fix: 优化更新飞牛os证书有效期,修复某些情况下部署证书后飞牛无法访问https的bug

pull/453/head
xiaojunnuo 2025-07-04 23:05:04 +08:00
parent 2c35f94f7c
commit 610c919c72
1 changed files with 14 additions and 4 deletions

View File

@ -1,11 +1,12 @@
import { AbstractTaskPlugin, IsTaskPlugin, pluginGroups, RunStrategy, TaskInput } from "@certd/pipeline";
import { CertApplyPluginNames, CertInfo } from "@certd/plugin-cert";
import { CertApplyPluginNames, CertInfo, CertReader } from "@certd/plugin-cert";
import {
createCertDomainGetterInputDefine,
createRemoteSelectInputDefine,
SshAccess,
SshClient
} from "@certd/plugin-lib";
import path from "node:path";
@IsTaskPlugin({
//命名规范,插件类型+功能就是目录plugin-demo中的demo大写字母开头驼峰命名
@ -75,6 +76,9 @@ export class FnOSDeployToNAS extends AbstractTaskPlugin {
//复制证书
const list = await this.doGetCertList()
const certReader = new CertReader(this.cert);
const expiresAt = certReader.expires;
const validFrom = certReader.detail.notBefore.getTime()
for (const target of this.certList) {
this.logger.info(`----------- 准备部署:${target}`);
let found = false
@ -83,6 +87,7 @@ export class FnOSDeployToNAS extends AbstractTaskPlugin {
this.logger.info(`----------- 找到证书,开始部署:${item.sum},${item.domain}`)
const certPath = item.certificate;
const keyPath = item.privateKey;
const certDir = path.dirname(keyPath)
const cmd = `
sudo tee ${certPath} > /dev/null <<'EOF'
${this.cert.crt}
@ -90,6 +95,11 @@ EOF
sudo tee ${keyPath} > /dev/null <<'EOF'
${this.cert.key}
EOF
sudo chmod 0755 "${certDir}/" -R
sudo -u postgres psql -d trim_connect -c "UPDATE cert SET valid_to=${expiresAt},valid_from=${validFrom} WHERE private_key='${item.privateKey}'"
`
const res = await client.exec({
connectConf: access,
@ -113,9 +123,9 @@ EOF
const restartCmd= `
echo "正在重启相关服务..."
systemctl restart webdav.service
systemctl restart smbftpd.service
systemctl restart trim_nginx.service
sudo systemctl restart webdav.service
sudo systemctl restart smbftpd.service
sudo systemctl restart trim_nginx.service
echo "服务重启完成!"
`
await client.exec({