perf: 支持威联通证书部署

2024-11-29 11:57:41 +08:00 · 2024-11-29 11:57:41 +08:00 · 0d8913ea2f
parent 387bcc5fa4
commit 0d8913ea2f
3 changed files with 87 additions and 0 deletions
--- a/packages/ui/certd-server/src/plugins/plugin-qnap/index.ts
+++ b/packages/ui/certd-server/src/plugins/plugin-qnap/index.ts
@ -0,0 +1 @@
+export * from './plugins/index.js';
--- a/packages/ui/certd-server/src/plugins/plugin-qnap/plugins/index.ts
+++ b/packages/ui/certd-server/src/plugins/plugin-qnap/plugins/index.ts
@ -0,0 +1 @@
+export * from './plugin-qnap.js';
--- a/packages/ui/certd-server/src/plugins/plugin-qnap/plugins/plugin-qnap.ts
+++ b/packages/ui/certd-server/src/plugins/plugin-qnap/plugins/plugin-qnap.ts
@ -0,0 +1,85 @@
+import { IsTaskPlugin, pluginGroups, RunStrategy, TaskInput } from '@certd/pipeline';
+import { CertInfo } from '@certd/plugin-cert';
+import { AbstractPlusTaskPlugin } from '@certd/plugin-plus';
+import { SshAccess, SshClient } from '../../plugin-host/index.js';
+import { tmpdir } from 'node:os';
+import fs from 'fs';
+
+@IsTaskPlugin({
+  name: 'QnapDeploy',
+  title: '部署证书到威联通',
+  icon: 'simple-icons:qnap',
+  group: pluginGroups.panel.key,
+  desc: '部署证书到qnap',
+  default: {
+    strategy: {
+      runStrategy: RunStrategy.SkipWhenSucceed,
+    },
+  },
+  needPlus: true,
+})
+export class QnapDeploy extends AbstractPlusTaskPlugin {
+  //证书选择，此项必须要有
+  @TaskInput({
+    title: '域名证书',
+    helper: '请选择前置任务输出的域名证书',
+    component: {
+      name: 'output-selector',
+      from: ['CertApply', 'CertApplyLego'],
+    },
+    required: true,
+  })
+  cert!: CertInfo;
+
+  //授权选择框
+  @TaskInput({
+    title: 'ssh登录授权',
+    helper: 'ssh登录授权',
+    component: {
+      name: 'access-selector',
+      type: 'ssh',
+    },
+    required: true,
+  })
+  accessId!: string;
+
+  async onInstance() {}
+  async execute(): Promise<void> {
+    const { cert, accessId } = this;
+
+    if (!accessId) {
+      throw new Error('主机登录授权配置不能为空');
+    }
+
+    const connectConf = await this.ctx.accessService.getById<SshAccess>(accessId);
+    const sshClient = new SshClient(this.logger);
+    //合并证书
+    const newCert = cert.key + '\n' + cert.crt;
+    const tmpCertPath = tmpdir() + '/certd/cert.pem';
+    fs.writeFileSync(tmpCertPath, newCert);
+    const targetPath = '/etc/stunnel/stunnel.pem';
+    this.logger.info(`准备上传证书到服务器:${targetPath}`);
+
+    const transports: any = [];
+    transports.push({
+      localPath: tmpCertPath,
+      remotePath: targetPath,
+    });
+    this.logger.info('开始上传文件到服务器');
+    await sshClient.uploadFiles({
+      connectConf,
+      transports,
+      mkdirs: true,
+    });
+    this.logger.info('上传文件到服务器成功');
+    //重启服务
+    const restartCmd = '/bin/bash /etc/init.d/stunnel.sh restart';
+    this.logger.info('重启stunnel服务');
+    await sshClient.exec({
+      connectConf,
+      script: [restartCmd],
+    });
+    this.logger.info('执行成功');
+  }
+}
+new QnapDeploy();