feat: 解决部分情况下申请证书超时的问题 (#3540)

Refs https://github.com/1Panel-dev/1Panel/issues/3431
11 months ago · c4b7dd70cb
13 changed files with 56 additions and 11 deletions
--- a/backend/app/dto/request/website_ssl.go
+++ b/backend/app/dto/request/website_ssl.go
@ -32,7 +32,8 @@ type WebsiteSSLRenew struct {
 }

 type WebsiteSSLApply struct {
-	ID uint `json:"ID" validate:"required"`
+	ID           uint `json:"ID" validate:"required"`
+	SkipDNSCheck bool `json:"SkipDNSCheck"`
 }

 type WebsiteAcmeAccountCreate struct {
--- a/backend/app/service/website_ssl.go
+++ b/backend/app/service/website_ssl.go
@ -191,7 +191,7 @@ func (w WebsiteSSLService) ObtainSSL(apply request.WebsiteSSLApply) error {
 		if err != nil {
 			return err
 		}
-		if err = client.UseDns(ssl.DnsType(dnsAccount.Type), dnsAccount.Authorization); err != nil {
+		if err = client.UseDns(ssl.DnsType(dnsAccount.Type), dnsAccount.Authorization, apply.SkipDNSCheck); err != nil {
 			return err
 		}
 	case constant.Http:
--- a/backend/utils/ssl/client.go
+++ b/backend/utils/ssl/client.go
@ -80,7 +80,7 @@ type DNSParam struct {
 	APISecret string `json:"apiSecret"`
 }

-func (c *AcmeClient) UseDns(dnsType DnsType, params string) error {
+func (c *AcmeClient) UseDns(dnsType DnsType, params string, skipDNSCheck bool) error {
 	var (
 		param DNSParam
 		p     challenge.Provider
@ -150,6 +150,9 @@ func (c *AcmeClient) UseDns(dnsType DnsType, params string) error {
 	if err != nil {
 		return err
 	}
+	if skipDNSCheck {
+		return c.Client.Challenge.SetDNS01Provider(p, dns01.AddDNSTimeout(10*time.Minute), dns01.DisableCompletePropagationRequirement())
+	}

 	return c.Client.Challenge.SetDNS01Provider(p, dns01.AddDNSTimeout(10*time.Minute))
 }
--- a/cmd/server/docs/docs.go
+++ b/cmd/server/docs/docs.go
@ -1,5 +1,5 @@
-// Code generated by swaggo/swag. DO NOT EDIT.
-
+// Package docs GENERATED BY SWAG; DO NOT EDIT
+// This file was generated by swaggo/swag
 package docs

 import "github.com/swaggo/swag"
@ -20489,6 +20489,9 @@ const docTemplate = `{
            "properties": {
                "ID": {
                    "type": "integer"
+                },
+                "SkipDNSCheck": {
+                    "type": "boolean"
                }
            }
        },
--- a/cmd/server/docs/swagger.json
+++ b/cmd/server/docs/swagger.json
@ -20482,6 +20482,9 @@
            "properties": {
                "ID": {
                    "type": "integer"
+                },
+                "SkipDNSCheck": {
+                    "type": "boolean"
                }
            }
        },
--- a/cmd/server/docs/swagger.yaml
+++ b/cmd/server/docs/swagger.yaml
@ -4358,6 +4358,8 @@ definitions:
    properties:
      ID:
        type: integer
+      SkipDNSCheck:
+        type: boolean
    required:
    - ID
    type: object
--- a/frontend/src/api/interface/website.ts
+++ b/frontend/src/api/interface/website.ts
@ -203,6 +203,7 @@ export namespace Website {
    export interface AcmeAccount extends CommonModel {
        email: string;
        url: string;
+        type: string;
    }

    export interface AcmeAccountCreate {
@ -462,6 +463,7 @@ export namespace Website {

    export interface SSLObtain {
        ID: number;
+        skipDNSCheck: boolean;
    }

    export interface CA extends CommonModel {
--- a/frontend/src/lang/modules/en.ts
+++ b/frontend/src/lang/modules/en.ts
@ -1926,6 +1926,8 @@ const message = {
            "<a target=“_blank” href='https://cloud.google.com/certificate-manager/docs/public-ca-tutorial?hl=zh-cn'>如何取得EAB HmacKey 和EAB kid</a > ",
        googleCloudHelper: 'Google Cloud API is not accessible in most parts of mainland China',
        httpHelper2: 'Unable to apply for a generic domain name certificate in HTTP mode',
+        skipDNSCheck: 'Skip DNS check',
+        skipDNSCheckHelper: 'If there is an application timeout problem, please check here, otherwise do not check it',
    },
    firewall: {
        create: 'Create rule',
--- a/frontend/src/lang/modules/tw.ts
+++ b/frontend/src/lang/modules/tw.ts
@ -1808,6 +1808,8 @@ const message = {
            "<a target=“_blank” href='https://cloud.google.com/certificate-manager/docs/public-ca-tutorial?hl=zh-cn'>如何取得EAB HmacKey 和EAB kid</a > ",
        googleCloudHelper: 'Google Cloud API 大陸大部分地區無法存取',
        httpHelper2: 'HTTP 模式無法申請泛網域憑證',
+        skipDNSCheck: '跳過 DNS 校驗',
+        skipDNSCheckHelper: '如果出現申請超時問題，請勾選此處，其他情況請勿勾選',
    },
    firewall: {
        create: '創建規則',
--- a/frontend/src/lang/modules/zh.ts
+++ b/frontend/src/lang/modules/zh.ts
@ -1808,6 +1808,8 @@ const message = {
            "<a target=“_blank” href='https://cloud.google.com/certificate-manager/docs/public-ca-tutorial?hl=zh-cn'>如何获取 EAB HmacKey 和 EAB kid</a> ",
        googleCloudHelper: 'Google Cloud API 大陆大部分地区无法访问',
        httpHelper2: 'HTTP 模式无法申请泛域名证书',
+        skipDNSCheck: '跳过 DNS 校验',
+        skipDNSCheckHelper: '如果出现申请超时问题，请勾选此处，其他情况请勿勾选',
    },
    firewall: {
        create: '创建规则',
--- a/frontend/src/views/website/ssl/apply/index.vue
+++ b/frontend/src/views/website/ssl/apply/index.vue
@ -31,6 +31,11 @@
            </el-table>
        </div>

+        <div class="mt-3">
+            <el-checkbox v-model="skipDNSCheck">{{ $t('ssl.skipDNSCheck') }}</el-checkbox>
+            <span class="input-help">{{ $t('ssl.skipDNSCheckHelper') }}</span>
+        </div>
+
        <template #footer>
            <span class="dialog-footer">
                <el-button @click="handleClose" :disabled="loading">{{ $t('commons.button.cancel') }}</el-button>
@ -62,11 +67,13 @@ const handleClose = () => {
    open.value = false;
    em('close', false);
 };
+const skipDNSCheck = ref(false);

 const acceptParams = async (props: RenewProps) => {
    open.value = true;
    dnsResolve.value = [];
    sslID.value = props.ssl.id;
+    skipDNSCheck.value = false;
    getDnsResolve(props.ssl);
 };

@ -89,7 +96,7 @@ const getDnsResolve = async (row: Website.SSL) => {
 };

 const submit = () => {
-    ObtainSSL({ ID: sslID.value })
+    ObtainSSL({ ID: sslID.value, skipDNSCheck: skipDNSCheck.value })
        .then(() => {
            MsgSuccess(i18n.global.t('ssl.applyStart'));
            handleClose();
--- a/frontend/src/views/website/ssl/create/index.vue
+++ b/frontend/src/views/website/ssl/create/index.vue
@ -40,9 +40,20 @@
                            <el-option
                                v-for="(acme, index) in acmeAccounts"
                                :key="index"
-                                :label="acme.email"
+                                :label="acme.email + ' [' + getAccountName(acme.type) + '] '"
                                :value="acme.id"
-                            ></el-option>
+                            >
+                                <el-row>
+                                    <el-col :span="6">
+                                        <span>{{ acme.email }}</span>
+                                    </el-col>
+                                    <el-col :span="11">
+                                        <span>
+                                            <el-tag type="success">{{ getAccountName(acme.type) }}</el-tag>
+                                        </span>
+                                    </el-col>
+                                </el-row>
+                            </el-option>
                        </el-select>
                    </el-form-item>
                    <el-form-item :label="$t('website.keyType')" prop="keyType">
@ -80,7 +91,7 @@
                            <el-option
                                v-for="(dns, index) in dnsAccounts"
                                :key="index"
-                                :label="dns.name"
+                                :label="dns.name + ' [' + getDNSName(dns.type) + '] '"
                                :value="dns.id"
                            >
                                <el-row>
@ -89,7 +100,7 @@
                                    </el-col>
                                    <el-col :span="11">
                                        <span>
-                                            <el-tag type="success">{{ dns.type }}</el-tag>
+                                            <el-tag type="success">{{ getDNSName(dns.type) }}</el-tag>
                                        </span>
                                    </el-col>
                                </el-row>
@ -136,6 +147,7 @@ import { FormInstance } from 'element-plus';
 import { computed, reactive, ref } from 'vue';
 import { MsgSuccess } from '@/utils/message';
 import { KeyTypes } from '@/global/mimetype';
+import { getDNSName, getAccountName } from '@/utils/util';

 const props = defineProps({
    id: {
--- a/frontend/src/views/website/ssl/obtain/index.vue
+++ b/frontend/src/views/website/ssl/obtain/index.vue
@ -21,6 +21,10 @@
                <br />
            </div>
            <span>{{ $t('ssl.renewConfirm', [ssl.primaryDomain]) }}</span>
+            <div class="mt-3">
+                <el-checkbox v-model="skipDNSCheck">{{ $t('ssl.skipDNSCheck') }}</el-checkbox>
+                <span class="input-help">{{ $t('ssl.skipDNSCheckHelper') }}</span>
+            </div>
        </div>
        <template #footer>
            <span class="dialog-footer">
@ -52,10 +56,12 @@ const handleClose = () => {
    em('close', false);
 };
 const ssl = ref();
+const skipDNSCheck = ref(false);

 const acceptParams = async (props: RenewProps) => {
    ssl.value = props.ssl;
    open.value = true;
+    skipDNSCheck.value = false;
 };

 const submit = async () => {
@ -64,7 +70,7 @@ const submit = async () => {
        if (ssl.value.provider == 'selfSigned') {
            await RenewSSLByCA({ SSLID: ssl.value.id });
        } else {
-            await ObtainSSL({ ID: ssl.value.id });
+            await ObtainSSL({ ID: ssl.value.id, skipDNSCheck: skipDNSCheck.value });
        }
        handleClose();
        MsgSuccess(i18n.global.t('ssl.applyStart'));