From 1d5cd9ca033b67d38e8f62b5aebd0f94adfaa949 Mon Sep 17 00:00:00 2001 From: v-me-50 Date: Mon, 16 Jun 2025 17:59:42 +0800 Subject: [PATCH] =?UTF-8?q?=E9=98=BF=E9=87=8C=E4=BA=91esa=E3=80=81?= =?UTF-8?q?=E4=BF=AE=E6=94=B9=E8=8E=B7=E5=8F=96acme=E8=B4=A6=E6=88=B7?= =?UTF-8?q?=E5=88=97=E8=A1=A8?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- backend/internal/cert/apply/account.go | 6 + backend/internal/cert/deploy/aliyun/esa.go | 103 ++++++++++++++++++ backend/internal/cert/deploy/plugin/plugin.go | 4 +- go.mod | 7 ++ go.sum | 19 ++++ 5 files changed, 137 insertions(+), 2 deletions(-) create mode 100644 backend/internal/cert/deploy/aliyun/esa.go diff --git a/backend/internal/cert/apply/account.go b/backend/internal/cert/apply/account.go index e67537c..f36d3e1 100644 --- a/backend/internal/cert/apply/account.go +++ b/backend/internal/cert/apply/account.go @@ -213,5 +213,11 @@ func GetAccountList(search, ca string, p, limit int64) ([]map[string]interface{} if err != nil { return nil, 0, fmt.Errorf("failed to get account list: %w", err) } + for i := range data { + data[i]["ca"] = data[i]["type"] + delete(data[i], "private_key") + delete(data[i], "reg") + } + return data, int(count), nil } diff --git a/backend/internal/cert/deploy/aliyun/esa.go b/backend/internal/cert/deploy/aliyun/esa.go new file mode 100644 index 0000000..85b0962 --- /dev/null +++ b/backend/internal/cert/deploy/aliyun/esa.go @@ -0,0 +1,103 @@ +package aliyun + +import ( + "ALLinSSL/backend/internal/access" + "encoding/json" + "fmt" + openapi "github.com/alibabacloud-go/darabonba-openapi/v2/client" + esa "github.com/alibabacloud-go/esa-20240910/v2/client" + util "github.com/alibabacloud-go/tea-utils/v2/service" + "github.com/alibabacloud-go/tea/tea" + "strconv" +) + +// CreateEsaClient creates a new ESA client with the provided access key and secret. +func CreateEsaClient(accessKey, accessSecret string) (*esa.Client, error) { + config := &openapi.Config{ + AccessKeyId: tea.String(accessKey), + AccessKeySecret: tea.String(accessSecret), + Endpoint: tea.String("esa.ap-southeast-1.aliyuncs.com"), + } + return esa.NewClient(config) +} + +// UploadCertToESA uploads the certificate and private key to Alibaba Cloud ESA. +func UploadCertToESA(client *esa.Client, id int64, certPEM, privkeyPEM string) error { + req := esa.SetCertificateRequest{ + SiteId: tea.Int64(id), + Type: tea.String("upload"), + Certificate: tea.String(certPEM), + PrivateKey: tea.String(privkeyPEM), + } + runtime := &util.RuntimeOptions{} + + _, err := client.SetCertificateWithOptions(&req, runtime) + if err != nil { + return err + } + return nil +} + +func DeployAliyunESA(cfg map[string]any) error { + cert, ok := cfg["certificate"].(map[string]any) + if !ok { + return fmt.Errorf("证书不存在") + } + var providerID string + switch v := cfg["provider_id"].(type) { + case float64: + providerID = strconv.Itoa(int(v)) + case string: + providerID = v + default: + return fmt.Errorf("参数错误:provider_id") + } + // + providerData, err := access.GetAccess(providerID) + if err != nil { + return err + } + providerConfigStr, ok := providerData["config"].(string) + if !ok { + return fmt.Errorf("api配置错误") + } + // 解析 JSON 配置 + var providerConfig map[string]string + err = json.Unmarshal([]byte(providerConfigStr), &providerConfig) + if err != nil { + return err + } + + switch cfg["site_id"].(type) { + case float64: + cfg["site_id"] = int64(cfg["site_id"].(float64)) + case string: + siteID, err := strconv.ParseInt(cfg["site_id"].(string), 10, 64) + if err != nil { + return fmt.Errorf("site_id 格式错误: %w", err) + } + cfg["site_id"] = siteID + case int: + cfg["site_id"] = cfg["site_id"].(int64) + default: + return fmt.Errorf("site_id 格式错误") + } + + client, err := CreateEsaClient(providerConfig["access_key_id"], providerConfig["access_key_secret"]) + if err != nil { + return fmt.Errorf("创建 ESA 客户端失败: %w", err) + } + certPEM, ok := cert["cert_pem"].(string) + if !ok { + return fmt.Errorf("证书内容不存在或格式错误") + } + privkeyPEM, ok := cert["privkey_pem"].(string) + if !ok { + return fmt.Errorf("私钥内容不存在或格式错误") + } + err = UploadCertToESA(client, cfg["site_id"].(int64), certPEM, privkeyPEM) + if err != nil { + return fmt.Errorf("上传证书到 ESA 失败: %w", err) + } + return nil +} diff --git a/backend/internal/cert/deploy/plugin/plugin.go b/backend/internal/cert/deploy/plugin/plugin.go index 3361bbb..aec1693 100644 --- a/backend/internal/cert/deploy/plugin/plugin.go +++ b/backend/internal/cert/deploy/plugin/plugin.go @@ -47,12 +47,12 @@ func scanPlugins(dir string) ([]PluginMetadata, error) { pluginRegistry = map[string]PluginMetadata{} // 清空旧的 var plugins []PluginMetadata _ = filepath.WalkDir(dir, func(path string, d fs.DirEntry, err error) error { - if err != nil || d.IsDir() || filepath.Ext(path) != ".exe" { + if err != nil || d.IsDir() { return nil } meta, err := getMetadata(path) if err != nil { - fmt.Println("❌ 插件无效:", path, "错误:", err) + fmt.Println("插件无效:", path, "错误:", err) return nil } meta.Path = path diff --git a/go.mod b/go.mod index 8a7e743..126370a 100644 --- a/go.mod +++ b/go.mod @@ -7,6 +7,7 @@ require ( github.com/alibabacloud-go/cas-20200407/v4 v4.0.0 github.com/alibabacloud-go/cdn-20180510/v6 v6.0.0 github.com/alibabacloud-go/darabonba-openapi/v2 v2.1.7 + github.com/alibabacloud-go/esa-20240910/v2 v2.34.0 github.com/alibabacloud-go/market-20151101/v4 v4.1.0 github.com/alibabacloud-go/openapi-util v0.1.1 github.com/alibabacloud-go/tea v1.3.9 @@ -45,6 +46,12 @@ require ( github.com/alibabacloud-go/alibabacloud-gateway-spi v0.0.5 // indirect github.com/alibabacloud-go/debug v1.0.1 // indirect github.com/alibabacloud-go/endpoint-util v1.1.0 // indirect + github.com/alibabacloud-go/openplatform-20191219/v2 v2.0.1 // indirect + github.com/alibabacloud-go/tea-fileform v1.1.1 // indirect + github.com/alibabacloud-go/tea-oss-sdk v1.1.5 // indirect + github.com/alibabacloud-go/tea-oss-utils v1.1.0 // indirect + github.com/alibabacloud-go/tea-utils v1.4.5 // indirect + github.com/alibabacloud-go/tea-xml v1.1.3 // indirect github.com/aliyun/alibaba-cloud-sdk-go v1.63.100 // indirect github.com/aliyun/credentials-go v1.4.6 // indirect github.com/aws/aws-sdk-go-v2 v1.36.3 // indirect diff --git a/go.sum b/go.sum index 66676aa..10ee474 100644 --- a/go.sum +++ b/go.sum @@ -93,6 +93,7 @@ github.com/alibabacloud-go/darabonba-encode-util v0.0.2 h1:1uJGrbsGEVqWcWxrS9MyC github.com/alibabacloud-go/darabonba-encode-util v0.0.2/go.mod h1:JiW9higWHYXm7F4PKuMgEUETNZasrDM6vqVr/Can7H8= github.com/alibabacloud-go/darabonba-map v0.0.2 h1:qvPnGB4+dJbJIxOOfawxzF3hzMnIpjmafa0qOTp6udc= github.com/alibabacloud-go/darabonba-map v0.0.2/go.mod h1:28AJaX8FOE/ym8OUFWga+MtEzBunJwQGceGQlvaPGPc= +github.com/alibabacloud-go/darabonba-openapi/v2 v2.0.0/go.mod h1:5JHVmnHvGzR2wNdgaW1zDLQG8kOC4Uec8ubkMogW7OQ= github.com/alibabacloud-go/darabonba-openapi/v2 v2.0.10/go.mod h1:26a14FGhZVELuz2cc2AolvW4RHmIO3/HRwsdHhaIPDE= github.com/alibabacloud-go/darabonba-openapi/v2 v2.0.11/go.mod h1:wHxkgZT1ClZdcwEVP/pDgYK/9HucsnCfMipmJgCz4xY= github.com/alibabacloud-go/darabonba-openapi/v2 v2.1.7 h1:ASXSBga98QrGMxbIThCD6jAti09gedLfvry6yJtsoBE= @@ -107,26 +108,44 @@ github.com/alibabacloud-go/debug v1.0.1 h1:MsW9SmUtbb1Fnt3ieC6NNZi6aEwrXfDksD4QA github.com/alibabacloud-go/debug v1.0.1/go.mod h1:8gfgZCCAC3+SCzjWtY053FrOcd4/qlH6IHTI4QyICOc= github.com/alibabacloud-go/endpoint-util v1.1.0 h1:r/4D3VSw888XGaeNpP994zDUaxdgTSHBbVfZlzf6b5Q= github.com/alibabacloud-go/endpoint-util v1.1.0/go.mod h1:O5FuCALmCKs2Ff7JFJMudHs0I5EBgecXXxZRyswlEjE= +github.com/alibabacloud-go/esa-20240910/v2 v2.34.0 h1:gOMggfYZzM6Wqy2yn06/nCJ0RKVMalIhoS+FxNpsq6Q= +github.com/alibabacloud-go/esa-20240910/v2 v2.34.0/go.mod h1:HZS5PmYJvcmH4vrJYuCvK3AnYzD9hLlO8CT0hgRyDXo= github.com/alibabacloud-go/market-20151101/v4 v4.1.0 h1:o5e9gCxVOKOGeslAFRtaRHsQAveH1i3aGFDNfyCUsVU= github.com/alibabacloud-go/market-20151101/v4 v4.1.0/go.mod h1:PCt2sE7Y0SknDc0oMxjdTmNCB1qGY4ZyREyiXjHvmY4= +github.com/alibabacloud-go/openapi-util v0.0.11/go.mod h1:sQuElr4ywwFRlCCberQwKRFhRzIyG4QTP/P4y1CJ6Ws= github.com/alibabacloud-go/openapi-util v0.1.0/go.mod h1:sQuElr4ywwFRlCCberQwKRFhRzIyG4QTP/P4y1CJ6Ws= github.com/alibabacloud-go/openapi-util v0.1.1 h1:ujGErJjG8ncRW6XtBBMphzHTvCxn4DjrVw4m04HsS28= github.com/alibabacloud-go/openapi-util v0.1.1/go.mod h1:/UehBSE2cf1gYT43GV4E+RxTdLRzURImCYY0aRmlXpw= +github.com/alibabacloud-go/openplatform-20191219/v2 v2.0.1 h1:L0TIjr9Qh/SLVc1yPhFkcB9+9SbCNK/jPq4ZKB5zmnc= +github.com/alibabacloud-go/openplatform-20191219/v2 v2.0.1/go.mod h1:EKxBRDLcMzwl4VLF/1WJwlByZZECJawPXUvinKMsTTs= github.com/alibabacloud-go/tea v1.1.0/go.mod h1:IkGyUSX4Ba1V+k4pCtJUc6jDpZLFph9QMy2VUPTwukg= github.com/alibabacloud-go/tea v1.1.7/go.mod h1:/tmnEaQMyb4Ky1/5D+SE1BAsa5zj/KeGOFfwYm3N/p4= github.com/alibabacloud-go/tea v1.1.8/go.mod h1:/tmnEaQMyb4Ky1/5D+SE1BAsa5zj/KeGOFfwYm3N/p4= +github.com/alibabacloud-go/tea v1.1.10/go.mod h1:/tmnEaQMyb4Ky1/5D+SE1BAsa5zj/KeGOFfwYm3N/p4= github.com/alibabacloud-go/tea v1.1.11/go.mod h1:/tmnEaQMyb4Ky1/5D+SE1BAsa5zj/KeGOFfwYm3N/p4= github.com/alibabacloud-go/tea v1.1.17/go.mod h1:nXxjm6CIFkBhwW4FQkNrolwbfon8Svy6cujmKFUq98A= +github.com/alibabacloud-go/tea v1.1.19/go.mod h1:nXxjm6CIFkBhwW4FQkNrolwbfon8Svy6cujmKFUq98A= github.com/alibabacloud-go/tea v1.1.20/go.mod h1:nXxjm6CIFkBhwW4FQkNrolwbfon8Svy6cujmKFUq98A= github.com/alibabacloud-go/tea v1.2.2/go.mod h1:CF3vOzEMAG+bR4WOql8gc2G9H3EkH3ZLAQdpmpXMgwk= github.com/alibabacloud-go/tea v1.3.8/go.mod h1:A560v/JTQ1n5zklt2BEpurJzZTI8TUT+Psg2drWlxRg= github.com/alibabacloud-go/tea v1.3.9 h1:bjgt1bvdY780vz/17iWNNtbXl4A77HWntWMeaUF3So0= github.com/alibabacloud-go/tea v1.3.9/go.mod h1:A560v/JTQ1n5zklt2BEpurJzZTI8TUT+Psg2drWlxRg= +github.com/alibabacloud-go/tea-fileform v1.1.1 h1:1YG6erAP3joQ0XdCXYIotuD7zyOM6qCR49xkp5FZDeU= +github.com/alibabacloud-go/tea-fileform v1.1.1/go.mod h1:ZeCV91o4ISmxidd686f0ebdS5EDHWU+vW+TkjLhrsFE= +github.com/alibabacloud-go/tea-oss-sdk v1.1.5 h1:CFUFcqanvBaoGN/CyTHUZrVNtFZd1WTjem46m0HTTV0= +github.com/alibabacloud-go/tea-oss-sdk v1.1.5/go.mod h1:5fhlKMa/kWRJNgPYRt+5qSg3UidRvNbf9Z2bI8Dp5/s= +github.com/alibabacloud-go/tea-oss-utils v1.1.0 h1:y65crjjcZ2Pbb6UZtC2deuIZHDVTS3IaDWE7M9nVLRc= +github.com/alibabacloud-go/tea-oss-utils v1.1.0/go.mod h1:PFCF12e9yEKyBUIn7X1IrF/pNjvxgkHy0CgxX4+xRuY= github.com/alibabacloud-go/tea-utils v1.3.1/go.mod h1:EI/o33aBfj3hETm4RLiAxF/ThQdSngxrpF8rKUDJjPE= +github.com/alibabacloud-go/tea-utils v1.4.5 h1:h0/6Xd2f3bPE4XHTvkpjwxowIwRCJAJOqY6Eq8f3zfA= +github.com/alibabacloud-go/tea-utils v1.4.5/go.mod h1:KNcT0oXlZZxOXINnZBs6YvgOd5aYp9U67G+E3R8fcQw= +github.com/alibabacloud-go/tea-utils/v2 v2.0.0/go.mod h1:U5MTY10WwlquGPS34DOeomUGBB0gXbLueiq5Trwu0C4= github.com/alibabacloud-go/tea-utils/v2 v2.0.5/go.mod h1:dL6vbUT35E4F4bFTHL845eUloqaerYBYPsdWR2/jhe4= github.com/alibabacloud-go/tea-utils/v2 v2.0.6/go.mod h1:qxn986l+q33J5VkialKMqT/TTs3E+U9MJpd001iWQ9I= github.com/alibabacloud-go/tea-utils/v2 v2.0.7 h1:WDx5qW3Xa5ZgJ1c8NfqJkF6w+AU5wB8835UdhPr6Ax0= github.com/alibabacloud-go/tea-utils/v2 v2.0.7/go.mod h1:qxn986l+q33J5VkialKMqT/TTs3E+U9MJpd001iWQ9I= +github.com/alibabacloud-go/tea-xml v1.1.2/go.mod h1:Rq08vgCcCAjHyRi/M7xlHKUykZCEtyBy9+DPF6GgEu8= +github.com/alibabacloud-go/tea-xml v1.1.3 h1:7LYnm+JbOq2B+T/B0fHC4Ies4/FofC4zHzYtqw7dgt0= github.com/alibabacloud-go/tea-xml v1.1.3/go.mod h1:Rq08vgCcCAjHyRi/M7xlHKUykZCEtyBy9+DPF6GgEu8= github.com/alibabacloud-go/waf-openapi-20211001/v5 v5.1.2 h1:CmhJzCZ5RiSiWU6BV2XJUtIMD2LDo9FFfqlYGtx1aAw= github.com/alibabacloud-go/waf-openapi-20211001/v5 v5.1.2/go.mod h1:9itYSTzipL3NlvhvNYfTjFaapoZzG68nlu/KUdh9SpA=