github
/
certd
mirror of https://github.com/certd/certd
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

fix: 优化更新飞牛os证书有效期,修复某些情况下部署证书后飞牛无法访问https的bug

pull/453/head
xiaojunnuo 2025-07-04 23:05:04 +08:00
parent 2c35f94f7c
commit 610c919c72
1 changed files with 14 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
packages/ui/certd-server/src/plugins/plugin-fnos/index.ts
View File

@ -1,11 +1,12 @@
import { AbstractTaskPlugin, IsTaskPlugin, pluginGroups, RunStrategy, TaskInput } from "@certd/pipeline"; import { AbstractTaskPlugin, IsTaskPlugin, pluginGroups, RunStrategy, TaskInput } from "@certd/pipeline";
import { CertApplyPluginNames, CertInfo } from "@certd/plugin-cert"; import { CertApplyPluginNames, CertInfo, CertReader } from "@certd/plugin-cert";
import { import {
createCertDomainGetterInputDefine, createCertDomainGetterInputDefine,
createRemoteSelectInputDefine, createRemoteSelectInputDefine,
SshAccess, SshAccess,
SshClient SshClient
} from "@certd/plugin-lib"; } from "@certd/plugin-lib";
import path from "node:path";
@IsTaskPlugin({ @IsTaskPlugin({
//命名规范,插件类型+功能就是目录plugin-demo中的demo大写字母开头驼峰命名 //命名规范,插件类型+功能就是目录plugin-demo中的demo大写字母开头驼峰命名
@ -75,6 +76,9 @@ export class FnOSDeployToNAS extends AbstractTaskPlugin {
//复制证书 //复制证书
const list = await this.doGetCertList() const list = await this.doGetCertList()
const certReader = new CertReader(this.cert);
const expiresAt = certReader.expires;
const validFrom = certReader.detail.notBefore.getTime()
for (const target of this.certList) { for (const target of this.certList) {
this.logger.info(`----------- 准备部署:${target}`); this.logger.info(`----------- 准备部署:${target}`);
let found = false let found = false
@ -83,6 +87,7 @@ export class FnOSDeployToNAS extends AbstractTaskPlugin {
this.logger.info(`----------- 找到证书,开始部署:${item.sum},${item.domain}`) this.logger.info(`----------- 找到证书,开始部署:${item.sum},${item.domain}`)
const certPath = item.certificate; const certPath = item.certificate;
const keyPath = item.privateKey; const keyPath = item.privateKey;
const certDir = path.dirname(keyPath)
const cmd = ` const cmd = `
sudo tee ${certPath} > /dev/null <<'EOF' sudo tee ${certPath} > /dev/null <<'EOF'
${this.cert.crt} ${this.cert.crt}
@ -90,6 +95,11 @@ EOF
sudo tee ${keyPath} > /dev/null <<'EOF' sudo tee ${keyPath} > /dev/null <<'EOF'
${this.cert.key} ${this.cert.key}
EOF EOF
sudo chmod 0755 "${certDir}/" -R
sudo -u postgres psql -d trim_connect -c "UPDATE cert SET valid_to=${expiresAt},valid_from=${validFrom} WHERE private_key='${item.privateKey}'"
` `
const res = await client.exec({ const res = await client.exec({
connectConf: access, connectConf: access,
@ -113,9 +123,9 @@ EOF
const restartCmd= ` const restartCmd= `
echo "正在重启相关服务..." echo "正在重启相关服务..."
systemctl restart webdav.service sudo systemctl restart webdav.service
systemctl restart smbftpd.service sudo systemctl restart smbftpd.service
systemctl restart trim_nginx.service sudo systemctl restart trim_nginx.service
echo "服务重启完成!" echo "服务重启完成!"
` `
await client.exec({ await client.exec({