From 71ec576e7ccca5f53556e993703bb57785352d09 Mon Sep 17 00:00:00 2001
From: yy <lingdie.yy@outlook.com>
Date: Thu, 25 Apr 2024 20:30:23 +0800
Subject: [PATCH 01/11] change desktop to use config file.

---
 frontend/desktop/.gitignore                   |   1 +
 frontend/desktop/data/config.yaml             |  61 ++++++
 frontend/desktop/data/config.yaml.local       |  64 ++++++
 .../desktop/deploy/manifests/deploy.yaml.tmpl |  58 ++++-
 frontend/desktop/src/api/platform.ts          |  29 ++-
 .../desktop/src/components/account/index.tsx  |  15 +-
 .../src/components/signin/auth/AuthList.tsx   |  65 +++---
 .../desktop/src/components/signin/index.tsx   |  43 ++--
 .../src/components/user_menu/index.tsx        |   8 +-
 frontend/desktop/src/hooks/useDriver.tsx      |  10 +-
 frontend/desktop/src/pages/_app.tsx           |  11 +-
 .../src/pages/api/platform/getAppConfig.ts    |  51 +++++
 .../src/pages/api/platform/getAuthConfig.ts   |  66 ++++++
 .../src/pages/api/platform/getCloudConfig.ts  |  34 +++
 .../src/pages/api/platform/getCommonConfig.ts |  27 +++
 .../desktop/src/pages/api/platform/getEnv.ts  |  70 ------
 .../src/pages/api/platform/getLayoutConfig.ts |  27 +++
 .../src/pages/api/platform/getSystemConfig.ts |  35 ---
 frontend/desktop/src/pages/index.tsx          |  19 +-
 frontend/desktop/src/pages/proxyOAuth.tsx     |  13 +-
 frontend/desktop/src/services/enable.ts       |   6 +-
 frontend/desktop/src/stores/config.ts         |  41 ++--
 frontend/desktop/src/stores/global.ts         |  49 -----
 frontend/desktop/src/types/index.ts           |   3 +
 frontend/desktop/src/types/system.ts          | 205 ++++++++++++++----
 25 files changed, 697 insertions(+), 314 deletions(-)
 create mode 100644 frontend/desktop/data/config.yaml
 create mode 100644 frontend/desktop/data/config.yaml.local
 create mode 100644 frontend/desktop/src/pages/api/platform/getAppConfig.ts
 create mode 100644 frontend/desktop/src/pages/api/platform/getAuthConfig.ts
 create mode 100644 frontend/desktop/src/pages/api/platform/getCloudConfig.ts
 create mode 100644 frontend/desktop/src/pages/api/platform/getCommonConfig.ts
 delete mode 100644 frontend/desktop/src/pages/api/platform/getEnv.ts
 create mode 100644 frontend/desktop/src/pages/api/platform/getLayoutConfig.ts
 delete mode 100644 frontend/desktop/src/pages/api/platform/getSystemConfig.ts
 delete mode 100644 frontend/desktop/src/stores/global.ts

diff --git a/frontend/desktop/.gitignore b/frontend/desktop/.gitignore
index 9e88043fc96..9683369c1dd 100644
--- a/frontend/desktop/.gitignore
+++ b/frontend/desktop/.gitignore
@@ -27,6 +27,7 @@ yarn-error.log*
 
 # local env files
 .env*.local
+*.local
 data/config.local.json
 # vercel
 .vercel
diff --git a/frontend/desktop/data/config.yaml b/frontend/desktop/data/config.yaml
new file mode 100644
index 00000000000..dbea93aa64b
--- /dev/null
+++ b/frontend/desktop/data/config.yaml
@@ -0,0 +1,61 @@
+cloud:
+  domain: "{{ .cloudDomain }}"
+  port: "{{ .cloudPort }}"
+  regionUID: "{{ .regionUID }}"
+  certSecretName: "{{ .certSecretName }}"
+common:
+  guideEnabled: "{{ .guideEnabled }}"
+  apiEnabled: "{{ .apiEnabled }}"
+  rechargeEnabled: "{{ .rechargeEnabled }}"
+database:
+  mongodbUri: "{{ .mongodbUri }}"
+  globalCockroachdbURI: "{{ .globalCockroachdbURI }}"
+  regionalCockroachdbURI: "{{ .regionalCockroachdbURI }}"
+desktop:
+  layout:
+    title: "Sealos Cloud"
+    logo: ""
+    backgroundImage: ""
+    cfSiteKey: ""
+    meta:
+      title: "Sealos Cloud"
+      description: "Sealos Cloud"
+      keywords: "Sealos Cloud"
+    common:
+      githubStarEnabled: "false"
+  auth:
+    callbackURL: "https://{{ .cloudDomain }}{{ if .cloudPort }}:{{ .cloudPort }}{{ end }}/callback"
+    jwt:
+      internal: "{{ .jwtInternal }}"
+      regional: "{{ .jwtRegional }}"
+      global: "{{ .jwtGlobal }}"
+    idp:
+      password:
+        enabled: "{{ .passwordEnabled }}"
+        salt: "{{ .passwordSalt }}"
+      github:
+        enabled: "{{ .githubEnabled }}"
+        clientId: "{{ .githubClientID }}"
+        clientSecret: "{{ .githubClientSecret }}"
+      wechat:
+        enabled: "{{ .wechatEnabled }}"
+        clientId: "{{ .wechatClientID }}"
+        clientSecret: "{{ .wechatClientSecret }}"
+      sms:
+        ali:
+          enabled: "{{ .smsEnabled }}"
+          endpoint: "{{ .aliSmsEndpoint }}"
+          signName: "{{ .aliSmsSignName }}"
+          accessKeyId: "{{ .aliAccessKeyID }}"
+          accessKeySecret: "{{ .aliAccessKeySecret }}"
+      oauth2:
+        enabled: "{{ .oauth2Enabled }}"
+        callbackURL: "https://{{ .cloudDomain }}{{ if .cloudPort }}:{{ .cloudPort }}{{ end }}/callback"
+        clientId: "{{ .oauth2ClientId }}"
+        clientSecret: "{{ .oauth2ClientSecret }}"
+        authURL: "{{ .oauth2AuthURL }}"
+        tokenURL: "{{ .oauth2TokenURL }}"
+        userInfoURL: "{{ .oauth2UserInfoURL }}"
+  components:
+    billingService:
+      uri: "{{ .billingURI }}"
\ No newline at end of file
diff --git a/frontend/desktop/data/config.yaml.local b/frontend/desktop/data/config.yaml.local
new file mode 100644
index 00000000000..7d65365cb97
--- /dev/null
+++ b/frontend/desktop/data/config.yaml.local
@@ -0,0 +1,64 @@
+cloud:
+  domain: "{{ .cloudDomain }}"
+  port: "{{ .cloudPort }}"
+  regionUID: "{{ .regionUID }}"
+  certSecretName: "{{ .certSecretName }}"
+common:
+  guideEnabled: "{{ .guideEnabled }}"
+  apiEnabled: "{{ .apiEnabled }}"
+  rechargeEnabled: "{{ .rechargeEnabled }}"
+database:
+  mongodbUri: "{{ .mongodbUri }}"
+  globalCockroachdbURI: "{{ .globalCockroachdbURI }}"
+  regionalCockroachdbURI: "{{ .regionalCockroachdbURI }}"
+desktop:
+  layout:
+    title: "Sealos Cloud"
+    logo: ""
+    backgroundImage: ""
+    meta:
+      title: "Sealos Cloud"
+      description: "Sealos Cloud"
+      keywords: "Sealos Cloud"
+    common:
+      githubStarEnabled: "false"
+  auth:
+    callbackURL: "https://{{ .cloudDomain }}{{ if .cloudPort }}:{{ .cloudPort }}{{ end }}/callback"
+    jwt:
+      internal: "{{ .jwtInternal }}"
+      regional: "{{ .jwtRegional }}"
+      global: "{{ .jwtGlobal }}"
+    idp:
+      password:
+        enabled: "{{ .passwordEnabled }}"
+        salt: "{{ .passwordSalt }}"
+      github:
+        enabled: "{{ .githubEnabled }}"
+        clientId: "{{ .githubClientID }}"
+        clientSecret: "{{ .githubClientSecret }}"
+      wechat:
+        enabled: "{{ .wechatEnabled }}"
+        clientId: "{{ .wechatClientID }}"
+        clientSecret: "{{ .wechatClientSecret }}"
+      sms:
+        ali:
+          enabled: "{{ .smsEnabled }}"
+          endpoint: "{{ .aliSmsEndpoint }}"
+          signName: "{{ .aliSmsSignName }}"
+          accessKeyId: "{{ .aliAccessKeyID }}"
+          accessKeySecret: "{{ .aliAccessKeySecret }}"
+      oauth2:
+        enabled: "{{ .oauth2Enabled }}"
+        callbackURL: "https://{{ .cloudDomain }}{{ if .cloudPort }}:{{ .cloudPort }}{{ end }}/callback"
+        clientId: "{{ .oauth2ClientId }}"
+        clientSecret: "{{ .oauth2ClientSecret }}"
+        authURL: "{{ .oauth2AuthURL }}"
+        tokenURL: "{{ .oauth2TokenURL }}"
+        userInfoURL: "{{ .oauth2UserInfoURL }}"
+  jwt:
+    internal: "{{ .jwtInternal }}"
+    regional: "{{ .jwtRegional }}"
+    global: "{{ .jwtGlobal }}"
+  components:
+    billingService:
+      uri: "{{ .billingURI }}"
\ No newline at end of file
diff --git a/frontend/desktop/deploy/manifests/deploy.yaml.tmpl b/frontend/desktop/deploy/manifests/deploy.yaml.tmpl
index 30c17dd63fa..ebcf7e1b459 100644
--- a/frontend/desktop/deploy/manifests/deploy.yaml.tmpl
+++ b/frontend/desktop/deploy/manifests/deploy.yaml.tmpl
@@ -36,7 +36,63 @@ metadata:
   namespace: sealos
 data:
   config.yaml: |-
-    addr: :3000
+    cloud:
+      domain: "{{ .cloudDomain }}"
+      port: "{{ .cloudPort }}"
+      regionUID: "{{ .regionUID }}"
+      certSecretName: "{{ .certSecretName }}"
+    common:
+      guideEnabled: "{{ .guideEnabled }}"
+      apiEnabled: "{{ .apiEnabled }}"
+    database:
+      mongodbURI: "{{ .mongodbURI }}"
+      globalCockroachdbURI: "{{ .globalCockroachdbURI }}"
+      regionalCockroachdbURI: "{{ .regionalCockroachdbURI }}"
+    desktop:
+      layout:
+        title: "Sealos Cloud"
+        logo: ""
+        backgroundImage: ""
+        meta:
+          title: "Sealos Cloud"
+          description: "Sealos Cloud"
+          keywords: "Sealos Cloud"
+        common:
+          githubStarEnabled: "false"
+      login: # or auth?
+        password:
+          enabled: "{{ .passwordEnabled }}"
+          salt: "{{ .passwordSalt }}"
+        github:
+          enabled: "{{ .githubEnabled }}"
+          clientId: "{{ .githubClientID }}"
+          clientSecret: "{{ .githubClientSecret }}"
+        wechat:
+          enabled: "{{ .wechatEnabled }}"
+          clientId: "{{ .wechatClientID }}"
+          clientSecret: "{{ .wechatClientSecret }}"
+        sms:
+          ali:
+            enabled: "{{ .smsEnabled }}"
+            endpoint: "{{ .aliSmsEndpoint }}"
+            signName: "{{ .aliSmsSignName }}"
+            accessKeyId: "{{ .aliAccessKeyID }}"
+            accessKeySecret: "{{ .aliAccessKeySecret }}"
+        oauth2:
+          enabled: "{{ .oauth2Enabled }}"
+          callbackURL: "https://{{ .cloudDomain }}{{ if .cloudPort }}:{{ .cloudPort }}{{ end }}/callback"
+          clientId: "{{ .oauth2ClientId }}"
+          clientSecret: "{{ .oauth2ClientSecret }}"
+          authURL: "{{ .oauth2AuthURL }}"
+          tokenURL: "{{ .oauth2TokenURL }}"
+          userInfoURL: "{{ .oauth2UserInfoURL }}"
+      jwt:
+        internal: "{{ .jwtInternal }}"
+        regional: "{{ .jwtRegional }}"
+        global: "{{ .jwtGlobal }}"
+      components:
+        billingService:
+          uri: "{{ .billingURI }}"
   config.json: |-
     {
       "scripts": [],
diff --git a/frontend/desktop/src/api/platform.ts b/frontend/desktop/src/api/platform.ts
index bdb6da57c50..7dea37c7680 100644
--- a/frontend/desktop/src/api/platform.ts
+++ b/frontend/desktop/src/api/platform.ts
@@ -1,5 +1,12 @@
 import request from '@/services/request';
-import { ApiResp, NotificationItem, Session, SystemConfigType, SystemEnv } from '@/types';
+import {
+  ApiResp,
+  NotificationItem,
+  LayoutConfigType,
+  AppConfigType,
+  CloudConfigType,
+  AuthConfigType
+} from '@/types';
 import { AccountCRD } from '@/types/user';
 
 // handle baidu
@@ -25,12 +32,24 @@ export const getUserAccount = () => {
   return request.get<AccountCRD>('/api/account/getAccount');
 };
 
-export const getSystemEnv = () => {
-  return request.get<SystemEnv>('/api/platform/getEnv');
+export const getAppConfig = () => {
+  return request.get<AppConfigType>('/api/platform/getAppConfig');
 };
 
-export const getSystemConfig = () => {
-  return request.get<SystemConfigType>('/api/platform/getSystemConfig');
+export const getCloudConfig = () => {
+  return request.get<CloudConfigType>('/api/platform/getCloudConfig');
+};
+
+export const getCommonConfig = () => {
+  return request.get<AppConfigType>('/api/platform/getCommonConfig');
+};
+
+export const getLayoutConfig = () => {
+  return request.get<LayoutConfigType>('/api/platform/getLayoutConfig');
+};
+
+export const getAuthConfig = () => {
+  return request.get<AuthConfigType>('/api/platform/getAuthConfig');
 };
 
 export const getPriceBonus = () => {
diff --git a/frontend/desktop/src/components/account/index.tsx b/frontend/desktop/src/components/account/index.tsx
index 383526d8ba6..1e449735120 100644
--- a/frontend/desktop/src/components/account/index.tsx
+++ b/frontend/desktop/src/components/account/index.tsx
@@ -22,18 +22,15 @@ import { useTranslation } from 'next-i18next';
 import { useRouter } from 'next/router';
 import { useMemo, useState } from 'react';
 import useAppStore from '@/stores/app';
-import { ApiResp, Region } from '@/types';
+import { ApiResp } from '@/types';
 import { formatMoney } from '@/utils/format';
 import TeamCenter from '@/components/team/TeamCenter';
 import NsList from '@/components/team/NsList';
 import { nsListRequest, switchRequest } from '@/api/namespace';
 import { NSType } from '@/types/team';
 import PasswordModify from './PasswordModify';
-import { useGlobalStore } from '@/stores/global';
 import { CopyIcon, DownloadIcon, LogoutIcon, RightArrowIcon } from '@sealos/ui';
-import { ImageFallBackUrl } from '@/stores/config';
-import { jwtDecode } from 'jwt-decode';
-import { AccessTokenPayload } from '@/types/token';
+import { useConfigStore } from '@/stores/config';
 import { sessionConfig } from '@/utils/sessionConfig';
 
 const NsMenu = () => {
@@ -119,7 +116,9 @@ const NsMenu = () => {
 };
 export default function Account({ disclosure }: { disclosure: UseDisclosureReturn }) {
   const [showId, setShowId] = useState(true);
-  const { needPassword, rechargeEnabled } = useGlobalStore((state) => state.systemEnv);
+  const passwordEnabled = useConfigStore().authConfig?.idp?.password?.enabled;
+  const rechargeEnabled = useConfigStore().commonConfig?.rechargeEnabled;
+  const logo = useConfigStore().layoutConfig?.logo;
   const router = useRouter();
   const { copyData } = useCopyData();
   const openApp = useAppStore((s) => s.openApp);
@@ -191,7 +190,7 @@ export default function Account({ disclosure }: { disclosure: UseDisclosureRetur
             height={'80px'}
             borderRadius="full"
             src={user?.avatar}
-            fallbackSrc={ImageFallBackUrl}
+            fallbackSrc={logo}
             alt="user avator"
           />
           <Text color={'#24282C'} fontSize={'20px'} fontWeight={600}>
@@ -231,7 +230,7 @@ export default function Account({ disclosure }: { disclosure: UseDisclosureRetur
                 <Text>{t('Manage Team')}</Text>
                 <TeamCenter mr="0" />
               </Flex>
-              {needPassword && (
+              {passwordEnabled && (
                 <Flex
                   justify={'space-between'}
                   alignItems={'center'}
diff --git a/frontend/desktop/src/components/signin/auth/AuthList.tsx b/frontend/desktop/src/components/signin/auth/AuthList.tsx
index d38da4df1a8..9d8cad72bb3 100644
--- a/frontend/desktop/src/components/signin/auth/AuthList.tsx
+++ b/frontend/desktop/src/components/signin/auth/AuthList.tsx
@@ -1,4 +1,4 @@
-import { useGlobalStore } from '@/stores/global';
+import { useConfigStore } from '@/stores/config';
 import useSessionStore from '@/stores/session';
 import { OauthProvider } from '@/types/user';
 import { Button, Image, Flex, Icon, Center } from '@chakra-ui/react';
@@ -6,26 +6,14 @@ import { GithubIcon, GoogleIcon, WechatIcon } from '@sealos/ui';
 import { useRouter } from 'next/router';
 import { MouseEventHandler } from 'react';
 const AuthList = () => {
-  const { systemEnv } = useGlobalStore();
-  const {
-    needGithub = false,
-    needWechat = false,
-    needGoogle = false,
-    wechat_client_id = '',
-    github_client_id = '',
-    google_client_id = '',
-    callback_url = '',
-    // https://sealos.io/siginIn
-    oauth_proxy = '',
-    oauth2_client_id,
-    oauth2_auth_url,
-    needOAuth2 = false
-  } = systemEnv ?? {};
+  const conf = useConfigStore().authConfig;
   const oauthLogin = async ({ url, provider }: { url: string; provider?: OauthProvider }) => {
     setProvider(provider);
     window.location.href = url;
   };
+
   const router = useRouter();
+
   const oauthProxyLogin = async ({
     state,
     provider,
@@ -36,14 +24,15 @@ const AuthList = () => {
     id: string;
   }) => {
     setProvider(provider);
-    const target = new URL(oauth_proxy);
-    const callback = new URL(callback_url);
+    const target = new URL(conf?.proxyAddress as string);
+    const callback = new URL(conf?.callbackURL as string);
     callback.searchParams.append('state', state);
     target.searchParams.append('oauthProxyState', callback.toString());
     target.searchParams.append('oauthProxyClientID', id);
     target.searchParams.append('oauthProxyProvider', provider);
     router.replace(target.toString());
   };
+
   const { generateState, setProvider } = useSessionStore();
   const authList: { icon: typeof Icon; cb: MouseEventHandler; need: boolean }[] = [
     {
@@ -51,58 +40,65 @@ const AuthList = () => {
       cb: (e) => {
         e.preventDefault();
         const state = generateState();
-        if (oauth_proxy)
+        const githubConf = conf?.idp.github;
+        if (conf?.proxyAddress)
           oauthProxyLogin({
             provider: 'github',
             state,
-            id: github_client_id
+            id: githubConf?.clientID as string
           });
         else
           oauthLogin({
             provider: 'github',
-            url: `https://github.com/login/oauth/authorize?client_id=${github_client_id}&redirect_uri=${callback_url}&scope=user:email%20read:user&state=${state}`
+            url: `https://github.com/login/oauth/authorize?client_id=${githubConf?.clientID}&redirect_uri=${conf?.callbackURL}&scope=user:email%20read:user&state=${state}`
           });
       },
-      need: needGithub
+      need: conf?.idp.github?.enabled as boolean
     },
     {
       icon: WechatIcon,
       cb: (e) => {
+        const wechatConf = conf?.idp.wechat;
         e.preventDefault();
         const state = generateState();
-        if (oauth_proxy)
+        if (conf?.proxyAddress)
           oauthProxyLogin({
             provider: 'wechat',
             state,
-            id: wechat_client_id
+            id: conf?.idp.wechat?.clientID as string
           });
         else
           oauthLogin({
             provider: 'wechat',
-            url: `https://open.weixin.qq.com/connect/qrconnect?appid=${wechat_client_id}&redirect_uri=${callback_url}&response_type=code&state=${state}&scope=snsapi_login&#wechat_redirect`
+            url: `https://open.weixin.qq.com/connect/qrconnect?appid=${wechatConf?.clientID}&redirect_uri=${conf?.callbackURL}&response_type=code&state=${state}&scope=snsapi_login&#wechat_redirect`
           });
       },
-      need: needWechat
+      need: conf?.idp.wechat?.enabled as boolean
     },
     {
       icon: GoogleIcon,
       cb: (e) => {
         e.preventDefault();
         const state = generateState();
+        const googleConf = conf?.idp.google;
         const scope = encodeURIComponent(`https://www.googleapis.com/auth/userinfo.profile openid`);
-        if (oauth_proxy)
+        if (conf?.proxyAddress)
           oauthProxyLogin({
             state,
             provider: 'google',
-            id: google_client_id
+            id: googleConf?.clientID as string
           });
         else
           oauthLogin({
             provider: 'google',
-            url: `https://accounts.google.com/o/oauth2/v2/auth?client_id=${google_client_id}&redirect_uri=${callback_url}&response_type=code&state=${state}&scope=${scope}&include_granted_scopes=true`
+            url: `https://accounts.google.com/o/oauth2/v2/auth?client_id=${
+              googleConf?.clientID as string
+            }&redirect_uri=${
+              conf?.callbackURL
+            }&response_type=code&state=${state}&scope=${scope}&include_granted_scopes=true`
           });
       },
-      need: needGoogle
+      need: conf?.idp.google?.enabled as boolean
     },
     {
       icon: () => (
@@ -113,19 +109,20 @@ const AuthList = () => {
       cb: (e) => {
         e.preventDefault();
         const state = generateState();
-        if (oauth_proxy)
+        const oauth2Conf = conf?.idp.oauth2;
+        if (conf?.proxyAddress)
           oauthProxyLogin({
             provider: 'oauth2',
             state,
-            id: oauth2_client_id
+            id: oauth2Conf?.clientID as string
           });
         else
           oauthLogin({
             provider: 'oauth2',
-            url: `${oauth2_auth_url}?client_id=${oauth2_client_id}&redirect_uri=${callback_url}&response_type=code&state=${state}`
+            url: `${oauth2Conf?.authURL}?client_id=${oauth2Conf?.clientID}&redirect_uri=${oauth2Conf?.callbackURL}&response_type=code&state=${state}`
           });
       },
-      need: needOAuth2
+      need: conf?.idp.oauth2?.enabled as boolean
     }
   ];
 
diff --git a/frontend/desktop/src/components/signin/index.tsx b/frontend/desktop/src/components/signin/index.tsx
index 974bda63416..26e2d93c9f0 100644
--- a/frontend/desktop/src/components/signin/index.tsx
+++ b/frontend/desktop/src/components/signin/index.tsx
@@ -5,8 +5,7 @@ import Language from '@/components/signin/auth/useLanguage';
 import usePassword from '@/components/signin/auth/usePassword';
 import useProtocol from '@/components/signin/auth/useProtocol';
 import useSms from '@/components/signin/auth/useSms';
-import { BackgroundImageUrl, useSystemConfigStore } from '@/stores/config';
-import { useGlobalStore } from '@/stores/global';
+import { useConfigStore } from '@/stores/config';
 import useSessionStore from '@/stores/session';
 import { LoginType } from '@/types';
 import {
@@ -30,20 +29,10 @@ import useWechat from './auth/useWechat';
 import { Turnstile, TurnstileInstance } from '@marsidev/react-turnstile';
 
 export default function SigninComponent() {
-  const platformEnv = useGlobalStore((state) => state.systemEnv);
-
-  const { systemConfig } = useSystemConfigStore();
-  const {
-    service_protocol_zh = '',
-    private_protocol_zh = '',
-    service_protocol_en = '',
-    private_protocol_en = '',
-    needPassword = false,
-    needSms = false,
-    openWechatEnabled = false,
-    cf_sitekey
-  } = platformEnv || {};
-  const needTabs = needPassword && needSms;
+  const conf = useConfigStore();
+  const needPassword = conf.authConfig?.idp.password?.enabled;
+  const needSms = conf.authConfig?.idp.sms?.enabled;
+  const needTabs = conf.authConfig?.idp.password?.enabled && conf.authConfig?.idp.sms?.enabled;
   const disclosure = useDisclosure();
   const { t, i18n } = useTranslation();
   const [tabIndex, setTabIndex] = useState<LoginType>(LoginType.NONE);
@@ -52,13 +41,13 @@ export default function SigninComponent() {
   let protocol_data: Parameters<typeof useProtocol>[0];
   if (['zh', 'zh-Hans'].includes(i18n.language))
     protocol_data = {
-      service_protocol: service_protocol_zh,
-      private_protocol: private_protocol_zh
+      service_protocol: conf.layoutConfig?.protocol.serviceProtocol.zh as string,
+      private_protocol: conf.layoutConfig?.protocol.privateProtocol.zh as string
     };
   else
     protocol_data = {
-      service_protocol: service_protocol_en,
-      private_protocol: private_protocol_en
+      service_protocol: conf.layoutConfig?.protocol.serviceProtocol.en as string,
+      private_protocol: conf.layoutConfig?.protocol.privateProtocol.en as string
     };
   const { Protocol, isAgree, setIsInvalid } = useProtocol(protocol_data!);
   const { WechatComponent, login: wechatSubmit } = useWechat();
@@ -153,13 +142,13 @@ export default function SigninComponent() {
       overflow={'hidden'}
       w="100vw"
       h="100vh"
-      backgroundImage={`url(${BackgroundImageUrl})`}
+      backgroundImage={`url(${conf.layoutConfig?.backgroundImage})`}
       backgroundRepeat={'no-repeat'}
       backgroundSize={'cover'}
     >
       <Head>
-        <title>{systemConfig?.metaTitle}</title>
-        <meta name="description" content={systemConfig?.metaDescription} />
+        <title>{conf.layoutConfig?.meta.title}</title>
+        <meta name="description" content={conf.layoutConfig?.meta.description} />
       </Head>
       <Flex h="full" w="full" flexDir={'column'} justifyContent={'center'} alignItems={'center'}>
         <Box mb="36px">
@@ -169,7 +158,7 @@ export default function SigninComponent() {
             fontWeight={700}
             textShadow={'0px 2px 6px rgba(0, 0, 0, 0.30)'}
           >
-            {systemConfig?.title}
+            {conf.layoutConfig?.title}
           </Text>
         </Box>
         <Flex
@@ -212,7 +201,7 @@ export default function SigninComponent() {
                 <Tab px="0" _selected={{ color: 'white' }}>
                   {t('Password Login')}
                 </Tab>
-                {openWechatEnabled && (
+                {conf.authConfig?.idp.wechat?.enabled && (
                   <Tab px="0" _selected={{ color: 'white' }}>
                     {t('Official account login')}
                   </Tab>
@@ -227,13 +216,13 @@ export default function SigninComponent() {
           {tabIndex !== LoginType.WeChat && (
             <>
               <Protocol />
-              {!!cf_sitekey && (
+              {!!conf.layoutConfig?.cfSiteKey && (
                 <Turnstile
                   options={{
                     size: 'invisible'
                   }}
                   ref={turnstileRef}
-                  siteKey={cf_sitekey}
+                  siteKey={conf.layoutConfig?.cfSiteKey}
                 />
               )}
               <Button
diff --git a/frontend/desktop/src/components/user_menu/index.tsx b/frontend/desktop/src/components/user_menu/index.tsx
index f4ad2dab642..ad0aab9a2f4 100644
--- a/frontend/desktop/src/components/user_menu/index.tsx
+++ b/frontend/desktop/src/components/user_menu/index.tsx
@@ -5,7 +5,7 @@ import { Box, Center, Flex, FlexProps, Image, useDisclosure } from '@chakra-ui/r
 import LangSelectSimple from '../LangSelect/simple';
 import Iconfont from '../iconfont';
 import GithubComponent from './github';
-import { ImageFallBackUrl, useSystemConfigStore } from '@/stores/config';
+import { useConfigStore } from '@/stores/config';
 import { ReactElement, useState } from 'react';
 import RegionToggle from '@/components/region/RegionToggle';
 
@@ -21,7 +21,7 @@ export default function Index(props: { userMenuStyleProps?: FlexProps }) {
   const accountDisclosure = useDisclosure();
   const showDisclosure = useDisclosure();
 
-  const { systemConfig } = useSystemConfigStore();
+  const { layoutConfig } = useConfigStore();
   const userInfo = useSessionStore((state) => state.session);
   const {
     userMenuStyleProps = {
@@ -69,7 +69,7 @@ export default function Index(props: { userMenuStyleProps?: FlexProps }) {
           height={'36px'}
           borderRadius="full"
           src={userInfo?.user?.avatar || ''}
-          fallbackSrc={ImageFallBackUrl}
+          fallbackSrc={layoutConfig?.logo}
           alt="user avator"
         />
       ),
@@ -81,7 +81,7 @@ export default function Index(props: { userMenuStyleProps?: FlexProps }) {
     <Flex {...userMenuStyleProps}>
       <RegionToggle />
       <LangSelectSimple {...baseItemStyle} />
-      {systemConfig?.showGithubStar && <GithubComponent {...baseItemStyle} />}
+      {layoutConfig?.common.githubStarEnabled && <GithubComponent {...baseItemStyle} />}
       {buttonList.map((item) => (
         <Flex
           key={item.key}
diff --git a/frontend/desktop/src/hooks/useDriver.tsx b/frontend/desktop/src/hooks/useDriver.tsx
index ab98d5f79bd..34202d73589 100644
--- a/frontend/desktop/src/hooks/useDriver.tsx
+++ b/frontend/desktop/src/hooks/useDriver.tsx
@@ -1,12 +1,12 @@
 import { getPriceBonus, getUserAccount, updateDesktopGuide } from '@/api/platform';
 import { GUIDE_DESKTOP_INDEX_KEY } from '@/constants/account';
-import { useGlobalStore } from '@/stores/global';
 import { formatMoney } from '@/utils/format';
 import { Box, Button, Flex, FlexProps, Icon, Image, Text } from '@chakra-ui/react';
 import { driver } from '@sealos/driver';
 import { useTranslation } from 'next-i18next';
 import { useRouter } from 'next/router';
 import { useEffect, useState } from 'react';
+import { useConfigStore } from '@/stores/config';
 
 export function DriverStarIcon() {
   return (
@@ -47,7 +47,7 @@ export default function useDriver({ openDesktopApp }: { openDesktopApp: any }) {
   const [giftAmount, setGiftAmount] = useState(8);
   const router = useRouter();
 
-  const { systemEnv } = useGlobalStore();
+  const conf = useConfigStore().commonConfig;
   const handleSkipGuide = () => {
     console.log('handleSkipGuide');
     setShowGuide(false);
@@ -59,7 +59,7 @@ export default function useDriver({ openDesktopApp }: { openDesktopApp: any }) {
   useEffect(() => {
     const handleUserGuide = async () => {
       try {
-        if (!systemEnv.guideEnabled) return;
+        if (!conf?.guideEnabled) return;
         const { data } = await getUserAccount();
         const bonus = await getPriceBonus();
         if (bonus.data?.activities) {
@@ -76,9 +76,9 @@ export default function useDriver({ openDesktopApp }: { openDesktopApp: any }) {
         }
       } catch (error) {}
     };
-    systemEnv?.guideEnabled && handleUserGuide();
+    conf?.guideEnabled && handleUserGuide();
     // eslint-disable-next-line react-hooks/exhaustive-deps
-  }, [systemEnv]);
+  }, [conf]);
 
   const PopoverBodyInfo = (props: FlexProps) => (
     <Flex
diff --git a/frontend/desktop/src/pages/_app.tsx b/frontend/desktop/src/pages/_app.tsx
index b56300b8e13..f642f5a9dd3 100644
--- a/frontend/desktop/src/pages/_app.tsx
+++ b/frontend/desktop/src/pages/_app.tsx
@@ -10,8 +10,7 @@ import NProgress from 'nprogress';
 import 'nprogress/nprogress.css';
 import '@sealos/driver/src/driver.css';
 import { useEffect } from 'react';
-import { useSystemConfigStore } from '@/stores/config';
-import { useGlobalStore } from '@/stores/global';
+import { useConfigStore } from '@/stores/config';
 
 const queryClient = new QueryClient({
   defaultOptions: {
@@ -30,13 +29,11 @@ Router.events.on('routeChangeError', () => NProgress.done());
 
 const App = ({ Component, pageProps }: AppProps) => {
   const { i18n } = useTranslation();
-  const { initSystemConfig } = useSystemConfigStore();
-  const { initSystemEnv } = useGlobalStore();
+  const { initAppConfig } = useConfigStore();
 
   useEffect(() => {
-    initSystemConfig();
-    initSystemEnv();
-  }, []);
+    initAppConfig();
+  });
 
   useEffect(() => {
     const lang = getCookie('NEXT_LOCALE');
diff --git a/frontend/desktop/src/pages/api/platform/getAppConfig.ts b/frontend/desktop/src/pages/api/platform/getAppConfig.ts
new file mode 100644
index 00000000000..2205432a4a9
--- /dev/null
+++ b/frontend/desktop/src/pages/api/platform/getAppConfig.ts
@@ -0,0 +1,51 @@
+import { jsonRes } from '@/services/backend/response';
+import type { NextApiRequest, NextApiResponse } from 'next';
+import {
+  AppConfigType,
+  AuthConfigType,
+  CloudConfigType,
+  CommonConfigType,
+  LayoutConfigType
+} from '@/types/system';
+import { getCloudConfig } from '@/pages/api/platform/getCloudConfig';
+import { getAuthConfig } from '@/pages/api/platform/getAuthConfig';
+import { getLayoutConfig } from '@/pages/api/platform/getLayoutConfig';
+import { getCommonConfig } from '@/pages/api/platform/getCommonConfig';
+
+export default async function handler(req: NextApiRequest, res: NextApiResponse) {
+  const config = await getAuthConfig();
+  jsonRes(res, {
+    data: config,
+    code: 200
+  });
+}
+
+function genResConfig(
+  cloudConf: CloudConfigType,
+  authConf: AuthConfigType,
+  commonConf: CommonConfigType,
+  layoutConf: LayoutConfigType
+): AppConfigType {
+  return {
+    cloud: cloudConf,
+    common: commonConf,
+    desktop: {
+      auth: authConf,
+      layout: layoutConf
+    }
+  } as AppConfigType;
+}
+
+export async function getAppConfig(): Promise<AppConfigType> {
+  try {
+    return genResConfig(
+      await getCloudConfig(),
+      await getAuthConfig(),
+      await getCommonConfig(),
+      await getLayoutConfig()
+    );
+  } catch (error) {
+    console.log('-getAppConfig-', error);
+    return {} as AppConfigType;
+  }
+}
diff --git a/frontend/desktop/src/pages/api/platform/getAuthConfig.ts b/frontend/desktop/src/pages/api/platform/getAuthConfig.ts
new file mode 100644
index 00000000000..425b7773b49
--- /dev/null
+++ b/frontend/desktop/src/pages/api/platform/getAuthConfig.ts
@@ -0,0 +1,66 @@
+import { jsonRes } from '@/services/backend/response';
+import { AppConfigType, DefaultAuthConfig, AuthConfigType } from '@/types/system';
+import { readFileSync } from 'fs';
+import type { NextApiRequest, NextApiResponse } from 'next';
+import yaml from 'js-yaml';
+
+export default async function handler(req: NextApiRequest, res: NextApiResponse) {
+  const config = await getAuthConfig();
+  jsonRes(res, {
+    data: config,
+    code: 200
+  });
+}
+
+function genResAuthConfig(conf: AuthConfigType): AuthConfigType {
+  return {
+    callbackURL: conf.callbackURL,
+    idp: {
+      password: {
+        enabled: conf.idp.password?.enabled
+      },
+      sms: {
+        ali: {
+          enabled: conf.idp.sms?.ali?.enabled,
+          accessKeyID: conf.idp.sms?.ali?.accessKeyID,
+          endpoint: conf.idp.sms?.ali?.endpoint,
+          signName: conf.idp.sms?.ali?.signName
+        }
+      },
+      github: {
+        enabled: conf.idp.github?.enabled,
+        clientID: conf.idp.github?.clientID
+      },
+      wechat: {
+        enabled: conf.idp.wechat?.enabled,
+        clientID: conf.idp.wechat?.clientID
+      },
+      google: {
+        enabled: conf.idp.google?.enabled,
+        clientID: conf.idp.google?.clientID
+      },
+      oauth2: {
+        enabled: conf.idp.oauth2?.enabled,
+        callbackURL: conf.idp.oauth2?.callbackURL,
+        clientID: conf.idp.oauth2?.clientID,
+        authURL: conf.idp.oauth2?.authURL,
+        tokenURL: conf.idp.oauth2?.tokenURL,
+        userInfoURL: conf.idp.oauth2?.userInfoURL
+      }
+    }
+  } as AuthConfigType;
+}
+
+export async function getAuthConfig(): Promise<AuthConfigType> {
+  try {
+    if (!global.AppConfig) {
+      const filename =
+        process.env.NODE_ENV === 'development' ? 'data/config.yaml.local' : '/app/data/config.yaml';
+      global.AppConfig = yaml.load(readFileSync(filename, 'utf-8')) as AppConfigType;
+    }
+    return genResAuthConfig(global.AppConfig.desktop.auth);
+  } catch (error) {
+    console.log('-getLayoutConfig-', error);
+    return DefaultAuthConfig;
+  }
+}
diff --git a/frontend/desktop/src/pages/api/platform/getCloudConfig.ts b/frontend/desktop/src/pages/api/platform/getCloudConfig.ts
new file mode 100644
index 00000000000..6059c54e992
--- /dev/null
+++ b/frontend/desktop/src/pages/api/platform/getCloudConfig.ts
@@ -0,0 +1,34 @@
+import { jsonRes } from '@/services/backend/response';
+import { AppConfigType, CloudConfigType, DefaultCloudConfig } from '@/types/system';
+import { readFileSync } from 'fs';
+import type { NextApiRequest, NextApiResponse } from 'next';
+import yaml from 'js-yaml';
+
+export default async function handler(req: NextApiRequest, res: NextApiResponse) {
+  const config = await getCloudConfig();
+  jsonRes(res, {
+    data: config,
+    code: 200
+  });
+}
+
+function genResCloudConfig(conf: CloudConfigType): CloudConfigType {
+  return {
+    domain: conf.domain,
+    port: conf.port
+  } as CloudConfigType;
+}
+
+export async function getCloudConfig(): Promise<CloudConfigType> {
+  try {
+    if (!global.AppConfig) {
+      const filename =
+        process.env.NODE_ENV === 'development' ? 'data/config.yaml.local' : '/app/data/config.yaml';
+      global.AppConfig = yaml.load(readFileSync(filename, 'utf-8')) as AppConfigType;
+    }
+    return genResCloudConfig(global.AppConfig.cloud) || DefaultCloudConfig;
+  } catch (error) {
+    console.log('-getAppConfig-', error);
+    return DefaultCloudConfig;
+  }
+}
diff --git a/frontend/desktop/src/pages/api/platform/getCommonConfig.ts b/frontend/desktop/src/pages/api/platform/getCommonConfig.ts
new file mode 100644
index 00000000000..ed167f704b7
--- /dev/null
+++ b/frontend/desktop/src/pages/api/platform/getCommonConfig.ts
@@ -0,0 +1,27 @@
+import { jsonRes } from '@/services/backend/response';
+import { AppConfigType, CommonConfigType, DefaultCommonConfig } from '@/types/system';
+import { readFileSync } from 'fs';
+import type { NextApiRequest, NextApiResponse } from 'next';
+import yaml from 'js-yaml';
+
+export default async function handler(req: NextApiRequest, res: NextApiResponse) {
+  const config = await getCommonConfig();
+  jsonRes(res, {
+    data: config,
+    code: 200
+  });
+}
+
+export async function getCommonConfig(): Promise<CommonConfigType> {
+  try {
+    if (!global.AppConfig) {
+      const filename =
+        process.env.NODE_ENV === 'development' ? 'data/config.yaml.local' : '/app/data/config.yaml';
+      global.AppConfig = yaml.load(readFileSync(filename, 'utf-8')) as AppConfigType;
+    }
+    return global.AppConfig.common || DefaultCommonConfig;
+  } catch (error) {
+    console.log('-getLayoutConfig-', error);
+    return DefaultCommonConfig;
+  }
+}
diff --git a/frontend/desktop/src/pages/api/platform/getEnv.ts b/frontend/desktop/src/pages/api/platform/getEnv.ts
deleted file mode 100644
index e6f008f9666..00000000000
--- a/frontend/desktop/src/pages/api/platform/getEnv.ts
+++ /dev/null
@@ -1,70 +0,0 @@
-import type { NextApiRequest, NextApiResponse } from 'next';
-import { jsonRes } from '@/services/backend/response';
-import {
-  enableGithub,
-  enableWechat,
-  enablePassword,
-  enableSms,
-  enableGoogle,
-  enableWechatRecharge,
-  enableLicense,
-  enableRecharge,
-  enableOpenWechat,
-  enableOAuth2
-} from '@/services/enable';
-import { SystemEnv } from '@/types';
-
-export default async function handler(_: NextApiRequest, res: NextApiResponse) {
-  const wechat_client_id = process.env.WECHAT_CLIENT_ID || '';
-  const github_client_id = process.env.GITHUB_CLIENT_ID || '';
-  const google_client_id = process.env.GOOGLE_CLIENT_ID || '';
-  const service_protocol_zh = process.env.SERVICE_PROTOCOL_ZH || '';
-  const private_protocol_zh = process.env.PRIVATE_PROTOCOL_ZH || '';
-  const service_protocol_en = process.env.SERVICE_PROTOCOL_EN || '';
-  const private_protocol_en = process.env.PRIVATE_PROTOCOL_EN || '';
-  const oauth_proxy = process.env.OAUTH_PROXY || '';
-  const callback_url = process.env.CALLBACK_URL || '';
-  const cf_sitekey = process.env.CF_SITE_KEY || '';
-  const needGithub = enableGithub();
-  const needWechat = enableWechat();
-  const needPassword = enablePassword();
-  const needSms = enableSms();
-  const needGoogle = enableGoogle();
-  const wechatEnabledRecharge = enableWechatRecharge();
-  const licenseEnabled = enableLicense();
-  const rechargeEnabled = enableRecharge();
-  const guideEnabled = process.env.GUIDE_ENABLED === 'true';
-  const openWechatEnabled = enableOpenWechat();
-  const oauth2_client_id = process.env.OAUTH2_CLIENT_ID || '';
-  const oauth2_auth_url = process.env.OAUTH2_AUTH_URL || '';
-  const needOAuth2 = enableOAuth2();
-
-  return jsonRes<SystemEnv>(res, {
-    data: {
-      SEALOS_CLOUD_DOMAIN: process.env.SEALOS_CLOUD_DOMAIN || 'cloud.sealos.io',
-      wechat_client_id,
-      github_client_id,
-      google_client_id,
-      oauth_proxy,
-      callback_url,
-      service_protocol_zh,
-      private_protocol_zh,
-      service_protocol_en,
-      private_protocol_en,
-      needPassword,
-      needSms,
-      needGithub,
-      needWechat,
-      needGoogle,
-      wechatEnabledRecharge,
-      rechargeEnabled,
-      licenseEnabled,
-      guideEnabled,
-      openWechatEnabled,
-      cf_sitekey,
-      oauth2_client_id,
-      oauth2_auth_url,
-      needOAuth2
-    }
-  });
-}
diff --git a/frontend/desktop/src/pages/api/platform/getLayoutConfig.ts b/frontend/desktop/src/pages/api/platform/getLayoutConfig.ts
new file mode 100644
index 00000000000..d871a0cc1ce
--- /dev/null
+++ b/frontend/desktop/src/pages/api/platform/getLayoutConfig.ts
@@ -0,0 +1,27 @@
+import { jsonRes } from '@/services/backend/response';
+import { AppConfigType, DefaultLayoutConfig, LayoutConfigType } from '@/types/system';
+import { readFileSync } from 'fs';
+import type { NextApiRequest, NextApiResponse } from 'next';
+import yaml from 'js-yaml';
+
+export default async function handler(req: NextApiRequest, res: NextApiResponse) {
+  const config = await getLayoutConfig();
+  jsonRes(res, {
+    data: config,
+    code: 200
+  });
+}
+
+export async function getLayoutConfig(): Promise<LayoutConfigType> {
+  try {
+    if (!global.AppConfig) {
+      const filename =
+        process.env.NODE_ENV === 'development' ? 'data/config.yaml.local' : '/app/data/config.yaml';
+      global.AppConfig = yaml.load(readFileSync(filename, 'utf-8')) as AppConfigType;
+    }
+    return global.AppConfig.desktop.layout || DefaultLayoutConfig;
+  } catch (error) {
+    console.log('-getLayoutConfig-', error);
+    return DefaultLayoutConfig;
+  }
+}
diff --git a/frontend/desktop/src/pages/api/platform/getSystemConfig.ts b/frontend/desktop/src/pages/api/platform/getSystemConfig.ts
deleted file mode 100644
index 4beb6d974ed..00000000000
--- a/frontend/desktop/src/pages/api/platform/getSystemConfig.ts
+++ /dev/null
@@ -1,35 +0,0 @@
-import { jsonRes } from '@/services/backend/response';
-import { SystemConfigType } from '@/types/system';
-import { readFileSync } from 'fs';
-import type { NextApiRequest, NextApiResponse } from 'next';
-
-export default async function handler(req: NextApiRequest, res: NextApiResponse) {
-  const config = await getSystemConfig();
-  jsonRes(res, {
-    data: config,
-    code: 200
-  });
-}
-
-const defaultConfig: SystemConfigType = {
-  scripts: [],
-  backgroundImageUrl: '/images/bg-blue.svg',
-  imageFallBackUrl: 'logo.svg',
-  title: 'Sealos',
-  metaTitle: 'Sealos Cloud',
-  metaDescription: 'sealos cloud dashboard',
-  showGithubStar: true,
-  isSystemConfigEnabled: true
-};
-
-export async function getSystemConfig(): Promise<SystemConfigType> {
-  try {
-    const filename =
-      process.env.NODE_ENV === 'development' ? 'data/config.local.json' : '/app/data/config.json';
-    const res = JSON.parse(readFileSync(filename, 'utf-8')) as SystemConfigType;
-    return res?.isSystemConfigEnabled ? res : defaultConfig;
-  } catch (error) {
-    console.log('-getSystemConfig-\n', error);
-    return defaultConfig;
-  }
-}
diff --git a/frontend/desktop/src/pages/index.tsx b/frontend/desktop/src/pages/index.tsx
index 396dee515d2..6fe4f84b87b 100644
--- a/frontend/desktop/src/pages/index.tsx
+++ b/frontend/desktop/src/pages/index.tsx
@@ -2,7 +2,7 @@ import DesktopContent from '@/components/desktop_content';
 import FloatButton from '@/components/floating_button';
 import MoreApps from '@/components/more_apps';
 import useAppStore from '@/stores/app';
-import { useSystemConfigStore } from '@/stores/config';
+import { useConfigStore } from '@/stores/config';
 import useSessionStore from '@/stores/session';
 import { parseOpenappQuery } from '@/utils/format';
 import { setInviterId } from '@/utils/sessionConfig';
@@ -19,14 +19,16 @@ interface IMoreAppsContext {
   showMoreApps: boolean;
   setShowMoreApps: (value: boolean) => void;
 }
+
 export const MoreAppsContext = createContext<IMoreAppsContext | null>(null);
+
 export default function Home({ sealos_cloud_domain }: { sealos_cloud_domain: string }) {
   const router = useRouter();
   const { isUserLogin } = useSessionStore();
   const { colorMode, toggleColorMode } = useColorMode();
   const init = useAppStore((state) => state.init);
   const setAutoLaunch = useAppStore((state) => state.setAutoLaunch);
-  const { systemConfig } = useSystemConfigStore();
+  const { layoutConfig } = useConfigStore();
 
   useEffect(() => {
     colorMode === 'dark' ? toggleColorMode() : null;
@@ -85,15 +87,15 @@ export default function Home({ sealos_cloud_domain }: { sealos_cloud_domain: str
     if (bd_vid) {
       sessionStorage.setItem('bd_vid', bd_vid as string);
     }
-  }, []);
+  });
 
   return (
     <Box position={'relative'} overflow={'hidden'} w="100vw" h="100vh">
       <Head>
-        <title>{systemConfig?.metaTitle}</title>
-        <meta name="description" content={systemConfig?.metaTitle} />
+        <title>{layoutConfig?.meta.title}</title>
+        <meta name="description" content={layoutConfig?.meta.description} />
       </Head>
-      {systemConfig?.scripts?.map((item, i) => {
+      {layoutConfig?.meta.scripts.map((item, i) => {
         return <Script key={i} {...item} />;
       })}
       <MoreAppsContext.Provider value={{ showMoreApps, setShowMoreApps }}>
@@ -105,11 +107,12 @@ export default function Home({ sealos_cloud_domain }: { sealos_cloud_domain: str
   );
 }
 
-export async function getServerSideProps({ req, res, locales, query }: any) {
+export async function getServerSideProps({ req, res, locales }: any) {
   const local =
     req?.cookies?.NEXT_LOCALE || compareFirstLanguages(req?.headers?.['accept-language'] || 'zh');
   res.setHeader('Set-Cookie', `NEXT_LOCALE=${local}; Max-Age=2592000; Secure; SameSite=None`);
-  const sealos_cloud_domain = process.env.SEALOS_CLOUD_DOMAIN || 'cloud.sealos.io';
+
+  const sealos_cloud_domain = global.AppConfig?.cloud.domain || 'cloud.sealos.io';
 
   return {
     props: {
diff --git a/frontend/desktop/src/pages/proxyOAuth.tsx b/frontend/desktop/src/pages/proxyOAuth.tsx
index 52f9b7a0857..ac1891be024 100644
--- a/frontend/desktop/src/pages/proxyOAuth.tsx
+++ b/frontend/desktop/src/pages/proxyOAuth.tsx
@@ -2,22 +2,24 @@ import { useRouter } from 'next/router';
 import { useEffect } from 'react';
 import request from '@/services/request';
 import useSessionStore from '@/stores/session';
-import { ApiResp, SystemEnv } from '@/types';
+import { ApiResp, AuthConfigType } from '@/types';
 import { Flex, Spinner } from '@chakra-ui/react';
 import { isString } from 'lodash';
 import { useQuery } from '@tanstack/react-query';
 import { serverSideTranslations } from 'next-i18next/serverSideTranslations';
 import { compareFirstLanguages } from '@/utils/tools';
 import { OauthProvider } from '@/types/user';
+import { useConfigStore } from '@/stores/config';
 
 export default function Callback() {
   const router = useRouter();
   const setProvider = useSessionStore((s) => s.setProvider);
   const generateState = useSessionStore((s) => s.generateState);
-  const { data: platformEnv } = useQuery(['getPlatformEnv'], () =>
-    request<any, ApiResp<SystemEnv>>('/api/platform/getEnv')
+  const { data: res } = useQuery(['getPlatformEnv'], () =>
+    request<any, ApiResp<AuthConfigType>>('/api/platform/getLoginConfig')
   );
-  const { callback_url = '' } = platformEnv?.data ?? {};
+  const conf = res?.data;
+  const callback_url = conf?.callbackURL;
   const oauthLogin = async ({ url, provider }: { url: string; provider?: OauthProvider }) => {
     setProvider(provider);
     window.location.href = url;
@@ -84,8 +86,7 @@ export async function getServerSideProps({ req, res, locales }: any) {
   const local =
     req?.cookies?.NEXT_LOCALE || compareFirstLanguages(req?.headers?.['accept-language'] || 'zh');
   res.setHeader('Set-Cookie', `NEXT_LOCALE=${local}; Max-Age=2592000; Secure; SameSite=None`);
-
-  const sealos_cloud_domain = process.env.SEALOS_CLOUD_DOMAIN || 'cloud.sealos.io';
+  const sealos_cloud_domain = useConfigStore.getState().cloudConfig?.domain;
   return {
     props: {
       ...(await serverSideTranslations(local, undefined, null, locales || [])),
diff --git a/frontend/desktop/src/services/enable.ts b/frontend/desktop/src/services/enable.ts
index d0ea9dd4607..4feeb9f4231 100644
--- a/frontend/desktop/src/services/enable.ts
+++ b/frontend/desktop/src/services/enable.ts
@@ -21,14 +21,14 @@ export const enableGoogle = () =>
   process.env.GOOGLE_ENABLED === 'true' &&
   !!process.env.GOOGLE_CLIENT_ID &&
   !!process.env.GOOGLE_CLIENT_SECRET;
-export const enableRecharge = () => {
-  return process.env.RECHARGE_ENABLED === 'true';
-};
 export const enableOpenWechat = () =>
   !!process.env.PBULIC_WECHAT_APP_ID && !!process.env.PBULIC_WECHAT_APP_SECRET;
 export const enableSignUp = () => process.env.SIGN_UP_ENABLED === 'true';
 export const enableApi = () => process.env.API_ENABLED === 'true';
 // costcenter
+export const enableRecharge = () => {
+  return process.env.RECHARGE_ENABLED === 'true';
+};
 export const enableStripe = () =>
   process.env['STRIPE_ENABLED'] === 'true' && !!process.env['STRIPE_PUB'];
 export const enableWechatRecharge = () => process.env['WECHAT_ENABLED'] === 'true';
diff --git a/frontend/desktop/src/stores/config.ts b/frontend/desktop/src/stores/config.ts
index 2d6966f0df3..c4ec768ba25 100644
--- a/frontend/desktop/src/stores/config.ts
+++ b/frontend/desktop/src/stores/config.ts
@@ -1,28 +1,41 @@
-import { getSystemConfig } from '@/api/platform';
-import { SystemConfigType } from '@/types';
+import {
+  AppConfigType,
+  AuthConfigType,
+  CloudConfigType,
+  CommonConfigType,
+  LayoutConfigType
+} from '@/types';
 import { create } from 'zustand';
 import { devtools } from 'zustand/middleware';
 import { immer } from 'zustand/middleware/immer';
-
-export let BackgroundImageUrl = '/images/bg-blue.svg';
-export let ImageFallBackUrl = '/logo.svg';
+import { getAppConfig } from '@/api/platform';
 
 type State = {
-  systemConfig: SystemConfigType | undefined;
-  initSystemConfig: () => Promise<SystemConfigType>;
+  commonConfig: CommonConfigType | undefined;
+  authConfig: AuthConfigType | undefined;
+  cloudConfig: CloudConfigType | undefined;
+  layoutConfig: LayoutConfigType | undefined;
+  initAppConfig: () => Promise<AppConfigType | undefined>;
 };
 
-export const useSystemConfigStore = create<State>()(
+export const useConfigStore = create<State>()(
   devtools(
     immer((set, get) => ({
-      systemConfig: undefined,
-      async initSystemConfig() {
-        const data = await getSystemConfig();
-        BackgroundImageUrl = data.data?.backgroundImageUrl;
-        ImageFallBackUrl = data.data?.imageFallBackUrl;
+      cloudConfig: undefined,
+      authConfig: undefined,
+      commonConfig: undefined,
+      layoutConfig: undefined,
+
+      async initAppConfig() {
+        const data = await getAppConfig();
+
+        console.log('initAppConfig', data.data);
 
         set((state) => {
-          state.systemConfig = data.data;
+          state.layoutConfig = data.data.desktop.layout;
+          state.authConfig = data.data.desktop.auth;
+          state.cloudConfig = data.data.cloud;
+          state.commonConfig = data.data.common;
         });
         return data.data;
       }
diff --git a/frontend/desktop/src/stores/global.ts b/frontend/desktop/src/stores/global.ts
deleted file mode 100644
index f66cb2b9085..00000000000
--- a/frontend/desktop/src/stores/global.ts
+++ /dev/null
@@ -1,49 +0,0 @@
-import { getSystemEnv } from '@/api/platform';
-import { SystemEnv } from '@/types';
-import { create } from 'zustand';
-import { immer } from 'zustand/middleware/immer';
-
-type GlobalState = {
-  systemEnv: SystemEnv;
-  initSystemEnv: () => void;
-};
-
-export const useGlobalStore = create<GlobalState>()(
-  immer((set, get) => ({
-    systemEnv: {
-      callback_url: '',
-      cf_sitekey: '',
-      service_protocol_en: '',
-      service_protocol_zh: '',
-      private_protocol_en: '',
-      private_protocol_zh: '',
-      github_client_id: '',
-      google_client_id: '',
-      wechat_client_id: '',
-      licenseEnabled: false,
-      needGithub: false,
-      needGoogle: false,
-      needPassword: false,
-      needSms: false,
-      needWechat: false,
-      private_protocol: '',
-      service_protocol: '',
-      stripeEnabled: false,
-      oauth_proxy: '',
-      guideEnabled: false,
-      wechatEnabledRecharge: false,
-      SEALOS_CLOUD_DOMAIN: 'cloud.sealos.io',
-      rechargeEnabled: false,
-      openWechatEnabled: false,
-      oauth2_client_id: '',
-      oauth2_auth_url: '',
-      needOAuth2: false
-    },
-    async initSystemEnv() {
-      const data = await getSystemEnv();
-      set((state) => {
-        state.systemEnv = data.data;
-      });
-    }
-  }))
-);
diff --git a/frontend/desktop/src/types/index.ts b/frontend/desktop/src/types/index.ts
index 20e8f8a7b91..a6ab1345814 100644
--- a/frontend/desktop/src/types/index.ts
+++ b/frontend/desktop/src/types/index.ts
@@ -1,4 +1,5 @@
 import { type MongoClient } from 'mongodb';
+import { type AppConfigType } from './system';
 export * from './api';
 export * from './session';
 export * from './app';
@@ -9,8 +10,10 @@ export * from './login';
 export * from './valuation';
 export * from './license';
 export * from './region';
+
 declare global {
   var mongodb: MongoClient | null;
+  var AppConfig: AppConfigType | undefined;
   var WechatAccessToken: string | undefined;
   var WechatExpiresIn: number | undefined;
 }
diff --git a/frontend/desktop/src/types/system.ts b/frontend/desktop/src/types/system.ts
index 9e0b1691469..cadc21e3d60 100644
--- a/frontend/desktop/src/types/system.ts
+++ b/frontend/desktop/src/types/system.ts
@@ -1,45 +1,174 @@
-export type SystemConfigType = {
-  scripts: ScriptConfig[];
-  isSystemConfigEnabled: boolean; // Compatible with older versions
-  backgroundImageUrl: string;
-  imageFallBackUrl: string;
+export type CloudConfigType = {
+  domain: string;
+  port: string;
+  regionUID: string;
+  certSecretName: string;
+};
+
+export type CommonConfigType = {
+  guideEnabled: boolean;
+  apiEnabled: boolean;
+  rechargeEnabled: boolean;
+};
+
+export type DatabaseConfigType = {
+  mongodbURI: string;
+  globalCockroachdbURI: string;
+  regionalCockroachdbURI: string;
+};
+
+export type MetaConfigType = {
   title: string;
-  metaTitle: string;
-  metaDescription: string;
-  showGithubStar: boolean;
+  description: string;
+  keywords: string;
+  scripts: MetaScriptType[];
 };
 
-export type ScriptConfig = {
+export type MetaScriptType = {
   src: string;
   'data-website-id'?: string;
 };
 
-export type LoginProps = {
-  wechat_client_id: string;
-  github_client_id: string;
-  google_client_id: string;
-  callback_url: string;
-  cf_sitekey: string;
-  service_protocol_zh: string;
-  private_protocol_zh: string;
-  service_protocol_en: string;
-  private_protocol_en: string;
-  needPassword: boolean;
-  oauth_proxy: string;
-  needSms: boolean;
-  needGithub: boolean;
-  needWechat: boolean;
-  needGoogle: boolean;
-  oauth2_client_id: string;
-  oauth2_auth_url: string;
-  needOAuth2: boolean;
-};
-
-export type SystemEnv = {
-  SEALOS_CLOUD_DOMAIN: string;
-  wechatEnabledRecharge: boolean;
-  rechargeEnabled: boolean;
-  licenseEnabled: boolean;
-  guideEnabled: boolean;
-  openWechatEnabled: boolean;
-} & LoginProps;
+export type ProtocolConfigType = {
+  serviceProtocol: {
+    zh: string;
+    en: string;
+  };
+  privateProtocol: {
+    zh: string;
+    en: string;
+  };
+};
+
+export type LayoutConfigType = {
+  title: string;
+  logo: string;
+  backgroundImage: string;
+  cfSiteKey?: string;
+  protocol: ProtocolConfigType;
+  meta: MetaConfigType;
+  common: {
+    githubStarEnabled: boolean;
+  };
+};
+
+export type AuthConfigType = {
+  proxyAddress?: string;
+  callbackURL: string;
+  jwt: JwtConfigType;
+  idp: {
+    password?: {
+      enabled: boolean;
+      salt?: string;
+    };
+    github?: {
+      enabled: boolean;
+      clientID: string;
+      clientSecret?: string;
+    };
+    wechat?: {
+      enabled: boolean;
+      clientID: string;
+      clientSecret?: string;
+    };
+    google?: {
+      enabled: boolean;
+      clientID: string;
+      clientSecret?: string;
+    };
+    sms?: {
+      enabled: boolean;
+      ali?: {
+        enabled: boolean;
+        endpoint: string;
+        signName: string;
+        accessKeyID: string;
+        accessKeySecret?: string;
+      };
+    };
+    oauth2?: {
+      enabled: boolean;
+      callbackURL: string;
+      clientID: string;
+      clientSecret?: string;
+      authURL: string;
+      tokenURL: string;
+      userInfoURL: string;
+    };
+  };
+};
+
+export type JwtConfigType = {
+  internal?: string;
+  regional?: string;
+  global?: string;
+};
+
+export type DesktopConfigType = {
+  layout: LayoutConfigType;
+  auth: AuthConfigType;
+  components: {
+    billingService: {
+      uri: string;
+    };
+  };
+};
+
+export type AppConfigType = {
+  cloud: CloudConfigType;
+  common: CommonConfigType;
+  database: DatabaseConfigType;
+  desktop: DesktopConfigType;
+};
+
+export const DefaultCommonConfig: CommonConfigType = {
+  guideEnabled: false,
+  apiEnabled: false,
+  rechargeEnabled: false
+};
+
+export const DefaultCloudConfig: CloudConfigType = {
+  domain: 'cloud.sealos.io',
+  port: '443',
+  regionUID: 'sealos-cloud',
+  certSecretName: 'wildcard-cert'
+};
+
+export const DefaultLayoutConfig: LayoutConfigType = {
+  title: 'Sealos Cloud',
+  logo: 'logo.svg',
+  backgroundImage: '/images/bg-blue.svg',
+  protocol: {
+    serviceProtocol: {
+      zh: '',
+      en: ''
+    },
+    privateProtocol: {
+      zh: '',
+      en: ''
+    }
+  },
+  meta: {
+    title: 'Sealos Cloud',
+    description: 'Sealos Cloud',
+    keywords: 'Sealos Cloud',
+    scripts: []
+  },
+  common: {
+    githubStarEnabled: false
+  }
+};
+
+export const DefaultAuthConfig: AuthConfigType = {
+  callbackURL: 'https://cloud.sealos.io/callback',
+  jwt: {
+    internal: 'internal',
+    regional: 'regional',
+    global: 'global'
+  },
+  idp: {
+    password: {
+      enabled: true
+    }
+  }
+};

From d3faeef3b15cf6137613c4d4902ffd532a5d5ab6 Mon Sep 17 00:00:00 2001
From: yy <lingdie.yy@outlook.com>
Date: Thu, 25 Apr 2024 20:40:25 +0800
Subject: [PATCH 02/11] chore: fix logo svg config and related codes.

---
 frontend/desktop/.gitignore                   |  2 +-
 frontend/desktop/data/config.yaml             |  2 +-
 frontend/desktop/data/config.yaml.local       | 64 -------------------
 .../desktop/deploy/manifests/deploy.yaml.tmpl | 11 ----
 frontend/desktop/public/{ => images}/logo.svg |  0
 .../src/components/app_window/index.tsx       | 11 ++--
 .../src/components/desktop_content/index.tsx  |  8 ++-
 .../src/components/floating_button/index.tsx  |  4 +-
 .../src/components/more_apps/index.tsx        |  4 +-
 .../src/components/signin/auth/AuthList.tsx   |  6 +-
 .../desktop/src/components/signin/index.tsx   |  8 +--
 .../src/components/team/Abdication.tsx        |  5 +-
 .../desktop/src/components/team/userTable.tsx |  4 +-
 frontend/desktop/src/pages/_app.tsx           |  2 +-
 .../src/pages/api/platform/getAppConfig.ts    | 14 ++--
 .../src/pages/api/platform/getCloudConfig.ts  |  1 +
 frontend/desktop/src/pages/index.tsx          |  4 +-
 frontend/desktop/src/types/system.ts          |  6 +-
 18 files changed, 46 insertions(+), 110 deletions(-)
 delete mode 100644 frontend/desktop/data/config.yaml.local
 rename frontend/desktop/public/{ => images}/logo.svg (100%)

diff --git a/frontend/desktop/.gitignore b/frontend/desktop/.gitignore
index 9683369c1dd..7b375d66392 100644
--- a/frontend/desktop/.gitignore
+++ b/frontend/desktop/.gitignore
@@ -27,7 +27,7 @@ yarn-error.log*
 
 # local env files
 .env*.local
-*.local
+/data/*.local
 data/config.local.json
 # vercel
 .vercel
diff --git a/frontend/desktop/data/config.yaml b/frontend/desktop/data/config.yaml
index dbea93aa64b..4d1cfa7cfeb 100644
--- a/frontend/desktop/data/config.yaml
+++ b/frontend/desktop/data/config.yaml
@@ -24,7 +24,7 @@ desktop:
     common:
       githubStarEnabled: "false"
   auth:
-    callbackURL: "https://{{ .cloudDomain }}{{ if .cloudPort }}:{{ .cloudPort }}{{ end }}/callback"
+    callbackURL: "http://localhost:3000/callback"
     jwt:
       internal: "{{ .jwtInternal }}"
       regional: "{{ .jwtRegional }}"
diff --git a/frontend/desktop/data/config.yaml.local b/frontend/desktop/data/config.yaml.local
deleted file mode 100644
index 7d65365cb97..00000000000
--- a/frontend/desktop/data/config.yaml.local
+++ /dev/null
@@ -1,64 +0,0 @@
-cloud:
-  domain: "{{ .cloudDomain }}"
-  port: "{{ .cloudPort }}"
-  regionUID: "{{ .regionUID }}"
-  certSecretName: "{{ .certSecretName }}"
-common:
-  guideEnabled: "{{ .guideEnabled }}"
-  apiEnabled: "{{ .apiEnabled }}"
-  rechargeEnabled: "{{ .rechargeEnabled }}"
-database:
-  mongodbUri: "{{ .mongodbUri }}"
-  globalCockroachdbURI: "{{ .globalCockroachdbURI }}"
-  regionalCockroachdbURI: "{{ .regionalCockroachdbURI }}"
-desktop:
-  layout:
-    title: "Sealos Cloud"
-    logo: ""
-    backgroundImage: ""
-    meta:
-      title: "Sealos Cloud"
-      description: "Sealos Cloud"
-      keywords: "Sealos Cloud"
-    common:
-      githubStarEnabled: "false"
-  auth:
-    callbackURL: "https://{{ .cloudDomain }}{{ if .cloudPort }}:{{ .cloudPort }}{{ end }}/callback"
-    jwt:
-      internal: "{{ .jwtInternal }}"
-      regional: "{{ .jwtRegional }}"
-      global: "{{ .jwtGlobal }}"
-    idp:
-      password:
-        enabled: "{{ .passwordEnabled }}"
-        salt: "{{ .passwordSalt }}"
-      github:
-        enabled: "{{ .githubEnabled }}"
-        clientId: "{{ .githubClientID }}"
-        clientSecret: "{{ .githubClientSecret }}"
-      wechat:
-        enabled: "{{ .wechatEnabled }}"
-        clientId: "{{ .wechatClientID }}"
-        clientSecret: "{{ .wechatClientSecret }}"
-      sms:
-        ali:
-          enabled: "{{ .smsEnabled }}"
-          endpoint: "{{ .aliSmsEndpoint }}"
-          signName: "{{ .aliSmsSignName }}"
-          accessKeyId: "{{ .aliAccessKeyID }}"
-          accessKeySecret: "{{ .aliAccessKeySecret }}"
-      oauth2:
-        enabled: "{{ .oauth2Enabled }}"
-        callbackURL: "https://{{ .cloudDomain }}{{ if .cloudPort }}:{{ .cloudPort }}{{ end }}/callback"
-        clientId: "{{ .oauth2ClientId }}"
-        clientSecret: "{{ .oauth2ClientSecret }}"
-        authURL: "{{ .oauth2AuthURL }}"
-        tokenURL: "{{ .oauth2TokenURL }}"
-        userInfoURL: "{{ .oauth2UserInfoURL }}"
-  jwt:
-    internal: "{{ .jwtInternal }}"
-    regional: "{{ .jwtRegional }}"
-    global: "{{ .jwtGlobal }}"
-  components:
-    billingService:
-      uri: "{{ .billingURI }}"
\ No newline at end of file
diff --git a/frontend/desktop/deploy/manifests/deploy.yaml.tmpl b/frontend/desktop/deploy/manifests/deploy.yaml.tmpl
index ebcf7e1b459..6549bf6c1c1 100644
--- a/frontend/desktop/deploy/manifests/deploy.yaml.tmpl
+++ b/frontend/desktop/deploy/manifests/deploy.yaml.tmpl
@@ -93,17 +93,6 @@ data:
       components:
         billingService:
           uri: "{{ .billingURI }}"
-  config.json: |-
-    {
-      "scripts": [],
-      "isSystemConfigEnabled": true,
-      "backgroundImageUrl": '/images/bg-blue.svg',
-      "imageFallBackUrl": 'logo.svg',
-      "title": 'Sealos',
-      "metaTitle": 'Sealos Cloud',
-      "metaDescription": 'sealos cloud dashboard',
-      "showGithubStar": true
-    }
 ---
 apiVersion: apps/v1
 kind: Deployment
diff --git a/frontend/desktop/public/logo.svg b/frontend/desktop/public/images/logo.svg
similarity index 100%
rename from frontend/desktop/public/logo.svg
rename to frontend/desktop/public/images/logo.svg
diff --git a/frontend/desktop/src/components/app_window/index.tsx b/frontend/desktop/src/components/app_window/index.tsx
index bd3de171b53..c209c96ab13 100644
--- a/frontend/desktop/src/components/app_window/index.tsx
+++ b/frontend/desktop/src/components/app_window/index.tsx
@@ -6,7 +6,7 @@ import React, { useRef, useState } from 'react';
 import Draggable, { DraggableEventHandler } from 'react-draggable';
 import styles from './index.module.scss';
 import { useTranslation } from 'next-i18next';
-import { ImageFallBackUrl } from '@/stores/config';
+import { useConfigStore } from '@/stores/config';
 
 export default function AppWindow(props: {
   style?: React.CSSProperties;
@@ -23,6 +23,7 @@ export default function AppWindow(props: {
     findAppInfoById,
     maxZIndex
   } = useAppStore();
+  const logo = useConfigStore().layoutConfig?.logo;
   const { t, i18n } = useTranslation();
   const wnapp = findAppInfoById(pid);
   const [position, setPosition] = useState({ x: 0, y: 0 });
@@ -111,7 +112,7 @@ export default function AppWindow(props: {
           <Flex ml="16px" alignItems={'center'} fontSize={'12px'} fontWeight={400}>
             <Image
               src={wnapp?.icon}
-              fallbackSrc={ImageFallBackUrl}
+              fallbackSrc={logo}
               alt={wnapp?.name}
               width={'20px'}
               height={'20px'}
@@ -149,7 +150,7 @@ export default function AppWindow(props: {
             >
               <Image
                 src="/icons/minimize.png"
-                fallbackSrc={ImageFallBackUrl}
+                fallbackSrc={logo}
                 alt={wnapp?.name}
                 width={'12px'}
                 height={'12px'}
@@ -170,7 +171,7 @@ export default function AppWindow(props: {
             >
               <Image
                 src={wnapp.size === 'maximize' ? '/icons/maximize.png' : '/icons/maxmin.png'}
-                fallbackSrc={ImageFallBackUrl}
+                fallbackSrc={logo}
                 alt={wnapp?.name}
                 width={'12px'}
                 height={'12px'}
@@ -191,7 +192,7 @@ export default function AppWindow(props: {
             >
               <Image
                 src={'/icons/close.png'}
-                fallbackSrc={ImageFallBackUrl}
+                fallbackSrc={logo}
                 alt={wnapp?.name}
                 width={'12px'}
                 height={'12px'}
diff --git a/frontend/desktop/src/components/desktop_content/index.tsx b/frontend/desktop/src/components/desktop_content/index.tsx
index 1553a367d18..1a36d0a93fc 100644
--- a/frontend/desktop/src/components/desktop_content/index.tsx
+++ b/frontend/desktop/src/components/desktop_content/index.tsx
@@ -14,7 +14,7 @@ import styles from './index.module.scss';
 import { useQuery } from '@tanstack/react-query';
 import { getGlobalNotification } from '@/api/platform';
 import { useMessage } from '@sealos/ui';
-import { BackgroundImageUrl, ImageFallBackUrl } from '@/stores/config';
+import { useConfigStore } from '@/stores/config';
 const TimeComponent = dynamic(() => import('./time'), {
   ssr: false
 });
@@ -22,6 +22,8 @@ const TimeComponent = dynamic(() => import('./time'), {
 export default function DesktopContent(props: any) {
   const { t, i18n } = useTranslation();
   const { installedApps: apps, runningInfo, openApp, setToHighestLayerById } = useAppStore();
+  const backgroundImage = useConfigStore().layoutConfig?.backgroundImage;
+  const logo = useConfigStore().layoutConfig?.logo;
   const renderApps = apps.filter((item: TApp) => item?.displayType === 'normal');
   const [maxItems, setMaxItems] = useState(10);
   const { message } = useMessage();
@@ -109,7 +111,7 @@ export default function DesktopContent(props: any) {
     <Box
       id="desktop"
       className={styles.desktop}
-      backgroundImage={`url(${BackgroundImageUrl})`}
+      backgroundImage={`url(${backgroundImage || '/images/bg-blue.jpg'})`}
       backgroundRepeat={'no-repeat'}
       backgroundSize={'cover'}
     >
@@ -166,7 +168,7 @@ export default function DesktopContent(props: any) {
                     width="100%"
                     height="100%"
                     src={item?.icon}
-                    fallbackSrc={ImageFallBackUrl}
+                    fallbackSrc={logo || '/images/logo.svg'}
                     draggable={false}
                     alt="user avator"
                   />
diff --git a/frontend/desktop/src/components/floating_button/index.tsx b/frontend/desktop/src/components/floating_button/index.tsx
index 593717907ea..41b5d555b73 100644
--- a/frontend/desktop/src/components/floating_button/index.tsx
+++ b/frontend/desktop/src/components/floating_button/index.tsx
@@ -7,7 +7,7 @@ import Iconfont from '../iconfont';
 import styles from './index.module.scss';
 import homeIcon from 'public/icons/home.svg';
 import { APPTYPE } from '@/types';
-import { ImageFallBackUrl } from '@/stores/config';
+import { useConfigStore } from '@/stores/config';
 
 enum Suction {
   None,
@@ -245,7 +245,7 @@ export default function Index(props: any) {
                       >
                         <Image
                           src={item?.icon}
-                          fallbackSrc={ImageFallBackUrl}
+                          fallbackSrc={useConfigStore().layoutConfig?.logo || '/images/logo.svg'}
                           alt={item?.name}
                           w="24px"
                           h="24px"
diff --git a/frontend/desktop/src/components/more_apps/index.tsx b/frontend/desktop/src/components/more_apps/index.tsx
index f2783c82b91..3928b603283 100644
--- a/frontend/desktop/src/components/more_apps/index.tsx
+++ b/frontend/desktop/src/components/more_apps/index.tsx
@@ -7,7 +7,7 @@ import Iconfont from '../iconfont';
 import styles from './index.module.scss';
 import clsx from 'clsx';
 import { useTranslation } from 'next-i18next';
-import { ImageFallBackUrl } from '@/stores/config';
+import { useConfigStore } from '@/stores/config';
 
 export default function Index() {
   const { t, i18n } = useTranslation();
@@ -104,7 +104,7 @@ export default function Index() {
                     width="100%"
                     height="100%"
                     src={item?.icon}
-                    fallbackSrc={ImageFallBackUrl}
+                    fallbackSrc={useConfigStore().layoutConfig?.logo || '/images/logo.svg'}
                     draggable={false}
                     alt="user avator"
                   />
diff --git a/frontend/desktop/src/components/signin/auth/AuthList.tsx b/frontend/desktop/src/components/signin/auth/AuthList.tsx
index 9d8cad72bb3..634ad99b329 100644
--- a/frontend/desktop/src/components/signin/auth/AuthList.tsx
+++ b/frontend/desktop/src/components/signin/auth/AuthList.tsx
@@ -103,7 +103,11 @@ const AuthList = () => {
     {
       icon: () => (
         <Center>
-          <Image alt="logo" width={'20px'} src="logo.svg"></Image>
+          <Image
+            alt="logo"
+            width={'20px'}
+            src={useConfigStore().layoutConfig?.logo || '/images/logo.svg'}
+          ></Image>
         </Center>
       ),
       cb: (e) => {
diff --git a/frontend/desktop/src/components/signin/index.tsx b/frontend/desktop/src/components/signin/index.tsx
index 26e2d93c9f0..bf93fbf20bc 100644
--- a/frontend/desktop/src/components/signin/index.tsx
+++ b/frontend/desktop/src/components/signin/index.tsx
@@ -41,13 +41,13 @@ export default function SigninComponent() {
   let protocol_data: Parameters<typeof useProtocol>[0];
   if (['zh', 'zh-Hans'].includes(i18n.language))
     protocol_data = {
-      service_protocol: conf.layoutConfig?.protocol.serviceProtocol.zh as string,
-      private_protocol: conf.layoutConfig?.protocol.privateProtocol.zh as string
+      service_protocol: conf.layoutConfig?.protocol?.serviceProtocol.zh as string,
+      private_protocol: conf.layoutConfig?.protocol?.privateProtocol.zh as string
     };
   else
     protocol_data = {
-      service_protocol: conf.layoutConfig?.protocol.serviceProtocol.en as string,
-      private_protocol: conf.layoutConfig?.protocol.privateProtocol.en as string
+      service_protocol: conf.layoutConfig?.protocol?.serviceProtocol.en as string,
+      private_protocol: conf.layoutConfig?.protocol?.privateProtocol.en as string
     };
   const { Protocol, isAgree, setIsInvalid } = useProtocol(protocol_data!);
   const { WechatComponent, login: wechatSubmit } = useWechat();
diff --git a/frontend/desktop/src/components/team/Abdication.tsx b/frontend/desktop/src/components/team/Abdication.tsx
index dffdb34a65e..6163c3d6006 100644
--- a/frontend/desktop/src/components/team/Abdication.tsx
+++ b/frontend/desktop/src/components/team/Abdication.tsx
@@ -25,6 +25,7 @@ import { useCustomToast } from '@/hooks/useCustomToast';
 import { ApiResp } from '@/types';
 import { useTranslation } from 'next-i18next';
 import { ExchangeIcon, ExpanMoreIcon } from '@sealos/ui';
+import { useConfigStore } from '@/stores/config';
 
 export default function Abdication({
   ns_uid,
@@ -113,7 +114,7 @@ export default function Abdication({
                     <Image
                       alt="avatar"
                       src={targetUser.avatar}
-                      fallbackSrc={'/logo.svg'}
+                      fallbackSrc={useConfigStore().layoutConfig?.logo || '/images/logo.svg'}
                       boxSize={'24px'}
                       borderRadius={'50%'}
                       mr="8px"
@@ -141,7 +142,7 @@ export default function Abdication({
                       <Image
                         alt="logo"
                         src={user.avatarUrl}
-                        fallbackSrc={'/logo.svg'}
+                        fallbackSrc={useConfigStore().layoutConfig?.logo || '/images/logo.svg'}
                         boxSize={'24px'}
                         borderRadius={'50%'}
                         mr="8px"
diff --git a/frontend/desktop/src/components/team/userTable.tsx b/frontend/desktop/src/components/team/userTable.tsx
index 15940d24519..ecc6bc71233 100644
--- a/frontend/desktop/src/components/team/userTable.tsx
+++ b/frontend/desktop/src/components/team/userTable.tsx
@@ -19,6 +19,8 @@ import RemoveMember from './RemoveMember';
 import Abdication from './Abdication';
 import ModifyRole from './ModifyRole';
 import { useTranslation } from 'react-i18next';
+import { useConfigStore } from '@/stores/config';
+
 export default function UserTable({
   users = [],
   isTeam,
@@ -78,7 +80,7 @@ export default function UserTable({
                   <Image
                     alt="avatar"
                     src={user.avatarUrl}
-                    fallbackSrc={'/logo.svg'}
+                    fallbackSrc={useConfigStore().layoutConfig?.logo || '/images/logo.svg'}
                     w="20px"
                     h="20px"
                     mr="8px"
diff --git a/frontend/desktop/src/pages/_app.tsx b/frontend/desktop/src/pages/_app.tsx
index f642f5a9dd3..894000d3968 100644
--- a/frontend/desktop/src/pages/_app.tsx
+++ b/frontend/desktop/src/pages/_app.tsx
@@ -33,7 +33,7 @@ const App = ({ Component, pageProps }: AppProps) => {
 
   useEffect(() => {
     initAppConfig();
-  });
+  }, []);
 
   useEffect(() => {
     const lang = getCookie('NEXT_LOCALE');
diff --git a/frontend/desktop/src/pages/api/platform/getAppConfig.ts b/frontend/desktop/src/pages/api/platform/getAppConfig.ts
index 2205432a4a9..8eaf9000474 100644
--- a/frontend/desktop/src/pages/api/platform/getAppConfig.ts
+++ b/frontend/desktop/src/pages/api/platform/getAppConfig.ts
@@ -13,7 +13,7 @@ import { getLayoutConfig } from '@/pages/api/platform/getLayoutConfig';
 import { getCommonConfig } from '@/pages/api/platform/getCommonConfig';
 
 export default async function handler(req: NextApiRequest, res: NextApiResponse) {
-  const config = await getAuthConfig();
+  const config = await getAppConfig();
   jsonRes(res, {
     data: config,
     code: 200
@@ -38,12 +38,12 @@ function genResConfig(
 
 export async function getAppConfig(): Promise<AppConfigType> {
   try {
-    return genResConfig(
-      await getCloudConfig(),
-      await getAuthConfig(),
-      await getCommonConfig(),
-      await getLayoutConfig()
-    );
+    const cloudConf = await getCloudConfig();
+    const authConf = await getAuthConfig();
+    const commonConf = await getCommonConfig();
+    const layoutConf = await getLayoutConfig();
+    console.log(layoutConf);
+    return genResConfig(cloudConf, authConf, commonConf, layoutConf);
   } catch (error) {
     console.log('-getAppConfig-', error);
     return {} as AppConfigType;
diff --git a/frontend/desktop/src/pages/api/platform/getCloudConfig.ts b/frontend/desktop/src/pages/api/platform/getCloudConfig.ts
index 6059c54e992..8ecd50f3ac3 100644
--- a/frontend/desktop/src/pages/api/platform/getCloudConfig.ts
+++ b/frontend/desktop/src/pages/api/platform/getCloudConfig.ts
@@ -26,6 +26,7 @@ export async function getCloudConfig(): Promise<CloudConfigType> {
         process.env.NODE_ENV === 'development' ? 'data/config.yaml.local' : '/app/data/config.yaml';
       global.AppConfig = yaml.load(readFileSync(filename, 'utf-8')) as AppConfigType;
     }
+    console.log('global.AppConfig', global.AppConfig);
     return genResCloudConfig(global.AppConfig.cloud) || DefaultCloudConfig;
   } catch (error) {
     console.log('-getAppConfig-', error);
diff --git a/frontend/desktop/src/pages/index.tsx b/frontend/desktop/src/pages/index.tsx
index 6fe4f84b87b..f521cc25d6f 100644
--- a/frontend/desktop/src/pages/index.tsx
+++ b/frontend/desktop/src/pages/index.tsx
@@ -87,7 +87,7 @@ export default function Home({ sealos_cloud_domain }: { sealos_cloud_domain: str
     if (bd_vid) {
       sessionStorage.setItem('bd_vid', bd_vid as string);
     }
-  });
+  }, []);
 
   return (
     <Box position={'relative'} overflow={'hidden'} w="100vw" h="100vh">
@@ -95,7 +95,7 @@ export default function Home({ sealos_cloud_domain }: { sealos_cloud_domain: str
         <title>{layoutConfig?.meta.title}</title>
         <meta name="description" content={layoutConfig?.meta.description} />
       </Head>
-      {layoutConfig?.meta.scripts.map((item, i) => {
+      {layoutConfig?.meta.scripts?.map((item, i) => {
         return <Script key={i} {...item} />;
       })}
       <MoreAppsContext.Provider value={{ showMoreApps, setShowMoreApps }}>
diff --git a/frontend/desktop/src/types/system.ts b/frontend/desktop/src/types/system.ts
index cadc21e3d60..fdbd7dbb296 100644
--- a/frontend/desktop/src/types/system.ts
+++ b/frontend/desktop/src/types/system.ts
@@ -44,9 +44,9 @@ export type LayoutConfigType = {
   title: string;
   logo: string;
   backgroundImage: string;
-  cfSiteKey?: string;
-  protocol: ProtocolConfigType;
   meta: MetaConfigType;
+  cfSiteKey?: string;
+  protocol?: ProtocolConfigType;
   common: {
     githubStarEnabled: boolean;
   };
@@ -136,7 +136,7 @@ export const DefaultCloudConfig: CloudConfigType = {
 
 export const DefaultLayoutConfig: LayoutConfigType = {
   title: 'Sealos Cloud',
-  logo: 'logo.svg',
+  logo: '/images/logo.svg',
   backgroundImage: '/images/bg-blue.svg',
   protocol: {
     serviceProtocol: {

From b5047a78794f0f5cda096c8e5d1e3cae8203f8d9 Mon Sep 17 00:00:00 2001
From: yy <lingdie.yy@outlook.com>
Date: Fri, 26 Apr 2024 16:26:22 +0800
Subject: [PATCH 03/11] chore: fix logo svg config and related codes.

---
 frontend/desktop/.gitignore                   |  3 +--
 frontend/desktop/public/{images => }/logo.svg |  0
 .../src/components/desktop_content/index.tsx  |  2 +-
 .../src/components/floating_button/index.tsx  |  3 ++-
 .../src/components/more_apps/index.tsx        |  3 ++-
 .../src/components/signin/auth/AuthList.tsx   |  7 ++-----
 .../desktop/src/components/signin/index.tsx   |  4 ++--
 .../src/components/team/Abdication.tsx        |  5 +++--
 .../desktop/src/components/team/userTable.tsx |  2 +-
 .../src/pages/api/auth/oauth/github/index.ts  |  4 ++--
 .../src/pages/api/auth/oauth/google/index.ts  |  6 +++---
 .../src/pages/api/auth/oauth/oauth2/index.ts  | 10 ++++-----
 .../src/pages/api/auth/oauth/wechat/index.ts  |  4 ++--
 .../desktop/src/pages/api/auth/phone/sms.ts   | 18 ++++++++--------
 frontend/desktop/src/services/backend/auth.ts | 21 ++++++++++---------
 frontend/desktop/src/types/system.ts          |  9 +++++---
 16 files changed, 52 insertions(+), 49 deletions(-)
 rename frontend/desktop/public/{images => }/logo.svg (100%)

diff --git a/frontend/desktop/.gitignore b/frontend/desktop/.gitignore
index 7b375d66392..0ee16aefb7b 100644
--- a/frontend/desktop/.gitignore
+++ b/frontend/desktop/.gitignore
@@ -27,8 +27,7 @@ yarn-error.log*
 
 # local env files
 .env*.local
-/data/*.local
-data/config.local.json
+data/*.local
 # vercel
 .vercel
 
diff --git a/frontend/desktop/public/images/logo.svg b/frontend/desktop/public/logo.svg
similarity index 100%
rename from frontend/desktop/public/images/logo.svg
rename to frontend/desktop/public/logo.svg
diff --git a/frontend/desktop/src/components/desktop_content/index.tsx b/frontend/desktop/src/components/desktop_content/index.tsx
index 1a36d0a93fc..3245d53cecc 100644
--- a/frontend/desktop/src/components/desktop_content/index.tsx
+++ b/frontend/desktop/src/components/desktop_content/index.tsx
@@ -168,7 +168,7 @@ export default function DesktopContent(props: any) {
                     width="100%"
                     height="100%"
                     src={item?.icon}
-                    fallbackSrc={logo || '/images/logo.svg'}
+                    fallbackSrc={logo || '/logo.svg'}
                     draggable={false}
                     alt="user avator"
                   />
diff --git a/frontend/desktop/src/components/floating_button/index.tsx b/frontend/desktop/src/components/floating_button/index.tsx
index 41b5d555b73..1a173efa79a 100644
--- a/frontend/desktop/src/components/floating_button/index.tsx
+++ b/frontend/desktop/src/components/floating_button/index.tsx
@@ -82,6 +82,7 @@ export default function Index(props: any) {
     return `rotate(${temp}deg)`;
   };
 
+  const logo = useConfigStore().layoutConfig?.logo;
   // drag boundary calculation
   const handleDragBoundary: DraggableEventHandler = (e, position) => {
     try {
@@ -245,7 +246,7 @@ export default function Index(props: any) {
                       >
                         <Image
                           src={item?.icon}
-                          fallbackSrc={useConfigStore().layoutConfig?.logo || '/images/logo.svg'}
+                          fallbackSrc={logo || '/logo.svg'}
                           alt={item?.name}
                           w="24px"
                           h="24px"
diff --git a/frontend/desktop/src/components/more_apps/index.tsx b/frontend/desktop/src/components/more_apps/index.tsx
index 3928b603283..efb7a7eb271 100644
--- a/frontend/desktop/src/components/more_apps/index.tsx
+++ b/frontend/desktop/src/components/more_apps/index.tsx
@@ -19,6 +19,7 @@ export default function Index() {
   const endIndex = startIndex + itemsPerPage;
   const paginatedApps = apps?.slice(startIndex, endIndex);
   const totalPages = Math.ceil((apps?.length || 0) / itemsPerPage);
+  const logo = useConfigStore().layoutConfig?.logo;
 
   const handleDoubleClick = (e: MouseEvent<HTMLDivElement>, item: TApp) => {
     e.preventDefault();
@@ -104,7 +105,7 @@ export default function Index() {
                     width="100%"
                     height="100%"
                     src={item?.icon}
-                    fallbackSrc={useConfigStore().layoutConfig?.logo || '/images/logo.svg'}
+                    fallbackSrc={logo || '/logo.svg'}
                     draggable={false}
                     alt="user avator"
                   />
diff --git a/frontend/desktop/src/components/signin/auth/AuthList.tsx b/frontend/desktop/src/components/signin/auth/AuthList.tsx
index 634ad99b329..f4c981647ee 100644
--- a/frontend/desktop/src/components/signin/auth/AuthList.tsx
+++ b/frontend/desktop/src/components/signin/auth/AuthList.tsx
@@ -32,6 +32,7 @@ const AuthList = () => {
     target.searchParams.append('oauthProxyProvider', provider);
     router.replace(target.toString());
   };
+  const logo = useConfigStore().layoutConfig?.logo;
 
   const { generateState, setProvider } = useSessionStore();
   const authList: { icon: typeof Icon; cb: MouseEventHandler; need: boolean }[] = [
@@ -103,11 +104,7 @@ const AuthList = () => {
     {
       icon: () => (
         <Center>
-          <Image
-            alt="logo"
-            width={'20px'}
-            src={useConfigStore().layoutConfig?.logo || '/images/logo.svg'}
-          ></Image>
+          <Image alt="logo" width={'20px'} src={logo || '/logo.svg'}></Image>
         </Center>
       ),
       cb: (e) => {
diff --git a/frontend/desktop/src/components/signin/index.tsx b/frontend/desktop/src/components/signin/index.tsx
index bf93fbf20bc..7b92f254b39 100644
--- a/frontend/desktop/src/components/signin/index.tsx
+++ b/frontend/desktop/src/components/signin/index.tsx
@@ -216,13 +216,13 @@ export default function SigninComponent() {
           {tabIndex !== LoginType.WeChat && (
             <>
               <Protocol />
-              {!!conf.layoutConfig?.cfSiteKey && (
+              {!!conf.commonConfig?.cfSiteKey && (
                 <Turnstile
                   options={{
                     size: 'invisible'
                   }}
                   ref={turnstileRef}
-                  siteKey={conf.layoutConfig?.cfSiteKey}
+                  siteKey={conf.commonConfig?.cfSiteKey}
                 />
               )}
               <Button
diff --git a/frontend/desktop/src/components/team/Abdication.tsx b/frontend/desktop/src/components/team/Abdication.tsx
index 6163c3d6006..711a58a25f1 100644
--- a/frontend/desktop/src/components/team/Abdication.tsx
+++ b/frontend/desktop/src/components/team/Abdication.tsx
@@ -35,6 +35,7 @@ export default function Abdication({
   users: TeamUserDto[];
   ns_uid: string;
 } & ButtonProps) {
+  const logo = useConfigStore().layoutConfig?.logo;
   const { t } = useTranslation();
   const { onOpen, isOpen, onClose } = useDisclosure();
   const queryClient = useQueryClient();
@@ -114,7 +115,7 @@ export default function Abdication({
                     <Image
                       alt="avatar"
                       src={targetUser.avatar}
-                      fallbackSrc={useConfigStore().layoutConfig?.logo || '/images/logo.svg'}
+                      fallbackSrc={logo || '/logo.svg'}
                       boxSize={'24px'}
                       borderRadius={'50%'}
                       mr="8px"
@@ -142,7 +143,7 @@ export default function Abdication({
                       <Image
                         alt="logo"
                         src={user.avatarUrl}
-                        fallbackSrc={useConfigStore().layoutConfig?.logo || '/images/logo.svg'}
+                        fallbackSrc={logo || '/logo.svg'}
                         boxSize={'24px'}
                         borderRadius={'50%'}
                         mr="8px"
diff --git a/frontend/desktop/src/components/team/userTable.tsx b/frontend/desktop/src/components/team/userTable.tsx
index ecc6bc71233..0be4c2860d5 100644
--- a/frontend/desktop/src/components/team/userTable.tsx
+++ b/frontend/desktop/src/components/team/userTable.tsx
@@ -80,7 +80,7 @@ export default function UserTable({
                   <Image
                     alt="avatar"
                     src={user.avatarUrl}
-                    fallbackSrc={useConfigStore().layoutConfig?.logo || '/images/logo.svg'}
+                    fallbackSrc={'/logo.svg'}
                     w="20px"
                     h="20px"
                     mr="8px"
diff --git a/frontend/desktop/src/pages/api/auth/oauth/github/index.ts b/frontend/desktop/src/pages/api/auth/oauth/github/index.ts
index d1b0250e01b..0f08924034f 100644
--- a/frontend/desktop/src/pages/api/auth/oauth/github/index.ts
+++ b/frontend/desktop/src/pages/api/auth/oauth/github/index.ts
@@ -1,8 +1,8 @@
 import { NextApiRequest, NextApiResponse } from 'next';
 import { jsonRes } from '@/services/backend/response';
 
-const clientId = process.env.GITHUB_CLIENT_ID!;
-const clientSecret = process.env.GITHUB_CLIENT_SECRET!;
+const clientId = global.AppConfig?.desktop.auth.idp.github?.clientID!;
+const clientSecret = global.AppConfig?.desktop.auth.idp.github?.clientSecret!;
 import { TgithubToken, TgithubUser } from '@/types/user';
 
 import { enableGithub } from '@/services/enable';
diff --git a/frontend/desktop/src/pages/api/auth/oauth/google/index.ts b/frontend/desktop/src/pages/api/auth/oauth/google/index.ts
index f4c2d52b6e3..46a14348272 100644
--- a/frontend/desktop/src/pages/api/auth/oauth/google/index.ts
+++ b/frontend/desktop/src/pages/api/auth/oauth/google/index.ts
@@ -1,8 +1,8 @@
 import { NextApiRequest, NextApiResponse } from 'next';
 import { jsonRes } from '@/services/backend/response';
-const clientId = process.env.GOOGLE_CLIENT_ID!;
-const clientSecret = process.env.GOOGLE_CLIENT_SECRET!;
-const callbackUrl = process.env.CALLBACK_URL || '';
+const clientId = global.AppConfig?.desktop.auth.idp.google?.clientID!;
+const clientSecret = global.AppConfig?.desktop.auth.idp.google?.clientSecret!;
+const callbackUrl = global.AppConfig?.desktop.auth.callbackURL || '';
 import * as jwt from 'jsonwebtoken';
 import { enableGoogle } from '@/services/enable';
 import { getBase64FromRemote } from '@/utils/tools';
diff --git a/frontend/desktop/src/pages/api/auth/oauth/oauth2/index.ts b/frontend/desktop/src/pages/api/auth/oauth/oauth2/index.ts
index 8c321fbaa9d..ce22fcf8149 100644
--- a/frontend/desktop/src/pages/api/auth/oauth/oauth2/index.ts
+++ b/frontend/desktop/src/pages/api/auth/oauth/oauth2/index.ts
@@ -7,11 +7,11 @@ import { NextApiRequest, NextApiResponse } from 'next';
 import { ProviderType } from 'prisma/global/generated/client';
 const nanoid = customAlphabet('abcdefghijklmnopqrstuvwxyz', 12);
 
-const clientId = process.env.OAUTH2_CLIENT_ID!;
-const clientSecret = process.env.OAUTH2_CLIENT_SECRET!;
-const tokenUrl = process.env.OAUTH2_TOKEN_URL;
-const userInfoUrl = process.env.OAUTH2_USERINFO_URL;
-const redirectUrl = process.env.CALLBACK_URL;
+const clientId = global.AppConfig?.desktop.auth.idp.oauth2?.clientID!;
+const clientSecret = global.AppConfig?.desktop.auth.idp.oauth2?.clientSecret!;
+const tokenUrl = global.AppConfig?.desktop.auth.idp.oauth2?.tokenURL;
+const userInfoUrl = global.AppConfig?.desktop.auth.idp.oauth2?.userInfoURL;
+const redirectUrl = global.AppConfig?.desktop.auth.callbackURL;
 
 //OAuth2 Support client_secret_post method to obtain token
 export default async function handler(req: NextApiRequest, res: NextApiResponse) {
diff --git a/frontend/desktop/src/pages/api/auth/oauth/wechat/index.ts b/frontend/desktop/src/pages/api/auth/oauth/wechat/index.ts
index 95062f5c3f5..bfa8f1af8e3 100644
--- a/frontend/desktop/src/pages/api/auth/oauth/wechat/index.ts
+++ b/frontend/desktop/src/pages/api/auth/oauth/wechat/index.ts
@@ -1,8 +1,8 @@
 import { NextApiRequest, NextApiResponse } from 'next';
 import { jsonRes } from '@/services/backend/response';
 
-const APP_ID = process.env.WECHAT_CLIENT_ID!;
-const APP_SECRET = process.env.WECHAT_CLIENT_SECRET!;
+const APP_ID = global.AppConfig?.desktop.auth.idp.wechat?.clientID!;
+const APP_SECRET = global.AppConfig?.desktop.auth.idp.wechat?.clientSecret!;
 import { TWechatToken, TWechatUser } from '@/types/user';
 import { enableWechat } from '@/services/enable';
 import { getGlobalToken } from '@/services/backend/globalAuth';
diff --git a/frontend/desktop/src/pages/api/auth/phone/sms.ts b/frontend/desktop/src/pages/api/auth/phone/sms.ts
index 12ef8e9bde5..6e57d098128 100644
--- a/frontend/desktop/src/pages/api/auth/phone/sms.ts
+++ b/frontend/desktop/src/pages/api/auth/phone/sms.ts
@@ -11,12 +11,12 @@ import { addOrUpdateCode, checkSendable } from '@/services/backend/db/verifyCode
 import { enableSms } from '@/services/enable';
 import { retrySerially } from '@/utils/tools';
 
-const accessKeyId = process.env.ALI_ACCESS_KEY_ID;
-const accessKeySecret = process.env.ALI_ACCESS_KEY_SECRET;
-const templateCode = process.env.ALI_TEMPLATE_CODE;
-const signName = process.env.ALI_SIGN_NAME;
-const verifyEndpoint = 'https://challenges.cloudflare.com/turnstile/v0/siteverify';
-const secret = process.env.CF_SECRET_KEY;
+const accessKeyId = global.AppConfig?.desktop.auth.idp.sms?.ali?.accessKeyID!;
+const accessKeySecret = global.AppConfig?.desktop.auth.idp.sms?.ali?.accessKeySecret!;
+const templateCode = global.AppConfig?.desktop.auth.idp.sms?.ali?.templateCode!;
+const signName = global.AppConfig?.desktop.auth.idp.sms?.ali?.signName!;
+const cfSiteKey = global.AppConfig?.common.cfSiteKey!;
+const cfVerifyEndpoint = 'https://challenges.cloudflare.com/turnstile/v0/siteverify';
 export default async function handler(req: NextApiRequest, res: NextApiResponse) {
   try {
     if (!enableSms()) {
@@ -24,15 +24,15 @@ export default async function handler(req: NextApiRequest, res: NextApiResponse)
     }
     const { phoneNumbers, cfToken } = req.body as { phoneNumbers?: string; cfToken?: string };
 
-    if (secret) {
+    if (cfSiteKey) {
       if (!cfToken)
         return jsonRes(res, {
           message: 'cfToken is invalid',
           code: 400
         });
-      const verifyRes = await fetch(verifyEndpoint, {
+      const verifyRes = await fetch(cfVerifyEndpoint, {
         method: 'POST',
-        body: `secret=${encodeURIComponent(secret)}&response=${encodeURIComponent(cfToken)}`,
+        body: `secret=${encodeURIComponent(cfSiteKey)}&response=${encodeURIComponent(cfToken)}`,
         headers: {
           'content-type': 'application/x-www-form-urlencoded'
         }
diff --git a/frontend/desktop/src/services/backend/auth.ts b/frontend/desktop/src/services/backend/auth.ts
index 1aa9da5b873..89e4efa982e 100644
--- a/frontend/desktop/src/services/backend/auth.ts
+++ b/frontend/desktop/src/services/backend/auth.ts
@@ -2,11 +2,12 @@ import { IncomingHttpHeaders } from 'http';
 import { sign, verify } from 'jsonwebtoken';
 import { JWTPayload } from '@/types';
 import { AuthenticationTokenPayload, AccessTokenPayload } from '@/types/token';
-import { getRegionUid } from '@/services/enable';
 
-const jwtSecret = (process.env.JWT_SECRET as string) || '123456789';
-const regionJwtSecret = process.env.JWT_SECRET_REGION || '123456789';
-const appJwtSecret = process.env.JWT_SECRET_APP || '123456789';
+const regionUID = global.AppConfig?.cloud.regionUID || '123456789';
+const grobalJwtSecret = global.AppConfig?.desktop.auth.jwt.global || '123456789';
+const regionalJwtSecret = global.AppConfig?.desktop.auth.jwt.regional || '123456789';
+const internalJwtSecret = global.AppConfig?.desktop.auth.jwt.internal || '123456789';
+
 const verifyToken = async <T extends Object>(header: IncomingHttpHeaders) => {
   try {
     if (!header?.authorization) {
@@ -23,7 +24,7 @@ const verifyToken = async <T extends Object>(header: IncomingHttpHeaders) => {
 export const verifyAccessToken = async (header: IncomingHttpHeaders) =>
   verifyToken<AccessTokenPayload>(header).then(
     (payload) => {
-      if (payload?.regionUid === getRegionUid()) {
+      if (payload?.regionUid === regionUID) {
         return payload;
       } else {
         return null;
@@ -37,7 +38,7 @@ export const verifyAuthenticationToken = async (header: IncomingHttpHeaders) =>
       throw new Error('缺少凭证');
     }
     const token = decodeURIComponent(header.authorization);
-    const payload = await verifyJWT<AuthenticationTokenPayload>(token, regionJwtSecret);
+    const payload = await verifyJWT<AuthenticationTokenPayload>(token, grobalJwtSecret);
     return payload;
   } catch (err) {
     console.error(err);
@@ -47,7 +48,7 @@ export const verifyAuthenticationToken = async (header: IncomingHttpHeaders) =>
 export const verifyJWT = <T extends Object = JWTPayload>(token?: string, secret?: string) =>
   new Promise<T | null>((resolve) => {
     if (!token) return resolve(null);
-    verify(token, secret || jwtSecret, (err, payload) => {
+    verify(token, secret || regionalJwtSecret, (err, payload) => {
       if (err) {
         console.log(err);
         resolve(null);
@@ -60,8 +61,8 @@ export const verifyJWT = <T extends Object = JWTPayload>(token?: string, secret?
     });
   });
 export const generateAccessToken = (props: AccessTokenPayload) =>
-  sign(props, jwtSecret, { expiresIn: '7d' });
+  sign(props, regionalJwtSecret, { expiresIn: '7d' });
 export const generateAppToken = (props: AccessTokenPayload) =>
-  sign(props, appJwtSecret, { expiresIn: '7d' });
+  sign(props, internalJwtSecret, { expiresIn: '7d' });
 export const generateAuthenticationToken = (props: AuthenticationTokenPayload) =>
-  sign(props, regionJwtSecret, { expiresIn: '60000' });
+  sign(props, grobalJwtSecret, { expiresIn: '60000' });
diff --git a/frontend/desktop/src/types/system.ts b/frontend/desktop/src/types/system.ts
index fdbd7dbb296..31109461612 100644
--- a/frontend/desktop/src/types/system.ts
+++ b/frontend/desktop/src/types/system.ts
@@ -9,6 +9,7 @@ export type CommonConfigType = {
   guideEnabled: boolean;
   apiEnabled: boolean;
   rechargeEnabled: boolean;
+  cfSiteKey?: string;
 };
 
 export type DatabaseConfigType = {
@@ -45,7 +46,7 @@ export type LayoutConfigType = {
   logo: string;
   backgroundImage: string;
   meta: MetaConfigType;
-  cfSiteKey?: string;
+
   protocol?: ProtocolConfigType;
   common: {
     githubStarEnabled: boolean;
@@ -81,6 +82,7 @@ export type AuthConfigType = {
       ali?: {
         enabled: boolean;
         endpoint: string;
+        templateCode: string;
         signName: string;
         accessKeyID: string;
         accessKeySecret?: string;
@@ -124,7 +126,8 @@ export type AppConfigType = {
 export const DefaultCommonConfig: CommonConfigType = {
   guideEnabled: false,
   apiEnabled: false,
-  rechargeEnabled: false
+  rechargeEnabled: false,
+  cfSiteKey: ''
 };
 
 export const DefaultCloudConfig: CloudConfigType = {
@@ -136,7 +139,7 @@ export const DefaultCloudConfig: CloudConfigType = {
 
 export const DefaultLayoutConfig: LayoutConfigType = {
   title: 'Sealos Cloud',
-  logo: '/images/logo.svg',
+  logo: '/logo.svg',
   backgroundImage: '/images/bg-blue.svg',
   protocol: {
     serviceProtocol: {

From fc79030d3477216508c3cfa477cf69e17fadd447 Mon Sep 17 00:00:00 2001
From: yy <lingdie.yy@outlook.com>
Date: Fri, 26 Apr 2024 18:27:15 +0800
Subject: [PATCH 04/11] chore: bugs.

---
 frontend/desktop/src/components/floating_button/index.tsx | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/frontend/desktop/src/components/floating_button/index.tsx b/frontend/desktop/src/components/floating_button/index.tsx
index 1a173efa79a..f8f31349038 100644
--- a/frontend/desktop/src/components/floating_button/index.tsx
+++ b/frontend/desktop/src/components/floating_button/index.tsx
@@ -54,6 +54,8 @@ export default function Index(props: any) {
     ...runningInfo
   ];
 
+  const logo = useConfigStore().layoutConfig?.logo;
+
   const [degree, contentSkewDegree, contentRotateDegree] = useMemo(() => {
     const len = apps?.length < 6 ? 6 : apps?.length > 8 ? 8 : apps?.length;
     const temp: number = 360 / len;
@@ -82,7 +84,6 @@ export default function Index(props: any) {
     return `rotate(${temp}deg)`;
   };
 
-  const logo = useConfigStore().layoutConfig?.logo;
   // drag boundary calculation
   const handleDragBoundary: DraggableEventHandler = (e, position) => {
     try {

From 3bb3cdcd0bf2ad5752c33a334c4b6b874f6b4b8c Mon Sep 17 00:00:00 2001
From: yy <lingdie.yy@outlook.com>
Date: Sun, 28 Apr 2024 15:39:30 +0800
Subject: [PATCH 05/11] chore: update enable service to use global config.

---
 frontend/desktop/data/config.yaml             | 93 ++++++++++---------
 .../desktop/deploy/manifests/deploy.yaml.tmpl |  5 -
 frontend/desktop/deploy/manifests/secret.yaml |  5 -
 .../src/pages/api/platform/getAuthConfig.ts   |  5 +
 .../src/pages/api/platform/uploadData.ts      |  2 +-
 .../src/services/backend/db/mongodb.ts        |  2 +-
 .../src/services/backend/db/wechatCode.ts     |  4 +-
 .../src/services/backend/globalAuth.ts        | 10 +-
 .../src/services/backend/persistImage.ts      |  1 +
 frontend/desktop/src/services/enable.ts       | 58 +++---------
 frontend/desktop/src/types/index.ts           |  2 +-
 frontend/desktop/src/types/system.ts          | 16 +++-
 frontend/desktop/src/utils/crypto.ts          |  2 +-
 13 files changed, 90 insertions(+), 115 deletions(-)

diff --git a/frontend/desktop/data/config.yaml b/frontend/desktop/data/config.yaml
index 4d1cfa7cfeb..d780a423507 100644
--- a/frontend/desktop/data/config.yaml
+++ b/frontend/desktop/data/config.yaml
@@ -1,61 +1,64 @@
 cloud:
-  domain: "{{ .cloudDomain }}"
-  port: "{{ .cloudPort }}"
-  regionUID: "{{ .regionUID }}"
-  certSecretName: "{{ .certSecretName }}"
+  domain: "127.0.0.1.nip.io"
+  port: ""
+  regionUID: "thisiaregionuid"
+  certSecretName: "wildcard-cert"
 common:
-  guideEnabled: "{{ .guideEnabled }}"
-  apiEnabled: "{{ .apiEnabled }}"
-  rechargeEnabled: "{{ .rechargeEnabled }}"
+  guideEnabled: "false"
+  apiEnabled: "false"
+  rechargeEnabled: "false"
+  cfSiteKey: ""
 database:
-  mongodbUri: "{{ .mongodbUri }}"
-  globalCockroachdbURI: "{{ .globalCockroachdbURI }}"
-  regionalCockroachdbURI: "{{ .regionalCockroachdbURI }}"
+  mongodbUri: "thisismongodburi"
+  globalCockroachdbURI: "thisisglobalcockroachdburi"
+  regionalCockroachdbURI: "thisisregionalcockroachdburi"
 desktop:
   layout:
     title: "Sealos Cloud"
-    logo: ""
-    backgroundImage: ""
-    cfSiteKey: ""
+    logo: "/logo.png"
+    backgroundImage: "/images/bg-blue.svg"
     meta:
       title: "Sealos Cloud"
       description: "Sealos Cloud"
       keywords: "Sealos Cloud"
+      scripts: []
     common:
       githubStarEnabled: "false"
   auth:
-    callbackURL: "http://localhost:3000/callback"
+    proxyAddress: ""
+    callbackURL: "https://127.0.0.1.nip.io/callback"
+    signUpEnabled: "true"
+    baiduToken: ""
+    invite:
+      enabled: "false"
     jwt:
-      internal: "{{ .jwtInternal }}"
-      regional: "{{ .jwtRegional }}"
-      global: "{{ .jwtGlobal }}"
+      internal: "thisisinternaljwt"
+      regional: "thisisregionaljwt"
+      global: "thisisglobaljwt"
     idp:
       password:
-        enabled: "{{ .passwordEnabled }}"
-        salt: "{{ .passwordSalt }}"
-      github:
-        enabled: "{{ .githubEnabled }}"
-        clientId: "{{ .githubClientID }}"
-        clientSecret: "{{ .githubClientSecret }}"
-      wechat:
-        enabled: "{{ .wechatEnabled }}"
-        clientId: "{{ .wechatClientID }}"
-        clientSecret: "{{ .wechatClientSecret }}"
-      sms:
-        ali:
-          enabled: "{{ .smsEnabled }}"
-          endpoint: "{{ .aliSmsEndpoint }}"
-          signName: "{{ .aliSmsSignName }}"
-          accessKeyId: "{{ .aliAccessKeyID }}"
-          accessKeySecret: "{{ .aliAccessKeySecret }}"
-      oauth2:
-        enabled: "{{ .oauth2Enabled }}"
-        callbackURL: "https://{{ .cloudDomain }}{{ if .cloudPort }}:{{ .cloudPort }}{{ end }}/callback"
-        clientId: "{{ .oauth2ClientId }}"
-        clientSecret: "{{ .oauth2ClientSecret }}"
-        authURL: "{{ .oauth2AuthURL }}"
-        tokenURL: "{{ .oauth2TokenURL }}"
-        userInfoURL: "{{ .oauth2UserInfoURL }}"
-  components:
-    billingService:
-      uri: "{{ .billingURI }}"
\ No newline at end of file
+        enabled: "true"
+        salt: "thisispasswordsalt"
+#        github:
+#          enabled: "{{ .githubEnabled }}"
+#          clientId: "{{ .githubClientID }}"
+#          clientSecret: "{{ .githubClientSecret }}"
+#        wechat:
+#          enabled: "{{ .wechatEnabled }}"
+#          clientId: "{{ .wechatClientID }}"
+#          clientSecret: "{{ .wechatClientSecret }}"
+#        sms:
+#          ali:
+#            enabled: "{{ .smsEnabled }}"
+#            endpoint: "{{ .aliSmsEndpoint }}"
+#            signName: "{{ .aliSmsSignName }}"
+#            accessKeyId: "{{ .aliAccessKeyID }}"
+#            accessKeySecret: "{{ .aliAccessKeySecret }}"
+#        oauth2:
+#          enabled: "{{ .oauth2Enabled }}"
+#          callbackURL: "https://{{ .cloudDomain }}{{ if .cloudPort }}:{{ .cloudPort }}{{ end }}/callback"
+#          clientId: "{{ .oauth2ClientId }}"
+#          clientSecret: "{{ .oauth2ClientSecret }}"
+#          authURL: "{{ .oauth2AuthURL }}"
+#          tokenURL: "{{ .oauth2TokenURL }}"
+#          userInfoURL: "{{ .oauth2UserInfoURL }}"
\ No newline at end of file
diff --git a/frontend/desktop/deploy/manifests/deploy.yaml.tmpl b/frontend/desktop/deploy/manifests/deploy.yaml.tmpl
index 6549bf6c1c1..2b11b703a54 100644
--- a/frontend/desktop/deploy/manifests/deploy.yaml.tmpl
+++ b/frontend/desktop/deploy/manifests/deploy.yaml.tmpl
@@ -249,11 +249,6 @@ spec:
                 secretKeyRef:
                   key: region_database_url
                   name: desktop-frontend-secret
-            - name: BILLING_URI
-              valueFrom:
-                secretKeyRef:
-                  key: billing_uri
-                  name: desktop-frontend-secret
             - name: JWT_SECRET_REGION
               valueFrom:
                 secretKeyRef:
diff --git a/frontend/desktop/deploy/manifests/secret.yaml b/frontend/desktop/deploy/manifests/secret.yaml
index 3b6988c6142..e0015351075 100644
--- a/frontend/desktop/deploy/manifests/secret.yaml
+++ b/frontend/desktop/deploy/manifests/secret.yaml
@@ -5,11 +5,6 @@ metadata:
   namespace: sealos
 type: Opaque
 data:
-  # base64 encode account service url, required
-  # default value is "http://account-service.account-system.svc:2333"
-  billing_uri: "aHR0cDovL2FjY291bnQtc2VydmljZS5hY2NvdW50LXN5c3RlbS5zdmM6MjMzMw=="
-
-
   # base64 encoded mongodb uri, required
   mongodb_uri: ""
   # base64 encoded cockroachdb uri for global, required
diff --git a/frontend/desktop/src/pages/api/platform/getAuthConfig.ts b/frontend/desktop/src/pages/api/platform/getAuthConfig.ts
index 425b7773b49..3d8e0fb6c0c 100644
--- a/frontend/desktop/src/pages/api/platform/getAuthConfig.ts
+++ b/frontend/desktop/src/pages/api/platform/getAuthConfig.ts
@@ -12,9 +12,14 @@ export default async function handler(req: NextApiRequest, res: NextApiResponse)
   });
 }
 
+// genResAuthConfig Return AuthConfigType with only necessary fields for response to client, to avoid exposing sensitive data
 function genResAuthConfig(conf: AuthConfigType): AuthConfigType {
   return {
     callbackURL: conf.callbackURL,
+    signUpEnabled: conf.signUpEnabled,
+    invite: {
+      enabled: conf.invite?.enabled
+    },
     idp: {
       password: {
         enabled: conf.idp.password?.enabled
diff --git a/frontend/desktop/src/pages/api/platform/uploadData.ts b/frontend/desktop/src/pages/api/platform/uploadData.ts
index c6374241459..cdde07fd69b 100644
--- a/frontend/desktop/src/pages/api/platform/uploadData.ts
+++ b/frontend/desktop/src/pages/api/platform/uploadData.ts
@@ -8,7 +8,7 @@ export default async function handler(req: NextApiRequest, res: NextApiResponse)
       bd_vid: string;
       main_url: string;
     };
-    const BD_TOKEN = process.env.BD_TOKEN;
+    const BD_TOKEN = global.AppConfig?.desktop.auth?.baiduToken;
 
     if (!BD_TOKEN || !bd_vid) {
       return jsonRes(res, {
diff --git a/frontend/desktop/src/services/backend/db/mongodb.ts b/frontend/desktop/src/services/backend/db/mongodb.ts
index 4002b36215d..a234751aa40 100644
--- a/frontend/desktop/src/services/backend/db/mongodb.ts
+++ b/frontend/desktop/src/services/backend/db/mongodb.ts
@@ -4,7 +4,7 @@ export async function connectToDatabase() {
   if (global.mongodb) {
     return global.mongodb;
   }
-  const uri = process.env.MONGODB_URI || '';
+  const uri = global.AppConfig?.database.mongodbURI || '';
   global.mongodb = new MongoClient(uri);
   // global.mongodb = 'connecting';
   try {
diff --git a/frontend/desktop/src/services/backend/db/wechatCode.ts b/frontend/desktop/src/services/backend/db/wechatCode.ts
index b54850db55a..659c2082c28 100644
--- a/frontend/desktop/src/services/backend/db/wechatCode.ts
+++ b/frontend/desktop/src/services/backend/db/wechatCode.ts
@@ -45,8 +45,8 @@ export async function verifyWechatCode({ code }: { code: string }) {
 }
 
 export async function hasWeChatAppSecret() {
-  const APP_ID = process.env.PBULIC_WECHAT_APP_ID;
-  const APP_SECRET = process.env.PBULIC_WECHAT_APP_SECRET;
+  const APP_ID = global.AppConfig?.desktop.auth?.idp.wechat?.clientID;
+  const APP_SECRET = global.AppConfig?.desktop.auth?.idp.wechat?.clientSecret;
   if (!APP_ID || !APP_SECRET) {
     throw new Error('Missing WeChat public account key');
   }
diff --git a/frontend/desktop/src/services/backend/globalAuth.ts b/frontend/desktop/src/services/backend/globalAuth.ts
index 985a34e722b..1b7cddf082b 100644
--- a/frontend/desktop/src/services/backend/globalAuth.ts
+++ b/frontend/desktop/src/services/backend/globalAuth.ts
@@ -4,6 +4,7 @@ import { globalPrisma, prisma } from '@/services/backend/db/init';
 import { ProviderType, User } from 'prisma/global/generated/client';
 import { nanoid } from 'nanoid';
 import { generateAuthenticationToken } from '@/services/backend/auth';
+import { AuthConfigType } from '@/types';
 
 async function signIn({ provider, id }: { provider: ProviderType; id: string }) {
   const userProvider = await globalPrisma.oauthProvider.findUnique({
@@ -32,11 +33,12 @@ export const inviteHandler = ({
   inviterId: string;
   signResult: any;
 }) => {
-  const secretKey = process.env.LAF_SECRET_KEY;
-  const baseUrl = process.env.LAF_BASE_URL;
-  const inviteEnabled = process.env.INVITE_ENABLED;
+  const conf = global.AppConfig?.desktop.auth as AuthConfigType;
+  const inviteEnabled = conf.invite?.enabled || false;
+  const secretKey = conf.invite?.lafSecretKey || '';
+  const baseUrl = conf.invite?.lafBaseURL || '';
 
-  if (inviteEnabled !== 'true' || !baseUrl || inviterId === inviteeId) return;
+  if (inviteEnabled || !baseUrl || inviterId === inviteeId) return;
 
   const payload = {
     inviterId,
diff --git a/frontend/desktop/src/services/backend/persistImage.ts b/frontend/desktop/src/services/backend/persistImage.ts
index 103e7e87ad7..6e381d269c7 100644
--- a/frontend/desktop/src/services/backend/persistImage.ts
+++ b/frontend/desktop/src/services/backend/persistImage.ts
@@ -3,6 +3,7 @@ import * as Minio from 'minio';
 import sharp from 'sharp';
 import { enablePersistImage } from '@/services/enable';
 
+// todo change env to configs
 const endPoint = process.env.OS_URL!;
 const bucketName = process.env.OS_BUCKET_NAME!;
 const port = Number(process.env.OS_PORT)!;
diff --git a/frontend/desktop/src/services/enable.ts b/frontend/desktop/src/services/enable.ts
index 4feeb9f4231..0620461440c 100644
--- a/frontend/desktop/src/services/enable.ts
+++ b/frontend/desktop/src/services/enable.ts
@@ -1,47 +1,22 @@
 // for service
 import process from 'process';
+import { AppConfigType } from '@/types';
 
-export const enablePassword = () =>
-  process.env.PASSWORD_ENABLED === 'true' && !!process.env.PASSWORD_SALT;
-export const enableGithub = () =>
-  process.env.GITHUB_ENABLED === 'true' &&
-  !!process.env.GITHUB_CLIENT_ID &&
-  !!process.env.GITHUB_CLIENT_SECRET;
-export const enableSms = () =>
-  process.env.SMS_ENABLED === 'true' &&
-  !!process.env.ALI_ACCESS_KEY_ID &&
-  !!process.env.ALI_ACCESS_KEY_SECRET &&
-  !!process.env.ALI_SIGN_NAME &&
-  !!process.env.ALI_TEMPLATE_CODE;
-export const enableWechat = () =>
-  process.env.WECHAT_ENABLED === 'true' &&
-  !!process.env.WECHAT_CLIENT_ID &&
-  !!process.env.WECHAT_CLIENT_SECRET;
-export const enableGoogle = () =>
-  process.env.GOOGLE_ENABLED === 'true' &&
-  !!process.env.GOOGLE_CLIENT_ID &&
-  !!process.env.GOOGLE_CLIENT_SECRET;
-export const enableOpenWechat = () =>
-  !!process.env.PBULIC_WECHAT_APP_ID && !!process.env.PBULIC_WECHAT_APP_SECRET;
-export const enableSignUp = () => process.env.SIGN_UP_ENABLED === 'true';
-export const enableApi = () => process.env.API_ENABLED === 'true';
-// costcenter
-export const enableRecharge = () => {
-  return process.env.RECHARGE_ENABLED === 'true';
-};
-export const enableStripe = () =>
-  process.env['STRIPE_ENABLED'] === 'true' && !!process.env['STRIPE_PUB'];
-export const enableWechatRecharge = () => process.env['WECHAT_ENABLED'] === 'true';
-// license
-export const enableLicense = () => {
-  return process.env.LICENSE_ENABLED === 'true';
-};
+const config = global.AppConfig as AppConfigType;
 
-export const getTeamLimit = () => parseInt(process.env['TEAM_LIMIT'] || '') || 50;
+export const enablePassword = () => config.desktop.auth.idp.password?.enabled || false;
+export const enableGithub = () => config.desktop.auth.idp.github?.enabled || false;
+export const enableSms = () => config.desktop.auth.idp.sms?.ali?.enabled || false;
+export const enableWechat = () => config.desktop.auth.idp.wechat?.enabled || false;
+export const enableGoogle = () => config.desktop.auth.idp.google?.enabled || false;
+export const enableSignUp = () => config.desktop.auth.signUpEnabled || false;
+export const enableApi = () => config.common.apiEnabled || false;
+export const enableOAuth2 = () => config.desktop.auth.idp.oauth2?.enabled || false;
 
-export const getTeamInviteLimit = () => parseInt(process.env['TEAM_INVITE_LIMIT'] || '') || 50;
+export const getTeamLimit = () => config.desktop.teamManagement?.maxTeamCount || 50;
+export const getTeamInviteLimit = () => config.desktop.teamManagement?.maxTeamMemberCount || 50;
 
-export const getRegionUid = () => process.env['REGION_UID'] || '';
+export const getRegionUid = () => config.cloud.regionUID;
 
 export const enablePersistImage = () =>
   !!process.env.OS_URL &&
@@ -50,10 +25,3 @@ export const enablePersistImage = () =>
   !!process.env.OS_ACCESS_KEY &&
   !!process.env.OS_SECRET_KEY &&
   process.env.PERSIST_AVATAR_ENABLED === 'true';
-
-export const enableOAuth2 = () =>
-  !!process.env.OAUTH2_CLIENT_ID &&
-  !!process.env.OAUTH2_CLIENT_SECRET &&
-  !!process.env.OAUTH2_AUTH_URL &&
-  !!process.env.OAUTH2_TOKEN_URL &&
-  !!process.env.OAUTH2_USERINFO_URL;
diff --git a/frontend/desktop/src/types/index.ts b/frontend/desktop/src/types/index.ts
index a6ab1345814..dc461c73158 100644
--- a/frontend/desktop/src/types/index.ts
+++ b/frontend/desktop/src/types/index.ts
@@ -13,7 +13,7 @@ export * from './region';
 
 declare global {
   var mongodb: MongoClient | null;
-  var AppConfig: AppConfigType | undefined;
+  var AppConfig: AppConfigType;
   var WechatAccessToken: string | undefined;
   var WechatExpiresIn: number | undefined;
 }
diff --git a/frontend/desktop/src/types/system.ts b/frontend/desktop/src/types/system.ts
index 31109461612..082706fdeaf 100644
--- a/frontend/desktop/src/types/system.ts
+++ b/frontend/desktop/src/types/system.ts
@@ -22,7 +22,7 @@ export type MetaConfigType = {
   title: string;
   description: string;
   keywords: string;
-  scripts: MetaScriptType[];
+  scripts?: MetaScriptType[];
 };
 
 export type MetaScriptType = {
@@ -56,7 +56,14 @@ export type LayoutConfigType = {
 export type AuthConfigType = {
   proxyAddress?: string;
   callbackURL: string;
+  signUpEnabled?: boolean;
+  baiduToken?: string;
   jwt: JwtConfigType;
+  invite?: {
+    enabled: boolean;
+    lafSecretKey: string;
+    lafBaseURL: string;
+  };
   idp: {
     password?: {
       enabled: boolean;
@@ -109,10 +116,9 @@ export type JwtConfigType = {
 export type DesktopConfigType = {
   layout: LayoutConfigType;
   auth: AuthConfigType;
-  components: {
-    billingService: {
-      uri: string;
-    };
+  teamManagement?: {
+    maxTeamCount: number;
+    maxTeamMemberCount: number;
   };
 };
 
diff --git a/frontend/desktop/src/utils/crypto.ts b/frontend/desktop/src/utils/crypto.ts
index 7c9cb089267..d7596eed45c 100644
--- a/frontend/desktop/src/utils/crypto.ts
+++ b/frontend/desktop/src/utils/crypto.ts
@@ -3,7 +3,7 @@ import * as crypto from 'crypto';
 // use sha256 to hash the password
 export function hashPassword(password: string): string {
   const hash = crypto.createHash('sha256');
-  hash.update(password + process.env.PASSWORD_SALT);
+  hash.update(password + global.AppConfig?.desktop.auth.idp.password?.salt || '');
   return hash.digest('hex');
 }
 

From a853f03aa1a581e05ecf68939a7728446c4fdc9b Mon Sep 17 00:00:00 2001
From: yy <lingdie.yy@outlook.com>
Date: Sun, 28 Apr 2024 16:10:46 +0800
Subject: [PATCH 06/11] chore: update build related files.

---
 frontend/desktop/deploy/Kubefile              |   6 -
 frontend/desktop/deploy/README.md             |  77 ++++--
 .../desktop/deploy/manifests/configmap.yaml   |  48 ++++
 .../desktop/deploy/manifests/deploy.yaml.tmpl | 238 ++----------------
 frontend/desktop/deploy/manifests/secret.yaml |  46 ----
 frontend/desktop/deploy/scripts/init.sh       |  13 +-
 6 files changed, 126 insertions(+), 302 deletions(-)
 create mode 100644 frontend/desktop/deploy/manifests/configmap.yaml
 delete mode 100644 frontend/desktop/deploy/manifests/secret.yaml

diff --git a/frontend/desktop/deploy/Kubefile b/frontend/desktop/deploy/Kubefile
index dc7b99afec5..19705c8fcbe 100644
--- a/frontend/desktop/deploy/Kubefile
+++ b/frontend/desktop/deploy/Kubefile
@@ -8,11 +8,5 @@ COPY scripts scripts
 ENV cloudDomain="127.0.0.1.nip.io"
 ENV cloudPort=""
 ENV certSecretName="wildcard-cert"
-ENV passWordEnabled="false"
-ENV githubEnabled="false"
-ENV wechatEnabled="false"
-ENV smsEnabled="false"
-ENV signUpEnabled="true"
-ENV apiEnabled="false"
 
 CMD ["bash scripts/init.sh"]
diff --git a/frontend/desktop/deploy/README.md b/frontend/desktop/deploy/README.md
index 3f4712eefbc..3aed86ca256 100644
--- a/frontend/desktop/deploy/README.md
+++ b/frontend/desktop/deploy/README.md
@@ -6,48 +6,81 @@ sealos build -t docker.io/labring/sealos-cloud-desktop:latest -f Kubefile .
 
 ### Env
 
-| Name                       | Description                 | Default                                |
-|----------------------------|-----------------------------|----------------------------------------|
-| `cloudDomain`              | sealos cloud domain         | `cloud.example.com`                    |
-| `wildcardCertSecretName`   | wildcard cert secret name   | `wildcard-cert`                        |
+| Name                       | Description                 | Default            |
+|----------------------------|-----------------------------|--------------------|
+| `cloudDomain`              | sealos cloud domain         | `127.0.0.1.nip.io` |
+| `wildcardCertSecretName`   | wildcard cert secret name   | `wildcard-cert`    |
 
 ### Config
 
-If you enable password login (which is enabled by default), you need to set the password salt by using a config file.
-
-And this is a command to generate a password salt:
-```shell
-echo -n "your-password-salt" | base64
-```
-
-
 Here is a config file example:
 ```yaml
 # desktop-config.yaml
 apiVersion: apps.sealos.io/v1beta1
 kind: Config
 metadata:
-  name: secret
+  name: configMap
 spec:
-  path: manifests/secret.yaml
-  match: docker.io/labring/sealos-cloud-desktop:latest
-  strategy: merge
+  path: manifests/configmap.yaml
+  strategy: override
   data: |
+    apiVersion: v1
+    kind: ConfigMap
+    metadata:
+      name: desktop-frontend-config
+      namespace: sealos
     data:
-      mongodb_uri: <your-mongodb-uri-base64>
-      jwt_secret: <your-jwt-secret-base64>
-      password_salt: <your-password-salt-base64>
+      config.yaml : |
+        cloud:
+          domain: "127.0.0.1.nip.io"
+          port: ""
+          regionUID: "thisiaregionuid"
+          certSecretName: "wildcard-cert"
+        common:
+          guideEnabled: "false"
+          apiEnabled: "false"
+          rechargeEnabled: "false"
+          cfSiteKey: ""
+        database:
+          mongodbUri: "thisismongodburi"
+          globalCockroachdbURI: "thisisglobalcockroachdburi"
+          regionalCockroachdbURI: "thisisregionalcockroachdburi"
+        desktop:
+          layout:
+            title: "Sealos Cloud"
+            logo: "/logo.png"
+            backgroundImage: "/images/bg-blue.svg"
+            meta:
+              title: "Sealos Cloud"
+              description: "Sealos Cloud"
+              keywords: "Sealos Cloud"
+              scripts: []
+            common:
+              githubStarEnabled: "false"
+          auth:
+            proxyAddress: ""
+            callbackURL: "https://127.0.0.1.nip.io/callback"
+            signUpEnabled: "true"
+            baiduToken: ""
+            invite:
+              enabled: "false"
+            jwt:
+              internal: "thisisinternaljwt"
+              regional: "thisisregionaljwt"
+              global: "thisisglobaljwt"
+            idp:
+              password:
+                enabled: "true"
+                salt: "thisispasswordsalt"
+    
 ```
 
-*Please make sure `spec.match` is the same as the image you want to run*
-
 ### How to run
 
 ```shell
 sealos run \
     --env cloudDomain="127.0.0.1.nip.io" \
     --env wildcardCertSecretName="wildcard-cert" \
-    --env passwordEnabled="true" \
     docker.io/labring/sealos-cloud-desktop:latest \
     --config-file desktop-config.yaml 
 ```
diff --git a/frontend/desktop/deploy/manifests/configmap.yaml b/frontend/desktop/deploy/manifests/configmap.yaml
new file mode 100644
index 00000000000..9686586c600
--- /dev/null
+++ b/frontend/desktop/deploy/manifests/configmap.yaml
@@ -0,0 +1,48 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: desktop-frontend-config
+  namespace: sealos
+data:
+  config.yaml : |
+    cloud:
+      domain: "127.0.0.1.nip.io"
+      port: ""
+      regionUID: "thisiaregionuid"
+      certSecretName: "wildcard-cert"
+    common:
+      guideEnabled: "false"
+      apiEnabled: "false"
+      rechargeEnabled: "false"
+      cfSiteKey: ""
+    database:
+      mongodbUri: "thisismongodburi"
+      globalCockroachdbURI: "thisisglobalcockroachdburi"
+      regionalCockroachdbURI: "thisisregionalcockroachdburi"
+    desktop:
+      layout:
+        title: "Sealos Cloud"
+        logo: "/logo.png"
+        backgroundImage: "/images/bg-blue.svg"
+        meta:
+          title: "Sealos Cloud"
+          description: "Sealos Cloud"
+          keywords: "Sealos Cloud"
+          scripts: []
+        common:
+          githubStarEnabled: "false"
+      auth:
+        proxyAddress: ""
+        callbackURL: "https://127.0.0.1.nip.io/callback"
+        signUpEnabled: "true"
+        baiduToken: ""
+        invite:
+          enabled: "false"
+        jwt:
+          internal: "thisisinternaljwt"
+          regional: "thisisregionaljwt"
+          global: "thisisglobaljwt"
+        idp:
+          password:
+            enabled: "true"
+            salt: "thisispasswordsalt"
\ No newline at end of file
diff --git a/frontend/desktop/deploy/manifests/deploy.yaml.tmpl b/frontend/desktop/deploy/manifests/deploy.yaml.tmpl
index 2b11b703a54..fa7d94bd913 100644
--- a/frontend/desktop/deploy/manifests/deploy.yaml.tmpl
+++ b/frontend/desktop/deploy/manifests/deploy.yaml.tmpl
@@ -29,71 +29,6 @@ spec:
   selector:
     app: desktop-frontend
 ---
-apiVersion: v1
-kind: ConfigMap
-metadata:
-  name: desktop-frontend-config
-  namespace: sealos
-data:
-  config.yaml: |-
-    cloud:
-      domain: "{{ .cloudDomain }}"
-      port: "{{ .cloudPort }}"
-      regionUID: "{{ .regionUID }}"
-      certSecretName: "{{ .certSecretName }}"
-    common:
-      guideEnabled: "{{ .guideEnabled }}"
-      apiEnabled: "{{ .apiEnabled }}"
-    database:
-      mongodbURI: "{{ .mongodbURI }}"
-      globalCockroachdbURI: "{{ .globalCockroachdbURI }}"
-      regionalCockroachdbURI: "{{ .regionalCockroachdbURI }}"
-    desktop:
-      layout:
-        title: "Sealos Cloud"
-        logo: ""
-        backgroundImage: ""
-        meta:
-          title: "Sealos Cloud"
-          description: "Sealos Cloud"
-          keywords: "Sealos Cloud"
-        common:
-          githubStarEnabled: "false"
-      login: # or auth?
-        password:
-          enabled: "{{ .passwordEnabled }}"
-          salt: "{{ .passwordSalt }}"
-        github:
-          enabled: "{{ .githubEnabled }}"
-          clientId: "{{ .githubClientID }}"
-          clientSecret: "{{ .githubClientSecret }}"
-        wechat:
-          enabled: "{{ .wechatEnabled }}"
-          clientId: "{{ .wechatClientID }}"
-          clientSecret: "{{ .wechatClientSecret }}"
-        sms:
-          ali:
-            enabled: "{{ .smsEnabled }}"
-            endpoint: "{{ .aliSmsEndpoint }}"
-            signName: "{{ .aliSmsSignName }}"
-            accessKeyId: "{{ .aliAccessKeyID }}"
-            accessKeySecret: "{{ .aliAccessKeySecret }}"
-        oauth2:
-          enabled: "{{ .oauth2Enabled }}"
-          callbackURL: "https://{{ .cloudDomain }}{{ if .cloudPort }}:{{ .cloudPort }}{{ end }}/callback"
-          clientId: "{{ .oauth2ClientId }}"
-          clientSecret: "{{ .oauth2ClientSecret }}"
-          authURL: "{{ .oauth2AuthURL }}"
-          tokenURL: "{{ .oauth2TokenURL }}"
-          userInfoURL: "{{ .oauth2UserInfoURL }}"
-      jwt:
-        internal: "{{ .jwtInternal }}"
-        regional: "{{ .jwtRegional }}"
-        global: "{{ .jwtGlobal }}"
-      components:
-        billingService:
-          uri: "{{ .billingURI }}"
----
 apiVersion: apps/v1
 kind: Deployment
 metadata:
@@ -120,150 +55,16 @@ spec:
           command: ["/bin/sh", "-c"]
           args:
             - |
+              export REGIONAL_COCKROACHDB_URI=$(cat /app/data/config.yaml | awk '/regionalCockroachdbUri:/ {print $2}' | tr -d '"')
+              export GLOBAL_COCKROACHDB_URI=$(cat /app/data/config.yaml | awk '/globalCockroachdbUri:/ {print $2}' | tr -d '"')
               prisma migrate deploy --schema /app/desktop/prisma/global/schema.prisma
               prisma migrate deploy --schema /app/desktop/prisma/region/schema.prisma
-          env:
-            - name: GLOBAL_DATABASE_URL
-              valueFrom:
-                secretKeyRef:
-                  key: global_database_url
-                  name: desktop-frontend-secret
-            - name: REGION_DATABASE_URL
-              valueFrom:
-                secretKeyRef:
-                  key: region_database_url
-                  name: desktop-frontend-secret
+          volumeMounts:
+            - mountPath: /app/data/config.yaml
+              name: desktop-frontend-volume
+              subPath: config.yaml
       containers:
         - name: desktop-frontend
-          env:
-            # callback url is used for oauth2 login, required
-            - name: CALLBACK_URL
-              value: https://{{ .cloudDomain }}{{ if .cloudPort }}:{{ .cloudPort }}{{ end }}/callback
-            # mongodb uri, required
-            - name: MONGODB_URI
-              valueFrom:
-                secretKeyRef:
-                  name: desktop-frontend-secret
-                  key: mongodb_uri
-            # jwt secret, required
-            - name: JWT_SECRET
-              valueFrom:
-                secretKeyRef:
-                  name: desktop-frontend-secret
-                  key: jwt_secret
-
-            # set to true to enable password login, modify the PASSWORD_SALT env to change the salt
-            - name: PASSWORD_ENABLED
-              value: '{{ .passwordEnabled }}'
-            # set to true to enable github login
-            - name: GITHUB_ENABLED
-              value: '{{ .githubEnabled }}'
-            # set to true to enable wechat login
-            - name: WECHAT_ENABLED
-              value: '{{ .wechatEnabled }}'
-            # set to true to enable sms login
-            - name: SMS_ENABLED
-              value: '{{ .smsEnabled }}'
-            # set to true to enable sign up
-            - name: SIGN_UP_ENABLED
-              value: '{{ .signUpEnabled }}'
-            # set to true to open api
-            - name: API_ENABLED
-              value: '{{ .apiEnabled }}'
-            # password login env
-            - name: PASSWORD_SALT
-              valueFrom:
-                secretKeyRef:
-                  name: desktop-frontend-secret
-                  key: password_salt
-            # github login env
-            - name: GITHUB_CLIENT_ID
-              valueFrom:
-                secretKeyRef:
-                  name: desktop-frontend-secret
-                  key: github_client_id
-                  optional: true
-            - name: GITHUB_CLIENT_SECRET
-              valueFrom:
-                secretKeyRef:
-                  name: desktop-frontend-secret
-                  key: github_client_secret
-                  optional: true
-            # wechat login env
-            - name: WECHAT_CLIENT_ID
-              valueFrom:
-                secretKeyRef:
-                  name: desktop-frontend-secret
-                  key: wechat_client_id
-                  optional: true
-            - name: WECHAT_CLIENT_SECRET
-              valueFrom:
-                secretKeyRef:
-                  name: desktop-frontend-secret
-                  key: wechat_client_secret
-                  optional: true
-            # sms login env
-            - name: ALI_ENDPOINT
-              valueFrom:
-                secretKeyRef:
-                  name: desktop-frontend-secret
-                  key: ali_sms_endpoint
-                  optional: true
-            - name: ALI_ACCESS_KEY_ID
-              valueFrom:
-                secretKeyRef:
-                  name: desktop-frontend-secret
-                  key: ali_access_key_id
-                  optional: true
-            - name: ALI_ACCESS_KEY_SECRET
-              valueFrom:
-                secretKeyRef:
-                  name: desktop-frontend-secret
-                  key: ali_access_key_secret
-                  optional: true
-            - name: ALI_SIGN_NAME
-              valueFrom:
-                secretKeyRef:
-                  name: desktop-frontend-secret
-                  key: ali_sms_sign_name
-                  optional: true
-            - name: ALI_TEMPLATE_CODE
-              valueFrom:
-                secretKeyRef:
-                  name: desktop-frontend-secret
-                  key: ali_sms_template_code
-                  optional: true
-            - name: SEALOS_CLOUD_DOMAIN
-              value: {{ .cloudDomain }}
-            - name: INVITE_ENABLED
-              value: "false"
-            - name: GUIDE_ENABLED
-              value: "false"
-            - name: GLOBAL_DATABASE_URL
-              valueFrom:
-                secretKeyRef:
-                  key: global_database_url
-                  name: desktop-frontend-secret
-            - name: REGION_DATABASE_URL
-              valueFrom:
-                secretKeyRef:
-                  key: region_database_url
-                  name: desktop-frontend-secret
-            - name: JWT_SECRET_REGION
-              valueFrom:
-                secretKeyRef:
-                  key: jwt_secret_region
-                  name: desktop-frontend-secret
-            - name: JWT_SECRET_APP
-              valueFrom:
-                secretKeyRef:
-                  key: jwt_secret_app
-                  name: desktop-frontend-secret
-            - name: REGION_UID
-              valueFrom:
-                secretKeyRef:
-                  key: region_uid
-                  name: desktop-frontend-secret
           securityContext:
             runAsNonRoot: true
             runAsUser: 1001
@@ -274,12 +75,9 @@ spec:
           image: ghcr.io/labring/sealos-desktop-frontend:latest
           imagePullPolicy: IfNotPresent
           volumeMounts:
-            - name: desktop-frontend-volume
-              mountPath: /config.yaml
-              subPath: config.yaml
-            - mountPath: /app/data/config.json
+            - mountPath: /app/data/config.yaml
               name: desktop-frontend-volume
-              subPath: config.json
+              subPath: config.yaml
           resources:
             limits:
               cpu: 2000m
@@ -290,16 +88,16 @@ spec:
       affinity:
         podAntiAffinity:
           preferredDuringSchedulingIgnoredDuringExecution:
-          - weight: 100
-            podAffinityTerm:
-              labelSelector:
-                matchExpressions:
-                - key: "app"
-                  operator: In
-                  values:
-                  - desktop-frontend
-              topologyKey: "kubernetes.io/hostname"
+            - weight: 100
+              podAffinityTerm:
+                labelSelector:
+                  matchExpressions:
+                    - key: "app"
+                      operator: In
+                      values:
+                        - desktop-frontend
+                topologyKey: "kubernetes.io/hostname"
       volumes:
         - name: desktop-frontend-volume
           configMap:
-            name: desktop-frontend-config
+            name: desktop-frontend-config
\ No newline at end of file
diff --git a/frontend/desktop/deploy/manifests/secret.yaml b/frontend/desktop/deploy/manifests/secret.yaml
deleted file mode 100644
index e0015351075..00000000000
--- a/frontend/desktop/deploy/manifests/secret.yaml
+++ /dev/null
@@ -1,46 +0,0 @@
-apiVersion: v1
-kind: Secret
-metadata:
-  name: desktop-frontend-secret
-  namespace: sealos
-type: Opaque
-data:
-  # base64 encoded mongodb uri, required
-  mongodb_uri: ""
-  # base64 encoded cockroachdb uri for global, required
-  global_database_url: ""
-  # base64 encoded cockroachdb uri for current region, required
-  region_database_url: ""
-  # base64 encoded jwt secret, required
-  jwt_secret: ""
-  # base64 encoded global jwt secret, required
-  jwt_secret_region: ""
-  # base64 encoded provider jwt secret, required
-  jwt_secret_app: ""
-
-  # base64 encoded password salt, required if env PASSWORD_ENABLED is true
-  # please use a random string and do not change it after deployment
-  password_salt: ""
-
-  # base64 encoded GitHub client id, required if env GITHUB_ENABLED is true
-  github_client_id: ""
-  # base64 encoded GitHub client secret, required if env GITHUB_ENABLED is true
-  github_client_secret: ""
-
-  # base64 encoded WeChat client id, required if env WECHAT_ENABLED is true
-  wechat_client_id: ""
-  # base64 encoded WeChat client secret, required if env WECHAT_ENABLED is true
-  wechat_client_secret: ""
-
-  # base64 encoded ali sms endpoint, required if env SMS_ENABLED is true
-  ali_sms_endpoint: ""
-  # base64 encoded ali access key id, required if env SMS_ENABLED is true
-  ali_access_key_id: ""
-  # base64 encoded ali access key secret, required if env SMS_ENABLED is true
-  ali_access_key_secret: ""
-  # base64 encoded ali sms sign name, required if env SMS_ENABLED is true
-  ali_sms_sign_name: ""
-  # base64 encoded ali sms template code, required if env SMS_ENABLED is true
-  ali_sms_template_code: ""
-
-
diff --git a/frontend/desktop/deploy/scripts/init.sh b/frontend/desktop/deploy/scripts/init.sh
index 5cb30604031..34834827549 100644
--- a/frontend/desktop/deploy/scripts/init.sh
+++ b/frontend/desktop/deploy/scripts/init.sh
@@ -1,13 +1,10 @@
 #!/bin/bash
-
 set -ex
-
 kubectl apply -f manifests/deploy.yaml -f manifests/rbac.yaml -f manifests/ingress.yaml
-
-secret_exists=$(kubectl get secret desktop-frontend-secret -n sealos --ignore-not-found=true)
-if [[ -n "$secret_exists" ]]; then
-  echo "desktop-frontend-secret already exists, skip create desktop secret"
+cm_exists=$(kubectl get cm desktop-frontend-config -n sealos --ignore-not-found=true)
+if [[ -n "cm_exists" ]]; then
+  echo "desktop-frontend-config already exists, skip create desktop config"
 else
-  echo "create desktop secret"
-  kubectl apply -f manifests/secret.yaml --validate=false
+  echo "create desktop config"
+  kubectl apply -f manifests/config.yaml --validate=false
 fi

From fc22b34d2a455993f193b6aa01493bd2208172d9 Mon Sep 17 00:00:00 2001
From: yy <lingdie.yy@outlook.com>
Date: Sun, 28 Apr 2024 16:24:29 +0800
Subject: [PATCH 07/11] chore: update build related files.

---
 frontend/desktop/data/config.yaml             |  2 +-
 .../desktop/deploy/manifests/configmap.yaml   | 87 ++++++++++---------
 2 files changed, 48 insertions(+), 41 deletions(-)

diff --git a/frontend/desktop/data/config.yaml b/frontend/desktop/data/config.yaml
index d780a423507..7c239365c6b 100644
--- a/frontend/desktop/data/config.yaml
+++ b/frontend/desktop/data/config.yaml
@@ -9,7 +9,7 @@ common:
   rechargeEnabled: "false"
   cfSiteKey: ""
 database:
-  mongodbUri: "thisismongodburi"
+  mongodbURI: "thisismongodburi"
   globalCockroachdbURI: "thisisglobalcockroachdburi"
   regionalCockroachdbURI: "thisisregionalcockroachdburi"
 desktop:
diff --git a/frontend/desktop/deploy/manifests/configmap.yaml b/frontend/desktop/deploy/manifests/configmap.yaml
index 9686586c600..ae98deaea2d 100644
--- a/frontend/desktop/deploy/manifests/configmap.yaml
+++ b/frontend/desktop/deploy/manifests/configmap.yaml
@@ -5,44 +5,51 @@ metadata:
   namespace: sealos
 data:
   config.yaml : |
-    cloud:
-      domain: "127.0.0.1.nip.io"
-      port: ""
-      regionUID: "thisiaregionuid"
-      certSecretName: "wildcard-cert"
-    common:
-      guideEnabled: "false"
-      apiEnabled: "false"
-      rechargeEnabled: "false"
-      cfSiteKey: ""
-    database:
-      mongodbUri: "thisismongodburi"
-      globalCockroachdbURI: "thisisglobalcockroachdburi"
-      regionalCockroachdbURI: "thisisregionalcockroachdburi"
-    desktop:
-      layout:
-        title: "Sealos Cloud"
-        logo: "/logo.png"
-        backgroundImage: "/images/bg-blue.svg"
-        meta:
-          title: "Sealos Cloud"
-          description: "Sealos Cloud"
-          keywords: "Sealos Cloud"
-          scripts: []
+    apiVersion: v1
+    kind: ConfigMap
+    metadata:
+      name: desktop-frontend-config
+      namespace: sealos
+    data:
+      config.yaml : |
+        cloud:
+          domain: "{{ .cloudDomain }}"
+          port: "{{ .cloudPort }}"
+          regionUID: "<your-local-region-uid-base64>"
+          certSecretName: "{{ .certSecretName }}"
         common:
-          githubStarEnabled: "false"
-      auth:
-        proxyAddress: ""
-        callbackURL: "https://127.0.0.1.nip.io/callback"
-        signUpEnabled: "true"
-        baiduToken: ""
-        invite:
-          enabled: "false"
-        jwt:
-          internal: "thisisinternaljwt"
-          regional: "thisisregionaljwt"
-          global: "thisisglobaljwt"
-        idp:
-          password:
-            enabled: "true"
-            salt: "thisispasswordsalt"
\ No newline at end of file
+          guideEnabled: "false"
+          apiEnabled: "false"
+          rechargeEnabled: "false"
+          cfSiteKey: ""
+        database:
+          mongodbURI: "<your-mongodb-uri-base64>"
+          globalCockroachdbURI: "<your-global-database-url-base64>"
+          regionalCockroachdbURI: "<your-region-database-url-base64>"
+        desktop:
+          layout:
+            title: "Sealos Cloud"
+            logo: "/logo.png"
+            backgroundImage: "/images/bg-blue.svg"
+            meta:
+              title: "Sealos Cloud"
+              description: "Sealos Cloud"
+              keywords: "Sealos Cloud"
+              scripts: []
+            common:
+              githubStarEnabled: "true"
+          auth:
+            proxyAddress: ""
+            callbackURL: "https://{{ .cloudDomain }}{{ if .cloudPort }}:{{ .cloudPort }}{{ end }}/callback"
+            signUpEnabled: "true"
+            baiduToken: ""
+            invite:
+              enabled: "false"
+            jwt:
+              internal: "<your-jwt-secret-base64>"
+              regional: "<your-jwt-secret-base64>"
+              global: "<your-jwt-secret-base64>"
+            idp:
+              password:
+                enabled: "true"
+                salt: "<your-password-salt-base64>"
\ No newline at end of file

From 4d985e43385bd61de5f8597b80a65330f53216b0 Mon Sep 17 00:00:00 2001
From: yy <lingdie.yy@outlook.com>
Date: Sun, 28 Apr 2024 17:14:43 +0800
Subject: [PATCH 08/11] chore: update sealos cloud cluster image to adapt
 desktop using yaml as config. Signed-off-by: yy <lingdie.yy@outlook.com>

Signed-off-by: yy <lingdie.yy@outlook.com>
---
 deploy/cloud/etc/sealos/desktop-config.yaml | 60 +++++++++++++++++----
 deploy/cloud/scripts/init.sh                | 27 +++++-----
 2 files changed, 63 insertions(+), 24 deletions(-)

diff --git a/deploy/cloud/etc/sealos/desktop-config.yaml b/deploy/cloud/etc/sealos/desktop-config.yaml
index 12dd3f42961..6564d29b550 100644
--- a/deploy/cloud/etc/sealos/desktop-config.yaml
+++ b/deploy/cloud/etc/sealos/desktop-config.yaml
@@ -3,16 +3,54 @@ kind: Config
 metadata:
   name: secret
 spec:
-  path: manifests/secret.yaml
-  # do not modify this image, it's used by ci.
-  match: ghcr.io/labring/sealos-cloud-desktop-frontend:latest
-  strategy: merge
+  path: manifests/configmap.yaml
+  strategy: override
   data: |
+    apiVersion: v1
+    kind: ConfigMap
+    metadata:
+      name: desktop-frontend-config
+      namespace: sealos
     data:
-      mongodb_uri: <your-mongodb-uri-base64>
-      jwt_secret: <your-jwt-secret-base64>
-      password_salt: <your-password-salt-base64>
-      jwt_secret_region: <your-jwt-secret-region-base64>
-      region_database_url: <your-region-database-url-base64>
-      global_database_url: <your-global-database-url-base64>
-      region_uid: <your-local-region-uid-base64>
+      config.yaml : |
+        cloud:
+          domain: "{{ .cloudDomain }}"
+          port: "{{ .cloudPort }}"
+          regionUID: "<your-local-region-uid>"
+          certSecretName: "{{ .certSecretName }}"
+        common:
+          guideEnabled: "false"
+          apiEnabled: "false"
+          rechargeEnabled: "false"
+          cfSiteKey: ""
+        database:
+          mongodbURI: "<your-mongodb-uri>"
+          globalCockroachdbURI: "<your-global-database-url>"
+          regionalCockroachdbURI: "<your-regional-database-url>"
+        desktop:
+          layout:
+            title: "Sealos Cloud"
+            logo: "/logo.png"
+            backgroundImage: "/images/bg-blue.svg"
+            meta:
+              title: "Sealos Cloud"
+              description: "Sealos Cloud"
+              keywords: "Sealos Cloud"
+              scripts: []
+            common:
+              githubStarEnabled: "true"
+          auth:
+            proxyAddress: ""
+            callbackURL: "https://{{ .cloudDomain }}{{ if .cloudPort }}:{{ .cloudPort }}{{ end }}/callback"
+            signUpEnabled: "true"
+            baiduToken: ""
+            invite:
+              enabled: "false"
+            jwt:
+              internal: "<your-internal-jwt-secret>"
+              regional: "<your-regional-jwt-secret>"
+              global: "<your-global-jwt-secret>"
+            idp:
+              password:
+                enabled: "true"
+                salt: "<your-password-salt>"
\ No newline at end of file
diff --git a/deploy/cloud/scripts/init.sh b/deploy/cloud/scripts/init.sh
index eb9e4387f15..2ea6070779e 100644
--- a/deploy/cloud/scripts/init.sh
+++ b/deploy/cloud/scripts/init.sh
@@ -135,32 +135,33 @@ function gen_cockroachdbUri() {
 }
 
 function gen_saltKey() {
-    password_salt=$(kubectl get secret desktop-frontend-secret -n sealos -o jsonpath="{.data.password_salt}" 2>/dev/null || true)
+    password_salt=$(kubectl get configmap desktop-frontend-config -n sealos -o jsonpath='{.data.config\.yaml}' | grep "salt:" | awk '{print $2}' 2>/dev/null || true)
     if [[ -z "$password_salt" ]]; then
-        saltKey=$(tr -dc 'a-z0-9' </dev/urandom | head -c64 | base64 -w 0)
+        saltKey=$(tr -dc 'a-z0-9' </dev/urandom | head -c64)
     else
         saltKey=$password_salt
     fi
 }
 
 function gen_regionUID(){
-    uid=$(kubectl get secret desktop-frontend-secret -n sealos -o jsonpath="{.data.region_uid}" 2>/dev/null || true)
+    uid=$(kubectl get configmap desktop-frontend-config -n sealos -o jsonpath='{.data.config\.yaml}' | grep "regionUID:" | awk '{print $2}' 2>/dev/null || true)
     if [[ -z "$uid" ]]; then
         localRegionUID=$(uuidgen)
     else
-        localRegionUID=$(echo -n "$uid" | base64 -d)
+        localRegionUID=$(echo -n "$uid")``
     fi
 }
 
 function mutate_desktop_config() {
-    # mutate etc/sealos/desktop-config.yaml by using mongodb uri and two random base64 string
-    sed -i -e "s;<your-mongodb-uri-base64>;$(echo -n "${mongodbUri}/sealos-auth?authSource=admin" | base64 -w 0);" etc/sealos/desktop-config.yaml
-    sed -i -e "s;<your-jwt-secret-base64>;$(tr -cd 'a-z0-9' </dev/urandom | head -c64 | base64 -w 0);" etc/sealos/desktop-config.yaml
-    sed -i -e "s;<your-jwt-secret-region-base64>;$(tr -cd 'a-z0-9' </dev/urandom | head -c64 | base64 -w 0);" etc/sealos/desktop-config.yaml
-    sed -i -e "s;<your-password-salt-base64>;$saltKey;" etc/sealos/desktop-config.yaml
-    sed -i -e "s;<your-region-database-url-base64>;$(echo -n "${cockroachdbLocalUri}" | base64 -w 0);" etc/sealos/desktop-config.yaml
-    sed -i -e "s;<your-global-database-url-base64>;$(echo -n "${cockroachdbGlobalUri}" | base64 -w 0);" etc/sealos/desktop-config.yaml
-    sed -i -e "s;<your-local-region-uid-base64>;$(echo -n "${localRegionUID}" | base64 -w 0);" etc/sealos/desktop-config.yaml
+    # mutate etc/sealos/desktop-config.yaml by using mongodb uri and two random string
+    sed -i -e "s;<your-mongodb-uri>;$(echo -n "${mongodbUri}/sealos-auth?authSource=admin");" etc/sealos/desktop-config.yaml
+    sed -i -e "s;<your-internal-jwt-secret>;$(tr -cd 'a-z0-9' </dev/urandom | head -c64);" etc/sealos/desktop-config.yaml
+    sed -i -e "s;<your-regional-jwt-secret>;$(tr -cd 'a-z0-9' </dev/urandom | head -c64);" etc/sealos/desktop-config.yaml
+    sed -i -e "s;<your-global-jwt-secret>;$(tr -cd 'a-z0-9' </dev/urandom | head -c64);" etc/sealos/desktop-config.yaml
+    sed -i -e "s;<your-password-salt>;$saltKey;" etc/sealos/desktop-config.yaml
+    sed -i -e "s;<your-regional-database-url>;$(echo -n "${cockroachdbLocalUri}");" etc/sealos/desktop-config.yaml
+    sed -i -e "s;<your-global-database-url>;$(echo -n "${cockroachdbGlobalUri}");" etc/sealos/desktop-config.yaml
+    sed -i -e "s;<your-local-region-uid>;$(echo -n "${localRegionUID}");" etc/sealos/desktop-config.yaml
 }
 
 function create_tls_secret {
@@ -223,7 +224,7 @@ function sealos_run_controller {
 
 
 function sealos_authorize {
-  sealos run tars/job-init.tar --env PASSWORD_SALT="$(echo -n "$saltKey" | base64 -d)"
+  sealos run tars/job-init.tar --env PASSWORD_SALT="$(echo -n "$saltKey")"
   sealos run tars/job-heartbeat.tar
 
   # wait for admin user create

From b6ad0bf68d75d49e34c4d2a61c2bd68fb2581417 Mon Sep 17 00:00:00 2001
From: yy <lingdie.yy@outlook.com>
Date: Tue, 30 Apr 2024 14:52:24 +0800
Subject: [PATCH 09/11] chore: update build related files.

---
 frontend/desktop/src/pages/api/platform/getAuthConfig.ts  | 2 +-
 frontend/desktop/src/pages/api/platform/getCloudConfig.ts | 5 ++++-
 2 files changed, 5 insertions(+), 2 deletions(-)

diff --git a/frontend/desktop/src/pages/api/platform/getAuthConfig.ts b/frontend/desktop/src/pages/api/platform/getAuthConfig.ts
index 3d8e0fb6c0c..bbcfafbb1d1 100644
--- a/frontend/desktop/src/pages/api/platform/getAuthConfig.ts
+++ b/frontend/desktop/src/pages/api/platform/getAuthConfig.ts
@@ -65,7 +65,7 @@ export async function getAuthConfig(): Promise<AuthConfigType> {
     }
     return genResAuthConfig(global.AppConfig.desktop.auth);
   } catch (error) {
-    console.log('-getLayoutConfig-', error);
+    console.log('-getAuthConfig-', error);
     return DefaultAuthConfig;
   }
 }
diff --git a/frontend/desktop/src/pages/api/platform/getCloudConfig.ts b/frontend/desktop/src/pages/api/platform/getCloudConfig.ts
index 8ecd50f3ac3..e3383af6d3d 100644
--- a/frontend/desktop/src/pages/api/platform/getCloudConfig.ts
+++ b/frontend/desktop/src/pages/api/platform/getCloudConfig.ts
@@ -3,6 +3,7 @@ import { AppConfigType, CloudConfigType, DefaultCloudConfig } from '@/types/syst
 import { readFileSync } from 'fs';
 import type { NextApiRequest, NextApiResponse } from 'next';
 import yaml from 'js-yaml';
+import process from 'process';
 
 export default async function handler(req: NextApiRequest, res: NextApiResponse) {
   const config = await getCloudConfig();
@@ -23,7 +24,9 @@ export async function getCloudConfig(): Promise<CloudConfigType> {
   try {
     if (!global.AppConfig) {
       const filename =
-        process.env.NODE_ENV === 'development' ? 'data/config.yaml.local' : '/app/data/config.yaml';
+        process.env.NODE_ENV === 'development'
+          ? process.env.CONFIG_PATH || 'data/config.yaml.local'
+          : '/app/data/config.yaml';
       global.AppConfig = yaml.load(readFileSync(filename, 'utf-8')) as AppConfigType;
     }
     console.log('global.AppConfig', global.AppConfig);

From 2b6a4ce4536b2e0616caaa7872e715134b60366f Mon Sep 17 00:00:00 2001
From: xudaotutou <13435638964@163.com>
Date: Wed, 8 May 2024 11:24:48 +0800
Subject: [PATCH 10/11] merge(desktop):merge config (#33)

chore(desktop):fix type error
---
 frontend/desktop/data/config.yaml             |   2 +-
 frontend/desktop/src/api/platform.ts          |  12 +-
 .../src/components/signin/auth/AuthList.tsx   | 228 +++++++++---------
 .../desktop/src/components/signin/index.tsx   |   7 +-
 .../src/components/user_menu/index.tsx        |   2 +-
 .../src/pages/api/platform/getAppConfig.ts    |  31 +--
 .../src/pages/api/platform/getAuthConfig.ts   |  64 ++---
 .../src/pages/api/platform/getCloudConfig.ts  |   1 -
 .../src/pages/api/platform/getCommonConfig.ts |  23 +-
 frontend/desktop/src/pages/index.tsx          |   1 +
 frontend/desktop/src/pages/signin.tsx         |   2 +-
 frontend/desktop/src/stores/config.ts         |  20 +-
 frontend/desktop/src/types/system.ts          |  78 +++++-
 frontend/desktop/src/types/tools.ts           |  31 +++
 frontend/packages/client-sdk/src/app.ts       |   7 +-
 .../providers/applaunchpad/next.config.js     |  14 +-
 .../applaunchpad/src/store/global.ts          |  10 +-
 .../cloudserver/next-i18next.config.js        |   2 +-
 frontend/providers/cloudserver/next.config.js |  18 +-
 frontend/providers/cloudserver/tsconfig.json  |  18 +-
 frontend/providers/invite/next.config.js      |   8 +-
 frontend/providers/template/next.config.js    |  20 +-
 22 files changed, 344 insertions(+), 255 deletions(-)
 create mode 100644 frontend/desktop/src/types/tools.ts

diff --git a/frontend/desktop/data/config.yaml b/frontend/desktop/data/config.yaml
index 7c239365c6b..38aba08f427 100644
--- a/frontend/desktop/data/config.yaml
+++ b/frontend/desktop/data/config.yaml
@@ -61,4 +61,4 @@ desktop:
 #          clientSecret: "{{ .oauth2ClientSecret }}"
 #          authURL: "{{ .oauth2AuthURL }}"
 #          tokenURL: "{{ .oauth2TokenURL }}"
-#          userInfoURL: "{{ .oauth2UserInfoURL }}"
\ No newline at end of file
+#          userInfoURL: "{{ .oauth2UserInfoURL }}"
diff --git a/frontend/desktop/src/api/platform.ts b/frontend/desktop/src/api/platform.ts
index 7dea37c7680..35dac9e942b 100644
--- a/frontend/desktop/src/api/platform.ts
+++ b/frontend/desktop/src/api/platform.ts
@@ -3,9 +3,11 @@ import {
   ApiResp,
   NotificationItem,
   LayoutConfigType,
-  AppConfigType,
   CloudConfigType,
-  AuthConfigType
+  AuthClientConfigType,
+  AppClientConfigType,
+  CommonConfigType,
+  CommonClientConfigType
 } from '@/types';
 import { AccountCRD } from '@/types/user';
 
@@ -33,7 +35,7 @@ export const getUserAccount = () => {
 };
 
 export const getAppConfig = () => {
-  return request.get<AppConfigType>('/api/platform/getAppConfig');
+  return request.get<AppClientConfigType>('/api/platform/getAppConfig');
 };
 
 export const getCloudConfig = () => {
@@ -41,7 +43,7 @@ export const getCloudConfig = () => {
 };
 
 export const getCommonConfig = () => {
-  return request.get<AppConfigType>('/api/platform/getCommonConfig');
+  return request.get<CommonClientConfigType>('/api/platform/getCommonConfig');
 };
 
 export const getLayoutConfig = () => {
@@ -49,7 +51,7 @@ export const getLayoutConfig = () => {
 };
 
 export const getAuthConfig = () => {
-  return request.get<AuthConfigType>('/api/platform/getAuthConfig');
+  return request.get<AuthClientConfigType>('/api/platform/getAuthConfig');
 };
 
 export const getPriceBonus = () => {
diff --git a/frontend/desktop/src/components/signin/auth/AuthList.tsx b/frontend/desktop/src/components/signin/auth/AuthList.tsx
index f4c981647ee..49b721dfabc 100644
--- a/frontend/desktop/src/components/signin/auth/AuthList.tsx
+++ b/frontend/desktop/src/components/signin/auth/AuthList.tsx
@@ -4,128 +4,134 @@ import { OauthProvider } from '@/types/user';
 import { Button, Image, Flex, Icon, Center } from '@chakra-ui/react';
 import { GithubIcon, GoogleIcon, WechatIcon } from '@sealos/ui';
 import { useRouter } from 'next/router';
-import { MouseEventHandler } from 'react';
+import { MouseEventHandler, useMemo } from 'react';
 const AuthList = () => {
   const conf = useConfigStore().authConfig;
-  const oauthLogin = async ({ url, provider }: { url: string; provider?: OauthProvider }) => {
-    setProvider(provider);
-    window.location.href = url;
-  };
 
   const router = useRouter();
 
-  const oauthProxyLogin = async ({
-    state,
-    provider,
-    id
-  }: {
-    state: string;
-    provider: OauthProvider;
-    id: string;
-  }) => {
-    setProvider(provider);
-    const target = new URL(conf?.proxyAddress as string);
-    const callback = new URL(conf?.callbackURL as string);
-    callback.searchParams.append('state', state);
-    target.searchParams.append('oauthProxyState', callback.toString());
-    target.searchParams.append('oauthProxyClientID', id);
-    target.searchParams.append('oauthProxyProvider', provider);
-    router.replace(target.toString());
-  };
   const logo = useConfigStore().layoutConfig?.logo;
 
   const { generateState, setProvider } = useSessionStore();
-  const authList: { icon: typeof Icon; cb: MouseEventHandler; need: boolean }[] = [
-    {
-      icon: GithubIcon,
-      cb: (e) => {
-        e.preventDefault();
-        const state = generateState();
-        const githubConf = conf?.idp.github;
-        if (conf?.proxyAddress)
-          oauthProxyLogin({
-            provider: 'github',
-            state,
-            id: githubConf?.clientID as string
-          });
-        else
-          oauthLogin({
-            provider: 'github',
-            url: `https://github.com/login/oauth/authorize?client_id=${githubConf?.clientID}&redirect_uri=${conf?.callbackURL}&scope=user:email%20read:user&state=${state}`
-          });
+  const authList: { icon: typeof Icon; cb: MouseEventHandler; need: boolean }[] = useMemo(() => {
+    if (!conf) return [];
+    const oauthLogin = async ({ url, provider }: { url: string; provider?: OauthProvider }) => {
+      setProvider(provider);
+      window.location.href = url;
+    };
+    const oauthProxyLogin = async ({
+      state,
+      provider,
+      id
+    }: {
+      state: string;
+      provider: OauthProvider;
+      id: string;
+    }) => {
+      // if(!conf) return
+      setProvider(provider);
+      const target = new URL(conf.proxyAddress);
+      const callback = new URL(conf.callbackURL);
+      callback.searchParams.append('state', state);
+      target.searchParams.append('oauthProxyState', callback.toString());
+      target.searchParams.append('oauthProxyClientID', id);
+      target.searchParams.append('oauthProxyProvider', provider);
+      router.replace(target.toString());
+    };
+    return [
+      {
+        icon: GithubIcon,
+        cb: (e) => {
+          e.preventDefault();
+          const state = generateState();
+          const githubConf = conf?.idp.github;
+          if (conf?.proxyAddress)
+            oauthProxyLogin({
+              provider: 'github',
+              state,
+              id: githubConf?.clientID as string
+            });
+          else
+            oauthLogin({
+              provider: 'github',
+              url: `https://github.com/login/oauth/authorize?client_id=${githubConf?.clientID}&redirect_uri=${conf?.callbackURL}&scope=user:email%20read:user&state=${state}`
+            });
+        },
+        need: conf.idp.github.enabled
       },
-      need: conf?.idp.github?.enabled as boolean
-    },
-    {
-      icon: WechatIcon,
-      cb: (e) => {
-        const wechatConf = conf?.idp.wechat;
-        e.preventDefault();
-        const state = generateState();
-        if (conf?.proxyAddress)
-          oauthProxyLogin({
-            provider: 'wechat',
-            state,
-            id: conf?.idp.wechat?.clientID as string
-          });
-        else
-          oauthLogin({
-            provider: 'wechat',
-            url: `https://open.weixin.qq.com/connect/qrconnect?appid=${wechatConf?.clientID}&redirect_uri=${conf?.callbackURL}&response_type=code&state=${state}&scope=snsapi_login&#wechat_redirect`
-          });
+      {
+        icon: WechatIcon,
+        cb: (e) => {
+          const wechatConf = conf?.idp.wechat;
+          e.preventDefault();
+          const state = generateState();
+          if (conf.proxyAddress)
+            oauthProxyLogin({
+              provider: 'wechat',
+              state,
+              id: conf.idp.wechat?.clientID
+            });
+          else
+            oauthLogin({
+              provider: 'wechat',
+              url: `https://open.weixin.qq.com/connect/qrconnect?appid=${wechatConf?.clientID}&redirect_uri=${conf?.callbackURL}&response_type=code&state=${state}&scope=snsapi_login&#wechat_redirect`
+            });
+        },
+        need: conf?.idp.wechat?.enabled as boolean
       },
-      need: conf?.idp.wechat?.enabled as boolean
-    },
-    {
-      icon: GoogleIcon,
-      cb: (e) => {
-        e.preventDefault();
-        const state = generateState();
-        const googleConf = conf?.idp.google;
-        const scope = encodeURIComponent(`https://www.googleapis.com/auth/userinfo.profile openid`);
-        if (conf?.proxyAddress)
-          oauthProxyLogin({
-            state,
-            provider: 'google',
-            id: googleConf?.clientID as string
-          });
-        else
-          oauthLogin({
-            provider: 'google',
-            url: `https://accounts.google.com/o/oauth2/v2/auth?client_id=${
-              googleConf?.clientID as string
-            }&redirect_uri=${
-              conf?.callbackURL
-            }&response_type=code&state=${state}&scope=${scope}&include_granted_scopes=true`
-          });
+      {
+        icon: GoogleIcon,
+        cb: (e) => {
+          e.preventDefault();
+          const state = generateState();
+          const googleConf = conf?.idp.google;
+          const scope = encodeURIComponent(
+            `https://www.googleapis.com/auth/userinfo.profile openid`
+          );
+          if (conf.proxyAddress)
+            oauthProxyLogin({
+              state,
+              provider: 'google',
+              id: googleConf?.clientID as string
+            });
+          else
+            oauthLogin({
+              provider: 'google',
+              url: `https://accounts.google.com/o/oauth2/v2/auth?client_id=${
+                googleConf?.clientID as string
+              }&redirect_uri=${
+                conf?.callbackURL
+              }&response_type=code&state=${state}&scope=${scope}&include_granted_scopes=true`
+            });
+        },
+        need: conf.idp.google.enabled as boolean
       },
-      need: conf?.idp.google?.enabled as boolean
-    },
-    {
-      icon: () => (
-        <Center>
-          <Image alt="logo" width={'20px'} src={logo || '/logo.svg'}></Image>
-        </Center>
-      ),
-      cb: (e) => {
-        e.preventDefault();
-        const state = generateState();
-        const oauth2Conf = conf?.idp.oauth2;
-        if (conf?.proxyAddress)
-          oauthProxyLogin({
-            provider: 'oauth2',
-            state,
-            id: oauth2Conf?.clientID as string
-          });
-        else
-          oauthLogin({
-            provider: 'oauth2',
-            url: `${oauth2Conf?.authURL}?client_id=${oauth2Conf?.clientID}&redirect_uri=${oauth2Conf?.callbackURL}&response_type=code&state=${state}`
-          });
-      },
-      need: conf?.idp.oauth2?.enabled as boolean
-    }
-  ];
+      {
+        icon: () => (
+          <Center>
+            <Image alt="logo" width={'20px'} src={logo || '/logo.svg'}></Image>
+          </Center>
+        ),
+        cb: (e) => {
+          e.preventDefault();
+          const state = generateState();
+          const oauth2Conf = conf?.idp.oauth2;
+          if (conf.proxyAddress)
+            oauthProxyLogin({
+              provider: 'oauth2',
+              state,
+              id: oauth2Conf.clientID as string
+            });
+          else
+            oauthLogin({
+              provider: 'oauth2',
+              url: `${oauth2Conf?.authURL}?client_id=${oauth2Conf.clientID}&redirect_uri=${oauth2Conf.callbackURL}&response_type=code&state=${state}`
+            });
+        },
+        need: conf.idp.oauth2?.enabled as boolean
+      }
+    ];
+  }, [conf, generateState, logo, router, setProvider]);
 
   return (
     <Flex gap={'14px'}>
diff --git a/frontend/desktop/src/components/signin/index.tsx b/frontend/desktop/src/components/signin/index.tsx
index 7b92f254b39..8c673c8d118 100644
--- a/frontend/desktop/src/components/signin/index.tsx
+++ b/frontend/desktop/src/components/signin/index.tsx
@@ -135,19 +135,18 @@ export default function SigninComponent() {
       showError(t('Read and agree'));
     }
   }, 500);
-
   return (
     <Box
       position={'relative'}
       overflow={'hidden'}
       w="100vw"
       h="100vh"
-      backgroundImage={`url(${conf.layoutConfig?.backgroundImage})`}
+      backgroundImage={`url(${conf.layoutConfig?.backgroundImage || ''})`}
       backgroundRepeat={'no-repeat'}
       backgroundSize={'cover'}
     >
       <Head>
-        <title>{conf.layoutConfig?.meta.title}</title>
+        <title>{conf.layoutConfig?.meta.title || ''}</title>
         <meta name="description" content={conf.layoutConfig?.meta.description} />
       </Head>
       <Flex h="full" w="full" flexDir={'column'} justifyContent={'center'} alignItems={'center'}>
@@ -201,7 +200,7 @@ export default function SigninComponent() {
                 <Tab px="0" _selected={{ color: 'white' }}>
                   {t('Password Login')}
                 </Tab>
-                {conf.authConfig?.idp.wechat?.enabled && (
+                {conf.authConfig?.idp.wechat.enabled && (
                   <Tab px="0" _selected={{ color: 'white' }}>
                     {t('Official account login')}
                   </Tab>
diff --git a/frontend/desktop/src/components/user_menu/index.tsx b/frontend/desktop/src/components/user_menu/index.tsx
index ad0aab9a2f4..1c22ea6879f 100644
--- a/frontend/desktop/src/components/user_menu/index.tsx
+++ b/frontend/desktop/src/components/user_menu/index.tsx
@@ -6,7 +6,7 @@ import LangSelectSimple from '../LangSelect/simple';
 import Iconfont from '../iconfont';
 import GithubComponent from './github';
 import { useConfigStore } from '@/stores/config';
-import { ReactElement, useState } from 'react';
+import { ReactElement, useCallback, useState } from 'react';
 import RegionToggle from '@/components/region/RegionToggle';
 
 enum UserMenuKeys {
diff --git a/frontend/desktop/src/pages/api/platform/getAppConfig.ts b/frontend/desktop/src/pages/api/platform/getAppConfig.ts
index 8eaf9000474..b659d81e8f9 100644
--- a/frontend/desktop/src/pages/api/platform/getAppConfig.ts
+++ b/frontend/desktop/src/pages/api/platform/getAppConfig.ts
@@ -1,16 +1,17 @@
 import { jsonRes } from '@/services/backend/response';
 import type { NextApiRequest, NextApiResponse } from 'next';
 import {
-  AppConfigType,
-  AuthConfigType,
+  AppClientConfigType,
+  AuthClientConfigType,
   CloudConfigType,
-  CommonConfigType,
+  CommonClientConfigType,
+  DefaultAppClientConfig,
   LayoutConfigType
 } from '@/types/system';
 import { getCloudConfig } from '@/pages/api/platform/getCloudConfig';
-import { getAuthConfig } from '@/pages/api/platform/getAuthConfig';
+import { getAuthClientConfig } from '@/pages/api/platform/getAuthConfig';
 import { getLayoutConfig } from '@/pages/api/platform/getLayoutConfig';
-import { getCommonConfig } from '@/pages/api/platform/getCommonConfig';
+import { getCommonClientConfig } from './getCommonConfig';
 
 export default async function handler(req: NextApiRequest, res: NextApiResponse) {
   const config = await getAppConfig();
@@ -22,10 +23,10 @@ export default async function handler(req: NextApiRequest, res: NextApiResponse)
 
 function genResConfig(
   cloudConf: CloudConfigType,
-  authConf: AuthConfigType,
-  commonConf: CommonConfigType,
+  authConf: AuthClientConfigType,
+  commonConf: CommonClientConfigType,
   layoutConf: LayoutConfigType
-): AppConfigType {
+): AppClientConfigType {
   return {
     cloud: cloudConf,
     common: commonConf,
@@ -33,19 +34,19 @@ function genResConfig(
       auth: authConf,
       layout: layoutConf
     }
-  } as AppConfigType;
+  };
 }
 
-export async function getAppConfig(): Promise<AppConfigType> {
+export async function getAppConfig(): Promise<AppClientConfigType> {
   try {
     const cloudConf = await getCloudConfig();
-    const authConf = await getAuthConfig();
-    const commonConf = await getCommonConfig();
+    const authConf = await getAuthClientConfig();
+    const commonConf = await getCommonClientConfig();
     const layoutConf = await getLayoutConfig();
-    console.log(layoutConf);
-    return genResConfig(cloudConf, authConf, commonConf, layoutConf);
+    const conf = genResConfig(cloudConf, authConf, commonConf, layoutConf);
+    return conf;
   } catch (error) {
     console.log('-getAppConfig-', error);
-    return {} as AppConfigType;
+    return DefaultAppClientConfig;
   }
 }
diff --git a/frontend/desktop/src/pages/api/platform/getAuthConfig.ts b/frontend/desktop/src/pages/api/platform/getAuthConfig.ts
index bbcfafbb1d1..f41b7a4b572 100644
--- a/frontend/desktop/src/pages/api/platform/getAuthConfig.ts
+++ b/frontend/desktop/src/pages/api/platform/getAuthConfig.ts
@@ -1,11 +1,16 @@
 import { jsonRes } from '@/services/backend/response';
-import { AppConfigType, DefaultAuthConfig, AuthConfigType } from '@/types/system';
+import {
+  AppConfigType,
+  DefaultAuthClientConfig,
+  AuthConfigType,
+  AuthClientConfigType
+} from '@/types/system';
 import { readFileSync } from 'fs';
 import type { NextApiRequest, NextApiResponse } from 'next';
 import yaml from 'js-yaml';
 
 export default async function handler(req: NextApiRequest, res: NextApiResponse) {
-  const config = await getAuthConfig();
+  const config = await getAuthClientConfig();
   jsonRes(res, {
     data: config,
     code: 200
@@ -13,59 +18,56 @@ export default async function handler(req: NextApiRequest, res: NextApiResponse)
 }
 
 // genResAuthConfig Return AuthConfigType with only necessary fields for response to client, to avoid exposing sensitive data
-function genResAuthConfig(conf: AuthConfigType): AuthConfigType {
-  return {
-    callbackURL: conf.callbackURL,
-    signUpEnabled: conf.signUpEnabled,
+function genResAuthClientConfig(conf: AuthConfigType) {
+  const authClientConfig: AuthClientConfigType = {
+    callbackURL: conf.callbackURL || '',
     invite: {
-      enabled: conf.invite?.enabled
+      enabled: !!conf.invite?.enabled
     },
     idp: {
       password: {
-        enabled: conf.idp.password?.enabled
+        enabled: !!conf.idp.password?.enabled
       },
       sms: {
-        ali: {
-          enabled: conf.idp.sms?.ali?.enabled,
-          accessKeyID: conf.idp.sms?.ali?.accessKeyID,
-          endpoint: conf.idp.sms?.ali?.endpoint,
-          signName: conf.idp.sms?.ali?.signName
-        }
+        enabled: !!conf.idp.sms?.enabled
       },
       github: {
-        enabled: conf.idp.github?.enabled,
-        clientID: conf.idp.github?.clientID
+        enabled: !!conf.idp.github?.enabled,
+        clientID: conf.idp.github?.clientID || ''
       },
       wechat: {
-        enabled: conf.idp.wechat?.enabled,
-        clientID: conf.idp.wechat?.clientID
+        enabled: !!conf.idp.wechat?.enabled,
+        clientID: conf.idp.wechat?.clientID || ''
       },
       google: {
-        enabled: conf.idp.google?.enabled,
-        clientID: conf.idp.google?.clientID
+        enabled: !!conf.idp.google?.enabled,
+        clientID: conf.idp.google?.clientID || ''
       },
       oauth2: {
-        enabled: conf.idp.oauth2?.enabled,
-        callbackURL: conf.idp.oauth2?.callbackURL,
-        clientID: conf.idp.oauth2?.clientID,
-        authURL: conf.idp.oauth2?.authURL,
-        tokenURL: conf.idp.oauth2?.tokenURL,
-        userInfoURL: conf.idp.oauth2?.userInfoURL
+        enabled: !!conf.idp.oauth2?.enabled,
+        callbackURL: conf.idp.oauth2?.callbackURL || '',
+        clientID: conf.idp.oauth2?.clientID || '',
+        authURL: conf.idp.oauth2?.authURL || '',
+        tokenURL: conf.idp.oauth2?.tokenURL || '',
+        userInfoURL: conf.idp.oauth2?.userInfoURL || ''
       }
-    }
-  } as AuthConfigType;
+    },
+    proxyAddress: conf.proxyAddress || '',
+    baiduToken: conf.baiduToken || ''
+  };
+  return authClientConfig;
 }
 
-export async function getAuthConfig(): Promise<AuthConfigType> {
+export async function getAuthClientConfig(): Promise<AuthClientConfigType> {
   try {
     if (!global.AppConfig) {
       const filename =
         process.env.NODE_ENV === 'development' ? 'data/config.yaml.local' : '/app/data/config.yaml';
       global.AppConfig = yaml.load(readFileSync(filename, 'utf-8')) as AppConfigType;
     }
-    return genResAuthConfig(global.AppConfig.desktop.auth);
+    return genResAuthClientConfig(global.AppConfig.desktop.auth);
   } catch (error) {
     console.log('-getAuthConfig-', error);
-    return DefaultAuthConfig;
+    return DefaultAuthClientConfig;
   }
 }
diff --git a/frontend/desktop/src/pages/api/platform/getCloudConfig.ts b/frontend/desktop/src/pages/api/platform/getCloudConfig.ts
index e3383af6d3d..17eb1613e03 100644
--- a/frontend/desktop/src/pages/api/platform/getCloudConfig.ts
+++ b/frontend/desktop/src/pages/api/platform/getCloudConfig.ts
@@ -29,7 +29,6 @@ export async function getCloudConfig(): Promise<CloudConfigType> {
           : '/app/data/config.yaml';
       global.AppConfig = yaml.load(readFileSync(filename, 'utf-8')) as AppConfigType;
     }
-    console.log('global.AppConfig', global.AppConfig);
     return genResCloudConfig(global.AppConfig.cloud) || DefaultCloudConfig;
   } catch (error) {
     console.log('-getAppConfig-', error);
diff --git a/frontend/desktop/src/pages/api/platform/getCommonConfig.ts b/frontend/desktop/src/pages/api/platform/getCommonConfig.ts
index ed167f704b7..7f907bb4789 100644
--- a/frontend/desktop/src/pages/api/platform/getCommonConfig.ts
+++ b/frontend/desktop/src/pages/api/platform/getCommonConfig.ts
@@ -1,27 +1,38 @@
 import { jsonRes } from '@/services/backend/response';
-import { AppConfigType, CommonConfigType, DefaultCommonConfig } from '@/types/system';
+import {
+  AppConfigType,
+  CommonClientConfigType,
+  CommonConfigType,
+  DefaultCommonClientConfig
+} from '@/types/system';
 import { readFileSync } from 'fs';
 import type { NextApiRequest, NextApiResponse } from 'next';
 import yaml from 'js-yaml';
 
 export default async function handler(req: NextApiRequest, res: NextApiResponse) {
-  const config = await getCommonConfig();
+  const config = await getCommonClientConfig();
   jsonRes(res, {
     data: config,
     code: 200
   });
 }
-
-export async function getCommonConfig(): Promise<CommonConfigType> {
+function genResCommonClientConfig(common: CommonConfigType): CommonClientConfigType {
+  return {
+    guideEnabled: !!common.guideEnabled,
+    rechargeEnabled: !!common.rechargeEnabled,
+    cfSiteKey: common.cfSiteKey || ''
+  };
+}
+export async function getCommonClientConfig(): Promise<CommonClientConfigType> {
   try {
     if (!global.AppConfig) {
       const filename =
         process.env.NODE_ENV === 'development' ? 'data/config.yaml.local' : '/app/data/config.yaml';
       global.AppConfig = yaml.load(readFileSync(filename, 'utf-8')) as AppConfigType;
     }
-    return global.AppConfig.common || DefaultCommonConfig;
+    return genResCommonClientConfig(global.AppConfig.common);
   } catch (error) {
     console.log('-getLayoutConfig-', error);
-    return DefaultCommonConfig;
+    return DefaultCommonClientConfig;
   }
 }
diff --git a/frontend/desktop/src/pages/index.tsx b/frontend/desktop/src/pages/index.tsx
index f521cc25d6f..54f3a1a515b 100644
--- a/frontend/desktop/src/pages/index.tsx
+++ b/frontend/desktop/src/pages/index.tsx
@@ -15,6 +15,7 @@ import Script from 'next/script';
 import { createContext, useEffect, useState } from 'react';
 
 const destination = '/signin';
+
 interface IMoreAppsContext {
   showMoreApps: boolean;
   setShowMoreApps: (value: boolean) => void;
diff --git a/frontend/desktop/src/pages/signin.tsx b/frontend/desktop/src/pages/signin.tsx
index 66b73b40e7b..ed3068990ed 100644
--- a/frontend/desktop/src/pages/signin.tsx
+++ b/frontend/desktop/src/pages/signin.tsx
@@ -7,7 +7,7 @@ import { useEffect } from 'react';
 export default function SigninPage() {
   useEffect(() => {
     const url = sessionStorage.getItem('accessTemplatesNoLogin');
-    if (url) {
+    if (!!url) {
       sessionStorage.clear();
       window.location.replace(url);
     }
diff --git a/frontend/desktop/src/stores/config.ts b/frontend/desktop/src/stores/config.ts
index c4ec768ba25..be7a147fba9 100644
--- a/frontend/desktop/src/stores/config.ts
+++ b/frontend/desktop/src/stores/config.ts
@@ -1,9 +1,8 @@
 import {
-  AppConfigType,
-  AuthConfigType,
   CloudConfigType,
-  CommonConfigType,
-  LayoutConfigType
+  LayoutConfigType,
+  AuthClientConfigType,
+  CommonClientConfigType
 } from '@/types';
 import { create } from 'zustand';
 import { devtools } from 'zustand/middleware';
@@ -11,11 +10,11 @@ import { immer } from 'zustand/middleware/immer';
 import { getAppConfig } from '@/api/platform';
 
 type State = {
-  commonConfig: CommonConfigType | undefined;
-  authConfig: AuthConfigType | undefined;
-  cloudConfig: CloudConfigType | undefined;
-  layoutConfig: LayoutConfigType | undefined;
-  initAppConfig: () => Promise<AppConfigType | undefined>;
+  cloudConfig?: CloudConfigType;
+  authConfig?: AuthClientConfigType;
+  commonConfig?: CommonClientConfigType;
+  layoutConfig?: LayoutConfigType;
+  initAppConfig: () => Promise<void>;
 };
 
 export const useConfigStore = create<State>()(
@@ -28,16 +27,13 @@ export const useConfigStore = create<State>()(
 
       async initAppConfig() {
         const data = await getAppConfig();
-
         console.log('initAppConfig', data.data);
-
         set((state) => {
           state.layoutConfig = data.data.desktop.layout;
           state.authConfig = data.data.desktop.auth;
           state.cloudConfig = data.data.cloud;
           state.commonConfig = data.data.common;
         });
-        return data.data;
       }
     }))
   )
diff --git a/frontend/desktop/src/types/system.ts b/frontend/desktop/src/types/system.ts
index 082706fdeaf..8adf9ff0757 100644
--- a/frontend/desktop/src/types/system.ts
+++ b/frontend/desktop/src/types/system.ts
@@ -1,3 +1,5 @@
+import { DeepRequired, OmitPath, OmitPathArr } from './tools';
+
 export type CloudConfigType = {
   domain: string;
   port: string;
@@ -11,7 +13,7 @@ export type CommonConfigType = {
   rechargeEnabled: boolean;
   cfSiteKey?: string;
 };
-
+export type CommonClientConfigType = DeepRequired<OmitPath<CommonConfigType, 'apiEnabled'>>;
 export type DatabaseConfigType = {
   mongodbURI: string;
   globalCockroachdbURI: string;
@@ -107,15 +109,33 @@ export type AuthConfigType = {
   };
 };
 
+export type AuthClientConfigType = DeepRequired<
+  OmitPathArr<
+    AuthConfigType,
+    [
+      'signUpEnabled',
+      'invite.lafSecretKey',
+      'invite.lafBaseURL',
+      'idp.password.salt',
+      'idp.github.clientSecret',
+      'idp.wechat.clientSecret',
+      'idp.google.clientSecret',
+      'idp.sms.ali',
+      'idp.oauth2.clientSecret',
+      'jwt'
+    ]
+  >
+>;
+
 export type JwtConfigType = {
   internal?: string;
   regional?: string;
   global?: string;
 };
 
-export type DesktopConfigType = {
+export type DesktopConfigType<T = AuthConfigType> = {
   layout: LayoutConfigType;
-  auth: AuthConfigType;
+  auth: T;
   teamManagement?: {
     maxTeamCount: number;
     maxTeamMemberCount: number;
@@ -128,10 +148,14 @@ export type AppConfigType = {
   database: DatabaseConfigType;
   desktop: DesktopConfigType;
 };
+export type AppClientConfigType = {
+  cloud: CloudConfigType;
+  common: CommonClientConfigType;
+  desktop: DesktopConfigType<AuthClientConfigType>;
+};
 
-export const DefaultCommonConfig: CommonConfigType = {
+export const DefaultCommonClientConfig: CommonClientConfigType = {
   guideEnabled: false,
-  apiEnabled: false,
   rechargeEnabled: false,
   cfSiteKey: ''
 };
@@ -168,16 +192,48 @@ export const DefaultLayoutConfig: LayoutConfigType = {
   }
 };
 
-export const DefaultAuthConfig: AuthConfigType = {
-  callbackURL: 'https://cloud.sealos.io/callback',
-  jwt: {
-    internal: 'internal',
-    regional: 'regional',
-    global: 'global'
+export const DefaultAuthClientConfig: AuthClientConfigType = {
+  baiduToken: '',
+  invite: {
+    enabled: false
   },
+  callbackURL: 'https://cloud.sealos.io/callback',
   idp: {
     password: {
       enabled: true
+    },
+    github: {
+      enabled: false,
+      clientID: ''
+    },
+    wechat: {
+      enabled: false,
+      clientID: ''
+    },
+    google: {
+      enabled: false,
+      clientID: ''
+    },
+    sms: {
+      enabled: false
+    },
+    oauth2: {
+      enabled: false,
+      callbackURL: '',
+      clientID: '',
+      authURL: '',
+      tokenURL: '',
+      userInfoURL: ''
     }
+  },
+  proxyAddress: ''
+};
+
+export const DefaultAppClientConfig: AppClientConfigType = {
+  cloud: DefaultCloudConfig,
+  common: DefaultCommonClientConfig,
+  desktop: {
+    layout: DefaultLayoutConfig,
+    auth: DefaultAuthClientConfig
   }
 };
diff --git a/frontend/desktop/src/types/tools.ts b/frontend/desktop/src/types/tools.ts
new file mode 100644
index 00000000000..731908114cb
--- /dev/null
+++ b/frontend/desktop/src/types/tools.ts
@@ -0,0 +1,31 @@
+export type Primitive = undefined | null | boolean | string | number | symbol | bigint | Function;
+
+export type DeepRequired<T> = T extends Primitive
+  ? NonNullable<T>
+  : {
+      [P in keyof T]-?: T[P] extends Array<infer U>
+        ? Array<DeepRequired<U>>
+        : T[P] extends ReadonlyArray<infer V>
+        ? DeepRequired<V>
+        : DeepRequired<T[P]>;
+    };
+export type Replace<Obj, k extends keyof Obj, v> = k extends keyof Obj
+  ? { [p in keyof Obj]: p extends k ? v : Obj[p] }
+  : never;
+
+export type OmitPath<
+  Obj extends unknown,
+  Path extends string
+> = Path extends `${infer p}.${infer Rest}`
+  ? p extends keyof Obj
+    ? Replace<Obj, p, OmitPath<NonNullable<Obj[p]>, Rest>>
+    : Obj
+  : Path extends keyof Obj
+  ? { [P in Exclude<keyof Obj, Path>]: Obj[P] }
+  : Obj;
+
+export type OmitPathArr<Obj, Paths extends unknown[]> = Paths extends [infer Head, ...infer Rest]
+  ? Head extends string
+    ? OmitPathArr<OmitPath<Obj, Head>, Rest>
+    : never
+  : Obj;
diff --git a/frontend/packages/client-sdk/src/app.ts b/frontend/packages/client-sdk/src/app.ts
index de003cd8cbe..13b16d79bfe 100644
--- a/frontend/packages/client-sdk/src/app.ts
+++ b/frontend/packages/client-sdk/src/app.ts
@@ -1,11 +1,6 @@
 import { v4 } from 'uuid';
 import { API_NAME } from './constants';
-import {
-  AppMessageType,
-  AppSendMessageType,
-  MasterReplyMessageType,
-  SessionV1
-} from './types';
+import { AppMessageType, AppSendMessageType, MasterReplyMessageType, SessionV1 } from './types';
 import { isBrowser } from './utils';
 
 class ClientSDK {
diff --git a/frontend/providers/applaunchpad/next.config.js b/frontend/providers/applaunchpad/next.config.js
index 4ed35a9169d..e9900e333f8 100644
--- a/frontend/providers/applaunchpad/next.config.js
+++ b/frontend/providers/applaunchpad/next.config.js
@@ -1,6 +1,6 @@
 /** @type {import('next').NextConfig} */
-const { i18n } = require('./next-i18next.config')
-const path = require('path')
+const { i18n } = require('./next-i18next.config');
+const path = require('path');
 const nextConfig = {
   i18n,
   output: 'standalone',
@@ -13,14 +13,14 @@ const nextConfig = {
         issuer: /\.[jt]sx?$/,
         use: ['@svgr/webpack']
       }
-    ])
-    config.plugins = [...config.plugins]
-    return config
+    ]);
+    config.plugins = [...config.plugins];
+    return config;
   },
   transpilePackages: ['@sealos/driver', '@sealos/ui'],
   experimental: {
     outputFileTracingRoot: path.join(__dirname, '../../')
   }
-}
+};
 
-module.exports = nextConfig
+module.exports = nextConfig;
diff --git a/frontend/providers/applaunchpad/src/store/global.ts b/frontend/providers/applaunchpad/src/store/global.ts
index f483d09489d..0414243d1ea 100644
--- a/frontend/providers/applaunchpad/src/store/global.ts
+++ b/frontend/providers/applaunchpad/src/store/global.ts
@@ -1,8 +1,8 @@
-import {create} from 'zustand';
-import {devtools} from 'zustand/middleware';
-import {immer} from 'zustand/middleware/immer';
-import {FormSliderListType} from '@/types';
-import {defaultSliderKey} from '@/constants/app';
+import { create } from 'zustand';
+import { devtools } from 'zustand/middleware';
+import { immer } from 'zustand/middleware/immer';
+import { FormSliderListType } from '@/types';
+import { defaultSliderKey } from '@/constants/app';
 
 type State = {
   screenWidth: number;
diff --git a/frontend/providers/cloudserver/next-i18next.config.js b/frontend/providers/cloudserver/next-i18next.config.js
index 1a032fe9ec2..8dca5135fe0 100644
--- a/frontend/providers/cloudserver/next-i18next.config.js
+++ b/frontend/providers/cloudserver/next-i18next.config.js
@@ -9,4 +9,4 @@ module.exports = {
     locales: ['en', 'zh'],
     localeDetection: false
   }
-}
+};
diff --git a/frontend/providers/cloudserver/next.config.js b/frontend/providers/cloudserver/next.config.js
index bc43040108f..4f9309e07b0 100644
--- a/frontend/providers/cloudserver/next.config.js
+++ b/frontend/providers/cloudserver/next.config.js
@@ -1,8 +1,8 @@
 /** @type {import('next').NextConfig} */
-const BundleAnalyzerPlugin = require('webpack-bundle-analyzer').BundleAnalyzerPlugin
-const { i18n } = require('./next-i18next.config')
-const analyzer = process.env === 'production' ? [new BundleAnalyzerPlugin()] : []
-const path = require('path')
+const BundleAnalyzerPlugin = require('webpack-bundle-analyzer').BundleAnalyzerPlugin;
+const { i18n } = require('./next-i18next.config');
+const analyzer = process.env === 'production' ? [new BundleAnalyzerPlugin()] : [];
+const path = require('path');
 
 const nextConfig = {
   i18n,
@@ -16,15 +16,15 @@ const nextConfig = {
         issuer: /\.[jt]sx?$/,
         use: ['@svgr/webpack']
       }
-    ])
-    config.plugins = [...config.plugins, ...analyzer]
-    return config
+    ]);
+    config.plugins = [...config.plugins, ...analyzer];
+    return config;
   },
   transpilePackages: ['@sealos/ui', 'sealos-desktop-sdk', '@sealos/driver'],
   experimental: {
     // this includes files from the monorepo base two directories up
     outputFileTracingRoot: path.join(__dirname, '../../')
   }
-}
+};
 
-module.exports = nextConfig
+module.exports = nextConfig;
diff --git a/frontend/providers/cloudserver/tsconfig.json b/frontend/providers/cloudserver/tsconfig.json
index 0eef8192c47..f2bc03096f4 100644
--- a/frontend/providers/cloudserver/tsconfig.json
+++ b/frontend/providers/cloudserver/tsconfig.json
@@ -1,21 +1,11 @@
 {
   "compilerOptions": {
-    "lib": [
-      "dom",
-      "dom.iterable",
-      "esnext"
-    ],
+    "lib": ["dom", "dom.iterable", "esnext"],
     "baseUrl": ".",
     "paths": {
-      "@/*": [
-        "./src/*"
-      ]
+      "@/*": ["./src/*"]
     }
   },
-  "include": [
-    "next-env.d.ts",
-    "src/**/*.ts",
-    "src/**/*.tsx"
-  ],
+  "include": ["next-env.d.ts", "src/**/*.ts", "src/**/*.tsx"],
   "extends": "../../tsconfig.web.json"
-}
\ No newline at end of file
+}
diff --git a/frontend/providers/invite/next.config.js b/frontend/providers/invite/next.config.js
index 61e2ee46886..434f43348eb 100644
--- a/frontend/providers/invite/next.config.js
+++ b/frontend/providers/invite/next.config.js
@@ -1,6 +1,6 @@
 /** @type {import('next').NextConfig} */
-const { i18n } = require('./next-i18next.config')
-const path = require('path')
+const { i18n } = require('./next-i18next.config');
+const path = require('path');
 
 const nextConfig = {
   i18n,
@@ -12,6 +12,6 @@ const nextConfig = {
     // this includes files from the monorepo base two directories up
     outputFileTracingRoot: path.join(__dirname, '../../')
   }
-}
+};
 
-module.exports = nextConfig
+module.exports = nextConfig;
diff --git a/frontend/providers/template/next.config.js b/frontend/providers/template/next.config.js
index 701ffccc4a1..545ed24da3c 100644
--- a/frontend/providers/template/next.config.js
+++ b/frontend/providers/template/next.config.js
@@ -1,10 +1,10 @@
 /** @type {import('next').NextConfig} */
-const { i18n } = require('./next-i18next.config')
-const path = require('path')
+const { i18n } = require('./next-i18next.config');
+const path = require('path');
 
 const withBundleAnalyzer = require('@next/bundle-analyzer')({
-  enabled: process.env.ANALYZE === 'true',
-})
+  enabled: process.env.ANALYZE === 'true'
+});
 
 const nextConfig = {
   i18n,
@@ -18,9 +18,9 @@ const nextConfig = {
         issuer: /\.[jt]sx?$/,
         use: ['@svgr/webpack']
       }
-    ])
-    config.plugins = [...config.plugins]
-    return config
+    ]);
+    config.plugins = [...config.plugins];
+    return config;
   },
   experimental: {
     // this includes files from the monorepo base two directories up
@@ -32,9 +32,9 @@ const nextConfig = {
         protocol: 'https',
         hostname: '**'
       }
-    ],
+    ]
   },
   transpilePackages: ['@sealos/ui', 'sealos-desktop-sdk']
-}
+};
 
-module.exports = withBundleAnalyzer(nextConfig)
+module.exports = withBundleAnalyzer(nextConfig);

From 8fec61bad342b91264432e946abbd10ff3ea7234 Mon Sep 17 00:00:00 2001
From: yy <lingdie.yy@outlook.com>
Date: Wed, 8 May 2024 15:21:04 +0800
Subject: [PATCH 11/11] chore: fix build error.

---
 frontend/desktop/src/components/account/index.tsx | 5 ++---
 frontend/desktop/src/pages/WorkspaceInvite.tsx    | 5 +++--
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/frontend/desktop/src/components/account/index.tsx b/frontend/desktop/src/components/account/index.tsx
index 7599ec5009c..1a4b99c3c88 100644
--- a/frontend/desktop/src/components/account/index.tsx
+++ b/frontend/desktop/src/components/account/index.tsx
@@ -21,9 +21,8 @@ import useAppStore from '@/stores/app';
 import { ApiResp } from '@/types';
 import { formatMoney } from '@/utils/format';
 import PasswordModify from './PasswordModify';
-import { CopyIcon, DownloadIcon, LogoutIcon, RightArrowIcon } from '@sealos/ui';
+import { CopyIcon, DownloadIcon, LogoutIcon } from '@sealos/ui';
 import { useConfigStore } from '@/stores/config';
-import { sessionConfig } from '@/utils/sessionConfig';
 
 export default function Account({ disclosure }: { disclosure: UseDisclosureReturn }) {
   const [showId, setShowId] = useState(true);
@@ -96,7 +95,7 @@ export default function Account({ disclosure }: { disclosure: UseDisclosureRetur
             height={'80px'}
             borderRadius="full"
             src={user?.avatar}
-            fallbackSrc={ImageFallBackUrl}
+            fallbackSrc={logo}
             alt="user avator"
           />
           <Text color={'#24282C'} fontSize={'20px'} fontWeight={600}>
diff --git a/frontend/desktop/src/pages/WorkspaceInvite.tsx b/frontend/desktop/src/pages/WorkspaceInvite.tsx
index d519ae6b713..8288cb3b352 100644
--- a/frontend/desktop/src/pages/WorkspaceInvite.tsx
+++ b/frontend/desktop/src/pages/WorkspaceInvite.tsx
@@ -13,15 +13,16 @@ import {
 import useCallbackStore from '@/stores/callback';
 import { useEffect } from 'react';
 import { useTranslation } from 'next-i18next';
-import { ImageFallBackUrl } from '@/stores/config';
 import { ROLE_LIST } from '@/types/team';
 import { compareFirstLanguages } from '@/utils/tools';
 import { serverSideTranslations } from 'next-i18next/serverSideTranslations';
+import { useConfigStore } from '@/stores/config';
 
 const Callback: NextPage = () => {
   const router = useRouter();
   const { token: curToken, session } = useSessionStore((s) => s);
   const { lastWorkSpaceId } = useSessionStore();
+  const logo = useConfigStore().layoutConfig?.logo;
   const { setWorkspaceInviteCode } = useCallbackStore();
   const { t } = useTranslation();
   const verifyMutation = useMutation({
@@ -113,7 +114,7 @@ const Callback: NextPage = () => {
           gap={'8px'}
         >
           {' '}
-          <Image boxSize={'34px'} borderRadius="full" src={ImageFallBackUrl} alt="logo" />
+          <Image boxSize={'34px'} borderRadius="full" src={logo} alt="logo" />
           <Text fontWeight={700} fontSize={'24px'}>
             Sealos
           </Text>