feat: 适配证书 HTTP 模式

2 years ago · ff575e5963
4 changed files with 38 additions and 2 deletions
--- a/apps/nginx/versions/1.23.1/conf/conf.d/default.conf
+++ b/apps/nginx/versions/1.23.1/conf/conf.d/default.conf
@ -0,0 +1,13 @@
+server {
+    listen        80 default_server;
+    server_name   _;
+    charset       utf-8;
+    default_type  text/html;
+
+    location ~ /.well-known/acme-challenge {
+        allow all;
+        root /usr/share/nginx/html;
+    }
+
+    root /usr/share/nginx/html;
+}
--- a/apps/nginx/versions/1.23.1/docker-compose.yml
+++ b/apps/nginx/versions/1.23.1/docker-compose.yml
@ -1,7 +1,7 @@
 version: '3'
 services:
  nginx1.23.1:
-    container_name: ${CONTAINER_NAME}
+    container_name: nginx1.23.1
    image: nginx:1.23.1
    restart: always
    network_mode: host
@ -11,5 +11,6 @@ services:
      - ./conf/conf.d:/etc/nginx/conf.d/
      - ./ssl:/etc/nginx/ssl
      - ./www:/www/root/
+      - ./root:/usr/share/nginx/html


--- a/backend/app/service/website_ssl.go
+++ b/backend/app/service/website_ssl.go
@ -6,7 +6,9 @@ import (
 	"encoding/pem"
 	"github.com/1Panel-dev/1Panel/backend/app/dto"
 	"github.com/1Panel-dev/1Panel/backend/app/model"
+	"github.com/1Panel-dev/1Panel/backend/constant"
 	"github.com/1Panel-dev/1Panel/backend/utils/ssl"
+	"path"
 	"strings"
 )

@ -66,6 +68,16 @@ func (w WebSiteSSLService) Create(create dto.WebsiteSSLCreate) (dto.WebsiteSSLCr
 			return res, err
 		}
 	case dto.Http:
+
+		appInstall, err := getAppInstallByKey("nginx")
+		if err != nil {
+			return dto.WebsiteSSLCreate{}, err
+		}
+
+		if err := client.UseHTTP(path.Join(constant.AppInstallDir, "nginx", appInstall.Name, "root")); err != nil {
+			return res, err
+		}
+
 	case dto.DnsManual:

 	}
--- a/backend/utils/ssl/client.go
+++ b/backend/utils/ssl/client.go
@ -9,6 +9,7 @@ import (
 	"github.com/go-acme/lego/v4/lego"
 	"github.com/go-acme/lego/v4/providers/dns/alidns"
 	"github.com/go-acme/lego/v4/providers/dns/dnspod"
+	"github.com/go-acme/lego/v4/providers/http/webroot"
 	"github.com/go-acme/lego/v4/registration"
 	"github.com/pkg/errors"
 	"time"
@ -120,8 +121,17 @@ func (c *AcmeClient) UseManualDns(domains []string) (*Resolve, error) {
 	return p.Resolve, nil
 }

-func (c *AcmeClient) UseHTTP() {
+func (c *AcmeClient) UseHTTP(path string) error {
+	httpProvider, err := webroot.NewHTTPProvider(path)
+	if err != nil {
+		return err
+	}

+	err = c.Client.Challenge.SetHTTP01Provider(httpProvider)
+	if err != nil {
+		return err
+	}
+	return nil
 }

 func (c *AcmeClient) ObtainSSL(domains []string) (certificate.Resource, error) {