHash",
|
|
|
|
|
}
|
|
|
|
|
return db.Create(hashSeeder).Error
|
2023-02-09 19:18:06 +00:00
|
|
|
}
|
|
|
|
|
return nil
|
|
|
|
|
}
|
|
|
|
|
|
2025-09-20 07:35:50 +00:00
|
|
|
// runSeeders migrates user passwords to bcrypt and records seeder execution to prevent re-running.
|
2025-05-03 09:27:53 +00:00
|
|
|
func runSeeders(isUsersEmpty bool) error {
|
|
|
|
|
empty, err := isTableEmpty("history_of_seeders")
|
|
|
|
|
if err != nil {
|
|
|
|
|
log.Printf("Error checking if users table is empty: %v", err)
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
|
2026-04-06 18:12:02 +00:00
|
|
|
return db.Transaction(func(tx *gorm.DB) error {
|
|
|
|
|
if empty && isUsersEmpty {
|
|
|
|
|
hashSeeder := &model.HistoryOfSeeders{
|
|
|
|
|
SeederName: "UserPasswordHash",
|
|
|
|
|
}
|
|
|
|
|
return tx.Create(hashSeeder).Error
|
2025-05-03 09:27:53 +00:00
|
|
|
}
|
2026-04-06 18:12:02 +00:00
|
|
|
|
2025-05-03 09:27:53 +00:00
|
|
|
var seedersHistory []string
|
2026-04-06 18:12:02 +00:00
|
|
|
if err := tx.Model(&model.HistoryOfSeeders{}).Pluck("seeder_name", &seedersHistory).Error; err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
2025-05-03 09:27:53 +00:00
|
|
|
|
|
|
|
|
if !slices.Contains(seedersHistory, "UserPasswordHash") && !isUsersEmpty {
|
|
|
|
|
var users []model.User
|
2026-04-06 18:12:02 +00:00
|
|
|
if err := tx.Find(&users).Error; err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
2025-05-03 09:27:53 +00:00
|
|
|
|
|
|
|
|
for _, user := range users {
|
|
|
|
|
hashedPassword, err := crypto.HashPasswordAsBcrypt(user.Password)
|
|
|
|
|
if err != nil {
|
|
|
|
|
log.Printf("Error hashing password for user '%s': %v", user.Username, err)
|
|
|
|
|
return err
|
|
|
|
|
}
|
2026-04-06 18:12:02 +00:00
|
|
|
if err := tx.Model(&user).Update("password", hashedPassword).Error; err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
2025-05-03 09:27:53 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
hashSeeder := &model.HistoryOfSeeders{
|
|
|
|
|
SeederName: "UserPasswordHash",
|
|
|
|
|
}
|
2026-04-06 18:12:02 +00:00
|
|
|
if err := tx.Create(hashSeeder).Error; err != nil {
|
2026-04-02 17:38:31 +00:00
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if !slices.Contains(seedersHistory, "RemoveClientTrafficEmailUnique") {
|
|
|
|
|
// Drop the old unique index on client_traffics.email to allow
|
|
|
|
|
// the same email across multiple inbounds
|
2026-04-03 01:53:20 +00:00
|
|
|
dbType := config.GetDBTypeFromJSON()
|
2026-04-06 18:12:02 +00:00
|
|
|
var execErr error
|
2026-04-03 01:53:20 +00:00
|
|
|
if dbType == "mariadb" {
|
2026-04-06 18:12:02 +00:00
|
|
|
execErr = tx.Exec("DROP INDEX IF EXISTS idx_client_traffics_email ON client_traffics").Error
|
2026-04-03 01:53:20 +00:00
|
|
|
} else {
|
2026-04-06 18:12:02 +00:00
|
|
|
execErr = tx.Exec("DROP INDEX IF EXISTS idx_client_traffics_email").Error
|
|
|
|
|
}
|
|
|
|
|
if execErr != nil {
|
|
|
|
|
return execErr
|
2026-04-03 01:53:20 +00:00
|
|
|
}
|
2026-04-02 17:38:31 +00:00
|
|
|
uniqueSeeder := &model.HistoryOfSeeders{
|
|
|
|
|
SeederName: "RemoveClientTrafficEmailUnique",
|
|
|
|
|
}
|
2026-04-06 18:12:02 +00:00
|
|
|
if err := tx.Create(uniqueSeeder).Error; err != nil {
|
2026-04-02 17:38:31 +00:00
|
|
|
return err
|
|
|
|
|
}
|
2025-05-03 09:27:53 +00:00
|
|
|
}
|
|
|
|
|
|
2026-04-06 18:12:02 +00:00
|
|
|
return nil
|
|
|
|
|
})
|
2025-05-03 09:27:53 +00:00
|
|
|
}
|
|
|
|
|
|
2025-09-20 07:35:50 +00:00
|
|
|
// isTableEmpty returns true if the named table contains zero rows.
|
2024-07-13 23:22:02 +00:00
|
|
|
func isTableEmpty(tableName string) (bool, error) {
|
|
|
|
|
var count int64
|
|
|
|
|
err := db.Table(tableName).Count(&count).Error
|
|
|
|
|
return count == 0, err
|
2023-02-09 19:18:06 +00:00
|
|
|
}
|
|
|
|
|
|
2025-09-20 07:35:50 +00:00
|
|
|
// InitDB sets up the database connection, migrates models, and runs seeders.
|
2026-04-03 01:26:42 +00:00
|
|
|
// It reads the dbType from the JSON config to determine whether to use SQLite or MariaDB.
|
|
|
|
|
func InitDB() error {
|
2026-04-03 01:53:20 +00:00
|
|
|
CloseDB() // close any existing connection before re-initializing
|
|
|
|
|
|
2026-04-03 01:26:42 +00:00
|
|
|
dbType := config.GetDBTypeFromJSON()
|
|
|
|
|
|
|
|
|
|
var err error
|
|
|
|
|
switch dbType {
|
|
|
|
|
case "mariadb":
|
|
|
|
|
err = initMariaDB()
|
|
|
|
|
default:
|
|
|
|
|
err = initSQLite(config.GetDBPath())
|
|
|
|
|
}
|
|
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if err := initModels(); err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if err := initUser(); err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
isUsersEmpty, err := isTableEmpty("users")
|
|
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
return runSeeders(isUsersEmpty)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// InitDBWithPath is a convenience function for tests and migrations that need
|
|
|
|
|
// to open a specific SQLite file.
|
|
|
|
|
func InitDBWithPath(dbPath string) error {
|
2026-04-03 01:53:20 +00:00
|
|
|
CloseDB() // close any existing connection before re-initializing
|
|
|
|
|
|
2026-04-03 01:26:42 +00:00
|
|
|
if err := initSQLite(dbPath); err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
if err := initModels(); err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
if err := initUser(); err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
isUsersEmpty, err := isTableEmpty("users")
|
|
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
return runSeeders(isUsersEmpty)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// initSQLite opens a SQLite database connection and runs model migrations.
|
|
|
|
|
func initSQLite(dbPath string) error {
|
2023-02-09 19:18:06 +00:00
|
|
|
dir := path.Dir(dbPath)
|
2023-05-22 23:13:15 +00:00
|
|
|
err := os.MkdirAll(dir, fs.ModePerm)
|
2023-02-09 19:18:06 +00:00
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
var gormLogger logger.Interface
|
|
|
|
|
|
|
|
|
|
if config.IsDebug() {
|
|
|
|
|
gormLogger = logger.Default
|
|
|
|
|
} else {
|
|
|
|
|
gormLogger = logger.Discard
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
c := &gorm.Config{
|
2025-02-04 10:27:58 +00:00
|
|
|
Logger: gormLogger,
|
2023-02-09 19:18:06 +00:00
|
|
|
}
|
2025-02-04 10:27:58 +00:00
|
|
|
db, err = gorm.Open(sqlite.Open(dbPath), c)
|
2023-02-09 19:18:06 +00:00
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
|
2026-04-03 01:26:42 +00:00
|
|
|
return nil
|
|
|
|
|
}
|
|
|
|
|
|
2026-04-03 01:53:20 +00:00
|
|
|
// buildMariaDBDSN constructs a MariaDB DSN from the given config using
|
|
|
|
|
// go-sql-driver/mysql's Config to properly escape special characters in credentials.
|
|
|
|
|
func buildMariaDBDSN(dbConfig config.DBConfig) string {
|
|
|
|
|
cfg := mysql2.Config{
|
|
|
|
|
User: dbConfig.User,
|
|
|
|
|
Passwd: dbConfig.Password,
|
|
|
|
|
Net: "tcp",
|
|
|
|
|
Addr: dbConfig.Host + ":" + dbConfig.Port,
|
|
|
|
|
DBName: dbConfig.Name,
|
|
|
|
|
Params: map[string]string{
|
|
|
|
|
"charset": "utf8mb4",
|
|
|
|
|
"parseTime": "True",
|
|
|
|
|
"loc": "Local",
|
|
|
|
|
},
|
2026-04-03 03:20:54 +00:00
|
|
|
AllowNativePasswords: true,
|
2026-04-03 01:53:20 +00:00
|
|
|
}
|
|
|
|
|
return cfg.FormatDSN()
|
|
|
|
|
}
|
|
|
|
|
|
2026-04-24 10:01:59 +00:00
|
|
|
// OpenMariaDB opens a new MariaDB connection from the given config.
|
|
|
|
|
// Caller must close the returned db when done.
|
|
|
|
|
func OpenMariaDB(dbConfig config.DBConfig) (*gorm.DB, error) {
|
|
|
|
|
dsn := buildMariaDBDSN(dbConfig)
|
|
|
|
|
return gorm.Open(mysql.Open(dsn), &gorm.Config{
|
|
|
|
|
Logger: logger.Discard,
|
|
|
|
|
})
|
|
|
|
|
}
|
|
|
|
|
|
2026-04-03 01:26:42 +00:00
|
|
|
// initMariaDB opens a MariaDB connection and runs model migrations.
|
|
|
|
|
func initMariaDB() error {
|
|
|
|
|
dbConfig := config.GetDBConfigFromJSON()
|
2026-04-03 01:53:20 +00:00
|
|
|
dsn := buildMariaDBDSN(dbConfig)
|
2026-04-03 01:26:42 +00:00
|
|
|
|
|
|
|
|
var gormLogger logger.Interface
|
|
|
|
|
if config.IsDebug() {
|
|
|
|
|
gormLogger = logger.Default
|
|
|
|
|
} else {
|
|
|
|
|
gormLogger = logger.Discard
|
2024-07-13 23:22:02 +00:00
|
|
|
}
|
2025-05-03 09:27:53 +00:00
|
|
|
|
2026-04-03 01:26:42 +00:00
|
|
|
var err error
|
|
|
|
|
c := &gorm.Config{
|
|
|
|
|
Logger: gormLogger,
|
|
|
|
|
}
|
|
|
|
|
db, err = gorm.Open(mysql.Open(dsn), c)
|
2025-09-18 20:06:01 +00:00
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
2025-05-03 09:27:53 +00:00
|
|
|
|
2026-04-03 01:26:42 +00:00
|
|
|
return nil
|
2024-07-13 23:22:02 +00:00
|
|
|
}
|
|
|
|
|
|
2025-09-20 07:35:50 +00:00
|
|
|
// CloseDB closes the database connection if it exists.
|
2024-07-13 23:22:02 +00:00
|
|
|
func CloseDB() error {
|
|
|
|
|
if db != nil {
|
|
|
|
|
sqlDB, err := db.DB()
|
|
|
|
|
if err != nil {
|
2023-05-22 23:13:15 +00:00
|
|
|
return err
|
|
|
|
|
}
|
2024-07-13 23:22:02 +00:00
|
|
|
return sqlDB.Close()
|
2023-02-09 19:18:06 +00:00
|
|
|
}
|
|
|
|
|
return nil
|
|
|
|
|
}
|
|
|
|
|
|
2025-09-20 07:35:50 +00:00
|
|
|
// GetDB returns the global GORM database instance.
|
2023-02-09 19:18:06 +00:00
|
|
|
func GetDB() *gorm.DB {
|
|
|
|
|
return db
|
|
|
|
|
}
|
|
|
|
|
|
2025-09-20 07:35:50 +00:00
|
|
|
// IsNotFound checks if the given error is a GORM record not found error.
|
2023-02-09 19:18:06 +00:00
|
|
|
func IsNotFound(err error) bool {
|
|
|
|
|
return err == gorm.ErrRecordNotFound
|
|
|
|
|
}
|
2023-05-05 18:21:39 +00:00
|
|
|
|
2025-09-20 07:35:50 +00:00
|
|
|
// IsSQLiteDB checks if the given file is a valid SQLite database by reading its signature.
|
2023-05-22 23:13:15 +00:00
|
|
|
func IsSQLiteDB(file io.ReaderAt) (bool, error) {
|
2023-05-05 18:21:39 +00:00
|
|
|
signature := []byte("SQLite format 3\x00")
|
|
|
|
|
buf := make([]byte, len(signature))
|
2023-05-22 23:13:15 +00:00
|
|
|
_, err := file.ReadAt(buf, 0)
|
2023-05-05 18:21:39 +00:00
|
|
|
if err != nil {
|
|
|
|
|
return false, err
|
|
|
|
|
}
|
|
|
|
|
return bytes.Equal(buf, signature), nil
|
|
|
|
|
}
|
2023-12-08 19:35:10 +00:00
|
|
|
|
2025-09-20 07:35:50 +00:00
|
|
|
// Checkpoint performs a WAL checkpoint on the SQLite database to ensure data consistency.
|
2026-04-03 01:26:42 +00:00
|
|
|
// For MariaDB, this is a no-op.
|
2023-12-08 19:35:10 +00:00
|
|
|
func Checkpoint() error {
|
2026-04-03 01:26:42 +00:00
|
|
|
if config.GetDBTypeFromJSON() != "sqlite" {
|
|
|
|
|
return nil
|
2023-12-08 19:35:10 +00:00
|
|
|
}
|
2026-04-03 01:26:42 +00:00
|
|
|
return db.Exec("PRAGMA wal_checkpoint;").Error
|
2023-12-08 19:35:10 +00:00
|
|
|
}
|
2025-10-14 20:03:17 +00:00
|
|
|
|
|
|
|
|
// ValidateSQLiteDB opens the provided sqlite DB path with a throw-away connection
|
|
|
|
|
// and runs a PRAGMA integrity_check to ensure the file is structurally sound.
|
|
|
|
|
// It does not mutate global state or run migrations.
|
|
|
|
|
func ValidateSQLiteDB(dbPath string) error {
|
|
|
|
|
if _, err := os.Stat(dbPath); err != nil { // file must exist
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
gdb, err := gorm.Open(sqlite.Open(dbPath), &gorm.Config{Logger: logger.Discard})
|
|
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
sqlDB, err := gdb.DB()
|
|
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
defer sqlDB.Close()
|
|
|
|
|
var res string
|
|
|
|
|
if err := gdb.Raw("PRAGMA integrity_check;").Scan(&res).Error; err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
if res != "ok" {
|
|
|
|
|
return errors.New("sqlite integrity check failed: " + res)
|
|
|
|
|
}
|
|
|
|
|
return nil
|
|
|
|
|
}
|
