github
/
certd
mirror of https://github.com/certd/certd
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

perf: 自动生成jwtkey,无需手动配置

pull/101/head
xiaojunnuo 2024-07-15 01:29:19 +08:00
parent 485e603b51
commit 390e4853a5
8 changed files with 65 additions and 30 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.gitignore vendored
View File

@ -37,3 +37,5 @@ docker/image/workspace
tsconfig.tsbuildinfo tsconfig.tsbuildinfo
test/**/*.js test/**/*.js
/packages/ui/certd-server/data/db.sqlite
/packages/ui/certd-server/data/keys.yaml

18
README.md
View File

@ -64,22 +64,23 @@ wget https://raw.githubusercontent.com/certd/certd/v2/docker/run/docker-compose.
# 或者使用gitee地址 # 或者使用gitee地址
wget https://gitee.com/certd/certd/raw/v2/docker/run/docker-compose.yaml wget https://gitee.com/certd/certd/raw/v2/docker/run/docker-compose.yaml
# 根据需要修改里面的配置 # 可以根据需要修改里面的配置
# 1.修改镜像版本号【可选】 # 1.修改镜像版本号【可选】
# 2.配置数据保存路径【可选】 # 2.配置数据保存路径【可选】
# 3.配置certd_auth_jwt_secret【必须 # 3.修改端口号【可选
vi docker-compose.yaml vi docker-compose.yaml
``` ```
> 镜像版本号与release版本号同步
https://github.com/certd/certd/releases
### 3. 运行 ### 3. 运行
当前版本号: ![](https://img.shields.io/npm/v/%40certd%2Fpipeline)
```bash ```bash
# 如果docker compose是插件化安装 # 设置镜像版本号环境变量如果docker-compose.yaml中已经修改请忽略这条命令
export CERTD_VERSION=latest export CERTD_VERSION=latest # <---
# 启动certd
docker compose up -d docker compose up -d
``` ```
如果提示 没有compose命令,请安装docker-compose 如果提示 没有compose命令,请安装docker-compose
@ -100,7 +101,6 @@ http://your_server_ip:7001
* 数据存在`/data/certd`目录下,不用担心数据丢失 * 数据存在`/data/certd`目录下,不用担心数据丢失
## 五、一些说明 ## 五、一些说明
* 本项目ssl证书提供商为letencrypt * 本项目ssl证书提供商为letencrypt
* 申请过程遵循acme协议 * 申请过程遵循acme协议
@ -168,7 +168,7 @@ docker compose up -d
[贡献插件教程](./plugin.md) [贡献插件教程](./plugin.md)
## 十一、我的其他项目 ## 十一、我的其他项目求Star
* [袖手GPT](https://ai.handsfree.work/) ChatGPT国内可用无需FQ每日免费额度 * [袖手GPT](https://ai.handsfree.work/) ChatGPT国内可用无需FQ每日免费额度
* [fast-crud](https://gitee.com/fast-crud/fast-crud/) 基于vue3的crud快速开发框架 * [fast-crud](https://gitee.com/fast-crud/fast-crud/) 基于vue3的crud快速开发框架
* [dev-sidecar](https://github.com/docmirror/dev-sidecar/) 直连访问github工具无需FQ解决github无法访问的问题 * [dev-sidecar](https://github.com/docmirror/dev-sidecar/) 直连访问github工具无需FQ解决github无法访问的问题

13
docker/run/docker-compose.yaml
View File

@ -1,26 +1,25 @@
version: '3.3' version: '3.3'
services: services:
certd: certd:
# 镜像 # ↓↓↓↓↓ --- 1、 修改镜像版本号或者干脆写成latest 如果设置了环境变量 export CERTD_VERSION=latest,这里可以不修改 # 镜像 # ↓↓↓↓↓ --- 1、 修改镜像版本号或者干脆写成latest(不推荐) 如果设置了环境变量 export CERTD_VERSION=xxx,这里可以不修改
image: registry.cn-shenzhen.aliyuncs.com/handsfree/certd:${CERTD_VERSION} image: registry.cn-shenzhen.aliyuncs.com/handsfree/certd:${CERTD_VERSION}
container_name: certd # 容器名 container_name: certd # 容器名
restart: unless-stopped # 自动重启 restart: unless-stopped # 自动重启
volumes: volumes:
# ↓↓↓↓↓ ------------------------------------------------------- 2、 修改数据库以及证书存储路径【可选】 # ↓↓↓↓↓ ------------------------------------------------------- 2、 数据库以及证书存储路径,默认存在宿主机的/data/certd/目录下【可选】
- /data/certd:/app/data - /data/certd:/app/data
ports: # 端口映射 ports: # 端口映射
# ↓↓↓↓ 如果端口有冲突可以修改第一个7001为其他不冲突的端口号 # ↓↓↓↓ ----------------------------------------------------------3、如果端口有冲突可以修改第一个7001为其他不冲突的端口号【可选】
- "7001:7001" - "7001:7001"
environment: # 环境变量 environment: # 环境变量
- TZ=Asia/Shanghai - TZ=Asia/Shanghai
- certd_auth_jwt_secret=changeme
# ↑↑↑↑↑ ---------------------------------- 3、 修改成你的自定义密钥【必须,安全需要】
- certd_system_resetAdminPassword=false - certd_system_resetAdminPassword=false
# ↑↑↑↑↑ 如果忘记管理员密码可以设置为true重启之后管理员密码将改成123456然后请及时修改回false # ↑↑↑↑↑---------------------------4、如果忘记管理员密码可以设置为true重启之后管理员密码将改成123456然后请及时修改回false【可选】
- VITE_APP_ICP_NO=
# ↑↑↑↑↑ -----------------------------------------5、这里可以设置备案号【可选】
# 设置环境变量即可自定义certd配置 # 设置环境变量即可自定义certd配置
# 服务端配置项见: packages/ui/certd-server/src/config/config.default.ts # 服务端配置项见: packages/ui/certd-server/src/config/config.default.ts
# 服务端配置规则: certd_ + 配置项, 点号用_代替 # 服务端配置规则: certd_ + 配置项, 点号用_代替
# 如jwt密钥配置为 auth.jwt.secret则设置环境变量 certd_auth_jwt_secret=changeme
# 客户端配置项见: packages/ui/certd-client/.env # 客户端配置项见: packages/ui/certd-client/.env
# 按实际名称配置环境变量即可,如: VITE_APP_API=http://localhost:7001 # 按实际名称配置环境变量即可,如: VITE_APP_API=http://localhost:7001

1
packages/ui/certd-client/.env
View File

@ -8,3 +8,4 @@ VITE_APP_COPYRIGHT_NAME=handsfree.work
VITE_APP_COPYRIGHT_URL=https://certd.handsfree.work VITE_APP_COPYRIGHT_URL=https://certd.handsfree.work
VITE_APP_LOGO_PATH=./images/logo/logo.svg VITE_APP_LOGO_PATH=./images/logo/logo.svg
VITE_APP_PROJECT_PATH=https://github.com/certd/certd VITE_APP_PROJECT_PATH=https://github.com/certd/certd
VITE_APP_ICP_NO=

6
packages/ui/certd-client/src/views/certd/mine/user-profile.vue
View File

@ -21,6 +21,7 @@
import * as api from "./api"; import * as api from "./api";
import { Ref, ref } from "vue"; import { Ref, ref } from "vue";
import { CrudOptions, useColumns, useFormWrapper } from "@fast-crud/fast-crud"; import { CrudOptions, useColumns, useFormWrapper } from "@fast-crud/fast-crud";
import { notification } from "ant-design-vue";
const userInfo: Ref = ref({}); const userInfo: Ref = ref({});
@ -54,10 +55,14 @@ const passwordFormOptions: CrudOptions = {
span: 24 span: 24
}, },
wrapper: { wrapper: {
title: "修改密码",
width: "500px" width: "500px"
}, },
async doSubmit({ form }) { async doSubmit({ form }) {
await api.changePassword(form); await api.changePassword(form);
},
async afterSubmit() {
notification.success({ message: "修改成功" });
} }
}, },
columns: { columns: {
@ -97,7 +102,6 @@ async function changePassword() {
const formOptions = buildFormOptions(passwordFormOptions); const formOptions = buildFormOptions(passwordFormOptions);
formOptions.newInstance = true; // formOptions.newInstance = true; //
passwordFormRef.value = await openDialog(formOptions); passwordFormRef.value = await openDialog(formOptions);
debugger;
console.log(passwordFormRef.value); console.log(passwordFormRef.value);
} }
</script> </script>

2
packages/ui/certd-server/.gitignore vendored
View File

@ -14,3 +14,5 @@ run/
./data ./data
./test/**/*.js ./test/**/*.js
/test/setup.js
/test/setup.ts

23
packages/ui/certd-server/src/config/config.default.ts
View File

@ -1,9 +1,9 @@
import { MidwayConfig } from '@midwayjs/core'; import { MidwayConfig } from '@midwayjs/core';
import { join } from 'path'; // import { join } from 'path';
import { dirname } from 'node:path'; // import { dirname } from 'node:path';
import { fileURLToPath } from 'node:url'; // import { fileURLToPath } from 'node:url';
// const __filename = fileURLToPath(import.meta.url); // // const __filename = fileURLToPath(import.meta.url);
const __dirname = dirname(fileURLToPath(import.meta.url)); // const __dirname = dirname(fileURLToPath(import.meta.url));
import { FlywayHistory } from '@certd/midway-flyway-js'; import { FlywayHistory } from '@certd/midway-flyway-js';
import { UserEntity } from '../modules/authority/entity/user.js'; import { UserEntity } from '../modules/authority/entity/user.js';
@ -11,8 +11,11 @@ import { PipelineEntity } from '../modules/pipeline/entity/pipeline.js';
//import { logger } from '../utils/logger'; //import { logger } from '../utils/logger';
// load .env file in process.cwd // load .env file in process.cwd
import { mergeConfig } from './loader.js'; import { mergeConfig } from './loader.js';
import { Keys } from './keys.js';
const keys = Keys.load();
const development = { const development = {
keys: '111', keys: keys.cookieKeys,
koa: { koa: {
port: 7001, port: 7001,
}, },
@ -49,7 +52,7 @@ const development = {
* *
*/ */
type: 'sqlite', type: 'sqlite',
database: join(__dirname, '../../data/db.sqlite'), database: './data/db.sqlite',
synchronize: false, // 如果第一次使用,不存在表,有同步的需求可以写 true synchronize: false, // 如果第一次使用,不存在表,有同步的需求可以写 true
logging: true, logging: true,
@ -62,17 +65,17 @@ const development = {
* *
*/ */
flyway: { flyway: {
scriptDir: join(__dirname, '../../db/migration'), scriptDir: './db/migration',
}, },
auth: { auth: {
jwt: { jwt: {
secret: 'certd666', secret: keys.jwtKey,
expire: 7 * 24 * 60 * 60, //单位秒 expire: 7 * 24 * 60 * 60, //单位秒
}, },
}, },
certd: { certd: {
fileRootDir: '/app/data/files', fileRootDir: './data/files',
}, },
system: { system: {
resetAdminPasswd: false, resetAdminPasswd: false,

24
packages/ui/certd-server/src/config/keys.ts Normal file
View File

@ -0,0 +1,24 @@
import fs from 'fs';
import yaml from 'js-yaml';
import * as _ from 'lodash-es';
import { nanoid } from 'nanoid';
const KEYS_FILE = './data/keys.yaml';
export class Keys {
jwtKey: string = nanoid();
cookieKeys: string[] = [nanoid()];
static load(): Keys {
const keys = new Keys();
if (fs.existsSync(KEYS_FILE)) {
const content = fs.readFileSync(KEYS_FILE, 'utf8');
const json = yaml.load(content);
_.merge(keys, json);
}
keys.save();
return keys;
}
save() {
fs.writeFileSync(KEYS_FILE, yaml.dump(this));
}
}