From 2eb0e54909d8ad36708e07c12fd598998159bc43 Mon Sep 17 00:00:00 2001 From: xiaojunnuo Date: Fri, 6 Jun 2025 15:12:24 +0800 Subject: [PATCH] =?UTF-8?q?perf:=20=E8=AF=81=E4=B9=A6=E7=94=B3=E8=AF=B7?= =?UTF-8?q?=E6=94=AF=E6=8C=81letencrypt=20profile=E9=80=89=E9=A1=B9?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- packages/core/acme-client/src/auto.js | 3 + packages/core/acme-client/src/client.js | 2 + packages/core/acme-client/types/index.d.ts | 1 + .../src/plugin/cert-plugin/acme.ts | 4 +- .../src/plugin/cert-plugin/index.ts | 25 ++++++ pnpm-lock.yaml | 82 +++++++++---------- 6 files changed, 75 insertions(+), 42 deletions(-) diff --git a/packages/core/acme-client/src/auto.js b/packages/core/acme-client/src/auto.js index ddaa7d54..99e61411 100644 --- a/packages/core/acme-client/src/auto.js +++ b/packages/core/acme-client/src/auto.js @@ -75,6 +75,9 @@ export default async (client, userOpts) => { log("[auto] Placing new certificate order with ACME provider"); const orderPayload = { identifiers: uniqueDomains.map((d) => ({ type: "dns", value: d })) }; + if (opts.profile && client.sslProvider === 'letsencrypt' ){ + orderPayload.profile = opts.profile; + } const order = await client.createOrder(orderPayload); const authorizations = await client.getAuthorizations(order); diff --git a/packages/core/acme-client/src/client.js b/packages/core/acme-client/src/client.js index 9f8b81e0..f6b389fa 100644 --- a/packages/core/acme-client/src/client.js +++ b/packages/core/acme-client/src/client.js @@ -90,10 +90,12 @@ const defaultOpts = { */ class AcmeClient { + sslProvider constructor(opts) { if (!Buffer.isBuffer(opts.accountKey)) { opts.accountKey = Buffer.from(opts.accountKey); } + this.sslProvider = opts.sslProvider; this.opts = { ...defaultOpts, ...opts }; this.backoffOpts = { diff --git a/packages/core/acme-client/types/index.d.ts b/packages/core/acme-client/types/index.d.ts index 4974baa5..dfae2d20 100644 --- a/packages/core/acme-client/types/index.d.ts +++ b/packages/core/acme-client/types/index.d.ts @@ -66,6 +66,7 @@ export interface ClientAutoOptions { challengePriority?: string[]; preferredChain?: string; signal?: AbortSignal; + profile?:string; } export class Client { diff --git a/packages/plugins/plugin-cert/src/plugin/cert-plugin/acme.ts b/packages/plugins/plugin-cert/src/plugin/cert-plugin/acme.ts index d9774786..c12a8d08 100644 --- a/packages/plugins/plugin-cert/src/plugin/cert-plugin/acme.ts +++ b/packages/plugins/plugin-cert/src/plugin/cert-plugin/acme.ts @@ -327,8 +327,9 @@ export class AcmeService { csrInfo: any; isTest?: boolean; privateKeyType?: string; + profile?: string; }): Promise { - const { email, isTest, csrInfo, dnsProvider, domainsVerifyPlan } = options; + const { email, isTest, csrInfo, dnsProvider, domainsVerifyPlan, profile } = options; const client: acme.Client = await this.getAcmeClient(email, isTest); let domains = options.domains; @@ -400,6 +401,7 @@ export class AcmeService { return await this.challengeRemoveFn(authz, challenge, keyAuthorization, recordReq, recordRes, dnsProvider, httpUploader); }, signal: this.options.signal, + profile, }); const crtString = crt.toString(); diff --git a/packages/plugins/plugin-cert/src/plugin/cert-plugin/index.ts b/packages/plugins/plugin-cert/src/plugin/cert-plugin/index.ts index 54562740..b1e61e0b 100644 --- a/packages/plugins/plugin-cert/src/plugin/cert-plugin/index.ts +++ b/packages/plugins/plugin-cert/src/plugin/cert-plugin/index.ts @@ -248,6 +248,30 @@ export class CertApplyPlugin extends CertApplyBasePlugin { }) privateKeyType!: PrivateKeyType; + @TaskInput({ + title: "证书配置", + value: "classic", + component: { + name: "a-select", + vModel: "value", + options: [ + { value: "classic", label: "经典(classic)" }, + { value: "tlsserver", label: "TLS服务器(tlsserver)" }, + { value: "shortlived", label: "短暂的(shortlived)" }, + ], + }, + helper: "如无特殊需求,默认即可", + required: false, + mergeScript: ` + return { + show: ctx.compute(({form})=>{ + return form.sslProvider === 'letsencrypt' + }) + } + `, + }) + certProfile!: string; + @TaskInput({ title: "使用代理", value: false, @@ -395,6 +419,7 @@ export class CertApplyPlugin extends CertApplyBasePlugin { csrInfo, isTest: false, privateKeyType: this.privateKeyType, + profile: this.certProfile, }); const certInfo = this.formatCerts(cert); diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml index eede6c1b..bdb5ca9a 100644 --- a/pnpm-lock.yaml +++ b/pnpm-lock.yaml @@ -46,7 +46,7 @@ importers: packages/core/acme-client: dependencies: '@certd/basic': - specifier: ^1.34.11 + specifier: ^1.35.0 version: link:../basic '@peculiar/x509': specifier: ^1.11.0 @@ -207,10 +207,10 @@ importers: packages/core/pipeline: dependencies: '@certd/basic': - specifier: ^1.34.11 + specifier: ^1.35.0 version: link:../basic '@certd/plus-core': - specifier: ^1.34.11 + specifier: ^1.35.0 version: link:../../pro/plus-core dayjs: specifier: ^1.11.7 @@ -415,7 +415,7 @@ importers: packages/libs/lib-k8s: dependencies: '@certd/basic': - specifier: ^1.34.11 + specifier: ^1.35.0 version: link:../../core/basic '@kubernetes/client-node': specifier: 0.21.0 @@ -455,16 +455,16 @@ importers: packages/libs/lib-server: dependencies: '@certd/acme-client': - specifier: ^1.34.11 + specifier: ^1.35.0 version: link:../../core/acme-client '@certd/basic': - specifier: ^1.34.11 + specifier: ^1.35.0 version: link:../../core/basic '@certd/pipeline': - specifier: ^1.34.11 + specifier: ^1.35.0 version: link:../../core/pipeline '@certd/plus-core': - specifier: ^1.34.11 + specifier: ^1.35.0 version: link:../../pro/plus-core '@midwayjs/cache': specifier: ~3.14.0 @@ -607,16 +607,16 @@ importers: packages/plugins/plugin-cert: dependencies: '@certd/acme-client': - specifier: ^1.34.11 + specifier: ^1.35.0 version: link:../../core/acme-client '@certd/basic': - specifier: ^1.34.11 + specifier: ^1.35.0 version: link:../../core/basic '@certd/pipeline': - specifier: ^1.34.11 + specifier: ^1.35.0 version: link:../../core/pipeline '@certd/plugin-lib': - specifier: ^1.34.11 + specifier: ^1.35.0 version: link:../plugin-lib '@google-cloud/publicca': specifier: ^1.3.0 @@ -695,10 +695,10 @@ importers: specifier: ^3.787.0 version: 3.810.0(aws-crt@1.26.2) '@certd/basic': - specifier: ^1.34.11 + specifier: ^1.35.0 version: link:../../core/basic '@certd/pipeline': - specifier: ^1.34.11 + specifier: ^1.35.0 version: link:../../core/pipeline '@kubernetes/client-node': specifier: 0.21.0 @@ -786,19 +786,19 @@ importers: packages/pro/commercial-core: dependencies: '@certd/basic': - specifier: ^1.34.11 + specifier: ^1.35.0 version: link:../../core/basic '@certd/lib-server': - specifier: ^1.34.11 + specifier: ^1.35.0 version: link:../../libs/lib-server '@certd/pipeline': - specifier: ^1.34.11 + specifier: ^1.35.0 version: link:../../core/pipeline '@certd/plugin-plus': - specifier: ^1.34.11 + specifier: ^1.35.0 version: link:../plugin-plus '@certd/plus-core': - specifier: ^1.34.11 + specifier: ^1.35.0 version: link:../plus-core '@midwayjs/core': specifier: ~3.20.3 @@ -883,22 +883,22 @@ importers: specifier: ^1.0.2 version: 1.0.3 '@certd/basic': - specifier: ^1.34.11 + specifier: ^1.35.0 version: link:../../core/basic '@certd/lib-k8s': - specifier: ^1.34.11 + specifier: ^1.35.0 version: link:../../libs/lib-k8s '@certd/pipeline': - specifier: ^1.34.11 + specifier: ^1.35.0 version: link:../../core/pipeline '@certd/plugin-cert': - specifier: ^1.34.11 + specifier: ^1.35.0 version: link:../../plugins/plugin-cert '@certd/plugin-lib': - specifier: ^1.34.11 + specifier: ^1.35.0 version: link:../../plugins/plugin-lib '@certd/plus-core': - specifier: ^1.34.11 + specifier: ^1.35.0 version: link:../plus-core ali-oss: specifier: ^6.21.0 @@ -1001,7 +1001,7 @@ importers: packages/pro/plus-core: dependencies: '@certd/basic': - specifier: ^1.34.11 + specifier: ^1.35.0 version: link:../../core/basic dayjs: specifier: ^1.11.7 @@ -1291,10 +1291,10 @@ importers: version: 0.1.3(zod@3.24.4) devDependencies: '@certd/lib-iframe': - specifier: ^1.34.11 + specifier: ^1.35.0 version: link:../../libs/lib-iframe '@certd/pipeline': - specifier: ^1.34.11 + specifier: ^1.35.0 version: link:../../core/pipeline '@rollup/plugin-commonjs': specifier: ^25.0.7 @@ -1477,46 +1477,46 @@ importers: specifier: ^3.705.0 version: 3.810.0(aws-crt@1.26.2) '@certd/acme-client': - specifier: ^1.34.11 + specifier: ^1.35.0 version: link:../../core/acme-client '@certd/basic': - specifier: ^1.34.11 + specifier: ^1.35.0 version: link:../../core/basic '@certd/commercial-core': - specifier: ^1.34.11 + specifier: ^1.35.0 version: link:../../pro/commercial-core '@certd/cv4pve-api-javascript': specifier: ^8.4.1 version: 8.4.1 '@certd/jdcloud': - specifier: ^1.34.11 + specifier: ^1.35.0 version: link:../../libs/lib-jdcloud '@certd/lib-huawei': - specifier: ^1.34.11 + specifier: ^1.35.0 version: link:../../libs/lib-huawei '@certd/lib-k8s': - specifier: ^1.34.11 + specifier: ^1.35.0 version: link:../../libs/lib-k8s '@certd/lib-server': - specifier: ^1.34.11 + specifier: ^1.35.0 version: link:../../libs/lib-server '@certd/midway-flyway-js': - specifier: ^1.34.11 + specifier: ^1.35.0 version: link:../../libs/midway-flyway-js '@certd/pipeline': - specifier: ^1.34.11 + specifier: ^1.35.0 version: link:../../core/pipeline '@certd/plugin-cert': - specifier: ^1.34.11 + specifier: ^1.35.0 version: link:../../plugins/plugin-cert '@certd/plugin-lib': - specifier: ^1.34.11 + specifier: ^1.35.0 version: link:../../plugins/plugin-lib '@certd/plugin-plus': - specifier: ^1.34.11 + specifier: ^1.35.0 version: link:../../pro/plugin-plus '@certd/plus-core': - specifier: ^1.34.11 + specifier: ^1.35.0 version: link:../../pro/plus-core '@huaweicloud/huaweicloud-sdk-cdn': specifier: ^3.1.120