diff --git a/backend/app/api/login.go b/backend/app/api/login.go index 4ec3e27..7437825 100644 --- a/backend/app/api/login.go +++ b/backend/app/api/login.go @@ -26,7 +26,7 @@ func Sign(c *gin.Context) { form.Code = strings.TrimSpace(form.Code) // 从数据库拿用户 - s, err := public.NewSqlite("data/data.db", "") + s, err := public.NewSqlite("data/settings.db", "") if err != nil { // c.JSON(http.StatusBadRequest, public.ResERR(err.Error())) public.FailMsg(c, err.Error()) diff --git a/backend/internal/access/eab.go b/backend/internal/access/eab.go index 0fc9707..11a3bc7 100644 --- a/backend/internal/access/eab.go +++ b/backend/internal/access/eab.go @@ -6,7 +6,7 @@ import ( ) func GetSqliteEAB() (*public.Sqlite, error) { - s, err := public.NewSqlite("data/data.db", "") + s, err := public.NewSqlite("data/accounts.db", "") if err != nil { return nil, err } diff --git a/backend/internal/cert/apply/apply.go b/backend/internal/cert/apply/apply.go index 9307ee5..5b5308e 100644 --- a/backend/internal/cert/apply/apply.go +++ b/backend/internal/cert/apply/apply.go @@ -9,12 +9,14 @@ import ( "crypto/rand" "encoding/json" "fmt" + azcorecloud "github.com/Azure/azure-sdk-for-go/sdk/azcore/cloud" "github.com/go-acme/lego/v4/certcrypto" "github.com/go-acme/lego/v4/certificate" "github.com/go-acme/lego/v4/challenge" "github.com/go-acme/lego/v4/challenge/dns01" "github.com/go-acme/lego/v4/lego" "github.com/go-acme/lego/v4/providers/dns/alidns" + "github.com/go-acme/lego/v4/providers/dns/azuredns" "github.com/go-acme/lego/v4/providers/dns/baiducloud" "github.com/go-acme/lego/v4/providers/dns/cloudflare" "github.com/go-acme/lego/v4/providers/dns/cloudns" @@ -53,7 +55,7 @@ var CADirURLMap = map[string]string{ } func GetSqlite() (*public.Sqlite, error) { - s, err := public.NewSqlite("data/data.db", "") + s, err := public.NewSqlite("data/accounts.db", "") if err != nil { return nil, err } @@ -119,11 +121,27 @@ func GetDNSProvider(providerName string, creds map[string]string) (challenge.Pro config.AuthID = creds["auth_id"] config.AuthPassword = creds["auth_password"] return cloudns.NewDNSProviderConfig(config) - case "route53": + case "aws": config := route53.NewDefaultConfig() config.AccessKeyID = creds["access_key_id"] config.SecretAccessKey = creds["secret_access_key"] return route53.NewDNSProviderConfig(config) + case "azure": + config := azuredns.NewDefaultConfig() + config.TenantID = creds["tenant_id"] + config.ClientID = creds["client_id"] + config.ClientSecret = creds["client_secret"] + switch strings.ToLower(creds["environment"]) { + case "", "default", "public", "azurecloud": + config.Environment = azcorecloud.AzurePublic + case "china", "chinacloud", "azurechina", "azurechinacloud": + config.Environment = azcorecloud.AzureChina + case "usgovernment", "government", "azureusgovernment", "azuregovernment": + config.Environment = azcorecloud.AzureGovernment + default: + return nil, fmt.Errorf("不支持的 Azure 环境: %s", creds["environment"]) + } + return azuredns.NewDNSProviderConfig(config) default: return nil, fmt.Errorf("不支持的 DNS Provider: %s", providerName) diff --git a/backend/internal/cert/deploy/deploy.go b/backend/internal/cert/deploy/deploy.go index 06cbbca..802eea7 100644 --- a/backend/internal/cert/deploy/deploy.go +++ b/backend/internal/cert/deploy/deploy.go @@ -75,6 +75,9 @@ func Deploy(cfg map[string]any, logger *public.Logger) error { case "baidu-cdn": logger.Debug("部署到百度云CDN...") return DeployBaiduCdn(cfg) + case "huaweicloud-cdn": + logger.Debug("部署到华为云CDN...") + return DeployHwCdn(cfg) default: return fmt.Errorf("不支持的部署: %s", providerName) } diff --git a/backend/internal/cert/deploy/huaweicloud.go b/backend/internal/cert/deploy/huaweicloud.go new file mode 100644 index 0000000..0dcde67 --- /dev/null +++ b/backend/internal/cert/deploy/huaweicloud.go @@ -0,0 +1,104 @@ +package deploy + +import ( + "ALLinSSL/backend/internal/access" + "encoding/json" + "fmt" + "github.com/huaweicloud/huaweicloud-sdk-go-v3/core/auth/global" + cdn "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/cdn/v2" + "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/cdn/v2/model" + region "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/cdn/v2/region" + "strconv" + "time" +) + +func CreateHwAuth(accessKey, accessSecret string) (*global.Credentials, error) { + return global.NewCredentialsBuilder().WithAk(accessKey).WithSk(accessSecret).SafeBuild() +} + +func ClientHwCdn(auth *global.Credentials) (*cdn.CdnClient, error) { + if auth == nil { + return nil, fmt.Errorf("authentication credentials cannot be nil") + } + Region, err := region.SafeValueOf("cn-north-1") + if err != nil { + return nil, fmt.Errorf("failed to get region: %v", err) + } + builder, err := cdn.CdnClientBuilder().WithRegion(Region).WithCredential(auth).SafeBuild() + if err != nil { + return nil, fmt.Errorf("failed to build CDN client: %v", err) + } + return cdn.NewCdnClient(builder), nil +} + +func DeployHwCdn(cfg map[string]any) error { + cert, ok := cfg["certificate"].(map[string]any) + if !ok { + return fmt.Errorf("证书不存在") + } + var providerID string + switch v := cfg["provider_id"].(type) { + case float64: + providerID = strconv.Itoa(int(v)) + case string: + providerID = v + default: + return fmt.Errorf("参数错误:provider_id") + } + domain, ok := cfg["domain"].(string) + if !ok { + return fmt.Errorf("参数错误:domain") + } + // 设置证书 + keyPem, ok := cert["key"].(string) + if !ok { + return fmt.Errorf("证书错误:key") + } + certPem, ok := cert["cert"].(string) + if !ok { + return fmt.Errorf("证书错误:cert") + } + + providerData, err := access.GetAccess(providerID) + if err != nil { + return err + } + providerConfigStr, ok := providerData["config"].(string) + if !ok { + return fmt.Errorf("api配置错误") + } + // 解析 JSON 配置 + var providerConfig map[string]string + err = json.Unmarshal([]byte(providerConfigStr), &providerConfig) + if err != nil { + return err + } + + auth, err := CreateHwAuth(providerConfig["access_key"], providerConfig["secret_key"]) + if err != nil { + return err + } + client, err := ClientHwCdn(auth) + if err != nil { + return err + } + request := &model.UpdateDomainMultiCertificatesRequest{} + certNameHttps := fmt.Sprintf("ALLinSSL(%s)", time.Now().String()) + httpsbody := &model.UpdateDomainMultiCertificatesRequestBodyContent{ + DomainName: domain, + HttpsSwitch: int32(1), + CertName: &certNameHttps, + Certificate: &certPem, + PrivateKey: &keyPem, + } + request.Body = &model.UpdateDomainMultiCertificatesRequestBody{ + Https: httpsbody, + } + response, err := client.UpdateDomainMultiCertificates(request) + if err == nil { + fmt.Printf("%+v\n", response) + } else { + return fmt.Errorf("failed to update domain multi certificates: %v", err) + } + return nil +} diff --git a/backend/internal/setting/setting.go b/backend/internal/setting/setting.go index 124630c..6b782fe 100644 --- a/backend/internal/setting/setting.go +++ b/backend/internal/setting/setting.go @@ -39,7 +39,7 @@ func Get() (Setting, error) { } setting.Key = string(key) setting.Cert = string(cert) - s, err := public.NewSqlite("data/data.db", "") + s, err := public.NewSqlite("data/settings.db", "") if err != nil { return setting, err } @@ -61,7 +61,7 @@ func Save(setting *Setting) error { var restart bool var reload bool - s, err := public.NewSqlite("data/data.db", "") + s, err := public.NewSqlite("data/settings.db", "") if err != nil { return err } diff --git a/backend/migrations/init.go b/backend/migrations/init.go index 7173120..d8d18a8 100644 --- a/backend/migrations/init.go +++ b/backend/migrations/init.go @@ -43,19 +43,6 @@ func init() { // 创建表 _, err = db.Exec(` PRAGMA journal_mode=WAL; - - create table IF NOT EXISTS _accounts - ( - id integer not null - constraint _accounts_pk - primary key autoincrement, - private_key TEXT not null, - reg TEXT not null, - email TEXT not null, - create_time TEXT, - update_time TEXT, - type TEXT - ); create table IF NOT EXISTS access ( @@ -111,33 +98,6 @@ func init() { name TEXT ); - create table IF NOT EXISTS settings - ( - id integer - constraint settings_pk - primary key, - key TEXT, - value TEXT, - create_time TEXT not null, - update_time TEXT not null, - active integer not null, - type TEXT - ); - - - create table IF NOT EXISTS users - ( - id integer not null - constraint users_pk - primary key autoincrement, - username TEXT not null - constraint users_pk2 - unique, - password TEXT not null, - salt TEXT default '' not null - ); - - create table IF NOT EXISTS workflow ( id integer not null @@ -177,20 +137,6 @@ func init() { primary key (id, workflow_id) ); - create table IF NOT EXISTS _eab - ( - id integer not null - constraint _eab_pk - primary key autoincrement, - name TEXT, - Kid TEXT not null, - HmacEncoded TEXT not null, - ca TEXT not null, - create_time TEXT, - update_time TEXT, - mail TEXT not null - ); - `) insertDefaultData(db, "users", "INSERT INTO users (id, username, password, salt) VALUES (1, 'admin', 'xxxxxxx', '&*ghs^&%dag');") insertDefaultData(db, "access_type", ` @@ -242,6 +188,12 @@ INSERT INTO settings (key, value, create_time, update_time, active, type) VALUES // godaddy InsertIfNotExists(db, "access_type", map[string]any{"name": "godaddy", "type": "dns"}, []string{"name", "type"}, []any{"godaddy", "dns"}) + InsertIfNotExists(db, "access_type", map[string]any{"name": "namecheap", "type": "dns"}, []string{"name", "type"}, []any{"namecheap", "dns"}) + InsertIfNotExists(db, "access_type", map[string]any{"name": "ns1", "type": "dns"}, []string{"name", "type"}, []any{"ns1", "dns"}) + InsertIfNotExists(db, "access_type", map[string]any{"name": "cloudns", "type": "dns"}, []string{"name", "type"}, []any{"cloudns", "dns"}) + InsertIfNotExists(db, "access_type", map[string]any{"name": "aws", "type": "dns"}, []string{"name", "type"}, []any{"aws", "dns"}) + InsertIfNotExists(db, "access_type", map[string]any{"name": "azure", "type": "dns"}, []string{"name", "type"}, []any{"azure", "dns"}) + err = sqlite_migrate.EnsureDatabaseWithTables( "data/site_monitor.db", "data/data.db", @@ -283,6 +235,97 @@ INSERT INTO settings (key, value, create_time, update_time, active, type) VALUES repeat_send_gap INTEGER ); `) + + err = sqlite_migrate.EnsureDatabaseWithTables( + "data/settings.db", + "data/data.db", + []string{"settings", "users"}, // 你要迁移的表 + ) + if err != nil { + fmt.Println("错误:", err) + } + dbSetting, err := public.NewSqlite("data/settings.db", "") + if err != nil { + //fmt.Println("创建 settings 数据库失败:", err) + return + } + defer dbSetting.Close() + // 创建表 + _, err = db1.Exec(` + PRAGMA journal_mode=WAL; + + create table IF NOT EXISTS settings + ( + id integer + constraint settings_pk + primary key, + key TEXT, + value TEXT, + create_time TEXT not null, + update_time TEXT not null, + active integer not null, + type TEXT + ); + + create table IF NOT EXISTS users + ( + id integer not null + constraint users_pk + primary key autoincrement, + username TEXT not null + constraint users_pk2 + unique, + password TEXT not null, + salt TEXT default '' not null + ); + `) + + err = sqlite_migrate.EnsureDatabaseWithTables( + "data/accounts.db", + "data/data.db", + []string{"_accounts", "_eab"}, // 你要迁移的表 + ) + if err != nil { + fmt.Println("错误:", err) + } + dbAcc, err := public.NewSqlite("data/accounts.db", "") + if err != nil { + //fmt.Println("创建 settings 数据库失败:", err) + return + } + defer dbAcc.Close() + // 创建表 + _, err = db1.Exec(` + PRAGMA journal_mode=WAL; + + create table IF NOT EXISTS _accounts + ( + id integer not null + constraint _accounts_pk + primary key autoincrement, + private_key TEXT not null, + reg TEXT not null, + email TEXT not null, + create_time TEXT, + update_time TEXT, + type TEXT + ); + + create table IF NOT EXISTS _eab + ( + id integer not null + constraint _eab_pk + primary key autoincrement, + name TEXT, + Kid TEXT not null, + HmacEncoded TEXT not null, + ca TEXT not null, + create_time TEXT, + update_time TEXT, + mail TEXT not null + ); + + `) } func insertDefaultData(db *sql.DB, table, insertSQL string) { diff --git a/backend/public/utils.go b/backend/public/utils.go index ec48180..7ba8f6c 100644 --- a/backend/public/utils.go +++ b/backend/public/utils.go @@ -18,7 +18,7 @@ const defaultCharset = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123 // GetSettingIgnoreError 获取系统配置-忽略错误 func GetSettingIgnoreError(key string) string { - s, err := NewSqlite("data/data.db", "") + s, err := NewSqlite("data/settings.db", "") if err != nil { return "" } @@ -39,7 +39,7 @@ func GetSettingIgnoreError(key string) string { } func UpdateSetting(key, val string) error { - s, err := NewSqlite("data/data.db", "") + s, err := NewSqlite("data/settings.db", "") if err != nil { return err } @@ -53,7 +53,7 @@ func UpdateSetting(key, val string) error { } func GetSettingsFromType(typ string) ([]map[string]any, error) { - db := "data/data.db" + db := "data/settings.db" s, err := NewSqlite(db, "") if err != nil { return nil, err diff --git a/cmd/main.go b/cmd/main.go index 03a9646..ec26978 100644 --- a/cmd/main.go +++ b/cmd/main.go @@ -109,7 +109,7 @@ func main() { fmt.Println("用户名至少需要5位") return } - s, err := public.NewSqlite("data/data.db", "") + s, err := public.NewSqlite("data/settings.db", "") if err != nil { fmt.Println(err) return @@ -136,7 +136,7 @@ func main() { fmt.Println("密码至少需要8位") return } - s, err := public.NewSqlite("data/data.db", "") + s, err := public.NewSqlite("data/settings.db", "") if err != nil { fmt.Println(err) return @@ -257,7 +257,7 @@ func main() { } publicAddr := fmt.Sprintf("%s://%s:%s%s", http, publicIp, public.Port, public.Secure) - s, err := public.NewSqlite("data/data.db", "") + s, err := public.NewSqlite("data/settings.db", "") if err != nil { fmt.Println(err) return