From 610c919c72037becc0ed326f5d5b18c963dfcb3a Mon Sep 17 00:00:00 2001
From: xiaojunnuo <xiaojunnuo@qq.com>
Date: Fri, 4 Jul 2025 23:05:04 +0800
Subject: [PATCH] =?UTF-8?q?fix:=20=E4=BC=98=E5=8C=96=E6=9B=B4=E6=96=B0?=
 =?UTF-8?q?=E9=A3=9E=E7=89=9Bos=E8=AF=81=E4=B9=A6=E6=9C=89=E6=95=88?=
 =?UTF-8?q?=E6=9C=9F=EF=BC=8C=E4=BF=AE=E5=A4=8D=E6=9F=90=E4=BA=9B=E6=83=85?=
 =?UTF-8?q?=E5=86=B5=E4=B8=8B=E9=83=A8=E7=BD=B2=E8=AF=81=E4=B9=A6=E5=90=8E?=
 =?UTF-8?q?=E9=A3=9E=E7=89=9B=E6=97=A0=E6=B3=95=E8=AE=BF=E9=97=AEhttps?=
 =?UTF-8?q?=E7=9A=84bug?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../src/plugins/plugin-fnos/index.ts           | 18 ++++++++++++++----
 1 file changed, 14 insertions(+), 4 deletions(-)

diff --git a/packages/ui/certd-server/src/plugins/plugin-fnos/index.ts b/packages/ui/certd-server/src/plugins/plugin-fnos/index.ts
index bd4b864b..18c637ce 100644
--- a/packages/ui/certd-server/src/plugins/plugin-fnos/index.ts
+++ b/packages/ui/certd-server/src/plugins/plugin-fnos/index.ts
@@ -1,11 +1,12 @@
 import { AbstractTaskPlugin, IsTaskPlugin, pluginGroups, RunStrategy, TaskInput } from "@certd/pipeline";
-import { CertApplyPluginNames, CertInfo } from "@certd/plugin-cert";
+import { CertApplyPluginNames, CertInfo, CertReader } from "@certd/plugin-cert";
 import {
   createCertDomainGetterInputDefine,
   createRemoteSelectInputDefine,
   SshAccess,
   SshClient
 } from "@certd/plugin-lib";
+import path from "node:path";
 
 @IsTaskPlugin({
   //命名规范，插件类型+功能（就是目录plugin-demo中的demo），大写字母开头，驼峰命名
@@ -75,6 +76,9 @@ export class FnOSDeployToNAS extends AbstractTaskPlugin {
     //复制证书
     const list = await this.doGetCertList()
 
+    const certReader = new CertReader(this.cert);
+    const expiresAt = certReader.expires;
+    const validFrom = certReader.detail.notBefore.getTime()
     for (const target of this.certList) {
       this.logger.info(`----------- 准备部署：${target}`);
       let found = false
@@ -83,6 +87,7 @@ export class FnOSDeployToNAS extends AbstractTaskPlugin {
           this.logger.info(`----------- 找到证书,开始部署：${item.sum},${item.domain}`)
           const certPath = item.certificate;
           const keyPath = item.privateKey;
+          const certDir = path.dirname(keyPath)
           const cmd = `
 sudo tee ${certPath} > /dev/null <<'EOF'
 ${this.cert.crt}
@@ -90,6 +95,11 @@ EOF
 sudo tee ${keyPath} > /dev/null <<'EOF'
 ${this.cert.key}
 EOF
+
+sudo chmod 0755 "${certDir}/" -R
+
+sudo -u postgres psql -d trim_connect -c "UPDATE cert SET  valid_to=${expiresAt},valid_from=${validFrom} WHERE private_key='${item.privateKey}'"
+
 `
           const res = await client.exec({
           connectConf: access,
@@ -113,9 +123,9 @@ EOF
 
     const restartCmd= `
 echo "正在重启相关服务..."
-systemctl restart webdav.service
-systemctl restart smbftpd.service
-systemctl restart trim_nginx.service
+sudo systemctl restart webdav.service
+sudo systemctl restart smbftpd.service
+sudo systemctl restart trim_nginx.service
 echo "服务重启完成！"
 `
     await client.exec({